Paul's Tech Talk

Android Vulnerabilities and Exploits in the Wild!

PaulSeptember 28, 2013

Time to Do what?

When I was researching this on the web I didn’t expect to find so much stuff, but I do think IOS has more vulnerabilities then Android but it isn’t as bad as Apple IOS problems!

I am not going to talk about all of them but just a few that have peaked my interest!

The ‘Master Key’ Exploit

A simple but yet easy way to fool your Operating System and gain more access than it should. The name doesn’t mean they actually have the master key to your device. It is using what all Android devices use in the APK. The MANIFEST.MF, which if done right, will have two more copies in the APK (Zip file). When the Android OS installs this APK it will use the the last MANIFEST.MF and thus it can gain more access than you once thought. Be able to communicate with a server or copy your contacts. I’ve pretty much come to the conclusion that 3rd party apps are dangerous now and I will not use anything but Google or Maybe even Amazon US app store!

The ‘Webview’ JAVA Exploit

If you don’t use JAVA you will need to consider disabling it in Android. While this one is a little more trickier and harder to avoid if you use Java, you best bet is to install Dolphine Browser, FireFox, and/or Chrome. Then install a java an Addon or and Extension that does not allow Java to be used unless you specify. This exploit can send SMS, or send out emails from you to spam your friends and family. So this is one that you must start worrying about to a point.

The ‘Scarevertising’ Exploit

This last one I have seen become very prevalent and thus you should be on the lookout for this! They claim in either a push notification or in some kind of inside application banner that basically tries to scare you into thinking you have a virus. I’m not sure which advertising networks are being used but you can bet this will be a constant problem. Some rules of thumb are install only from the Google App Store and never install any third party apps, which some call side along install.

If your worried and you want to protect your Android Device, here are a few free applications that will help and hopefully keep you safe:

Avg Security — They have several different types and even a paid app type so it is up to you!
Sopho’s Free Anti-virus and Security App — I haven’t played around with this one but I do trust Sopho’s when it comes to Antivirus and Malware removal so they can be a great asset!
Eset Mobile Security and Anti-Virus App — This is another one that I trust because of who they are.

The last thing I can say is there are more than 100 different anti virus apps out there but it all depends on the end user (you) to know and trust vendors who are reputable and you can trust. If you don’t know the Anti virus Company than maybe they shouldn’t be used. I do hope I have helped you find what your looking for and we will discuss more in the future on Android Exploits!

[Rant] Obamacare and Minimizing Hours!

PaulSeptember 26, 2013

Obamacare and Me!

I never thought this would of happened but lately my employer that I have been working with for over a year has started to move everyone they can to part time. It seems that I may be one of those alas, the money I was getting might dwindle and I will need to find another job to help make up the difference.

Who thought of this loophole?

I am very unhappy with this loophole and it will more than likely make everyone have to find two different jobs that are part time just to get 40+ hours somewhere and you know that isn’t going to be overtime but all straight pay.

I usually don’t talk about stuff that isn’t technology related but I wanted to just rant about out ridiculous this Obamacare is and how it does nothing to help the low income people who are just trying to survive. I have yet to have insurance and now I have to figure out how to get around the 2.5% of my income in three years. This is the going to hit me really hard. I either have to pay around 120$ a month or pay 367.12 a year. I hardly been sick and when I am it is moderately bad and thus I usually only go once a year. How is this going to help me from getting into debt.

Obama figure this out!

I’m calling on Obama to withdrawal this plan and come up with a more fair plan that will allow the low income workers from having to work harder than we have in the past few years. Make companies increase hours and make companies to pay more is one step that will help use get out of debt quicker and much more easily. We are working hard and can’t easily claw ourselves out of this debt. You just don’t understand what it is like for a low income worker. It might be time to get your hands dirty and do some of the things we do and then you tell me how fair this law is!

Get with it and stop making the low income work harder for the same benefits! You aren’t helping me but making it harder for me to survive!

Ok so that is the rant and I won’t get into much else but this is just ridiculous.

4 Gadgets Every Techie Should Have

PaulSeptember 23, 2013

If you consider yourself a techie, you need the right tools in your arsenal to keep up to date in today’s rapidly changing world. It’s easy to confuse yourself with what seems to be the next greatest product. That said, every techie should focus on getting these four essentials before they branch out to what would be considered extra.

A Smartphone

For starters, every techie needs a smartphone, which will keep you up to date on everything going on in the tech world. There is always going to be the debate about whether you should purchase an iPhone or other model. The choice is completely up to you, since every techie has their reasoning for which they chose. Be prepared to defend your decision against other techies, because there will never be consensus. Be wise in your smartphone choice because your smartphone will become your right hand man.

A Tablet

The next best thing for a techie would be a tablet. The benefits of the tablet seem to be endless. Most people see a tablet as just a larger version of a smartphone, but there is so much more to a tablet than meets the eye. A tablet is really a smaller, more portable computer. In fact, today’s tablets have become so powerful that they have the capability of running faster than a lot of computers. Tablets give you certain application functions and internet browsing speeds that you would otherwise miss out on if you were using a smartphone. Tablets are big enough to give you access to a full keyboard, just as you would on a computer.

A Computers

As obvious as this next one might sound, in today’s world, people are tending to skip out on purchasing a computer. However, computers will always have the most capability when it comes to internet browsing. It likely won’t ever be beaten in software capability. A computer provides access to useful programs such as Photoshop and Microsoft Office that you just can’t duplicate on a Smartphone or Tablet. Computers nowadays are seen as kind of clunky, but they aren’t ‘big’ for no reason – they have much more memory and overall storage ability. For at least the next decade, there will be certain things that can only be done on a computer.

That Watch

Finally, every techie needs their very own techie watch. They’ve advanced, bu it can get a bit pricey. After all, nobody said being a true techie would be cheap. For the right price, you can purchase a watch that displays the weather, your heart rate, bits of news, and of course the time and date. Some techies prefer the even higher-tech bracelets, such as Nike fuel bands that track physical movements and distance covered, but they come at a pretty penny.

Vanessa Alvarez writes all about technology. Her recent work is on the Top Online Software Engineering Programs.

Do VPN’s keep my private information private or does it really work?

PaulSeptember 21, 2013

NSA tells all sorts of tales!

With the current level of people worry about their security and privacy, I’ve found people wanting to know just how much privacy do they really have on a VPN’s like Vpn4all, which is a sponsor to this blog. When even more leaked documents that show that the NSA was involved in encryption formulas, people stopped buying VPNS because they were told a lie! The truth of it is that we can Trust the Math, a great quote from Bruce Schneier. When I first heard about this blog post, I ran to it to see what it says. Most of it I believe and some stuff I questioned. In the end I believe he is right about how the can not possibly break encryption in anything bigger that 256 bit encryption. There is no super computer that I know of that can do the calculations to break the encryption.

NSA will eventually see it!

Just know that no matter what you do online securely even if its encrypted that eventually it will be broken and they will see what you did. I am just trying to keep my privacy until I die. Hopefully after I die nothing will matter what NSA finds out about me. I have nothing to Hide but I do not trust the NSA.

Truth about VPNS

The common idea that since VPNS are basic encryption tunnels made people think the NSA either has all keys or can easily get in through a back door. I would be telling a untruth if I told you I didn’t at least suspect some providers to give all access to their servers just to keep their license’s and other legal stuff!

Vpn4All is a partner to OpenVPN and they use OpenSSL Library, so everyone can see the code and keep others safe from prying eyes. So you see NSA would be hard pressed to break the encryption. The other truth of the mater is that most of the time the keys get thrown away and we may never know if they are thrown away or given away!

Something to Consider!

When I first started this journey into encryption, I never knew it would be so hard to grasp it. I will however tell you why I chose VPN4ALL for my site:

Their Business is outside of the US. Doesn’t mean the NSA can get the key to your encryption just makes it harder. If someone really ones something, they find a way to do it.
AES-256 RSA 2096 Bit Encryption. We even see RSA making a change from unlinking to the NSA Algorithm. So it should be safe for the time being.
Ultra Fast Connections. Unlike other VPNS I have tried VPN4ALL made great strides in speed and privacy.
Got Over 1,000 IPS to chose from! Let’s face it we have can choose any one ip we want and keep the NSA guessing!

The Truth of the matter is that VPNs are my friends and they shall always be used in any situation I deem necessary to keep my privacy safe and secure!

4 Essential Elements for Your Parents’ IT Care Package

PaulSeptember 14, 2013

Your parents know how to turn on the computer and are getting better at sending texts. But let’s face it, they are basically clueless when it comes to technology. Have you ever once seen your mom pick up that iPad you and your brother chipped in to get her for Christmas? Probably not unless she’s reading a book. She doesn’t know how to use it. Now that you’re away at college and the other kids are already out of the house, your parents are floating around in technological darkness.

Since you’re not at their beck and call for tech support anymore, give them a helping hand. They’ve sent you plenty of care packages of the comforts of home since you’ve been at school. Why not do the same for them with an IT care package? Include items allowing your parents to handle their Internet and tablet needs on their own (or by you, remotely).

Spyware Protection

Most parents don’t have a clue how to protect their computers from spyware. They may not even know how important it is to do that or how easy it is for someone to hack into their computer. Fortunately, you do know and you can help them. Teach them how to avoid spyware by sending them your favorite anti-spyware program with instructions for how to install and use it. Include the tech support number for their Internet service provider if they have any trouble removing existing spyware from their computer. They’ll love you for it once they realize how important this is to computer security.

Skype

It’s inevitable. Your parents will need personal help from you every now and then until you get them independent enough to handle computer issues on their own. Send them to Skype and instruct them to download it. If they have a real problem that only you can solve, they can have a face to face conversation with you and you can walk them through it until they get it right. Just make sure they know that Skype is like the Batphone as far as you’re concerned — they should only use it to contact you in a computer-based emergency. You’re not a one-person tech support department who is always on call and this is something your parents have to learn.

Remote Assistance

Sometimes, even an in-person conversation isn’t enough to help parents solve their tech problems. You’ve simply got to do it yourself. In the past, this might have been a problem if you were across the country at school. Now, you can take charge of your parents’ computer wherever you are with Remote Assistance for Windows. This will only work if they have a PC, but most parents aren’t Mac-savvy (as you discovered with the iPad incident).

Remote access can be installed on both your computer and theirs. You can use it to simply get into their computer and fix the problem for them. Remind them that this option is to be used even less frequently than Skype. Ask them to consider Remote Assistance the 9-1-1 call of tech support for you. There may be financial penalties for misusing it, just like in the real world, such as having to send you extra gas or grocery money this month.

Google

This is probably the simplest solution to any computer problem. It’s also the one your parents are most likely to overlook. Send them a big sticky note with the word Google.com written on it in their IT care package. Remind them that any tech question they have can often be answered by Googling it and then following the instructions found on a website Google provides. This should save a lot of unnecessary phone, Skype and Remote Assistance sessions with you, so you can finally untie those tech support apron strings and start to enjoy the college life at last, knowing your parents are on their way to becoming IT independent.