Google Patches KRACK Vulnerability in Android

Last month I wrote about how researchers broke wifi's most popular encryption leaving millions of devices prone to KRACK attack. KRACK is a serious flaw as it affects WPA2 protocol.

But I have a good news today . Tech Giant Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month.

The Android Security Bulletin for November 2017 is split as three separate packages — 2017-11-01, 2017-11-05, and 2017-11-06. The KRACK fixes are included in the latter — 2017-11-06.

If your phone receives the update and the security patch level is 2017-11-06, the KRACK fixes are also included.

It is to note that Microsoft, which silently deployed KRACK fixes to Windows users without telling anyone, a month before the vulnerability became public.Apple released KRACK patches at the end of October, as part of iOS 11.1 & macOS High Sierra 10.13.1.

Google is infact the last major vendor to release the fix for KRACK Vulnerability. 

Details About The Attack

The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

Away in the clouds – The best cloud based web hosting for small business

Cloud computing has become incredibly popular over recent years and we have seen more businesses trusting their presence online e to cloud based servers over the internet. There are a few pro’s and con’s of using this service to host your website which we will take a look at and I will try to unravel the vast amount of choices available out there for any small business looking to use the cloud in their business.

What is cloud hosting anyway?

According to Lifewire, the main function of cloud computing ids the ability to host your website on virtual serves (as opposed to a physical server) and the task of hosting is broken up into different parts and distributed across many different “clouds”. By hosting a website this way, you are less likely to experience any downtime and tasks are carried out by different servers so that in the case of one server going down, another one will kick in and help support.

An excellent example of cloud hosting is used by a little know company called Google and they use cloud servers to handle an unbelievable amount of traffic and keep the site functions ticking along nicely. When was the last time Google was ever down? That’s the beauty of cloud computing.
How can your small business enjoy the same level of service as Google? Let’s have a look.

Cloud Hosting options

The good news is that there is a fair amount of choice when it comes to webhosting sites that offer cloud hosting at competitive prices. The below sites can be reviewed in greater detail here. These below sites have all been thoroughly tested and have excellent customer reviews.

Siteground offer a cloud based platform which is based on Linux container platform which allows for higher scalability and flexibility. With Siteground, you only pay for what you need and can scale resources up or down to suit your business needs. Cloud hosting packages start from 61.30 per month and come with a free domain. Plans offer 4 GB-420GB of storage and servers are located the United States, United Kingdom, Amsterdam, Singapore and Italy. 

Hostiso – This cloud based platform is divided across 15 datacentres around the world and although there packages are far from the cheapest out there at £7.65 per month, the level of customer support is superb and you can rest easy knowing that your business is host on a powerful and reliable platform.
Interserver – This US based cloud hosting site provides their customers with excellent value for money in addition to using cloud servers which can handle even the most demanding websites. 

Excellent customer service and a fantastic sales team who tailor to your needs makes them a great choice for cloud base hosting.

In need of further inspiration? Techradar outlines a few additional options for cloud based servers and should give you a bit more insight into what is available on the market.

When it comes to powerful cloud based servers for your business, look no further than these above options for excellent value for money and ease of cloud intergration.

Researcher breaks Wi-Fi's Most Popular Encryption

Its 2017 and i'm sure most of you use wifi to connect internet. Specially if you are from India then i'm sure you use Jio hotspot to all your devices to connect to internet . Well if you are among those then i have a bad news for you. WPA2 ( Wi-Fi Protected Access  II ) is the security protocol we use to secure our internet connections. But recently a researcher Mathy Vanhoef of imec-DistriNet, KU Leuven found a flaw by which he was able to break this security protocol.

What is the risk ?

You might be asking well thats great that he have found the flaw but how will it affect me ? Well imagine this. You are connect in your home wifi network and chatting with your best friend and your neighbor ( a hacker guy ) looking at conversation. Or may be you are creating an account in your favorite shopping site and your neighbor ( a hacker guy ) see your login credentials. Scary right ?

Details About the attack

The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

The details about the attack can be found in this website :

FAQ ( Taken from Krackattacks  )

Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

Should I change my Wi-Fi password?

Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.

I'm using WPA2 with only AES. That's also vulnerable?

Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!

Is my device vulnerable?

Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information.

What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.

9Apps - An alternate to Google Play Store with better apps & games

When you buy any android powered smartphone, Google's Play Store comes pre installed with the device, which is used for downloading android apps, games and also updating them. But the problem with Play Store is that it is very much complicated and sometimes becomes irritating too. There are many other app marketplace on the internet which users can try and give a shot. One such marketplaces for downloading latest android apps and games is 9APPS. 9Apps APK is an android app store which offers android apps, games, wallpapers, themes etc. 

It also provides some extra features; and because of these extra features it is worth to give it a try. It is regarded as one of the best alternates to Google's Play Store.

What is 9Apps?

9Apps is one of the most popular android marketplace available for android. This app store can be used to download free android apps and games, and even update them. This app has already been trusted by 160 million monthly active users. They also see 20 million daily downloads. These numbers are huge and show how popular this app marketplace is.
On 9Apps, you get best app recommendations helping you choose the best for you.

Is downloading apps from 9Apps safe?

Due to increase in malwares, experts have always recommended to download apps from trusted source like Play Store. Because majority of other app distribution platforms are filled up malwares or apps containing malicious codes. But the good news is that 9Apps is all safe as developers of this app store have kept their user's security as their first priority. Each and every app which is uploaded on 9apps is first properly checked from inside out before it is made available for download.

I personally use this app store, that is why I am also recommending you guys to download and give it a try. You won't be disappointed. Trust me.

Features of 9Apps

Apps can be download from PlayStore, then why you need 9Apps? that's what you thinking, right? Well, there are many reasons for which you should download 9Apps. Below we have listed out some of best features.
  1. Better app recommendations than any other app store.
  2. Offers largest collection of latest games and android apps.
  3. Updated version of 9Apps even comes with Price Comparison feature.
  4. Advanced & fast data compression capabilities.
How to download 9Apps

Visit and click on Download button. Your download process will be started automatically. After you download the primary 9Apps app, you also need to download the supporting installer for coupons and price compare things.

Final Words

9Apps is one of the best android app stores on the internet. We highly recommend to our users to download this amazing app right now and enjoy it's amazing features and functions.

Private Browsing - What Are The Benefits?

It is not entirely possible to use the Internet without leaving a digital footprint behind. However, private browsing can offer a lot of protection and keep you relatively safe. Web browsers are equipped with private browsing capabilities, e.g., Internet Explorer has an 'InPrivate' mode for secure browsing, and Google Chrome has 'InCognito' mode for private sessions. 

With private browsing, you can keep your search data and other information protected. Private browsing alone cannot provide you complete protection against data theft, but it is an effective measure you must take. 

What Is Private Browsing?

Data related to every website you visit is stored in your Internet browser's history, cache, and cookies. The browser remembers the URLs of the websites you visit and files you download. Cookies track your activity on different sites to provide you a better and faster user experience. 

It's all fine if you use a private computer and your data does not contain any valuable information. However, if you use a public computer and you are concerned about your data getting stolen, or you are uncomfortable knowing that your digital footprint is trackable and don't want to leave any breadcrumbs behind then use Private browser. 

If you use the browser's private mode, all the information is stored until your session completes. Once you close your private session, you don't leave any trail behind, and none of your data remains stored on the system. 

How To Stay Safe Online?

i. Good Digital Habits

Don't download anything or click anywhere if you are not sure about the website. Avoid downloading pirated content and software as they are often loaded with spyware and other malicious software. 

Avoid using public Wi-Fi network if it offers unfettered access to the network. If you connect to a genuine public Wi-Fi network, avoid exposing sensitive data such as banking passwords and login information. 

ii. SSL Certified Websites

SSL certificate provides secure connection for the exchange of information between browser and server. Make sure that you are dealing with URL of the website begins with 'HTTPS' instead of 'HTTP.' A green padlock icon in the address bar confirms that the site is SSL certified with SSL certificate like Positive SSL certificate.

SSL stands for 'Secure Sockets Layer', and it provides encrypted link between web broser and server to handle sensitive information, such as customer names, phone numbers, account numbers, credit card numbers, and more.

iii. Keep Your System Guarded And Updated 

Developers use updates to fix any security vulnerabilities. That's why it is important to keep your system updated. A good anti-virus program will keep your system protected from most potential attacks. 

Benefits Of Browsing Internet Privately

·         Privacy

When you use a shared computer and browse the internet in private mode, the websites you visit will never appear in the search history, no matter how many times you visit a website.

·         Minimize History

Whether it’s your work computer or personal computer, having as little personal data stored as possible is the best way to protect your information. It reduces the risk of your data getting stolen, and it saves space on your disk as well.

·         Security

Any cookies generated during a private browsing session gets automatically deleted when you close the window. If you are concerned about your accounts' security while signing in on a shared computer, a private browsing session can help you with that. Even if you forget to sign out of your account, the sign-in cookie will be deleted when you close the browsing session. With the deletion of the cookie, your account will be automatically signed out, and nobody could log into your account maliciously.

·         Testing

If you want to open a website you are not so sure about, but still, you want to give it a try, private browsing is the way to go.

·         Multiple Sessions 

Cookies are not shared between the normal window and a private browsing window. You can login to the second account on the same website without first signing out from your first account. For instance, if you are signed in with your Google account, and your friend wants to check his Gmail account, a private browsing session is a way to go.

·         eCommerce Tracking

Many websites use your search data and cookies to bring deals according to your needs. For instance, airline websites have data about your previous search history if you tried to check the price of a ticket. From the user data, they can find out which customer is highly likely to purchase a ticket. Sometimes, they offer higher discounts to new customers. You can check the price of the ticket using a private browser session to make sure that you are paying the minimum amount on your tickets. 

Same way, if you want an e-commerce platform to list your prices without accessing your data, you can use a private session. 

How To Enhance Privacy Further?

You can use TOR browser and a VPN connection from a reliable provider for enhanced privacy. Your browsing will still not be completely private, but these options can improve your privacy further. 

How To Browse the Internet Privately?

Chrome's Incognito Mode

1.      You can click the Google Chrome's 'Control Google Chrome Button' in the top-right corner with three dots and select 'new Incognito Window' for private browsing.
2.      Alternatively, you can press Ctrl+Shift+N to launch a new Incognito window.
3.      While right-clicking a link, you will see an option to open link in Incognito window.

Firefox's Private Mode

1.      Click the control button in the upper right corner and click 'New Private Window'.
2.      Alternatively, you can also press Ctrl+Shift+P to launch a private window. 

Microsoft's Edge's InPrivate Mode

1.      Click the '...' button in the top-right corner of the window and select new 'InPrivate Window'.
2.      Alternatively, you can also press Ctrl+Shift+P or Ctrl+Shift+N to launch a private window.


Browsing the Internet in private mode comes handy in many different scenarios. Private browsing prevents your data from getting saved and enhances your information security. It reduces the chances of data theft and offers you the privacy that you need if you are using a shared network.

How to recover deleted data in Windows, Android and mac

Our devices be it our PC or our smartphone, it stores a lot of important data . The only reason why our smartphone storage is going on increasing is that the amount of data that an user likes to store or number of apps that an user likes to use have increased. According to few online leaks iphone 8 is going to have 512 GB of storage. Yes you heard it right.

Now coming back to the topic, most of the time we accidentally delete our file and later realize how important that file was for us. Or sometime due to disk failure in PC or some software updates in andriod device we end up loosing our files. Even though Windows may not be able to see a file you accidentally deleted , it’s usually possible that the data could still be there and able to be retrieved.

In this post we will see how we can recover permanently deleted files from Windows, Amc and android.

Recover permanently deleted files in Windows 

Recuva Software

It can recover files that have been deleted accidentally. It supports image, audio, documents files and even emails. It scans the hard drive, find the file and copy it to flash media.

  • Download the free version of Recuva Software.
  • After finishing the installation of Recuva software, a quick launch file displays on the desktop. Click on that icon to Run and start the file.
  • You will get different file types like Music files, Documents, Video files, Images, all files, etc.
  • You can choose a specific file or Select ‘All Files’ so that you can recover any type of deleted file.

Recover permanently deleted files in Mac 

Recoverying deleted files in MAc is as easy as recovering in windows. For mac use this mac data recovery EaseUS Data Recovery Wizard for Mac

EaseUS free data recovery software recovers deleted, formatted and even inaccessible files for Mac

  • Restore lost or deleted document, photo, video, audio, email and other types of files
  • Save files from Mac notebook, Mac desktop, hard drive, SSD, USB drive, memory card, SD card, CF card, digital camera, iPod, MP3/MP4 player, etc.

Recover permanently deleted files in Android

These days we store most of our important files such as photos, documents etc in our phone so if by mistake we loose these data we might have to face a lot of problems.

If you delete the data accidentally, the first thing you need to do is to stop using your device and try to recover lost files from Android as soon as possible, or it may have a higher risk to be overwritten and you are not able to get the lost data back anymore.

There are various tools available for data recovery in android you can use any one of them.

The Android Photo Recovery program could assist you to recover not only photos and videos, but also SMS text messages, contacts, call history and more from Android phone or tablet.

  • Install the program on your computer and run it, you will be asked to connect your Android device to PC via USB.
  • After connecting your Android to the computer, now you should enable USB debugging
  • Start Scanning Your Android for Deleted Files
  • Then click on the green button "Start" to analyze your Android data.

When you see the window below, it is time for you moving to your Android device again, tap on the "Allow" icon, then turn back to the computer and click on the "Start" button to continue.

And then you can recover your deleted files.

Even though you won't be able to recover all your files but you can recover most of the files. I hope it helps you. Do let me know if you have any doubt