Privacy mode helps secure Android smartphones

ScienceDaily (13 month 2011) researchers at the University of North Carolina have developed software that helps prevent their personal information stolen by hackers smartphone Android.

"There are lots of concerns potential leaks of personal information from smartphones," says Dr. Xuxian Jiang, an Assistant Professor of computer science at NC State and co-author of paper describing the research. "We have developed software that creates a privacy mode for Android, give users a flexible control over what personal information is available for various applications." software application called privacy Smartphone steal information and Taming (TISSA).

TISSA works by creating a private Administrator setting that allows users to customize the level of information ????? access to all Smartphone application. These settings can be changed whenever the relevant applications that have been executed – not only when the applications are not installed.

The prototype of TISSA has four possible privacy settings for each application. These settings are trusted, Anonymized, Bogus, empty. If an application is trusted, TISSA does not impose restrictions on access to additional information. If the user chooses Anonymized, TISSA provides the application with a built-in information that allows the application to run, without providing access to detailed personal information. Artificial setting provides an application with fake results asking for personal information. An empty setting responds to requests of information by saying relevant information does not exist or is not available.

Jiang said it was easy to integrate TISSA change more settings to allow more fine-grained control of access to personal information. "These settings may be even more specialized for different types of information, such as a list of your contacts or position," said Jiang. "Settings can also be specialized for different applications."

For example, a user can install a weather application that requires location data to provide the user with the local weather forecast. Instead of telling the application exactly where is the user, can be programmed to TISSA was a built-in application data — such as random location within a 10-mile section of the user. This will allow an application to provide weather information, local weather, but will ensure that the application could not be used to track the movements of the user.

Researchers are now exploring how to make the software available for Android users. "Relatively minor software change," Jiang said, "and it can combine with the over-the-air update."

The paper, "Taming information-stealing applications Smartphone (bandroaid), was a surgeon by Jiang; Yajin Zhou 's, ph d student. On the NC State; Dr. Vincent Freeh, a Professor of computer science at NC State; And Dr. Zhang's Research Center, Xinwen of Huawei America. The paper will be presented at the Fourth International Conference, trusted computing, in Pittsburgh, finances and research supported by the National Science Foundation, NC State secure open systems initiative, which receives funding from the research of the United States Army.

Email or share this story:

---

The source of the story:

The above story is published (with writers adaptations by a teamdaily science) materials provided by University of North Carolina.

---

Note: If no source is cited, instead.

Disclaimer: hdioth in this article do not necessarily reflect those of his team or ScienceDaily.

Math for faster, more secure

ScienceDaily (7 month 2011) faster, more secure multimedia sites hit by the new approach may be possible to secure a Web site and database. Boolean inputs allow thousands if not millions of users faster access to content which they are entitled, such as music, video, and pictures. The same process may reduce the risk of hackers accessing material illicitly.

Classic user identification requires remote user send a user name and password to the system they want to be authenticated. The system searches for a user name in its database that is stored locally, and then if the password matches the password stored in the filed, access is granted. Method to identify works under the assumption that there are no malicious users that their local consoles not infected by viruses.

Increasingly, however, these assumptions are too innocent. Assumption that not all users who have good intentions. Technology makes it easy to continuously capture transactions pipelines. User names and passwords so you can achieve easily by malicious third parties (other users or viruses), can be used for illegal hit systems.

Currently, the University education of Nikolaos Bardis, Vari, Greece and colleagues there and the Federal Institute of Kiev, Ukraine, developed an innovative approach to the hits, which implements some of the concept of zero identifies the advanced knowledge. The system is based on a series of relatively simple mathematical operations, referred to as Boolean operators, one way to make sure that log on to the encryption and decryption calculations-the standard in use today. The team explains that the pilot shows that their approach to sign can be hundreds or thousands of times faster than conventional logins. More importantly, the system will reduce the overall computing requirements of the supply side, as well as performing system much more secure logins.

"The effectiveness of information security algorithms is defined based on two factors: the level of security and the amount of computational resources required for the implementation of security functions," last sheet and colleagues explain Bardis of International Journal of multimedia intelligence and security.

Hnormatibim that all of the information security algorithm is a mathematical problem analytically fibrin, which you can define a function applied to the "x" to "y"; Y = F (X). The function may be so made this impossible reversal, like trying to unmix draws different colored pot. Asymmetric encryption algorithms (public key encryption algorithms) use this approach hit a Web browser and access to common systems for different types of database. This type of entry requires a lot of powerful computational inherently slow. Boolean function pointer team can be as simple as sophisticated, but requires a fraction of the computational power, and can be much, much faster.

Reset user authentication schemes in order to provide the user with a special function that produces a large number of results are different for each possible input. A group of input items that produce that result is selected. These hits are the passwords of users. A new user registers by sending their system and the common result. Validates the user for normal operation with a password at once. The user provides the password at the beginning of each meeting. The system calculates the value with this password serves as input to the function. If this is the common result, then successfully authenticate, access is granted. In fact, be someone who is trying to gain access without the knowledge necessary (invalid user) password to possible combinations, all before it.

Typically, functions used in recruiting large numbers of large forces and large numbers to find the remainder. These are the creations of standard computer systems processors run very slow, to impose a significant burden on even larger information systems with a large number of users. The proposed scheme uses linear systems of equations, not to build the Boolean function. Boolean equations to process binary data, using a simple binary operations between bits. This is exclusive OR (XOR). Calculations are thus much simpler for the simple reason that it is much easier to calculate expression logic than to increase the number of 100 digit to 10 digit, and then divide the result in large numbers. The series of replacements for the registration and verification is the same as before. However common they hit and binary vector.

"Zero knowledge of the user ID and security password Troubleshooter by using the change for each operating system, it is not known beforehand. The system only check validity, "team member DOUKAS Nikolaos explains. "The proposed method has the potential to use each system where malicious users have incentives to get illegal access and perform actions that they are not entitled to. The number of such systems is growing rapidly as the achievements of the information, "concludes.

Email or share this story:

---

The source of the story:

The above story is published (with writers adaptations by a teamdaily science) materials supplied Inderscienceby, via AlphaGalileo.

---

A journal:

1. Nikolaos Bardis, Nikolaos DOUKAS, Oleksandr p. Markovskyi. Quick subscription ID is based on the principle of zero knowledge for distributing multimedia content. International Journal of multimedia intelligence and security, 2010; 1 (4): DOI: 10.1504/IJMIS 363.2010.039237

Note: If no source is cited, instead.

Disclaimer: hdioth in this article do not necessarily reflect those of his team or ScienceDaily.

How to Write-Protect Your USB Flash Drive

Many a time, it becomes required forus to write protectourUSB peep expostulate so as to protect it from viruses as well as alternative malware programs.Because peep drives have been so popular as well as most widely used to pierce interpretation in between computers, they have been a budding aim for attackers as a means to get infections spread around a computer world.Also, given USB driveis not aRead-Only Memory (ROM),the interpretation insideit can easily be modified or deleted by malware programs.

But unfortunately, most of a brand new peep drives do not come with awrite-protect underline as themanufacturers instruct to cut down a price of production. Hence, a usually approach to write-protect your USB peep drives is to capacitate this underline upon your own computer.

This can bedone by adding a small entry to theWindows registry that acts as a switchthat can be enabled to have use of a write protection or disabled to allow write access. Just follow these steps:

1. Open a Registry Editor (Open a Run dialog box, type regedit as well as hit Enter).

2.Navigate to a following Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\

3. Create a New Key named as StorageDevicePolicies. To do this right-click upon Control, as well as click upon New->Key as well as name it asStorageDevicePolicies.

4. Now right-click onStorageDevicePolicies and create a New->DWORD (32-bit) Value as well as name it as WriteProtect.

5. Double-click upon WriteProtect as well as set a Value data to 1.

Now a right-protection for USB drivesis enabled upon your computer (no restart required)and thus it would not be possible for any one or any program to add/delete a essence from your USB peep drive. Any try to duplicate or download a files onto a USB expostulate will result in a following blunder message being displayed.

To revert as well as remove a write-protection, all we need to do is only shift a Value data for WriteProtect (Step-5) from 1 back to 0. Now write entrance to all a USB inclination is re-enabled.

Sometimes itmay seem formidable to remember as well as follow a above mentioned stairs any time we want toenable/disable a write protection. Hence as an alternative way, there have been most tools available to automatically enable/disable a write-protection feature. One of my a one preferred apparatus is USB Write Protectby Naresh Manadhar. Using this apparatus we can extent write entrance to your USB drives with only a click of a button. You can download this apparatus from a following link:

Popularity: 8% [?]

Visitors who read this post, also read:

How to Protect Your Computer from Keyloggers

How to Change a Logon Screen Background in Windows 7

How to Alter Windows Product ID

By using/following this site we determine to the Legal Disclaimer