Blogger World

Security analysts have always believed that fingerprints are a foolproof replacement for passwords and authentication protocols. However, a new development in this matter has literally toppled this theory and altered the game. When fingerprints are used as an authentication protocol, the single biggest concern is what to do if the fingerprint in question gets copied. This is exactly what has been demonstrated by a German hacker at a recent technology convention.
Jan Krissler, a hacker also known as Starbug, recently showcased some rather interesting news at the Chaos Communication Congress (CCC) in Germany. Interestingly, the CCC happens to be Europe’s largest association of hackers so it’s no surprise that this was the location for such a noteworthy revelation. Revealingly, Starbug demonstrated his technique for stealing fingerprints by simply analyzing a few High-Definition pictures of his target, in this case – German Minister of Defence, Ursula von der Leyen.

According to Krissler, faking these fingerprints was far easier than he thought possible. All he needed were a few close-range photos of his target in order to reverse engineer the fingerprints. He gained these photos from several press releases issued by the minister’s office and another that he took himself from a few meters away. With the help of commercially available software called VeriFinger he was then able to replicate the fingerprints of the Defence Minister of Germany, the country with the world’s 4th largest GDP and a leader in several technological and military fields.

After the demonstration, Krissler jokingly added – “After this talk, politicians will probably wear gloves when talking in public.” While that seems like a logical expectation, we doubt that will be the case. But we sincerely hope that politicians heed this warning and demonstration and take care to avert such cases in this modern age of cyberespionage, international cyberwarfare and other technology related crimes.

Krissler aka Starbug, is certainly not new to the hacking of biometric security and authentication techniques. When the Apple iPhone 5S was released in 2013, he successfully spoofed the highly publicized Apple TouchID sensors within 24 hours. He achieved this feat with the help of a finger smudge on the screen, wood glue and sprayable graphene. However, for his latest hack demonstration, it is scary that he does not need physical access to either a device or a finger. Makes you wonder how secure high-level authentication protocols really are.

A notable workaround for this is for users to not think of biometric security as a replacement for passwords or other authentication. While your fingerprints may be unique to you, the fact is they are not a secret. Anyone who is adequately motivated can easily get hands on your fingerprints through several innovative techniques. Instead, biometric security and fingerprint authentication should be used as a supplement for passwords. Starbug also agreed in 2013 by stating – “I consider my password safer than my fingerprint. My password is in my head, and if I’m careful when typing, I remain the only one who knows it.”

Interestingly, another novel hack technique was also showcased at the conference and this is known as “Corneal Keylogging”. This trick allows a hacker to gain someone’s passwords by simply gaining control of the camera of his smartphone. With this control, a hacker can simply read what someone is typing on the screen by analyzing HD photographs of the reflection of the screen in the user’s eyes. This technique may sound implausible to some, but the secondary cameras or front-facing cameras of smartphones today are strong to make this possible.

So while we all hope for and look towards a safe and secure 2015, advanced hack attacks such as this are constantly being built and showcased in all corners of the globe. It just goes to show that when it comes to security, there is no rest for the wicked.

With holidays around the corner and most ecommerce sites throwing away huge offers and discounts, we have to be extra careful against online scams and frauds. In this post today, we have listed down some helpful tips that you can use for safe credit card usage on the Internet.

So, if you usually shop online with your credit card, here are some safety tips you must consider.

Choose Credit Cards Over Debit Cards

If you use your credit card most of the time for online shopping, then you are already following an important security tip. If any fraudulent charges occur on your credit card, you will still have time to report it to your bank and avoid paying for the transaction made on the card. On the other hand, for a debit card, ‘real money’ gets debited instantly, and it may take days before you can reclaim the money. Also, most banks offer zero liability on lost credit cards. If we take HDFC bank into consideration, it states, “If you lose your card, report it immediately to our 24-hour call centre. After reporting the loss, you have a zero liability on any fraudulent transactions made on your card.”

Go a step further – Use a Virtual Credit Card

Another credit card security tip that works effectively, is using a virtual credit card. As the name suggests, this is not a ‘physical card’ and not issued physically. The following are the benefits of using a virtual credit card:

1. A virtual credit card is mostly valid for 21 – 48 hours only, depending on the bank that has issued it.
2. The card can be used for making one payment only.
3. Any unused amount left in the card gets credited back to the customer’s account.
4. A virtual credit card cannot be stolen or cloned, as it is an intangible property.

Know your Online Shoppe

Always go for trusted, well-known, reputable, online shopping sites. This is more important when you are purchasing expensive items. It is also wise to go through the privacy and security policy of the site that you are shopping from. You might come across a site that offers unbelievable deals; but odds are, the deals are fake or not what they appear to be.

Understand What Information Your Online Shoppe Needs

A standard checkout/payment page of most online shopping sites require you to give the following details:

1. Full name as printed on the card
2. Credit card number
3. Expiration date
4. CVV number
5. Shipping/Billing address

But, if the payment page asks for your ATM pin, net banking login ID and password, mother’s maiden name, etc., then you have enough reasons to treat this as a phishing attack. Immediately close the browser, and report the website to the right authority such as Google.

Avoid Public and Free Wi-Fi Networks

This credit card security tip also applies to all kinds of financial transactions that you do online. Avoid using your credit card over public computer network such as cyber cafes and free Wi-Fi. These networks are less secured or have no security against hackers who can spy on your information and misuses it for illegal purpose.

Look for “HTTPS” and pad lock symbol

Before giving away your credit/debit information on the checkout page of any site, always ensure that the URL in browser’s address bar begins with “https://” and is accompanied by a “locked padlock” symbol. If it is otherwise, then do not proceed with the purchase. Go for a safer option such as cash-on-delivery.

The Better way to Protection Against Phishing and Threats be Sure you have a Better Antivirus System on your Computer or Laptop.

Don’t Follow Links in Emails

If you receive an email from your online shopping site about a great offer, and asks you to follow a link to view it, then here’s what you should do. Go to the website by typing its URL in the browser or Google, and verify if it is really hosting any such offers. Never click such links in emails even if they seem to have come from your favorite or a popular retailer.

Have Anti-phishing Protection on Your Computer

Nowadays, it is impossible for normal users to differentiate a fake, phishing website from a real one. Even a professional, neatly done website that seems innocuous, can be a compromised site waiting for you to fall into its trap. Hence, having an anti-phishing protection on your computer can be extremely beneficial. This feature, as the name suggests, automatically restricts user from landing on a fraudulent or phishing website.

If you think you have some more credit card security tips to add to this post, please feel free to leave them in the comment box below. Stay safe!

Recently, Mat Honan’s frightening account of how hackers destroyed his digital life has been making rounds online, scaring nearly everyone who reads it.

Basically, Honan’s digital presence was all but destroyed after hackers managed to delete his Google Account, wipe his iPhone, iPad and Macbook and deface his Twitter account. The reason for the attack, according to one of the people behind it, was “lulz” and to play around with a three-character Twitter name.

Honan’s position as senior reporter at Gizmodo did nothing to provoke nor protect him from the attack. Though he acknowledges his mistakes the affair, most sharply his failure to backup critical data (which everyone should have), his sharpest barbs were for Amazon and Apple, who’s security policies made the hack possible.

Though he acknowledges his mistakes the affair, most sharply his failure to backup critical data (which everyone should have), his sharpest barbs were for Amazon and Apple, who’s security policies made the hack possible.

Though Amazon and Apple have responded by updating their security policies, hopefully to prevent future attacks along the same vector, many have been wondering what they can do to strengthen their security online.
The truth is, no security is perfect and anyone who is a valuable enough target can be bit. But you can make yourself a more difficult target and someone who can not be trivially exploited and you can minimize the damage an attacker can do.
With that in mind, here are a few mostly common sense steps that can get you started to being more secure online.

• Make or Write Smart Password Using Letter, Numerical, Upper & Lower Case: 

A good password should be long, at least eight characters, easy to remember and contain a combination of lower case letters, upper case letters, numbers and symbols. Most importantly, it should not be a word found in the dictionary nor any variation of one.

Also, you should never reuse a password for more than one site and you should never write your passwords down.

If this sounds like a lot, it is. It’s too much for pretty much anyone to do without help.
One solution is to use a device known as a cipher to generate passwords on the fly. For example, you can look at the domain name of the site and generate a password based on it. Basically, to do this, you look at the site you’re at and create a hard-to-guess password from the domain.

For example, facebook might have a password of g1s@v3r$ if you use the cipher of looking at your keyboard and writing the first four letters of the domain “face” using the keys one to the right of the real ones and then breaking up the letters with the numbers 1-4 alternating with the shift function every other time. Look at your keyboard (US) if you are unclear.

Alternatively, you can also use services like LastPass to help you generate, store and automatically fill in passwords. However, these services are a trade off between random, difficult passwords and a new central point of failure. As long as the service itself is secure, you’re most likely fine.

• Two Factor Authentication Attempt:

Matt Cutts at Google recommended this strongly on his blog and I agree.
Two factor authentication simply means that you need two forms of authentication to log into a site. However, they have to be two different forms (not simply two passwords).

One form, obviously, is your password (something you know) but the other is usually something you have. These days, your cell phone is the most likely thing as many services, such as PayPal and Google, will send you a text that you have to repeat to log in. Google also, has its own app for most phones and that’s how LastPass handles its two-factor authentication.

This is an incredibly powerful tool because, even if your password is compromised, which Honan’s attack shows it can be easily in some cases, your account is not. It’s very unlikely, barring drastic steps, someone is going to have both your cell phone and your password. One or the other is possible, even likely, but not both.

If your account offers two factor authentication, turn it on as soon as possible. It’s a very powerful step.

• Personal Information:

A lot of sites will ask you to create backup security questions in case you forget your password. Common ones involve things such as your favorite pets name or the street you grew up on.
The problem is that many of these things can be trivially researched. However, you can beat this by simply lying on the questions.

After all, there’s no rule that you be honest, just that you remember your answer. If you’re asked for your favorite pet, give the name of your childhood imaginary pet. Ideally, your answers should be related enough to the questions to remind you of what you said, but far enough off base that it’s not trivially guessed.

• Credit Card Common Sense Tips:

Credit cards are like passwords, ideally they should not be used more than once and should never be stored. As Honan’s attack showed, even if they aren’t used for financial gain, they can still be used to open up exploits into other accounts.

If you have a bank or a credit card company that will issue single-use credit card numbers, use them. They are immensely powerful. If you don’t, try to avoid storing your credit card numbers and especially about storing one number across multiple accounts.

It might be annoying to re-enter your credit card data every time you want to buy a book on Amazon, but it could be what saves you from a minor hack becoming a major one.

• Bottom Line:

In the end, security is about the trade off between protection and convenience. Most of the things that make you more secure will also take up more of your time.

It’s really annoying to have to find your phone every time you want to log in to your gmail or you have to enter a complex password that’s difficult to guess. Life would be much easier if we didn't have to deal with those things.

But, of course, that isn't practical. The problem is that others don’t value your life, your privacy, your information or your work. They would happily destroy it all, whether it’s for profit, a vendetta or just “lulz”, there are individuals who will not think twice about destroying your world.

If you realize that and that no one is too unimportant to be a target, then it only makes sense to take precautions now. Today’s hassle may save you from tomorrow’s attack.

Soon you will be able to speak on your computer even Whatsapp. It looks like the Whatsapp your messaging service is preparing to get on the web.

The only news coming from the Messaging app Mr. Dyorov Telegram-Founder Powell told Tech Crunch that the feeling that they have been working on since Whatsapp Whatsapp its web version of their web developer Higher Tried to. However Whatsapp information from any web version but a recent search of Android World dot NL Powell has fanned fears. Whatsapp the latest updates in the code Whatsapp Web is written. In addition, the code in the web service to track logging and online Stetson has written about.
However, it can not be taken as definitive evidence that Whatsapp but it seemed to work on the team is engaged in a web functions.

DBT

The smartphone has a lot to do and the problem of why we ended up in front of the battery leads. If you think that your smartphone battery fast Tan is speaking, you can try these methods:

1. Keep it Turn Off

• Bluetooth, Wi-Fi

Turn on Wi-Fi only smartphone, when you want to use. Wi-Fi is also on going out of range, the phone looks for Wi-Fi signal and battery costs will be. Very rarely do people use GPS. Keep it to one of these. Keep it on all the time is also spent batteries. Wi-Fi is a way off: Settings-Wireless Settings-WiFi-off

• Animation

If the battery is the most important thing for you, then turn off the animation in all applications. Style will be reduced, but will increase battery life. Follow this method to: Settings-Developer Options-Drawing let go of all the animation either to reduce or Animation Scale.

• Mobile Data

Take the battery to be completely closed because the phone is not possible to charge, so be sure to Mobile Data Off. The phone will go on, the Internet will not work-related services.

• Location Services

The (Settings-Locations Services) to go into the box to remove the tick mark. Services will be on location, trying to track the location of the phone will spend the battery. When needed, you can location on the service for a while.

2. The lower the as you can These All

• Screen Brightness

Most battery eats screen. Screen, the bigger, the higher will be the bright and high resolution, the more power it needs. If your phone is the screen brightness to the auto mode, then use it, do not keep the brightness around 50 per cent. The battery will cost less. It is an advantage and that it will have less emphasis on your eyes. Especially in times of need such strong sunlight can increase the brightness when viewing photos or videos.

• Screen timeout

Screen timeout means- nothing of the screen will automatically light how long. The lower the screen timeout on your phone, the battery will last much longer. To reduce it to the phone, go to: Settings-Sound & Display-Screen timeout

• The use of cameras and video

When the phone's battery is low, then the deliberate use of camera and video. These two things will require power. When the phone began to feel more warm, to understand that the battery is being spent rapidly and now needs to rest.

3. Things to avoid

• Vibration

Ringtones to phone vibrates more than the voice has to be strong, so if you do not have to keep the phone on vibration mode. Disable it and hold. Follow this method to: Settings-Sound and Display-PhoneVibrate

• Live Wallpaper

Fish floating on the screen of the phone or any other live wallpaper to-use, then you should assume that the battery would cost too much. Instead of a dark color would be nice to wallpaper photos.

• Widgets

Widgets icon they are larger than normal size, which take up more room on the screen of your phone - like the weather or the Facebook and Twitter Widgets tell. Widgets automatically updated every battery feed themselves. Of application icons on the home screen of the phone Do not crowd. Sometimes use the app, do not keep them on the home screen, but went in the Open menu.

• Two Antivirus

Do not use the phone two Antivirus. Some people think that the two Antivirus will make their phone more secure, but it is not. It will make your phone battery will continue to be sluggish.

4. Check Always these things

• How much battery Use

Go to Phones Settings (Settings-Battery Use) to see which applications are spending so much battery. If the application without eating much battery, remove it from the phone.

• 2G or 3G and 4G mode

So much so that you do not have plans 3G mobile company and your phone is running on 3G mode. Which mode is running on the phone, to the Check (Settings-More Settings-Mobile Networks-Network Mode / Preferred network type) visit and are not using the 3G or 4G, 2G mode Bring it. 3G or 4G are used if, but to a place where 3G or 4G service may not go so similar 2G mode, the battery cost will not find the phone 3G signal.

5. focus on application

• Avoid unnecessary apps

These days is full of apps and even free, but that does not mean that you are downloading app poke. Download apps only work if you use some app is closed so you remove them from the phone. Downloading is easy to uninstall unnecessary applications, but what about those useless apps, which were already in the phone, but you do not ever use.

Android app version 4.0 and above has facilities Disable to: Settings-Application Manager-All tab. You do not use the app, press the Open button to Disable. If you do not see the option to Disable, then uninstall it before all the updates. Disable then try again. If you can not understand the service, they do not Disable, or the call may be wrong.

• Properly Close

Application by pressing the Home button will not stop, they just go in Background spend and keep the battery. By then hit the back button to close the app continue until the app to get out of. Or use the Exit button.

• Auto-update

Android phones are updated all day came App. Such updates to both the battery and data overshadowed. Auto Update to Off (Menu-Play Store-Settings-Auto Update apps) Go and Do not auto update set.

• Use bookmarks

(We also have to change the settings in the way, he has to call Android. Android phone may therefore also have different versions that your smartphone is a little different in the way of the process.)

New Delhi (India) Railway Station has recently been Wi-Fi enabled. Do you know that Wi-Fi at public places while your system and data-use are both at risk? What to do then? Wi-Fi at public places such as using some important settings in your computer and take advantage of this feature from the rest:

Hotel on, railway stations, coffee shops, etc. The public Wi-Fi networks are not as safe as you think. Among them is the password, even though you are a network share with the thousands which means that you are taking a risk. While working on the same network and steal someone's username and password to track what others are working on it, very easy to operate. Obviously, you do not want to take any chances. Here are some tell about the settings are any public Wifi networks while on the must-use, even if the network is password protected or not.

1. Turn off sharing

2. Enable Firewall

Don't panic about reports that 99% of malware targets Android devices, but do take precautions to ensure your device is secure


This openness is a boon for the tech-savvy Android user, because pretty much anything on their device that they don’t like can be swapped out for something better. They also tend to be pretty good at not installing apps that might play fast and loose with personal data. For them, Android doesn’t have a security problem.

What about everyone else, though? Android’s status as the world’s most popular smartphone OS means it has hundreds of millions of users who aren’t so clued-in on security. They’re not stupid or lazy: they’re just normal people. They’re the reason so many developers of viruses, other malware and privacy-flouting apps are targeting Android.

Cisco’s annual security report claimed in January that 99% of all malware in 2013 targeted Android devices, while security firm Kaspersky Lab suggested a similar figure of 98% in December last year.

"Android ticks all the boxes for cyber criminals – it’s a widely used OS that is easy to use for both app developers and malware authors alike," said Kaspersky's senior virus analyst Christian Funk, at a time when his company was detecting 315,000 new malicious files every day.

So, does Android have a big security problem? This is a question that is complicated by the fact that many of the companies warning about Android malware are also selling apps and services that promise to protect against it. They have a good view of what’s out there, but also an interest in talking up the risks.

But keeping your data safe on an Android device can be more about taking common-sense steps to minimise your risks, rather than assuming you need to splash out on a monthly security subscription – although there are plenty of choices for the latter if you decide that’s the route for you.

With that in mind, here are five tips for ensuring that your Android device is safe:

1. Be cautious when installing apps

Using the Google Play Store to download apps (or Amazon’s Appstore if you own one of its devices) already makes you among the more secure tiers of Android users – many dodgy apps are distributed through third-party Android app stores rather than the official ones.

Still, it’s best to exercise caution, especially when you happen upon what looks like a brand new version of a popular game. Candy Crush Saga, Angry Birds, Clash of Clans… fake versions of these regularly appear, so if something sets off warning bells (Candy Crush Saga 2, anyone?) it’s worth googling its title and checking its developer’s website to see if it’s a fake.

Also, read the reviews on the Google Play store – a surfeit of one-star reviews is a sign that something's wrong – and check the permissions that an app asks for before you install it. If anything here sets off warning bells – or simply makes you uncomfortable – it's a good prompt to walk away.

2. Watch out for phishing / SMS

Security on Android isn't just about the apps that you install on your phone. As with any device – Android or otherwise – be on your guard for phishing, sites that try to get you to enter personal data and/or credit card details. Text messages and emails can all be phishing methods, and just because you're on your phone doesn't make them less dangerous.

Combating phishing on Android isn't so different from on your computer: useful advice from the Citizens Advice Bureau, Microsoft and Symantec will get you up to speed, while an additional tip is to never tap on a link in a text message from someone you don't know – even if it looks like a company you do business with.

3. Lock screen security

Another point that applies to every smartphone OS, not just Android. Have you got your device's lock-screen settings sorted, so that if it gets stolen, the thief can't access your apps and data? Google’s default settings will see you fair, but there are some third-party apps that take interesting and unusual spins on unlocking the phone.

Picture Password Lockscreen, for example, gets you to unlock your phone by drawing points, lines and circles on any image you like. ERGO scans your ear and then gets you to unlock the device by holding it up to said lug. Fingerprint Scanner LockScreen is a cheeky Android equivalent of Apple’s iPhone 5s’ Touch ID – it pretends to scan your fingerprint, but really it’s just measuring how long your thumb rests on the screen.

4. Consider anti-virus software

If you'd still like to take the extra step of installing anti-virus software – or if you're thinking of putting it on the device of someone else (an older parent, for example) – a number of options are available from the big names of the security world.

AVAST Software's Mobile Security & Antivirus, Bitdefender's Mobile Security & Antivirus, Lookout Security & Antivirus, Kaspersky Internet Security, Trend Micro's Mobile Security & Antivirus, Norton Security antivirus and McAfee Antivirus & Security all have four-star-plus ratings on Google play from thousands of reviewers, with the competitive market meaning they add new features regularly.

Which you choose depends more on which you've used on your computer before, but all offer a good level of security if you're concerned.

5. Consider a parental control app

You can follow many of the steps above, but can your children if they’re using your device, or have their own Android tablet and/or smartphone? A number of companies are trying to help with this challenge too, with parental control software capable of ensuring children don’t install apps that they shouldn’t, or compromise data on a shared device.

Kids Place, Famigo, MMGuardian and Norton Family are four of the most popular examples, with varying features to control what apps are installed, what sites are being visited, and to set time limits on usage – and in some cases, add time as a reward for good behaviour.

Alternatively, you could spend a bit of time getting to grips with Android’s default features to set up different user profiles on a tablet, and make some of them restricted – found via the users option in your settings menu. But parenting skills are also important here: talking to your children about safe usage of their Android device is as important as trying to lock it down for them.

As we near the end of yet another terrific year, we bring to you the top Whatsapp security blog posts. These posts were the most read . Scroll down to begin.

Simple Privacy Tips for WhatsApp Users