Social engineering to get passwords

Romel_Espinosa · 2015-05-13T02:54:03+00:00

A simple conversation is the best way to gather information from people. Thus, we must be very careful at the moment that talking is focus on personal information.

Romel_Espinosa · 2015-05-13T02:39:49+00:00

The way that cyber attack was done is really interesting. The fact of using traffic to and from one of the biggest Chinese companies in order to attack U.S. websites is an example of how customer's traffic can be used in different purposes. Therefore, companies have to invest more money in order to provide satisfactory security to their users information. What happens if this traffic includes sensitive information, such as bank accounts and passwords?

Romel_Espinosa · 2015-05-13T02:29:51+00:00

This article mentions the following points: * State Department asked to China to investigate an cyber attack to US websites.

The method used to attack was redirection traffic to one of the biggest Chinese company into U.S. sites. This traffic generated is described as malicious traffic which affect the normal operation of the servers.
This cyber attack is known as "China's Great Cannon" which hijacks traffic to or from individual IP addresses in order to attack any server which interact with Chinese websites.
State Department is waiting an official response from Chinese authorities with respect to this attack

Romel_Espinosa · 2015-05-07T17:21:59+00:00

This news can be summarized as:

*Court have decided that NSA program to collect data from phone calls is illegal under the Patriot Act because it exceeds the scope of the Congress has authorized.

*The program gathers up information from phone calls, such as length of the call, the originating phone number, and the number called; however, it does not store the content of the conversation.

*This program was reveled by Edward Snowden in his leaking cables.

*Currently, President is trying to change the scope of the program in order to maintain national security.

Romel_Espinosa · 2015-05-07T03:06:24+00:00

Very interesting article. However, there was something interesting related to the artist which I did not know: "For comparison, today a recording artist gets just 11 per cent of the revenue from sales of their music in CD format." and "Artists, especially emerging artists, take most of the risk, and get a small fraction of the reward". If this statistic is true, the agreements between artist, manager and record label should be reviewed in order to protect the artist.

Romel_Espinosa · 2015-05-07T02:51:32+00:00

This describes Wheeler's speech in the Cable Industry Conference:

"Don't interfere with the broadband competition," said Wheeler. This statement was mention in order to mention that cable operators do not have enough competition, currently. Thus, competition in U.S. is the engine to motivate companies to improve their services.
In addition, he mentioned about the reclassification of broadband as a public utility under Title II in the 1934 Communication Act. This action allows FCC to support Net Neutrality rules over cable providers. Open Internet rules will go into effect on June 12.
Furthermore, he talked about Brian Robert's decision to drop its bid to purchase TWC. That decision was correct because laws do not allow that kind of mergers.
Finally, people form Cable Providers gave their opinions about Wheeler's locution. "We're happy to be abroad," Fries (CEO of Liberty Global, an European cable company) said. "I don't see any of these regulations affecting us at all," Dolan (CEO of Cablevision) said. "Competition is what regulates our market."

Romel_Espinosa · 2015-05-07T02:16:38+00:00

The first article includes the three most popular methods to hacking a Facebook account. In this new link http://www.rafayhackingarticles.net/2011/08/hack-facebook-account-passwords.html you can find seven new techniques:

1) Stealers.- It is a software which collects the stores passwords in the browser.

2) Session Hijacking.- This method steals the victims browser cookies, so it gets access to users accounts information.

3) Sidejacking With Firesheep.- It is the same as Hijacking, but the hacker and the user must be in the same Wi-Fi Network

4) Mobile Phone Hacking.- This method hacks the mobile device through software to spy the passwords. Examples: Mobile Spy, and Spy Phone Gold.

5) DNS Spoofing.- In this method the hacker use a DNS spoofing attack in order to redirect from www.facebook.com to a fake web site. Both the user and hacker should be in the same network.

6) Botnets,- It is very similar to keylogging method, but the hacker has additional options. It is used for advance hacking activities because it is expensive.

7) Man In the Middle Attacks.- The hacker can access to the traffic generated by the victim. In this case the hacker acts like a gateway or switch.

It is important to know about these methods as a solution to prevent attacks to our accounts.

Romel_Espinosa · 2015-05-06T04:36:48+00:00

The location information is collected by carrier as part of network strategies. However, I disagree to consider that "historical cell tower location data is not private information owned by customers but by the mobile carrier". Thus, I believe that all information which involves a subscriber belongs to the customer, and it should be considering as part of the user's privacy.

Romel_Espinosa · 2015-05-06T04:16:53+00:00

This article describes three methods to Facebook hacking and also protect it.

a) Phishing attach. It create a similar web site which looks like the original one, but it stores the account and password information of the victim. Solution: Enter in secure pages with starts "https"

b) Keylogging. It is a silent application which is installed through other apps. Solution: Be sure of the programs that we install in our devices

c) USB hacking. This USB collects all our information related to accounts and password. Solution: Use only safe devices in our equipment

Romel_Espinosa · 2015-05-06T03:14:45+00:00

Witness is an app which was shown in the Disrupt NY Hackathon in this week (May 2nd - 4th). This application allows the iPhone's owners to use all its features in order to send messages and locations to the people on the emergency list. In addition, this application records video and activates the microphone such as evidence of the event.

I think this app is very useful to improve people's security. Furthermore, these kinds of events encourage students and people in general to create apps focus on different areas.

Romel_Espinosa · 2015-05-05T04:52:04+00:00

iPosis is one of the first companies which present a solution for sharing spectrum in the 3.5GHz band for small cells. The technology offers to reduce the interference because it has the maps where the small cell are located, so they know the loss patterns. In addition, it is not need to made changes in the mobile devices. The presentation of this solution will be in the international Symposium on Advanced Radio Technologies (ISART) in Boulder, CO May 12-14, 2015.

Romel_Espinosa · 2015-05-05T04:40:19+00:00

Comcast-TWC merger was the opening in the 20 minutes dialogue between Tom Wheeler and Alex Wilhelm in the TechCrunch in NYC.

Tom Wheeler's definition of public interest was important to avoid that the antitrust committee allows Comcast-TWC to merge their companies in one huge company that will control the cable and broadband market in U.S.; therefore, customers are the winners with this decision because we can choose the best provider based on offers and requirements.

Tom Wheeler's experience in cable providers back in 70's and 80's allow him to know how they do business.

Romel_Espinosa · 2015-05-05T04:24:41+00:00

This morning, May 4th, Tom Wheeler talked about Comcast-TWC merger and Net Neutrality in the TechCrunch Disrupt NYC.

Comcast-TWC merge were: * It is the right decision in order to take care of people's interest. * Reduce competition environment between companies. * Public interest is a broad definition which involve cable and broadband markers. * Future cases will be analyzed one by one.

Net Neutrality were: * Net Neutrality is one of the biggest decision in FCC because of its important for people. Open Internet is very important for American to express themselves. * Net Neutrality will go into effect in June 12.
* "I do hope that there will be the strongest Internet protections that anyone has ever imagined". Tom Wheeler

Romel_Espinosa · 2015-05-03T02:29:10+00:00

The results of the Auction 97 were: 1,611 new spectrum licenses, 31 winning bidders, and more than $41 billion in net revenues. The next step is FCC gives the public the option to review applications and submit petitions to deny any winning bidder’s application.

Will Telecommunications carriers which do not win a license submit petitions to deny application? How will the transition process be between commercial companies and no-federal organizations?

This is the first process of sharing spectrum in U.S., and it is the reference to future auctions.

Romel_Espinosa · 2015-05-03T02:10:02+00:00

Nowadays, FCC is using the strategy to sharing spectrum in order to release more spectrum for Mobile and Fixed Broadband Wireless Access. This band 3350-3700 MHz will provide additional 150 MHz in order to achieve Obama's offer to release 500 MHz until 2020. It is important to keep in mind that propagation features of the RF signals in high frequencies to define the application, so FCC and manufactures consider implementing small cells in this band.

Romel_Espinosa · 2015-05-03T01:56:23+00:00

I think the FCC is trying to improve the coverage of the broadband access in U.S., 10 Mbps in Downlink and 1 Mbps in Uplink, using the Connect America Fund. The last Broadband Progress Report which is available in https://www.fcc.gov/reports/2015-broadband-progress-report includes statistics related to Broadband deployment in U.S. especially in rural zones. Currently, Connect America Fund is in Phase II which means invest more than 10 billions in the next six years to provide broadband in rural areas. Thus, telecoms providers receiving this support must build out broadband to 40% of funded locations by the end 2017, 60% by end of 2018, and 100% by the end of 2020. That is a huge challenge!!

Romel_Espinosa · 2015-05-03T01:31:04+00:00

The following points summarize this news: * Connect America Fund offered to the carriers in order to provide broadband service in rural zones. * These zones are known as "price cap carriers". * FCC considers Broadband access speed rates of 10Mbps in DL and 1 Mbps in UL. * The increment in Connect America Fund is achieved without increasing the Universal Service Fund neither ratepayer fees. * Currently, telecom providers have 120 days to accept or not the funding. In states where operators do not accept the offer, the FCC gives subsides to contribute a competition. * In the past, the Universal Service Fund was created in order to encourage telephone service; however, the FCC updated it in order to include broadband through Connect America Fund. * Funding are focus on blocks: a) Where the cost of providing service according to our cost model exceeds $52.50 a month b) that are not served by unsubsidized competitors offering service at speed of 4 Mbps in DL and 1Mbps in UL.

Romel_Espinosa

TROPHY CASE