Wednesday, February 27, 2019

Samsung Galaxy M30 - India Launch Today - Expected Price and Specification

Samsung Galaxy M30

Samsung is all set to launch Samsung Galaxy M30 in India today. This is going to be the third phone of Samsung M Series after Samsung Galaxy M10 and Samsung Galaxy M20

Samsung Galaxy M30 Expected Specifications:

Samsung M30 Display

  • According to Samsung, the Galaxy M30 will sport a Super AMOLED 6.38-inch Infinity-U Display. 
  • In the camera part, M30 will house a triple rear camera setup with an ultra-wide angle lens.
  • It will have a massive 5000 mAh battery and also comes with a 15W fast charger.
  • Samsung Galaxy M30 will run on Android 8.0 Oreo out of the box layered with Samsung's Experience UI.

Samsung Galaxy M30 Expected Price:

The starting price of this smartphone is expected to be Rs. 15,000. The other two smartphones, Samsung Galaxy M20 is priced at Rs. 10,990 for 3GB RAM/ 32GB Storage and the 4GB RAM/ 64GB Storage variant costs Rs. 12,990. On the other hand, the Samsung Galaxy M10 costs Rs. 7,990 for 2GB RAM/ 16GB Storage, while the 3Gb RAM and 32GB Storage is priced at Rs. 8,990.

Samsung Galaxy M30 Expected Camera Specs:

Samsung Galaxy M30 Triple Camera

The smartphone has a triple rear camera setup with the primary camera having 13-megapixel with an f/1.9 lens, a 5-megapixel secondary with ultra-wide f/2.2 lens and, a 5-megapixel tertiary sensor with an f/2.2 lens.

Also read:


Friday, February 22, 2019

What is Microsoft Azure or Windows Azure - Explained - SingleWindowTech

Microsoft Azure

The idea behind any cloud computing proposal is for you to pay only for what you use, scaling up or down according to business needs. Vendors supporting cloud computing can interpret this statement differently, providing varying levels of services to achieve this result. The three approaches to cloud computing are Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS).

What is Platform-as-a-Service (PaaS) - Explained - SingleWindowTech

Platform As A Service - PaaS

A growing interest in moving software applications, services, and even infrastructure resources from in-house premises to external providers has been witnessed recently. It is not necessary anymore to bear considerable costs for maintaining the IT infrastructures or to plan for peak demand. Instead, infrastructure and applications can scale elastically according to the business needs at a reasonable price.

What is Software-as-a-Service (SaaS) - Explained - SingleWindowTech

What is Software-as-a-Service - SaaS

Have you ever given a thought about how a software works? Software which has multiple tasks has multiple databases which are joined accordingly to show the performance of any work or task distributed over durations. What happens when this data loaded into the software takes a new model when it comes to the internet. The server has to check according to the check and access points to present what the user needs to see or how much it should see without any tampering. 

What is Infrastructure-as-a-Service (IaaS) - Explained - SingleWindowTech

Infrastructure-as-a service (IaaS)
Image Credits: Vault Networks

What is Infrastructure-as-a-Service (IaaS)?

IaaS online services that provide high-level APIs used to dereference various low-level details of underlying network infrastructure

Tuesday, February 19, 2019

Your Smartphone is Equipped With So Many Sensors. What are they?

Smartphone Sensors

Have you seen the movie “Mission Impossible Movie Series” which presents some of the coolest gadgets installed

Sunday, February 17, 2019

What is PhotoDNA Technology and How Does It Work?

Microsoft PhotoDNA

The decade of the 2010s is coming to end. This decade has shown super and hyper-exponential growth in scientific developments. Those are countless and it will be disrespect for other technology if they are not mentioned here. But yes, with great development also witnessed a boom in sexual and child abuse all across the globes. For this, the biggest software giant made greater progress to stop such types of nuisance existing in society. Yes, it is Microsoft. Microsoft believes its customers are entitled to safer and more secure online experiences that are free from illegal, objectionable and unwanted content.

What is PhotoDNA Technology?

PhotoDNA is the name and technology developed by Microsoft towards this thing. PhotoDNA is a core element of Microsoft’s voluntary business strategy to protect its customers, systems, and reputation by helping to create a safer online environment. In 2009 Microsoft partnered with Dartmouth College to develop PhotoDNA, a technology that aids in finding and removing some of the “worst of the worst” images of child sexual abuse from the Internet. Microsoft has provided PhotoDNA for free to help fight online child exploitation.

How PhotoDNA Technology Works:

How PhotoDNA Technology Works
Image Credits: Microsoft

Also read: What is reCaptcha?
  • This "robust hashing" technology, calculates the particular characteristics of a given digital image. Its digital fingerprint or "hash value" enables it to match it to other copies of that same image
  • Most common forms of hashing technology are insufficient because once a digital image has been altered in any way, whether by resizing, resaving in a different format or through digital editing, its original hash value is replaced by a new hash.
  • The image may look exactly the same to a viewer, but there is no way to match one photo to another through their hashes.
  • Once National Center for Missing and Exploited Children (NCMEC) assigns PhotoDNA signatures to known images of abuse, those signatures can be shared with online service providers, who can match them against the hashes of photos on their own services, find copies of the same photos and remove them.
  • Technology companies can use the mathematical algorithm and search their servers and databases to find matches to that image. 
  • When matches are found, the images can be removed as violations of the company's terms of use.
  • It is not facial recognition software. A PhotoDNA hash is not reversible, and therefore cannot be used to recreate an image.
  • Numerical values represent the “PhotoDNA signature,” or “hash,” of an image, which can then be compared to signatures of other images to find copies of a given image with incredible accuracy and at scale.
Also read: How PhotoDNA for Video is being used to fight online child exploitation.

PhotoDNA Cloud Service:

PhotoDNA Cloud Service leverages the speed, security, and efficiency of the Microsoft cloud to help detect, report and disrupt the distribution of child sexual abuse materials in an online environment. 

  • PhotoDNA Cloud Service runs on Azure and is provided free of charge to qualified companies and developers. It is not available to law enforcement at this time.
  •  PhotoDNA Cloud Service is specifically limited to scanning unknown content to detect illegal images.
  • For U.S.-based customers, the PhotoDNA Cloud Service provides an API to submit reports to the National Center for Missing and Exploited Children. Internationally based customers will need to determine how to submit reports on their own.

PhotoDNA enables the U.S. National Center for Missing & Exploited Children (NCMEC) and leading technology companies such as Facebook, Twitter, and Google, to match images through the use of a mathematical signature with a likelihood of false positive of 1 in 10 billion. Once NCMEC assigns PhotoDNA signatures to known images of abuse, those signatures can be shared with online service providers, who can match them against the hashes of photos on their own services, find copies of the same photos and remove them.
This is a precise, surgical technique for preventing the redistribution of such images and it is based on voluntary, private sector leadership. Also, by identifying previously "invisible" copies of identical photos, law enforcement may get new leads to help track down the perpetrators. These are among "the worst of the worst" images of prepubescent children being sexually abused, images that no one believes to be protected speech.

Why PhotoDNA Technology is being talked in India?

The Ministry of Home Affairs is in talks with Microsoft to acquire this technology. Though, India has achieved tremendously through Prevention of Child from Sexual Offences Act, 2018 (POCSO), adding this technology as an acumen will no doubt bring more enhancement in this work.
This will help the administration to keep an eye over child exploitation going in the country in all parts. Child Exploitation is one of the common crime increasing in these days and with PhotoDNA becoming part of our nation will eradicate up to a greater extent. 


Monday, February 11, 2019

What is reCAPTCHA by Google and how does it work?

What is reCAPTCHA and how it works?

Since their inception, captchas have been widely used for preventing fraudsters from performing illicit actions. Nevertheless, economic incentives have resulted in an arms race, where fraudsters develop automated solvers and, in turn, captcha services tweak their design to break the solvers. Recent work, however, presented a generic attack that can be applied to any text-based captcha scheme.

With this aim, Google unveiled the latest version of reCAPTCHA. The goal of their new system is twofold; to minimize the effort for legitimate users, while requiring tasks that are more challenging to computers than text recognition. reCAPTCHA is driven by an “advanced risk analysis system” that evaluates requests and selects the difficulty of the captcha that will be returned. Users may be required to click in a checkbox or solve a challenge by identifying images with similar content.

Also readWhat is a VPN? A Beginner's Guide.

reCAPTCHA by Google - Purpose, and Working

The reCAPTCHA service offered by Google is the most widely used captcha service and has been adopted by many popular websites for preventing automated bots from conducting nefarious activities. Google announced that the deployment of a new reCaptcha mechanism designed to be more human-friendly and secure. 
  • Widget: When visiting a webpage protected by reCAPTCHA. The widget’s JavaScript code is obfuscated, to prevent analysis from third parties. When the widget loads, it collects information about the user’s browser which will be sent back to the server. Furthermore, it performs a series of checks for verifying the user’s browser. 
  • Workflow: Once the user clicks in the checkbox, a request is sent to Google contains:
  1. Referrer
  2. Website’s site key (obtained when registering for reCaptcha)
  3. Cookie for google.com
  4. Information generated by the widget’s browser checks (encrypted). 
The request is then analyzed by the advanced risk analysis system, which decides what type of captcha challenge will be presented to the user. Once the challenge has been presented to the user, it has to be answered within 55 seconds. Otherwise, the popup is closed and the user is required to click on the checkbox again to receive a new challenge. Once the user clicks, an HTML field called recaptcha-token is populated with a token. If the user is deemed legitimate and not required to solve a challenge, the token becomes valid on Google’s side.
Also readFive Best Smartwatches to Buy
Based on the level of confidence assigned to the specific request, Google’s advanced risk analysis system will select which type of challenge to present to the user. The different versions present a varying level of difficulty and nuisance, as some are trivial to pass while others are problematic even for humans. If a specific user requests multiple challenges or provides several wrong answers in a short amount of time, the system will return increasingly harder challenges.

Threat Model and Cookie Manager:

The Google tracking cookie plays a crucial role in determining the difficulty of the challenge that is presented to the user. Furthermore, each cookie can receive up to 8 checkbox captchas in a day. As part of our attack, we develop functionality for automatically creating Google cookies. The goal is to create cookies which are subsequently “trained” to appear as originating from legitimate users and not automated bots. In each case, we create a cookie in a clean virtual machine, where our browser automation system imitates a user browsing the web.

In practice, fraudsters may follow two distinct approaches for solving challenges. 
  1. They may employ an automated captcha breaking system, which will allow them to conduct nefarious actions unencumbered (e.g., create email accounts, post in forums). 
  2. They may employ humans to manually solve challenges, i.e., through an underground captcha-solving service.

GRIS, Tag Classifiers & CR:

  • Google Reverse Image Search (GRIS) offers the ability to conduct a search based on an image. If the search is successful it may return a “best guess” description of the image (which may differ for the same image across searches) along with a list of websites where the image is contained, and other available sizes of that image. While this is not part of Google’s public API, we identified the format of the search URL so our module can replicate the functionality.
  • Returned tags do not always exactly match the description (i.e., hint) given by reCaptcha for a challenge. To overcome this, we leverage machine learning to develop a classifier that can “guess” the content of an image based on a subset of the tags. Once the classifier has been trained, it can be used to predict the similarity of the captcha’s hint and the tags by computing the cosine similarity between their corresponding word vectors, with the goal of identifying subsets of tags from each image that have been associated with the hint during the training phase.
  • Canvas rendering is a known technique to fingerprint user across machines and browsers. The captcha's JavaScript code creates a Canvas element and draws a predefined composition. After the rendering is complete, the element is encoded in base64 and sent back with the other data when the user clicks the checkbox. This piece of information can be used to browser rendering ability and determine the browser version and later compared to detect the discrepancies with the reported user-agent.
Also readWhat is Dark Web? Things You Should Know.

CheckBox Captcha:

By leveraging proxy services and running multiple attacks in parallel, this amount could be significantly higher for a single machine. Since captcha-breaking is driven by monetary incentives, we evaluate our findings from an economic perspective and compare our attack to a captcha-solving service. reCaptcha altered the safeguards and the risk analysis process to mitigate our large-scale token harvesting attacks. They also removed the solution flexibility and sample image from the image captcha for reducing the attack’s accuracy. 

Friday, February 8, 2019

What is a VPN? A Beginner's Guide.

VPN

The world has changed a lot in the last couple of decades. Instead of simply dealing with local or regional concerns, many businesses now have to think about global markets and logistics. Many companies have facilities spread out across the country, or even around the world. But there is one thing that all companies need: a way to maintain fast, secure, and reliable communications wherever their offices are located.

As the popularity of the Internet has grown, businesses have turned to it as a means of extending their own networks. First came intranets, which are sites designed for use only by company employees. Now, many companies create their own Virtual Private Networks (VPNs) to accommodate the needs of remote employees and distant offices.

Also read: Best Free VPN that you can trust.

There is an increasing demand nowadays to connect to internal networks from distant locations. Employees often need to connect to internal private networks over the Internet (which is by nature insecure) from home, hotels, airports or from other external networks. Security becomes a major consideration when staff or business partners have constant access to internal networks from insecure external locations.

What is a VPN?

What is a VPN?

VPN (Virtual Private Network) technology provides a way of protecting information being transmitted over the Internet, by allowing users to establish a virtual private “tunnel” to securely enter an internal network, accessing resources, data, and communications via an insecure network such as the Internet.

How VPN Works?

How VPN works
Also readWhat is 5G Network?
  • VPN transmits data by means of tunneling. Before a packet is transmitted, it is encapsulated (wrapped) in a new packet, with a new header. This header provides routing information so that it can traverse a shared or public network before it reaches its tunnel endpoint. 
  • This logical path that the encapsulated packets travel through is called a tunnel. When each packet reaches the tunnel endpoint, it is “decapsulated” and forwarded to its final destination. Both tunnel endpoints need to support the same tunneling protocol. 
  • Tunneling protocols are operated at either the OSI (Open System Interconnection) layer two (data-link layer), or layer three (network layer). The most commonly used tunneling protocols are IPsec, L2TP, PPTP, and SSL. A packet with a private non-routable IP address can be sent inside a packet with a globally unique IP address, thereby extending a private network over the Internet.
Also readWhat is Dark Web?

VPN Security:

VPN Security

  • VPN uses encryption to provide data confidentiality. Once connected, the VPN makes use of the tunneling mechanism described above to encapsulate encrypted data into a secure tunnel, with openly read headers that can cross a public network. Packets passed over a public network in this way are unreadable without proper decryption keys, thus ensuring that data is not disclosed or changed in any way during transmission.
  • VPN can also provide a data integrity check. This is typically performed using a message digest to ensure that the data has not been tampered with during transmission.
Also read: Understanding 2.4 GHz and 5 GHz Network

Types of VPN:

  1. Firewall VPN: This is equipped with both firewall and VPN capabilities. This type of VPN makes use of the security mechanisms in firewalls to restrict access to an internal network. The features it provides include address translation, user authentication, real-time alarms, and extensive logging.
  2. Hardware VPN: A hardware-based VPN offers high network throughput, better performance, and more reliability since there is no processor overhead.
  3. Software VPN: A software-based VPN provides the most flexibility in how traffic is managed. This type is suitable when VPN endpoints are not controlled by the same party, and where different firewalls and routers are used. It can be used with hardware encryption accelerators to enhance performance.
  4. SSL VPN: An SSL VPN3 allows users to connect to VPN devices using a web browser. The SSL (Secure Sockets Layer) protocol or TLS (Transport Layer Security) protocol is used to encrypt traffic between the web browser and the SSL VPN device.

VPN Protocols:

  • IPsec enables a system to select and negotiate the required security protocols, algorithm(s) and secret keys to be used for the services requested. IPsec provides basic authentication, data integrity, and encryption services to protect unauthorized viewing and modification of data. It makes use of two security protocols, AH (Authentication Header) and ESP (Encapsulated Security Payload), for required services. However, IPsec is limited to only sending IP packets.
  • PPTP (Point-to-Point Tunnelling Protocol) is an OSI layer two protocols built on top of the PPP (Point-to-point protocol). PPP is a multi-protocol, dial-up protocol used to connect to the Internet. Remote users can access a private network via PPTP by first dialing into their local ISP. PPTP connects to the target network by creating a virtual network for each remote client. PPTP allows a PPP session, with non-TCP/IP protocols (e.g. IP, IPX or NetBEUI), to be tunneled through an IP network.
  • L2TP (Layer 2 Tunnelling Protocol) is a combination of Microsoft PPTP (Point-to-Point Tunnelling Protocol) and Cisco L2F (Layer 2 Forwarding). L2TP can be used as a tunneling protocol to encapsulate PPP (Point-to-Point Protocol) frames to be sent over IP, X.25, Frame Relay or ATM networks. Multiple connections are allowed through one tunnel. Like PPTP and L2F, L2TP operates on OSI layer two. Layer two VPN protocols encapsulate data in PPP frames and are capable of transmitting non-IP protocols over an IP network.
  • Open VPN is an open source VPN protocol. Since this is an open source user can dig into its code to find vulnerabilities. Being an open source this can also be used in other projects. This is one of the most secure VPN protocol that allows users to protect their data using AES-256 bit key encryption with 2048-bit RSA authentication, and a 160-bit SHA1 hash algorithm.
  • IKEv2 (Internet Key Exchange version 2) is a protpcol developed by Microsoft and Cisco. It is a tunneling protocol that provides a secure key exchange session. It is often paired with IPSec for encryption and authentication. It has native support for Windows, iOS and Blackberry devices. Linux and Andriod support are also available via third-party apps.
Also read: What is Blockchain?
Risks and Attacks:

  • VPN hijacking is the unauthorized take-over of an established VPN connection from a remote client and impersonating that client on the connecting network. 
  • Man-in-the-middle attacks affect traffic being sent between communicating parties and can include interception, insertion, deletion, and modification of messages, reflecting messages back at the sender, replaying old messages and redirecting messages.
  • A client machine may also be shared with other parties who are not fully aware of the security implications. In addition, a laptop used by a mobile user may be connected to the Internet, a wireless LAN at a hotel, airport or on other foreign networks. However, security protection in most of these public connection points is inadequate for VPN access. If the VPN client machine is compromised, either before or during the connection, this poses a risk to the connecting network.
  • A connecting network can be compromised if the client side is infected with a virus. If a virus or spyware infects a client machine, there is a chance that the password for the VPN connection might be leaked to an attacker. In the case of an intranet or extranet VPN connection, if one network is infected by a virus or worm, that virus/worm can be spread quickly to other networks if anti-virus protection systems are ineffective.


Popular VPN Services:

Popular VPN Services

There are many contenders in the market out there. Some of them are free and some are paid. Using the paid ones ensures that you are using a service and that can be trusted. However, using a free one has always a threat of your data being compromised.

Here are some of the best VPN services, since these are paid and has a good user base, you can trust one of these. 

1. ExpressVPN

Express VPN


2. NordVPN

Nord VPN


3. IPVanish

IP Vanish


4. PureVPN

Pure VPN


5. TunnelBear

TunnelBear VPN

Wednesday, February 6, 2019

Home Smart Home - Understanding The Home Automation System

What is Home automation?

“The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify inefficiency”.
- Bill Gates

What is Home Automation:

Home automation is automation of the home, housework or household activity. Home automation may include centralized control of lighting, HVAC (heating, ventilation and air conditioning), appliances, and other systems, to provide improved convenience, comfort, energy efficiency, and security.

Sunday, February 3, 2019

Online Payment System and Its Role in E-Commerce

Online Payment System and it's Role in E-Commerce

Why people came up for online business? 
The Sellers - There are many reasons why we go for this type of business. For the seller or merchants, they can operate their business profitably 24/7 and reach the market across the world - geographical boundary is not a barrier anymore. It is not necessary for them to establish their shops physically in many places around the world which means anyone even small businesses can have their business online. 

Friday, February 1, 2019

The Story of Amazon Prime Video and Netflix Video Streaming Service in India

netflix and amazon, the story of becoming the largest online media streaming site


Attack me bhi gun, defense me bhi gun, hum banayenge Mirzapur ko Amirica
Kabhi kabhi lagta hai apun hi bhagwan hai

Today hardly there may be Internet nerd from India who hasn’t seen the trailers of Sacred Games and Mirzapur. The people of Mirzapur, near to Varanasi would have never thought that their city on world map today by the viewers viewing these web series.

Featured Post

Paytm Credit Card Launched With "Universal Unlimited Cashback" in Partnership With Citi

Paytm in partnership with Citi is about to launch a credit card namely Paytm First Card. The new Paytm Credit Card is said to offer 1% un...