Sunday, July 31, 2016

How To Join Whatsapp Group Sucessfully Using Invitation Links

Recently we talked about how to create a whatsapp group invitation link(s) but we didn't complete the article by tell Ing you guys how to join a whatsapp group using an invitation link. 

How To  Sucessfully Join Any Whatsapp Group Using Their Invitation Link. 

After an admin of a particular whatsapp group creates his or her whatsapp group invitation link and it was shared to you, all you do to join the group is followbrlow steps.

Step 1: Click the whatsapp group invitation link sent to You privately or through group chat.


Step 2: It brings apps to complete action. Choose Whatsapp and you will be automatically redirected to the group.


Step 3: You will be asked if you really want to join the group, click JOIN GROUP


And Your Invitation will be verifying by whatsapp using a opinion loading message just like screenshot below.


Step 4: Now You have already joined the whatsapp group successfully and will meet new friends.


Media, "Experts", too quick to assign responsibility for DNC hacks

I'd like to tell you a story. Its a story that doesn't particularly make me look very good. It was at a point in my career where I still had a lot to learn, and like many young people I thought I was smarter than I was. But its a true story and there is an important point to it, so I'm telling it here even at the risk of looking a bit like a schmuck.

To tell the story, we have to go back in time. The year was 2006. There were still movies in the theaters that didn't have a single comic book character in them. George W. Bush was still best known for destroying the middle east and not for his adorable stick-figure self-portraits. No one that worked outside of telecommunications or that didn't wallpaper their house in aluminum foil believed that the NSA was wiretapping everyone and everything. And I had just received a promotion.

I was working within the primary data center of an internet service provider. The company I was working for had a tiered engineering structure and I had just gone from Tier 1 to Tier 2. I would be making more money and accepting more responsibility in return.

A big part of that responsibility was investigating and resolving abuse complaints received by the ISP. Whether a company hosts servers, websites, emails or provides commercial internet service (this company provided all of the above) occasionally someone will do something on your network they aren't supposed to. Sometimes when someone does something naughty on your network, someone from another network notices. Maybe someone downloaded copyrighted material with P2P software and was caught: the copyright holder would send in a DMCA request. Maybe someone's website has been compromised and the hacker has started scanning the entire internet for a specific exploit; the admin of another network notices and sends an email begging to make the scanning stop. Or maybe someone has defrauded the company by using a stolen credit card and fake company details to sign up for a dedicated server, which in turn is used to send spam - one of the many IP reputation services send over an automated email sending examples of the messages. It had become part of my job to read these messages, investigate them where needed and determine how to handle them.

I was really excited about this promotion. When I was younger I had read books like the Cuckoos Egg; now that was going to be my life. But there was a problem: at this point I knew quite a bit about web servers, but not so much about email servers. I knew even less about the even-at-the-time out-of-date and incredibly-proprietary custom qmail cluster that provided an enormous chunk of this company's email. So I started reading.

I read every RFC that referenced the SMTP protocol. Then I read how no one pays any attention to that shit. I read all about qmail. I learned how to read email headers. I learned how to tell when headers were forged and some of the tricks spammers used. I handled my first few dozen cases well and closed them quickly. 

But there was a problem. The cases I came across lacked drama. It wasn't like the Cuckoo's Egg. Although in a few cases I might have been able to find out exactly who was responsible for hacking a server or setting up an illegal spam service, there was nothing I could do with that information. Even in the rare circumstance where the person was actually in the United States, what was I going to do? Call 9-11? Call the State Attorney's Office? Call the FBI or the Secret Service? Despite what you might read in the funny papers, law enforcement is not equipped to investigate or prosecute the vast majority of "cybercrime" cases. Victims have no one to call, local, state and Federal police don't want to be involved unless there is a political or regulatory angle, and the most simple hacking case is almost always a mess of jurisdictional SNAFU's. You think Bernie Fife knows how to get a warrant for those Ukrainian VPN logs? (He doesn't.) The fact is, when you read about a criminal computer crime investigation, you are essentially viewing a photograph of Big Foot. 

But I desperately wanted to be a White Hat Cyber Cop. I wanted to take down a Cyber Porn ring or a bunch of Russian mobsters (Russian Business Network was my Moby Dick). But that just wasn't my job. My job was help fix whatever had been broken, to make sure that my customers were able to safely resume doing business as normal, and to maybe make some recommendations to make the next hack a little harder to pull off without making everyone's life miserable.

One day I came across evidence that two servers owned by the same customer had been the source of a substantial amount of malicious network traffic. Somehow (this was a big network) this had been missed up to this point. It had been going on for months. These servers had been used to break into other servers on other networks; VPN tunnels would then be established and spam would be sent through the tunnels. Most of the time it looked like normal ssl traffic. 

The more I investigated the situation the more I became convinced this customer was not the victim of these attacks, but was responsible for the attacks. There was no smoking gun, but it in my mind everything in my mind pointed to the customer being the Bad Guy. I spoke to the technician who built the pair of servers for the customer, and the tech remembered the customer had a series of very specific, unusual requests for how the disks were supposed to be partitioned and for how the kernel was to be configured that was similar to how I had seen customers setup a server that could be immediately wiped of any incriminating evidence. I checked out the websites hosted on the servers. The main website - I will never forget this - was an incredibly bare-bones CMS selling decorative rocks. Geodes, crystals, that sort of thing. That might not be so weird for someone with a $2 a month webhosting plan, but this guy had multiple dedicated servers; most of the customers getting servers were insurance companies, universities, doctors offices, military contractors. And this guy. Selling rocks.

I sent the customer several warnings about the hacking; I gave him my best estimation of how he could lock down his server and told him he could hire us to secure it for him. The responses were spotty, and the hacking continued. Eventually, I made the case to management to cancel this customer's service. I was able to get them to agree to my assessment and the customer's account was canceled. 

It was almost immediately after that when I realized that I had completely misread the situation.

Sophisticated spammers know how to plan for having their service canceled. Its part of doing business for them. When they sign up for a 1 year contract they know they are only getting a few months of service out of it. Spammers have always been at the forefront of complex unattended installation, continuous data recovery, imaging and virtualization because they have to turn servers up fast and whenever the banhammer comes down they need to already be activating service at another provider. 

When you cancel a spammer's server, they might send an email in asking why they can't reach their host, and when you tell them they've been spamming they will never contact you again. They're prepared, so there is no point in further discussion.

But the customer with the rock website contacted us, and when we told him he had been spamming he was completely devastated. He sent multiple emails. He called everyone at my company he could. It was clear he had no backups, no plan B. The servers were his livelihood. He begged us to reactivate them, at least long enough to make a backup.

I knew I had made a mistake. I was able to work out a compromise in which we built out a new server to replace his two older servers and helped him transfer his data over safely. The story had a happy ending; the customer got a reduced monthly rate, my company got to reduce the power usage in the data center and keep its profit margin the same, and we stopped the hacking. But the happy ending isn't what's important here.

What's important is that I was wrong. When it counted, I was paying more attention to what I wanted to find than I was to what I could find. I made intuitive leaps based on reasoning that didn't support those leaps. I wanted to be Clifford Stoll. I wanted to impress my boss. I wanted to Get the Bad Guys. Perhaps more important than any of these things, I wanted to have The Answer. More compelling than my fantasizes of being a Cyber Cop was my fear of being incompetent. I thought that being competent meant always having the right solution. 

I could have done my job more effectively by taking more time to review the evidence, and spending less time trying to "connect" a handful of dots that didn't lead anywhere meaningful. Although the story had a happy ending, it could just as easily have had a terrible ending. What if the downtime I caused that customer destroyed his business? 

Over the years I have taken this experience to heart. I've become very reluctant to use intuitive leaps to justify troubleshooting or infosec determinations. Although computing provides us with a rare opportunity to work in a forum in which objective decision making is possible. There are right and wrong answers in computing; but there are also situations in which we don't have enough data to determine the difference between them. Its become easier for me to point out when there isn't enough information to resolve a problem (owning my own business has had no small part in this).

Alright, so that's the story. What on earth does all of this have to do with the DNC hacks?

Over the last week or so I've begun getting my hands on and reviewing the emails and attachments from the Democratic National Committee that have been leaked to the public by a shadowy figure(s) named Guccifer 2.0. This hack became international news beginning last month when the controversial "cyberwarfare" company Crowdstrike announced that the DNC had been hacked, and shortly afterward documents from the DNC began being leaked to a variety of different news outlets, from the Smoking Gun to Wikileaks.

From the very beginning of the DNC hack's injection into the news cycle, the blame for the incident has been squarely laid at the feet of Russian intelligence services. The Russian connection was established by Crowdstrike, who had been asked by the DNC to investigate a hack before the leaks began. Crowdstrike CTO Dmitri Alperovitch published a public report of the findings of their investigation, apparently at the behest of the DNC, in which samples of malware were provided that had links to other attacks that had already been attributed to Russian intelligence, like the compromise of the German Bundestag's network discovered earlier this year.

The attribution to Russian intelligence has gained steam over the last few weeks until we reached the point we are at now - where news outlets are now reporting the Russian intelligence attribution as fact. It is primarily this that I take issue with. Please note that it may very well be the case that Russian intelligence is behind all this. My concern is there is not nearly enough evidence to declare that attribution as fact without additional evidence.

Crowdstrike's report does not provide the required evidence to establish the attribution. Although the report provides a malware sample and a list of IP addresses associated with prior Russian intelligence-attributed hacks that Crowdstrike claims to have recovered through their investigation, these samples are provided without any form of context and in a format that makes it impossible for other researchers to attempt to replicate their findings. There is no explanation of how these samples were acquired. This is a bit like if your doctor told you that you have lung cancer, and as evidence offers you a picture of a cancer cell that's been cut out of a medical journal instead of, say, an X-Ray of your chest. The Crowdstrike report is an explanation of Crowdstrike's findings. It is not proof of Crowdstrike's findings.

There are a number of reasons why Crowdstrike would have opted the report in a way that cannot be objectively verified or peer reviewed. The first and foremost reason is that the DNC almost certainly asked them not to provide any information about their network. Another possibility (that is less defensible but I hear repeatedly) is that Crowdstrike would not want to reveal their "sources and methods".

And, to be fair, Crowdstrike provided their findings to two other companies - Fidelis, Mandiant and ThreatConnect - all of whom have apparently confirmed at least some of Crowdstrike's findings.

So I am willing to overlook the fact that Kurtz has a long standing history of making inflammatory accusations that are both demonstrably false and troublingly indicative of someone with little to no understanding of infosec. I am willing to overlook the fact that Crowdstrike's claim to fame was not for its skill in solving complex hacking investigations but for offering so-called "hack-back" retaliation services - a business opportunity that Crowdstrike was able to capture because their methodology was so ethically and legally questionable that no one else in the infosec community would have anything to do with it.

I am even willing to overlook the fact that Crowdstrike has corporate partnerships with the two out of three of "independent" companies that confirmed their findings.




Let's take for granted that Crowdstrike's report is 100% accurate and Russian intelligence services did, in fact, compromise DNC systems.

Even if we take that for granted, it still doesn't mean that the DNC email leaks can be objectively attributed to Russian intelligence. 

Those who have read the Crowdstrike (or Fedelis) reports may notice that there is a lack of any mention of the DNC's email servers or evidence of large-scale file retrieval. Its quite likely that these details were left out as part of the concerns I listed already - that the DNC hopes to profit from security-through-obscurity and prevent even basic information about their network from going public. Reporters eager to demonstrate the Russian connection have relied primarily on the @pwnallthethings Twitter feed, maintained by Matt Tait (who, apropos of nothing, claims to have been "an information security specialist for GCHQ").

Tait's Twitter feed has been used to bridge the gap between the Crowdstrike report and the DNC documents leaks by Guccifer 2.0. Tait's primary contribution was discovering that a number of the documents released by Guccifer 2.0 had been modified, and that the individual who made these changes was using a version of Windows with the Russian Language pack enabled. When reporters and bloggers say that "metadata" within the Guccifer 2.0 documents proves a Russian intelligence connection, this is what they are talking about.

In addition to this finding, journalists relied on retweets from Tait's Twitter account for confirmation of other findings, such as the Bundestag link, as illustrated here:
As I was reading through Tait's tweets and his subsequent blog guest posts, I saw myself 10 years ago, with the rock reseller. The DNC hacks significantly increased Tait's cache on social media, as can be seen here (the hack became public June 14th).

@pwnallthethings follower growth for July 2016
Just to be clear: I'm not alleging some sort of a conspiracy. I didn't accuse the rock seller of being a spammer because I hated him and wanted to get him. I went after him because it was a better story than the truth. It was more interesting than the truth. And there was evidence that confirmed my story, just as there is evidence pointing toward Russian Intelligence being behind the DNC leaks. Its just not enough evidence for us to claim it as a fact (yet).

Tait rejects the claim that his findings are influenced by bias:
Seems reasonable. But the trouble is that everyone is biased. I'm biased. You're biased. If you are human, and you have a subjective point of view of consciousness, you are biased. The way to handle this is not to deny it, but to account for it. I don't think Tait or the journalists who have used his findings as definitive proof that "Russians did it" have a bone to pick with Russia. Its just a damn good story. Who wouldn't want to be part of a spy novel?

Also, I use Tait here because the media has decided to rely on his findings so consistently, but he is not alone in transforming tenuous circumstantial findings into Objective Truth. Some of my personal favorites are:

   - Vice Magazine brought in linguists (I am very much avoiding the use of a hackneyed but still-amusing pun here) to analyze the transcript of an interview between a Vice reporter and Guccifer 2.0. Even the honey-picked quotes provided by Vice made it clear that nothing could be proved from these transcripts other than that Guccifer 2.0 likely used Google Translate, but the article has been used as further "proof" that Guccifer 2.0 is Russian and not Romanian.

   - The version of MS Office used to modify leaked files appears to be cracked. Cracked versions of Office are "popular among Russians and Romanians". Because no one anywhere else in the world pirates Microsoft software (certainly I don't - stop looking at my torrents).
This is just silly, but its taken as gospel by a media that is both hungry to spark a Cyber War and whose reporters frequently have the technical acumen of my 94 year old grandmother.

So before we wrap this post up lets quickly review the fallacies that are used to confirm the Russian Connection:


THE RUSSIANS HACKED THE DNC, SO THE DNC LEAKS CAME FROM THE RUSSIANS

This is the big one. As I said earlier, I am taking for granted that Crowdstrike's report is God's Own Truth, and that a pair of separate Russian intelligence services hacked the DNC and had access to the DNC's network for up to a year.

Even if we accept that Russian Intelligence hacked the DNC, it does not mean that Russian Intelligence leaked the documents. Let's consider some scenarios.

The number 1 reason why networks and servers are compromised is because those networks / servers are vulnerable to compromise. That's such an obvious statement it comes across as a tautology. But its not, and there are important consequences of this obvious statement. I am regularly called in to help companies that have discovered a breach in their IT infrastructure. Something that often happens is I find evidence of multiple compromises; either the victim is using multiple vulnerable software packages, or multiple parties have taken advantage of the same exploit, or the network was compromised a long time ago by a clever hacker who was able to maintain a presence on the network until some much-less-competent hacker came along and defaced a website or broke something.

One of the most compelling alternate explanations relies on a similar chain of events happening at the DNC. Russian intelligence had compromised the DNC for a long time using the sophisticated techniques described by CrowdStrike. The Russians stayed present in the network for a year in order to accomplish what intelligence services typically want to accomplish - compiling as much information as possible. Then, some knucklehead(s) named Guccifer 2.0 comes along and compromises an email server with the goal of accomplishing some hare-brained political goals known only to him/them. Guccifer 2.0, being a moron, sets off the bells and whistles that cause the DNC to contact CrowdStrike, who in turn discover the Russian intelligence presence.

There's other options. Remember that guy name Edward Snowden? Remember how he worked for a US intelligence agency? Remember how he leaked a bunch of documents to the media? Remember this other person Chelsea Manning? Remember how Chelsea released all of those cables that included detailed intelligence analyses of foreign countries? Remember how those documents had huge political implications in those countries, like maybe sparking the Arab Spring? The point is that leaks within intelligence services happen that aren't necessarily planned by that intelligence service. Those leaks can have devastating impacts on the elections of foreign countries. Here, Guccifer 2.0 is either a Russian intelligence employee or a hacker whose true target was Russian intelligence. Theres a few options within this option - Guccifer 2.0 as working for another nation hoping to influence the US election and increasing US/Russian tensions, Guccifer 2.0 as a Russian intelligence employee who has for whatever reason a *huuuuuuuuuge* (get it?) man-crush on Trump. Some of these options are crazy. But its no more crazy than the explanations of the Putin-Trump Axis of Evil floating through the media.


EVERYONE WHO SPEAKS RUSSIAN WORKS FOR THE GRU/FSB

It sounds silly when its put into words, doesn't it? But this is what the "metadata" and "language analysis" comes down to. Guccifer 2.0 is using Office with Russian language settings. Guccifer 2.0 is chatting the way a Russian would chat. ERGO Guccifer 2.0 is Russian. ERGO Guccifer 2.0 is really Russian Intelligence. I'm not sure how to explain how stupid this is, other than to just point out that, no, not everyone who speaks Russian is a GRU agent. Maybe visit Russia and meet some of them? There are some people who speak Russian who are butchers and bakers and candlestick makers. By golly, there are even people who speak Russian that don't live in Russia at all! I know, your mind is blown, right?


EVERY POLITICAL HACK IS STATE SPONSORED

Not every hacker is state-sponsored. Gee whiz, there are even *groups* of hackers who *cooperate* with each other and even *manipulate the media* and *lie about their identity* who are just teenagers somewhere. There is a rich, long standing history of teenagers playing such pranks. Kids have been hacking for longer and frequently using more sophisticated techniques than governments have. Some of the first government "cyber warfare" programs were just field agents who paid kids to hack for them and paid them in drugs. Really.

One of the most recent, well known examples of this is the lulzsec hacking group. lulzsec had a very pointed political agenda and targeted government agencies, law enforcement groups, media companies and others that opposed that agenda. The lulzsec political agenda did not fall into the binary Team Red / Team Blue archetypes that inform what passes for American political commentary, but it was there and it clearly was important to lulzsec and their supporters. Before the indictments began, there were plenty of rumors that lulzsec was state-sponsored.


If you've made it this far - congratulations. You're almost at the end. Let's wrap up.

Some companies tell us that there is evidence the DNC was hacked by Russian intelligence. That evidence hasn't been published. There is different evidence that Russian intelligence is behind the Guccifer 2.0 account. Most of that evidence turns out to be at best incredibly flimsy and circumstantial and at worst utterly irrelevant.

It may very well be the case that Russian intelligence is responsible for the DNC email leaks, but the fact remains that further investigation is required to confirm the identity of Guccifer 2.0. Attributing the attacks to the Russians before such an investigation can occur does an enormous dis-service. The Cold War actually completely sucked. We should avoid repeating that experience based on the flimsy BS that has largely informed the coverage of the DNC hacks up to this point.

Reporters never open infected Wikileaks attachments

Since I've published my findings on malware in the GI Files Wikileaks file dumps and my subsequent attempts to encourage Wikileaks to label such malicious content, I've repeatedly been told by a variety of "Security Experts®" that no one will open infected attachments from email file dumps.

I plan on writing a post on how assumptions about user behavior are frequently inaccurate, and how assumptions based on the behavior of Wikileaks researchers analyzing email dumps based on the typical behavior of normal email users is particularly prone to failure, but for now I'll just leave this here:

Saturday, July 30, 2016

524.dat & chrome_patch.hta [UPDATED]

    A few minutes ago I clicked a link to an article and I noticed something fishy. The new site attempted to automatically redirect my browser to this:


    This piece of garbage phishing page didn't even wait for me to be suckered by their super-convincing download link, and used a setTimeout() call to try to force my browser to download something called `9901224839027/1469890408944162/chrome_patch.hta`. 
    Here is chrome_patch.hta as it is seen in the wild:


    And here is chrome_patch.hta after we apply deobfuscation 101:


    As you can see, chrome_patch.hta downloads a .dat fie `17/524.dat` and creates an executable `g2924808f66985de3a9ad1e3d743e0d.exe` before providing victims with a reassuring "Update completed" window.
    I've been seeing similar versions of this same method to force users to swallow the 524.dat payload, like this:
    I've found some complaints as far back as a month ago. I'm going to try to get my hands on these and look a bit closer as time permits and post the results here. I can't promise it will be all that interesting though as this script was pretty artless & obvious. If anyone's already seen the payload please share! Thanks.

UPDATE: It looks like someone uploaded the payload to malwr last week. Their PE scanner is about as good as it gets for automated scanning. Just looking through malwr's list of registry keys it looks like the payload adds ~5 domains to Windows' URL Security Zones or as I prefer to call it the Circle of Trust:


HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option gets modified also, which is weird. This is the registry key that determines whether the next reboot will put Windows into Safe Mode or not. This could be an attempt to disable antivirus software and is a loud flashing sign that this payload is going to be a loud, obnoxious dick.

I also found a third version of chrome_patch.hta that is significantly different than the one I have and the other version I posted above; I think whoever is responsible for this is making some changes on the fly, or a few different people are tweaking it. The tweaks don't include changing the filenames (although some components have been removed in my version), and I've only seen it use two different domains to download from. Small potatoes.

ANOTHER UPDATE: I think I scared our hacker friend a bit. The domain name registration for the website used to host the phishing script & payload file has disappeared. Those files appear to have been removed from the server also, or at least taken offline or moved somewhere I cant find them. This is a pretty fast reaction from our hacker friend (< 24 hours from my post / reporting the issue to involved parties). It supports the idea I had earlier that hacker friend is actively developing this little project. If you're listening, hacker friend: why did you take your toys and go home?

Awooof : activate your New Smartphone and get 1GB free From Etisalat



Activating your New Smartphone
and get 1GB free From Etislat
Plus access to social media and chat app for 11month is a new offer from etisalat.  That is, I you will be given free awoof 1gb!, acess to social all social mediasand chat app for 11momth if you activate your nre smartphone.


HOW TO ENTER FOR THE OFFER

Step 1: Buy a new smartphone from either experience centre or open market. 


Step 2: insert an etisalat and activated sim in the smart phone.

Step 3: Look for the pin in the box or  offer sticker on the phone  box and  send  PIN to 8186. 
Or by dialing *8186*PIN# for all device bought in the open market.

Step 3b: For the customer who are going to buy the smartphone from the experience centers., the etisalat retail staff will activate the offer on your smartphone.

  If the subscriber is eligible, he or she will be grnated free 1GB of Data Valid for 30days.

FEATURED offer: 
Subscribers should also purchase 1000# worth of data every month so as to get free socialMe pak for the next month.

How To Fix Link To Blogger's Profile introduction and comment boxes

Have you been updating your blog profile introduction. But you need to fix your contact me Link in behind it or Have you ever been reading blogs and decided to comment? and In writing your comment, you found that you need to post a link. All you need is just follow below steps to fix links on anywhere on your blog.


How To Put Link(s) Anywhere in your Blog. E.g profile introduction and commemt boxes.

For Blog Profile Introduction go to > Blogger's profile >> Edit Profile >> Scroll down to see introduction of text box and put below HTML /JAVA SCRIPT CODE in it while writing

href="Your url/ link ">title

Be careful with these codes SÃ’ as not to encounter error while previewing. All Yoi do with the Html/javascipt code Replace the URL with the URL of the site you are linking to(horlartechs.blogspot.com) and
replace the Title with the title of the site(Horlartechs)
(example href="www.horlartechgist.ml">Horlartechgist done 
NB: don't leave a space between "and http.


And then, your preview will be HORLARTECHS, and when you click it, I it will link you thethe http url u fix before it (http://www. Horlartechs.blogspot.com)


You can also use above tutorial for the comment box. Just paste html/javascript code and fix the URL and title. With this a sure your link will be fixed. You can also use this tutorial while writing a blog style but it will take time.


Easy as pie. Now get out there and comment!!!

Friday, July 29, 2016

Fox News asked for my take on the DNC email dump

I was interviewed yesterday by Fox News science correspondent James Rogers. I was asked for my input on the distribution by Wikileaks of emails leaked from a Democratic National Committee email server earlier this month. The entire article, which includes quotes from a variety of infosec professionals, is now available here.

If anyone is interested I might post my complete conversation with Rogers, where I talk in more detail about how the unlabeled distribution of email attachments from compromised email servers poses unique dangers to journalists, activists and researchers whose job involves reviewing each of those attachments.

This article represents the most attention paid by US media to the significant dangers posed to Wikileaks users by the insecure review methodology in place prior to distribution of these files. Although major newspapers in Europe and the UK published my findings on malware within the GI Files, no major news outlets in the United States published those findings.

Download Syphon Shield v3.1.3 HandlerUI For Free Browsing

Sypon Shield Description 
Some of you that are having issues with other Psiphon VPN apps, you can try this new Synphonshield handler VPN Android app. It works like the Psiphon Pro Lite handler but with some advanced
interface and more options unlike the previous Synphonshied101.


This app is very useful for any
tweaker and you should have it as one of your tweaking app that will help you in time of need.



Psiphon VPN apps has been working and saving us from dryness of cheats since Simple Android Server started misbehaving on some cheats. Though Tweakware is working fine but you have to pay to get the best from it. As of now, Psiphon is the most trusted and free app for all free browsing tweaking and Synphonshied is just an upgrade to default Psiphon on your device.


WHY SHOULD I USE SYPHONSHIELD VPN?
==> If you are having difficulties with your normal Psiphon and other versions of Psiphon in your phone, just try Synphonshied as there is no harm in trying.


==> Synphonshield is light just like Psiphon Pro Lite handler therefore it consumes less of your phone
memory. It also doesn't make your phone lag like other versions.



CAN SYPHONSHIELD WORK TOGETHER WITH OTHER PSIPHON VERSIONS?
It will not be installed if you have other Psiphon app installed on your phone but it works with Psiphon Pro Lite handler. This means you can run the two Psiphon together in one phone.


FEATURES OF SYNPHONSHIED V3.1.3 HANDLERUI VPN APP
1. More new regions (countries) are added.



2. Is now have entirely new User Interface and blue background. Like above and below screeshot since ever.

3. It now have More Options Settings.



4. Synphonshied connects very fast like in Psiphon Lite ( not applicable to Etisalat 0.00 cheat)

5. It supports all browsing cheats including MTN BBLITED, blast, music plus, Etisalat socialme and
0.00.

6. It stablizes most disconnecting IP

7. Sometimes it remain connected after receiving a call. (Happens most on rooted phones).


8. Fast browsing experience with Syphonshield.

9. New beautiful icon added
Synphonshied can be the answer to your free browsing issues like constant disconnection and no
connection at all. I have not tested it with edge network to see if it will work because we all know
that Psiphon doesn't connect with edge network signal except 3g or 4g

Where Can I download Syphon Shield v3.1.3 HandlerUI Apk app?
Download Syphonshield version 3.1.3 handler - HERE
File Size : 6.19MB

How To Stop And Save Stress On Netloop And Simple Android Sever

This articles is not copied from any Site because all content on blog nowadays are copyright protected. This article teaches you how to save stress and time while Configuring  your Netloop vpn.


Netloop vpn is a stressful vpn jus like tweak ware. There are many settings embedded in the netloop and some people find it difficult to even download. And also this is onr of tye reason people prrefare psiphon than Netloop Simple Sever. 


Settings embedded in psiphon are as below : 


• Front Query
• Back      "
• Remove Port
• Proxy Sever
• Real proxy sever
• Real proxy host
• Childlock

And when you move to more settings you will find below.
also featured in Psiphon.

+ Sounds: tick or untick
+ Viberation: tick or untick
+ Connect Through An Http Sever
-+Use system network settings
•Use following Settings
- Host address
- Port
+Use Proxy Authentication
•Proxy Usernsme
•Proxy Password
•Proxy domain .

I can say all this settings above are easier than Netloop vpn settings below.

Settings embedded in Netloop Vpn are as below :



Connection mode : Local sever or Vpn mode.
Connection Settings: this is where the main settings are and if you make any mistake, you aren't done yet. Here also you will choose Tweak Types be it Injection, Host replacement, Queries and the Queries +Host.

And also inside each tweak type, ther are still other setting configurations in it. That are more important. For example the Queries, you will find Front Queries and Back Queries. 
Which is very important while configuring your netloop.

Vpn settings and Local sevrer settings are also featured in Netloop Sever. But all this are stressful to start configuring.

Do you know that you can save stress and time when configuring Your Netloop sever?. Check beloe Layouts

How To Stop And Save Stress On Netloop And Simple Android Sever. 




This helps you to configure Your Netloop Sever in just few seconds.

Requirements
Xender : This is a app for sharing all file. Any file as i said. Download Xender app for a android HERE.  

Netloop : You also need netloop to get this configuration sucessful. Download Netloop sever for Android Here.

You needed above apps to get started. So after you have downloaded these apps follow below steps to get save your on Netloop Configuration.

Stage 1
Get a friend's Phone where he has all the settings you need.  To view settings, Launch the netloop installed in your friend's device (you can only do this if yiur friend has a settings you need not an empty stomach settings) and Tap the EYELOOK button at the top of your Netloop Sever. Then this will view the settings like below.


After that,  click the 3 short horizontal lines at the left Top screen of the Netloop.


Here, a page will slide from left. Click "Send Cong" and Then choose Xender  the complete action by sending the configuration settings as cong file to your phone using Xender.



Now when done sending the file to your own device, the file will be stored in Sd Card >> Xender >> "Others" folder 


=======================================================================================

Stage 2
Lauch your own Netloop Sever.
Click the 3 short horizontal lines at the left Top screen of the Netloop.


Here, a page will slide from left. Click "Load Cong" and locate Others in your Xender folder 

Click The Cong file sent to you by friend.




Your cong file will loaded on Netloop deck and now, you have saved stress by going all the way round clicking settings in the Netloop sever.



Recommended For You 
Label : Tutorials/ How Tos 

How to Use Your Android Device as a Mouse, Keyboard, Joystick and More

See How To Add Recycle Bin To Your Android Device Using ES File explorer

Method To Create a Virus That Disable All Hard Disks

Label : Vpn Apps 

✔ Download Psiphon Pro v134 Latest [Subscribed] Apk App

✔ Latest NetLoop VPN Premium v5.0.3 APK For Andriod Now Launched Download Now!

✔ Download Gurusnizkid Handler vpn for 2016 free browsing Tweaks


Join thousands of HorlarTechs member gettings our trending articles for free.

Thursday, July 28, 2016

Google labels wikileaks.org a dangerous website

Five days ago someone on Hacker News pointed out that Google's Safe Browsing system labeled Wikileaks.org a "dangerous site".

At some point the Google warning was rescinded, however Google continues to (accurately) point out that pages within Wikileaks.org will "install malware on visitors' computers".

I've been contacted by many companies over the years who have discovered their web server was compromised after receiving a warning from Google's Safe Browsing system. What I have never seen before is Google labeling a website safe while that website continues to host malware. Has anyone else seen this before? Does anyone at Google confirm this was algorithmically determined behavior and not manual intervention on the part of Google? What possible justification could there be for labeling a website safe that hosts malware?

When I first found malware in content hosted by Wikileaks last year, one of the most frequent negative responses I received was that it is not Wikileaks responsibility to inform their users they host malware and that users should just know to take extreme security measures when reviewing Wikileaks files. Here's another question: if your bank's website hosted malware would you find this same excuse acceptable? If you think we should give Wikileaks a pass but not a bank, what reasoning is this based on? Wikileaks users, volunteers, independent activists and journalists run real risks when reviewing Wikileaks file dumps. Why do we demand more effort be put into making sure some kid doesn't zap a few hundred bucks out of our checking accounts than making sure a reporter isn't imprisoned?

Wikileaks should make some effort to identify malicious software within their filedumps, label infected files, and take more proactive steps to inform users of the risks of handling these files. I would be happy to volunteer to assist with any of these tasks, as I am sure hundreds of other competent infosec professionals. Meanwhile, organizations like Google should stop giving Wikileaks' retrograde operational security a pass. It is exactly because the work that Wikileaks performs is valuable that its worth making the site safe for users.

Wednesday, July 27, 2016

All the Disney Movies Coming out in 2016 You(r Kids) Don't Miss!

Summary : This article is released under the Disney banner. For a broader list of Disney films, see Lists of films released by Disney. Also can converter their movie trailers and watch them offline on the go! 

 
Walt Disney, Marvel, Lucasfilm, and Pixar studios have brought us 12 (Disney) films and soon after Walt Disney releasing the last but biggest bomb of Star Wars: The Force Awakens, Disney just officially laid out its movie schedule through 2016, still no lack of animated films, superheroes, sequels etc. In this article, a full Disney movies 2016 lineup will be shared, movie release date, movie review/plot and DVD release date included. you can download in the internet, then take this files or DVD disc with a converter to playback on you other device. 

This is a list of films released theatrically under the Walt Disney Pictures banner about Disney Movies. 

 

1. The Finest Hours 


Release Date: January 29, 2016 
DVD Release Date: May 17, 2016 
Genres: Drama, Action, Thriller, History 
Rated: PG-13 
Plot and More: A t-2 oil tankers with many sailors are suffering a huge storm near New England coast named nor'easter, and they cannot do distress call at all but only save life by themselves. Although Coast Guard ship finally goes there to do this treacherous rescue misson, the rescuers all face a tremendous challenge ... Actually, this Disney's 1st movie out in 2016 is based on a real-life story called Pendleton rescue happened in February 1952. 

 

2. Zootopia 


Release Date: March 4, 2016 
DVD Release Date: June 7, 2016 
Genres: Animation, Action, Adventure, Family 
Rated: PG 
Plot and More: It's all in peace in the metropolis of Zootopia (utopia for animals). But when rabbit police officer Judy Hopps arrives, she finds things are not as simple as she thought. In her first proving-herself case, she has to team up with a fugitive crook fox, Nick Wilde (the protagonist, also the Disney's brand new animated feature) to solve the case... Shakira's new single "Try Everything" is featured in Zootopia movie, whose style is much like her previous hit songs with much drums and chorus. 

 

3. The Jungle Book 


April 15, 2016 (the same day with SRK's Fan) 
DVD Release Date: Not Announced 
Genres: Adventure, Drama, Fantasy 
Rated: PG 
Plot 
and More: Little black boy Mowgli is an orphan brought up by wolves. As he grows up, he feels about the unfriendly of other animals in the jungle. After being threatened by an awful tiger, Mowgli leaves the home jungle and begins his self-discovering travel, during which he comes across various creatures. The Jungle Book is a 3D live-action adventure film from Disney and also one of the best 2016 spring movies. It's directed by Jon Favreau, drawing from a same name fairy tale. 

 

4. Alice Through the Looking Glass 


Release Date: May 27, 2016 
DVD Release Date: Estimated September 2016 
Genres: Adventure, Family, Fantasy 
Rated: PG 
Plot and More: After years of voyage overseas by following his dad's steps, Alice is now coming back to London. While on the way back, she runs into a mysterious world of Underland through a magical mirror. As time dates back, Alice must do something to help the Mad Hatter... As the sequel of 2010 Disney movie Alice in Wonderland, this Disney movie gets many hit stars together, including Anne Hathaway, Johnny Depp, Mia Wasikowska and Helena Bonham Carter. Days after the releasing, Just Like Fire song from P!nk, which she also perfomed at 2016 Billboard Music Awards, soon debuts on Billboard Hot 100 Chart, UK Singles Chart Top 100 and iTunes top music downloads chart. 

 

5.Pete's Dragon 


Release Date: August 12, 2016 
DVD Release Date: Not Announced 
Genres: Adventure, Family 
Rated: PG 
Plot and More: Pete is a 10-year-old orphan and tries best to seek refuge from his insulting nursing parents with his friend Elliott, who becomes a dragon by chance. In fact, this movie was originally produced by Disney in 1977 and this time the remake will certainly bring fans a lot of spotlights. 

 

6. Moana 


Release Date: November 23, 2016 
DVD Release Date: Not Announced Genres: Animation, Adventure, Comedy 
Rated: Not Rated Yet 
Plot and More: The talented young voyager Moana sets his sail to explore a mythological islet. What beyond her expectation is that she meets her Mr.Right, the legendary demi-god Maui, on the adventure. This animation is different from other Disney movies 2016 or other Disney animated films, because it's the first time for Disney to feature black Polynesian princess. 

2016 Disney Movie Ripper to Other Devices 

Classic Disney movies are those that can be appreciated repeatedly, but it's impossible to go to cinema and internet all the time. The best way to enjoy Disney animation, superhero and other movies is to purchasing legal movies, and then backup/rip Disney movies for personal use only with Disney copy protection movies ripper - Pavtube Video Converter Ultimate 

Windows 

  

Mac 

  

Simple Steps: 

1. Click "movies files" to load files content. 

2. Choose an output profile according to your needs, any mainstream media formats and devices like MP4, MKV, H.264 AVI, MOV, MPEG, MP3, DVD video, iPhone 7s/6/5Plus, iPad mini 4/Air 2, Samsung Galaxy note 7/5, Galaxy S7/S6, HTC, Sony, PSP are included. 

3. Converter 2016 Disney movie ripping/backup 

Related Pavtube Software 

Pavtube ByteCopy : The best Blu-ray/DVD to Lossless MKV solution, is a powerful program with the ability of backing up Blu-ray/DVD collection to multi-track MKV without quality loss, ripping BD/DVD movies to MP4 and MOV with multiple audio streams, and converting BD/DVD from hard discs to virtually any popular video and audio format so that you can freely watch movies on Apple iOS devices, Android OS devices, Windows RT/Pro devices, HDTV, 3D TVs, PSP, PS4, PS3, Plex, WDTV Live, Roku 3 and more devices. In recent update, ByteCopy can support ripping Blu-ray/DVD movie to H.265/HEVC MP4 with better video quality compared to H.264 MP4 in same profile presets. At the meantime, this multi-track Blu-ray/DVD converter can be considered as a user-friendly movie editing tool with the professional functions to trim, crop, merge, insert subtitles, export srt/ass/ssa subtitles, add video effects in the destination movie. 

Pavtube BDMagic : Convert 2D Blu-ray, 3D Blu-ray and standard DVD to SD, High-Definition formats or even create 3D videos with excellent video/audio quality in fast conversion speed. This BD/DVD to video workaround could output various video and audio formats, like H.265/HEVC, MKV, MP4, MOV, DivX, AVI, MP3, FLAC, etc so you can make a duplicate copy for your video collection, or share movies on numbers of popular media players,like Apple media devices, Android smartphones and tablets, Windows media players, various smartphones and more. Besides, you can easily customize Blu-ray DVD collection to export desired movies in your own patent. 

Pavtube DVDAid : Provides the best solution to rip DVD and convert DVD to video and audio in popular file formats for many devices. Along with multiple practical bonus features like video editor, DVDAid is capable of improving your DVD movie experience without location or time limitations. It could backup DVD and convert DVD to various video and audio formats including MP4, MKV, MOV, AVI, WMV, MP3, AAC, etc to let you enjoy DVD movies on any mobile device like iPhone 7, iPhone 6 Plus, iPad Air 2, iPad Mini 3, Galaxy S7, Galaxy S6 Edge, Kindle Fire HDX, PS3, PSP, Surface, and more. Surprisingly it adds H.265/HEVC as output video format in order to satisfy users who ask for high video quality. 

Please feel More movies Reviews to share this tutorial 


Movies
Plot and More
Finding Dory Rip 3D Blu-ray to Smart TV supported formats, you don't need to consider the region codes of your commercial BDs. Enjoy “Finding Dory” at home. 
Ben Hur View “Ben Hur” - DVD to Phone (Android, Apple, Microsoft, BlackBerry)
The Secret Life of Pets As the summer heat wave in each cell, you will feel enjoying “The Secret Life of Pets”blu-ray movies on Smart TV programs at home more comfortable that outside.
Pete's Dragon In Summer movies coming, take “Pete's Dragon” movies DVD and convert it 3D/HD/4K formats.
Ice Age In 2016 Summer Holidays If you want some quiet space, why not add some kids movies to your kids in NAS, VR Headset, Tablet... Those to make your kids enjoy?
Zootopia Backup Zootopia DVD Movies for Kids at Summer Holiday
X-Men Copy Blu-ray files to SBS 3D Videos for TV Playback and almost any other popular, standard video formats on Windows and Mac.
Harry Potter Complete Harry Potter Blu Ray and DVD collection
Game of Thrones Ripping Game of Thrones the popular epic themed series to your Cloud Storage, avoid your DVDs slightly damaged or even lost. 
Horror Movies Take a look at the list of best horror movies to watch on 2016 and follow the tip to watch and share horror movies in this spooky day with family. 
Reviews
Plot and More
Action Movies Backup 2016 Summer Action Movies for Watching When Camping
Pixar Movies Preview the best Pixar movies list 2016 here to free download upcoming best Pixar animated movies online.
Cartoon DVD If you're not going for one DVD tool to converter summer movies. More kids tablets on movies. The options that you want to go for a kids tablet intended for kidst use. 
Hollywood Movies Top 2016 Summer upcoming Hollywood movies reviews
Movies Reviews During the hot summer holidays months coming, there’s already been a lot for movie buffs to talk about of 2016 summer movies 
Summer Movies Below you will see top free movie websites for watching online movies and TV shows. Hollywood or Bollywood movies
All DVD Movies The most powerful DVD tools of Summer movies

Related articles