Google News : Good Bye Passwords as Google Plans a Different Verification Option

ANDROID USERS WILL BE ABLE TO LOG IN TO SERVICES USING A COMBINATION OF THEIR FACE, TYPING PATTERNS AND HOW THEY MOVE!

Google has channeled efforts to provide Android apps users a much reliable and easier substitute to the ever-so-complicated logins and passwords with Trust API.

Trust API is a new and novel feature that has been introduced by Google at the company’s I/O conference. The company’s head of Advanced Technology and Projects group Daniel Kaufman identified that this new technology will be firstly tested with various “large” financial institutions. The testing will most likely begin from June. Kaufman was the head of the group which is responsible for creating Trust API on the basis of another project that has been codenamed Project Abacus.

Project Abacus was developed last year to eliminate the use of passwords using a superior and better method that combined various weak indicators into a strong piece of evidence that makes use of your personality. These pieces of evidence might include biometric indicators, which, no prizes for guessing, include our face shape, voice, movements and the way we swipe or type on the screen. The software will run in the background of your phone, which will help it in tracking your movements and matching them with its indicators so as to determine who is using the phone.

Google has, thus, built Trust API much on the lines of this particular project and this year, the company has clarified that the service will be accessible to third parties as well, which will allow organizations to verify someone’s identity using biometrics. As of now, financial institutions like banks will be using it for the purpose of verifying customers that use Android apps to log in but by the end of 2016, this technology will be open for all.

We do know that individually biometric system is not as reliable and cannot offer fool-proof security on web-based services. Such as, facial recognition technology is already a part of a majority of Android devices but in comparison to this, the fingerprint scanner is more secure. However, Google’s Trust API tends to combine them both, which will result in making biometric system 10 times secure, just like a fingerprint.

The software won’t give a binary answer as is the case while we enter passwords the system will provide a score that will inform the user how confident the device is about the authenticity of the owner. Institutions that require higher score will program the API in such a way that it will ask for additional data that may be another biometric verification or an ole-style password.

The API seems to be similar to the program being developed by the London-based Nok Bok Labs. But we can assume that these are steps in the right direction. As customer identity management firm Gigya’s Richard Lack stated:


“Consumers tell us that they are struggling to remember what is now an average of over 100 passwords in Europe. At a time when the number of devices we own is rising sharply, this frustration has relegated the registration process to being the most broken thing about the internet. The future lies in methods of authentication without passwords, which consumers clearly favor, both in terms of convenience and enhanced security.”

Lack further added that:

“Biometric authentication is a powerful enabler, allowing businesses smart enough to deploy it to significantly increase rates of registration, gaining data and insight about their customers, while also increasing customer security. This is a win/win scenario which sounds the death-knell for awkward and insecure passwords sooner than we may imagine.”

Do remember that Google has already embedded similar tech on devices that run on Android 5.0 or higher version. It is called “Smart Lock” and it lets you unlock your device automatically if you enter the safe zone, which would be any location that you list as a trusted one. This will be done when a user connects with a trusted Bluetooth device, the device identifies your facial features or you are personally carrying the device.

How To Hack Wifi Password : Steps Wifi Hacking – Cracking WPA2 Password

Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, WEP (Wired Equivalent Privacy)

A flaw in a feature added to Wi-Fi, called Wi-Fi Protected Setup (WPS), allows WPA and WPA2 security to be bypassed and effectively broken in many situations. Many access point they have a Wifi Protected Setup enabled by default (even after we hard reset the access point).

Requirements:

1. Wireless card (support promiscuous mode)

2. Access point with WPA2 and WPS enables

5 Steps Wifi Hacking – Cracking WPA2 Password:

1. Open our terminal (CTRL+ALT+T) and type airmon-ng (view tips and tricks how to create keyboard shortcut on kali linux)

this command will lists our wireless card that attached with our system.



2. The next step we need to stop our wireless monitor mode by running airmon-ng stop wlan0

3. Now we ready to capture the wireless traffic around us. By running airodump-ng wlan0 our wireless interface will start capturing the data.

From the picture above, we can see many available access point with all the information. In the green box is our victim access point which is my own access point 🙂

Information:

BSSID (Basic Service Set Identification): the MAC address of access point

PWR: Signal level reported by the card.

Beacons: Number of announcements packets sent by the AP

#Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.

#/s: Number of data packets per second measure over the last 10 seconds.

CH: Channel number (taken from beacon packets).

MB: Maximum speed supported by the AP. If MB = 11, it's 802.11b, if MB = 22 it's 802.11b+ and higher rates are 802.11g.

ENC: Encryption algorithm in use.

CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.

AUTH: The authentication protocol used.

ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.

4. From the step 3 above, we can find access point with encryption algorithm WPA2 and note the AP channel number. Now we will find out whether target AP has WPS enabled or not.


wash -i wlan0 -c 8 -C -s


if the WPS Locked status is No, then we ready to crack and move to step 5.

5. The last step is cracking the WPA2 password using reaver.

reaver -i <your_interface> -b <wi-fi victim MAC address> –fail-wait=360

Because we already get the information from step 3 above, so my command look like this:

reaver -i wlan0 -b E0:05:C5:5A:26:94 –fail-wait=360

it took about 5 hours to crack 19 characters WPA2 password (vishnuvalentino.com) from my Kali virtualBox, but it depend with our hardware and wireless card.

Conclusions:

1. WPA and WPA2 security implemented without using the Wi-Fi Protected Setup (WPS) feature are unaffected by the security vulnerability.

2. To prevent this attack, just turn off our WPS/QSS feature on our access point. See picture below (I only have the Chinese version 😛 )

Computer Hacking Technology : How to Hack WhatsApp Account

How to Hack WhatsApp Account

Need to Hack WhatsApp Account?

Below is a WhatsApp Hack Guide with Complete Instructions!

Learn how to hack WhatsApp in simple steps with the following easy to follow and foolproof tutorial. Since WhatsApp has become one of the popular app to share messages and media instantly, it has also become a favorite place for many to engage in illicit activities. Therefore, in order to investigate the truth people are left with no choice other than to hack WhatsApp account.

Possible Ways to Hack WhatsApp
The following are the only two ways to hack WhatsApp account:

1. WhatsApp Hack using a Spying App: The Easiest Way
Even though there are several ways to hack WhatsApp, using a spy app is by far the most simple and easiest way. This method requires no prior hacking knowledge or technical skills to carry out and hence more suitable for common people. Installing a spy app to hack WhatsApp is as simple as installing any other app on mobile. Out of several apps out there, mSpy is one of my favorite one to hack WhatsApp:

WhatsApp Hack with mSpy


mSpy Features:

Hack phone Calls and Text Messages.
Hack WhatsApp, Skype and other popular messengers.
Track Real-Time Location with GPS Tracker.
Spy on Contact List and Web Browsing activities.
Monitor Emails, Pictures and Videos.
Operates in Hidden Mode and remains Undetected!
No Rooting Required!
How to Hack WhatsApp with this App?

Download and Install the app on to the target phone which takes not more than a minute.
After this is done, the app silently records all WhatsApp activities in hidden mode.
All the recorded WhatsApp chat is sent to your online account.
View all the information from anywhere at anytime with your online account.
You can download mSpy from the link below:

Download mSpy
Compatiblity: Android, Apple iPhone, BlackBerry and Windows Mobile.

2. WhatsApp Hack by Spoofing Mac Address: The Tough Way
There is another method to hack WhatsApp known as Mac address spoofing which involves spoofing the Mac address of the target phone on your own phone. Unlike using spy apps, this one is somewhat time consuming and requires technical skills to implement. To spoof the Mac of the target WhatsApp phone address, follow the below mentioned steps:

Find out the Mac address of the target phone on which you need to hack WhatsApp account:
For Android – Navigate to Settings —> About Device —> Status—> Wi-Fi MAC address
For iPhone – Navigate to Settings—> General —> About —> Wi-Fi address
Once you’ve the Mac address of the target WHatsApp phone, you can spoof the Mac address as mentioned in my post: How to Spoof the MAC address.
Next, install WhatsApp on your phone using the target phone number and verify it.
Now, you’ve an exact replica of the target WhatsApp account and you should receive all the conversation and updates on your phone as well.
This method of WhatsApp hacking is quite time consuming and is known to have less success rate when compared to the method of using the spy apps. Therefore, if you are someone who does not have sufficient time and skills to implement this, I still recommend the use of mSPy to successfully hack WhatsApp account.