Friday 26 December 2014

True Mag v.2.10 – WordPress Theme for Video and Magazine


True Mag is an advanced solution for Video hosting websites, Video portfolio and Magazine. We build True Mag with the best practices of UI and UX as well as SEO. This theme will be the perfect choice to deliver your amazing content to viewers.

Falcon v1.0 – Responsive WordPress Magazine Theme


File Size 4.17 MB

Open with WinRAR or WinZip

Quote:
Download

Mokka v1.3.8 – Themeforest Minimal & Elegant WordPress Blog Theme


Mokka is completely a mobile friendly WP theme for all kind of blogs and websites. With a clean white shade and several pages the theme remains sophisticated as well simple by design. It belongs to a category of themes that are easy to list and showcase ones projects in a well defined manner. It is a must have asset for giving a leverage to your business.

Theme Demo

Download Links: Click Me To Download

RealEstast – Real Estate HTML Template


RealEstast HTML Template is The Best Solution To Sell Property Online. This template is appropriate for Real Estate Company, but flexible wordpress theme suitable for any business or portfolio, and it’s created by using the latest HTML5 and CSS3 techniques.

 Download:-   Click Me

Sunday 19 October 2014

Hash Identifier! Don't know The Type Of Hash?

Hey Guyz,
Ever had problems knowing what type of Hash you want to be able to crack?
Don't know whether it's a right hash or not?
An identifier will ease you through your hash cracking process.

Here's a screenshot:
[Image: 9GMa6.png]
Features:
1.Can detect most hashes including:

MD5
SHA-1
SHA-256
SHA-384
SHA-512
MySQL
MySQL 5
DES(Oracle)
DES(Unix)
MD5(Unix)
MD5(APR)
MD5(phpBB3)
MD5(Wordpress)
SHA-256(Unix)
SHA-512(Unix)
MD5(Base-64)
SHA-1(Base-64)
SHA-224(Base-64)
SHA-512(Base-64)
SHA-256(Base-64)

2. Very easy to use and friendly user interface
Virus Scan:
https://www.virustotal.com/file/7bcb607a...326742610/
Features on the next version:

1. More types of hashes will be added
2. Hashes with Salts identifier
3. Ways on cracking the hash will also be added
4. Hash Cracking tips and websites
Hope you guys will find this useful, specially when you web hack I'll be sharing the source code soon and to those who are really into coding.
Download: http://adf.ly/t0dPb
(Mediafire)

Sunday 3 August 2014

Setting up and cracking! [Mac]

Intro
Hello, and welcome to my tutorial. If you – like me – are a Mac user, who’s been looking to get into Reverse Engineering, you’ve probably already Google’d around, finding nothing but useless stuff (Although, a few Mac RE’s actually exists. I’ll link my favourite in the ’Credits’). Well, I sat down one day, and just began reading, and suddenly, I had a working setup and a CrackMe solved.
So, here’s my tutorial :-)

Disclaimer
What you do with this knowledge, I am NOT responsible for. The example included is a simple CrackMe, but should You choose to crack some expensive software, I am not to blame if something happens to you! I simply shared some knowledge.
The method I’m using, is just one of many. This is just to get you started. You should be able to find another way to crack it when you’re done here.

Software
Well, do solve Part 2, we’re going to need some software. First of all, you should have XCode installed. It’s a tool for Apple Developers, but AFAIK it’s available for everyone else too.
Next, you’re going to need OTX. There’s multiple version available loads of places on the internet, but you’ll need the latest. IF you download one of the older versions, you wont have access to disassembling x64 binaries. You can download the latest from here:

Quote:http://otx.osxninja.com/builds/trunk/
using SVN. 

You’ll need to compile this yourself in XCode, but that’s as easy as opening the .xcodeproject file, and ’Archive’ the application, and share it to your destination of choice.
Now you’ll need Class-Dump, this can be downloaded from here:

Quote:http://www.codethecode.com/projects/class-dump/

We’re also going to use GDBInit. A nifty script created by one of the most helpfull Mac RE’s I’ve seen. This tool can be downloaded from here:

Quote:http://reverse.put.as/gdbinit/

Be sure to download the newest version. When this is done, you’ll have to move it into your user’s folder, and rename it .gdbinit. This can be done via Terminal like this:

Quote:mv ~/Downloads/gdbinitVERSION ~/.gdbinit

Of course, you replace the ’gdbinitVERSION’-part with the filename of the file you downloaded. And the path of it’s not in the Download-directory.

Another great tool to get is ’Hopper Disassembler’. It’s on the Apple Mac AppStore, and is worth every penny (Actually, it’s pretty cheap!). If you can’t afford this, GDB will do just fine for now.
You could choose to use IDA instead, but that’s really your choice. I chose to use Hopper and GDB for doing this. :-) 

Using GDB
For this CrackMe we’ll be using GDB debugger. This comes with XCode (Or OS X, not sure TBH). This is used in the Terminal.
There’s a few things you should know about GDB. When using gdbinit, we’ll have to first start GDB, like this:
Quote:gdb

Now we’ll choose our ’target’ file, with the following command:
Quote:exec-file ~/MyFolder/MyFolder2/File.app/Contents/MacOS/File

As you see, the .app file you normally launch, is actually just a folder. I’m not going to explain how this works, but just that you’ll find the ’real’ executable in the Contents/MacOS/ folder.
To find out what’s actually happening while debugging the app, we’ll have to set some breakpoints. This can be done like this:
Quote:break *0x11

But, you can use functions, lines and other methods too. So if you want to know when the app is checking the length of a string, you can use the following:

Quote:break [NSString length]

Really, if you know how Objective-C works, this should be easy enough. :-)

To continue when the breakpoint has been reached, just write ’c’ or ’continue’, and the app will continue execution.

We’re also going to have to actually run the app. This can be done by either writing ’r’ or ’run’.
When the app is being paused by a breakpoint, you can exit the app by writing ’kill’, or simply CMD+Q the app while it’s running.

We’re also able to read from these addresses. With a simple command like this:

Quote:x/s *0xADDRESS
This’ll output a string. 

A list of other types: 
- o(octal)
- x(hex)
- d(decimal)
- u(unsigned decimal)
- t(binary)
- f(float)
- a(address)
- i(instruction)
- c(char)
- s(string)
- T(OSType)

But looking at the app isn’t enough for us. We want to change some values too. This can be done with the ’set’ command. It’s actually as simple as it seems. Can be done like this:

Quote:set $eax = (int) 0x12345

Of course, this can be done with addresses too.
We’re also going to use the ’cfz’ command, which’ll make the je, jne and so on not to be followed. Simply skipping the jump.

For most of these methods, theres more options that what I listed, but this is the basics, and it’s all we need to solve the CrackMe.
If you want to know more about GDB, look at the help, or go Google around.

The cracking part
Well, seems like we’re finally ready to crack something! Yay!
The CrackMe we’re going to use, can be downloaded from here:


 I made my own CrackMe too, if you guys want it, I’ll upload it to so you can have a go at it. (Although, it’s VERY easy!).

We’re going to need to know what we’re up against, so what we want to do, is to find all functions and global variables. This can be accomplished by using class-dump. The following command should do it:

Quote:class-dump ”Path/To/File/Challenge #1.app/Contents/MacOS/Challenge #1” >> classdump.txt

This will dump the variables and functions in a file named classdump.txt. This will be in your current working folder (seen by using ’pwd’ in Terminal).
When we open this file, we see a few functions. My classdump.txt looks like this:

Quote:/*
* Generated by class-dump 3.3.4 (64 bit).
*
* class-dump is Copyright © 1997-1998, 2000-2001, 2004-2011 by Steve Nygard.
*/

#pragma mark -

/*
* File: /Users/Christian/Desktop/Challenge #1.app/Contents/MacOS/Challenge #1
* UUID: B4FB5C47-4F51-F65D-E63B-9B5652A2346D
* Arch: Intel 80x86 (i386)
*
* Objective-C Garbage Collection: Unsupported
*/

@interface Level1 : NSObject
{
id errorSheet;
id incorrectSerialSheet;
id mainWindow;
id nameField;
id registeredSheet;
id serialField;
id welcomeSheet;
BOOL hasBeenRegistered;
}

- (void)awakeFromNib;
- (void)applicationDidFinishLaunching:(id)arg1;
- (void)continueWelcomeButton:(id)arg1;
- (void)quitCorrectSerialButton:(id)arg1;
- (void)okErrorSheetButton:(id)arg1;
- (void)okIncorrectSerialButton:(id)arg1;
- (void)cancelButton:(id)arg1;
- (void)unregisterButton:(id)arg1;
- (void)emailResults:(id)arg1;
- (void)verifyRegistration:(id)arg1;
- (BOOL)isRegistered;
- (BOOL)validateSerial:(id)arg1 forName:(id)arg2;
- (BOOL)applicationShouldTerminateAfterLastWindowClosed:(id)arg1;

@end

The method ’verifyRegistration:’ seems like something we could use.
Now we want to get the ASM-code of this application. It’s time to use OTX. Open OTX, and drag the binary file into the window. It should recognize it, and you should be able to save the dump.
This file is a little longer, so I’m not going to post the content, but it should be the same.

In most ASM-dumps, you’re probably not going to have such ’good’ output. Everything I get my hands on, I’ll have to find the addresses using another app (Hopper), and then find the address, but in this case, we got the method names before the ASM code, which allows us to search for our function. Now search for

Quote:-(void)[Level1 verifyRegistration:]

and you’ll get to the function that gets called when you press the ’Register’-button.

I assume you know some ASM before beginning this, so you should be able to spot where the action happens. But if not, here’s the ’if’-statement that we’re going to tamper with: 

Quote:+174 0000293c e81d270000 calll 0x0000505e -[(%esp,1) validateSerial:forName:]
+179 00002941 84c0 testb %al,%al
+181 00002943 0f84f500 je 0x00002a3e
+187 00002949 a100400 movl 0x00004000,%eax standardUserDefaults
+192 0000294e 89442404 movl %eax,0x04(%esp)

Start up Terminal, load up GDB and the Challenge #1 as previously explained..
Now we want to set a breakpoint on the address, so that we can stop it from jumping to the ’bad’ message.
This is done by using this:

break *0x00002943
Now we’ll run the app, simply by calling ’run’.
The app will open, and you’lle be presented with a window telling you about the rules and so. Continue, and you’ll see ’Name’ and ’Serial’ textfields. Write whatever you want, and press the ’Register’-button. This will pause the app and should focus the Terminal window.

Write ’cfz’, press enter and the crack is actually done. But since our app is still in pause, we have to tell it to continue running, by using the ’continue’ or ’c’ command.

Now the app will tell us that it’s registered succesfully, GJ! :-)

Now, as said in the ’Disclaimer’, this is not the only way, but it’s by far the easiest IMO.

Credits
There’s only one guy that I’ll show you, it’s fG.
This guy made a tutorial, that everyone is able to follow, and the blog is worth following. He’s also the author of various tools, including gdbinit. You can find multiple CrackMe’s on his site, and links to other sites.
The blog can be found here: http://reverse.put.as/

The End
If you found any errors or something weird in the tutorial, just let me know, and I’ll fix it ASAP. 
Feel free to ask questions, and I’ll do my best to answer them. :-) 

Cracking Hashes - How-to's And What-Not's

1. Intro
Ive seen a few requests for people to crack hashes, and some people aren't doing it right, just leaving a hash is not enough to help us help you.
This tutorial will walk threw the basics and try and help you out in your future of hashing.

2. Hashes
It is common practice for most web programmers to secure passwords by storing the encrypted value of the password in a database, because if they don't they risk a major security flaw which can harm their customers and themselves.

Hashes are also known as Cryptography, in a way.
Some hashes can decode on purpose, while others you need to brute force.
An example of encryption that allows decoding is Base64.

2.1 Need-To-Know's about Hashes

Widely used Hash Types include:
MD5 | SHA-1 | SHA-2
This means these 3 are the ones you need to be looking into when you grab a hash.

Type | Word Size| Collision |MD5 | 32 | | Yes |SHA-1 | 32 | Yes |SHA-2 | 64 | No |

2.1.1 Hash Collisions
From the graph I made above you can see MD5 and SHA-1 have Hash Collisions. This means that more then 1 value can equal the same hash value.
This is common sense seeing as MD5 and SHA-1 are both 32 Characters long, and there is a limit of how many 32 random characters you can make, I mean it isnt infinite. So their aught to be a Collision at some point.
Code:
H(a) = H(b)H representing the hash function.

3 Hash Decrypt Sites
many sites host services where you can md5 encode whatever you want, but at the same time this service saves both values for later.
So be aware when you use these services your md5 input and output will be saved in their database for their "md5 decode" service.

A list of Hash Decrypt Sites you can use.

- http://www.cmd5.com/english.aspx (457,354,352,282)
- http://www.md5crack.com
- http://www.hashchecker.com
- http://md5cracker.tk/ (MD5 Search engine by searches a total of 14 on-line crackers.)
- http://www.md5decrypter.com (5,889,729)
- http://www.md5oogle.com
- http://md5-db.com (The database is approximately 70gb)
- http://md5.rednoize.com (56,502,235)
- http://gdataonline.com/seekhash.php (3,251,106)
- http://www.tmto.org/?category=main&page=search_md5 (306.000.000.000)
- http://www.milw0rm.com/cracker/insert.php (Milw0rm Cracker db)
- http://blacklight.gotdns.org/cracker/crack.php (2,456,288)
- http://www.shell-storm.org/md5 ( The data base currently contains 169582 passwords )
- http://md5.xpzone.de (Need Account)
- http://passcracking.com/ (Register to increase your priority)
- http://www.xmd5.org

4 Brute Forcing
Most secure CMS's (Content Management Systems) use Salts and different algorithms.
an example is
Common: md5($password);PHP-Fusion: md5(md5($password));VBulliten: md5(md5($password).$salt);MyBB: md5(md5($salt).$password); 
Knowing the Hash + Hash Algorithm is needed when requesting help on cracking a hash.

Recommended Brute Forcing Programs
HashCat
Click Me To Download

HashCat = Linux
HashCat GUI = Windows.

PasswordsPro
Click Me To Download



4.1 WordLists
To brute force passwords its common sense you need a list of words.
Depending on the site of your CPU it all depends on how much space you want to use.
You can look at all the different word lists here

http://hashcrack.blogspot.com/p/wordlist-downloads.html

http://www.net-comber.com/wordurls.html

OR Download the wordlists I used.

NamesNumbers - 4MB - 4000800 Words
Really useful list, it provides top 200 popular male and female names followed by numbers.JacobJacob0Jacob1Jacob2....Jacob1000
28GB Wordlist - 28GB - 4103549326 Words
I Opened this up and it looked pretty useless as well as a waist of time to look threw. Around 28GB of just 6-7 characters long with special characters, letters, and numbers. Like ()D@WFOWI.
wordlist1 - 107MB - 9657365 Words
This file contains alot of number combination's as well as common passwords. This has gotten me afew cracks in the past.
UrbanDictionarySlangA-Z - 26KB - 3087 Words
I took the time and copying and pasting the top popular A-Z Urban Dictionary words, because some people use slang terms like friend and cumdumpster as a password.
Last Resort
If this tutorial doesn't help you or teach you how to crack hashes, then you can lead me to a nice one, but before you do look at this layout:
Hash:
Hash Algorithm(if known):Salt (if any):CMS(if known):

Common Types Of Password Cracking And Their Countermeasures

Social Engineering

Social engineering is when a hacker takes advantage of trusting human beings to get information from them. For example, if the hacker was trying to get the password for a co-workers computer, he could call the co-worker pretending to be from the IT department. Social Engineering is used for different purposes.

Countermeasure:

If somebody tries to get login information or any other sensitive information from you, ask them some questions. Try to find whether the one who is trying to get the info is legit or not.

Shoulder surfing

This method doesn’t need the usage of hacking knowledge. The hacker would simply attempt to look over your shoulder as you type in your password.

Countermeasure:

Make sure nobody’s looking when you type your login info.

Dumpster Driving

In this the hacker would simply try to find any slips of paper in which you have written the password.

Countermeasure:

Do not write your passwords or login information anywhere. If you write, keep them somewhere safe.

Guessing

If yours is a weak password, a hacker could simple guess it by using the information he knows about you.
Guessable passwords
1. Blank (None). (Most of the websites do not allow blank passwords)
2.The word "password" "passcode" "admin" and their derivatives.
3. The username or login name.
4. The names of their loved ones.
5. Their birthplace or date of birth.
6. A dictionary word in any language.
7. Automobile license plate number.
8. A row of letters in a standard keyboard layout.Example: asdfghjkl or qwertyuiop etc.
Countermeasure:

Use passwords that are not easily guessable and not found in any dictionary.

Dictionary Attacks

A dictionary attack is when a text file full of commonly used passwords, or a list of every word from the dictionary is used against a password database. Strong passwords usually aren’t vulnerable to this kind of attack.

Countermeasure:

Use the passwords that are not found in dictionary in any language.

Brute-force Attacks

Brute-force attacks can crack any password. Brute-force attacks try every possible combination of letters, numbers, and special characters until the right password is found. Brute-force attacks can take a long time. The speed is determined by the speed of the computer running the cracking program and the complexity of the password.

Countermeasure:

Use a password that is complex and long. Brute-force attack may take hundreds, even thousands of years to crack complex and long passwords.

Rainbow Tables

A Rainbow table is a huge pre-computed list of hashes for every possible combination of characters. A password hash is a password that has gone through a mathematical algorithm (such as md5) that transformed it into something which is not recognizable. A hash is a one way encryption so once a password is hashed there is no way to get the original string from the hashed string. A very common hashing algorithm used as security to store passwords in website databases is MD5. It is almost like a dictionary attack, the only difference is, in rainbow tables attack hashed characters are used as passwords whereas in dictionary attack normal characters are used as passwords. ‘hello’ in md5 is 5d41402abc4b2a76b9719d911017c592

Countermeasure:

Choose a password that is long and complex. Creating tables for passwords that are long takes a very long time and a lot of resources

Phishing

Many hackers and internet security experts say that Phishing is the most easiest and popular way to get the account details. In a Phishing attack the hacker sends a fake Facebook or any other webpage link to the victim which the hacker has created or downloaded and uploaded it to any free hosting sites like http://www.100mb.com or any free webhost. The hacker sends the fake login page link through E-mail or while chatting, etc. When the victim enters the login details, the victim is redirected to the original login page and the hacker gets the victim's login details.

Countermeasure:

Phishing attacks are very easy to avoid. When you are asked to put your personal information into a website, look up into the URL bar. If for example you are supposed to be on facebook.com and in the URL bar it says something like facebook.something.com or something, the you should know it’s fake.

RATing and Keylogging

In keylogging or RATing the hacker sends a keylogger server or RAT server to the victim. The keylogger records every key stroke of the victim. When the victim is typing the account details, the keylogger records and sends it to the hacker.

Countermeasures:

It is better to use on-screen keyboards or virtual keyboards while tying the login info or personal info. Install the latest anti-virus software and keep them updated.



Note: There are several other types of password cracking but, these are the most common types.

If Yu like this tutorial. Simple thanks wouldn't take more than 10 seconds.

Hope you liked the tut. :)

Thursday 31 July 2014

Top Free PC Programs Everyone Should Have

There are millions of free and open source projects available, many of them better than any commercially available product.
Below is a short listing of what we think is the best out there, broken down into ten categories.

free open source software
free open source softwares

1. Antivirus and malware protection

Most PC users realize that they need protection on their computer or may have an installed antivirus program from their computer manufacturer. What most don't realize is that there are free programs that are just as good and in some cases better than the commercial products. Below are our recommendations

Antivirus program: Avast! or AVG

Malware and Spyware protection: Malwarebytes

2. Backup solutions

There are dozens of free and commercially available backup programs for computers. Unfortunately many of those backups are stored locally, meaning if your house were to catch fire, get robbed, or if you lost your backup discs all your data would be lost. This is why when dealing with important data we suggest users use online backup services.

Online backup solution: Mozy or Dropbox
 
3. Browsers

Although Microsoft Internet Explorer comes pre-installed on Windows computers. There are several excellent free alternatives that everyone should try. These free alternatives can often be faster, have more options, and in many cases be more secure than Internet Explorer.

Internet Browser: Mozilla Firefox or Google Chrome
 
4.Compression utility

When downloading files on the Internet you'll eventually encounter a .zip, .rar, or other compressed file. Dealing with these files can be easy with our below free file compression utility.

File compression utility: 7-Zip

5. Disc ripper and creation utility
Creating an audio or data CD/DVD, ripping the data from an audio CD, or creating a CD from a .ISO file can also be done freely using our below free recommendation.

CD burner utilityCDBurnerXP

6. E-mail

E-mail is yet another service that can be done freely. Most users today use online e-mail solutions like the one listed below. However, for those still using an e-mail client such as Microsoft Outlook we strongly suggest one or both of the below suggestions.

E-mail client: Mozilla Thunderbird

Online e-mail: Gmail

7. FTP, SFTP, and SSH UtilityUsers who maintain their own web page or need to upload or download files to or from a server will have to use an FTP utility or a SSH client. There are many commercial programs capable of doing this but our below free recommendations beats them all.

FTP client: Filezilla

SSH client: Putty
 
8.Image editor, paint program, and picture organizer

There are many great free solutions for editing, creating, and organizing your images on your computer. Many of the programs capable of doing these tasks can be several hundred dollars, but all of the below programs are completely free.

Image editor: GIMP

Paint program: Paint.net

Picture organizer: Google Picasa

9. Multimedia

There are dozens of different multimedia programs with different capabilities and limitations. Below are our top free multimedia programs for watching video files and recording audio.

Audio editing and creating tool: Audacity

Video and DVD Player: VLC
 
10. Office Suite

An Office suite such as Microsoft Office is often one of the most expensive programs that a user can install on their computer. Why install these expensive programs when there are free solutions that are just as good.

Office suite: OpenOffice

Notepad and Source code editor: Notepad++

6 Amazing Things You Didn't Know About Your Computer

It's a ritual across the globe: somewhere between sticking the kettle on and complaining about last night's match, you'll probably hit the button on your ageing company PC and wait while it slowly thinks about turning on. Rather than take it for granted, though, it's worth taking a couple minutes to realize a few of the things that your poor robot slave does without you ever knowing.

1. Bits, Bytes, and Size

Next time you complain about the pitiful memory capacity of your old 8GB iPod Touch, it's worth remember what makes up eight whole gigabytes. Computer science grads will know that in every gigabyte, there's 1024 megabytes; 1024 kilobytes in a megabyte, and 1024 bytes in a kilobyte. Breaking it down to the lowest level, you've got 8 bits in a byte.

Why does that matter? Because on a flash drive, each bit of data is made up of eight separate floating gates, each comprising two physical transistors, which can basically record themselves as either a '1' or a '0'. (Want to be impressed ever further? Each floating gate actually relies on quantum mechanics to work.) That means that an 8GB iPod Touch – the one you were laughing at a minute ago for being puny – has, according to my back-of-the-napkin maths, 549,755,813,888 individual gates arrayed inside that svelte aluminium body. Mighty clever engineering indeed.

2. Everything you see or hear on the internet is actually on your computer

All your computer-whizz friends probably delight in telling you how having a 'library' of videos is so 2008, that no-one torrents any more, it's all Netflix and iPlayer and 'The Cloud', whatever that means. But, you might want to remind them: every time you stream a video or the week's latest Top 40 off the web, it's actually, technically playing off your computer.

See, every internet media file has to make a local copy of itself on your machine, first. Ever wondered what that white buffering bar means on YouTube or Netflix? It's the amount of video that's been copied to the local cache, a.k.a. the amount you can still watch if your internet decides to up and die.

3. The distance data travels

A quick experiment for you: click this link, which should take you to Wikipedia. With one click, you've just fetched a bunch of data from servers in Ashburn, Virginia, about 6000km away. Your request has travelled from your computer, through a local Wi-Fi router or a modem, up to a local data centre, from there onwards (under the Atlantic Ocean, if you're in the UK), all the way to Virginia, and back again – in around 0.1 of a second, depending on how good your internet connection is.

By comparison, your body takes around 0.15 of a second for a signal to pass from your fingers, up your spinal cord to the brain, and back down again.

4. Counting Starts at Zero

At a base level, every computer's just a really big, complicated calculator. But thanks to the way its intrinsic circuitry works – with lots of little logic gates that are either 'on' or 'off' – every action that takes place at a base level is happening in binary, where things are either a 1 or a 0, with no shades of grey in between.

This actually translates up to a neat bit of programming trivia – in the computer science world, all counting (with the rather notable exceptions of Fortran and Visual Basic) starts at zero, not one.

It actually makes a lot more sense – ever thought about why the 20th century refers to the 1900s? It's because when historians decided on the dating system, they weren't clever enough to call the very first century (0-99AD) the 0th century. If they had, we'd probably have far fewer confused school children the world over.

5. The work that goes into a Ctrl+C, Ctrl+V

One rather under-appreciated fact about solid state drives (SSDs), regarded as the gold standard for fast, reliable storage, is the amount of copying they have to do. When you want to copy some data from one bit to another, it's not just a matter of shuffling the data from one part of the drive to another.

Because of the complicated way a SSD works, over-writing a block of old data with some shiny new data isn't as simple as just writing the new stuff in with a bigger, thicker Sharpie. Rather, the storage drive has to do some complicated shuffling around.


In practice, this can mean that writing a tiny 4KB file can require the drive to read 2MB (that's thousands of times more data that the 4KB file you're trying to write), store that temporarily, erase a whole tonne of blocks, then re-write all the data. It's rather labour-intensive, so think before you juggle your files around next time.

6. Code isn't as clean as you think

The majority of us put faith in bits of technology you don't quite understand – be it committing your life to a 747, or your dirty pics to Snapchat's auto-delete. When you do you generally tend to assume that the code's been scrupulously examined by teams of caffeine-fuelled programmers, with most of the niggling little bugs found and nixed.

The truth seems to be quite the opposite. One Quora user pointed out that buried within the source code for Java, one of the internet's fundamental bits of code, is this gem:

/**
* This method returns the Nth bit that is set in the bit array. The
* current position is cached in the following 4 variables and will
* help speed up a sequence of next() call in an index iterator. This
* method is a mess, but it is fast and it works, so don't f*ck with it.
*/
private int _pos = Integer.MAX_VALUE;
It just goes to show that even programmers rush things to get home for the next installment of Game of Thrones sometimes.