Flaws in Telegram, the secure messaging App expose Secret Chat messages

Telegram cross-platform messaging flaws allow hackers to bypass encryption and access user messages

Apparently the Secret Chat feature of Telegram saves messages in plain text in the memory dump

Is Telegram secure? not any more! Telegramcross-platform messaging App which was hailed as the most secure messaging App by Electronic Frontier Foundation, has been found to be not so secure after all.

Researchers from security firm Zimperium have discovered that Telegram can be hacked by cyber criminals in two ways.  Zimperium’s founder and CTO stated on Zimperium blog that after conducting research on Telegram App, the researcher have found that there are at least two methods that can be leveraged to bypass encryption and obtain messages.

Telegram has around 55 million active users around the world and has a Secret Chat feature for a one on one private and secure chat between two users.  Secret Chat works by giving encryption and decryption keys to the receiver and sender, thus making it most secure.  EFF in its December secure messaging Apps audit and review had given maximum score to the Telegram’s Secret Chat feature.

According the Avraham, Telegram is vulnerable to the potential hacker gaining complete control of the targeted Android smartphone installed with Telegram App, by leveraging a kernel exploit to elevate privileges. Once the attacker is in control of the smartphone, he can dump process memory and gain access to any file stored on the device.

Zimperium researchers noticed that Telegram Secret Chat messages are stored in the Telegram memory dump in plain text and easily accessible to the hackers.

The researchers further discovered that a database file (Cache4.db) containing tables that store the secret messages is also in plain text. While Telegram users can delete their messages using a special function, the deleted messages can still be retrieved from the process memory, Avraham stated.

“While Telegram was founded upon a noble goal of providing privacy to consumers everywhere at no cost, they have fallen short of their objective by focusing purely on data-in-transit versus protecting data-at-rest on the mobile device itself. What is regrettable is that I approached Telegram multiple times and have yet to receive a response,” Avraham explained in a blog post.  “Telegram’s so-called powerful encryption is not protecting users any better than any other page or app that uses SSL. If you are using Telegram because you want to ensure your privacy and the privacy of the messages you are sending, be aware that it will not stop sophisticated hackers from reading your messages. We highly recommended adding additional protection to your mobile device that can detect device-level cyberattacks.”

Avraham said Zimperium made the vulnerability public after the expiry of 30 day disclosure guidelines and in the absence of any reply from Telegram about the flaw. Telegram is yet to come out with a statement about the flaw.

Facebook launches Facebook Lite App for lower end smartphones

Facebook comes to lower end smartphone owners rescue with Facebook ‘Lite’

In addition to stickers inside Messenger, Comments, Groups and the latest addition of Rooms, Facebook has yet again  launched another surprising App called Facebook Lite, which can be called as a simplified version of its mobile website from 2009-2010, which is specifically designed for lower end Android devices available in markets.

TechCrunch says that the App was launched in a certain handful of countries in Asia and Africa including Bangladesh, Nepal, Nigeria, South Africa, Sudan, Sri Lanka, Vietnam and Zimbabwe where the App is being tested for further upgradation and bug fixing.

A report by TechCrunch says that the App has been built to accommodate lower end and Android devices. The Facebook Lite will be packed in just 252KB file size so that any lower end Android phone can run it smoothly. The App will prove beneficial in areas with 2G and poor quality internet connections. Facebook Lite will have some of the features of Facebook like push notifications and camera integration.

As smartphone sales are rising by the day in emerging markets, the company wants to offer a flawless experience to users no matter which handset they are using. For the past few years ,smartphone sales are increasing in India, which was is the fastest growing market in Asia Pacific in 2014, while there’s huge potential in Africa and Southeast Asia where mobile will be the primary internet platform for millions. Even though Facebook retooled its Android app specifically for emerging markets last year, it is making sure that it offers a good experience to any user not matter their device or network connection. Android is the platform of choice for most smartphone owners in emerging markets since such smartphones cost a little bit over  $30.

Facebook already has its Internet.org project, which provides free access to a various range of mobile internet services is currently limited to a selected countries in Africa at this point and, since it is being developed in partnership with carriers and other telecom industry players, however such launches are both time and resource intensive, so why not put together a ‘Lite’ app that can potentially push the Facebook subscriber base up by millions overnight seems to be the thinking of Facebook boardroom.

You will be surprised if you’re in one of the mentioned eight countries where Facebook Lite has launched then you can check it out here.

The early signs have give Mark Zuckerberg owned company a very positive feedback from the users and they seemed quite impressed with the App. Statistically, the app has already crossed 10,000 downloads at the time of writing, since it was launched with a overwhelming 4.6 rating from an initial 693 reviewers.

A report suggests that India’s mobile Facebook users will surpass US user-base by 2017. According to a report by market research firm eMarketer, nearly 1 billion users worldwide will access the popular social network through their mobile phones at least once each month in 2015.

Recently, Facebook announced that growing Internet penetration and a large youth population has helped it expand its user base in India to 112 million, which is the largest after the United States. Of the 112 million users in India, more than 99 million users are using the platform on their mobile phones at least once a month.

Facebook Lite will be of great help to the large expanse of people staying in poorly connected villages in the countries named above.

LibreOffice for Android takes first small steps

The first incarnation of LibreOffice for Android is little more than a document reader, but the plan all along was to start small and build up

Is it the fate of every popular app — especially the open source ones — to be ported to Android? LibreOffice has made that leap, but don’t expect to take your work on the road with your tablet yet.

Collabra Productivity, a major contributor to the LibreOffice project and a provider of LibreOffice services and consulting, has released the first version of a LibreOffice port for Android. However, it is — by design — an extremely minimal application, not intended to do much more than preview text, spreadsheet, and presentation documents.

Officially known as LibreOffice Viewer for Android, the app is still very much in beta. Warnings on the Android Store page note that the app isn’t stable: “Do not use it for mission-critical tasks – it may misbehave!”

But aside from being able to display read-only versions of many LibreOffice Documents, it can also render documents for Microsoft Office, from version 97 all the way through 2013 (in other words, both DOC and DOCX format).

Porting LibreOffice to Android has been in the works for some time and, according to the Document Foundation’s notes on the project, is not based on the existing ARM build for the project. Instead, “the technical platform will be the work that is currently carried out for having a LibreOffice viewer for Android, which is built on the Mozilla for Android framework,” according to the notes.

A big part of this decision was apparently driven by the way the Mozilla-based project had already solved a number of key technical issues, such as application threading, working with the touch interface, and providing other behavioral integration with Android. (The only LibreOffice application that has thus far existed for Android is the LibreOffice Impress Remote app, which turns any Android smartphone into a remote control for LibreOffice Impress presentations, but doesn’t actually have any LibreOffice functionality of its own.)

LibreOffice Viewer has landed around the same time as two other significant developments in office productivity. First is Microsoft’s public release of an edition of its Office suite for Android. That program doesn’t have anywhere near the same full gamut of functionality as the desktop app, but it covers the most commonly used bases. On the other hand, it isn’t unified: Microsoft released separate Office apps for Android tablets and Android phones, with the phone version being a major letdown.

The other big recent development has been Microsoft, in conjunction with various hardware makers, pushing dirt-cheap Windows tablets — some going for as little as $99. Their minimal processors, storage, and memory clearly make them substitutes for Android tablets rather than more upscale Windows machines — and Microsoft isn’t hesitant to give away copies of Office 365 to boost sales of devices in that class.

Still, the Document Foundation and its partners seem determined to make a full-blown LibreOffice on Android a reality, even if they are only moving toward that goal in small stages. The next step for LibreOffice Viewer is to enable features like links in documents, along with “complex presentation support and many additional features … planned for future releases.”

Field Trip: the Google map app you never knew you wanted

Field Trip has been around now for a while – have you heard of it? It’s a Niantic Labs project at Google, one that aims to bring you automatic suggestions for places to visit near where you’re physically standing at any given moment. While it may be included with the basic build of Android at some time in the future, for now you’re still going to have to download it. Field Trip has gotten a large bump in aesthetic beauty and in ease in use. It’s simple now, and ready to roll on your Android smartphone immediately.

Field Trip is like Google Maps with only the places you’ll want to visit highlighted. Once you find a place you’d like to go near a place that you are, you can

It’s difficult to recommend Field Trip from a place like Bismarck, North Dakota. This app is made more for larger cities and tourist-friendly places – not the middle of nowhere. Here you’ll see Las Vegas – and an example of a card once tapped.

That said, we were able to discover a big batch of visitor-friendly places in Field Trip near the capital building.

Nothing we’d not seen before – since we live quite close by, but it was nice to see things like the Sakakawea statue being recognized as a landmark work visiting.

Below you’ll see Field Trip as it exists on Google Glass.

You can download Field Trip from the Google Play app store right now for your Android device for free.

The version of Field Trip you’ll find on Google Play today is V.2.0.5, coming with a design that’s been fitted far more modern look matching Android 5.0 Lollipop. You’ll find new content, performance improvements, and UI that’s slightly more conducive to ease in use.

Whatsapp Banned Users For Using WhatsApp PLUS App

Are you one of those victims whose WhatsApp app has recently been banned?? Then you must have installed a 3rd-party version of WhatsApp client, like WhatsAppMD or Whatsapp PLUS in your mobile phone for sure.

Reportedly after 12 AM IST on 21st January 2015, WhatsApp, the widely popular messaging application, has started temporarily banning users for 24 Hours who are currently using any third-party WhatsApp clients and are being directed to download the official app on the Play Store instead.

Just in last few hours, large number of users have started complaining on Social media websites that they are being banned from the messaging service for 24 hours. Though the ban is temporary and the users facing the issue now could access their app after the period of 24 hours.

In an attempt to clear up why this is happening, Whatsapp team explained via its FAQ website, that it is against ‘Terms of Service’ to use WhatsApp Plus or any other 3rd-party unofficial app.

Why am I banned for using WhatsApp Plus and how do I get unbanned?

WhatsApp Plus is an application that was not developed by WhatsApp, nor is it authorized by WhatsApp. The developers of WhatsApp Plus have no relationship to WhatsApp, and we do not support WhatsApp Plus. Please be aware that WhatsApp Plus contains source code which WhatsApp cannot guarantee as safe and that your private information is potentially being passed to 3rd parties without your knowledge or authorization. Please uninstall your application and install an authorized version of WhatsApp from our website or Google Play. Then, you will be able to use WhatsApp.

WHATSAPP PLUS

WhatsApp Plus is an altered version of the official WhatsApp for Android which is pretty popular among advanced users, who want sleeker design and some other features. WhatsApp Plus provides some extra features compared to WhatsApp like:

• Disabling your last seen and still being able to see others last seen time
• 700 new Themes
• Extra new emoticons/emojis
• You can edit file sharing options
• Option to change the font, and color
• More..

Even rumours from several popular news websites had suggested that WhatsApp is working on a new version of its instant messaging client, WhatsApp PLUS, in order to provide its users a lot of handy new features. However the news came out to be completely fake!!

If you have one installed in your smartphone, we suggest you to uninstall it if you don’t want to go through that 24 hour ban. We will keep an eye on what’s is going on… Stay Tuned to The Hacker News.