Social Icons

Showing posts with label cyber crime. Show all posts
Showing posts with label cyber crime. Show all posts

Sunday, October 18, 2020

Workshop on Blockchain Technology and e-Governance: GNLU Center for Law and Technology

A one day Workshop on Blockchain Technology and e-Governance was organized by GNLU,Ahmedabad University through its GNLU Center for Law and Technology in collaboration with Gujarat Council on Science and Technology &  Department of Science and Technology, Government of Gujarat on 19 Sept 2020. The webinar link for the same is as below:

The presentation is available for download at the following link:

https://drive.google.com/file/d/1RT79-r5LhFXdbi2D_ZKgkwu8eH9v5225/view?usp=sharing

while also the scribd direct link for viewing is available as below:


Blockchain Technology and e-Governance by Anupam Tiwari on Scribd

Summer Internship Gurugram Police : Talk on Blockchain basics and Bitcoin crimes

Blockchain basics: Mechanic... by Anupam Tiwari

 

Sharing here a webinar presentation I gave in the Gurugram police summer internship on 27 June 2020.The webinar was attended by 400 plus participants. The link to the presentation pdf is given below:

https://drive.google.com/file/d/1K13ljAstX4oCqd4iMtGROqseyMJ8Rp8R/view?usp=sharing

and the certificate I got as below:



Sunday, October 05, 2014

Officially Keylogged : Welcome to Microsoft Windows 10 Preview

1.   Though an avid loyalist of Linux for last about a decade,I always keep a tag of what’s happening in the world of Windows......and recently when Windows 10 preview was launched I started reading various reviews pan web....and I came across this startling and surprisingly criminal revelation regarding inbuilt key logging in the OS available for download.See the screen shot below straight from the Microsoft and you read it for your self highlighted...  

(Click to Enlarge)

2.     This is actually too much in the name of Data Collection wave by various companies as a genuine and legal move putting across mostly naive users at complete risk since anyone is hardly interested in reading the Terms & Conditions of any application.A google search on this gives surprising concerns as bought out by various reviewers across as seen below :

(Click to Enlarge)
3.   Few interesting statements below from Terms and Conditions :

"Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage."


"We may collect information about your device and applications and use it for purposes such as determining or improving compatibility" and "use voice input features like speech-to-text, we may collect voice information and use it for purposes such as improving speech processing."
The killer statement says, "If you open a file, we may collect information about the file, the application used to open the file, and how long it takes any use [of] it for purposes such as improving performance, or [if you] enter text, we may collect typed characters, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features."

4.     Thanks Microsoft :-)

Sunday, July 13, 2014

Facebook and Law strings

1.   The way Facebook has made an impact pan globe in most of our lives is undoubtedly phenomenal.Facebook has become a way of life for many who are addicted...it gives us a medium to express self in the digital world with a digital self avatar.It is seen that people who remain silent in their physical lives may become more verbose on Facebook...people who generally remain non reactive in informal group discussions become unexpectedly high on expressing themselves ...and so it be that for the first few years when every one was expressing loudly on the Facebook ...it didn't matter but now with the IT act and laws propping up in each country...things are not so easy to express.Each time anyone expresses anger or happiness over something... it is associated and linked with a act which may or may not be legally authorized.Here in this post ahead I bring you few FAQs which each one of us will associate with our lives and associated punishments effected as per IT act 2008 amended (India).

FAQs ex ROHAS NAGPAL @ http://www.facebooklaw.in/

Is it legal to ridicule a Government official or Minister on Facebook?

NO. This is a very serious offence and could get someone in jail for life! And unlike what is shown in Hindi movies, life imprisonment means imprisonment for life and not just 14 years! Ridiculing a Government official or Minister on Facebook could be illegal under the following laws:

Sedition
Defamation
Sending offensive electronic messages

Plus, if the Minister or official is a woman, it could also be covered under indecent representation of women

Is it legal to ridicule a celebrity or even an ordinary person on Facebook?

No. This is a serious offence and could get someone in jail for upto 3 years! Ridiculing a celebrity or even an ordinary person on Facebook could be illegal under the following laws:

Defamation
Sending offensive electronic messages


Is it legal to ridicule a religion on Facebook?

No.This is a serious offence and could get someone in jail for upto 3 years! Ridiculing a religion on Facebook could be illegal under the following laws:

Promoting enmity on grounds of religion8
Outraging religious feelings9
Wounding religious feelings10
Sending offensive electronic messages11
Imputations, assertions prejudicial to national-integration


Is it legal to call someone an “idiot” on Facebook?

No.This is a serious offence and could get someone in jail for upto 3 years!The dictionary meaning of “idiot” is a “person of low intelligence” or a “mentally deficient person”.Since it is impossible to prove that a person is actually an “idiot”, calling someone an idiot would amount to defamation and would be punishable under two laws:

Defamation
Sending offensive electronic messages


I have ordered some stuff from a famous ecommerce website. They have not sent
it even after a month but my credit card has been charged for the transaction. Is it legal to post my complaint about this on my Facebook wall?

Is it legal to open a Facebook account in a fake name?
No.This is a serious offense and simply creating the account in a fake name (or someone else’s name) makes the creator liable for 2 years imprisonment.If the person sends even one message, posts one comment or sends even one friend request using this account, the liability could be another 3 years in jail!Simply creating the account in the fake name (or someone else’s name) amounts to forgery.If the account is used, then it amounts to sending offensive electronic messages.Further if the fake account was created for the purpose of harming someone’s reputation, then it amounts to forgery for purpose of harming reputation.
If I use asterisk marks instead of abusive words, can I still get into trouble?

Yes.Even if you use asterisk marks (e.g. instead of fool, you say f**l), if the meaning is apparent, then it would be punishable with upto 3 years imprisonment.

 
As a joke, I have put a morphed photo of my friend on Facebook. She has taken
it as a joke, but her father is very angry with this. Can he file a case against me?
What kind of posts can land me in prison?

Yes.If her father finds it offensive, he can file a case and it can be penalized as “sending offensive messages” and is punishable with upto 3 years imprisonment.If the photo is obscene then there is an additional liability for 3 years imprisonment.

Someone has sent me a threatening message on Facebook. Is that a crime?

Yes.Sending threatening messages on Facebook can be penalized as “sending offensive messages” and is punishable with upto 3 years imprisonment.Additionally, depending upon the threat in the message, additional punishment could vary from 2 years imprisonment to 7 years imprisonment.Additionally, if the threatening message is sent using a fake account (or in any manner to hide the name and details of the sender), then an additional 2 years punishment can be given.

FAQs ex ROHAS NAGPAL @ http://www.facebooklaw.in/

Sunday, September 01, 2013

IT SUMMIT : Next Generation Network security at AMITY,NOIDA,INDIA

1.  Recently attended  IT SUMMIT : Next Generation Network security at AMITY,NOIDA campus.The day long summit had three panel discussions including Big Data,Cloud and Next Generation Network security.I was part of the third panel discussion..uploading the ppt  here....







Tuesday, August 27, 2013

After What's APP : Now WeChat threat!!!!

1.  Few backs earlier I wrote a post about Security Issues in Whatsapp here. Now exactly on the same lines there is a proven issue on Wechat....

2.  WeChat gained an immediate success the moment it was launched few months back in India.Every one was so happy to adopt it in their respective androids but it seems that the application is not so secure as hackers have been able to bypass the security mechanism to decrypt the messages sent using the app and China could be potentially spying on Indian citizens...
 
3.   Rest ditto from Parity news at http://www.paritynews.com/2013/08/26/2487/wechat-is-a-threat-to-national-security-claim-researchers/

According to a couple of young researchers, Jiten Jain and Abhay Agarwal, the free messaging app doesn’t employ the best of encryption and security technologies, which leaves personal information of its users vulnerable to theft. To prove their point the researchers went onto demonstrate the ease with which the messages sent using WeChat can be decrypted, indirectly indicating that foreign governments could be doing the same thing for spying and surveillance purposes.

The researchers were discussing the potential risks to privacy of users because of surveillance techniques employed by service provides across the globe at The Hackers Conference in New Delhi India on August 25. The researcher duo claimed that app from Chinese Internet Giant Tencent is threat to national security.

Jain and Agarwal claimed that not only can the Chinese government access the chat logs, but they can also access each and every detail about users stored in their smartphones – ranging from contact lists, messages, calls, geographic locations, etc.

One of other points raised at the conference was that the Indian Government is not able to successfully utilize the vast potential of security researchers in India. The Government has failed to secure its websites never mind the security of the whole nation. Researchers present at the conference stressed for the need of raising awareness about security within government establishments and masses in general.

Researches urged the government to strengthen the security of its websites as well as digital data by grooming in-house security experts as well as by availing help from industry experts present in India.

4.   In fact the duo did not hold back to say that it is a severe national threat...and I agree to their view...but who cares!!!!elections are coming...we are not even bothered about so many internal threats...external is out of purview!!!!!SAD.

Monday, August 26, 2013

Finding Maximum frame size on the Network : PING makes it easy

1.   We know how to get the IP address of any website...we simply need to ping it.For example if we need to know the IP address of a website ie www.somesite****.com...then we only need to ping it....like shown in the screen shot below :

2.   So we get the IP address of the web site at www.somesite****.com as *.*.*.*....But if we need to know the maximum frame size that this can handle...what's the way out ?...ping will be able to assist us here too...we need to add some switches to it...so the next command goes like :

ping www.somesite****.com -f -l 1500 and we get this as the output :

3.   The display Packet needs to be fragmented but DF set means that the frame is too large to be on the network and needs to be fragmented.Since the -f switch is used,the packet was not sent and the ping command returned with this error.

4.   Now instead of 1500...type the same command with the attrib as 1300 like ping www.somesite****.com -f -l 1300


5.   So here we have got a bracket of size ie the maximum packet size is more than 1300 and less then 1500 bytes...so keep trying with values between 1300 and 1500 till ur reach the exact breaking point wherein the message in the ping display changes...so here the border line at which the message changes is shown in the screen shots below :



6.   So for the given www.somesite****.com ,the maximum frame size on the machine network is 1472 bytes....

7.  If you wanna try this in your network,then the 1300-1500 set that I have used may be different...so first you need to figure out those boundaries yourself!!!!!

Tuesday, August 13, 2013

Lure of a FREE PEN DRIVE : MALWARE'd

1.   If you are one of those guys who are regular to attend workshops, seminars, product launches , lectures...you must have got varying opportunities of getting hold of freebies in form of bags,brochures and PEN DRIVES....yess m sure the last one is a pure lure and most of the times everi one of us falls for it...be it a small capacity or a large capacity...the hand does not think twice before picking it up....but does any one of us realise that it may be these pen drives who become the first source of uploading some malware or a virus in your PC or laptop...the moment it is plugged in .....the machine is compromised.....unless the autorun is disabled...which in most of the cases is not.....


2.  The concept of zero day exploits has made it more dangerous....coz even if the user decides to run a antivirus scan...it will be shown free of any kind of virus or malware...the result is a silent compromise of the machine...however updated it remains in respect of OS or browsers or any application....the silent action in the background defies every lock of the user.Now all this is not based on some kind of imagination...there have been real life cases of which the one which made lots of noise is the IBM-AusCERT conference on the Gold Coast, Queensland, in which the free pendrives were infected by not one, but two pieces of malware.The details available at this link http://nakedsecurity.sophos.com/2010/05/21/ibm-distributes-usb-malware-cocktail-auscert-security-conference/

(CLICK ON THE IMAGE TO ENLARGE)
3.   In what must have been a highly embarrassing admission, IBM Australia sent an email to all AusCERT attendees warning them of the security screw-up...as shown in the screen shot above...besides this the famous stuxnet example was via pendrives lure....so if this is happening at such high levels of interactions,can the workshops u and me attend be left behind!!!!no way....so whats the way out?....best way is to buy one from a genuine store...(not sure how clean will that be?)...or still better refrain your self from picking one free pendrive.




Monday, August 12, 2013

Pirate Bay Web browser : Yess!!! it's here....

1.   This is another tool to make you access that you cannot.Majorly known for allowing movie downloads,the pirate bay has launched this browser to celebrate its 10th anniversary....PirateBrowser is a bundle package of the Tor client (Vidalia), FireFox Portable browser (with foxyproxy addon) and some custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens...
The website at http://piratebrowser.com/ says "PirateBrowser - No more censorship!"

2.  We all have heard of TOR...so you configure that TOR more tightly and should be able to access what is not allowed....while it uses Tor network, which is designed for anonymous surfing, this browser is intended just to circumvent censorship — to remove limits on accessing websites your government doesn't want you to know about....

3.   But except for few of security guys and some extended circle of those guys...the general crowd would still keep using the chrome and Internet browser.....because most of them do not understand the long term effects of invasion of privacy and neither anyone is interested!!!!

CARRY ON....SURFING!!!!!!more at http://piratebrowser.com/

ARACHNI Web Scanner

1.    When we start finding vulnerabilities in a web application,either we have a option to do it manually by putting in hours of patience and grilling or we generally hear the commonly used tools like Acunetix and few other online scanners...or for may be afford a luxury like IBM - Proventia Network Enterprise Scanner ..but there is an open source tool option to Acunetix. Takes lil bit of time but the amount of options that it offers are huge...and gives a great report that is exhaustive.


2. Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives. It is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits, to a multi-user multi-scan web collaboration platform.


3.   Arachni is a fully automated system which tries to enforce the fire and forget principle. As soon as a scan is started it will not bother you for anything nor require further user interaction.Upon completion, you will be able to export the scan results to several different formats (HTML, Plain Text, XML, etc.).Few useful pointers about details of this good scanner : 

Download from         -  http://www.arachni-scanner.com/download/

Homepage                 - http://arachni-scanner.com

Blog                          - http://arachni-scanner.com/blog

Documentation          - https://github.com/Arachni/arachni/wiki

Support                     - http://support.arachni-scanner.com

GitHub page              - http://github.com/Arachni/arachni


Author                     - Tasos "Zapotek" Laskos (http://twitter.com/Zap0tek)

Twitter                    - http://twitter.com/ArachniScanner

4.    To use Arachni run the executables under "bin/".

To launch the Web interface:

   cd bin
   ./arachni_web in a separate terminal
and ./arachni_rpcd in a separate terminal

Default account details:

    Administrator:

        E-mail address: admin@admin.admin
        Password:       administrator

    User:

        E-mail address: user@user.user
        Password:       regular_user

5.    For a quick scan: via the command-line interface:

    bin/arachni http://test.com

6.     For detailed documentation see:        http://arachni-scanner.com/wiki/User-guide

Sunday, August 04, 2013

Your ANDROID APPLICATIONS : Mining your profile

1.    It is common for us to hear a company promoting its phone or tablet showcasing that lakhs of android applications are available for free...and the poor(???) customer generally falls for it...so he buys the device and immediately starts exploiting the world of millions of applications on the net and the Google play store...now off course Google just does not upload a application for download once the up loader does his part of the formalities and registration...it checks under its set of QRs if the application is ok from the point of being malicious in nature or not but that does not always works....so many times android applications even in the Google play-store have been found to be suspected...now lets keep suspected apart...does the typical user even checks the terms and conditions of any application before installing?...the blind rule is JUST ACCEPT IT!!!and this goes against the user...this allows invasion to privacy...why should a company ask to access your phone contacts..your location..your system settings...your configuration settings before it allows to install it application on your device...BUT NO ONE THINKS ABOUT THIS!!!!

Back in February of this year, Google announced it was hardening its stance on Android security, unveiling an app-scanner (codenamed Bouncer) to weed out malware uploaded to Android Market (now Google Play) through automatic scanning. Since then, Google has taken more steps to protect Android users: it acquired VirusTotal back in September and in Android 4.2 Jelly Bean introduced an optional app verification feature that enables users to identify dangerous and potentially-dangerous apps on their devices, even if they downloaded them from the Web or got them from an app store other than Google Play.
How have Google’s efforts to combat Android malware been working out? Perhaps not so well. Security researchers were quickly able to analyze how Bouncer operated and find easy ways to circumvent Google Play’s automated scanning — techniques publicly available now to malware authors if they hadn’t managed to think of them on their own. Further, Xuxian Jiang of North Carolina State University has published an assessment of Jelly Bean’s app verification capability. The results? Google’s app verification service identified just over 15 percent of malware samples thrown at it from the Android Malware Genome Project


2.     Mobile malware is lately becoming a organised crime with complex sophistication in terms of tracking back....and this makes the attack surface for the hacker and the black hats more big and the user more vulnerable at the same time....The most common victim is the one who looks for free applications in various heads of education...technology and not to forget the games section which is a big hit among-st all...the users love the games for which he has to pay nothing and the attacker gets a lot of attack surface to play around...and then the DO IT YOUR SELF TOOLS again add to the attack surface.

WHAT CAN YOU DO TO AVOID THIS?

- Keep your android updated: Now in this case most of the devices till 4.2.1 may not support upgrades..but then you have to keep your fingers crossed!!!

- Refrain from android applications other then google play store.STill you have to be careful...wherever possible read the Terms and Conditions before installing

-  Avoid public open wifi connections

-  Limit your greed to free applications.You may google about the application on google before you install it on your device.

Tuesday, July 23, 2013

Treat your E-Mail address classified : ADVISORY

1.    Do you know that simply your E-MAIL disclosure to a person with malicious intent can be a key to disclosing your E-mail content and other personal attributes of life?...I mean it can invade your privacy...and just for info this is an active organised crime in the cyber world.

2.   What is the most important first thing that a hacker desires to know?....and the answer is the IP Address of the victim..and all it takes to know the IP address is to send a dummy mail at the victims id.. that's it....strange it may sound but there are so many websites offering you free solutions on how to get not only the IP address but also the browser and OS system details of the victim.One of the leading sites offering a free solution is SPYPIG...this site facilitates to let you know when your email has been read by the recipient! ...this happens in form of a intimation by SPYPIG as and when the e-mail is read by the recipient.

3.   Now some thing about SpyPig ....is a simple email tracking system that sends you a notification by email when the recipient opens your message.It works with virtually all modern email programs: Outlook, Eudora, Yahoo Email, Gmail, Hotmail, AOL Email and many others.In addition to the notification it actually sends you additional but undesired details also which can be exploited by malicious intent person.Thde details that can be used and exploited are shown here in the screen shot below in one test mail....

Red Encircled are the Critical Info

4.     But sadly,the recipient will never know of the fact that he is being tracked and so much of critical info has already swapped hands with unknown guys...I mean the OS,the browser with their respective versions etc....so in the state today the following preventions can be taken to avoid such a hijack :

-           Avoid opening E-mails from unknown sources

-      Disable Image display by default in E-Mail settings.This is important because this works on the funda of a hidden script in the image sent along with the mail.So if you disable the images display by default,it is unlikely that this will be executed.

-           Avoid sharing and disclosing your E-Mail addresses openly.

5.     To know about spypig visit : http://www.spypig.com

Saturday, June 01, 2013

Your passwords can be cracked easily if less then 16 Characters now!!!!

1.    When the IT security big bang of Do's and Don'ts started some years back it was widely advertised to the Cyber masses to keep their respective passwords any thing more then 8 characters with a mix and match of capitals and smalls with special characters...then this was increased to 10 and last heard it was 15...and was told that 15 character password which is not dictionary based will take years and is actually uncrackable...

2.  As recent as 4 days back,a team of 3(your read it rite it's three) hackers has been able to crack more than 14,800 supposedly random passwords from a list of 16,449 by simply brute forcing!!!!

Image courtesy : http://www.buzzquake.com/tag/brute-force-attacks/
3.   In December it was unveiled by Jeremi Gosney, the founder and CEO of Stricture Consulting Group, that a 25-computer cluster can cracks passwords by making 350 billion guesses per second. It can try every possible word in less than six hours to get plain text passwords from lists of hashed passwords...the word of significance is that you do not need high end machines and east-west architecture to build this kind of IT infra...it is simply a cluster of machines processing power...

4.   The general user in the cyber space like you and me have actually no control over which hashing process websites use and therefore remain at the mercy of an algorithm all would invariably be clueless about...so if you are concerned about security and your email id and password which is the key for so many transactions in your routine life.long passwords are the best defense....and not simply long it has to be a mix match of numerics,capitals,smalls and special characters!!!.

5.  All the best to all of us...keep surfing but avoid drowning!!!! :-)Thanks http://thehackernews.com

Wednesday, May 08, 2013

Central Monitoring System : Another step in the Wrong Direction ?


1.    The month of "May" has become started with a "Will" from Indian Government.Now after so many still unresolved issues on Facebook posts and similar things in respect of issues of privacy,it has come up now with Central Monitoring System(CMS).The concept was placed in parliament  some time in December 2012 by the then information technology minister Milind Deora on which the government plans to spend Rs 400 crore and this would "lawfully intercept internet and telephone services"

2.  Now this means that everything we say or text over the phone, write, post or browse over the Internet will be centrally monitored by Indian authorities.Every byte of what is being exchanged by you over the net would be monitored.....but is it actually required?I have doubts per-se owing to the amount of further investment it would require.At a time when Big Data analytics is still maturing,investing so much on monitoring and storing some portion of it pan India would be a herculean task.The key points that I found interesting are dotted below :

- With the lack of privacy laws to protect Indian citizens against potential abuse,this would set another example of wrong feather in the cap.

- CMS has been prepared by the Telecom Enforcement, Resource and Monitoring (TREM) and the Centre for Development of Telematics (C-DoT) and is being manned by the Intelligence Bureau. 

- Without any manual intervention from telecom service providers, CMS will equip government agencies with Direct Electronic Provisioning, filter and provide Call Data Records (CDR) analysis and data mining to identify the personal information and provide alerts of the target numbers.

- The estimated cost of CMS is Rs. 4 billion. It will be connected with the Telephone Call Interception System (TCIS) which will help monitor voice calls, SMS and MMS, fax communications on landlines, CDMA, video calls, GSM and 3G networks. Is their any thing on Mother India Earth left to monitor?

3. Now I fail to understand that how Government expects to monitor cyber criminals by this CMS? Does government actually intend to find out the actual potent and dangerous Cyber Criminals or are they only interested in finding love affairs of local boys and girls!!!coz if the intention is former,would the cyber gang do it without tricks?...without encryption?...without spoofing?...when things like stegnography,TOR,Anonymous etc are still to be deciphered....the cyber crime would go on as it is.The focus should have been on analyzing of what is floating around rather then monitoring open text and messages.

4.  For example if a person with malicious intent,uses Whonix or anonymous kind of OS from a local cyber cafe and then places his message vide a steganographed image that is encrypted,is their any way that this can be deciphered?....technology does not exist today to decipher all this quickly ..still time is there when we reach such a stage....few months back in Dec 2012 when torrent was apparently blocked on directives from Govt Of India,anonymous group had given a open letter shared at http://www.geektech.in/archives/9924.

5. Well it is very clear that the decision makers in such moves are unclear on technological reality but also provisions for a scenario like WAR within....each step in such a direction has to be taken carefully because these are really critical.Additionally,outsourcing such moves to unreliable or may be foreign firms may become a serious threat.....

6.  Well at the end of the day,it is just my view per-sewhich no body is bothered...but the repercussions are serious to be avoided and ignored

Tuesday, March 26, 2013

Whonix : Not just another ANONYMOUS OS!!!

1.     When u simply Google on "How to surf Anonymously on the web ? ".....u get a whooping 5,510,000 results in 0.19 seconds!!!!!but when u have such a plethora of options..how do u actually decide on which is actually worth? So there is TOR, then there is Anonymous OS.....did some one think Incognito?....:-)..so we have millions in the line!...so now what I am going to mention here is about Whonix OS.....few points about this as follows :

- An anonymous general purpose Operating System based on Virtual Box, Debian GNU/Linux and Tor.

- By Whonix design, IP and DNS leaks are impossible.

- Not even malware with root rights can find out the user's real IP/location.

- Whonix consists of two (virtual) machines.

-  One VM solely runs Tor and acts as a gateway, which we call Whonix-Gateway.

-  The other VM, which we call Whonix-Workstation, is on a completely isolated network.

-  Only connections through Tor are possible.

2.  When you download the image from the source forge site at http://sourceforge.net/projects/whonix/files/whonix-0.5.6/ you get basically three files.Two in the appliance format and one as a vmdk.So here is the basic diagram explaining the working architecture in WHONIX.

(Click on the image to enlarge)

3.   There is a small difference when we install this OS.Unlike the regular OSs wherein you get the .iso image of the OS and you install it in the typical manner,here the files you need to install are actually virtual appliances in form of .ovf and .ova format.How the installation is done is shown in the video cast below :



Sunday, March 24, 2013

Twitter Session Cookie Vulnerability

1.    This one is pretty easy to show and understand..but the only thing not understandable is the fact that it actually exists even today.....so this one is about Twitter Session Cookie Vulnerability.I got to know of this at Null's delhi meet where Rishi Narang (http://www.wtfuzz.com/ )gave this demonstration of which I made a video cast subsequently and uploaded it here at your tube.


2.    In brief it goes like this...u login into your twitter account,an auth_token cookie is generated in the crowd  of various other cookies.Now this cookie only will be able to log you in your twitter account from anywhere across the web....simply watch how to exploit!!!!

3.   Thanks Rishi Narang @ http://www.wtfuzz.com/

Saturday, March 16, 2013

Attacks@Image WaterMarking

1.    We keep exploring new grounds but also without realizing the pits it offers,we start playing games on it.Such is the world of IT,we keep discovering so many new technologies to strengthen and exploit for our use and we keep ourselves vulnerable!!!!

2.   Without wasting more words,this post would briefly mention about Image water marking and the type of attacks it remains vulnerable to.So first whats Image Water Marking??...an easy way to describe digital watermark is simply comparing it to a traditional paper watermark or a power point water mark which most of us might have even used at some point of time.Like Traditional watermarks offer proof of authenticity by being imperceptible, digital watermarks offer a way that allows a computer to read the mark but not by the human 6/6 eye....there are actually four essential parameters which are commonly used to determine the quality of water marking these are :

- Robustness
- Imperceptibility
- Payload 
- Security

3.   Now each of these parameters has a unique characteristic that makes the purpose of image water marking strong and adaptable.So when we speak about attacks on image water marking...the attacks again are classified as :

- Image Compression Attack : Primarily used to reduce the size of image in transmission.The original image remains most of it that it was but requires lesser bandwidth to move.

- Image Contrast Attack : To a human eye a slight change in contrast of colors makes a huge difference in overall perception

- Cropping Attack : A part of image gets cropped from original

Re sizing Attack : The image gets re sized from the original coords

- Rotation Attack : A simple clockwise or a anticlockwise attack would rotate the image from its original coords


Another categorization of the image water marking attacks contains four classes :(Source here : Abhishek Goswami)

Removal Attacks : Aim at the complete removal of the watermark information from the watermarked data without cracking the security of the watermarking algorithm

Geometric Attacks : Do not actually remove the embedded watermark itself, but intend to distort the watermark detector synchronization with the embedded information.

Cryptographic Attacks : Cryptographic attacks aim at cracking the security methods in watermarking schemes and thus finding a way to remove the embedded watermark information or to embed misleading
watermarks.

Protocol Attacks : Aim at attacking the entire concept of the watermarking application. This type of attack is based on the concept of invertible watermarks. The idea behind inversion is that the attacker subtracts his own watermark from the watermarked data and claims to be the owner of the watermarked data. This can create ambiguity with respect to the true ownership of the data. 




Wednesday, March 13, 2013

DRDO HACKED : NO....YESS...NO...YESS!!!!goes on...


1.    Now nothing new about this news....its just another hacking news among-st the millions of hacking news and scrolls daily....but it has become an eye popper because it has the word DRDO in it..... that's the Defence Research and Development Organisation.

2.   Though DRDO straight away denies it that it can never happen(whats the basis behind is a well guarded secret...)...but Pawan Duggal,a known Cyber Expert says that never in the history of "India Hacked" past has such voluminous data transferred and resided in servers outside the country borders.....video down here






3.    The hacking is suspected to have been carried out by Chinese hackers and there are fears that some sensitive information could have been compromised.When asked about it, Defence Minister A K Antony said, "Intelligence agencies are investigating the matter at this stage and I do not want to say anything else."

Commenting on the issue, DRDO spokesperson Ravi Gupta said, "As per our information, no computer or network of the DRDO has been compromised."(Offcourse they have records to prove that all sentries and guards were on duty at the moment hackers claim they hacked DRDO....pun intended SIR!!!!!)

4.     Today things in context of Cyber Security at national level stand at a very critical juncture...infact I feel that juncture is past now....we are already late...but still we read and hear that Cyber Security Policy of India will arrive soon.....(i know cut paste also takes time....pun intended!!!!!)..READ HERE

5. India I am sure will keep busy with hiding elephants......jantar mantar.......elections...2014....italy guards.....bhagwan etc etc...but if the priorities don't change the order soon...India will be backed up and downloaded in some other country sooon....it will be veri sad...we are one of the leaders in IT industry....specially software but we have not been able to exploit this potential for in house strengthening...we are all concerned for individual growth...vo subah kabhi to aaayegi....vo subah kabhi to aaayegi!!!!!

Friday, December 21, 2012

MSE : Loosing Shine

1.   Since last few years any one who asked me on recommending a Antivirus for his/her PC...I would always say if you have a original Windows...then leave your worries to MSE...thats Microsoft Security Essentials ie MS's own antivirus or may be I would recommend Kaspersky PURE in few other cases who were not happy with MSE.

2.  I had been using MSE for my own system as well...and I found it worked pretty fine...light on use and had no major compatibility and configuring issues since it worked mostly in the background.But there has been some decline in recent time and efforts by Microsoft in keeping with the pace of the hackers and cyber criminals!!!

3. The AV-TEST Institute,the leading international and independent service provider in the fields of IT security and anti-virus research.It uses state-of-the-art methods and research work to carry out AV-TESTs to  directly detect the latest malware, to analyse it  and to inform web site visitors top-quality results obtained.So the latest results showed MSE being given 1.5 out of 5 maximum ratings.The screen shot from the link http://www.av-test.org/en/tests/home-user/windows-7/sepoct-2012/ is shown below :

Click on image to Enlarge

4.   And to me, that's a huge concern considering how Windows 8 itself draws on a lot of MSE for its own in-built security....:-)

Need of Encryption : Your files - Your Data


1.   In today's times when every spying eye,every hacker on the web is eyeing your info.... apart from hardening your OS and configuring your system securely what else can you do to secure your info after some one gate crashes into your system?.....I mean after someone gets your root privileges via remote access...what are the options to save your self from sharing your critical data with him?The answer is ENCRYPTION...

2.   Encryption is the process of encoding your information) in such a way that hackers cannot read it, but that authorized parties can.So without getting into the nitty gritties of what is Encryption and how it works..i am focusing here of what all opensource and free applications are available for encryption...

3.   First I would mention about TrueCrypt,this is the one I have been using for years...the reliability of this application can be gauged from the fact that in 2008, the FBI attempted to break encryption on hard drives using a program called TrueCrypt, but the equipment was finally returned after a year of failed tries.(Source : http://www.webcitation.org/query?url=g1.globo.com/English/noticia/2010/06/not-even-fbi-can-de-crypt-files-daniel-dantas.html)

4.   The other strong opensource software's available for encryption are :

    - E4M ie ENCRYPTION for MASSES)
    - Free OTFE
    - Scramdisk

5.   TrueCrypt remains the best bet for all present users.The popularity can be gauged from another fact that this is being used by cyber criminals to!!
Powered By Blogger