May 09, 2017,Published by: The Security Blog

Only Source Code Audit Not Hackathon Can Prove Infallibility of EVMs

May 09, 2017, Published by : The Security Blog



I was about to write a blog on Home Routers and their vulnerabilites as it has been a while since I wrote a blog.

But today's development about EVMs has interrupted all that, and here I am writing about EVMs again.

While I was waiting for the EC announced Hackathon, today AAP in Delhi assembly demonstrated an EVM hack. Technically it wasnt an EC EVM hack as they used a look alike EVM which didnt belong to EC. Neverthless, it was so powerful a demo that it has brought back the EVM issue in the limelight. Whatsapp has two ways of verifying your phone number. One is via sending an SMS (the send or resend SMS option) while the other is via making a call (the call me option). By entering the number of a public payphone and using the call me option, one can receive the verification code via voice on the public payphone and enter it as the verification code.



MORE

Security Nightmare: Easy to Hide One's Identity Using WhatsApp

March 27, 2017, Published by : The Security Blog



Whatsapp has two ways of verifying your phone number. One is via sending an SMS (the send or resend SMS option) while the other is via making a call (the call me option). By entering the number of a public payphone and using the call me option, one can receive the verification code via voice on the public payphone and enter it as the verification code.

Whatsapp has two ways of verifying your phone number. One is via sending an SMS (the send or resend SMS option) while the other is via making a call (the call me option). By entering the number of a public payphone and using the call me option, one can receive the verification code via voice on the public payphone and enter it as the verification code linking one's whatsapp account to a public payphone and thus anonymize oneself.

MORE

Suspect EVM security means there will be doubts about all future election results

March 8, 2017, Published by : The Security Blog

In 2010, a Hyderabad based security researcher Mr. Hari Prasad procured an Electronic Voting Machine (EVM) from somewhere ( probably picked up stealthily from the EVM storage with the help of someone) and showed two ways of hacking the EVM. He was imprisoned before the Supreme Court freed him.

He came up with a piece of hardware that is small enough to tuck in a shirt pocket and showed that with the help of that hardware and a brief physical access to the EVM machine, the votes can be altered.

In the recent Maharashtra civic elections, there have been reports of widespread discrepancies between the counts by the EVM and the total number of votes polled.

MORE

Aadhar: Can UIDAI catch all instances of stored biometrics?

There is an interesting news about the all pervasive AADHAR ( the biometric fingerprint project which is touted to be the unique id that will solve all our problems) project. Three companies --- Axis Bank, Bangalore based eMudhra, and Mumbai based Suvidhaa Infoserve -- are booked for using stored biometrics to authenticate the biometrics, which is a violation of the Aadhar act. The Aadhar act apparently stipulates that one cannot use stored biometrics to authenticate a fingerprint.

These companies used stored biometrics to authenticate a fingerprint. The penalty for this is 3 years of imprisonment. In their defense, these companies claim that they were only testing their software.

MORE

Bug in ICICI Bank Software sends SMS saying payment is received in the future

February 14, 2017, Published by : The Security Blog

I have an ICICI credit card since 1999. I use the card heavily but usually pay the amount due by the deadline which in my case is the 20 th o every month.

MORE

Cashless disaster: Bhim App Released Without Basic Security Measures in Place

January 3, 2017, Published by : Sabrangindia

In a hurry to present one more sop before the coming crucial 2017 elections in five states, the Bhim APP has been released without even the basic functionality testing.

MORE

Startups Livid as Github blocked across India

December 31, 2014, Published by : Vocativ

“I’m sitting here in a café, and everyone here is a young person on their computer working on their IT startup,” says Samir Kelekar, on the phone from Bangalore, India.

MORE

Massive QBot Botnet strikes: 800 thousand bank transactions sniffed

October 9, 2014, Published by : Indusface

A new botnet has been detected. A US-based security research firm Proofpoint has come up with a detailed analysis of a botnet that has infected around 500 thousand computers and credentials for around 800 thousand bank transactions have been sniffed. 75% of the infections have happened in the US.

MORE

Beating WAF Signatures

February 5, 2014, Published by : Indusface

Today, on the internet, a whole range of applications are moving to the web, and so are security vulnerabilities. Hackers are concentrating on attacking web applications. As part of the defense of web apps, WAFs (web application firewalls) are now becoming commonplace.. A WAF blocks layer 7 http(s) attacks; it is becoming as important as a traditional firewall.

MORE

Is UID anti-people? UID's security is flawed.

December 27, 2012, Published by : MoneyLife

There is a distinct difference between identification and authentication. Worldwide, biometrics is mainly used for identification rather than authentication when the sample size is large. Yet, in India, the government and the UIDAI are trying hard to use the UID number for both identification and authentication

MORE

Plugging a Network Hole in Real Time

July 27, 2012, Published by : Gadgetsnow.com

In May 2011 and again in June the same year, Sony's databases were broken into by hacker group Lulz Security and the hackers made merry with more than a million passwords. The hackers exploited vulnerabilities in Sony's systems by sending a simple SQL code and retrieved the passwords. That incident has contributed in part to Sony's current financial woes. And it underscored how important it is for companies and individuals to understand the internet and network security.

MORE

Hackers may catch Indian banks napping

July 12, 2011, Published by : Deccan Herald

With the rising incidence of cyber crime, how safe is Internet banking in India? Samir Kelekar finds out About two months ago, there was a major phishing attack on one of India's largest public sector banks.

MORE

There is an urgent need for public scrutiny of Electronic Voting Machines

August 27, 2010, Published by : MoneyLife

An interesting incident regarding Electronic Voting Machines (EVMs) has hit the headlines in recent days. Hari Prasad, managing director of Hyderabad-based Net India Private Limited, was arrested for 'stealing' an EVM.ernet banking in India? Samir Kelekar finds out

About two months ago, there was a major phishing attack on one of India's largest public sector banks.

MORE

National UID: An Orwellian Odyssey

May 18, 2010, Published by : MoneyLife

Cut to 2020. Is this how Big Brother is going to exploit the UID project?

The year is 2020. I walk down from my apartment at Domlur Layout, Bangalore to go for an evening's relaxation to the Metro Road (previously called M G Road). As I hail an auto rickshaw and pay the fare via my automated mobile cum payment card, I get a message on my mobile: "Thanks for using Balaji's Auto Service, the last time you travelled by auto was three days back, from Koramangala to your home in Domlur". I am bit puzzled as to how they know this, but I brush the thought away.

MORE

Falling short on security

January 12, 2009, Published by : Hindu Business Line

Many security aspects are being discussed threadbare in the context of the recent Mumbai terror attack. From an information technology (IT) perspective, the most important issue seems to be that the 26/11 terrorists allegedly used VoIP (voice over IP) to communicate with their masters in Pakistan while conducting the attack, observes Dr Samir Kelekar, MD, Teknotrends Software Pvt Ltd, Bangalore ( www.teknotrends.com).

MORE

You could be flushed into a con

January 2, 2009, Published by : DNAIndia

Crooks are exploiting vulnerabilities in the domain name system servers of internet service providers to redirect traffic to malicious sites that trick users.

MORE

In defense of the art of Hacking

December, 2001, Published by : Express Computer

Breaking into computer systems to steal information or damage files is definitely criminal. But that does not justify classifying the art of hacking itself as illegal or undesirable, argues Samir Kelekar, as he puts forth his case in defence of hacking.

In a world full of dos and don’ts, there are few things that are good for the soul. And one such thing is hacking. Hacking, the art of electronically breaking through the security of a computer or a network, is much maligned, but for a true hacker, it is almost the essence of his/her (haven’t heard of too many women hackers though) life.

MORE

SUBSCRIBE TO THIS BLOG

Copyrights © 2017 Teknotrends Software Private Limited All rights reserved | Template by W3layouts