Mi Note: Xiaomi latest smartphone with 5.7 inch display

Xiaomi, the Chinese smartphone manufacturer has recently launched its latest flagship phone – the Mi Note. Mi note comprises of 5.7-inch (1920X1080) resolution display, which is a bit bigger compare to Apple’s latest release, 5.5 inch, iPhone 6 Plus and is both slimmer (6.95mm) and lighter (161g) than iphone 6 Plus.

Mi Note base model is scheduled to release on 27th Jan, and comes with a 1080p screen, a 2.5GHz quad-core processor, 3GB RAM, 16/64GB internal memory, a 13-megapixel camera in the back and 4-megapixel on front and with dual SIM capability. Whereas, it’s premium “Pro” model which is scheduled to release on March, comes with a quad HD 2560 x 1440 pixel screen, a 2GHz octa-core Snapdragon 810 processor, 4GB RAM, an Adreo 430 GPU and 64GB of storage.

The sides of the Mi Note are made out of metal while both the front and back are made out of Corning Gorilla Glass 3. The front has a 2.5D glass with a gentle curve around the edges and the back has what Xiaomi calls 3D glass with a more pronounced curve. Mi Note will be available in 2 colors, Black and White. Also, Mi Note stands out from other similar devices by the use of a Sabre DAC (digital to analog converter) and dual audio amps, which provides great quality on both small and large headphones.

The base model for Mi Note is priced at CNY 2,299 which is around $371 in USD and the Pro model will cost CNY 3299 which is around $533 in USD. Like any other high end devices by Xiaomi, Mi Note and Mi Note Pro will be released in China first. Xiaomi has yet to declare its release outside China.

Tinder’s first acquisition – Tappy

Over the past several months the acquisition trend has much accelerated between tech companies. Tinder following this trend has recently acquired Chill, creators of Tappy, as a part of a strategic acquihire.

Tappy is a mobile messenger that starts a chat with a photo which then can be turned into a chat thread, with a single individual or a group. All messages disappear after 24 hours. Tappy has some best features of Snapchat and Instagram, it finds its way as a fast little app, both in messaging and taking pictures.

Sean Rad, cofounder and CEO of Tinder – “We’re growing and recruiting like crazy. It’s incredibly difficult to find talented people to join us fast enough to keep up with our roadmap for 2015, which includes some ambitious plans. When I spoke with Brian, we found that our goals for two separate products were such a great match. There are some specific things that they’ve done in the past that we wouldn’t have to figure out on our own moving forward.

We’re very good at connecting people, but there’s this ‘what happens after that?’ moment that we want to improve. We not only want to get better at the way we use criteria to connect people, but we want to broaden the reasons for connecting in the first place. The Tappy team will help us tackle both fronts, the pre-match experience of creating that first connection and the post-match experience of communicating with that person.”

With the growth and added responsibility, it seemed that the Tinder and Tappy team are together for something big and Tinder users might be delighted with some new features very soon. While Tappy on the other end, will be shut down leaving thousands of its users.

Sample PHP code for Paypal RefundTransaction using Paypal NVP API

Depending on different conditions, sometimes we might need to refund the amount paid by users. We can refund the user by directly logging into the Paypal or use their API so, that everything can be handle from our own site with just one click. On this post, we will learn, how we can use Paypal NVP(Name Value Pair) API to refund users.

Paypal consists of RefundTransaction Method for these purposes. RefundTransaction API operation can be used to issue a full or partial refund for any transaction within a default period of 60 days from when the payment is received. Below, we use CURL to request the Paypal API, but you can use fsock as well.

Before, diving into the code, lets grab necessary API credentials from Paypal, which is required to authenticate the call to Paypal API’s. Below are the steps you need to follow to get your API credentials:

  • Login to your Paypal Business Account
  • Navigate to “My Selling Tools” under Profile menu. Refer to screenshot below:my-selling-tools-paypal
  • Under Selling online category, locate “API access” and click on “Update” button showing next to it. Refer to screenshot below:paypal-api-access
  • You will be presented with the Paypal API access page, click on Request API signature under Option 2
    paypal-request-api-credentials
  • On Request API Credentials page, select Request API access and click Agree and Submit as shown in screenshot below.
    paypal-api-credential-generate
  • Once submit, you will be taken to the page with your api credentials, as shown in screenshot below:paypal-api-credentials

API Username, API Password and Signature is what required for requesting Paypal API. Once you get these details, you can use the following code to refund the transaction.

Sample code in PHP to refund transaction using Paypal API NVP

<?php
/**
 * Send HTTP POST Request
 *
 * @param     string     The API method name
 * @param     string     The POST Message fields in &name=value pair format
 * @return     array     Parsed HTTP Response body
 */
function PPHttpPost($methodName_, $nvpStr_, $env) {

 // Set up your API credentials, PayPal end point, and API version.
 $API_UserName = urlencode('Your API username');
 $API_Password = urlencode('Your API password');
 $API_Signature = urlencode('Your API signature');
 
 if("sandbox" === $env)
 	$API_Endpoint = "https://api-3t.$environment.paypal.com/nvp";
 else
 	$API_Endpoint = "https://api-3t.paypal.com/nvp";
	
 $version = urlencode('119');

 // Set the curl parameters.
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
 curl_setopt($ch, CURLOPT_VERBOSE, 1);

 // Turn off the server and peer verification (TrustManager Concept).
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 curl_setopt($ch, CURLOPT_POST, 1);

 // Set the API operation, version, and API signature in the request.
 $nvpreq = "METHOD=$methodName_&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";

 // Set the request as a POST FIELD for curl.
 curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);

 // Get response from the server.
 $httpResponse = curl_exec($ch);

 if(!$httpResponse) {
 	exit("$methodName_ failed: ".curl_error($ch).'('.curl_errno($ch).')');
 }

 // Extract the response details.
 $httpResponseAr = explode("&", $httpResponse);

 $httpParsedResponseAr = array();
 foreach ($httpResponseAr as $i => $value) {
	 $tmpAr = explode("=", $value);
	 if(sizeof($tmpAr) > 1) {
	 	$httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
	 }
 }

 if((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr)) {
 	exit("Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.");
 }

 return $httpParsedResponseAr;
}

// Set request-specific fields.
$transactionID = urlencode('example_transaction_id');
$refundType = urlencode('Full');  // or 'Partial'
$amount;                          // required if Partial.
$memo;                            // required if Partial.
$currencyID = urlencode('USD');   // or other currency ('GBP', 'EUR', 'JPY', 'CAD', 'AUD')

// Add request-specific fields to the request string.
$nvpStr = "&TRANSACTIONID=$transactionID&REFUNDTYPE=$refundType&CURRENCYCODE=$currencyID";

if(isset($memo)) {
	$nvpStr .= "&NOTE=$memo";
}

if(strcasecmp($refundType, 'Partial') == 0) {
	if(!isset($amount)) {
		exit('Partial Refund Amount is not specified.');
	} else {
		$nvpStr = $nvpStr."&AMT=$amount";
	}
	
	if(!isset($memo)) {
		exit('Partial Refund Memo is not specified.');
	}
}

// Execute the API operation; see the PPHttpPost function above.

$env = 'sandbox';
$httpParsedResponseAr = PPHttpPost('RefundTransaction', $nvpStr);

if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) {
	exit('Refund Completed Successfully: '.print_r($httpParsedResponseAr, true));
} else  {
	exit('RefundTransaction failed: ' . print_r($httpParsedResponseAr, true));
}
?>

CES 2015 – Innovation come together

Consumer Electronics Show(CES) is an internationally renowned electronics and technology trade show where thousands of tech companies and journalists gather to display the newest consumer products, prototypes. The annual show is held each year on January at the Las Vegas Convention Center in Las Vegas, Nevada.

CES 2015 is officially under way and lots of tech products has already been announced. While some of the big tech giants as Apple, Google and Microsoft are missing on the show, there are still big companies like Samsung, Sony, Lenovo and thousands of other innovative companies from around the globe.

Few of the important announcements from CES 2015, so far:

  • Samsung’s bendable TV and SmartThings Hub
  • LG’s curved smartphone
  • Sharp’s ‘8K’ television
  • Sony’s 4K action cam
  • Toyota’s release of fuel cell patents
  • Mercedes-Benz F 015 Luxury in Motion
  • Audi smartwatch that can unlock a car
  • Intel puts $300 million into diversity
  • ….. and much more..

CES 2015 Exhibit Hours as per their official page is as follows:

  • Tuesday, January 6: 10 AM-6 PM
  • Wednesday, January 7: 9 AM-6 PM
  • Thursday, January 8: 9 AM-6 PM
  • Friday, January 9: 9 AM-4 PM

Note: Please note the hours for C Space at ARIA are slightly different than the other CES venues. C Space closes early on Thursday (4 PM) and all day Friday.

Product Categories:
Some of the featured product categories, as mentioned in their official page:

  • 3D Printing
  • Accessories
  • Audio
  • Automotive Electronics
  • Communications Infrastructure
  • Computer Hardware/Software/Services
  • Content Creation & Distribution
  • Digital Imaging/Photography
  • Electronic Gaming
  • Fitness and Sports
  • Health and Biotech
  • Internet Services
  • Online Media
  • Robotics
  • Sensors
  • Smart Home
  • Startups
  • Video
  • Wearables
  • Wireless Devices & Services

For more informations on CES 2015, please visit their official website at: http://www.cesweb.org/

Entrepreneur: stress management

Everyone must have gone through lots of stressful situations. Stress can be beneficial and motivational, if you can get control of it. On the other hand, stress can be the cause for irritation and anger, if its out of control causing serious impacts to the person.

As an entrepreneur, there are always, lots of responsibilities and work to complete. You might get so much involved with your work that you won’t have any social life. Your family complaining for you non availability, lists of pending tasks to complete, the deadline, finding an investor….. infact there is a lot to do as an entrepreneur.

Stressful situations are common for an entrepreneur and of very high risk. Its very common to loose your control and make mistakes when you are too much stressed, which might have long term negative impact for your business. As an entrepreneur, you must have people working under you. You might not want anyone to see you loosing control, and lose faith on you. So, stress management is the necessity for an entrepreneur. Here, are few ways, how you can handle your stress:

  • Know your limits and stick to it. Even if its your personal or professional life, you should only take on responsibilities that you can handle.
  • Distribute your workload. Get one or few on the management team whom you can trust and who can really help carry the workload.
  • Take a break. Get some fresh air, take long walks, long drive… refreshen yourself so, that you can give 100% when you are back to work.
  • Express you feelings instead of bottling them up. You might also, want to share it with someone whom you feel comfortable with. That will really make you stressed out. You need an advisor, whoever they may be.
  • Finally and most important is the time management.

SoakSoak Compromise via RevSlider Vulnerability

Another wordpress threat which was named SoakSoak was found to be injected into the sites via RevSlider plugin. The attack vector was confirmed by Security firm Succuri. The vulnerability with this plugin was already disclosed by Succuri a few months ago, but it seemed that many webmaster have either not heard or did not take it seriously.

After investigating thousands of compromised sites, Succuri has published the attack sequence as below:
(as mentioned in Succuri Blog)

1. Discovery: There appears to be an initial reconnaissance scan occurring where the attacker[s] are looking to see if the file exists. Snippet of the code
soaksoak-malware-dicovery

2. Exploit:If the discovery phase is successful and they find a site using Revslider, they use a second vulnerability in Revslider and attempt to upload a malicious theme to the site:
soaksoak-malware-exploit

3. Take over: If the exploit is successful, they inject the popular Filesman backdoor into the website, which they access directly at /wp-content/plugins/revslider/temp/update_extract/revslider/update.php this provides full access by circumventing existing access controls:
soaksoak-malware-takeover

From there, they inject a secondary backdoor that modifies the swfobject.js file and injects the malware redirecting site visitors to soaksoak.ru.

This malware might have long term impacts on sites if not actioned carefully as it has been mentioned making use of a number of new backdoor payloads as images, admin user creation, etc. Replacing swfobject.js,swfobject.swf and template-loader.php files might help you remove the infection as suggested. But it isn’t sure your site is completely safe as per the nature of the malware until and unless you are using a Website firewall.

Worried about the potential risk, visit Sucuri website for free site scan.
Sucuri Security

Pagevamp: Social Website Builder

There are lots of website builder services available online, that makes it easy to create a website. Some provides drag and drop interfaces and other uses various methods to make your process of making websites easier without any complexity. People are looking for easier and cheaper methods to make a website. Thus, there has been competition from the very beginning to which website builder provides easier, better and cheaper services.

Getting into the similar competition is the another startup company “Pagevamp”. Pagevamp allows its users to create and update their website easily from Facebook page in just one Click. It is the easiest and the fastest way to publish a website with no technical skills. Saying that, it helps us to escape from learning the whole new site creation process and management interface. Anyone can create a good looking and up-to-date website using Pagevamp.

Some of its features includes:

  • Instant update from facebook page
  • Responsive designs, to translate seamlessly to all types of devices
  • Powerful Hosting, managed by Rackspace
  • Cheap rates upto $12/month on annual service
  • Create many pages as per user needs
  • switch designs as per user needs, users can choose from different themes available with themes being added every month which are well tested and device friendly
  • unlimited features, with features being upgraded + added each month

From its time of launch, till now, lots of features like SEO, photo inquiry, multiple gallery pages, pdf uploads, filtering albums, news, updating content, etc and many themes have already been added to the list.

For more information: www.pagevamp.com

Udemy “The Academy of You”

With the growth in access of internet users, e-learning has been most popular in todays market. You can get access to lots of courses online, free or paid, helping you to learn from anywhere, anytime as long as you’ve got an internet connection.

Most of us must be familiar with any of the popular outsourcing marketplace such as freelancer.com, odesk.com, elance.com,etc.. where employers and employees are able to find each other starting from employers posting a job following with anybody inside its platform to offer a quote to complete the job.

Similar to this concept, another marketplace which is getting much popular these days is Udemy — which infers “The Academy of You”. Udemy is the marketplace for teaching and learning. Unlike academic MOOC(Massive Open Online Course) programs driven by traditional collegiate coursework, Udemy provides a platform for experts of any kind to create courses which can be offered to the public, either at no charge or for a tuition fee. Also, Udemy provides tools which enable users to create a course, promote it and earn money from student tuition charges.

Udemy courses ranges from programming, entrepreneurship, photography, yoga, marketing, sales, cooking, design… infact everything. Thousands of expert instructors have already published online courses on Udemy for different categories. Currently no Udemy courses are credentialed for college credit, students take courses largely as a means of improving job-related skills. Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.

Millions of students in 190+ countries have already enrolled to one or more courses at Udemy. Every course on Udemy is available on demand, 24/7, so you can learn when and where you want via the iPhone, iPad, Android and Web. Moreover, recent features allow you to save your courses for offline viewing so you can watch them while you’re on a plane or subway. Also, the playback feature at different speeds for quickly refreshing your mind seem to be an addition.

Organizations also use Udemy for Organizations (UFO), a corporate online learning platform, that provides training solutions to thousands of companies. On the whole, as it seems, Udemy already had its place safe on the world’s largest marketplace for online learning.

For more information: www.udemy.com

Another WordPress threat, 100,000+ WordPress Websites infected by SoakSoak Malware

WordPress users are now facing another threat from a malware attack, named SoakSoak. Google has blacklisted over 11,000 domains with this latest malware campaign from SoakSoak.ru.

According to Security Firm Sucuri, who is actively investigating the vector of malware, already 100’s of thousands of WordPress specific websites have been infected with this malware. Though they are not sure of the exact vector, but their preliminary analysis shows its correlation with the Revslider vulnerability which was reported a few months back. Also, they have mentioned specifically, that this campaign does not appear to be specifically targeted towards WordPress only, the victims seem to be blogs relying on its frame work. So the fact that most of its victims are WordPress websites, may just be a coincidence.

Once your website is infected with this malware, you might experience irregular website behaviour including redirects to SoakSoak.ru webpages. You may also, end up downloading malicious files onto your computer systems automatically without any knowledge.

SoakSoak malware modifies the file located at wp-includes/template-loader.php which causes wp-includes/js/swobject.js to be loaded on every page view on the website and this “swobject.js” file includes a malicious java encoded script malware.

Security Firm Sucuri, has provided a free SiteCheck scanner for scanning malware on your websites. So, if you have websites in wordpress, and worried about the potential risk you can always, visit Sucuri website and scan for any malware.

Sucuri Security