FireChat : Chat Even Without A Network Coverage

by Unknown Thursday, April 10, 2014

Released by Open Garden, a start-up with just 10 employees, aims at facilitating a secured and affordable means of communicating.

Enables users to stay in touch even when there is no internet connection or cellular service in the area.

This app hit the ios market this week and has been attracting quite a bit of attention as it uses the Multipeer Connectivity Framework, an ios feature unavailable until version 7. It establishes a Bluetooth or WiFi peer to peer connection and allows users to chat even without an internet connection.

Now comes the highlight, it allows users far from WiFi and Bluetooth range of each other to chat with each other - connected with a chain of peer to peer users, provided enough users are on FireChat. This feature is ' Wireless Mesh Networking', and has been mainstreamed in ios7.

It’s called wireless mesh networking. And Apple has mainstreamed it in iOS 7. It’s going to change everything. Here’s why.
Read more at http://www.cultofmac.com/271225/appreciated-ios-7-feature-will-change-world/#REvIo1mCQfvQzMUu.99

Open Garden has also built into FireChat the multi-hop connection technology its Android app uses to link long chains of devices together.

Very easy to set up. Everybody just use FireChat, poof !! connectivity for everyone.

It's major use has been identified in disaster affected areas where there may be no established communication links to relief and support. This would provide connectivity even in absence of required links.

Moreover, it can be used anonymously, indicating high level of security. Nearly impossible to determine who the users are. It can't be hacked over the internet, if no internet connectivity is being used.
FireChat's reach so far is limited. When connecting off the grid, iPhone app users have only been able to send text and photos to other FireChat users within a range of 30 to 100 feet.
Google has also been planning to implement mesh networking in context of wearable devices.

Once mesh networking is available for phones running on different softwares, Android and Apple users would be able to communicate with each other, but currently it's only for ios7.

No internet connection, no network coverage: and you're still chatting!! how cool is that.

Have a look for yourselves, at how this app really works :-

Threats to Your Online Safety You Need to Know About - Part 2

by Unknown Tuesday, April 08, 2014

In my previous post, you were introduced to some of the most important weapons used by cybercriminals to bring their imagination to reality. In this post I'll talk about yet more ways that cybercriminals use to get their way.

1. Email Bombing and Spamming

An abuser sending huge volumes of email to a target address resulting in victim’s email account or mail servers crashing characterizes email bombing. If an attacker targets multiple accounts of a mail server, it may have a denial-of-service impact. Email bombing is commonly carried out using botnets as a DDoS attack. Botnets are private internet connected computers whose security has been compromised by malware and are under the attacker’s control. This type of attack is more difficult to control due to multiple source address. Also the bots are programed to send different messages to defeat spam filters.

“Spamming” is a variant of email bombing. Here unsolicited bulk messages are sent to a large number of users, indiscriminately. Email spamming worsens when the recipient replies to the email. This causes all the original addresses to receive the reply. Spammers collect email addresses from customer lists, newsgroup, chat-rooms, websites and viruses which harvest users’ address books, and sell them to other spammers as well.

2. Web Jacking

Here, the hacker takes control of a website fraudulently. The owner of the website has no more control and the attacker may use the website for his own selfish interest. He may change the content of the original site or even redirect the user to another fake similar looking page controlled by him.

3. Cyber Stalking

Cyber stalking is a new form of Internet crime in our society when a person is pursued or followed online. It’s an invasion of one’s online privacy. Cyber stalking uses the internet or any other electronic means to harvest information about the stalkee and harass him or her.

The availability of free email/web-site space and the anonymity provided by chat rooms and forums has contributed to the increase of cyber stalking incidents. Everyone has an online presence nowadays. It’s really easy to do a Google search and get one’s name, alias, contact number and address, contributing to the menace that is cyber stalking.

4. Data Diddling

Data Diddling is unauthorized altering of data before or during entry into a computer system, and then changing it back after processing is done. Using this technique, the attacker may change the expected output and is difficult to track.

5. Identity Theft and Credit Card Fraud

Identity theft occurs when someone steals your identity and pretends to be you to access resources such as credit cards, bank accounts and other benefits in your name. The imposter may also use your identity to commit other crimes.

6. Salami Slicing attack

A “salami slicing attack” or a “salami fraud” is a technique by which cyber-criminals steal money or resources a bit at a time. This is done in such a way that there is no noticeable difference in overall size. The perpetrator gets away with these little pieces from a large number of resources. He thus accumulates a considerable amount over a period of time. The essence of this method is the failure to detect the misappropriation.

7. Software Piracy

Thanks to internet and torrents, you can find almost any movie, software or song from any origin for free. Internet piracy is an integral part of our lives which knowingly or unknowingly we all contribute to. The following constitute software piracy:

Loading unlicensed software on your PC
Using single-licensed software on many computers
Using a key generator to circumvent copy protection
Distributing a licensed or unlicensed (“cracked”) version of software over the internet and offline

8. A Word on Porn

The internet is a huge breading ground of pornography. It has often been subject to censorship on grounds of obscenity. But what may be considered obscene in India might not be considered so in other countries. Since every country has a different legal stand on this subject matter, pornography is rampant online. Yet, according to the Indian Constitution, largely, pornography falls under the category of obscenity and is punishable by law. Child pornography is a serious offence, and can attract the harshest punishment provided for by the law.

Being aware can help you stay away from cybercrime. After all, the internet can be full of good experience if you take preventive measures and keep cyber criminals at bay. Have you ever been a victim or witness of a cyber-crime? Tell us in the comments.

Threats to Your Online Safety You Need to Know About - Part 1

by Unknown Saturday, April 05, 2014

To protect yourselves you need to know about different ways in which cyber criminals can compromise your computer and infringe your privacy. In this first post of a two part series, we discuss a few common tools and techniques employed by cyber criminals. This isn't an exhaustive list by any means, but will give you a comprehensive idea of the loopholes in networks and security systems, which the attacker can exploit.

1. Hacking

In simple words, hacking is an act committed by an intruder by accessing your system without your permission. Hackers are computer programmers, who have an advanced understanding of computers. But they misuse their knowledge for devious reasons.

As for motives, there could be several, but the most common are pretty simple and human tendency such as greed, fame, power, etc. explains them.

2. SQL Injections

An SQL injection is a technique that allows hackers to play upon the security vulnerabilities of the software that runs a website. It can be used to attack any type of unprotected or improperly protected SQL database. This process involves entering portions of SQL code into a web from entry field – mostly usernames and passwords – to give the hacker further access to the site backend, or to a particular users account. When you enter logon information into sign-in fields this information is converted to an SQL command. This command checks the data you’ve entered against a relevant table in the database. If your input data matches the data in the table, it grants you access, if not, you get an error.

3. Cross-Site Scripting

Also known as XSS, is an easy way of circumventing a security system. Cross-site scripting is a hard-to-find loophole in a website, making it vulnerable to attack. In a typical XSS attack, the hacker infects a web page with a malicious client-side script or program. When you visit this web page, the script downloads to your browser and executes. Attackers inject HTML, JavaScript, VBScript, ActiveX or Flash into a vulnerable application to deceive you and gather confidential information.

4. Virus Dissemination

Viruses are computer programs that attach themselves to or infect a system or files, and have a tendency to circulate to other computers on a network. They disrupt the computer operation and affect the data stored – either by modifying it or deleting it altogether.

“Worms” unlike viruses don’t need a host to cling on to. They replicate until they eat up all available memory in the system.

“Trojan horses” are different from viruses in their manner of propagation. They masquerade as a legitimate file, such as an email attachment from a supposed friend with a believable name and don’t disseminate.

5. Logic Bombs

A logic bomb, also known as “slag code”, is a malicious piece of code which is inserted into software to execute a malicious task when triggered by a specific event. It’s not a virus, although it usually behaves in a similar manner. It is stealthily inserted into the program where it lies dormant until specified conditions meet.

Malicious software such as viruses and worms often contain logic bombs which trigger at a specific payload or at a predefined time. The payload of a logic bomb is unknown to the user of the software, and the task that it executes unwanted.

6. Denial-of-Service Attack

A Denial-of-Service (DoS) attack is an explicit attempt by attacker to deny service to the intended users of that service. It involves flooding a computer resource with more requests than it can handle consuming its available bandwidth. This results in server overload. This causes the resources (e.g. a web server) to crash or slow down significantly so that no one can access it. Using this technique the attacker can render a website inoperable. He does this by sending massive amounts of traffic to the targeted site.

Another variation to a Denial-of-Service attack is known as a “Distributed Denial of Service” (DDoS) attack. In this attack many geographically widespread perpetrators flood the network traffic. Denial-of-Service attacks typically targets high profile web site servers.

7. Phishing

This is a technique of extracting confidential information such as credit card numbers and username password combos by masquerading as a legitimate enterprise. Phishing is typically carried out by email spoofing. Cyber criminals use social engineering to trick you into downloading malware off the internet or make you fill in your personal information under false pretenses.

Not all phishing is done via email or web sites. Vishing (voice phishing) involves calls to victims using fake identity fooling you into considering the call to be from a trusted organization. Treat all unsolicited phone calls with skepticism and never provide any personal information.