Posts Tagged ‘Android’

  • Bandicoot

    is Python toolbox to analyze mobile phone metadata. It provides a complete, easy-to-use environment for data-scientist to analyze mobile phone metadata. With only a few lines of code, load your datasets, visualize the data, perform analyses, and export the results.
  • ACF – This software enables a forensic investigator to map each connection to its originating process. It doesn’t require root privliges on the system, but do require adb & USB debugging.
  • Android Forensics – AFLogical OSE: Open source Android Forensics app and frameworkThe Open Source Edition has been released for use by non-law enforcement personnel, Android aficionados, and forensics gurus alike. It allows an examiner to extract CallLog Calls, Contacts Phones, MMS messages, MMSParts, and SMS messages from Android devices. The full AFLogical software is available free for Law Enforcement personnel. More information is available at https://www.nowsecure.com/
  • Android Data Extractor Lite
    This Python script dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow. If no smartphone is connected you can specify a local directory which contains the databases you want to analyze. Afterwards this script creates a clearly structured XML report. If you connect a smartphone you need a rooted and insecure kernel or a custom recovery installed on the smartphone.
  • BitPim 
    BitPim is a program that allows you to view and manipulate data on many CDMA phones from LG, Samsung, Sanyo and other manufacturers. This includes the PhoneBook, Calendar, WallPapers, RingTones (functionality varies by phone) and the Filesystem for most Qualcomm CDMA chipset based phones. To see when phones will be supported, which ones are already supported and which features are supported, see online help.
  • Fridump – Fridump (v0.1) is an open source memory dumping tool, primarily aimed to penetration testers and developers. Fridump is using the Frida framework to dump accessible memory addresses from any platform supported. It can be used from a Windows, Linux or Mac OS X system to dump the memory of an iOS, Android or Windows application.
  • LiME – A Loadable Kernel Module (LKM) which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
  • Project RetroScope
    The majority of RetroScope’s code is in the dalvik/vm/zombie directory.Please be sure to read the RetroScope paper before working with RetroScope.A demo of RetroScope recovering a suspect’s chat session from a memory image of the Telegram app is available on YouTube at: https://youtu.be/bsKTmZEgxiE.
  • PySimReader – This is a modified version of Todd Whiteman’s PySimReader code. This modified version allows users to write out arbitrary raw SMS PDUs to a SIM card. Additionally, debugging output has been added to allow the user to view all APDUs that are sent between the SIM card and PySimReader.
  • Andriller – Android Forensic Tools
    Andriller  is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has other features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (and some Apple iOS) databases for decoding communications. Extraction and decoders produce reports in HTML and Excel (.xlsx) formats.
tv crime2We are living in an era of smart devices that we sync with our smartphones and make our lives very simple and easy, but these smart devices that inter-operates with our phones could leave our important and personal data wide open to hackers and cybercriminals.
Security researchers have demonstrated that the data sent between a Smartwatch and an Android smartphone is not too secure and could be a subject to brute force hacks by attackers to intercept and decode users’ data, including everything from text messages to Google Hangout chats and Facebook conversations.
This happens because the bluetooth communication between most Smartwatches and Android devices rely on a six-digit PIN code in order to transfer information between them in a secure manner. Six-digit Pin means approx one million possible keys, which can be easily brute-forced by attackers into exposing entire conversations in plain text.
Researchers from the Romania-based security firm Bitdefender carried out a proof-of-concept hack against a Samsung Gear Live smartwatch and a paired Google Nexus 4 handset running Android L Preview. Only by using sniffing tools available at that moment, the researchers found that the PIN obfuscating the Bluetooth connection between both devices was easily brute forced by them.
(Brute force attack is where a nearby hacker attempts every possible combination until finding the correct one. Once found the right match, they were able to monitor the information transferring between the smartwatch and the smartphone.)
Of course, this means an attacker would have to be fairly near the victim and log all intercepted Bluetooth data packets. The large-scale adoption of such an exploit could be fueled by the increasing number of smartwatches or smartbands. Weaponizing it could only be a matter of time.

For this proof-of-concept, a Nexus 4 Android device equipped with Android L Developer Preview and Samsung Gear Live were used. The implications of these recent findings are only moderately surprising – we know from past experience that adoption of new technologies does not always go hand-in-hand with better security practices.

Part of the mitigation process involves using NFC pairing when sending the pin code or the use of pass-phrases. Of course, there’s always the option of adding a secondary layer of encryption at the application level, but this might shorten battery life due to extra encryption computations.

tv heart

It is not just websites and routers that are vulnerable to the web-wide bug Heartbleed — certain Android models are at risk too.

As Google noted in its own Heartbleed disclosures on Wednesday, Android devices running Android 4.1.1 Jelly Bean are vulnerable to Heartbleed. Google said patching information is being distributed to its Android partners.

So how many phones are still running Android 4.1.1? That’s difficult to determine. Although 34.4% of Android devices are running Android Jelly Bean, Google does not break out how what percentage of users are on its various versions — 4.1.1 and 4.1.2.

The latest version of Jelly Bean is 4.1.2, which was released in October 2012.

A Google spokesperson confirmed to Bloomberg that there are “millions” of devices running Android 4.1.1.

Because Android updates are controlled by phone manufacturers and wireless carriers, it can be challenging to determine what versions of Android are available for various devices. We do know, however, that the HTC One S is running Android 4.1.1.

Heartbleed underscores what has long been one of Android’s biggest problems: pushing out software updates to its myriad vendors. Android updates are the responsibility of the device maker, and often need to be approved by wireless carriers. The only exceptions are Google-made devices, such as the Nexus series and Google Play Edition phones.

Previous attempts at getting phone manufacturers and carriers to adopt Android updates have not met with success. If there is a positive aspect to Heartbleed, it is that this might scare device makers into pay more attention to versions (and to put in better processes for security updates).

If you know your Android device is running Android 4.1.1, let us know the model and manufacturer in the comments, along with your wireless carrier. That will give us all a better sense of which companies are falling behind in the battle to patch Heartbleed.

TV_Android

About 460 of the top 500 Android applications create a security or privacy risk when downloaded to Android devices, according to new research. And that’s largely because of a lack of user education and the fact that mobile users don’t mind sharing personal information for free apps in return.

MetaIntell, a vendor that specializes in cloud-based mobile risk management (MRM), set about testing the top apps in a range of stores, including Amazon, CNET, GETJAR and the official Google Play store. It found that more than 92% of the applications it tested used non-secure communication protocols, while 60% communicate with domains that are blacklisted by a reputation service.

Additional risks included developer reputation, content vulnerabilities and 20% of the apps tested had the ability to load external applications either locally or remotely – all without the express consent or knowledge of the user.

Digging deeper into the data, MetaIntell rated the risks so high on many applications that 42% of them should not be allowed onto any consumer or enterprise-owned device.

These results are from an analysis of the apps that people download the most – suggesting that much more user education is necessary when it comes to mobile use.

“What most people do not fully appreciate are the risks associated with downloading apps from the million-plus Android applications available in app stores,” the company explained in the research. “Most users assume that applications are trusted if they are offered in an official app market. App stores typically make no guarantee about the trustworthiness of the products they offer. Most often, applications are developed and hosted in the apps markets with no risk assessment.”

The reality is, almost any application can become the source of serious threats that can affect both the device and the intranets to which that device connects, which can have serious ramifications in an enterprise setting. Users should approach app downloads with this in mind – especially corporate users.

“Access to personal data is what makes mobile applications uniquely useful and relevant to users,” said Chris Hazelton, research director for mobile and wireless at industry analysts 451 Research, in a statement. “In exchange for free apps, consumers are willing to share personal data with third party developers. Companies cannot afford to do this, and must control access to data on mobile devices – creating a real need for greater transparency and control of the apps that are available to employees from public app stores.”

So how can mobile device users and enterprises protect themselves from risky mobile applications? By not downloading applications that carry risk, of course – and that means being vigilant about reading the terms and conditions of apps and understanding what one is agreeing to when downloading. “Threats occur where risk conditions exist. Eliminate the risk and avoid the threat,” said Kevin Mullenex, CEO of MetaIntell.

Unfortunately, that will be easier said than done.

 

Source: infosecurity-magazine

tv crime2
So this post has come about by one of my friends posting the below video from LiveLeak on Facebook which is quite terrifying if you are a parent. But have no fear I will tell you how to stop people from tracking you or your child.

video pic

Some cameras, smartphones and tablets add location data to each picture you take. This means that anyone who wants to can see the exact longitude and latitude of the image. Geotagging data is wonderful for finding out where a picture was taken. However, it may not be obvious if you don’t know how to view it. For those who want to find out whether photos have been geotagged before posting them online, it is important to know how to check. The process is simple and helps to have better control over your pictures.

Is Your Camera Geotagging

Before viewing or checking for location data, you should know whether your camera is geotagging your pictures. Any camera you use must have GPS enabled in order for geotagging to occur. This is most common in smartphones, but some digital cameras have this capability as well. Without this feature, no location data is embedded in images. Remember that this data, called EXIF data, is invisible unless you know how to look for it.

What You Need

To view EXIF data, all you need is a web browser. There is no need to download extra software on your computer. Navigate to Jeffrey’s EXIF Viewer. Unlike many other tools available, this one keeps it simple and focuses on location information so you don’t have to sort through a lot of unnecessary data. Another benefit is the wide variety of file types that are supported. You would have to have some extremely rare file types for this tool not to work for you.

Using Jeffrey’s EXIF Viewer

This tool provides two different options for viewing geotagged images. The first allows you to view information from images already online. The second allows you to check images before they are posted online.

For online images, open the picture in your browser. Copy the URL of the image. The quick way is to highlight the URL and press Ctrl + C. Open the browser window with Jeffrey’s EXIF Viewer. Paste (Ctrl + V) the URL into the Image URL box. Press View Image At URL. You will see a few details about the camera, the date the image was taken and finally the location data along with a map.

For images stored on your computer, press Browse beside the Local Image File box. Choose the file in question and press View Image From File. You will see the same data the online option.

Testing it

Here is a picture I took in the summer of an exhibition about the activist group Anonymous

Post Picture

Now right click on the image and select ‘Copy Link Address’

Navigate to http://regex.info/exif.cgi and pastie the link into the URL Image box

Hit ‘View Image at URL’ and there you go.

location

Although the image on the page is a bit small, you can see tones of data including an arrow pointing to the Museum of London in the UK which is correct.

Now just imagine if this was a picture of your child on a social media site and the person viewing wanted to track them or their school down. Have no fear the following steps will tell you how to stop this from happening.

What can you do to protect yourself from stalkers and other bad guys using geotags to track you down?

Consider turning off location services on some location sharing apps

Find the location sharing settings on your smartphone and turn off the ones that you think might pose a personal safety risk. You can always turn them back on later if you want to.

Most smartphones will let you turn off location sharing for individual apps as an alternative to turning them off globally.

There are some apps such as ‘Find My iPhone’ that you won’t want to disable location sharing on. If you do disable location sharing on apps like ‘Find My iPhone’, then your phone won’t be able to relay its position and you won’t be able to find it using the ‘Find My iPhone’ service should it get lost or stolen.

Remove geotags from your digital photos

If you want to remove geotag information from your image files then you can use an app such asdeGeo (iPhone) or Photo Privacy Editor (Android) to remove the geotag info from your photos.

Consider turning off the location sharing setting of your phone’s camera app as well so that the GPS info does not get recorded as part of the picture’s meta data, this will save you the hassle of having to strip out the location data later on.

How do I turn off Geotaging on my Smart phone

Android 4.2 phones

  1. Start camera application
  2. Hit the Settings button
  3. Scroll down and find the GPS Tag option and turn it off

In older versions, the option may be called “Store Location,” but is it essentially the same process.

BlackBerry 6.0 and 7.0

RIM suggests through the online documentation that disabling geotagging be done on BlackBerry Enterprise Server,  which would work from an admin’s point of view if an agency uses BES. If not, to turn the setting off on an individual BlackBerry  phone:

  1. Open Camera
  2. Set the Location icon to “Disabled”

For some earlier versions, hit the Menu and Option buttons before changing the setting.

iPhone 4 and 5

  1. Go to Settings
  2. Select General
  3. Select Location Services
  4. Set Camera to “Off”

For older versions users can’t really turn off geotagging for the camera without disabling it for all applications. But location warnings can be set to go off when an application is using them.

Windows Phone 7 and 8

  1. Go to Settings
  2. Navigate to Applications
  3. Scroll down to Pictures & Camera
  4. Set “include location (GPS) info in Pictures you take” to “Off”

I hope this has put your mind at ease, but if you do have any question please contact me. Also please share this on social media sites and on friends pages.

TV_Android

 

Today I will show you how to protect your phone, it includes:

  • Locate
  • Backup
  • Remote Control

First of all you need to download and install  “Lookout Security” on your Android Device.
Now when you downloaded and installed Lookout Security from Google Play, you need to create account and Activate Account.
Now your android phone is protected, lets login to Control Panel of Lookout and take control of Android phone.
If you think your phone is hijacked, you can simply login to Lookout Security web panel and Lock, Scream, Locate, Wipe or  your Android.

  • Lock – Premium feature! Lock your device to keep prying eyes out of your personal data while you find your device.
  • Scream – Sound a loud alarm to find a lost device nearby.
  • Wipe – Premium Feature! Wipe your device clean and erase all your personal data from your lost device.
  • Locate – Locate your Device on map using GPS.

TV_Android

Have you ever wanted to get a little more information from your Android device?

Just dial the below numbers (included the * and #’s)

Android Secrete codes
————————————
1. Phone Information, Usage and Battery – *#*#4636#*#*
2. IMEI Number – *#06#
3. Enter Service Menu On Newer Phones – *#0*#
4. Detailed Camera Information – *#*#34971539#*#*
5. Backup All Media Files – *#*#273282*255*663282*#*#*
6. Wireless LAN Test – *#*#232339#*#*
7. Enable Test Mode for Service – *#*#197328640#*#*
8. Back-light Test – *#*#0842#*#*
9. Test the Touchscreen – *#*#2664#*#*
10. Vibration Test – *#*#0842#*#*
11. FTA Software Version – *#*#1111#*#*
12. Complete Software and Hardware Info – *#12580*369#
13. Diagnostic Configuration – *#9090#
14. USB Logging Control – *#872564#
15. System Dump Mode – *#9900#
16. HSDPA/HSUPA Control Menu – *#301279#
17. View Phone Lock Status – *#7465625#
18. Reset the Data Partition to Factory State – *#*#7780#*#*
19. Format Your Device To Factory State(will delete everything on your phone) – *2767*3855#
20. Hidden Service Menu For Motorola Droid – ##7764726