Roboscan Inc. Sponsored Junior Porsche Driver, Connor De Phillippi, Wins Rookie of the Year

Roboscan Inc. has been sponsoring Connor De Phillippi, junior Porsche driver, this past year. The Roboscan Internet Security Prosche GT3 was named after none other than our product!  (Check out connordephillippi.com to learn more about Connor, how he got to be a junior Porsche Driver, and his season)

We are proud to announce that after a very eventful season, Connor won the Rookie of the Year Championship in the Porsche Carrera Cup Deutschland!
As the only driver to complete every race in the series, except for the last race in Hockenheim due to unforeseen circumstances, Connor was rewarded for his consistence, persistence, and diligence.

Roboscan Internet Security Porsche GT3

Roboscan Internet Security Porsche GT3

The official announcement for Rookie of the Year can be found here:
Connor De Phillippi Captures the 2013 Porsche Carrera Cup Deutschland Rookie of the Year Championship

The results of  the Porsche Carrera Cup Deutschland this season are also available here:
2013 Porsche Carrera Cup Deutschland Results

 

Roboscan is certified for the firewall and the high detection rate

certificate

Roboscan is certified by Virus Bulliten, ICSA Labs and OPSWAT

You might knew that Roboscan has received the VB100 award by independent testing organization, Virus Bulletin. But do you know that Roboscan is also certified by ICSA and OPSWAT?

Roboscan has been proud of our multi-layer protection with dual engines and our minimum CPU usage for optimizing your PC performance. Virus bulletin also commended us for the fast scanning speeds and high detection rate.

Roboscan enterprise is certified by ICSA Labs for the ability to protect the cyber security of individual desktops, laptops and servers of residential users as well as organizations.

OPSWAT certification verifies current antivirus applications on the market. Both Roboscan Internet Security Free and Pro version are certified to be interoperable with numerous leading networks and technology partners. We have received Silver Certified for our firewall; Bronze Certified for the Antivirus category, and Bronze Certified as an Antispyware.

Check out more information from the Awards and Certifications page on our website!

Major Vulnerability for iOS with Mailbox.app

Mailbox.app is an email application for iOS devices that was recently acquired by Dropbox less than a month after it launched.

According to this blog post by Miki Spag, Mailbox.app will execute any Javascript included in the body of an email. Spag writes that this vulnerability “allows advanced spam techniques, tracking of user actions, hijacking the user by just opening an email, and, using an exploiting framework, potentially much worse things.”

In the video below, Spag demonstrates how simple it is to execute Javascript code from within the app.

Currently Mailbox is only available for iOS and only works with Gmail, but it works to achieve “Zero Inbox.”

Until Mailbox developers are able to patch this substantial exploit, Roboscan recommends iOS users default to the native Mail app or to Gmail’s iOS app.

iPhone5S TouchID – Hacked

The generous slew of pledged rewards go to Starbug of the Chaos Computer Club  from Germany.

Starbug of CCC Hacks iPhone5S Touch ID

Starbug of CCC Hacks iPhone5S Touch ID

A few days before Apple released the iPhone5S, security researchers Nick Depetrillo, Robert David Graham, et al. challenged other security researchers and hackers to hack Apple’s new security measure, Touch ID, a fingerprint sensor (here’s a link to that blog post if you want to read the details). The announcement was made on Twitter, with a guide line, and the rewards were pledged by various techies all over the world on a website.

The contest started when Apple released the iPhone 5S on September 20th. The hackers say the sensor for the Touch ID is identical to any other sensor. Bypassing the system can be done very easily with everyday tools. All you need is a camera, a laser printer, and some wood glue.

1. Enroll a fingerprint

2. Photograph the enrolled user’s fingerprint with 2400 dpi resolution

3. Clean up the image, invert, print the fingerprint on a transparent sheet with a thick toner setting, with 1200 dpi resolution

4. Smear woodglue over the print on the transparent sheet. Wait until the woodglue cures.

5. Lift the woodglue print carefully, breathe onto it to add moisture (just enough to replicate moisture on a human body)

6. Place print on the sensor and unlock the enrolled user’s iPhone 5S

Roboscan offers our congratulations to Starbug for successfully hacking Apple’s security method without cutting off any limbs or taking advantage of the user. How do you think this information will influence the future of security measure development?

Related Reading: http://gizmodo.com/hackers-iphone-5s-fingerprint-security-is-not-secure-1367817697

iPhone 5S Feature becomes New Target for Hackers

A couple days ago, Apple released information about the upcoming release of the iPhone5S. Of the updates implemented to the newest version, the embedded fingerprint sensor feature called “Touch ID” has grabbed the attention of people all over the world; including that of hackers.

Security researchers Nick Depetrillo, Robert David Graham, Dam Kaminsky and others, were talking about the safety of the fingerprint sensor on Twitter when Mr. Depetrillo decided to post a challenge.

Nick Depetrillo announces hack challenge on Twitter

Nick Depetrillo announces hack challenge on Twitter

Soon after, istouchidhackedyet.com was created. More security researchers and hackers pitched in, offering more incentives. The grand prize for the first person to “enroll print, place it, lift it, reproduce it, use the reproduction to unlock the phone without being locked. Video”, the basic conditions dictated by Depetrillo’s tweet,  is now over $13,000, a couple bottles of wine and hard liquor, and even books.

With the iPhone 5S due to launch this Friday, the competition hasn’t begun yet. But once hackers get their hands on the iPhone 5S, who knows what the coming weekend will bring?

Related reading: Hackers Set Sights on iPhone 5S Fingerprint Scanner

 

Microsoft Releases IE Fix for Browser Attack Prevention

Yesterday, Microsoft released a preventative fix for Internet Explorer. Hackers discovered a zero day exploit. Without releasing further information on the newly discovered vulnerability, Microsoft has urged its users to install the aptly dubbed “Fix It” as soon as possible, or stop using Internet Explorer entirely until they are able to release a browser update.

Hackers are likely working on reverse-engineering the Fix It, so it’s only a temporary solution to the exploit.

This exploit appeared at a time when Internet Explorer has shown an increase in market share.

Net Applications' August 2013 browser data for personal computers shows a Chrome decline.

(Credit: Net Applications)

Internet Explorer currently accounts for 56.61 percent of desktop browsers.

Microsoft plans to release Internet Explorer 11 in October. The release preview for Windows 7 will be available later this week.

Facebook offered $12,500 to security researcher for finding critical photo bug.

An Indian security researcher, Arul Kumar recently discovers a security flaw on Facebook that allows hackers to delete any photo from a user’s account without his/her knowledge or permission via mobile devices. The bug is now fixed and Facebook reward Kumar with $12,500 for finding this critical vulnerability.

Facebook photo bug allows hackers to delete other's photo without permission.

Facebook photo bug allows hackers to delete other’s photo without permission.

In Kumar’s blog, he reveals a way to remove photos from another user’s account without knowing the victim’s login information. Normally, user can request Facebook to remove a photo. If Facebook doesn’t remove it, the user can then appeal to the user who uploaded the photo to request taking it down. He/She will then receive a link with a one-click button to delete the image.

So where is the problem?

According to Kumar, the breach resides in the Support Dashboard on Facebook’s mobile domain. Kumar created two real Facebook IDs and logged in both account at the same time. On one end, he called it the “sender”; while the other called the “receiver.” He reported a photo as the “sender,” in the URL he inserted the photo ID value (a.k.a “cid” parameter) that he would like to remove, and the profile ID value (a.k.a “rid” parameter) of the person that the report supposed to go to (the “sender,” which in this case is also controlled by Kumar).

On Kumar’s blog, he described how to delete other user’s photo with him/her knowledge.

Microsoft is not the only tech giant who encourages hackers to resolve any vulnerability with bounty rewards. Facebook’s White Hat Program offers financial reward to experts who can locate any bug of their site. The minimum reward is $500, while there is no ceiling for the prize amount. It all depends on the severity of the bug.

However, as a reminder, Facebook strongly forbids researchers from testing their exploits on any real accounts. Couple weeks ago, an IT expert, Khalil Shreateh hacked Mark Zuckerberg’s timeline to prove his finding of a bug. As a result, he was disqualified to claim the reward. However, in Kumar’s case, he never actually tested on Mark’s account. The delete button has never been clicked.

Shadow IT, Good or Bad?

Is Shadow IT Good or Bad?

Is Shadow IT Good or Bad?

Some of you might or might not have heard of the term “Shadow IT.” It means the technology that is not formally supported or built by the company . They are not a part of the core IT solution or mobile devices of the company.

Bring your own device (BYOD) policy becomes more common in the working environment, especially in start-up business.  However, there are pros and cons.

On the bright side…

Shadow IT can be an important source of innovation of an organization. Some technology may then become an official approved solution for the company. Meanwhile, if employees were allowed to bring their personal mobile devices to work, it might actually help the efficiency of internal information and data exchange. Employees can backup files, make a copy in their personal devices or upload to the cloud then access to the documents later, anytime, anywhere, which highly increases the efficiency of the organization function.

On the flip-side…

Risk management becomes more difficult. BYOD indeed increases the convenience for employees and is beneficial to the company in some way; however, the risk of confidential document outflow comes after.

Some applications or devices outside of company approval may not have strong security support. Meanwhile, it gives company a hard time to to keep track of the company data.

Some organizations make their file available in read-only so that employees can only make copies of the document but not make changes to it. However, employees may be frustrated by the restriction on the devices or limited authorization of data; as a result. efficiency of work decreases.

At the end, is Shadow IT or BYOD good or bed? There is no absolute right answer to this question. It is affirmed that BYOD has a positive influence to the growth of a company; nevertheless, a thorough plan for the risk management is a must.

If you own a company or an organization, will you give the green light to BYOD policy?

How to do Regular Check Ups on your Computer 1

Babies require vaccinations in order to normally fuse with society. Often times, these precautionary methods are not enough and we get sick. To ensure health, it is recommended people get regular check ups by a doctor. Computer operating systems also require an antivirus software of some sort in order to operate normally. Perhaps not as often, but these efforts are not enough and unwanted programs are installed without our knowledge. Unlike people, it is not easy to get your computer regularly checked by a professional for hidden malware. However, it is easy to do regular check ups on your computer yourself.

No longer is it necessary for you to have a degree in Computer Science or be a tech genius to give your computer a regular checkup. With the help of the internet, a little patience and time, you will be surprised by what you are capable of.

Here’s how I do my regular check ups:

1. Open the “Control Panel”

2. Open “Programs”

3. Open “Programs and Features”

This will allow you to see most of the programs that are installed on your computer.

4. Go through the list and make a note of any programs you do not recognize. Most program names are self-explanatory but there will be names that you do not recognize nor contain the purpose of the program (whether it’s a download assistant or toolbar). I usually write them down on a piece of paper but that’s up to you.

5. Utilize your internet access. I usually go online and type the name of the program as accurately as possible. Sometimes the version numbers or certain details will not give you the desired results. When these occasions arise,  leave out the details and try the first 3~4 words. If that does not give me enough information, I type “reviews” after the name of the program. This usually gives me a better idea of what the program really is, not just what the program’s creators want me to believe.

6. Determine whether the program you are searching is absolutely necessary to your computer. Some programs may no longer be necessary, some programs may not be needed for the near future. Just keep in mind unnecessary programs are taking up that much of your computer’s memory right now.

7. Upon determining a program is unnecessary, click on the program from the “Programs and Feature” list and uninstall or delete.

The last time I did a regular check up on my laptop, I found 3 spyware programs and an add-on I had no idea when or how they were installed. What did your check up reveal?

Do you know all the programs installed on your computer?

Do you know all the programs installed on your computer?

Outdated Windows OS has higher risk of being infected by malware

Microsoft Windows OS

Microsoft Windows OS

 

Which version of Microsoft Windows OS are you using? Windows 2000? or Windows XP? We suggest you to update your Windows OS to a more recent version to lower the chance of being infected by malware.

A study generated by BitDefener, (one of Roboscan’s internet security engine) reveals that 9.28 percent of the scanned systems that run Windows 2000 are still infected by malware despite internet security software.

Windows XP still has a massive followers although it is claimed to be retired by April 8, 2014, while the study shows that XP has the highest infection rate of 12.87 percent after scanning.

Computers that run Windows 7 was detected to have a 11.74 percent infection rate after running security solution. However, only 4.59 percent of the devices who runs the latest Microsoft OS, Windows 8 were infected.

OS version vs. infection rate

OS version vs. infection rate

We can see a direct relationship between how old the OS you’re using and the chances of being infected by malware. Apparently, the older the version of your Windows OS you are using, the more likely you will be  the target.

Up till today, according to OPSWAT, “Windows 7 leads the pack in the operating system market (53.8% of all Windows versions), followed by Windows XP (36.2%) and Windows Vista (8.1%).” If you are that 36.2%, we suggest you to update your OS to protect your cyber security.

Windows OS user deployment

Windows OS user deployment

Last but not the least, if you’re a Roboscan user, in addition to upgrade your Windows OS, don’t forget to keep your Roboscan Internet Security up-to-date for the best protection to your PC!