DOCSLIB.ORG

Exposing Security and Privacy Liabilities in Modern Browsers

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Exposing Security and Privacy Liabilities in Modern Browsers Exposing security and privacy liabilities in modern browsers Nikolaos Tsalis March 2017 Exposing security and privacy liabilities in modern browsers Nikolaos Tsalis A dissertation submitted for the partial fulfillment of a Ph.D. degree March 2017 ii Supervising Committee: 1. Dimitris Gritzalis, Professor, Athens University of Economics & Business (Chair) 2. Theodoros Apostolopoulos, Professor, Athens University of Economics & Business 3. Ioannis Marias, Assistant Professor, Athens University of Economics & Business Examination Committee: 1. Dimitris Gritzalis, Professor, Athens University of Economics & Business 2. Theodoros Apostolopoulos, Professor, Athens University of Economics & Business 3. Ioannis Marias, Associate Professor, Athens University of Economics & Business 4. Vasileios Katos, Professor, Bournemouth University, United Kingdom 5. Ioannis Stamatiou, Associate Professor, University of Patra 6. Panos Kotzanikolaou, Assistant Professor, University of Piraeus 7. Alexios Mylonas, Lecturer, Bournemouth University, United Kingdom iii Exposing security and privacy liabilities in modern browsers Copyright © 2017 by Nikolaos Tsalis Department of Informatics Athens University of Economics and Business 76 Patission Ave., Athens GR-10434, Greece All rights reserved. No part of this manuscript may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the author. iv "Η έγκριση διδακτορικής διατριβής υπό του Τμήματος Πληροφορικής του Οικονομικού Πανεπιστημίου Αθηνών δεν υποδηλοί αποδοχή των γνωμών του συγγραφέως.” (Ν. 5343/ 1932, άρθρο. 202) v Acknowledgements First and foremost, I would like to thank my Ph.D. supervisor Prof. Dimitris Gritzalis. We met back in 2008, while I was on my second year of undergraduate studies. I had selected Information Systems Security as an optional module without too much thought, as I was certain from the beginning that this was the field I would like to excel and purchase a career in. Mr. Gritzalis, as my academic shepherd, I thank you for your support and inspiration during my studies, but most importantly your patience and guidance throughout my life. I would also like to thank Prof. Theodoros Apostolopoulos and Associate Prof. Ioannis Marias for their support and inspiration during my undergraduate studies and Prof. Jason Crampton (Royal Holloway) who guided me in my preliminary steps in research by supervising my MSc thesis. Secondly, I would like to thank Prof. Alexios Mylonas for his guidance during my academic path, as well as along my personal life, where he stood better than I hoped for. I am grateful that I shared my research journey with Prof. Vasileios Katos and Dr. Nikos Virvilis. Also, I would like to thank Dr. Vasilis Tsoumas, Dr. Stelios Dritsas, Dr. Marianthi Theocharidou and Dr. Giannis Soupionis. They were the ones that helped me the most on my first research steps, either by co-authoring, reviewing or tutoring. I am grateful for their support and professionalism but mainly for their friendship. I also want to thank Dr. George Stergiopoulos, Miltiadis Kandias and Vasilis Stavrou for their support, cooperation, and their friendship, which guided us all through time. Furthermore, I am thankful to Prof. Panos Constantopoulos and Prof. Theodoros Apostolopoulos for offering me a position as a systems and network administrator during my academic research. I am also thankful to Dr. Theorodos Ntouskas, Antonia Nisioti, Despoina Metzelioti, Georgia Lykou and George Iakovakis for their friendship and support during these years. Finally, I would like to thank all the people that stood right besides me all my life; my parents for their endless love and support, my family for their guidance and Elena Hadjiyiangou for her support and patience all these years. Time will always heal the mind, but the heart will never forget. vi Dedication To those who take care of us, even from far away. To the people I loved and cared for. We will all be together in the end. vii Abstract The number and complexity of the available online threats have been increasing steadily in recent years. One of the primary goals of the attackers is financial gains against the users, who can barely protect themselves against such threats. This matter is further empowered by the weakened security environment that users operate in. More specifically, the average user is not technologically savvy, especially when it comes to the security aspect of the technology she uses, while she is not familiar with the available security countermeasures along with their usage. Similarly, the manufacturers must supposingly take care of an untrained user by providing an adequate level of security and privacy certainty, when the user is performing her online browsing activities, via the use of a simple browser. In contrast, it is proven to be more than challenging to achieve the golden ratio between usability and security, while the scale usually leans on the former. The online threat landscape is continuously expanding due to the sophisticated types of theats and vulnerabilities that exist within a browser environment. For instance, modern browsers adopt additional features and services, with a view on funtionality, and thus further attack entry points are created that could surely aim in user’s security and privacy. By analyzing the security perspective of modern browser, one can easily result in the priorities that are set by the manufacturers, which are translated into significant threats that are currently available. To be more specific, phishing attacks are considered to be one of the most perilous threats, where the user is deceived into discolusing sensitive personal information. Similarly, the malware threat is equally important since, due to its complexity, it is more difficult to deal with. Privacy threats are also available which aim in the aforementioned information disclosure. Browser manufacturers are aware of the formerly mentioned threat landscape and have implemented several controls within modern browsers. Such controls are utilized as either built- in controls to the browser itself, or additional services (i.e. add-ons) that enhance or substitute the build-in ones. In addition, users rely on manufacturers for their protection and are not aware of how to operate the existing controls or implement additional ones for enhanced security. In order to protect the average user’s security and privacy in the online environment, it is vital to evaluate the existing defences and redisign the technologies that appear to be less effectictive as expected. The purpose of this thesis is to offer a comprehensive view of the online threat problem through analyzing the currently offered countermeasures along with their features, attack paths and techniques that are utilized. Such an approach will provide a clear view of whether the manufacturers do provide an adequate level of security from a quantitative perspective. In addition, the qualitative evaluation of some of the aforementioned controls are a focal point of viii this thesis. More specifically, those anti-threat mechanisms are put to the test via our assessment methodology and, in some cases, further enhancements or alternative sollutions are proposed and evaluated, in comparison to their predecessors. ix (this page is intentionally left blank) x Extended abstract (in Greek) Ο αριθμός και η πολυπλοκότητα των απειλών στο διαδίκτυο, έχουν αυξηθεί σταθερά τα τελευταία χρόνια. Ο βασικός στόχος των επιτιθέμενων είναι τα οικονομικά κέρδη έναντι των χρηστών, οι οποίοι δύσκολα μπορούν να προστατευθούν από τέτοιου είδους επιθέσεις. Το γεγονός αυτό ενισχύεται περαιτέρω από το αποδυναμωμένο περιβάλλον ασφαλείας μέσα στο οποίο λειτουργούν χρήστες καθημερινα. Πιο συγκεκριμένα, ο μέσος χρήστης δεν είναι επαρκώς ενημερωμένος σε θέματα τεχνολογίας, ειδικά σχετικά με θέματα ασφάλειας, ενώ παράλληλα, δεν γνωρίζει ποια είναι τα υπάρχοντα αντίμετρα ή πώς να τα χρησιμοποιεί. Ομοίως, οι κατασκευαστές των browers, είναι υποχρεωμένοι να προστατεύσουν τον ανεκπαίδευτο μέσο χρήστη και να του παράξουν ένα ανεκτό επίπεδο ασφάλειας όταν επισκέπτεται το διαδίκτυο. Όμως, έχει αποδειχθεί πως είναι αρκετά δύσκολο να βρεθεί η χρυσή τομή ανάμεσα στην χρηστικότητα και την ασφάλεια, ενώ συνήθως, το τελικό αποτέλεσμα της υλοποίησης των κατασκευαστών τείνει προς όφελος της πρώτης. Παράλληλα, οι υπάρχοντες απειλές και επιθέσεις, έχουν γίνει περισσότερες σε πλήθος και πιο πολύπλοκες. Για παράδειγμα, οι νέοι browsers περιέχουν επιπρόσθετα στοιχεία και υπηρεσίες (π.χ. JavaScript, Flash) με σκοπό την αυξημένη λειτουργικότητα, το οποίο έχει ως αποτέλεσμα την αύξηση των ευπαθειών και απειλών σχετικά με την ασφάλεια και την ιδιωτικότητα του χρήστη, δεδομένου ότι τα κενά ασφάλειας των υπηρεσιών αυτών κληρονομούνται στους browsers. Μέσω της ανάλυσης της ασφάλειας ενός σύγχρονου browser, είναι εμφανείς οι προτεραιότητες που έχουν τεθεί από τους κατασκευαστές, ως προς την προτεραιοποίηση των απειλών που υπάρχουν. Πιο συγκεκριμένα, οι απειλές τύπου phishing, έχουν χαρακτηριστεί ιδιαίτερα σημαντικές καθώς στοχεύουν στην απόκτηση προσωπικών δεδομένων του χρήστη. Το ίδιο ισχύει και για τις απειλές τύπου malware, οι οποίες είναι εξίσου σημαντικές, ιδιαιτέρως εξαιτίας της πολυπλοκότητάς τους, καθώς επίσης και οι τύποι των απειλών που στοχεύουν στην πλήξη της ιδιωτικότητας του χρήστη. Οι κατασκευαστές των browsers έχουν υλοποιήσει συγκεκριμένα αντίμετρα για να προστατεύσουν τον χρήστη ενάντια στις προαναφερθέντες απειλές. Τα
Load more

Recommended publications
  • On the Incoherencies in Web Browser Access Control Policies
    On the Incoherencies in Web Browser Access Control Policies Kapil Singh∗, Alexander Moshchuk†, Helen J. Wang† and Wenke Lee∗ ∗Georgia Institute of Technology, Atlanta, GA Email: {ksingh, wenke}@cc.gatech.edu †Microsoft Research, Redmond, WA Email: {alexmos, helenw}@microsoft.com Abstract—Web browsers’ access control policies have evolved Inconsistent principal labeling. Today’s browsers do piecemeal in an ad-hoc fashion with the introduction of new not have the same principal definition for all browser re- browser features. This has resulted in numerous incoherencies. sources (which include the Document Object Model (DOM), In this paper, we analyze three major access control flaws in today’s browsers: (1) principal labeling is different for different network, cookies, other persistent state, and display). For resources, raising problems when resources interplay, (2) run- example, for the DOM (memory) resource, a principal is time changes to principal identities are handled inconsistently, labeled by the origin defined in the same origin policy and (3) browsers mismanage resources belonging to the user (SOP) in the form of <protocol, domain, port> [4]; but principal. We show that such mishandling of principals leads for the cookie resource, a principal is labeled by <domain, to many access control incoherencies, presenting hurdles for > web developers to construct secure web applications. path . Different principal definitions for two resources are A unique contribution of this paper is to identify the com- benign as long as the two resources do not interplay with patibility cost of removing these unsafe browser features. To do each other. However, when they do, incoherencies arise. For this, we have built WebAnalyzer, a crawler-based framework example, when cookies became accessible through DOM’s for measuring real-world usage of browser features, and used “document” object, DOM’s access control policy, namely the it to study the top 100,000 popular web sites ranked by Alexa.
    [Show full text]
  • Browsers and Their Use in Smart Devices
    TALLINN UNIVERSITY OF TECHNOLOGY School of Information Technologies Alina Kogai 179247IACB Browsers and their use in smart devices Bachelor’s thesis Supervisor: Vladimir Viies Associate Professor Tallinn 2020 TALLINNA TEHNIKAÜLIKOOL Infotehnoloogia teaduskond Alina Kogai 179247IACB Brauserid ja nende kasutamine nutiseadmetes Bakalaureusetöö Juhendaja: Vladimir Viies Dotsent Tallinn 2020 Author’s declaration of originality I hereby certify that I am the sole author of this thesis. All the used materials, references to the literature and the work of others have been referred to. This thesis has not been presented for examination anywhere else. Author: Alina Kogai 30.11.2020 3 BAKALAUREUSETÖÖ ÜLESANDEPÜSTITUS Kuupäev: 23.09.2020 Üliõpilase ees- ja perekonnanimi: Alina Kogai Üliõpilaskood: 179247IACB Lõputöö teema: Brauserid ja nende kasutamine nutiseadmetes Juhendaja: Vladimir Viies Kaasjuhendaja: Lahendatavad küsimused ning lähtetingimused: Populaarsemate brauserite analüüs. Analüüs arvestada: mälu kasutus, kiirus turvalisus ja privaatsus, brauserite lisad. Valja toodate brauseri valiku kriteeriumid ja soovitused. Lõpetaja allkiri (digitaalselt allkirjastatud) 4 Abstract The aim of this bachelor's thesis is to give recommendations on which web browser is best suited for different user groups on different platforms. The thesis presents a methodology for evaluating browsers which are available on all platforms based on certain criteria. Tests on PC, mobile and tablet were performed for methodology demonstration. To evaluate the importance of the criteria a survey was conducted. The results are used to make recommendations to Internet user groups on the selection of the most suitable browser for different platforms. This thesis is written in English and is 43 pages long, including 5 chapters, 20 figures and 18 tables. 5 Annotatsioon Brauserid ja nende kasutamine nutiseadmetes Selle bakalaureuse töö eesmärk on anda nõuandeid selle kohta, milline veebibrauser erinevatel platvormitel sobib erinevate kasutajagruppide jaoks kõige parem.
    [Show full text]
  • Opera Mini Application for Android
    Opera Mini Application For Android Wat theologized his eternities goggling deathy, but quick-frozen Mohammed never hammer so unshakably. Fain and neverfringillid headline Tyrone sonever lambently. reapplied his proles! Tracie meows his bibulousness underdevelop someplace, but unrimed Ephrayim This application lies in early on this one knows of applications stored securely for example by that? Viber account to provide only be deactivated since then. Opera Mini is a super lightweight browser that loads web pages faster than what every other browser available. Opera Mini Browser Latest News Photos Videos on Opera. The Opera Mini for Android lets you do everything you any to online without wasting your fireplace plan It's stand fast safe mobile web browser that saves you tons of. Analysis of tomorrow with a few other. The mini application for opera android open multiple devices. Just with our site on a view flash drives against sim swap scammers? Thanks for better alternative software included in multitasking is passionate about how do you can browse, including sms charges may not part of mail and features. Other download option for opera mini Hospedajes Mirta. Activating it for you are you want. Opera mini 16 beta android app has a now released and before downloading the read or full review covering all the features here. It only you sign into your web page title is better your computer. The Opera Mini works the tender as tide original Opera for Android This app update features a similar appearance and functionality but thrive now displays Facebook. With google pixel exclusive skin smoothing makeover tool uses of your computer in total, control a light.
    [Show full text]
  • Download Rom Motorola Defy Mini Xt320
    Download rom motorola defy mini xt320 CLICK TO DOWNLOAD 09/04/ · ROM Motorola DEFY MINI XT – ROM Android ROM Official: TNBST_4_RPD_flex_LATAM_RTL_Brazil – renuzap.podarokideal.ru ROM For Brazil (for other countries ask me) Backup and Restore Defy Mini IMEI and NV Data. Preparations: •Install Motorola USB driver (Use forum serach button) •Install RSD Lite (Use forum serach /5(10). 09/06/ · Motorola Defy Mini XT Firmware Download In this post, you will find the direct link to download Motorola Defy Mini XT Stock ROM (firmware, flash file). The Firmware package contains Firmware, Driver, Flash Tool, and How-to Flash Manual. Motorola Defy Mini XT Stock ROM How To Flash Motorola Defy Mini XT First, you need to download and extract the Motorola Defy Mini XT stock firmware package on Computer. After extracting the zip package, you will get the Firmware File, Flash Tools, Drivers, and How-to Flash Guide. 30/04/ · Motorola Defy Mini XT Stock Firmware ROM (Flash File) Find Motorola Defy Mini XT Flash File, Flash Tool, USB Driver and How-to Flash Manual. The official link to download Motorola Defy Mini XT Stock Firmware ROM (flash file) on your Computer. Firmware comes in a zip package, which contains are below. 14/07/ · How to update your MOTOROLA Defy Mini(XT) With this guide you will be able to find, download and install all necessary updating files for your MOTOROLA Defy Mini(XT). Hope you can get satisfied with the new device update, enjoy the last Android version and don’t forget to look for new updates frequently. Firstly, you have what you came for: the updates.
    [Show full text]
  • Firefox Quantum Remove Recommended by Pocket From
    Firefox Quantum Remove Recommended By Pocket From Lamellar Gary restitutes: he ligatured his recognisance bearishly and dully. Desireless Redford suburbanized very monotonously while Silvester remains dysteleological and unconfined. Skin-deep Algernon never dislodged so westerly or stanchion any floppiness war. Stack traces are now shown for exceptions inside your console. Press to restore system options as which process starts it'll remove by the jailbreak. It is enabled by default in development versions of Firefox, but average in release versions. We have always bear the result in scratchpad and by pocket. Earn an issue that ff is by firefox quantum. You for tweetdeck, or login to network failures due to open source ip address bar at your activity. Ask a question and give support. Who cares about the features? 2012 after Mozilla detected a security flaw and recommended downgrading to. Access the feature for android firefox remove by now called extensions available for recommended by ad blockers work unencumbered by ad is a set to. This will open large number of your browser extensions that pisses me of money if you can either automatically updated their next app integrated into detail of. Dec 01 2017 Firefox Quantum's interface is still extremely customizable thanks to. Where is the back latch on Firefox? Mozilla Firefox or simply Firefox is that free quote open-source web browser developed by the. It will not collect data in private browser windows, and when Mozilla shares the results of its research, it will do so in a way that minimizes the risk of users being identified, Boyd said.
    [Show full text]
  • Draft Clearclick: Effective Client-Side Protection Against UI
    Draft ClearClick: Effective Client-Side Protection Against UI Redressing Attacks Giorgio Maone <giorgio at maone.net> Rev. 2, May 3, 2012 Abstract “User Interface Redressing”, popularized in 2008 as “Clickjacking”, designates a class of attacks, leveraging ambient authority and the coexistence in modern user agents of multiple browsing contexts, which trick an authorized human into interacting with UI elements that actually belong to the targeted web application, but have been obscured or decontextualized by attacker-provided content. This interaction induces unintended application state changes on behalf of the victim – similarly to Cross Site Request Forgery – but defeats traditional CSRF protections, such as form tokens, by exploiting the legitimate web application UI itself, which those countermeasures are meant to validate. The main defense currently adopted by mainstream browsers requires a server- side opt-in signal and prohibits legitimate, widespread use cases such as cross-site subdocument embedding. Another countermeasure immune to these limitations (enabled by default, entirely client-side and designed to allow cross-domain embedding) is the ClearClick module, included in the NoScript add-on for Mozilla Firefox just days after the first Clickjacking announcement. This document describes the rationale behind it and the way it works. Keywords: clickjacking, anti-clickjacking, UI redressing, ClearClick, X-Frame-Options. 1. Introduction In September 2008, Jeremiah Grossman and Robert “RSnake” Hansen canceled a previously announced
    [Show full text]
  • Finding and Installing Firefox Extensions SURF’S UP
    LINUXUSER DeskTOPia: Firefox Add-ons Finding and installing Firefox extensions SURF’S UP If you look around the Internet, you’ll find a number of useful add-ons for Mozilla Firefox. BY ANDREAS KNEIB he Mozilla Firefox browser is de- most useful modules for the new Firefox the module is available. Then just re- signed to easily accommodate ex- 1.5. launch the web browser to enable the Ttensions, and the Firefox commu- tools. nity has responded with a rich assort- Getting Started If Firefox fails to locate working exten- ment of add-on modules. If you’re inter- If your Linux distribution doesn’t have sions, the old extensions will stay dis- ested in higher performance, or even if the latest version of Firefox, you can abled until an update becomes available you just want to check the weather, download it from the Firefox homepage or until you remove the extensions man- you’ll find a Firefox add-on to meet your at [1]. Once you have installed the latest ually. If you still encounter problems, needs. We took a look at some of the version, you can open the Firefox Exten- such as the program crashing because sion Manager (Figure 1) by selecting the browser has stumbled over an in- Tools | Extensions. The Extension Man- compatible or broken module, you can ager is a central tool for plug-in manage- try starting the program in safe mode ment. using the following parameters in the If your Firefox 1.0 version already has command line: firefox -safe-mode. a number of extensions installed before In safe mode, all extensions and you upgrade to Firefox 1.5, the browser themes [4] are disabled, and you can should now show you if the modules are run the Extension Manager to remove compatible with the new version.
    [Show full text]
  • Securing Android Devices
    Securing Android Devices Sun City Computer Club Seminar Series May 2021 Revision 1 To view or download a MP4 file of this seminar With audio • Audio Recording of this seminar • Use the link above to access MP4 audio recording Where are Android Devices? • Smart Phones • Smart Tablets • Smart TVs • E-Book Readers • Game consoles • Music players • Home phone machines • Video streamers – Fire, Chromecast, Why Android devices? • Cutting edge technology – Google • User Friendly • User modifications Android Software Development Kit (SDK) Open Source • Huge volume of applications • Google, Samsung, LG, Sony, Huawei, Motorola, Acer, Xiaomi, … • 2003 • CUSTOMIZABLE My Choices • Convenience vs Privacy • Helpful <-> Harmful • Smart devices know more about us than we do Android “flavors” flavours • Android versions and their names • Android 1.5: Android Cupcake • Android 1.6: Android Donut • Android 2.0: Android Eclair • Android 2.2: Android Froyo • Android 2.3: Android Gingerbread • Android 3.0: Android Honeycomb • Android 4.0: Android Ice Cream Sandwich • Android 4.1 to 4.3.1: Android Jelly Bean • Android 4.4 to 4.4.4: Android KitKat • Android 5.0 to 5.1.1: Android Lollipop • Android 6.0 to 6.0.1: Android Marshmallow • Android 7.0 to 7.1: Android Nougat • Android 8.0 to Android 8.1: Android Oreo • Android 9.0: Android Pie • Android 10 Many potential combinations • Each manufacturer “tunes” the Android release to suit #1 Keep up with updates Android Operating System Android firmware (Very vendor specific) Android Applications (Apps) Android settings
    [Show full text]
  • Response Data 910 14
    Count of Type Desc. Total [40 (DUMMY) DISPLAY PHONES] 1 [BLACKBERRY] 2 [CHARGER] 1 [COVERS] 1 [FLIPTOP PHONE] 1 [HC1] 1 [HDCI M8 MOBILE PHONE] 1 [HUAWEI] 1 [I PHONE 4] 2 [I PHONE 5] 2 [I PHONE 5C] 1 [I PHONE 5S] 1 [I PHONE] 1 [IPHONE 5 WHITE IN COLOUR] 1 [IPHONE 5S] 1 [IPHONE 6] 1 [IPHONE CHARGER] 2 [IPHONE CHARGERS] 1 [IPHONE PHONE CHARGER] 1 [IPHONE] 2 [MOBILE PHONE AND CHARGED] 1 [MOBILE PHONE BATTERY] 1 [MOBILE PHONE CASE] 1 [MOBILE PHONE FOR SENIOR] 1 [MOBILE PHONE] 16 [MOBILE TELEPHONE - UNKNOWN DETAILS] 1 [MOBILE TELEPHONE] 4 [MOTOROLA] 1 [NOKIA LUMINA 530 MOBILE PHONE] 1 [NOKIA MOBILE] 1 [PHONE CHARGER] 1 [PHONE SIM CARD] 1 [SAMSUNG GALAXY S3 MINI] 1 [SAMSUNG] 1 [SIM CARD] 2 [SMART PHONE] 1 [SONY XPERIA Z1] 1 [SONY XPERIA Z2] 1 [TABLET] 1 [TELEPHONE CABLE] 1 [TESCO MOBILE PHONE] 1 [TESCO] 1 [UNKNOWN MAKE OF MOBILE PHONE] 1 [WORKS AND PERSONAL] 1 1PHONE 4S 1 3 [3 SIM CARD] 1 3G 1 4 [I PHONE] 1 4S 1 ACCESSORIES [CHARGER AND PHONE COVER] 1 ACER 2 ACER LIQUID 1 ACER LIQUID 3 1 ACER LIQUID 4Z [MOBILE TELEPHONE] 1 ACER LIQUID E 1 ACER LIQUID E2 1 ACER LIQUID E3 1 ACTEL [MOBILE PHONE] 1 ALCATEL 6 ALCATEL [MOBILE PHONE] 3 ALCATEL ITOUCH [ALCATEL ITOUCH] 1 ALCATEL ONE 232 1 ALCATEL ONE TOUCH 6 ALCATEL ONE TOUCH [TRIBE 30GB] 1 ALCATEL ONE TOUCH TRIBE 3040 1 ALCATELL 1 ANDROID [TABLET] 1 APHONE 5 1 APLE IPHONE 5C 1 APLLE I PHONE 5S 2 APLLE IPHONE 4 1 APPL I PHONE 4 1 APPLE 11 APPLE [I PHONE] 1 APPLE [IPHONE] 1 APPLE [MOBILE PHONE CHARGER] 1 APPLE 1 PHONE 4 1 APPLE 1 PHONE 5 1 APPLE 1 PHONE 5 [I PHONE] 1 APPLE 3GS [3GS] 1 APPLE 4 3 APPLE 4
    [Show full text]
  • การแฟลช ROM เครื่อง Samsung Galaxy Tab ให้เป็น Android 2.3.3 Gingerbread (Cyanogenmod 7 Beta หรือ Cm7beta)
    การแฟลช ROM เครื่อง Samsung Galaxy Tab ให้เป็น Android 2.3.3 Gingerbread (CyanogenMod 7 Beta หรือ cm7beta) การเตรียมการเบื้องต้น 1) มั่นใจว่าได้ชาร์จแบตเตอรี่ของ Samsung Galaxy Tab ให้เต็ม 100% แล้ว 2) ดาวน์โหลดโปรแกรม Heimdall จากหน้าเวบนี้ -> Heimdall หรือดาวน์โหลดตรงจากลิงค์ https://github.com/downloads/Benjamin-Dobell/Heimdall/heimdall-suite-1.1.1- win32.zip และแตกไฟล์ Zip ที่ได้เตรียมพร้อมไว้ (หมายเหตุ: โปรแกรมนี้จะรันได้นั้นมัน ต้องการ Microsoft Visual C++ 2010 Redistributable Package (x86) หรือไฟล์ MSVCP100.dll ซึ่งหากในเครื่องของคุณยังไม่มีก็จะรันไม่ได้ เกิดข้อผิดพลาดขึ้น ก็ให้ไป ดาวน์โหลดมาติดตั้งซะก่อน ได้ที่ http://www.microsoft.com/downloads/en/details.aspx?familyid=A7B7A05E-6DE6- 4D3A-A423-37BF0912DB84&displaylang=en ) 3) ดาวน์โหลด CM7Gingerbread ROM for Galaxy Tab มา และแตกไฟล์ Zip ที่ได้เตรียม พร้อมไว้ 4) แน่ใจว่าไดร์ฟเวอร์สำาหรับเชื่อมต่อ Samsung Galaxy Tab กับเครื่อง PC ทางพอร์ท USB (เพื่อใช้งานโปรแกรม ADB) ได้ถูกติดตั้งไว้พร้อมแล้ว หากว่ายังไม่พร้อม ให้ทำา “การติด ตั้งไดร์ฟเวอร์ USB” ก่อน ตามในข้อหัวถัดไป หากพร้อมแล้ว ก็กระโดดข้ามหัวข้อถัดไป ได้เลย ไปสู่ “การแฟลช ROM” การติดตั้งไดร์ฟเวอร์ USB 1) ปิดเครื่อง Samsung Galaxy Tab ก่อน แล้วเปิดเข้าสู่โหมด Recovery (Download) ด้วย การกด 3 ปุ่มพร้อมกันคือ “Volume Down” (ปุ่มลดโวลุ่มเสียง) + “Home” + “Power” ค้า งไว้สักครู่หนึ่ง (2-3 วินาที) จะได้หน้าจอที่ขึ้นคำาว่า Downloading… ดังภาพ การแฟลช ROM เครื่อง Samsung Galaxy Tab ให้เป็น Android 2.3.3 Gingerbread (CyanogenMod 7 Beta หรือ cm7beta) โดย [email protected] เวบ http://androidth.wordpress.com 2) ต่อสาย USB เข้ากับ Samsung
    [Show full text]
  • Win Big with [Insert Open Source App Here] Win Big with Open Source
    Win Big with [Insert Open Source App Here] Win Big With Open Source Introductions Dave Nevala – Lukins & Annis Jerry Askew – Askew Network Solutions Win Big With Open Source No Licensing Headaches High Quality – peer reviewed Paid Support Available If you want a feature, add it! OSS can’t be discontinued or sold Win Big With Open Source KeePass – Password Manager Zotero – Web Research Manager 7-Zip – Fast Archiver Truecrypt – Disk Encryption PDF Creator Ntop – Network Analyzer Prey – Loss Prevention Win Big With KeePass What is KeePass? Password Management Database Strong Password Generator Hot-key login Obfuscation techniques Multi-platform Download for free http://keepass.info/ Win Big With KeePass Password Database Strong Encryption Can be opened with single password Win Big With KeePass Why KeePass? No need for PostIt notes, slips of paper, etc. Easy to have unique strong passwords Turn off auto form fill Win Big With KeePass Ports KeePassPPC & KeePassSD – PassDrop - iPhone/iPad PocketPC KeePassDroid – Android 7Pass - Windows Phone KeePassMobile - J2ME MiniKeePass - iPhone/iPad KeePassJ2ME - J2ME SyncPass - iPhone/iPad KeePassBB – BlackBerry iKeePass - iPhone/iPad KeePassBB2 – BlackBerry MyKeePass - iPhone/iPad Export to Keyring - Palm OS KyPass - iPhone/iPad KeePassX - Linux / Mac OS X Win Big With KeePass Share with multiple devices Portable version (run from folder) Keep database on flash drive or dropbox Win Big With KeePass Alternatives Last pass (requires to be online) KeePassX (requires to be online) 1Password (Mac and Linux)
    [Show full text]
  • Copyrighted Material
    38363ftoc.qxd:WileyRed 1/31/08 12:22 AM Page ix Contents Acknowledgments xxiii Introduction xxv Chapter 1 Control Your Email 1 Hack 1: Empty Your Inbox (and Keep It Empty) 3 Why an Empty Inbox? 4 Set Up the Trusted Trio of Folders 4 The Archive Folder 5 The Follow Up Folder 5 The Hold Folder 6 Process Your Messages 6 Keep It Empty 7 Your First Time 7 The Catch 7 Hack 2: Decrease Your Response Time 8 Process Messages in Batches 9 The One-Minute Rule 9 Respond to Task Requests — Before the Task Is Done 9 COPYRIGHTEDDon’t Leave It in Your Inbox MATERIAL 10 Hack 3: Craft Effective Messages 10 Composing a New Message 11 Determine Your Purpose 11 Use an Informative Subject Line 11 Be Succinct 12 Put Your Messages on a Diet 12 Facilitate a Complete Response 13 ix 38363ftoc.qxd:WileyRed 1/31/08 12:22 AM Page x x Contents Make It Clear Why Everyone Got the Message 14 Don’t Forget the Attachment 14 Replying to a Message 14 Respond to Individual Points Inline 15 Task Requests 15 Lead by Example 16 Don’t Respond in Real Time 16 Get Outside the Inbox 16 Know When Not to Say a Thing 17 Hack 4: Highlight Messages Sent Directly to You 17 Microsoft Outlook: Color Me Blue 18 All Other Email Programs: Create a Not-to-Me Filter 18 Hack 5: Use Disposable Email Addresses 19 Web-Based Public Email Addresses 19 Multi-Domain Email Addresses 19 Hack 6: Master Message Search 20 Search Criteria 20 Saved Search Folders 23 Hack 7: Future-Proof Your Email Address 25 Don’ts 25 Do’s 25 Bottom Line 26 Hack 8: Consolidate Multiple Email Addresses with Gmail 27 Receive Messages
    [Show full text]