Zoiz Blog

Dirjen Pajak Darmin Nasution dini hari mengemukakan bahwa batas Sunset Policy diundur / diperpanjang hingga 31 Maret 2009.

Dimana seperti yang telah kita ketahui bahwa Sunset Policy adalah sebuah kebijakan dari pemerintah untuk menghapuskan sanksi pajak. Misalnya seorang wajib pajak yang tidak melaporkan / membayar pajak atas penghasilannya di tahun sebelumnya, jika mereka melaporkan dan membayarkan kewajiban pajak mereka pada masa sunset policy, mereka tidak akan dikenai sanksi ataupun denda.

Dengan diundurnya / diperpanjangnya batas Sunset Policy, para wajib pajak yang berniat melakukan pembetulan namun tidak sempat, sebuah kesempatan yang bagus untuk melakukannya sekarang juga!

Ingat bahwa saja membayar pajak adalah sebuah kewajiban kita sebagai seorang warga negara! Milikilah NPWP Anda dan laporkan penghasilan Anda sekarang juga!

Howdy my blog’s readers! Did you notice my blog title changes? Before it was : “Zoiz Blog : A Web Application Security Blog”. And now, “Zoiz Blog : Was A Web Application Security Blog”. Well, it means that I can no longer barely have time to do research in webappsec. It’s a lame blog anyway, cheers

BITS (BatamCity! IT Solutions) founded by me and co-founded by Mr. Feny, is a company operates in Information Technology Solutions, just like it’s name We develop Web Application, Intranet Application, Inventory & GL system, logo design, training and consulting.

Beside working at BITS, I am also a Lecturer at Universitas International Batam (UIB) teaching “Internet Security”. And I am going to be the speaker on the coming university seminar (Webappsec Related topic).

I just got my degree as “Sarjana Komputer” or something like “Bachelor of Science” recently.

These are the jobs that keeps me busy from blogging. But I’ll still go blogging when I have time

And this is the picture taken at the first Hackers Day events (What the hell?! Wasn’t I supposed to post this 3 months ago?? HAhaha. Sorry guys, better late than never )

From Left to Right : Calvin, Zoiz, Th0R, FamilyCode, Izal, JKR, Eric, ??

That’s all folks.

I found this article when I search for one of Albert Einstein quotes after I watched the movie “The Happening”. A cool movie to me. If you are one of this earth citizen, and want to know our earth’s current condition, read this carefully.

Earth Day is almost here. I don’t believe in Earth Day myself. I think it’s a little silly to devote one single day of the year to being concerned about the environment, but I suppose one day is better than no day at all. Read the rest of this entry »

It’s been 3 weeks since my last post. Lots of things happened, and of course good ones. The good news recently is that I am going to be a lecturer in Universitas International Batam teaching ‘basic’ Internet Security subject.

A week ago, I got a call from Mr. Ronny Juwono, SPd, MT (the Head of IT Courses of UIB). A little shock + happy (shoppy?? ) when he asked me to lecture at UIB for the subject Internet Security. Wow, sounds cool! And so I went to UIB to meet him the other day. Yes, he told me his very (awesome) mission is to teach students of UIB the awareness of Internet Security. (I knew that this subject was never taken seriously). Good foresight and a really good start.

As I alwyas thought that I am not qualified, but I’ll always try my best bringing the latest technology to UIB students.

Another good news is my best pal, Robin Kordinata married with Devi. Lovely couple!! I went to the wedding party with a bunch of my (evil) friends and bring our best wishes to Robin & Devi. I am really happy that day (got a little bit drunk , oh my!). A new baby is on the way to this world Yes, we are all waiting for the good news! Hehe

And yes, Mr. Buchin get married last week. Wish him and his bride a happy couple till the end And of course, another baby is on the way to this world

And of course another good news is I good a new project on hand, and that’s why I can barely have time to update my blog. But I’ll be back soon! So stay tune!

So lots of good news isn’t it? Tell you a secret, when you want yourself to be happy, you’ll be happy!

Accounts Security Part III
For Web Developers and Programmers Guide and Technological and Technical Security
A Password Security Related Article by Calvin Limuel a.k.a. r3ck0rd
2nd Revision, 20080422 – by r3ck0rd

Finally, third episode of this serial! Despite in the middle of home works, school projects, web design preparation for a competition, writing my own book “Behind the Scenes of XSS, RFI, and SQL Injection”, other Gastrote and hacking projects, Vocal Group Competition preparation, and any other things I have to do. But I still want to write more.

Yes in this third part, I changed the serial name and this is the final name: Accounts Security. And I’m extending this serial for web developers and programmers (marked with the 4 WDev&P™ or “For Web Developers and Programmers™” logo).

1. For Web Developers and Programmers™ Configuration File
Configuration file is where you put your sensitive data for a web application. Such as database login details. Don’t just save it in *.inc. Because .inc extension is just an extension and a standard, few people still doing this. .ini files too. So it can be downloaded directly, easily. I recommend give a protection like, adding an extra .php extension (like config.inc.php), forbid direct access through .htaccess and PHP, and encode the file. Read the rest of this entry »

For Indonesian Visitor : Kenapa pakai Trick saya dari pada menggunakan Web Proxy seperti Anonymouse.Org? Karena Koneksi Melalu HTTP Tunneling memungkinkan kita untuk meng-Kompresi data yang akan ditransfer sehingga bisa browsing lebih cepat.

If you are one of the Indonesian ISP users, you might have problem accessing http://youtube.com. I am not sure what actually happened (as I know that YouTube.com have some videos that Indonesian Government ban).

From my small research, I found out that Indonesia ISP deletes youtube.com Name Server record from all DNS’. You can regain your access, of course by changing your secondary DNS into this : 12.127.17.83.

How to do it :

Open your Network Setting. Right click and select property. In Internet Protocol list menu, click configure. And type in the DNS I provided into the secondary DNS. Now you can access YouTube.com!

Note : Correct me if I am wrong

Update 8th April 2008 :

The DNS trick seems to be not working anymore, but you can still access those block sites by using HTTP Tunneling. If you don’t know how to do it, here’s a simple one :

1. Download PuTTy.exe from here : http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
2. Open Command Prompt and change your directory to where you save the PuTTy.exe. And type this command :

putty -P 222 -N -D 9999 -C net@cepat.abangadek.com

3. A windows will pop up, and you are required to type in a password. Enter : cepat123
4. Follow the instruction from the image below : Read the rest of this entry »

Last week was one of the most terrible week in my life. Everything went so bad. First my car broke down and cost me a bomb, then I had to work OT for 2 weeks continuously. Not enough? Anemia follow up hitting me. Which made me felt very, very terrible.

Just got back from clinic having my blood tested. The doctor told me that I was pretty fine (WTF?!? Was he kidding?? ), and the only problem is that I suffer slight hypotension (low-blood-pressure) and need more rest. That’s why I haven’t updated my blog since then.

But well, I hope that all the bad things and epidemic will go over very soon!!

I just got back from Jakarta yesterday. I went there (also with my girlfriend and relatives ) for 3 purposes. First was to attend my cousin’s wedding ceremony, and second was to meet with her family, and met with my friends, Firman and Th0R.

I arrived in Jakarta on 18 January 2008 noon. That was a peaceful day. We go nowhere but resting at home.

Early morning on 19 January, we went to the church and participated in the wedding ceremony. After that we went to the wedding party in evening. That was an exhausting day.

The next day, my relative brought us to Taman Anggrek for a walk. There I met with Th0R and Firman. We played Ice Skating together. Very funny and exciting, I was so clumsy. Haha Fell several times before I managed to move slowly at last We went to Gramedia after that and I bought his Book titled : Friendster Hacking (Indonesian language). It is well written and a good book for beginners and intermediates. And of course I’ll recommend you to buy it hehe. We also talked about our book titled 0Day Password that will be published on 20 February 2008 (based on latest schedule).

After that he took us (me and my girlfriend) to EX ( not IX ) and we watched American Gangsters on Blitzmegaplex premiere. And rode us to Eka Sari Restaurant for another party of my relative. That was a exciting day, hehe.

The next day we went to Bandung. It’s a nice place. Cleaner than Jakarta as I saw. We went to Mount Tangkuban Parahu, a tourism spot in Bandung. It’s a very beautiful scenery (which we are on the top of the mountain. But quite scary because Mt. Tangkuban Parahu is a active volcano!! OMG ) It’s another exhausting day, which we drive for more than 8 hours.

I went back to Batam on 22 January 2008. End of the trip. Overall it was an exciting trip

Still remember Sandriani’s incident? This incident already happened past few months ago. And now what did we get? Let me describe one by one (just suddenly flashed in my mind) :

First, there are many CARING teams that would help San’s family to find the murderer. They are :

1. Useless Police

Till now they can’t find any significant clue.

2. Useless TPS (Tim Peduli Sandriani) from UIB

Can only say and claim but never do something useful.

3. Newspapers Publisher

This is the lamest one I think. During this incident, they would like to get higher sales then everything regarding Sandriani are posted. Did they ever think that they’ve done something wrong? Digging all the news and posted it without getting any the decease’s approval.

Secondly is Batam is a still dangerous city.

Nothing special change after this incident. The light is still very minim in some area, unlicensed taxi are everywhere, and so on. I don’t see any special efforts done by the government. Will San’s incident being forgotten? Will the spirit of police vanished by the time goes?

Above all that’s just my opinions…Hope you all can share what you think regarding this incident.

And the last but not least..Hope Sandriani can rest in peace..

May God bless U and your family

It has been 7 days since the death of our beloved friend. The police forces has been collecting clue and witness. Last night when I was at UIB, I saw them (police and UIB staff, security, students) creating the reconstruction of the incident. That’s a nice move I think.

Whilst, the Peduli Keamanan Mahasiswa Petition has collected so far. I really appreciate your participations and thanks for signing it. Although there are some critics, but I knew that all of us have the same intention.

Update : Please don’t post your signature more than once in the petition. If you have any news or ideas to share, you can post it here, or at Rob’s Blog

UIB has decided to install CCTV at the campus. It’s a good news. we are going to send this petition (with all signatures and comments) to all associated parties. But as now, we don’t have enough contact information (emails) yet. We will send it asap after we got all the email that we want.

Let’s pray for Sandriani. And hope that the police could find the murderer(s) and bring them to justice.

Regards,

Jac