Sunday, August 30, 2015

Redefining the connectivty without data plan

I say a good amount of people will turn towards this old-fashioned way to connect to the internet using this method. Only this time it will be over cellular 2G networks rather than the use of dial-up, hard copper, twisted wires and all the troubles we had to go through.

This one-of-a-kind company, Pangea Communications from New York, says that this is the solution to the lack of data packages for people in areas such as Africa. The process is to transform the fundamental data into an inflected sound wave and then send the audio down existing 2G platforms and similar mobile devices. Any sort of mobile unit would get the job done. That is because the audio is transformed straight back into automated data once it is received by the cellular hardware, and then that information is loaded. Furthermore, the concept is that individuals in less developed nations and places without 3G can quickly post to Facebook, check out a Twitter trend, utilize Wikipedia and so on and so forth. In fact, any straight forward data necessitating text function can utilize this method of tonal data exchange via sound without 3G.
The company’s setup works by converting an inquiry for data, something like a website, into a sound wave. It is then sent at sixty-four kbps over the voice channel. Pangea rebuilds that request inside its cloud and yields the content to the channel-able device. There it is converted again into electronic pulses of ones and zeros and displayed as content in a browser. Also, it can be used for email and possibly eventually for a full OS experience, albeit a slow experience.
“Around four billion people globally do not have accessibility to an internet connection. That is more than half of the global populace, says Vlad Iuhas, founder of Pangea, while delivering a speech at an event in New York. “And while some developing areas are beginning to see better 3G net penetration, Africa is not! Africa has eight percent 3G exposure rate.”

Iuhas believes that developing out additional 3G data coverage is not the sole solution to the connectivity downside. Increasing 3G solutions are not going to solve the problems of the cost of online access in the establishing countries. An internet package can price a lot more than twenty percent of an averages person’s salary in a few African cities where 3G is obtainable. Data sites are also expensive and take a lengthy time to build. Consequently, 3G availability in Africa has not changed much in the last couple of years. This solution can be catered entirely, and according to their approach a mobile network company in Nigeria plans on working with them.

Pangea’s service model is unique. Iuhas does not think that low income among Pangea’s targeted sector is a problem. If one thinks about it, there are more than a billion people to sell this to. Interestingly, one opportunity that the company is discovering is to let mobile network operators supply the service to users much like a coordinator for the 3G network. However, one of the problems that cellular networks operators have in developing nations is that people do not comprehend why do they need to buy internet packages. They just do not see any use for it because of that sensed absence of value. So the founder of the organization wants the mobile network operators to offer Pangea’s service to regular mobile voice users to get them to discover the value of the internet. Eventually, this will help create a means for profits producing 3G subscribers.
Living in 2015 makes it hard to believe that the internet can still be used via the old school way, and yet there are billions of people who do not know what the Internet even is.

Saturday, August 29, 2015

Does Indian people also more vulnerable to attack ??

President Obama unveiled a number of proposals to crack down on hackers. It’s great that the government is working on this but we need to do a better job of protecting ourselves.

Another interesting fact is most of the common and default password among US is password123.
Watch out the social engineering .

Evade late OTP's pay with your heatbeat insted

Yet another biometric: your heartbeat.

Android Lock Patterns predictability

Marte L√łge, a 2015 graduate of the Norwegian University of Science and Technology, recently collected and analyzed almost 4,000 ALPs as part of her master's thesis. She found that a large percentage of them­ -- 44 percent­ -- started in the top left-most node of the screen. A full 77 percent of them started in one of the four corners. The average number of nodes was about five, meaning there were fewer than 9,000 possible pattern combinations. A significant percentage of patterns had just four nodes, shrinking the pool of available combinations to 1,624. More often than not, patterns moved from left to right and top to bottom, another factor that makes guessing easier.

Essentials of End Point Encryption

An unofficial blog post from FTC chief technologist Ashkan Soltani on the virtues of strong end-user device controls.

Tuesday, August 25, 2015

MIT's New File System Won't Lose Data During Crashes

MIT researchers will soon present a file system they say is mathematically guaranteed not to lose data during a crash. While building it, they wrote and rewrote the file system over and over, finding that the majority of their development time was spent defining the system components and the relationships between them. "With all these logics and proofs, there are so many ways to write them down, and each one of them has subtle implications down the line that we didn’t really understand." The file system is slow compared to other modern examples, but the researchers say their formal verification can also work with faster designs. Associate professor Nickolai Zeldovich said, "Making sure that the file system can recover from a crash at any point is tricky because there are so many different places that you could crash. You literally have to consider every instruction or every disk operation and think, ‘Well, what if I crash now? What now? What now?’ And so empirically, people have found lots of bugs in file systems that have to do with crash recovery, and they keep finding them, even in very well tested file systems, because it’s just so hard to do.

FTC Can Punish Companies With Sloppy Cybersecurity

The Congressional act that created the Federal Trade Commission gave that agency broad powers to punish companies engaged in "unfair and deceptive practices." Today, a U.S. appeals court affirmed that sloppy cybersecurity falls under that umbrella. The case involves data breaches at Wyndham Worldwide, which stored customer payment card information in clear, readable text, and used easily guessed passwords to access its important systems.

Saturday, August 22, 2015

Languages over time

GitHub is a web-based repository that operates on the functionality of a 'Git,' which is strictly a command-line tool.

With 10 Million users as of today, the platform has become the primary source of housing open source software that is free of cost available to the world at large.

A look at the picture of programming trends on GitHub over recent years is actually a look at how the computer world is evolving.
non-forks_v3 jpg 002

Top 10 Programming Languages

Here are the Top 10 Programming Languages on GitHub today:
  1. JavaScript
  2. Java
  3. Ruby
  4. PHP
  5. Python
  6. CSS
  7. C++
  8. C#
  9. C
  10. HTML

Yes, Java programming language topped the race. There was a time when Java was most likely to be used by big banks and other enterprise companies that build very private stuff.

However, GitHub's data shows that Java grew more than any other programming language since 2008 and is being as a forefront of languages used to build open source software.

Java's rise is also due to growing Android popularity, as Google made Java the primary language for developing applications on Android smart devices.

Java is followed by Ruby, PHP, Python, and C#.

The rank is calculated by a GitHub project called Linguist, which listed languages by their adoption in public and private repositories, excluding forks.

Creepy Cisco Attack

This is serious:
Cisco Systems officials are warning customers of a series of attacks that completely hijack critical networking gear by swapping out the valid ROMMON firmware image with one that's been maliciously altered.
The attackers use valid administrator credentials, an indication the attacks are being carried out either by insiders or people who have otherwise managed to get hold of the highly sensitive passwords required to update and make changes to the Cisco hardware. Short for ROM Monitor, ROMMON is the means for booting Cisco's IOS operating system. Administrators use it to perform a variety of configuration tasks, including recovering lost passwords, downloading software, or in some cases running the router itself.
There's no indication of who is doing these attacks, but it's exactly the sort of thing you'd expect out of a government attacker. Regardless of which government initially discovered this, assume that they're all exploiting it by now -- and will continue to do so until it's fixed.

Force Your USB to erase your data anytime

A hacker, who also anonymously goes by the alias Hephaest0s, has just published an excellent anti-forensic wipe out software referred to as – usbkill. For those of you taking the name too literally, don’t fret, the software does not exactly do what the term “usbkill” may imply. Instead, the software maintains its observation on what is connected in your current USB slots, as well as also powers down your laptop or computer quickly if something shifts.
The software’s main concept is that it maintains its observation upon exactly what is connected directly into your USB plug-ins and, along with several adjustments, powers down your laptop or computer quickly.
Say for instance, you are notified that a police officer is outside your house, you would stop off your hard drive operating applications on all your PC systems, as well as position all your personal disk drives and USBs into a commercial de-magnetise for bulk chafing. Essentially, you may as well just dispose of them in a trash can and burn them. What if usbkill had been available to Sabu and the rest of LulzSec? – but what is history, is now history.
Furthermore, burning up or de-magnetising has been the primary convenient technique for online criminals and software and movie pirates. These individuals may then get away from law enforcement officers with absolutely nothing but a huge heap of clean devices and unused tapes as proof – nothing to see here.
In times like these, law enforcement officials  are eager to get evidence from computer systems while they are still operating and logged in. This allows them to utilize their particular unique keys to obtain access and take you by surprise, making your previous data removal procedure useless.
If power is maintained to your PC, the police officers would not need to get hold of your personal security passwords to gain access to elements like documents, Facebook, Twitter, other social media accounts, and networking links, etc. These people may be in a position to acquire information from storage drivers that will disclose important things, such as login details and passkeys for many of the accounts that you accessed recently, and a full record of the web pages that you have previously viewed.
However, with Hephaest0s’s “usbkill” tool, all an individual is required to do is eradicate the 3G device, or detach the dongle that runs your computer mouse. After this procedure, all the splendid necessary data files in storage are destroyed, even though the program code is composed in Python and requires to operate regularly as root.
Which leaves you to ponder over the fact: what if usbkill by itself is not hackable? Or if the police obtains your laptop or computer? In these cases, your current protective utility might end up becoming merely the very Elevation of Privilege or EoP—EoP is the easy way to get started in threat modeling and is a core component of the design phase in the Microsoft Security Development Lifecycle (SDL). The EoP card game helps clarify the details of threat modeling and examines possible threats to software and computer systems—toolkit that requires the cyber forensics crew to sift through your PC thoroughly.
Hephaest0s indicates that anyone can prevent this particular issue by applying a cable fastened USB key to either your hand or your wrist. Of course, usbkill will not help prevent the police from asking you to re-start you’re now shut down laptop or computer, but legalized safety for this appears to differ from region to region. Nevertheless, given that an individual does not have to disclose their security password, one can attempt to maintain a right when questioned by officials to reveal the exact content of data files.

Fastest and new filesystem BCACHEFS

First announced over five years ago, ex-Google engineer Kent Overstreet is pleasured in announcing the general availability of a new open-source file-system for Linux, called the Bcache File System (or Bcachefs).

Bcachefs is a Linux kernel block layer cache that aims at offering a speedier and more advanced way of storing data on servers.

Bcachefs promises to provide the same performance and reliability as the consecrated EXT4 and XFS file systems while having features of the ZFS and Btrfs file systems.
Features that Bcachefs Supports

Bcachefs supports all the features of a modern file-system, including:
  • Checksumming to ensure data integrity
  • Compression to save space
  • Caching for quick response
  • Copy-on-Write (COW) that offers the ability for a single file to be accessed by multiple parties at once
What's coming next for Bcachefs

It seems that some of the features in Bcachefs are limited or missing, which includes:
  • Snapshots
  • Erasure coding
  • Writeback caching between tiers
  • Native support for SMR (Shingled Magnetic Recording) drives and raw flash

However, in the future, Bcachefs will support all the advanced features, including Snapshots that allow the operating system to automatically make backups of data.

So far, The Bcachefs on-disk format has not been finalized, and the code is not ready for the Linux kernel.
For trying out Bcachefs for yourself, you can grab the code from here. But, do not expect 'completed' code anytime soon, as Overstreet warns that "Bcachefs won't be done in a month (or a year)." So I recommend you to wait a little longer.

For more details about Bcachefs and its current limitations, you can go here to read its official announcement.