Tech
Security Issues with Twitter App’s in Android
Aug 24th
I recently bought a HTC EVO 4G , and as usual configured my twitter account with default HTC peep.
as a security prone person, i checked my mobile wifi connection using ARP sniffer ( ettercap ) and turned out that HTC peep is connecting to twitter and twitimg with plain text authentication ( showing my username and password to the public) . Its not even connecting to Twitter API with https .
So i decided not use it and moved to a better alternative ( hope so ).
Its Twitter app for android.
and did the same test. Its also not connecting twitter api using https. its also sending plain text password.
Now I have couple of doubts .
1) Am i doing any thing wrong?
2) Is it only for me ?
3) What is an alternative ? ( all i know is to use usual twitter web based site i.e. mobile edition with https)
How do this comes under security issue?
Well, here is a scenario. If you are using your phone on a public wifi hotspot , and some hacker is eavesdropping on the wifi packets. and if he is well enough to turn on ARP Scan.. then boom your twitter username and password will be shown. Now What he can do with this information?. There are couple of ways he can use this information, he may social engineer your password and use to grab access to your other online life ( recent studies show 70% plus people use same passwords for their online use) or may be he can use your information to gain the friends list. We won’t know any thing ( I don’t think twitter has a way to detect different IP loggings .)
So i am looking for the answers and more ways to find a solution.
If you are an android user and use any application, make sure you are not leaking any information un knowingly.
ARRL certified Volunteer Examinar
Aug 6th
Today, I received my Volunteer Examiner ( VE) Certificate along with Identification Card from American Radio Relay League ( ARRL).
Officially General Class
Jun 25th
I am happy to announce that, FCC updated the ULS Database with my new certification ” General Class” .
Uhuuu..
For more information , Click here
Aced General Class Exam
Jun 18th
Yesterday, I aced general class exam for ham radio . eagerly waiting for the FCC to send me the official copy.
Now i can operate HF ( High Frequency) rigs. Pch.. they are too costly
Upgraded to WordPress 3.0
Jun 18th
Just upgraded my blog to WordPress 3.0..
changed tools options, upgrade options, dashboard tab..
I started liking it.
404 in pratyush.in
Oct 28th
as you all know, i asked how should i put a http-404 in my site . i got an idea.
I made a video on youtube says 404-pratyush.in and placed in my 404 .(i placed autostart and loop).
Yes, I know its funny but i am making it more funnier.
Hope you like it.
404-pratyush.in in Youtube
I have Google Wave Now
Oct 28th
I am happy to tell you that I have google wave now. Thanks to Vamsi K Karamsetty for referring me
and Google for giving me access.
If you don’t have a google wave account, you can request one at http://google.com/wave
Happy Waving .
I am Now Using Flock
Oct 4th
I am now using Flock ..
A good social networking interactive website.
Need to explore more ..
Happy Flocking everyone
Global Internet Village : Youtube Symphony
Apr 15th
Internet Revolution as a Global Unity can be viewed from Youtube Symphony.
Kudos to the idea and it was very nice composition…
Hope Everyone realize , How unite we can be via Internet ?
Digital Divide and Digital Unite are the areas that needs attention.. Hope Web 2.0 Advancements break the Digital Divide and Unite us.
I am Standing for Digital Unite, What say you ?
I am Pratyush Kotturu. Owner and Blogger at pratyush.in . I am An Ethical Hacker, Robot Enthusiast, Freelancer and an Amateur Radio General-KE5YQZ. I love Gnu/linux and much more. Presently i am doing Ph.D. in Educational Psychology at Texas A&M University - Commerce. My primary interests are Computers,Cognition,Art and Nature..
