iPhone users fooled by fake ransomware

Apple has issued an iPhone software update after reports of fake ransomware attacks where money was demanded in order to unlock the handset's browser.

A pop-up screen accused the phone owner of accessing illegal pornography or pirating music and could not be removed.

However the ransomware was fake - and clearing the browser cache was actually enough to restore full access.

It ran on JavaScript, a code commonly employed by many websites.

The attackers demanded £100 in the form of an iTunes gift card with the code sent via text message to a designated mobile number, said security firm Lookout in a blog about the malware.

"...the attack doesn't actually encrypt any data and hold it ransom," wrote its security researchers.

"Its purpose is to scare the victim into paying to unlock the browser before he realizes he doesn't have to pay the ransom to recover data or access the browser."

The patch closed the loophole but Professor Alan Woodward, cybersecurity expert at Surrey University said some iPhone users have put off the update because it also includes other changes to the running of the device.

"Some people have held off thinking it sounds fairly major, but obviously if they do that they won't get the protection," he said.

"There is this feeling that iOS [Apple's operating system] and Apple devices in general are less vulnerable.

"This shines a light on the fact that nothing is invulnerable. JavaSript is cross-platform and it's a matter of how you manage it."

Read More

How to Hack Wi-Fi Passwords?

Chances are you have a Wi-Fi network at home, or live close to one (or more) that tantalizingly pop up in a list whenever you boot up the laptop. The problem is, if there's a lock next to the name, that indicates security for the Wi-Fi network is turned on. Without the password or passphrase, you're not going to get access to that network, or that sweet, sweet Internet that goes with it.

Perhaps you forgot the password on your own network, or don't have neighbors willing to share the Wi-Fi goodness. You could just go to a café and buy a latte and use the "free" Wi-Fi there. Download an app for your phone like WiFi-Map, and you'll have a list of over 2 million hotspots with free Wi-Fi for the taking (including some passwords for locked Wi-Fi connections, if they're shared by any of the app's 7 million users).

But there are other ways to get back on the wireless, though some of them require such extreme patience and waiting, that café idea is going to look pretty good.

Reset the Router

Before you do this, just try to log into the router first. From there, you can easily reset your wireless password if you've forgotten it.

The problem is when you don't know the password for the router, either. (They're not the same thing, unless you set it up that way). Resetting the router is about as brute force a method as you get, and it only works if you have physical access to the router.

Almost every router in existence has a recessed reset button it. Push it with a pen or unfolded paperclip, hold it for about 10 seconds, and the router will change to the factory settings.

If you've got a router that came from your Internet service provider, check the stickers before a reset—they might have printed the routerand Wi-Fi passwords (sometimes called the key) right on the hardware.

Once it's reset, you need another password (plus a username) to access the router itself. Generally you can do this in a Web browser of any PC attached to the router via Ethernet—you'll need that since the reset probably killed any potential Wi-Fi connection you had going in.

The URL to type is either 192.168.1.1 or 192.168.0.1, or some variation. Once you're asked for a username/password, what do you do? Check your manual. Which you probably lost or threw away. So instead, go toRouterPasswords.com. The site exists for one reason: to tell people the default username/password on just about every router ever created.

You'll need the router's model number, but that's easy enough to find on the back or bottom. You'll quickly see a pattern among router makers of having the username of admin and a password of password.Since most people are lazy and don't change an assigned password, you could try it before hitting the reset button. (But c'mon, you're better than that—change the password once you're in the router's menus in your Web browser.)

Once you've accessed the router interface, go to the Wi-Fi settings, turn on the wireless networks, and assign them strong but easy-to-recall passwords. After all, you don't want to share with neighbors without your permission.

Crack the Code

You didn't come here because the headline said "reset the router," though. You want to know how to crack the password on a Wi-Fi network.

Searching on "wi-fi password hack," or other variations, nets you a lot of links—mostly for software on sites where the adware and bots and scams are pouring like snake oil. Download them at your own risk, for Windows PCs especially. Better to have a PC that you can afford to get effed up a bit if you go that route. I had multiple attempts with tools I found just get outright deleted by my antivirus before I could even try to run the EXE installation file.

Or, create a system just for this kind of thing, maybe dual-boot into a separate operating system that can do what's called "penetration testing"—a form of offensive approach security, where you examine a network for any and all possible paths of breach. Kali Linux is a Linux distribution built for just that purpose. You can run Kali Linux off a CD or USB key without even installing it to the hard drive. Another option is BackTrack Linux—they're actually both from the same developers, but Kali is the "polished" version. Both are free and come with all the tools you'd need to crack a network.

If you don't want to install a whole OS, then you could try the two tried-and-true tools of Wi-Fi hackers.

Aircrack has been around for years, going back to when Wi-Fi security was only based on WEP (Wired Equivalent Privacy). WEP was weak even back in the day, and was supplanted in 2004 by WPA (Wi-Fi Protected Access). The latest Aircrack-ng 1.2—labeled as a "set of tools for auditing wireless networks," so it should be part of any network admin's toolkit—will take on cracking WEP and WPA-PSK keys.

Aircrack-ng comes with full documentation, but it's not going to be that simple. To crack a network you also need to have the right kind of Wi-Fi adapter in your computer, one that supports packet injection. You need to be comfortable with the command line (running things using CMD) and have a lot of patience. Your Wi-Fi adapter and Aircrack have to gather a lot of data to get anywhere close to decrypting the passkey on the network you're targeting. It could take a while.

If you prefer a graphical user interface (GUI), there is KisMAC-ng, or there was. The website was not working as of the writing of this article. While KisMAC can crack some keys with the right adapter installed, it's mainly known as a "sniffer" for seeking out Wi-Fi networks. It's the kind of thing we don't need much of these days, since our phones and tablets do a pretty good job of showing us every since Wi-Fi signal in the air around us. Also on the Mac: Wi-Fi Crack. To use them or Aircrack-ng on the Mac, you need to install them usingMacPorts, a tool for installing command-line products on the Mac.

Cracking stronger WPA/WPA2 passwords and passphrases is the real trick these days. Reaver is the one tool that looks to be up to the task (and it's part of the BackTrack Linux distro). You'll need that command-line comfort again to work with it, or you'll have to spend$65 for Reaver Pro, a hardware device that works with Windows and Mac. After two to 10 hours of trying brute force attacks, Reaver should be able to reveal a password... but it's only going to work if the router you're going after has both a strong signal and WPS (Wi-Fi Protected Setup) turned on. WPS is the feature where you can push a button on router, another button on a Wi-Fi device, and they find each other and link auto-magically, with a fully encrypted connection. It's also the "hole" through which Reaver crawls. It can generally break the code in about 24 hours.

Even if you turn off WPS, sometimes it's not completely off, but that's your only recourse if you're worried about hacks on your own router. Or, get a router that doesn't support WPS. 

Read More

Reliance Jio offers 120GB 4G internet for free to its Prime members

Reliance Jio took another step ahead in its effort to bring more customers onto its platform today, unveiling a new ‘buy one get one’ offer where Prime users are given additional data benefits on a recharge of Rs 149 and above. The window starts from 1 GB and goes up to 5 GB and 10 GB of data for the recharges done within the period of the Happy New Year offer, which is slated to end on March 31. However, the data offers remain available till April 1.

In the new offer, the Jio users can claim up to 10 GB of free data on early recharges. According to the offer, if you are a Jio subscriber and wish to opt for the Rs 149 prepaid plan, you will get 2 GB of data along with unlimited free calls, and then 1 GB of free data on top of that. On the other hand, the Rs 303 plan will fetch you 5 GB of free data along with 28 GB of data. On the Rs 499, Rs 999, Rs 1,999, Rs 4,999, and Rs 9,999 plans, the users will get 10 GB of free data in addition to the original data. So, if the user completes a higher recharge, the extra data for a month is 10 GB, which for a year equals 120 GB of free data.

Jio also lets users do multiple recharges before March 31, and the add-on packs can be used when needed. Users have the option of choosing which cycle they want the recharges to function in. This essentially means that the recharges are like vouchers, which can be kept and used whenever the user wishes.

The 'welcome offer' freebies will get over on March 31, after which the data will be chargeable. To streamline the overflowing requests, the telecom brand has opened its offer to only its Prime members. Users have to pay a certain amount to become 'prime' subscribers. There will be separate charges for data consumed by prime and non-prime members. In order to become a Prime member, subscribers need to pay Rs 99 before March 31, and a minimum of Rs 303 per month for the next one year to get unlimited internet.

The company also offered a cashback offer through which the users can get Prime membership for free. According to the new plan, every recharge done using the Jio Money app will lead to a Rs 50 cashback. After the initial recharge, Rs 303 becomes the monthly fee, where the users can also save Rs 50, which makes the cashback a grand total of Rs 100. This cashback covers the Rs 99 Prime membership plan as well.

The other offers that are available till April 1st for Jio subscribers include a prepaid Rs 19 plan for prime members, which gives the user access to 200 MB of 4G data, apart from free voice, SMS and Jio subscription. The non-prime members can avail the 100 MB 4G data offer.

Read More

These Are the 5 Best Cities for Women in Tech

What do Washington, D.C., Kansas City, Mo., Baltimore, Indianapolis, and New Orleans have in common? According to a recent report, they're the best places to be if you're a woman in tech.

To conduct its annual Best Cities for Women in Tech report, Smart Asset, a New York-based financial technology company, analyzed data from the U.S. Census Bureau, taking 59 of the largest U.S. cities in which the tech workforce is big enough to provide reliable data. Specifically, the study looked at the tech industry gender pay gap, income after housing costs, tech jobs filled by women, and four-year employment growth to rank each of the cities.

For the third year in a row, Washington, D.C., came out on top—proving to have one of the smallest gender pay gaps in the country. The capitol city also has a relatively large percentage of female employees in tech, at about 41%.

Though the study didn't delve into the reasons that D.C. and the other top cities scored so well on these four metrics, "it really shows there's something happening there," AJ Smith, vice president of content at Smart Asset, tellsFortune.

According to Smart Asset, Kansas City, which came in at No. 2, has no tech industry gender pay gap. In fact, women in the city who work in technology typically earn more than their male counterparts. On average, women who have computer and mathematical jobs in Kansas City make $69,770—roughly $2,300 more than men with comparable jobs. Yet, the study found that the city is lacking when it comes to filling its growing number of tech jobs with women. In 2016, women made up about 30% of the workers in computer and mathematical roles, compared to 34% in 2014.

Baltimore is ranked No. 3, according to the study—mostly because of the increase in its tech workforce in recent years. For example, of the 12,400 computer and mathematical jobs added between 2012 and 2015, women made up 32.5%—up from 28.5% in 2016, notes the study.

Indianapolis and New Orleans rounded out the top five, at No. 4 and No. 5, respectively. Like Kansas City, Indianapolis has no tech gender pay gap. New Orleans, meanwhile, is notable for it's job growth: the number of tech jobs in New Orleans grew by 32 percentage points between 2012 and 2015—representing the biggest four-year change in tech employment growth in the study.

Although these cities may grace the top five, it's worth noting how their income after housing rates compare with those in the Bay Area, which is usually the go-to region for tech jobs. Some California cities—like Fremont, a city north of Silicon Valley, for example—boast a post-housing cost income of $68,180, nearly $12,000 more than that of D.C. But Fremont and many other other Northern California cities were dinged for their percentage of women in tech jobs. While women account for 41% of tech workers in the nation's capitol, they are only 26.6% of Fremont's technology workforce.

"Women don't have to move to Silicon Valley—they can find good paying tech jobs in many areas around the country. Some of these cities should want to do better, or women will take their talents elsewhere," says Smith.

While the study's results are good news for these in the top five cities, women are still in the minority in STEM—comprising only 26% of computer and mathematical jobs nationwide. And female tech workers are still being paid less than their male counterparts across the industry: On average, female-to-male tech earnings ratio in the U.S. is 84.8%—down nearly two percentage points from last year.

Read More

Soon you will be able to share your real-time location using Google Maps

Google is adding a real-time location sharing feature to Google Maps. This will allow users to share their real-time locations with friends and family.Google announced the feature in a blog post today.
To send your location to contacts, all you need to choose the “Share location” option from the Google Maps side menu. Now you can select how long you would be able to share the location, then tap the person you want to share the location and they will be able to follow you (it varies between 15 minutes and 3 days). The best part: the person tracking you doesn’t need to have a Google account. You can share the link tied to your location using any messenger application, which can be opened in a desktop or mobile web browser.
For example, if you are driving to a new place, you can share your real-time location and trip progress from the navigation data. While in the navigation screen, tap the “More” button on the bottom, and then tap “Share trip”. Sharing ends you arrive at the destination.
Similar features are available on other apps. For example, Apple offers a tracking feature called “Find My Friends” on its iPhone, iPad and iPod Touch. Those who remember Google Latitude (now-defunct) know that this feature excited even before.

Google says an update to Google Maps will be available for both Android and iOS users, though an exact date wasn’t provided. While the feature is useful at times, it could be a bit controversial as well, as it raises privacy concerns. In December, Facebook decided to stop showing the exact location of users in its Nearby Friends feature. Instead, the app now gives an overview of where you are, indicating the neighbourhood rather than a map.

Read More

Would YOU let a friend share your phone battery? Sony patents technology for wireless power transfer between devices.

Sony has come up with a new idea to let you charge your phone wirelessly - but it might test your generous side.

The Japanese technology company has patented technology that will enable phone users to 'steal' battery power from nearby devices.

Phones could hunt down power using a system similar to Wi-Fi hot-spotting and top up their phone's battery wirelessly with charge from another person's device.

The futuristic technique could enable mobile phones to take power from a range of electric devices, including other smartphones and computers, as well as washing machines, fridges and TVs.

The patent says the technology will use a chip equipped with Near Field Communications (NFC), a technique that allows data transfer over short distances.

NFC lets devices within 1.6 inches (four centimetres) of each other to 'communicate'.

The technology is commonly used in contactless payment systems and also for wirelessly sharing contacts, photos and videos between mobile devices. 

'The method comprises identifying a plurality of antenna systems including at least a first antenna system and a second antenna system,' inventors wrote in a United States Patent Application.

'At least the first antenna system is cooperated with a first CE device and the second antenna system is cooperated with a separate second CE device.'

The patent goes on to describe how any device fitted with an NFC chip will be able to search for other electronics fitted with the same system.

Two devices will then be able to connect to exchange power, in the same way that a device can search for Wi-Fi hot spots.

The patent doesn't say whether it is just smartphones that will be targeted by the technology, instead referring to 'portable consumer electronic devices'. 

In February, Disney announced that is also working on technology similar to Wi-Fi that can power up to 320 mobile devices without the need for wires.

The technology, called quasistatic cavity resonance (QSCR), uses magnetic fields to transmit power to mobile devices, and is being developed by scientists at Disney's research lab in Pittsburgh. 

Alanson Sample, lab director and principal research scientist at Disney Research, said: 'This new innovative method will make it possible for electrical power to become as ubiquitous as WiFi.

'This in turn could enable new applications for robots and other small mobile devices by eliminating the need to replace batteries and wires for charging.'   

Read More

How To Make Sense Of Tech Policy In The Trump Era

For a tech industry guided by data and judged by reliable metrics, the unpredictability of the Trump administration is generating plenty of headaches. At the largest companies, executives are still trying to figure out what’s next, and some of them outlined their strategies and expressed their feelings about that sense of unease at a SXSW panel called Tech Policy Outlook in the 45th Administration

. Long story short: It’s complicated.

“Not engaging is not an option. You need a perpetual engagement strategy, no matter who the president is,” says Tiffany M. Moore, VP of congressional affairs at the Consumer Technology Association. And more than 50 days into the Trump administration, tech companies are still unclear on what’s next–key executive branch offices have yet to be filled, and it’s hard to get answers from many agencies.

Here’s a rundown of the biggest concerns and issues discussed on the panel:

TECH POLICY IMPACTS EVERYTHING

In 2017, tech policy means business and lifestyle policy since it pervades almost every aspect of our lives, said Jesse Blumenthal of the Charles Koch Institute, a right wing-leaning think tank:

It is important to us, because in a lot of the industries ripe for innovation, such as health care, financial services, manufacturing, and transportation, what you find are legal and regulatory frameworks that as often as not didn’t envision certain technology, business models, or new ways of doing things. You now pull a phone out of your pocket, have a stranger show up in minutes, and take you where you need to go, and all without paying cash–this was radically unthinkable a few years ago.

Because tech moves faster than policy, this creates big problems–especially for emerging technologies like self-driving cars and on-demand workforces (which primarily impact transportation and employment law).

THE TECH INDUSTRY DOESN’T LIKE TRUMP’S IMMIGRATION POLICIES

Multiple speakers onstage expressed deep concerns about Trump’s immigration policies and what they could mean for U.S. tech companies.

Intel’s senior counsel and director of government relations, Norberto Salinas, put it bluntly when speaking of recent executive orders on immigration: “They scared us into thinking about what sort of future we have if the Trump administration is focusing on trying to close off the borders.” Salinas adds:

Our hiring system focuses on grad students in STEM fields. The majority of those students happen to be foreign nationals on student visas. When we go out there to look at the pool of available workers, many of them are foreign nationals. Once their student visa is done, they have to return to their home.

What we’d like to do is keep them here because they are the best and brightest; they strive for growth and innovation. If they’re not in the United States, they’ll end up in China, India, and Canada. This is bad for us.

.

TRADE LEGISLATION IMPACTS THE TECH INDUSTRY

Multiple panelists expressed deep concerns about the U.S.’s withdrawal from the Trans-Pacific Partnership (TPP). The trade deal, a complicated multinational treaty dealing with many aspects of global trade that was effectively canceled by the U.S.’s withdrawal, contains clauses on intellectual property that many tech companies strongly supported.

Karen Kornbluh, Nielsen’s executive vice president of external affairs, also raised concerns about the confusion and duplication that arises when multiple government agencies are involved in regulating a specific issue or technology.

“One interesting thing I’m following is privacy,” Kornbluh says, “And broadband privacy as a result of net neutrality at the FCC [Federal Communications Commission]. The FTC [Federal Trade Commission] previously regulated it. However, AT&T won a decision saying that the FTC couldn’t regulate companies doing any kind of broadband.” Kornbluh was speaking about a case AT&T won over throttling customers on unlimited data plans that, on the surface, has nothing to do with privacy. However, the consequences affect online privacy. Kornbluh continued:

Now the privacy order may be reversed, leaving a huge gaping hole in terms of which regulator regulates privacy in broadband. It’s possible some companies may be so surprised and concerned that they could look for legislation to clarify, since we haven’t had privacy legislation in so long.

Obviously the Trump presidency is just getting started, and the next few years will be full of unpredictable changes and shifts. No matter what happens next, it’s best to be prepared.

Read More

Analyst: The Top Tech Stock Isn't Apple, Alphabet Or Amazon - It's Skyworks Solutions

The top tech stock to buy isn't Apple Inc. AAPL 0.2%, Amazon.com, Inc. AMZN 0.08% or Alphabet Inc GOOG 0.13% GOOGL 0.15%; rather it's Skyworks Solutions Inc SWKS 0.37%.

According to Ari Wald,

 Oppenheimer's head of technical analysis, the semiconductor maker is already a red-hot stock having gained more than 30 percent since the start of 2017. But the bullish story to Skyworks' stock certainly doesn't end here, as investors can expect further gains moving forward.

Wald explained during a recent CNBC "Trading Nation" segment investors should have exposure tosemiconductor stocks from a technical perspective. He noted a key sign in the Technology SPDR (ETF) XLK 0.21%, which bodes well for Skyworks. Specifically, the chart of the XLK relative to the S&P 500 index shows a recent breakout above a consolidation period that has been in place going back to 2012.

There is another bullish sign found in another chart. In this case, a breakout was observed when measuring the Philadelphia Stock Exchange Semiconductor Sector Index relative to the technology sector.

With that said, Skyworks is a top pick in the semiconductor space and momentum is certainly on the stock's side as it's trading at its highest levels since mid-2015.

"Bit of a rotation idea here. [There was a] prior period of underperformance, beginning to shift higher, reverse higher, and I think this is playing the rotation game here within this leading group," Wald concluded.

Read More