R.I.P Ian Murdock, Founder of Debian Linux, Dead at 42

Ian Murdock, the founder the Debian Linux operating system and the creator of apt-get, has passed away.

Yes, it is very sad to announce that Ian Murdock is not between us. His death has touched the entire software community. He was just 42.

The cause of death is unclear at present, but Murdock tweeted the same day that he would commit suicide that night. His Twitter account had since been deleted.

However, at that time, some people speculated that Murdock’s account had been hacked and that the tweets were not by him.

Murdock posted some Tweets on Monday suggesting he had been involved in a police case and has been beaten by the police and charged with battery.

However, neither Docker, nor the San Francisco Police Department immediately commented on Murdock’s actual cause of death.

Murdock developed Debian in August 1993 — and yes the “ian” in the project’s name is from Ian Murdock.

In the past, He also worked at Sun Microsystems and served as the CTO of the Linux Foundation.

It is with deep regret that we say goodbye to our great friend, the most significant contributor to Linux community, our beloved Ian Murdock.

Tor Project to Start Bug Bounty Program — Get Paid for HACKING!

The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – will soon be launching a "Bug Bounty Program" for researchers who find loopholes in Tor apps.

The bounty program was announced during the recurring 'State of the Onion' talk by Tor Project at Chaos Communication Congress held in Hamburg, Germany.

Bug bounty programs are cash rewards gave by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose them.

Bug bounties are designed to encourage security researchers and hackers to responsibly report the vulnerabilities they discovered, rather than exploiting it.

Here's what one of the founders of the Tor Project, Nick Mathewson, said about the bug bounty program as reported by Motherboard:

"We are grateful to the people who have looked at our code over the years, but the only way to continue to improve is to get more people involved...This program will encourage people to look at our code, find flaws in it, and help us to improve it."

The bug bounty program will start in the new year.

The Tor Project is following in the footsteps of a number of major technology companies, such as Facebook, Google, Paypal, and Mozilla, which offer bug bounties in thousands of Dollars.

Recently United Airlines made headlines by becoming the first airline to launch its own bug bounty program, eventually awarding millions of frequent-flyer miles to hackers and researchers.

The bug bounty could be in the wake of last month’s incident when Tor Project accused the FBI of paying the researchers of Carnegie Mellon University (CMU) at least $1 Million to help them Unmask Tor users and reveal their IP addresses. However, the FBI denies the claims.

Employee Stole 'Yandex Search Engine' Source Code, Tried to Sell it for Just $29K

A former employee of Russian search engine Yandex allegedly stole the source code and key algorithms for its search engine site and then attempted to sell them on the black market to fund his own startup.

Russian publication Kommersant reports thatDmitry Korobov downloaded a type of software nicknamed "Arcadia" from Yandex's servers, which contained highly critical information, including the source code and some of the "key algorithms," of its search engine.

Korobov then tried to sell the stolen codes to an electronics retailer called NIX, where a friend of his allegedly worked, and on the dark underground market in search of potential buyers.

But What's the Punchline?

The funniest part is that Korobov requested only $25,000 and 250,000 rubles (a total of almost $29,000) for Yandex's source code and algorithms, which actually cost "Billions of Rubles," or somewhere near $15 Million USD.

However, Korobov was arrested by Russia's Federal Security Service (FSB) before any transaction could take place.

If he had been succeeded, the code of Yandex's core service was floating freely over the Internet, resulting in serious consequences for the company.

The report noted that Korobov's court hearing took place earlier this month, and he received a suspended sentence of 2 years in jail after being accused of illegal possession as well as the distribution of commercial secrets.

The Arcadia software "is a key part of [the] company, it was related directly to Yandex's search engine, which is the [primary] source of the company's income," a Yandex representative said in court.

Yandex is the most popular search engine in Russia and is a big rival of Google. Its market share in November reached around 57 percent of all search queries within Russia, compared to Google's 35.2 percent.

Patch now! Adobe releases Emergency Security Updates for Flash Player

The Adobe Flash Player just said goodbye to the year with another bunch of vulnerability patches.

Adobe released an out-of-band security update on Monday to address Nineteen (19) vulnerabilities in its Flash Player, including one (CVE-2015-8651) that is being exploited in the wild.

All the programming loopholes could be abused to execute malicious code (here malicious Flash file on a web page) on victims' computers in order to hijack an unpatched PC or Mac entirely.

So, if you are running the Flash Player plugin on Windows, Mac OS X, Linux, or Chrome OS, it is time for you to upgrade your system as soon as possible before criminals start taking advantage of the bugs.

Here're the details of the Flash's 19 security vulnerabilities patched in the emergencyAPSB16-01 update posted Monday afternoon:

• A Type Confusion Vulnerability that could lead to arbitrary code execution (CVE-2015-8644)
• An Integer Overflow Vulnerability that also leads to code execution (CVE-2015-8651)
• Use-After-Free() Vulnerabilities that could also lead to code execution
• Memory Corruption Vulnerabilities that could also lead to code execution

The company did not provide many details about the attacks exploiting the Integer Overflow Vulnerability (CVE-2015-8651) discovered by Huawei, other than describing them as "limited, targeted attacks."

Upgrade your machines to the following patched versions of Flash Player:

• Flash Player versions 20.0.0.267 and 18.0.0.324 for Windows and Mac users.
• Flash Player version 20.0.0.267 for Google Chrome
• Flash Player version 20.0.0.267 for Microsoft Edge and Internet Explorer 11 on Windows 10
• Flash Player version 20.0.0.267 for IE 10 and 11 on Windows 8.x
• Flash Player version 11.2.202.559 for Linux

You can also get the latest Flash Player versions from Adobe's website.

However, if you really want to get rid of these nasty bugs, you are advised to simply disable or completely uninstall Adobe Flash Player immediately.

Flash has plagued with several stability and security issues, which is why developers had hated the technology for years.

Moreover, this is the reason Adobe plans to kill Flash Player and re-brands it as Adobe Animate CC — Adobe's Premier Web animation tool for developing HTML5 content.

China Passes Anti-Terrorism Law; Here's What You Need to Know

If you rely on encrypted services to keep your data private and, unfortunately, you are in China, then you are about to be worried.

As of now Chinese government could snoop into the operations of technology companies as well as circumvent privacy protections in everyday gadgets.

China So-called Anti-Terrorism Law

Despite months of objections from major technology firms and concerns over human rights…

China passed its controversial new anti-terrorism law on Sunday that requires tech companies to help decrypt information or hand over encryption keys to officials when they want to spy on someone's communication in order to counter terror operations.

However, the officials swear that the law wouldn't require technology firms to install "backdoors" in their products, but it doesn't make any difference when the government mandate companies operating in China to provide encryption keys and passwords when requested.

Earlier this year, President Barack Obama raisedhis concerns over the then-draft law with China's President Xi Jinping, saying that the law would amount to a dangerous "back doors" to internet companies.

However, the government official assured that this law is meant to fight terrorism, so it will neither affect the normal operation of technology companies nor install any "backdoors" to infringe intellectual property rights or freedom of speech of every citizen on the Internet.

New Law in Effect from January 1

The country's first anti-terrorism law goes into effect on January 1st.

But, despite the requirements set out by the new law, major tech firms, such as iPhone maker Apple, do not hold the encryption keys, making itself incapable of providing access to users' data even if requested by the government.

That sets up a potential conflict.

So what will happen if Chinese authorities order these technology companies to fork over encryption keys that they can not possibly deliver?

Would they ban such companies from the country?

‘OR’

Would they fine those companies to pay an enormous amount? Just like US government imposed $5,000 per day fine on Lavabit founder for refusing to turn over the encryption keys.

But always keep in mind that no matter what, there would be many companies that will sacrifice your privacy in order to continue operating their business in the world's most populous nation.

Just like recent proposals from the intelligence agencies in the UK and US after the deadly assaults in Paris and California, China claims such law is necessary to fight against terrorism.

"Nowadays, the Internet is increasingly used by terror groups to spread their extremist ideas, recruit fighters, channel fund and plot attacks," said Xinhua, China's official news agency.

Concerns over New Anti-terrorism Law

However, critics are worried that the so-called anti-terrorism law could give the Chinese government right to snoop into the operations of major tech companies and ways to circumvent encryption protections in everyday gadgets, including smartphones, home routers and Smart devices.

TRICKS © How to Book IRCTC Tatkal Tickets Online in 19 Seconds

If you want to book the Tatkal train tickets online through IRCTC website, you have to fill the forms in a quick way. Using Auto-fill plug-ins is one of the best ways to carry out the fast Tatkal ticket booking. One of my favorite plugin is MyRailinFo.

MyRailInfo is an excellent extension available for both Google Chrome and Firefox to save your journey details. You may use these gathered travel details to fill the Tatkal forms automatically.


This amazing auto fill extension is completely free & easy to use and you maybook your Tatkal ticket in just 19 sec.

How To use myRailinfo IRCTC TATKAL Autofill

Go to home page of myRailinfo and click on "Install Browser Plugin".
Or you can directly download it form Google Chrome Web Store or Click here to download
Installing myRailinfo IRCTC TATKAL Autofill For Chrome or Firefox
Open myRailinfo IRCTC Autofill form Google Chrome Store (Click here to open)
Click on "ADD TO CHROME" button on top right corner.
On Confirm New Extension pop-up click "Add"
You will get confirmation massage and MyRailinfo icon on right menu bar of chrome.
Congratulation myRailinfo IRCTC TATKAL Autofill is installed successfully
How To Use myRailinfo IRCTC TATKAL Autofill For Chrome or Firefox

It is vary essay to use myRailinfo IRCTC TATKAL Autofill in google chrome or in Firefox. Once you have successfully installed IRCTC Autofill, then you are ready to use it:
Launch And Verify Version
Click on the myRailinfo IRCTC Autofill icon form top right corner of chrome menu.
It will open landing page here you will find all latest information, Click on "IRCTC AutoFill Form".

Autofill form open, Always make sure you are using latest version of Autofill and update it regularly - Read How to check IRCTC Autofill verson and update it with latest version
Verify "Chrome Plugin Installed" button's border is green, this means Autofill extension is installed and will work.

If "Chrome Plugin Installed" button's border is red then Press CTRL + F5 and reload the page, it will change to green if not then myRailinfo IRCTC TATKAL Autofill is not installed on your browser and installed it
.
Fill IRCTC Autofill form
Enter "Login Detail" in Username & Password.
Select Quota: You can select Quota like General, Premium Tatkal, Ladies or Tatkal.
Enter "Plan My Travel" detail, All details are required if you want to use CTRL + M, other wise you can skip it.
Enter Passenger Detail.
Enter Child Passenger Detail & Mobile no if you want to change it.
Enter Payment detail.If you want to enter payment detail manually then you can skip entering payment detail & fill manually in IRCTC, but for that you have to un-select Auto Payment checkbox.
Click Save button.
You should get confirmation message like "Your Data has been Saved..." otherwise there is some problem and check if you have installed IRCTC Autofill.
Book Ticket by Using IRCTC Autifill

Now You have saved all you journey detail successfully, open IRCTC, and you see that Username & Password is filled automatically on Login page if not Press CTRL + F5 (refresh).
Enter Login Captha on IRCTC login page and click "Login".
You will see all detail in Plan My Journey are filled and Autofill automatically search train for you.
Verify your all detail before you go for actual booking.
At sharp 10:00 or 11:00 AM IST Click on Class highlighted in Red & auto fill will click on 'Book Now' automatically and save your precocious time.
On Passenger detail page verify your detail before actual booking, Enter Captcha, wait for 16 sec and then manually click Next button- Read How to resolve captcha problem
Base on you Payment selection mode Autofill will work accordingly and you have good changes to get confirm ticket if You have enter all detail correct.

TRICKS © Listen unlimited free songs on mobile without internet

We all have habit of listening songs on mobile but by listening to our phone music we get bored. Today i am going to tell you how to hear unlimited songs on mobile without internet.
How to Listen Free Radio:-

Simply call Toll Free No. 180030000123 The call will get disconnected automatically.You will get a call back within few seconds.Plug your Headphone / earphone or listen free songs on your phone speakers.No Internet or data plan required.

Have Fun.

Want WhatsApp Free Video Calling? This Leaked Screenshot Reveals Upcoming Feature

Raise your hands if you want Free Video Calling feature in WhatsApp.

I am in, and I think most of you people.

And the good news is that it looks like WhatsApp's much-awaited Free Video Calling feature is on its way, according to the recently leaked screenshots.

Free Video Calling Feature in WhatsApp

German technology blog Macerkopf.de hasposted what it claims are screenshots from an unreleased version of the popular messaging client WhatsApp for iOS.

The screenshots are from an unreleased version of the software (version 2.12.16.2), which is currently being tested internally, but at present it is not clear whether or not those screenshots are legitimate.

But, if the leaked screenshots are real, and WhatsApp adds the Free Video Calling feature, then the company could take an enormous bite out of some of its top rival.

WhatsApp Video Calling feature will allow you to make video calls to your friends and family anywhere in the world for free as long as you have a Wi-Fi network or an effective data plan on your registered number.

Here are the allegedly leaked images of video calling feature in action:

WhatsApp has added several new features to its messaging service in order to enhance the user experience. Just this year, WhatsApp finally addedfree voice call feature, and with the launch of video support, the messaging app will more firmly lock users into its ecosystem.

ABOUT THE AUTHOR

Rahul Dwivedi 

Rahul dwivedi is chief security consultant in Leading IT company. He is a system/Network Administrator and Network Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

How to Crash Your Friends' WhatsApp Just By Sending Crazy Smileys

What would require crashing the wildly popular WhatsApp messaging application?

Nearly 4000 Smileys.

Yes, you can crash your friends' WhatsApp, both WhatsApp Web and mobile application, by sending them not any specially crafted messages, but just Smileys.

Indrajeet Bhuyan, an independent researcher, has reported The Hacker News a new bug in WhatsApp that could allow anyone to remotely crash most popular messaging app just by sending nearly 4000 emojis to the target user, thereby affecting up to 1 Billion users.

Bhuyan is the same researcher who reported a very popular WhatsApp crash bug last year that required 2000 words (2kb in size) message in the special character set to remotely crash Whatsapp messenger app.

After this discovery, the company patched the bug by setting up the limits of characters in WhatsApp text messages, but unfortunately, it failed to set up limits for smileys send via WhatsApp.

"In WhatsApp Web, Whatsapp allows 65500-6600 characters, but after typing about 4200-4400 smiley browser starts to slow down," Bhuyan wrote in his blog post. "But since the limit is not yet reached so WhatsApp allows to go on inserting...when it receives it overflows the buffer and it crashes."

The recent bug tested on Android devices by multiple brands and successfully crashed:

• WhatsApp for Android devices including Marshmallow, Lollipop and Kitkat
• WhatsApp Web for Chrome, Opera and Firefox web browsers. 

It is sure that the latest version of WhatsApp is affected by this bug.

Video Demonstration 

You can also watch the Proof-of-Concept (PoC) video that shows the attack in work.

https://www.youtube.com/watch?v=hEMD5y3WGt4&feature=youtu.be

How to Protect Yourself 

Bhuyan told The Hacker News that he had reported the WhatsApp crash bug to Facebook. However, before the company patches the issue, there is a simple way out.

If you become a victim of such message on WhatsApp, just open your messenger and delete the whole conversation with the sender.

However, remember, if you have kept some records of your chat with that particular friend, you’ll end up losing them all.

At the beginning of this year, Bhuyan also reported two separate bugs — WhatsApp Photo Privacy bug andWhatsApp Web Photo Sync Bug — in the WhatsApp web client that in some way exposes its users’ privacy.

ABOUT THE AUTHOR

Rahul Dwivedi 

Rahul dwivedi is chief security consultant in Leading IT company. He is a system/Network Administrator and Network Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.