Apple showed off their latest iOS version on WWDC 2013. Well while I love the functionality of the new OS, I am not happy with the design process.
I mean the icons looks as if its designed by a kid with a box by crayons. It has too much of colour and it no way looks like its made by Apple. It seems that someone has installed a Cydia Theme in iOS.
I am sharing some pictures of the new iOS7 do comment your thoughts about it. Do you like it or hate it?
Mac OS X Mavericks uses Windows file sharing by default. Why?
As you already know that Apple OS X uses AFP (Apple Filing Protocol) and Windows uses SMB (Server Message Block), the new Mac OS X uses SMB2 over AFP !
Ok, I know you will say that how does it matter? or You would say it would be easier to share with Windows based computers. Well yes, but one of the most like feature of the Mac OS X, Time Machine over LAN relies on AFP. Third party Time Machine manufacturers have to reverse-engineer AFP to keep it working with the new version of OS X. What more bothering me is that who selected SMB2 ? OS X prior to OS X 10.7 uses open source implementation of SMB , called Samba. (used in popular Linux distro too) With OS X 10.7 , Apple replaced it with their own implementation SMBX.
Yes, you read it correct. A modified charger that can install malwares onto your iOS devices like iPhones and iPads, even though its not jailbroken, it does not even needs your interaction. And it takes less than a minutes of charging to get it infected.
Recently researchers will show a prototype of this charger in BlackHat Security Conference in late July. The prototype of the charge is named “Mactans” which is build on open-source single-board computer called the BeagleBoard,availavle at $45 from Texas Instruments.
Brief description by the researchers Billy Lau,Yeongjin Jang,Chengyu Song.
Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.
In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.
To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off.
India Central Monitoring System the surveillance project is prepared by the Telecom Enforcement, Resource and Monitoring (TREM) and Centre for Development of Telematics (C-DOT) for India Government and being manned by the Intelligence Bureau. According to Anonymous the ICMS can monitor everything you do online, even without a suspicion of crime. This means that the government will have full access to your phone calls, chat logs and e-mails, even without telling you why.
They did not even said it t you that something like ICMS was there, but I have posted a link that has a Govt. document to prove it’s there.
What is the ICMS capable of doing?
The system can monitor content like e-mails, chats, and transcribed call logs etc, documents, web forms, video files, audio files and internet content.
It supports analytics including automated text mining, sentiment analysis, link analysis, geospatial analysis, statistical analysis, social network analysis, transaction analysis, location analysis and fusion based analysis from various sources.
The system should be able to monitor targets like Internet Protocol address, login details, keywords, email, telephone location, new email ID details, IP range, links etc.
It will be capable of complete email extraction including but not limited to address book, inbox, sent, drafts, personal folders, deleted folders etc.
It will allow country wise tracking of IM, Chats & emails.
Real time visualization screens showing results from real-time data and capability to transliterate to other languages.
So basically in short it means that whatever you say , write on the internet or on your phone will be known to Government irrespective of the fact if you are a criminal or a good citizen. Freedom and Privacy has been thrown out of the window by the Government. In India there is no privacy law yet, which can protect you from infringement of privacy and other human rights.
The co-founder of The Pirate Bay Gottfrid Svartholm has been charged with hacking.Together with three others he is suspected of hacking several companies including a bank, from where he allegedly attempted to transfer money. This are the new changes that will most likely mean that Svartholm will remain in prison when his Pirate Bay sentence concludes next month. The charges has been made by a Swedish prosecutor.
“The data breaches involve very large amounts of data from companies and governments, including extensive personal data such as social security numbers and private details,”- Henry Olin.(prosecutor)
In the past we have seen many targeted attacks on platforms line windows and Mac OS X. Now the cyber criminals who are making a targeted attack are using Android Malware. Generally in an email attachment we have seen that there is an infected doc, docx, xls, pdf file. But not there is an apk file (apk file is the extension of all Android apps)
March 24th, 2013, the e-mail account of a high-profile Tibetan activist was hacked and used to send spear phishing e-mails to their contact list. This is what the spear phishing e-mail looked like:
The malicious APK is 334326 bytes file, MD5: 0b8806b38b52bebfe39ff585639e2ea2 and is detected by Kaspersky Lab products as “Backdoor.AndroidOS.Chuli.a”.
After you launch the Android app you will see.
The full text reads follows. Notice notice the use of the mistaken “Word” instead of “World”:
“On behalf of all at the Word Uyghur Congress (WUC), the Unrepresented Nations and Peoples Organization (UNPO) and the Society for Threatened Peoples (STP), Human Rights in China: Implications for East Turkestan, Tibet and Southern Mongolia
In what was an unprecedented coming-together of leading Uyghur, Mongolian, Tibetan and Chinese activists, as well as other leading international experts, we were greatly humbled by the great enthusiasm, contribution and desire from all in attendance to make this occasion something meaningful, the outcome of which produced some concrete, action-orientated solutions to our shared grievances. We are especially delighted about the platform and programme of work established in the declaration of the conference, upon which we sincerely hope will be built a strong and resolute working relationship on our shared goals for the future. With this in mind,we thoroughly look forward to working with you on these matters.
Chairman of the Executive Committee
Word Uyghur Congress”
While the victim reads the message the malware collects the following informations:
Contacts (stored both on the phone and the SIM card).
Phone data (phone number, OS version, phone model, SDK version).
The data does not gets automatically uploaded to C&C server. The Trojan waits for incoming SMS messages (the “alarmReceiver.class”) and checks whether these messages contain one of the following commands: “sms”, “contact”, “location”, “other”. If one these commands is found, then the malware will encode the stolen data with Base64 and upload it to the command and control server. The C2 URL is:
Recently I got a chance to get my hands on the yet to be released HTC One in an event hosted by HTC. I did not get a test device to bring home so I am unable to write a full review. But I will share whatever things I could test and whatever info I could gather from the event.
HTC One is a new Android phone which will be the successor of HTC One X+ and trust me the phone looks great! (yes better than HTC One X+ )
I know some readers of my blog are impatient so I am sharing the tech specs before I write anything more about the device.
Tech specs of HTC One
137.4 x 68.2 x 9.3mm
Qualcomm® Snapdragon™ 600,quad-core 1.7 Ghz
Android 4.1.2 with HTC Sense 6.0
Total storage : 32GB/64GB, available capacity varies1
Playback: .3gp, .3g2, .mp4, .wmv (Windows Media Video 9), .avi (MP4 ASP and MP3)
Embedded rechargeable Li-polymer battery
Capacity : 2300 mAh
Voltage range/frequency: 100 ~ 240 V AC, 50/60 Hz
DC output: 5 V and 1 A
Read the tech specs ? Now see the first look of the real device.
The phone feels very premium with its brushed metal body and crystal clear display on a full 1080p screen which is both technically and visually better than the iPhone Retina Display.
The default browser is great as it score a good number in HTML5 test.
It score 430 in HTML5 Test.
HTC’s new BlinkFeed™ is a nice addition to replace your default Home Screen, it shows content from all the things you like in one place, it also allows you to view your social network feeds, you can also post updates right from the BlinkFeed without opening dedicated app of the social media. And you can customize what content it shows , it can also show your local contents. And while you are browsing through the BlinkFeed , you get a call, after you disconnect you will be in the same position in the BlinkFeed™.
The camera is superb as it can take non stop shots if you go on clicking the shutter button like there is no tomorrow, it will go on taking pictures without bothering you with message like “Capturing…” or “Saving…” like most phones do. Another nice addition to the camera features is HTC Zoe™ which automatically captures up to 20 photos and a 3-second video which makes the photos come alive.
RIP MegaPixel , Long live UltraPixel.
Some interesting features I like about the camera of HTC One is the ability to remove unwanted objects from the pic, like when you taking a photo someone walks past your view. You can now remove that person from the pic with just few touches on the screen.
Conclusion, HTC One will be the premium segment phone, its build quality is top notch and is packed with everything (including Android Jelly Beans out of box) you want from a smartphone.
The device will be available in April 2013. (Price not yet disclosed)
Today I was invited to the HTC One Meet-Up by HTC in Kolkata, Hyatt Regency. If you have been already following my live blog, or even you have not followed it, here is the full details post of the event.
The event as mentioned before was held at a hotel in Kolkata, Hyatt Regency. The Android powered phone HTC One was unveiled today to us. The phone is not yet available in the market and it felt great to be the lucky few who got chance to touch and use the device which the rest of the world could not.
First when we entered the conference room we were greeted by the Senior Manager of Online Communications, Asia Pacific, Shane Chiang. The we interacted among ourselves while hey were getting ready for the presentation. Then the presentation begin, Justin from HTC came forward and gave a wonderful presentation, going through the features and finally the demo of the phone. May be its because of the fact he previously worked in Apple he got this wonderful presentation skills from Steve Jobs’s Keynote. 🙂
Justine from HTC giving the presentation.
About mobile interface and Smartphone Evolution.
Connecting the HTC One to projector for demo.
Going through demo.
BlinkFeed in action.
BlinkFeed has local content too.
Music Player of HTC One
HTC One music player can download artist picture and album art from internet.
Music player can also show you the lyrics of the song.
Its time that we test the devices.
Shane with HTC One
The HTC One
HTC One will release on April 2013
The details review of HTC One coming up in next blog post, stay tuned. (No i have not got a review unit)
And a Big Thank You to HTC for giving me a HTC Bluetooth Stereo Headphones BH S600
A security flaw on Samsung Galaxy Note II has been discovered by Terence Eden that allows you to temporarily bypass the lock screen and have a peek at the users home screen, and lets you speed dial, if your finger has enough speed.