All posts by Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Broadband is Now a Legal Right in Finland

Finland has taken its citizen further on the verge of civilization with a new law that guarantees Broadband access to one and all. This right places a 1 Mbps broadband Internet access at the same level of healthcare and education.

Finland and Spain are the two countries to have passed this kind of legislation. This is just the beginning though. The Finnish government is all set to provide a 100 Mbps connection to its citizen by 2015. With the current rate of broadband usage standing at 97%, we can safely assume this goal can be achieved.

The law passed in France has received considerable appreciation from the European Union, which sees broadband as a fundamental right.

The source on this news writes,

Finland’s operators have pushed ahead with high-speed next-generation network (NGN) deployment, with all three mobile operators deploying UMTS900 technology, and the government has now taken the significant step of making access to broadband mandatory.

Comparing to the condition in countries like India where a large number of people still struggle to get a working Internet connection and an even larger number has not even used it already, Finland seems to be a tech-haven.

(Source)

Mozilla Submits Firefox Home to Apple for Review

Firefox for iPhone is still farsighted but what is not, is the Firefox Home project. The project recently made its first approach to Apple and Mozilla has submitted the Firefox Home application to Apple for a review. There are high hopes for the app and it will enter the app store.

If you are left wondering as to what Firefox Home is all about, see the coverage we did earlier.

Firefox home is a browsing session syncing application for the iPhone OS. This app is based on Firefox Sync and allows access to the last browsing history, bookmarks and the set of tabs. This serves as an excellent session manager for web browsing and the fact that it is available anywhere makes you feel at home, so the name.

Firefox Home uses WebKit, the base for Safari web browser already present in the iPhone. Clearly, this is not a competition to Apple’s Safari web browser and Apple will not shed it as it did earlier with other browsers. Apart from that, Firefox home will open all web links into the Safari browser and will act only as a syncing and a session management tool.

Apple is yet to confirm this inclusion.

(Source)

Google News Gets a Redesign, More Customizability on its Way

Google has made some changes to the official Google News homepage and is aiming for a better customizable and shareable experience for its customers. The new interface aims to bring up exclusives and unique stories to notice and improve the Google News experience, which was going downhill because of its automated nature.

The Official Google Blog remarks on this change saying,

There’s an old saying that all news is local. But all news is personal too—we connect with it in different ways depending on our interests, where we live, what we do and a lot of other factors. Today we’re revamping the Google News homepage with several changes designed to make the news that you see more relevant to you.

One primary change appears as the inclusion of the new sidebar, which is the one we see in Google search currently. Your homepage news content can be personalized and they are calling this feature “News For You”. News sources can be rated as high or low affecting their appearance and positioning in your personalized News page.

Keyboard shortcuts have made life easier while using Gmail and Google Reader. Now, it comes to Google News as well. Apart from that, there are some new sharing options for Twitter, Facebook etc.

The update is US only currently and will be made available across other areas in the next few days. See the video below to know more.

Your AT&T Voicemail is Open to All

AT&T has too many embarrassments to live with. Another one just was added to this list with a security problem in voicemail. Apparently, it is extremely easy to gain access to AT&T voicemail using an Android phone. Do not believe me? Read on.

We have all heard of IP address spoofing. Well, there is also something called Caller ID spoofing. This lets you gain access to any voicemail over an AT&T network. There is an app, which lets you spoof your caller ID number and lets you place a call to the voicemail posing as someone else.

What is even more interesting is that AT&T knows about the problem and is giving lame instructions putting several customers at risk. The official response on this says,

AT&T is committed to providing secure access to your voicemail. Your voicemail service is set up for fast access to voicemail and does not require a password when checking voicemail from your wireless device.

We are aware of companies that offer spoofingtechnology, which enables others to gain unauthorized access to wireless voicemail accounts that are not protected by a password. If you are concerned about unauthorized access to your wireless voicemail account, we recommend you add a password to your voicemail account.

Thus, according to AT&T they are providing a fast access to the voicemail without using a password. AT&T is already losing tech-savvy customers to Verizon. It is time AT&T changes this attitude towards its customers.

Thanks to kdawson for sharing this on Slashdot.

Google Chrome Will Block Out-of-Date Plugins in Future

Google has introduced a feature for automatic updates in its latest Chrome browser but that does not seem to be enough to Google. Therefore, it has gone a step further to add a technology that blocks out of date plugins in Google Chrome, forcing users to upgrade them if they wish to continue using these plugins.

Google has not announced any official time for the release of this feature but it is expected sometime in the next few months. According to this feature, the browser will also show warnings to inform users of lesser-used plugins.

Google Chrome already provides support for an Adobe PDF and Flash by default. Now, Google has taken a step towards security by issuing these updates automatically, which makes Chrome a safer browser. There are some other security features in store for Google Chrome, about which Google says,

There are more ways we are attacking the problem:
Integrated, sandboxed PDF viewing: We have announced an integrated PDF viewer plug-in running inside Google Chrome’s sandbox. This will make it harder for PDF-based vulnerabilities to result in the persistent installation of malware.
Protection from out-of-date plug-ins: Medium-term, Google Chrome will start refusing to run certain out-of-date plug-ins (and help the user update).
Warning before running infrequently used plug-ins: Some plug-ins are widely installed but typically not required for today’s Internet experience. For most users, any attempt to instantiate such a plug-in is suspicious and Google Chrome will warn on this condition.
A next generation plug-in API: Peppermakes it easier to sandbox plug-ins.

Currently, this level of security is offered only by Firefox, which shows update notifications and will auto-update plugins in future.

(Source)

Adobe Does What it is Best at: Fixing More Security Holes in Adobe Reader

This Tuesday, Adobe released a slew of updates to fix security holes numbered at 17, all of them critical. One of these was used widely to take control of computers using social engineering and PDF documents. The same vulnerability was present in Flash and was fixed on 10th of June.

adobe-reader-security-vulnerability

This clearly indicates that Adobe uses reusable code across multiple products and given the kind of security vulnerabilities it carries, a hole in one of the Adobe software can easily be present in others as well. Thankfully, hackers Didier Stevens and a researcher at NitroSecurity found these security holes in two separate attempts as a proof-of-concept hack.

Adobe made a statement on this saying,

We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.

To counter its vulnerable codes and to improve the security of users, Adobe rolled out a new update system in April this year. It seems to be effective but we all know that patchwork is not the best practice in software development. Adobe should try making its products more secure at the core.

(Source)

Hulu Plus: Now your TV Show Will Love You Back

Hulu is a joint venture of NBC, FOX and other popular TV networks in the US to provide access to TV shows online to US residents exclusively. The service is extremely popular and it just got better with  the announcement of Hulu Plus.

Hulu Plus brings a host of new features to the existing Hulu service. It acts as a compliment to the original Hulu service and not necessarily as a replacement to it. It allows viewing of full seasons of your favorite TV show and not only the last few episodes unlike Hulu. This, coupled with the support for ads creates a good revenue ecosystem around this new service.

Now, you need not worry if you miss an episode or want to watch that awesome episode of any series, with your friends. Just tune in to Hulu Plus. Full seasons are  available for some popular shows in the league of “The X-Files”, “Buffy the Vampire Slayer” and “Law and Order: SVU”. Hulu Plus promises a “watch whenever and wherever” service. With these improvements, you can watch your favorite shows whenever you want. That is the first part of what is new.

Coming to the “wherever”, Hulu Plus also features an application for specific Samsung TVs and Blu-Ray players, which let you watch your show right into the box. However, if you are looking for some portability and are carrying your iPhone or iPad, you can catch up with Hulu Plus on a Wi-Fi or 3G network.

This, they say, is just the beginning and improvements will be made to support more devices. The Hulu Plus service is available as an invitation only currently. Request your invitation to try it out. The service is charged at $9.99 per month.

Catch up with some more info on this at the official Hulu Plus blog post.

HTC Legend, Desire and Wildfire Finally Getting the Android 2.2 Froyo Update

HTC raised a lot of clamor over its Android 2.2 update for phones released in 2010. There were too many controversial official statements to consider. In one statement, HTC remarked that all phones released in 2010 would get the Froyo update whereas, in another, it went on to mention names of specific models and left out some.

android-2-2-froyo-htc-legend

This easily made us assume that the Froyo update was would not be available for these models. This included the first HTC phone to get Android 2.1, the HTC Legend.

The news has come on the event of rollout of the Android 2.2 update. The first phone to get this update is obviously the Google Nexus One. The updates for Legend, Desire and Wildfire will all roll out in the third quarter of this year. A thread on the XDA developers’ forum talked of a 2.2 update for HTC Legend a few days ago but it was  discarded as a rumor.

New features will include a brand new virtual machine promising speed improvements, better battery life and an improved web browser. The latest Flash player 10.1 and Adobe Air will also be available to Froyo devices and apps will run 2 to 5 times faster.

The last time I requested an update from HTC on this matter, I received this mail from HTC.

We would inform that we working closely with Google and our partners to ensure we have the earliest access to everything we need to provide a complete and solid sense experience on FROYO. We expect to release all updates in the second half of this year but cannot be more specific yet. We look forward for your kind co-operation.

This comes as good news to all HTC phone owners and assures us that all phones from 2010 will get the Froyo update. However, I did not understand why HTC is being so secretive about these updates and not willing to comment on specific models.

Now that the news is confirmed, you can safely select a phone of your choice  from this list.

(Source)

Did the FBI Fail to Decrypt a Hard Drive Encrypted with TrueCrypt?

The Operation Satyagraha at Rio de Janeiro has hard-drives as evidence but the problem is these five hard drives are all encrypted using TrueCrypt. This is giving the FBI a hard time as it struggles to decrypt the files on these drives.

The Operation Satyagraha took place in 2008 and the investigation has been continuing ever since. Apparently, the Brazil was investigating the drives initially but they were handed over to the FBI only when they could not handle it anymore. However, the FBI has returned the drives saying it failed to decrypt the drives.

The hard drives are using an AES and TrueCrypt. The FBI has been trying a dictionary attack on the files and has failed so far. The failure to decrypt these hard drives has brought immense shame to the FBI and has exposed its weakness at dealing with the technological advancements of modern times. Funnily enough, there exists no law in Brazil to force the banker give up his passwords.

A few months ago, there was news of the FBI director missing the fact that Google earth is not real time and does not show live data. See this hilarious news  here. This proves how the security agencies in various countries are lagging behind in technology.

(Source)

Android 2.2 Running on Nokia N900

Nokia N900 is the hottest Nokia phone right now. It sports Maemo, the flagship mobile OS over which Nokia fans are going all gaga. Hackers have gone a step further in showing this love by porting Android 2.2 to the Nokia N900.

The port is full of bugs though. There is no network signal, the Wi-Fi needs a manual setup and the touchscreen lags but at least it works! The Android port on iPhone lagged heavily as well. The hackers are working to improve this port. In the meanwhile, enjoy this YouTube video.

(Source)