News Today In Tech Update : July 27, 2018 | Shaikh Inside

News Today In Tech Update : July 27, 2018 | Shaikh Inside

Tech News By @ShaikhInside

👉🏿Apple announces free repair for devices damaged by Japanese floods

👉🏿HCL Tech displaces Wipro as India’s third largest IT firm

👉🏿Google Chrome begins shaming ‘Not Secure’ websites

👉🏿Super-exclusive LG V35 Signature Edition said to launch next month for around $1,790

👉🏿Steam for macOS is now 64-bit, adds new chat features & design, more

👉🏿Amazon is testing out collaborative wish lists

👉🏿Twitter to prioritize fixing platform over user growth, shares plunge

👉🏿Scheduled Routines finally arrive for Google Home, but with usual caveats

👉🏿Google bans ‘repetitive content’ from Play Store, Gmail and Inbox somehow unaffected

@shaikhinside #news

Don't forget to share @ShaikhInside

Connect with me on Social Media

News Today In Tech Update : July 25, 2018 | Shaikh Inside

News Today In Tech Update : July 25, 2018

Tech News By @ShaikhInside

👉🏿Google now has its own hardware security keys

👉🏿First Aston Martin SUV to Enter Production in 2019

👉🏿Noted Apple analyst suggests 6.1-inch LCD iPhone may not be available until October

👉🏿Google updates its search quality rating guidelines

👉🏿Galaxy S9 expected to be Samsung’s worst-selling Galaxy S phone since 2012

👉🏿Siri answered 78% of questions correctly in latest test, up from 66% a year ago

👉🏿Google is baking machine learning into its BigQuery data warehouse

👉🏿Google Docs will now check your grammar using AI

@shaikhinside #news

Don't forget to share @ShaikhInside

Connect with me on Social Media

💢 WhatsApp Group Chats Can Easily Be Infiltrated : Shaikh Inside

💢 WhatsApp Group Chats Can Easily Be Infiltrated : Shaikh Inside

💢 WhatsApp Group Chats Can Easily Be Infiltrated

A more dramatic revelation of 2018—an outsider can secretly eavesdrop on your private end-to-end encrypted group chats on WhatsApp and Signal messaging apps.

Considering protection against three types of attackers—malicious user, network attacker, and malicious server—an end-to-end encryption protocol plays a vital role in securing instant messaging services.

The primary purpose of having end-to-end encryption is to stop trusting the intermediate servers in such a way that no one, not even the company or the server that transmits the data, can decrypt your messages or abuse its centralized position to manipulate the service. 

In other words—assuming the worst-case scenario—a corrupt company employee should not be able to eavesdrop on the end-to-end encrypted communication by any mean.

However, so far even the popular end-to-end encrypted messaging services, like WhatsApp, Threema and Signal, have not entirely achieved zero-knowledge system.

Researchers from Ruhr-Universität Bochum (RUB) in Germany found that anyone who controls WhatsApp/Signal servers can covertly add new members to any private group, allowing them to spy on group conversations, even without the permission of the administrator.

As described by the researchers, in the pairwise communication (when only two users communicate with each other) server plays a limited role, but in case of multi-user chats (group chat where encrypted messages are broadcasted to many users), the role of servers increases to manage the entire process.

That's where the issue resides, i.e. trusting the company's servers to manage group members (who eventually have full access to the group conversation) and their actions.

As explained in the newly published RUB paper, titled "More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema," since both Signal and WhatsApp fail to properly authenticate that who is adding a new member to the group, it is possible for an unauthorized person—not a group administrator or even a member of the group—to add someone to the group chat. 

What's more? If you are wondering that adding a new member to the group will show a visual notification to other members, it is not the case.

According to the researchers, a compromised admin or rogue employee with access to the server could manipulate (or block) the group management messages that are supposed to alert group members of a new member.

"The described weaknesses enable attacker A, who controls the WhatsApp server or can break the transport layer security, to take full control over a group. Entering the group, however, leaves traces since this operation is listed in the graphical user interface. The WhatsApp server can therefore use the fact that it can stealthily reorder and drop messages in the group," the paper reads. 

"Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members. Additionally, the WhatsApp server can forward these messages to the members individually such that a subtly chosen combination of messages can help it to cover the traces."

WhatsApp has acknowledged the issue, but argued that if any new member is added to a group, let's say by anyone, other group members will get notified for sure.

"We've looked at this issue carefully. Existing members are notified when new people are added to a WhatsApp group. We built WhatsApp so group messages cannot be sent to a hidden user," a WhatsApp spokesperson told Wired. 

"The privacy and security of our users is incredibly important to WhatsApp. It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted."

But if you are not part of a group with very selected members, I'm sure many of you would relatively ignore such notifications easily.

Researchers also advised companies to fix the issue just by adding an authentication mechanism to make sure that the "signed" group management messages come from the group administrat. - Shaikh Inside

Don't forget to share @ShaikhInside

Join the ShaikhInside Community on Social Media

Connect with me on Social Media

Android P: Google’s new OS may stop supporting older apps: Shaikh Inside

Android P: Google’s new OS may stop supporting older apps

Google is currently warning users of older apps on the Developer Preview of Android P.

Android P Developer Preview is available for Google Pixel and Pixel 2 smartphones.(Google)

Google recently released the first Developer Preview of its upcoming OS, Android P. The latest iteration of Google’s Android OS comes with new features and upgrades over its predecessor. Along with the incremental changes, Google will reduce the clutter of old apps on its Play Store.
Android P’s build release notes state that apps which do not support the current API level will “fail to install and run”. At present, Android P’s API level for apps is v17 which is the same for Android 4.2 Jelly Bean. This essentially means that apps which are currently available in the app store but built for Android versions lower than 4.2 will not run on Android P.
According to a report by Android Police, in Android P Developer Preview 1 Google warns users by showing a popup message – “This app was built for an older version of Android and may not work properly. Try checking for updates, or contact the developer.”

As of now, the older apps are still running on Android P but with added warnings. It isn’t clear if Google will not allow these apps to run completely or still issue warnings around it. Apple with the release of iOS 11 last year made it clear that the OS will only support 64-bit apps. Support for 32-bit apps was stopped with iOS 11. READ: Google bracing for 64-bit only ecosystem: Here’s how it affects you, developers
Android P Developer Preview 1 is currently available for Google Pixel and Pixel 2 series. The stable version of Android P with its official name is expected to be announced sometime in August according to the company’s schedule.
With Android P, Google appears to be focusing quite extensively on apps. Android P will disable apps from using your smartphone’s microphone in the background. This feature arises from reports of apps like Facebook using your smartphone’s microphone to listen to your conversations.
Apps like Facebook, WhatsApp and Instagram require using your microphone and camera. You can turn the access off for these apps but you’d have to manually turn them on for certain actions like video calling, taking a picture, and so on. But with Android P, Google will automatically turn the microphone and camera access off.

Google continues to tweak notifications on Android P with a new look and shortcut. The notification drawer will have rounded corners and users will be able to reply to messages directly from here. Messaging apps will also come with “Smart Replies”, images and stickers in the notification box.

Android P also comes with support for iPhone X-like notch design. Contrary to the negative response received, iPhone X notch display hasheavily influenced Android players with the trend seeing a sudden rise. Asus Zenfone 5 is the first example of this design with more companies like OnePlus, LG, Xiaomi and Vivoexpected to follow.

Connect with me on Social Media

News Today In Tech Update : July 02, 2018

News Today In Tech Update : July 02, 2018

Tech News By Shaikh Inside

👉🏿Comcast starts throttling mobile video, will charge extra for HD streams

👉🏿Possible A12 Geekbench score suggests next-gen iPhone X upgraded with 4GB RAM, 10% speed boost

👉🏿Nvidia’s GeForce GTX 1180 could be unveiled next month

👉🏿OnePlus officially announces OnePlus 6 in red

👉🏿Facebook bug randomly unblocked some users from people’s block lists

👉🏿Apple Seeds Fifth Beta of macOS High Sierra 10.13.6 to Developers and Public Beta Testers

👉🏿Android P Developer Preview 4 rolling out to Pixel and Pixel 2

👉🏿Gboard testing smart replies for Snapchat, WhatsApp, more

👉🏿HTC lays off 22 percent of its staff in its quest to save money

Don't forget to share @ShaikhInside

Connect with me on Social MediaTwitter | Facebook | Instagram

Reliance Jio Republic Day Offer: Per day data limit hiked by 500 MB on budget plans: Shaikh Inside

Reliance Jio Republic Day Offer: Per day data limit hiked by 500 MB on budget plans: Shaikh Inside Reliance JIO Infocomm (Jio) ...

Popular Posts Of Shaikh Inside Blog