Wednesday, July 24, 2013

Android 4.3 Jelly Bean Is Official

Bluetooth Smart
As expected, Android 4.3 will be getting Bluetooth Low Energy support, or Bluetooth Smart, which brings a similar Bluetooth performance but consumes considerably less power in doing so. This, naturally, will enable users to conserve those precious droplets of battery life for more important tasks.









jb-btle
Jelly Bean 4.3






Multi-User with Restricted Profiles
Android 4.3 also brings advanced multi-user settings, which will allow group owners of Android devices to share a single device with any number of different profiles for each users. Naturally, it also offers restricted profiles, which enable parents and schools to restrict young Android users access to certain inappropriate content.
android 43 profiles
UI 4.3

Not only do these profiles help with the ongoing censorship movement in protecting young people from the potential perils of the Internet, but it will also prevent the continued climate of accidental in-app purchases. Time and time again we’ve seen complaints and even lawsuits from bemused parents after their child has clocked up a huge credit card bill in purchasing virtual teacakes, but the new restrictions mean the bill payer can set restrictions in advance.


OpenGL ES 3.0
Android 4.3 was never meant to be a substantial update, and so it has proved. Most of the changes will probably be unclear to the general user, such as new OpenGL ES 3.0 support offering improved realism at the disposal of game developers, although this new implementation will finally take advantage of the multiple core processors vendors keep throwing into new devices.
And yes, if you’re suspecting it: Android 4.3 Jelly Bean does bring forward more performance enhancements. It’s safe to say that Google is in an all-out battle against lag and other small annoyances.
android 43 profiles
UI 4.3
The first devices to see Android 4.3 will naturally be of the Nexus variety, with the Nexus 4, Nexus 10, Galaxy Nexus, and first-gen Nexus 7 getting the OTA update, starting today, and the new Nexus 7 2013, which gets support right off the bat will remain untouched out of the box. The Google editions of the HTC One and Galaxy S4 will also be seeing the new firmware in the near future. We’re suspecting that Android 4.3 will roll out for other devices later this year.
jbean_srgb
With Google Play Games having also been released today as a separate download, the improvements to Android are coming in swift, quintessentially Google fashion. Unfortunately, the fragmentation of the ecosystem means there’ll likely be delays in getting Android 4.3 to your perfectly compatible device, but if you’re running a stock Android smartphone or tablet, your wait will not be particularly lengthy.

Source:http://www.redmondpie.com/

Thursday, November 18, 2010

world meet RockMelt

courtesy (blog.rockmelt.com)
RockMelt blog: "World, Meet RockMelt
Hello Interwebs! The rumors are true… starting today, we’re offering access to an early version of RockMelt, a new browser designed around you and how you use the Web. "

Live wallpapers to give life to your Android homescreen

Live wallpapers to give life to your Android homescreen: "Live wallpapers to give life to your Android homescreen
3172 viewsTaylor Martin - 8 hrs ago | More by this editor
Aside from hundreds of neat, useful widgets, one of the most unique features of Android is the ability to set live wallpapers on your homescreen. They keep your device fun, fresh, and most importantly, cool to show off. In the Market there are hundreds, if not thousands of neat live wallpapers. I've tried out a lot of them and found quite a few that I really like.
One quick side note: A lot of people are concerned that live wallpapers, being in constant motion, will have adverse effects on battery life. The truth is, the majority of them do not. That doesn't mean a poorly developed wallpaper won't suck the juice right out of your phone, but most of them will not cause any noticeable difference in the length of your battery life. If you're afraid your battery will drain, try one out while you're sitting around the house one day. If it does, revert back to a normal wallpaper or try another to see if it's just that specific wallpaper before you write them off entirely.
With that being said, here are a few of my favorite live wallpapers to use:"

Thursday, October 1, 2009

Use internet through PPPOE

hi
this is all bsnl broadband user's.those are having a user id and password provided by bsnl
finally i found the way to use internet in Bsnl ADSL connection in Backtrack3 and also in Bactrac4

here we go..................................................................................

1st for BT3 users

1.for vmuser's change their ethernet mode to bridged mode
2.type pppoe-setup then press enter
3.give your username
4.type DNS name:server
5.rest just press enter no need to configure
6.then finaly give your password
we are done about config part

then save it

1.type:pppoe-start
after conformation of connected
then type :ifconfig
you will find both eth0 and ppoe

it's done use internet and njoy



now for BT4 user's

1.type:apt-get install pppoe
2.after the installation
3.type:/etc/init.d/wicd start
4.then kmenu->inetrnet->wicd network manager
5.if it is connected to any eth0 card make it disconnect
6.type:pppoe-setup
7.same as BT3 follow the procedure
8.after configuration type:pppoe-start
njoy internet in BT4








tags:BT3 pppoe,BT3 pppoe bsnl,backtarck pppoe configuration,BT4 pppoe,BT4 pppoe bsnl,

Tuesday, October 21, 2008

Is Anti-Virus is safe??????


What we think after installation of an Anti-virus in a system............that we are safe now....are we think again..


Now i'm going to show you some back side truth of Anti-viruses.

• Why can AV be targeted
• Finding vulnerability of Antivirus
• Exploiting Antivirus
• Few words
• Future work





Why Can AV Be Targeted - Continue
• Antivirus is a common component
– Over 80% of people are using antivirus software [Reference-8]
• Cross-platform exploitation
– As great as the Java and Adobe vulnerabilities
• Antivirus is error-prone



Why AV is error prone?
• User input (files being scanned) is totally unpredictable
• Too many format to deal with
– How can AV process hundreds of formats correctly?
• Lots of the vulnerabilities exist in the following major
components of Antivirus engine:
�� Unpack
�� Decompression

!!!!!!!!!!!!!!!!!!!!!Finding vulnerabilities of Antivirus!!!!!!!!!!!!!
Audit Antivirus
• Local Privilege Escalation
• ActiveX
• Engine
– Source code audit
– Reversing
– Fuzzing
• Management


Audit – ActiveX Control
• Installed by Antivirus product; Free Online Scan
Service; Download Manager
Problems:
• Insecure Method: Design error
– CA – SigUpdatePathFTP()
– Kaspersky - StartUploading()
• Buffer Overflow
– Symantec, CA, Authentium, RAV, etc


Audit – ActiveX Control
Fuzzing and Manually audit
• AxMan Script fuzzer for memory corruption
• ComRaider GUI fuzzer for memory corruption
• OleView Manually audit ActiveX
• FileMon File Operation
• RegMon Registry Operation
• TCPview Port, Network connection
• Wireshark Sniff network traffic

Audit – Engine
Most of the Engine problem exists in the Format Parsing
• Memory Corruption
– Stack overflow, Heap overflow, Memory Access/Modification
• Denial of Service
– CPU (Most of the AV vulnerable to ZIP/CHM processing
problem in the past)
– DISK Space (NOD32 will eat 4GB disk when scanning a
malicious ARJ file, which is only 1kb, no patch yet)
• Detection Bypass

Audit – Engine: Source Code
• Must have access to the source code
• Time consuming
• Open Source ClamAV is the best one for practice
– 49 CVE matches
• Tools: FlawFinder, RATS ,ITS4, SPLINT, CodeScan,
Coverity

Audit – Engine: Reversing
• Reverse the file format plugin one by one!
– Kaspersky: Arj.ppl base64.ppl cab.ppl lha.ppl rar.ppl
– Bitdefender: arc.xmd arj.xmd bzip2.xmd cab.xmd
docfile.xmd
• Typical: Memory allocation, string copy, integer
wrapper
Advantage:
– Effective against all Closed Source AV
– Can uncover more subtle vulnerabilities
Disadvantage:
– Extremely time consuming
– Tools: IDA, Hex-rays

Audit – Engine: Fuzzing!
• Few people thought about fuzzing Antivirus
• Few Antivirus fuzzer published
– Vxfuzz – Taviso
– nrun’s private Fuzzer-Framework v1.0
– My in-house script, and yours
• Fuzzing Antivirus is easier than most of the other
fuzzing
• Even a dozen lines script could uncover many
exploitable vulnerabilities!
Audit – Engine: Fuzzing!
What we need?
• Good samples
– rar, zip, chm, arj, lha, lzh, tar, tgz, doc, xls, upx, fsg, more
– CreateARJ, MakeCAB, WACE, WinZIP, WinRAR, PowerISO,
various PE packers, Google (filetype:xxx)
• A big hard disk.
– For test case
• Debugger
– Windbg, Ollydbg, Immunitydebugger
• Fuzzer
– Original fuzzer is actually a File generator
– Script language: Python/Perl/C
– May need to deal with the CRC
Audit – Engine: Fuzzing!
How? 4 steps
• Create test case.
– By using the script you wrote, samples created
– 0xFFFFFFFF, 0xFFFF, 0x0000, 0x0001, etc,
• Download the trial version AV and install
• Scan! Do not forget to start the debugger
• Go to Sleep: Leave your computer fuzzing

Audit – Engine: Fuzzing!
Demo 2
Fuzzing Mcafee Antivirus for 0day ;)

Audit Result
By auditing the mainstream Antivirus Engine, we have
found and published:
• AhnLab AV Remote Kernel Memory Corruption
• TrendMicro AV UUE Decoding Format String
Vulnerability
• Avast! AV TGZ Parsing Heap Corruption
• Mcafee AV BZIP2 Parsinig Memory Corruption
(working with vendors)
• NOD32 Heap Overflow (unpublished,0day)
• More upcoming