Monday, October 13, 2014

5 Things to Do with Your Old USB Flash Drive

Phew! That’s a load off our chest! We’ve been collecting flash/pen drives by the dozens and have been saving them in many boxes strewn across the house. My father, on the other hand, still plugs them in, sees what’s in them and labels them. 

While scrounging on the Internet for ways to just dispose of these little liabilities, I discovered a few ways of actually having fun with them. No, I’m not talking about a DIY bracelet for your child or even a “flash farm” (a DIY block-building exercise), but consider some of these options. I’ve discovered that it’s not about just storing data and information anymore. It gets cooler, way cooler!

By Shaili Contractor

Tuesday, October 7, 2014

Babies for Free Wi-fi! Anyone?

An experiment showcasing the dangers of free public Wi-Fi got a number of people to exchange their first-born child, just so that they could enjoy surfing the web. The experiment, a brainchild of a certain security firm, created a Wi-Fi hotspot in Central London and then waited for their first target. 


While connecting to the hotspot, the users had to agree to terms and conditions, especially one that was called the ‘Herod Clause’, which agreed to free Wi-Fi only if the users “agreed to assign their first-born child to us for the duration of eternity.” (An April fool prank carried out by Gamestation, 2010, inspired the clause wording).

Around half a dozen people agreed to these bizarre terms, which thankfully, the security firm had no plans to enforce. The main aim of the research was to illuminate security issues associated with public Wi-Fi use. 

Apart from showing the users how easy it was to con them (they didn’t read the terms and conditions), the researchers exposed another serious issue that allows the providers of the Wi-Fi hotspot to see and store everything that the users see and log into. 

According to Mirror.co.uk, the same firm tested this again by placing a Wi-Fi hotspot in Central London. Within 30 minutes, around 250 devices (laptops, mobiles and tablets) connected to the hot spot and more than 30 people were seen checking their emails and browsing the Internet. 


The security firm was easily able to capture all the data sent and received, including the usernames and passwords. They tried to educate the people by making them realize that any criminal could easily hack into and collect their personal data this way. 

Criminals don’t need to set up their own Wi-Fi; they can look into the service that is providing the Wi-Fi to get what they want. This is usually done by copying a particular hot spot name and then ‘catching’ people’s devices by having a stronger signal and passing on the traffic towards a legitimate source.

This means that the criminal here is the middleman; all the data would pass through his device first. 

The best way to avoid such a nightmare is to probably to avoid public Wi-Fi altogether or use a VPN (virtual private network) to save you from prying eyes. 

By Shaili Contractor

Wednesday, October 1, 2014

Biohacking: Intriguing Science or Hazard?

In its original sense, hacking involves taking things apart and putting them back together again in new, different ways. This sort of tinkering has helped in the creation of the “maker movement”, which has grown into a worldwide community of people constructing things ranging from robots to 3D technology.

Bio hacking is a fairly new concept that involves people getting together to explore biology. Bio hackers have started to organize themselves in a movement called DIYBio (Do-It-Yourself Biology). It takes place in small labs where the belief is that “biology is technology”; that DNA is a form of software that can be moulded to design biological processes and devices. There is a growing concern that such amateur laboratories could provide a sort of training for bio terrorists or something equally bad, but they’re still nascent worries. 

Nearly fifty cities, mostly in America and Europe, are now home to groups of bio hackers where they meet and experiment. No one can confirm the number of bio hackers around the world but the movement’s main online list boasts of more than 4,000 members and is growing rapidly.


Now, hacking also has a negative connotation – when a hacker hacks your computer, you’d want him/her to be punished. But that’s not bio hacking. Bio hacking means learning about stuff by building, and trying to make things and seeing what eventually happens. 

Another concept of hacking is from a different source, where a person hacks into his own body. There are two types of bio hacking – one is something you do with biology, outside yourself. The other perspective is one where you hack your own biology and gain control of systems in your body that you would not have access to.

An Australian news site has interviewed bio hacker Dave Asprey a.k.a. The Bulletproof Executive, who is spearheading a new breed of bio hackers – a group obsessed with making yourself faster, smarter and stronger through a combination of caveman diets and the latest in modern technology. Mr Asprey got hooked on to the idea after running his own software company left him rich but unhappy. He was overweight at 130 kg and wandered around dazed every day.

He poured $300,000 into hacking his own body and now runs an empire touting everything from his morning coffee to his followers. He takes supplements and applies electricity to his muscles and brain, saying that it helps improve his body and mind. 

He has not published his work in scientific journals or even had his work evaluated, but he staunchly maintains that he’s a bio hacker.

All this sounds interesting and is definitely catching everyone’s eye, but how do you define a complex, multi-layered term such as this one? Who draws the fine line between miracle and disaster? 

Since this is a community-run pastime, you, the reader, should decide.

By Shaili Contractor

Friday, September 26, 2014

Oh Phish, after Apple it’s Google

After Apple’s high profile iCloud disaster, Google is the latest cyber crime victim. In Google’s case, Russian hackers posted usernames and passwords of 4.93 million Google accounts to a Russian bitcoin forum.

Now, there’s some good news and some bad news. The bad news is that somebody got their hands on nearly 5 million Google users along with passwords and made them public. The good news is that even if your Google address is on the list, the password maybe too old to merit much concern (i.e. the user might have changed his/her password at some point). 

The Russian technology blog, Habrahabr, has a theory that the leaked addresses and passwords were most likely compiled through phishing scams, people using weak passwords and other common mistakes new Internet users make; not as a result of a hacked Google server. Similar databases of email addresses and passwords from Yandex and Mail.ru, two popular Russian- language services, were also made public this week.

Many online news sites got in touch with Google regarding this debacle. In a statement sent to TIME Online, Google said it had “ no evidence that our systems have been compromised.”

 “The security of our users’ information is a top priority for us,” the statement reads. The company added that whenever it is alerted that an account may have been compromised, “then we take steps to help those users secure their accounts.” 

 If you want to check whether your account is included in the leak, you can head to “isleaked.com” and enter your email ID. We would ideally not recommend this as email addresses can be accumulated and used for spamming. The best solution would be to keep changing your passwords periodically, irrespective of whether your Google ID is or isn’t on the list.

Sunday, September 7, 2014

No Silver Lining in this Cloud



The world has just witnessed its latest hack; this time it’s the private photographs of some of the most famous women in the world. The biggest question we as curious Internet users are trying to understand is how has some nameless hacker gained access to the cell phones of the rich and famous. After the revelation, it was evident – iCloud.

There are millions of private photographs available online and most of us Internet users struggle to understand how the invisible hacker could have accessed Apple’s online storage service. The security breach could not have come at a worse time. Apple is scheduled to launch the iPhone 6 on September 9, along with a new OS for its Macs and a smart watch; all of which are likely to have features linked to iCloud.

In its statement, Apple maintains that the theft of nude celebrity photographs did not occur because of any breach in the Apple system, including iCloud. Apple says, however, that certain celebrities were the subject of targeted hacking attempts that focused on revealing their usernames, passwords and security questions, a common technique across the web.

The cache of images began circulating on the night of Aug 31 2014 and is said to include nude or partially nude photographs of Jennifer Lawrence, Kirsten Dunst and Kate Upton, amongst others.

Apple says that it is “outraged” by the theft and has begun investigating the issue. The statement indicates that the pictures were stolen as a result of “social engineering” or “spear-phishing” attacks. In such attacks, hackers specifically target an individual user and attempt to trick account holders into giving out their passwords and user names to break into an account.

So, it’s not just nude photographs that the victims have to worry about being accessed by the hackers; it’s their GPS coordinates, private text messages, calendars, address books, phone call logs and other data stored on their phones and backed up to iCloud. The hackers are able to extract more than just images from iCloud backups using special forensic software.

Based on media reports available online, the intention wasn’t to make the images public but a perfect opportunity to make some money by selling the pictures.

A very interesting article on the iCloud hacker identified as “Original Guy” says that he is part of a notorious image board - 4chan. Now, 4chan is infamous for putting up child pornography – anonymous hackers and online trolls being part of it. It’s online forum – Anon 1B – has had a series of FBI raids. After years of upheaval, the site reappeared this year and users continued to post.

Apart from holding vast amounts of child pornography, Anon 1B apparently plays host to a ring of skilled hackers who have learned how to obtain naked photographs of women by breaking into iCloud accounts. The /Stol/board on Anon 1B (short for stolen or obtained photos) acts as the global meeting hub for iCloud hackers. The leaked photographs weren’t the result of a single hack, but were hoarded over a period of several months by one well-connected figure in the underworld porn forums – Original Guy.

Till now, this hacker hasn’t returned to upload any more of his collection. As for Anon 1B, the site is still alive and iCloud hackers continue to sell their skills to users looking to steal naked pictures off the Internet.

Tuesday, August 26, 2014

World's Top 5 Cybercrime Hotspots

A Russian crime ring is suspected of obtaining access to a record 1.2 billion username and password combinations. 

Cyber security experts say this enormous data breach is just the latest evidence that cyber crime has become a global business—one that, including all types of cyber crime, costs the world economy an estimated $400 billion a year. Here’s a look at the global hotspots for these cyber criminals.

Watch the video.

Information courtesy: time.com

Wednesday, August 6, 2014

What is Cyber Inheritance?

The sheer volume of information that is created online today is mind-boggling. And as the intellectual property rights in this information grow, the value of these assets is growing too. A very relevant question then is what happens when the owner of these digital assets passes away? Who inherits the assets and how?

Your digital assets may be downloaded software, passwords to various accounts including online banking accounts as well as other downloaded content. Who gets access to this content after you die?

One solution that is being offered is by Google for all Google run accounts. Here users may specify which of their trusted contacts will be permitted to access their various accounts after their death. Before this announcement, though, this access was not permitted due to privacy laws.

Digital property is not like tangible assets in the fact that they cannot as easily be bequeathed to heirs. The law in this area is unclear on how these assets are to be passed on to loved ones. Services like Legacy Locker permits its users to store online passwords so that executors and personal representatives can access online accounts following their death. Other cloud based services do not permit this unless given specific instructions upon death.

So, one good idea is to make sure that you leave clear instructions in your Will about who is to receive your digital assets as well as a personal letter to the executors of your will with the details of the usernames and passwords. Also, instructions must be left in your Will to your service providers about what is to be done with the assets and whether the accounts should then be shut or continued.