Samsung Galaxy S 6 and S 6 Edge: Preview – AnandTech

Yesterday we received our Galaxy S6 and S6 edge review units. We’re still working on the final review but I wanted to share some early results from both devices. For those that are unfamiliar with these two phones, the Galaxy S6 range represents the result of Samsung’s “Project Zero”. In fact, the phones seem to have the internal name of Zero, which can be seen in terminal, and the build properties of both devices. For Samsung, these phones represent their attempt at completely rethinking how Samsung makes phones. There is a strong emphasis on a new unibody design, which has no visible gaps or screws. Rather than the plastic that previous Samsung phones have been known for, the new design is composed of metal and glass. Samsung’s design team has been given unprecedented control throughout the process of making this phone and the result of this is a Galaxy phone that looks unlike anything else they’ve ever released.

Even if design is important, it isn’t enough to make the phone. Samsung has also outfitted the Galaxy S6 and S6 edge with their latest technologies, from a new AMOLED display to a new camera module. The specs for both phones can be seen below.

  Samsung Galaxy S5 Samsung Galaxy S6 Samsung Galaxy S6 Edge SoC MSM8974ACv3 2.45 GHz Snapdragon 801 Exynos 7420 2.1/1.5GHz A57/A53 Exynos 7420 2.1/1.5GHz A57/A53 RAM/NAND 2GB LPDDR3
16/32GB NAND + microSD 3GB LPDDR4-1552
32/64/128GB NAND 3GB LPDDR4-1552
32/64/128GB NAND Display 5.1” 1080p
SAMOLED HD 5.1” 1440p
SAMOLED 5.1” 1440p
SAMOLED, Dual Edge Network 2G / 3G / 4G LTE (Qualcomm MDM9x25 UE Category 4 LTE) 2G / 3G / 4G LTE (Category 6 LTE) 2G / 3G / 4G LTE (Category 6 LTE) Dimensions 142 x 72.5 x 8.1 mm, 145 grams 143.4 x 70.5 x 6.8mm max, 138 grams 142.1 x 70.1 x 7.0mm max, 132 grams Camera 16MP (5132 x 2988) Rear Facing with 1.12 µm pixels, 1/2.6" CMOS size, 31 mm (35mm effective), f/2.2 16MP (5132 x 2988) Rear Facing w/ OIS, f/1.9, object tracking AF 16MP (5132 x 2988) Rear Facing w/ OIS, f/1.9, object tracking AF 2MP Front Facing 5MP Front Facing, f/1.9 5MP Front Facing, f/1.9 Battery 2800 mAh (10.78 Whr) 2550 mAh (9.81 Whr) 2600 mAh (10.01 Whr) OS Android 4.4
w/TouchWiz Android 5 (64-bit) w/TouchWiz Android 5 (64-bit) w/TouchWiz Connectivity 802.11a/b/g/n/ac 2x2 +
BT 4.0 (BCM4354),
USB3.0, GPS/GNSS, MHL, DLNA, NFC 2x2 802.11a/b/g/n/ac +
BT 4.1 (BCM4358),
USB2.0, GPS/GNSS, NFC 2x2 802.11a/b/g/n/ac +
BT 4.1 (BCM4358),
USB2.0, GPS/GNSS, NFC Wireless Charging N/A WPC 1.1 (4.6W) &
PMA 1.0 (4.2W) WPC 1.1 (4.6W) &
PMA 1.0 (4.2W) Fingerprint Sensor Swipe Touch Touch SIM Size MicroSIM NanoSIM NanoSIM

Both the Galaxy S6 and S6 edge have Samsung System LSI’s newest SoC, the Exynos 7420, which has a cluster of four Cortex A57s clocked at 2.1 GHz, and four Cortex A53s clocked at 1.5 GHz. Compared to the Exynos 5433 of the Galaxy Note 4, this brings a new 14nm LPE (low power early) process, an upgrade to LPDDR4 memory, and a Mali T760 GPU with two additional shader cores. Outside of the SoC, the new display is advertised to bring a higher 600-nit brightness and a higher 1440p resolution. The front and rear cameras are both different from the Galaxy S5 as well, although the rear camera sensor may be shared between the two as the camera sensors are of similar spec. For this preview, we’ll focus on the system performance and display of these new devices, but as one can see from the specification table there is far more to look at for the full review.

For our system performance benchmarks we’ll start with our browser tests which can give a rough proxy for overall CPU performance.

Kraken 1.1 (Chrome/Safari/IE)

Google Octane v2  (Chrome/Safari/IE)

WebXPRT (Chrome/Safari/IE)

The Exynos 7420 is about on par with the Snapdragon 810 in these benchmarks. Strangely enough both tend to do worse than the Huawei Honor 6 in these tests, which clearly can't be correct. As we've previously discussed, the stock browser will often give far better results due to OEM and SoC vendor optimizations. As a part of our updates to the benchmark suite for 2015, we'll take a look at Basemark OS II 2.0, which should give a better picture of CPU performance in addition to overall device performance.

Basemark OS II 2.0 - Overall

The browser benchmarks seem to hide some pretty enormous variability as the Galaxy S 6 edge (which is comparable to the Galaxy S 6) sets a new record among Android devices. The only challenger is the iPad Air 2, which uses the A8X SoC with three Enhanced Cyclone cores and the semi-custom GXA6850 GPU.

Basemark OS II 2.0 - System

This system test contains a floating point and integer test, in addition XML parsing, which means that this test mostly stresses CPU and RAM. Interestingly enough, the Exynos 7420 pulls far ahead of both the Exynos 5433 and Snapdragon 810 in this test, and approaches the A8X. The difference between the 5433 and 7420 is likely a combination of the higher clocks on both the A57 and A53 clusters for the 7420 (1.9/1.3 on the 5433, 2.1/1.5 on the 7420), in addition to the ability to stay at a high 'overdrive' clock due to reduced leakage from the 14LPE process. The One M9 likely falls a bit short here due to HTC's governor settings restricting the use of all 8 cores simultaneously.

Basemark OS II 2.0 - Memory

While one might guess that the memory test of 'Basemark OS II 2.0 - Memory' is of RAM, this is actually a test of the internal storage. Once again we see the S6 edge come close to leading the pack due to the use of the new UFS (Universal Flash Storage) standard. Casual examination reveals that the S6 edge has a queue depth of 16, and that it identifies itself with the rather cryptic model name of KLUBG4G1BD-E0B1.

Basemark OS II 2.0 - Graphics

Basemark OS II 2.0 - Web

For the web test, it uses the built-in WebView rendering engine rather than Chrome and paints a distinctly different picture, especially because these tests are focused on HTML5 and CSS rather than JavaScript. Here we can see that the iPhone 6 and iPad Air 2 continue to hold their lead, but the Galaxy S6 is pretty much the king of the hill when it comes to Android devices.

WebTitan 5.00 conquering online risks – Robinson Distribution Press Office – ITWeb

WebTitan 5.00 has been re-engineered to provide improved functionality, speed, and scalability. It also now includes advanced HTTPS filtering for sites using SSL inspection. It solves a key issue for the education sector: it supports  "YouTube for Schools" and "Safe Search" options, which remove inappropriate search results when offering Internet access to minors and children. The Safe Search functionality within WebTitan supports all leading search engines, including Google, Bing and Yahoo. 

WebTitan 5.00 allows IT administrators to easily monitor, control, and protect online users and permits the creation of browsing policies that further safeguard your organisation.

As more and more Web sites become SSL-enabled, with major providers such as Facebook, Flickr and Google now defaulting to HTTPS, the need to be able to analyse SSL traffic has become critical.  SSL inspection is now part of the core WebTitan proxy. If you enable the SSL inspection feature, in addition to filtering HTTPS URLs, the relevant content is decrypted, examined, and if appropriate, re-encrypted and forwarded to the client. With SSL inspection, WebTitan can provide administrators with the ability to decrypt SSL encrypted traffic for specific domains and scan it for malware and policy compliance. 

The new WebTitan 5.00 reporting module offers a redesigned reporting database and a new policy engine. It provides improved performance, making it easier and faster to schedule and access very large reports. Comprehensive reporting provides a 360-degree view of browsing activity throughout your organisation. The WebTitan Web filter supplies you with advanced protection from malware, phishing, and viruses. It allows your IT professionals to block access to unsuitable material such as pornography, hate speech, or mature sites, and control access to non-work-related material in accordance with your company's Internet usage policy.

WebTitan key features:
* Simple and quick set-up, either as an appliance on in-house hardware or using virtualisation software.
* Fifty-three Web site categories to choose from.
* Spyware and malware detection.
* Advanced, flexible policy engine.
* Ability to block individual pages on HTTPS Web sites (sites using SSL inspection) that breach predefined policies.
* Support for "Safe Search" and "YouTube for Schools" removes inappropriate results from search engine results.
* Time-based browsing access rules.
* White and blacklists.
* Real-time organisational browsing view.
* Comprehensive on-demand and scheduled reporting options.
* Accurate per-user reporting.
* Very cost-effective, providing excellent value.

This latest WebTitan release incorporates new and improved features and tools, allowing organisations to meet the increased challenge of Web threats. If your business is unprotected, a single inadvertent click can be a disaster, enabling a Web threat to infiltrate your organisation via fast-growing malicious Web sites, hacked legitimate Web sites, and malicious links. Without the proper protection, your business could become the next news story.

Gartner estimates that by 2015, 50% of small and midsize enterprises (SMEs) will have been successfully attacked through the Internet. Other research shows that over 80% of network infections and cyber thefts are a result of an employee unknowingly or intentionally visiting malicious Web sites.  WebTitan allows you to monitor, control and manage browsing so you can protect your organisation and users.

Our comments policy does not allow anonymous postings. Read the policy here


Forter Aims to Protect Against Phone Order Fraud – Payment Week

In a bid to better secure omni-channel commerce, Israel-based Forter has expanded its fraud prevention platform to enable the protection of phone orders.

Phone orders are arguably more complicated than CNP transactions. Verifying customers using online and mobile platforms are generally frictionless thanks to a wealth of data, such as geolocation and purchasing history.

For example, online merchants can detect the usage of proxy servers, which can be used to mask the location of a purchaser using a fraudulent credit card.

Phone orders on the other hand, require sellers and service providers to become much more customer-facing by way of call centers and representatives.

It’s this inherent need of interaction that would make customer verification, such as authenticating through text messaging or email while concurrently on a conversation, a broken experience for the consumer.

Instead, Forter touts its phone order solution as similar to its online and mobile focused services. It’s real-time authentication, with a focus on creating a frictionless experience for consumers without sacrificing speed or accuracy.

Liron Damri, Forter COO and co-founder said about merchants, “It’s much harder for them to feel protected these days and this is what we’re trying to achieve.”

This works by tracking “…real time behavior on the site, we track every mouse movement and click. We are able to connect and match the phone call with a unique web browsing session with the customer support engine. We’re able to detect and match fraudulent behaviors on the website and the phone call.“

There’s an expectation that the EMV migration in October of this year will put greater pressure on online merchants and e-tailers, who are set to face greater pressure from criminals moving from offline fraud to online.

Forter’s goal in the end, is “reducing the amount of declines and approving much more business through all channels” says Damri.

Google quietly launches Data Saver extension for Chrome – VentureBeat

Gaming execs: Join 180 select leaders from King, Glu, Rovio, Unity, Facebook, and more to plan your path to global domination in 2015. GamesBeat Summit is invite-only -- apply here. Ticket prices increase on April 3rd!

Google has quietly released a Data Saver extension for Chrome, bringing the company’s data compression feature to the desktop for the first time. You can download the extension, currently in beta, from the Chrome Web Store.

We say “quietly” because there doesn’t seem to be an announcement from Google. The extension was published on March 23 and appears to work exactly as advertised on the tin, based on what we’ve seen in our early tests.

chrome_data_saver_1chrome_data_saver_1

In case you’ve never heard of it, Google’s data compression proxy service is meant to save the user bandwidth, load pages faster, and increase security (since sites go through Google’s servers, the company checks for malicious webpages) on your phone and tablet. It has been entirely aimed at mobile (until now), though there have been whispers of a desktop version for some time.

Now those whispers have been realized. Here’s the extension’s official description:

Reduces data usage by using Google servers to optimize pages you visit. Browse more for less!

When this extension is enabled, Chrome will use Google servers to compress pages you visit before downloading them. SSL and incognito pages will not be included.

The extension’s details also point to an updated Data Saver support page, which warns you’ll need Chrome 41 or higher to use the extension. The extension should turn on by default right after you install it. To disable it, click the Data Saver icon in the menu bar and choose Turn Off Data Saver. Enable it again by clicking “Turn On Data Saver.”

chrome_data_saver_2chrome_data_saver_2

Google’s data compression feature first showed up in March 2013 as part of the Chrome 26 beta release for Android. It was labeled “experimental” for many months, and only officially arrived for mobile users in January 2014 with the launch of Chrome 32 for Android and iOS. At the time, Google promised the service could reduce data usage by up to 50 percent while browsing the web on a mobile device.

Yet the feature still isn’t widely used because it is turned off by default (to turn it on, fire up Chrome for Android or iOS, go to Settings, Bandwidth management, choose “Reduce data usage,” and then turn the toggle to “On”). Google could one day choose to flip this switch for all users, though because it routes all your traffic through the company’s servers, doing so would likely result in a backlash from security and privacy advocates. Instead, Google may consider prompting users to turn it on themselves, especially if it detects they are on a slow mobile connection.

The feature is certainly much more useful on mobile: It can save you money if you’re on a tight data plan, in addition to speeding up page loads and beefing up security. Chances are that browsing on the desktop is already quite speedy for most people, and Google’s Safe Browsing feature is already built into Chrome for Windows, Mac, and Linux.

That said, if you’re on a poor Internet connection or just want to avoid an annoying data cap (tethering from your mobile phone, for example, would satisfy both conditions), you could give this extension a shot. We’re not sure if the “up to 50 percent” figure will hold up for the desktop, and so we’ve reached out to Google for more information. Based on what we’ve seen so far, however, the savings are quite significant, though it’s hard to say if they scale as you browse for longer periods of time.

The fact that a desktop version has shown up could suggest Google is getting more comfortable with the idea of pushing its service more broadly. Given how long it took for the mobile version to roll out, however, and the fact that this extension is clearly labeled “beta” (a term the company loves to overuse whenever possible), we’re not holding our breath. One day though, the feature will probably be baked right into Chrome on the desktop.

More information:

Google's innovative search technologies connect millions of people around the world with information every day. Founded in 1998 by Stanford Ph.D. students Larry Page and Sergey Brin, Google today is a top web property in all major glob... read more »

Powered by VBProfiles

VentureBeat’s VB Insight team is studying email marketing tools. Chime in here, and we’ll share the results.

Secure your work PC internet traffic using SSH Dynamic Tunnel as <b>…</b>

use-ssh-dynamic-tunnel-as-socks5-proxy-to-get-around-corporate-website-filtering-restrictions

If you work for some huge corporations such as IBM / Sony / Toshiba / Concentrix / HP etc. and you're using a Windows Work Computer (notebook), pre-installed with a custom Company software which is by default configured to use a Proxy Server for all your Browsing activities and at a certain point you start being filtered some of the websites you love to visit so much because of some Corporate policies (limitations) at some filtered sites you will start getting empty pages or some   nasty filtering messages.

Even if you don't get a filtering message but you know all your Company Internal Network traffic is proxified for the sake of keeping your personal (privacy) high stop browsing using company's default proxy, because all your access requests (passwords) and queries to the internet are probably logged for later (review) in case if you enter the company's paragraph of "non-compliant employee".
If you fail on time to get around the default set "Corporate Proxy", sooner or later you will start getting filtering messages to some of the regular websites you use daily, as I did today while trying to open my personal blog (to check if there are new user comments):

Your request was denied because of its content categorization: "Hacking;Malicious Sources/Malnets;Religion"
For assistance, contact your network support team.

Screenshot of above message from today here

You see this guys or automated Proxy filter became so prudent that my site was filtered because it contains some Proof of Concept (PoC) security tools and content related to Christian (Faith) Religion. I guess its the time to think seriously is there a censorship in large corporations and how far could censorship go and if such censorship so easily adopted in large companies wouldn't same happen also on a backbone ISP level in short future??
If today my site is being filtered out to be unable to open from a corporation network because it contains "Religious" contain I would not be surprised if tomorrow, I've been prohibited to confess publicly my faith in salvation power of the Cross of our Lord Jesus Christ or even already in a blacklist because I'm trying to be a dedicated Orthodox Christian …
The fact that Religion is already perceived in same light as Hacking and Malicious Source or Malnet bots is also very eloquent and shows how very big part of people nowdays (including the person that added my site to this proxy filtering rules) think of religion and in what bad state our society and understanding of freedom and respect for others went.

Obviously it is time to react to this censorship and stop the evil corporation from spying on your traffic and logging all that matches there "kilometer long" prohibited sites filter lists. There are few ways to do that and the most straight forward is to set-up and use a Own Proxy server such as Privoxy / Polipo or Squid Proxy, however the proxy method requires that your company local network doesn't have too strick (restrictive) firewall rules (e.g. you need some port opened to the Internet such as 8080, 3128, 8118, 1080 standard port for (socks) etc.

As many companies are too restrictive in their outbound firewall rules and you might be in situation like with me where Browsers such as Internet Explorer / Opera / Firefox and Chrome are configured to use by default company proxy host (autocache.proxy-ur-company.hp.com:80) (with a custom Proxy PAC file filtering out a whole ranges of useful domains and IPs) and only allowed firewall access outside of local corporate network in on port 22 (for outside ssh session purposes) only.

Then your best way to get across such restrictive network configuration is to run your own home Linux / BSD / Windows server with opensshd installed and use OpenSSH protocol Dynamic Tunneling (Proxy socks5 like) capabilities to tunnel all your favourite Web Browser Traffic (lets say Firefox's) through your remote-home-host.com:22.


In short once you have installed plink.exe on your PC run manually from command line (cmd.exe)

plink.exe -ssh UserName@remote-home-host.com -P 22 -pw Secret_Password -D 127.0.0.1:8080 -N


For people who use MobaXTerm it is even easier as there is an integrated SSH tunneling input interface which can be used to create the SSH tunnel.

To have a quick way to Enable SSH Dynamic Tunnel button on your Desktop make a SymLink to Plink with Target below command line:

web-tunnel-maker-with-plink-win-ssh-connection-tool-screenshot-on-ms-windows-7

If from Linux / *BSD / Mac OS host to create Dynamic SSH Tunnel to your remote home SSH server host run in a Terminal
 

ssh -D 8080 Username@remote-home-host.com


To start tunneling all your Web traffic via just created Dynamic SSH Tunnel to host remote-home-host.com, just set in browser's proxy options to use as proxy socks5 - localhost:8080

Secure-your-work-PC-notebook-internet-traffic-using-SSH-Dynamic-Tunnel-as-Proxy

To test whether your traffic is going to the Internet from remote-home-host.com open in just set proxy browser www.myip.ru .
You should see your home SSH server IP as IP which made the request to www.myip.ru.

Download PDFDownload PDF

Tags: Browsers, censorship, Christian Faith Religion, Company Internal Network, Corporate Proxy, default, firewall rules, localhost, Secure, site, ssh session, use, Web Browser Traffic

Barracuda Updates MDM Platform to Support Android Devices – eWeek

The platform is part of the Total Threat Protection initiative, aimed at providing integrated security protection across multiple threat vectors.

Security and storage solutions specialist Barracuda Networks has updated its mobile-device management (MDM) solution, a free cloud-based mobile device and application management service, that is now available for Android devices. Designed to simplify the management of Android and iOS devices, the platform was initially launched with support targeting the company's K-12 education customers rolling out iPad initiatives. Mobile Device Manager allows IT administrators to configure mobile devices to include passcode policies, functionality restrictions, email or Exchange Active Sync, authentication credentials, as well as WiFi, virtual private network (VPN) and proxy access. The platform is part of Barracuda's Total Threat Protection initiative, which is aimed at providing integrated security protection across multiple threat vectors. Total Threat Protection is designed to protect multiple threat vectors, including email, Web applications, remote access, Web browsing by network users, mobile Internet access and the network perimeter. "One of the biggest stumbling blocks in implementing an MDM strategy is how it integrates with the overall network security infrastructure, especially one that involves products from multiple vendors," Stephen Pao, general manager of security at Barracuda, told eWEEK. "It can be a challenge to manage MDM policies when it is treated separately from the other security components like Web usage policies and VPN settings. Mobile devices should be a natural extension of a comprehensive, integrated security solution that secures all network threat vectors, and MDM should facilitate this." Mobile Device Manager is provided at no cost for existing Barracuda customers and can be accessed through the company's Cloud Control portal. The platform integrates with a number of Barracuda solutions and is accessed in Cloud Control, which provides a "single pane of glass" for customers to manage their security infrastructure. "Given the variety of devices that BYOD [bring-your-own-device] policies can allow, user-friendliness is definitely important when it comes to MDM," Pao said. "It should be easy for IT administrators to manage mobile device policies consistent with their overall security policies." Barracuda mobile applications, such as Safe Browser, Copy and CudaSign, can be pushed down to mobile devices, which lets IT administrators enforce browsing policies, improve workflow and manage the document-signing process. Once a service account is provisioned, mobile devices can be enrolled with the service from any location. Administrators can send users an email invitation with enrollment information through the service, and users can download the Barracuda Mobile Device Companion app from the iTunes App Store. The service also supports zero-touch enrollment and inventory management through the Apple DEP program. "MDM platforms will evolve to support multiple device types and operating systems as an integral part of an organization's security strategy," Pao said. "The Barracuda MDM service will continue to be deeply integrated with our overall portfolio of network security products to seamlessly extend all aspects of network security to a variety of mobile devices."

How to avoid malicious software on your computer – Independent Collegian

How to avoid malicious software on your computer

Jared Hightower, Copy Editor
March 17, 2015
Filed under Community

If you don’t know what it is, don’t click it.

That statement has gotten me through years of browsing without anything more than Microsoft Security Essentials. I’ve had exactly two pieces of malware hitch a ride on my computer in the 8 years I’ve owned one. Both of them I manually hunted down and destroyed without any other software. But even though I’ve had my experience with malware, I’ve never had a virus.

What people usually call “viruses,” usually aren’t viruses at all. Everyone talks about how we should all have “anti-virus,” but I don’t want to pay a bunch of money for a program that only protects against one kind of malicious software!

Commonly called “malware,” this software attempts to compromise your computer in some way, from harmless-but-annoying adware that pops ads onto your screen to awful rootkits that you don’t even know are there. I’ve compiled a list of the most common malware from least to most harmful, each with a description of what it is and how to avoid it.

Adware: This is simple stuff. Random green underlines on webpages, ads that cover the entire page you’re viewing and slow your computer down that you can’t get rid of; you’ve probably seen them before. There’s actually a really sick business in adware; there are real adware companies that advertise they’ll infect as many computers as they can with your company’s content. It’s a dirty, disgusting and questionably-lawful business. Any company that needs to infect your computer just so you see their ads isn’t worth doing business with.

Spyware: This is a close relative to adware. This is the medium to the content of the adware. Sham websites and malicious downloaded files (especially “free” music downloads) will stick one of these in your browser. There it waits silently, patiently for you to do something on the Internet. Then it invisibly reports your every move from “You’ve Got Mail” to hitting the red X in the corner. Whom does it report to? Typically, adware companies.

Browser hijackers: These ones are a little more noticeable, but they get closer to your sensitive information. A browser hijacker quietly changes the settings in your browser so you’re getting the content they want you to see. Ever notice that your homepage changed from Google to something else? You’ve been hijacked. Worse, they might be sending your data through a proxy server, which is a fancy way of saying there’s someone in the middle watching all your communications between your computer and other servers. That includes shopping preferences, banking information, even government business.

Keyloggers: Now we’re getting nasty. These little buggers are the super-secret agents to the spyware. Just as the name implies, keyloggers make a note of every keystroke you make and send all that data to someone somewhere. Who knows what they’re going to do with it. Usernames, passwords, email addresses, social security numbers — everything you type will be recorded and could be used against you.

While all of the malware I’ve discussed so far are awful, they’re nothing compared to the ones that don’t run in your browser. Real programs coded in languages much closer to the ones operating systems are coded in can do some real damage, and Hollywood of course jumped in and made them famous.

Viruses: Consider how a biological virus works. It has some genetic information, and it attaches to your cells and injects all that information into the cell. That cell then is reprogrammed to duplicate the virus over and over until it gets full and bursts, releasing even more fresh viruses into your body just to do the same thing. That’s how a computer virus works. They’re usually small little programs designed to read things like credit card numbers, or just to be a nuisance and fill up your hard drive space, or even worse (and yes, this is real), wait for a really long time until some arbitrary moment, and then use your Internet connection to send requests to the same website at the same time.

Then, every computer in the entire world does just the same thing at the same time, and suddenly that target’s website is totally overloaded until it goes down. Who would be such a virus target? Usually it’s big corporations and the government.

Worms: These little monsters get into infected systems and make countless copies of themselves automatically, and then they proceed to destroy every system file and every data file until your drive falls apart. In the old days they were limited by the tiny capacity of the hard disks and usually just filled up all of the available space, making the drives useless. Turns out having thousands of the same little file all over your system really adds up.

Trojans: These are the closest to what the computing world has to abominations. Trojans are the electronic embodiment of sin. Named after the fabled Trojan horse, these programs look like legitimate software on the cover, but once they run, you quickly find out it was something terribly different. (Or worse, you don’t.) These exist to get your financial information, use up your system resources, save contraband files to your computer (like child pornography) and generally make your life miserable. They’re deception written in code.

Fortunately, even with all these malicious programs, there are steps you can take to prevent getting them, or if you’ve already got one, to get rid of it.

I don’t like clunky anti-malware programs like Norton, and anything that dares make loud noises to let me know my computer doesn’t have any viruses is not welcome on my machine. A dash of common sense and a light scanner–cleaner combo like Microsoft Security Essentials (obviously for Windows), that only runs when you tell it to, is the best line of defense, in my opinion.

Remember, if something doesn’t look right, it probably isn’t. Staying alert and noticing those subtle symptoms when they occur is the best way to keep your computer clean.

Jared Hightower is a fourth-year majoring in communication and is a copy editor for The Independent Collegian.

Print Friendly

Tags: computer, malicious, software, virus

Comments Classified ads Loading Recent Classifieds... Like us on Facebook Latest issue

Pew Finds One-Third Of Americans Have Made Privacy Changes, Post-Snowden – TechCrunch

File it under ‘chilling effects': A new report by the Pew research centre suggests a sizable minority of people in the U.S. have changed their behavior and use of technology to try to avoid online government surveillance programs in the wake of disclosures triggered by NSA whistleblower Edward Snowden.

The report found that almost a third (30%) of Americans have taken steps to shield or hide their information from government digital dragnets — such as changing privacy settings or being more discreet in the things they say and search for. The poll is based on an online survey of 475 adults, of 18 years of age or older, conducted between November 26, 2014, and January 3, 2015.

As a whole, the poll shows the American public is largely split down the middle between concern and disinterest on the issue. A small majority (52%) said they were “very concerned” or “somewhat concerned” by government surveillance programs, but a sizable minority (46%) said they were “not very concerned” or “not at all concerned”.

Of those U.S. adults who have made technology changes in an attempt to be less visible to government snooping, the most common behavioral tweak has been to privacy settings on social media; closely followed by people avoiding certain apps entirely and using social media less often. Changing how they use email accounts was also an identified shift in the report.

Other changes include speaking to people in person more often rather than communicating online or over the phone; uninstalling certain apps, avoiding certain terms in online comms, and unfriending/unfollowing people on social media; and not using certain terms when using a search engine. Eight per cent of those who have made changes as a result of hearing about government snooping programs said they have even deleted some social media accounts entirely.

It’s the second such post-Snowden privacy-focused report published by Pew, after an earlier report last November which identified huge concern among web users about how their personal data is being harvested and processed by online companies.

In this latest report, Pew found that the vast majority (87%) of adults have heard at least something about government surveillance programs. And the third (31%) who have heard “a lot” express most concern about the dragnets — including being less confident the programs are in the public interest, and more likely to worry courts are not striking the right balance between privacy and law enforcement/security agency needs.

Overall, a small majority (57%) of respondents said it is “unacceptable for the government to monitor the communications of U.S. citizens. But the poll also found that a majority of Americans don’t have concerns about government spying directly elsewhere — including spying on the comms of U.S. leaders, or foreign leaders, or foreign citizens.

When it comes to safeguarding their own comms, the report identifies what it describes as “notable numbers” of citizens who have not yet adopted or considered adopting some of the most advanced privacy tools, such as do-not-track search engines, PGP encryption for email, proxy servers or TOR for browsing.

In most cases it identifies a clear lack of awareness around such tools, with around a third or more of respondents not being aware of the specific measures. The exception is search engines that don’t track user history. Only 13% said they did not know about these, but a majority (53%) still has not adopted or considered adopting them.

Website Hackers Slip Under The Radar With Impersonator Bots – TechCrunch

Editor’s note: Ofer Gayer is a security researcher at Incapsula.

It was late December when we were contacted by a financial service provider who began noticing a spike in online registration requests. Rather than resulting from end-of-the-year sales efforts, this spike was caused by a targeted spam attack that flooded the organization with fake registration forms, most of which looked reputable enough not be discarded on sight.

The reason for concern was that this company, for internal reasons, needed to perform a manual background check of each new registration form before it was passed over to the sales department. So when the small background check team began to collapse under the deluge of seemingly legitimate online forms, all online sales operations were brought to a halt. After a quick examination of the company’s website traffic, it quickly became clear that what the customer was actually experiencing was malicious bot activity.

In this case, the bot operator knew enough about the organization to identify the manual background check process as a “soft spot,” which could be used to monkey-wrench the company’s entire sales funnel.

To exploit that weak spot, the perpetrator hand-crafted a spam bot whose sole purpose was to attack that one specific registration form with details that wouldn’t fit any easily identifiable pattern. Most concerning, these bots were disguising themselves as regular human users, with browser-like HTTP fingerprints and several capabilities that enabled them to circumvent the website’s challenge-based, access-control mechanism.

This is not the first time we’ve come across such sophisticated bots that are purpose-built to mimic human behavior and operate under the cover of a browser-like identity. Collectively, we like to refer to them as “impersonator bots.” Created for stealth and preferred for their ability to bypass commonplace security measures, such automated tools are used by hackers not only for spam attacks, but also to steal data, hijack servers and execute DDoS attacks, among other nefarious activities.

Who are these Impersonator bots?

Many types of bad bots roam the Internet, from scrapers and spammers to the more sophisticated vulnerability scanners and DDoS bots. If other bad bots can be compared to well-trained soldiers carrying out the orders of their commander, impersonator bots are the Special Ops unit. These “commandos” carry out the same malicious activities, but they do so covertly and typically use much more advanced attack techniques.

Often, they’re based on existing malware tools, modified to create a browser-like HTTP fingerprint. This lets them bypass security challenges that would stop a lesser/generic version. Impersonator bots cause significant damage to companies’ websites and web applications, resulting in downtime, financial losses and reputation damage. 

Between 2013 and 2014, we saw overall bot traffic volumes decrease from 61.5 to 56 percent of all web visits — a reversal of the upward trend observed the prior two years. Still, despite the dip in total bot traffic, the number of impersonator bots continues to grow.

In fact, over the past three years, impersonators are the only bad bot type to display consistent growth, which does not bode well for most website owners.

Cybersecurity is often described as an arms race, and for a good reason. Hackers and white hats are continually trying to stay one step ahead of each other. When one side finds a better method of defense, the other side usually develops a smarter type of offense. Impersonator bots are a byproduct of this escalation – they are the hacker’s response to an increased use of anti-bot solutions by website owners. 

Impersonator bots are the go-to tool for hackers 

One way impersonator bots are used is for vulnerability scanning and automated hacking attempts. Such “hacker bots” are proprietary tools and scripts are used to systematically scan sites for vulnerabilities and exploit them at will and in bulk. As soon as a vulnerability is published, the scavenger hunt for an un-patched system is on.

We saw an excellent example of this dynamic following the discovery of the Shellshock mega-vulnerability in September 2014.

Soon after Shellshock’s discovery and the release of a patch, we saw an explosion in scanner traffic. Some of these were legitimate scanning attempts by concerned Internet citizens. However, more than 90 percent of the bots were malicious scanners and other malicious automated tools (e.g. DDoS malware) probing for the Shellshock vulnerability.

For hackers, launching such vulnerability-scanning campaigns is just “another day in the office.” We’ve seen this same dynamic following other major vulnerabilities in 2014, such as Heartbleed, and vulnerabilities in popular WordPress plug-ins like Slider Revolution and FancyBox.

This genre of impersonator bots also covers DDoS bots coming from anonymous proxies, which are simply another way for attackers to mask their true identities. This is the same MO used by impersonator bots. In fact, over the past few months, we’ve seen a significant increase in bots using TOR and other publicly available anonymous proxies to perform application-layer DDoS attacks (e.g. HTTP floods). These proxies were created to enable anonymous web browsing — substituting a users’ IP address with that of an untraceable proxy.

The use of anonymous proxies (most of which are free) holds many benefits for DDoS attackers. This enables them to mask their bot IPs, letting them bypass security solutions based on blacklisting. Rather than using a single address for each bot request, anonymous proxies spread requests among multiple IPs, permitting them to fly under the radar of rate-limiting mechanisms.

In addition to hiding IPs, anonymous proxies also obfuscate header information, enabling them to evade security measures based solely on HTTP fingerprinting. Utilizing these inherent benefits, perpetrators are able to create a large botnet-style impact with minimal effort.

As malicious bots evolve and become more stealthy, it’s no longer enough to know who the visitor is (i.e., block by signature). Security solutions also need to assess why any bot is there in the first place. The use of reputation and behavioral analysis can help examine the context of bot visits, which is an important factor in identifying Impersonators, anonymous proxies and other new types of bot threats.

Looking ahead

Bots are an essential part of the Internet ecosystem. However, they are now more than tools; whether they are used for good or malicious purposes depends entirely on the owner’s intentions and motivation.

When it comes to web threats, bad bots are the preferred tool of today’s cyber criminals; more than 90 percent of all cyber attacks (e.g. DDoS attacks, web application threats) that our researchers identified are executed by them and impersonator bots are the elite commando unit of bad bots.

In terms of lost revenues and remediation efforts, the cost of such assaults can easily reach hundreds of thousands — even millions — of dollars. As we have seen in major data breaches such as the Sony hack, the worst case scenario really depends on an attacker’s intentions and the magnitude of the target.

Featured Image: ValentinT/Shutterstock

Website Hackers Slip Under The Radar With Impersonator Bots – TechCrunch

Editor’s note: Ofer Gayer is a security researcher at Incapsula.

It was late December when we were contacted by a financial service provider who began noticing a spike in online registration requests. Rather than resulting from end-of-the-year sales efforts, this spike was caused by a targeted spam attack that flooded the organization with fake registration forms, most of which looked reputable enough not be discarded on sight.

The reason for concern was that this company, for internal reasons, needed to perform a manual background check of each new registration form before it was passed over to the sales department. So when the small background check team began to collapse under the deluge of seemingly legitimate online forms, all online sales operations were brought to a halt. After a quick examination of the company’s website traffic, it quickly became clear that what the customer was actually experiencing was malicious bot activity.

In this case, the bot operator knew enough about the organization to identify the manual background check process as a “soft spot,” which could be used to monkey-wrench the company’s entire sales funnel.

To exploit that weak spot, the perpetrator hand-crafted a spam bot whose sole purpose was to attack that one specific registration form with details that wouldn’t fit any easily identifiable pattern. Most concerning, these bots were disguising themselves as regular human users, with browser-like HTTP fingerprints and several capabilities that enabled them to circumvent the website’s challenge-based, access-control mechanism.

This is not the first time we’ve come across such sophisticated bots that are purpose-built to mimic human behavior and operate under the cover of a browser-like identity. Collectively, we like to refer to them as “impersonator bots.” Created for stealth and preferred for their ability to bypass commonplace security measures, such automated tools are used by hackers not only for spam attacks, but also to steal data, hijack servers and execute DDoS attacks, among other nefarious activities.

Who are these Impersonator bots?

Many types of bad bots roam the Internet, from scrapers and spammers to the more sophisticated vulnerability scanners and DDoS bots. If other bad bots can be compared to well-trained soldiers carrying out the orders of their commander, impersonator bots are the Special Ops unit. These “commandos” carry out the same malicious activities, but they do so covertly and typically use much more advanced attack techniques.

Often, they’re based on existing malware tools, modified to create a browser-like HTTP fingerprint. This lets them bypass security challenges that would stop a lesser/generic version. Impersonator bots cause significant damage to companies’ websites and web applications, resulting in downtime, financial losses and reputation damage. 

Between 2013 and 2014, we saw overall bot traffic volumes decrease from 61.5 to 56 percent of all web visits — a reversal of the upward trend observed the prior two years. Still, despite the dip in total bot traffic, the number of impersonator bots continues to grow.

In fact, over the past three years, impersonators are the only bad bot type to display consistent growth, which does not bode well for most website owners.

Cybersecurity is often described as an arms race, and for a good reason. Hackers and white hats are continually trying to stay one step ahead of each other. When one side finds a better method of defense, the other side usually develops a smarter type of offense. Impersonator bots are a byproduct of this escalation – they are the hacker’s response to an increased use of anti-bot solutions by website owners. 

Impersonator bots are the go-to tool for hackers 

One way impersonator bots are used is for vulnerability scanning and automated hacking attempts. Such “hacker bots” are proprietary tools and scripts are used to systematically scan sites for vulnerabilities and exploit them at will and in bulk. As soon as a vulnerability is published, the scavenger hunt for an un-patched system is on.

We saw an excellent example of this dynamic following the discovery of the Shellshock mega-vulnerability in September 2014.

Soon after Shellshock’s discovery and the release of a patch, we saw an explosion in scanner traffic. Some of these were legitimate scanning attempts by concerned Internet citizens. However, more than 90 percent of the bots were malicious scanners and other malicious automated tools (e.g. DDoS malware) probing for the Shellshock vulnerability.

For hackers, launching such vulnerability-scanning campaigns is just “another day in the office.” We’ve seen this same dynamic following other major vulnerabilities in 2014, such as Heartbleed, and vulnerabilities in popular WordPress plug-ins like Slider Revolution and FancyBox.

This genre of impersonator bots also covers DDoS bots coming from anonymous proxies, which are simply another way for attackers to mask their true identities. This is the same MO used by impersonator bots. In fact, over the past few months, we’ve seen a significant increase in bots using TOR and other publicly available anonymous proxies to perform application-layer DDoS attacks (e.g. HTTP floods). These proxies were created to enable anonymous web browsing — substituting a users’ IP address with that of an untraceable proxy.

The use of anonymous proxies (most of which are free) holds many benefits for DDoS attackers. This enables them to mask their bot IPs, letting them bypass security solutions based on blacklisting. Rather than using a single address for each bot request, anonymous proxies spread requests among multiple IPs, permitting them to fly under the radar of rate-limiting mechanisms.

In addition to hiding IPs, anonymous proxies also obfuscate header information, enabling them to evade security measures based solely on HTTP fingerprinting. Utilizing these inherent benefits, perpetrators are able to create a large botnet-style impact with minimal effort.

As malicious bots evolve and become more stealthy, it’s no longer enough to know who the visitor is (i.e., block by signature). Security solutions also need to assess why any bot is there in the first place. The use of reputation and behavioral analysis can help examine the context of bot visits, which is an important factor in identifying Impersonators, anonymous proxies and other new types of bot threats.

Looking ahead

Bots are an essential part of the Internet ecosystem. However, they are now more than tools; whether they are used for good or malicious purposes depends entirely on the owner’s intentions and motivation.

When it comes to web threats, bad bots are the preferred tool of today’s cyber criminals; more than 90 percent of all cyber attacks (e.g. DDoS attacks, web application threats) that our researchers identified are executed by them and impersonator bots are the elite commando unit of bad bots.

In terms of lost revenues and remediation efforts, the cost of such assaults can easily reach hundreds of thousands — even millions — of dollars. As we have seen in major data breaches such as the Sony hack, the worst case scenario really depends on an attacker’s intentions and the magnitude of the target.

Featured Image: ValentinT/Shutterstock