Social Icons

Showing posts with label info security. Show all posts
Showing posts with label info security. Show all posts

Saturday, July 06, 2013

Spying your friend at WhatsApp : Cause of concern

1.   In my last post here,I discussed about the growing lure of using WhatsApp and the basic security concerns that comes with it from point of a naive user.Now will take you one step higher to the level of a script kiddie....

2.  How does WhatApp identify you in billions?The answer is the unique MAC address that each digital device on this earth holds. If any one changes his/her device,then automatically the MAC address also changes and the user is requested to re-verify their WhatsApp account. Means he/she cannot access same WhatsApp account from two devices. But is MACSPOOFING not existing ?So,if the Mac is spoofed,then who stops from seeing your friends traffic that includes his/her chats,downloads etc!!!although for a naive user this may be look of some technical nature but for the young gen which has lots of techno enthusiasts there should be no stopping....that would include rooting your phone and installing Busybox. How to get your friends MAC address,here it goes :

For Android phone users simply go to settings—> About phone—> Status—> Wi-Fi MAC address.

For iPhone users go to Settings—> General—> About—> Wi-Fi address.

For Windows Phone users go to Settings—> About—> More info—> MAC address.

and for BlackBerry users go to options—> Device—> Device and Status info—> WLAN MAC.


3.   And the best part is that your Andorid can be anyone starting from 1.6 on wards till date.

Thursday, December 20, 2012

TrueCaller : Is it Stealing your Info?

1.    TrueCaller is one famous application doing the rounds on Twitter Google+ Facebook Android Phones.The claim by the application goes like you login from either of the applications and you would be able to know the name of the mobile phone number owner by name.The claim actually stands right in over 90 % of the cases that I tried.This made me wonder how?...i thought like all those free forms that we keep regularly filling on the internet or some grocery shop for some free bundles or if TrueCaller has tied up with the mobile phone service providers?But then something happened that made me a little suspicious about this app.It so happened that I tried my mom's number on the application and so came the answer like "TIWARI MAM"....this made me think of how would the application know that my mom is a teacher...

2.   So I wondered if the application after installation on your mobile device actually makes all the contacts phone number available on the site with the name that I have typed against that number!!!So I tried mine which was not available, by the name "anupam CCCSP"



3.  Though it did not show promptly but after a day after I typed my phone number it came to be seen as "anupam CCCSP".So this actually means that the application is actually stealing and making my contacts info on my phone public!!!!...but then I also realized that it was me only who agreed to the terms and conditions while installing the app on my phone which most of us including me never read.

4.   So it comes actually to the naiveness of the common user who invariably without reading any of the terms and conditions agrees to install.....:-) 

Thursday, December 13, 2012

TRUE CRYPT IN FEDORA 17: INSTALLATION

1.   The earlier version of Fedora had some token issues to deal with while installing True Crypt but not with this Fedora 17 Beefy Miracle.

2.   Few commands to be run from root after downloading the requisite version from the True Crypt site go as follows :

tar xvf truecrypt-7.1a-linux-x86.tar.gz 

yum install nss-pkcs11-devel fuse-devel wxGTK wxGTK-devel

yum load-transaction /tmp/yum_save_tx.2012-12-13.14-20.laXbNn.yumtx

yum install gnome-keyring-devel gcc-c++

export PKCS11_INC=/usr/include/gp11

./truecrypt-7.1a-setup-x86 

3.   Well if there are some token issues like shown below : 

../Common/SecurityToken.cpp:660: error: ‘CKR_NEW_PIN_MODE’ was not declared in this scope
../Common/SecurityToken.cpp:661: error: ‘CKR_NEXT_OTP’ was not declared in this scope

then you need to Open Common/SecurityToken.cpp in any editor and Scroll to line 660 and simply Comment out line 660 and 661. It should look like this after you edit:

//TC_TOKEN_ERR (CKR_NEW_PIN_MODE)
//TC_TOKEN_ERR (CKR_NEXT_OTP)

Monday, November 01, 2010

6$ is all to shut down a Cloud Client site!!!!

1.    CaaS,as mention at an earlier blog post here,has come up with a new success(or is it failure?) story.Now this goes like this.....invest $6 and take down any client's server with the help of Amazon's EC2 cloud infrastructure!!!!!  

2.    The cloud-based denial-of-service attack was part of a presentation : Cloud Computing, a Weapon of Mass Destruction? An onsite demo during the presenatation by Bryan and Anderson involved entering a name and credit card number, the experts created a handful of virtual server instances on Amazon's EC2. They started with only three virtual servers, uploaded their prototype attack tool, called Thunder Clap, scaled up to 10 servers, and then took their client's company off the Internet.Security consultants David Bryan of Trustwave and Michael Anderson of NetSPI said that they encountered nothing to stop them, like no special bandwidth agreements and no detection mechanisms for servers taking malicious actions. Their Thunder Clap program uses cloud-based services to send a flood of packets toward the target company's network. They reported that they can control the software directly or through a command left on a social network.Bryan and Anderson launched the attack to test their client's network, a small business that wanted its connectivity tested. According to DarkReading, Bryan said, "A threat agent could potentially run extortion schemes against a company by attacking for a couple of hours -- and then telling the company that, if you don't pay me, then I will attack you again." Amazon reportedly failed to reply to complaints by the security consultants.

3.    This can provision customised Botnets availability on rent, giving "would-be attackers a criminal 'cloud' from which to buy services."......seems like it is still tooo early to rely 100% on CLOUDS!!!!!!

Tuesday, October 26, 2010

Crack 14 Character passwords in Seconds : Objectif Sécurité

1.    There have been articles and forums on the powerful high speed GPU (video card) processors being able to easily provision cracking passwords very apace.A new technology steps here to rule the roast and allow password cracking upto 14 characters in seconds.....this is  called Objectif Sécurité ,by a Swiss security company,which uses rainbow tables on SSD drives.Seemingly it is the hard drive access time and not the processor speed that slows down cracking speed. So using SSD drives can make cracking faster, but just how fast? This technique has a phenominal capacity that could crack passwords at a rate of 300 billion passwords a second, and could decode complex password in under 5.3 seconds.

2.    A real time demo of cracking is available on line at Objectif’s free online XP hash cracker.Just visit the link and see urself by mentioning the hash in the text box.....astoundingly simple....

Monday, October 11, 2010

Stuxnet : A Milestone in Malicious Code History

1. Stuxnet,the internet worm,intent of which was thought to effect Iran's nuclear programme has now taken a U Turn towards HINDUSTAN....

2. American cyber warfare expert Jeffrey Carr has assured the GoI,that China the originator of this worm which has terrorised the world since Mid 2010. Ascribing the break down of ISRO's INSAT 4B satellite a few months ago ,Carr said it is China which gained from the satellite failure. Although he re affirms that the conclusions are not definite.Invariably the effected systems are loaded with a Siemens software which have been specifically targetted to which Siemens has released a detection and removal tool.Siemens recommends installing the Microsoft patch for vulnerabilities and disallowing the use of third-party USB sticks.It is further contemplated that incorrect remotion of the worm could cause irrepairable damage.

3. Jeffrey Carr says "The satellite in question (INSAT 4B) suffered the power `glitch' in an unexplained fashion and it's failure served another state's advantage -- in this case China," he said.The connecting link between INSAT 4B and Stuxnet is that the Siemens software is used in ISRO's Liquid Propulsion Systems Centre ie S7-400 PLC and SIMATIC WinCC.Something about Stuxnet...these attack Windows systems using four zero-day attacks and targets systems using Siemens' WinCC/PCS 7 SCADA software. It is initially spread using infected USB flash drives. Once inside the system it uses the default passwords to command the software.Few intretsing things about this :

- Half a megabyte in size 
- Written in different programming languages (including C and C++) 
- Digitally signed with two authentic certificates which were stolen from two certification authorities (JMicron and Realtek) which helped it remain undetected for a relatively long period of time. - Capabable to upgrade via peer to peer.
- Eric Byres, an expert in maintaining & troubleshooting Siemens systems, expects that writing the code would have taken many man-months.

4. Stuxnet is a threat aiming a specific industrial control system such as a gas pipeline,satellite systems & power plants. The ultimate goal of Stuxnet is to sabotage the facility by reprogramming programmable logic controllers (PLCs) to operate as the attackers intend them to, most likely out of their working and identified boundaries.This worm represents the first of many milestones in malicious code history ,it is the first to exploit four 0-day vulnerabilities, compromise two digital certificates, and inject code into industrial control systems and hide the code from the operator. Whether Stuxnet will usher in a new generation of malicious code attacks towards real-world infrastructure,overshadowing the vast majority of current attacks affecting more virtual or individual assets—or if it is a once- in-a-decade occurrence remains to be seen.Stuxnet is of such great complexity requiring significant resources to develop—that few attackers will be capable of producing a similar threat, to such an extent that we would not expect masses of threats of similar in sophistication to suddenly appear. However, Stuxnet has highlighted direct-attack attempts on critical infrastructure are possible and not just theory or movie plotlines.The real-world implications of Stuxnet are beyond any threat we have seen in the past. 

5. When is India actually going to work for itself rather then performing across the globe...y is the world telling us that we are effected here...even in the case of SHADOWS IN THE CLOUD...we were told by the Shadow server foundation that our institutes have been compromised inspite of the fact that we have all it takes to take the IT world by storm...but we are all working for ourselves...and not for own country...cream is flowing out and getting outsorced..IT IS ACTUALLY SAD THAT THE WORLD KNOWS INDIA'S POTENTIAL BUT THE INDIANS DONT KNOW THIER OWN.....
Powered By Blogger