Software Security for you

Your phone call-log reveals lot about you: Your Phone call-log is equally important as your emails, online accounts as it can reveal huge amount of information about you. What kind of person you are and what you do. What you work on and to whom you talk to frequently. Over the time it grows and maintains critical info about you, your relationships, your work, your friends, your business, your food orders and your health. Your phone call-log is not private any more: This info can be used in multiple ways to map your identity and people you communicate too.  And it's too easy to capture this info and send it across to third-party. You just have to install an app(e.g. games on android) that reads your call log and send it to third-party server; which happens behind the scene while you enjoy games. Thereon your call-log can be sold/shared/investigated and can become public information. Your call-log can provide sensitive info based on where you work. Companies provide BYOD (B

Facebook is now the social networking norm and everyone connecting to internet is on Facebook or soon will get on it. No big deal with having a Facebook account and actively using it daily. Kids start Facebook at 13 (officially) and will go till you are alive. It's going to capture all your life events and map it in its timeline. You are one of those Facebook users who share things, who over-share or under-share. But you do share! If you don’t then your friends share info about you by means of tagging. Ultimately there is info about you shared directly or indirectly. There is ton of info that can be shared and people do share it without a second thought. And this gets into Facebook permanently(even if you delete your account).  This info can then be used by public/friends and is no more private. Knowing that you will hold Facebook account for lifetime, it's important to review privacy settings and manage who can see your shared info. Here are the key privacy settings th

Apple announced bunch of privacy & security features in their 2014 WWDC keynote and one of them is randomizing MAC address. This alone is a great feature and would like to see this become industry standard. With iOS8 all Apple handheld devices will generate random MAC address while it scans for Wi-Fi network. Doing this protects your privacy by on the go as no one can track you uniquely at a given location. Read my other blog on Wi-Fi tracking to know more on how MAC address can be used to map your location. So what is MAC Address anyway?  MAC address is unique hardware address of your network device. These are unique within network to identify a device and route network traffic to correct device. It is a 6 byte long ID that maps your network device (iPhone, iPad, Android, Laptop, desktop,  TV, and all devices that connects to network) on network. This does not change and is set by device manufacturer. How is MAC address used ?  When your device does connect to any netw

Email is the here to stay for long time, though we have moved to chat, voice call, video /skype calls, twitter and Facebook messages. Good amount of information is communicated over emails and that is part of our daily routine. Many times we do need to send confidential information via email and we do share critical info using email. This info is then maintained on servers forever - one copy on your account and other on receivers account and can be read / sniffed by people who owns the servers/data. Also servers are backed up and they do ensure users emails are not lost in case of any failure. In practice your confidential info has many copies around the globe that can land up in anyone's hand. We all do use popular email services like, gmail/outlook/yahoo/etc. and they do provide secure login over HTTPS/SSL. Email you sent is encrypted from your computer to gmail (as example) server. This email is then forwarded to receivers email server in clear text(un-encrypted format) an

Many of us on internet have already came across short URLS/links that when clicked take it actual webpage. In many cases you would have wondered what this link is and where is it going to take me?  e.g. http://goo.gl/dFr2Xp which point to my another blog article. What are short URLs?  URL shortening is technique used on internet to shorten the long URL/link to a smaller one and that redirects to actual URL when clicked. Its very useful in many cases, e.g. for twitter wherein message length is small and you wish to share a link.  Or you bought a book and it has website references using short URLs. Long URLs are the way websites are developed and needs extra descriptive parameters and values that needs to be passed. E.g. see URL for this blog above, its the way blogger creates a link based on blog title. By shortening URLs, it becomes easy to pass on and type without errors   Advantages it brings in: Short in nature and easy to type in from non-digital media (books, bil

Getting infected by Virus on your laptop/desktop is easy as you read below. There is no one good way to be protected against all of them and thus you need to be cautious enough to keep your data and laptop secure. On other hand you don't need to be super paranoid or require geeky skills to be protected - just be aware about your actions and apply common sense. 1. USB/Pen-Drive:  The biggest reason to get infected is using extensively using USB/Pen drives to share data across multiple machines. This is the most exploited method use by viruses to spread and autorun on machines when inserted. This is not restraned only to USB/Pen-drive, but all devices that exposes USB interface to connect to computer. E.g Camera which provides USB to copy photos/videos to your computer, or your mobile phones to copy music/files, Kindle to copy books and external hard-disk that host huge data. Any USB/Pen-drive when connected to computer auto-runs set of files and viruses gets the entry poi

You got a phone call from unknown number and you wonder who the person is. A very common scenario for all of us; with marketing calls on rise you never know if its sales call or important call that you should be attending. You wish to keep your phone silent and block all unwanted calls? Solution is to use TrueCaller app (Android/iPhone). Know who called you:  TrueCaller maintains a huge database of contacts and help your display name and phone number of people who called you, even if that contact is not in your phone book. Truecaller integrates with phone-call to show name and number of person if its unknown and helps you decide to receive the call or reject it. In case you get a miss-call from unknown number, TrueCaller show you name/number of this caller. You don't need to return a call or text back to know who the person is. How does TrueCaller gets this data:  As per TrueCaller, they get it from public sources, yellow pages, people who wish to submit info ab

Browsing online brings in privacy and security issues. Browsing on public network or public computer, brings in higher level of privacy issues. What you browse, emails you send/receive , what you chat, your username/passwords all can be known to others by going online on public network/computer. Of course you don’t want all these to be known by others and used against you. So don’t use public network or public computers at all? Solution is to use " Tails Linux " operating system running on your USB drive(Laptop/Desktop). Its that easy. Tails(The Amnesic Incognitivo Live System) is a Linux distribution crafted for privacy and security. Its built on free and open source software that everyone can use. Tails Linux gives privacy to anyone anywhere. Tails Linux is around five year old and built on top of Debian Linux which itself is known for its high security standards. Purpose of Tails is to provide ready to use Operating system for people which is secure out-of-the box.

Wi-Fi has been successful due to its ease of setup, speed it provides and area it covers. Its perfect for home usage and most of us enjoy that daily. Various network devices (Smartphone, Kindle, Mac, laptops, tablets, XBOX) are Wi-Fi enabled and we connect them happily to Wi-Fi router to get internet access. Wi-Fi however comes with two security issues. Wireless nature of Wi-Fi can hide all the security holes that a Wi-Fi router has opened up behind the scene. Here are two must have settings for Wi-Fi router -  Wi-Fi network password - That encrypts all data going from your device to Wi-Fi router and no body around can sniff what goes on wireless.  Wi-Fi router password - This is the password that you use to login to Wi-Fi router to configure using web interface. This is the point which is most forgotten about and can cause major security issues.     1. Wi-Fi network password set to WPA2: With newer Wi-Fi routers, it comes in with unique password setup that you have t

By now you would have heard about Linux Operating system (OS), (if not then do a quick read here ).  Open source and free nature of Linux has given birth to many Linux distribution, each catered for different reason. Linux has matured, stabilized and grown so much that its the most used operating system in world now. Huge number of servers has Linux, Your TV, setup-box, Washing machine, Wi-Fi router, Android, Car, Camera, Flight entertainment system, and many more system run Linux under the hood. This is all capable due to building blocks that open-source and Linux has provide for developers. This blog talks about customizing Linux and installing it on Pen Drive and using it for various reasons. If you are new to Linux then you will have to read some more articles around Linux and give a try to install and run couple of Linux distros. You will learn lot in the process and know how system works. If you are Intermediate/geek then lot of things below will come easy to understand and

Passwords has been a proven way to protect your account and keep your info secure and private.    Passwords are common and we do use it everyday. Access emails, your system,  Facebook, unlocking your phone, access bank online,  and many more. An average of 10 passwords are used by any individual (like you) everyday as per reports.    With internet and the number of things you can do online, password has been a common practice. To play a game or post review, you need an account and thus the password. Concept of an account has been strongly developed in internet so that you can log back in anytime and continue to access the information back where you left. An account maps your work, activity on that website which can be saved and later referred back. Now that there is data associated with you account, websites wants to protect users data and thus the password which forms the easies way to authenticate a user.    Hackers and malware are on their peek and always looki