How To Avoid Mal-ware On Your Android Phone

Most who own an Android phone may have recently seen in the news that new malware is appearing, targeting Android users. Google's App market for Android phones allows for developers to publish their newly designed android apps without having to be reviewed first, [unlike Apple's app store]. This has opened a lot of windows for developers, as well as a new one for hackers.

A new scare recently came up known as the "DroidDream" Trojan. Certain Apps were pirated, copied, and then re-constructed with malicious code within them, then put back on the Android market with similar names to the originals. If a user installed one of these apps mistakenly, once installed, the code would take over the user's phone, basically turning it into a paperweight [or staying hidden in some cases instead], while allowing the developer of the app to access all of the information on it, and take full control.

Google has since restored the effected phones to working order, and patched them to be immune if exposed to the Trojan once more. Also, Google removed the apps from the app store. This should serve Android users as a reminder that things like this can happen if you're not careful. Similar threats are quite possible in the future.

Here are some simple tips you can use to make sure you do not fall prey to malicious apps!

1) Check the name of the developer

If you're not sure, a surefire way to find out if the developer you're downloading from is legitimate or not is to check their name. If they have a name like "Iam21090402" or "grwowl2010" for example, there's a good chance the app you're looking at could be malware.

2) Check the description and screenshots

Another way to know whether or not the developer is trusted is to check the screenshots, and description. In the recent string of malware that was put on the store, the screenshots were simply pictures of the logo used for the app, instead of an actual screenshot of the interface of the app. Also, if the description doesn't look legitimate, or is non-existent, you will want to double-check on the app's credibility.

3) Research it

If you're not sure if the app is safe, and have tried both of the previous steps, another measure you can take is to look it up online, by searching it on Google, or otherwise on the internet using your computer. Read some user reviews, and see what people had to say about it.



4) Download latest Android OS updates as soon as you know them to be available


Patches, and OS updates are extremely important, as aside from fixing glitches and issues, they also address security vulnerabilities. Having the latest Android OS is a good way to make sure you're up to speed and protected from all of the latest malware app threats.

----

When installing an app, the user has to choose to install it before it will install. This goes for all apps, and therefore for the malware to get onto your phone, you will have to allow it's installation by mistake. That's why these steps will definitely come in handy when trying to determine what is safe, and what isn't on the app store.

Also, if you're uncertain of the integrity of an app, feel free to contact us on twitter, by tweeting @CompsultInc with the name of the app, or via direct message, and we will gladly look into it for you!

Bluetooth Jacking

Something unknown to most, that has in fact been an epidemic for quite sometime among hackers, technological pranksters, and people of the like, is Bluetooth Jacking. You may be wondering what is meant by this? What exactly is Bluetooth Jacking? What does it involve? Fear not! Your questions are about to be answered.

Bluetooth Jacking is a form of hacking that takes place over Bluetooth. It's primary targets are mobile phones, and smartphones. It has been around since the mid 2000's, and has been popular amongst hackers across the globe.

Bluetooth Jacking is a technique that involves exploiting vulnerabilities in Bluetooth devices to get into them, such as mobile phones, smartphones, etc. Bluetooth is a small range network type, primarily used for headsets, file transfer, and other phone-related devices/functions. It operates over low power radio waves, which can range up to 30 yards in signal. The frequency Bluetooth operates is known as the ISM band. 

Bluetooth technology has stayed the same over time for the most part, therefore, the security has not changed much either. Using a computer with a functioning Bluetooth signal output, hackers can use custom designed software, or tools from their arsenal to hack into your phone as soon as it is discovered. Typically sitting in an airport, coffee shop, or other local, heavily occupied area, they'll set to work. Once in, they can use your phone to do a various number of things. They can make calls, send SMS Messages, access the web, and even pull your contact list from your phone, getting the information of anyone on your phone that you have entered.

While this may seem frightening, there is one surefire way to avoid this happening to you. If you don't use it, simply go into your mobile device's settings, and turn off your Bluetooth discovery [which is typically on with most phones].

Here is a video showing you an example of a way hackers can use this exploit to scam you:

The Internet Kill Switch

[Note: This was written with an article via TechCrunch as it's source. You can read the original article here.]

Recently, in both Egypt, and now Libya, governments have decided to shut down the entire internet for their country. This not only fueled protests already occurring in said countries, but also arose the question, if our government wanted to shut down the internet completely to prevent a cyber-terrorist attack, or just in general to do so, would they be able to do so?

To turn off the internet in Egypt, the government simply forced their Internet Service Providers to shut down their servers. In Libya, the internet was still up, but the traffic allowed through it was throttled down to 0, so nothing could go in or out. Theoretically speaking, if the United States Government wanted to, they could simply force all of the major Internet Service Provides offline, but what they may have in the works is much simpler.

A new bill was been proposed, known as the "Internet Kill Switch" bill [even though those words are not included anywhere in the bill] some time ago. It has since stirred up a good amount of controversy, and in an attempt to make it more acceptable to the American people, it has been revised, and given the name “Cybersecurity and Internet Freedom Act of 2011" Early this year. [PDF]

While this bill has yet to be passed, and differs quite a bit from the original bill, it's still a great controversial subject in may conversations nowadays, as everyone contemplates the idea. It's main advocates; Joseph Lieberman, and President Barrack Obama are pushing the issue still, with it as one of their main hopes for the future.

Something most people are unaware of, however, is the fact that the President already has the power to turn off the internet. This power has been around for a long time, and derrives from the Communications Act of 1934. A section in it [702] gives the president the ability to, in the event of war, “cause the closing of any facility or station for wire communication” without warning. [PDF]

This topic in general has spawned a good amount of debate as to whether or not it is constitutional, or fair to the people. Do you think it's a good idea to have an "Internet Kill Swith" type option for the nation, in the event of a cyberterrorist attack? If you would like to discuss the topic in General, feel free to visit our forums, and talk with the community about it. Tell us what you think!

The current thread we have open for this discussion can be found here although you are welcome to start your own threads, and post wherever you like. See you on the boards!

IP Addressing - How To Count In Binary

"There are 10 kind of people in this world. The kind that know binary, and the kind that don't."
It's likely that you've heard the common fact that binary is a language computers, and other digital devices use to function, made up of only 1's and 0's. This is true! Have you ever wondered how it works though?

Here is a simple way to count in binary, that most I.T. Professionals have to use when subnetting a network.

There are 8 digits [bits] that you will use for most the most common form of binary counting.

00000000

Each bit has a value.

To give the bit a value, you simply change the digit to the number 1.
For example,

00001000 = 8
01000000 = 64
00000001 = 1
00000011 = 3

-and so on.

You may have noticed, with this method, you can only count up to 255.

That is because 255 is the maximum value representable in a standard 8 digit binary number.

To further explain subnetting, and it's relation to binary, and this post, an article will be written at a later date. When it has been written, this post will be updated with a link to it.

To read more on Internet Protocol Addresses, click here

The Future of Internet Protocol Adresses

February 1st was one of the most important days for the internet. The last 83.9 Million IPv4 Adresses were handed out via ICANN. If that statement made next to no sense to you, then fear not! This article is going to explain Internet Protocol Adresses, and give you a better look on the innerworkings of both the internet, and the devices that connect to it.

Internet Protocol

Internet Protocol is the set of rules for communication over a network. [By rules, basically meaning the way it is done.] On a network, everything has two addresses. A physical address, which is known as a MAC address, and an IP adress. The MAC Adress is assigned to any network component, and is physical, meaning it cannot be changed. The IP Address can, however, be changed.

There are different versions of IP Adresses. IPv4 is the current version we use today! It is made up of 32 bits, and is the most common form of IP Address. Chances are you've seen an IPv4 address before if you're on the computer a fair amount.
An IPv4 Address looks like this:192.168.1.1



IPv6
When it was discovered that we would one day run out of IPv4 Addresses, IPv6 was invented.
An IPv6 Address looks like this:
 2001:db8:0:1234:0:567:8:1

As you can see, both numerical and alphabetical characters are included in these addresses, and they are made up of 128 bits, making them much more complex; therefore, a wider variety of them can exist; eliminating the possibility of running out anytime soon.



Packets


On the internet, or over a network, data transfers, using IP Addresses to route them to the correct location. IP Addresses are placed on things known as "packets" to guide them to their destination. Packets are segments of data used to transport files to their destination on a network. A file is broken down into packets, and then sent over then network and re-assembled at the location they are directed to.

This is what a packet's structure looks like:

[Below, each section of the packet will be briefly explained]

Ver. [Version] - Explains which version of the Internet Protocol is being used. In this case, it is version 4.

Header Length - Is the length of the header, and the beginning of the data that is being sent in the packet.

Type Of Service - A part of the packet that contains five subfields. These subfields specify the delay, reliability, throughput, precedence, and cost desired for a packet. For a packet going over the internet, this field is not usually used.

Total Length - The length of the datagram and the header of the packet [the data being sent in the particular packet, along with the header of the packet].

Identification - A number assigned to the packet, which is unique to that fragment.

Flags - Indicates whether or not the packet is a fragment, and tells if it is the last one.

[Fragment] Offset - Tells where the fragment belongs in the original data being sent.

Time To Live - How many routers the packet can pass through on the way to it's destination. [With each router the packet goes through, this number decreases. After it reaches 0, the packet must be destroyed.]

Protocol - The type of high level protocol used.

[Header] Checksum - A computed number used to ensure the integrity of the header values.

Source Address - The address which the packet originated from.

Destination Address - The address of the destined location of the packet.

Padding - Null bytes used to make the header a multiple of 32-bits.

An IPv4 packet differs from an IPv6 packet slightly. Here's another image to give you an idea:

A bit simpler as you can see.

When you send a file, it is broken down into data segments, or packets, and sent over the internet, or network, to it's destination, using IP addresses as the destination (Much like an address and return address on an envelope or package). These are the basics behind IP addresses, and how they function in relation to our computers, and the data that is sent over the internet and networks. 

Browsing The Net With Internet Explorer 9 (RC) [Review]

Internet Explorer 9 - Reviewed

 

I've been itching to try out the new Internet Explorer 9 Release Candidate to see the changes that have been made to it, and how it runs as compared to it's would be predecessors, as well as how it stacks up to it's competitors. I finally got around to installing it near the end of last week, and after having used it for a few days, here is my general opinion on it.

Surprisingly enough, I... really like it! It runs surprisingly smooth, and I've only run into a few issues thus far in my time using it. The design of IE9 is similar to that of IE8, and other web browsers in its tabbed appearance, but it has a few definite design differences you will notice when you try it.

 

The first obvious difference is the placement of the Address Bar, and the Tabs. The Tabs are directly to the right of the address bar, to save space, and give you a larger browsing window. While you may be thinking this idea is a bit of a problem, and your tabs would be too closely bunched together, I've yet to run into any trouble with that surprisingly, even with 10+ tabs open. Also, while on the subject of tabs, I've had no problem with lag between them thus far. There is one issue I have noticed where sometimes you will have to double-click on a tab to get it to switch, but that presents its self rarely. 

The loading style of this browser is quite unique, as it does not have a bar across the bottom that tells you when it is loading, where you are going when you hover over a link, etc, but instead simply has a spinning ring on the tab that is loading. [Once again, a measure to save space for the user while they are browsing]. While this may seem to present a problem, as most users are used to hovering over a link to see the full and proper link listed below it, to make sure the link is not a fake which will bring them to an improper or harmful site, it isn't a problem at all. When you hover over the link, instead of showing the full link down at the bottom as before, it simply appears next to your cursor in a yellow box.

The only time I have had any trouble with the browser with all the sites I've visited thus far is Photobucket.

For some strange reason, the new layout of Photobucket causes a massive lag within IE9 on my laptop in particular. I'm sure there are other sites out there that have this trouble, but I've yet to run into them. [Every browser has moments like this. Firefox is a prime example.] It may even be simply the computer it is being tried on that causes it, so do not hold this against it. I will later try IE9 on another computer, and update this post accordingly as to whether the issue persists.

Overall though, I am thoroughly impressed with Internet Explorer 9, and have even switched to using it as my main web browser [from Opera] for the time being. The release date for Internet Explorer 9 is still yet to be announced, so if you aren't liking the idea of trying out the Release Candidate, you've definitely got something new to look forward to toying around with in the future.

-Preston M.

3/1/2011