Japan authorities ask from internet service providers to block access to Tor network. Tor is a web service that help users to surf the internet anonymously without the fear that prying eyes are watching them and police use their internet activity against them. It is a way to make internet users to feel some kind of freedom and of course police is not happy about it and they started making efforts to block it. You might think that it is Japan and it doesn’t affect you but this is not true. If Japan authorities block Tor then other countries will do the same, this is happening always.
Flaw in Viber allows full access to smart phones
About 50 million android smart phones have Viber installed and a critical flaw in that app make all those devices vulnerable. It is as easy as sending two messages through Viber and attacker can gain full control to your device. It is scary how easy it is and I would expect a fix and ultra fast by the Viber app creators. You can watch the video to see exactly how it can be done and you can try it with a friend. It is the easiest and fastest exploit that I learned so far for android smart phones.
Disable lockscreen on Samsung devices
I wrote several posts on Apple security holes and how to bypass lockscreen. Security researches found also similar flaw on Samsung devices. Even though this doesn’t work on all Samsung devices but it works and it is a serious issue on those devices. I can’t explain it in words and you need to be patient and fast but in order for bad men to gain access to your smartphone few minutes is nothing. You can try it and if it happens to your device you can contact Samsung to help you protect your device and your personal data.
Far Cry 3 cheats: GodMode and Unlimited Ammo without trainer
I liked Far Cry very much, the story is very good and it is not only about shooting and killing. It has similar features with Assassin’s Creed like liberating outposts and killing animals to get their skin and use it to craft other objects. In order for you to read this it means that you already played it so I will get to the point. Follow the following simple instructions and you will have God mode and/or unlimited ammo (for PC).
The Biggest cracking dictionary
Before cracking a password using brute force attack, that meas try every possible combination of characters, programs use a dictionary with common words. So, if the password, which in many cases do, is just a simple word it will be cracked in few seconds. Crackstation took this to another level, they created a wordlist with 1.5 billion of passwords (1,493,677,782). The file is 4.2 GiB compressed and 15 GiB uncompressed. That is a lot of words but it cracks about 30% of all the hashes given to the Crackstation hash cracker. The file contains every word in any language that Wikipedia database had in 2010, every leaked database, every dictionary and every wordlist on the internet the creators of this wordlist could find
Another Facebook OAuth vulnerability
Not even a month ago I posted about Facebook OAuth flaw that was allowing to an attacker to gain access to any account. Facebook have fixed that specific flaw with minor changes but those changes are not enough and hackers can gain control to any account. This new vulnerability was found by the same white hat hacker that found also the previous one. Don’t worry just yet about this one because it is already fixed but Facebook is not very serious about security. To fix the previous bug they just put a basic regular expression validation that could be easily bypassed. I am sure they just modified their regular expression for the new flaw.
An HTML5 browser exploit can fill you disk with junk
An HTML5 browser exploit was found recently and it can fill your hard drive with junk data. Usually browsers allow websites to store small files like cookies but in case of HTML5 they allow bigger files around 10MB. This can be exploited and flood a hard drive with such files. In a demonstration, a 22-year-old web developer was able to fill 1GB of hard drive space every 16 seconds. I will let you stop and calculate how long it would take to fill your entire hard disk. I was happy to learn that every browser is vulnerable to this exploit except of my favorite Firefox.
Free Anti-Virus Suite by Baidu
Baidu for those who don’t know is a Chinese search engine, it is called as the Google of Asia. Baidu recently released a free anti-virus suite that will help you to protect your computer by any kind of malware such as viruses, spyware and adware. For a Chinese company we would expect a software in Chinese first and then add support for other languages. The big surprise here is that the anti-virus suite comes only in English. They say it is very fast and light but others are suspicious because it is a product made in China. I don’t believe such company would harm its reputation to release a bad product.
Facebook: OAuth flaw allows full control to any account
Applications in Facebook use the OAuth to communicate with the users and grand additional permissions. The user should click on the ‘Allow’ or ‘Accept’ button in order for the application to gain those permissions. A white-hat Hacker called ‘Nir Goldshlager’ found a flaw that allow any application to gain access with full control to any Facebook account by exploiting the Facebook OAuth. This doesn’t require the user to click on any button, this is also skipped. He also created a video that demonstrates this for those who are interested to see how easy it is to gain full control to any Facebook account.
Bypass iPhone lock screen with iOS 6.1
Anyone can bypass iPhone’s lock screen even if a password is set with a number of simple steps. This is for the latest platform iOS 6.1. Apple promised to fix this bug in the next release and iPhone users wish it is the last one that can be found that bypasses the lock screen as it is very important. There is a video that demonstrates that if you don’t want to read and follow the instructions. Happy unlocking.