Navigating the World of Cryptocurrency

-
Image
In recent years, the finance sector has undergone a profound transformation with the emergence of cryptocurrencies. These digital assets, underpinned by blockchain technology, have revolutionized our perceptions and interactions with money. From Bitcoin to Ethereum and beyond, the cryptocurrency market continues to expand, captivating investors, technologists, and enthusiasts alike. In this blog, we embark on a journey through the realm of cryptocurrency, examining its origins, functionalities, potential, and the profound impact it exerts on our financial landscape. Origins of Cryptocurrency: The genesis of cryptocurrency traces back to 2008 when an individual or group known as Satoshi Nakamoto unveiled a whitepaper titled "Bitcoin: A Peer-to-Peer Electronic Cash System." This seminal document introduced the blueprint for Bitcoin, the world's inaugural decentralized digital currency. Leveraging blockchain technology, Bitcoin enables secure and transparent peer-to-peer tra
Post a Comment

Four Easy Tips To Avoid Spam

-

After the post on GDPR, recently, I got a call from my friend for a favour. 

Caller: Sourav, I need your help, I think there is something wrong with my number/phone. Someone is listening/hacked my call line.
Me: Kindly check with your girlfriend :)

This is not going to be a long article but promisingly helpful. We are talking about 2019 when mobile phones are brand new, the size of your palm, ridiculously expensive sometimes and that is fine, they are different, almost science fiction become reality and they did what they were intended to do like voice control, Multimedia, and storage. Today, it is very difficult to spend even a single day without the mobile. If our phone breaks down, it makes us quite nervous.
When you purchase any mobile for N purpose either you are tech savvy or not, it allows you to gain fundamental technical knowledge. E.g...  Application behaviours, hardware component knowledge, software updates, Network, and internet etc.

My simple question is when you Sign up first time to any Social Site, have you noticed that it gives you friend suggestion based on your location, education, job type, social behaviour etc.
If you look closely to the suggestions, out of 50, 35-40 will be your mates. Then you simply click on send request to all/individual letting them know you joined the platform.
Have you thought of this, how they know about your private circles when this is your first time on a particular social site? This algorithm of social sites also called network correlation-based social friend recommendation. (Link: https://ieeexplore.ieee.org/document/7360196/authors#authors).

I can go it the depth of technicality but my point is, we simply avoid or overlooked sometimes small pop up or notification that may become a potential threat for a user. Many other websites/blog have different views on this, you can go ahead and have a look to them as well.  I am trying to compile all the best points in four security pillars:

1. Application Permissions
2. Third Party Applications.
3. Update Software.
4. Auto-Saved Data.
1. Application Permission: Normally, It doesn't take even seconds to check all the notifications or permission requested by an application. We care for the application function and behavior not permissions asked.  As a matter of fact, In the face of malware, Both of OS (Android and iOS) has a very good defense mechanism — the app permissions system.
But I would like to limelight that when you provide app permissions like accessing your gallery, videos, audio, contacts etc, it doesn't strict permission to that particular application only, it manage permission with all application partners with the application installed.

For example PUBG Game, now this game has a really smart feature of live gaming with your friends having an audio function, chat, connecting social profiles etc. Most of us don't know that PUBG (The BlueHole Company) has many worldwide registered partners. So, when you allow your social profile sharing to this game, it doesn't go with only PUBG but it goes with every single partner registered with this company.

But it doesn't mean you unchecked all the permissions today. Most of the application on smartphones work on Sandbox environment, that does not actually need system permission. Application Permissions are divided into several categories, but two identical categories are:

A).  Light-weight Permission.
B).  Full Permission.

Light-weight permission includes several safe permissions that the user provides to an application. It's sometimes mandatory to provide app permission to access few details from your cell phone to run the application smoothly. Permission includes access to your camera, audio/video, accessing the cell phone Cellular Data/Bluetooth, Bio-metric access etc. which can be granted by default and do not require a user’s approval in most cases.

Full Permission includes permissions where somehow applications connected with user's privacy and security.  It contains mandatory approval from the user. Permission includes access to contacts, messages, social sites, location services, calender, storage, link to the sensitive financial application, phone settings etc. If a user approves one of the permissions, the app gets all of the permissions from the same group automatically, without additional confirmation. For example, if an app gets permission to read SMS messages, then it will be also able to send SMS messages, read MMS messages, and perform other operations from this group.




 A cellphone user should carefully consider each permission you grant. For example, if a game or photo-editing tool wants access to your current location, that’s strange. At the same time, maps and navigators really need GPS data — but not access to contact lists or SMS messages. Take your little time here and manage your notification, please.

2. Third Party Applications:

"Your mother may have told you to never take things from strangers. No? It’s still good advice, especially when you consider the risks that come with downloading apps from third-party app stores." - (Source: Norton)

A Third-Party application includes which is not from the default manufacturer of a mobile device or its operating system (google play, app store etc.), it is basically downloaded from anonymous sites, which is also most harmful and dangerous for security.  Third party apps having the potential to obtained access rights, Trojans can intercept data from apps (including input text — passwords are the main goal here). In addition, malware gets the ability to purchase apps in the Google Play Store.


Now, Remember from the above note about the caller?  A cell phone user want their phone to act beyond their limits sometimes, I mean if your phone doesn't have a built-in feature, then you might start looking for alternatives through world wide web and hackers wait for such movements.

With my friend's example: He downloaded a voice recognization application that lock/unlock the device from an anonymous site, checked all permissions and started using the app. After a few hours, many advertisements started broadcasting on his cellphone and whenever he was making the call, the voice recognization was actually dumping voice data to their website and yes, he got few emails that were disturbing. End of story.
Mobile Software now so powerful and smart in terms of security, when you remove the third-party app, it removes all the permissions, notification and app completely.

Third-party app stores may not apply the same level of scrutiny toward the apps they allow to be listed in their app stores. Still, it can get tricky. Third-party app stores might offer plenty of safe applications. But there’s also a higher chance they might offer dangerous ones. Do not encourage or use third-party apps, your mobile company, and software are very responsible enough to help with you all kinds of app that can be sync 
                   with your phone. Use only official mobile application stores.

3. Update Software: Are you one of them who ignore the notification of software updates? Trust me, after this article, you will not. Hackers love security flaws, also known as software vulnerabilities. Software vulnerability is a security hole or weakness found in a software program or operating system. Hackers can take advantage of the weakness by writing code to target the vulnerability. The code is packaged into malware — short for malicious software.
Updates not only patch security holes, but they can also add new features and improve existing ones. You don’t want to fall behind the times, right? In that way, software updates really are all about you. Your software program may get a new shot of stability — no more crashing. Or an update might boost program performance — more speed. You deserve no less.



4. Auto-Saved Data: With all securities issues latest iCloud Hacking, google data leak and many others, I am not able to figure out that why people save their critical data in their smartphones. I mean why?  It takes few seconds/a minute to enter manually the login credentials, but just want to keep everything on one finger tap, we prefer AutoSaved data.
Please stop doing this and getting lazy, try to avoid as much as you can the AutoSaved/autofill data. You should avoid allow any application to save your login credentials. Hackers love this "If the password manager pre-fills the password field as well then it could also be obtained."

Avoid autofill/AutoSaved login details specially. Just in case, if you have a number of logins, use only encrypted password manager’s software. One of the best I recommend is the LastPass software.
Link(https://www.lastpass.com/)

 *******************************************************************************

Contact:
LinkedIn: http://in.linkedin.com/pub/sourav-poddar/6b/542/a30
or mail me at Sourav1up@gmail.com....

Thank You.





Comments

Post a Comment

Popular posts from this blog

Chat GPT and AI: Revolutionizing Communication and Unlocking New Possibilities

-
Image
 Introduction: Artificial Intelligence (AI) has become an integral part of our lives, transforming various industries and revolutionizing the way we interact with technology. One of the significant advancements in AI is Chat GPT (Generative Pre-trained Transformer), a language model developed by OpenAI. With its remarkable capabilities in understanding and generating human-like text, Chat GPT has opened doors to a new era of communication, where machines can engage in natural and meaningful conversations with humans. Understanding Chat GPT: Chat GPT is built upon the foundation of the GPT-3.5 architecture, a state-of-the-art language model trained on a vast amount of text data. It leverages deep learning techniques, particularly transformer models, to process and generate text responses. By learning patterns and structures from diverse sources, including books, articles, and the internet, Chat GPT has acquired an impressive understanding of human language, making it capable of generati
Read more

Some cool Hacking Tips N Tricks

-
Image
<Hello World>, Hacking is always fun. As a harvested hacker, l et me tell you the cool side of Ethical Hacking. *It is mandatory to understand that this article content is our education purposes only, please DO NOT act any cybercrime. Disclaimer: (Above age 15 Only) 1. Introduction. 2. Making Nameless Folder in Windows. 3. Finding Serial Key of Any Software Using Simple Google Trick. 4. Learn To Hide Files behind the Images. 5. Active and genuine any windows anytime. 6.  Learn To Make Dangerous Virus In a Minute. 7 . Make a virus that disable mouse. 8. change your IP less then a minute and Grab someone IP address. 9. Access Save passwords in your/other PC’s. 10. Phishing Attack to access any passwords.(Gmail,FB,Yahoo,Rediff   etc.) 11 . Prevent from hackers. 12. Contact us. Different hackers/programmer/developers/authors have different views on hacking, but basically I think that Hacking is like a sudden gift that   surprise you ;)
Read more

THE METAVERSE

-
Image
It reminds me of my favourite childhood movie Matrix…. It depicts a dystopian future in which humanity is unknowingly trapped inside a simulated reality. I can bet that at that time, most of us wanted technology to travel places with skills that can be computerized using a binary algorithm. Well here in 2022, not through the Telephone exactly but something roughly similar coming to our era. Technology frequently produces surprises that nobody predicts. However, the biggest developments are often anticipated decades in advance. In 1945 Vannevar Bush described what he called the “Memex”, a single device that would store all books, records and communications, and mechanically link them together by association. This concept was then used to formulate the idea of “hypertext” (a term coined two decades later), which in turn guided the development of the World Wide Web (developed another two decades later).   WHAT IS METAVERSE?   Metaverse has become the newest macro-goal for many of the wor
Read more