Facebook to reward people who find glitches on its security network

NEW YORK: Expose the chinks in security network of Facebook and get rewarded for it too, says the social networking site, which has already paid USD 40,000(over Rs 18 lakh) in the past three weeks to those who done it. 

Facebook has launched its 'bug bounty' programmer a few weeks ago, where it offered to pay for disclosure of security bugs to the company. 

"A couple of years ago, we decided to formalise a 'whitehat' programme to encourage these researchers to look for bugs and report them to us ... A few weeks ago, we took that programme to the next level, we started paying rewards to those who report bugs to us," Facebook Chief Security Officer Joe Sullivan said on the official blog. 

He added that the bug bounty programme was established as an effort to recognise and reward "these individuals for their good work and encourage others to join." 

According to the company website, Facebook has more than 750 million active users globally. Its userbase in India stood at 25 million at the end of April this year. 

Facebook has met severe criticism globally on a range of issues, including online privacy, child safety, and security loopholes. It has been working to tackle the situation, introducing new security features to counter the attacks on the website. 

"The programme has already paid out more than USD 40,000 in only three weeks and one person has already received more than USD 7,000 for six different issues flagged," Sullivan said. The programme has made the site more secure, by surfacing issues large and small, introducing Facebook to novel attack vectors, and helping it improve lots of corners in its code, he added. 

About forty eight people have successfully identified problems and have been acknowledged on Facebook's "whitehat" page. Facebook pays about USD 500 for reporting such issues and increases the reward for specific bugs, the blog said. 

The company has also assured that even if the methods used to intrude into Facebook systems are not legal, they would not face any legal action. 

"If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you," the blog said.

Read More

Google, Facebook Both Looking To Team Up With Skype

Facebook and Google are both reportedly trying to strike a deal with popular VoIP service provider Skype.

Sources have told Reuters that Facebook CEO Mark Zuckerberg is mulling an all-out acquisition of the company while another source revealed that the company might form a joint venture with Skype.

Meanwhile, search engine giant Google is also in talks with Skype. Google already offers VoIP services via Google Talk and Google Voice.

However, the source revealed that the talks are in very early stages and ran a danger of collapsing midway. It is also not clear which company Skype is likely to go with.

On one hand, there is Facebook, with its 500 million + users that could give Skype the platform it needs to expand. Google is also moving big into the enterprise cloud services market and could use Skype to boost its portfolio.
Skype is also planning its first initial public offering, most likely in the second half of 2011. The company is expected to raise around a billion dollars from the IPO. With more companies moving into VoIP services, some analysts have speculated that Skype will need to work with a larger company to survive future competition.



Source : Indiatimes


Thanks :)

Read More

Android Development Workshop

Greetings from MET's CSI Student Branch!!

We are glad to inform you that MET's CSI Student Branch organizing "Workshop on Android" on 27th & 28th August, 2011. I take this opportunity to invite you and your friends to participate in this workshop. We look forward for your kind co-operation and support in organizing this workshop and making it successful. For more details please find the attachment.
Last Date of Registration: 20th August, 2011. Participants will be registered on first come first serve basis. Registration fees for the workshop is Rs. 1000 . Certificates will be given to every participant of workshop. Hurry Up !! Limited seats are there . . Register as soon as possible ! Non-CSI members can attend the workshop ! :)

Prerequisites : You should have knowledge of Java.

Highlights : For Mobile Application Development Workshop, Competition will be conducted based on topics covered at the end of 2 day workshop and winner will be awarded with Andriod smartphone

If you have any problem or doubts regarding workshop then feel free to ask ! You can confirm your Registration by just calling us !!

Workshop coordinator :-

Prof.Vaibhav Dabhade : 9860903184

Student coordinator :-

Pratik Nikam : 9975261010
(pratik.nikam3112@gmail.co​m)

Pratik Raichura : 9260523442
(pratikraichura@gmail.com)

Vishal Patil : 9096126567
(vishalsp13@gmail.com)


Thanks :)

Read More

Workshop On Ethical Hacking !

Greetings from MET's CSI Student Branch!!

Wanna be a HACKING GEEK??

We are glad to inform you that MET's CSI Student Branch organizing "Ethical Hacking Workshop" on 3rd & 4th Sept, 2011. I take this opportunity to invite you and your friends to participate in this workshop. We look forward for your kind co-operation and support in organizing this workshop and making it successful.

First time in Nashik we are organizing Ethical Hacking Workshop :)

Our 2 Days Ethical Hacking Workshop is specifically designed to provide the right knowledge to Ethical Hacking and Information Security aspirants.There is no such prerequisites for workshop except you should have some knowledge of browsers and some knowledge of html (you can learn html in 1Hr)

The primary reasons behind conducting this workshop are to give a live demonstration of different Cyber Attacks,Hands on Practice on Web Application Assessment & Penetration Testing, Cyber Crime Investigations & explain how security analysts & cyber crime investigators uses techniques to solve these vulnerabilities & organized crimes. We make participants to find their path in Information Security Domain which has huge potential in IT Industry.

Registration Fees : Rs 1000 per student
Duration : 2 Days ( Total 16 Hours )
Last Day of Registration : 27th Aug 2011
Workshop Trainer : Sunny Vaghela ( www.sunnyvaghela.com )
Workshop is Open for all !

~!~!~!~!~!~ What Registration Cost Includes ? ~!~!~!~!~!~

~ Comprehensive course material will be provided to participants.
~ Ethical Hacking Toolkit worth Rs.500 (Containing Tools, Videos, EBooks, Presentations)
~ A quiz will be taken at the end of workshop and topper will be offered CCSE course worth Rs.15,000
~ Certificate of “Certified Ethical Hacking Expert – Level 1” will be given to participants from
TechDefence & Techfest, IIT Bombay.

As limited seats are there so please book your seat now !

If you have any queries regarding workshop then feel free to ask ! You can confirm your seats by just calling us !! :

Workshop coordinator :-
Prof.Tushar Patil : 7387426148

Student coordinator :-
Pratik Nikam : 9975261010
(pratik.nikam3112@gmail.co​m)

Vishal Patil : 9096126567
(vishalsp13@gmail.com)

Tejas Fulkar : 9637514014
(fulkar.tj@gmail.com)

Kaushik Wavhal : 9545777155


~!~!~!~!~!~ Program Benefits and Highlight ~!~!~!~!~!~

~ Learn & Interact with renowned Industry Experts
~ Receive an unparalleled education on the art of computer security with personal one-onone attention from Sunny Vaghela.
~ Hands on Demonstrations of Latest Hacking Techniques & Tools.
~ Hands on Demonstrations of various cases solved by Sunny Vaghela.
~ PowerPoint Presentation, Live Demos, Interactive Question & Answer sessions and comprehensive reading material.
~ Toppers of each workshop to be personally interviewed Sunny Vaghela and will receive a
chance to work with him on security projects.



~!~!~!~!~!~ Workshop Contents ~!~!~!~!~!~


~ Cyber Ethics

Hackers & hacking methodologies
Types of hackers
Communities of Hackers
Malicious Hacker Strategies
Steps to conduct Ethical Hacking
Hiding your identity while performing attacks

~ Information Gathering & Scanning Methodologies

Get to know how hacker gather information about victim on internet
Information gathering of websites & networks
Scanning & Structuring of websites
Finding Admin Panel of websites

~ Trojans, Backdoors

How to control victim’s computer using Trojans
Binding Trojans with another file
Undetection process of Trojans from Antivirus
Removal of Trojans from your computer
Analysis of Trojans/Virus

~ Google Hacking

Using Google as hacking tool
Advanced operators of Google
Finding Vulnerable websites using Google
Finding Target networks using Google

~ Wireless Hacking & Security

Wireless Protocols
Wireless Routers-Working
Attacks on Wireless Routers
Cracking Wireless routers password(WEP)
Securing routers from Hackers
Countermeasures

~ Mobile, VoIP Hacking & Security

SMS & SMSC Introduction
SMS forging & countermeasures
Sending & Tracking fake SMSes
VoIP Introduction
Installing VoIP Server
Forging Call using VoIP

~ Web Application Attacks

Web Application Overview
Web Application Attacks
OWASP Top 10 Vulnerabilities
Putting Trojans on websites
SQL injection attacks
Executing Operating System Commands
Getting Output of SQL Query
Getting Data from the Database Using ODBC Error Message
How to Mine all Column Names of a Table
How to Retrieve any Data
How to Update/Insert Data into Database
SQL Injection in Oracle
SQL Injection in MySql Database
Attacking Against SQL Servers
SQL Server Resolution Service (SSRS)
SQL Injection Automated Tools
Blind SQL Injection
Preventing SQL Injection Attacks
XSS attacks
Finding & Fixing XSS in websites
Local File inclusion attacks
Remote file inclusion attacks
Buffer Overflow attacks
Session Hijacking attacks
20 Hands on Demonstrations on real websites

~ System & Network hacking

Hacking Administrators password
Enumeration of networks
Use of Sniffers to sniff network data

~ Email Hacking

Making fake pages
How to use keyloggers to hack mail ids
Social Engineering Techniques

~ Introduction to Cyber Crime Investigation

Types of Cyber Crimes
Report Cyber Crimes

~ Investigation Methodologies

Different Logging Systems
Investigating Emails ( Email Tracing)
Ahmedabad Bomb Blasts Terror Mail case study
Investigating Phishing Cases
Investigating Data Theft Cases
Investigating Orkut Profile Impersonation Cases
Cyber Law & IT Act,2000

~ Difficulty Handling Session & Exam 2.0

A quiz will be taken at the end of workshop and topper will be offered CCSE course worth Rs.15,000

If you have any doubt regarding anything then please feel free to contact !


Thanks :)

Read More

Government wants to read your tweets, Facebook posts

New Delhi : Beware of what you put in your Facebook messages or your tweets. Your friends and followers may not be the only ones reading them. Chances are government sleuths would be vetting these private messages. 

This follows a home ministry directive to the department of telecom, asking it to "ensure effective monitoring of Twitter and Facebook". While "effective monitoring" has not been defined, sources said the MHA's intention is complete surveillance of the sites. This means not only does the government want to keep an eye on tweets and wall posts that are in the public domain but also the content you share only with your friends.

Minister of state for communication and information technology Milind Deora said in a written reply in the Rajya Sabha last week that DoT had received a letter from the MHA asking it to monitor networking websites in order to "strengthen the cyber security paraphernalia".

His statement was in response to a question from MP NK Singh.

A senior government official said the home ministry's directive asked DoT to facilitate access to all data in social networking sites for its intelligence agencies.

Sunil Abraham, executive director of Centre for Internet and Society said these "blanket surveillance practices" are counterproductive.

"People advocating greater surveillance don't understand how the web works. In some cases, if there is evidence, targeted monitoring can be done but if government wants to go through each tweet and every status update, it's just waste of money and resources. Agencies involved in monitoring can do better work by focusing on core issues. This will also save law-abiding citizens from unnecessary harassment," said Abraham.

Some Facebook and Twitter content is already under the surveillance of the National Technical Research Organization. Deora confirmed this, telling Parliament that "telecom service providers (already) provide facilities for lawful interception and monitoring of communication flowing through their network including communications from social networking websites like Facebook and Twitter".

He said in cases where data is encrypted by websites like Twitter, the department works with the parties concerned to obtain access. Twitter and Facebook don't share private information on their servers without a court order. Twitter also has a policy of informing the user whose information is being shared with security agencies.

India has in the recent months sought access to data from internet service providers as well as companies like Research In Motion, which sells BlackBerry phones capable of encrypted emails and messaging.

In April the government notified a new set of IT rules, virtually making intermediaries like internet service providers, web hosts and websites like responsible for any wrongdoings on their networks. The rules were widely criticized by privacy activists.

Law enforcement agencies across the world monitor social networking sites but in most cases it is selective. A few days ago, Pentagon said that it was looking to monitor websites like Twitter in order to identify terror threats as well as to keep a tab on trends, unrest and events like popular revolts in the Arab world. Darpa, a research body under the US department of defence, said it had earmarked $42m to fund research into monitoring social networks. 


Source : Times Of India


Thanks :)

Read More

Zuckerberg's sister leaves Facebook to start own social media consulting firm !

Facebook's director of marketing Randi Zuckerberg, sister of the social network's billionaire founder Mark Zuckerberg, is leaving her brother's company to start her own social media consulting firm. 

Randi, who has been with Facebook for the last six years, said she feels it is the "perfect time" to move outside of Facebook to build a company focused on the "exciting trends underway in the media industry."

"I have decided my time at Facebook is coming to a close. When I think about the projects I am most proud of during my six years at the company, they all have one thing in common -- they revolve around the intersection of traditional media and social technology," she said.

Facebook confirmed the departure and in a statement said, "We can confirm Randi has decided to leave Facebook to start her own company. We are all grateful for her important service."

However, there was no direct comment from her brother. Randi plans to start her social media consulting firm 'RtoZ Media'.

"My goal is to launch my own innovative programming and work with media companies to develop their programming in new and more social ways. In attacking this challenge, Facebook will clearly be a central element in all of my projects," she said adding that she hopes to continue advising Facebook on media projects.

According to her resignation letter posted on the website 'AllThingsD', Randi said she has focussed on innovating and pushing the media industry forward by introducing new concepts around live, social, participatory viewing.

"We have made incredible progress, but there is still much to be done and other ways I can affect change."

A prominent name in Silicon Valley, Randi has been on maternity leave for the last three months. She was recently nominated for an Emmy award in the category of live coverage of a current news event for her work on 'Facebook Live', a real-time news show she created and hosted for the company.


Source : Times Of India 


Thanks :)

Read More

Gmail for mobile, now sharper and smoother

On the mobile team, we strive to produce web apps which look and feel just like installed apps. In the past few weeks, we’ve released a number of features which make Gmail for mobile look sharper and feel smoother.

Pull down to refresh
You can now pull down to refresh your message list and conversation on all iOS and Playbook devices. To 
refresh, simply touch the message list, drag downwards and release.

High resolution icons
For those of you using Gmail for mobile on an iPhone 4 Retina display, the icons and graphics are now at a higher resolution, making Gmail for mobile sharper.

Transitions
When you tap on a conversation, tap back to the inbox, go to the menu or go back, the view will slide left or right. This new transition animation is a quick, small indication that makes the view change feel smoother.

Curious web designers often ask us how we implement certain features. In this case, we used a combination of up to eight different CSS3 transitions and Javascript to get things to look just right.

As always, go to mail.google.com on your mobile browser to check out the latest updates to Gmail for mobile.


Thanks :)

Read More

Google Launches New Photo Sharing Network

"Photovine is a community that's about creating fun and unique collections of photos that we call Vines," reads the company overview on the Photovine Facebook page. 

Users can share content captured through Photovine on other social networking services and may also be able to pull in content from other social networking services into Photovine. At the core of Photo vine are vines, that is a like a constantly growing family of photos connected through a common caption. The Photovine concept seems similar to the new version of Twitter search that displays photo and video content attached to hashtags and other search results.
Photovine is currently invitation only and users can request for an invite through their website - www.photovine.com. 
Speculation is rife that Google may integrate the service with its recently launched social media product, Google+. But Google already owns the popular Picasa photo sharing service and two parallel services can confuse users.
Photovine is also not marketing itself as a Google product, in fact there is hardly any mention of Google in its publicity material and also on its website, except that it is a part of Slide that is owned by Google. Even the phone displayed on the Photovine website is an iPhone and not a phone that runs on Google's Android software.


Here is the Link : Google Photovine


Thanks :)

Read More