Optical fibres are under NSA snooping -- Privacy is going to smash down

Optical fibres are under NSA snooping -- Privacy is going to smash down

In October, a report surfaced that the US National Security Agency secretly accessed data from tech giants like Google and Yahoo, by way of intercepting the unencrypted traffic flowing between each company's data centers.

Specifically, it's believed the NSA tapped into the fiber-optic cables that connect those data centers. The New York Times reported Tuesday that these cables, which aren't owned by the Internet companies, are easy targets for interception. The largest such fiber-optic cable provider -- an under the radar Denver-based firm called Level 3 -- may have had something to do with the government's infiltration tactics. "Fingers have been pointed" at Level 3, reported the Times, citing three unnamed sources.

Level 3, which provides both Google and Yahoo with cables, was specifically mentioned in the Times report. Other companies that own fiber-optic cables include Verizon Communications, the BT Group, and the Vodafone Group.

To be sure, it's not yet known if Level 3 was a willing participant. When asked if the company gave US or foreign government agencies access to Google and Yahoo's data, Level 3 gave the Times an indirect response: "It is our policy and our practice to comply with laws in every country where we operate, and to provide government agencies access to customer data only when we are compelled to do so by the laws in the country where the data is located."

Tapping fiber-optic cables is just a modern spin on an old spy game. As early as the days of the telegraph, spies have set up shop near communications companies. Since then, the government has tapped other kinds of traffic, from long-distance phone to satellite.

News broke of the NSA and British counterpart GCHQ's efforts at intercepting data center traffic when The Washington Post reported details of a project called MUSCULAR. Both Google andYahoo have taken steps to encrypt the information that moves between its data farms. The Post's was only the latest in over half a year of surveillance revelations, since former NSA contractor Edward Snowden first leaked details of the government agency's activity.

In the wake of those revelations, tech companies have been quick to maintain their innocence in the situation. Last week, in a blog post announcing Yahoo's attempt to catch up on encryption,Yahoo CEO Marissa Mayer said, "I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever."

If you little like our posts then please share them with your friends to spread our voice throughout the people world.

Your One Share can make better the life of people

Read More

Security holes found in D-Link Routers - Security Researchers

A new spate of vulnerabilities have been found in a D-Link router, a security researcher said Monday.
The D-Link 2760N, also known as the D-Link DSL-2760U-BN, is susceptible to several cross-site scripting (XSS) bugs through its Web interface, reported ThreatPost. 

Liad Mizrachi, the researcher who discovered the bugs, said he notified D-Link about the bugs in August, September, and October, but D-Link did not respond.
The report follows a more serious backdoor bug found in the following D-Link routers: DIR-100, DIR-120, DI-524UP, DI-604S, DI-604UP, DI-604+, DI-624S, and the TM-G5240. D-Link told ThreatPost in October that it was working on a patch to the backdoor bug.
Jacob Holcomb, a security researcher who uncovered widespread vulnerabilities in popular routers earlier this year, told media that he wasn't surprised by the backdoor bug, and wished that manufacturers would do more to fix security problems when found in embedded devices such as cameras and routers.
"Code written for these devices continues to provide inadequate security for today's digital society, and manufacturers should be held accountable for the implementation of code that intentionally circumvents security," he said.
D-Link told media that the router is not sold in the US and that the company is working on a solution that will be published on their support site when it's ready. D-Link did not offer a timeline for when that might be, though. 

Source - Online Media 

Team- Hack4friends
  

Read More

Major Tech. Companies planning to fend off NSA hakcing

The National Security Agency (NSA) might soon have a harder time accessing user data.
Google, Yahoo, Microsoft, Apple, and a other prominent technology companies are investing heavily in stronger, 2048-bit encryption that some say, won't be easily overcome for more than a decade, due to computing power constraints.

Google is one of the leaders in the effort, announcing in July that it would encrypt its user data with 2048-bit encryption. According to Bloomberg, which spoke with several other companies that are investing in new encryption, Yahoo confirmed to the publication that it will add 2048-bit encryption to its Mail by January. Facebook also plans to move to 2048-bit encryption. Facebook confirmed to Bloomberg that it also plans to roll out "perfect forward secrecy," a feature that would prevent snoopers from accessing user data even if they can access the company's security codes.

Microsoft and Apple are also reportedly ramping up their data-security efforts.
The technology companies' renewed interest in data security and encryption comes after several reports have suggested that the NSA has been accessing their data and using it for spying purposes. Those firms have gone on the record saying they comply with legal requests where appropriate, but are doing everything they can to keep user data safe. The investment in 2048-bit encryption follows that.
Still, encryption is just one small piece of a broader puzzle the technology companies have yet to solve. The NSA has the ability to overcome a wide array of security protocols. Last month, in fact, James Clapper, the director of national intelligence, said that the US employs "every intelligence tool available" to cull data from national security threats. Whether those efforts are applied to technology company servers has been debated, though leaks from Edward Snowden and others have suggested they are.
Even so, the improved encryption efforts could lengthen the time at which it takes the NSA and other spying agencies around the world to access user information. And that's at least something.

 Source : cnet news

Read More

How to hack (Brute Force) gmail account with backtrack 5

How to hack (Brute Force) gmail account with backtrack 5

Sorry for late posting on blog also on our facebook page infact i was very busy in my some projects but NOW I M BACK.

Today i am here posting a very good and old method to hack any email id {e.g: gmail,ymail,etc} as you know "OLD IS GOLD".

This method is known as Brute-Force Attack. I had added self explanatory images to use special tool of backtrack5 (any version) but i'm using BT5-R3 .

You need two thing here...

1. Backtrack 5 (preferable R3 version) with internet connectivity

2. Little piece of Mind

Now read carefully throughout this article at last you will find you as EMAIL PASS CRACKER.


I'm considering that you are little familiar with backtrack . so just make your own password list to attack on victim email and now save it as "pass.txt" or whatever you want to give name. 

                                                           Click on the image for enlarge view

Now follow the path shown in this image and now click on " hydra-gtk " option.

Click on the image for enlarge view

Now put the values as follow :
Single Target- smtp.gmail.com
Port - 816/whatever you want 
Protocol - smtp
Check the mark as shown in image

Click on the image for enlarge view

Username - username of victim email id
Password list - Write the path of your pass list

Click on the image for enlarge view

Now click on start button in the bottom of this window , it will start attack on email id.
if you are enough lucky then you will find password here.

Click on the image for enlarge view

I'm hoping you will like it ,i fyou little like this article please do share with your friends and if you face any problem then comment here.

Our facebook fan page ::  E-hackers

  Team-hack4friends

Read More

China is under Massive DDOS attack

China is under Massive DDOS attack

A huge portion of Chinese-based Internet was disrupted on Sunday courtesy of  a massive Distributed Denial of Service (DDoS) attack.  The government has said it was the biggest it had ever experienced, as the attack was designed to flood networking infrastructure at the China Internet Network Information Center, which manages the Chinese domain name system and the .cn top level domain.

DDoS ,hack4friends.blogspot.com

One such attack hit  on Sunday morning at 2am, with another more powerful DDoS arriving within the space of two hours.  It is thought a numbered of sites went down, whilst others experienced a slow or interrupted internet access.  The attack appeared to have been overcome by Monday and security experts have spotted lots of signals which are out of the ordinary, hinting at a significant DDoS in China.  Dan Holden, director of research at Arbor Networks, said “Arbor saw a significant increase in DDoS attacks targeting .cn on Sunday…The number of attacks more than doubled and ATLAS traffic statistics show a significant increase in attack size, indicating a serious attack was carried out.”

CEO Matthew Prince of content delivery network, CloudFlare told the Wall Street Journal  it had seen a 32 percent dip in traffic for Chinese sites sitting on its CDN when compared to the same period a day before.  “I don’t know how big the ‘pipes’ of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources,” adding that it could have been an individual rather than a group that carried out the attack.   There have been a number of significant DDoS attacks of late, with suggestions of political motivations as China is home to a lot of DDoS activity. Akamai recently claimed the country saw 34 percent of global DDoS traffic in fourth quarter of 2012.  Hosting provider GreenNet, which describes itself as an ethical host and ISP, with Fair Trade Africa and Privacy International amongst its customers, was knocked offline by significant DDoS strikes earlier this month.

via Online media sources

Team - hack4friends

Read More

62 Pakistani websites hacked by r00tsect0r Team

62 pk websites hacked by r00tsect0r crew member spider64

Today, Indian well known defacer spider64 notified us [hack4friends Team] about a mass defacement of pakistani domains.

spider64

 The reason of such mass defacement "Stop defacing Indian Websites".

here is the list of websites hacked by spider64


http://evita-me.com
http://tellcoms.com
http://inforesights.com
http://salsabeila.com
http://hitmas.com
http://www.funtimepass.com
http://federallimousineservice.com
https://arifnaushahi.com
http://rafiqenterprises.com.pk
http://shelozon.com
https://faisalasghar.com
https://binrahman.com
http://foundationstone.com.pk
http://medco.net.pk
http://articleteams.com
https://opaltradersltd.com
http://meeranjee.com
http://opalstudios.com
http://saudipak.com/admin
http://sprintarabia.com
http://sti.com.pk
https://muhammadattique.com
http://goldengympk.com
http://www.pricemycartons.com
http://bleeclothing.com
http://medco.net.pk
http://agoudelock.com
http://frontexgroup.com
http://w3.com.pk
http://ideasdnn.com
http://agoudelock.com
http://restoncoachbus.com/index.html
http://uhrs.com.pk
http://sscpakistan.com
http://manhattanpakistan.com
http://combnet.net
http://lg.gok.pk
http://dyaanscollection.com
http://yamtex.com
http://stlyonn.com
http://atlantaautismconsortium.org/index.html
http://wagexpress.com
http://thehewadgroup.com
http://mehakraza.net
http://issrahairways.net
http://bluetecharabia.com/index.html
https://atlantic-limo.com
http://inceptapharmapk.com
http://kalamrestaurant.fr
http://softpakistan.org
http://mugheestextiles.com
http://hbcontract.com
http://medley.com.pk
http://davosin.com
http://nmtech.com.pk
http://galalocations.com
http://decisions.com.pk
http://bahriatownspk.com

http://alibdaamovers.net
hotelgulbergpalace.com
http://mindworksmedia.org/

http://agp-pakistan.com/index.html


Stay updated with cyber news ,hit a like to our facebook fan page E-hackers

Team - hack4friends

Read More