First off, a warning. We cannot advocate that you actually do any of these hacks as they may break the elevators you're in or raise the ire of other passengers enough that they'll want to break you.

Let's start with a classic. The My Floor express. This one has been all over the Internet. Allegedly, you hold down the close door button when you press your desired floor and the elevator will skip every floor in-between, whether it's been pressed or not. Experts say this should not work, but legions of bloggers beg to differ.

Reports are that this trick works on most Otis models, except for those built in 1992; Dover models EL546 and ELOD862, and Desert models (except for ELD5433 and ELF3655). Let me know if you find any other makes this trick works on! Also reportedly pressing and holding your floor button until it reaches that floor can bypass any stops.

Now, what about the smart alecks that get in an elevator and press a bunch of buttons then leave. In our example elevator, just press the button twice and the floor goes away. Not a good idea if the person who wanted to go to that floor is still in the elevator. Another method is to press all the buttons, which will cause some models will reset the selections to none.

Finally, one that every apartment dweller probably knows. If you want the lift to wait for you while you're grabbing something, press the emergency button after the doors open. The doors will stay open and the car will wait until someone gets in and presses another button. That trick is also used in TV shows to stop the car between floors so the characters can have a dramatic conversation.

Once again, be warned, if you try these tricks, you could harm the elevator get yourself in trouble, and anger others. So be advised.

AT&T caused a flurry of fury when it blocked a server from the online forum, 4chan. We'll look at the DoS attack against 4Chan and how and why AT&T reacted.

The trouble started with neither AT&T nor 4Chan. A third-party attacker, possibly a rival forum, started a Denial of Service attack known as TCP SYN flooding, or SYN attack. First let's look at what's supposed to happen when you request a Web page.

Your computer--let's call it HOME--sends a SYN request to the Web Server (SYN for synchronize sequence numbers). In this case the server is img.4chan.org. 4Chan's server responds with an ACK flag (short for "acknowledge") and then your computer responds with a SYN-ACK and from there the connection is made.

In 4Chan's case, the attacker sent SYN requests with spoofed IP addresses. In other words, the requests appeared to come from some other computer or computers, for this example let's call it 127.55.55.127.

4Chan's server responded with an ACK, but since 127.55.55.127 never sent the SYN in the first place, it either sends an RST flag or more likely, nothing at all. And if 4CHAN gets nothing at all, it may send four or five ACKs for every SYN it receives. This whole scenario can take around 3 minutes to play out.

So, now you can see the problem. If the attacker is sending a bunch of SYN's from a bunch of spoofed addresses, the attacked server is going to run out of resources responding to them. The flood of traffic not only fills up 4Chan, but also floods innocent bystanders.

In 4Chan's case, some of these bystanders were in the AT&T network. Some were in other networks, like unWired Broadband. But since AT&T is the big kahuna, it got all the attention.

AT&T blocked all traffic coming from the 4Chan server sending out the ACK flags. This stopped the ACKs from flooding into AT&T's network, but also prevented any legitimate requests from its network to that 4Chan server.

A few AT&T subscribers who suddenly couldn't get to 4Chan figured AT&T was blocking the often controversial site. So they started grumbling.

4Chan complained that AT&T should have only filtered its server for the sites that had been spoofed. However, if AT&T had done that, and the attackers had caught on, they could have spoofed different IP addresses. AT&T was taking the rather cautious approach of blocking the entire server, making it irrelevant what IP addresses were spoofed.

4Chan did filter the DoS attack so that it didn't bring down its site, but it was still passing along the ACK requests that caused the trouble. Once it stopped that from happening, AT&T lifted the ban on img.4chan.org, and all went back to the peaceful happy land it had been before. Sort of. Well, except for the CNN iReport 4Chan users put up claiming the AT&T CEO was dead.

The employee most likely thought they had proper security protections in place. We'll show you how the Gmail account got cracked, and how you can take better care to protect your Gmail account.

Obviously, you should start by picking a strong password that's not a dictionary word or easily guessable. But that password is only as strong as Google's password recovery system. Google allows three methods to recover your password. E-mail, SMS, and the vaunted "security question." Three methods an attacker could use to gain entry to your account.

To check your password recovery options, go to settings, choose Accounts, and click on Google Account Settings. Then click "Change password recovery options."

The e-mail recovery method tripped up the Twitter employee. In this method, if you forget your password, you can specify an e-mail account where a password-reset link can be sent. This is common practice in Web services.

Allegedly, the Twitter employee had their recovery account set to a Hotmail account that was deactivated. The hacker was able to guess what the e-mail had been, reregister the account, and was able to get the password reset link sent to the Hotmail account.

How do you protect yourself against that? Well make sure you have a valid e-mail account listed as your secondary account, and make sure that account has solid security protection. Or better yet, don't use this method. Just leave the secondary e-mail account blank.

You have two other methods to choose from.

Method two is SMS. This is fairly secure, since any attacker would have to get access to your phone, or at least be near enough to intercept text messages to your phone number to steal your password. While this isn't impossible, it's a taller order. Of course, it also means you have to have a phone with a text messaging plan. Still this is my favored method.

Method No. 3 is my least favorite. The Security Question. This is where a lot of people fail. If you make the answer to your security question something guessable or easy to find out, then the strength of your password won't matter. Google suggests a few hard to guess things like your first phone number or Dad's middle name. But while they may be hard, all of these are discoverable. Thankfully, Google lets you write your own question.

I think you should treat this security question like another password. Write your own question and make the answer something entirely unguessable. Like What have you never told anyone else about? Answer: 5623break. Yes, that may be hard to remember, but it's very secure. Unfortunately, they don't let you leave this field blank, so at best you can fill it with nonsense information.

No system is 100 percent secure and obviously the most secure method here would be to provide no way to recover your password. However, if that's too strict for you, now you have some information to help you choose where in that balance between protection and convenience you land.

Our product manager Justin sent me a link to Kipkay's YouTube video on hacking apart a 9-volt battery into six AAA replacements. So, I had to try it for myself.

A 9-volt battery is actually made up of six 1.5-volt cells. Those cells are actually quadruple size, but you can make them work in AAA compartments.

Watch this video to see how. With some needle-nosed pliers, pry apart the casing of the 9-volt battery. As long as you're careful not to puncture the cells themselves, there's nothing harmful inside. Once you get it open, pull off any casing that's holding the cells together and you should get a sort of sausage string of cells.

Clip those apart, but leave some of the connector metal on each end of each cell. When you put them into a AAA compartment, bend the metal over to give you the extra room and conductivity to make them fit.

You may or may not be saving money here, since the cost of a 9-volt battery does run roughly 6 times as much as a single AAA. But in a pinch, the 9-volt battery could come in handy, just don't expect to use it as a 9-volt battery any more after you do this.

Also via Kipkay, The Energizer brand of A3 12-volt batteries can be pried apart to reveal eight button-cell batteries, useful for watches and other devices. Here you're saving money: the 12-volt is a couple bucks and each of the button cells can run about $5.

That's it for now. Be careful if you do this, by the way. Don't want you slicing up your hands or the batteries. Use proper protective measures.

Thanks to garysimmons on Twitter who pointed to a Lifehacker article from the awesome Gina Trapani on how to force your old add-ons to work in the beta version of Firefox.

Big warning! You're removing a safety net when you do this. Be prepared to deal with bugs, crashes, and security risks if you do this.

OK. Here's how to do it.

Go to the Firefox address bar and type about:config.

Click the button promising to be careful.

You're promising to be careful...RIGHT?

Right-click anywhere on the screen, choose new, then Boolean.

Name your new preference extensions.checkCompatibility. Press OK. Then set it to false and press OK again.

Now right-click again anywhere choose New and Boolean and make the name of this one extensions.checkUpdateSecurity and set the value of that one to false.

Great! You've just instructed Firefox not to check the validity of the extension and to tell update security to go take a flying leap.

If you're sure you want to do that, restart Firefox.

Now all your add-ons should load quite nicely. At least if they don't crash the whole browser. Don't forget you turned off the capability to ensure secure updates. So do be careful.

One last tip, several people wrote to me about the Add-on called Nightly Tester Tools. It allows you to use otherwise incompatible add-ons in beta versions, although it doesn't seem to get Firefox 2 add-ons to work in Firefox 3.