Category Archives: Applications

Articles related to a useful application.

Inside the Bluebox Android Master Key Vulnerability

Posted on by

The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

“It all comes down to where you get your applications from,” Forristal said.

That means if a user gets their applications from trusted sources like Google Play, the risk of the master key exploit is not high, even if the given device has not been updated with the latest patched Android code. Forristal noted that he has seen reports that he has not been able to independently verify, that indicate Google is already scanning apps in the Play store to mitigate risk.

via Inside the Bluebox Android Master Key Vulnerability – eSecurity Planet.

From:  First Malicious Apps Targeting Android ‘Master Key Vulnerability’ Found in the Wild

Bluebox Security has released a free app designed to help Android users check if their device has been patched for the master key vulnerability.

Review: Facebook Home

Posted on by

It’s not simply the case that ­Zuckerberg is sneaky in his promotion of sharing and creepy in his ambivalence about privacy. Rather, he is a true believer. Privacy lowers the value of the social graph. If one sincerely believes in the merits of the graph, then one should be suspicious of privacy, because privacy is selfish.

via Review: Facebook Home | MIT Technology Review.

TreeSheets

Posted on by

It’s like a spreadsheet, immediately familiar, but much more suitable for complex data because it’s hierarchical.

It’s like a mind mapper, but more organized and compact.

It’s like an outliner, but in more than one dimension.

It’s like a text editor, but with structure.

Have a quick look at what the application looks like on the screenshots page, see how easy it is to use in the tutorial (out of date, the live in-app tutorial works much better!), then give it a download (above).

via TreeSheets.

How to Retreive Expired Snapchat Photos

Posted on by

Snapchat moves “upward of 150 million photos through the service on a daily basis.” Compared to Facebook’s Instagram, which moves 40 million photos a day, that is a lot of photos moved for such a new company. The app differs in the fact that images and videos are ephemeral rather than permanent, something that is attractive to teens and young adults.

via Snapchat – 4-30-13.

I suspected the ephemeral nature of Snapchat was a mirage but surprised at how simple they made it.  It is impossible to do what Snapchat claims because a simple screen grabbing app on the receiving end could also capture any photo or chat blurb before expiration.  I am surprised at how large Snapchat has become.  Here’s a pertinent blurb as to where the expired image files are stored.  The original article gets into more detail.

Each of the images within the received_image_snaps folder had a .nomedia extension appended to the end of the file name. For example, the name of the file figure 3 is “h1a81hurcs00h1365528700423.jpg.nomedia”. This was likely done to prevent the images stored within this directory from being placed in the gallery or from being scanned by the media store. AccessData’s Forensic Toolkit recognized the .nomedia extension that was appended to the end of the file name and ignored it, displaying the images.

Rambler Takes Home The Disrupt NY 2013 Hackathon Grand Prize, Learn To Drive And Radical Are Runners Up

Posted on by

Rambler, created by William Hockey, Zach Perret and Michael Kelly, is a web app that lets users view their credit and debit card transactions on a map. During the dev process, the team tapped the Foursquare API for locations and the Plaid API to access user spending data.

via Rambler Takes Home The Disrupt NY 2013 Hackathon Grand Prize, Learn To Drive And Radical Are Runners Up | TechCrunch.

This is an interesting science project.  The security implications however would cause me to steer clear of this app entirely.  I don’t understand what benefit anyone would gain from using this app and this is the grand prize winner.

Here’s another one

After 24 hours of hard work at the Disrupt NY Hackathon, Michael Kolodny, Jingen Lin and Ricardo Falletti demoed us HangoutLater, a nifty hack built on top of the Foursquare API. When you check in and a friend is close to you, it will ask you if you want to hang out later. Then, it will automatically find you a central location to meet.

If they’re that close to you why not just talk to them the old fashioned way?  And my favorite:

A project at our Disrupt Hackathon called “Bar Power” is an app that will remind you to “not be a douchebag.” It’s somewhat of a game, walking you through nice things to do when you enter a bar. For example, the app will suggest that you say “hi” to the bartender and introduce yourself. If you do it and mark it down in the app, you get some karma points.

Perhaps they should consider a little less coding/hacking and a little more focus on requirements.  My favorite comment about the above app:

BREAKING: Yahoo just acquired it for $300 million.

After Snapchat, Disappearing Messages are Everywhere

Posted on by

Disappearing messages could prove popular beyond social sharing, and could also be profitable, if businesses can be persuaded to pay for the services. Another company, Gryphn, which released a free Android app in February (an iPhone version is coming out shortly), is seeing a lot of interest from paying enterprise users—including hospitals, a police department, and a financial institution.

via After Snapchat, Disappearing Messages are Everywhere | MIT Technology Review.

How long before we have an app that stores these “disappearing” messages at the receiving end?

Foursquare’s API Is A Pillar Of The Mobile App Ecosystem

Posted on by

Pick up your smartphone. Search through some of your favorite apps. Do you have Uber? Maybe Foodspotting? Surely you have Instagram. These apps, as well as a significant amount of the most popular apps in Apple’s App Store and Google Play, use Foursquare location data. For developers who have user actions or content tied to Foursquare venue IDs it would be difficult (if not impossible in some cases) to migrate their services off the Foursquare location database.

via Foursquare’s API Is A Pillar Of The Mobile App Ecosystem | TechCrunch.

Android Trojan Found in Targeted Attack

Posted on by

After the installation, an application named “Conference” appears on the desktop

via Android Trojan Found in Targeted Attack – Securelist.

Some sort of malware for android is in the wild.  Theoretically any app one loads on any computer can be malicious.  This was spread via email but the next line highlights something:

If the victim launches this app, he will see text which “enlightens” the information about the upcoming event:

Note the highlighted text.  If you don’t want to become a victim don’t launch applications unless you know why they are there.  Here is the extent of damage to this piece of malware:

While the victim reads this fake message, the malware secretly reports the infection to a command-and-control server. After that, it begins to harvest information stored on the device. The stolen data includes:

  • Contacts (stored both on the phone and the SIM card).
  • Call logs.
  • SMS messages.
  • Geo-location.
  • Phone data (phone number, OS version, phone model, SDK version).

A lot of legitimate applications transmit this information back to home base.  I don’t see this piece of malware being that big of a deal.  Rule of thumb:  Don’t install any .apk files from untrusted sources — like random emails.  If you do happen to install a malicious application, don’t open any app unless you know what it is and why it is there.

OpenShot Video Editor

Posted on by

OpenShot Video Editor is a free, open-source video editor for Linux. OpenShot can take your videos, photos, and music files and help you create the film you have always dreamed of. Easily add sub-titles, transitions, and effects, and then export your film to DVD, YouTube, Vimeo, Xbox 360, and many other common formats. Check out the full feature list, view screenshots, or watch videos of OpenShot in action!

via OpenShot Video Editor | About Us.

This installs with the rpm fusion distribution so it was simply `yum install openshot` on Fedora 14.   After running the editor it does seem useful and the GUI is intuitive.   When I have to edit another video I’ll compare it to Avidemux.  It doesn’t run on Windows however.

SDN’s Killer App: More Network Control

Posted on by

When I pressed him for a real-life application that could be the result of the simpler networks that SDN promises, he didn’t disappoint. “You know how you have network neutrality now,” he asked. “What if the customer could flip it around and tell the service provider: ‘I’d like to give preference in my home network to Netflix.'”

via Light Reading – SDN’s Killer App: More Network Control.

What if the customer enforced that preference on their firewall?  They wouldn’t necessarily need this feature from their service provider.