How TrueCaller App Works???

There was a News Headline yesterday saying that: "Hackers claiming to represent the Syrian Electronic Army have reportedly hacked database of Truecaller".Between, do you know what's Truecaller? First let me explain what's all about it.

-->Truecaller is the world's largest global phone directory application for smartphones and feature phones, and accessible via a Web site, developed by True Software Scandinavia AB. It finds contact details globally given name or telephone number, and has an integrated caller ID service using Crowd-sourcing to achieve call-blocking functionality and social media integration to keep the phonebook up-to-date with pictures and birthdays. The name Truecaller comes from the app being able to show the True name of the Caller. The client is available for Android, BlackBerry OS, iOS, Series 40, Symbian, Blackberry, and Windows Phone. Now, let's learn how it works.

Know How...!!!

-->In short, people basically upload their phonebook to TrueCaller's servers which contains names, phone numbers and other details. Once the information is uploaded, TrueCaller knows which number corresponds to what name. Each person who installs the app uploads the phonebook and the overall database at TrueCaller keeps on growing. So even if you shared your phone number with only one of your friends who is a TrueCaller user, your number has been shared with TrueCaller and if you call any other TrueCaller user, you won't be anonymous.

-->It's a very simple concept that's executed very well. I have big concerns over the privacy breach this causes because your friends and relatives are sharing your phone number - something which you just cannot control.

Interesting facts about it:

-->I began searching for my friends’ land line and mobile numbers and those of my own as well, and noted a few interesting things:

• Sometimes somebody else’s name would prop up. This would probably be a previous owner, or the former name of the person in case of a name change.
• Sometimes the company name would be suffixed or prefixed to the name.

How to unlist your number from Truecaller?

Luckily, fixing this privacy issue turns out to be easy. Head over to Unlist your Phone Number to request an automatic unlisting of your number. It took a few hours for my numbers to get unlisted, and I heaved a sigh of relief after that, today. 

How to save your phone from Juice Jacking?

We have heard of Hacking, but never of Jacking...So, What's up with Juice Jacking?

Here's the answer:

Regardless of the kind of modern smartphone you have–be it an Android device, iPhone, or BlackBerry–there is one common feature across all phones: the power supply and the data stream pass over the same cable. Whether you’re using the now standard USB miniB connection or Apple’s proprietary cables, it’s the same situation: the cable used to recharge the battery in your phone is the same cable you use to transfer and sync your data.

This setup, data/power on the same cable, offers an approach vector for a malicious user to gain access to your phone during the charging process; leveraging the USB data/power cable to illegitimately access the phone’s data and/or inject malicious code onto the device is known as Juice Jacking.

This sort of exploit is hardly a new blip on the security radar, however. Two years ago at the 2011 DEF CON security conference, researchers from Aires Security, Brian Markus, Joseph Mlodzianowski, and Robert Rowley, built a charging kiosk to specifically demonstrate the dangers of juice jacking and alert the public to just how vulnerable their phones were when connected to a kiosk–the image above was displayed to users after they jacked into the malicious kiosk. Even devices that had been instructed not to pair or share data were still frequently compromised via the Aires Security kiosk.

This mechanism, intended to make using your iOS device painless and enjoyable, can actually create a rather painful state: the kiosk you just recharged your iPhone with can, theoretically, maintain a Wi-Fi umbilical cord to your iOS device for continued access even after you’ve unplugged your phone and slumped into a nearby airport lounge chair to play a round (or forty) of Angry Birds.

Is it risky right now?Is it that alarming?

At present, it isn't availing much. Currently, juice jacking is a largely theoretical threat, and the chances that the USB charging ports in the kiosk at your local airport are actually a secret front for a data siphoning and malware-injecting computer are very low. This doesn’t mean, however, that you should just shrug your shoulders and promptly forget about the very real security risk that plugging your smartphone or tablet into an unknown device poses. 

But, you can save your phone from such issues.

Know How...!!!

Here is how to avoid juice jacking...

Keep Your Devices Topped Off: The most obvious precaution is to keep your mobile device charged. Make it a habit to charge your phone at your home and office when you’re not actively using it or sitting at your desk doing work. The fewer times you find yourself staring at a red 3% battery bar when you’re traveling or away from home, the better.

Carry a Personal Charger: Chargers have become so small and lightweight that they scarcely weigh more than the actual USB cable they attach to. Throw a charger in your bag so you can charge your own phone and maintain control over the data port.

Carry a Backup Battery: Whether you opt to carry a full spare battery (for devices that allow you to physically swap the battery) or an external reserve battery, you can go longer without needing to tether your phone to a kiosk or wall outlet.

Lock Your Phone: When your phone is locked, truly locked and inaccessible without the input of a PIN or equivalent passcode, your phone should not pair with the device it is connected to. iOS devices will only pair when unlocked–but again, as we highlighted earlier, pairing takes place within seconds so you had better make sure the phone really is locked.

Power the Phone Down: This technique only works on a phone model by phone model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.

Disable Pairing (Jailbroken iOS Devices Only): Jonathan Zdziarski, a security researcher released a small application for jailbroken iOS devices that allows the end user to control the pairing behavior of the device. You can find his application, Pair-lock here @: 

http://www.zdziarski.com/blog/?p=2307 

Ultimately, the best defense against a compromised mobile device is awareness. Keep your device charged, enable the security features provided by the operating system (knowing that they aren’t foolproof and every security system can be exploited), and most importantly avoid plugging your phone into unknown charging stations and computers the same way you wisely avoid opening attachments from unknown senders.

Techies say technology can save your privacy but it's time to save your privacy yourself!!!

How to access facebook on any mobile without internet?

Some of us often do have the mobile phones of Mesozoic era, rofl ;) such as Nokia 1100 which has no internet browser or some times, even though you have a smart phone or android mobile, but you are in a remote location, where you have no internet access possible, you can still access facebook.

Know How...!!!

Yes this is possible now with the help of Fonetwish. Facebook India has partnered with Fonetwish to bring Facebook on every mobile phone without requiring any apps or even the Internet.

Here's how to access it:

1. Dial *325# (or *fbk#) from your mobile.

2. You get a menu saying: Welcome to facebook by fonetwish.Your request has been accepted.We will shortly send you the menu.Please exit this message
3. Now, it asks for your username, example: Sriram Krishna (your name as in facebook ).

4. After processing for validity of username, a window appears and prompts you to enter your password, ensuring secure access.
5. It provides a menu on Welcome page as:  1. News Feed 2. Update status 3. Post on wall 4. Friend request 5. Messages 6. Notifications 7. Account Setting

6. If you select messages, i.e. you enter option 5 and click send, then you get a sub-menu for it as : Welcome to messages: 1. Online friends 2. Read message..blah blah blah...!!!

Fonetwish service is available almost for all service providers in India.

P.S: Please note that you need to subscribe to the service to use it. It is free only for 15 days , and later the charges would be only 1.00/- per day for unlimited usage.  

You can also activate Fonetwish directly from your Facebook account at https://apps.facebook.com/fonetwish/

Something about technology:

The protocol being used is USSD. Unstructured Supplementary Data (USSD) is used by telecom players to send alerts to their users that inform them about their balance at the end of call or for sending missed call alerts. This protocol helps GSM cellular telephones to communicate with the service provider's computers and USSD messages create a real-time connection during a USSD session. The connection remains open, 

allowing a two-way exchange of a sequence of data. This makes USSD more responsive than services that use SMS.

That's it..Go on browsing fb freaks...!!