No More Forced Windows Updates, Promises Microsoft

Microsoft will stop Windows 10 forced automatic updates

After a truck load of complaints from angry users, Microsoft has finally changed its mind and will stop sending forced updates to user’s PCs. Starting with the Windows 10 Creators Update, your machine will no longer display easy to miss reminders about updates and then install it automatically. You will now get to control when any new updates will be installed. This news broke back in May and at the time, it was being pegged as Microsoft listening to its users. However, reports have recently come out that this action might have been in response to the lawsuits that were filed against Microsoft for pushing updates to machines without user knowledge.

Lawsuits

During the one year period when Microsoft allowed a free upgrade from Windows 7 & 8 to Windows 10, Microsoft downloaded GBs of data onto user machines that were eligible for the update. This led to many angry Windows users filing lawsuits against the company. In 2016, a consumer rights body in the German state of Baden-Württemberg, took Microsoft to court over these downloads, claiming that the company would download up to 6 GB of files onto machines without user consent. After approximately a year of legal proceedings, the German wing of Microsoft has voluntarily agreed to not download files on to user machines without consent. The German rights group has welcomed this news, but also said that the delay in implementing the change was not acceptable.

“We would have wished for an earlier backdown, but [Microsoft’s statement] is a success for more consumer rights in the digital world,” said Cornelia Tausch, CEO of the Consumer Center in Baden-Württemberg.

How it will now work

Once the update is available, instead of a small prompt, users will now receive a full screen prompt that will give you 3 options viz. Restart Now, Pick a time and Snooze. Even if you do not do anything, your machine will not take any action automatically as is the case right now. On hitting Snooze, a user can delay the update for up to 3 days until 35 days have passed. Once those 35 days are up, users can delay the update even further by hitting Remind me Tomorrow.Therefore, a user can delay the update indefinitely.

As we mentioned earlier, reports of this first broke out in May with Microsoft releasing a statement on their blog post that made it seem like Microsoft was listening to its users. An excerpt of the blog post is as below:

Prior to the Creators Update, Windows 10 made most of the decisions for you regarding when updates would be installed and didn’t provide ways to tailor the timing to your specific needs. What we heard back most explicitly was that you want more control over when Windows 10 installs updates. We also heard that unexpected reboots are disruptive if they happen at the wrong time.

Parents, here are 5 things you must know about the Blue Whale Challenge

If you are a parent and don’t know anything about the Blue Whale Challenge, then it’s important that you read the following post.
What is the Blue Whale Challenge?The Blue Whale Challenge is supposedly an Internet game where players are assigned 50 different tasks by the game admin (also known as curator). A player has to complete all these tasks within 50 days and can only win it by completing the last task – which is to take their own life.
According to Wikipedia, Blue Whale Game has its origins in Russia and is the creation of a 21-year-old man called Philipp Budeikin. The game began back in 2013 and there have been 130 separate cases of suicide that are linked to it. This claim, however, still remains unverified.
The name of the game originates from the unverified phenomenon of ‘beached whales’ – refers to whales who strand themselves on land ending their lives.
How is the Blue Whale Game played?Just how this game is played is a mystery – some say it can be played by installing a mobile app while some are of the view that the ‘curators’ recruit participants via Social Networking sites. And there are theories that suggest – people who are willing to play the game leave messages in places such as public forums or comment boxes of shady websites using hashtags like #bluewhalechallenge, #curatorfindme, #i_am_whale to help the game’s admins find them.
There are 50 tasks that every player has to undertake while playing this game. These include making cuts on the arm, carving certain characters on the hand using a sharp object, watching psychedelic and horror movies, visiting a railroad, standing on the edge of a building and other such daring and self-destructive tasks – with jumping off a building as the final one.
Reported cases of suicide linked to Blue Whale Game in IndiaThe following cases (sourced from Wikipedia) are allegedly linked to the Blue Whale Challenge based on various anecdotes from the deceased or affected person’s family, friends, and acquaintances. There is still no concrete evidence that can prove their association with the Blue Whale Game. But, the details in these incidences do paint a picture of this sinister game – such as the behavior of the victims and what they did before ending their lives.

1. A 16-year-old boy from Kerala committed suicide on 26 July 2017.
2. A 14-year-old boy from Mumbai committed suicide by jumping off a building.
3. On 10 August 2017, a student from Indore tried taking his life but was stopped by a group of students.
4. On 10 August 2017, a 14-year-old boy was stopped by the Maharashtra Police before he could complete the final task of the Blue Whale Challenge.
5. On 12 August 2017, a student from West Bengal committed suicide by asphyxiating himself as per reports.
6. On 15 August 2017, a 16-year-old boy from Kerela committed suicide by hanging himself.
7. A 22-year-old man from Kerela committed suicide by hanging himself on 16 August 2017.
8. On 21 August 2017, a 24-year-old girl jumped off the seventh floor of a building. She survived the fall with severe injuries.
9. A 15-year-old boy from Jamshedpur in Jharkhand has been reported to may have drowned himself in a city lake on 21 August 2017.

Who are the most likely candidates to play this game?The answer is well covered by the following article on indiatoday.in
Why will anyone play a game such a Blue Whale Challenge that asks them to end their life?
Now, the most important question – What should parents/guardians do about it?To begin with, we must understand that the Blue Whale Challenge is not a mobile app nor a website or a social media group until proven otherwise – it’s a phenomenon. Which means, you cannot prevent the game from getting installed on your kid’s phone nor can you block any websites. Yes, you may bar your kids from using the Internet or social media but to what extent?
So, what remains? Your good old bonding with your children – the strongest shield that can keep them safe from all the bad things in life including the Internet. Prohibiting myself from giving any lecture on parenting, I’ll just keep it to this – start getting more engaged with your kids; talking is essential. They should be able to voice their thoughts to you without the fear of getting judged or rejected – problems from trouble sleeping at night and anxiety of joining a new class to being worried about that bully in their school or what others think about them – anything. Also, if you see sudden behavioral changes in them, do not give a second thought to visiting a professional.
Their lives might look ordinary, careless or nothing grand to attract attention, but a lot goes around in those tiny little minds – more than we grownups assume.
From the point of view of online security, here are some things that you can do:

1. Teach your kids (right from a young age) not to share their personal information on the Internet. Follow this rule yourself.
2. Let them know that they can talk to you about anything wrong they see or come across online.
3. Help them understand that strangers in real life are no different from strangers on the Internet.
4. Caution them against joining any groups that ask them to perform undesirable tasks.
5. Consider giving your children phones that they can use for just calling and texting. This way, you can limit their impressionable minds to the Internet. Dr. Harsh Shetty, child psychiatrist at LH Hiranandani Hospital, Mumbai, says “never give gadgets as gifts, and do not use gadgets as a means to calm a child or keep them busy”.

Sarahah app uploads your address book without your knowledge

Honesty app’ Sarahah is dishonest, as it uploads your phone contacts to the server

Sarahah, the anonymous feedback messaging app, is all over the place. Be it Facebook, Twitter, Instagram or Snapchat, everyone is talking about the app for the past couple of weeks.

For those unaware, ‘Sarahah’ – means ‘honesty’ in Arabic, is an app that allows the users to send anonymous messages to others registered with the app. Created by Saudi Arabian developer Zain al-Abidin Tawfiq, the app is aimed to help people identify their strengths and weaknesses. However, users have no way of knowing who sent the message or how to reply to them. The app is available in two languages, English and Arabic, for iOS and Android users.

“Sarahah helps you in discovering your strengths and areas for improvement by receiving honest feedback from your employees and your friends in a private manner”, the app description explains.

However, it now appears that the app is collecting more just than feedback messages. Apparently, the app is uploading users’ phone numbers and email addresses in the address book to the company’s servers, which was spotted by Zachary Julian, a senior security analyst at Bishop Fox when he installed the app on his Android smartphone, a Galaxy S5 running Android 5.1.1.

When this news was reported by The Intercept, Zain al-Abidin Tawfiq responded by tweeting that the contact lists were being uploaded “for a planned ‘find your friends’ feature.” However, the removal of the functionality was “delayed due to a technical issue.” He now claims that the functionality has removed from the server and the data request will be removed in a future release. He also tweeted that Sarahah currently stores no contacts in its databases, which is impossible to verify.

Sarahah uploading address book data from The Intercept on Vimeo.

Julian discovered the behaviour of Sarahah by using BURP Suite, a traffic analyzer, which intercepts internet traffic entering and leaving the device, allowing the owner to see what data is sent to remote servers. When Julian launched Sarahah on the device, BURP Suite caught the app in the act of uploading his private data.

“As soon as you log into the application, it transmits all of your email and phone contacts stored on the Android operating system,” he said. The same occurrence was later determined on Apple’s iOS too, although after a prompt to “access contacts,” which also appears in newer versions of Android.

The above occurrence clears that the app is somewhere interested in your contacts. For instance, on iOS, the app says “the app needs to access your contacts to show you who has an account in Sarahah,” and allows the user to select between “Okay” and “Don’t allow.” On the other hand, in some cases on Android, the app requests access to contacts without providing any explanation for needing such access, while in other cases it makes no such request. On both iOS and Android, there is no mention of data being uploaded to a server.

“The privacy policy specifically states that if it plans to use your data, it’ll ask for your consent,” Julian said. “While the app’s entry in Google’s Play Store does indicate the app will access contacts, that’s not “enough consent” to justify “sending all of those contacts over without any kind of specific notification,” he added. On the other hand, the app on iOS platform claims to use contact data in the user’s address book to show them their list of friends using Sarahah, which it actually does not do, reveals the testing done by Julian.

Even though the app’s privacy policy states that, “We will never sell the data you provide to any third party as part of personal marketing without your prior and written consent unless it was a part of bulk data used for statistics and research and it won’t contain any data to identify you,” it is not completely clear as to what Sarahah uses uploaded contact lists for.

For those who really want to use Sarahah and are concerned about their privacy can take comfort from the fact that they do not require to download the app to use the service. You can instead register yourself on Sarahah via a website after which you be allowed to send and receive messages. The site doesn’t ask for or require access to your contacts in the digital address books for you to use Sarahah.

What is the Blue Whale Challenge- the online suicide game?

he deadly Blue Whale Suicide Challenge

The Blue Whale Challenge also known as the Blue Whale Suicide Game is a social media phenomenon. Usually considered to be an urban myth, the game has gotten increased attention after a spate of teen suicides were said to be linked to the game. It is not a downloadable game, app or software. It is a social media phenomenon such as the ALS challenge that is spread through secretive groups.

Origin Story

The game appears to have originated on a russian social site VKontakte with “F57”, one of the names of the so-called “death group” of the  site leading to the first suicide in the year 2015. The game plays out over 50 days, where a player has to successfully complete 50 challenges. The challenges range from watching a horror movie to self mutilation. These tasks are given by the “curator”, who also asks for photos of the teenagers carrying out the tasks as proof for his approval. The last of the 50 challenges as we know – is suicide.

Spread & Arrests

Reports started coming in from various Russian sources that a VK group administrator had been detained for urging children to commit suicide. Some months later , a YouTuber Sasho Panchuk, uploaded a video wherein a Russian teenager pretends to jump off a roof titled  “The guy plays Blue Whale jump from roof”. Though the video has since been removed, the game spread leading to reports that the game could be responsible for around 130 deaths.

In May earlier this year, Russian authorities revealed that they had made an arrest related to these deaths – a 21 year old expelled psychology student Philipp Budeikin. Philipp claimed to have invented the game with the purpose of cleansing society by pushing people that he deemed of no value towards suicide. Later, he plead guilty to the charges of inciting at least 16 teenage girls towards committing suicide. He had also claimed that the reasons for creating this game were linked to him suffering from bipolar disorder, he was later found to be of sane mind by the court.

The game has received renewed interest after a suicide committed by a teenage boy by jumping off the roof of his house were said to be linked to the game. This has caused the local police to investigate other recent teen suicide cases as possibly connected to the Blue Whale game. Meanwhile, the Indian government has asked the top internet companies in the country including Google, Facebook, WhatsApp, Instagram, Microsoft and Yahoo to remove any links or references to the Blue Whale.

Motorola Looking To Develop Smartphones That Can Self-Heal Its Cracked Screen

Motorola has filed a patent for a smartphone screen that can heal itself

A cracked or shattered smartphone screen is definitely not good news or sight for owners who have butterfingers. What is even worse is the huge money that goes into it to get it repaired. Well, that may not be the case in the future if all goes well….

Motorola who had introduced “Shattershield” display technology with its Droid Turbo 2 smartphone has now filed a patent for a self-repairing phone display. Although the patent was filed by Motorola in February 2016, it has been just put online by the U.S. Patent and Trademark Office (USPTO) that describes the patent as a “method and device for detecting fascia damage and repairing the same.”

According to the filed patent, the company is looking into developing a smartphone that can heal its own cracked display with heat, including the phone’s own heat or the user’s body heat over a period of time. The process depends on something called “shape memory polymer”, a material that can be deformed and then recover its original shape through a process called thermal cycling. The “thermal elements” would be either built into the screen or next to it so that it can identify a crack, scratch, or unwanted bend and then apply heat to it “to reverse at least some of the deformation.” This means that the self-healing process will surely lessen the small scratches and minor cuts to the screen and make the phone usable. However, don’t expect the phone to start renewing and look as good as new.

“The self-healing effect has been shown to completely reverse scratches and indentations, and to at least partially reverse cracks and breakage,” Motorola states.

While the patent may sound cool and exciting, there’s no guarantee that Motorola would use the technology in its future smartphones any time soon. Also, a pliable polymer layer feels more like plastic and a lot cheaper than Gorilla Glass, which means that manufacturers won’t use them as they could lose on their capture market.

To read more about the Motorola patent, click here

Hackers, ‘Mr. Smith group’ threaten to leak the Game of Thrones Season 7 Final Episode

Hackers calling themselves ‘Mr. Smith group’ have promised to leak Game of Thrones Season 7 Episode 7, the final GoT episode of 2017

As we said HBO is having a bad 2017. It all started with a hacking group hacking HBO servers and stealing 1.35 TB data including scripts of Game of Thrones Season 7 and other HBO blockbuster TV series. Then some employees of Star India leaked the GoT Season 7 Episode 4 “Spoils of War.” Matters got worse as HBO Spain mistakenly aired the Game of Thrones Episode 6 “Beyond the Wall” a full six days before it is to be aired internationally today.

Now comes the worst news. The hackers who call them ‘Mr. Smith group’ who had hacked the Twitter and Facebook accounts of Game of Thrones run by HBO guys allege that they have access to the Game of Thrones Season 7 Episode 7 which is the last episode of the current 2017 season.

The Game of Thrones Season 7 has thrown a lot of surprises for GoT fans. The 2017 season saw all the living Stark kin meet albeit, without Jon Snow, King of the North who is in Dragonstone. The GoT season also saw the mother of Dragons attack Red Keep to burn all supplies and thousands of House Lannister soldiers. Ser Jamie managed to escape the fiery fury of Viserion, the Dragon that Daenerys was flying with the help of Ser Bronn. The next GoT Season 7 Episode 5 “Eastwatch” sees Jon Snow and his group set foot beyond the Wall to bring proof of the White Walkers and The Night Kings existence to Cersei and Daenerys. The entire suspense buildup has left GoT fans gasping for more and the hackers are spoiling the fun for them as well as HBO.

According to the hackers, ‘Mr. Smith group’ they have login credentials for a number of HBO’s social media, including the official HBO, Game Of Thrones and Westworld accounts on Twitter. They have also warned that they would be releasing the Game of Thrones Season 7 Episode 7, the final episode ahead of its official release on 27th August 2017.

The so-called “Mr. Smith group” told Mashable that they “have access to many HBO platforms already” and warned audiences: “Be ready for GOT S7 E6 & E7 as soon as possible.” Mashable did not attempt to verify the accuracy of the passwords but stated they have “no reason to doubt” the group’s threats after previous GoT Season 7 leaks.

A little history of Game of Thrones Season 7 – For those unaware, first, it was the news of HBO servers being hacked by cyber criminals broke wherein 1.35TB of data was stolen that included scripts of top HBO serials including Game of Thrones (GoT) Season 7, Ballers and Room 104 TV show. If this was not enough, a few days later, the script of Game of Thrones Episode 4 “Spoils of War” was leaked, which was followed by the subsequent release of the entire episode of GoT S07E04 “Spoils of War” on torrent websites. Later, the hackers went on to leak the script of Game of Thrones Season 7 Episode 5 Eastwatch (GoT S07E05).

Here are the top 8 Websites To Learn Ethical Hacking – 2017

Here are the top 8 websites to learn ethical hacking

Everybody wants to learn hacking in today’s age. However, this is not an easy task until you have basic knowledge about computers and network security. For beginners to know, there are two types of Hacking Ethical (White Hat) and Unethical (Black Hat). Unethical hacking is considered illegal while ethical hacking may be regarded as legal.

We provide you with a list of websites that offers you white hat content. However, it is important to note that as a beginner to not perform any hacking & cracking tactics that breach any cyber law.

Hackaday

Hackaday is one of the top ranked sites that provide hacking news and all kinds of tutorials for hacking and networks. It also publishes several latest articles each day with detailed description about hardware and software hacks so that beginners and hackers are aware about it. Hackaday also has a YouTube channel where it posts projects and how-to videos. It provides users mixed content like hardware hacking, signals, computer networks and etc. This site is helpful not only for hackers but also for people who are in the field of Digital Forensics and Security Research.

Evilzone Forum

This hacking forum allows you see the discussion on hacking and cracking. However, you need to be a member on this site to check out queries and answers regarding ethical hacking. All you need to do is register to get your ID to get an answer for your queries there. The solution to your queries will be answered by professional hackers. The Remember not to ask simple hacking tricks, the community people here are very serious.

HackThisSite

HackThisSite.org, commonly referred to as HTS, is an online hacking and security website that gives you hacking news as well as hacking tutorials. It aims to provide users with a way to learn and practice basic and advanced “hacking” skills through a series of challenges, in a safe and legal environment.

Break The Security

The motive of the site is explained in its name. Break The Security provides all kind of hacking stuff such as hacking news, hacking attacks and hacking tutorials. It also has different kind of useful courses that can make you a certified hacker. This site is very helpful if you are looking to choose the security and field of hacking and cracking.

EC-Council – CEH Ethical Hacking Course

The International Council of Electronic Commerce Consultants (EC-Council) is a member-supported professional organization. The EC-Council is known primarily as a professional certification body. Its best-known certification is the Certified Ethical Hacker. CEH, which stands for Comprehensive Ethical Hacker provides complete ethical hacking and network security training courses to learn white hat hacking. You just have to select the hacking course package and join to get trained to become a professional ethical hacker. This site helps you to get all kinds of courses that make you a certified ethical hacker.

Hack In The Box

This is a popular website that provides security news and activities from the hacker underground. You can get huge hacking articles about Microsoft, Apple, Linux, Programming and much more. This site also has a forum community that allows users to discuss hacking tips.

SecTools

As the name suggests, SecTools means security tools. This site is devoted to provide significant tricks regarding network security that you could learn to fight against the network security threats. It also offers security tools with detailed description about it.

What IS Ping And How It's Work?

What IS Ping And How It's Work?

Ping is a type of network packet that is used to check if a machine that you want to connect to over the internet is available or not. A ping is a network packet termed an Internet Control Message Protocol (ICMP) packet. The process of a ping is done when a machine sends an ICMP echo request packet to another machine or interface over the internet. If the receiving machine is available and is enabled to reply back, it will respond with an echo reply packet.

This not only shows us that the receiving machine is alive and working, it also helps us to identify a number of things such as total time taken, loss of packets, etc that are used to judge the reliability of the connection.  To run a ping from your Linux machine, you will need to open a terminal and write a command. The syntax of the command is “ping destination_ip” – replace “destination_ip” with the actual IP address of the machine you want to connect with.

All recent versions of Windows and Linux come enabled with the ICMP command. On Windows, the command will send 4 echo requests before stopping while Linux will continue sending echo requests until a user stops it themselves.

What Is Actual Different Between DoS vs DDoS Attack

What are the differences between DoS and DDoS Attack? 

The terms DoS and DDoS might sound extremely similar because there is a ‘D’ missing from the two acronyms, but it turns out that there are several differences between the two that you should know about. First of all, the full form of DoS and DDoS are as follows:-

• DoS: Denial of Service
• DDoS: Distributed Denial of Service

Now that you know the differences between the two terms as far as their full forms are concerned, what are the primary differences between the two in terms of functionality?

DoS

A DoS attack means that one computer and one internet connection is being used to flood a server with packets (also known as TCP/UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. As a result, this will make the server inaccessible to other computers, meaning that whatever form of content that was being loaded by the server, ranging from a website, to a hosting service will not be visible to other computers.

DDoS

While some would say that a DDoS attack is in most ways similar to a DoS attack, the results are quite different. Instead of one computer and one internet connection being used to overload a targeted server, the DDoS attack utilizes several computers and connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet. The core difference between a DDoS attack and a DoS attack is that in DDoS attack the target server will be overloaded by hundreds or even thousands of requests, involving several computers and internet connections, whereas a DoS will involve a single computer and a single internet connection for all these requests

One of the reasons why DDoS attacks have been widespread over the course of months in contrast to a DoS attack is because it is much difficult for a server to withstand the overloading attributes of a DDoS attack. Since several computers and internet connections are working in unison to bring down the server, the objective intended to being achieved is much simpler than one would expect.

What is Disposable Temporary E-mail?

What is Disposable Temporary E-mail?

 

Disposable email- is a service that allows to receive email at a temporary address that self-destructed after a certain time elapses. It is also known by names like :tempmail, 10minutemail, throwaway email,fake-mail or trash-mail.Many forums, Wi-Fi owners, websites and blogs ask visitors to register before they can view content, post comments or download something.Temp-Mail - is most advanced throwaway email service that helps you avoid spam and stay safe.