GPS SPOOF!!!!

1.   Unlike the regular IT hacks wherein we keep seeing MAC spoofing,IP spoofing etc....what can one imagine if a GPS is spoofed.....:-)...can it make a plane land at a wrong coordinate?...YES!!!if it goes by the claims of a Iranian.

2. A US stealth drone was captured by spoofing its GPS coordinates, a hack that tricked the bird into landing in Iranian territory instead of where it was programmed to touch down...Phew..i bet u will read that again(Source :http://www.theregister.co.uk/2011/12/15/us_spy_drone_gps_spoofing/ )

3.   The 1700-word article cited an unnamed Iranian engineer who said he's studying the inner workings of the American bat-wing RQ-170 Sentinel that recently went missing over Iranian airspace. He said the spoofing technique made the craft “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center.(Source :http://www.theregister.co.uk/2011/12/15/us_spy_drone_gps_spoofing/ )

4. Thats hell of a HACK...if it actually is!!!!!!salutes to the guy who could do it in real....now i wonder what all could land at forbidden places if it is really possible.....:-)

5. Thanks http://www.theregister.co.uk

CHINA CAUGHT ON WRONG FOOT in its own MARCH

1. Across the globe ,across all the cyber attacks investigated one thing that comes out common is the source of attack ie CHINA.As always China has been always denying all claims and has been doing reverse propoganda of actually deep rooted spoofing and involvement of other countries.But recently it was caught on the wrong foot in front of the international nietizens....

2.   Below is the extract straight from FEDERAL COMPUTING WEEK penned as China provides smoking gun against itself in cyberattacks by John Breeden II

" But now, thanks to China itself, I have proof that the People’s Liberation Army does attack the United States, and likely does so on a regular basis.

China’s claims of innocence have come crashing down because of an apparent mistake in editing in a documentary on the country’s own state TV that should never have gone live. The PLA presentation demonstrated its military capabilities. Amid all the tanks and planes, the propaganda piece showed a mere four seconds inside the group's cyber warfare center.Without narration, one has to think that the cybersecurity part of the piece was only put into the video by accident, a technical background shot placed between segments for a bit of extra color. However, those four seconds are both telling and damning to the Chinese lie that they don’t attack the United States.

Here is the incredible part: During those four seconds, we clearly see a Chinese soldier use a drop-down list to choose from preset target websites around the world. Then he actually attacks a website in Alabama.

In this case, the website was setup to support Falun Gong, a spiritual movement outlawed in China that practices meditation and a philosophy that emphasizes moral responsibility.

Even though all the targets shown in the four-second video were Falun Gong sites around the world, the fact that they were in a drop-down menu is telling and appalling. You don’t set up drop-down menus with attack buttons unless you plan to use them. And the Chinese military did push the attack button in the video, so apparently it has no problem pulling the trigger.

So to all you people who wanted to know where my smoking gun was, watch the video. It’s clear to me that we are under attack from China right now.

It’s time for China to own up to what it is doing. Or it’s time for the United States to do something about it."

3. The video link is shown below for info of all.Watch it carefully!!!!

4. Thanks http://fcw.com

How Google detects Invalid clicks?

More often then not,most of the registered Google Ad sense users are always tempted to increase their clicks on the ad to generate some monetary benefit....this one comes specially for all those who try tricks of trade....believe it or not their are none... Google is tooooooooo smart...read down below and links below :

1. IP Address

If those clicked on their own ads multiple times from the same IP address means you will sure get banned.

2. Sabotaged by third party

Sometimes, you may also be sabotaged. A third party may decide to do a series of illegal clicks on your advertisements for the purpose of getting you banned. If you notice any suspicious clicks of this nature, Google encourages you to report it to them.

3. CTR

The normal CTR ratio must be in between 0.5% – 15%. Anything more then 15% will be flagged.

4. Cookies

Few Adsense users, use the trick by using the dynamic IP address but it falls flat as cookies in computer can be used to track our cookies and help identify the invalid clicks.

5. Physical Location

Google has many software and bots to trace. They will trace the IP address of the small town and city. So do not click your own ads in different internet cafe and also in friend’s home. If you do this, your account will flagged.

6. Fake Web Traffic

Fake web traffic is anything that generates false impressions on your Google AdSense advertisements, including participating in link farms or link exchange directories.

7. Search Engine Ranking

If you got many clicks without the help of search engine ranking, social media traffic means Google will easily smell it.

More veri useful info here at https://www.google.com and http://www.ambabo.com

CYBER GENOME PROJECT : U CAN BE TRACED BACK!!!!

1. The earlier mention on IP Spoofing and the pleothra of options and techniques available for attack,hack,sniff,crashing a network etc are well known for not reaching out to the origin of the person or hacker with the malaecious intention. DARPA (...please google or bing if u wish to know more on DARPA)has finally come out with the ‘Cyber Genome Program’ which will allow any digital artifact either in form of a document, or a piece of malware - to be poked into its very origins.

2. In in principle, it appears that almost any data fished from a relevant network, a computer, a pen drive, someone's phone or whatever is to be studied much as like a human genetic material. The code or document's relationships with other "digital artifacts" will be revealed, perhaps its origins, and other info of interest to a Pentagon admin defending military networks or a military/spook investigator tracing online adversaries.In other words, any code you write, perhaps even any document you create, might one day be traceable back to you - just as your DNA could be if found at a crime scene, and just as it used to be possible to identify radio operators even on encrypted channels by the distinctive "fist" with which they operated their Morse keys. Or something like that, anyway.

3. The concept is a cyber-equivalent of human finger-prints or DNA. The project will thus seek to develop a digital genotype as well as any inferred or observed phenotype in order to determine the identity of such digital artifacts and thus the users who left them behind.

4. DARPA is now looking for technologists to develop and use the cyber-equivalent of DNA to target the people behind cyber attacks. They are looking for geniuses in the fields of Cyber Genetics, Cyber Anthropology and Sociology and Cyber Physiology who can jointly work out the practical solutions to this project.The research involves creating lineage tree for digital artifacts, gaining better understanding of software evolution, and automatic analysis of social relationships between users and malware. Each of these researches will jointly develop the cyber equivalent of fingerprints or DNA.DARPA believes that this can identify the best-of-the-best hackers.

5. Thanks http://www.theregister.co.uk

IP Spoofing : Legal Acceptance in India?

1. I have been reading about this term for many years,have known about what it is through various sites,read about types of IP spoofing incl Blind Spoofing,Non blind spoofing etc.One question that started me trying reach out details of this term was "WHY IS IT AVAILABLE?"What is the aim intended in spoofing an IP?Is it solely MALICIOUS?

2. Indian IT Act 2000 followed by amendments ie IIA 2006,IIA 2008 have not mentioned any thing on this surprisingly!!Is it legal to use this for any reason?Recently I tried one third party software for this to check out effectivity of this.As per the option available in this software I configured this to changing IP address every 8 minutes.Then after it started I checked out my IP address from 4 sites including whatismyip.com,whatismyipadress.com etc.And yes!!! one minute I was shown in USA and the other minute I was in Netherland followed by Russia,China etc.If a script kid like me can do this what can a professional person intended with malicious intention can do.

3. Remember the Mumbai Blast episode wherein the email sent to the police were tracked only with the help of IP address.God forbid,he knew of such tricks what would have we tracked out?

4. I will request any reader to just add his views or enlighten me on this!!