Rest in peace Professor Stephen Hawking — an extraordinary brilliant theoretical physicist of the modern era has passed away at the age of 76 — leaving behind many more discoveries.
The great physicist death was confirmed by a family spokesman on Wednesday. His death came from complications of amyotrophic lateral sclerosis, more commonly known as Lou Gehrig’s disease, from which he had suffered since he was 20.
The holder of thirteen honorary degrees, Professor Hawking was well-known for unraveling complicated concepts like black holes, time and the history of the cosmos. And also Hawking’s contribution to theoretical physics was compared to those of Albert Einstein.
Without being beaten down by his physical disabilities, Professor Hawking achievement is a real inspiration for the world.
The Internet has created a fascinating debate amongst government officials, private citizens, and company owners alike. The reason for this is that the Internet has opened private citizens, governments, and businesses to information leaks from dangerous individuals and/or organizations. In order to combat the issue of privacy and Internet espionage, it is important to consider the recent legislation against Internet espionage when making policies for protecting one’s company and private confidential information. In order to learn more about the recent developments in legislation against Internet espionage, consider the conversation below:
Internet espionage has been legislated around the globe. There has been a uniform consensus amongst political leaders that the damages of $1 trillion USD annually from the criminals in this area of crime is having a substantial impact on the global economy. That said, the varying approaches of political leaders have led to conflicts on how companies are able to do business in foreign markets and whether local companies get priority in terms of cybersecurity measures. An example can be seen from the Cyber Economic Espionage Accountability Act that was passed by the United States in 2013. This act placed restrictions on whether servers could be used that were manufactured in China and Russia. Recently, the Chinese government made their own law that is favoring local companies and driving up the cost for owners of Wholly Owned Foreign Enterprises (WOFE) in China, which are the only companies not requiring a Chinese business partner. As more issues appear with the hacking of major companies and private citizen’s confidential information, there will absolutely be an increase of security because governments will be forced to intervene to try to suppress the amount of hacking and Internet espionage that is transpiring.
Do Individuals Have an Awareness of Their Legal Rights & the Heightened Level of Government Involvement Since Snowden?
Snowden really changed the course of hacking and Internet espionage because he made it apparent that even sealed and confidential governmental files were still possible to be hacked. The damage that his document leak caused was substantial for the United States in that it put many top – secret agents in severe danger due to the intelligence that was released. Even though Snowden has sought refuge in Russia, he still remains as a very skilled hacker that was able to expose one of the most powerful governments in the world to danger through a heightened knowledge of computer programing and hacking.
In terms of governmental involvement, The European Union underwent severe negotiations with the United States about whether the U.S. was protecting the privacy of European Union citizens appropriately. As a result of these talks, several reforms were put into place in order to protect European Union citizens within the United States. Conversely, the United States has run into many hurdles with further censorship of Internet security due to privacy issues whose idealism originated in the fundamental values of the United States Constitution.
Why VPN’s Are Essential to Privacy Concerns
VPN’s were not as well known a few years ago; however, due to heightened government censorship and legislation, they have become more available wide stream even for those that are not expert programmers. A VPN allows an individual to browse the Internet anonymously and do whatever they like without a digital trace. These devices can either be used for a simple Gmail or Facebook login in blocked countries such as China or it could be utilized for a Bitcoin trade resulting in buying illegal weapons. VPN’s average roughly $80 USD per year (or half of that with a promotion), which makes them affordable for whoever would like to use them. Due to the wide availability of VPN’s, governments have been forced to consider whether they should be outlawed altogether in order to protect the cybersecurity of their citizens.
Final Remarks
At the present moment, we are living in a society where the Internet has both a useful function and a dangerous one. When the Internet first came out, it was mainly for useful activities; however, due to the heightened knowledge of what the Internet is capable of, there are many dangers that exist when using the Internet. As long as the hackers get more sophisticated, governments will be forced to regulate even more in order to protect their citizens. The question will be regarding how far governments will have to go to protect their citizens or what innovations hackers will create to get past the barriers set out by governments. In the coming years, it will be fascinating to see how the field of cybersecurity develops; however, it is highly likely to say that Snowden was only the beginning as a catalyst to the imperative reform that governments have to make to protect their citizens that regularly use the Internet.
Android Go — a new lightweight version of the Android operating system to provide a lag-free, smooth Android experience to every smartphone, especially for the budget smartphones without compromising any of the important features of parent edition.
Google introduced Android Go as a part of the Android 8.1 Oreo version focusing the devices with 512MB to 1GB of memory. Unlike Android One — company’s previous initiative to power budget models — Android Go is a reimagination of the budget segment entirely.
To make this possible Google made deep changes to the kernel and other elements. Improved performance and storage section of the operating system with data management features and security benefits built-in. A newly redesigned set of applications — may be we can say they are the lightweight version of apps — exclusively for Android Go edition provides fluid smartphone experience to every user. Set of optimized apps includes Google Go, Google Assistant Go, YouTube Go, Google Maps Go, Gmail Go, Gboard, Chrome, and the new Files Go app by Google. Moreover, a tuned version of the Google Play Store is available to download any app.
Features of Android Go edition:
So why Android Go is going to be a savior of future entry-level phones with Android 8.1+ version? As we already said, Android Go never relies on the hardware specifications of a device. If your device comes with fewer resources then Android Go is the one and the only version of Android — may be the only smartphone OS — to reanimate your device as a beast. Here are some notable features of Android Go edition.
Average app is now 15 percent faster on devices running Android Go edition.
Enhanced preinstalled Google apps to take up 50 percent less space thus doubled the amount of available storage on entry-level devices.
Devices running on Android Go edition also come with Google’s data saver features turned on by default.
All devices with Android Go get Google Play Protect built-in.
Already Android platform is ruling the smartphone industry and Android Go significantly lower the barrier to entry for smartphones in emerging markets. Soon we can see many more new high performing Android budget smartphones in the market.
NSA Whistleblower Edward Snowden recently released a new Android app named — Haven — to protect your personal spaces and possessions without compromising privacy.
Haven is an open source project developed by Snowden, The Guardian Project and Freedom Of The Press to aid investigative journalists, human rights defenders, and people at risk of forced disappearance to create a new kind of herd immunity. Snowden who remains exiled in Russia previously developed an exclusive iPhone case designed to alert the user if and when the phone’s radio signals are turned on.
With Haven, you can turn your old Android phone into a surveillance system without worrying about compromising privacy. The app leverages on-device sensors to provide monitoring and turns any Android device into a motion, sound, vibration and light detector. When comes to privacy, Haven uses world’s most secure communications technologies, like Signal and Tor, to communicate anonymously over computer networks.
Haven uses following sensors to watch unexpected guests and unwanted intruders and send alerts via SMS, Signal or to a Tor-based website.:
Accelerometer: phone’s motion and vibration
Camera: motion in the phone’s visible surroundings from front or back camera
Microphone: noises in the environment
Light: change in light from ambient light sensor
Power: detect device being unplugged or power loss
For now, Haven only works with Android platform because anyone can purchase an inexpensive Android phone for less than $100 and use that as your “Haven Device”. And if you run Signal app on your iPhone then you can configure Haven on Android to send encrypted notifications, with photos and audio, directly to iPhone and also can remotely access all Haven log data from your iPhone, using the Onion Browser app by simply enabling the “Tor Onion Service” feature in Haven. But developers also guarantee an iOS version of the app in future.
Microsoft Excel – one of the most widely using productivity application around the world. I think Excel is the best piece of software Microsoft has ever built.Microsoft Excel was first released 30 years ago on September 30, 1985.And the funny part is it was first developed for the Apple Macintosh. The Windows variant came in 1987.
Microsoft Excel that is now a part of Microsoft Office suite and recent reports show that 67% of office roles require expertise in Microsoft Excel. So sharpening up your Excel skills really can help improve pay and job prospects.So from the below infographic compiled by Best STL will show you top 7 essential Excel tricks to make your work fast and easy.
Google Project Zero — team of hackers or security researchers employed by Google to find bugs or zero-day vulnerabilities in all types of software, including that not made by Google. Now under the same initiative, Google has released a powerful tool to help security researchers to hack and find bugs in iPhone.
The exploit is named as tfp0 — created by Ian Beer, a renowned iOS bug hunter and a member of Google Project Zero — capable of finding bugs in iOS 11.1.2, a very recent version of the iPhone operating system.
According to Beer, tfp0 should work for all devices. Although, he already tested it on iPhone 7, iPhone 6s, and iPod touch 6G and adding further support should be easy.
tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy
Why Google released a tool to find vulnerabilities of their competitor’s device? — Since iPhone is one of the hardest consumer devices to hack into and also if someone successful hacked into the device and find the bugs, they never give away the details of the tools they used. But Google Project Zero nonprofit organization aims to make all software, especially that owned by other companies, safer.
According to Google, this exploit is going to accelerate the process of development of an iOS 11 jailbreak.
As the part of national security, India’s internal intelligence agency — Intelligence Bureau (IB) warned soldiers to not to use some Chinese spying Android apps.
IB has released a list of 42 Chinese Android apps which includes some popular ones like — We chat, True caller, UC Browser and UC News — allegedly collecting vital information about the Indian security installations.
According to the report, the Intelligence Bureau in a 24 November advisory has directed the soldiers assigned on Line of Actual Control (LAC) to uninstall these Chinese spying Android apps from their smartphones and also format the device after uninstallation as it may compromise national security.
Chinese Spying Android Apps:
Weibo
WeChat
ShareIt
TrueCaller
UC News
UC Browser
BeautyPlus
NewsDog
Viva Video – QU Video Inc.
Parallel Space
Apus Browser
Perfect Corp
Virus Cleaner – Hi Security Lab
CM Browser
Mi Community
Mi Store
Mi Video call
Vault Hide – NQ Mobile Security
YouCam Makeup
CacheCleaner – DU Apps Studio
DU Recorder
DU Battery Saver
DU Cleaner
DU Privacy
DU Browser
360 Security
Clean Master – Cheetah Mobile
Baidu Translate
Baidu Map
Wonder Camera – Baidu Inc
ES File Explorer
Photo Wonder
QQ International
QQ Music
QQ Mail
QQ Player
QQ Newsfeed
QQ Launcher
QQ Security Center
WeSync
Selfie City
Mail Master
Although, China spying on with their Android apps is not a new incident. Earlier, many reports came against UC Browser about its suspicious way of collecting data from users and transferred back it to China. Now the government also took the matter seriously and recommended the troops to avoid spying Chinese eyes by uninstalling these dangerous apps.
Just remember, unintentionally you may become a traitor to your country by using these apps because who knows without your knowledge, what data are transferring to China by these awful Chinese spying apps.
WPA2 (Wi-Fi Protected Access II) — the WiFi security protocol which considers safeguarding a vast majority of wifi connections has now been compromised to a deadly vulnerability called Key Reinstallation Attacks or KRACK.
Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven discovered and published the details of the attack that affects all major software platforms, including Microsoft Windows, macOS, iOS, Android, and Linux.
WPA2 became the most trusted security protocol that encrypts traffic on Wi-Fi networks to prevent eavesdroppers for last 13 years. In short, WPA2 networks are absolutely everywhere. Since KRACK WPA2 Wi-Fi Vulnerability utilizes a weakness in the WPA2 protocol to recover the key used to encrypt traffic between a client and an access point. The scary part is in some situations an attacker within range of a victim can also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
According to Vanhoef’s research group, “attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks“.
Since the weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations, almost all devices that support WiFi are going to be a KRACK victim. Vanhoef recommends, “To prevent the attack, users must update affected products as soon as security updates become available“.
How attacker use KRACK vulnerability?
As a part of demonstration Vanhoef’s group executed KRACK WPA2 Wi-Fi Vulnerability attack against an Android smartphone. During the demo, the attacker was able to decrypt all data that the victim transmits.
According to researchers, KRACK attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key. About attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:
Vanhoef also points out that 4-way handshake weakness causes WPA2 protocol vulnerable. This handshake is executed when a client wants to join a protected Wi-Fi network and is used to confirm that both the client and access point possess the correct credentials. The four-way handshake also generates a new encryption key—the third communication in the four-step process—to protect the user’s session.
And the KRACK vulnerability allows hackers to trick a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. And the attacker can replay and decrypt packets, and even forge packets in some cases.
Unfortunately, KRACK vulnerability is not only limited to recovering login credentials but also any data or information that the victim transmits can be decrypted. Also, the attack is capable to decrypt data sent towards the victim (e.g. the content of a website) even though websites or apps use HTTPS as an additional layer of protection.
Researchers indexed following Common Vulnerabilities and Exposures (CVE) identifiers to track which products are affected by specific instantiations of KRACK :
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
