Category Archives: Tech

Tech news, Hardware, Latest software, Mobile Phones, Other Tech products like TV, Laptop Notebooks, Graphics Cards, Processors etc….

A Massive Hole In The Internet Security – Heartbleed Vulnerability

Most probably Heartbleed is going to be the vulnerability of the decade in the internet history. You might have heard the word Heartbleed, received bunch of mails from your favorite web services. This article will help non-technical people to understand What Heartbleed is, and how to be immunized  to the bug.

Heartbleed is a bug disclosed to the public on 7th April, 2014. It is a vulnerability in the open source SSL(Secure Socket Layer) cryptography library. This open source OpenSSL is software implemented in server side which is responsible for security and integrity of the data while in its transmission. The communication between your system/PC and the web server have to be sent through a secure line to avoid attackers to eavesdrop in the middle. Whatever URL that has ‘s’ at the end of http like htts://domain.com, you know for sure those sites implementing the SSL for security. To avoid this middle man attack all the data sent through this secure line is encrypted in the both end while sending and de-crypted  at the other end.

Its like sending messages as cipher, to decode the cipher the PC or your Server needs the key. These keys are digital keys that has to be exchanged between the two communicating ends. Meanwhile the connected PC continuously checks the liveliness of the link by requesting a signal from Server. The server sends the signal to all the connected nodes (PCs) in a ordered frequency. This signal is called ‘Heartbeat’. If the end node doesn’t get this heartbeat signal for a moment of time, then it assumes the server is down and closes the connection.

Here comes the vulnerability part. When a node request for a heartbeat signal from the server with a particular size, the server will respond to it with the data it needed at the same size requested. But it failed to check the validity of the size. So if a hacker requests for the heartbeat signal with some little big size than it needed, then the server respond with the data it needed and for remaining size it adds up the data from the server memory. Unfortunately that data are very critical sensitive data of users of the server, that includes passwords, credit card numbers, and most of the unencrypted data and other cookie information, session details etc.

Image Courtesy : xkcd.com

Image Courtesy : xkcd.com/1354

 

It is believed more than half a million web servers were affected by this, and millions of data has been hijacked. No body is sure with the infographs of this attack, but many web services openly accepted they were victimized.

It seems Google patched their servers on March 21st  and Cloudflare on 31st. Cisco announced that its most of the equipment has been vulnerable to this attack, which in turns leaves our sensitive data at risks. We know CISCO’s hardware constitutes the majority of internet.

How to be get immunized from this bug… Solution is simple, change all your login credentials like passwords, security questions, PINs etc. Log out of all the accounts from all the devices you use and login again with new passwords. Update all your softwares, apps. This applies for all the services. All other steps has to be taken by your service offerers, as they have to update their OpenSSL with the patches for the bug.

Not all the websites has been attacked, it is a guess that most of them were. Ironically the services which hasn’t update their OpenSSL for long time stayed secure. And the early adapters of the patch also immune to this attack. As I am using LastPass for managing my digital credentials, it helped me finding the attacked websites and I changed my passwords for those sites which listed under attacked.

For more reading : CNet , Heartbleed

Hope the article helps. Will see you in another. Don’t hesitate to register your views in the below comment box.

Panono – The Panoramic Ball Camera

Panono is a gadget has 36 high resolution cameras compactly fitted in a ball facing all the direction.  This camera automatically takes the picture at the highest point when it is tossed in the air.  It has a highest resolution of 108 Mega Pixel spread all over the panoramic image. Soon after it takes the picture it will be sent to the smartphone paired to it. You can visualize the photo in pano effect by changing the orientation of your smart device.  Panono is still in its infancy, expected to reach market in September 2014 and it is not going to be cheap. The price will be around half grand US dollars.

List of Android Apps To Increase Your Productivity

Once again a post on android apps. Now I came up with a list of apps that increases your overall productivity. Just the name of the app is suffice, as the ‘Play Store’ has all the description, review, comments for the each app. I have been using most of these apps for long time. Here’s the list.

Productivity Apps

  • Evernote with Skitch [ Note Taking ]
  • Any Do [ Task Manager, Reminder ]
  • CamScanner [ Convert camera captured physical documents in to pdf ]
  • SketchBook [ a Photoshop alternate for android ]
  • QR droid
  • Keep [ Google's new note taking app ]
  • Truecaller [ Tells who is calling you even if they are not in your contact list ]
  • Swift Key/A.I. Type [ Intelligent keyboard apps ]
  • GForms [ Submit data to Googe spreadsheet/forms ]
  • Drive/SkyDrive/Box.net
  • Office Suite Pro
  • Translate

Automation – From the previous article

  • Tasker / Automate It
  • Locale
  • Juice Defender
  • Quiet Balance
  • Auto SMS & Answering Machine

Other Apps

  • Flipboard / Currents
  • Speed Test
  • Hide It Pro [ locks apps, gallery, messages etc ]
  • Debt Tracker [ money tracking app ]
  • Goggles [ image search app ]
  • Astro File Manager

The list doesn’t end here. I will definitely come with some more additions to this list as I still looking for best apps to server each purpose. As I already said, this list is based upon my experience, you may share your favorite apps in the comments section.

Few Apps For Android Automation

In your daily life, you have to do many repeated things with your android phone from changing your ringer to vibration mode when entering in to office, switching on wi-fi when you came back to home, switch on your GPS when you need to open a map, while somebody calls, you have to send a ‘call you later’ message when attending a meeting, adjust your screen brightness, screen lock time, switch on/off your network connection in order to save your battery, likewise the list grows.

Automating these tasks will greatly increases your productivity. These jobs are done automatically without or with very less human intervention you get the following apps in your android phone.

1. Locale (Premium)

Locale is one of the best intelligent location based profile changer app in the android market. It requires to mark your place like home, office in the map and need to define the profile for those places. That’s all, all the other things will be taken care by Locale. Based on many factors like wi-fi hotspot, Network’s Cell IDs, etc are used  to find your position.

2. Juice Defender (Free & Premium)

Juice Defender is a battery saver app, it intelligently turns on your wi-fi, network for internet connectivity and switches off when it is not needed (when the screen is off). And it periodically allows to connect to internet for syncing apps to update mail inbox, weather widgets etc. Sometimes you don’t want certain apps (like gaming apps) to connect to internet, and for some apps you want them to be always in connection (like internet messaging apps), these will be achieved seamlessly with Juice Defender. Juice Defender is available as Juice Defender Free, Juice Defender Plus, Juice Defender Ultimate. For me JD Plus is doing much more than I want it to.

3. Tasker (Premium) and Automate It (Free & Premium)

‘Tasker’ provides nearly endless way to automate your android phone. But it itself doesn’t have any bit of intelligence. You need to configure everything. Yes, tasker has the capability to sense almost every small bit of change in your phone and also has the capability to make almost all (if your phone is rooted) changes from changing your phone’s wallpaper to changing the CPU’s frequency.

‘Automate It’ is a more simplified yet more powerful form of ‘Tasker’. For those who don’t want to fall under the long learning curve of ‘tasker’ can easily cope up easily with ‘Automate It’.

4. Quiet Balance (Free)

‘Quiet Balance’ is a simple message-filtering utility app, which filter the USSD messages (the annoying messages shows internet usage, call balance after call and message balance after a message sent). When I say filtering, you can configure how the filtering should be.

5. Auto SMS (Free & Premium) and Answering Machine (Free)

From the app’s name you can understand what these apps are for. Though the SMS auto reply for incoming SMSs and phone calls can be achieved by making a small profile in ‘tasker’ or ‘automate it’ (GoSMS also has the auto reply feature), ‘Auto SMS’ is little more convenient a dedicated app for auto replying than other methods.

Answering Machine – is one of the best of its kind in the market. This app holds all the functionality of the real answering machine.

Other than these apps there are few more good apps are available in Play store, but the only reason I recommending these apps is because of the experience I had in the past. Try these apps yourself, for the premium apps like Locale, Tasker, what I could say is ‘it’s worth the money’.

IBM’s 5 in 5–Giving Senses To Computers

‘”5 in 5”, does it make any sense? No??. Actually it gives sense. Recently IBM announced the future of cognitive computing, i.e. equipping computers/smart-phones with 5 senses with in 5 years from now. In short 5 in 5. Those 5 senses were obviously

  1. Sight
  2. Touch
  3. Hearing
  4. Smell
  5. Taste

What would happen if the computers can sense the above in future? No this is not the right question we have to ask here. In today’s world, with the plethora of sensors capable of reading ample parameters in almost all areas found by human, sensing things are not an exciting one to hear. So what IBM is going to concentrate here is processing the senses, that is ‘cognition to computers’. Without a brain, all the things sensed through our five sensory organs are utterly a futile chemical reactions over our nerves. It’s equivalent to a person in coma.

So sensing needs ‘cognition’, that paves way to ‘Recognition’. Here recognition for computers is achieved by processing the sensed things, that may be sight or touch or any of the other senses stated above, and yes this includes all probability of combinations. Here is the quote from Bernard Meyerson’s (Chief Innovation Officer, IBM) article, which I feel conveys the goal of “5 in 5” better.

Today, if you put a robotic track inspector in a railroad tunnel and equipped it with a video camera, it would not know what to make of an oncoming train. But what if you enabled it to sense things more like  humans do–not just vision from the video camera but the ability to detect the rumble of the train and the whoosh of air? And what if you enabled it to draw inferences from the evidence that it observes, hears and feels? That would be one smart computer–a machine that would be able to get out of the way before the train smashed into it.

The action of moving away from the track if train comes is triggered by the result of intelligence. Intelligence is the ability of acquiring and applying knowledge. Certainly it is not possible to fill in computer’s memory with billions of lines of code, in order to load the knowledge for all situations and conditions that are not predictable at the time of coding.

When we talk about giving senses and brain like human to computers, then the same paradigm should be followed for imparting knowledge to computer. That’s ‘Artificial Intelligence’, learning from past, learning from mistakes, learning from success, and it should learn till its obsolescence. Finally and most importantly computer should decide from options of results from its knowledge bank.

What would be the benefits we will be enjoying in few years, after IBM’s dream becomes real? I leave this question for you, fill up the comment form below with your views.

In my perception, the answer for above question is, “Humans are rationally irrational, while these systems are irrationally rational”. IBM believes their dreamt computers can really help in making decision for problems, especially in places where ego and other humanly factors deteriorate the outcomes.

But I personally feel, “As the human thoughts are not bound by logic, it has the extraordinary and naturally inherited capability of innovating and inventing. In history, almost all the big decisions were made by great legends doesn’t solely depend on the logics and knowledge they had, it’s because of something like intuitions/inner voice, gut feelings, faith in God, hope and the list extends and ends with daring to take risk.

Try Windows Phone 7 Online – Interactive Demo/Emulator

After hearing lots of talk over internet on Microsoft’s latest astonishing mobile OS called Windows Phone 7 named ‘Mango’, many of them were just curious to try it, especially its Metro UI (user Interface). It’s new, We don’t have any idea how it feels when we use it, We don’t know how it will do, when we hold it on our hands. To know that, we don’t have to afford for a new phone, for the sake of trying its interface and look. Microsoft planted a online based interactive demo on its website for those who want to try it, before buying it.

The demo is quite interactive, which seems to resemble a emulator, but it is not. It demonstrates some of the features that might help you to understand the interface better. Not all the features are functioning, but some of them like adding a calendar entry, adding a mail account (predefined account) and some more. This is just to demonstrate how the interface works. As it is online based and runs on browser, you can try this in your mobile browser, this gives you a feel that you are using windows phone until you reach the limitation boundary of this demo.

The demo performs better in desktop based browsers, it succeeds in delivering all the graphical effects concerned to the user interface. Those who are new to Metro UI can experience and learn the way how it works. The interactive demo also guides with a green dot and green swipe symbols to show the new users clickable areas which shows them the new feature and swipe direction. Note that, this is online JavaScript based demo, the real windows phone works far better than this, while the graphics are even more eye catchy and feel were even more feather touchy.

Windows Phone Demo Page on Microsoft’s site, If you are using mobile phone to view this, the demo may or may not appear based on your phone’s capability.

Flame – New Era’s Cyber Warfare Tool

On May 28, 2012 Russian based Anti-virus company Kaspersky announced the discovery of ‘Flame’ a malware which caused a substantial damage in Iran and other Middle-east countries Israel Palestine, Sudan, Syria, Lebanon and Saudi Arabia. Flame also known as sKyWIper (Sky Wiper) is the latest discovery of it’s kind. Expert says Flame is the most advanced and complex malware ever encountered til date which is 20 times bigger in size (around 20 MB)when compared to it’s predecessors Stuxnet and Duqu which’s existence was discovered in 2010 and 2011 respectively.

Area infected by Flame - Iran, Israel, Syria, Lebanon

Infected Area & Code Sample - Released by Kaspersky Lab

Based on Kaspersky Lab’s report, Flame’s foot prints were found in nearly 600 computers and the estimation says that the numbers may extend to few thousand computers. It is believed Flame has some 20 modules coded by different programmers enough to make it as one of the most complex and efficient malware the world seen so far.

Technically Flame and Stuxnet aren’t viruses. Flame isn’t programmed only to damage data and (replicate itself as virus do ) spread across computer systems. Flame passes to the another computer only if it is prompted by the hacker (or person who controls it). Flame is the cyber espionage tool which has the capability of looting the information from the affected system and transfer it to the hacker.

The sophisticated part of it is, capability of taking screen shots of the screen, ability to record sounds with the help of computer’s microphone, recording of key strokes, scanning through the files for vital information, etc. To my exclamation, it has the capability of invoking bluetooth connection to other devices for pulling the contacts list from the smartphones and even to connect and communicate with internet through the wireless devices.

Flame has been in the wild for last five year undetected. It starts innocuous internet explorer session in the background to send the collected information to the 100s of servers tied to this around the world. It didn’t do anything much noticeable to find it as a threat. But, Iran admits Flame caused substantial damage by wiping out the hard disk data of it’s oil resources as Flame was intended to spy and destroy oil and nuclear projects of middle east.

Because of the complex coding, the track down for the guilty person is impossible. Experts are still going through the thousands of lines of codes for any clues that leads them to ‘X’ and the organisation or nation which is behind this cyber war.

 

Microsoft’s SkyDrive Boosts It’s Free Storage To 25 GB

Recently after Google debuts it’s online storage space ‘Drive’, Microsoft announced 25 GB free upgrade for it’s ‘SkyDrive’ users. All the new and old users who used to have 7 GB of free space can upgrade to this free 25 GB offer. But by default it will be only 7 GB.

To get this free upgrade, just log in to your SkyDrive with your Windows Live credentials and click ‘Manage Storage’ link given in the left side bar of the page, soon you will be presented by a page with a option to choose your 25 GB free upgrade. Note that, the file size limit of the every file stored in SkyDrive is also increased from 300 MB to 2 GB.

The next big trend of the internet is cloud storage, and it started to fires up.

Google’s New Cloud Storage – Google Drive

A few weeks before, Google starts providing it’s cloud storage service in the name of ‘Google Drive’. In fact, Google is providing the cloud storage for us since long ago, even before the word ‘cloud’ comes to fame. Google’s online document editor Google Docs has 1 GB of cloud storage, Picassa – the Google’s online image storing and editing service gives another 1 GB of storage for saving your photos on the cloud & some other services like blogspot & plus has unlimited storage.

In the stream Google includes 5 GB of storage for every user in it’s new storage service called ‘Google Drive’. Google Drive is a online (cloud) storage space in which a Google user may store up to 5 GB of data for free, and you can buy more storage space if you need. Primarily Google Drive replaces the storage space of Google Docs’ 1 GB, while the Gmail storage space increased from 7 GB to 10 GB few weeks ago.

The main feature of Drive is Synchronizing across computers, the data in your Google Drive is automatically synced to your computing devices’ Google Drive folder. (Desktop, Notebooks, Smartphones) provided the required Google Drive software installed on those devices.

Drive supports more than 30 file types with the capability of editing through online, that includes Adobe’s Photoshop, Illustrator, etc. As Google Docs replaced by Google Drive, Drive holds all the features of Docs like online collaboration, sharing documents, etc,.

Google Drive is far better in many ways when compared to Apple’s iCloud, DropBox, SkyDrive. Especially if you are using Google’s other services like Plus, Gmail, etc,. Single file size limit for Google Drive is 10 GB while iCloud and DropBox are in MBs. For your information, Microsoft’s SkyDrive provides 7 GB of free storage with single file size limit of 2 GB.

Currently I have few hundred MBs of files in my Google Drive and it is always synced to my Desktop and my Ultrabook. Based on my few weeks experience, I hope Google Drive will fulfill your anticipation.