Reenabling external SD card access that is restricted in Android 4.4 (KitKat) with SDFix

If you have updated your Android smartphone to version 4.4.x (KitKat), you might find that access to your external SD card is now restricted by the system.

The system now comes with a file explorer that is having full read/write access to both your internal storage and external SD card storage. However, 3rd party file explorers lost the write access to the external SD card and can no longer create, move or edit files or folders in it.

Many apps can no longer save data and files in the external SD card, including your backup apps, multimedia apps, file transfer apps, etc.

This will bring problem to the operation of numerous apps. You might also face storage shortage if the internal storage of your phone is less than 32GB.

Luckily, you can reconfigure your Android smartphone to treat your external SD card the same way as before version 4.4, and let you get rid of the restriction that causes you hassle, trouble and problem.

There is only one condition: your Android smartphone must be rooted, as root access is required to change the affected system configuration file.

I use a free app called SDFix: KitKat Writable MicroSD by NextApp Inc. for my HTC One (M8) and Samsung Galaxy Note 8.0 (GT-N5100) after they've updated to Android 4.4.x. This app is simple, easy, and works like a charm.

You will need to reboot your phone for the change to take effect after the app changed the system configuration file. If the change is successful, you can proceed to uninstall the app as you only need to run it once.

How to get into the BIOS Setup Utility screen of Lenovo Yoga 2 Pro laptop

In order to get into the BIOS Setup Utility screen of Lenovo Ideapad series of laptops, you need to locate for a button called the Novo Button on the laptop.

In the case of Lenovo Yoga 2 Pro ultrabook, this Novo button is a small round button located beside the Power button.

While is laptop is powered off, press and hold this Novo button for a few seconds, and you should be able to see the Novo Button Menu with 4 options:

• Normal Startup
• BIOS Setup
• Boot Menu
• System Recovery

Select the 2nd option namely "BIOS Setup" and press . There you are, the BIOS Setup Utility screen of Lenovo Yoga 2 Pro!

In this BIOS Setup Utility, you can view some of the hardware information of the laptop, including its serial number. Most importantly, you can setup the BIOS passwords (administrator and user) and also the harddisk password here as a basic security measure to protect the data in your laptop.

Rooting the HiMedia Q5ii Android TV box

You might wonder why you need to root the Android TV box in the first place. Well, I also never thought about this, until the recent Chinese version of Q5ii firmware taken away the Google Play Store, and I need root access to restore the Google Play Store in the HiMedia Q5ii Android TV box.

In order to gain root access of the HiMedia Q5ii from your computer, you need to put connect them to the same local network. Then, as usual, you'll need the famous Android Debug Bridge (ADB.exe) which is distributed in the Android SDK Tools in Android Developers website. All Android developers and/or hackers should already have this Android SDK Tools in their computers.

Alternatively, you can also install ADB in your computer by downloading and installing the Minimal ADB and Fastboot package from XDA Developers website.

If until this point, you don't know what I am talking about, and you have no idea what is "root", you should not continue. This is because rooting an Android device, if not handled properly, might introduce risk and damage to your Android device.

If you still keen to continue, then copy these 3 required files to a new folder in your computer:

• adb.exe
• AdbWinApi.dll
• AdbWinUsbApi.dll

Then, we need the "su" binary and the Superuser.apk.

Download Superuser-3.2-arm-signed.zip here, unzip the file, and copy these 2 files into the folder where you put ADB just now:

• su
• Superuser.apk

Then, you need to find out the IP address of your HiMedia Q5ii Android TV box and use ADB to connect to its port 5555.

Go to Windows command prompt by executing "cmd" in Run...

Go to your folder with ADB, and issue the following commands:

• adb connect your_himedia_ip_address:5555
• adb root
• adb remount

An example of the command issuing and respond is as below...

Then continue with the following commands:

• adb push su /system/bin
• adb push su /system/xbin
• adb push Superuser.apk /system/app
• adb shell chmod 4755 /system/bin/su
• adb shell chmod 4755 /system/xbin/su

And finally, reboot your HiMedia Android TV box with this command:

• adb shell reboot

After the reboot, you should be able to gain the root access to your HiMedia Android TV box now.

Solution for Microsoft Security Essentials (MSE) unable to run after Windows update

Yesterday, the automated Windows update of my laptop installed some updates, and one of them related to Microsoft Security Essentials (MSE) failed.

Since then, the Microsoft Security Essentials unable to run, and the Action Center keeps on telling me that there is no antivirus and spyware protection running on my Windows 7.

I managed to fix it by this way:

• Download a new installer of Microsoft Security Essentials from Microsoft website (http://windows.microsoft.com/en-us/windows/security-essentials-download).
• Download OneCareCleanup from Microsoft website (http://download.microsoft.com/download/4/c/b/4cb845e7-1076-437b-852a-7842a8ab13c8/OneCareCleanup.exe)
• Run the OneCareCleanup.exe
• Reboot the computer
• Reinstall Microsoft Security Essentials with the installer downloaded just now

Note: If you directly reinstall MSE without running the OneCareCleanup tool, the installation will stop halfway, giving out a 0x80070643 error.

Check how strong is your password and how long to hack it

Is your password easy or difficult to be hacked?

Intel has created a webpage to check how strong is your password and theoretically how long to hack it.

Check it out! Click here to go to the password checking webpage to grade your password.

If you are staying in USA, you can also enter the Password Win sweepstake there between 6 May 2013 to 26 May 2013. Prizes consist of 3 grand prizes (Intel Ultrabook worth US$999.99) and 30 first prizes  (McAfee All Access software worth US$99.99).

The password analysing algorithm is written in JavaScript and run on your own computer. You can inspect it with the "view source" function of your web browser. The password you type there would not be sent out to the Internet.

Yahoo website hacked, 450k+ user information exposed

A MySQL database in Yahoo Voice (formerly known as Associated Content before being purchased by Yahoo in 2010) was just hacked using SQL injection, and its MySQL variables, together with 450k+ user information in database dump, is exposed to Internet by someone claimed as D33Ds Company.

Soon, somebody has analysed the database dump using a tool called Pipal, and revealed the top 10 most commonly used passwords to be:

• 123456
• password
• welcome
• ninja
• abc123
• 123456789
• 12345678
• sunshine
• princess
• qwerty

The result of the findings is posted in Pastebin.

Nowadays, password is commonly used as credential to authenticate users accessing web-based and/or mobile-based services in the Internet. As a user, beside not using password that are easy go guess (by human or by computerized program), we also need to assume that the website might not be putting enough security measure in storing our information in their server. Therefore, it is advisable to use different password for different website. If one is compromised, at least the rest are not badly affected.

Security flaw in some HTC Android phones might expose WiFi password

It has been reported that a security flaw in some HTC Android phones might expose WiFi password stored in the phone to hackers.

This security bug was found by Chris Hessing and Bret Jordan back in September 2011, and they have posted the detail of the exploit in their blog recently.

Affected HTC Android smartphones include but not limited to: Glacier, Desire HD, Desire S, Droid Incredible, Thunderbolt 4G, Sensation, Sensation 4G, EVO 3D, EVO 4G, ...

HTC had been informed about this bug before it was published, and they have just announced that the fix has already been developed.

"Most phones have received this fix already through regular updates and upgrades.However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone."

Find out if your smartphone is installed with the infamous Carrier IQ

Nowadays, one of the hot topics among the smartphone (iPhone, Android, Blackberry, Symbian, ...) users is about Carrier IQ.

Carrier IQ is spy agent pre-installed in certain smartphone that can capture information about the phone numbers you are dialing, your GPS location, the webpages you have visited with your mobile browser, etc. Those information are sent back via the Internet without your notice, invading into your privacy.

Carrier IQ has been reported to be found in iPhones, and it is told that you can disable its information sending action with About > Diagnostics & Usage > Don't Send.

There are multiple vendors and multiple models for Android phone, and not all of them are affected. If you have an Android phone, good news is that now there are several free tools available in the Market for you to find out whether your Android phone is installed with the infamous Carrier IQ or not.

Just open the Market app, and search for the keywords "carrier iq detector" and you will get a list of the detector tools for Android.

Use them to check on your Android phone. You can install multiple of them to assure that your phone is not affected. Once you have done the checking, you can go ahead to uninstall the Carrier IQ detection tools.

If you find Carrier IQ in your Android phone, removal will be a bit tricky, as you need root access. There are apps such as Logging Checker (a.k.a. Logging Test App) that claims to be able to help you eliminate Carrier IQ in your phone.

Using inSSIDer and WiFi Analyzer to scan wireless networks around you

Do you want to know what are the active WiFi networks around you, together with the detail of their signal strength, maximum bandwidth, and connection security setting? Do you want to search for WiFi networks with open security?

If you encounter connection and/or bandwidth problem with your own WiFi, do you want to know which is the best available wireless channel to have least disruption from other wireless networks around you?

inSSIDer is a free open source tools for PC running on Windows or Linux to scan for all nearby wireless networks and to troubleshoot competing access points. It is best used in a laptop with WiFi capability. It provides detail of the wireless network around you as shown below.

With it, you can look for unoccupied WiFi channel to set for your own WiFi network, in order not to compete with the others. If you compete the same channel with other access points, you will possibly encounter poor wireless speeds and even frequent WiFi network disconnection.

If you have an Android device (eg. smartphone or tablet), there is a similar tool for the mobile device called WiFi Analyzer. WiFi Analyzer even has a Channel Rating feature to suggest for least competed channel to get the optimum WiFi stability and speed.

If you install the open source WiFi Connecter Library together with WiFi Analyzer, you add in the ability for WiFi Analyzer to connect to the WiFi network that you tap on its listing. This will make WiFi Analyzer to be a nice GUI tool for you to pick for the WiFi network you want to connect.

Disabling WiFi function of Unifi D-Link DIR-615 router

By default, the WiFi wireless function of the D-Link DIR-615 router that comes with TM Unifi High Speed Broadband is turned on.

If you are not going to use WiFi wireless for your network connection, you can turn it off to eliminate the WiFi radiation around you that is emitted by your D-Link DIR-615 router. This will also eliminate any possibility of intruder gain access to your network via WiFi connection. In addition, this will also free up some CPU cycles and memory resources in the D-Link DIR-615 router to serve its other functions.

Here are the steps to diable the WiFi function of the D-Link DIR-615 router that comes with TM Unifi HSBB:

• Login the router with "admin" or "operator".
• Go to Setup tab and click on the "Manual Internet Connection Setup" button.
• Go to Wireless Setup and click on the "Multiple Wireless Network Name Setup" button.
• Uncheck and also clear out all the fields in Wireless Network Name, then click the "Save Settings" button.

• You are not done yet. Click the Reboot button to restart the router.
• By now, the WiFi should be turned off. You can see the WiFi indicator light on the D-Link DIR-615 front panel is turned off.

If the WiFi indicator light is still on, your WiFi is not off yet. Check if you have missed out any of the steps above.

The 4 pillars of IT security management

When we talk about IT security, we have to ensure that all the following 4 areas are well covered and non are missed out:

• Availability - information must be available and usable when required, and the systems that provide it can appropriate resist attacks and recover from or prevent failures.
• Confidentiality - information must only observed by or disclosed to those who have the right to know, and well protected against unauthorized access and use.
• Integrity - information must be complete, accurate and protected against unauthorized modification.
• Authenticity - business transactions, as well as information exchanges between enterprises, or with partners, can be trusted

Information Security Management must consider the following 4 perspectives:

• Organizational – well defined security policies and staff awareness of these
• Procedural – well defined procedures used to control security
• Physical – controls used to protect any physical sites against security incidents
• Technical – controls used to protect the IT infrastructure against security incidents

Does the IT security of your organization has all these in place?

Best antivirus / security suite in 2010

What is the best antivirus and/or security suite for home user now?

I believe a good security solution for home computer:

• should detect most if not all of the virus and malware.
• should be good in protecting from new/unknown virus and malware.
• should not have too much false positive.
• should not diminish the performance of the computer too much. The computer should not be sluggish when the security solution is running.
• should not consume too much CPU and memory resource.
• should be fast in scanning for virus and malware.

After reading the comparison and benchmarking reports in these websites...

• AntivirusWare
• AV-Comparatives
• Passmark Consumer Antivirus Performance Benchmarks (2011) report
• TopTenReviews
• Virus Bulletin

 I found that the best in 2010 is a competition between these 2 vendors:

• ESET
• Symantec

Slovakia company ESET produces the NOD32 Antivirus and the ESET Smart Security suite, while US company Symantec produces the Norton Antivirus and the Norton Internet Security suite.

However, in terms of pricing and availability in retail computer store in Malaysia, Symantec definitely has the upper hand.

Therefore, the best security suite in 2010 for me is Norton Internet Security 2010. I bought a genuine box of it with 1 year subscription to 3 computers at the price of RM100 in Digital Mall recently.

After installing Norton Internet Security 2010, I got free upgrade to Norton Internet Security 2011 with its Norton Update Center.

Intel to buy over McAfee for $7.68 billion

McAfee, Inc. (NYSE: MFE), headquartered in Santa Clara, California, being famous for its antivirus and security solutions, will be bought over by Intel (NASDAQ: INTC) for $48 per share in cash, which is about 60% more than its listing price before announcement. The deal totalling to $7.68 billion, making it the largest acquisition attempt of Intel.

After the acquisition, McAfee will operate as a wholly-owned subsidiary, reporting into Intel’s Software and Services Group and managed by Renee James, their senior vice president and general manager of the group.

Intel’s president and CEO Paul Otellin called security as the “3rd pillar of what people demand from all computing experiences,” behind energy-efficient performance and connectivity.

This is another acquisition exercise of Intel right after the recently announced buying over of Texas Instruments' cable modem product unit.

Mystery code "9ec4c12949a4f31474f299058ce2b22a" in US Cyber Command emblem cracked

The emblem/logo of newly established United States Cyber Command (USCYBERCOM) has something unique from the emblems of other units in US Department of Defence (DoD).

If you look carefully, you will notice a ring of mystery code "9ec4c12949a4f31474f299058ce2b22a" along the inner gold ring of the emblem.

Over the past few days, this code has become the hot discussion in the Internet, and also well reported in the news media. By now, the code has been cracked.

It is the MD5 (Message-Digest algorithm 5) cryptographics hash of US Cyber Command's mission statement, which is:

USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

In fact, the message above cannot be "decrypted" from the code itself, as MD5 is a kind of cryptographic hashing method instead of 2-way encryption. However, if you know the original text, you will get back the same code by hashing it with MD5.

One major use of MD5 is to verify the integrity of files and messages stored in the computer and/or transferred over the network. If the content is not the same from its origin, the MD5 code generated will be different. We call this unique verification code a "checksum".

Let's try yourself to generate the MD5 code for the above mission statement here. You can also try to crack it here. If you wonder how it can be cracked, just read the explanation on that webpage.

The threat and vulnerability of GPS

The critical reliance and important usage on GPS nowadays, both in civil and military, has recently brought up a hot discussion again for the concerns in its threat and vulnerability.

Anyhow, this issue is not new, and has been discussed among technology experts for many years. Just that when GPS usage become more and more widespread, its threat and vulnerability need to be brought to its users' awareness, especially in the military, government and business sectors.

The GPS operation relies on signals from some 30 over orbiting satellites surrounding the earth in the space. In order for a GPS receiver to triangulate its position on earth, it needs to get signals from at least 3 GPS satellites.

GPS signal is known to be exceptionally weak. Each satellite transmits a signal equivalent to the power of a 25W light bulb from an distance of about 20,000km away. Such a weak signal can be readily interfered with or denied by unintentional or deliberate radio wave interference.

Portable GPS jammer devices such as the one shown in the diagram below have been made available for quite some times.

Some car security system and transportation logistic system make use of GPS to keep track on the position of the vehicle. It has been reported that car thieves make use of GPS jammer to disrupt the GPS signal and defeat the vehicle tracking system, therefore render the vehicle unlocatable.

Employees who drive vehicles that are tracked by their companies can also make use of the GPS jammer to hide their tracks.


In Germany, it is believed that some drivers are using GPS jammer to evade GPS-based road charging system.

Robbers can also easily spoof the GPS signal and guide the target vehicle to drive to their trap location.

Imagine what would happen if terrorists make attack on the GPS function of air traffic and/or naval traffic.

Beside its global positioning function, GPS is also used as a time server for time synchronization in certain infrastructure. This function can also be defeated by the jammer, and time critical system could be hacked in this way.

The GPS signal used by the US military is different from the civil signal, and is encrypted. However, it is also vulnerable to GPS jammer and subjected to interferrance from the enemy.

Imagine a GPS dependent missle being mislead by the enemy to attack on wrong target, or worse still, to attack to ally target instead of the enemy.

By intercepting the GPS signal, the position of military GPS user could be exposed to the enemy.

In the video below, you can see the GPS jammer in action and how it defeated the civil and military GPS.



So, what can we do to minimize the threat to GPS? Beside waiting for the US to strengten on the signaling, when we want to make use of GPS, also use some other alternative methods so that GPS could not be a single point of failure.

InfoSecurity Professionals Hi-tea Networking @ PWTC

CyberSecurity Malaysia is going to organize an information security networking forum and cocktail event to provide Information Security practitioners an avenue to collaborate and sharing knowledge, enabling them to keep abreast with the latest industry trends and development.

It is also a platform for strengthening the ability to protect information assets from the ever-changing cyber threat vectors.

Theme: Shifting Cyber Landscape; Gearing towards Innovation
Date: 8 February 2010 (Monday)
Time: 3:00 PM - 6:00PM
Venue: PWTC Kuala Lumpur
Entrance Fees: RM 100.00

Topics:

• "Significance of mitigating Cyber Threats towards Malaysian economy" by Lt. Col(R) Husin Jazri, CEO of CyberSecurity Malaysia
• "Information Security: getting the balance right" by Professor Fred Piper, Royal Holloway, University of London
• "The Enterprise IT Security Landscape and Latest Trends in Research" by Dr. Gobi Kurup, CTO, Extol MSC

For participants with information security professional qualifications from recognized bodies, CPE points will be awarded based on the terms and conditions set forth by the respective certifying bodies.

Click here to register for the InfoSecurity Professionals Hi-tea Networking event.

GSM telephony communication hacked and shown insecured

GSM (Global System for Mobile communications) is the most widely used mobile communication standard nowadays, making up about 80% of the mobile market with about 4 billion users from 200+ countires worldwide.

GSM uses cryptographic algorithms for security and over-the-air privacy. Beside protecting the phone conversation privacy, GSM security is very important nowadays as services such as phone banking, mobile-commerce, SMS transaction, etc. are becoming more and more popular.

The bad news is, German computer security researchers Karsten Nohl has just shown to us in his talk at the 26th Chaos Communication Conference in Berlin that GSM encryption can be easily hacked with simple tools, and its telephone conversation or SMS text message can be intercepted by hackers.

Nohl presented 2 flavours of attack devices, which is able to do active intercept or passive key cracking.

Before this, security experts believe that decrypting the GSM signals will need at least hundreds of thousands of dollars and complicated technology. However, Nohl has shown the much cheaper and simpler way of hacking it, using hardware that cost as low as several thousand dollar and open source application such as OpenBTS.

This has definitely bring concerns to the whole world, especially those service providers and users of phone banking, mobile-commerce, SMS transaction, etc.

Click here to look at the slides of Karsten Nohl presented at the 26th Chaos Communication Conference.

Hiding your Internet web surfing trace with UltraSurf

UltraSurf is a very small program (less than 500kb) that will automatically change your Internet Explorer's setting to make use of anonymous proxy server in the United States. It is free. It also has add-on for Firefox browser.

It can be used to hide/obfuscate your computer's location, and be a workaround to overcome possible web censorship and blockage.

Any website you connected with your web browser is able to trace your computer's IP address, and use it to find out your location. What UltraSurf do is to connect your computer to their server, and then connect to the destination website with the IP address of their server instead of yours.

This will make any websites you surf on or browse into, to trace that you are coming from United States instead of your actual location.

You can see how the IP address is traced by visiting to http://whatismyipaddress.com/. See what's the different before and after you run UltraSurf.

UltraSurf also has options to allow you to remove your trace in your computer (what webpages you have visited) by deleting the cookie and history information automatically the moment you exit the program.

Click here to find out more about UltraSurf and to download it.

Using Google Public DNS to speed up web access

Google has just introduced their Public DNS service as part of their ongoing effort to make the web faster.

Since Google's search engine already crawls the web on a daily basis and in the process resolves and caches DNS information, they wanted to leverage their technology to experiment with new ways of addressing some of the existing DNS challenges around performance and security.

Google Public DNS is offered freely to the general public to:

• Provide end users with an alternative to their current DNS service. 
• Help reduce the load on ISPs' DNS servers by taking advantage of their global data-center and caching infrastructure.
• Help make the web faster and more secure.

By making use of Google Public DNS, the benefits and enhancements are:

• Performance: In addition to load-balancing user traffic to ensure shared caching, Google Public DNS implements "smart" caching to increase the speed of responses.Click here for more technical detail on how Google Public DNS can improve web browsing performance.
• Security: DNS is vulnerable to various kinds of spoofing attacks that can "poison" a nameserver's cache and route its users to malicious sites. Google has implemented several security measures in their DNS servers. Click here for more technical detail on how Google Public DNS is protected from security threats and mitigations.
• Correct results: Google Public DNS never blocks, filters, or redirects users, unlike some open resolvers and ISPs. 

The Google Public DNS IP addresses are as follows:

• 8.8.8.8
• 8.8.4.4

Click here for detail information about how to configure your computer to make use of Google Public DNS.

Beta release of Microsoft Security Essentials free antivirus

Within the next couple of hours, Microsoft will release the first beta version of their Microsoft Security Essentials (MSE, codename Morro) to selected regions.

MSE is an anti-malware software aimed to provide protection against viruses, spyware, rootkits and trojans for certain Windows operating systems.

Here are some of the fact findings:

• The core developer team of MSE is in Israel.
  
• This beta release will be made available on 23 June 2009 to the first 75,000 downloads from Brazil, Israel and the United States.
• It is treated as the successor of Windows Live OneCare, which is a subscription based security solution from Microsoft which has been phased out since end of 2008. Retail sales of Windows Live OneCare will be discontinued by end of June 2009.
  
• Its antivirus framework is the same with Windows Live OneCare.
• Subsequent beta release(s) will include China. Its final release to the whole world will be by end of 2009.
• It will be made available free of charge and downloadable from Microsoft website.
• It can be installed in 32-bits and 64-bits version of Windows XP (SP2 and above), Windows Vista, and Windows 7.
• Its installation will need to pass through the Microsoft's anti-piracy Windows Genuine Advantage (WGA) validation process.
• It is designed to be lightweight and use little system resources.
• It is reported to take up about 50MB of RAM when running.
  
• It is able to provide real-time protection with heuristic feature.
• It has a user interface similar like Windows Defender. If Windows Defender is found when installing MSE, MSE will replace itself to Windows Defender.
  
• It relies on Windows Automatic Update feature to update its malware signature database.

And here is a comparison table to compare the features among various security solutions produced by Microsoft.