Showing posts sorted by relevance for query Bluetooth. Sort by date Show all posts
Showing posts sorted by relevance for query Bluetooth. Sort by date Show all posts

New Xbox 360 Media Remote & Wireless Bluetooth Headset

Posted by Avik Sarkar On 7/30/2011 06:24:00 pm


In Microsoft’s quest to take over the living room, they have announced two new media devices that will make interactions with the Xbox 360 more convenient.
The ongoing success of Microsoft’s Xbox 360 is partially due to the console’s performance as an all around media device. Gaming is definitely the number one focus, but other services make it attractive to non-gamers and casual players too. With uses outside of gaming in mind, Microsoft has revealed a new Media Remote and Wireless Bluetooth Headset that will be available for the Xbox 360 this fall.
The Media Remote will allow Xbox 360 owners to use a more traditional input device when operating their console for DVD, CD, and other media playback uses. The easy-to-use device will contain all the necessary buttons to navigate the Xbox 360 Dashboard, as well as all of the expected media playback controls. Additionally, the media remote will interface with most TVs and have the ability to power the TV on/off, adjust the volume, and change the TV’s input.
Clearly, Microsoft is pushing the Xbox 360 as the perfect device to have in one’s living room as an all around media center (sorry, no Blu-ray). This goes right along with the additional content such as YouTube and UFC – joining popular services like Netflix and Hulu Plus – announced during this year’s E3.
The remote is convenient, but I’m not sure how many people will want to pay for something that is such a minor convenience. I’ve never found using a Xbox 360 controller and TV remote in tandem annoying, or wished for a simpler solution.
The second accessory, a wireless headset with Bluetooth, is yet another device that integrates the Xbox 360 experience with other popular electronics. With the Bluetooth headset, gamers can both chat with their friends online, and easily switch over to answer calls from their mobile phone with the flip of a switch. The headset works with nearly all Bluetooth enabled devices and “Blue and green LED rings of light visually show which mode the device is in.” There are three sizes of ear gels and an ear loop to ensure the device remains comfortable throughout long gaming sessions. This new design is sleeker than the other Xbox 360 wireless headsets and certainly more practical than a wired headset.
It is interesting to see Microsoft further pursuing accessories that support the notion that the Xbox 360 is the best all around media device for the living room. The hurdle for each device will be whether consumers think the added convenience is worth the cost.
What do you think about these devices? Are they worth the money?

The Xbox 360 Media Remote and Wireless Bluetooth Headset will be available sometime in November, 2011 for $19.99 and $59.99 respectively.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Bluetooth Mobile Keyboard Introduced More Comfort & Portability

Posted by Avik Sarkar On 12/18/2011 12:24:00 pm


Microsoft introduced new Bluetooth mobile keyboard which can give more functionality, comfort, portability. The Microsoft Bluetooth Mobile Keyboard 5000 works with any Bluetooth-equipped laptop, but it really shines when used with an iPad, iPhone, iPod touch or Android tablet or smartphone, giving you a comfortable keyboard that’s truly portable.
The best part of the Mobile Keyboard 5000 and its 6000 brother is the fact that the keys are full-sized, and they press down even farther than most laptop keys. While testing, it paired up easily and instantly with iPad 2, and gave typing comfort that far surpassed that of typing on a glass screen.
A downside to using this keyboard with an iOS device is the weird way its “Delete” key works, holding onto the Apple convention — you’ll need to use the “Backspace” key if you want to get rid of any text. And, to skip around between words, your PC keyboard shortcuts won’t work either — you’ll need to hold the “Alt” key as you move around between words instead of the Control-D you might be accustomed to with PCs. This won’t matter much to Mac users, but PC users might need to take a little time to get used to it.
Another downside to using this keyboard is the bane of all Bluetooth devices — they tend to drain the batteries of laptops, tablets and smartphones, which might be a consideration if you work long hours and want to type long missives on your portable gadgets.
Summing up, if you’re one who likes to place a keyboard in your lap, but don’t want the heat and weight of a laptop sitting on you all day long, this keyboard will be ideal. Beyond that, if you like Microsoft’s “comfort curve” design often find yourself needing to type on an iOS or Android device, this well-designed keyboard is worthy of your $49.95.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BTCrack (Bluetooth PIN Bruteforcer Tool)

Posted by Avik Sarkar On 7/31/2011 12:46:00 am


BTCrack is the worlds first Bluetooth Pass phrase (PIN) bruteforce tool! It works by reconstructing the PIN and link key with data sniffed during a pairing exchange. The calculated PIN can then be used to authenticate against a device in pairing mode. During a normal bluetooth pairing process, the two devices involved establish a relationship by creating a shared secret known as a link key. If you gain access to the link key, almost everything is possible! You can passively decrypt the traffic between the two devices or, connect to the Slave device pretending to be the Master and have full access and the other way round by connecting to the master pretending to be one of the slaves only to have full access. Even better, you could just pair with a bluetooth capable machine and have a remote encrypted stealth channel to that machine!
Whats more is that BTCrack also supports the Field-programmable Gate Array (FPGA). This makes it a bit faster than it’s previous versions. BTcrack was actually demoed and realeased at Hack.lu 2007 and 23C3 in Berlin. So yes, it has been a good 4 years since it’s inception.

The only problem is that if you want to capture the pairing data it is necessary to have a professional bluetooth analyzer. BTCrack comes in two versions – one for Windows and the other open source version for *NIX operating systems. On a normal P4 2Ghz Dual Core machine, you can achieve cracking speeds of upto 200.000 keys/sec. If you have a FPGA compliant device like a FPGA E14, then you can even crack at a speed of about 30.000.000 keys/sec!

Download BTCrack 1.1 (btcrack.zip) {For Windows}  here
Download the open source Linux port – BTCrack OSS (BTCrack_OSS.tar) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Your Car At Risk, Hackers Can Attack Modern Cars Remotely

Posted by Avik Sarkar On 12/16/2011 01:33:00 pm


Hackers could attack modern cars without even touching them, as new car models roll off the line loaded with complex IT systems running millions of lines of software code, it's become evident that hacking a car to gain external control of it is possible. While actual cases in the field are rare, the industry is moving to secure its systems and prevent cars from becoming a major target said by Brian Jackson a security researcher. In the exclusive report he said: An unsuspecting driver opens her door and steps into her new car, placing her smartphone on the dash as it connects with the in-car infotainment system for hands-free features. Little does she know there's a Trojan virus on her phone just waiting to be connected to a car – and it executes malicious code on the vehicle's embedded software. Suddenly a hacker has the ability to track her car, unlock the doors, or even control the climate controls and speaker volume.
It sounds like a scene out of the next James Bond film, but the above scenario could be a reality today. As auto makers look to woo consumers with snazzy in-car technology features, they are also opening up personal vehicles to the underground community of hackers that have long targeted computer users. In-car IT systems such as Ford's Sync or General Motor's OnStar could be opening up exploits that allow hackers to take control of your car without even laying hands on it.
While complex in-car IT systems are so new that actual car hacking cases in the field are virtually non-existent, researchers have demonstrated it's possible. But investigations into car hacking by police may be impossible at this point because of a lack of forensics capability to detect malware. All the more reason for security vendors like McAfee, now a division of Intel Corp., to push car manufacturers to pay serious attention to security.
“It shouldn't be the responsibility of the consumers to have to secure these systems,” says Tim Fulkerson, senior director of marketing at McAfee embedded security group. “Just as manufacturers have built in seat belts and air bags, now that they're moving to software innovation, they need to bring software security into these vehicles.”
Best known for its PC antivirus software, McAfee is now working with car makers to build secure enough systems that consumers won't end up buying virus scan software for their ride. When it comes to car makers and securing IT system, Fulkerson says it “is certainly not their area of expertise.”
Perhaps that's why a team of car-hacking researchers from the University of Washington and the University of California at San Diego have had so much success. Dubbed the Center for Automotive Embedded Systems Security (CAESS), the team demonstrated in May 2010 how a criminal with physical access to a car could implant malware. Then in August 2011, the team showed an external car hacking attack could be mounted through various paths including Bluetooth and cellular radio.
One such attack was executed after the researchers reverse-engineered a car's telematics operating system and found the program responsible for handling Bluetooth functions. From there, they planted a Trojan horse (a piece of malicious software) on an HTC Dream smartphone that monitors for new Bluetooth connections and if it finds a telematics unit, sends the payload.
Researchers were also able to use special hardware to “sniff” the MAC address of the Bluetooth connection needed for pairing new devices with the telematics unit. After cracking the password through brute force, or machine-assisted repeat attempts, the Trojan could be uploaded from a device in the attacker's hands.
But seeing such an attack executed in the wild today is unlikely, according to Patrick Neal, a program coordinator for crime and intelligence analysis at the B.C. Institute of Technology (BCIT). He had his students explore car hacking methods identified by the CAESS group and others. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubertooth-r314 (Passive Bluetooth Monitoring Tool)

Posted by Avik Sarkar On 8/14/2011 04:31:00 pm

Ubertooth is an open source 2.4 GHz wireless development platform suitable for passive bluetooth monitoring. It aims to be the world’s first open source and affordable bluetooth monitoring and development platform. It contains both – hardware and software.

This is the official change log:

Enumeration bug fix: The USB descriptor in the bluetooth_rxtx firmware reported one too many interfaces. This broke enumeration on Microsoft Windows operating systems, affecting both native Windows operation and operation in a virtual machine on top of a Windows host operating system.
Firmware revision reporting: The bluetooth_rxtx firmware is now stamped with the svn revision number at compile time. It is possible to query an attached board for its revision with ‘ubertooth-util -v‘, but this only works if newer firmware is installed on the board.
Assembly_test firmware and procedure: Use this firmware and procedure to test a newly assembled board or to test any board to determine if there are hardware failures. The procedure does not depend on any host code; It verifies that passive Bluetooth monitoring works by looking for inquiry packets transmitted by a nearby device.
specan_ui.py renamed to ubertooth-specan-ui
usb_dfu.py renamed to ubertooth-dfu
Many small bug fixes and enhancements

To Download Ubertooth One (ubertooth-r314.tar.gz) Click Here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Released 4 Updates for Windows & Office (22 Vulnerability Fixed)

Posted by Avik Sarkar On 7/13/2011 11:23:00 am



Microsoft today issued 4 updates to Windows and Office fixing a total of 22 vulnerabilities, just one of them rated critical. The first and most serious is MS11-053: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution, which patches a single vulnerability (CVE-2011-1265) in the Windows 7 and Vista Bluetooth stacks. This is a remote code execution vulnerability over a wireless protocol, but it's not as serious as it first sounds.
There are considerable mitigating factors. Microsoft gives this bug an exploitability index rating of 2, meaning that they don't expect reliable exploit code to turn up. Attacks would likely, at worst, amount to a denial of service, i.e. a crash. And of course, the system has to have Bluetooth enabled in order to be vulnerable.There is also a discoverability challenge to any attack; by default, Bluetooth addresses are not discoverable. If you were in communication with a device that wished to attack there are ways to brute force the address, but these are time-consuming and would get past just one of the many barriers to attack here.

MS11-054 is Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege which fixes 15 elevation of privilege vulnerabilities, affecting all versions of Windows and all rated important. The attacker must have valid logon credentials and ability to log on locally. Almost all of these were reported by Tarjei Mandt of Norman, who has made a study of this part of Windows.

MS11-055 fixes a single remote code execution vulnerability in Visio 2003 SP3. This is another of the remote binary planting bugs which Microsoft has been fixing in various products for some time and will for some time to come.
Finally, 
MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege fixes 5 vulnerabilities in the CSRSS of every version of Windows. As with MS11-054, the attacker must have valid logon credentials and ability to log on locally.
Microsoft also released a number of non-security updates for Windows including the usual Windows Mail Junk Filter and MSRT (Malicious Software Removal Tool). Other updates affect Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista and Windows Embedded Standard 7.


-News Source (PC Blog)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

What Risk We are Posing! Everyone Can Become Target of the Latest Cyber Security Threats

Posted by Avik Sarkar On 2/10/2014 07:31:00 pm

What Risk We are Posing! Everyone Can Become a Target of the Latest Cyber Security Threats
According to a report by the Washington Post, hackers may soon be setting up a plan to unfold in 2013 that will target 30 different U.S. banking institutions. McAfee Labs, who has compiled a new cyber security report, says that banks should be on the lookout for software that creates false online transactions or targets transfers tied to large dollar amounts.
Sources say that these threats can all be tied back to “Project Blitzkrieg”, which is a program that has been around since 2008. Within the past four years, it has already stolen $5 million and plans to continue for as long as possible. During the past few months, between 300 and 500 victims located within the U.S. have fallen victim to Project Blitzkrieg’s schemes. By the spring of 2013, McAfee says that things could get even worse for U.S. banks and their customers.
Experts note that this scheme may be tied to reports from back in October by security company RSA that mentioned how a hacker out of Russia named “vorVzakone” has been openly discussing his plan to recruit a team to plan the largest Trojan attack tied to banking. McAfee warns that these threats should be taken extremely seriously as the beginning of 2013 is soon to unfold. The software can become extremely dangerous to those doing their banking online because it can replicate transactions and even delete e-mail notifications about certain transfers.
While U.S. banks will no doubt be increasing their security protocols to protect themselves from any unnecessary attacks, most already know that they are continually being cited as targets from hacking groups around the globe. Back in September, both JP Morgan Chase and Bank of America saw their sites crash because of DDoS attacks.

Samsung Smart TV Dangers
The Register has recently reported that Samsung’s newest Smart TV is completely open and vulnerable to hacking because it gives hackers the ability to steal data very quickly. According to security company ReVuln, this vulnerability most notably affects consumers who own and use their Samsung 3D TVs for internet purposes.
Those who use their Smart TVs can rent movies, browse the web for a cheap line rental, go on Facebook, and more. ReVuln claims that they have found an exploit which allows hackers to see everything the user is doing while they are using their TV, retrieve and access information like web history, and hook up an external thumb drive to the TV to conveniently steal all of this information for future use. While ReVuln noticed this exploit while using a Samsung 3D TV, the true problem is that it seems to affect all of the latest Samsung TVs with internet capabilities, which includes many different makes and models.
As these TVs continue to act more as larger PCs, it is only a matter of time until we see even more security vulnerabilities tied to them in the very near future.

Gas Station Bluetooth Skimming
News site KRCA out of Sacramento notes that crooks are using Bluetooth devices in order to steal credit card information from those who are paying for gas at the pump. The biggest issue the cyber security experts noticed is that these thieves do not even have to be near the gas station in order to steal information.
Crooks are using skimming devices that utilize Bluetooth and contain a variety of common security keys that can be used to access gas pumps for maintenance. They don’t simply pull out their device and begin swiping information for oblivious consumers. Thieves will start by installing skimmers on the pumps to collect information from those pumping gas and then pick them back up. Detectives say that these types of devices are impossible to detect.
According to experts, thieves can be up to 100 yards away and continually collect credit card information from unsuspecting users. Because of this, these crooks are impossible to detect, and the problem may only grow larger in the near future.

Troublesome QR Codes

QR codes seem to be everywhere these days. They’re typically on everything from advertisements to products that we purchase on a daily basis. In the Netherlands, hackers are posting QR codes in heavily trafficked areas like airports and major streets. When these QR codes are scanned in by a user’s smart phone, they are taken to a malicious website that may attempt to phish information from the user or possibly infect their smartphone with malware.

Disclaimer:- Before perfection, on behalf of Team VOGH, I would like to personally thank Eve Halton  for sharing this magnificent article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. She gained decent experience in writing articles on several fields like global politics, economics, sustainability issues, cyber security & many more.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubertooth r434 A Passive Bluetooth Monitoring Tool

Posted by Avik Sarkar On 12/27/2011 10:16:00 pm


Earlier we have talked a lot about Ubertooth. Recently the author has released the last version. Ubertooth is an open source 2.4 GHz wireless development platform suitable for passive bluetooth monitoring. It aims to be the world’s first open source and affordable bluetooth monitoring and development platform. It contains both – hardware and software.


Official Change Log:-
  • ToorCon 13 Badge: This is a special Ubertooth design made for ToorCon 13. Hardware design files and firmware source code are part of Project Ubertooth. For more information, see: http://greatscottgadgets.com/tc13badge/
  • Pogoprog update: The hardware design has been updated. It now uses Micro USB, has a secondary pin header, a more ergonomic PCB shape, and other small changes. Pogoprog can be used to write firmware to the LPC175x on all Ubertooth designs as well as the R8C microcontroller on the ToorCon 13 Badge.
  • ubertooth-dump -f: The -f option tells ubertooth-dump to output the full USB data stream, not just the baseband symbol data. The -i option on ubertooth-lap, ubertooth-uap, etc. support file input of this type and can take advantage of timestamp information. Mostly this is useful for test and development.
  • ubertooth-hop: So far this new command line tool only does hop reversal, an intermediate step toward frequency hopping.

To Download Ubertooth r434 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux kernel (OMAP4) Vulnerabilities, Affected Distribution Ubuntu 10.10

Posted by Avik Sarkar On 10/01/2011 01:12:00 pm


kernel incorrectly handled certain VLAN packets leading to a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. EFI GUID partition table was not correctly parsed leading to  A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges.

=============================================
Ubuntu Security Notice USN-1220-1
September 29, 2011

linux-ti-omap4 vulnerabilities
=============================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10

Summary:
Multiple kernel flaws have been fixed.
Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:-

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
packets. On some systems, a remote attacker could send specially crafted
traffic to crash the system, leading to a denial of service.
(CVE-2011-1576)
Timo Warns discovered that the EFI GUID partition table was not correctly
parsed. A physically local attacker that could insert mountable devices
could exploit this to crash the system or possibly gain root privileges.
(CVE-2011-1776)
Dan Rosenberg discovered that the IPv4 diagnostic routines did not
correctly validate certain requests. A local attacker could exploit this to
consume CPU resources, leading to a denial of service. (CVE-2011-2213)
Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
certain L2CAP requests. If a system was using Bluetooth, a remote attacker
could send specially crafted traffic to crash the system or gain root
privileges. (CVE-2011-2497)
Mauro Carvalho Chehab discovered that the si4713 radio driver did not
correctly check the length of memory copies. If this hardware was
available, a local attacker could exploit this to crash the system or gain
root privileges. (CVE-2011-2700)
Herbert Xu discovered that certain fields were incorrectly handled when
Generic Receive Offload (CVE-2011-2723)
Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
(CVE-2011-2928)
Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)
Darren Lavender discovered that the CIFS client incorrectly handled certain
large values. A remote attacker with a malicious server could exploit this
to crash the system or possibly execute arbitrary code as the root user.
(CVE-2011-3191)

-News Source (Ubuntu) 
 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Countdown Begins, Ubuntu 11.10 (Oneiric Ocelot) Will be Available Within Few Hours

Posted by Avik Sarkar On 10/13/2011 05:11:00 pm


It has been six months in the making and has occupied the time of a cast of thousands, finally the Debian derived GNU/Linux distribution we have all been waiting for is here. Ubuntu 11.10 the Oneiric Ocelot is released on October 13th. Finally that day came. But we need to wait a little more to fell the 11.10 oneiric Ocelot. 
VOGH talked with Ubuntu  developer Team about this release and accroding to them:-
"Today we release Ubuntu 11.10: Oneiric Ocelot after a busy six months of work. Thank you to everyone who participated in this release and put their brick in the wall. We had many wonderful contributions from developers, testers, translators, authors, advocates, accessibility folks, marketeers, programmers, governors, and more. I am looking forward to seeing the release hit the tubes. :-)
This week I have been in London all week for the release week, and it has been a hectic, but useful week. I also used this week to take advantage of the timezone and hop on the phone with some community members on this side of the pond. Thanks to all those for the calls.
Speaking of this side of the pond, I am excited to be able to go to the London release party which takes place tonight on Thu 13th Oct 2011 from 6.30pm at The Cask Pub at 6 Charlwood Street, Pimlico, London, SW1V 6EE. Thanks to the Ubuntu UK team for putting together the party, and it looks like there will be a great crowd there."

All VOGH readers Please check out the event here and register if you plan on coming so the team has an idea of numbers.

Oneiric Release Schedule
  • June 2nd Alpha 1
  • June 30th Alpha 2
  • August 4th Alpha 3
  • September 1st Beta 1
  • September 22nd Beta 2
  • October 13th Ubuntu 11.10
Oneiric will be the second release of Ubuntu to be made available on the 13th, the last being Ubuntu 5.10 Breezy Badger way back in 2005.

Release Schedule of Ubuntu:-
  • Ubuntu 4.10 20th October
  • Ubuntu 5.10 13th October
  • Ubuntu 6.10 26th October
  • Ubuntu 7.10 18th October
  • Ubuntu 8.10 30th October
  • Ubuntu 9.10 29th October
  • Ubuntu 10.10 10th October

10 of the new features implemented in the Ubuntu 11.10 (Oneiric Ocelot):-
1. Breathtaking login manager (a.k.a login screen or display manager)
2. Lots of Unity launcher, Unity Dash, and Unity panel improvements, including smart application finder when dragging different files, unread counters for Mozilla Firefox, Mozilla Thunderbird, Empathy and Pidgin, and smart search in Dash.
3. Awesome backup up tool, called Deja Dup, that will backup and restore all the files (yes, including the hidden ones) in your home folder.
4. Mozilla Thunderbird 7.0 as the default email client (replacing Evolution Mail and Calendar, which has been completely removed from the system).
5. Mozilla Firefox 7.0 as the default web browser!
6. Brand-new ALT+Tab functionality that will work across multiple desktops.
7. Improved office suite - LibreOffice 3.4
8. Easily access various settings straight from the Unity panel, to setup your monitor, bluetooth devices, startup applications, printers, USB devices, and system updates.
9. Simplified and good looking file manager - Nautilus 3
10. Breathtaking Ubuntu Software Center!

-News Source (Ubuntu)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cyber crime class acts

Posted by Avik Sarkar On 5/14/2011 09:15:00 pm


Cyber crime in its many and varied forms has become a standard tool for fraudsters around the world.
Countless people have fallen victim to hi-tech scams, sometimes unaware they are a victim.
Now police are investigating a ‘first’ for this area after a Wentworth Falls family has been stung by a new kind of fraud after students at a Lithgow secondary school accessed their daughter’s phone and transferred credit to the students’ friends.
The mother of the girl, who wished not to be named, said the family had purchased an iPhone for their daughter with an unlimited credit limit.
Their daughter subsequently was loaning her iPhone to her friends so they could text and use the phone to ring other friends.
“We got the bill for the phone and it was a few hundred dollars more than we expected.
“When we looked at it we found that this schoolgirl and her other friends had been downloading our credit and passing it on to their friends,” the mother said.
The students used a new system called Credit Me To You (crme2u) which allows people to transfer their phone credit from one mobile to another on the same carrier.
While the students were using the phone when they were sending the credit, people are also able to take credit using a bluetooth device if they know the information they need.
The Credit Me To You service was established to assist people out of credit and needing access to their phone service in an emergency.
With the friends’ phone numbers on their bill the family were able to contact the parents of the student hackers.
They were shocked when only one parent agreed to pay them back the money their child had stolen.
“The other parents said it was our problem with Telstra and they weren’t worrying about it.
“They said we should just take it up with Telstra,” she said.
“But it comes up on our bill as extra services with these kids’ phone numbers next to the service.”
The mother said the students had also been posting messages via their Facebook account advising all and sundry they too could ‘score free credit’ if others wanted it.
“It is a new type of scamming and the police were very interested when we contacted them,” the mother said.
The family contacted Katoomba Police after the parents refused to pay them back and inquiries could lead to charges being laid.
The incident provides a timely reminder of the many warnings which have been issued about the security of personal phones and not lending them freely to other people. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HP unveils a "technological revolution"... the Wi-Fi mouse

Posted by Avik Sarkar On 5/18/2011 12:15:00 am




HP has unveiled what it calls a "technological revolution" - a Wi-Fi mouse.
The new HP Wi-Fi Mobile Mouse is the first to connect over Wi-Fi, which HP said helps free up USB ports occupied by wired mice or wireless versions that require a USB-based radio frequency connector. It will work from up to 30 feet away.
"It ranks as a technological revolution because it eliminates wires and external receivers forever, offering total freedom at your fingertips," HP said, seemingly without irony.
The technological marvel promises a nine-month battery life - twice that of Bluetooth rivals - and comes with five customisable buttons and a laser sensor. It features what HP describes as a "sculpted shape designed to fit like a glove in your hand".
The Wi-Fi only works with Windows 7 machines and will be available this month for £40.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Researchers Said Cars Equipped With Computers are Vulnerable to Hacking, Intel Investigating

Posted by Avik Sarkar On 8/27/2012 12:21:00 pm

Researchers Said Cars Equipped With Computers are Vulnerable to Hacking, Intel Investigating 

Security researchers have unveiled that cars equipped with electronic communications systems and computers are vulnerable to hacking and viruses, which could translate to crashes while on the road. According to a report of Reuters a special team employed by Intel is looking into software and hardware vulnerabilities in modern cars that could allow access to hackers to take control of vehicles. Barnaby Jack, a director of research at security consulting firm IOActive Labs, who became famous when he announced that he could make an ATM machine dispense money to anyone and to cause medical equipment to pump lethal doses of insulin to patients, is one of the members of the group.
Another research group demonstrated a simple method of infecting a car with a malware by using nothing but a CD. When the victim plays the CD,  the malware is activated and jumped from the CD to the computer system of the car. While infecting the car radio is not life threatening at all, the code executed after running the CD can gain access to other important systems of the car itself. Researchers also said that car viruses can be utilized for more subtle use. One example they mentioned was to use it to remotely listen on conversations inside the car. It’s like a Hollywood-style trick but could come in handy for use for government spying or corporate espionage. Modern automobiles are already considered “computers on wheels” by security experts and it’s only a matter of time before their vulnerabilities will be exploited widely. Today’s cars are filled with small computers known as electronic control units or ECUs that needs a very sophisticated set of codes to manage interconnected systems like brakes, engines, navigation, entertainment, and lighting. They are also employing technologies common to mobile devices such as Bluetooth headsets and cell phones, making them vulnerable to remote attacks widely known among black hats or criminal hackers.
Security experts fear that terrorists, criminals, and spies will turn their attention to embedded computers, which can be attacked using similar techniques as common computers. One particular issue for concern arises and that is how to fight the transfer of PC viruses that could affect the computers in a car when laptops and other devices are plugged into entertainment systems of cars??



-Source (The Droid Guy)










SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux Kernel Update Brings a New Wave of Hardware Support

Posted by Avik Sarkar On 5/20/2011 01:46:00 pm



Updates to the Linux kernel are always exciting because of the advance look they provide at what's to come in upcoming Linux distributions, and Thursday's 2.6.39 release is no exception.
Perhaps most notable for the hundreds of new drivers it includes--portending a world of even better hardware support in upcoming distributions of the free and open source operating system--the new release also includes virtualization improvements, simplified firewall configuration and a host of other new features.
Though it was delayed by a few days, work on version 2.6.39 "has been fairly 'easy'," Linux creator Linus Torvalds wrote in an explanatory e-mail announcing the release.
Not only did the release take just 65 days of development, but "-rc2 was calm, -rc3 was _really_ calm, and -rc7 was tiny," Torvalds explained. "And while this has more commits than -rc7 had, I didn't feel like that changed the overall picture much: we really did have much less churn after the merge window closed than we usually do. Which actually makes me pretty happy about the state of 2.6.39

Not only did the release take just 65 days of development, but "-rc2 was calm, -rc3 was _really_ calm, and -rc7 was tiny," Torvalds explained. "And while this has more commits than -rc7 had, I didn't feel like that changed the overall picture much: we really did have much less churn after the merge window closed than we usually do. Which actually makes me pretty happy about the state of 2.6.39."


AMD 'Cayman' Graphics Support
Among the new and enhanced drivers present in Linux kernel 2.6.39 are support for AMD "Cayman" high-end graphics cards and GPUs as well as drivers for Samsung notebook function keys and Realtek RTL8192CU and RTL8188CU Wi-Fi chips, according to a report on The H.

The b43 driver code for Broadcom 802.11n chips has also been bolstered so that BCM4321 and BCM4322 components, among others, are now at least partly supported. Then there's the iwlwifi driver, which now reportedly supports Intel 2000 series WLAN chips.

An enhanced Nouveau driver boosts support for Nvidia GPUs while a basic Poulsbo KMS driver is included, but without acceleration support, Phoronix reports.


'IP set' for Firewalls
Support for IP set, meanwhile, makes it easier to configure and deploy a firewall, while a new network back-end eases Xen virtualization. Bluetooth code has been enhanced, and modified TCP protocol code can reduce perceived latencies during network communication by as much as 10 percent, The H reports.
Two downsides to the new release, on the other hand, include the fact that the Linux kernel is still "burning through power," according to Phoronix, as well as that support for Intel's Sandy Bridge processors is not yet included.
Linux distributions such as Ubuntu and Linux Mint are drawing more attention and users than ever before thanks to their ever-improving compatibility and usability. It's great to see all the many improvements that are still to come.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Auto industry taking steps against hacking

Posted by Avik Sarkar On 4/25/2011 01:41:00 pm


Could modern cars operating with the help of internal computers be vulnerable to hackers? Could someone tamper with your software-controlled brakes or stop the engine from afar?

The familiar problem for personal computers is being studied in automobiles as internal computer networks become as critical to vehicles as tires and engines, and as auto companies push to bring the Internet to motorists.

Two researchers demonstrated the ability last year to hack into the internal networks that operate a car’s brakes and engines. While there is no evidence that anyone has hacked into auto computer systems to compromise safety or steal vehicles, industry groups are studying the issue in hopes of getting ahead of future cyber-attacks.

“When people first started connecting their PCs to the Internet, there wasn’t any threat and then over time it manifests,” said Stefan Savage, a University of California, San Diego, computer science professor who conducted the research. “The automotive industry, I think, has the benefit of the experience of what we went through.”

As vehicles are increasingly computerized, researchers and industry officials consider it inevitable that cars will face the same vulnerabilities as PCs. Internal computer networks monitor and control everything from brakes, engines and transmissions to air bags and keyless entry functions. Wireless connections, meanwhile, are becoming more common in reporting a vehicle’s position or providing information about the car’s functions. Some auto companies are creating applications to allow users to control some features in their car with their smart phone.

In a paper presented at a computer security conference last year, Savage and Yoshi Kohno, a computer science professor at the University of Washington, described how research teams were able to “bypass rudimentary network security protections within the car” and “adversarially control a wide range of automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine and so on.” The research team also showed how an attack could embed malicious code in a vehicle and then erase any evidence of its presence after a crash.

In a new study, they found ways to compromise security remotely, through wireless interfaces like Bluetooth, mechanics’ tools and even audio files. In one example, a modified song in a digital audio format could compromise the car’s CD player and infect other systems in the vehicle. They were also able to “obtain complete control” over the car by placing a call to the vehicle’s cell phone number and playing an audio signal that compromised the vehicle.

Other reviews have raised similar red flags. Research teams at Rutgers University and the University of South Carolina showed vulnerabilities of in-car wireless networks that operate tire pressure monitoring systems that tell motorists if their tire needs more air. From a distance of 40 meters, they bypassed security to tap into information identifying the tire and tire pressure of cars driving down the road.

The auto industry has taken notice. Jack Pokrzywa, who manages ground vehicle standards for the Society of Automotive Engineers International, said the industry formed a panel to investigate the issue and hopes to develop common standards and ways to address hacking within the next year. “The industry is certainly concerned about this,” Pokrzywa said.

“Things can be done, if there is a mindset to do this, and with all the electronic devices and the software running them, it’s kind of inevitable that someone will find a way,” Pokrzywa said. “These systems are not built with firewalls upon firewalls.”

The United States Council for Automotive Research, a group funded by Detroit’s auto companies, is also forming a task force to study the issue, said spokeswoman Susan Bairley.

Researchers say they do not want to be alarmist and note that in many cases it required coordinated efforts to bypass the security systems. Kohno said their research was the result of two years of work.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubertooth r219!

Posted by Avik Sarkar On 4/26/2011 12:49:00 am


Ubertooth is an open source 2.4 GHz wireless development platform suitable for passivebluetooth monitoring. It aims to be the world’s first open source and affordable bluetooth monitoring and development platform. It contains both – hardware and software
Download Ubertooth One (ubertooth-r219.tar.gz) here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubertooth r238 is now available

Posted by Avik Sarkar On 5/27/2011 09:07:00 pm


Ubertooth is an open source 2.4 GHz wireless development platform suitable for passivebluetooth monitoring. It aims to be the world’s first open source and affordable bluetooth monitoring and development platform. It contains both – hardware and software.

This release fixes a few errors in the firmware.
Download Ubertooth One (ubertooth-r238.tar.gzhere.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

ESET Released Antivirus for Android in Beta

Posted by Avik Sarkar On 6/18/2011 01:44:00 am



ESET is well-known in the PC arena for its NOD32 antivirus and ESET Smart Security suite. The company's existing mobile security product supports Windows Mobile and Symbian devices. ESET Mobile Security for Android Beta (free, direct) extends the same protection to the Android realm.
ESET Mobile naturally includes protection against Android malware. It checks processes and new apps in real time and also scans for threats on demand. Some mobile security products eliminate almost all antivirus configuration settings. Lookout Mobile Security is an example. ESET includes a full set of configuration choices, much like what you'd find in a PC-based antivirus. It uses heuristic analysis, it can quarantine suspect files, and it optionally scans inside archives, among other things.
Like Kaspersky Mobile Security 9, Norton Mobile Security 2.0 Beta, and others ESET Mobile can respond to coded SMS messages by locking the phone, transmitting its GPS location, or wiping all data from the phone. You can't track the phone by logging in to a Web site the way you can with GadgetTrak Mobile Security for Android & Blackberry 3.1, Mobile Superhero, and others, but ESET's SMS response to a location request includes a Google Maps link.
A thief who attempts to evade ESET's protection by swapping out the SIM card won't get far. Insertion of a SIM card not already marked as trusted will cause the phone to automatically lock and secretly send an alert SMS to one or more predefined contacts. The alert SMS contains the new SIM card's phone number, the IMSI (International Mobile Subscriber Identity) number and the phone's IMEI (International Mobile Equipment Identity) number. ESET also protects against uninstallation on Android 2.2 and later.
ESET's antispam feature isn't as ambitious as that of PrivacyStar and Mr. Mr. Number, which use crowdsourcing to block known spam callers. You can set ESET to block specific blacklisted numbers or to block all incoming calls and texts that don't come from your contacts. The app retains information about blocked contact attempts, so you can review the contact log and make any necessary adjustments.
The most unusual feature ESET offers is the security audit. This isn't an audit of app permissions like that found in Lookout and in Webroot Mobile Security for Android. ESET audits the device daily and automatically fixes everything it can. You can also manually run an audit at any time. ESET alerts if battery power or free disk space are too low. It reports security problems with Bluetooth, GPS, and GSM Network as well as with installed applications and stored data. The included Task Manager lets you view running processes and terminate non-system processes.
This app, currently in beta testing, can be downloaded from the Android Market or directly from the ESET Web site.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers can hacked into your e-mail setup system if your wi-fi system is unprotected

Posted by Avik Sarkar On 4/25/2011 01:46:00 pm


"It is alarm time for all of us, an infectious virus has entered into the system through the Wi-Fi setup of gate no. 23 router 1.0.1.5", this was the call of the system manager of Nasa's chief security department on the day when one of Nasa's server was hacked from outside through the wi-fi system. Almost all of our homes, offices, military buildings, security departments use computers and internet, and modern days' technology enables us to use wireless setup of the network where the network can be accesses through Bluetooth type devices from anywhere within the server premises. But these wi-fi connectivity needs to be secured from inside as packets and information which are transferring through the gateway can be caught at unwanted ends anytime without our concern.
The internet and e-mail setup system use packets which carry information while leaving a machine. The data is stored in binary format which carries the actual information as well as the source and target destination addresses which are indicated by binary digits. If you think your PC as your home and the information leaving your PC as a member of the house, thus when the information is leaving for the destination indicates that your family member is on-road now. Hackers are spread out all over the world and hence will be waiting outside your home, or you can say PC, to get control over your family member, or you can say your personal information.
So in case we do not give any protection to our family member, in that case the family member can be kidnapped, or rather your personal information can be opened to an outsider. This requires a guard which will guard your family member from your home to your target house, means the data packet will be safely transferred from your PC to your target server. This protection is needed to set up with your e-mail setup system which will provide a protection to your data packets and your valuable information. What is followed today is that the data that is put into the packets are encrypted with a key which is known only on the sender and targeted machines. When a packet is transferred, the data inside is encrypted with that key and correct decryption is done only through that key when it reaches the proper target.
Hence if any of the packets get hacked from middle, it will not be of any use to the hacker as the hacker will not have the proper key with him or her. A wrong key will decrypt the file to wrong information, which will be useless for the purpose the file is hacked. But don't get relieved that it's done and you are protected, no, not at all. Because hackers are aware of such systems more than we do, and they are just brilliants in these fields. What they do is directly hack the wi-fi setup of your system, thus get into the control of the whole of your machine and take up required information. So we will have to protect our wi-fi system as well to protect our homes from unwanted hazards. These will be discussed in the next edition of the article.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Wireshark World’s Most Popular Network Protocol Analyzer is Now on Ver. 1.4.9 & 1.6.2

Posted by Avik Sarkar On 9/11/2011 04:43:00 pm


Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

This is the official change log for Wireshark:-

  • wnpa-sec-2011-12A large loop in the OpenSafety dissector could cause a crash. (Bug 6138)
  • Versions affected: 1.6.0 to 1.6.1.
  • wnpa-sec-2011-13A malformed IKE packet could consume excessive resources.
  • Versions affected: 1.4.0 to 1.4.8, 1.6.0 to 1.6.1.
  • CVE-2011-3266
  • wnpa-sec-2011-14A malformed capture file could result in an invalid root tvbuff and cause a crash. (Bug 6135)
  • Versions affected: 1.6.0 to 1.6.1.
  • wnpa-sec-2011-15Wireshark could run arbitrary Lua scripts. (Bug 6136)
  • Versions affected: 1.4.0 to 1.4.8, 1.6.0 to 1.6.1.
  • wnpa-sec-2011-16The CSN.1 dissector could crash. (Bug 6139)
  • Versions affected: 1.6.0 to 1.6.1.


The following bugs have been fixed:-

  • configure ignores (partially) LDFLAGS. (Bug 5607)
  • Build fails when it tries to #include <getopt.h>, not present in Solaris 9. (Bug 5608)
  • Unable to configure zero length SNMP Engine ID. (Bug 5731)
  • BACnet who-is request device range values are not decoded correctly in the packet details window. (Bug 5769)
  • H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call. (Bug 5848)
  • Wireshark crashes if sercosiii module isn’t installed. (Bug 6006)
  • Editcap could create invalid pcap files when converting from JPEG. (Bug 6010)
  • Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows. (Bug 6114)
  • Malformed Packet in decode for BGP-AD update. (Bug 6122)
  • Wrong display of CSN_BIT in CSN.1. (Bug 6151)
  • Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c. (Bug 6166)
  • Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages. (Bug 6168)
  • ReadPropertyMultiple-ACK not correctly dissected. (Bug 6178)
  • GTPv2 dissectors should treat gtpv2_ccrsi as optional. (Bug 6183)
  • BGP : AS_PATH attribute was decode wrong. (Bug 6188)
  • Fixes for SCPS TCP option. (Bug 6194)
  • Offset calculated incorrectly for sFlow extended data. (Bug 6219)
  • [Enter] key behavior varies when manually typing display filters. (Bug 6228)
  • Contents of pcapng EnhancedPacketBlocks with comments aren’t displayed. (Bug 6229)
  • Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo. (Bug 6237)
  • Mis-spelled word “unknown” in assorted files. (Bug 6244)
  • tshark run with -Tpdml makes a seg fault. (Bug 6245)
  • btl2cap extended window shows wrong bit. (Bug 6257)
  • NDMP dissector incorrectly represents “ndmp.bytes_left_to_read” as signed. (Bug 6262)
  • TShark/dumpcap skips capture duration flag occasionally. (Bug 6280)
  • File types with no snaplen written out with a zero snaplen in pcap-ng files. (Bug 6289)
  • Wireshark improperly parsing 802.11 Beacon Country Information tag. (Bug 6264)
  • ERF records with extension headers not written out correctly to pcap or pcap-ng files. (Bug 6265)
  • RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
  • Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
  • Wrong display of CSN_BIT under CSN_UNION. (Bug 6287)
  • MEGACO context tracking fix – context id reuse. (Bug 6311)

Updated Protocol Support:-
BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP, ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP

New and Updated Capture File Support:-
CommView, pcap-ng, JPEG.


TO download Wireshark click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search