Tag Archives: hacks

The Current State of Platform, Software and Device Security

The year 2012 and the better part of 2013 have witnessed the birth of new computing platforms, social network platforms and general computing trends that not only make the gadget and internet a better place, but also a more dangerous one. These innovations and developed habits expose us to a variety of threats that we must be aware of in order to survive in the modern digitally connected world.

Security

The release of new platforms gives both legitimate technology users and hackers something to look forward to. Users have to test new features and functionalities as hackers seek to exploit loopholes in the innovations’ firewalls. Since the adoption of new technology improves our efficiency, we will always be vulnerable to the accompanied hacker attacks and hope that the platform, gadget or software developer will release security patches as soon as security related bugs show up.

Are Security Risks Increasing or Decreasing?

As genuine developers come up with new software pieces, malicious developers are also at work trying to come up with re-engineered pieces that are better at breaching current and yet-to-come systems. This trend, confirmed by the attempts to improve on Skywiper/flamer to Stuxnet, gives system administrators something new to think about since they will be facing better-equipped criminals in the near future.

Even though the security trends of the future might strongly lean on the weaknesses of the new platforms and operating systems, we cannot overlook the birth of mobile devices. Since most people do not believe that, there are systems that can intrude the innate security of their mobile devices, cyber criminals might have an easier time in gaining access into the information people share through their devices.

With the number of possible additions to this list almost endless, the number of risks grows exponentially. The diversification of platforms and computing behaviors might give the average person an information overload that might force them to overlook some important security features or give cyber criminals more options to explore.

Do We Have a Choice?

Apart from the security issue, the manner in which we interact with other people is bound to change. The adoption of online solutions will greatly reduce personal level interactions while reducing the control we have over some of the information we might refer to as “personal.”

Nonetheless, the productivity per unit time is bound to increase since we no longer have to do all the hard work. The new systems and hardware products will take care of most of our needs despite the security and privacy risks, making them almost as important as the basic human needs. We will have no option but to live with the emergent vices and make the best out of the available virtues.

Simple Droid X Hack Can Greatly Improve Call Quality

There are many reasons why the audio quality of mobile phones isn’t great. One simple, but fixable reason is that the phone is most likely configured to use an outdated voice encoder algorithm by default.

Luckily for us, Motorola includes hidden programming menus in most of its phones where we can adjust advanced settings like voice quality.

How to Change the Droid X’s Vocoder

Step 1: Open the Dialer app on your Droid X and dial ##7764726. Press the Send button (the green phone symbol).

image
This number just happens to spells ##PROGRAM, which might help you remember it in the future.

Step 2: Enter 000000 (that’s six zeroes) as the password and click Verify.

image

Step 3: Bask in the glory of Motorola’s hidden programming application. When you’re done basking, open the menu entry 04 Vocode.

UPDATE 7/13/2011: A recent Verizon update has changed the menu structure. If you can’t find 04 Vocode, try these steps.

Thanks to Rlblair in the comments:

The location of the codec apparently changed with the latest software update from Verizon.    Now > select 06 – Test Mode – touch ‘Next” twice – select codec under ‘Service Option’ drop down.  When going “Back”, backing out all the way, the phone did not re-boot.  I shut down and re-started mine and checked – now using EVRC-B instead of default EVRC. Don’t know if the re-start is necessary.  Hope this helps everyone!

image

Step 4: In this menu, select the option EVRC-B. Press Apply.

image

That’s it! You will now be enjoying better call quality on your Droid X from just those four simple steps.

How come?

Your phone is set to use the EVRC (Enhanced Variable Rate Codec) vocoder by default. It was developed in 1995 and gave mobile carriers the ability to increase their network capacity without increasing their wireless spectrum or bandwidth.

I won’t say that EVRC isn’t an amazing feat of digital signal engineering, but let’s keep in mind what type of computers we were using in 1995:

image
Nostalgia, thy name is Macintosh Performa 5200.

EVRC-B is an updated version of EVRC that has many technical improvements over its predecessor. Besides being able to compress sampled speech into an extra 1/4 rate, it has the ability to efficiently encode unvoiced or noise frames. This increases voice quality without necessarily increasing the load on the cellular network.

A final note: while changing the voice quality of your phone is harmless, you should avoid playing around in Motorola’s programming menu unless you really know what you’re doing. Otherwise:

That's right, your phone will turn into an iPod. And THEN it will die.

If you enjoyed this article, you might also be interested in other hidden menus in Android.

Ask Techerator: I Think I’m Being Spied on with Dynamic DNS, What Should I Do?

Techerator team:

My (techie) husband mentioned that he can track the location of our laptop with a “dynamic DNS”.  He also said something about being able to remotely connect to it with this tool.  Should I be worried? Is this spyware?

The service he is referring to is indeed called dynamic DNS.  This service can tell you a computer’s IP address wherever it goes (as long as it is connected to the internet), but it doesn’t necessarily mean somebody knows where you are geographically.  You can only tell so much from an IP address, and even less if the person is behind a router (i.e. if they’re on a wireless connection in a public place).

So why use dynamic DNS?

Every time you connect to the internet, your computer gets assigned unique IP address.  If I’m at home, my address might be 218.20.34.10, and if I’m at a coffee shop it could be something completely random – so I have no idea what it is for sure.  IP addresses can also change over time, so you can’t assume your home IP address will remain the same.

The solution to this ever-changing IP address problem is to use a Dynamic DNS.  In common terms, it’s a special domain name that you can assign to a computer, and the computer will tell that domain name what its IP address is on a regular basis. For example, I could make a custom address like myhomecomputer.dnsalias.org, which I could set my computer to update.  If I was at work and wanted to connect to my home computer, I could just connect to “myhomecomputer.dnsalias.org” instead of trying to figure out its unique IP address.

So is it harmful?

Dynamic DNS isn’t exactly what I’d call spyware, but if somebody is using it for deliberate tracking or monitoring then yes, it could be.  I harmlessly use Dynamic DNS all the time to manage my computers – I have it installed on my laptops, desktops, and even my mom’s computer for when she needs remote computer assistance.

Knowing the Dynamic DNS/IP address doesn’t exactly tell you personal information about a person, but if a remote support application was installed (like VNC, which is free remote desktop software), you could easily log into, monitor, and control the computer.

What should I do?

If Dynamic DNS is installed, it should be easy to remove because it isn’t intended to be a virus.  You could look in the Start Menu for anything that says “Dynamic DNS” to see if it is present, or check the Control Panel under Add/Remove Programs.  It is also a possibility to install Dynamic DNS as a Windows Service (meaning it doesn’t necessarily have an application entry you can find in the Start Menu, it’s a utility that runs in the background of Windows) but that is fairly easy to remove as well.

DynDNS is one of the most popular dynamic DNS services, so check their site if you want to verify an application you found.

There are lots of ways your privacy can be compromised on a computer, especially with “key logger” programs.  These program simply monitor all input from a keyboard and save it in a file – this file can also be uploaded to a server so somebody else can watch it.  This makes it very difficult to protect yourself by changing your passwords, because they’ll know the new password as soon as you create it.

If the goal is to protect yourself from eavesdropping, these are the things I would do:

  1. Try to find any Dynamic DNS software and remove it.  Like I said, these typically aren’t viruses, so they can be easily removed.
  2. Install and run Malwarebytes which might pick up any malicious software, and remove anything it finds.
  3. Install and run Microsoft Security Essentials.  This is free security software from Microsoft and will scan your computer for malicious software.
  4. Install ZoneAlarm, this is a firewall with a free personal edition.  A firewall basically blocks almost all connections made to your computer, allowing you to only let in connections you truly trust.  This can be a HUGE pain because you’ll have to manually allow a lot of normal, benign connections access to your computer, but if you’re concerned about somebody else accessing your computer, this is the best way to block them.
  5. Change all passwords. Why last? Because you want to make sure an intruder has no access to your computer when you re-secure your accounts.

Final Thoughts

Aside from all those things, it never hurts to have a little old fashioned verbal communication if you think your privacy is being compromised.  If somebody you know is purposefully spying on you, it might be best to sit down and discuss why that is and perhaps find a compromise that works best for everyone.  In my opinion, doing things like spying on people just undermines their trust in you, which is more damaging than anything they were probably doing in the first place.

P.S. I should say that if you aren’t sure if something “spyware-ish” is installed, you could always press CTRL + SHIFT + ESC to bring up your task manager and take a screen shot (or write down) the applications that are currently running in the Processes tab.  That list will contain every application that is currently in memory.  You could then search Google for anything you found or ask someone who is familiar with these types of things.

Images courtesy: kodomut, Jose Goulao, Tam Tam