1. The image might be named with the person’s first and last name – potentially disclosing more information than they intended to in their Twitter profile
2. Many people download their Facebook Profile picture to use on Twitter  – Facebook renames uploaded files to include the Facebook user ID, allowing you to easily find their Facebook profile (as opposed to trying to search on their first and last name)
3. If the original filename is unique enough you can often find other related pictures just by Goolging
4. You can use something like Jeffrey’s Exif viewer to extract EXIF information from the image – often telling you what type of camera/phone the user has

Sure, they’re small things, but for anyone wanting to Social Engineer the target it could certainly help. The frustrating part: it would take only few lines of code for Twitter to prevent this, and it really is (in my opinion) a “best practice” they’re simply not bothering to follow.

During a mild case of insomnia I had another thought on cracking/bypassing SQLite password protection: what if (in the case where the app uses a .dll file, rather than statically linking the library) I just downloaded the SQLite source code, added “logging” of sorts to each of the main functions (“login”, executing queries, etc), compiled it, and replaced the application’s version with mine – the DLL would basically just output the database’s password for me, in plain text, perfect for opening it with something like SQLiteSpy :D

What’s so great about this, you ask? Well, I’d imagine it’s far easier to keep one of these in your wallet than to carry a flash drive around with you everywhere (and I prefer to keep my keyring as small as possible so I’m not fond of attaching a flash drive to it). It also has a hardware “read only” lock (at least judging by the pictures), so no more “autorun” viruses when plugging in to infected machines, and you could boot an OS off of it and not worry about becoming infected or backdoor’ed (at least not past a reboot) when visting places like Defcon ;)

Selling for $13 from Amazon (for the 2GB), I definitely think I’m going to get myself one!

So far the only thing people seem to be moaning about is that you don’t get extra lives or health during the game, making it rather difficult to finish. There have also been requests for “Infinite Lives” and “Infinite Ammo” cheats for it – so I decided to make some hacks ;)

The “Patches” make changes directly to the game files, and can be used in conjunction with each other. You can also undo the changes made to your game file.

Infinite Lives, Health, Ammo and Energy Patch (or you can download the patches individually: Infinite Lives Patch, Infinite Health Patch, Infinite Ammo Patch, Infinite Energy Patch)

UPDATE (08 April 2008): I’ve created a patch which gives you an extra life every 4000 score points – you should be able to get an extra life half way through the second level, and a second extra life near the beginning of the third level… though I think it’ll be easier to get extra lives on the later levels. Download: Facewound extra lives (5.95kb)

Also made a patch to fix a bug, where selecting “New Game” from the menu while in a game doesn’t reset your score back to 0. Download: FaceWound (new game) score fix (5.80kb)

UPDATE (09 April 2008): One of the guys on the official FaceWound forums (Im Crimson) asked if I could make a patch to give you more plutonium so you can buy more weapons, so here they are: FaceWound Double plutonium (5.77kb) and FaceWound Triple plutonium (5.76kb) :D

UPDATE (10 April 2008): More hacks, and this page is becoming a real mess. Inspired by Mariowound – A Mario mod for Facewound (which is awesome), I thought I’d look into FaceWound’s jumping and collision detection, to try and hack it so those coin-boxes could actually work… instead I ended up with some jump hacks which might (though probably not) come in handy for someone, somewhere, one day: FaceWound half-height jumping, FaceWound double-height jumping, FaceWound infinite jumping.