Sunday, 12 August 2012

How To Speed Up Your iPhone

How To Speed Up Your iPhone 

How To Increase Battery Life

  I hav an i phone 4s. the battery life is awful. 
 
I have found a way  to increase the battery life by at least double. it has to do with location services. 
 
Go to settings > location services > system turn them all off.
 this will prevent the location services from being constantly on. 
 
Also, while you are there look for any apps that are using location services and turn them off. by specifically turning off location services for these apps it means that they arent allowed to use the location services, so some things might not work properly, but at least you will have power in your phone. 
 
I think that apple should limit the location services to apps that are currently running and arent backgrounded. there is no need for foursquare to know where i am, unless i am specifically checking in, or looking up a map etc. 
you should also disable any geofences  if you arent actually using them

Saturday, 11 August 2012

SET MASTER PASSWORD




 MASTER PASSWORD:-



1)Go to Tools- >> Options and then in the Security Tab.
2) Click on Saved Passwords. In the window that opens select Show passwords.
3)Thats it, now he can see all your passwords that firefox remembers and can steal them in no time.
 







If you don’t want such an easy access to your passwords, you can set a master password, which allows you to see passwords only after entering the master password.
 

This will secure your passwords, but this can be annoying as it will ask for the master password everytime you come across a login page whose password it remembers.
The other way around is to leave the habit of remembering password by the browser or use some addon such as roboform which will remember your passwords.

TALKING ATM FOR BOTH BLIND PEOPLES AND OTHER PEOPLES

ATM SPEAK NOW:-

 Talking ATM is a type of Automated Teller Machine (ATM) that provides audible instructions so that persons who cannot read an ATM screen can independently use the machine.

           Now, people only need to speak to withdraw money from ATM








THE AMAZING THING IS THAT ALL AUDIBLE INFORMATION IS DELIVERED THROUGH HEADPHONE JACK


 Information is delivered to the customer either- through pre-recorded sound files or via text-to-speech speech tools. used in Austrailia and Canada

Saturday, 5 November 2011

dont use cyber cafe when.........risk of privacy

dear frnds,,,,,mst read dis....
Dear friends, If you visit a cyber cafe and find find any black pin attached to your CPU as shown in the picture, kindly do not use that system. This pin is actually a connection which save all your data you enter in the system.
Thus it is a risk to your privacy over net. Risk to passwords, banking or any data you entered.
Itz a hardware keylogger very powerful it records each and every action ur system.
Like and then share this to all your friends..........

Tuesday, 11 October 2011

Privacy Attacks :-Privacy Attacks :-Privacy Attacks :-

-: Privacy Attacks :-


Here attacker uses various automated tools which are freely available on the internet. Some of them are as follows:

1) Trojan :- Trojan is a Remote Administration Tool (RAT) which enable attacker to execute various software and hardware instructions on the target system.

Most trojans consist of two parts -
a) The Server Part :- It has to be installed on the the victim's computer.
b) The Client Part :- It is installed on attacker's system. This part gives attacker complete control over target computer.

Netbus, Girlfriend, sub7, Beast, Back Orifice are some of the popular trojans.

2) Keylogger :- Keyloggers are the tools which enable attacker to record all the keystrokes made by victim and send it's logs secretly to the attacker's e-mail address which is previously set by him.

Almost all the Trojans have keylogging function.

Use of latest updated antirus-firewall, detect the presence of trojan and remove it permanently.

3) Spyware :- Spyware utilities are the malicious programs that spy on the activities of victim, and covertly pass on the recorded information to the attacker without the victim's consent. Most spyware utilities monitor and record the victim's internet-surfing habits. Typically, a spyware tool is built into a host .exe file or utility. If a victim downloads and executes an infected .exe file, then the spyware becomes active on the victim's system.
Spyware tools can be hidden both in .exe files an even ordinary cookie files.
Most spyware tools are created and released on the internet with the aim of collecting useful information about a large number of Internet users for marketing and advertising purposes. On many occasions, attacker also use spyware tools for corporate espionage and spying purposes.

4) Sniffer :- Sniffers were originally developed as a tool for debugging/troubleshooting network problems.
The Ethernet based sniffer works with network interface card (NIC) to capture interprete and save the data packets sent across the network.
Sniffer can turn out to be quite dangerous. If an attacker manages to install a sniffer on your system or the router of your network, then all data including passwords, private messages, company secrets, etc. get captured.

DOS

-: Denial Of Service (DoS) Attacks :-


A denial of service (DoS) attack is an attack that clogs up so much memory on the target system that it can not serve it's users, or it causes the target system to crash, reboot, or otherwise deny services to legitimate users.There are several different kinds of dos attacks as discussed below:-

1) Ping Of Death :- The ping of death attack sends oversized ICMP datagrams (encapsulated in IP packets) to the victim.The Ping command makes use of the ICMP echo request and echo reply messages and it's commonly used to determine whether the remote host is alive. In a ping of death attack, however, ping causes the remote system to hang, reboot or crash. To do so the attacker uses, the ping command in conjuction with -l argument (used to specify the size of the packet sent) to ping the target system that exceeds the maximum bytes allowed by TCP/IP (65,536).
example:- c:/>ping -l 65540 hostname
Fortunately, nearly all operating systems these days are not vulnerable to the ping of death attack.

2) Teardrop Attack :- Whenever data is sent over the internet, it is broken into fragments at the source system and reassembled at the destination system. For example you need to send 3,000 bytes of data from one system to another. Rather than sending the entire chunk in asingle packet, the data is broken down into smaller packets as given below:
* packet 1 will carry bytes 1-1000.
* packet 2 will carry bytes 1001-2000.
* packet 3 will carry bytes 2001-3000.
In teardrop attack, however, the data packets sent to the target computer contais bytes that overlaps with each other.
(bytes 1-1500) (bytes 1001-2000) (bytes 1500-2500)
When the target system receives such a series of packets, it can not reassemble the data and therefore will crash, hang, or reboot.
Old Linux systems, Windows NT/95 are vulnerable.

3) SYN - Flood Attack :- In SYN flooding attack, several SYN packets are sent to the target host, all with an invalid source IP address. When the target system receives these SYN packets, it tries to respond to each one with a SYN/ACK packet but as all the source IP addresses are invalid the target system goes into wait state for ACK message to receive from source. Eventually, due to large number of connection requests, the target systems' memory is consumed. In order to actually affect the target system, a large number of SYN packets with invalid IP addresses must be sent.

4) Land Attack :- A land attack is similar to SYN attack, the only difference being that instead of including an invalid IP address, the SYN packet include the IP address of the target sysetm itself. As a result an infinite loop is created within the target system, which ultimately hangs and crashes.Windows NT before Service Pack 4 are vulnerable to this attack.

5) Smurf Attack :- There are 3 players in the smurf attack–the attacker,the intermediary (which can also be a victim) and the victim. In most scenarios the attacker spoofs the IP source address as the IP of the intended victim to the intermediary network broadcast address. Every host on the intermediary network replies, flooding the victim and the intermediary network with network traffic.
Smurf Attack Result:- Performance may be degraded such that the victim, the victim and intermediary networks become congested and unusable, i.e. clogging the network and preventing legitimate users from obtaining network services.

6) UDP - Flood Attack :- Two UDP services: echo (which echos back any character received) and chargen (which generates character) were used in the past for network testing and are enabled by default on most systems. These services can be used to launch a DOS by connecting the chargen to echo ports on the same or another machine and generating large amounts of network traffic.

: Input Validation Attacks :-

-: Input Validation Attacks :-


Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-

1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.
To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.
Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80
This sends a string of 500 “a” characters for the user value to the login.php file.
Buffer overflow can be tested by sending repeated requests to the application and recording the server's response.

2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-
/menu.asp?dimlDisplayer=menu.asp
/webacc?User.asp=login.htt
/SWEditServlet?station_path=Z&publication_id=2043&template=login.tem
/Getfile.asp?/scripts/Client/login.js
/includes/printable.asp?Link=customers/overview.htm

3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc.
We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
http://website/inc/errors.asp?Error=Invalid%20password
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
http://website/inc/errors.asp?Error=<script%20src=...
That is, place the script tags on the URL.

4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.
The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports' or 1=1--