While Facebook, Google, Yahoo and other Social Media Giants debate on whether blocking fake news on their services will be bad enough for their bottom line (because they make revenue for clicks on their sites and traffic flow) instead of focusing on the greater good for their users and society on a whole, a group of college Students have stepped up on done their job for them. Continue reading Students do what Social Giants drag ass on
Most people connect to the internet via their ISP’s DNS servers which more than likely are not the best and more than likely is slowing down your browsing. Using a 3rd party service not only speeds up your experience online. A while ago we wrote about OpenDNS, today we’re going over Google’s DNS service.
Google Public DNS IP addresses
IPv4 addresses are as follows:
IPv6 addresses are as follows:
Making the changes
- Start the
Network and Sharing Center(this process varies by windows version)
Change adadpter settings
Local Area Connectionor
Wireless Network Connectionslelect
- Type in your administrator password if you are promted for it.
- Click the
- Under the
Internet Protocol Version 4 (TCP/IPv4)or
Internet Protocol Version 6 (TCP/IPv6)and click
Advancedand select the
DNStab, write down any IP’s that are listed here for future reference in case you want to revert later on.
Use the following DNS server addresses
- Enter the IP’s from above
- Restart your computer
- Click the Apple menu ()
System Preferencesand click the
- Select the connection you want to configure (
Display Ethernet) then click
- Select the
- Click the
+icon to enter the IP Addresses (repeat for each address)
I will go over doing this in Ubuntu since that is one of the more common flavors.
System Preferencesand click
- Select the connection you want to configure
Wirelesstab, then select the appropriate network.
Edit, and in the window that appears, select the
- If the selected method is
Automatic (DHCP), open the dropdown and select
Automatic (STATIC) addresses onlyinstead.
- If the method is set to something else, do not change it.
- In the DNS servers field, enter the IP addresses, separated by a space:
- If you are prompted for a password or confirmation, type the password or provide confirmation.
If your distribution doesn’t use Network Manager, your DNS settings are specified in
sudo vi /etc/resolv.conf
If any nameserver lines appear, write down the IP addresses for future reference. Replace or add, the following lines:
nameserver 220.127.116.11 nameserver 18.104.22.168 nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844
Save and exit
Restart any Internet clients you are using.
sudo /etc/init.d/networking restart
Every router uses a different user interface for configuring DNS server settings; we provide only a generic procedure below. For more information, please consult your router documentation.
- In your browser, enter the IP address to access the router’s administration console.
- When prompted, enter the password to access network settings.
- Find the screen in which DNS server settings are specified.
- If there are IP addresses specified in the fields for the primary and seconday DNS servers, write them down for future reference.
- Replace those addresses with the IP addresses from above
- Save and exit.
- Restart your browser.
- 143 – I love you
- 2 – To
- 20 – Location
- 24/7 – Twenty-four hours a day, seven days a week
- 411 – Information
- AFAIK – As far as I know
- AFK – Away from keyboard
- AIM – AOL Instant Messenger
- AKA – Also known as
- AM – Antemeridian
- AOL – America Online
- ASAP – As soon as possible
- ASL – Age, sex, location
- ATM – At the moment
- b/c – Because
- b/w – Between
- b4 – Before
- BBIAB – Be back in a bit
- BBL – Be back later
- BCC – Blind carbon copy
- bf – Boyfriend
- BFF – Best friends forever
- Bling – Overly flashy jewelry
- blog – Web log
- BRB – Be right back
- BTW – By the way
- Buck – Dollar
- Cab – Taxi
- CC – Carbon copy
- CTN – Can’t talk now
- cya – See ya
- CYE – Check your e-mail
- Dis – Disrespect
- DIY – Do it yourself
- dl – Download
- ETA – Estimated time of arrival
- f – Female
- FAQ – Frequently Asked Questions
- fb – Facebook
- FUBAR – Fouled up beyond all recognition
- fwd – Forward
- FWIW – For what it’s worth
- FYI – For your information
- Gamer – Video game player
- gf – Girlfriend
- GG – Good game
- GJ – Good job
- GL – Good luck
- GLHF – Good luck have fun
- GPS – Global positioning system
- gr8 – Great
- GTG – Got to go
- HOAS – Hold on a second
- HTH – Hope this helps
- hw – Homework
- IAC – In any case
- IC – I see
- IDK – I don’t know
- IIRC – If I remember correctly
- IKR – I know, right?
- IM – Instant Message
- IMO – In my opinion
- info – Information
- IRT – In regards to
- J/K – Just kidding
- K – OK
- L8 – Late
- l8r – Later
- LAN – Local Area Network
- LMAO – Laughing my a** off
- LMK – Let me know
- LOL – Laughing out loud
- m – Male
- MIRL – Meet in real life
- MMB – Message me back
- MMO – Massively multiplayer online
- Mooch – Freeload
- msg – Message
- MYOB – Mind your own business
- N/A – Not Available
- NC – No comment
- ne1 – Anyone
- NM – Not much
- noob – Newbie
- NP – No problem
- NTN – No thanks needed
- od – Overdose
- OMG – Oh my gosh
- OMW – On my way
- OT – Off topic
- PC – Personal computer
- PHAT – Pretty hot and tempting
- PK – Player Kill
- pls – Please
- PM – Postmeridian
- POS – Parent over shoulder
- ppl – People
- pwn – Own
- qt – Cutie
- re – Regarding
- ROFL – Rolling on floor laughing
- ROTFL – Rolling on the floor laughing
- RPG – Role playing game
- RSVP – Répondez s’il vous plaît
- RTFM – Read the flippin’ manual
- sec – Second
- SMH – Shaking my head
- SMS – Short Message Service
- SOS – Someone over shoulder
- Sry – Sorry
- sup – What’s up
- TBA – To be announced
- TBC – To be continued
- TBD – To be determined
- TC – Take care
- thx – Thanks
- TIA – Thanks in advance
- TLC – Tender love and care
- TMI – Too much information
- Troll – Offensive comments poster
- TTFN – Ta-ta for now
- TTYL – Talk to you later
- Tweet – Twitter post
- txt – Text
- TY – Thank you
- u – You
- U2 – You too
- ugh – Disgusted
- UR – Your
- VM – Voicemail
- vs – Versus
- w/ – With
- w/e – Whatever
- w/o – Without
- W8 – Wait
- WB – Write back
- Whoa – Expression of surprise
- WTF – What the f***
- XOXO – Hugs and kisses
- Y – Why
- YOLO – You only live once
- YW – You’re welcome
- ZZZ – Sleeping
Even when installing from the Google Play store, caution should be used when installing apps.
A good rule to follow is to ask yourself if the app being installed is asking for more permissions than what it needs to function. When it comes to a wallpaper app, the list of permissions should be rather short.
It was recently brought to our attention that there was a wallpaper app on the Google Play store that had an extra permission that didn’t fit. It was using the permission GET_ACCOUNTS which allows access to list accounts.
This wallpaper app was doing a bit more than just displaying pictures on the device’s background.
The app goes by the name of Sexy Girls Wallpaper Gallery with the package name com.sexywallpapers.wallpaper.sexy. With the permission GET_ACCOUNTS accepted, it then uses the getAccountsByType() function to gather account information from Google, Facebook, and Twitter.
The stolen account information is then sent to a remote server. This is all triggered when the app is opened.
It uses the value email for Google/email account info, emailf for Facebook account info, and emailt for Twitter account info when sending to the remote server.
Read the entire report at malwarebytes
It will also include a subscription to Google Play Music, with 30+ million songs, expert-curated playlists, and in the coming days, the ability to watch many YouTube official music videos right from the app.
This launches YouTube into direct competition with other streaming services like Spotify, Beats, and Amazon
Security researcher Axelle Apvrille recently published a paper about AdThief, a malware aimed at hijacking ad revenue from a reportedly 75,000 infected devices. First discovered in March 2014, and also known as “spat,” the malware, which comes disguised as a Cydia Substrate extension, was found to replace the publisher ID of publishers with the one of the malware creator, effectively attributing all ad revenue to him.
A publisher ID is used to identify a publisher’s account on an ad platform, which helps track revenue generated by said publisher. By being able to swap the publisher’s publisher ID with his own, the malware creator was able to hijack revenue from about 22 million ads. In effect, when clicking on an ad, an infected user would generate ad revenue for the attacker instead of the developer of the application or website.
- Infected devices: ~75k
- Total activate times: ~22m
- Daily activate times (around 3/20/2014): ~22k
The malware was designed to target ad kits from 15 ad networks, including Google-owned AdMob and Google Mobile Ads, both representing a large share of mobile advertising at least here in the US. Other American companies targeted by AdThief are AdWhirl, MdotM, and MobClick. The remaining targeted ad networks were all from China or India.
A list of mobile adkits targeted by the malware is provided in a report: YouMi, Vpon, MobClick, Umeng, AdSage/MobiSage, MdotM, InMobi, Domob, AdWhirl, AdsMogo, Google Mobile Ads SDK, AderMob, Weibo, MIX SDK and Poly SDK. The majority of these are Chinese, four are based in the US, and two in India.
In his report, Xiao remarks that Weibo is a popular social network in China, but is unable to attribute MIX SDK and Poly SDKmore precisely. In fact, Sina Weibo, introduced in 2013, is an advertisement SDK, so that solves one mystery.
MIX SDK can be attributed to GuoHeAD. It probably refers to the GuoHe MIX platform for cross-promotion of mobile games. This is also backed up by the name of a source file found in the malware: /Volumes/MacOsStore/Project/IOS/SpAd/SpAd/AD_GuoHe.xm.
Finally, Poly SDK is not a new adkit: it corresponds to AderMob. This is confirmed when downloading the AderMob iOS SDK.
Hijacked advertisements in iOS/AdThief
|AdMob and Google Mobile Ads||http://www.admob.com/||USA|
Implementation details of adkit hooks found in iOS/AdThief.A!tr
|Adkit source||Filename||Typical class names|
|AdMob and Google Mobile Ads SDK||AD AdMob.xm||GAD*|
|Komli Mobile||AD KomliMobile.xm||APIManager*|
|YouMi||AD Youmi.xm||YouMi* – delegated to Google Ads|
iOS/AdThief is a technical and malicious piece of code which hijacks revenue from 15 different adkits. It is built on top of the Cydia Substrate platform, available for jailbroken devices, which provides it with an easy way to modify advertisement SDKs. With Substrate, the malware needs only to focus on the call and implementation of each hook.
At first, the identification of every adkit the malware targets was difficult because the code mentions only class names used by each adkit SDK. However, the fact that the malware author did not strip out debugging information helped us to identify all 15 adkits. In particular, this is how support for Komli Mobile and GuoHeAD was detected.
This issue has been recorded as being a Windows issue but I have been seeing this on Mac as well. Will have to check on it and see how to test this on my machine.
There is a serious bug in Chrome that causes the browser to wake up the CPU as many as 1,000 times per second even when idle, thanks to the system clock tick rate being set to 1.00ms by Chrome. This is many times more than the 64 times per second usually observed with the Windows default clock tick rate of 15.625ms. Believe it or not, this bug has been known to Google for many years now and they have just recently decided to deal with it.
As noted on code.google.com:
What steps will reproduce the problem?
1. Just open Google Chrome and navigate to a website with any flash content.
2. System clock tick rate is increased to 1ms
3. Close the website or navigate to page without flash content
4. 1ms tick rate is left forever (until browser is closed)
Seems that Goole Chrome has no system clock tick interval management. Just increases it and keeps forever. Keeping tick rate at 1ms is not recommended. See document:
“If the system timer interval is decreased to less than the default, including when an application calls timeBeginPeriod with a resolution of 1 ms, the low-power idle states are ineffective at reducing system power consumption and system battery life suffers. System battery life can be reduced as much as 25 percent, depending on the hardware platform. This is because transitions to and from low-power states incur an energy cost. Therefore, entering and exiting low-power states without spending a minimum amount of time in the low-power states can be more costly than if the system simply remained in the high-power state.”
Catch the Google I/O 2014 – Keynote and find out about the latest product and platform innovations at Google.
Mozilla recently decided to add DRM in Firefox even if Mozilla hates it. Almost all video streaming websites use some kind of DRM and as Microsoft, Apple and Google has already implemented DRM in their browsers, Mozilla thinks not adding the DRM in Firefox would make it useless as a product as the user will have to switch to other browser everytime a user visits a website with DRM.
I am not going to either defend Mozilla on the decision of adding DRM in Firefox or write against it, they did what they had to do. In the end its all business, Firefox is of no use to me if I cannot watch Netflix on it. So I can understand the awkward position Mozilla would be in when deciding on the DRM in Firefox, what I don’t understand is How can Mozilla completely ignore the security complications associated with this decision.
In a single line, DRM in Firefox is going to end our digital security as we know it and I’ll explain it how. I don’t care about other browsers as they have already given up on user liberty long ago but Firefox has long stood for our freedom on the web and I respect that, well used to.
For a moment, let’s say we don’t have any problem with the DRM in Firefox and we are actually happy as now we’ll be able to enjoy services like Netflix and others. The problem is that DRM module implemented in Firefox is being developed by Adobe ( Yes, Adobe ), an HTML 5 based DRM implemented in Firefox is being developed by Adobe.
Mozilla openly admits that there is nothing they can do instead of accepting DRM. Mozilla was one the biggest advocate of Open Source and Free Software on the web. With Mozilla’s recent actions, freedom invading industry practices and continuous enforcements of privacy violating laws, I can image what the future looks like.