IT-Networks is offering a limited edition ITN shirt. Shirts are available in Large (L), Extra Large (XL), And Double Extra Large (XXL). All shirts are 100% cotton and machine washable. We have a limited amount of shirts so first come first server. Please contact us with the form below providing all information. If you are wanting...

Last week Symantec reported 13 potentially malware-carrying Android applications, that it said may make up a family of botnets. Mobile security firm Lookout Mobile, however, is now saying the apps are just an advertising network. “We disagree with the assessment that this is malware, although we do believe that the Apperhand SDK...

Well, the bells of inevitability are ringing far and wide across the electronic realm. And, this time the sonorous sound is that of net giant Google slowly but surely taking over the computing domain. In this respect, we should not actually limit Google as just a internet giant. Because it started out with its search engine, then made an efficient web browser (in the form of Chrome), and finally proceeded onto to create a slew of mobile OS versions in the form of Android. And if you thought, all of this was impressive, hear this out. Two years ago, the founding members of the start-up Mobile Facts already found out that one could actually utilize Android as a full fledged operating system in PCs.

Why are we talking about this?

This is indeed a crucial question, and in answer we are moving onto the seemingly ‘impenetrable’ fortress of Windows. It was just in 2010 that many of us got access to the BlueStacks App Player. In short, this free software nigh did the unbelievable; it allowed Android users to run their favorite apps on any Windows PC. The complete visualization lets us run a total of 10 pre-loaded applications in the Windows platform, including the more graphically demanding ones like Angry Birds and Fruit Ninja. The app player also connected to the company’s Cloud Connect software for Android, which in turn allowed for the apps to be loaded onto the PCs (from their phones) through the cloud.

Now, the app we were harping about belongs to the annals of the previous year. But it was only in this year that many sources and analysts found out that the new version of Google’s software (supposedly Ice Cream Sandwich) is compatible with a plethora of our very own personal computers. According to a nigh momentous announcement by Google in September, ICS should be compatible with x86 chips (thus including both Intel and AMD). In terms of features, the ICS is touted to have a multitude of fascinating attributes like three dimensional control and face tracking. Now, envisage such convenient security features along with a wealth of apps in your very own desktop.

The impact

The clever folk from Mobile Facts took only about four hours to have the OS fully running (with all the basic hardware required) in their netbook (Asus Eee PC 1000H, in desktop Linux mode). Now, from an unbiased perspective these sudden spurts of coding exploits allude two major points. Firstly, the Android has always been an OS that would work with PCs. As a matter of fact, many among us tech enthusiasts can actually get it to work with a bit of time (and coding skill) in our hands. Secondly, and most importantly, with Google’s announcement this year, many of us consumers can look forth to a complete Android based OS on personal computers, along with Ice Cream Sandwich’s throng of apps. This becomes even more important in view of Google not so successful Chrome OS (which is based largely on an internet browser with access to apps), as opposed to the more ‘mass accepted’ Android platform.

Is the idea insane?

Most of us perceive the Android as an OS catering to smartphones (with already over 200 million Android devices being sold world wide). Now in relation to this, at the surface, the myriad of innovative coding and visualization exploits may all seem to a tad bit on the fantastic (or even insane) side. But, logically speaking, Android has always been a Linux component, and by generalization: a Linux can be shifted from one platform to the other. On the other hand, the Android code has some pretty interesting features in the form of its product policy. One of these features stand for specific usage regarding MIDs (or mobile internet devices). In relation to this revelation, a slew of devices like our aforementioned Asus Eee PC actually fall in this category.

Moreover, Microsoft has also talked about launching their Windows 8 in two versions – one for PCs and the other for tablets. So, at the end of the day, the Android running PC is not an utterly insane idea after all.

User perspective

There was a time when people looked up to iOS, not Android for their tablet OS woes. But now, with the more ‘collectively’ advanced ICS making its presence felt both in smartphones and tablets, Google has certainly tickled the fancies of many a user. With this wide acceptance comes consumer trust. So, I daresay, many of us would actually look forward to an Android PC, not as a complete replacement for Windows, but as an additional source of good UI with a wealth of apps.

Malware just got sneaky! Well, sneakier, that is. Attackers in Brazil have found a way to sneak around antivirus programs by using cryptography.

Recently Dmitry Bestuzhev, Kaspersky Lab’s Head of Global Research and Analysis Team for Latin America, was looking over some potentially malicious links from Brazil when he discovered some files with .jpeg filename extensions. At first glance, Bestuzhev thought that they were some form of steganography–the art and science of hiding messages. But upon further inspection, the researcher discovered that they were actually more like .bmp (bitmap) files, than JPEGs.

The data contained within the files themselves was obviously encrypted and contained some kind of malware; Bestuzhev later discovered that the data was in the form of block ciphers–a cryptographic method that encrypts 128-bit blocks of plain text in to 128-bit blocks of cipher text. Since block ciphers can only be composed of 128-bit blocks, they must break up the message into several blocks and encrypt each one individually. A process called modes of operation allows a cryptographer to repeatedly use block ciphers to encrypt an entire program–or piece of malware, in this case.

Modes of operation can use randomization based on an addition input value making it very difficult for any one program or decryter to be able to decrypt the code. When the file is opened, unencryped code–a decryption script in this case–would then run and execute the decrypted malicious code.

Unfortunately for the Web and its users, most antivirus software relies largely on searching for patterns of data that are alike or similar to its virus definitions. Some more advanced programs use heuristics to identify not necessarily problem code but virus structures based on miscellaneous wildcard characters (not A-Z and 0-9) and extra pointless “padding” code. However, even when a program is using heuristics, your virus scanner may only notify you that it’s an untrusted or unknown file.

Even more unfortunate, the wildcard characters could be hidden in another type of seemingly useful file (e.g. .jpeg files) that actually displays an image, and therefore, might not trigger the virus scanner at all. Could it get even worse? Yes, but to my knowledge, most, if not all, virus scanners also are incapable of determining what will happen when the decryption script is run–that is, they don’t actually execute the code to find out what will happen.

According to Bestuzhev the virus writers behind this particular attack publishes new mirrors and new variants of the malware about every 2 days, though the encryption code has remained the same so far. This is certainly scary for anyone out there that values their private information, and I just hope that the antivirus software companies can keep up.

[SecureList via ThreatPost]

A widespread hack spread across Facebook early Thursday morning and shows no signs of abating as of yet. It comes in the form of a script that posts heavily profanity-laden wall posts continuously, instructing you that the only way to remove the posts is to click a ‘Remove This App’ link.

Unfortunately the link is a hoax and allows the malicious script to access your Facebook account. Your account will then continue to spread the script in the form of similarly formatted wall posts on your friends accounts.

The message uses the phrase ‘Vote for Nicole Santos’, leading some to believe that it is a high school prank related to Prom season.

Here is a link to the raw code of the script causing the problems on Facebook. If any of you commenters have any suggestions as to how this might have been injected in the first place please do let us know.

Unsurprisingly many are trying to trace the source back to the ‘Nicole Santos’ that may have originated it, although it’s unclear whether this person would be the originator or just a victim of the hack.

As of now the only solution seems to be not to click on the link or any link requiring that you ‘Verify you account to prevent spam’ as this may be how the hack gains access to your Facebook wall in the first place. Simply block the friend sending it to you as their account is now compromised. Once the problem has been fixed by Facebook you can re-enable them.

A Facebook spokesperson said:

“This spam was spread by a vulnerability in our code and we worked quickly to resolve this matter. The bug caused a small number of spam comments to be posted to users’ walls, and we are in the process of cleaning up any spam it may have caused.”

The spokesperson also confirmed that the bug was in their handling of certain story types that “improperly allowed a specific-category of URLs (javascript: URLs)”, before it pushed out a fix that restricted links of this kind.

We will continue to update you on the hack and it’s effects, check back with this post for more information.