Microsoft Windows 10 Overview

After many of the windows operating systems version like XP, Vista, 7 and 8 or 8.1 Microsoft released it latest Windows operating system Windows 10 and it has very new exciting features that you will like. Many of the registered users already gets their update of windows 10. If you did not get your's than hurry visit microsoft official website for information on how to upgrade your current windows operating system to microsoft windows 10.

Here we discuss the new and enhanced features of the Microsoft windows 10. One of the features than many of the users want is that the start menu. which is not available in the Windows 8 or Windows 8.1 and finally it is back know.

Windows 10 has Start Menu just like windows xp and 7 do and it is much better now. Same windows icon on the left side on the status bar.

As you see in the image above, the start menu is much better now you will see the list of application and also the tiles menu as smart screen in windows 8 or 8.1 has.

On the right part of the Start Menu, there is a grid of app tiles that you can arrange however you like. The "live" tiles will show you updates, such as the latest stock prices, the last show you were watching on Netflix, social media updates, weather, news and sports scores.

If you want, you can take the Start Menu full-screen by clicking the "expand" button -- it's kind of like having a tablet or smartphone screen for a desktop. But, crucially, it's only there if you want it. The default is the familiar Windows desktop experience.

Windows 10 provides some design changes that Windows 7 users will welcome. For example, taskbar icons glow at the bottom when they are opened, but only the app icon that is currently being used is completely highlighted. In Windows 7, all open apps are highlighted, confusingly.

The single best new productivity feature is Task View, which presents a visual summary of all your open apps and finally allows you to create virtual desktops without requiring third-party software. You can access easily access it in three ways: A three finger swipe up on the trackpad, by pressing Win + Tab, or by dragging in from the left side of the display. There’s also an icon on your Taskbar, should you forget the shortcuts and gestures.

Microsoft’s made its own window snapping feature more powerful. Now when you pin a program to either side of the screen, Windows will line up suggestions to fill up the remaining space. You can even snap four windows at a time now by dragging a window into each corner of the display.

It would’ve been easy for Microsoft to just completely drop the tablet interface on Windows 10 PCs, but instead it took a more versatile approach: only force the tablet UI when you need it (or want it).

The most new feature in Microsoft Windows 10, Microsoft added their own own assistant app in it named as Cortana. Cortana reponses according to your queries.
via via

New Web Browser From Microsoft - Microsoft Edge

Microsoft has launched its new web browser in windows 10 in the place of the Internet Explorer. It is the latest web browser from the Microsoft which comes in the Windows 10. It gives you the new way to read and write on the web and also to find stuff over the internet.

Features of the Microsoft Edge Web Browser

HUB : all your stuff in one place

Hub contains all your history, favorites, browsing history and all your current downloads. You can view all your browser details by clicking of the hub icon (three parallel lines). It keeps the records of all your browsing history and things you collected and that you do on the internet.

Search faster from the address bar

The results you finding over the internet for any particular query are much faster as compared to older web browser. You do not need to go to any particular website to search for any images and instant search is available in the Microsoft Edge web browser.

Like in the above image as you see that instant search is also available from the address bar. Just write over the address bar you want to search for and instant search is available from the address bar.

Write on the Web

You can write, draw and take notes directly on the web pages. Microsoft Edge provides you the web notes as it is only browser which provides you to write , take notes and doodle and also highlights things over the web pages.

Microsoft Edge also provides you th reading view any article available over the internet. Icon in the address bar on the right side reading layout icon provides you the reading view of the webpage by clicking on it.

source

Vulnerability Lets Hacker's Enter Into Android Phone Using a Message

A new vulnerability may found in android phone in which hacker can enter into any android phone using just a simple message send to any user's android phone - It is just like same as we all saw in movies hacking trick. But, yes this new vulnerability found in the android phones as researcher reports and this is biggest vulnerability in the android device.

- Researchers at Zimperium Mobile Labs, where it was discovered by VP of Platform Research and Exploitation Joshua Drake, claim that up to “95% of Android devices” are vulnerable.

- To initiate the attack, the hacker sends a maliciously modified video message. The message is able to circumvent Android’s sandboxing security measures and execute remote code — at which point they’d have near-full access to your device, its storage, its camera and microphone, etc.

- The hack is being referred to as “Stagefright.” “Stagefright” is also the media library that Android uses to process video, and is the bit of code being exploited here.

- In many cases, the device will start processing the message without the user opening the message manually. Just receiving the message is enough to get the ball rolling.

- Worse yet, an attacker could theoretically delete the message themselves as soon as they’ve executed the attack, leaving behind no trace but a notification that most would quickly swipe away with no idea that their device is now under an attacker’s control.

- The bug is said to have been introduced in Android v2.2 (Froyo), but Zimperium has successfully tested it on builds as recent as the latest release, Android 5.1.1 (Lollipop). Devices running a build older than Jelly Bean (4.1) are said to be most vulnerable.

As reported by the Google's Spokesperson,

“We thank Joshua Drake for his contributions. The security of Android users is extremely important to us and so we responded quickly and patches have already been provided to partners that can be applied to any device.

Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device.”

But the GOOD NEWS is that google has already fixed this vulnerability as this is patched by the OTA update.

And the other news is that it also depends on the manufacturers of the mobile phones that they will include the patch in the software update or not.

via

RCS Android Hacking Tool

As digging deeper and deeper into the huge Hacking Team data dump, security researchers are finding more and more source code, including an advanced Android Hacking Tool. Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system.

Trend Micro researchers found that the Italian spyware company was selling RCSAndroid (Remote Control System Android), which they says, is one of the "most professionally developed and sophisticated" pieces of Android malware a.k.a Android hacking tool they have ever seen. RCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world's more advanced surveillance suites for Google's mobile operating system Android.

List of Creepy Features of Android Hacking Tool

Once installed on targets' devices, RCSAndroid would have helped government and law enforcement agencies around the world to completely compromise and monitor Android devices remotely. Here are some of the features of RCSAndroid include the ability to:

-Capture screenshots using the 'screencap' command and framebuffer direct reading

-Collect passwords for Wi-Fi networks and online accounts, including WhatsApp, Facebook, Twitter, -Google, Skype, and LinkedIn

-Collect SMS, MMS, and Gmail messages

-Capture real-time voice calls in any network or application by hooking into the 'mediaserver' system service

-Capture photos using the front and back cameras

-Monitor clipboard content

-Record using the microphone

-Record location

-Gather device information

-Collect contacts and decode messages from IM accounts, including WhatsApp, Telegram, Facebook -Messenger, Skype, WeChat, Viber, Line, Hangouts, and BlackBerry Messenger.

RCSAndroid uses two different methods to infect targeted Android devices.

1. Hacking Team used text and email messages containing specially crafted URLs that triggered exploits for several vulnerabilities (CVE-2012-2825 and CVE-2012-2871) present in the default browsers of Android 4.0 Ice Cream to 4.3 Jelly Bean, allowing the attacker to gain root privileges, and install the RCSAndroid APK.

2. The company used backdoor apps such as "BeNews" available on the official Google Play Store to take advantage of a local privilege escalation bug to root the device and install the RCSAndroid agent.

RCSAndroid has 4 'critical components':

-Penetration solutions – Methods to get into the device, either via SMS or email or a legitimate app

-Low-level native code – Advanced exploits and spy tools beyond Android's security framework 

-High-level Java agent – The application's malicious APK

-Command-and-control (C&C) servers – Servers used to remotely send or receive malicious commands

Given that the source code of RCSAndroid is now available to everybody, it will likely put Android users in danger. So, if you own a smartphone running any Android version from 4.0 Ice Cream to 4.3 Jelly Bean, you need to 'Get Rid of it Today.' "The leaked RCSAndroid code is a commercial weapon now in the wild," security researchers wrote in a blog post. "Mobile users are called on to be on top of this news and be on guard for signs of monitoring.  Users of Android 5.0 Lollipop may also be in danger of being targeted, as some emails sent among Hacking Team executives indicates that "Hacking Team was in the process of developing exploits for Android 5.0 Lollipop," but so far there is no such indication.

CyanogenMod OS - The Brief and Features

CyanogenMod is an alternate operating system over your pre-installed Android OS that gives you an enhanced performance and increases the possibilities of your Android device. It is an improved open source firmware for Android based smartphone and tablets, which offers features that are not found on the official firmware distributed by the manufacturers.

CyanogenMod custom ROM is a successful development to remove the restrictions that bound the Android users to the minimum options provided on their smartphones. However, being an open source platform, Android does not restrict itself any way, therefore following the rooting process Android enthusiasts have found some amazing tricks to unveil the maximum possibilities of the Android OS.

CyanogenMod supports plenty of features that are worth considering. It includes many additional customization and interface options. For instance, it features native theming, customized soft buttons and tablets tweaks, enhance notifications and reboot menu. It also features performance boost on your devices, which can extend the limits of your device CPU speed with CPU overclocking. Also it supports open VPN client and enhanced tethering on WiFi, Bluetooth and USB.

It seems Lollipop is on every enthusiast’s mind these days, as OEMs have started a steady stream of OTAs. With this multipart update, Android 5.1, and what’s new and improved in CyanogenMod.

Android 5.1

Let’s start with the latest and greatest Lollipop release, Android 5.1. Released in the second week of March, 5.1 has actually seen two releases – 5.1_r1 earlier in the month and 5.1_r3 just this week. The team has been plugging away at these releases, rebasing and merging like fiends. We’re not quite at the point where nightlies will cross over to being officially branded CM12.1, but as always, you are welcome to track our progress.

The CyanogenMod 12.1 (Android 5.1) source is available to sync, and up and running with few issues on various devices – including the latest developer device the Nexus 6. When you repo init the source, just point the branch to ‘staging/cm-12.1’. The staging branch is where we are making things ‘just work’ (you’ll see many patches simply labelled “Fix build”). These patches will be cleaned up prior to moving the source code over to our active mainline branches.

Oldies Materialized

One of the first items you’ll notice is the Material theme, meant to invoke a sense of ‘living document’ while you interact with your device and apps. All the sweeping animations, bold and heavy on graphic design are present, and we’ve spent some time working on revisiting core CM apps to reflect the new design guidelines.

The CM Messaging app is now sporting a floating action button (FAB) and circular avatars for your contacts, embracing the most common indicators of Material. The app is now Android Wear compliant, thanks to contributor Anthony Williams (dexlab) – allowing it to gel nicely with the latest hot Android accessory. Browser, abandoned for the most part in AOSP, got a facelift as well, sporting a new icon and making use of Lollipop’s vector support.

CyanogenMod File Manager

This venerable app has been a CM staple for quite a few years now. While it too has seen the Material UI overhaul and even learned a new trick or two with zip/rar and secure storage support, its user experience (UX) isn’t the most ideal or easy to navigate. To that end, this is the next app on their list and user's inputs are welcome.

Features of CyanogenMod

There are many reasons that you may like to switch from the original Android to CyanogenMod custom ROM. The CyanogenMod community adds up many features in the stock Android like its security, lightness, no bloatware and extreme customization. Apart from this there are some key features offered by CyanogenMod which we are listing here in brief.

Up to date

CyanogenMod provides up to date versions that are bug free and improved with latest android updates. You can update you CyanogenMod with latest version when it releases or by your own schedule.

Privacy and app permissions

CyanogenMod provides you more control on your privacy and application permissions.

Blacklist

CyanogenMod offers the Blacklist features which enable users to block unwanted and annoying calls and messages by either complete blocking or just ignoring the alerts for a while.

Quick Setting Ribbon

You can have more easy access to your apps and features with CyanogenMod. It allows to embed quick toggles in your notification drawer for any of you useful apps. You can also customize the layout of your quick settings.

CyanogenMod Theme engine

Amazing themes are perhaps one of the most impressive thing offered by CyanogenMod. Using its integrated theme engine the entire look and feel of your OS can be changed. There are endless possibilities of styling on CyanogenMod. You can read more about the best CyanogenMod themes and free CyangogenMod themes in more details.

Status bar Behavior

Like the quick setting you can also customize the status bar and add new behaviors. For instance, you can set an alarm by just taping the time and access your calendar by taping the date.

Display and Lights

Unlike the normal Android ROMs where you have limited access to many features here you can control anything. For instance, you can Control brightness, wallpapers, rotation, notification lights and remote displays according to you choice.

Lockscreen

The Lockscreen can be more customized to increase you productivity. CyanogenMod enables you to access your apps directly from Lockscreen and also many useful information are displayed at first look.

source

Hacking Team Hack and Media Reports

Hacking Team, the Italy-based spyware company that sells spying software to law enforcement agencies worldwide, says the company has always operated with the law and regulation in an ethical manner. However, there was only one Violation of Law in this entire event, and that is – "the massive cyber attack on the Hacking Team." company stated.

The recent hack on Hacking Team exposed nearly 500GB of massive internal documents including internal emails, hacking tools, zero-day exploits, surveillance tools, source code for Spyware and a spreadsheet listing every government client with date of purchase and amount paid.

Hacking Team Hack and Media Reports:

The attack on Hacking Team was really huge in every sense. The team finally shows its disappointment with media on its hacking incident saying, the company that helps government fight crimes is being treated as the culprits, and the criminals who attacked the company are not.

"Had a media company been attacked as Hacking Team has been, the press would be outraged," Hacking Team wrote in its press release Wednesday. But, every media including us have mentioned that Hacking Team got hacked, which by default indicates that they were the victim to cyber crime.

So far, neither they nor anyone in media knows who has hacked and leaked 500GB of internal data belonging to Hacking Team.

So, what do they expect from Media to talk about?

The Unknown Hacker, about whom no one knows,

or the 500 GB of leaked Hacking Team’s Secrets

Hacking Team Spyware: Fighting for Crime or aiding Surveillance?

Apart from this, the Hacking Team claimed that the strong spyware and hacking tools developed by the company are actually required by the law enforcement agencies to fight crime and terrorism. We all know that what NSA and other government agencies are doing (espionage/surveillance) with such capabilities, instead of putting every effort to fight crime and terrorism.

Recently, a 46-year-old member of South Korea's National Intelligence Service (NIS) apparently committed suicide after it was revealed that the Asian country bought spying tools from the Hacking Team.

A Suicide note left by the agent at the scene referenced the Hacking Team controversy, and claimed his intelligence team did not use Hacking Team tools to spy on South Korean citizens' mobile phone or any other online communications. This incident could be part of the same conspiracy, which is yet to be investigated.

Some Facts Highlighted by Hacking Team

Highlighting the facts about its recent hack attack, the company says the attackers stole and exposed the personal information of its employees and some of its clients. However, the attackers were unable to access the data collected by company's clients using purchased spying software, as such information is only stored on the customer's systems and can’t be accessed by the company itself.

The attackers also exposed some of its source code on the Internet, but according to Hacking Team, the essential elements of its source code were not compromised in the attack. The company agreed of selling its equipments to countries, including Ethiopia, Sudan, Russia and South Korea among others, but always sold "strictly under the law and regulation."

"There have been reports that our software contained some sort of "backdoor" that permitted Hacking Team insight into the operations of our clients or the ability to disable their software," The company says.

"This is not true." "No such backdoors were ever present, and clients have been permitted to examine the source code to reassure themselves of this fact."

The company also denied its involvement in any program that make use of airborne drones to attack computers and smartphone devices through Wi-Fi networks as it has been reported earlier this week.

via

Microsoft has Introduce New Email App Named "Send"

Microsoft has introduces it's new application for the Apple iPhone users in US and Canada named as Send and is coming soon to the Windows Phone and Android Phones. This app usually works for people with office 365 business and school email accounts, and this app is available in coming time with more wide features.

Send lets you quickly and easily send any co-worker a message without a subject line or formal email constructs. Some examples of Send messages include:

Straight to the point: “Let’s chat in 10”
Super urgent: “Don’t send the presentation yet”
Simple back-and-forth conversations: “Are you in the Office today?” “No”

These are the sort of quick emails you send to the people you care about at work—your boss, your teammates, and sometimes partners or customers outside your organization. You’re usually busy or on the go when you send them, and Send is specifically designed for this get-in get-out scenario.

Imagine you’re walking into a big presentation and someone asks you to find out if your colleague will be attending. Chances are, you don’t have your colleague’s phone number, but you will probably have their email address—especially if you’ve been emailing with them recently. You don’t have time to search your inbox, start a new thread, or even type out a subject line. You just want to ask that person, “Will you be at the presentation?”

With Send, there are no signatures, subject lines or salutations required. The design principle for the app was to make conversations fast and fluid while keeping the people who are important to you at its core. Send connects to Office 365 business and school email accounts to surface your frequent and recent contacts. The people who are important to you are put right at your fingertips—just tap on a contact to start a conversation. Or even better, simply swipe and choose a Quick Reply such as “On my way” or “I’ll get back to you.” You can also see when someone is typing their response; there’s never been a quicker way to reach someone over email.

Send doesn’t show all your emails, just the ones started in the app, keeping you in control. All Send messages comply with your organization’s email compliance policies—they are treated like any other work email. And for IT Pros, we’re working on bringing more IT controls to the app in the coming months.

source

Ubuntu Touch OS for Mobile - Breif Details

Today, there are many mobile operating system are in the market or we are all using few of the mobile operating system and which may include the famous Android Operating system- which has many variant like Cupcake, Donut, Eclair, Froyo, Gingerbread, Honeycomb, Jelly Bean, Kitkat, Lollipop, and the latest Android M that is now only available for Developers preview and iOS- Apple's official Mobile Operating system, Firefox OS, Ubuntu Touch OS, Meizu, Window OS for Mobiles, Symbian Belle, and many other.

Now, Let us explore about the Ubuntu Touch OS for Mobile Phone.

Access content and services naturally

For the first time, you can use a phone that revolves around you and the content and services you use the most. Say goodbye to opening and switching between multiple apps and instead, let Ubuntu’s unique scopes bring everything you need to one screen.

Beautifully designed features

Ubuntu Phone has been designed with obsessive attention to detail. Form follows function throughout, from the ever-changing welcome screen to essentials like messaging and alarms. And the Launcher puts it all at your fingertips, whatever you’re doing with your phone.

An open source phone

The Source code of Ubuntu Touch OS is shared openly throughout the development cycle. They are transparent about their plans for future releases, so as a developer, carrier or manufacturer, you can work with ubuntu to start building Ubuntu mobile experiences.

Backed by Canonical

Canonical is the global software vendor that provides commercial, design and engineering support to the Ubuntu project. The hardware enablement team supports the pre-installation of Ubuntu on more than 10% of all new PCs shipped,worldwide.

Features of Ubuntu Touch

Ubuntu introduces a new way to enjoy content and services on smartphones, without relying on traditional apps. Ubuntu’s scopes give you related content on one screen, instead of hiding it behind different apps. So everything you look for in life is now right at your fingertips.

Introducing scopes

Ubuntu’s scopes are like individual home screens for different kinds of content, giving you access to everything from movies and music to local services and social media, without having to go through individual apps.

A scope for every facet of life - NearBy, Music, News, Swiping from Top-Left-Right-Bottom, and Ubuntu Store is also available for different varieties of application from which you can choose from a wide range of scopes and apps are available for download.

Every feature of the phone reflects Ubuntu Phone’s design language. Consider it your first glimpse of Ubuntu’s future style across all devices.

Ubuntu Phones are directly available from the partners like Meizu and BQ sales acroos the Europe and Chine.

Source

Microsoft Release Security Patch for all versions of Windows Operating System

Microsoft has released the emergency fix for all the versions of the windows, in order to fix the critical Remote Code Execution vulnerability.

This security patch is issued by microsoft in windows operating system platform against the loop hole that allow the attacker's or hackers to execute the malicious code on your computer to take full control of the affected system.

The critical flaw (CVE-2015-2426), which affects all the supported versions of operating system, resides in the way Windows Adobe Type Manager Library handles specially crafted Microsoft's OpenType fonts.

If you system is exploited then the vulnerability allows hackers to execute the malicious code on the affected systems remotely, if any of the user open any crafted document or file or visit any of the untrusted webpage which contains embedded OpenType fonts.

"An attacker could then install programs; change, or delete data; or create new accounts with full user rights," Microsoft said in an advisory published Monday, releasing an Out-of-Band Patch to resolve the issue.

All versions of Microsoft Windows operating system including win vista, 7, 8, 8.1 and RT editions are all affected with this vulnerability along with the windows server 2008 and also it affects the windows 10 insider preview. The vulnerability of the exploitation is very high, so that is why all users are advised to update their system as soon as possible.

Security researchers Mateusz Jurczyk of Google Project Zero, and Genwei Jiang of FireEye were credited by Microsoft for finding this flaw.

via

RAT (Remote Administration Tool) - Brief

A remote administration tool (RAT) is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharingand remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity. Malicious RAT software is typically installed without the victim's knowledge, often as payload of a Trojan horse, and will try to hide its operation from the victim and from security software.

The operator controls the RAT through a network connection. Such tools provide an operator the following capabilities:

- Screen/camera capture or image control
- File management (download/upload/execute/etc.)
- Shell control (from command prompt)
- Computer control (power off/on/log off if remote feature is supported)
- Registry management (query/add/delete/modify)
- Hardware Destroyer (overclocker)

RAT trojan horses

Many trojans and backdoors now have remote administration capabilities allowing an individual to control the victim's computer. Many times, a file (often called a client or stub) must be opened on the victim's computer before the hacker can have access to it. These are generally sent through email, P2P file sharing software, and in internet downloads. They are usually disguised as a legitimate program or file. Many clients/stubs will display a fake error message when opened, to make it seem like it didn't open. Some will also disable antivirus and firewall software.

RAT trojans can generally do the following:

Block mouses and keyboards, Change the desktop wallpapers,  Downloads, uploads, deletes, and rename files, Destroys hardware by overclocking, Drop viruses and worms, Edit Registry, Use your internet connection to perform denial of service attacks (DoS), Format drives, Steal passwords, credit card numbers, Alter your web browser's homepage, Hide desktop icons, task bar and files, Silently install applications, Log keystrokes, keystroke capture software, Open CD-ROM tray, Overload the RAM/ROM drive, Send message boxes, Play sounds, Control mouse or keyboard, Record sound with a connected microphone, Record video with a connected webcam, Show fake errors, Shutdown, restart, log-off, shut down monitor, Record and control victim's screen remotely.

A well-designed RAT will allow the operator the ability to do anything that they could do with physical access to the machine. Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on April Fool's Day or a holiday. Prank RATs are generally not harmful, and won't log keystrokes or store information about the system on the computer. They usually do disruptive things like flip the screen upside-down, open the CD-ROM tray, or swap mouse buttons.

Some of the RAT software and trojans are :

Poison Ivy, Spy-Net, Back Orifice, NetBus, Sub Seven, Beast Trojan, Bifrost, DarkComet

via

Internet Calls Over Whatsapp, Skype and Viber May No longer Free in India

The report of Net Neutrality is out and according to the report these voip services like whatsapp, skype and viber internet call are no longer free in India. We all know about the net neutrality and the related controversies in India as Net Neutrality is simply the internet freedom as we people want as free, fast and open internet to use for all people.

India is already fighting for Net Neutrality since facebook's internet.org and Airtel zero as zero-rating services were launched.

The Department of Telecommunications (DoT) has now released a much-awaited report [PDF] on the Net Neutrality issue, recommending the Telecom Regulatory Authority of India (TRAI) to regulate the voice calls conducted by the Internet users of over-the-top (OTT) services.

End Of Free WhatsApp, Skype and other VoIP Calls

The report recommends TRAI to consider the demands of telecom service providers to regulate domestic VoIP calling services, while taking a liberal approach to international VoIP services. This indicates that if you call your someone living abroad using Skype, Viber, WhatsApp or any other VoIP service, then you are not charged if you have a running Internet pack. However, if you want to make VoIP call using WhatsApp, Viber or Skype within India, the telecom providers would charge you.

Zero-rating services like Facebook’s Internet.org and Aitel Zero are a Big No

Criticizing Facebook’s Internet.org, the report says "the content and application providers cannot be permitted to act as gatekeepers" and go against the Net Neutrality principles.

In response to the report, Kevin Martin, Facebook's vice president for mobile and global access policy said:

"Internet.org acts as a gateway, as opposed to a gatekeeper, to Internet access by breaking down the cost, infrastructure and social barriers that exist today. We welcome the DoT's engagement and consultation process and are committed to working with all stakeholders to overcome the infrastructure, affordability and social barriers that exist today and to bring more people in India online."

Zero-rating is the practice of service providers not charging end users for data used by specific apps or websites through the network, in limited or given data plans. DoT has rejected the demand for regulation of over-the-top (OTT) Free messaging services, including WhatsApp, Viber and Hike. So, you can enjoy chatting with your friends and relatives over WhatsApp, Viber and Hike for Free.

Though the committee's report is not the final view of the government towards Net Neutrality, the report has only been presented to TRAI, which will consider its ideas and form its own recommendations for the government’s final call on new legislation.

via

Microsoft Plans Sell Windows 10 on Flash Drive Not on Optical Drive

Microsoft has planned that it will be selling Windows 10 on bootable USB flash drives instead of any other optical media as they sold earlier. This will allow consumers to install the OS even on computers and laptop that don't have built-in optical disc drive in their machines or system, such as some of the ultra-portable notebooks. The USB drives will also likely be a good bit faster than the discs, making the process quicker.

The OS is now currently up for pre-order on Amazon and is available on a USB drive. You can pre-order the Home edition for $119.99 and the Pro edition for $199.99. These USB drives will be available via other retailers including the Microsoft Store.

“Windows 10 will be available on USB drives for purchase in retail channels shortly after launch,” a Microsoft spokesperson told VentureBeat. “The suggested retail prices for Windows 10 in the U.S. are the same as Windows 8.1.”

via

Steganography - The Information Hiding

Steganography applications conceal information in other, seemingly innocent media. Steganographic results may masquerade as other file for data types, be concealed within various media, or even hidden in network traffic or disk space. We are only limited by our imagination in the many ways information and data can be exploited to conceal additional information.

For many years Information Hiding has captured the imagination of researchers. Digital watermarking and steganography techniques are used to address digital rights management, protect information, and conceal secrets. Information hiding techniques provide an interesting challenge for digital forensic investigations. Information can easily traverse through firewalls undetected. Research into steganalysis techniques aids in the discovery of such hidden information as well as leads research toward improved methods for hiding information.

Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. For example, a sender might start with an innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change so subtle that someone not specifically looking for it is unlikely to notice it.

The steganography module allows the hiding of text messages, files of any type, or both, in a 'carrier' file. A carrier file is a file that performs a function in its own right and does not appear to be anything other than what it seems, for example a photograph or a sound file might be used as a carrier file. Carrier files appear perfectly normal, they will display in image viewers or work in audio players, using the above examples. But they can also contain hidden information - other files and messages - that can be retrieved.

A steganography software tool allows a user to embed hidden data inside a carrier file, such as an image or video, and later extract that data. It is not necessary to conceal the message in the original file at all. Thus, it is not necessary to modify the original file and thus, it is difficult to detect anything. If a given section is subjected to successive bitwise manipulation to generate the cyphertext, then there is no evidence in the original file to show that it is being used to encrypt a file.

Anubis, Steghid, BMPSecrets, Darkcrypt, Image Spyer, Openpuff and OpenStego are some of the tools available for steganography.

Source - Internet

NSA Realeases Network Security Tool [Open Source] for Linux on Github

A National Security Agency cyber tool that allows computer systems to maintain a specific security posture is now publicly available on GitHub, a website for sharing source code – making it easier for other government organizations and private industry to adopt the tool to help fortify their networks against cyber threats.

The technology – known as the Systems Integrity Management Platform, or SIMP – is considered a critical part of layered, “defense-in-depth” approaches to cybersecurity. NSA has increasingly shared its research with the open-source software community, a move that can accelerate the development of innovative capabilities and solutions in both the public and private sectors. 

SIMP is located on an NSA-wide GitHub page that the agency launched this spring:https://github.com/nationalsecurityagency. NSA’s Information Assurance Directorate established a page in December 2013: https://github.com/iadgov.

SIMP keeps networked systems compliant with given security standards. In recent years, multiple government and industry organizations have developed technologies similar to SIMP in response to U.S. Defense Department and Intelligence Community compliance requirements. By releasing SIMP, the agency seeks to reduce duplication of effort and promote greater collaboration within the community: The wheel would not have to be reinvented for every organization.

“The open-source software method of transferring technology from the federal laboratory to the marketplace is extremely efficient,” said Linda Burger, Director of the NSA Technology Transfer Program. “The open-source community can leverage the work that NSA has produced, and the government can benefit from that community’s expertise and perspective. It’s a win for everyone – and for the nation itself.”

Everyone is aware of the NSA’s Global surveillance practices. The internal data exposed by former contractor Edward Snowden shown the extent of surveillance and bulk data collection by NSA, which range from US citizens to leaders of allied governments.

Several US government officials, including the NSA Director Mike Rogers, outgoing US Attorney General Eric Holder, and the FBI director James Comey, have all suggested that major tech companies such as Apple and Google should provide law enforcement agencies special access to their users’ encrypted data, demanding secret backdoors.

Knowing this, one must think twice before adopting NSA’s latest SIMP tool. However, the security of a Linux is a massive subject and tools are used to provide additional security on a Linux computer. So, it is always important to choose a right tool.

source

Marshall just released the First Android Phone With Two Headset Jack

British Marshall Amplification was founded in 1962 in London and is best known for its guitar amp. The company has put up a product page, for an upcoming phone, which has a black, leather-like cover. Details missing but Marshall says that “the revolution has begun.” We assume that the device runs Android and has a focus on sound.

As Rumored, the phone is pretty standard on the inside with 4G LTE, 720p display, 2GB of RAM, 16GB of storage and an 8-megapixel camera. According to Marshall, this phone has been designed for music. As this phone has two audio jack

Marshall also touts a special Wolfson WM8281 Audio Hub which is dedicated to audio playback at a “higher resolution” — a claim we’re dubious about, though. An “M” button on the top opens your favorite music app instantly.

The device features Marshall’s classic gold detailing on the buttons and volume rocker, and comes only in matte-black. It looks damn good.

On the software side it runs Android 5.0.2, and comes pre-loaded with a special global audio equalizer along with a special DJ app to get your mixing on.

If you are a music phone lover then this marshal device is for you. Marshal is not manufactured this phone itself, instead working with other phone manufacturer to build this device.

It retails for 4,995 Swedish Krona (about $585) and you can pre-order one now, though it won’t arrive until at least August 17.

The four co-founders of The Pirate Bay, the world’s most popular torrent website, have been cleared of charges alleging criminal copyright infringement and abuse of electronic communications in a Belgian court.

The Pirate Bay co-founders Gottfrid Svartholm, Fredrik Neij, Peter Sunde and Carl Lundströmwere acquitted by a Belgian court located in Mechelse after it was found that they could not be held responsible for the file-sharing website after selling it in 2006.

The Pirate Bay’s founders Gottfrid Svartholm and Fredrik Neij, the website representative Peter Sunde and the website investor Carl Lundström were facing criminal charges related to their involvement with the torrenting site that has proven to be an elusive hub for illegal copyrighted content.

The Pirate Bay was Sold to other Investors in 2006

However, the case fell apart when the Pirate Bay’s co-founders said that they were not involved in any activity related to the website after they sold it to Reservella, a Seychelles-based company, in 2006, as reported on Friday.

Providing more details about the case Torrent Freak report, "All four defendants deny having had anything to do with the site since it reported the sale to a Seychelles-based company called Reservella in 2006. That has proven problematic since the period in which the four allegedly committed the crimes details in the Belgian case spans September 2011 and November 2013."

Though the foursome is likely to face criminal charges in other courts of law, the Belgian court victory represented a little of good news for the cyber crew.

Prosecution Agreed to Court Decision

After the verdict was dropped, the complainants, which is the Belgian Entertainment Association, agreed with the court decision. "Technically speaking, we agree with the court," said Olivier Maeterlinck, the Belgian Entertainment Association (BEA) director.

This isn’t the first good news came from The Pirate Bay case. Last month, the third founder Fredrik Neij was released from a Swedish prison after he was detained on the Laos-Thailand border in November 2014 and spending ten months in jail.

The Pirate Bay, founded in 2003, is one of the most popular file-sharing websites in the world predominantly used to share copyrighted material free of charge. Despite the criminal convictions, the site remains functioning today, although it has moved to different Web domains several times.

It's still unclear how the website managed to reappear every time after shutdown, but The Pirate Bay claimed last year that it ran the notorious website on 21 "raid-proof" virtual machines, which means if the police raid one location, the site would hardly take few hours to get back in action.

via

What is Phishing? How to Recognize and Avoid Them.

Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (e.g., passphrase, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.

One type of phishing attempt is an email message stating that you are receiving it due to fraudulent activity on your account, and asking you to "click here" to verify your information.

Phishing scams are crude social engineering tools designed to induce panic in the reader. These scams attempt to trick recipients into responding or clicking immediately, by claiming they will lose something (e.g., email, bank account). Such a claim is always indicative of a phishing scam, as responsible companies and organizations will never take these types of actions via email.

Phishing email messages are designed to steal your identity. They ask for personal data, or direct you to websites or phone numbers to call where they ask you to provide personal data. A few clues can help you spot fraudulent email messages or links within them.

Specific types of phishing

Phishing scams vary widely in terms of their complexity, the quality of the forgery, and the attacker's objective. Several distinct types of phishing have emerged.

Spear phishing

Phishing attacks directed at specific individuals, roles, or organizations are referred to as "spear phishing". Since these attacks are so pointed, attackers may go to great lengths to gather specific personal or institutional information in the hope of making the attack more believable and increasing the likelihood of its success.

The best defense against spear phishing is to carefully, securely discard information (i.e., using a cross-cut shredder) that could be used in such an attack. Further, be aware of data that may be relatively easily obtainable (e.g., your title at work, your favorite places, or where you bank), and think before acting on seemingly random requests via email or phone.

Whaling

The term "whaling" is used to describe phishing attacks (usually spear phishing) directed specifically at executive officers or other high-profile targets within a business, government, or other organization.

What does a phishing email message look like?

Phishing email messages take a number of forms:

They might appear to come from your bank or financial institution, a company you regularly do business with, such as any company, or from your social networking site.

They might appear to be from someone you in your email address book.

They might ask you to make a phone call. Phone phishing scams direct you to call a phone number where a person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data.

They might include official-looking logos and other identifying information taken directly from legitimate websites, and they might include convincing details about your personal history that scammers found on your social networking pages.

They might include links to spoofed websites where you are asked to enter personal information.

Avoiding phishing scams

Indiana University and other reputable organizations will never use email to request that you reply with your passphrase, Social Security number, or confidential personal information. Be suspicious of any email message that asks you to enter or verify personal information, through a website or by replying to the message itself. Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company's website (i.e., type the real URL into your browser) or contact the company to see if you really do need to take the action described in the email message.

When you recognize a phishing message, delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the websites it points to.

Always read your email as plain text.

Phishing messages often contain clickable images that look legitimate; by reading messages in plain text, you can see the URLs that any images point to. Additionally, when you allow your mail client to read HTML or other non-text-only formatting, attackers can take advantage of your mail client's ability to execute code, which leaves your computer vulnerable to viruses, worms, and Trojans.

Warnings

Reading email as plain text is a general best practice that, while avoiding some phishing attempts, won't avoid them all. Some legitimate sites use redirect scripts that don't check the redirects. Consequently, phishing perpetrators can use these scripts to redirect from legitimate sites to their fake sites.

Another tactic is to use a homograph attack, which, due to International Domain Name (IDN) support in modern browsers, allows attackers to use different language character sets to produce URLs that look remarkably like the authentic ones. See Don't Trust Your Eyes or URLs.

via source

OpenWall Launched Johnny - GUI for John the Ripper Tool

Johnny is the cross-platform Open Source GUI frontend for the popular password cracker John the Ripper. It was proposed by Shinnok.

Features

The features of the Johnny-GUI for John the Ripper is written below:

1. user could start, pause and resume attack (though only one session is allowed globally),
2. all attack related options work,
3. all input file formats are supported (pure hashes, pwdump, passwd, mixed),
4. ability to resume any previously started session via session history,
5. suggest the format of each hashes,
6. try lucky guesses with password guessing feature,
7. “smart” default options,
8. accurate output of cracked passwords,
9. config is stored in .conf file (~/.john/johnny.conf),
10. nice error messages and other user friendly things,
11. export of cracked passwords through clipboard,
12. export works with office suits (tested with LibreOffice Calc),
13. available in english and french,
14. allows you to set environment variables for each session directly in Johnny

You can download the binaries from the link below given in the source. The Binaries are available for windows, OS X and Linux.

source

Apple iOS 9 is Available for Everyone

The iOS 9 public beta is a more polished release than the versions that were available only for developers over the last month. Apple released iOS 9 beta 3 to registered developers. If you're eager to get your hands on Apple's latest mobile OS, and you don't mind running unfinished software

Apple iOS 9 packs a number of new features and improvements over its predecessor. They include more capable Siri, split-screen multitasking on iPad, and under-the-hood upgrades among others.

If you are interested in trying out the new iOS 9 in beta guise, head over to the source link to get started. Be aware that the firmware is not finished, so occasional bugs are more than likely.

via

New Android M Details Granular Permissions and Android Mobile Payment

Developers at Google I/O got a glimpse of the next major version of Android known only as M for now. There are six major improvements that mostly focus on how apps work and interact with each other. Android's wireless payment system also got a big boost, in part thanks to unified fingerprint sensor support.

App permissions

Android M is moving to an iOS-style permissions. You don't get asked about all permissions lumped together at install time, instead the app will ask for each permission the first time you use it.

You can go into the Settings screen to view what permissions an app is using and revoke or allow them. You can also view all apps that use a certain permission.

Custom Chrome tabs

So many apps today have a web component that forces you to jump between a browser and the app or as web view embedded into the app. The Chrome team proposes a different solution - style Chrome to look like a part of the app. The app can launch a custom Chrome tab, style it and add buttons to make it feel almost like a native part of the app.

App links

What if an app needs to interact with something other than a browser? Android M adds a secure way for apps to verify that when they send a request (e.g. open Twitter and show this tweet), the receiving app that handles the request is legit. The OS will verify it cryptographically with the web server, which will thwart malicious apps.

Android Pay

Google has been trying to make mobile payments work for years now, Android Pay is the latest iteration. It will leverage a phone's NFC hardware to stand between the store and your credit card.

The store - or even apps that sell things - will never see the details of your credit card as Pay keeps that private. The service will work with major cards, US carriers (AT&T, T-Mo, VZW) as well as a variety of stores: McDonald's, Subway, Best Buy, Coca Cola, Pepsi, you name it.

Fingerprint sensors

Some vendors are already leveraging fingerprint sensors to secure payments, now Google is making that functionality an official part of Android.

Android M will abstract away the different kinds of sensors, presenting apps with a consistent API, which is bound to make life easier for developers.

Power & charging

Project Volta was the first step and with M Google is pushing ahead with improving battery life with Doze. Phones running the new OS will use their motion sensors to detect when the phone is just laying around and doze off.

Dozing makes apps check with servers and run background activities less often. The longer the phone has been dozing, the less often apps get to do stuff. Still, phones can quickly wake up when needed.

The result is that a Nexus 9 lasted twice as long running Android M than it did on Lollipop.

Another part of battery life is quick charging. Google is adopting the USB Type C standard for its new power delivery modes, which can charge a phone much faster (3x to 5x).

And since Type C is bi-directional you can even make the phone send power down the cable - imagine phones with huge batteries being used as battery packs.

Google Now on Tap

Google Now is also getting smarter with the new "on tap" functionality. It has improved natural language understanding, so you can ask it questions in a natural way - "his", "it", "this", the system is smart enough to figure out what you mean. The service is also aware of where you are in the UI.

via

Android M Developer Preview Gets its First Update

Earlier this summer at Google I/O, google launched the M Developer Preview. The developer preview is an early access opportunity to test and optimize your apps for the next release of Android. google released an update to the M Developer Preview that includes fixes and updates based on user's feedback.

Get ready for the next version of Android. Test your apps on Nexus 5, 6, 9, and Player. Explore what's new — runtime permissions, Doze and App Standby power-saving features, new assist technology, and more.

The Developer Preview 2 update includes the up to date M release platform code, and near-final APIs for you to validate your app. To provide more testing support, google have refined the Nexus system images and emulator system images with the Android platform updates. In addition to platform updates, the system images also include Google Play services 7.6.

Android M is moving to an iOS-style permissions. You don't get asked about all permissions lumped together at install time, instead the app will ask for each permission the first time you use it.

Source, developer preview and SDK and API is available to download from this link.

Major Changes and changelogs can be read from this link. 

Blackberry Bought Android named Domain, Perhaps Phone is Coming

BlackBerry just can't seem to catch a break lately. The legendary Canadian company has been struggling to keep afloat in the competitive mobile industry and Android has been cited more than a few times as the savior the manufacturer desperately needs.

We have heard the rumors time and time again and BlackBerry's own CEO John Chen has even stated that adoption the OS is a possibility, so long as it can be made secure enough by the company's standards.

There is also a rumor that Blackberry may use Android OS on Blackberry Devices to make more secured Android Devices.

It appears, BlackBerry might be closer to adopting Android than ever as the company recently registered two new domains, related to Google's mobile OS. The addresses are AndroidSecured.net and AndroidSecured.com, bother purchased by BlackBerry Limited on July 7.

An Android-powered BlackBerry device is not a bad idea at all. Who knows, the first model could be the start of something new for BlackBerry. Seriously, a BlackBerry Android phone---It would be great.

Blackberry BES12  support the android and Android Lollipop delivers key enterprise functionality and addresses any previous enterprise security concerns. BES12 supports Android Lollipop, allowing you to confidently deploy Android devices in your organization.

BlackBerry® and Google™ are working closely together to set new standards in enterprise mobile security for organizations deploying Android™ devices.

via