Star N9500

The German security vendor, G DATA discovered a smartphone that ships with pre-installed spyware straight from the factory. The malware is disguised as the Google Play Store and is part of the pre-installed Android apps. The spyware runs in the background and cannot be detected by users. With the malware installed, the smartphone sends personal data to a server located in China and is able to covertly install additional applications.

The malware make it possible to retrieve the user’s personal data, intercept calls, online data, emails and text messages or control the camera, microphone and any other phone feature remotely. The affected model “N9500″ is produced by the Chinese manufacturer Star. It is not possible to remove the manipulated application and spyware since they are integrated into the firmware.

Following information from customers that purchased the phone for their own use, security experts retrieved and analysed one such device. Through the process, the security engineers found that the firmware contained a Trojan called Android.Trojan.Uupay.D, disguised as the Google Play Store. The spy function is invisible to the user and cannot be deactivated. This means that online criminals have full access to the smartphone and all personal data. Logs that could make the access visible to the users are deleted directly. The program also blocks the installation of security updates.


This smartphone model (other models were not investigated yet) represents a serious risk to users. The spy maleware enables criminals to secretly install new and different applications, which enables a whole spectrum of abuse: localisation, interception & recording, purchases, banking fraud, sending of premium SMSs and more.

Large online retailers are still selling the Android device at prices ranging from 130 to 165 euros and distributing it across Europe. The Star N9500 smartphone can be found easily in various retailers on the internet and is available for sale via outlets like Amazon for relatively low prices.

  • Filed under: Mobile, Security
  • Encrypted web email service to the masses


    Remember the time when some gmail users were worried about Google’s spiders “reading” their email messages? Well, that time has gone, and now the evil corporate spiders have been replaced by the good fellas of the NSA. But there is a slight difference between these two privacy violators. The consequences of a Google spider messing up it’s algorithms, was no more than displaying the wrong ad next to your email messages. The consequences of the NSA messing up, can land you in prison.

    So while the NSA can read any message running through any network and server in the U.S and abroad, one group decided your privacy is worth saving. The solution: End-to-end encrypted web based email system called ProtonMail. While encrypted email systems exist almost since the invention of email, these systems are cumbersome and unfriendly, so much so that the average user will probably not be able to set them up.

    Andy Yen, a PhD student who initiated the idea behind ProtonMail explains, “We encrypt the data on the browser before it comes to the server. By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.” and Yen continues “We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”

    While most web based email vendors allow for secure connections (https) and encryption of the email content on their servers, the encryption of the messages is done at the server side, with the vendor encryption keys, which means they can decrypt the emails at will. ProtonMail‘s solution doesn’t allow them to decrypt your messages even if they wanted to.

    ProtonMail are taking their privacy stance very seriously, the service servers are housed in Switzerland for extra protection, where some of the team behind the company resides. “One of the key things we want to do is control our servers and make sure all the servers are in Switzerland which will increase privacy because Switzerland doesn’t do things like seize servers or tape conversations,” says Yen. But that’s not all, Yen has turned down venture capital firms looking to invest in ProtonMail fearing such investments will hurt the company’s credibility with potential users.

    ProtonMail’s revenue model is similar to many other online, which offer a basic account for free and a monthly/yearly subscription for extra storage or services. The paid accounts will be $5/month and will provide 1GB of storage, and they are expected to accept bitcoin or even cash payments to allow users to remain completely anonymous.

    Traditionally the expectation for the service to get the most traction is in countries like China, Syria, Russia and Iran, but as the NSA’s grip is tightening around American and international companies and communication, there user base is expected to be more diverse.

    ProtonMail just launched globally out of a private beta, anyone can register for a new account at their website, though the rate of new account creations is yet unknown. “We’re close to 20,000 users now and have had to close the signups temporarily while we add more servers. We were not expecting 10,000 users per day even in our most optimistic projections so we’re scrambling now to support more,” he says.

    They are also currently working on an Android or iPhone app expected to be ready by Q3 this year.

  • Filed under: Security
  • michaels-craft-store

    Michaels’, a large arts and crafts retailer in the US, may have been the victim to unknown hackers.

    The company has published a warning to customers that it might have experienced a “data security attack”, raising concerns that the retailer is yet another victim in a long line of retailers that suffered a major data breech recently, following Neiman Marcus and Target. It is believed that all of these retailers become casualties to RAM-scraping malware targeting point-of-sale machines (also known as POS or cash registers).

    A PDF statement linked from the homepage of the Michaels’ website warns of “possible fraudulent behaviour” seen on credit cards used by customers at the store.

    If you shopped at Michaels, keep a close eye on your credit card statements and follow up on any suspected unauthorised transactions. The company says it will offer identity protection and credit monitoring services at no cost to any customer at risk.

    It’s bad news for Michaels as well as its customers, as questions will be asked as to whether the company learnt any lessons after suffering a damaging attack at its cash registers a couple of years ago. Back in 2011, the retailer replaced thousands of PIN pads used by customers to type in their secret codes when making purchases, after it was discovered hackers had replaced them at a small number of stores. That security breach resulted in the theft of about 94,000 payment card details.

    Michaels said federal investigators and an outside forensics firm were investigating to determine if there had been a breach. The company said it decided to warn the public and launch a probe into the matter after hearing that there had been an increase in fraud involving cards of customers who had shopped at its stores. Currently there are no figures for how many cards may have been put at risk by the latest security incident, but it would seem prudent for all Michaels customers to be on their guard.

    For more details of the possible data breach at Michaels, check out this post by Brian Krebs.

  • Filed under: Security
  • Chrome bug

    Tal Ater, an Israeli developer may have exposed an exploit that allows attackers to listen to your conversations – And “listen” means literally listening to the audio around your computer via it’s microphone. This means that any desktop running Chrome can be compromised by the exploit which lets malicious sites turn Google Chrome into a listening device, one that can record anything said in your office or your home, as long as Chrome is still running.

    Tal writes “I discovered this exploit while working on annyang, a popular JavaScript Speech Recognition library. My work has allowed me the insight to find multiple bugs in Chrome, and to come up with this exploit which combines all of them together. Wanting speech recognition to succeed, I of course decided to do the right thing… I reported this exploit to Google’s security team in private on September 13. By September 19, their engineers have identified the bugs and suggested fixes.”

    The fix by Google’s engineers indeed solved the problem, but a month and a half later, Tal found that the fix wasn’t released to the general public. It was stuck “within the Standards group” and the status was “Nothing is decided yet.” – Four months passed since the exploit was fixed and Google is still waiting for the Standards group to agree on the best course of action. The problem is: our browsers are still vulnerable.

    To find out how the vulnerability works and see the exploit in action visit Tal Ater’s blog at:

  • Filed under: Security
  • Lock your Windows transparently


    If you are security concious on any level, you probably lock your workstation at the office whenever you step away from it. For most, that means pressing CTR-ALT-DEL and clicking the “Lock this Computer” option or using the Windows logo key +L shortcut. And yet, for some, the standard Windows lock screen is too boring.

    For anyone who is bored by the standard Windows lock screen, there’s Clearlock – A windows utility that is solely used for locking your screen, without it appearing locked. It means that you are locking your screen without actually hiding what’s presented on it, regardless of the programs running at the time.

    This tiny Windows utility will lock your system by adding a transparent layer to your screen. This layer acts like a glass top so the underlying screen will be visible, but mouse movements or keyboard clicks get blocked. So anyone will be able to view what is happening on the screen, but can’t use it unless unlocked with the password. This utility may become handy if you are running presentation in a public place and you don’t want anyone to intervene or sabotage by using the keyboard or mouse.

    ClearLock comes as a small standalone executable. To use it, all you have to do is run it, set your password and click the ClearLock icon whenever you want to lock your screen. To reset your password, simply delete the .ini file that was created in the same folder.

    It’s important to remember, that though this utility is intended to lock the desktop’s screen, it is not a security application and probably can be bypassed easily (though I haven’t tried myself). So it is more useful in a home environments (around the children) or for short office break, and not for system holding important information in vulnerable environments.

    On setback of Clearlock is that it works only on the default screen, meaning, if you are running in a dual monitor set up, it will lock only the main one, and the secondary screen will stay open.

  • Filed under: Software
  • Disable Skype click to call in chrome logo

    I became annoyed with Skype’s click to call Chrome extension lately, not only because I never use it, but it feels very intrusive most times. The Skype Click and Call function highlights phone and contact numbers on webpages and emails, and a Skype call can be initiated by clicking the highlighted number. The situation got unbearable after a Skype upgrade, when Chrome started to freeze occasionally, obviously, the immediate suspect was Skype’s click to call function.

    Disable Skype click to call in chrome greyed out

    When I first turned to disable click to call in Chrome’s extension menu, to my surprise, the enable check box was checked and greyed out – No disabling possible. No matter how I played with Chrome, I couldn’t un-grey the enable check box, and it was impossible to disable the extension. Playing with Chrome, I realized this unnecessary extension and plug-in are taking up Chrome resources that have been ever climbing more and more. The solution had to be less conventional. As it turns out, click to call is an independent application and not merely a Skype chrome extension extending Skype’s functions.

    Disable Skype click to call in chrome - tasks

    So the easiest way to disable click to call is to uninstall it via Control Panel’s Add or Remove Programs. Well, not always. In some cases, during the uninstall process, the installer requires the user to close all Chrome windows even when they are all closed and no Chrome processes are running. To resolve that, we will need to disable Chrome’s applications running in the background, as follows:

    1. Open Chrome.
    2. Go to settings and click “Show advanced settings”, if it’s not already open.
    3. Scroll down to System section
    4. Uncheck the Continue running background apps when Google Chrome is closed check box.
    5. Exit chrome and make sure no Chrome process is running in the Task Manager.
    6. Try to uninstall Skype click to call again.

    Disable Skype click to call in chrome

    Once click to call is uninstalled, open Chrome’s settings again and enable the Continue running background apps when Google Chrome is closed check box again – It enables some pretty useful apps.

    I’m very disappointed (though not surprised) with Skype (Microsoft Skype Division) for this unsolicited stealth install of click to call.

    If following this uninstall you wish to re-enable the click-to-call function in Chrome, download and install the Click and Call plugin again separately.

    Daily Friction #375

    It’s been more than two years since the last Daily Friction, I’m not sure it’s going to be back in it’s old form, it’s certainly not going to be a daily post. But it’s back for now with new and interesting articles and information. Some of the articles in this particulate issue are somewhat old but nevertheless interesting.

    Read the rest of this entry »

  • Filed under: Daily Friction
  • Google Reader Logo

    Following up on yesterday’s post about various alternative RSS feed reading services to the shutting down Google Reader, it’s time to transfer all your feeds to the new service of your choice. If you didn’t choose a new service it’s high time to do so.

    You can add all your feeds one by one – but that will be tedious and unnecessary. Instead, you can transfer them from Google Reader (before it’s officially dead) by exporting it. It sounds complicated, but it’s not.

    • Go to the Reader’s settings window.
    • Choose the Import/Export tab
    • Select the option to download data through Takeout. And press the Create Archive button
    • It will start building a file with all your feeds. Let the compression finish.
    • Once it’s finished building, download the resulting .zip file
    • Open up the ZIP file you just downloaded. You will find an .xml file inside.
    • Import the .xml file to the feed reader you decided to go with.

    That’s it. You’re done!

    Google reader alternatives

    Google Reader Logo

    It was a bit of a surprise to hear Google’s announcement about the closure of the Google Reader service on July 1, 2013. It is surprising for two main reasons. First, It’s a very popular service and considered one of the more successful offerings of the entire Google plethora, and it’s the most popular RSS reader on the market, by a huge margin. Second, Google is not offering any alternative. Historically, Google closes down a service for one of two reasons, it’s either failing in popularity (by Google’s standards) or there is a different service which is either more advanced or already covering the same functionality with a clear and easy migration path. There were a few hints of a replacement of some form under Google+, but I haven’t seen any indication of it.

    Since the question of why Google is shutting down Reader is not fully answered, at the time RSS feeds are still popular and not going away any time soon, I would like to look at the available alternatives.

    Standard readers and aggregators:

    Cream (Paid):
    Platform: Mac
    If you’re a Mac user, Cream might be for you. Cream is a feature-rich feed reader, but what makes it special is that the application knows which stories are the best and most worthwhile reading and floats them to the top so you can go through them first.
    It offers one-click import from Google Reader, and its method for determining which articles and feeds are better suited for you is impressive: the application “learns” as you read, scan or ignore stories, within a particular feed or in general. That means that Cream not only pushes stories to the top but also entire feeds based on your actions.

    Platform: Windows
    FeedDemon is a windows only RSS reader which offers a high level of customization. In this application you can enable keyword triggers to send an alert when any of the set keywords appear in the feed, regardless of whether you’re subscribed to the feed they appear in. Another useful feature is podcasts subscriptions with automatic downloads to a specified directory where they can be listened to or transferred to your mobile device.

    Feedly Screen

    Platform: Firefox | Chrome | Safari | Androd | iOS | Web
    Feedly is a very popular reader and had many users long before Google announced it was shuttering Reader. It is both a browser add-on and an Android and iOS app. Feedly takes your feeds and presents them in a magazine-like view. It also has integrated sharing and integration features with many social networks. In addition to having a rich news suggestion algorithm that makes it easy to surface articles that you’ll find most interesting, it’s a rich social tool that lets you share stories with your friends and post them to your favorite social networks. Feedly has the ability to save stories for future reading, and offers layout choices that let you read the news in the manner you choose — whether it’s straight headlines from top to bottom, full articles, neatly arranged tiles, or images all laid out on a page.
    Currently, Feedly uses Google Reader as its backend and there is no word whether Google will be keeping the Reader APIs online for developers. As of yet, I don’t know if Google will break the functionality of third-party application when it integrates Reader with Google+. But Feedly are not waiting to find out as it is building a new syncing engine so it’s users can seamlessly continue using the service long after Google Reader turns off the lights.

    FeedsAnywhere Screen

    Platform: Web
    FeedsAnywhere is a browser-based reader, and while it doesn’t have a mobile app it does offer a website that is focused on the mobile user. It can handle a huge number of feeds pretty easily and has a smooth user experience. It can sync with Google Reader to get the user’s current feeds and allows the user to look at either single folders, a single feed, or all the feeds in one streamline. Setting up FeedsAnywhere is VERY simple. All you have to do is go to the FeedsAnywhere website and create an account. There are occasional quirks with the service, but it is a feature rich news reader.

    Flipboard Screen

    Platform: Android | iOS
    Flipboard is an immensely popular newsreader, and this is while not having any desktop or browser-based component. While Flipboard is considered mainly a newsreader and less useful RSS reader, it still have the capabilities and a very attractive and comfortable interface. Flipboard is an excellent option because it allows you to organize the articles you want to look at and then flip through it like a magazine. Flipboard presents you with an intuitive layout of your feeds and a few default news categories to browse. Touching a panel lets you browse through any of the default categories; touching and holding a panel lets you delete it and replace it with whatever RSS feed you might want. You can customize your Flipboard by browsing through several categories like News, Technology, Business, and Entertainment and more.

    Netvibes Screen

    Platform: Web
    Historically Netvibes was a refuge for long iGoogle users since apart from supporting RSS feeds, it is mainly a personalized homepage service, a fact that may deter some hardcore RSS users who are looking for the RSS reader to be a centric feature. Netvibes can become somewhat similar to Google Reader once you switch it out of the default widgets mode. The service has moved beyond Web page personalization to provide online dashboards and business intelligence to companies, but still allows consumers to create personalized Web pages while augmenting its free service with business-centric paid options, such as brand monitoring, analytics, and enterprise portal services. Basic accounts at Netvibes are free, and are all you really need to keep track of your feeds. You can take the suggested feeds they start you off with, or you can import your own via OPML. After choosing Netvibes as a replacement, importing the Reader OPML file into Netvibes is as simple as clicking “Add content” and then “Import.”

    NewsBlur Screen

    Platform: Web | Android | iOS
    NewsBlur has a well-built, beautiful, slick and fast-paced interface that’s somewhat similar to Google Reader, but with some additional bells and whistles that make using it a little more fun. For example, you can toggle the original view and display articles the way they show up on their respective sites, or read them the way they’re presented in their RSS feeds, or view them text-only to get rid of the images and other fluff. It has some social feature we’ve all got used to, you can share stories with friends, save them for future reading, star them, and start your own “blurblog” of featured stories you want to share.
    The bad news here is that there is a big restriction, free accounts are capped at 64 blogs, 10 stories at a time, and public sharing options. Premium users ($US24/year) can subscribe to as many sites as they want, get all the latest stories at one time, get faster site refreshes, and can share publicly or privately.

    PageFlakes Screen

    Platform: Web
    Remember the days when everyone went crazy about personalized home page? Pageflakes was one of the runner ups, having been beat out by the likes of iGoogle and Netvibes. PageFlakes is still around, and you can use it to subscribe and manage your RSS feeds.

    Platform: Linux
    Here’s something for the Linux crowd. There are many news readers that are pretty, with nice and slick layouts, good graphics, and pictures. And then there is Newsbeuter. This app isn’t old-school so much as it is a creative anachronism. It only works on Linux, and it only runs from the command line – Yes, good old fashioned Linux.

    Pulse Screen

    Platform: Web | Android | iOS
    Pulse is a news aggregator that has built in RSS capabilities with an intuitive interface for touch screens. News sites are laid out vertically so you can swipe up and down to the latest news from all sites quickly, or you can swipe horizontally to read more stories from the same site. It relies heavily on its own news filtering algorithms to help you find the stories that they think you’ll want to read. You can use it as a way to keep with latest news and stories from the blogs you already like. Your Pulse home screen is completely customizable, and you can easily save stories for later, share with friends, filter by category, and pick up where you left off on a new device without losing your place.

    Taptu Screen

    Platform: Web | Android | iOS
    Taptu gives you a visual interface for browsing news feeds and also lets you add your personal social network and RSS feeds for easy access. The app comes with several premade Taptu-curated news categories, but it’s very easy to set up your own categories with the feeds you already love. Build a stream from scratch using the Add Streams button, where you’ll find many suggested feeds from popular publications. You also can search by category, or simply perform a search to gather all the feeds that relate to a specific keyword.

    The Old Reader:
    The Old Reader is still in beta, but is designed to be an exact Google Reader replacement for. This does not intended to be a Google Reader copy but the older Google Reader that offered more tools for sharing and organization. The log in is done via Google or Facebook, and it is possible import your feeds from Google Reader or any other RSS service via OPML. The interface looks very much like Google Reader, complete with folders down the left side, your list of stories in the main pane, and one-click subscription to new feeds. You get all the same keyboard shortcuts, and even get the ability to follow other Old Reader users and share interesting stories, the way you used to be able to with Google Reader. There are no mobile apps yet, but the web version works well on mobile devices, and the developers behind it note that they are working on mobile versions of it, though there are Chrome and Safari extensions already available.

    Other options:

    Most web browsers have a built in RSS reader that allows you to follow up on feeds directly from the comfort of your familiar browser. There are plenty of plug-ins or extensions enabling this option in browsers that do not support it as part of their basic install. The disadvantage of this approach is the same as of a PC installed application, you can’t take the feeds with you and they will stay in the computer where the browser is installed.

    Google Currents Screen

    Google Currents:
    Platform: iOS | Android
    Google Currents was officially unveiled in December 2011 on both Android and iOS, and was framed as a sort of hybrid magazine viewer and RSS reader in one. Not many users used it when it started, and still today it has yet to gain widespread traction on either mobile platform. Regardless of its usage statistics, though, Google Currents is still useful, especially now that Google Reader will be going away.
    Similar to other news aggregators, Google Currents employs a magazine-style interface with large images and paginated posts. It may not be most intuitive, but it looks sleek and works well. It lets you subscribe to and download app-optimized editions of publications, and you can subscribe to any RSS-enabled sites you like, just like Google Reader. The problem here is, there is no knowing if Google will ever decide to shut this service down as well.

    TinyTinyRSS Screen

    Platform: Web | Android
    TinyTinyRSS is not exactly an RSS reader but rather self-hosted RSS service. It is a free open source self-hosted RSS reading platform that allows you to grab your feeds on any system, as long as you have a web host and you’re comfortable installing and setting it up. It also has a Tiny Tiny RSS Android app for comfortably accessing and reading your own feeds. With this hosted on your own web server you now it won’t shut down on you.

    Fortunately, Reader has always had the ability to export your RSS subscriptions and feed groups in the widely-accepted OPML format, which not only includes your feeds, but also your shared items, friends, likes, and starred items. To export your data from Reader, click the Cog button > Reader Settings > Import/Export. Make a backup of the OPML file while you’re at it, too. Now, pick one of the RSS reader replacements and import the OPML file.

    While Google Reader is not shutting down right now, there is still some time until July 1, which gives plenty of time for new options to emerge. Many of the popular apps will roll their own syncing agent and try to stay alive in a post Google Reader-universe. But it is important to remember grabbing your feeds before the shutdown date.

  • Filed under: Internet
  • Plug and play cloud from Nebula

    Nebula Logo

    Don’t you love it when you switch something on and it instantly works? No installation, no deployment, no mocking around with manuals or calling a consultant to help you set everything up. How about having your own private instantly on plug and play cloud? Ok, maybe not you and me, but any company that wishes to have their services on their own private cloud without needing the services of Amazon or Rackspace. This is exactly the solution Nebula are providing.

    Based in Mountain View, Calif., Nebula claims to have an answer for any company that has ever wanted to build its own private cloud system and not rely on outside vendors, may it be for security, privacy or other reasons. Their solution is called Nebula One. And the setup is very simple, actually, it’s as simple as it can get. Plug the servers into the Nebula One, then you turn it on, and it boots up cloud. That’s it. All of the provisioning and management that service providers charge customers for has been created on a hardware device. There are no services to buy, no consultants to pay to set it up, and no technical stuff to fuss around. “Turn on the power switch, and an hour later you have a petascale cloud running on your premise,” says Chris Kemp, CEO and founder of Nebula

    The Nebula One is a hardware device sitting at the top of a rack of servers. on the device’s back are 48 Ethernet ports to where you plug in your cloud server. It runs an operating system called Cosmos that grabs all the memory, CPU and storage capacity from every server in the rack and makes them part of a single cloud. It doesn’t matter who made the servers (Dell, Hewlett-Packard, IBM, or the corner shop down the road) or how much memory and storage each one has.

    Nebula’s technology is based on OpenStack, an open source cloud computing platform, designed by Anso Labs – A NASA startup. Not surprisingly many of Nebula’s team members came from Anso Labs, which was acquired by Rackspace. OpenStack consists of a series of interrelated projects that controls large pools of processing, storage, and networking resources shared between a pool of physical servers, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. OpenStack is free open source software released under the terms of the Apache License. The project is managed by the OpenStack Foundation, a non-profit corporate to promote, protect and empower OpenStack software and its community. Nebula is the only startup company that is a platinum member of the OpenStack Foundation, Others are IBM, HP, Rackspace, RedHat and AT&T, among others.

    With several high profile customers (Xerox among them) and investments from Kleiner Perkins, Highland Capital, and Comcast Ventures, Nebula is on the high road to the cloud.

  • Filed under: Corporate, Systems