Wednesday, December 21, 2011

Protect your files and folders

Many of you might have faced this situation. Whenever you try hide some of your personal files or folders , your brother or your friend comes and says damn i never knew you had this file .

You will be thinking can't i have any privacy in ma pc. Yes , you can have all you have to do is simple.

1.First the basic way id to create a password for your user account . In this way you can stop others from accessing your account without knowing your password.

2. If you can't do that , there are many softwares available in the net . you can download and protect your files and folders . The steps will be explained below. Truecrypt and Safehouse are some of the best encryption tools which you can use.

These two work in a similar way only.Here i will explain the working of Safehuse.

1. First you download the software from the internet.(Links are given below) and install it your pc.
 
2. once you have finished installing it , create a new volume which will house your files and folders which you want to be encrypted.

3.  After that open your Explorer by pressing (win key + e) . you can see a new virtual drive. copy all the files and folders which you want to encrypt into it.

4.now goto safehouse explorer and select file and then close volume and you have encrypted all your files.

5. now if you want to access your files and folders just navigate to that houses your SafeHouse volumes and double-click the corresponding volume file to open it. Type the password and you should see all the files and folders under a virtual drive in Windows Explorer again..

note:delete the original contebt after copying it to the virtual drive in step 3 as anyone can access it since it is not password protected.

links.

President of Guyana's website hacked

“To the ignorant observer Israel may appear modern, vigorous and democratic largely thanks to the outrageous bias in Western media and the $$$ whom have become our leaders...now wake up!!!”

This message was posted on the President of Guyana’s official website, which was hacked by a member ‘The Disaster’, from a group named ‘The hacker army’.


The group doesn’t seems to be ‘just another hacker group’. It took down one of the websites www.anonyops.com, used by the famous hacktivist group, Anonymous.
They also took down the ESET Thailand, the official website of ESET antivirus and security solutions.


The president's website hasn't been restored yet.

President of Guyana's website: http://op.gov.gy/index.php

Common mobile application vulnerabilities

Although there a number of vulnerabilities in mobile apps, we will have a look at the three vulnerabilities which are very common. The term ‘mobile application’ refers to both the app as well as the web service.
Unsecure storage of data:
This seems to be the most prevailing issue.
Insecurities in the implementation include,
a)      Storing plain text credentials in a SQLite database
b)      Storing XML files that contain plain text credentials or other sensitive account details
c)       Storing plain text credentials in a system wide database(like accounts.db/Android)

The result of this is that if a mobile device is stolen or lost then the credentials are readily available to pick up. Physical access is not always required. A newbie who has spent five minutes on the Google can find out where you are storing your metaphorical “house keys”.
Some solutions to this problem are to use Android SQL-cipher and also keep in mind about the platform API solutions as well.

Poor session handling:
You will come across pure basic-authorization schemas in SOAP. For those who are not familiar with basic authorization, it means the user’s credentials are sent in the standard basic authorization format (Base 64 encoded username: password).
 The problem occurs when, instead of using a session handling schema, the username/password is sent with every request to the web service as a means of authenticating the user for the requested action. There are many disadvantages to this. Namely if, SSL isn’t in use, the username/password is more vulnerable to get stolen. Additionally, because you haven’t a session to destroy, there is no inactivity lock out. Obviously the credentials are stored on the device and retrieved by the app and then sent in the request on a per-request basis.  
Another session related problem is leveraging device identifiers or client side data to control privileges of a user.

API keys and test accounts:
From the test account credentials along with the test URL, which provided deep insight into the internal workings of an architecture to the personal email addresses of developers(think – social engineering/username enumeration), the list of things put into the source code can be fairly surprising.
                These applications are reversible. Especially the android apps, between dex2jar/apktool/jd-gui, its pretty easy to see things not intended for you. Developers should eliminate any sensitive data prior to sending the code out for production. And make sure you aren’t hard-coding API or encryption keys.

I suggest those interested to check out the OWASP Mobile Top 10 Risks!

12 Chinese hacker groups behind attacks

WASHINGTON - China directs and supports hackers, stealing away billions of dollars of intellectual property and data from US. 12 different government supported Chinese groups perform chunk of china-based cyber attacks stealing critical hi-tech info from US, says US cyber security analysts and experts. The aggressive attacks have signatures which can be linked to certain hacking groups being tracked by US officials.



Former vice-chairman of the Joint Chiefs of Staff, James Catwright says "industry is already feeling that they are at war". The vice chairman is in full favor of strong efforts from the US to hold china and other countries accountable for the cyber attacks. However, it is almost impossible for US to prosecute hackers in china, since it requires concrete proof that the hacking came from a specific region.Your browser may not support display of this image. 


Frustrated officials say, just as during the cold war with Russia, US needs to make clear that there will be repercussions for cyber attacks. The hacking tools include malware that can record keystrokes, steal and decrypt passwords, and copy and compress data, which can then be transferred to the attacker's computer.


Cartwright says, coming up soon would be a full-throated policy by the US, that makes it quite clear for the stealthy attackers, that US is not gonna sit back and relax, rather reporting an attack to the state department, asking the respective country to stop the attack, if the latter doesn’t, US would have the right to stop the server from sending the attack by whatever means possible.


Sources: www.usatoday.com/tech/news/story/2011-12-12/chinese-hackers/51830840/1

Carrier IQ: The pre installed root-kit

Android developer Trevor Eckhart had released information (some pretty
bad info) about a widespread rootkit called Carrier IQ that can track
everything on your phone and even more worse is that it comes
preinstalled on a large number of smart phones including various
Androids, Nokia phones and BlackBerrys. Let us see how it works and
how to get rid of it.

Some time ago Eckhart discovered a hidden application on some phones
that have the ability to log everything on your device from your call
log, location, text messages, etc... This mysterious program is called
as Carrier IQ, and it’s different from the android malware, this
Carrier IQ comes preinstalled by the manufacturer of your phone. 

rootkit is a program with massive privileges and it hides it presence
from the user. It was originally designed to make a log of things like
dropped calls and bad network connections for troubleshooting and
rectification of problems. But manufacturers like HTC and Samsung have
modified it to run in background, completely undetectable.

It can slow down your phone and the big problem is that anyone on the
other side can read your text messages, see what you browse and a lot
of other things.
But phone manufacturers and wireless carriers claim that they aren't
doing anything wrong. And they cannot look at the content of messages,
photos or videos. But Eckhart claims different things. I recommend
reading the Eckhart’s article for a deeper look at how Carrier IQ
works.

Let us see how to detect it’s presence on your phone:
Right now only Android users are the only ones who are able to detect
and remove it.
First of all you need to root your device. Then using the Logging Test App v8 app( it can be downloaded from 
http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110).
You need to run the CIQ Checks task in this app on XDA will tell you
whether it’s running on your system.



If you are running an Android Open Source Project (AOSP) based ROM like Cyanogen Mod then you do not have Carrier IQ on your phone. If you are using a modded version of your manufacturer’s ROM you have chances of Carrier IQ installed. To avoid this either flash AOSP based ROMs or flash ROMs with Carrier IQ removed.

How to remove it from your device:
To remove Carrier IQ from your device you have two options. Either to flash a custom ROM that doesn’t contain Carrier IQ or use Eckhart’s Logging Test App to remove it. For both these things your phone needs to be rooted. The Logging Test App can be downloaded from the Android Market for 1$. Then open that app, select the Menu button and then tap “Remove CIQ”. This will completely remove it from your device.