Wishing you all the very best for 2008! See you all next year lol!
more New year Comments & Graphics
Earthcam Mobile Photos
Monday, December 31, 2007
New Year 2008 Greetings
Wishing you all the very best for 2008! See you all next year lol!
more New year Comments & Graphics
Earthcam Mobile Photos
Wednesday, December 5, 2007
Two held on Orkut Abuse against Sindhu Joy, SFI State President.
The Kerala Police have arrested two persons on the charge of defaming Ms.Sindhu Joy, SFI State President through Orkut, one of the most famous social networking website in India, with the help of Kerala Police Hi-Tech Cell.
The students’ leader, who has been successfully using the friendship network portal to interact with SFI activists and spread the message of the Federation among her other friends, has approached the Cyber Cell of Kerala Police with a written complaint against activities on Orkut that are derogatory to her. In the complaint filed at the Cell, Sindhu Joy specifically mentioned two communities in Orkut that she felt were formed with the intention of tarnishing her image. “One of the communities ‘I hate Sindhu Joy’ has several messages to defame me. I don’t know who is behind this community,” Sindhu Joy told. She first took up the issue with Home Minister Kodiyeri Balakrishnan, who advised her to approach the Cyber Cell.
The case was enquired by the Hi-Tech Cell Team and identified the suspects as Prasobh Kumar (Age 32), a lecturer of the Centre for Management Development at Thycaud, Thiruvananthapuram and Asok Kumar (Age 29), a project staff of the same centre, a Hi-Tech Cell official said. He also said that the suspects had used their office computers to create fake and defamatory communities of Sindhu Joy on Orkut. The case was then transferred to Thiruvananthapuram City Police for investigation.
Cyber Cell find out the creator of the defamatory community ‘I Hate Sindhu Joy’ as ‘A new Thought.!!!’ on 21 Oct 2007 and the second community ‘Sindhu joy time to defend’ was created by a user ‘Proper action’ on 19 Oct 2007. They traced the details of the creators of the two communities using Cyber Forensics software tools and information collected from Google Inc. and Internet Service Providers. The two fake communities were created from the computers of Center of Management Development, Thiruvananthapuram, an official said.
Thiruvananthapuram City Police arrested the accused persons and seized the computers that are used to create the communities and fake profiles from the Centre for Management Development at Thycaud, Thiruvananthapuram. The seized computers are being sent to C-DAC (Center for Development of Advanced Computing, Thiruvananthapuram, for forensic analysis, a City Police official said.
Related Articles: NewIndExpress, ThatisMalayalam
The students’ leader, who has been successfully using the friendship network portal to interact with SFI activists and spread the message of the Federation among her other friends, has approached the Cyber Cell of Kerala Police with a written complaint against activities on Orkut that are derogatory to her. In the complaint filed at the Cell, Sindhu Joy specifically mentioned two communities in Orkut that she felt were formed with the intention of tarnishing her image. “One of the communities ‘I hate Sindhu Joy’ has several messages to defame me. I don’t know who is behind this community,” Sindhu Joy told. She first took up the issue with Home Minister Kodiyeri Balakrishnan, who advised her to approach the Cyber Cell.
The case was enquired by the Hi-Tech Cell Team and identified the suspects as Prasobh Kumar (Age 32), a lecturer of the Centre for Management Development at Thycaud, Thiruvananthapuram and Asok Kumar (Age 29), a project staff of the same centre, a Hi-Tech Cell official said. He also said that the suspects had used their office computers to create fake and defamatory communities of Sindhu Joy on Orkut. The case was then transferred to Thiruvananthapuram City Police for investigation.
Cyber Cell find out the creator of the defamatory community ‘I Hate Sindhu Joy’ as ‘A new Thought.!!!’ on 21 Oct 2007 and the second community ‘Sindhu joy time to defend’ was created by a user ‘Proper action’ on 19 Oct 2007. They traced the details of the creators of the two communities using Cyber Forensics software tools and information collected from Google Inc. and Internet Service Providers. The two fake communities were created from the computers of Center of Management Development, Thiruvananthapuram, an official said.
Thiruvananthapuram City Police arrested the accused persons and seized the computers that are used to create the communities and fake profiles from the Centre for Management Development at Thycaud, Thiruvananthapuram. The seized computers are being sent to C-DAC (Center for Development of Advanced Computing, Thiruvananthapuram, for forensic analysis, a City Police official said.
Related Articles: NewIndExpress, ThatisMalayalam
Friday, November 16, 2007
Secure Passoword Reminder - RoboForm 6.9 Released
RoboForm makes logging into Web sites and filling forms faster, easier, and more secure. RoboForm memorizes and securely stores each user name and password the first time you log into a site, then automatically supplies them when you return. RoboForm's powerful Logins feature eliminates the manual steps of logging into any online account. With just one click RoboForm will navigate to a Web site, enter your username and password and click the submit button for you.
RoboForm 6.9 New Features
* Support Netscape 9.0 and Firefox 3 alpha.
* Fix Print List font size.
* Fix Assert in FrameManager:5408.
* Fix AutoLogoff on Standby, it was not always logging off.
* Fix position of current item in multi-page menu when showing next page.
You can reduce the time you spend filling out Web forms and logging onto subscription sites with RoboForm. This major update improves usability significantly and replaces the old, clunky auto fill window with a less-obtrusive tool bar. If you don't like the standard tool bar placement, you can run it at the bottom of the browser instead. That's the standard placement for Mozilla-based browsers. The program uses encryption algorithms such as Blowfish and AES to protect your data and includes a password generator. You can set up multiple identities with different credit-card numbers, passwords, and contact information. The trial limits the tab instances on each identity to three, but you can make plenty of identities.
To Visit Roboform Site Click here.
To download Roboform Software Click here.
Related Posting:
Password Management Software - RoboForm free edition.
Remember your usernames and passwords Use Sxipper Firefox extension
Monday, October 29, 2007
Remember your usernames and passwords Use Sxipper Firefox extension
Managing multiple passwords is complex. Internet users often have too many passwords to remember. Each password may expire on a different schedule and be subject to different policies about password composition. This complexity lads people to give up and select trivial passwords, or even worse, use one password for everything.
Sxipper is a free Firefox add-on that lets you log in to any website with a single click. Sxipper saves you time by keeping track of an unlimited number of usernames and passwords as well as the personal data you share every day over the web. Sxipper improves your security by creating strong passwords when registering, and stores them and your personal data securely in an encrypted store on your computer.
Sxipper has a built-in support for Identity 2.0 authentication mechanism, an open, standards-based, identity model. Identity 2.0 describes the concept of an identity that can be trusted and used anywhere and requires no centralized consultation with the ID authority that issues the credential.
RoboForm is Top-rated Password Manager and Web Form Filler that completely automates password entering and form filling.
Download or Install Sxipper Plugin For Firefox
Related Articles:
Password Management Software Roboform Free Edition
Sxipper is a free Firefox add-on that lets you log in to any website with a single click. Sxipper saves you time by keeping track of an unlimited number of usernames and passwords as well as the personal data you share every day over the web. Sxipper improves your security by creating strong passwords when registering, and stores them and your personal data securely in an encrypted store on your computer.
Sxipper has a built-in support for Identity 2.0 authentication mechanism, an open, standards-based, identity model. Identity 2.0 describes the concept of an identity that can be trusted and used anywhere and requires no centralized consultation with the ID authority that issues the credential.
RoboForm is Top-rated Password Manager and Web Form Filler that completely automates password entering and form filling.
Download or Install Sxipper Plugin For Firefox
Related Articles:
Password Management Software Roboform Free Edition
Tuesday, October 16, 2007
Single password for online accounts are more risk
Those who use the same password for online accounts viz. email, e-banking, shopping accounts, are more at risk from online fraud or identity theft. The popularity of social networking sites such as Orkut, Facebook, etc are making life easier for online criminals.
A new survey by computer security firm McAfee, has revealed that as many as 16 percent of people used the same password for online accounts, while a whopping 41 per cent never changed their passwords.
Most users post personal details commonly used as passwords on their pages, such as their educational history, names of pets and favorite football team, wife name, children name, favorite hero,etc are common sources for a password.
According to a report by the Daily Telegraph, online banking fraud rose by 44 per cent last year to 33.5 million pounds in the UK, while Internet shopping fraud amounted to 155 million pounds. (ANI)
In India, online crimes are increasing tremendously because of the popularity of social networking sites and poor awareness of security measures.
A new survey by computer security firm McAfee, has revealed that as many as 16 percent of people used the same password for online accounts, while a whopping 41 per cent never changed their passwords.
Most users post personal details commonly used as passwords on their pages, such as their educational history, names of pets and favorite football team, wife name, children name, favorite hero,etc are common sources for a password.
According to a report by the Daily Telegraph, online banking fraud rose by 44 per cent last year to 33.5 million pounds in the UK, while Internet shopping fraud amounted to 155 million pounds. (ANI)
In India, online crimes are increasing tremendously because of the popularity of social networking sites and poor awareness of security measures.
Wednesday, October 10, 2007
Microsoft released its security updates for October 2007
Microsoft has released its critical and important updates. These updates involve applications including Kodak Image Viewer, Outlook Express and Windows Mail, Internet Explorer, and a vulnerability in Microsoft Word. All of these could allow remote code execution and elevation of privileges.
Security updates are available from Microsoft Update, Windows Update, and Office Update. Security updates are also available at the Microsoft Download Center.
For more details on these updates, here's the link to Microsoft's Security Bulletin.
Security updates are available from Microsoft Update, Windows Update, and Office Update. Security updates are also available at the Microsoft Download Center.
For more details on these updates, here's the link to Microsoft's Security Bulletin.
Password Management Software - RoboForm free edition
RoboForm is a password management software with Artificial Intelligence built in that can automatically fill online forms for you. It has been featured on The Wall Street Journal, CNN, The New York Times, Financial Times, PC Magazine, etc.
Nowadays we all have many usernames and passwords to use on the internet. Some spywares record your keystrokes and send them to the hackers. It has been reported many times that people lost all their money in online bank account or internet payment system account.
One of RoboForm key features is designed to combat this kind of key logger hacking. RoboForm can:
* AutoSave passwords in browser.
* AutoFill passwords to login form.
* Click Login button for you.
* Fill personal info into online forms.
* Save offline passwords & notes.
* Generate Secure Random Passwords.
* Encrypt passwords and personal info using 3-DES.
* All personal info is stored on your computer only.
* Put passwords on USB KeyChain for extra security.
* Sync your passwords and safenotes to a Palm.
* Backup & Restore, Print your passwords.
RoboForm works best with IE 5.0 and above. IE6 is the recommended browser to use with Artificial Intelligence RoboForm.
Note: free edition comes with some limitations.
To Visit Roboform Site Click here.
To download Roboform Software Click here.
Tuesday, September 25, 2007
Indian IT Act 2006 to be reviewed to tackle Cyber Crimes
Stung by criticism by a Parliamentary panel over the draft of Information Technology Act 2006, the government is planning to review the whole act for tackling cyber crime.
The proposed amendments would address a number of concerns such as data protection, data theft, e-commerce frauds, child pornography, identity documents theft, privacy issues among others.
The ministry is holding discussions with various stakeholders to evolve the amendments, a senior official in the Department of Information Technology said. "Discussions are being held with the stakeholders including private companies, CBI and other investigative agencies," the official said. DIT would put the draft act for public comments once the review process is over.
"The law pertaining to IT should be self-containing and easily comprehensible to the global village community. Despite the experience gained in about seven years in the administration of the IT Law, no effort has been made to bring a new and exclusive legislation," the Standing Committee on Information Technology said in a report.
The Committee observed that the term 'cyber terrorism' has not been defined anywhere in the IT Act, 2000 or in the proposed amendments. Similarly, 'child pornography' has also not been mentioned anywhere in the section on pornography.
"In view of the several manifestations of sexual abuse of children and its loathsome ramifications, the Committee desires that the act of grooming the child for sexual relationship through online enticement or distributing/showing pornography or through any online means should also be made a criminal offence," it said.
Noting the complex language of legislations on monitoring the cyber space, the Parliamentary panel which was constituted to look into the proposed changes in the IT Act 2000 (which is in the form of Draft IT Act 2006), had criticised the government for not preparing a new set of laws and instead taking a "short-cut route" of making changes in the existing norms.
Source: PTI
The proposed amendments would address a number of concerns such as data protection, data theft, e-commerce frauds, child pornography, identity documents theft, privacy issues among others.
The ministry is holding discussions with various stakeholders to evolve the amendments, a senior official in the Department of Information Technology said. "Discussions are being held with the stakeholders including private companies, CBI and other investigative agencies," the official said. DIT would put the draft act for public comments once the review process is over.
"The law pertaining to IT should be self-containing and easily comprehensible to the global village community. Despite the experience gained in about seven years in the administration of the IT Law, no effort has been made to bring a new and exclusive legislation," the Standing Committee on Information Technology said in a report.
The Committee observed that the term 'cyber terrorism' has not been defined anywhere in the IT Act, 2000 or in the proposed amendments. Similarly, 'child pornography' has also not been mentioned anywhere in the section on pornography.
"In view of the several manifestations of sexual abuse of children and its loathsome ramifications, the Committee desires that the act of grooming the child for sexual relationship through online enticement or distributing/showing pornography or through any online means should also be made a criminal offence," it said.
Noting the complex language of legislations on monitoring the cyber space, the Parliamentary panel which was constituted to look into the proposed changes in the IT Act 2000 (which is in the form of Draft IT Act 2006), had criticised the government for not preparing a new set of laws and instead taking a "short-cut route" of making changes in the existing norms.
Source: PTI
Monday, September 24, 2007
Acrobat Reader security flaw exposes Windows to arbitrary exploits
A security researcher and self-described hacker known as "pdp" claims he has found a critical exploit in Adobe's Acrobat software that can compromise many Windows PCs simply by viewing a maliciously-crafted PDF file. The flaw affects both Windows XP SP2 and Windows 2003; Windows Vista, OS X, and Linux users are unaffected.
The bug affects Acrobat Reader, versions 8.1, 8.0, and 7, either when run in stand-alone mode or embedded inside a web page. Some work-alike PDF readers, such as the svelte Foxit Reader, are also affected but in a lesser manner: they display a confirmation dialog before the exploit is allowed to run.
The exploit uses a flaw in Adobe's scripting language to automatically run an executable program—the discoverer tested this by harmlessly running Calculator and Notepad in a video on his site. Yet, as noted, the exploit could be used to run any program, including a trojan or virus or a scripted attack. The malware in question would have to have already been downloaded onto the victim's computer, but this could be accomplished in various ways, including putting the executable inside a .ZIP file that includes the original PDF, or linking to a remote executable (the latter option would still trigger a warning by the operating system, however).
Source: ars
The bug affects Acrobat Reader, versions 8.1, 8.0, and 7, either when run in stand-alone mode or embedded inside a web page. Some work-alike PDF readers, such as the svelte Foxit Reader, are also affected but in a lesser manner: they display a confirmation dialog before the exploit is allowed to run.
The exploit uses a flaw in Adobe's scripting language to automatically run an executable program—the discoverer tested this by harmlessly running Calculator and Notepad in a video on his site. Yet, as noted, the exploit could be used to run any program, including a trojan or virus or a scripted attack. The malware in question would have to have already been downloaded onto the victim's computer, but this could be accomplished in various ways, including putting the executable inside a .ZIP file that includes the original PDF, or linking to a remote executable (the latter option would still trigger a warning by the operating system, however).
Source: ars
Thursday, September 20, 2007
Netstat - Know your network connection
netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems.
If you are worried that some programs on your PC are secretly making connections to websites in the background, here's a quick tip that uses a simple DOS command to detect and prevent such suspicious activity:
1. Open Windows Run Command from the Start Menu
2. Type CMD command in the Run box and press OK.
3. Type "netstat -b 10 > netact.txt" in the command window and press ENTER. After some times say 2 minutes, press Ctrl+C.
4. Type "netact.txt" on the command line to open the log file in notepad (or your default text editor)
The file netact.txt will have a log of all process that made a connection to the Internet in the last two minutes. It will also show which process connected to which website in this time. And not just the web browsers (like iexplore.exe , firefox.exe or opera.exe), the log will also show your IM clients, download managers, email programs or any software that requires a net connection.
Scroll though the netact.txt file and look for any process names or website addresses that you are not aware of. If you track one, go to the task manager (or Process Explorer) to find the location of the executable on your computer and eliminate it.
If you are worried that some programs on your PC are secretly making connections to websites in the background, here's a quick tip that uses a simple DOS command to detect and prevent such suspicious activity:
1. Open Windows Run Command from the Start Menu
2. Type CMD command in the Run box and press OK.
3. Type "netstat -b 10 > netact.txt" in the command window and press ENTER. After some times say 2 minutes, press Ctrl+C.
4. Type "netact.txt" on the command line to open the log file in notepad (or your default text editor)
The file netact.txt will have a log of all process that made a connection to the Internet in the last two minutes. It will also show which process connected to which website in this time. And not just the web browsers (like iexplore.exe , firefox.exe or opera.exe), the log will also show your IM clients, download managers, email programs or any software that requires a net connection.
Scroll though the netact.txt file and look for any process names or website addresses that you are not aware of. If you track one, go to the task manager (or Process Explorer) to find the location of the executable on your computer and eliminate it.
Tuesday, September 18, 2007
The net is an insecure place - US CERT Reminder
If you use Gmail, eBay, MySpace, or any one of dozens of other web-based services, the United States Computer Emergency Readiness Team wants you to know you're vulnerable to a simple attack that could give an attacker complete control over your account.
US CERT warned that Google, eBay, MySpace, Yahoo, and Microsoft were vulnerable, but that list is nowhere near exhaustive. It said the world's biggest websites have yet to fix the gaping security bug, which can bite even careful users who only log in using the secure sockets layer protocol, which is denoted by an HTTPS in the beginning of browser address window. Just about any banking website, online social network or other electronic forum that transmits certain types of security cookies is also susceptible.
The vulnerability stems from websites' use of authentication cookies, which work much the way an ink-based hand stamp does at your favorite night club. Like the stamp, the cookie acts as assurance to sensitive web servers that the user has already been vetted by security and is authorized to tread beyond the velvet rope.
The thing is just about every website transmits these digital hand stamps in the clear, which leaves them wide open to snoops monitoring public Wi-Fi traffic or some other type of network. Once attackers have the cookie, they gain complete access to the victim's account, and depending on the way many cookies are crafted, those privileges may continue in perpetuity - even if the victim changes the account password.
Indeed, awareness of this man-in-the-middle vulnerability is by no means new. For more than a decade people have known that authentication cookies could be manipulated, but somehow it took the folks at Errata Security to make a presentation at Black Hat to remind the world that the risks continue.
If you're waiting for a fix, we recommend you pack a very large lunch. And beyond that, where possible you might switch to Google, which has already gone a long way to closing the hole.
As the only web-based email service we know of that offers a start-to-finish SSL session, the service is among the most resilient to cookie hijacking. Unfortunately, Gmail doesn't enable persistent SSL by default, and has done little to educate its users about its benefits.
The company also offers SSL for its calendar, search history, documents and reader services, and a Google spokesman said security engineers "are actively working to expand capacity to enable HTTPS encryption for all users."
In the meantime, a Firefox extension called CustomizeGoogle provides a simple way to ensure that all sessions with the above-mentioned Google services are automatically protected by SSL.
US CERT warned that Google, eBay, MySpace, Yahoo, and Microsoft were vulnerable, but that list is nowhere near exhaustive. It said the world's biggest websites have yet to fix the gaping security bug, which can bite even careful users who only log in using the secure sockets layer protocol, which is denoted by an HTTPS in the beginning of browser address window. Just about any banking website, online social network or other electronic forum that transmits certain types of security cookies is also susceptible.
The vulnerability stems from websites' use of authentication cookies, which work much the way an ink-based hand stamp does at your favorite night club. Like the stamp, the cookie acts as assurance to sensitive web servers that the user has already been vetted by security and is authorized to tread beyond the velvet rope.
The thing is just about every website transmits these digital hand stamps in the clear, which leaves them wide open to snoops monitoring public Wi-Fi traffic or some other type of network. Once attackers have the cookie, they gain complete access to the victim's account, and depending on the way many cookies are crafted, those privileges may continue in perpetuity - even if the victim changes the account password.
Indeed, awareness of this man-in-the-middle vulnerability is by no means new. For more than a decade people have known that authentication cookies could be manipulated, but somehow it took the folks at Errata Security to make a presentation at Black Hat to remind the world that the risks continue.
If you're waiting for a fix, we recommend you pack a very large lunch. And beyond that, where possible you might switch to Google, which has already gone a long way to closing the hole.
As the only web-based email service we know of that offers a start-to-finish SSL session, the service is among the most resilient to cookie hijacking. Unfortunately, Gmail doesn't enable persistent SSL by default, and has done little to educate its users about its benefits.
The company also offers SSL for its calendar, search history, documents and reader services, and a Google spokesman said security engineers "are actively working to expand capacity to enable HTTPS encryption for all users."
In the meantime, a Firefox extension called CustomizeGoogle provides a simple way to ensure that all sessions with the above-mentioned Google services are automatically protected by SSL.
Vulnerability in Google’s XSSploding Gadgets
RSnake revealed a cross site scripting vulnerability affecting Google Gadgets in the gmodules.com domain.
This XSS hole allows anybody to store his/her own web content, including JavaScript code, anywhere and to have it rendered and executed in the context of the gmodules.com domain, with no further validation of sort.
RSnake responsibly reported his finding to Google before resorting to public disclosure, but the G guys answered that this behavior is “by design” and won’t be fixed.
What does it mean?
For the average user, such a vulnerability means that phishers can effectively exploit a site owned by Google as a free hosting facility, making quite impractical blacklisting and/or shutting down the scam: don’t forget Firefox’s built-in anti-phishing blacklist is provided by Google itself.
This XSS hole allows anybody to store his/her own web content, including JavaScript code, anywhere and to have it rendered and executed in the context of the gmodules.com domain, with no further validation of sort.
RSnake responsibly reported his finding to Google before resorting to public disclosure, but the G guys answered that this behavior is “by design” and won’t be fixed.
What does it mean?
For the average user, such a vulnerability means that phishers can effectively exploit a site owned by Google as a free hosting facility, making quite impractical blacklisting and/or shutting down the scam: don’t forget Firefox’s built-in anti-phishing blacklist is provided by Google itself.
Friday, September 14, 2007
Auto Shutdown Tool for Firefox When All Files Have Downloaded
Firefox Auto Shutdown add-on by InBasic help you to shutdown the computer after all downloads finished or failed. This extension help you to sleep without any tension, if you are downloading some huge files from the Internet by using Firefox Download Manager and will takes another long hours to finish.
All professional Download Managers have ability to Auto Shutdown after all downloads finished but this extension add icon to "status bar" and "Download Manager Window" so by click on status icon or check in download manager you can be sure that your PC will be turnoff after all downloads finished or failed.
Now this add-on only support windows platform. The Auto Shutdown extension of Firefox internally executes the windows shell command shutdown. Windows Shutdown command allows you to shut down or restart a local or remote computer. If you use the command without parameters, it will log off the current user. If you want to turn off your computer in next two hours, type the command shutdown -s -t 7200 [7200 = 2 hours] in Windows Run box and then press OK.
You could either cancel the downloads, or leave the computer in running state or just download and install Auto Shutdown extension from mozilla.org.
Friday, September 7, 2007
Pentagon Computer Hacked Into By Chinese
The Chinese military hacked into a Pentagon computer network in June
in the most successful cyber attack on the US defense department, say
American officials.
The Pentagon acknowledged shutting down part of a computer system
serving the office of Robert Gates, defense secretary, but declined to
say who it believed was behind the attack.
Current and former officials have told the Financial Times an internal
investigation has revealed that the incursion came from the People’s
Liberation Army.
One senior US official said the Pentagon had pinpointed the exact
origins of the attack. Another person familiar with the event said
there was a “very high level of confidence...trending towards total
certainty” that the PLA was responsible. The defense ministry in
Beijing declined to comment on Monday.
in the most successful cyber attack on the US defense department, say
American officials.
The Pentagon acknowledged shutting down part of a computer system
serving the office of Robert Gates, defense secretary, but declined to
say who it believed was behind the attack.
Current and former officials have told the Financial Times an internal
investigation has revealed that the incursion came from the People’s
Liberation Army.
One senior US official said the Pentagon had pinpointed the exact
origins of the attack. Another person familiar with the event said
there was a “very high level of confidence...trending towards total
certainty” that the PLA was responsible. The defense ministry in
Beijing declined to comment on Monday.
Tuesday, September 4, 2007
2007 Hacker Reverse Engineering Challenge
Similar to the Hacker Challenge in 2006, it is being run by a U.S. company performing security testing and security metric research. The purpose of this challenge is to evaluate the effectiveness of software protections. The results of this effort will be used to improve protection measures.
There will be three distinct, yet related, phases to this contest. The first phase will be a hacker challenge, for which anyone can register to participate. The second stage of the contest will be a market (based on the Phase 1 challenge). Participation in this second phase will be by invitation only, based on performance in the first phase. The third phase of the contest will be a more challenging hacker challenge; this phase may or may not be invitation-only. There are opportunities to earn money in all three phases of the contest.
All file downloads and uploads necessary for the contest will be possible after the participant has logged in. The market will also be visible, at the appropriate time, after logging in.
All payments are in U.S. dollars, and will be made anonymously via PayPal with prizes up to $50,000USD for the three phases.
You can read more here.
http://www.hackerchallenge.org/
There will be three distinct, yet related, phases to this contest. The first phase will be a hacker challenge, for which anyone can register to participate. The second stage of the contest will be a market (based on the Phase 1 challenge). Participation in this second phase will be by invitation only, based on performance in the first phase. The third phase of the contest will be a more challenging hacker challenge; this phase may or may not be invitation-only. There are opportunities to earn money in all three phases of the contest.
All file downloads and uploads necessary for the contest will be possible after the participant has logged in. The market will also be visible, at the appropriate time, after logging in.
All payments are in U.S. dollars, and will be made anonymously via PayPal with prizes up to $50,000USD for the three phases.
You can read more here.
http://www.hackerchallenge.org/
Monday, September 3, 2007
E-mail accounts of embassies and Government offices across the world, including India hacked due to lack of Cyber Security
A hacker, Dan Egerstad from Sweden, who published passwords of 100 e-mail accounts of embassies and Government offices across the world, including India, on his website http://derangedsecurity.com. The hacker said he took only a few minutes to figure out the account details.
This shows that there is lack of basic cyber security. Due to the lack of security anyone with moderate skills in security could have figured this out and done it. A cyber security expert said that a POP (Post Office Protocol) server that had not been updated for security could have been exploited by the hacker to get usernames and passwords.
The Indian Express said in their website that they were sent a test mail to the Indian Ambassador in China on her official email ID and, using the password posted online, to check the authenticity and was able to access it. These email IDs contained important official details including phone numbers, commercial documents, official correspondence and personal mails.
Within hours of the story appearing in the Indian Express, the DRDO mail server was shut down and all embassy e-mail accounts were taken offline by the Ministry of External Affairs (MEA). However, it will take cyber forensic experts several days to get an idea of how much confidential material was illegally accessed.
DRDO confirmed that the hacked account belonged to a Defense Scientific Information and Documentation Centre (DESIDOC) official, but it was rarely used. The Ministry of Defense (MoD), however, said it was conducting a detailed investigation into the incident.
This shows that there is lack of basic cyber security. Due to the lack of security anyone with moderate skills in security could have figured this out and done it. A cyber security expert said that a POP (Post Office Protocol) server that had not been updated for security could have been exploited by the hacker to get usernames and passwords.
The Indian Express said in their website that they were sent a test mail to the Indian Ambassador in China on her official email ID and, using the password posted online, to check the authenticity and was able to access it. These email IDs contained important official details including phone numbers, commercial documents, official correspondence and personal mails.
Within hours of the story appearing in the Indian Express, the DRDO mail server was shut down and all embassy e-mail accounts were taken offline by the Ministry of External Affairs (MEA). However, it will take cyber forensic experts several days to get an idea of how much confidential material was illegally accessed.
DRDO confirmed that the hacked account belonged to a Defense Scientific Information and Documentation Centre (DESIDOC) official, but it was rarely used. The Ministry of Defense (MoD), however, said it was conducting a detailed investigation into the incident.
Wednesday, August 29, 2007
Share and send links directly from your browser with Shareaholic
Shareaholic make it extremely easy for you to share web pages on the popular social websites. Submit the web page you are currently viewing to digg, del.icio.us, facebook, google bookmarks, magnolia, reddit, stumbleupon, twitter. If you prefer, e-mail the web page directly to a friend instead.
If you frequently submit web pages to social bookmarking websites, you'll love the Shareaholic add-on available only for Firefox browser. It has also the feature of Real-time statistics from digg and del.icio.us. Check whether the web page you're on has been dugg, and how many times it has been saved on del.icio.us. Stats displayed in your browser, at your request.
You can download the Shareaholic Firefox add-ons from Mozilla. To download click here.
Tuesday, August 28, 2007
hackers @ microsoft - Microsoft's Official Blog
"Hackers @ Microsoft" - that's the name of a new Microsoft blog officially launched on blogs.msdn.com which also hosts thousands of other blogs written by Microsoft Employees.
The focus of this blog is likely to be a little different from most other blogs you'll see on blogs.msdn.com. Microsoft employs some of the best hackers in the world and actively recruits them and develops them. They work on all kinds of projects, whether it be in development, research, testing, management and of course security.
This blog is *especially* provided "AS IS" with no warranties, and confers no rights. Opinions are not of Microsoft. he new Microsoft Hackers blog is located at blogs.msdn.com/hackers.
The focus of this blog is likely to be a little different from most other blogs you'll see on blogs.msdn.com. Microsoft employs some of the best hackers in the world and actively recruits them and develops them. They work on all kinds of projects, whether it be in development, research, testing, management and of course security.
This blog is *especially* provided "AS IS" with no warranties, and confers no rights. Opinions are not of Microsoft. he new Microsoft Hackers blog is located at blogs.msdn.com/hackers.
Caller ID Spoofing to be made illegal in the USA
The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA. This Act may be cited as the `Truth in Caller ID Act of 2007'.
The title of the act is “A bill to amend the Communications Act of 1934 to prohibit manipulation of caller identification information”
It was introduced on February 28, 2007 and updated 27th June 2007.
PENALTIES
(A) CIVIL FORFEITURE-
(i) IN GENERAL- Any person that is determined by the Commission, in accordance with paragraphs (3) and (4) of section 503(b), to have violated this subsection shall be liable to the United States for a forfeiture penalty. A forfeiture penalty under this paragraph shall be in addition to any other penalty provided for by this Act. The amount of the forfeiture penalty determined under this paragraph shall not exceed $10,000 for each violation, or 3 times that amount for each day of a continuing violation, except that the amount assessed for any continuing violation shall not exceed a total of $1,000,000 for any single act or failure to act.
(ii) RECOVERY- Any forfeiture penalty determined under clause (i) shall be recoverable pursuant to section 504(a).
(iii) PROCEDURE- No forfeiture liability shall be determined under clause (i) against any person unless such person receives the notice required by section 503(b)(3) or section 503(b)(4).
(iv) 2-year STATUTE OF LIMITATIONS- No forfeiture penalty shall be determined or imposed against any person under clause (i) if the violation charged occurred more than 2 years prior to the date of issuance of the required notice or notice or apparent liability.
(B) CRIMINAL FINE- Any person who willfully and knowingly violates this subsection shall upon conviction thereof be fined not more than $10,000 for each violation, or 3 times that amount for each day of a continuing violation, in lieu of the fine provided by section 501 for such a violation. This subparagraph does not supersede the provisions of section 501 relating to imprisonment or the imposition of a penalty of both fine and imprisonment.
Source: Library of Congress
The title of the act is “A bill to amend the Communications Act of 1934 to prohibit manipulation of caller identification information”
It was introduced on February 28, 2007 and updated 27th June 2007.
PENALTIES
(A) CIVIL FORFEITURE-
(i) IN GENERAL- Any person that is determined by the Commission, in accordance with paragraphs (3) and (4) of section 503(b), to have violated this subsection shall be liable to the United States for a forfeiture penalty. A forfeiture penalty under this paragraph shall be in addition to any other penalty provided for by this Act. The amount of the forfeiture penalty determined under this paragraph shall not exceed $10,000 for each violation, or 3 times that amount for each day of a continuing violation, except that the amount assessed for any continuing violation shall not exceed a total of $1,000,000 for any single act or failure to act.
(ii) RECOVERY- Any forfeiture penalty determined under clause (i) shall be recoverable pursuant to section 504(a).
(iii) PROCEDURE- No forfeiture liability shall be determined under clause (i) against any person unless such person receives the notice required by section 503(b)(3) or section 503(b)(4).
(iv) 2-year STATUTE OF LIMITATIONS- No forfeiture penalty shall be determined or imposed against any person under clause (i) if the violation charged occurred more than 2 years prior to the date of issuance of the required notice or notice or apparent liability.
(B) CRIMINAL FINE- Any person who willfully and knowingly violates this subsection shall upon conviction thereof be fined not more than $10,000 for each violation, or 3 times that amount for each day of a continuing violation, in lieu of the fine provided by section 501 for such a violation. This subparagraph does not supersede the provisions of section 501 relating to imprisonment or the imposition of a penalty of both fine and imprisonment.
Source: Library of Congress
Thursday, August 23, 2007
Onam Greetings 2007
Onam: (Malayalam: ഓണം) is an annual harvest festival, celebrated mainly in the Indian state of Kerala. Onam Festival falls during the Malayali month of Chingam, the first month of Malayalam Calender, (August - September as per the Gregorian calendar) and marks the homecoming of legendary King Mahabali. Ranging from four days to ten days, all the activities during this season are centered on worshipping, music, dances, sports, boat races and good food. Though it is essentially a harvest festival of Malayalees, mythologically it is linked to Malayalee-Hindu folktales. Like many other religious festivals in India, Onam is celebrated by people of all religions.
Tuesday, August 14, 2007
60th Independence Day of India
This is our 60th Independence Day!
Freedom is not a Right but a Feeling!
Let's be proud to feel the Freedom!
Let's say loud we are INDIANS!!!
Let all of us get to-gather &
Let's Celebrate Our Freedom!
Independence Day, August 15, commemorates the day in 1947 when India achieved freedom from British rule. Every year, August 15 is celebrated as the Independence Day in India. This national festival is celebrated with great enthusiasm all over the country. It is celebrated with flag hoisting ceremonies and cultural programs in the state capitals. The Prime Minister's speech at the Red Fort in Delhi is the major highlight. The Prime Minister's speech at the Red Fort in Delhi is the major highlight. The Delhi skyline gets dotted with thousands of kites taking to the sky this very day.
"Long years ago, we made a tryst with destiny and now the time comes when we shall redeem our pledge... At the stroke of the midnight hour, when the world sleeps, India
will awake to life and freedom." Jawaharlal Nehru,
(audio) on the eve of independence
The day when India woke up to freedom back in 1947 was a day of great celebration. A country got rid of her foreign yoke and became a sovereign nation, she celebrated her sovereignty on this day - the triumph of numerous martyred souls. It was a day of fulfillment, it was the day of a new beginning, a birth of a nation.On the stroke of midnight, a country came into life again as the British handed over the governance of India to the Indian leaders.The long and difficult struggle had borne fruit at last, though the happiness was marred by the fact that the country was divided into India and Pakistan and the violent communal riots had left the countries permanently scarred.
It is our duty to preserve this Freedom!
Carry this forward to the future!
We did,We do,We will do!!!
Set the celebration on Air, Share your Joy,
You're Free to do it,
Share this to every Indian, to say
Vande Mataram!
60th INDEPENDENCE DAY OF INDIA
This is our 60th Independence Day!
Freedom is not a Right but a Feeling!
Let's be proud to feel the Freedom!
Let's say loud we are INDIANS!!!
Let all of us get to-gather &
Let's Celebrate Our Freedom!
Thursday, August 9, 2007
Skype.com released its new version 3.5
Skype.com released its new version 3.5. It allows the users to watch web videos and share them with other Skype contacts without leaving the Skype Chat window. You can search videos online and embed them in the same area of the Skype chat window where you type the text messages.
To download new version click here.
Skype 3.5
Monday, July 30, 2007
Kerala Cyber Crime Prevention Call Centre & Web Portal Released
Kerala Cyber Crime Prevention Call Centre & Web Portal http://www.cyberkeralam.in has been released by Kerala Chief Minister on 30th July 2007 by 10.30 AM at PR Chamber of Govt. Secretariate Thiruvananthapuram. This programme is one of the project of Kerala State IT Mission with the technical help of the Cyber Forensic Division of C-DAC Thiruvananthapuram to detect cyber crimes, its prevention and to give advice to the general public.
Cyber crimes are becoming a nuisance in the society especially crimes such as cyber stalking and cell phone stalking. Many of the victims are not aware about the cyber crimes and its manifestations. The objective of this programme is to create awareness among the people about various types of cyber crimes, its impact in the society and educate the public in prevention of cyber crimes.
The web portal will give awareness about cyber attacks, virus, torjan, various security tips & tricks. It also have a forum to discuss about various cyber related matters by the general public, IT expert and law enforcement officials. The Call Centre provide you with facilities for asking expert opinion regarding any cyber crime and through the forum people can discuss various issues in cyber crimes.
This portal will function as the interface to public to provide them help in dealing with cyber crimes. It also envisages providing information regarding cyber security and cyber forensics to people of Kerala. Any victim of cyber crime can report the crime through this portal. The complaint will be handled by the Resource Centre for Cyber Forensics, CDAC, Thiruvananthapuram.
Resource Centre for Cyber Forensics was established at C-DAC, Thiruvananthapuram, as the state-of-the-art research centre for Cyber Forensics, by Dept. of Information Technology, Govt. of India to conduct Research and Development, Training and Technical Services in Cyber Forensics.
Source: cyberkeralam.in, cyberforensics.in
Cyber Crime – Hacking - Software Engineer arrested from Chennai
Cyber Crime – Hacking - Software Engineer arrested from Chennai
One M.S. Ramasamy, a 37 year old Software Engineer from Avadi, had arrested on 27.07.07 by the Chennai Cyber Crime Police on charges of hacking and stealing confidential and proprietary information from the server of a US IT Company. He was a former employee of that IT Company. Police framed charges under Section 66 of the IT Act, 2000 which dealing with Hacking and Section 408 of the IPC which dealing with Criminal Breach of Trust by Clerk or Servant.
In its press release Chennai Police said that Mr. Ramasamy had reportedly hacked into the company’s headquarter computer system when he was working as an Engineer in Caterpillar India Private Limited during January and February this year.
The accused accessed the company’s server located at Peoria in Illinois, US, by using another employee’s User ID and password and downloaded confidential information. A closed circuit camera recorded the activities of the sever room. By analyzing the server log and the visuals from the camera Police tracked the accused. Police arrested the hacker from an IT Company at Hosur, where he was employed. The Police confiscated the hard disk and pen drive containing the files.
Source: Hindu
One M.S. Ramasamy, a 37 year old Software Engineer from Avadi, had arrested on 27.07.07 by the Chennai Cyber Crime Police on charges of hacking and stealing confidential and proprietary information from the server of a US IT Company. He was a former employee of that IT Company. Police framed charges under Section 66 of the IT Act, 2000 which dealing with Hacking and Section 408 of the IPC which dealing with Criminal Breach of Trust by Clerk or Servant.
In its press release Chennai Police said that Mr. Ramasamy had reportedly hacked into the company’s headquarter computer system when he was working as an Engineer in Caterpillar India Private Limited during January and February this year.
The accused accessed the company’s server located at Peoria in Illinois, US, by using another employee’s User ID and password and downloaded confidential information. A closed circuit camera recorded the activities of the sever room. By analyzing the server log and the visuals from the camera Police tracked the accused. Police arrested the hacker from an IT Company at Hosur, where he was employed. The Police confiscated the hard disk and pen drive containing the files.
Source: Hindu
Sunday, July 29, 2007
Cyber Crime Prevention Call Centre & Webportal will launch by Kerala CM
Cyber Crime Prevention Call Centre & Web Portal will launch by Kerala Chief Minister on 30th July 2007 by 10.30 AM at PR Chamber of Govt. Secretariate Thiruvananthapuram. This programme is one of the project of Kerala State IT Mission with the technical help of the Cyber Forensic Division of C-DAC Thiruvananthapuram to detect cyber crimes, its prevention and to given advice to the general public. Kerala Police Hi-Tech Cell is also linked with this programme. The web portal will give awareness about cyber attacks, virus, torjan, various security tips & tricks. It will also has a forum to discuss about various cyber related matters by the genral public, IT expert and law enforcement officials. The Call Centre will give advice to the general public about the cyber crimes and its prevention and reporting of cyber crimes incidence.
Source: PRD Govt. of Kerala.
Source: PRD Govt. of Kerala.
Tuesday, July 24, 2007
iPhone Hacked Successfully - Security Firm Says
iPhone Hacked Successfully - Security Firm Says
A vulnarabilty has found in the Apple Inc.'s iPhone handset that can help an attacker to gain access to the private data stored on it. This flaw has found by a team of security expert of Independent Security Evaluators (ISE). Hackers could gain access to the iPhone through a wireless access point or through a website controlled by the attacker. This was the first major security incident reported.
Numerous hackers have been working to gain access to the iPhone in order to activate certain features or to allow it to be used on cellular networks. However, this is the first major exploitation of an iPhone security flaw.
The expolit is delivered via a malicious web page opened in the Safari browser on the iPhone, ISE said on its Website. There are several methods that an attacker utilize to get a victim to open such a webpage.
1. An attacker controlled wireless access point:
The iPhone connects to wireless Internet access networks, such as Wi-Fi, an attacker could create a network with the same name and encryption method as one the handset already uses. The attacker could then substitute a Web page with exploit code to gain access to the phone.
2. A misconfigured forum website:
A link planted on an unedited or unmoderated online forum, an attacker could cause the exploit to run in any iPhone browser that viewed the thread.
3. A link delivered via e-mail or SMS:
A link sent by SMS or e-mail to use make use of the flaw and gain access to the handset.
The ISE said that when the iPhone's Safari browser opens a malicious Web page, malicious code can be run on the phone via the flaw, allowing the attacker to read the iPhone's SMS log, address book, call history, and voicemail information, which are also then sent to the attacker. It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.
Source: nytimes
A vulnarabilty has found in the Apple Inc.'s iPhone handset that can help an attacker to gain access to the private data stored on it. This flaw has found by a team of security expert of Independent Security Evaluators (ISE). Hackers could gain access to the iPhone through a wireless access point or through a website controlled by the attacker. This was the first major security incident reported.
Numerous hackers have been working to gain access to the iPhone in order to activate certain features or to allow it to be used on cellular networks. However, this is the first major exploitation of an iPhone security flaw.
The expolit is delivered via a malicious web page opened in the Safari browser on the iPhone, ISE said on its Website. There are several methods that an attacker utilize to get a victim to open such a webpage.
1. An attacker controlled wireless access point:
The iPhone connects to wireless Internet access networks, such as Wi-Fi, an attacker could create a network with the same name and encryption method as one the handset already uses. The attacker could then substitute a Web page with exploit code to gain access to the phone.
2. A misconfigured forum website:
A link planted on an unedited or unmoderated online forum, an attacker could cause the exploit to run in any iPhone browser that viewed the thread.
3. A link delivered via e-mail or SMS:
A link sent by SMS or e-mail to use make use of the flaw and gain access to the handset.
The ISE said that when the iPhone's Safari browser opens a malicious Web page, malicious code can be run on the phone via the flaw, allowing the attacker to read the iPhone's SMS log, address book, call history, and voicemail information, which are also then sent to the attacker. It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.
Source: nytimes
iPhone Hacked Successfully - Security Firm Says
iPhone Hacked Successfully - Security Firm Says
A vulnarabilty has found in the Apple Inc.'s iPhone handset that can help an attacker to gain access to the private data stored on it. This flaw has found by a team of security expert of Independent Security Evaluators (ISE). Hackers could gain access to the iPhone through a wireless access point or through a website controlled by the attacker. This was the first major security incident reported.
Numerous hackers have been working to gain access to the iPhone in order to activate certain features or to allow it to be used on cellular networks other than AT&T Inc.'s. However, this is the first major exploitation of an iPhone security flaw.
The expolit is delivered via a malicious web page opened in the Safari browser on the iPhone, ISE said on its Website. There are several methods that an attacker utilize to get a victim to open such a webpage.
1. An attacker controlled wireless access point:
The iPhone connects to wireless Internet access networks, such as Wi-Fi, an attacker could create a network with the same name and encryption method as one the handset already uses. The attacker could then substitute a Web page with exploit code to gain access to the phone.
2. A misconfigured forum website:
A link planted on an unedited or unmoderated online forum, an attacker could cause the exploit to run in any iPhone browser that viewed the thread.
3. A link delivered via e-mail or SMS:
A link sent by SMS or e-mail to use make use of the flaw and gain access to the handset.
The ISE said that when the iPhone's Safari browser opens a malicious Web page, malicious code can be run on the phone via the flaw, allowing the attacker to read the iPhone's SMS log, address book, call history, and voicemail information, which are also then sent to the attacker. It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.
Source: nytimes
A vulnarabilty has found in the Apple Inc.'s iPhone handset that can help an attacker to gain access to the private data stored on it. This flaw has found by a team of security expert of Independent Security Evaluators (ISE). Hackers could gain access to the iPhone through a wireless access point or through a website controlled by the attacker. This was the first major security incident reported.
Numerous hackers have been working to gain access to the iPhone in order to activate certain features or to allow it to be used on cellular networks other than AT&T Inc.'s. However, this is the first major exploitation of an iPhone security flaw.
The expolit is delivered via a malicious web page opened in the Safari browser on the iPhone, ISE said on its Website. There are several methods that an attacker utilize to get a victim to open such a webpage.
1. An attacker controlled wireless access point:
The iPhone connects to wireless Internet access networks, such as Wi-Fi, an attacker could create a network with the same name and encryption method as one the handset already uses. The attacker could then substitute a Web page with exploit code to gain access to the phone.
2. A misconfigured forum website:
A link planted on an unedited or unmoderated online forum, an attacker could cause the exploit to run in any iPhone browser that viewed the thread.
3. A link delivered via e-mail or SMS:
A link sent by SMS or e-mail to use make use of the flaw and gain access to the handset.
The ISE said that when the iPhone's Safari browser opens a malicious Web page, malicious code can be run on the phone via the flaw, allowing the attacker to read the iPhone's SMS log, address book, call history, and voicemail information, which are also then sent to the attacker. It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.
Source: nytimes
Friday, July 13, 2007
Kerala Chief Minister's fake profiles in Orkut.com
Cyber Police have received a number of complaints against social networking sites like Orkut that’s teeming with fake profiles of women and Ministers of Sate.
In a recent development, the State Police have requested ‘Google’ to provide the IP address and other details of fake profile creators. This will stop cyber crimes to a great extent. Fake profiles inviting the company of women have been the major attraction in Orkut recently.
The first complaint registered by the Police was from Adarsh, a web developer in Kochi. He found that another profile has been created with his name, photograph and phone number. The issue became grave when he found that the other person has been posting obscene pictures and messages in this profile. The Police was successful in tracing the culprit.
There’s another group targeted by fake profile-makers - ministers. Profiles of Co-operation Minister G Sudhakaran - describing him as a friend and a man of eccentricities - are already in Orkut. This is in addition to a number of communities (groups of members on specific topics) on him.
While some of them merely give his personal profile, a few have gone to the extent of terming him a ‘lunatic’. Profiles of the Chief Minister are also available online.
Even though there has been a flood of Cyber Crimes, Police find it difficult to deal with them as only a few complaints come under the Information Technology (IT) Act. ‘‘Section 65 of the IT Act identifies hacking as a crime. In Section 66, unauthorised access is a crime and Section 67 identifies exhibition of pornographic materials as a crime.
Source: Newindpress
Fake website in the name of AKG Centre
The State Police Hi-Tech Cell have come across a website viz. www.akgcentre.org.in - registered neither by the CPM nor with its knowledge.
The Thiruvananthapuram City Police have registered a case and the efforts are on to find out the culprit behind which the portal was registered with the assistance of Hi-Tech Cell.
Source: Newindpress
The Thiruvananthapuram City Police have registered a case and the efforts are on to find out the culprit behind which the portal was registered with the assistance of Hi-Tech Cell.
Source: Newindpress
Tuesday, July 10, 2007
Seven Wonders of the World at a glance
Around 100 million Internet and telephone voters participated in a poll to select the new Seven Wonders of the World, among which are India's Taj Mahal marble mausoleum, the Great Wall of China, Brazil's Statue of Christ the Redeemer, Peru's Machu Picchu Inca trail and Mexico's Chichen Itza pyramid.
The announcement was made at a star-studded ceremony here.
Following are some details about the new seven wonders:
The Taj Mahal
An icon of love, the Taj Mahal is a mausoleum located in Agra, India. The Mughal Emperor Shah Jahan commissioned it for his beloved wife Mumtaz Mahal. Its construction began in 1632 and was completed in approximately 1648.
Built out of white marble and standing in formally laid-out walled gardens, the Taj Mahal is regarded as the most perfect jewel of Muslim art in India.
The Great Wall of China
The Great Wall is the world's longest human-made structure, stretching over approximately 6,400 km from Shanhai Pass in the east to Lop Nur in the west of China, along an arc that roughly delineates the southern edge of Inner Mongolia. It is also the largest human-made structure ever built in terms of surface area and mass.
The Wall was classified a World Heritage Site by Unesco in 1986.
The statue of Christ the Redeemer in Rio de Janeiro
Christ the Redeemer is a statue of Jesus Christ in Rio de Janeiro, Brazil. The statue stands 32 metres tall, weighs 700 tonnes and is located at the peak of the 700-metre Corcovado Mountain in the Tijuca Forest National Park, overlooking the city.
As well as being a potent symbol of Christianity, the statue has become an icon of Rio and Brazil.
The Incan ruins of Machu Picchu
Machu Picchu, a pre-Columbian city created by the Inca, is located above the Urubamba Valley in Peru, about 70 km northwest of Cusco. Forgotten for centuries by the outside world, although not by locals, it was brought back to international attention by archaeologist Hiram Bingham in 1911, who made the first scientific confirmation of the site and wrote a best-selling work about it.
The ancient Mayan city of Chichen Itza in Mexico
Chichen Itza is a large pre-Columbian archaeological site built by the Maya civilisation, located in the northern centre of the Yucatan Peninsula, present-day Mexico.
The Maya name Chichen Itza means "At the mouth of the well of the Itza". Although this was the usual name for the site in pre-Columbian times, it is also referred to in the ancient chronicles as Uucyabnal, meaning "Seven Great Rulers".
The pink ruins of Petra in Jordan
Petra is an archaeological site in Jordan, lying in a basin among the mountains, which form the eastern flank of Arabah (Wadi Araba), the large valley running from the Dead Sea to the Gulf of Aqaba. It is famous for having many stone structures carved into the rock. The long-hidden site was revealed to the Western world by Swiss explorer Johann Ludwig Burckhardt in 1812.
Today, the Palace Tombs of Petra, with the 42-metre-high Hellenistic temple facade on the El-Deir Monastery, are impressive examples of Middle Eastern culture.
The Coliseum in Rome
The Coliseum, originally the Flavian Amphitheatre, is a giant amphitheatre in the centre of the city of Rome, Italy. Originally capable of seating around 50,000 spectators, it was used for gladiatorial contests and public spectacles. The amphitheatre, the largest ever built in the Roman Empire, was completed in 80 AD under Titus, with further modifications being made during Domitian's reign.
The announcement was made at a star-studded ceremony here.
Following are some details about the new seven wonders:
The Taj Mahal
An icon of love, the Taj Mahal is a mausoleum located in Agra, India. The Mughal Emperor Shah Jahan commissioned it for his beloved wife Mumtaz Mahal. Its construction began in 1632 and was completed in approximately 1648.
Built out of white marble and standing in formally laid-out walled gardens, the Taj Mahal is regarded as the most perfect jewel of Muslim art in India.
The Great Wall of China
The Great Wall is the world's longest human-made structure, stretching over approximately 6,400 km from Shanhai Pass in the east to Lop Nur in the west of China, along an arc that roughly delineates the southern edge of Inner Mongolia. It is also the largest human-made structure ever built in terms of surface area and mass.
The Wall was classified a World Heritage Site by Unesco in 1986.
The statue of Christ the Redeemer in Rio de Janeiro
Christ the Redeemer is a statue of Jesus Christ in Rio de Janeiro, Brazil. The statue stands 32 metres tall, weighs 700 tonnes and is located at the peak of the 700-metre Corcovado Mountain in the Tijuca Forest National Park, overlooking the city.
As well as being a potent symbol of Christianity, the statue has become an icon of Rio and Brazil.
The Incan ruins of Machu Picchu
Machu Picchu, a pre-Columbian city created by the Inca, is located above the Urubamba Valley in Peru, about 70 km northwest of Cusco. Forgotten for centuries by the outside world, although not by locals, it was brought back to international attention by archaeologist Hiram Bingham in 1911, who made the first scientific confirmation of the site and wrote a best-selling work about it.
The ancient Mayan city of Chichen Itza in Mexico
Chichen Itza is a large pre-Columbian archaeological site built by the Maya civilisation, located in the northern centre of the Yucatan Peninsula, present-day Mexico.
The Maya name Chichen Itza means "At the mouth of the well of the Itza". Although this was the usual name for the site in pre-Columbian times, it is also referred to in the ancient chronicles as Uucyabnal, meaning "Seven Great Rulers".
The pink ruins of Petra in Jordan
Petra is an archaeological site in Jordan, lying in a basin among the mountains, which form the eastern flank of Arabah (Wadi Araba), the large valley running from the Dead Sea to the Gulf of Aqaba. It is famous for having many stone structures carved into the rock. The long-hidden site was revealed to the Western world by Swiss explorer Johann Ludwig Burckhardt in 1812.
Today, the Palace Tombs of Petra, with the 42-metre-high Hellenistic temple facade on the El-Deir Monastery, are impressive examples of Middle Eastern culture.
The Coliseum in Rome
The Coliseum, originally the Flavian Amphitheatre, is a giant amphitheatre in the centre of the city of Rome, Italy. Originally capable of seating around 50,000 spectators, it was used for gladiatorial contests and public spectacles. The amphitheatre, the largest ever built in the Roman Empire, was completed in 80 AD under Titus, with further modifications being made during Domitian's reign.
Monday, July 9, 2007
Thieves using stolen credit cards to make donations
Some fraudsters have become generous with other people's money, donating to charities with stolen credit cards to verify the numbers are valid before selling them, the security firm Symantec Corp. said Friday on its blog.
They might seem like modern-day Robin Hoods, but they're really just cyber-robbers.
Unverified cards fetch up to $6 while verified cards can bring up to $18, said Javier Santoyo, a manager at Symantec. "Even the bad guys want to verify the other bad guys."
The verification method has become popular because the monitoring software at credit card companies may not question donations to charities, according the Symantec blog. Santoyo said the schemers usually donate less than $10.
American Red Cross spokeswoman Carrie Martin said, "This happens all the time. We have people at the Red Cross who deal with this type of activity."
Last month alone, the Red Cross refunded 700 fraudulent credit card transactions, Martin said. That figure doesn't include the transactions the charity blocked because they appeared fraudulent.
"There's a lot of red flags we look for," Martin said. For instance, the Red Cross automatically cancels any series of donations with the same e-mail address but a variety of credit-card numbers, Martin said.
Santoyo said that consumers should monitor their credit-card statements and question even a small transaction that appears to be unauthorized, as it could indicate the card number has been stolen.
The price thieves fetch for cards depends on whether it's been validated, the number of card numbers purchased, the credit line and how much additional information is available, such as the cardholder's address or the 3-digit security code on the card, said Johannes Ullrich, chief technology officer at the SANS Institute, a network security research and educational organization.
Author: RICHARD J. DALTON, JR.
Source: Newsday
They might seem like modern-day Robin Hoods, but they're really just cyber-robbers.
Unverified cards fetch up to $6 while verified cards can bring up to $18, said Javier Santoyo, a manager at Symantec. "Even the bad guys want to verify the other bad guys."
The verification method has become popular because the monitoring software at credit card companies may not question donations to charities, according the Symantec blog. Santoyo said the schemers usually donate less than $10.
American Red Cross spokeswoman Carrie Martin said, "This happens all the time. We have people at the Red Cross who deal with this type of activity."
Last month alone, the Red Cross refunded 700 fraudulent credit card transactions, Martin said. That figure doesn't include the transactions the charity blocked because they appeared fraudulent.
"There's a lot of red flags we look for," Martin said. For instance, the Red Cross automatically cancels any series of donations with the same e-mail address but a variety of credit-card numbers, Martin said.
Santoyo said that consumers should monitor their credit-card statements and question even a small transaction that appears to be unauthorized, as it could indicate the card number has been stolen.
The price thieves fetch for cards depends on whether it's been validated, the number of card numbers purchased, the credit line and how much additional information is available, such as the cardholder's address or the 3-digit security code on the card, said Johannes Ullrich, chief technology officer at the SANS Institute, a network security research and educational organization.
Author: RICHARD J. DALTON, JR.
Source: Newsday
Monday, July 2, 2007
iPhone vs Nokia N95, BlackBerry Curve, Treo, Samsung BlackJack
The much-hyped iPhone launched 10 days back internationally. Apple has released a smart phone matrix comparing the physical dimensions, talk time and battery life of some of the most popular smart phones that are available in the market today.
As per the matrix, Apple iPhone is the thinnest smartphone (half the thickness of N95 or Treo 750) with the largest screen size and Wi-Fi capabilities. [pdf]
A new report in PCWorld has suggest that 19 million Americans have strong interest in buying the iPhone. 67 percent of those who were most inclined to purchase an iPhone are subscribers on other carrier networks.
Wednesday, June 27, 2007
CM's website hacking: State Police to sent ‘Letter of Rogatory’
The State police are planning to sent a ‘Letter of Rogatory’, a formal request by a Court to the Interpol, to get certain details pertaining to the Chief Minister's website hacking case.
Though the State police had earlier sent a request to the Interpol Wing attached to the CBI seeking the details through their counterparts in the US, Russia and China, they refused to had over the requests for want of a ‘Letter of rogatory’.
They have however preserved the electronic evidence including log files required by the State Police to crack the case.
The State Police are concerned that this would delay the investigation. The State Police would prepare the draft ‘letter of rogatory’ and send it to the Interpol wing of CBI who will forward it to the External Affairs Ministry.
The letters would be later produced before the Chief Judicial Magistrate and letter would be forwarded through the court.
It may be recalled that the Vigilance and Anti-Corruption Bureau had initiated a ‘letter of rogatory’ for collecting certain details from a French company involved in the Brahmapuram power plant corruption case.
Chief Minister's website ‘www.keralacm.gov.in’ was hacked and inserted objectionable contents. The police had found that the site was hacked from Internet Protocol addressed located in the US, Russia and China following the help of Interpol was sought.
Source: newindpress
Though the State police had earlier sent a request to the Interpol Wing attached to the CBI seeking the details through their counterparts in the US, Russia and China, they refused to had over the requests for want of a ‘Letter of rogatory’.
They have however preserved the electronic evidence including log files required by the State Police to crack the case.
The State Police are concerned that this would delay the investigation. The State Police would prepare the draft ‘letter of rogatory’ and send it to the Interpol wing of CBI who will forward it to the External Affairs Ministry.
The letters would be later produced before the Chief Judicial Magistrate and letter would be forwarded through the court.
It may be recalled that the Vigilance and Anti-Corruption Bureau had initiated a ‘letter of rogatory’ for collecting certain details from a French company involved in the Brahmapuram power plant corruption case.
Chief Minister's website ‘www.keralacm.gov.in’ was hacked and inserted objectionable contents. The police had found that the site was hacked from Internet Protocol addressed located in the US, Russia and China following the help of Interpol was sought.
Source: newindpress
Tuesday, June 26, 2007
NASSCOM Tracks IT Adoption
NASSCOM has announced the 2006 Study, titled "Tracking of the IT Adoption Study" conducted among IT heads and senior IT managers from about 292 companies in India, across multiple verticals. The study showed that the growth of IT adoption was on an incline, with both large and SME companies buying more IT.
The study indicated that the highest average IT spending for 2006 was for the BFSI vertical followed by the energy and utility segment. The rate of increase in the average spending in each of these verticals was expected to be in the range of 12-27%, making them the most likely highest spending sectors in 2007 as well.
The third sector which was projected to witness a considerable hike in its IT spend was the tourism and hospitality industry. Rs.18 crore of IT expenditure, in this sector, was projected to grow by 13%, placing it among the highest tech-spenders in India, in 2007.
Interestingly, 1 out of 4 companies in both large scale and medium scale organizations indicated that their IT budgets would increase by around 10-19% during the current year.
NASSCOM's findings revealed that business continuity and risk mitigation were the key priority areas for CIOs. Increasing efficiency and process productivity was the business goal achieved through IT adoption in 2006.
Also, it revealed that the CIO's role as the "business leader" and then as a "technologist" was not the current prototype. IT spends were driven by hardware, followed by application and network software.
The NASSCOM study made it clear that CIOs would need to ensure that the business value of IT was proven and delivered. According to the study, the business benefit would have to be proved up-front, and the means of measuring benefits of IT - by perhaps using an overlay IT-business balanced scorecard approach, or by mapping the benefits perceived and by pre-empting outcome scenarios.
This in fact, was stated to be a major CIO challenge, which required them to be more business oriented. The effort of mapping business benefits was immense, even though some CIOs had already started measuring IT advantages, juxtapositioning them as trusted business advisors.
The study indicated that the highest average IT spending for 2006 was for the BFSI vertical followed by the energy and utility segment. The rate of increase in the average spending in each of these verticals was expected to be in the range of 12-27%, making them the most likely highest spending sectors in 2007 as well.
The third sector which was projected to witness a considerable hike in its IT spend was the tourism and hospitality industry. Rs.18 crore of IT expenditure, in this sector, was projected to grow by 13%, placing it among the highest tech-spenders in India, in 2007.
Interestingly, 1 out of 4 companies in both large scale and medium scale organizations indicated that their IT budgets would increase by around 10-19% during the current year.
NASSCOM's findings revealed that business continuity and risk mitigation were the key priority areas for CIOs. Increasing efficiency and process productivity was the business goal achieved through IT adoption in 2006.
Also, it revealed that the CIO's role as the "business leader" and then as a "technologist" was not the current prototype. IT spends were driven by hardware, followed by application and network software.
The NASSCOM study made it clear that CIOs would need to ensure that the business value of IT was proven and delivered. According to the study, the business benefit would have to be proved up-front, and the means of measuring benefits of IT - by perhaps using an overlay IT-business balanced scorecard approach, or by mapping the benefits perceived and by pre-empting outcome scenarios.
This in fact, was stated to be a major CIO challenge, which required them to be more business oriented. The effort of mapping business benefits was immense, even though some CIOs had already started measuring IT advantages, juxtapositioning them as trusted business advisors.
Monday, June 18, 2007
Thumbstrips - View or Search Your Web Browser History in a Picture Timeline
Thumbstrips is a wonderful Firefox extension that helps you view recently visited web pages in a visual manner - it's a more user friendly and powerful approach than the native Firefox History view (Ctrl+H).
Thumbstrips, like an automatic screen capture program, takes screenshots of the websites that you are visiting and also records other details like how long you stayed on that web page and the number of times you viewed that page in your current session.
Thumbstrips Extension[Firefox Only]
Source: Digital Inspiration
Thumbstrips, like an automatic screen capture program, takes screenshots of the websites that you are visiting and also records other details like how long you stayed on that web page and the number of times you viewed that page in your current session.
Thumbstrips Extension[Firefox Only]
Source: Digital Inspiration
Netstat - Hackers Tool
A video about netstat is in the Youtube. Those who do not play with it could see the possibilities it offers to us. Anyway check it out and tell me your opinion.
Network Statistics - Netstat is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Linux, and Windows XP, Windows NT-based operating systems.
Thursday, June 14, 2007
Michigan Man Fined for Using Coffee Shop's Wi-Fi Network
A Michigan man has been fined $400 and given 40 hours of community service for accessing an open wireless Internet connection outside a coffee shop. Under a little known state law against computer hackers, Sam Peterson II, of Cedar Springs, Mich., faced a felony charge after cops found him on March 27 sitting in front of the Re-Union street Café in Sparta, Mich., surfing the Web from his brand-new laptop. Last week, Peterson chose to pay the fine instead as part of a jail-diversion program.
Someone from a nearby barbershop had called cops after seeing Peterson’s car pull up every day and sit in front of the coffee shop without anybody getting out.
“I just curiously asked him, ‘Where are you getting the Internet connection?’, you know,” Sparta Police Chief Andrew Milanowski said. “And he said, ‘From the café.’”
Milanowski ruled out Peterson as a possible stalker of the attractive local hairdresser, but still felt that a law might have been broken.
“We came back and we looked up the laws and we figured if we found one and thought, ‘Well, let’s run it by the prosecutor’s office and see what they want to do,’” Milanowski said.
A few weeks later Peterson said he received a letter from the Kent County prosecutor’s office saying that he faced a felony charge of fraudulent access to computer networks and that a request had been made for an arrest warrant.
Source: FoxNews
Skype is great!
Convert Powerpoint Presentations to Flash with GMail PPT Viewer
Now GMail has an inbuilt PPT viewer that lets you view PowerPoint attachment as a Flash picture slide show in the Web Browser itself without requiring Microsoft PowerPoint application.
If you manually advance the entire PPT slide show using the arrow keys GMail converts every slide of your PowerPoint presentation to a Flash (swf) file. All the slides will become available as Flash files in your browser's temp folder. The swf files may then be embedded in your blog for sharing with readers.
If you manually advance the entire PPT slide show using the arrow keys GMail converts every slide of your PowerPoint presentation to a Flash (swf) file. All the slides will become available as Flash files in your browser's temp folder. The swf files may then be embedded in your blog for sharing with readers.
Network Security Monitoring with Sguil - An Intuitive GUI
Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. The Sguil client is written in tcl/tk and can be run on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you need to decide how to handle the situation. In other words, sguil simply ties together the outputs of various security monitoring tools into a single interface, providing you with the most information in the shortest amount of time.Sguil uses a database backend for most of its data, which allows you to perform SQL queries against several different types of security events.
Sguil’s design centers on providing convenient, quick access to a host of supporting information, which both saves you time and helps you make better decisions. Incidentally, because sguil uses a dedicated client instead of running through a web browser, you get a richer, more responsive user interface as well.
Installing the Sguil client on MicroSoft Windows
Getting the Sguil client up and running in MicroSoft Windows is a fairly easy process. First download and unpack the most recent version of Sguil from here. Next, download and install the freeActiveTcl libraries. Finally, associate the sguil.tk application with the tcl interpreter.
You can read more and download Sguil here
http://sguil.sourceforge.net/
Tuesday, June 12, 2007
10 Free Ways to Track All Your Passwords
With the proliferation of web services — there’s a new one out each day, it seems — it feels like we’re always creating new accounts, each with a different username and password.
The easy options — using the same password each time or writing them down on paper or in a spreadsheet — aren’t exactly the most secure. In fact, security experts strongly warn against these options as they leave you vulnerable to online theft.
So what’s a web surfer to do? If you’ve got more than a dozen services, you’re not going to remember all of them. It’s time to look into a password manager — and if you’re a cheapskate like me, you want a free one.
Let’s agree, from here on in, to stop using our dog’s name and birth date for our single password. Here are 10 free options for doing that:
Firefoxx or IE: Both popular browsers offer fairly secure ways of storing your username or passwords for different sites, once you enter them the first time. This is very handy, and can save a ton of time. Unfortunately, under certain conditions, the password could be lost, requiring you to enter the password again. And if you’ve been relying on the browser to remember the password, you’re out of luck. Also, this solution is only for online passwords, not for network or desktop passwords.
KeePass: One of the most popular password managers out there, KeePass is great because it’s open-source, free and cross-platform — available for Windows, Linux, OS X, and even mobile devices. It keeps all your passwords, online and off, in a secure database, so you only have to remember one master password. Be sure that master password is safe!
Clipperz: Unlike most password managers, this solution is online — so you can access it anywhere. And it stores more than passwords — credit card numbers, account numbers, anything really. Storing passwords and other confidential information online can make someplace nervous, but Clipperz uses an encryption method that means not even Clipperz knows what it’s storing. This is a good solution if you need access to your passwords from multiple computers, rather than just one or two.
OSX Keychain: If you use a Mac, you’re most likely familiar with Keychain, which comes with OSX. Basically, it’s a password manager that uses your OSX admin password as the master password.
KeyWallet: Windows only, this little utility sits in your system tray, and you just pull it up when you need to enter a password. As a utility, it is browswer-independent, which is ideal for some.
Password Manager Plus: The Billeo Free Password Manager Plus toolbar works with both Firefox and Internet Explorer, and allows you to store not only passwords but credit card numbers and online account information, and can autofill your information as you shop online or paying bills, for example.
Password Hasher: This Firefox extension generates strong passwords for you by scrambling your master password with the site’s name. The passwords generated by this extension are better than any you could come up with yourself.
PasswordSafe: This free online service works on any modern web browser, for any OS, and a desktop version is available for Windows or Mac. Basically, it uses an encrypted safe to store your passwords, along with other information including software keys, website logins, pin numbers, email logins and more.
Password generator: This is a little bookmarklet that combines your master password with the site’s name to create a stronger password, and one that is different for each site. Very handy and simple.
Algorithm: The best solution may not even be a technology solution — remembering strong passwords could be as simple as coming up with a way to change a base password using the name of the online service you’re logging into. For example, if you come up with a base password of “xlg519″ (based on your partner’s initials and your cat’s birthday), you can add the first two and last two letters of a service’s name (”amon” for Amazon) and you’ve got your password!
Some notes on passwords:
Never give out your master password if you use a password manager. Be sure you never forget it.
Don’t write passwords on a little piece of paper and stick it in your drawer. If it gets stolen, you only have yourself to blame.
Password managers may not be safe on a shared computer — it is probably best to only install them on a computer that only you use.
Using common information for your password is not secure — such as your birthday, initials, kids’ birthdays, names, etc. And no, “password” is not a safe password.
Using the same password for everything is a bad idea, because once that password is discovered, a thief has access to all your accounts.
Source: Lifehack.org
The easy options — using the same password each time or writing them down on paper or in a spreadsheet — aren’t exactly the most secure. In fact, security experts strongly warn against these options as they leave you vulnerable to online theft.
So what’s a web surfer to do? If you’ve got more than a dozen services, you’re not going to remember all of them. It’s time to look into a password manager — and if you’re a cheapskate like me, you want a free one.
Let’s agree, from here on in, to stop using our dog’s name and birth date for our single password. Here are 10 free options for doing that:
Firefoxx or IE: Both popular browsers offer fairly secure ways of storing your username or passwords for different sites, once you enter them the first time. This is very handy, and can save a ton of time. Unfortunately, under certain conditions, the password could be lost, requiring you to enter the password again. And if you’ve been relying on the browser to remember the password, you’re out of luck. Also, this solution is only for online passwords, not for network or desktop passwords.
KeePass: One of the most popular password managers out there, KeePass is great because it’s open-source, free and cross-platform — available for Windows, Linux, OS X, and even mobile devices. It keeps all your passwords, online and off, in a secure database, so you only have to remember one master password. Be sure that master password is safe!
Clipperz: Unlike most password managers, this solution is online — so you can access it anywhere. And it stores more than passwords — credit card numbers, account numbers, anything really. Storing passwords and other confidential information online can make someplace nervous, but Clipperz uses an encryption method that means not even Clipperz knows what it’s storing. This is a good solution if you need access to your passwords from multiple computers, rather than just one or two.
OSX Keychain: If you use a Mac, you’re most likely familiar with Keychain, which comes with OSX. Basically, it’s a password manager that uses your OSX admin password as the master password.
KeyWallet: Windows only, this little utility sits in your system tray, and you just pull it up when you need to enter a password. As a utility, it is browswer-independent, which is ideal for some.
Password Manager Plus: The Billeo Free Password Manager Plus toolbar works with both Firefox and Internet Explorer, and allows you to store not only passwords but credit card numbers and online account information, and can autofill your information as you shop online or paying bills, for example.
Password Hasher: This Firefox extension generates strong passwords for you by scrambling your master password with the site’s name. The passwords generated by this extension are better than any you could come up with yourself.
PasswordSafe: This free online service works on any modern web browser, for any OS, and a desktop version is available for Windows or Mac. Basically, it uses an encrypted safe to store your passwords, along with other information including software keys, website logins, pin numbers, email logins and more.
Password generator: This is a little bookmarklet that combines your master password with the site’s name to create a stronger password, and one that is different for each site. Very handy and simple.
Algorithm: The best solution may not even be a technology solution — remembering strong passwords could be as simple as coming up with a way to change a base password using the name of the online service you’re logging into. For example, if you come up with a base password of “xlg519″ (based on your partner’s initials and your cat’s birthday), you can add the first two and last two letters of a service’s name (”amon” for Amazon) and you’ve got your password!
Some notes on passwords:
Never give out your master password if you use a password manager. Be sure you never forget it.
Don’t write passwords on a little piece of paper and stick it in your drawer. If it gets stolen, you only have yourself to blame.
Password managers may not be safe on a shared computer — it is probably best to only install them on a computer that only you use.
Using common information for your password is not secure — such as your birthday, initials, kids’ birthdays, names, etc. And no, “password” is not a safe password.
Using the same password for everything is a bad idea, because once that password is discovered, a thief has access to all your accounts.
Source: Lifehack.org
Sunday, June 10, 2007
Hacking of CM's Website - Kerala Police sought INTERPOL help
The Kerala Police have sought the assistance of the International Police Organisation (INTERPOL) to track those who behind the hacking of the official Website of Kerala Chief Minister www.keralacm.gov.in.
Hackers had inserted links to objectionable contents in the CM’s Website. New topics were created in the Discussion Forum and links to certain websites with objectionable contents are inserted.
The Website was hacked by unidentified persons four times recently. The Hi-Tech Crime Enquiry Cell of Kerala Police with the help of C-DAC Cyber Forensic Division Experts traced the IP (Internet Protocol) Addresses. These addresses are located in the US, Russia and China. Meanwhile, the official Website run by C-DIT has been pulled out from the World Wide Web for an overhaul.
Source: Newindpress
Hackers had inserted links to objectionable contents in the CM’s Website. New topics were created in the Discussion Forum and links to certain websites with objectionable contents are inserted.
The Website was hacked by unidentified persons four times recently. The Hi-Tech Crime Enquiry Cell of Kerala Police with the help of C-DAC Cyber Forensic Division Experts traced the IP (Internet Protocol) Addresses. These addresses are located in the US, Russia and China. Meanwhile, the official Website run by C-DIT has been pulled out from the World Wide Web for an overhaul.
Source: Newindpress
Monday, June 4, 2007
വിഎസിന്റെ സൈറ്റ് ഹാക്ക് ചെയ്തു
തിരുവനന്തപുരം: മുഖ്യമന്ത്രി വി എസ് അച്യുതാനന്ദന്റെ ഔദ്യോഗിക വെബ്സൈറ്റ് നാലുതവണ ഹാക്ക് ചെയ്യപ്പെട്ടതായി വെളിപ്പെട്ടു.സൈബര് ക്രൈം സെല് ഇതേകുറിച്ച് നടത്തിയ അന്വേഷണം എങ്ങും എത്തിയിട്ടില്ല.മുഖ്യമന്ത്രിയുടെ സൈറ്റിന്റെ പരിപാലന ചുമതല സിഡിറ്റിനാണ്.
കൃത്രിമ പാസ്വേഡ് ഉപയോഗിച്ച് വെബ്സൈറ്റിലെ വിവരങ്ങള് മാറ്റുകയും പുതിയവ തിരുകി കയറ്റുകയും ചെയ്തിരുന്നു. സൈബര് ക്രൈംസെല് മേധാവി ഐ ജി ലോക്നാഥ് ബെഹ്റയുടെ നേതൃത്വത്തില് അന്വേഷണം പുരോഗമിക്കുന്നുണ്ട്.
മൂന്നാര് ദൗത്യസംഘത്തില്പെട്ട ഐ ജി ഋഷിരാജ്സിങ്ങിനെ കൊന്നുകളയുമെന്ന ഭീഷണിയും മുഖ്യമന്ത്രിയുടെ വെബ്സൈറ്റില് പ്രത്യക്ഷപ്പെട്ടിരുന്നു. വധഭീഷണി അയച്ച മേല്വിലാസത്തെ കുറിച്ച് അന്വേഷണം പുരോഗമിക്കുന്നു. എന്നാല് അന്വേഷണത്തിന്റെ കൂടുതല് വിവരങ്ങള് പറത്തുവിട്ടിട്ടില്ല.
Source: MSN India
Saturday, June 2, 2007
Subscribe to:
Posts (Atom)
