TOP BLOG ADS BY GOOGLE

Tuesday, September 13, 2011

First Flaws in the Internet Banking Identified


Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts.
The attack is a result of a long-term cryptanalysis project carried out by Andrey Bogdanov (K.U.Leuven, visiting Microsoft Research at the time of obtaining the results), Dmitry Khovratovich (Microsoft Research), and Christian Rechberger (ENS Paris, visiting Microsoft Research).
The AES algorithm is used by hundreds of millions of users worldwide to protect internet banking, wireless communications, and the data on their hard disks. In 2000, the Rijndael algorithm, designed by the Belgian cryptographers Dr. Joan Daemen (STMicroelectronics) and Prof. Vincent Rijmen (K.U.Leuven), was selected as the winner of an open competition organized by the US NIST (National Institute for Standards and Technology). Today AES is used in more than 1700 NIST-validated products and thousands of others; it has been standardized by NIST, ISO, and IEEE and it has been approved by the U.S. National Security Agency (NSA) for protecting secret and even top secret information.

In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. In 2009, some weaknesses were identified when AES was used to encrypt data under four keys that are related in a way controlled by an attacker; while this attack was interesting from a mathematical point of view, the attack is not relevant in any application scenario. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126. Even with the new attack, the effort to recover a key is still huge: the number of steps to find the key for AES-128 is an 8 followed by 37 zeroes. To put this into perspective: on a trillion machines, that each could test a billion keys per second, it would take more than two billion years to recover an AES-128 key. Note that large corporations are believed to have millions of machines, and current machines can only test 10 million keys per second.
Because of these huge complexities, the attack has no practical implications on the security of user data; however, it is the first significant flaw that has been found in the widely used AES algorithm and was confirmed by the designers.

Sunday, September 11, 2011

New Spam Targeting Facebook Users Is Invisible to Most Virus Scans

Cyber-criminals are using fake e-mails to target Facebook users and deliver computer viruses that were being detected only by one-third of the 42 most common anti-virus products as of 12 noon March 18, says a leading cyber-crime researcher at the University of Alabama at Birmingham (UAB).
Gary Warner, the UAB director of research in computer forensics, says his team in the UAB Spam Data Mine has been tracking the Facebook spam campaign for the past three days. While it is not in the data mine's list of the top 10 most prevalent malware threats, Warner says the fake Facebook messages and related viruses are serious.
"The malware being delivered is called 'BredoLab.' It has been occasionally spread by spam since May of 2009," Warner says. "The UAB Spam Data Mine has observed at least eight versions of the Facebook BredoLab malware since March 16.
"What is troubling is the newer versions of the BredoLab used in this latest attack campaign are not being detected by the majority of anti-virus services -- and that means the majority of users who unwittingly click on the bogus attachments linked to fake e-mails are going to have their computers infected," Warner says.
In this new campaign, cyber-criminals are using regular Internet e-mail services to deliver the false Facebook messages to the social media site's customers. The spam messages ask recipients to open an attachment in order to obtain new Facebook login information. Clicking the attachment exposes a user's computer to the BredoLab malware.
"Once a computer is infected with BredoLab, the cyber-criminals are able to add any other malicious software they desire to the infected computer, including password-stealing software, fake anti-virus software and spam-sending software," Warner says.
Warner warns that any legitimate company would never ask a customer to update his or her personal account information in an e-mail or through e-mail-embedded links or attachments.
"If there are questions about one of your account profiles, visit the site in question through your Web browser and log in as you normally would," he says. "If an entity has an important message for you, you'll be able to find it on its Web page."

Friday, September 9, 2011

Nokia C2-03 - Dual SIM Meets Touch and Type


Nokia C2-03 combines Dual-SIM functionality with Touch and Type technology. A great phone for those who want to combine their varied ...

This phone is a touch and type, Dual sim and apparently a slider as well. We have mentioned its price in Pakistan, however its subject to change and affirmative price will be released once phone is out in the market in 3rd quarter of year 2011.Update: Phone is now released in Pakistan.
Size Dimensions 103 x 51.4 x 17 mm
Weight 115 Grams
General 2G Network GSM 900 / 1800 - SIM1 - SIM 2 / GSM 850 / 1900 - SIM1 - SIM 2
3G Network
Announced 21/06/2011
Status Released in Pakistan
Display Type It has resistive Touch and Type TFT screen with 56k Resolutions
Size 240 x 320 pixels and 2.6 inches
Extra -Hand Writing Recognition System
Ringtones Type Wav Ringtones, Mp3
Customization 3.5 mm Audio jack- Loudspeaker
Vibration Yes
Data GPRS Class 12 (4+1/3+2/2+3/1+4 slots), 32 to 48 kbps
HSCSD
EDGE Class 12
3G No
WLAN No
Bluetooth v2.1 which comes with A2DP
Infrared port No
USB microUSB v2.0
Features OS Symbian Series 40
Messaging Push Email, SMS, MMS, Emails
Browser WAP 2.0/xHTML
Games Downloadable and Play
Colors Golden White and Chrome Black
Camera 2 MP with 1600x1200 pixels - QCIF@15fps Video
-Dual Sim - FM Radio - FM Radio Recording - MIDP 2.1 Java - Easy Swap SIM support (no reboot required) - MP4/H.264/H.263 player - MP3/AAC/WAV player - Organizer - FlashLite support - Voice memo - Predictive text input
Memory PhoneBook 1000 Enter
Call Records Yes
Card Slot microSD, that goes up to 32GB and 2GB included
Shared Memory 10 MB Internal Memory
Extra
Battery Type Standard Li-Ion 1020 mAh (BL-5C)
Talk-Time 5 hours talk time, but Music play can go up to 37 Hours
Stand-By Supports 400 hours
Price PKR Rs. 8,500
USD $97.65
Disclaimer. We checked details of this handset prior to listing it here, yet we cannot assure you on the authenticity of details, please let us know if you find discrepancies.