IP Source

Monday 30 January 2012

Defending your Cellphone from Malware

Kate Murphy (NY Times) writes that as cellphones have gotten smarter, they have become less like phones and more like computers, and that with more than a million phones worldwide already hacked, technology experts expect breached, infiltrated or otherwise compromised cellphones to be the scourge of 2012. Cellphones are often loaded with even more personal information than PCs, so an undefended or carelessly operated phone can result in a breathtaking invasion of individual privacy as well as the potential for data corruption and outright theft.
But there are a few common sense ways to protect yourself: Avoid free, unofficial versions of popular apps that often have malware hidden in the code, avoid using Wi-Fi in a Starbucks or airport which leaves you open to hackers, and be wary of apps that want permission to make phone calls, connect to the Internet or reveal your identity and location."
"One common ruse is a man-in-the middle attack when a target receives a text message that claims to be from his or her cell service provider asking for permission to 'reprovision' or otherwise reconfigure the phone's settings due to a network outage or other problem. Don't just click 'O.K.' to remove a pop-up! Call your carrier to see if the message is bogus or genuine. For the more paranoid types (me), there are supersecure smartphones like the Sectéra Edge by General Dynamics, commissioned by the Defense Department for use which may soon be available to the public in the near future. 'It's like any arms race,' says mobile security consultant Michael Pearce. 'No one wins, but you have to go ahead and fight anyway.'"

RAND - Israel and Iran

RAND Corporation has just released a new mongraph (free in PDF format) entitled: Israel and Iran - A Dangerous Rivalry. At 118 pages, it is a bit of a read. The authors, Dalia Dassa Kaye, Alireza Nader, Parisa Roshan, have presented another 'clue' to this puzzle we call the Middle East. However, the comparisons (again) are more than cautious, and attempt to 'retool' the Arab posture, calling a nuclear Iran 'a challenging perspective' as if it is their right as opposed to a privilege. To say the West needs to 'debate' on these policies, only reinforces the legitimacy of possession for nuclear, of course, under the guise of 'peaceful' usefulness, is not easily entertained. The Arab Spring has only reinforced the idealism and political doctrine of Iran, a few tottering regimes simply relabeled, a new improved, does not make. RAND Corp monograph 

Sunday 29 January 2012

Do you use one of these phones?

Third generation GLONASS-K is a substantial improvement of the previous generation: it is the first unpressurised GLONASS satellite with a much reduced mass (750 kg versus 1,450 kg of GLONASS-M). It has an operational lifetime of 10 years, compared to the 7-year lifetime of the second generation GLONASS-M. It will transmit more navigation signals to improve the system's accuracy, including new CDMA signals in the L3 and L5 bands which will use modulation similar to modernized GPS, Galileo and Compass. The new satellite's advanced equipment—made solely from Russian components—will allow the doubling of GLONASS' accuracy. As with the previous satellites, these are 3-axis stabilized, nadir pointing, with dual solar arrays.The first GLONASS-K satellite was successfully launched on 26 February 2011. Because of their weight reduction, GLONASS-K spacecraft can be launched in pairs from the Plesetsk Cosmodrome launch site using the substantially lower cost Soyuz-2.1b boosters or in six-at-once from the Baikonur Cosmodrome using Proton-K Briz-M launch vehicles.


Ground control

The ground control segment of GLONASS is entirely located within former Soviet Union territory. The Ground Control Center and Time Standards is located in Moscow and the telemetry and tracking stations are in Saint Petersburg, Ternopol, Eniseisk, and Komsomolsk-na-Amure.

Receivers

Septentrio, Topcon, JAVAD, Magellan Navigation, Novatel, Leica Geosystems and Trimble Inc produce GNSS receivers making use of GLONASS. NPO Progress describes a receiver called "GALS-A1" which combines GPS and GLONASS reception. SkyWave Mobile Communications manufactures an Inmarsat-based satellite communications terminal that uses both GLONASS and GPS.As of 2011, some of the latest receivers in the Garmin eTrex line also support GLONASS (along with GPS).

Various smartphones from October 2011 onwards have integrated GLONASS capability, including devices from Sony Ericsson, ZTE, Huawei, Samsung, Apple, Motorola, and Nokia.

FLIR & Harris Support Tier II ARES’ Flight

Partnering with Aurora Aerospace, and VDOS LLC, FLIR Systems announced the successful flight of the Tier II ARES Multi-Mission UAS simultaneously with FLIR's Star SAFIRE(r) 380-HD camera and multiple Harris Communications radios.

Hosted by at USMC Camp Pendleton this experiment was a first for this type of communications capability.

"As unmanned systems continue to redefine the modern battlefield, FLIR Systems is committed to providing the technology that can be successfully integrated into these important platforms," said Bill Sundermeier, President, FLIR Government Systems Division.

FLIR's Star SAFIRE 380-HD is the world's first and only full high-definition system, boasting a full spectrum, single LRU EO/IR imaging system. The stabilized multi-sensor is one in a family of four high-definition multi-sensors that all share a common interface for added flexibility and easier installation and integration.

"FLIR's 380-HD was selected due to its rugged, durable and proven capabilities," says Myles C. Newlove, President and CEO of Aurora Aerospace. "Its performance during these initial testing phases has been thoroughly impressive and serves as a great complement to the team of Aurora Aerospace and VDOS."

The Ares UAS is uniquely capable of acting as a communication relay due to its best in class payload capability of greater than 150lbs and eight+ hour endurance. This combination provides Marines ashore with the ability to maintain secure communications with ships off shore regardless of the terrain, by serving as an airborne relay, providing Beyond Line of Sight (BLOS) communications even in mountainous terrain and eliminating the need for a satellite relay.

Using Harris tactical radios receiving voice and video from the Ares UAS, Marines were connected to the USS Makin Island located approximately +50 nautical miles off shore. This is the first time such a capability has been integrated into a Tier II UAS platform.

How To Disable Google Analytics

Google Analytics is a website tracking software which can track your IP address, browser information, operating system, country and more when you visit a website. This information is usually available with both Google and also with the website you visit.

Google Analytics Logo

Google Analytics is not the only one who collects such information and several websites may use different analytics software to do it, and may also have their own internal tracking. Disabling analytics cannot be done through a simple JavaScript block since many website analytics software also use image tracking.

Most of the analytics software do not provide end-users with a way to opt-out. However, Google does provide users with an option to disable Google Analytics using browser based add-ons for Firefox, IE and . We had written about the Google Analytics Blocker in the past and you can download the add-on for your own browser by visiting this URL.

Once you install this add-on Google Analytics will no longer track your visits to websites which make use of their service. We will keep an eye for other services which disable analytics for other services and let you know once we come across something.

Friday 27 January 2012

Former IDF Chief: Israel Must Prepare for War

Former IDF Chief of Staff Gabi Ashkenazi warned, Thursday, that Israel could not afford to cut its defense budget and should prepare itself for war.

“In comparison to 10 years ago, the possibility of a conflict is not something that we just need to talk about," Ashkenazi said during a lecture at the Institute for National Security Studies in Tel Aviv.

"We never saw it coming. It happened on my watch, so it must be said. But if it's any consolation, Egypt never saw it coming either," Ashkenazi said of the so-called Arab Spring protests that have no turned into an Islamic winter in elections throughout the Arab world.

"The Middle East's plates are shifting. What the Egyptian army didn't know, I couldn't have known. (Egypt's) leaders did not know either," he said, adding the ultimate strategic picture was still changing.

Ashkenazi told attendees that confronting Iran's nuclear ambitions required a multi-disciplinary approach that included covert, economic, and potentially military action.

"In my opinion, the strategy vis-à-vis Iran should be to do whatever is possible under the radar coupled with painful and crippling sanctions. However, we should also keep a viable military option on the table," he said.

While Ashkenazi said sanctions were having an effect on Iran, he warned that time was running out since the Iranian nuclear program was moving forward at a rapid pace.

“Our mission now needs to be to slow down the clock and to speed up the clock of sanctions and hope that it works,” he said.

Ashkenazi cautioned that Iran's strategic acumen should not be overestimated, saying Tehran had made some strategic blunders and was threatening to make others as pressure mounts.

"I believe Iran would be making a strategic mistake if it blocks the Strait of Hormuz. Another mistake was trying to kill the Saudi ambassador at a restaurant in the US capital. The Iranians are liable to make more mistakes under pressure," he said.

Ashkenazi served as IDF chief of staff from 2007 until 2011 and certainly played a key role in preparing the military for a possible attack against Iran’s nuclear facilities. A 2007 strike against Syria’s nuclear reactor widely ascribed to Israel also happened on his watch.

Ashkenazi, who oversaw operation Cast Lead in 2008-2009, said the new regime in Cairo made a new Gaza incursion a "complex" undertaking.

"The possibility of conducting another extensive operation in Gaza has become more complex following the events of the past year in Egypt and the change of government in that country," he said.

"I think that this government will not act like Mubarak. I do not think he was a Zionist, but you cannot ignore the fact that he was an anchor of stability in the region considering the not-so simple tests he passed – the wars in Lebanon or the intifada."


eToolz Wraps Up the Most Used Network Tools into One Place

eToolz is a portable network collection tool that brings probably the most useful network or web tools into one place. The network tools included in this tool are:
  • DNS query
  • Ping
  • Trace
  • Whois
  • Mail-Check
  • HTTP-Header
  • Time
  • PageRank
  • Lists, and
  • IPConfig
Each tool occupies one tab in the tool, and displays the information at the bottom.
image

Thursday 26 January 2012

Signature Generator

Signature Generator converts a text-based e-mail address and creates a picture that can be placed on a web page. Picture contains the email address which can be easily read by a human. Crawlers, which search for e-mail addresses, could not realize such types of emails. Email generator creates an image file which can be read by anyone except robots. Right click on the generated email, choose "Save Image As..." and save the picture to your PC, then upload it to your server.

Here:
 A simulation conducted at INSS in late October 2011 staged responses to a scenario of Iran carrying out a nuclear test. The simulation process and the analytical discussions that followed represent one of the functions of the Institute: to anticipate potential future situations in order to comprehend the risks and dangers they pose, and in turn help prepare for them. The simulation does not imply that Israel has come to accept a situation of a nuclear Iran.


Among the principal findings of the simulation: Iran does not intend to forfeit the nuclear weapons in its possession, but will attempt to use them to reach an agreement with the major powers to improve its strategic standing; the US administration exerted pressure on Israel not to wage a military strike against Iran, with an implied threat that Israeli military action would harm US-Israel relations; in response to the new situation, Russia proposed to establish a Russo-American defense alliance that would ensure the security of the Middle East state members; Israel's military option stands to be a significant lever, if not vis-à-vis Iran, then for some of the main players; and Iran’s crossing the nuclear threshold will prompt Saudi Arabia to strive to reach a strategic balance with Iran.

Iran: A Strategic Simulation

The web's worst privacy policy

"With much of the web upset over about Google's latest privacy policy changes, it's helpful to remember it could be much worse: A search engine called Skipity offers the world's worst privacy policy (undoubtedly tongue-in-cheek), filled with lines like this: 'You may think of using any of our programs or services as the privacy equivalent of living in a webcam fitted glass house under the unblinking eye of Big Brother: you have no privacy with us. If we can use any of your details to legally make a profit, we probably will.' The policy gives the company the right to sell any of your data that it wants to any and all corporate customers, send you limitless spam, track your movements via GPS if possible, watch you through your webcam, and implant a chip in your body that is subject to reinstallation whenever the company chooses."

Certain Videos Are Not Playing In Windows Media Player?

Windows Media Player has evolved a lot with the newer version of Windows like Windows 8 and Windows 7, but still it does not support some of the video formats. Since there are a large numbers of Video formats and they are not all supported, there are codec packs available one of them being K Lite Mega Codec Pack. But the problem arises when one or more of these codecs go bad or corrupt. One of the easiest way out is to use a freeware program like VLC Player which can play it all, but not all like its interface and it does not provide all the features and aesthetics of Windows Media Player. Find the K-Lite codec pack here.

DATR Feb 14 - Arlington, VA

Join senior defense officials and discover where priorities and opportunities exist beyond the FY 2013 budget and hear first-hand how programs are implementing affordable and effective designs:

Shay D. Assad, Director Defense Pricing, OSD
Capt David T. Bishop, PM, OHIO Replacement (PMS397)
Dr. Reginald Brothers, (DASD-R), OSD
Cary Chabalowski, Associate Director for Plans & Programs, ARL
Richard T. Ginman, Director, DPAP, OSD
Robert F. Hale, USD (Comptroller) & CFO, OSD
Lt Gen Larry D. James, Deputy Chief of Staff for ISR, HQ USAF
Frank Kendall, Acting Under Secretary of Defense for AT&L
Richard McKinney, Deputy Under Secretary for USAF Space Programs
Lt Gen Richard P. Mills, Deputy Commandant Combat Development & Integration, HQ USMC
Lt Gen Patrick O'Reilly, USA, Director of Missile Defense Agency
Dean Peebels, Deputy Director Infrared Space Systems, USAF SMSC
Dr. Jennifer C. Ricklin, Chief Technologist, AFRL
David M. Van Buren, Air Force Service Acquisition Executive
Rusty Weiger, US Army Deputy PEO for Aviation

Go here for more information and to register.

MIT OCW - France, 1660-1815: Enlightenment, Revolution, Napoleon

A painting of Napolean Boneparte after he ascended the French throne. In it, he is wearing furs, red, white, and golden robes, and a golden laurel wreath around his head.

This course covers French politics, culture, and society from Louis XIV to Napoleon Bonaparte. Attention is given to the growth of the central state, the beginnings of a modern consumer society, the Enlightenment, the French Revolution, including its origins, and the rise and fall of Napoleon.http://ocw.mit.edu/courses/history/21h-346-france-1660-1815-enlightenment-revolution-napoleon-spring-2011/

Wednesday 25 January 2012

STRATFOR site now has free access.

After last weeks web site hack of the popular security think tank, they now have allowed access to all. But not information is available. Even I received an email stating that fact, but as an inclusio, was also attached with some surprising comments, now know to be from the hacker group itself. There are some excellent reports available, without the need to subscribe.

Temporarily, our site is free to all visitors.Explore Stratfor.com to access subscribers-only analysis.

Stratfor is a subscription-based provider of geopolitical analysis. Subscribers gain a thorough understanding of international affairs, including what's happening, why it's happening, and what will happen next.

While Google is currently dealing with disgruntled investors over not meeting projected fourth-quarter profits, the search giant is rolling out a revision to privacy policies that may concern consumers.

Announced on the Official Google Blog earlier today, Google will be simplifying how the privacy policy is structured across more than 60 different Google products on March 1, 2012. Users will definitely benefit from the simplicity of a single document regarding privacy instead of sixty policies, but may not like the company direction stated within the blog post. As outlined in the revised privacy policy and terms of service, any user action on one of those 60 products can be shared between other products. While this system already allows the user to use one single sign-on to work across many different Google products, it will also tie into how aggressively Google inserts targeted recommendations into the user interface on all current and future Google products. 

How it works:

When a user that watches several live recordings of Katy Perry performances on YouTube, they may find a targeted advertisement for Katy Perry show tickets when they log into their Gmail account. Another example of this practice could involve Google recommending that the user follows Starbucks Google+ brand page after the user utilizes Google Maps to search for a nearby location of the popular coffee chain. With user content like emails, Google+ posts, YouTube videos and search queries already being plugged into this sharing algorithm, users can expect to see more frighteningly relevant Adsense ad placements across the Web as well as intuitive recommendations when using other Google products. 
This definitely doesn’t constitute a major shift in how Google has shared information between products over the past few years, but rather just simplifies the process on Google’s end when rolling out new products and making changes to existing products. If anything, today’s blog post is more of a disclosure of existing practices rather than a major shift in company strategy. As mentioned in USA Today, Peter Eckersley, the Electronic Frontier Foundation’s technology project director, stated that “It has always been the case that Google kept effectively linkable records of our uses of Gmail, Search, Maps and Market for Android, and other services. Only very sophisticated users have ever been able to remove any of that linkability, and that remains the case today.“ 

How do I opt-out?

In short, it’s currently impossible to opt-out and keep the account. Privacy experts are very concerned about Google’s complete lack of an opt-out policy within this new policy revision. When a user signs up for any of the 60+ Google products after March 1, they will be automatically opted into this new sharing policy. According to Common Sense Media chief executive James Steyer in a Washington Post interview, he stated “Even if the company believes that tracking users across all platforms improves their services, consumers should still have the option to opt out — especially the kids and teens who are avid users of YouTube, Gmail and Google Search.” As the privacy policy is currently structured, the only way to opt out of Google’s tracking is to delete the account.
Google plans to notify all current Google product users of the policy change in an upcoming email as well as messaging that will appear across various Google sites. However, this new policy will not apply to Google Chrome, Google Books or Google Wallet. While Google believes that this shift will help consumers understand privacy more clearly, privacy advocates are extremely skeptical. According to Center for Digital Democracy director Jeffrey Chester, he stated “There is no way a user can comprehend the implication of Google collecting across platforms for information about your health, political opinions and financial concerns.”
This announcement of company direction is a transparent attempt at competing with Facebook and Apple. Both of those companies utilize a unified platform in regards to rolling out new products and features, something that Google hasn’t been able to produce due to fragmentation between products within the company. Google is also dealing with a backlash from critics regarding how the company integrated Google Plus posts into search results. The response from social networks Facebook and Twitter involved the creation of the “Don’t Be Evil” add-on for Web browsers which strips the Google+ information from a search result page

Google's new Public Alerts feature lets you find emergency information about your area, in real time.

Finding out information about emergencies in your area just got easier. Google announced today its new Public Alerts feature, which incorporates real-time emergency information with Google Maps. The service allows users to search their area, and discover any potential impending doom.
“If a major weather event is headed for your area, you might go online to search for the information you need: What’s happening? Where and when will it strike? How severe will it be? What resources are available to help?,” writes Google on its Official blog. “The Google Crisis Response team works on providing critical emergency information during crises. Our goal is to surface emergency information through the online tools you use everyday, when that information is relevant and useful.”
The Public Alerts system includes “relevant weather, public safety and earthquake alerts” from the US National Oceanic and Atmospheric Administration (NOAA), the National Weather Service, and the US Geological Survey (USGS).
A visit to the Public Alerts page automatically shows a list of current emergency warnings across the country, with corresponding points on the map. To find out if your area has any impending warnings, simply search your location, or a location where you plan to travel, and any ongoing emergency notifications will be displayed. If any alerts appear, simply click on the item on the left sidebar to see more details about the emergency situation.
If no notifications exist, the results will come up empty. Based on Google’s description, it appears that it works best if you know the type of emergency to look out for, like flooding or a blizzard.
Google stipulates that Public Alerts is, like most Google products, a work-in-progress. “We’re learning as we go and we’re working hard to continuously improve the range and relevance of the content you see, so we’d really like your feedback,” the company rights. To let Google know about any problems or suggestions, click on the link that appears on the bottom right corner of the Public Alerts page.

Tuesday 24 January 2012

TOR

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships,  via traffic analysis.

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Go to tornetwork.org

Megaupload Shutdown: Should RapidShare and Dropbox Worry?

An anonymous reader sends in an article discussing whether other commonly used file storage sites are in danger of being shut down now that Megaupload has been closed. Quoting: "In the wake of the crackdown on the file-sharing website Megaupload, sites offering free content-sharing, file linking and digital locker services, such as RapidShare, SoundCloud and Dropbox, could be next in the crosshair of anti-piracy authorities. ... RapidShare and MediaFire are two of the biggest services left after Megaupload's exit. However, these sites have undergone a revamp, and now ... no longer host pirated content that could lead to a permanent ban. Others in the line of fire are DropBox, iCloud and Amazon S3, which support hosting any file a user uploads. Though their intention of supporting open file-sharing is legitimate, there is really no control over the type of content being uploaded."

Tales of IT Idiocy

"IT fight club, dirty dev data, meatball sandwiches — InfoWorld offers nine more tales of brain fail beyond belief. 'You'd think we'd run out of them, but technology simply hasn't advanced enough to take boneheaded users out of the daily equation that is the IT admin's life. Whether it's clueless users, evil admins, or just completely bad luck, Mr. Murphy has the IT department pinned in his sights — and there's no escaping the heartache, headaches, hassles, and hilarity of cluelessness run amok.'"

Nano-Scale Terahertz Antenna May Make Tricorders Real

"Researchers from Imperial College London and A*STAR in Singapore have shown off a terahertz antenna that's just 100 nanometers across — about 30,000 times smaller than existing terahertz antennae — and two orders of magnitude stronger than other T-ray beam-forming techniques. T-rays are a lot like EHF (extremely high frequency), which is used by millimeter wave scanners in airports, medical imaging, and emerging wireless networking standards like WiGig — but stronger, faster, and more detailed. Where EHF radiation can see through your clothes, T-rays can penetrate a few millimeters of skin. Furthermore, because atoms and molecules have a unique terahertz-range signature, T-ray scanners can detect toxic substances, bombs, drugs — or even cancerous tumors under your skin. Most importantly, though, due to the nano scale of these antennae, it's possible to create huge antennae arrays on a single silicon chip, meaning hand-held T-ray scanners are now a possibility. In the not so distant future, every household might have a Star Trek-like tricorder capable of detecting cancer or other diseases."

Steganography with WinRAR

I've been asked, how to distribute a secure file that can be camoflaged to look benign as a picture and pass through a firewall, using port 80 (HTTP). Simple.


You need WinRAR or other file compression tool, but RAR is quite simple to use.

Step 1:
Collect your files that you want to hide and compress into one by using Winrar.
Suppose 'data_files.rar' as the filename

Step 2:
Select an image file (picture.jpg) for the destination, 'image.jpg'

Step 3:
Put the two files (File picture.jpg and data_files.rar) in a same folder.
For example, c:\tempDrive

Step 4:
Open a command prompt as admin, in that directory and type:
c:\tempdrive\> copy / b + picture.jpg data_files.rar newpicture.jpg

Step 5:
That will create a new file with a name newpicture.jpg.


When you open the file newpicture.jpg, at first glance there would be no different than your original picture.jpg file unless you view the file size, now larger. You can still open the file with Picture Editor or Irfan and it display as normal. There are no signs that there are actually an additional file in it.

Step 6:
How to unlock your secret files?
Right-click on the file picture.jpg then choose [Open With] -> [Choose Program ..]. Select WinRar and then click [OK].

You will be able to view your both the .jpg and .rar files and can extract as usual.