Note: This app is just for fun, it doesn’t cause any damages to anyone other than annoyance. Use it with precaution.

The project is similar to the Upside-down-ternet project: from the phone you can flip pictures on someone’s computer upside down. There are couple of fun things you can do with this app. It lets you:

• Flip pictures on someone’s PC.
• Change Google searches keywords,
• redirect websites to some other sites,
• and many more features to come.

App works well in combination with Shark for Android – combined they allow you to capture packets when logged onto wifi networks.

Simply install from the Android Market (on a rooted device running >2.2), and download the setup files from the application. This requires about 600MB free SD card space. The program needs the phone to be rooted, and have busybox (most custom firmwares have this).

Developers can contribute at Launchpad (main project) and Sourceforge.

Download the App from Market.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage, Google+:
 

Such security is really consumer grade, its secure in the real world but may not be secure enough for driving Top most secret tasks like the ones Government agencies like NSA is involved with.

The National Security Agency (NSA) released the first version of their custom build of Google’s popular OS, called Security Enhanced Android. The system is designed to minimize the impact of security holes on Android. The SEAndroid project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps.

SEAndroid is born with robust support for:

• Per-file security labeling support for yaffs2,
• Filesystem images (yaffs2 and ext4) labeled at build time,
• Kernel permission checks controlling Binder IPC,
• Labeling of service sockets and socket files created by init,
• Labeling of device nodes created by ueventd,
• Flexible, configurable labeling of apps and app data directories,
• Userspace permission checks controlling use of the Zygote socket commands,
• Minimal port of SELinux userspace,
• SELinux support for the Android toolbox,
• Small TE policy written from scratch for Android,
• Confined domains for system services and apps,
• Use of MLS categories to isolate apps.

You can integrate SEAndroid into your own Custom ROM. First, you should make sure that you are able to successfully download, build and run the Android Open Source Project (AOSP) source code by following the instructions starting from http://source.android.com/source/initializing.html

Once you have successfully built and run AOSP, you can obtain a local manifest specifying the SE Android git trees from http://selinuxproject.org/~seandroid/local_manifest.xml. Copy this file to the .repo subdirectory of your AOSP clone, and then run repo sync. Your tree should now include the SE Android modifications. For further dev info, visit the official Wiki.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage, Google+:

Google has launched a new way to authorize and login with your credentials without actually logging in with password or keyboard onto any PC. It’s called Sesame.

How Google Gmail Sesame Authentication Works

It’s simple: Remote Autherization from your mobile. You personal mobile device’s browser is already logged-In with your Google credentials.

Step 1. Go ahead and Open http://accounts.google.com/sesame on the desktop browser where you need to access your gmail / google account.

Step 2. Launch your barcode scanner and scan the QR code that appears on /sesame. You’ll be asked to authenticate the PC for access to your Google / Gmail account.

You’ll automagically be logged into the Desktop PC. Remote authorization at its best!

Related: Make your Gmail UnHackable, Hacker proof.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage, Google+:

Carrier IQ is a tool that runs on almost all modern smartphones, installed by your own favorite carrierrunning the app on one of their own phones. This is basically a keylogger that captures all your keystrokes & monitors user’s full phone activity.

How to Remove, Disable Carrier IQ Keylogger

Logging Checker is a too developed by Trevor Eckhart, which checks logging activity on your phone and lets you know where the logging data is going to. Besides checking Carrier IQ logs, it can look for Google and HTC Usage logs, Dropbox logs etc. It lets you check app usage logs in a UI as well as giving you some pretty strong internet security features (like enabling HTTPS wherever possible and more).

It checks:

• Check CIQ files (Root Only)- Sees if CIQ exists in your system
• Check Google Usage Logs(Root Only)- Checks for logs in /data/system/usagestats
• Check HTC Usage Logs (Root Only)- Checks for logs in /data/system/appusagestats
• Check Devlog (Root Only) – Checks /devlog partition, written out by htc_ebdlogd
• Check Dropbox Logs(Root Only)- Checks for logs in /data/system/dropbox
• Check UserBehavior DB(Root Only)- Reads user Behavior monitoring database
• AppUsage UI – See app usage logs in UI
• CIQ APP UI – Attempts to open all known CIQ Activities
• Start HTCLoggers – Start HTC Logging Activities

This app has started to turn into a full security suite. It can be used to verify what logging is being done on your phone and where data is going to. It will assist you in manually removing parts you do not running (see post#1), or you can go pro for automatic everything (and support me).

We had a chance to check this app on various unlocked Android devices, and we found Carrier IQ was not present on Samsung Galaxy S, SII, Nexus S. However, it is definitely present on carrier specific locked phones.

Go ahead and launch the application, tap on CIQ Checks and then read the scrolling text at the bottom which will let you know if it found Carrier IQ activity or not.

Free app only checks the presence, paid version can assist you in removing it. Download Logging Checker [Official Thread], Get Logging Checker Pro [Market]

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizeron Twitter OR on Facebook Fanpage, Google+:

Captcha stands for Completely Automated Public Turing Test to differentiate between Computers and Humans. It was invented by Carnegie Mellon University computer science graduate student in 2000 as a security tool to safeguard web sites from automated bot attacks and spammers.

Team of researchers at Stanford have outsmarted the Captcha codes. Their anti-spam tool-breaker was able to kill off captcha’s protective cover.

“As we substantiate by thorough study, many popular websites still rely on schemes that are vulnerable to automated attacks. For example, our automated Decaptcha tool breaks the Wikipedia scheme… approximately 25% of the time. 13 out of 15 of the most widely used current schemes are similarly vulnerable to automated attack by our tool. Therefore, there is a clear need for a comprehensive set of design and testing principles that will lead to more robust captchas.”

Decaptcha is capable of isolating the text from noise in the captcha image. From the clean text image, it then runs a smart OCR (optical character recognition) to translate image to text.Each text character is identified individually.

To prototype was able to break into Real world websites with Captcha. Decaptcha worked successfully on Visa’s Authorize.net payment gateway was defeated 66 per cent of the time. eBay’s captcha was sidestepped 43 per cent of the time. Lower thwart rates were recorded at Wikipedia, Digg and CNN.

Google and reCAPTCHA were the only two that beat out the Stanford team’s automated tool–no gotchas for either one.

More details: PDF

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizer on Twitter OR on Facebook Fanpage:

Its known that iPad 2 can be unlocked using Smart Cover, which uses magnetic pattern to lock and unlock the device. But what is not known is that same Smart Cover can be used to Unlock ANY iPad 2, no matter if its password locked.

How to bypass iPad 2 Password, easily:

Step 1. Come to the lockscreen where the password is prompted.

Step 2. Press and hold the power button till you get “slide to unlock”.

Step 3. Flip over the SmartCover.

Step 4. Remove the SmartCover and click cancel. Boom, iPad 2 is now Unlocked.

Demo:

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizer on Twitter OR on Facebook Fanpage:

You can now kick users & devices from Wifi using an android app called WiFiKill. The app makes sure that a targeted users is not able to connect to Internet using your Wifi.

WiFiKill is pretty simple: it scans your network for connected devices and gives the option to individually kill their network connectivity. You can also chose to Kick all users, if you intend to. Tick the “all” box and the network will be completely empty in a matter of seconds. To re-enable connectivity for any device, simply uncheck the box next to its name.

Note: App does wacky stuff to your wifi by injecting spoofing DNS and several other UDP stuff, works only on Rooted phones.

There’s alot of things you can do with it, but doing so for Public or shared networks can create  serious problems. We hope you don’t boot users and create havoc using this app. Use it wisely, don’t be a jackass. If you promise to be ethical, feel free to install the app from market.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizer on Twitter OR on Facebook Fanpage:

Michigan police was already found to do that last month, but if sources are to be trusted, they are going nationwide in US and soon in several other countries. The device used is the CelleBrite UFED, which is able to copy most of the data on over 2500 different mobile devices. It does all that in under 2 minutes. UFED brochure claims:

The UFED system extracts vital information from 95% of all cellular phones on the market today, including smartphones and PDA devices (Palm OS, Microsoft, Blackberry, Symbian, iPhone, and Google Android). Simple to use even in the field with no PC required, the UFED can easily store hundreds of phonebooks and content items onto an SD card or USB flash drive.

And technical description:

The UFED hardware with Physical Extraction module, used to create Physical and/or Logical dumps from mobile devices, which can then be saved to a USB disk drive, SD memory card, or directly to your PC.ƒ The UFED Physical Analyzer (PA) PC application, which provides an in-depth physical memory analysis of the extracted mobile phone data (phonebook contents, SMS messages, call logs, image files, video files, audio files, and more) The Physical Analyzer also serves to generate comprehensive and verified evidence reports of relevant data extracted and analyzed from the mobile device.

The UFED Physical Analyzer software allows the investigator to perform in-depth analysis of the extracted data
and generate reports. The UFED PA application provides the following key features:

• ƒ Analysis of the hex dump with a layered view of memory content
• Provides a detailed view of the hex dump
• Reconstructs the phone file system
• Decodes contact lists, SMS messages, call logs, phone information (IMSI, ICCID, user codes) and more
• Provides a view of data files – images, videos, etc.
• Provides access to both current and deleted data
• Retrieves phone passwords
• Simple viewing and user friendly browsing of information

ƒ Powerful search tools

• Instantly search for project content
• Search the hex dump or file system

Search by various parameters such as strings, bytes, numbers, dates

• Use GREP search (regular expressions) to look for specific data strings
• Bookmarking memory locations for indexing of key areas for later review

The ACLU fears that the next time you get stopped for speeding in Michigan, you’ll be handing over your cell phone, and your entire mobile history, to the nice officers. Of course, you have no idea into what all they can grab. Of course, you don’t have an option.

There’s something thats more scary than being able to extract your information — Being able to inject information into the phone like fake call logs, gps logs, text messages, calendar appointments. It would open your call log SQLLite DB (in the case of an iPhone, Android) and write a new entry. e.g. If my intake information says I received the phone at 15:20:00 but there is a write to phonecalls.sql at 16:22:00 User better have a logical explanation.

We write about Google, Twitter, Security, Open Source, Programming, Web, Apple, iPhone, Android and latest in Tech @geeknizer on Twitter or by subscribing below:

Researchers from the University of California Davis, have successfully decoded the keystrokes on an Android on-screen keyboard by measuring the wiggles, jiggles, and vibrations picked up by the device’s accelerometer caused by pressing onscreen keys. Hao Chen and Lian Cai claim that this is a big deal coz almost any app can use the accelerometer without attracting user attention. Accelerometer data can sure be collected in the background, without a clue.

Any script kiddie can do it on windows, but smartphones have a more robust approach to applications and permissions, that makes it even harder.

How Accelerometer is used as Keylogger [PDF whitepaper]

Using the 3-axis of the accelerometer, keylogger can be built with accuracy of upto 71.5%, on an average.

Every key has a unique “pitch, roll and yaw” fingerprint that can be identified absed on the sample data that had been compiled in advance. The data looks like the patterns below.

The accuracy actually depends on the sensitivity of the accelerometer, so it varies from device to device. Newer Android phone’s accelerometer have response times of the order of 30ms vs 110ms on older ones like Original Motorola Droid.

The motion of a smartphone during typing depends on several factors: 1) the striking force of the typing fin- ger; 2) the resistance force of the supporting hand; 3) the landing location of the typing finger; and 4) the location of the supporting hand on the smartphone. The first two factors mainly affect the shift of the phone, while the lat- ter two mainly affects the rotation. We observe that the first two factors likely depend on the user, while the lat- ter two are likely to be user-independent because (1) on each soft keyboard configuration, each key is at a fixed location, and (2) a user typically holds her smartphone in a consistent way. Therefore, we would like to extract the rotation components while filtering out the shift compo- nents from motion sensor data.

Achieving 71.5% accuracy, on average across all devices, for numpad keys is a good number to begin with.

TouchLogger performs even better on larger and newer devices like tablets, given that they have gyroscopes and better cameras.

Possibilities

Although this cannot be considered a bug in Android or any other smartphone, its sure is hardest to get rid of. Even by capturing numbers alone, enough private data about user can be collected.

If someone takes these algorithms and port to javascript, its easy to grab your keystrokes on a random webpage that has asks for say credit card and/or password.  XSS/JS injection can do wonders to it.

The app would be demoed at HotSec in San Francisco next week.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage:

Two security researchers, Mike Tassey and Richard Perkins,  have unleashed a complete DIY methodology to Launch your personal, specially equipped WASP (Wireless Aerial Surveillance Platform) drone that to flys overhead and sniff Wi-Fi network, intercept cellphone calls, or launch denial-of-service attacks with jamming signals.

This drone plane runs on Arduino and would cost you $6,000. This drone is based on FMQ-117B U.S. Army target drone and equipped it with Wi-Fi and hacking tools — IMSI catcher and antenna to spoof a GSM cell tower and hack calls. What’s more? It can launch a dictionary attack on the network using its database of 340million words.

GSM Hack to break into voice calls has been floating around for a while, and that’s what inspires these security researchers. Recommended read: How to Hack GSM Nework, Phone

The device onboard tricks phones to disable encryption, and records call details and content before they’re routed to their intended receiver through VoIP or redirected to anywhere else the hacker wants to send them.

Drone plane weighs 5Kgs and is 2.5m long and is quiet enough to spy on anyone, without trouble. You know, its US military drone, designed to be quiet. It can be automated to travel through programmed GPS coordinates and Google Earth, whole thing is self-driven apart from take off and landings which need to be controlled.

While such a drone may violate a few flying laws, it doesn’t break any FCC regulations as it uses the HAM radio frequency band or a 3G connection for communication. As to the reason for building it, creators Mike Tassey and Richard Perkins just wanted to prove there is a vulnerability that can easily be taken advantage of with a UAV such as this. It can easily cover 10,000 sq. ft of area using its inboard basestation.

WASP is an open source platform called Auto Pilot using Arduino that Tassey will discuss how to build at DEFCON-19 next week. It was originally unveiled last August with the following video giving you a close up view and interview with the creators

Update: Instructions to Build this drone

Endless Possibilities

Darker side:
Its pretty much obvious that if two security researchers can collaborate to create such a destructive element for communications, wonder how strong could it be when its in terrorists hands.

Hackers would use them to fly above corporations to steal data like confidential IP (intellectual property) or may be launch a DoS attack or jam the cellphone signals of a corporation, without letting anyone know.

You can stop a car, a person from coming into your facility, but what about things that fly overhead? These drones can not just broadcast jamming signal, they can laser focus specific users in crowd.

Positives:
If you think about positive aspects of such drones, they can prove out to be quiet helpful during natural disasters when other communications break. They can be bagged with more sensors, cameras and help army in critical missions, possibilities are endless.

Related: DIY GSM Cellular Data Network

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage:

Microsoft is gathering data from Windows Phone 7 handsets that connect to wi-fi networks, along with cars that go around sniffing out hotspots, and logging it all here. I don’t know why by anyone can get access to the data. Cnet did a self test of various MAC address of its Windows devices and found themselves with complete location history.

How it Works: iPhone and Android devices automatically change their Wi-Fi MAC address when acting as an access point. Android devices appear to choose a MAC address beginning with 02:1A.

Google’s database doesn’t include the MAC address 02:1A:11:F2:12:FF. But Microsoft’s does, and reports that it is located in the Embassy of Montenegro on New Hampshire Avenue in Washington, D.C.

Ugly Part: Since you might have used your smartphone’s Tether Wifi hotspot,  its highly possible that your data has been captured by Microsoft and available to public. If an attacker knows your MAC address, he already knows your mobile activity on the map. Story doesn’t end here, Microsoft still doesn’t comment on whether they collect additional data on the WP7 devices  like the devices connected to the network. What this means is that they might have also captured all phones, laptops connected to those Wifi networks. So If you’ve ever connected to a Wifi (which you often do), your location might be already public to everyone.

Microsoft’s statement:

“To provide location-based services, Microsoft collects publicly broadcast cell tower IDs and MAC addresses of Wi-Fi access points via both user devices and managed driving. If a user chooses to use their smartphone or mobile device as a Wi-Fi access point, their MAC address may also be included as a part of our service. However, since mobile devices typically move from one place to another they are not helpful in providing location. Once we determine that a device is not in a fixed location, we remove it from our list of active MAC addresses.”

Ugliest part of the whole story is that  there’s no way to “Opt-out”, you can’t prevent your MAC address from being added.

How to check if your location is Public or not

Go to this website and enter your mac address, if you see your location info, go and fight with them.

Update: 31st July – Microsoft seemed to have fixed the problem [via]

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage:

Modern Laptop battery contains its own monitoring circuit which reports the status of the battery to the OS. The circuit is also responsible for preventing battery from overcharging, this comes handy when the laptop is switched off.

The scurity researcher has discovered that the batteries on Macbooks are shipped with the default password on the micro-controller. It can be inferred that if someone knows the default password, the firmware of the battery can be controlled to do many things from simply ruining the battery to install a malware which reinstalls whenever the OS boots. Since you gain access to the micro-controller that controls the battery, it becomes actually possible to overuse and overheat the battery to a limit where it can even catch fire.

Miller claims this hack can make the hacker achieve something that was unachievable before —  it’s possible to use them to do something really bad – Insert a new Hard drive, reinstall the software, flash the BIOS, and every time it would reattack and screw the user. And the worse part, it undetectable and impossible to  eradicate other than removing the battery.

Apple released a fix in 2009 to fix problems by creating two passwords used for the chip on the battery. By hacking that password, its possible to do anything like giving false reading to the charger and let it overcharge to cause fire, or to completely rewrite the firmware.

Hack is Not Easy

Luckily enough, miller hasn’t made all details public. He claims that to successfully exploit this vulnerability,  attacker has to analyze the 2009 software updates from Apple for the password. If he is able to retrieve the password, he will have to find a vulnerability in the interface between the OS and the firmware.

But these details would be made public at te yearly security conference, BlackHat. He will also be unveiling a tool to public that will change the password of the battery to a random string. Hope Apple releases a fix before that.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage:

Hacktivist group Anonymous has already teamed-up with LulzSec, to launch Operation Anti-Security (#AntiSec), has alarmed the cyber defence industry and got almost everyone involved in the discussion. As per the official statement from AntiSec:

“the government and whitehat security terrorists across the world continue to dominate and control our Internet ocean. Sitting pretty on cargo bays full of corrupt booty, they think it’s acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011.”

“We encourage any vessel, large or small, to open fire on any government or agency that crosses their path,” … “We fully endorse the flaunting of the word ‘AntiSec’ on any government website defacement or physical graffiti art. We encourage you to spread the word of AntiSec far and wide, for it will be remembered. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships.” “Top priority is to steal and leak any classified government information, including email spools and documentation,”. “Prime targets are banks and other high-ranking establishments. If they try to censor our progress, we will obliterate the censor ….” A LulzSec tweet declared simply,  “anarchy is now.”

The new partner’s first show of strength was a distributed denial of service raid on the website of Britain’s Serious Organised Crime Agency (SOCA) and its obvious that there will be a Fission of hacks happening around the world. Iranian hackers and nearly 20 other hacker groups have already joined the cause, at the time of writing. Several hundreds would follow.

No one is sure what it may all lead to, but the point worth noting is that Governments are worried, and Anti-corruption gets its first global CyberWarfare. Every citizen should be excited, are you?

A video from NMA tv explains it differently:

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizeron Twitter OR on Facebook Fanpage:

Lulzsec hacker group have been on a hacking rampage since a while now. They have been taking down sites of the CIA, Sony, FBI and a bulk of other large and small companies. Motive behind the hacks has rather been dicey, is it for fun or something else. The document is available on Pastebin and their activities are visible via their Twitter account.

Very recently they hacked released 62,000 username and passwords of a popular porn site. However, the ugly part of the story is that users tend to have similar passwords for all their accounts: mail, facebook and even paypal. Hackers and script buggies have been scanning the password list and discovered that this is actually the case for most users whose username/passwords have been shared in the leak.

If you analyze the password list, its not hard to figure out that a lot of users registered on the porn site are actually people from government organizations. Other than that Google, Yahoo, facebook have already out the accounts corresponding to those ids on hold till user verifies the ownership to prevent all kinds of misuses. However, hotmail and other unpopular email providers are still vulnerable.

What You can do: Staying secure online

Go through the password list and if you are on it, you are probably already in trouble. Going further, make it a habit to have different user/password combos for different sites. Doing so can be hard but if you follow a pattern for passwords, remembering them could be piece of a cake. e.g. you can change the first or last digit of the password based on the domain name. A password that was “pA$$w0rdG” on gmail would become  “pA$$w0rdf” on facebook. Do something similar, but purely your own idea.

What is the Future of LulzSec

Lulzsec would continue to hack down the internet with almost no clear intent. The press release states that for the past month or so they have been causing chaos throughout the internet by attacking several targets and they’re going to bring down more internet laws by continuing their public shenanigans, and that their actions are causing clowns with pens to write new rules for users.

They say that releasing data is just as ‘evil’; however they mock by saying, “This is the Lulz lizard era, where we do things just because we find it entertaining.”

They conclude by saying, “We’ve been entertaining you 1000 times with 140 characters or less, and we’ll continue creating things that are exciting and new until we’re brought to justice, which we might well be.“

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizeron Twitter OR on Facebook Fanpage:

With Visidon AppLock, you can automatically lock access to specified apps when Android device is not handled by the original owner. This would come handy when you don’t want your friends to read your email, gtalk or even access the gallery of photos.

This is much more useful & practical than a Facial recognition unlock on iPhone, but such an app must be days away from iOS as well. Visidon AppLock lets you choose the apps to be protected. Your face is a key to open them! Application uses the frontal camera of your mobile and verifies in real-time that the face matches the one allowed to access the private apps.

The app comes very handy in our day to day life and is a must try. Get a hold of the demo below:

The best part, the app is free, go ahead and start using it.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us @geeknizer on Twitter OR on Facebook Fanpage:

Government has shifted its older ways of monitoring traditional landlines, phone calls, to cell phones and email, while they try to hunt down the criminals and terrorists.

We don’t care about this, coz its for our own safety at the cost of privacy that remains in the hands of officials behind closed doors. But the truth is, giving backdoor access to governments make a business’ data more vulnerable to the bad guys as well.

Which Countries spy on citizens?

Governments in US, UK and EU already monitor citizen’s mode of communications.

How do they do it?

Government may not peek into everything, but the most relevant data like: Email subject lines, mobile phone GPS locations, call histories. Trust me, this data dtogether makes up piles of data that is sent for monitoring to governments.

Julian Assange, head of WikiLeaks,  stated that tech companies, such as Facebook, are so accessible to US intelligence agencies that they act as de facto information gathering sources. You would be surprised to knwo the facts shown in the video below:

EU is working with several telecom giants to assist them in establishing automated data mining for mobiles, email, social networks, etc. This data, however, is not accessible to any human, a unless required. Mostly smart algorithms would determine suspicious activity before they are put under scrutiny.

Backdoors that grant access to the FBI or NSA also serve as tempting targets for everyone else. Whether they are exploited for identity theft, or used to coordinate concentrated cyber attacks from other nations, wiretapping access is a proven weak point in telecommunication security.

Here’s another news video on the topic:

How secure is your online information? Depends on how much attention you’ve gained by posting an update to the web.

via NYtimes

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizer on Twitter OR on Facebook Fanpage:

In August 2010, they found their home in Abbottabad, a suburb which is less than 40 miles from the Islamabad, the capital of Pakistan. Everything about Osama’s compound was extraordinarily unique which brought more and more attention. It was not just 8 times larger than the other homes in the area, it had a lot of physical security in place with 12 to 18 feet walls, guarded by two giant security gates.

Strangely enough, there was barely any communication between this compound and the outer world. There were little to no social activity and had strange forensics. It preferred burning its trash, and there were no open windows for fresh air to come in. Despite the gigantic and costly architecture, it had no means of communications: No internet, no phones.

The secret agencies and the army had no concrete proof, but everything leaded to the same conclusion. No one could afford and match the semantics of this place other than the man himself. Whole of this information was not shared with anyone, and was limited to a small group of people, which made the attack possible.

Background Intelligence (Technology Used to Track Osama)

All of this has a longer history. Joint Special Operations Command or JSOC had been in command for years trying to find tits and bits of information and compile them into something more concrete.

The way JSOC solved this problem still remains a top secret, but it is said that commandos learned basic criminal forensic techniques and then used highly advanced and still-classified technology to transform bits of information into actionable intelligence. One way they did this was to create forward-deployed fusion cells, where JSOC units were paired with intelligence analysts from the NSA and the NGA. Such analysis helped the CIA to establish, with a high degree of probability, that Osama bin Laden and his family were hiding in that particular compound.

These technicians could “exploit and analyze” data obtained from the battlefield instantly, using their access to the government’s various biometric, facial-recognition, and voice-print databases. These cells also used highly advanced surveillance technology and computer-based pattern analysis to layer predictive models of insurgent behavior onto real-time observations.

The military has begun to incorporate such techniques across the services and improvements are on their way in areas where intelligence is gathered, analyzed, and utilized.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@geeknizer on Twitter OR on Facebook Fanpage:

Security researchers have comeup with a new tool that can verify email account existance/genuineness for people at businesses, even if the address hasn’t been published online and lies in a closed private company.

Peepmail assures the delivery of emails to everyone from Apple’s Steve Jobs and Microsoft’s Steve Ballmer to the random guy whose business card you lost. It uses the knowledge of the mail protocol to verify email delivery. Simply stated, its based on the fact that many email servers will inform the email sender whether the address is valid, even before the message is actually sent.

Peepmail does a great job at finding the email address for any person in the world using his first, second name. Peepmail tests permutations of the name until the company’s email server responds with a message that indicates the address is valid. However, peepmail tricks the server, and doesn’t actually sends the email, so the person being looked up has no idea about it.

We tried peepmail to actually locate email addresses of business corporates. With our tests, the app did a good job by giving the right email 50 percent of the time.

For cetain searches, the tool failed to return any email address, thats because some mail servers don’t actually reply back whether an address is valid before getting the email. They just digest every incoming email and later send back an error message only after the offending email is sent.

The developer of the tool claims that the tools is not intended to hurt privacy of the corporates, but its a Proof of concept that shows how vulnerable our email servers are, and how bad our Email security is,  “I created the tool to demonstrate what has been possible for years but very few people know,” he said.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@taranfx on Twitter OR on Facebook Fanpage:

So far, tech nonprofit MITRE has made a lot of progress on the project and the prototype is ready under the name ” the Joint Battle Command-Platform”. It is now under some testing in the simulated battelfields, before it steps into the real army battlefields. The SDK used to develop apps for the Joint battle command platform is called the Mobile/Handheld Computing Environment, and army would releasing the sdk in June 2011 for app developers.

There will be lots of different apps that would empower the soldiers in the fields. There would be app that would provide mapping function that displays location and movements of all the soldiers and help them communicate the strategy better (Blue Force Tracker program). There will be some cloud to phone data exchange rebranded as “Critical messaging” to exchange crucial data like medevac requests and on the ground reporting.

“I was just shown a quick, little, five-minute brief on it – that’s all it took and we were ready to use them,” said Spc. Randy Fite, who like Bui experimented with the JBC-P Handheld prototype during a recent training exercise at Fort Bragg, N.C. He said the app’s blue icons indicating the GPS locations of his fellow Soldiers helped them navigate and coordinate actions during the capture.
“We can know where each unit is in our platoon, and how they’re moving,” Fite said. “It makes the job a lot easier.”

The army would face lots of challenges especially for areas with low or no signal coverage, which is something very common for battlefields.  Also, the army has high hopes on designing a phone hardware that is rugged enough to withstand wears and tears of all sorts.

This android based tablet/smartphone platform would help them phase out the current generation communication system: Nett Warrior – a suite of sensors, other functions which smartphones do much more easily. The complete system of Joint battle command platform would weigh less than 2 pounds, making it way better than Nett warrior.

Army’s aim is to build a core framework that can run on a large number of hardwares and form factors, obviously Android is the best (and only?) option they could have thought about. iOS is way too restrictive as per the officials, among which there are several iPhone lovers.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@taranfx on Twitter OR on Facebook Fanpage:

Apple has integrated this malicious behavior into iOS 4 and its so dirty that it takes automatic backups every time it’s connected to iTunes, then pulls out a lifelong list of your locations, timestamps included. This data can be visualized using iPhoneTracker, showing you complete location history.

Apple uses Cellular tower triangulation and that’s why it always works no matter your GPS is off or out of range. This location data is available to any person (or app) that knows where to look.

How to Disable iPhone location Tracking

Thanks to the Jailbroken app in Cydia, its now possible to escape this apple’s blunder. The app is called “Untrackerd” and it continuously watches and deletes the database that is used by apple to store location data. The app is available for free on Cydia under BigBoss repository, simply search for Untrackerd on Cydia and install it to prevent your iPhone from tracking your location.

The package [will install a] daemon (process that can run in the background) to clean consolidated.db file. No new icons are added to your homescreen. There are no options to configure.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android,  Open Source, Latest in Tech, subscribe to us@taranfx on Twitter OR on Facebook Fanpage:

Read more about how to Jailbreak your iPhone: http://geeknizer.com/untethered-jailbreak-ios-4-3-2-iphone-ipad-ipod-touch

Researchers at UaC & University of Washington have spent years trying to fin security flaws in modern cars which are controlled via mini-computer systems and so far they have identified a bunch of security flaws in cars.

The most interesting attacks were triggered via car’s Bluetooth and cellular network systems, or through malicious software in the diagnostic tools used in automotive repair shops.

The one that interested us was on the Car stereo. By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car’s stereo, this song could alter the firmware of the car’s stereo system, giving attackers an entry point to change other components on the car. This type of attack could be spread on P2P file-sharing networks without arousing suspicion.

“It’s hard to think of something more innocuous than a song,” said Stefan Savage, a professor at the University of California.

The same team had achieved wide Car hacks in experiments in which they were able to kill the engine, lock the doors, turn off the brakes and falsify speedometer readings on a late-model car of 2009. In that experiment, they had to plug a laptop into the car’s internal diagnostic system in order to install their malicious code. In 2010, team also hacked Cars from wireless tyre sensors.

But the latest research, is about remotely controlling cars. The attacks over Bluetooth, the cellular network, malicious music files and via the diagnostic tools used in dealerships were all possible, if difficult to pull off, Savage said. “The easiest way remains what we did in our first paper: Plug into the car and do it,” he said.

Car Hacking: Possibilities & Future

Now, thieves could instruct cars to unlock their doors and report their GPS coordinates and Vehicle Identification Numbers to a central server. “An enterprising thief might stop stealing cars himself, and instead sell his capabilities as a service to other thieves,” Savage said. A thief looking for certain kinds of cars in a given area could ask to have them identified and unlocked, he said.

With the high technical barrier to entry, the researchers believe that hacker attacks on cars will be very difficult to pull off, but they say they want to make the auto industry aware of potential problems before they become pervasive.

Another problem for would-be car thieves is the fact that there are significant differences among the electronic control units in cars. Even though an attack might work on one year and model of vehicle, it’s unlikely to work on another. ”

So far, carmakers have been very receptive to the university researchers’ work and appear to be taking the security issues they’ve raised very seriously.

We write latest and greatest in Tech Guides, Apple, iPhone, Tablets, Android, Open Source, Latest in Tech, subscribe to us @taranfx on Twitter OR on Facebook Fanpage:

Your Gmail account, your photos, your private documents—if you reuse the same password on multiple sites and one of those sites gets hacked, or your password is conned out of you directly through a phishing scam, it can be used to access some of your most closely-held information. Gmail had gone https a year ago, and then OAuth, but that may not be enough if you are careless.

How to Prevent Gmail from Being Hacked

First things first, you should have a long and good password that cannot be memorized by any other person. A combination of a phrase and numbers, special characters is a perfect thing to do. Beyond that, chose a password recovery that you believe no one else can answer.

Beyond those basic preventions, Google has introduced a 2 step authentication, that makes your gmail account almost impossible to hack, almost. You can safely spread out your password and still have no risks of getting hacked, such is the beauty of 2 step authentication.

Go to Gmail’s settings > personal settings and enroll for 2step authentication. A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone.

Once enabled, now on, you’ll see an extra page that prompts you for a code when you sign in to your account. You have 3 different otpions to get this code:

• get called by Google on your phone that will speak the code.
• Receive code via SMS
• Generate code yourself using a mobile application on your Android, BlackBerry or iPhone device.

We write about Google, Twitter, Security, Open Source, Programming, Web, Apple, iPhone,Android and latest in Tech @taranfx on Twitter or by subscribing below:

Most office doors employ magnetic sensors that require a access card to be swiped across to unlock. These magnetic cards have unique magnetic pattern underneath the plastic, which when scanned is matched against a person’s identity.

Among the most popular lineup of Office door lock, Kaba Ilco Simplex lineup has been there for more than 3 decades, and had been pretty much unhackable till 2010. But if you have a strong  magnet, it opens up effortlessly in under 3 seconds.

You devise the Hack, you need powerful rare-earth magnets, which formulates the state-of-the-art attack.

Worst part is,  most other locks that use a combination chamber are equally vulnerable.

How it Works

Normally, these door locks need to capture weak magnetic fields generated in vicinity of a access card or a specific combination of buttons  have to be pressed to make the bolt withdraw. However, when a strong magnet is presented,  it messes with the magnetic field inside the combination chamber, the system scrambles making the bolt withdraw even if no buttons are pressed/ no card is presented.

Kaba, being the industry leader, has fixed the problem with a new combination chamber design in the latest models of its lock, but that won’t change the existing locks that have lying world over in offices since last 3 decades.

The rare earth (lanthanide) elements are metals that are ferromagnetic, meaning that like iron they can be magnetized, but their Curie temperatures are below room temperature, so in pure form their magnetism only appears at low temperatures. However, they form compounds with the transition metals such as iron, nickel, and cobalt, and some of these have Curie temperatures well above room temperature. Rare earth magnets are made from these compounds.

You can buy one of these neodymium magnet for about $10, no experience required.

Warning: This is just for educational purposes, do not hack into someone’s office, you and alone you would be responsible for any consequences.

Alternatively, you can design a a card writer that can hack magnetic locks:

In the above demo, hacker used pre-made connectors so he could easily disconnect and reconnect the device. When you put the reader’s cover back, the Gecko would be hidden behind it.

The card reader also continues to work fine with the Gecko attached. It passes along the signal from the reader to the control system as it’s supposed to. But when someone swipes an authorized card that unlocks the door, Gecko saves that signal.

With that saved unlock signal, the attacker can swipe a ‘replay’ card that tells Gecko to re-send that saved signal, and the doors unlock. What’s more, any saved access logs would only show that the same person who originally swiped the saved signal swiped his card again.

The replay card isn’t anything special, and could be any card. It’s just one that Gecko knows about beforehand. When it sees that card’s code – because the card reader passes it along – Gecko knows to send its saved signal in response.

The device also knows to look out for another card code – again, just a regular card – and in that case, disable the system. Only the recognized replay card can unlock the door. Every other card, authorized or not, will fail.

We write about Security,  Open Source, Programming, Web, Apple, iPhone,Android and latest in Tech @taranfx on Twitter or by subscribing below:

GSM Security is inherently weak and that’s why it was made possible to Hack GSM Security (GSM’s 64-bit A5/1 encryption), last year. However, governments own devices that are worth $50,000, which essentially monitor phone activities for National security.

“GSM is insecure, the more so as more is known about GSM,” said Security Research Labs researcher Karsten Nohl. “It’s pretty much like computers on the net in the 1990s, when people didn’t understand security well.”

Every aspect of the GSM Hack was demonstrated from start to end including scenarios in which GSM networks exchange subscriber location data, in order to correctly route phone calls and SMSs, allows anyone to determine a subscriber’s current location with a simple Internet query, to the level of city or general rural area. Once a phone’s City is known, a potential attacker can drive through the area, sending the target phone “silent” or “broken” SMS messages that do not show up on the phone. By sniffing to each bay station’s traffic, listening for the delivery of the message and the response of the target phone at the correct time, the location of the target phone can be more precisely identified.

GSM Network Sniffer

Researchers replaced the firmware of a simple Motorola GSM phone with their own, which allowed them to retain the raw data received from the cell network, and examine more of the cellphone network space than a single phone ordinarily monitors. Modifying the USB interface, helped them send this data in real time to a computer, which captured every bit of the information.

By sniffing the network while sending a target phone an SMS, they were able to determine precisely which random network ID number belonged to the target. This gave them the ability to identify which of the myriad streams of information they wanted to record from the network. After that, the next step is essentially decrypting the information. ITs not that easy, but was made possible by the way operator networks exchange system information with their phones.

As part of this background communication, GSM networks send out identifying information, as well as “keepalive” messages and empty spaces are filled with buffered bytes. Truth be told, a new GSM standard was put in place several years ago to turn these buffers into random bytes, they in fact remain largely identical today, under a much older standard. Sticking to older standards enabled hackers to predict with a high degree of probability the plain-text content of these encrypted system messages. This, combined with a 2 terabyte table of pre-computed encryption keys (a so-called rainbow table), allows a cracking program to discover the secret key to the session’s encryption in about 20 seconds. (Rainbow tables are usually used in all kinds of Brute-force password hacking).

Many GSM operators reuse these session keys for several successive communications, allowing a key extracted from a test SMS to be used again to record the next telephone call, minimizing the need for recomputation.

The process was demonstrated using their software to sniff the headers being used by a phone, extract and crack a session-encryption key, and then use this to decrypt and record a live GSM call between two phones in no more than a few minutes.

Can something be done about GSM’s security?

Any geek can make such devices and with the help of the open source software, can mimic these hacks. So can we really do something to prevent these kinds of hacks from happening?

“Much of this vulnerability could be addressed relatively easily”, Nohl said. “Operators could make sure that their network routing information was not so simply available through the Internet. They could implement the randomization of padding bytes in the system information exchange, making the encryption harder to break. They could certainly avoid recycling encryption keys between successive calls and SMSs”.

“This is all a 20-year-old infrastructure, with lots of private data and not a lot of security,” he said. “We want you to help phones go through the same kind of evolutionary steps that computers did in the 1990s.”

Worst part is, all the current 3G phones are NOT shielded from this hack. Knowing that 3G is primarily used for Data, its now easy to capture any 3G user’s online activity including their passwords and credit card numbers.

Maybe its high time for GSM consortium to wakeup and address these issues, or atleast learn few things from CDMA networks, which are inherently secure.

Resources:

Rainbow tables, Airprobe, Kraken  srlabs.de
OsmocomBB firmware osmocom.or

PDF Presentation

The Video Presentation can be downloaded here: Part1, Part2.

We write about Security,  Open Source, Programming, Web, Apple, iPhone,Android and latest in Tech @taranfx on Twitter or by subscribing below: