What is Steganography?

Steganography is a means of obscuring data where secret messages are hidden inside computer files such as images, sound files, videos and even executable files so that, no one except the sender and the receiver will suspect the existence of stealth information in it. Steganography may also involve the usage of cryptography where the message is first encrypted before it is concealed in another file. Generally, the messages appear to be something else such as an image, sound or video so that the transfer of secret data remains unsuspected.

The main advantage of steganography over other methods such as cryptography is that, it will not arose suspicion even if the files fall in the hands of a third party. Unlike cryptographic messages, stegnographic messages will no way attract the attention of a third party by themselves. Thus stegnanography has an upper hand over cryptography as it involves both encryption and obscurity.

What are the Applications of Steganography?

Steganography is mainly used to obscure confidential information/data during storage or transmission. For example, one can hide a secret message in an audio file and send this to another party via email instead of sending the message in the textual format. The receiver on the other end will decrypt the hidden message using the private decryption key. In a worst case scenario, even if a third party does manage to gain access to the email, all he can find is the audio file and not the hidden data inside it. Other usage of steganography include digital watermarking of images for reasons such as copyright protection.

Eventhough steganography has many useful applications, some may use this technique for illegitimate purposes such as hiding a pornographic content in other large files. Roumors about terrorists using steganography for hiding and communicating their secret information and instructions are also reported. An article claiming that, al-Queda had used steganography to encode messages in images and transported them via e-mails, was reported by New York Times, in October 2001.

How do Steganography Tools Work?

Stegnography tools implement intelligent algorithms to carefully embed the encrypted text messages or data inside other larger files such as an image, audio, video or an executable file. Some tools will embed the encrypted data at the end of another file so that there will be enough room for storing larger data.

There are many steganography tools available online but only a few are able to work flawlessly. I did not find any tool that worked perfectly on both small and large data. However I have  managed to develop my own tool that can work perfectly on all types of files and all size of data. The tool is called “Stego Magic“. You can download it from the following link.

The zip file contains two versions of Stego Magic: One for encrypting the text messages and the other for encrypting binary files. StegoMagic_TXT can be used to hide text messages in other files such as an image or a sound file. StegoMagic_BIN can be used to hide one binary file in another such as an executable file inside an image or an image inside a video file.

With Stego Magic, there is no limitation on the size and type of the file that you are intending to hide. For example, you can hide a video of size 1 GB in an image of size 1 MB or hide an executable file inside a WORD document. The tool is pretty straightforward to use and requires no special understanding of the concept.

At the end of the encryption process, a secret decryption key will be generated and the same is required during the decryption process.

How to Use Stego Magic?

Suppose you want to hide a text message inside a JPG file:

1. Place the JPG and the text file (.txt) in the same folder as that of StegoMagic_TXT.exe

2. Run StegoMagic_TXT.exe and follow the screen instructions to embed the text message inside the JPG image.

3. Note down the secret decryption key.

Now you can send this image to your friend via email. To decrypt the hidden message, your friend should load this JPG file onto the Stego Magic tool and use the secret decryption key.

I hope you enjoy this post . For queries and feedback, please pass your comments .

In fact, there are many ways to download videos from YouTube, but here in this post, I would like to share with you one of the easiest way to do that. This can be done as follows:

1. Download and install the latest version of Internet Download Manager.

Internet Download Manager is a great add-on for your web browser which increases the download speed by 5 times. It also helps you to pause/resume and schedule your downloads. It has got a great interface and is user friendly. It works with most of the browsers including IE, Firefox, Chrome, Safari and Opera.

2. After you complete the installation, just open your browser and start searching for your favorite video on YouTube. You will see the download button on top of the video using which you can download it instantly.

3. Click on the “Download this Video” button to save the video onto your computer. The downloaded video will be in the flash video format (.flv).

4. You can use VLC Player to play the downloaded video or use SUPER to convert it to your desired format.

By using this trick, you can download almost all the buffering content on the Internet including videos from MySpace and Google. I hope you like this small post. Don’t forget to pass your comments. Enjoy

Here in this post, I will show you how to hack your Symbian S60 3rd or 5th edition smartphone, so as to modify the phone’s firmware and completely bypass the mandatory signing requirement. So, once you are done with this one time hack, you should be able to install any compatible application including unsigned and those with an expired certificate.

What is the Need for Signing Applications?

From the 3rd edition onwards, all the Symbian S60 applications need to be signed in order to ensure their integrity, so that it would not be possible for a third party to tamper with the application. Also, signing ensures that you always install applications from a trusted source.

However, there are many freeware and beta applications that come unsigned as the developers cannot afford to buy a symbian certificate. Hence, it can be a real nightmare for the users who need to install such applications on their phones. So, here is a step-by-step procedure to hack your phone and permanently disable this security feature.

1. Download HelloOX2 V2.03 or the latest version from the HelloOX2 Ofiicial Website.

HelloOX2 is an excellent tool to hack Symbian S60 3rd, 5th and Symbian^3 smartphones which makes it possible to install a root certificate by gaining full access to the phone’s system files. With this capability, you can install anything you want on your phones without the need to worry about the annoying certificate error!

2. The signed version of HelloOX2 demands for a donation and hence, only the unsigned version is available for free download. So, if you have the unsigned version, you need to sign it before installing on your phone. In order to sign any application, you need to have the certificate and the key file which can be obtained as follows:

• Go to the OPDA Website, get registered and login to your account.
• Click on the “Apply Certificate” tab, enter the model number and the IMEI of your phone and then click on “Submit and Upload” button.
• It will usually take up 24 hours for your certificate and key file to be generated and uploaded. To check the status of your certificate click on “My Certificate” tab. If the certificate is ready for the download you will see something as follows:

• Download the certificate and the key file on to your computer. Also download the SisSigner tool to sign your HelloOX2 application.
• Open the SisSigner, load the HelloOX2.sis, certificate and the key file as shown below and click on “Sign”. Leave the “Key File Password” field blank.

• Your HelloOX2 application is now signed and ready for the installation.

3. Install the signed HelloOX2 application on your phone and run it to start the hacking process, which is completely automatic. Within a minute your phone will be hacked. Once this is done, say goodbye to the annoying certificate error and install any application.

I hope you like this post. Express your opinion through comments. Enjoy!!!

With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various phishing techniques and stay away from it.

Identifying a Phishing Scam

1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

• You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.
• In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.

3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:

• papyal.com
• paypal.org
• verify-paypal.com
• xyz.com/paypal/verify-account/

Tips to Avoid Being a Victim of Phishing

1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

In most cases, unlike a legitimate website, a phishing website or a spoofed webpage will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double-check the security features of the webpage before entering any of your personal information.

4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

5. Report a “phishing attack” or “spoofed emails” to the following groups so as to stop such attacks from spreading all over the Internet:

You can directly send an email to spam@uce.gov or reportphishing@antiphishing.org reporting an attack. You can also notify the Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov.

Creating the Customized Run Command

Let me take up an example of how to create a customized run command for opening the Internet explorer. Once you create this command, you should be able to open the Internet explorer just by typing “ie” (without quotes) in the Run dialog box. Here is how you can do that.

1. Right click on your Desktop and select New -> Shortcut.

2. You will see a “Create Shortcut” Dialog box as shown below

3. Click on “Browse”, navigate to: Program Files -> Internet Explorer from your Root drive (usually C:\) and select “iexplore” as shown in the above figure and click on “OK”.

4. Now click on “Next” and type any name for your shortcut. You can choose any name as per your choice; this will be your customized “Run command”. In this case I name my shortcut as “ie”. Click on “Finish”.

5. You will see a shortcut named “ie” on your desktop. All you need to do is just copy this shortcut and paste it in your Windows folder (usually “C:/Windows”). Once you have copied the shortcut onto your Windows folder, you can delete the one on your Desktop.

6. That’s it! From now on, just open the Run dialog box, type ie and hit Enter to open the Internet Explorer.

In this way you can create customized Run commands for any program of your choice. Say “ff” for Firefox, “ym” for Yahoo messenger, “wmp” for Windows media player and so on.

To do this, when you click on “Browse” in the Step-3, just select the target program’s main executable (.exe) file which will usually be located in the C:\Program Files folder. Give a simple and short name for this shortcut as per your choice and copy the shortcut file onto the Windows folder as usual. Now just type this short name in the Run dialog box to open the program.

I hope you like this post! Pass your comments.

Even though it is not possible to trace the number back to the caller, it is possible to trace it to the location of the caller and also find the network operator. Just have a look at this page on tracing Indian mobile numbers from Wikipedia. Using the information provided on this page, it is possible to certainly trace any mobile number from India and find out the location (state/city) and network operator (mobile operator) of the caller. All you need for this is only the first 4-digit of the mobile number. In this Wiki page you will find all the mobile number series listed in a nice tabular column where they are categorized based on mobile operator and the zone (state/city). This Wiki page is updated regularly so as to provide up-to-date information on newly added mobile number series and operators. I have used this page many a time and have never been disappointed.

If you would like to use a simpler interface where in you can just enter the target mobile number and trace the desired details, you can try this link from Numbering Plans. Using this link, you can trace any number in the world.

By using the information in this article, you can only know “where” the call is from and not “who” the caller is. Only the mobile operator is able to tell you ”who” the caller is. So if you’re in an emergency and need to find out the actual person behind the call, I would recommend that you file a complaint and take the help of police. I hope this information has helped you!

Use a Good Antivirus

This is the first and basic step that you need to take in order to protect your computer from keyloggers. Use a Good antivirus such as Kaspersky, Norton or Mcafee and update it regularly.

Use a Good Antispyware

Since keyloggers are basically spywares, if you are a frequent user of Internet then you could be exposed to thousands of keyloggers and spywares. So you should use a good antispyware such as NoAdware.

Antilogger can be Handy

Antiloggers are programs that detect the presence of keyloggers on a given computer. Over past few years, I have tested a lot of anti-logging programs and have found Zemana Antilogger as the best antilogger.

Zemana

Normally a keylogger can be easily detected by a Good Antivirus program, but hackers use some methods such as hexing, binding, crypting and similar techniques to make it harder to be detected by antivirus programs. In this case Zemana Antilogger comes handy as the program is specially developed to protect your system against harmful keyloggers.

Online Scanning

When ever you receive a suspicious file, you scan it with online scanners such as Multi engine antivirus scanner which scans your file with 24 antivirus engines and reports it back to you if the file is recognized as a virus or spyware. This ensures that none of the malicious programs can escape from being detected as there are 24 different antivirus engines are involved in the scanning process.

Sandboxie

Sandboxie is another great program to help you protect your computer against harmful keyloggers and spywares. Sandboxie runs your computer in an isolated space which prevents your program from making permanent changes to other programs in your computer.

When ever you receive a file that looks suspicious, just run the program with Sandboxie so even if it is a keylogger or any other virus it will not make permanent changes to your computer system.

To run a program in Sandboxie follow the steps as mentioned below:

1. Open sandboxie and click on sandbox menu on the top

2. Now goto Default sandbox

3. Then click on run any program

4. Now select the file you wish to run in sandboxie and click open

Keyscrambler

Keyscrambler is one of the best protection against keyloggers that you can have, Keyscrambler is a small program which encrypts your typed keystrokes so even if the victim has installed a keylogger on your system, he or she will get encrypted keys. Keyscrambler currently supports Firefox, Internet explorer and other applications, however its premium version supports more than 160 applications.

Hope you liked my post! Pass the comments.

Hibernation is a power saving option which was designed primarily for laptops. Unlike “sleep mode” which puts the open documents and files into the memory, hibernation puts all the open files and documents on to the hard disk and shuts down the computer without drawing even a small amount of power. Thus hibernation becomes an excellent way to save power and resume Windows back to the state where it was left off. If you really want to use this feature on Windows 7 then you need to enable this option. This can be done as follows.

1. Open the Command Prompt with “Administrator rights”. To do so, type cmd in Start menu and then hit Ctrl+Shift+Enter.

2. Now type the following command in the command prompt and hit Enter.

3. Type exit and hit Enter to close the Command Prompt. Now you should see the “Hibernate” option in the Start menu. If not then perform the following steps.

A. Type Power Options in the Start menu and hit Enter.

B. In the left pane, open the link labeled “Change when the computer sleeps” and then open the link “Change advanced power settings”.

Now a small window will pop-up as shown below:

C. Now expand the Sleep tree and turn off Allow Hybrid Sleep as shown in the above screenshot.

D. Now you should see the Hibernate option in the Start menu.