Hacker 10 – Security Hacker

Category: Other

Other computing tips

  • How mobile phone accelerometers are used for keylogging

    How mobile phone accelerometers are used for keylogging

    Massachusets and Georgia Insititute of Technology researchers have developed a method to log computer keystrokes by placing a smartphone next to a computer keyboard and major its sound and vibration using the smartphone accelerometer. The researchers employed an iPhone 4 for this and noted that sensors in older models are not good enough to pick up remote vibrations.

    Mobile devices accelerometers are used to re-orient your screen using a differential capacitor to measure changes in gravitational pull. Researchers used it to listen in to typing sounds and translate them into text by estimating volume and force produced during keystroking.

    Mobile phone accelerometer
    Mobile phone accelerometer

    The phone was enginereed to interpret what dictionary words sounded like and translate them into text. Accuracy was next to 80% and it only went down after an extensive number of dictionary words were added. Since an attacker might now what kind of information they are after, a customised dictionary with likely terms can be built to increase accuracy.

    In order for this attack to work the smarphone has to be placed on the same table where the keyboard is and there must be no ambient vibrations, like a printer or scanner working in the background.

    The only mitigation strategy proposed by the researchers against this type of attack is to prevent anybody from placing a mobile phone next to your keyboard, not even your own since it could have been infected with this kind of malware to spy on you.

    There has also been previous research showing how a smartphone microphone could be used to pick up typing patterns. With this is mind it is important to never forget that smartphones have the necessary equipment to spy on you, the reason why many government departments do not allow them into the office.

    The research is a proof of concept, do not be surprised if you see NSA spooks showing interest in this and taking it to a step further in the future as smartphones sensors improve even more.

    Smarpthone Keylogging Research Paper

  • How Egyptian police quickly cracked journalist’s computer password

    How Egyptian police quickly cracked journalist’s computer password

    According to Mike Giglio, a NewsWeek correspondent, Egyptian police got hold of his laptop during his coverage of the latest Egyptian protest in Tahrir Square against the ousting of Mohammed Morsi,  cracking his password protected computer on the street to check what was inside, with just a few seconds of time and very little cost in terms of software and training.

    See below screenshot of Mike Giglio Twitter account explaining Egyptian police password cracking quick method:

    Mike Giglio password cracking Egypt
    Mike Giglio password cracking Egypt
  • Decentralized payment exchange network Ripple

    Decentralized payment exchange network Ripple

    Ripple is a peer to peer network to trade currencies, at the moment Bitcoins make up the bulk of trading but it can work with any currency and accept Dollars, Yen or Euros. Ripple also has its own native currency called ripples, represented by the letters XRP, ripples do not have to be necessarily used to trade with others, they are there to stop network abuse by imposing a ripple tax on transactions and they could be used for direct trading as a last resort.

    Ripples do not need mining, the founding company, OpenCoin, has already premined one hundred billion ripples, instead of creating more units, like the Bitcoin network does, Ripple works the other way around and reduces the fixed number of available ripples by distributing them to others.

    An example of a Ripple trade could consist in you loading Bitcoins to your Ripple address (they all start with r and look like a Bitcoin address, example of my public ripple: rpzoTc4YVnRig39MqZqYVM9ae1LhPAnMLj), transfer that money to a different Ripple account and convert it back to Dollars using a gateway. Ripple to Ripple transfer fees are tiny or free, but when you use an intermediary gateway to exchange different digital currencies, the intermediary will charge you for the service, in that sense is not any cheaper than a Bitcoin exchanger.

    The gateway software is open source and can be set up by anyone, you can choose which gateway to trust and avoid the nodes you don’t like. Gateways are all connected in between them in peer to peer fashion, transactions should be authorized within seconds.

    Advantages of using Ripple over Paypal are that opening an account requires no ID verification, transactions can not be reserved, fees are tiny and it can be used worldwide to buy anything you like without worrying about terms and conditions. The huge disadvantage over Paypal is that unless it takes off, it will not be easy to convert ripples into physical items or hard currency.

    A comparison of Ripple vs Bitcoin should not apply here because Bitcoin is a digital currency and Ripple a currency exchange network and payment processor more similar to Paypal or MtGox.

    Cryptocurrency Ripple wallet
    Cryptocurrency Ripple wallet

    There are Ripple detractors pointing out that Ripple founders, OpenCoin, keep 20% of the mined ripples for themselves, many Bitcoiners make profit too so I can’t really hold that against them, more worrying to me is Ripple being vulnerable to collapse if the authorities raid all of the trading gateways or they force the gateway operator to allow bugging equipment to be installed in the server. Unlike Bitcoin, where the customer can also be a miner, in Ripple you can’t do anything without a gateway administering transactions.

    It is good to have alternatives, and perhaps one could use Ripple to make money transactions harder to track but I don’t see too many reasons to use them over let’s say Bitcoin exchanger MtGox. Even with redundant P2P servers, Ripple is still vulnerable to server seizure, just not as much as a single server system.

    Visit Ripple homepage

  • Autonomy Central email encryption and secure notes

    Autonomy Central email encryption and secure notes

    Autonomy Central is a cross platform and portable Java based email service to encrypt email messages, files and notes using 2048-bit RSA key and AES 256-bit, that level of security should stop well funded attackers. Creating an account is a fast five step process for beginners, or you can choose a “Control Mode” for power users giving you more options.

    You will be given a @valeso.com email address that can be used to securely communicate with other users, encryption and decryption will be automatic. If someone is using a Outlook or Yahoo address and does not have an Autonomy Central account, you can send them a Special Delivery message with a link to an online SSL viewer where the recipient can decrypt the information entering the right password that could be transmitted via SMS or phone call.

    Autonomy Central Valeso encrypted email
    Autonomy Central Valeso encrypted email

    Other features of this security suite include a secure notes section where you can keep personal reminders encrypted, and a file storage service that will encrypt any file you drag and drop inside the Window. Data will be stored locally in your computer or in Valeso cloud servers depending on settings.

    Autonomy Central is a highly configurable email service, advantageous for those who like to decide every single detail of their email habits but it could complicated for beginners given how many options it has.The default settings are safe for everyone in case you don’t want to spend time reading the manual or playing around with the software.

    This service could be an alternative to Hushmail, with some  important differences that one should consider, like not being able to use your own encryption keys, which means you have to trust the company behind Autonomy Central, and not being able to use webmail.

    Visit Autonomy Central homepage

    Update 2014: Program no longer supported, link erased.

  • Capture DNS queries with DNSQuery Sniffer

    Capture DNS queries with DNSQuery Sniffer

    DNSQuery Sniffer is a free Windows application that captures your computer DNS queries, the program is useful to troubleshoot name resolution complications and check if a domain name is being blacklisted by your ISP DNS. There is no need to install the program, you can run it in portable mode and carry it with you on a USB thumbdrive.

    When you run DNSQuery Sniffer for the first time you will shown the available network adapters in your computer, including virtual host components presented as a separate network cards. Your initial choice of capture options will be set as default, to change them later on you will have to access Options>Capture Options or click F9, there are shortcuts to access many of the functions.

    DNSQuery Sniffer capturing DNS queries
    DNSQuery Sniffer capturing DNS queries

    I recorded my DNS queries while on a VPN and it worked perfectly well. A VPN encrypts data in transit over the Internet but recording takes place before DNS queries leave the router. Another use for this program could be for a system administrator to spy on network users, if you are using a portable VPN on an Internet Cafe, DNSQuery Sniffer is one of the many tools a computer admin can deploy to monitor in real time at what sites you are visiting.

    Some of the details recorded include Host name and port (for example: pagead2.googlesyndication.com:54630), DNS query time stamp, request time and response time, reverse DNS lookup, IPv6 server address, destination IP address and many others. I noticed that most of the requests only show hostname and port, itemised displayed details will depend on what server you visit.

    While I was recording outbound queries on my computer I was able to see Google Adsense and Facebook queries created by the plugins embedded in the website I just visited. Logs can become huge within a couple of recording hours, they can be exported as CSV/XML or HTML file and import them into a spreadsheet for processing.

    This tool will be useful for system administrators. Home users without logging needs might prefer to troubleshoot DNS problems with another freeware called DNS Benchmark.

    Visit DNSQuery Sniffer homepage

  • Firefox addon warns you of NSA PRISM surveillance

    Firefox addon warns you of NSA PRISM surveillance

    Dark Side Of The Prism is a Firefox addon that will show a dark PRISM logo on your screen every time you visit a website that is known to allow gathering of user’s data to the US National Security Agency. The addon will work on a company’s main website and all of its associated services.

    For example, the Bing search engine is included in the list of PRISM websites along with all other Microsoft owned websites because Microsoft was named in the leaked NSA documents listing partner companies.

    Dark Side Of Prism Firefox addon
    Dark Side Of Prism Firefox addon

    This addon is a good way to remind yourself that you are being spied on at all times on the Internet and it will also play Pink Floyd’s aural prism “Dark Side Of The Moon” album while it shows the PRISM logo, different tracks will play on different sites. The looped music can get a little over your head as there is no way to mute it other than leaving the site, Dark Side of the Prism will force you to close the tab and go to an alternative company or you will get stuck with annoying music and a scary black logo.

    The source code is available for review in case you are paranoid and suspect this addon could be another NSA invention to spy on people.

    Visit Dark Side of The Prism addon

  • SSH in your browser with Chrome Secure Shell

    SSH in your browser with Chrome Secure Shell

    Chrome Secure Shell is a terminal emulator, you can use it to access a remote server from within your browser, it replaces PuTTY in Windows and ssh in Mac/Linux computers. Secure Shell can emulate most things any xterm Unix terminal can do. Secure Shell runs hterm, an HTML terminal emulator written in JavaScript, it does not provide SSH access on its own but it can connect to any server running sshd on any port and it will be as secure as ssh. Executed commands are sandboxed inside the browser, this stops malware from spreading to your computer.

    Combined with a shell account the Secure Shell Chrome extension could be used to bypass Internet filtering. With sparse Linux command line knowledge it is possible to launch the Lynx browser in the remote server and access filtered websites, or use the Alpine email client or irssi IRC client within the shell.

    Chrome Secure Shell SSH
    Chrome Secure Shell SSH

    SSH server login might be accomplished with the traditional username and password or the much more secure digital certificate authentication system, this makes credentials theft very laborious. You can change shell settings like font size, cursor blinking and font colouring with some tinkering and spending time reading Secure Shell help file.

    A few native terminal features missing are X11 forwarding, SFTP to upload or download files, Syslog (data logging for auditing) and you can’t call multiple terminals but you could obtain a background process running in the shell account with the screen command for multi tasking.

    It would not make sense to have this extension in a Linux computer, since all Linux OS come with a terminal. Windows users are the ones who should be thankful that there is no need to install CygWin any more in their computer, Secure Shell brings simple Unix access to the browser,

    Visit Chrome Secure Shell