Researcher breaks Wi-Fi's Most Popular Encryption



Its 2017 and i'm sure most of you use wifi to connect internet. Specially if you are from India then i'm sure you use Jio hotspot to all your devices to connect to internet . Well if you are among those then i have a bad news for you. WPA2 ( Wi-Fi Protected Access  II ) is the security protocol we use to secure our internet connections. But recently a researcher Mathy Vanhoef of imec-DistriNet, KU Leuven found a flaw by which he was able to break this security protocol.

What is the risk ?


You might be asking well thats great that he have found the flaw but how will it affect me ? Well imagine this. You are connect in your home wifi network and chatting with your best friend and your neighbor ( a hacker guy ) looking at conversation. Or may be you are creating an account in your favorite shopping site and your neighbor ( a hacker guy ) see your login credentials. Scary right ?

Details About the attack


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

The details about the attack can be found in this website : https://www.krackattacks.com/

FAQ ( Taken from Krackattacks  )


Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

Should I change my Wi-Fi password?

Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.

I'm using WPA2 with only AES. That's also vulnerable?

Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!

Is my device vulnerable?

Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information.

What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.


9Apps - An alternate to Google Play Store with better apps & games



When you buy any android powered smartphone, Google's Play Store comes pre installed with the device, which is used for downloading android apps, games and also updating them. But the problem with Play Store is that it is very much complicated and sometimes becomes irritating too. There are many other app marketplace on the internet which users can try and give a shot. One such marketplaces for downloading latest android apps and games is 9APPS. 9Apps APK is an android app store which offers android apps, games, wallpapers, themes etc. 

It also provides some extra features; and because of these extra features it is worth to give it a try. It is regarded as one of the best alternates to Google's Play Store.

What is 9Apps?

9Apps is one of the most popular android marketplace available for android. This app store can be used to download free android apps and games, and even update them. This app has already been trusted by 160 million monthly active users. They also see 20 million daily downloads. These numbers are huge and show how popular this app marketplace is.
On 9Apps, you get best app recommendations helping you choose the best for you.

Is downloading apps from 9Apps safe?

Due to increase in malwares, experts have always recommended to download apps from trusted source like Play Store. Because majority of other app distribution platforms are filled up malwares or apps containing malicious codes. But the good news is that 9Apps is all safe as developers of this app store have kept their user's security as their first priority. Each and every app which is uploaded on 9apps is first properly checked from inside out before it is made available for download.

I personally use this app store, that is why I am also recommending you guys to download and give it a try. You won't be disappointed. Trust me.

Features of 9Apps

Apps can be download from PlayStore, then why you need 9Apps? that's what you thinking, right? Well, there are many reasons for which you should download 9Apps. Below we have listed out some of best features.
  1. Better app recommendations than any other app store.
  2. Offers largest collection of latest games and android apps.
  3. Updated version of 9Apps even comes with Price Comparison feature.
  4. Advanced & fast data compression capabilities.
How to download 9Apps

Visit http://9appsapkapp.in/ and click on Download button. Your download process will be started automatically. After you download the primary 9Apps app, you also need to download the supporting installer for coupons and price compare things.
 

Final Words

9Apps is one of the best android app stores on the internet. We highly recommend to our users to download this amazing app right now and enjoy it's amazing features and functions.

Private Browsing - What Are The Benefits?



It is not entirely possible to use the Internet without leaving a digital footprint behind. However, private browsing can offer a lot of protection and keep you relatively safe. Web browsers are equipped with private browsing capabilities, e.g., Internet Explorer has an 'InPrivate' mode for secure browsing, and Google Chrome has 'InCognito' mode for private sessions. 


With private browsing, you can keep your search data and other information protected. Private browsing alone cannot provide you complete protection against data theft, but it is an effective measure you must take. 

What Is Private Browsing?

Data related to every website you visit is stored in your Internet browser's history, cache, and cookies. The browser remembers the URLs of the websites you visit and files you download. Cookies track your activity on different sites to provide you a better and faster user experience. 

It's all fine if you use a private computer and your data does not contain any valuable information. However, if you use a public computer and you are concerned about your data getting stolen, or you are uncomfortable knowing that your digital footprint is trackable and don't want to leave any breadcrumbs behind then use Private browser. 

If you use the browser's private mode, all the information is stored until your session completes. Once you close your private session, you don't leave any trail behind, and none of your data remains stored on the system. 

How To Stay Safe Online?

i. Good Digital Habits

Don't download anything or click anywhere if you are not sure about the website. Avoid downloading pirated content and software as they are often loaded with spyware and other malicious software. 

Avoid using public Wi-Fi network if it offers unfettered access to the network. If you connect to a genuine public Wi-Fi network, avoid exposing sensitive data such as banking passwords and login information. 

ii. SSL Certified Websites


SSL certificate provides secure connection for the exchange of information between browser and server. Make sure that you are dealing with URL of the website begins with 'HTTPS' instead of 'HTTP.' A green padlock icon in the address bar confirms that the site is SSL certified with SSL certificate like Positive SSL certificate.


SSL stands for 'Secure Sockets Layer', and it provides encrypted link between web broser and server to handle sensitive information, such as customer names, phone numbers, account numbers, credit card numbers, and more.


iii. Keep Your System Guarded And Updated 


Developers use updates to fix any security vulnerabilities. That's why it is important to keep your system updated. A good anti-virus program will keep your system protected from most potential attacks. 

Benefits Of Browsing Internet Privately


·         Privacy


When you use a shared computer and browse the internet in private mode, the websites you visit will never appear in the search history, no matter how many times you visit a website.


·         Minimize History


Whether it’s your work computer or personal computer, having as little personal data stored as possible is the best way to protect your information. It reduces the risk of your data getting stolen, and it saves space on your disk as well.


·         Security


Any cookies generated during a private browsing session gets automatically deleted when you close the window. If you are concerned about your accounts' security while signing in on a shared computer, a private browsing session can help you with that. Even if you forget to sign out of your account, the sign-in cookie will be deleted when you close the browsing session. With the deletion of the cookie, your account will be automatically signed out, and nobody could log into your account maliciously.


·         Testing


If you want to open a website you are not so sure about, but still, you want to give it a try, private browsing is the way to go.


·         Multiple Sessions 


Cookies are not shared between the normal window and a private browsing window. You can login to the second account on the same website without first signing out from your first account. For instance, if you are signed in with your Google account, and your friend wants to check his Gmail account, a private browsing session is a way to go.


·         eCommerce Tracking


Many websites use your search data and cookies to bring deals according to your needs. For instance, airline websites have data about your previous search history if you tried to check the price of a ticket. From the user data, they can find out which customer is highly likely to purchase a ticket. Sometimes, they offer higher discounts to new customers. You can check the price of the ticket using a private browser session to make sure that you are paying the minimum amount on your tickets. 

Same way, if you want an e-commerce platform to list your prices without accessing your data, you can use a private session. 


How To Enhance Privacy Further?

You can use TOR browser and a VPN connection from a reliable provider for enhanced privacy. Your browsing will still not be completely private, but these options can improve your privacy further. 


How To Browse the Internet Privately?


Chrome's Incognito Mode

1.      You can click the Google Chrome's 'Control Google Chrome Button' in the top-right corner with three dots and select 'new Incognito Window' for private browsing.
2.      Alternatively, you can press Ctrl+Shift+N to launch a new Incognito window.
3.      While right-clicking a link, you will see an option to open link in Incognito window.

Firefox's Private Mode

1.      Click the control button in the upper right corner and click 'New Private Window'.
2.      Alternatively, you can also press Ctrl+Shift+P to launch a private window. 




Microsoft's Edge's InPrivate Mode

1.      Click the '...' button in the top-right corner of the window and select new 'InPrivate Window'.
2.      Alternatively, you can also press Ctrl+Shift+P or Ctrl+Shift+N to launch a private window.


Conclusion 


Browsing the Internet in private mode comes handy in many different scenarios. Private browsing prevents your data from getting saved and enhances your information security. It reduces the chances of data theft and offers you the privacy that you need if you are using a shared network.

How to recover deleted data in Windows, Android and mac



Our devices be it our PC or our smartphone, it stores a lot of important data . The only reason why our smartphone storage is going on increasing is that the amount of data that an user likes to store or number of apps that an user likes to use have increased. According to few online leaks iphone 8 is going to have 512 GB of storage. Yes you heard it right.

Now coming back to the topic, most of the time we accidentally delete our file and later realize how important that file was for us. Or sometime due to disk failure in PC or some software updates in andriod device we end up loosing our files. Even though Windows may not be able to see a file you accidentally deleted , it’s usually possible that the data could still be there and able to be retrieved.

In this post we will see how we can recover permanently deleted files from Windows, Amc and android.

Recover permanently deleted files in Windows 

Recuva Software

It can recover files that have been deleted accidentally. It supports image, audio, documents files and even emails. It scans the hard drive, find the file and copy it to flash media.


  • Download the free version of Recuva Software.
  • After finishing the installation of Recuva software, a quick launch file displays on the desktop. Click on that icon to Run and start the file.
  • You will get different file types like Music files, Documents, Video files, Images, all files, etc.
  • You can choose a specific file or Select ‘All Files’ so that you can recover any type of deleted file.


Recover permanently deleted files in Mac 

Recoverying deleted files in MAc is as easy as recovering in windows. For mac use this mac data recovery EaseUS Data Recovery Wizard for Mac

EaseUS free data recovery software recovers deleted, formatted and even inaccessible files for Mac


  • Restore lost or deleted document, photo, video, audio, email and other types of files
  • Save files from Mac notebook, Mac desktop, hard drive, SSD, USB drive, memory card, SD card, CF card, digital camera, iPod, MP3/MP4 player, etc.




Recover permanently deleted files in Android

These days we store most of our important files such as photos, documents etc in our phone so if by mistake we loose these data we might have to face a lot of problems.


If you delete the data accidentally, the first thing you need to do is to stop using your device and try to recover lost files from Android as soon as possible, or it may have a higher risk to be overwritten and you are not able to get the lost data back anymore.

There are various tools available for data recovery in android you can use any one of them.

The Android Photo Recovery program could assist you to recover not only photos and videos, but also SMS text messages, contacts, call history and more from Android phone or tablet.



  • Install the program on your computer and run it, you will be asked to connect your Android device to PC via USB.
  • After connecting your Android to the computer, now you should enable USB debugging
  • Start Scanning Your Android for Deleted Files
  • Then click on the green button "Start" to analyze your Android data.


When you see the window below, it is time for you moving to your Android device again, tap on the "Allow" icon, then turn back to the computer and click on the "Start" button to continue.

And then you can recover your deleted files.


Even though you won't be able to recover all your files but you can recover most of the files. I hope it helps you. Do let me know if you have any doubt



Sarahah App Secretly Uploads your Entire Contact List



I'm sure most of you have used Saraha or atleast saw your friends sharing the 'Feedbacks' they received from this app/website. This app became viral in US and even in India in a very short time. Even if the app was to receive honest feedback from friends, people used it to abuse and bully other people.

I remember when the app was first released many people questioned why this app is asking for so many permissions ? An app requesting access to the user's phonebook is quite common if the app provides any feature that works with contacts, but what shocking is that, there is no such functionality in Sarahah is available right now.

Zachary Julian, a senior security analyst at Bishop Fox, discovered something serious about Sarahah. He found that the app is uploading private information from the phone to its server. Zachary tested the app on his Galaxy S5 running Android 5.1.1 and used BURP Suite to intercept traffic. He found that the app is uploading his private data.

He confirmed that the app transmits all of your email and phone contacts stored o Android phone. He also verified the same with iOS and found the same thing.

Here is a video demonstration by Zachary Julian


Sarahah uploading address book data from The Intercept on Vimeo.

As soon as the news broke out,  the creator of Sarahah, Zain al-Abidin Tawfiq, responded to the story by saying his app actually harvests and uploads the contacts from users to the company's servers for a feature that will be implemented at a later time.

All newer Android operating systems (starting with Android 6.0 Marshmallow) allows users to limit permissions for apps, users can limit permissions so that apps do not gain access to contacts or other information that doesn't have anything to do with the app's functioning.

So next time when you use such an app, have a look at the permissions that it is asking for.

Lenovo to give pure stock android experience with k8 note



We all love the stock android experience , don't we ? But these days a lot of companies add their UI and load the phone with bloatware which makes it dull.

Well, looks like lenovo realized it finally. Yes Lenovo has announced that all forthcoming smartphone will feature stock Android operating system. The company says that Lenovo K8 Note will be the first device to ship with stock Android 7.1.1 Nougat.

Lenovo has today announced that all forthcoming smartphone will feature stock Android operating system. The company says that Lenovo K8 Note will be the first device to ship with stock Android 7.1.1 Nougat.

"There's no more Vibe UI going forward and we are moving to complete stock Android for all our future Lenovo phones. This is a huge transition for our business perspective," said by Anuj Sharma, Head of Product Marketing

What it means is that it will give users a cleaner interface, a smoother experience and no excess bloatware ( we all hate bloatware ). With the Android 7.1.1 Nougat update in k8 note, consumers will get latest features like multi-window, launch actions and improved bundled notifications. In addition, the OS will also allow users to access popular Google services, including Google Assistant.

Recently Lenovo put up camera samples, which made it clear that the focus of the smartphone is on its camera. Other than that, a recent leak suggested that the Lenovo K8 Note could be powered by a 1.39GHz deca-core MediaTek Helio X20 chipset, paired with 3GB of RAM.

The phone will be launched tomorrow ( 9th august ) and it will be available in amazon. Amazon has setup a dedicated page for Lenovo K8 Note when it goes official on August 9 in India. Lenovo fans can set up a reminder for when the K8 Note goes on sale. Simply go to Amazon India's Lenovo K8 Note landing page, and tab on the 'Notify Me' button on the top banner.