We have had some news on an sms scam thats now starting to go around involving a redirect to the Meteor Mobile account login,this will ask you to fill in your credentials on a false page trying to imitate the meteor login and then redirects you to interflora which is a real website..
We have spoke to interflora ourselves and they have confirmed this is an ongoing issue and they are looking into it immediately.They have initially thought it was a random sms sent that a current customer sent by mistake,this is not the case.We also informed Meteor.
You will get an sms stating you have been sent flowers and requested to follow a link to your meteor login page ,here is what the page looks like which is badly rendered.
Here is what the proper meteor webpage really looks like where you enter your login details
For security reasons we can’t publish the full contact number but it begins with 085 ,we also rang this number and they have told us they have had several calls about this,the number was probably just picked at random.
With the market becoming more competitive it can be an annoyance to sift around websites to check out the best deals for you and tailor your own package,tailored packages need to pushed more again giving the customer another bargaining tool and making life that bit simpler when it comes to choosing a plan for what they need.
There is many plans out there now and they may suit some and may not suit others.this is why many people now are moving back to pre pay as there is better offers there to suit needs with the comfort of knowing they can top up should they need to at any stage during that period which is normally 30 days.
KILL BILLER.
What is it and how can it help you.
KillBiller uses your call, sms, and data usage records to find the mobile plan that best suits your specific usage pattern.
Find out how much you could have saved by switching to a different mobile plan in Ireland. Our sophisticated algorithms take into account which networks you call the most to find the best plan to you!
Bill-pay plans are included for major Irish networks, including Vodafone, Meteor, O2, eMobile, and Tesco.
There is more support on the way for other network we where told by the developers.this will be a great idea and maybe with all the new MVNOs coming soon these will be also added..
If you are currently using the app,over time this monitors your usage so if you are moving to another network you can work out the cost have info at hand and see if there is a better alternative for your needs this will be quite useful and save time searching websites as this will do all the calculations for you.
The app now currently supports any Android app and will soon be on iOS its also working on the pre pay plans that are available in ireland which will be an added bonus as there is so many offers there today but kill biller is tailored for the irish market and also your needs.
We have spoken to Shane ourselves and there is lots of hard work going on in further development of the app for its users.Keep up the good work…
Coverage today is a priority with your phone or tablet be it indoors,outdoors or travelling so we need to know where is hot and where is not,for me an app like this is vital not only knowing if bad coverage is on my trip but knowing where it is ,is another story i like to stay in places where i have good coverage especially if im there for a few days and need to work from my laptop,tablet or phone,and i never rely on hotel or free wifi in most cases its poor or restricted.
What is FREQ.
Because it’s all about you, not about general table rankings or general naming and shaming.
We analyse your mobile performance, establish patterns and highlight your problems with operators to help improve your daily network. We also show the best and the worst parts of company phone networks, indoors and out.
Based in Ireland, our team of engineers, network planners and data scientists have decades of expertise in design, build and operations with operators and network suppliers all over the world.
Its early days, and the feedback is excellent – so download the app. Help build the right-for-you network.
FAQ – FREQ
What are the chances I will get a good connection? Thats how to think of your FREQ score. 0 to 100%. A single number that simplifies a complicated situation. Can your network deliver the response you need in the time you need it? Based on our findings we score your network, phones, buildings or locations and deliver the forecast you need.
So What?
By knowing your FREQ score, you will have a more accurate reading of your phones actual performance compared to the bar method we all use currently. If you answer yes to any of these questions then you need FREQ:
Have you ever had your phone display a five bar reception, but all you get is one star performance?
Do you find it hard to be heard amid all the competing offers….free minutes……unlimited calls….all you can ‘eat’ data and texts?
Do you want a voice for what your network should deliver – in the places you spend most of your time?
What do I have to do?
It’s easy and straightforward. Simply download and install the app. The app works in the background measuring when the signals change and reporting the results to our database for analysis. Daily forecasts are available on the site – we will be posting them on the app in a coming release. Right now we are building our results and we need your help!
How much does it cost?
For you, the user, it’s free. If you are in a company and want a detailed analysis of how all the operators are performing in your building, for remote workers or those on the road – contact us.
How does it work?
Whenever coverage fluctuates we record the changes, the technology used and how well the network responds. Based on this we calculate a network score. Based on this score we can rank the network. We call it the FREQ score. We want this to become the standard measure for your network experience, and for how to compare phones, networks and operators.
Are you spying on me?
Never. We do not record your number, your site data or any other personal data. We do not record any information about who you are or what sites you visit.
We record which network cell sites are use, and the approximate location. If GPS is enabled then the location of the phone will be recorded when the coverage changes. There is absolutely no way to tie this back to a user based on the uploaded information.
We are only interested in signal strength and network quality – we have zero interest in the sites you visit, your calls and your content. They are just not interesting to us –now or ever.
Will it use my battery or data?
We only take readings when the coverage changes, we then analyse and send results so there are no major battery drains, especially as it stays the background. The data traffic is typically less than 100K per day and we e include a ‘wifi only’ option for the fat-free, zero add-on mobile data plan. GPS should be switched off in order to minimise the battery drain.
Who are you?
We are a group of network experts who have spent the last decade designing and operating mobile networks all over the world. We believe in Total Mobile – streaming, dreaming, buying, selling and living our life online, everywhere, anytime. We love data analytics and cloud computing, and believe that these type of crowd measurements can help everyone build a better mobile environment.
So in a nutshell these guys have it all covered and we wish them the best in the further development and hope to see it on more platforms soon..
Aldi is no stranger to most people in Ireland now with bargain food items alongside other goods, have had a tablet before and this year they are now entering the smartphone market with a budget device to boot.
The device launches on the 7th August and will attract some interest as to what the device will offer for its €99.99 price tag.
Looks nice at first glance with its key points standing out ,lets have a look at its specsheet.
4″ touchscreen (480 x 800 pixels) with 16 million colours
Android™ 4.0, Ice Cream Sandwich
2.0 MP integrated digital camera with fixed focus, video function and digital zoom
4GB internal memory and 4GB micro SDHC Memory Card included (expandable to 32GB)
512MB RAM working memory for great performance even when multitasking
1300 mAh Li-ion battery – quick charging for up to 180 minutes’ talk time and 130 hours’ stand-by
GPS, FM radio, MP3 player and video player
WLAN (802.11 b/g/n) and Bluetooth® 2.1
Dimensions: approx. 66 x 124 x 12mm
Weight: approx. 121g.
Some nice some not but for 99 euro its what you get for the price,it wont be a contender as such in the market nor will it compete with other handsets priced in the same range but nonetheless its not bad for what the price is..
Aldi have already announced the new smartphone that is also launching this Thursday the Medion smartphone,now they also have a quite cool tablet to offer as well which would be a great gift idea for kids and also a learning tool for those smart minded kids which most seem to be today,they like tech and some are very very smart too.
Security in mind..
Internet security is a priority, that’s why this tablet is great for kids. With its child-friendly junior operating/safety mode and password-protected parental mode, you can add and delete apps and user modes as your kids grow – perfect!
Features in junior mode
Protective cover made from extra-thick, non-toxic silicone
Junior operating/safety mode:
– Time and date limitations
– Whitelisting: Specify accessible web content, videos and photos
– Define the usage of apps as well as their content
– Child friendly apps pre-installed
– Automatic start in junior mode
Pre-installed apps: video player, picture viewer and drawing pad
Features in Lifetab mode
Razor-sharp HD multitouch display (1024 x 600 pixels)
ARM Cortex A9 (1.6GHz) quad core processor
Wi-Fi 802.11n connectivity
0.3 MP front and 2.0 MP rear camera
8GB DDR3 RAM memory
Li-ion battery that lasts for up to 6 hours1
Built-in speaker
Micro USB 2.0 with USB host function, micro SD/micro SDHC and micro SDXC memory card connections
If you are an Android user you need to read this..
Bluebox reports this today..
Every Android application has its own unique identity, typically inherited from the corporate developer’s identity. The Bluebox Security research team, Bluebox Labs, recently discovered a new vulnerability in Android, which allows these identities to be copied and used for nefarious purposes.
Dubbed “Fake ID,” the vulnerability allows malicious applications to impersonate specially recognized trusted applications without any user notification. This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM.
Implications:
This is a widespread vulnerability dating back to the January 2010 release of Android 2.1 and affecting all devices that are not patched for Google bug 13678484, disclosed to Google and released for patching in April 2014. All devices prior to Android 4.4 (“KitKat”) are vulnerable to the Adobe System webview plugin privilege escalation, which allows a malicious application to inject Trojan horse code (in the form of a webview plugin) into other apps, which leads to taking control of the entire app, all of the apps’s data, and being able to do anything the app is allowed to do. Android 4.4 is specifically immune due to a change in the webview component (the switch from webkit to Chromium moved away from the vulnerable Adobe-centric plugin code).
Users of devices from specific vendors that include device administration extensions are at risk for a partial or full device compromise by malware. The 3LM device extensions (temporarily owned by Motorola and Google) are present in various HTC, Pantech, Sharp, Sony Ericsson, and Motorola devices – and are susceptible to the vulnerability as well.
Other devices and applications that depend upon the presence of specific signatures to authenticate an application may also be vulnerable. Essentially anything that relies on verified signature chains of an Android application is undermined by this vulnerability.
How it works:
Android applications are typically cryptographically signed by a single identity, via the use of a PKI identity certificate. The use of identity certificates to sign and verify data is commonplace on the Internet, particularly for HTTPS/SSL use in web browsers. As part of the PKI standard, an identity certificate can have a relationship with another identity certificate: a parent certificate (“issuer”) can be used to verify the child certificate. Again, this is how HTTPS/SSL works – a specific web site SSL certificate may be issued by a certificate authority such as Symantec/Verisign. The web site SSL certificate will be “issued” by Verisign, and Verisign’s digital identity certificate will be included with the website certificate. Effectively, the web browser trusts any certificate issued by Verisign through cryptographic proof that a web site SSL certificate was issued by Verisign.
Android applications use the same certificate signature concepts as SSL, including full support for certificates that are issued by other issuing parties (commonly referred to as a “certificate chain”). On an Android system, the digital certificate(s) used to sign an Android application become the application’s literal package “signature”, which is accessible to other applications via normal application meta-data APIs (such as those in PackageManager).
Application signatures play an important role in the Android security model. An application’s signature establishes who can update the application, what applications can share it’s data, etc. Certain permissions, used to gate access to functionality, are only usable by applications that have the same signature as the permission creator. More interestingly, very specific signatures are given special privileges in certain cases. For example, an application bearing the signature (i.e. the digital certificate identity) of Adobe Systems is allowed to act as a webview plugin of all other applications, presumably to support the Adobe Flash plugin. In another example, the application with the signature specified by the device’s nfc_access.xml file (usually the signature of the Google Wallet application) is allowed to access the NFC SE hardware. Both of these special signature privileges are hard coded into the Android base code (AOSP). On specific devices, applications with the signature of the device manufacture, or trusted third parties, are allowed to access the vendor-specific device administration (MDM) extensions that allow for silent management, configuration, and control of the device.
Overall, this is an appropriate use of digital signatures in a system that supports the notion of PKI digital certificate identities. However, Bluebox Labs discovered a vulnerability that has been relatively present in all Android versions since Android 2.1, which undermines the validity of the signature system and breaks the PKI fundamental operation. The Android package installer makes no attempt to verify the authenticity of a certificate chain; in other words, an identity can claim to be issued by another identity, and the Android cryptographic code will not verify the claim (normally done by verifying the issuer signature of the child certificate against the public certificate of the issuer). For example, an attacker can create a new digital identity certificate, forge a claim that the identity certificate was issued by Adobe Systems, and sign an application with a certificate chain that contains a malicious identity certificate and the Adobe Systems certificate. Upon installation, the Android package installer will not verify the claim of the malicious identity certificate, and create a package signature that contains the both certificates. This, in turn, tricks the certificate-checking code in the webview plugin manager (who explicitly checks the chain for the Adobe certificate) and allows the application to be granted the special webview plugin privilege given to Adobe Systems – leading to a sandbox escape and insertion of malicious code, in the form of a webview plugin, into other applications.
The problem is further compounded by the fact that multiple signers can sign an Android application (as long as each signer signs all the same application pieces). This allows a hacker to create a single malicious application that carries multiple fake identities at once, taking advantage of multiple signature verification privilege opportunities to escape the sandbox, access NFC hardware used in secure payments, and take device administrative control without any prompt or notification provide to the user of the device.
For the PKI & code savvy, you can see for yourself in the createChain() and findCert() functions of the AOSP JarUtils class – there is a conspicuous absence of cryptographic verification of any issuer cert claims, instead defaulting to simple subjectDN to issuerDN string matching. An example of the Adobe Systems hardcoded certificate is in the AOSP webkit PluginManager class.
You can download the Bluebox app below,click the image below.
