Click to read more topics...
An Android malware is spreading around WhatsApp messenger called 'Priyanka'. It changes all your group names to Priyanka, and may also change your contact names to Priyanka.Android enthusiast site TheAndroidSoul.com said the malware replaced all the group names on an infected device's WhatsApp to “Priyanka.”Apparently, the malware doesn't actually harm Android devices. but it is very annoying and it spreads manually, relying on victims to accept and install a contact file from a friend, named "Priyanka". Just in this week, this virus started infecting WhatsApp users.Users of mobile messaging app WhatsApp were warned against this new malware threatening to spread and change all the names on the user's contact list to "Priyanka.""Thankfully this virus doesn’t gets installed on your phone by itself. So in case you receive a contact file named 'Priyanka' from anyone on WhatsApp or by any other way, make sure that you do NOT add/save it to your contacts. It can’t do any harm without getting added to your contacts database so just DON’T save it," it said.For those who may have saved "Priyanka" to their contacts, they should turn off all Internet connectivity including WiFi, Mobile data and Bluetooth tether.The user should then delete the malware from the contacts, then clear his or her WhatsApp database."NOTE that clearing your WhatsApp database would bring it to a freshly installed state. You’ll be required to do all the WhatsApp setup again. And thankfully, WhatsApp does take auto backups of all your conversations so they’ll be restored automatically once you’re through the setup," it said.
If you're still using Windows XP, Microsoft has a message for you: Stop. Upgrade to Windows 8 instead.Microsoft plans a carrot-and-stick approach to get customers off XP, says Computerworld. The stick: Support for the 11-year-old operating system ends April 8, 2014, and Microsoft plans to stop even issuing security patches then.Some 11 years after launch, XP still has 37 percent of market share, compared with 5 percent for Windows 8, as of last month, according to Netmarketshare.com. Some 586,000 PCs will have to migrate off XP every day to meet the deadline for the end of XP support.Microsoft's goal is more modest, to get XP below 10 percent by that time. Even that's going to be tough.Microsoft is providing the carrot to its partners to get their customers off XP. Partners will see a $32 billion service opportunity, based on a $200 per PC average, according to ZDNet.Microsoft will spend $40 million in fiscal 2014 to continue its Windows Accelerate Program for moving customers to a modern environment. As part of that program, Microsoft pays some resellers and integrator partners to create proof-of-concept Metro-style apps to demonstrate to customers.Microsoft is also extending its "Get to Modern" program for small and midsized business users, who typically don't plan far ahead and will need partners to help them do a quick change off XP. And Microsoft and HP are working together on a new XP migration campaign. (HP competes with IBM, which is the exclusive sponsor of Internet Evolution.)All of that is great -- for partners. But what about enterprises? If they're willing to take a chance on foregoing support, why should enterprise customers get off XP? Says Computerworld's Preston Gralla:
People and businesses are staying with XP and away from Windows 8 for a reason: XP does what they want, and Windows 8 doesn't. Until that is fixed, all the carrots and all the sticks won't get people to upgrade from XP to Windows 8.But Microsoft is serious about migration. Its two top priorities for next year: Getting businesses to stop using Windows XP, and making Windows 8 tablets the top business tablet.
This story, "In his own words: Confessions of a cyber warrior," was originally published at InfoWorld.com.
A longtime friend working as a cyber warrior under contract to the U.S. government provides a glimpse of the front lines.Much of the world is just learning that every major industrialized nation has a state-sponsored cyber army -- though many of the groups, including team USA, have been around for decades.I've met a few cyber warriors. As you might imagine, they can't talk much about their duties. But if you work shoulder to shoulder with them long enough, certain patterns emerge. For starters, there are a lot of them. They are well armed with cyber weaponry, and they're allowed to experiment and hack in ways that, as we all now know, might be considered illegal in some circles.I've been a longtime friend to one cyber warrior. On condition of anonymity, he agreed to be interviewed about what he does for a living and allowed me to record our conversation on a device he controlled, from which I transcribed our conversation. I was able to ask clarifying questions the next day.We met in person in my boat off the coast of Florida, which might sound very clandestine, except that our primary goal was to catch some fish. It's interesting to note that he did not want me to contact him by email or phone during the months leading up to this interview or for a few months after, even though what he revealed does not disclose any national security secrets. The following is an edited version of our conversation. Certain inconsequential details have been altered to protect his identity.Grimes: Describe yourself and your occupation.Cyber warrior: Middle-aged, white male, not married. Somewhat smart. Music lover. Lifetime hacker of all things. Currently working on behalf of armed services to break into other countries' computer systems.Grimes: What is your background? How did you learn to hack?Cyber warrior: I got into computers fairly early in my life, though I grew up in a foreign country. My dad split when I was young, and my mom worked a lot. I got into computers by visiting one of the few Radio Shacks near my neighborhood. The sales guy hated me at first because I was always on their computers, but after I taught him a few things, we became good friends for years. I realized I had an aptitude for computers ... that most of the adults around me did not have. By the time I was 15, I had dropped out of school (it wasn't as big of a deal in the country I was in, as it is in most developed countries), and I was working a full-time job as the head IT guy at a federal hospital.I was hacking everything. I hacked their systems, which wasn't too much of a problem because I was already the head IT guy. They had lost some of the admin passwords to the network and other computer systems, so I had to use my hacking skills to reclaim those systems. I hacked everything: door locks, Master locks, burglar alarms -- anything. For a while, I thought I was a master spy and thief, even though I never stole anything. I would spend all my earnings on buying security systems, install them in my house, then spend all my time trying to bypass them without getting caught. I got pretty good, and soon I was breaking into any building I liked at night. I never got caught, although I did have to run from security guards a few times.Grimes: What did you like hacking the most: security systems or computer systems?Cyber warrior: Actually, I loved hacking airwaves the most.Grimes: You mean 802.x stuff?Cyber warrior: How cute. How quaint. No, I liked hacking everything that lives in the sky. Computer wireless networks are such a small part of the spectrum. I bought literally dozens of antennas, of all sizes, from small handheld stuff to multi-meter-long, steel antennas. I put them all in a storage shed I rented. I put the antennas up on the roof. I don't know how I didn't get in trouble or why the storage shed people didn't tell me to remove the antennas. I had to learn about electricity, soldering, and power generation. I had dozens of stacked computers. It was my own little cloud, way back when. I would listen for all the frequencies I could. I was next to an airbase and I captured everything I could.Back then a lot more was open on the airwaves than today. But even the encrypted stuff wasn't that hard to figure out. I would order the same manuals as the equipment they were using and learn about backdoors in their equipment. I could readily break into most of their equipment, including their high-security telephone system. It was fun and heady stuff. I was maybe 16 or 17 then. I was living and sleeping in the shed more than at my home.One day I started to see strange cars show up: black cars and trucks, with government markings, like out of movie. They cut the lock off my shed and came in the door. My loft was up near the rafters, so I scooted over into the next storage area, climbed down, and went out the side door at the far end of the shed area. I walked off into desert and never went back. I must have left $100,000 worth of computers, radio equipment, and oscilloscopes. To this day, I don't know what happened or would have happened had I stayed -- probably not as much as I was worried about.Grimes: Then what did you do?Cyber warrior: My mom got married to my stepdad, and we moved back to the States. I was able to get a computer network admin job pretty quickly. Instead of hacking everything, I started to build operating systems. I'm a big fan of open source, and I joined one of the distros. I wrote laptop drivers for a long time and started writing defensive tools. That evolved into hacking tools, including early fuzzers.Eventually I got hired by a few of the big penetration-testing companies. I found out that I was one of the elite, even in a group of elites. Most of those I met were using tools they found on the Internet or by the companies that hired us, but all that code was so [messed up]. I started writing all my own tools. I didn't trust any of the hacking tools that most penetration testers rely on. I loved to hack and break into to things, but to be honest, it was pretty boring. Everyone can break into everywhere -- so I made it a game. I would only break in using tools that I built, and I would only consider it a success if none of my probes or attacks ended up in a firewall or other log. That at least made it more challenging.Grimes: How did you get into cyber warfare?Cyber warrior: They called me up out of the blue one day -- well, an employment agency on behalf of the other team. They were offering a lot more money, which surprised me, because I had heard that the guys working on behalf of the feds made a lot less than we did. Not true -- it's certainly not true anymore, if you're any good.I had to take a few tests. I had a few problems getting hired at first because I literally didn't have a background: no credit, no high school or college transcripts. Even the work I had done was not something you could easily verify. But I scored really well on the tests and I was honest on what I had done in the past. They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future coworkers. I was impressed.Grimes: Explain.Cyber warrior: They had thousands of people just like me. They had the best computers. They had multiple supercomputers. They had water-cooled computers running around on handtrucks like you would rent library books. The guys that interviewed me were definitely smarter than I was. I went from always being the smartest guy wherever I worked to being just one of the regular coworkers. It didn't hurt my ego. It excited me. I always want to learn more.Grimes: What happened after you got hired?Cyber warrior: I immediately went to work. Basically they sent me a list of software they needed me to hack. I would hack the software and create buffer overflow exploits. I was pretty good at this. There wasn't a piece of software I couldn't break. It's not hard. Most of the software written in the world has a bug every three to five lines of code. It isn't like you have to be a supergenius to find bugs.But I quickly went from writing individual buffer overflows to being assigned to make better fuzzers. You and I have talked about this before. The fuzzers were far faster at finding bugs than I was. What they didn't do well is recognize the difference between a bug and an exploitable bug or recognize an exploitable bug from one that could be weaponized or widely used. My first few years all I did was write better fuzzing modules.Grimes: How many exploits does your unit have access to?Cyber warrior: Literally tens of thousands -- it's more than that. We have tens of thousands of ready-to-use bugs in single applications, single operating systems.Grimes: Is most of it zero-days?Cyber warrior: It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.Grimes: What do you like hacking now?Cyber warrior: Funny enough, it's a lot of wireless stuff again: public equipment that everyone uses, plus a lot of military stuff that the general public knows nothing about. It's mostly hardware and controller hacking. But even that equipment is easy to exploit.Grimes: Does your team sometimes do illegal things?Cyber warrior: Not that I know of. We get trained in what we can and can't do. If we do something illegal, it's not on purpose. Well, I can't speak for everyone or every team, but I can tell you the thousands of people I work with will not do anything intentionally illegal. I'm sure it happens, but if it happens, it's by mistake. For instance, I know we accidentally intercepted some government official's conversations one day, someone high-level. We had to report it to our supervisors and erase the digital recordings, plus put that track on our red filter list.Grimes: You say you don't do anything illegal, but our federal laws distinctly say what we cannot offensively hack other nations. And we are hacking other nations.Cyber warrior: They say we can't hack other nations without oversight. John Q. Public and John Q. Corporation can't hack other nations, but our units operate under laws that make what we are doing not illegal.Grimes: I know you from many years ago, and I think the young you would revile hacking any government by any government. I think I heard you say this many times, and you were passionate about it.Cyber warrior: I'm still passionate about it, but the older self realizes that the young self didn't have all the facts. We have to do what we do because [other nation states and other armies] are doing it. If we didn't, we would literally be dead. It's already something that I don't know if we are winning. I know we have the best tools, the best people, but our laws actually stop us from being as good as we could be.Grimes: What about your job would surprise the average American?Cyber warrior: Nothing.Grimes: I really think the average American would be surprised you do what you do.Cyber warrior: I don't agree. I think everyone knows what we have to do to keep up.Grimes: What does your work location look like?Cyber warrior: I work in obscure office park in Northern Virginia. It's close to DC. There's no lettering or identifiers on the building. We park our cars in an underground garage. There are about 5,000 people on my team. I still work for the same staffing company I was hired by. My badge does not say "U.S. government" on it. We are not allowed to bring any computers, electronics, or storage USB drives into the building. They aren't even allowed in our cars, so I'm the guy at lunch without a cellphone. If people were to look around, they could spot us. Look for the group of people being loud that don't have a single cellphone out -- no one texting. Heck, they should let us carry cellphones just so we don't look so obvious.Grimes: What do you do for a hobby?Cyber warrior: I play in a hardcore rap/EDM band, if you can imagine that. I play lots of instruments, make beats and percussion stuff. I wish I could make more money doing music than hacking. I'm even considering now leaving my job and doing music. I don't need much money. I have enough for retirement and enough to support my lifestyle.Grimes: What do you wish we, as in America, could do better hacking-wise?Cyber warrior: I wish we spent as much time defensively as we do offensively. We have these thousands and thousands of people in coordinate teams trying to exploit stuff. But we don't have any large teams that I know of for defending ourselves. In the real world, armies spend as much time defending as they do preparing for attacks. We are pretty one-sided in the battle right now.Grimes: What do you think of Snowden?Cyber warrior: I don't know him.Grimes: Let me clarify, what do you think of Snowden for revealing secrets?Cyber warrior: It doesn't bother me one way or the other.Grimes: What if it could lead to your program shutting down? You'd be without a job.Cyber warrior: There's no way what we do will be shut down. First, I don't intentionally do anything that involves spying on domestic communications. I don't think anyone in my company does that, although I don't know for sure. Second, it would be very dangerous to stop what we do. We are the new army. You may not like what the army does, but you still want an army.If I was out of job I'd just get better at playing my instruments. I like to hack them, too.