Top 10 reasons to root your Android mobile phone or tablet

Some of you may have heard of it in whispered tones : "you can do this (or that) if you would only ROOT your phone". You might wonder what is this "root" thing and what it might do for you ...

How to root the Samsung Galaxy Tab 7.7 GT-P6800

The steps below show how to root the Samsung Galaxy Tab 7.7 GT-P6800. Note that this guide is for the 3G+Wifi version only. Be sure you know what you are doing ...

Singtel 3G APN settings for Samsung Galaxy Tab 7.7

One of the first things that I did upon getting my Samsung Galaxy Tab 7.7 was to ensure that the Singtel 3G APN settings are correct. I've read that you can configure it with slightly more optimized settings as follows ...

Singapore : Telco authority IDA to mandate improved 3G mobile coverage standards, cap mobile roaming charges

IDA, the overall Singapore telco authority, has recently come up with a couple of mandates to try to resolve two of the most pressing issues faced by mobile phone users in Singapore.

Apple nets $46.33 billion revenue, Samsung gets $42 billion in Q4 2011

Tech earning season is in and we are looking at some incredible numbers out there. For Apple's Q4 2011 results, the official press release noted that the company "posted record quarterly revenue of $46.33 billion and record quarterly net profit of $13.06 billion".

Tuesday, July 28, 2015

How to secure against the Android MMS hack

Here's how to secure your Android smartphone against the latest threat, which reportedly consists of sending just one specially crafted MMS loaded with a malware payload. Until the actual firmware patch comes around (which could take a while), the workaround is to disable automatic MMS receiving right away.

The settings will differ by model and OS version, but here are the steps at least for the Samsung Galaxy S6, running on Android Lollipop 5.0.2 :

1. Open the Messages app and click on Settings :





2. Go to More Settings :



3. Select Multimedia Messages :



4. Disable Auto retrieve :


That's it. Oh, and if your Google Hangouts app is set to process SMS, that is another attack vector. Disable SMS processing in Hangouts as well.

Though MMS and SMS are baked into every phone's firmware, and even supported by newer apps like Hangouts, these old standards are getting more obsolete by the day. It's time to move to the 21st century and use messaging apps instead.

Sunday, April 26, 2015

Avengers : Age of Ultron end credits scene


SPOILERS FOLLOW.

Okay, you've been warned.

If you are going to wait the 10 minutes or so it seems for the Avengers : Age of Ultron end credits scene, then all you need to know right now is : don't bother. There is no end credits scene. There is only one line of text. And it says "The Avengers will return". Of course, we already know that, since we're going to see more action in Captain America : Civil War in 2016 and after that Avengers : Infinity War Part 1 in 2018 and then Part 2 in 2019.



On the other hand, the mid-credits scene is more interesting and worth staying about another minute or so for. There is Thanos (the guy whom we saw earlier in the rocket chair), putting on the Infinity Glove and saying "Fine, I'll do it myself". But the Infinity Glove is empty, so we know that he will be on the hunt for all 6 of the Infinity Stones to complete the collection, which will most likely be the topic of the Avengers : Infinity War movies.

Questions remain, however : wasn't the Infinity Glove supposed to be in Odin's own heavily-guarded Weapons Vault back in Asgard? But then, we've seen that it definitely could be breached. Or, like some others have discussed, perhaps Loki, posing as Odin himself, somehow gave it to him. Perhaps as part of a deal. Or a trick of some sort.

And there's the part about the Mind Stone being stuck in the Vision's head, how would Thanos get that one?

Well, we shall see, won't we?

Saturday, April 18, 2015

Samsung Galaxy S6 model codes


The Samsung Galaxy S6 model codes for Singapore are as follows :

SM-G920IZBAXSP
SM-G920IZBEXSP
SM-G920IZBFXSP
SM-G920IZDAXSP
SM-G920IZDEXSP
SM-G920IZDFXSP
SM-G920IZKAXSP
SM-G920IZKEXSP
SM-G920IZKFXSP
SM-G920IZWAXSP
SM-G920IZWEXSP
SM-G920IZWFXSP

Note that this is for the regular Galaxy S6, not the Galaxy S6 Edge.

The problem when trying to register the product warranty is that there is no hint of the correct model code on the receipt, or on the box, or in fact anywhere else. After trolling the forums and elsewhere on the net, as far as I can determine, the convention seems to be like this :

  • SM-G920I is the base model code, that is, the regular Galaxy S6.
  • Z, no idea what Z is
  • B, D K, or W would be the color code (B for Black, W for White, no idea about the rest, perhaps Gold and Blue)
  • A, E or F would be the memory size (A for 32GB, E for 64GB, F for 128GB)
  • XSP is the usual Samsung country code (XSP is for Singapore)
There is a huge list of Samsung country codes over at the XDA forum, you can look it up if you like.

So, for example, my regular Samsung Galaxy S6 64GB Black bought from M1 Singapore would then be SM-G920IZBEXSP, while the 32GB model would be SM-G920IZBAXSP.

Might update this when more information is available. Hope that helps.

Saturday, January 10, 2015

10 Ways to Secure Your Internal Network


We see this often. On the outside, you have these imposing fortress walls. Once inside, there are no further defences and everything is wide open to attack. The same applies to networks as well. Once you get past the big imposing firewall, everything on the internal network or intranet is wide open to further intrusion.

So here are 10 ways to secure your internal network. These measures range from the simple to the more draconian.

1. Harden existing machines. Update OS patches as they become available. Keep anti-virus signatures updated at a reasonably high frequency. Nowadays commercial AV vendors push updates to clients multiple times per day. Even the free ones update once per day and that might be good enough for many cases.

2. Reduce the attack surface and minimize exposure by closing unused ports and shutting down unnecessary services. Case in point is the Asus wifi router infosvr issue where a service that wasn't really needed turned out to be a big security vulnerability.

3. Secure remote access protocols. At a minimum, enable Network Level Authentication if you are using Remote Desktop to remotely access other Windows machines. Also, ensure that a minimum set of users is allowed to remotely access these machines. Whether for Windows, Linux or any other OS, remote login is a powerful function. Hand this out only when needed.

4. Ensure encryption is turned on for network traffic wherever possible. This applies equally for client-to-server traffic as well as server-to-server traffic (such as application server to database server).

5. Optionally, go beyond simple encryption by turning on IPSEC with two-way certificates to defeat sniffing, spoofing and other impersonation attacks. Certificate management could be a problem as you would probably need to own an entire PKI (Public Key Infrastructure) setup for this.

6. Setup an intrusion detection system (IDS) to monitor network traffic. This is a given but it is easier said than done, as IDS systems tend to either generate too many or too few warnings and alerts. Tuning an IDS can turn out to be an exactingly fine art in itself.

7. Conduct regular vulnerability assessments. Just about the same network penetration testing tools are available to both attackers and defenders and many of them are free and open-source, so this is definitely doable. It just takes effort and time - or if you have to outsource this, it will take money. Quite a bit of money.

8. If you have a wireless segment, you can follow these 11 guidelines to secure wireless networks. In particular, disable over-the-air management of wireless AP's, and enable the highest encryption levels wherever possible. Whether this is WPA2 (Personal) with a suitably complex password, or going all the way to two-way WPA2 Enterprise with 802.11x EAP-TLS depends on your situation and level of security required.

9. If you are letting public visitors use your internet as a courtesy or as part of your legitimate business operations, use a guest wifi network separate from your internal network. Never shall the two mix.

10. Where possible, for your wifi network, find the setting for and enable AP isolation. This will invalidate certain classes of attacks on the WPA2 protocol on the internal side of the network.

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More