The New RBI spam…Interesting but Believable

Today just now I checked my email and saw this one. My first thought was I m gonna be rich and then I noticed the fonts used and I realized that I don’t have an account in Central Bank and Why the hell Reserve Bank of India will be so generous ?

Unfortunately , there was some spelling mistakes which made me think that RBI would have never done that .I am quite sure whoever made this spam will receive a lot of money within a short period of time as most of the people will not think it as spam as it looks pretty god damn real. But I am posting it to let people know this spam is QUITE NEW AND BELIEVABLE. SO WATCH OUT AND BE CAREFUL.
And also my suggestions to the guys made these spam that be careful while typing and making such documents , a very little mistake can every hard work to make easy money go in vain . So little hackers and wanna be phishers BE AWARE 😉 . Also people should be aware of the fact that in the image whatever details they are asking you to submit, if any site asks you to do so can have all your details and that can be used to rip you off. So before registering in unknown sites or before opening such kind of mails BE CAREFUL. AND I , MYSELF DIDN’T FIND IT IN MY SPAM FOLDER. so most of you may think that it is not a spam as it passed the spam filter of Google / Gmail. But they were smart enough to make fool of Gmail’s spam type checker which generally eliminate these kind of mails and put them in our spam folder. So most of You very soon will receive either the exact same mail in exact same format or same mail in different format. In both cases, YOU NOW KNOW WHAT TO DO. And though I am not yet sure that it has virus content in this word doc but beware of that too, it also can contain different kind of malware.

But I gotta say using Raghuram Rajan’s name and after that the format of the document , it was quite out of the box thinking and looked pretty impressive to me .It almost made me write this post in a busy evening which believe or not is a very hard job to do than hacking an email . I generally don’t say this, But crimes should be smart and common people should be aware of those , that gives both parties a fair chance . And my post is for the naive and new users like most of our parents and also like my girlfriend who thought of  it as a great opportunity after knowing a hell lot about phishing . BEST OF LUCK …ENJOY AND HAVE A GOOD EVENING .AND BE READY FOR NEW TYPES OF THESE MAILS. I WILL KEEP YOU GUYS POSTED ABOUT THIS AND RELATED THINGS TOO. (if I find those interesting enough). Meanwhile check this document also 1x .

Some tough & tricky & interesting questions asked in Facebook’s interview ……(Welcome to Answer & Discuss)

Well I am online after a long time , all these months I was pretty busy with some of my project work and also came across several campus interaction questions , some interesting questions asked by companies like Amazon , Google , and Paypal . Well I had fun facing them and also its really challenging for geeks like us . So I decided to come up with some questions and discussions . For the geeks out there , here comes some pretty interesting questions .Lets see some of the toughest or tricky questions asked in Facebook interviews ….If any of U can come up with answers I would like to request you to post the answers in the Comments section below …I am sure some of you may have faced or will face these questions in some point of your life if you apply for this social networking giant’s interview …So lets discuss about these…

Question 1

There is a building with 100 floors. You are given 2 identical eggs. How do you use 2 eggs to find the threshold floor, where the egg will definitely break from any floor above floor N, including floor N itself.

(Data Scientist candidate)

Question 2

If you were going to redesign an ATM machine, how would you do it? 

(Product Designer Candidate)

Question 3

How many birthday posts occur on Facebook on a given day?

(Data Scientist Candidate)

Question 4

Do you think that Facebook should be available to China?

(User Operations Analyst candidate)

Question 5

How much do you charge to wash every window in Seattle? 

(Online Sales Operations Candidate)

Question 6

Describe how the website works. (That’s the whole question, with no context.)

(Technical Project Manager Candidate)

Question 7

How much money is spent on the internet?

(Account Manager Candidate)

Question 8

How would you design a simpler TV remote control?

(Product Designer Candidate)

Question 9

How do you deal with communicating less than favorable information?

(Training Candidate)

Question 10

You’re at a casino with two dice, if you roll a 5 you win, and get paid $10. What is your expected payout? If you play until you win (however long that takes) then stop, what is your expected payout? 

(Data Scientist Candidate)

Question 11

You have two light bulbs and a 100-story building. You want to find the floor at which the bulbs will break when dropped. Find the floor using the least number of drops.

(Software Engineer Candidate)

Question 12

How would you set up an interview in this room? 

(Content Producer Candidate)

Question 13

How many vacuums are there in the USA?

(Risk Analyst Candidate)

Question 14

What options do you have, nefarious or otherwise, to stop people on a wireless network you are also on (but have no admin rights to) from hogging bandwidth by streaming videos? 

(Production Engineer Candidate)

Question 15

How many Big Macs does McDonald sell each year in the US?

(Data Scientist Candidate)

Question 16

How would you build Facebook for blind people?

(Product Manager Candidate)

Question 17

Tell me your plan of action if you saw that photo uploads suddenly dropped by 50%.

(Operations Associate User Intelligence Candidate)

Question 18

A Russian gangster kidnaps you. He puts two bullets in consecutive order in an empty six-round revolver, spins it, points it at your head and shoots. *click* You’re still alive. He then asks you, do you want me to spin it again and fire or pull the trigger again. For each option, what is the probability that you’ll be shot? 

(Internet Marketing Analyst Candidate)

Question 19

Should Facebook continue to add features or rely on 3rd party apps?

(Product Designer Candidate)

Question 20

If you were an animal what kind would you be and why?

(User Operations Analyst Candidate)

Question 21

What are you least proud of on your resume?

(Media Solutions Specialist Candidate)

Question 22

Given access to all the data Facebook collects, what would you do with it?

(Product Analytics Candidate)

Question 23

Pre-IPO, they asked me to write a paper on the valuation of Facebook. They also asked me what I thought the greatest technological advancement was in the past 20 years.

(Software Engineer Candidate)

Question 24

If you have 100 credit card numbers (and all info) how would you make as much $ possible in 24 hours using only online transactions? (Many follow-up questions of how to get around certain fraud deterrents.) 

(Ads Risk Associate Candidate)

Question 25

You are trying to rob houses on a street. Each house has some amount of cash. Your goal is to rob houses such that you maximize the total robbed amount. The constraint is once you rob a house you cannot rob a house adjacent to that house.

(Software Engineer Candidate)

Question 26

The most difficult question was the 8-hour test, which involved deriving a novel and fairly-involved algorithm, significant CSS/HTML/JS coding, and plenty of opportunities to get something subtly wrong.

(User Interface Engineer Candidate)

Question 27

25 racehorses, no stopwatch. 5 tracks. Figure out the top three fastest horses in the fewest number of races.

(Software Engineering Summer Intern Candidate)

Question 28

What is the process you would go about in spotting a fake profile?

(User Operations Analyst Candidate)

Question 29

You’re about to get on a plane to Seattle. You want to know if you should bring an umbrella. You call 3 random friends of yours who live there and ask each independently if it’s raining. Each of your friends has a 2/3 chance of telling you the truth and a 1/3 chance of messing with you by lying. All 3 friends tell you that ‘Yes’ it is raining. What is the probability that it’s actually raining in Seattle?

(Data Scientist Candidate)

Facebook apologizes for popping up unwarranted Year In Review messages in users timeline

If you are spending a lot of time you may have noticed an irritating popup from Facebook called “Year In Review.” The “Year In Review” automatically gathers a selection of the most liked photos from your feeds and pop up messages into your timeline with a tagline declaring “It’s been a great year! Thanks for being a part of it.”

It may sound freaking awesome but in case you have put up a photo of  death of a near and dear one in the family, and the photo has been most liked, Facebook’s Year In Review algorithm will rather cruelly put up that photo in your timeline with a rather inhumane and insensitive tag “It’s been a great year! Thanks for being a part of it.”

That’s exactly what happened to prominent web designer and writer Eric Meyer.  Facebook forced Meyer to relive the utter horror of losing his baby, who had died on 6th birthday in June, 2014 after suffering from brain tumour.  Meyer who is barely out of the grief of his immense personal loss was flabbergasted to see the photo and the very inhumane tagline. He summed it up aptly on his blog,

“I didn’t go looking for grief this afternoon, but it found me anyway, and I have designers and programmers to thank for it. In this case, the designers and programmers are somewhere at Facebook.”

Meyer called it a “algorithmic cruelty” on part of Facebook’s engineers who through the “Year In Review” app forced him to relive the horrors of the moment of his daughters death. From his blog, “Still, they were easy enough to pass over, and I did. Until today, when I got this in my feed, exhorting me to create one of my own. “Eric, here’s what your year looked like!”

“A picture of my daughter, who is dead. Who died this year.” Meyer added, “Yes, my year looked like that. True enough. My year looked like the now-absent face of my little girl. It was still unkind to remind me so forcefully.”

The Year in Review popup may workout to be great for some while it may cause insurmountable pain to others to who have put up a image of  their near and dear ones lost in the year and if photo is picked up by Facebook’s algorithm to declare it has been a great year for them.

Meyer said he had known about the Year In Review popup but for obvious reasons had avoided making his own.  But that day, he felt helpless on seeing the popup in his timeline,

“To show me Rebecca’s face and say “Here’s what your year looked like!” is jarring. It feels wrong, and coming from an actual person, it would be wrong. Coming from code, it’s just unfortunate. These are hard, hard problems. It isn’t easy to programmatically figure out if a picture has a ton of Likes because it’s hilarious, astounding, or heartbreaking,” Meyer added, “Algorithms are essentially thoughtless. They model certain decision flows, but once you run them, no more thought occurs.”

Meyer, who is a web designer himself, knows the shortcomings in coding and algorithms vis-a-vis human emotions but he reminded Facebook that certain things should not be let to run.  Meyer recommended Facebook not to “pre-fill” any pictures until making sure the user actually wants to see them. He suggested that Facebook would been better off asking users opinion before dishing out such popups in the timeline.

Facebook apologises

Facebook has apologized for this offending error of its judgement. “[The app] was awesome for a lot of people, but clearly in this case we brought him grief rather than joy,” the product manager for Facebook’s “Year in Review” app, Jonathan Gheller, told The Washington Post. “We can do better – I’m very grateful he took the time in his grief to write the blog post.”

Facebook is developing an “artificial assistant” tool to stop you posting while you are drunk

In last few years,  Facebook is doing a lot of work to create more awareness in the society. Facebook always try to make their social network more interesting and helpful for the people. But, in the website everyone is free to share anything they want. This may help us to share our thoughts and opinion with freedom. We can be connected with out own people. But wait ! what happens when you are drunk and using facebook ?

On that time, this freedom may break relationships, keep your own people away from you or your boss may say get lost to you. Because you can post anything that can hurt or expose something that you don’t want to show to anyone .

To overcome this problem, Facebook’s Artificial Intelligence Research department chief Yann LeCun has said they are developing an “artificial assistant” who will recognise when you are about to post a selfie of your night out that you may not want your boss/parent to see.

He told Wired the “intelligent digital assistant” would tell you (virtually) “Uh, this is being posted publicly. Are you sure you want your boss and your mother to see this?”

Facebook will also notify you when someone you don’t know publishes a picture of you without your explicit approval. “You will have a single point of contact to mediate your interaction but also to protect your private information,” LeCun said.

The tool would recognise the difference between a user’s drunken and sober state through facial recognition technology.

This is kind of same idea some of you may have seen in the movie “The internship” where they talked about developing a beta app for the same purpose but that was for only messaging , now implementing this in the whole site will be a relatively difficult step . And though applying “facial recognition” in relatively slow internet connection  will be hard to implement i think . But that’s my view I am looking forward to their implementation and eventually we will see the user’s feedback of it . Apparently I am excited that they are going to apply another new technology in the site            . 

Most cyber attacks on India show Chinese IP address …Strange fact isn’t it ?

• 

     As we know Cyber attacks have grown nearly five times in the last three years and most of them have been found to be originating from the IP addresses located in China according to Government cyber security department officials.

At Ground Zero Summit , the Director of Cyber Security Operations Alok Vijayant said ,”  Most of the cyber attacks that we have tracked show IP addresses located in China but we are unable to establish if the attacker is from China. We need international cooperation for handling such crimes.”

.Government’s cyber security arm Computer Emergency Response Team-India (CERT-In) reported 62,189 cyber security incidents in the first five months of the current calendar year.

These attacks have been found to be originating from the cyber space of a number of countries including the US, Europe, Brazil, Turkey, China, Pakistan, Bangladesh, Algeria and the UAE ,according to the official report of Cyber Security Department .

The National Technical Research Organisation (NTRO) Director said that foreign countries are investing heavily in cyber espionage to gather crucial data and India needs to seriously consider a strategy to counter this strategy.

“Indian has a dearth of talent. In most of the cases Indians find cyber security loophole quickly with its solution but people may get tempted with high price paid in under ground market. Payment per exploit is as good as 15,000 euros and higher than that,” Vijayant said.

Cyber security expert Greg Walton showed his research on an attack mounted on Tibetan government in exile which showed its origin in Chengdu city of China.

“The attacker hacked e-mail id of a senior minister of Tibetan government in exile in Dharamshala and through that id they even attacked India’s ministry of external affairs,” Walton said.

India has seen increase in cyber attacks from about 13,000 in 2011 to 62,000 till mid-2014. The country has been unable to identify cyber criminals in majority of the case due to absence of international cooperation on the issue.

It raises lot of question , some of them are strictly political but some of them are technical . My concern is about the technical side . Now think about it ..if China is helping those attacks or supplying them spoof ip or their server ..then its understandable . But What if this is a new style to fail the ip tracing system , what if Hackers are using a new technology ?? ..What if we are about to get attacked by chinese cyber criminals and hackers in 2015 ? What if…. Take a thought pill guys because according to report of Cyber Security department we are about to get attacked in more sophisticated way in 2015 . So wait for my next post about it…and Think and be careful.

Stealthy malware uses Gmail drafts to steal data

A new strain of malware that uses Gmail drafts in an invisible Internet Explorer window, has been discovered. According to Network World, the malware uses the drafts folder as “the command and control to steal data.”

Because webmail solutions including Gmail are often allowed on corporate machines, the malware could potentially act on company networks without being spotted using “hundreds of different email accounts with names that are very similar to those of real users.”

Speaking to Wired, Wade Williamson, one of the researchers who discovered the malware explained that its stealthy nature makes it tricky to spot: “What were seeing here is command and control that’s using a fully allowed service, and that makes it super stealthy and very hard to identify. It’s stealthily passing messages back and forth without even having to press send. You never see the bullet fired.”

The process takes advantage of an Internet Explore window invisible to the user – the kind which Windows allows to run in the background to query web pages for information. Once infected, the hidden Internet Explorer window opens up the anonymous Gmail account on the computer, and then uses a Python script to collect commands and code that the hacker enters into the draft field. The malware acknowledges this in the same draft folder, along with data it has been instructed to collect from the victim’s network. All of this communication is encoded, making it hard to spot.

A Google spokesperson told Wired that its “systems actively track malicious and programmatic usage of Gmail” and that the company quickly removes abusive accounts.

“Hacking” cars on the road wirelessly is easy or not….

 

It is perfectly possible to “hack” a car while it is driving on the road, seize control, and force the vehicle into a fatal crash, says a car security specialist, speaking to Network World.

Security researchers have demonstrated such hacks using wired systems or short-range wireless such as Bluetooth, but Toucan Systems claims that attacks can be conducted from half the world away, from a computer at a desk.

Jonathan Brossard, quoted by the Sydney Morning Herald, “does not know of a car that has been hacked on the road but says his company does it for vehicle manufacturers in Europe.”

”The vehicle is remote from me. I am sitting at the desk and I am using the computer and driving your car from another country. I am saying it is possible. A car is, technically speaking, very much like a cell phone and that makes it vulnerable to attack from the internet. An attack is not unlikely.”

A report by CNN Money describes the security of “connected” cars as simply behind the times. CNN describes the 50 to 100 computers controlling steering, acceleration and brakes in the typical automobile as “really dumb” – and says “there’s a danger to turning your car into a smartphone on wheels”.

“Auto manufacturers are not up to speed,” said Ed Adams, a researcher at Security Innovation, speaking to CNN Money. “They’re just behind the times. Car software is not built to the same standards as, say, a bank application. Or software coming out of Microsoft.”

The report claims that the next generation of cars from both Audi and Tesla will be wirelessly connected to the internet via AT&T – and thus much more vulnerable.

Writing about a demo at the Blackhat conference in Las Vegas last year, some of experts said, “Traditionally, cars have had rudimentary computing systems, implemented to carry out fixed tasks like measuring fuel for injection, making your transmission shift more smoothly under gentle acceleration or to improve gas mileage – things like that.

But with some manufacturers hoping to roll out location-aware browser-based or embedded information systems, can scams be far behind?”

The CNN Money report compared the 145,000 lines of computer code used in the spaceship that put men on the moon, Apollo 11, with the average modern automobile, which has 100 million.

Last year, Senator Edward J Markey, Democrat, Massachussets, pointed out in a publicly availableletter to 20 auto manufacturers that average cars now have up to 50 electronic control units, often controlled by a car “network, and that manufacturers had a duty to protect consumers against hackers.

The open letter has ignited a spate of commentary, with Market Oracle describing the crime as “cyberjacking”, and pointing out that the average family car contains 100 million lines of computer code, and that software can account for up to 40% of the cost of the vehicle, according to researchers at the University of Wisconsin-Madison.

Hacks against cars have been demonstrated before – but thus far, have relied on attackers having physical access to the vehicles. At the DefCon conference this year, two researchers showed how they could seize control of two car models from Toyota and Ford by plugging a laptop into a port usually used for diagnostics.

So far, though, attacks where vehicles are “taken over” wirelessly have not been widely demonstrated.

“At the moment there are people who are in the know, there are nay-sayers who don’t believe it’s important, and there are others saying it’s common knowledge but right now there’s not much data out there,” said Charlie Miller, one of the ‘car hackers’ at Defcon. “We would love for everyone to start having a discussion about this, and for manufacturers to listen and improve the security of cars.”

“As vehicles become more integrated with wireless technology, there are more avenues through which a hacker could introduce malicious code, and more avenues through which a driver’s basic right to privacy could be compromised,” Senator Markey wrote. “These threats demonstrate the need for robust vehicle security policies to ensure the safety and privacy of our nation’s drivers.

Markey argues that car companies should use third parties to test for wireless vulnerabilities, and should assess risks related to technologies purchased from other manufacturers.

A report by CNBC earlier this year described some of these threats in detail, describing car-hacking as “the new global cybercrime.”

Millions in Bitcoin stolen from Sheep dark market as user flees ……

One of the ‘dark marketplaces’ offering illegal and semi-legal services via the anonymized web browser Tor has shut down, according to reports – with a user fleeing with millions of dollars worth of Bitcoin.

A senior user of Sheep Marketplace “stole” a large number of bitcoins totalling $4.9 million, according to the BBC’s report.The actual figure may have been much higher. Business Insider claims up to $44 million was taken.

“We are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found bug in system and stole 5400 BTC – your money, our provisions, all was stolen,” the site admins said in a statement.

“We were trying to resolve this problem, but we were not successful. We are sorry for your problems and inconvenience, all of current BTC will be ditributed to users, who have filled correct BTC emergency adress. I would like to thank to all SheepMarketplace moderators by this, who were helping with this problem. I am very sorry for this situation. Thank you all.”

Sheep Marketplace gained many customers and sellers during the brief period Silk Road was inactive. At present, the site is unreachable via Tor. Some reports, such as this via TapScape, suggest that the entire site was a scam designed to earn Bitcoin, created during the period while Silk Road was offline.

Business Insider reports that the theft may have been much bigger than initial reports, “Sheep users and other Bitcoin followers on reddit say that the administrators began blocking withdrawals of bitcoins from the site more than a week ago, and may have absconded with as much as $44 million from the site’s users, pointing to a movement of 39,900 bitcoins visible in the public record of Bitcoin transactions known as the blockchain.”

Site users have begun their own detective work, chronicled on a Reddit thread devoted to the thefts, “He was desperately creating new wallet addresses and moving his 49 retirement wallets through them, but having to wait for 3 or 4 confirmations each time before moving them again. Each time I caught up, I “666″ed him – sent 0.00666 bitcoins to mess up his lovely round numbers like 4,000. Then,all of a sudden, decimal places started appearing, and fractions of bitcoins were jumping from wallet to wallet like grasshoppers on a hotplate without stopping for confirmations.”

“I think he’s asleep now in the czech republic. When he awakes, he will see my “666″ next to his 96,000 stolen, freshly-laundered bitcoins. Along with lots of insults attached to fragments of bitcoins that I hope you are about to send here…”

It’s the latest in a series of “heists” involving the cryptocurrency, as reported. Despite FBI action against ‘dark market’ sites such as Silk Road, illegal commerce still thrives on Tor – and Silk Road relaunched as Silk Road 2.0.

Within the last few days, two sites hosting online wallets for the cryptocurrency Bitcoin were targeted by hackers – the ‘heists’ netted more than $1 million each.

 

Oddly, though, this has not adversely affected the value of the cryptocurrency, which seems to thrive on publicity, whether positive or negative.

 

Despite the heists, plus high-profile law-enforcement actions against ‘dark market’ sites such as SILK ROAD, which conducted transactions in Bitcoin, the currency is now valued at $919 per coin, it’s highest-ever valuation.

 

Earlier this year, Some famous threat blogs detected new variants malware that attempted to steal Bitcoins, mine Bitcoins illegally, or break into wallets. Malware targeting other similar currencies such as Litecoin.

 

We Live Security spoke to  James Andrews, Finance Editor at Yahoo UK, for a perspective on the currency from outside the world of technology.

 

“Nothing in finance is truly safe.” “Real currencies collapse, but the Bitcoin is less safe than most. It’s been called the world’s most perfect speculative material, which is fair. It has absolutely no value or use bar it’s rarity. If people stop valuing that it’s entirely worthless more or less instantly. Equally, though, prices might just keep rising and rising and rising – as more people buy into the idea and demand rises.”

 

On Twitter, an image showing the enormous rise and sudden collapse in prices of Dutch Tulips during the brief craze when the bulbs were first introduced in 1637 has circulated.

 

Could the same happen to Bitcoin? Perhaps – but there are steps you can take to keep your Bitcoins safer than most.

 

If your wallet’s stolen, act fast

 

If your Bitcoin wallet HAS been stolen, it’s not quite as easy for the attacker as stealing a real wallet – he or she has to move the currency out of it. If you’re lucky, and fast, this can sometimes save your coins.  When the Bitcoin wallet is stolen from the victim, the attacker will have to “spend” the Bitcoins in it – by either adding them to his own wallet, purchasing something, etc.

 

“The only way to get away without losing the money is if the victim is lucky enough to “spend” the Bitcoins (purchase something or import them to a new wallet) before the attacker does. Obviously, the chances of that are pretty slim.”

 

Keep your PC clean if you’re dabbling in Bitcoin

 

Cybercriminals love Bitcoin. Thatswhy Bitcoin and other crypto-currencies are being targeted by cybercriminals. There are numerous malware families today that either perform Bitcoin mining or directly steal the contents of victims’ Bitcoin wallets, or both . So Keep your computer clean and uncompromised by “thinking before you click” and keeping your system, applications and anti-virus up-to-date.

 

Encrypt your wallet

 

Despite Bitcoin’s own beautiful illustrations of glittery coins, what you’re dealing with are numbers – long encryption keys. To stay safe, you just have to ensure no one else ever has access to these.  There are several important rules to keep  Bitcoins safe.

        The key words here are: BACK UP and ENCRYPT.

Bitcoin provides a way to encrypt wallets, and this would make it much more difficult for the attacker to get his hands on the Bitcoins.” Clever Bitcoin users will encrypt all their wallets – although this slows performance – and have several for different uses. Very small amounts of money

 

Don’t keep all your eggs in one basket – or your Bitcoin in one wallet

 

Bitcoin is a special case – if you’re worried a site breach or Trojan attack may have put your hoard within reach, don’t just change passwords, even if your wallet is encrypted. Make a new one, and move your coins to it (with a new, strong password). Lipovsky says that the Bitcoin foundation’s own advice is excellent, “If a wallet or an encrypted wallet’s password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet.”

 

Most finance experts advise – don’t put your life savings in Bitcoin

 

Yahoo’s Andrews says that the soaring price of Bitcoin isn’t a signal to invest: “If you’ve made a profit on Bitcoins you already own, well done.  There’s simply no way to know whether their prices will keep rising, stabilise or collapse. And there are a lot of risks – everything from them being hacked, your e-wallet being hacked, someone successfully forging them or Bitcoins being made illegal.”

 

If you must store Bitcoins online, don’t store large amounts

 

Online Bitcoin wallets are not designed to work like bank accounts – they’re convenient, as you can access them from anywhere – but they’re a prime target for cybercriminals. An attack on Bitcoin site BIPS targeted web wallets. CEO Kris Henrikson said, ““Web Wallets are like a regular wallet that you carry cash in and not meant to keep large amounts in,” after his site was robbed of $1.2 million in Bitcoin.  Bitcoin says, tactfully, “Online wallets have a number of pros and cons.” After Bitcoin siteInputs.io was hacked, and $1.2 million stolen, its founder said, “I don’t recommend storing any bitcoins accessible on computers connected to the internet.”

 

Mobiles and Bitcoins don’t mix

 

Various Android apps offer ways to carry Bitcoins with you – but again, these come with their own risks. Earlier this year, a flaw in Android rendered ALL Bitcoin wallets unsafe – although it was rapidly patched – and apps which allow transfer via NFC add additional risks, particularly if a device is lost. “Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It is not advisable to store a large amount of bitcoins there.”

 

Keep your fortune in “cold storage”

 

If you’re serious about Bitcoin, the security procedures are long and complex – even Bitcoin admits that setting up an offline wallet, stored on CDs and USB sticks is “tedious” and “not user friendly”. A good guide to how to do this is here – and it may also provide an illustration of why mainstream PC users might want to consider sticking to good old US dollars. Bitcoin says, “Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era.” Bitcoin’s own procedure for creating an “offline” wallet, which never contacts the internet in plaintext form, is here. This procedure is also known as creating an “air gap” or “cold storage”. Followed correctly, it provides protection from malware and cyberattacks – although not, of course, from traditional crimes such as extortion.

 

Still worried? Store them on paper

 

One safe – if extreme – way of ensuring Bitcoins don’t fall into the hands of hackers is to store them on paper. Bitcoin says, “When generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses.With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoinsThis secret number, called a private key, most commonly written as a sequence of fifty-one alphanumeric characters, beginning with a ’5′.” Be sure, though, your PC is clean before you print – the free software used to generate codes has been targeted by cybercriminals. Run a complete scan of your machine first, then keep AV software running as you print out.

Spy agencies working on cyberweapon “more powerful than Stuxnet”, claims Iran

An Iranian news agency has said that “malware worse than Stuxnet” may soon be unleashed, to “spy on and destroy the software structure of Iran’s nuclear program.”

The information came from an unnamed source close to Saudi Arabia’s secret service, according to The Register and suggested that $1 million had already been earmarked for the project.

“Saudi spy chief Prince Bandar bin Sultan bin Abdulaziz Al Saud and director of Israel’s Mossad intelligence agency Tamir Bardo sent their representatives to a meeting in Vienna on November 24 to increase the two sides’ cooperation in intelligence and sabotage operations against Iran’s nuclear program,” the source told Iranian news agency FARS.

“One of the proposals raised in the meeting was the production of a malware worse than the Stuxnet (a comprehensive US-Israeli program designed to disrupt Iran’s nuclear technology) to spy on and destroy the software structure of Iran’s nuclear program,” the source told FARs.

Stuxnet inspired much debate among security professionals, both for its targeting of industrial control systems, and its sophistication, which seemed to indicate that it was made by a group with the resources of a nation-state.  Senior Researchers cautioned, in the wake of the attacks, against expecting “the next Stuxnet” to be similar. It was put into a phrase “Expect the unexpected,”

Israel’s Haaretz news said that Saudi Arabia’s “shared concern” with Israel over Iran’s nuclear capability has put the two countries at odds with the United States. FARS reported that the Saudi intelligence chief described current Geneva talks aimed at limiting the country’s nuclear program through economic sanctions as “the West’s treachery.”

The Sunday Times, quoting an unnamed diplomatic source in Saudi Arabia, said that Saudi would allow Israel to use its air space, and cooperate with Israel on the use of drones and helicopters, if current talks in Geneva fail to roll back the country’s nuclear program.

“Once the Geneva agreement is signed, the military option will be back on the table. The Saudis are furious and are willing to give Israel all the help it needs,” theSunday Times’ source said.

 

Samsung unveils Galaxy Gear smartwatch with 1.63-inch AMOLED touchscreen, built-in camera, 70 apps

This week’s Galaxy Gear prototype leak didn’t leave much to the imagination. Samsung’s new wearable was expected to debut with a built-in camera, speakers and a relatively clunky design, all of which are indeed present on the device we’re meeting today. But we now have quite a bit more clarity when it comes to functionality and specifications — the rumored 3-inch display size and 4-megapixel camera resolution, for example, were incorrect. The Gear will instead ship with a 1.63-inch Super AMOLED panel with a resolution of 320 x 320. That strap-mounted camera, for its part, is designed to capture low-res shots and 10-second 720p videos, and includes a 1.9-megapixel BSI sensor and an auto-focus lens.

The big surprise here is third-party applications support — there will be a total of 70 partner programs at launch, including sharing apps like Evernote and Path, fitness companions like RunKeeper and MyFitnessPal, and a handful of other offerings, such as TripIt, Line, Vivino and even eBay. We’ll dive into software functionality a bit more in our hands-on, so for now, let’s talk compatibility and specs. We were caught a bit off guard by the wearable’s limited compartability though — at launch, it’ll only work with the Note 3 and Note 10.1, though some Galaxy S4 owners may be able to take advantage soon, after that device scores an update to Android 4.3. Assuming your handset is compatible, the Gear will serve as a companion device, enabling access to features like S Voice, Find My Device, a pedometer and third-party additions including those outlined above.

The device is powered by an 800MHz processor and a 315 mAh non-removable cell, which Samsung reps say should provide up to a day of “regular” use. There are two built-in mics (with noise cancellation support), a speaker, Bluetooth 4.0, an accelerometer and gyroscope, 4GB of storage and 512MB of RAM. The Galaxy Gear will eventually ship, along with the Note 3, to more than 140 countries. Pricing and country-specific availability has yet to be confirmed, but some customers should expect to have it in hand (or on hand, rather) beginning September 25th. Sadly, customers in the US and Japan will have to wait until October to pick one up for $299.