Sunday, January 15, 2012

The Essence of Awesome - Hitoshi Mitani's customized Android collectibles

Well, well, well.. I know I suck because I haven't posted in ages... but I found something awesome that I simply have to share with you :D

I hope this is sufficient as a proper apology. No?
Well, screw you, I'll post it anyway :D Just kidding... I love you guys!

"Shut up you pie-hole and tell us what you have for us!"
Ok, will do..

Google+ is awesome. Why? Because I stumbled over Hitoshi Mitani (click for his g+ profile), an artist who loves to modify Android collectibles and I tell you... it'll blow your mind! (yeah, I'm that lazy.. I don't even write it will and save 2 chars :P )

Let's have a look, shall we? :D

Unnamed [source]

Apollo 11 [source]

Horseshoe Crab [source]

Transform I [source]

Gecko !? [source]

Samuroid (Musha Droid) [source]

Android Pumpkinhead [source]

NZ-666 KSHATRIYA [source]

And now tell me your mind isn't blown.
No? Pff. Well, then you are just being plain mean. Fine. Be a bi... uhm.. bad person. I don't care.
And now I'll get my NZ-666 KSHATRIYA and tell him to kick your ass. :P

If you want to see more of him:

Wednesday, September 14, 2011

[HOW TO] Get a .tar.gz / tgz from Magento connect

Well... once again I ran into an interesting issue.
(and I'll skip the cursing this time)

Sometimes you need the module package of an Magento installation, but what if it is just available via Magento connect?

Well... at first you gotta get the extension key from Magento connect

The url they give you is fake, so don't bother trying...

Instead, use the given package name to construct an URL after following scheme:[PACKAGE NAME]/[VERSION]/[FULL PACKAGE NAME].tgz

this would mean for our example:

and... tadaaa, you got your .tgz archive!


Monday, August 29, 2011

Florian Rohrweck has gone Google.

<p>Or at least I will be have gone soon. Or something like that :D I will post new articles again. Not so much about leaks but more about the dark arts of mastering Google products and APIs. Or something else. Time will tell!

Thanks to all of you, who supported me on my way and made my work so much fun and enjoyable! You guys are awesome!

Rock on!</p>

Saturday, August 13, 2011

Paid for a purchase on Steam with Paypal but got no game? There's a fix for that.

If you paid for a game on Steam with PayPal but the payment flow was interrupted, you can get your purchase without contacting support and stuff...
So the game isn't showing up in your account?
Just purchase the same game a second time and you will get the message "There was an error blah blah, you already own the game blah blah" and you won't even see the PayPal website then during this "payment attempt"... Head to your games lib and there should be the missing game.

Btw: Limbo rocks the house! Try it! I love the graphics! (and it is just 9,99)

Monday, July 25, 2011

[ABOUT LEAKS] What I can tell from a simple mistake.

A while ago, Microsoft accidently leaked Tulalip. Some social network experiment that could be

If it was a smoke test, it was both cleverly planned and very silly at the same time.
Why? Because the timing would have been too obvious (15th of July, shortly after the Google+ launch).

Well Microsoft was already working on it since a while as a Google search reveals:

(the search results have already been removed in the meanwhile)

You can see several instances of the same application.
The Google cache shows me that the site was already crawled on the 27th of June 2011

The biggest rookie mistake was to forget to exclude the site from being crawled by using a simple robots.txt
(sorry for the hindsight, such things can happen, I know)
Another reference I found was the use of a free load-test (see here ) performed on the 17th of June 2011 for the domain

And now the pages just show plain and simple a message from (or on behalf of) the dev. team:

Furthermore there is one single very interesting fact:

The domain is the host for a warez page and.. surprisingly also the host of an older version of Microsofts social net.
Hm. Funny... the image-preview shows a different design and the original name of the social network...
Makes sense after the leak was discovered on has also some different footprints here on the web...

Ok ok, whatever... all this isn't so important.
More important is, what we can learn about Microsoft's way of testing and developing products.

Tulalip/Socl is basically a smaller project created by a small dev. group... creative, but not that experienced. I'd say they are mostly fresh from University or school.
If it were a well-funded project, it wouldn't have leaked in that way. They'd have security experts having an eye on the project... making sure that it isn't indexed by the Googlebot.

Furthermore, they'd consider a different way of testing their software than to just use a free load-test somewhere on the web that compromises the security of your project by posting the URL and the results on the web.

Microsoft would have it's own testing software for that...

Too many rookie-mistakes for a well experienced dev-team or a project with a big budget.

Microsoft has most likely multiple small groups working on different projects, all hosting on (I guess some kind of AppEngine made by Microsoft, hosting .net projects)

There are two subdomains I found on, referring to Socl/Tulalip:


I guess one was the testing version and the other one was the dev-version.
So, if someone interested in leaks might want to hunt, the best way to get started is to analyze habits, best practices and procedures of a company or developers.
In this case I guess the hunt wouldn't make much sense as the group seems to be not really "into" or tied to company internal best practices... but, if I'd want to hunt for THEM, I'd try to find every possible subdomain on

It is highly unlikely that they have simply shut down the application. It is more likely that they moved/renamed the instance somehow (this would cause way less trouble than to move it to a completely different server)

My best guess is, that it is still hosted somewhere on I just have to wait for Google to index it again. (if they haven't learned from their mistakes... they are rookies)
The rename from socl to tulalip (even if they had the domain also tells me, that it is not a primary focus of Microsoft. (no money, no lawyers)

The reason why they had to rename it can be found here:

Yep.. Ooops. (dated 4th of July 2011)

Well... now I know where Microsoft might have leaks... I'm watching you.

And my other guess: they might set up a second serverfarm for internal development too... hmm.. we'll see.

BTW... Warez site? WTF? I hope the guy who upped the early build of socl has a very good explanation for that!
I like the design and I hope they don't slash the project just because of some... stupid mistakes.
I probably won't use it... but hey, it looks great :)