Visit the stall near the end of lunch/dinner time.
Sure, some of the dishes may be sold out, but there will also be plenty of other dishes still available. Since the stall owner can't keep the dishes until the next lunch/dinner time, it is in his interest to give away larger portions so that he won't need to deal with leftovers later.
Get your guy colleague to order for you.
This only applies to girls. Stall owners tend to give a smaller portion to girls compared to guys. However, they charge the same price for both. So it is more value for money for a guy to place the order on behalf of the girl so as to receive a larger portion.
Ask for 'more rice' instead of 'add rice'.
Most stall owners will interpret 'more rice' as a larger scoop of rice which will result in more rice. This is generally free. However, 'add rice' entails adding a second scoop of rice to the first, and this generally cost additional money.
Make sure the stall owner has space to serve.
In many mixed vege stalls, there are usually two or more people serving dishes as the same time. When you are ordering, make sure to order dishes that are near the person serving you so that he won't have to stretch over his co-worker to reach your dish. If he is stretching to reach your dish, he probably won't give you more than usual serving since it is that much of a hassle.
Order the meat first.
This is to create a good impression with the stall owner. By ordering the meat first, your are signaling to the stall owner that you will not be ordering the cheapest items on the menu. This puts the owner in a better mood, so he may give you a larger serving.
Order 1 dish at a time and wait until he finished serving.
Point to your first dish, then wait until the stall owner finish serving it before pointing to the next dish. Do not rush him. Often, the stall owner needs time to gauge the portion of food to serve. If you give him sufficient time, it is likely that he will give you a larger than standard portion. Hurrying him results in less than standard portions.
Pause in between ordering dishes.
Pretend to ponder in between dishes. This gives more time for the stall owner to serve your previous dish which likely will result in a larger portion. When he is finished and noticed that you are still pondering overyour next order, he may feel bored and add a few more slices of your previous dish while waiting for you to make your next choice.
Order the same dish twice.
Use this technique very sparingly. After order a dish, pretend to look distracted and point to the same dish again. The stall owner will likely tell you that he has already served that dish. However, occasionally, he may instinctively go through the motion of serving the dish again and make your portion slightly larger, all for the same price.
Order dishes that are about to run out.
It takes practice to estimate, but it is worth picking dishes that are left with about 1.5 to 2 portions. Chances are, that if there is only about 1.5 to 2 portions of the dish left, the stall owner will think 'what-the-heck' and just give you everything. The good is that you get extra servings, the bad is that sauces right at the bottom of the tray are very salty.
Order vege dishes that contain meat sauces.
Some vege dishes have some meat in it to bring out the additional flavour. But it is sold at the price of vege becos the meat is usually in small amounts and only present in the sauce. Tofu dishes are an example of such. By ordering such dishes, you are getting some serving of meat for the price of vege. Nice.
Do not order meat dishes that contain vegetables.
These dishes count as meat but is usual half served with vegetables. It is very not worthwhile, do not order it. An example is the stir fried venison with leek. Go for fully meat dishes instead.
Ask for curry sauce.
Many a time, when you ask for curry sauce, some other ingredients in the curry sauce will find its way onto your rice, such as small pieces of chicken or potato. Cabbage curry sauce will probably bring you some cabbages and longbeans. And it's free.
Ask for meat sauces.
As mentioned earlier, some sauces are cooked with minced meat. It is near impossible to separate the mince meat from the sauce. So if you ask for meat sauces, you will definitely receive some serving of meat with it. And it's free.
Become a regular customer.
Talk to the stall owner on occasions. With good rapport, the stall owner will recognize you as a regular customer and will naturally give you extra servings the next time you visit.
Source http://www.facebook.com/note.php?note_id=410500001830&id=711507292
Friday, August 06, 2010
Thursday, August 05, 2010
Chinese Apple hacker
If tough love is the best way to fix the world's software, then Wu Shi may be one of the information security industry's unsung heroes.
Since 2007 the 35-year-old Shanghai-based researcher has found and reported more than 100 critical flaws in Web browsers like Internet Explorer, Safari and Chrome that could be used to hijack users' computers when they browse to an infected Web page. In the last year alone he's sold more than 50 of those flaws to vulnerability bounty projects like Zero Day Initiative and iDefense, organizations at Hewlett-Packard and VeriSign, respectively, that pay researchers for bug information and use the data in security products before passing it on to affected software vendors.
In Pictures: Red White And Blue In Red China
Hong Kong's 40 Richest
Best Business Apps For Android
Ten Socially Responsible Mobile Apps
Waterproofing Your Vacation
Those numbers represent more flaws reported to Zero Day Initiative and iDefense in a single year--and certainly more vulnerabilities in Web browsers--than practically any other researcher in the world. And more than half those flaws have been in Apple's Safari browser.
In one security update last month, for instance, Apple released 64 new patches for its iPhone operating system. Only six of those security problems had been identified by Apple's internal researchers. Twelve had been identified by researchers at Google. Fifteen had been identified by Wu.
"Perhaps Apple should hire Wu Shi to help them, since apparently he can find more than twice the bugs their whole security team can find," fellow security researcher Charlie Miller told Forbes at the time.
In instant messenger and e-mail conversations, Wu explains how he uses a method known as "fuzzing" to harvest those bugs. Fuzzing a browser involves entering a stream of tweaked files into the program to see which cause it to crash, and then analyzing those crash instances to see which would allow a hacker to insert code that would give him or her control of the browser.
Wu uses his own unique algorithm to generate those test files, and throws them at his own Apache Tomcat server, allowing him to test more samples at a higher frequency than the average researcher. Instead of merely switching single variables in a file, he says his method changes the entire sample, making as many changes as possible that still allow a browser to recognize the file as HTML. "My fuzzing framework focuses on the software's structure, not the details," Wu said.
Wu doesn't perform deep analysis on the bugs he finds, says Aaron Portnoy, a research manager at ZDI who has examined his findings. But Portnoy says the Chinese researcher's full-file fuzzing catches bugs that other approaches can't. "These files have complex hierarchies of related items. Instead of changing one of those items, he can change how the relationship tree works," says Portnoy. "A lot of people fuzz data. He fuzzes relationships."
Wu says he came up with his bug-finding breakthrough after a series of career disappointments. As China's stock market bubble swelled in 2006, his job at a small IT firm began to feel like a sinking ship. "I fell deeper and deeper into despair," Wu said. "On my salary, I couldn't even feed myself."
He left the IT firm and launched a startup based on peer-to-peer file sharing technology. But when a big customer refused to pay for a major project it had commissioned, his partner took another job and the company collapsed.
Wu began assembling a security consultancy and experimenting with fuzzing ideas he'd first had as a student at Fudan University years before. He found several Microsoft security flaws and reported them to the company directly before a friend told him about "vulnerability buying" programs like ZDI. "From that time on, I became a full-time bug hunter," he says.
The hunt has been fruitful. ZDI has paid Wu at least $5,000 for each of the 50 bugs it's bought from him, and iDefense has on occasion paid more than $10,000 for a single flaw. Wu won't say just how much those rewards have added up to, though some simple math shows they go well beyond a quarter of a million dollars--a tidy sum in China. ZDI has also awarded Wu "platinum status," a title that comes with a $20,000 bonus and a free trip to the Black Hat security conference in Las Vegas.
The idea of hundreds of critical security bugs in the hands of a mainland Chinese researcher might worry some in the wake of several widespread cyber espionage networks recently linked to China. The very public hacking of Google, Juniper, Intel, Yahoo and several other companies by cyberspies seemingly based in the country, for instance, used a flaw in Internet Explorer that could have been found with techniques similar to Wu's.
But Wu says that he has sold bugs only to those that "don't do evil" and report the bugs directly to software vendors. For some Internet Explorer bugs, he says he's had offers of 10 times ZDI's bounty from black-market buyers. But moral questions aside, Wu wants none of the risks that come with criminal associations.
Even so, the sheer numbers of vulnerabilities that Wu has found may be troubling, particularly in Apple's software. Wu says that he focuses on Apple's flaws because it's clear that the company hasn't. (Apple did not immediately respond to a request for comment.)
While Microsoft has been busy hardening its software against a decade of attacks--Wu cites threats like the Code Red worm that spread to hundreds of thousands of computers in 2001 and defaced websites with the phrase "Hacked By Chinese!"--Apple has enjoyed complacent years of being ignored by cybercriminals.
But Wu says that lull can't last. The rise of targeted attacks, for instance, has meant that Apple's smaller market share can no longer shield the company from dealing with security issues. "The iPhone and Mac OS are much easier to attack than Windows 7," he says. "I think in the future there will be a lot of attacks on Apple's software."
In other words, Apple's turn to be "hacked by Chinese" may come soon enough. And not all of them will be as charitable as Wu Shi.
Source: http://sg.news.yahoo.com/forbes/20100720/ttc-what-this-chinese-hacker-could-teach-2aa1c1a.html
Since 2007 the 35-year-old Shanghai-based researcher has found and reported more than 100 critical flaws in Web browsers like Internet Explorer, Safari and Chrome that could be used to hijack users' computers when they browse to an infected Web page. In the last year alone he's sold more than 50 of those flaws to vulnerability bounty projects like Zero Day Initiative and iDefense, organizations at Hewlett-Packard and VeriSign, respectively, that pay researchers for bug information and use the data in security products before passing it on to affected software vendors.
In Pictures: Red White And Blue In Red China
Hong Kong's 40 Richest
Best Business Apps For Android
Ten Socially Responsible Mobile Apps
Waterproofing Your Vacation
Those numbers represent more flaws reported to Zero Day Initiative and iDefense in a single year--and certainly more vulnerabilities in Web browsers--than practically any other researcher in the world. And more than half those flaws have been in Apple's Safari browser.
In one security update last month, for instance, Apple released 64 new patches for its iPhone operating system. Only six of those security problems had been identified by Apple's internal researchers. Twelve had been identified by researchers at Google. Fifteen had been identified by Wu.
"Perhaps Apple should hire Wu Shi to help them, since apparently he can find more than twice the bugs their whole security team can find," fellow security researcher Charlie Miller told Forbes at the time.
In instant messenger and e-mail conversations, Wu explains how he uses a method known as "fuzzing" to harvest those bugs. Fuzzing a browser involves entering a stream of tweaked files into the program to see which cause it to crash, and then analyzing those crash instances to see which would allow a hacker to insert code that would give him or her control of the browser.
Wu uses his own unique algorithm to generate those test files, and throws them at his own Apache Tomcat server, allowing him to test more samples at a higher frequency than the average researcher. Instead of merely switching single variables in a file, he says his method changes the entire sample, making as many changes as possible that still allow a browser to recognize the file as HTML. "My fuzzing framework focuses on the software's structure, not the details," Wu said.
Wu doesn't perform deep analysis on the bugs he finds, says Aaron Portnoy, a research manager at ZDI who has examined his findings. But Portnoy says the Chinese researcher's full-file fuzzing catches bugs that other approaches can't. "These files have complex hierarchies of related items. Instead of changing one of those items, he can change how the relationship tree works," says Portnoy. "A lot of people fuzz data. He fuzzes relationships."
Wu says he came up with his bug-finding breakthrough after a series of career disappointments. As China's stock market bubble swelled in 2006, his job at a small IT firm began to feel like a sinking ship. "I fell deeper and deeper into despair," Wu said. "On my salary, I couldn't even feed myself."
He left the IT firm and launched a startup based on peer-to-peer file sharing technology. But when a big customer refused to pay for a major project it had commissioned, his partner took another job and the company collapsed.
Wu began assembling a security consultancy and experimenting with fuzzing ideas he'd first had as a student at Fudan University years before. He found several Microsoft security flaws and reported them to the company directly before a friend told him about "vulnerability buying" programs like ZDI. "From that time on, I became a full-time bug hunter," he says.
The hunt has been fruitful. ZDI has paid Wu at least $5,000 for each of the 50 bugs it's bought from him, and iDefense has on occasion paid more than $10,000 for a single flaw. Wu won't say just how much those rewards have added up to, though some simple math shows they go well beyond a quarter of a million dollars--a tidy sum in China. ZDI has also awarded Wu "platinum status," a title that comes with a $20,000 bonus and a free trip to the Black Hat security conference in Las Vegas.
The idea of hundreds of critical security bugs in the hands of a mainland Chinese researcher might worry some in the wake of several widespread cyber espionage networks recently linked to China. The very public hacking of Google, Juniper, Intel, Yahoo and several other companies by cyberspies seemingly based in the country, for instance, used a flaw in Internet Explorer that could have been found with techniques similar to Wu's.
But Wu says that he has sold bugs only to those that "don't do evil" and report the bugs directly to software vendors. For some Internet Explorer bugs, he says he's had offers of 10 times ZDI's bounty from black-market buyers. But moral questions aside, Wu wants none of the risks that come with criminal associations.
Even so, the sheer numbers of vulnerabilities that Wu has found may be troubling, particularly in Apple's software. Wu says that he focuses on Apple's flaws because it's clear that the company hasn't. (Apple did not immediately respond to a request for comment.)
While Microsoft has been busy hardening its software against a decade of attacks--Wu cites threats like the Code Red worm that spread to hundreds of thousands of computers in 2001 and defaced websites with the phrase "Hacked By Chinese!"--Apple has enjoyed complacent years of being ignored by cybercriminals.
But Wu says that lull can't last. The rise of targeted attacks, for instance, has meant that Apple's smaller market share can no longer shield the company from dealing with security issues. "The iPhone and Mac OS are much easier to attack than Windows 7," he says. "I think in the future there will be a lot of attacks on Apple's software."
In other words, Apple's turn to be "hacked by Chinese" may come soon enough. And not all of them will be as charitable as Wu Shi.
Source: http://sg.news.yahoo.com/forbes/20100720/ttc-what-this-chinese-hacker-could-teach-2aa1c1a.html
Wednesday, June 30, 2010
Tuesday, June 29, 2010
His one month pay is more than my annual pay WTF
Standard Chartered Plc was ordered by Singapore’s High Court to pay Fermin Aldabe for wrongful dismissal after the lender’s global senior risk manager said he would resign on his first day on the job.
The London-based bank must pay Aldabe at least S$40,333 ($29,384) including one month’s salary of S$27,500 and his wage from Nov. 17 to Nov. 30, 2008, Justice Steven Chong said in his judgment yesterday. Aldabe was fired after saying he’d resign when told he wouldn’t be paid for a two-week period before the start date stipulated in his offer letter.
More here
The London-based bank must pay Aldabe at least S$40,333 ($29,384) including one month’s salary of S$27,500 and his wage from Nov. 17 to Nov. 30, 2008, Justice Steven Chong said in his judgment yesterday. Aldabe was fired after saying he’d resign when told he wouldn’t be paid for a two-week period before the start date stipulated in his offer letter.
More here
Results are out, pleased with my performance.
After waiting for a month ...
Now waiting for another negotitations.
Now waiting for another negotitations.
Monday, June 21, 2010
IT 心声
Long hours
Long hours are a given in IT. Long hours in IT were an issue even before the economy tanked, causing more people to be laid off and the remaining staff forced to take on more responsibility. Some of the long hours are due to the nature of the work, but sometimes they’re due to the way you work. There are tons of sources out there that give good time management advice and teach you how to use your time more wisely. I’ve heard good things about Getting Things Done: The Art of Stress-Free Productivity.
Lack of respect
While the CIO may feel a lack of respect in the boardroom, IT staffers are often faced with it every day. Help desk personnel will occasionally get the appreciative end-user but many times they’ll be treated as though they invented the technology that is causing the end-user problems.
Network administrators are usually below the radar, only showing up when the system goes down. People rarely recognize the time the system is up. In other words, the more successful a net admin is at the job, the lower his or her profile.
No recognition
Probably the complaint I hear most often from TR members is that they don’t feel they are rewarded properly. In a bad economy, raises and promotions aren’t forthcoming. Even despite these factors, IT can be a thankless job. After all, you’re not out there doing the things that get attention like other departments (e.g., Sales gets the glory if they land a big account). Savvy bosses will constantly sing the praises of their staffers. It’s the best way to get the IT department on the radar.
But if they don’t, you need to do it yourself. Throughout the year you should log your wins and keep track of the metrics that show you’re doing your job. Take the highlights of this and include them in your yearly review. I understand self-promotion is hard for IT pros who just want to do their jobs and not worry about their images, but if you don’t, you’ll be hit by another stressor:
Politics
I don’t care who you are or where you work, you will encounter people who seem to work less, but have more political clout. It’s infuriating but it shows the power of marketing oneself.
Source
Long hours are a given in IT. Long hours in IT were an issue even before the economy tanked, causing more people to be laid off and the remaining staff forced to take on more responsibility. Some of the long hours are due to the nature of the work, but sometimes they’re due to the way you work. There are tons of sources out there that give good time management advice and teach you how to use your time more wisely. I’ve heard good things about Getting Things Done: The Art of Stress-Free Productivity.
Lack of respect
While the CIO may feel a lack of respect in the boardroom, IT staffers are often faced with it every day. Help desk personnel will occasionally get the appreciative end-user but many times they’ll be treated as though they invented the technology that is causing the end-user problems.
Network administrators are usually below the radar, only showing up when the system goes down. People rarely recognize the time the system is up. In other words, the more successful a net admin is at the job, the lower his or her profile.
No recognition
Probably the complaint I hear most often from TR members is that they don’t feel they are rewarded properly. In a bad economy, raises and promotions aren’t forthcoming. Even despite these factors, IT can be a thankless job. After all, you’re not out there doing the things that get attention like other departments (e.g., Sales gets the glory if they land a big account). Savvy bosses will constantly sing the praises of their staffers. It’s the best way to get the IT department on the radar.
But if they don’t, you need to do it yourself. Throughout the year you should log your wins and keep track of the metrics that show you’re doing your job. Take the highlights of this and include them in your yearly review. I understand self-promotion is hard for IT pros who just want to do their jobs and not worry about their images, but if you don’t, you’ll be hit by another stressor:
Politics
I don’t care who you are or where you work, you will encounter people who seem to work less, but have more political clout. It’s infuriating but it shows the power of marketing oneself.
Source
Monday, June 14, 2010
Let me teach you a new word today "ENVY"! You shall reply with WOAH! or OMG!
More here http://www.blu-ray.com/community/gallery.php?member=THE_FORCE&folderid=2051
Tuesday, June 08, 2010
Subscribe to:
Posts (Atom)