Social Icons

Friday, August 16, 2013

If u r Google Service User : Don't EXPECT any Privacy@MISINTERPRETED!!!!!

1.    For about last 4-5 years ,we have come across many debates about how so many companies are minting our private data and associating that with third parties to create a profile based marketing environment in and around the naive user....and except for the few white papers about the technicalities involved in doing this ...max of the companies had denied mincing with privacy..but actually they were just mincing with words to have their way inside the privacy den of each user!!!!and now the big revelation from Google comes as part of small news...and that says 

"Google Tells Court You Cannot Expect Privacy When Sending Messages to Gmail -- People Who Care About Privacy Should Not Use Service"

But it seems that the meaning has been mis interpreted....


2.      Isn't it a big news otherwise!!!!but the news has been put across the web as just a small snippet news....

"Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS provider in the course of delivery. Indeed, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.” Smith v. Maryland, 442 U.S. 735, 743-44 (1979). In particular, the Court noted that persons communicating through a service provided by an intermediary (in the Smith case, a telephone call routed through a telephone company) must necessarily expect that the communication will be subject to the intermediary’s systems. For example, the Court explained that in using the telephone, a person “voluntarily convey[s] numerical information to the telephone company and ‘expose[s]’ that information to its equipment in the ordinary course of business.” 

 3.      Now this declaration by Google has two connotations : one from point of view of a user who is only concerned about his private life,his social exchanges with friends,relative and office staff...and then the other point of view has a deeper meaning to it.The line highlighted above has been widely misinterpreted to make it seem like Google is saying Gmail users have no expectation of privacy when they use Gmail. To clarify and paint a better picture,Google's argument is about non-Gmail users who haven't signed Google's terms of service. It's right there in black and white — the heading for the section literally starts with the words "The Non-Gmail Plaintiffs."




 4.     But that does not mean the gmail users can take a back seat and relax about being safe again...the issue is too complex to have a clear cut YES...OR NO....the surfing goes on.....

Wednesday, August 14, 2013

Being CEH : Certified Ethical Hacker V8

1.    After CCCSP,,my efforts to clear a EC-Council exam finally paid off....and today I passed my CEH V8 exam....the feeling of being a CEH is yet to set in...but yess!!!it feels good to clear a exam which has good repu in the security world....one thing I would like to share is that though the exam covers nearly all domains and spheres of security and hacking but still ,end of course does not mean that a guy can hack into any site and create havoc...but yess it does make you understand the nuts and bolts of how one can do it...and more importantly from a CEH point of view...what and where are the vulnerabilities?

2.  CEH is all about offensive hacking.The amount of tools that are available today in the open source world is mind boggling...and the best part is the course ware that the student gets...its great!!!!I can just say that...it all comes with a set of 6 CDs which have thousands of PDFs and tools.If one starts doing each and every practical aspect of this course-ware it will take more than a year to assimilate and do it on a VM platform...so that is definitely going to keep me busy.The best part is that all this is explained with screen shots and step by step instructions.


3.   As i keep doing these practicals on my VM...will try certainly uploading and sharing with you guys!!!!will get my hard copy of the certificate in a few weeks from now...anxiously waiting!!!!

Tuesday, August 13, 2013

Lure of a FREE PEN DRIVE : MALWARE'd

1.   If you are one of those guys who are regular to attend workshops, seminars, product launches , lectures...you must have got varying opportunities of getting hold of freebies in form of bags,brochures and PEN DRIVES....yess m sure the last one is a pure lure and most of the times everi one of us falls for it...be it a small capacity or a large capacity...the hand does not think twice before picking it up....but does any one of us realise that it may be these pen drives who become the first source of uploading some malware or a virus in your PC or laptop...the moment it is plugged in .....the machine is compromised.....unless the autorun is disabled...which in most of the cases is not.....


2.  The concept of zero day exploits has made it more dangerous....coz even if the user decides to run a antivirus scan...it will be shown free of any kind of virus or malware...the result is a silent compromise of the machine...however updated it remains in respect of OS or browsers or any application....the silent action in the background defies every lock of the user.Now all this is not based on some kind of imagination...there have been real life cases of which the one which made lots of noise is the IBM-AusCERT conference on the Gold Coast, Queensland, in which the free pendrives were infected by not one, but two pieces of malware.The details available at this link http://nakedsecurity.sophos.com/2010/05/21/ibm-distributes-usb-malware-cocktail-auscert-security-conference/

(CLICK ON THE IMAGE TO ENLARGE)
3.   In what must have been a highly embarrassing admission, IBM Australia sent an email to all AusCERT attendees warning them of the security screw-up...as shown in the screen shot above...besides this the famous stuxnet example was via pendrives lure....so if this is happening at such high levels of interactions,can the workshops u and me attend be left behind!!!!no way....so whats the way out?....best way is to buy one from a genuine store...(not sure how clean will that be?)...or still better refrain your self from picking one free pendrive.




Monday, August 12, 2013

Pirate Bay Web browser : Yess!!! it's here....

1.   This is another tool to make you access that you cannot.Majorly known for allowing movie downloads,the pirate bay has launched this browser to celebrate its 10th anniversary....PirateBrowser is a bundle package of the Tor client (Vidalia), FireFox Portable browser (with foxyproxy addon) and some custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens...
The website at http://piratebrowser.com/ says "PirateBrowser - No more censorship!"

2.  We all have heard of TOR...so you configure that TOR more tightly and should be able to access what is not allowed....while it uses Tor network, which is designed for anonymous surfing, this browser is intended just to circumvent censorship — to remove limits on accessing websites your government doesn't want you to know about....

3.   But except for few of security guys and some extended circle of those guys...the general crowd would still keep using the chrome and Internet browser.....because most of them do not understand the long term effects of invasion of privacy and neither anyone is interested!!!!

CARRY ON....SURFING!!!!!!more at http://piratebrowser.com/

ARACHNI Web Scanner

1.    When we start finding vulnerabilities in a web application,either we have a option to do it manually by putting in hours of patience and grilling or we generally hear the commonly used tools like Acunetix and few other online scanners...or for may be afford a luxury like IBM - Proventia Network Enterprise Scanner ..but there is an open source tool option to Acunetix. Takes lil bit of time but the amount of options that it offers are huge...and gives a great report that is exhaustive.


2. Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives. It is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits, to a multi-user multi-scan web collaboration platform.


3.   Arachni is a fully automated system which tries to enforce the fire and forget principle. As soon as a scan is started it will not bother you for anything nor require further user interaction.Upon completion, you will be able to export the scan results to several different formats (HTML, Plain Text, XML, etc.).Few useful pointers about details of this good scanner : 

Download from         -  http://www.arachni-scanner.com/download/

Homepage                 - http://arachni-scanner.com

Blog                          - http://arachni-scanner.com/blog

Documentation          - https://github.com/Arachni/arachni/wiki

Support                     - http://support.arachni-scanner.com

GitHub page              - http://github.com/Arachni/arachni


Author                     - Tasos "Zapotek" Laskos (http://twitter.com/Zap0tek)

Twitter                    - http://twitter.com/ArachniScanner

4.    To use Arachni run the executables under "bin/".

To launch the Web interface:

   cd bin
   ./arachni_web in a separate terminal
and ./arachni_rpcd in a separate terminal

Default account details:

    Administrator:

        E-mail address: admin@admin.admin
        Password:       administrator

    User:

        E-mail address: user@user.user
        Password:       regular_user

5.    For a quick scan: via the command-line interface:

    bin/arachni http://test.com

6.     For detailed documentation see:        http://arachni-scanner.com/wiki/User-guide

Thursday, August 08, 2013

Creating ISO images in Linux : FEDORA 19

1.  Few useful commands to create ISO images in linux :

First install mkisofs from root by typing :

yum install mkisofs

In most of the recent linux distros...this would invariably be pre-installed...the above command will work for yum installations

If u require to create an iso file from a directory containing other files and sub-directories via the terminal, you can use the following command:

mkisofs -o image.iso -R /path/to/folder/

An example is shown below : here YOURFILE is the name of the ISO image that will be created and then is the route where the data is stored.

mkisofs -o YOURFILE.iso -R /run/media/kurta/CEH\ Tools\ Vol-1/


Sunday, August 04, 2013

Making GOOGLE search safe for Kids : Two steps

1.    Invariably in most of the homes barring few...the desktop or the laptop is shared by all...including your enthu and school going kid.Today Google has become part of our lives...be it office or home or school lessons..it is always there.But at times it may become embarrassing when some inappropriate content is shown in presence of your kid while searching for something that your search may not be connected with at all.At these times there are basically two steps to more safe surfing.Google has given this in settings, but by default they are off.Though Google does not promise that after configuring in the way presented below,the content flashed is guaranteed to be safe but yess...it will be much filtered and safer...

First Google search configure :

Goto http://www.google.com/preferences

and check the option to Turn on SafeSearch to filter sexually explicit content from your search results as shown in the screen shot below :

CLICK ON IMAGE TO ENLARGE

Second step is to configure your youtube settings.


and move to the bottom of the screen and check the option to Turn on safety mode to hide videos that may contain inappropriate content flagged by users and other signals.

CLICK ON IMAGE TO ENLARGE

Zoomed portion shown below :

CLICK ON IMAGE TO ENLARGE

A video screen cast of both the settings shown below vide youtube :


DON'T FORGET TO CLICK THE SAVE OPTION AFTER CHECKING THE OPTION



Fedora Security Labs

1.   The Fedora Security Lab provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations.

2.    The spin is maintained by a community of security testers and developers. It comes with the clean and fast LXDE Desktop Environment and a customized menu that provides all the instruments needed to follow a proper test path for security testing or to rescue a broken system. The Live image has been crafted to make it possible to install software while running, and if you are running it from a USB stick created with LiveUSB Creator using the overlay feature, you can install and update software and save your test results permanently.

3.    Download the .iso file from http://spins.fedoraproject.org/security/#downloads

Here in the video below,basic running of the lab along with inside features available inside are shown...


Your ANDROID APPLICATIONS : Mining your profile

1.    It is common for us to hear a company promoting its phone or tablet showcasing that lakhs of android applications are available for free...and the poor(???) customer generally falls for it...so he buys the device and immediately starts exploiting the world of millions of applications on the net and the Google play store...now off course Google just does not upload a application for download once the up loader does his part of the formalities and registration...it checks under its set of QRs if the application is ok from the point of being malicious in nature or not but that does not always works....so many times android applications even in the Google play-store have been found to be suspected...now lets keep suspected apart...does the typical user even checks the terms and conditions of any application before installing?...the blind rule is JUST ACCEPT IT!!!and this goes against the user...this allows invasion to privacy...why should a company ask to access your phone contacts..your location..your system settings...your configuration settings before it allows to install it application on your device...BUT NO ONE THINKS ABOUT THIS!!!!

Back in February of this year, Google announced it was hardening its stance on Android security, unveiling an app-scanner (codenamed Bouncer) to weed out malware uploaded to Android Market (now Google Play) through automatic scanning. Since then, Google has taken more steps to protect Android users: it acquired VirusTotal back in September and in Android 4.2 Jelly Bean introduced an optional app verification feature that enables users to identify dangerous and potentially-dangerous apps on their devices, even if they downloaded them from the Web or got them from an app store other than Google Play.
How have Google’s efforts to combat Android malware been working out? Perhaps not so well. Security researchers were quickly able to analyze how Bouncer operated and find easy ways to circumvent Google Play’s automated scanning — techniques publicly available now to malware authors if they hadn’t managed to think of them on their own. Further, Xuxian Jiang of North Carolina State University has published an assessment of Jelly Bean’s app verification capability. The results? Google’s app verification service identified just over 15 percent of malware samples thrown at it from the Android Malware Genome Project


2.     Mobile malware is lately becoming a organised crime with complex sophistication in terms of tracking back....and this makes the attack surface for the hacker and the black hats more big and the user more vulnerable at the same time....The most common victim is the one who looks for free applications in various heads of education...technology and not to forget the games section which is a big hit among-st all...the users love the games for which he has to pay nothing and the attacker gets a lot of attack surface to play around...and then the DO IT YOUR SELF TOOLS again add to the attack surface.

WHAT CAN YOU DO TO AVOID THIS?

- Keep your android updated: Now in this case most of the devices till 4.2.1 may not support upgrades..but then you have to keep your fingers crossed!!!

- Refrain from android applications other then google play store.STill you have to be careful...wherever possible read the Terms and Conditions before installing

-  Avoid public open wifi connections

-  Limit your greed to free applications.You may google about the application on google before you install it on your device.

Saturday, August 03, 2013

Fedora 19 USB automount doesn't work : SOLVED

Having installed Fedora 19 Schrodinger's Cat recently, a problem came up that the USB that used to get auto detected in earlier versions stopped working......and could not be seen anywhere in the file manager...and the disk showed the following screen which has no USB disk.

(CLICK ON THE IMAGE TO ENLARGE)

But the good thing is that on doing LSUSB at the terminal it was being shown as follows :

Bus 001 Device 002: ID 4033:0042 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 002: ID 4051:0030 Intel Corp. Integrated Rate Matching Hub
Bus 001 Device 001: ID 3d4b:0008 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1f6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0f6d:081b Logitech, Inc. Webcam C310
Bus 001 Device 004: ID 0c61:4d0f Primax Electronics, Ltd HP Optical Mouse
Bus 002 Device 005: ID 03f0:5201 Sandisk 

so mounted it the terminal way..

make a directory in home by the name of usb

mkdir usb

and

at the terminal type lsblk that will give you where to mount.In my case it is sdc1. My output comes as follows :

NAME            MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda               8:0    0 931.5G  0 disk 
├─sda1            8:1    0 488.3G  0 part 
└─sda2            8:2    0 443.2G  0 part 
sdb               8:16   0 465.8G  0 disk 
├─sdb1            8:17   0   100M  0 part 
├─sdb2            8:18   0   500M  0 part /boot
└─sdb3            8:19   0 465.2G  0 part 
  ├─fedora-swap 253:0    0   5.8G  0 lvm  [SWAP]
  ├─fedora-root 253:1    0    50G  0 lvm  /
  └─fedora-home 253:2    0 409.4G  0 lvm  /home
sdc               8:32   1    30G  0 disk 
└─sdc1            8:33   1    30G  0 part /home/kalama/usb
sr0              11:0    1  1024M  0 rom 

now at the terminal simply type

mount -t vfat /dev/sdc1 /home/kalama/usb/


thats it ..now it will start showing when you do df -h as shown below :

[root@localhost ~]# df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/fedora-root   50G  4.8G   42G  11% /
devtmpfs                 2.9G     0  2.9G   0% /dev
tmpfs                    2.9G  664K  2.9G   1% /dev/shm
tmpfs                    2.9G  968K  2.9G   1% /run
tmpfs                    2.9G     0  2.9G   0% /sys/fs/cgroup
tmpfs                    2.9G   36K  2.9G   1% /tmp
/dev/sdb2                477M  117M  331M  27% /boot
/dev/mapper/fedora-home  403G  173M  383G   1% /home
/dev/sdc1                 30G   16G   15G  53% /home/kalama/usb


Is PORT SCANNING legal in INDIA?

1.   The IT security guys have so much to experiment and learn vide unending open source information and tools available on the net.Be it BACKTRACK or Wireshark or Nmap or nessus or Canvas(not opensource) or a web scanner like Acunetix or Arachini and the list is unending....there is lots to do...but do we actually know that simply running a port scan on the internet is a crime in other parts of the world?

2.   In countries like Australia,UK , port scanning is recognized as a "potential attempt" to infringe on a system and that's a simple truth....no body would run such tools openly available without intent. Yess!!!...the intent can be educating self but the other side can be bad intent and no one can prove whats the intent inside the person's mind.It may change the moment he realizes he/she is caught.In the United States there is no need to prove intent and port scanning is considered illegal.So even installation of such tools is a crime.So if a naive script kiddie from India goes with his laptop to US with a virtual box machine holding a OS with a port scanner...he is a cyber criminal the moment he lands in the US.

3.   Today we in India do not have straight and clear laws defining whether running such tools or installation is a crime or not coz the whole thing is COMPLEX.The compliance laws across countries vary and that too drastically...it may be acceptable in a country like India and it may be serious offence in US.So seeing from the current state of affairs in India,it does not look like if a day will be near when such stringent guidelines exist in India to restrict all these uses and installations...or let it be restricted to professionals only.....but then who will define a Cyber Security Professional....CDAC or CEH or some other such agency....these institutes can be a critical node in identifying and certifying cyber security professionals to measure and endorse the intent...but at the end of the day we all are humans...and we know that "too err is human"....so a agency certified person finally has himself to decide whether he uses a black hat or a white hat!!!! :-)

4.   Meanwhile students and IT security enthusiasts should take care of running such tools on the internet coz these are serious tools who can break into some one's privacy...and if the victim gets serious after you...things will be bad enough to land you behind bars...so the best place to experiment with such tools is a virtual environment that can be available vide Virtual box or vmware etc....Security guys and enthus should be familiar with the excellent Open Source Security Testing Methodology Manual (OSSTMM), which provides best practices for these situations.

PLEASE TAKE CARE TO RUN THE CYBER SECURITY TOOLS BEFORE THE LAW STARTS RUNNING AFTER YOU

Wednesday, July 31, 2013

XP still Continues though "eXPired"

1.    XP has now got the authorized prefix and suffix to get renamed as "eXPired" since it has been now officially announced by Microsoft as discontinued and has advised XP and Office 2003 users to migrate to Windows 7 and Office 2010 and thus systems are left vulnerable to new forms of malware. No further support to XP...no patches to update...no updates by Microsoft.....but certainly it will take time for XP to get disowned by more then a decade old loyal user population most of whom made their first PC experience with a XP machine...for a home guy who surfs net...it will be difficult to make him/her understand about how vulnerable he/she is now....actually very difficult.

2.    But what about the corporates and govt sector offices? I am sure private sector will make a fast change since it may adversely effect their business model in case of a undesired info leakage or a hack!!!Only recently I made a visit to a post office in Delhi for doing a speed post...wherein the dedicated  loyal postmaster was using a xp machine connected to Internet.I informally asked him about any upgrades in OS planned in their department to which he replied confidently that it's not required since it is working fine.Today the Indian postal department is slowly getting online.Today thanks to vision implementation of the government(though late) that we are able to locate the movement of a speed post letter...what time it was opened..whats the location and when it got delivered...etc etc..but all this can go waste and get a setback if the backbone nodes are not updated and monitored....more so if the staff handling all the machines are low on security aspect.

3.   Well...this postal department is one of the examples cited here since I just interacted with one of them today...but the risk stakes are high when we see this at national level...all the online-governance machines located in remote areas...have they been ensured removed of XP?....if it has not been done....this can be just on the lines of zero day exploits...in this case there must be millions of machines thrown open to hacking....and invasion to classified information.

Tuesday, July 30, 2013

NULL MEET: Open Source Security Testing & OSSTMM

1.    NULL,Delhi chapter organised this wonderful meet with the OSSTMM Guys incl  Joerg Simon and Fabian Affolter...well...at the time of registration I never knew what's OSSTMM but then we have google to answer that and after reading about OSSTMM....its a great way to broaden your horizons of security domain....It stands for "Open Source Security Testing Methodology Manual" ie OSSTMM...few pics from the meet



2.    More about OSSTMM at the following links :

www.osstmm.org/
https://www.facebook.com/OSSTMM


3.    Thanks to the delhi NULL chapter moderators Sandeep and Vaibhav for arranging the meet and great interaction....




Tuesday, July 23, 2013

Best IT SECURITY INFO & NEWS SItes

1.         IT Security enthusiasts guys/girls always keep looking forwards to discovering new sites that keep them enriched with latest happenings in the buzzing IT SECURITY world...I am listing out a list of sites that I keep abuzz with.These are not necessarily in the order of my preference or have any kind of ratings or ranking....but a whole lot of enriching info is available for every cyber security guy!!!

http://www.schneier.com/

http://thehackernews.com/

https://www.privacyrights.org/

https://www.owasp.org is specific to web application security subjects

http://www.itsecurity.com/

http://technet.microsoft.com has more of MS related aspects

http://csrc.nist.gov/

http://www.sans.org/

http://www.securityfocus.com/ : by Symantec

http://www.cert.org/

http://www.scmagazine.com/

http://www.securityweek.com/

http://nakedsecurity.sophos.com/

http://www.darkreading.com/

....surf few of them and enrich your self!!!!all the best

Treat your E-Mail address classified : ADVISORY

1.    Do you know that simply your E-MAIL disclosure to a person with malicious intent can be a key to disclosing your E-mail content and other personal attributes of life?...I mean it can invade your privacy...and just for info this is an active organised crime in the cyber world.

2.   What is the most important first thing that a hacker desires to know?....and the answer is the IP Address of the victim..and all it takes to know the IP address is to send a dummy mail at the victims id.. that's it....strange it may sound but there are so many websites offering you free solutions on how to get not only the IP address but also the browser and OS system details of the victim.One of the leading sites offering a free solution is SPYPIG...this site facilitates to let you know when your email has been read by the recipient! ...this happens in form of a intimation by SPYPIG as and when the e-mail is read by the recipient.

3.   Now some thing about SpyPig ....is a simple email tracking system that sends you a notification by email when the recipient opens your message.It works with virtually all modern email programs: Outlook, Eudora, Yahoo Email, Gmail, Hotmail, AOL Email and many others.In addition to the notification it actually sends you additional but undesired details also which can be exploited by malicious intent person.Thde details that can be used and exploited are shown here in the screen shot below in one test mail....

Red Encircled are the Critical Info

4.     But sadly,the recipient will never know of the fact that he is being tracked and so much of critical info has already swapped hands with unknown guys...I mean the OS,the browser with their respective versions etc....so in the state today the following preventions can be taken to avoid such a hijack :

-           Avoid opening E-mails from unknown sources

-      Disable Image display by default in E-Mail settings.This is important because this works on the funda of a hidden script in the image sent along with the mail.So if you disable the images display by default,it is unlikely that this will be executed.

-           Avoid sharing and disclosing your E-Mail addresses openly.

5.     To know about spypig visit : http://www.spypig.com

Friday, July 19, 2013

"Terms & Conditions Apply" : Bon Voyage to your Privacy

1.   How many of you actually read the complete word set of "Terms and Conditions" of an application like Chrome browser ,Facebook or some thing like WhatsApp,Truecaller etc.....m sure no one hardly has time for that....ok...just for info please read the excerpt below :

Google's terms of service, for instance, clocks in at 1,711 words, according to an AFP count, not including a separate 2,382-word privacy policy that is still about 1,000 words shorter than the Google Chrome browser policy

Facebook's terms of service clocks in at 4525 words....(I did a word count with a libre office)

WhatsApp terms of service clocks in at 6549 words....(I did a word count with a libre office for this too :-)

2.    So at the above rate for a typical Internet user who installs the regular OS,Word ,PDF,VLC, it would take about 200 hours the equivalent of about one full month of work a year to fully read all the terms and conditions attached to his or her favorite websites.Will any person on earth do it?Now think over the fact that why would a company legally bind every user with thousand of words of legal agreement...what could be the motive...the motive of any company on the web is not just to save its own credibility and ass but the real motive is mining data...that's why most of it is free...why would chrome be free or for that matter why so many applications are free?...I am not trying to demean the OPENSOURCE community here who are doing a great job and I am a strict FOSS for that matter...but I would like to focus on other applications like WhatsApp,Truecaller...and so many uncountable Android,Gaba,Windows mobile applications etc....


3.   A simple click by you on Accepting the Terms and Conditions of the the application company allows your consent to online lives being archived, shared with third parties or passed on to government agencies without notice....and that's a very very serious privacy breach today when we know that in another about 4-5 years to come when our digital dependence would be like never before...this can mean havoc....for example a school student who has a home computer based on pirated or for this matter even genuine OS with loads of software's with separate set of terms and conditions.....will have his/her literally whole life profile including his FB posts,his/her preferences,his phone calls,his phone contacts,audio recordings,photographs,his/her secrets of life and anything that can be his/her privacy attribute known to the third parties with whom he has no concern...and these third parties will have their ways and means to effect his/her life in so many ways then....!!!!!


Thursday, July 18, 2013

Keep Changing Your Antivirus : CRUDE but EFFECTIVE Solution to curb Virus menace

1.    We all understand the importance of anti virus today.From a naive user point of view, a user can go for the cheapest of the lot or may be if some one is worried enough he would go for the costliest one....but does that matter in an overall context? I mean w.r.t to the serious business model that this antivirus corporate sector has emerged like....lets see it here down below that brings out the country association of each leading antivirus company :

AVG                                                        :  Czech Republic

Kaspersky                                                :  Russia

Avast                                                        :  Czech Republic

Norton Symantec                                      :  U.S

Avira                                                         :  Germany

E-Set                                                        :  Slovakia

F-Secure                                                   : Finland

McAfee                                                     : U.S

MSE(Microsoft Software Essentials)          :  U.S

Panda                                                        :Spain

2.   Sadly we see,there are no Indian companies in this short list.Besides these,if we get specific to India we can quote two companies viz : Quick-heal and K7 Computing..well....that's not the point that I am here to share....the thing to note here is that all these leading companies have got a affiliation with some other country and none is Indian.So when we blindly load a antivirus or a internet security suite in our systems just on faith and word of mouth publicity from peers and friends...are we doing the right thing ? Do we know what is running in the background ? In the name of uploading our dumps what actually goes to their servers? What information does it contain?How does that company identify a virus or a malware?what's the logic that finds a virus?...all these questions are critical because this all is happening in our own machines.....but most of us hardly bother about all this...coz we have faith!!! :-)...and also because there are no standards existing for defining a QR for a antivirus....there is none to cross check what's being cooked?

3.  Besides having a question mark  on the privacy issues...lets think about the logic being applied or the signatures being released to thwart the known threats....but do we know that more then the known virus list it is the ZERO DAY threats that are getting serious by the day....off-course few bright companies are trying to check that by working on behavioral aspects of a virus or a suspected file...but that has it's set of constraints and is often limited in detecting....so whats the solution.....i recommend using all trial versions for a month each of all leading companies that will pass your one year and then format your windows PC and then start again.....a cheap...crude method of using the best without spending a penny!!!!!!!!!!!!

4.   By the way,just for info...virus detection by various companies have their own speeds...a company like kaspersky may be able to detect a virus soon and another company may detect it later or may not even at times detect one....and this time lag of detection is critical to all users!!!!!a second of compromise is enough on your PC with loads of bytes to upload in a matter of a seconds!!!

Comments invited!!!!



Friday, July 12, 2013

Cyber Security Tips for Home Users

Maximum percentage of internet users will remain the naive Home users and it is this major percentage that needs to be acquainted with the basic cyber security hygiene. This presentation will equip the basic user with a small set of skills to be slightly better on handling security front on their respective PCs.

Hacked PC : I Don't Care attitude!!!!

If you feel that you are safe even with a hacked PC at home or office... because you think you don't have any thing to loose from your PC...or you feel that u simply share unclassified info on your PC..so even if it is lost there is nothing to worry.....please see this brief presentation....

Wednesday, July 10, 2013

Striking the balance : Privacy & Security

1.   Over the decade, Security and Privacy issues have been striking the key notes often at high decibels and the trend is only increasing in the webosphere.I was just thinking if there will be a day when there will be 100% Privacy as well as 100% IT Security...if privacy becomes 100% ensured then how will anyone's data be monitored or will it be all algorithm based that will have a standing as well as active encryption method.

2.  At a health care event in San Jose, California some time in June 2013, President Obama had said "It's important to recognize that you can't have 100 per cent security and also then have 100 per cent privacy and zero inconvenience."(Source here)

3.  Is it actually possible in lives of the present generation ? I have my doubts!!!!!Our generation is likely to be a turning era of a new kind of civilization ie the digital age.We are part of just the beginning of the IT revolution but it will take another good time to realize a stable IT architecture.

4.  Its a mad race if we see it from top...mad race about leading from the front without realizing that to do so first the need is to plan and move.Short term gains and achievements in such a scenario of unstable internet(i mean unable to handle security and privacy) is not worth a pie.From aka India we have CMS ie the Central Monitoring System that claims to monitor each and every byte(I wonder how would it be done without any known info of set data centers in India......)....then we have PRISM...and actually each country would claim to have a sole application project on similar lines!!!

5.   Confidentiality,Integrity and Availability,the three key corner stones of a security framework....how will these fit in maintaining the privacy issues.The road map is long and lots needs to be done...

Tuesday, July 09, 2013

Windows 8 and Live USBs & CDs at logger Heads!!

1.  One feature of Windows 8 launched recently has been disabling the option to boot from a Live CD/DVD or a USB right at the beginning.....recently got hold of a Windows 8 laptop of a friend and being in the habit of recommending opensource software's I tried showing him a live DVD of Ubuntu 13.04 but was surprised that every time it booted I could never see the option of selecting option of where to boot from?...that was it...i had no option but to Google and got the answer....the option to boot any windows PC with a live DVD is passe with Windows 8....now the user has to be specific of selection of boot device only once he is inside the OS interface.Bad...Bad...Bad......that's SECURE BOOT by terminology of Microsoft

2.   Dedicated Linux users and communities are the once who immediately start getting irritating owing to this feature that has no choice as on date.The purpose of Secure Boot is to put an end to computer viruses that sneak between the hardware and the operating system. These bootkits work by getting themselves before the OS is loadde, then they make changes to the operating system while it lies defenseless on disk, and then they load the now defenseless operating system and have their way with it. Secure Boot counters the bootkit by ensuring the hardware verifies the identity and authenticity of the software that sits between the hardware and the operating system - the bootloader, and also the software embedded in hardware devices like network and graphics adapters.Although going by the past threats Secure Boot sounds like a smart solution to the bootkit problem but this would be a problem for the majority of users in long run who rely solely on pirated copies of Windows OS.!!!!


3.  This is because today most of the vendors dealing in piracy or the users using pirated DVDs of OS have a option of formatting the PC and then reloading a new OS if the present OS has some issues....and this was possible since he/she would simply choos the BOOT FROM DVD option in the beginning...but now what?If some thing goes awry with your Windows 8 OS,there is no way to access your windows or at the best you need to run to your MS maintenance site.....so there is one good aspect that it is certainly going to curb piracy....but what about the security professionals ???

4. No denying the fact that a LIVE DVD is one of the prized possession of every IT security professional that has a plethora of advantages...so does windows 8 mean an end to all those advantages!!!!its a land lock situation for windows users.I am sure this is not going to last long...may be by windows 8.1 they do something about it!!!!

Big Data & Security Challenges : Geo-Intelligence India 2013

The Audio in the video cast is pretty aghast so I am planning to place Subtitles for understanding the content....Will be placed shortly....thanks


Saturday, July 06, 2013

Spying your friend at WhatsApp : Cause of concern

1.   In my last post here,I discussed about the growing lure of using WhatsApp and the basic security concerns that comes with it from point of a naive user.Now will take you one step higher to the level of a script kiddie....

2.  How does WhatApp identify you in billions?The answer is the unique MAC address that each digital device on this earth holds. If any one changes his/her device,then automatically the MAC address also changes and the user is requested to re-verify their WhatsApp account. Means he/she cannot access same WhatsApp account from two devices. But is MACSPOOFING not existing ?So,if the Mac is spoofed,then who stops from seeing your friends traffic that includes his/her chats,downloads etc!!!although for a naive user this may be look of some technical nature but for the young gen which has lots of techno enthusiasts there should be no stopping....that would include rooting your phone and installing Busybox. How to get your friends MAC address,here it goes :

For Android phone users simply go to settings—> About phone—> Status—> Wi-Fi MAC address.

For iPhone users go to Settings—> General—> About—> Wi-Fi address.

For Windows Phone users go to Settings—> About—> More info—> MAC address.

and for BlackBerry users go to options—> Device—> Device and Status info—> WLAN MAC.


3.   And the best part is that your Andorid can be anyone starting from 1.6 on wards till date.

Thursday, July 04, 2013

Security Issues : Whats App !!!!

1.   WhatsApp had set a new record with 27 billion messages in a day on 13th Jun 2013...now that's hell of a lot!!!!!a huge success by any means in terms of revenue generation and collection of info...as I really wonder if all these naive users most of them who are actually not aware of the kind of critical information they have allowed to be passed on...such applications are currently enjoying huge success banking on the naive users....who don't actually realize the repercussions owing to this valuable personal info loss.....just read these few eye raising conditions before any one installs this app :

- Prevent Phone from sleeping

- Change Wifi state

- write sync settings

- Modify/delete SD card contents

- read phone state

- Read contact data

- Write contact data

- Record audio

- Read my location

- Read my other accounts credentials

2.  If one goes through the deeper insights of all these aspects that the user has to invariably accept for enjoying the application thinking its free(when he has given invaluable personal info to a stranger) from point of view of security...it starts getting scary...!!!!going through the above terms it is invariably understood that all your contacts info is already gone....now how much is that info depends on how much have you stored...if you have stored the residential address,his email,his other phone numbers etc...that's all gone the moment you install!!!!..and add to this location and hardware details....from a hacker point of view the attack surface is already prepared vide one shot of installation only.....



3.  If Whatsapp says that they respect user privacy and would not submit all the info to any advertising agency or any third party...then y are they collecting all this ?Whats their security architecture?How reliable is that?Do they guarantee a NO-HACK situation?......

Monday, July 01, 2013

E-Governance and Security Challenges

Copy of the presentation that I gave at the Mini Seminar held under the aegis of IETE at AVCC,NOIDA on the subject : E-Governance and Security Challenges.



















Friday, June 28, 2013

Saturday, June 01, 2013

Your passwords can be cracked easily if less then 16 Characters now!!!!

1.    When the IT security big bang of Do's and Don'ts started some years back it was widely advertised to the Cyber masses to keep their respective passwords any thing more then 8 characters with a mix and match of capitals and smalls with special characters...then this was increased to 10 and last heard it was 15...and was told that 15 character password which is not dictionary based will take years and is actually uncrackable...

2.  As recent as 4 days back,a team of 3(your read it rite it's three) hackers has been able to crack more than 14,800 supposedly random passwords from a list of 16,449 by simply brute forcing!!!!

Image courtesy : http://www.buzzquake.com/tag/brute-force-attacks/
3.   In December it was unveiled by Jeremi Gosney, the founder and CEO of Stricture Consulting Group, that a 25-computer cluster can cracks passwords by making 350 billion guesses per second. It can try every possible word in less than six hours to get plain text passwords from lists of hashed passwords...the word of significance is that you do not need high end machines and east-west architecture to build this kind of IT infra...it is simply a cluster of machines processing power...

4.   The general user in the cyber space like you and me have actually no control over which hashing process websites use and therefore remain at the mercy of an algorithm all would invariably be clueless about...so if you are concerned about security and your email id and password which is the key for so many transactions in your routine life.long passwords are the best defense....and not simply long it has to be a mix match of numerics,capitals,smalls and special characters!!!.

5.  All the best to all of us...keep surfing but avoid drowning!!!! :-)Thanks http://thehackernews.com

Friday, May 31, 2013

GeoIntelligence 2013 : 13-14 June 2013,Taj Palace,New Delhi

Geo Intelligence 2013

1.   GeoIntelligence is a premier India based annual conference and exhibition dedicated to the highest level of information exchange and networking within the Defense and Security sector. The conference will be hosting its seventh edition this year with its primary focus on the perspectives and requirements of the key decision makers who directly influence national security policies and procedures. The conference aims to tap the most influential speakers and delegates not only from India, but also from various international defense and security establishments, as well as key international players from the industry. With the presence of such key players in the conference, the forum is uniquely positioned to offer adequate opportunities for knowledge sharing related to defense and security personnel, as well as, for business development and networking.

Theme

Geospatial – Force Multipier for Modern Warfare

2.   With nations today faced with a multitude of challenges for national Defence and Security,both from state and non state actors, the need for higher content and cohesive geospatial intelligence data is more critical. In parallel with the rapid development of geospatial intelligence technology, the role played in modern warfare by the operational geospatial information changes as well. With rapid advancement in LiDAR, multispectral and radar imagery technologies as well as surface and airborne sensor platforms, the geospatial technology is developing dynamically and will have wider applications in combat operations, crime mitigation, internal security, border control, arms treaty monitoring, etc. With the theme “Geospatial – Force Multiplier for Modern Warfare”, the speakers will deliberate on the modern outlook for the development of military geo-informatics and for modern warfare. 

3.  More special for me since I am there as one of the speakers.Will be speaking on security challenges in Big Spatial Data.

4.  For more details please visit : http://geointelligenceindia.org/
Powered By Blogger