How to Set Up Google Chromecast : Windows 8

1.   Chromecast is a 2.83-inch (72 mm) HDMI dongle ,a digital media player developed by Google that plays audio/video content on a high-definition display by directly streaming it via Wi-Fi from the Internet or a local network. Users select the media to play using mobile apps and web apps that support the Google Cast technology. Alternatively, content can be mirrored from the Google Chrome web browser running on a personal computer, as well as from the screen of some Android devices.This post further brings you screen shots of the Chromecast setup as I set it up on one windows 8 Laptop...sadly it doesn't have a straight setup for UBUNTU OS...though I have seen few forums wherein a plugin mention in regular chrome browser would set the cast working...but alas not tried that...here it is a simply setting it up on Windows 8.

Step 1 : As you plugin the chromecast powered by USB Power in the HDMI slot ,you get a similar looking screen.

  

On your Chrome browser log onto google.com/chromecast/setup

As you click the above link you get a download setup file...around 800 kb...download that and your installation begins....

Typical Next Next.....

You get the device number as detected by the Laptop machine

Once connected a unique code is seen as below on the TV...just confirm that you see the same on your PC too as shown further below :

Unique code replicated on Laptop screen as below :

Click on That's My Code and continue as seen below :

Seen connecting to the network SSID

Setting up the Device on joining the network

and you are ready to cast :

The first time the device is ready to cast,expect recent update on the Chromecast dongle like seen below...likely to take few minutes...mine took 7-8 minutes

Updating still....12%

Updating still....61%

Updated and now applying updates

and the first look of the device on way to cast a Youtube stream as below :

What do I cast first ?...off course Rajinikanth....:-)

Few things to ponder and for info first time users :

- Why is not ready for Opensource OS?
- Works equally ready with Android devices with ease
- Does not work on a Windows OS running in Virtual Box/Machine.

Hardening your Android Device : Few Essentials

1.   Android is the most popular mobile platform in the world, with a wide variety of applications, including many applications that aid in communications security, censorship circumvention, and activist organization. Moreover, the core of the Android platform is Open Source, auditable, and modifiable by anyone. Unfortunately though, mobile devices in general and Android devices in particular have not been designed with privacy in mind. In fact, they've seemingly been designed with nearly the opposite goal: to make it easy for third parties, telecommunications companies, sophisticated state-sized adversaries, and even random hackers to extract all manner of personal information from the user. This includes the full content of personal communications with business partners and loved ones. Worse still, by default, the user is given very little in the way of control or even informed consent about what information is being collected and how.

 

2.  This presentation brings out few basic steps that every android phone user should configure to harden his/her device.Although the list is not completely exhaustive but it brings out basic necessities as expected from any smart user.

 

USB Condoms

1.   Ever heard of this term : USB CONDOM..first as I read about this though like some tech humour but it was not...it was for real.This device prevents accidental data exchange when device is plugged into someone else’s computer or a public charging station. This is achieved by blocking the data pins on any USB cable and allowing only power to flow through. This minimizes opportunities to steal your data or install malware on your mobile device.

2.  As I read this ,the term became ok :-) to discuss around in my blog here.So the basic Juicejacking attack becomes null and void by the use of a USB Condom.

"The simple board at its core carries only the current from the outside pins on a USB connector — which pass along the 5V needed to charge. The middle pins that would normally transmit data can’t, as there’s no circuitry to do so on the Condom. You’ll be able to confidently charge in public as long as you’ve got your USB Condom handy, safe in the knowledge that no juice jacker is going to mess with your precious device." from : http://www.geek.com

FaceDancer : Security Issue Buzzing USB !!!!

1.   The typical USB protocol requires that anything with USB  declares itself as either a "device" or "host". "Host" can be a PC and other bigger machines accessible whereas "Devices" can be iPod, iPads, USB thumb drives, and other "small" accessory-like things.  If you ever want a USB "host" to pretend to be a USB "device", you need special hardware. The FaceDancer is that key.

2.   The FaceDancer allows a computer (or "host") to masquerade as a USB "device" to communicate with other USB devices or USB Hosts. The FaceDancer allows a developer to access data on the USB bus from high level languages like C, Python, and Ruby.

Details and above info from : http://int3.cc/products/facedancer21

HAPPY NEW YEAR 2015

WISHING YOU WONDERFUL GUYS A WONDERFUL NEW YEAR AHEAD....CHEERS FOR YEARS....

DeathRing: Non-removable Pre-installed Malware@Androids

The smart-phones penetration in our country and for that matter any country has been seeing explosion like never before...from cheap mobiles with luring specs to high end smart-phones by Apple,Samsung,Sony etc.The growing and already a subject matter of concern in IT ie SECURITY is majoring as a serious threat in the mobile world too...like the Microsoft b70 case few years back(click here for details)....As evidenced by the latest pre-loaded malware identified called DeathRing that’s  a Chinese Trojan that is pre-installed on a number of smart-phones most popular in Asian and African countries.

as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)

as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)

as evidenced by the latest pre-loaded malware Lookout identified called DeathRing.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)

Operation Cleaver : IRAN a greater Cyber Threat then US/China????

1.    There has been a series of decisive and significant reveals in past few weeks in the field of Cyber Security. REGIN, APT28, Wirelurker and now comes another important report by the name of Operation Cleaver. The report is available here.Some time about a year back in September 2013,the ping pong blame of cyber attacks between Iran-US were made public vide US carrying out proven credentials of IRAN being part of attack in their Navy room. A screen shot of a report then is seen below :

 2.    Now, a US cyber security firm Cylance says it has evidence to prove that the same team has infiltrated not just the Navy, but also various top companies across the globe within the past two years. This report sheds light on the efforts of a coordinated and determined group working to undermine the security of at least 50 companies across 15 industries in 16 countries.

3.  Iran till date has never been considered quite as much of a serious cyber threat to the US as China and Russia have been in recent years. This could prove to be a mistake vide proofs given in this report.The report indicates that state sponsored cyber groups in Iran can be just as severe or even way ahead in terms of offered danger to few countries. Few key points of interest are mentioned below :

-  Victims include companies in the oil and gas sector, the energy industry, airports and the transportation sector, government and defence, and the telecommunications and technology industries.

-   Report believes all the revelations are just the tip of the ice berg and damage extends much ahead of contours identified.

-   About 10 of the victims are based in the US and include a major airline, an energy company, a medical university, and an automobile manufacturer.

-   Many of the other firms targeted by the group are based in Middle Eastern countries like Kuwait, the United Arab Emirates, Saudi Arabia, and Qatar. Cylance also found a significant number of victims in Canada, Germany, England, France, India, Israel, Pakistan, and Turkey.

-  Unlike their Russian and Chinese counterparts, which tend to grab IP and financial data where they can, the Iranian group has mostly avoided stealing such data.

-  The group is scoping networks and conducting reconnaissance as if in preparation for a major assault at some point in the future.

-   Technical capabilities of the Operation Cleaver team rapidly evolve faster than any previously observed Iranian effort.

- 

Harden your LinkedIn Settings : A Necessity Now

Most of us are part of various Social Engineering Sites and keep updating ourselves via status updates, pictures and tweeting small life updates. Related Privacy and Security issues in respect of these social engineering sites available is already a serious concern among users. Additionally for these all social engineering sites/applications whether accessible on a desktop or a mobile, we all are not so serious responding and interacting but that’s the difference when we see viz-a-viz LinkedIn. When it is LinkedIn…we are mostly serious…no jokes, no clips, no tagging, no personal comments, no WOWs…it’s all professional. And when most of us take it seriously, we also feed serious inputs on it. But do we take necessary precautions too?...I have mostly seen a negated curve amongst my friend circle….hardly anyone has spared time to configure LinkedIn Privacy and Security settings. In this post I bring you out basic and necessary configuration steps involved to harden your LinkedIn interface to the world.

Harden your LinkedIn Settings : A Necessity Now from anupriti

Configuring and using OPENVPN in UBUNTU@14.04 LTS

1.  VPN as discussed recently in my post here is on-way becoming a routine necessity for each one of us.In this post I bring you a screen shot and command terminal step by step procedure to configure and use OPENVPN,an open source application vide which a Ubuntu user can tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port and additionally configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients.OpenVPN is the best and most recommended open-source VPN software world-wide. It is the most secure VPN option. You need to download the open-source OpenVPN Client and our configuration and certificate bundle from the links on site shown below (use TCP if you cannot connect to UDP due to network restriction).

Steps involved : 

- Open a sudo terminal

- Install openvpn by typing

sudo apt-get install openvpn

Goto http://www.vpnbook.com/freevpn and Download one of the VPNBook OpenVPN certificate bundles as seen available in the screenshot below :

After downloading either of the above certificates as seen....do extract the contents in one folder and these should look like as seen below :

If there is any issue with the installation part,install the openvpn client by synaptics as shown below :

Once done ...go to the sudo terminal and type the following :

openvpn --config vpnbook-euro1-tcp443.ovpn

As you see the message INITIALIZATION SEQUENCE COMPLETED...u r on with the VPN..

APT 28 :Cyber Espionage and the Russian Government?

Russia may be behind a long-standing, careful campaign designed to steal sensitive data relating to governments, militaries and security firms worldwide.This presentation based on a report made public by FireEye (report here)brings an over view of their opinion.....uploaded here just for general info to understand how its all happening in the dynamic and vibrant world of CYBER ..!!!!