SALAMI THEFT

The salami theft is considered as a technique which is regarded as one of an automatic form of the crime.

This covers a part of a financial crime involving secret execution of an unauthorized program that causes the unnoticed debiting of a small amount of assets or money from a large number of sources or accounts .
It gained the Popularity from the fact that the small slices of profits are to be taken without noticeably reducing the whole amount.
The Person, who was really responsible for slicing, then sneaks away with all the stolen pieces. From another angle, the person deceptively acquires the whole slices, formed by aggregating those tiny slices of the source ; Of course, it is to be  considered the potential danger of the salami attacks, we must consider an example of salami slicing, well known as penny shaving or penny slicing that is as mentioned.

For example

If we consider a banking system, the DD (Demand Deposit)  system of programs for checking accounts could be changed or can be modified  (using the unauthorized  method or the illegal methods ) to randomly reduce each of a few  thousand  accounts by 1 rupee or 2 rupees by transferring the money to  the  persons favored account, where it can be withdrawn through authorized methods. i.e is to make the black money white.
 No controls and checking mechanism  are violated because the money is not removed from the system of accounts. Instead, very small amounts of funds are merely rearranged, which the affected persons rarely notice. Many such variations are possible.

Prevention Tips

• Contrast programs and files that may contain checksums with backup versions to determine the veracity loss.
• Write-protect the diskettes, more than ever when testing an untrusted computer program.
• Prevent booting a hard disk drive system from a diskette.
• While transferring files from one computer to the  another, use diskettes that does not have an executable files that strength  to be infected.

Detection of Salami Attacks

 There are several technical methods that are available:-
- A very specialized detection checksum can be built into the suspect program to determine the salami attacks
 -A snapshot storage space dump listing could be obtained at times in alleged program
-The identifiable amounts are being taken, which can be traced;
- Iterative binary search for matching halves of all accounts is another costly way to segregate an felonious account
However, a clever man can change the amounts debited and credited. So now comes a question can he be detected???????
Yes, Person performing this attack usually withdraws the money from the accounts in which it accumulates; so records will show an imbalance between the deposit and withdrawal transaction isn’t it. However, all accounts and transactions would have to be balanced over a significant period of time to detect these discrepancies.

Read More

Juice Jacking

You’re at Airport, Shopping mall or restaurant, your smartphone needs charging and yet again you’re promising–just plug your phone in and get the sweet, sweet, energy you crave. What could possible go wrong, right? Well you might become victim of Juice Jacking. Read further to understand more about Juice Jacking.
miles away from home and suddenly you find a public charging kiosk is looking pretty
Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The Concept behind Juice Jacking

The concept is simple, leading smart phones on the market have been designed to utilize the same

port for charging the phone as data transfer. This opens the opportunity to trick a user in need of a charge to expose their phone's data port. The attack encompasses many facets of information security, including security design, user awareness, and attacks against system design/code, as well a bit of social engineering. With juice jacking, the vulnerability or attack vector is the phone's USB port; the exposure factor is dependent on the user's awareness of this possible attack method and their phone's battery life. When these two factors come together, the unsuspecting user plugs their phone into a malicious system; the attack is able to take place. In the age where business executives travel regularly, and depend on access to their phones to respond to emails, check their schedule, etc... (Basic work functionality) this vector may come up more often than people presume. Luckily, this attack is entirely theoretical. There is no reason to presume the kiosks filling airports are inherently malicious. The proof of concept exists though, which is why it's a concern and a defense should be put in place.

More about Juice Jacking

The attack could be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information like private photos and contact information are transferred to the malicious device. The attack could also be as invasive as an injection of malicious code directly into your device. This sort of exploit is hardly a new blip on the security radar, however. Two years ago at the 2011 DEF CON security conference, researchers from Aires Security, Brian Markus, Joseph Mlodzianowski, and Robert Rowley, built a charging kiosk to specifically demonstrate the dangers of juice jacking and alert the public to just how vulnerable their phones were when connected to a kiosk–the image above was displayed to users after they jacked into the malicious kiosk. Even devices that had been instructed not to pair or share data were still frequently compromised via the Aires Security kiosk.

Currently juice jacking is a largely theoretical threat, and the chances that the USB charging ports in the kiosk at your local airport are actually a secret front for a data siphoning and malware-injecting computer are very low. This doesn’t mean, however, that you should just shrug your shoulders and promptly forget about the very real security risk that plugging your smartphone or tablet into an unknown device poses.

Protecting yourself against Juice Jacking

1.    Keep your devices topped off when using a public kiosk point.
2.    Carry a personal wireless charger.
3.    Carry a backup phone charger which is fully charged.
4.    Lock your phone
5.    Power down the phone when using Public charging points
6.    Use hardware protection like using USB Condoms (Get One from SyncStop).

References

http://www.wallofsheep.com/pages/juice
http://krebsonsecurity.com/2011/08/beware-of-juice-jacking/
http://www.howtogeek.com/166497/htg-explains-what-is-juice-jacking-and-how-worried-should-you-be/
http://www.techadvisory.org/2014/09/whats-juice-jacking/

Read More

TOR BROWSER

Tor Browser has been designed to help

you preserve your privacy online. Tor Browser is a tool set that can help you anonymizing web browsing and publishing, instant messaging, and other applications that use the TCP protocol. This can be helpful for private use and business use. It means that confidential information can be kept from prying eyes. ISPs, key loggers and other types of malware are not able to track your activities easily.

The interface allows you to toggle it on and off based upon when you need anonymity online. Tor Browser also lets you choose from various proxy tunnels based on a world map that displays exactly where each one is located. 

Overall, Tor Browser is a simple, well organized and effective tool for users who are concerned about security or invasions of privacy whilst they are online. The browser interface is a standard, user friendly affair and the application is relatively lightweight.

TOR Browser can be downloaded from the link given below:

https://www.torproject.org/download/download-easy.html.en

Steps to download TOR Browser

A pop up will appear after it got downloaded (Internet Connection Is Mandatory).

Configure Tor Browser according to your needs.

Configure the Tor with your Browser if it does not get configured automatically(if it is configured it will show you a screen as shown below).

SOME INSTRUCTION FOR USING TOR SUCCESSFULLY

Use the Tor Browser

Tor does not provide safety to all of the Internet traffic when you run it. Tor only protects your applications that are properly configured to send their Internet traffic through Tor. It is configured to protect your privacy and anonymity on the web as long as you are browsing with the Tor Browser.

Don't torrent over Tor

Torrent file-sharing applications ignore proxy settings and make direct connections even when they are told to use Tor. Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that's how torrents work. 

Don't enable or install browser plugins(Can harm your anonymity)

The Tor Browser will block browser plugins such as Flash, RealPlayer, QuickTime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional add-ons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy.

Use HTTPS versions of websites

Tor will encrypt your traffic encryption, the Tor Browser include Https to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue and green button

Don't open documents downloaded through Tor while online

The Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files) as these documents can contain Internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with DOC and/or PDF files, we strongly recommend using a disconnected computer

Use bridges 

Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you're using Tor. If this matters to you, you can reduce this risk by configuring Tor to use Tor Bridge. Ultimately the best protection is a social approach

Read More

Secure Data Wiping

Introduction

Data erasure (also called data clearing or data wiping) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media. Unlike other file deletion commands in different Operating Systems like rm in Linux or del in case of windows, which only remove direct pointers to the data disk sectors; Secure Data Wiping means the data in the memory should be unrecoverable by any software, it completely erases all traces of information from the memory disk while it continues to be operable. However, new flash memory–based media implementations, such as solid-state drives or USB flash drives can cause data erasure techniques to fail allowing remnant data to be recoverable.

Why Secure Data Wiping is important?

Secure data wiping is very important in this digital world which now dominates almost all the fields in some way or the other. This has also put pressure on securing confidential data from hackers or people who can use them in an unethical way. The rises of e-waste and C2C e-commerce sites like eBay have increased the need to protect private and confidential data. Information technology (IT) assets commonly hold large volumes of confidential data. Social security numbers, credit card numbers, bank details, medical history and classified information are often stored on computer hard drives or servers. Therefore using secure wiping we can ensure that our data becomes unrecoverable.

Sample Case Study: Suppose someone sells his/her external 500 GB HDD on eBay to another person. Before selling he made sure that he deleted all his data from the disk. The buyer gets the hard disk and uses data recovery tool like Recuva to recover the deleted files, and now he has hold to the seller’s confidential data. The buyer may harass the original sellers or blackmail him/her, or worse post their private photos or data to online communities leading to Privacy hacking. To get rid of this scenario we could use a disk wiping tool to erase all our data and then sell it or give it to someone for use.

Why deleted files can be recovered?

When you a delete a file, it isn’t really erased – it continues existing on your hard drive, even after you empty it from the Recycle Bin. This allows you (and other people) to recover files you’ve deleted. If you’re not careful, this will also allow other people to recover your confidential files, even if you think you’ve deleted them. This is a particularly important concern when you’re disposing of a computer or hard drive. So what happens when you delete a file?

Windows (and other operating systems) keep track of where files are on a hard drive through “pointers.” Each file and folder on your hard disk has a pointer that tells Windows where the file’s data begins and ends.

When you delete a file, Windows removes the pointer and marks the sectors containing the file’s data as available. From the file system’s point of view, the file is no longer present on your hard drive and the sectors containing its data are considered free space. However, until Windows actually writes new data over the sectors containing the contents of the file, the file is still recoverable. A file recovery program can scan a hard drive for these deleted files and restore them. If the file has been partially overwritten, the file recovery program can only recover part of the data. But these don’t work on SSD drives, because they work differently.

Why Operating System doesn’t erase deleted files immediately?

If you’re wondering why your computer doesn’t just erase files when you delete them, it’s actually pretty simple. Deleting a file’s pointer and marking its space as available is an extremely fast operation. In contrast, actually erasing a file by overwriting its data takes significantly longer. For example, if you’re deleting a 10 GB file, that would be near-instantaneous. To actually erase the file’s contents, it may take several minutes – just as long as if you were writing 10 GB of data to your hard drive.

To increase performance and save time, Windows and other operating systems don’t erase a file’s contents when it’s deleted. If you want to erase a file’s contents when it’s deleted, you can use a “file-shredding” tool.

How to securely erase data from disks?

Several tools and disk wiping utilities can be used to securely remove the data from hard disks. Secure file deletion tools do what operating systems don’t normally do. When you “securely delete” a file, the tool will delete the file normally and take note of where its data is stored, overwriting those sectors with junk data. This should prevent the data from being recoverable. Some well-known tools are:-

1. Eraser
2. Derek’s Boot and Nuke (DBAN)
3. CCleaner
4. Recuva

Eraser

Using Eraser we can erase disks, files and other data that may reside in memory. Download and Install Eraser from here. Create a new Task and select the type of wiping to wish to perform like file, Recycle Bin or folder etc. and then Choose the secure standard like Gutmann (35 passes) and click OK.

You can start the wiping queue automatically or manually.

Conclusion

Secure Wiping tools do work on magnetic hard drives, erasing the current file’s data from the disk completely so it can’t be recovered from that place. However, there are other places that bits of the file may be lurking like Other Copies of file, Temporary Files, Search Indexes, Shadow Copies, Prefetch, Image Thumbnails etc. Therefore a user must be aware of all the places to look for their before wiping.

References

https://en.wikipedia.org/wiki/Data_erasure
http://www.howtogeek.com/72130/learn-how-to-securely-delete-files-in-windows/
http://www.howtogeek.com/125521/htg-explains-why-deleted-files-can-be-recovered-and-how-you-can-prevent-it/

Read More