#fasli follower | Explore Tumblr Posts and Blogs

islamic-reminders · 3 years

Text

* General Islamic culture Answer the following questions *

1. In which month was the Quran descended?

at. Muharram

b. Ramadan

vs. Safar

d. Rajab

2. How many Suras are there in the Quran?

at. 110

b. 100

vs. 113

d. 114

3. The book Zabura was revealed to which of these messengers?

at. Musa

b. Isa

vs. Dauda

d. Ibrahim

4. How many words are there in the Quran?

at. 86,430

b. 86,340

vs. 83,640

d. 83,460

5. Which of the Prophets had a live conversation with Allah?

at. Ibrahim

b. Musa

vs. Issa

d. Muhammad

6. What city is called * Baladul Amin * in the Quran?

at. Madina

b. Makkah

vs. Sham

d. Misra

7. Which of these women Allah called his name in the Quran?

at. Maryam

b. Khadija

vs. Aisha

d. Hauwa

8. How many Suras were revealed in Mecca (Makkiya)?

a.86

b.114

c.28

d.60

9. What is the last Surah revealed?

at. Ma'ida

b. Nasr

vs. Kafirun

d. Ankabuut

10. What name does not fit the names of the Last Judgment in the Quran?

at. Yaumul Jam'i

b. Yaumu Tagabun

vs. Yaumul Fasli

d. Yaumul Fana'i

11. Which Surah spoke about the people of the cave?

at. Baqara

b. Jinni

c. Kahfi

d. Taaha

12. The shortest Ayat is found in which Sura?

at. Fajr

b. Mudassir

vs. Asr

d. Ikhlas

13. Which of the companions was mentioned in the Quran?

at. Abdourahamane bin Sahr

b. Abi Huraira

vs. Zayd

d. Usman bin afan

14. One among these cities was not mentioned by the Messenger of Allah Muhammad SAW?

at. Constantinople (Istanbul)

b. Sin

vs. Sham

d. Agadez

15. Which of the Yusuf Suras was called besides Suratul Yusuf?

at. Ahzab

b. Gafir

vs. Zumar

d. Nur

16. In what year was Prophet Muhammad SAW born?

12 Rabi Awal 630 Miladiya

12 Rabi Awal 530 Miladiya

12 Rabi Awal 570 Miladiya

12 Rabi Awal 571 Miladiya

17. Which was not a Jihad battle?

at. Handaq

b. Badr

vs. Tabuk

d. Yemen

18. Which is not a Quranic Sura?

at. Suratul Anfal

b. Suratul Musa

vs. Suratul Maryam

d. Suratul Ibrahim

19. Which Surah does not start with Bismillah?

at. Tawba

b. Hudu

vs. Yunus

d. Qaaf

20. Who is not one of the 4 great Imans of Islam?

at. Hanafi

b. Hambali

vs. Ibn Taymiya

d. Shafi'i

21. Who are the two Sheikhs of the Hadiths?

at. Muslim - Tirmizi

b. Buhari - Muslim

vs. Nisa'i - Ahmad

d. Abu Daud - Buhari

22. How many Messengers were mentioned in the Quran?

at. 1432

b. 25

vs. 114

d. 432

23. Which of these mosques is mentioned in the Koran?

at. Tajmahal

b. Sham

vs. Aqsa

d. Ruum

24. Which one is not on the Islamic lunar list?

at. Zul Qi'id

b. Safar

vs. Rajab

d. Zul Kifl

25. Which country has the greatest number of Muslims?

at. Nigeria

b. China

vs. India

d. Indonesia

26. Which country is not among the founding members of the OIC?

at. Bahrain

b. Saudi Arabia

vs. Niger

d. Algeria

27. Which animal was not mentioned in the Quran?

at. Dog

b. Ants

vs. Bees

d. Bat

28. Who among these people did the Jews (Yahud) call the Son of Allah?

at. Uzairu

b. Issa

vs. Musa

d. Zakaria

29. Which country in Africa was mentioned in the Quran?

at. Sudan

b. Egypt

vs. Morocco

d. Ethiopia

30. What is the longest Surah in the Quran?

at. Nisa'i

b. Bakara

vs. Ali'imran

d Huud

31. According to the prophet SAW Islam will be divided into how many parts?

at. 2

b. 4

vs. 73

d. 173

31. In which Sura is the last Quranic verse found?

at. Jin

b. Nasr

vs. Ma'ida

d. Kafirun

32. The OIC, the second largest organization after the UN, has how many member states?

at. 193

b. 73

vs. 57

d. 201

33. Which was not an Islamic caliphate?

at. Ottoman

b. Almouhaid

vs. Sokoto

d. Bizans

34. Prophet Muhammad SAW was born in:

at. Mecca

b. Sham

vs. Medina

d. Jerusalem

35. Who is the most arrogant of creatures?

at. Fira'aun

b. Shaitan

vs. Dajal

d. Yajuj Majuj

* Share for Allah's Reward *

#islamicreminder #islam #ramandan

21 notes · View notes

dragoomy · 5 years

Text

thought it be fun to draw Aurora in a Sonic character style. I think she looks pretty cute personally, I used the following base to make her https://www.deviantart.com/fasli/art/Fox-Base-with-clothing-449414636

0 notes

goldeagleprice · 5 years

Text

India struggles against fakes

You know counterfeit coins are a problem when the state archaeological department issues an advisory warning. The situation is so sufficiently serious, that India’s government has recently taken such action.

Bogus examples of popularly collected 17th to 19th century copper shivrai coins issued during the rule of the Marathas are being sold “in the market through portals,” according to several sources. The coins circulated through the end of the 19th century, particularly in the region of the Bombay Presidency.

Several counterfeiters are reported to be active in Gujarat and West Bengal. Assistant Director of the State Archaeology Department, Vilas Wahane, was quoted by the March 5 Pune Mirror newspaper as saying, “Because fake coins are being circulated people must crosscheck the genuineness of coins through numismatists as only they are aware of the standard weight and metal quality.”

The Numismatic Society of India, founded in 1910, has been recommended by the agency as a place where experts can check shivrai coins now appearing in the market for authenticity.

The web site NYOOOZ.com posted, “By selling fake coins we are insulting the great king,” a reference to all the Marathas kings, commonly called chhatrapati.

The March 5 NYOOOZ.com posting indicated the fake coins are uniform in appearance, with a weight of about eight grams and “quite in good shape while their thickness is less.”

Genuine shivrai coins are round, not uniform, and have a weight that can vary between about 10 to 12.21 grams. The obverse carries a Devanagari script legend that reads ‘Sri Raja Shiv.’ The reverse is also in Devanagari, the inscription honoring the reigning Maratha monarch.

Shivrai coins had very low contemporary purchasing power and, for this reason, were used extensively by commoners throughout western India. This reason is why the coins are popularly collected today by what the state archaeological department called “coin collectors and history lovers” in its warning.

Shivrai were first introduced during the reign of Shivaji Bhonsie, who established the Maratha Empire at the expense of the Adilshahi Sultanate of Bijapur in 1674. Shivaji died in 1680.

The Maratha Empire declined throughout the four decades following Shivaji’s death. At the time of the empire’s rejuvenation under the Peshwas beginning in 1720, a new series of shivrai coins called dudandi shivrai were issued. The same Devanagari inscriptions appear consistently throughout the period of this coinage.

The shivrai coins were authorized and continued by the British East India Company following Britain’s victory in the Third Anglo-Maratha War of 1817 to 1818. Shivrai were valued between 1/74 and 1/80 of a rupee prior to the 1830s. By that time there were 150 different types in use.

The BEIC shivrai coins include the Fasli year in which the coins were issued. Company coins were minted at Poona between 1820 and 1830. As the coins became increasingly obsolete during the final quarter of the 19th century they were replaced by company coins valued at 1/64 of a rupee called a pice. The shivrai coins were collected by local revenue collectors (mamlatdars) in 1885 and deposited in the treasury.

A Reverend Abbott studied about 25,000 shivrai coins about 1890, remarking the coins were still in circulation at that time.

According to the State Archaeological Department, the fakes typically sell for about 600 to 1,000 rupees (about $8.50 to $14.14 US). Genuine examples should sell for between 2,000 and 3,000 rupees (about $28 to $42.50 US). Due to the incomes in India, this is a large sum of money.

This article was originally printed in World Coin News. >> Subscribe today.

If you like what you’ve read here, we invite you to visit our online bookstore to learn more about Standard Catalog of World Coins, 1601-1700.

Learn more >>>

The post India struggles against fakes appeared first on Numismatic News.

#Precious Metals

0 notes

postolo · 6 years

Text

2018 SCC Vol. 7 August 21, 2018 Part 2

Advocates — Government Law Officers/Counsel/Pleader/Public Prosecutor: Method of appointment and conditions of service of Asstt. Public Prosecutors and Public Prosecutors are qualitatively different inasmuch as Asstt. Public Prosecutors are appointed through competitive selection process conducted by PSC as per prevalent rules and are entitled to all service benefits enjoyed by government employees, while Public Prosecutors are appointed from panel of advocates furnished by Advocate General for a term of three years only and are neither considered as government employees nor do they derive any service benefits enjoyed by government employees. The fact that nature of duties and functions of Asstt. Public Prosecutors and Public Prosecutors are similar, per se, cannot be basis to claim parity with Public Prosecutors in respect of age of superannuation. It was further held that disparity in age of Asstt. PPs appointed on or before 31-3-2013 and those which joined on or after 1-4-2013 inconsequential since those appointed on or before 31-3-2013 were governed by statutory Pension Scheme as applicable to other government employees while those appointed on or after 1-4-2013 were governed by new Contributory Pension Scheme which was again applicable to all government employees. [Kerala Asstt. Public Prosecutors Assn. v. State of Kerala, (2018) 7 SCC 314]

Arbitration and Conciliation Act, 1996 — Pt. I or Pt. II and S. 34 — International commercial arbitration or Foreign-seated arbitration — Determination of: For determination and effect of “seat” of arbitration on maintainability of challenge to award rendered in international commercial arbitration, as in the present case between the appellant (Union of India) and the respondent (foreign company), under S. 34 in courts in India, when the arbitration agreement specifies the “venue” for holding the arbitration but does not specify the “seat”, exercising the power under Or. 6 R. 2 of Supreme Court Rules, 2013 appeal referred to larger Bench for hearing. [Union of India v. Hardy Exploration and Production (India) Inc., (2018) 7 SCC 374]

Armed Forces — Navy — Service conditions — Pension — Reservist pension — Entitlement to: Ex-Navy Direct Entry Artificers are entitled to special pension instead of reservist pension. [Ex Navy Direct Entry Artificers Assn. v. Union of India, (2018) 7 SCC 386]

Armed Forces Tribunal Act, 2007 — Ss. 2, 3(o) and 14 — Jurisdiction of AFT — Service conditions: For a matter to be treated as service matter, it must relate to conditions of service of persons subject to Army Act, 1950, Navy Act, 1957 and Air Force Act, 1950. Decision not to grant permanent secondment to appellant in DGQA (Directorate General of Quality Assurance) by QASB (Quality Assurance Selection Board) which was a different organisation did not in any manner affect service conditions of appellant as Commissioned Officer in Army. Hence, as rightly found by Tribunal it had no jurisdiction to entertain appellant’s original application. [Vijaynath Jha v. Union of India, (2018) 7 SCC 303]

Civil Procedure Code, 1908 — Or. 21 Rr. 90, 92(1) & (3) and Ss. 47, 104(1)(ffa) — Res judicata: Application was filed under Or. 21 R. 90 r/w S. 47 for setting aside court auction-sale. Order dismissing application though appealable but no appeal was filed, sale was confirmed under Or. 21 R. 92(1), and confirmation of sale was not questioned whereby auction purchase attained finality. It was held that by virtue of R. 92(3) applicant/objector would be barred from bringing fresh suit to set aside sale on same ground. [Siddagangaiah v. N.K. Giriraja Shetty, (2018) 7 SCC 278]

Civil Procedure Code, 1908 — S. 97 and Or. 7 R. 7: Challenge to correctness of preliminary decree in final decree proceedings barred when no appeal was preferred by defendant against preliminary decree. Fundamental issue (as to boundaries nad description of suit properties) was consistently and sufficiently averred by defendant to warrant enquiry by trial court, however still it was not enquired into by trial court. Thus, even in absence of appeal against preliminary decree, since defendant had consistently raised fundamental averment in question, to warrant enquiry thereinto by trial court, matter remitted to trial court for consideration of disputed question on basis of evidence. [Selvi v. Gopalakrishnan Nair, (2018) 7 SCC 319]

Constitution of India — Arts. 226 and 21 — Multi-State crime involving high officials of State and Centre: In this case of illegal manufacture and sale of gutkha and pan masala, containing tobacco and/or nicotine, transfer of investigation to CBI to ensure fair investigation and instil confidence of public and victims, upheld. [E. Sivakumar v. Union of India, (2018) 7 SCC 365]

Consumer Protection — Consumer Forums — National Forum — Inadequate infrastructure: Central Government directed to take following measures and apprise court: (a) To sanction additional posts to enhance work efficiency. Sanctioned posts being only about one-fourth of that required/ recommended by Staff Inspection Unit, (b) to take urgent steps to provide additional space to store files as filing of cases going up by nearly 300%, and (c) to state its concurrence about proposed amendment to R. 11 of Consumer Protection Rules, 1987 relating to salaries, honorarium and other allowances of National Forum. [State of U.P. v. ALL U.P. Consumer Protection Bar Assn., (2018) 7 SCC 423]

Criminal Procedure Code, 1973 — S. 407 — Transfer of case within the State — When permissible: As no possibility for conduct of fair and impartial trial at present place, was clearly visible, apprehension of threat to life of appellants, was obvious and as Respondent-accused being very influential in their locality, witnesses were not coming forward to depose and turning hostile due to pressure tactics of accused and no prejudice was being caused to respondent-accused in any manner from such transfer, rejection of transfer petitions by High Court, set aside and transfer of cases, directed. [Sarasamma v. State, (2018) 7 SCC 339]

Inter-State River Water Disputes Act, 1956 — Ss. 6-A, 3, 5 and 6 — Adjudication of Cauvery Water Dispute between riparian States by Tribunal: Corrected Draft Scheme (Cauvery Water Management Scheme) issued and modified in terms of directions of Supreme Court, affirmed and directed to be notified at the earliest. Objections to said Scheme by States of Karnataka and Kerala, rejected. [State of T.N. v. P.K. Sinha, (2018) 7 SCC 403]

Penal Code, 1860 — S. 302 or S. 304 Pt. II and Ss. 341, 323 and 34 [S. 300 Exception 4] — Ingredients and applicability of Exception 4 to S. 300: In this case of land dispute between parties. injuries caused by sudden attack on deceased by accused persons, resulted in his death after sometime. It was a sudden verbal quarrel and there was no premeditated plan to attack deceased. Civil disputes was already pending between both families. Minor verbal exchange bloated into a sudden physical attack. Hence, conviction converted from S. 302 to S. 304 Pt. II. [Manoj Kumar v. State of H.P., (2018) 7 SCC 327]

Penal Code, 1860 — Ss. 307, 323, 149 and 148: In this case where in a dispute related to watering of field from tubewell of accused party infliction of several injuries by appellant-accused on complainant’s party using lethal weapons, after appreciation of evidence, conviction of accused confirmed. [Suresh Singh v. State of M.P., (2018) 7 SCC 381]

Ranbir Penal Code, 1989 (2 of 1989 Smvt.) (1932 AD) — Ss. 302/341 — Murder trial: In this case accused assaulted deceased on his head with iron rod, resulting in his death. Acquittal of accused was reversed by the High Court, convicting him under Ss. 302/341 RPC. As direct oral evidence coupled with medical evidence, clearly pointed at guilt of accused, testimony of eyewitness was wholly trustworthy, evidence of other prosecution witnesses also found reliable, FIR was lodged promptly, motive also stood established and prosecution proved guilt of accused beyond reasonable doubt, hence, reversal of acquittal, confirmed. [Khurshid Ahmed v. State of J&K, (2018) 7 SCC 429]

Service Law — Judiciary — Conditions/Benefits of service — Unreasonable condition(s): Denial of benefit of increment/seniority until candidate cleared Hindi examination in “higher grade”, not proper. [Ashok Kumar v. State of Jharkhand, (2018) 7 SCC 296]

Service Law — Judiciary — Recruitment process — Vacancy — Determination of: Appeals challenging the advertisement and process of recruitment to Punjab Superior Judicial Service conducted in year 2008, dismissed while holding that a seat that fell vacant on elevation of a judge after the publication of advertisement cannot be included in the recruitment. [Gurmeet Pal Singh v. State of Punjab, (2018) 7 SCC 260]

Service Law — Judiciary — Retirement/Superannuation — Retiral benefits — Computation of qualifying service: Service rendered by appellant Judicial Officers as Fast Track Court Judges is liable to be counted for pensionary and other benefits, post joining regular judicial service. Methodology of non-creation of adequate regular cadre posts and consequent establishment of Fast Track Courts manned by appellants cannot be used as ruse to deny dues of appellants. [Mahesh Chandra Verma v. State of Jharkhand, (2018) 7 SCC 270]

Tenancy and Land Laws — Revenue Records — Entry in revenue records — Substantive error or clerical error — Determination of: In this case appellant Housing Board acquired and took possession of entire Survey No. 1009. Allegedly survey records did not depict exact extent of land. Some additional area probably should have been included in description of Survey No. 1009. Respondent landowners, taking chance and claiming that additional area under said Survey was not acquired by filing application under S. 87, Andhra Pradesh (Telangana Area) Land Revenue Act, 1317 Fasli, for correction of clerical error. Said application, held, could not have been entertained because said error was not a clerical or mathematical error but a substantive error. [Telangana Housing Board v. Azamunnisa Begum, (2018) 7 SCC 346]

The post 2018 SCC Vol. 7 August 21, 2018 Part 2 appeared first on SCC Blog.

2018 SCC Vol. 7 August 21, 2018 Part 2 published first on https://sanantoniolegal.tumblr.com/

0 notes

ranijainrani · 6 years

Text

Printable Calendar 2018 Download

From 1-5 March A D 1079, the Moment the calendar Had dropped a further two weeks, the araji calendar was first reformed by replicating the very first eighteen times of Frawardin. This brand new calendar has been calculated thus failed to possess epagemonai -- that the weeks began following sunlight entered a brand new indication of the zodiac.

About One Hundred Twenty years following the reform of A-D 1006, even whenever the vernal equinox had been needs to drop in Ardawahisht, Zoroastrians forced it coincide with nowruz with the addition of another Spandarmad. This Shensai calendar has been per month Supporting the qadimi nevertheless Utilized at Persia, used Solely from the Zoroastrians at India, '' the Parsees. About 6 June 1745 (previous Mode ) a few Parsees re-adopted that the qadimi calendar, also in 1906 a number embraced the Fasli calendar at that inch Frawardin was inoculated with 2-1 March, therefore there had been a sixth time epagomenal day each decades ago Back in 1911 that the jalali calendar grew to become the most state federal calendar of Persia. Back in 19-25 this calendar has been simplified and also the titles of those weeks had been modernised. Inch Farvardin may be that the afternoon whose mid-night beginning is closest into this second of vernal equinox. The very first 6 months have 31 days, the subsequent five half dozen, and also the twelfth has 2-9 times and 30 in leap years. Many Zoroastrians in Persia currently utilize the Fasli calendar, now with started changing for it in 1930

It had been initially constructed throughout the Qin Dynasty[citation had ], and it is now characterized by GB/T 33661-2017 Calculation and promulgation of this Greek calendar, that your Standardization Administration of China issued May 1 2, 20 17.

The standard Chinese calendar governs traditional activities in China as well as at international Chinese communities, like the Chinese New Year. It records the dates of conventional Chinese vacations, also guides men and women in deciding on the very best times for weddings, funerals, shifting, or even commencing a business.

0 notes

gilbertineonfr2 · 7 years

Text

HITB Amsterdam 2017 Day #2 Wrap-Up

After a nice evening with some beers and an excellent dinner with infosec peers, here is my wrap-up for the second day. Coffee? Check! Wireless? Check! Twitter? Check!

As usual, the day started with a keynote. Window Snyder presented “All Fall Down: Interdependencies in the Cloud”. Window is the CSO of Fastly and, as many companies today, Fasly relies on many services running in the cloud. This reminds me the Amazon S3 outage and their dashboard that was not working because it was relying on… S3! Today, all the stuff are interconnected and the overall security depends on the complete chain. To resume: You use a cloud service to store your data, you authenticate to it using another cloud service, and you analyse your data using a third one etc… If one is failing, we can face a domino effect. Many companies have statements like “We take security very seriously” but they don’t invest. Window reviewed some nightmare stories where the security completely failed like the RSA token compromization in 2011, Diginotar in 2012 or Target in 2013. But sometimes dependencies are very simple like DNS… What if your DNS is out of service? All your infrastructure is down. DNS remains an Achille’s heel for many organizations. The keynote interesting but very short! Anyway, it meant more time for coffee…

The first regular talk was maybe the most expected: “Chasing Cars: Keyless Entry System Attacks”. The talk was promoted via social networks before the conference. I was really curious and not disappointed by the result of the research! Yingtao Zeng, Qing Yang & Jun Li presented their work about car keyless attack. It was strange that the guy responsible of the most part of the research did not speak English. I was speaking in Chinese to his colleague who was translating in English. Because users are looking for more convenience (and because it’s “cool”), modern cars are not using RKE (remote keyless entry) but PKE (passive keyless entry). They started with a technical description of the technology that many of us use daily:

How to steal the car? How could we use the key in the car owner’s pocket? The idea was to perform a relay attack. The signal of the key is relayed from the owner’s pocket to the attacker sitting next to the car. Keep in mind that cars required to press the button on the door or to use a contact sensor to enable communications with the key. A wake up is sent to the key and unlock doors. The relay attack scenario looks like this:

During this process, they are time constraints. They showed a nice demo of a guy leaving his car, followed by attacker #1 who captures the signal and relay to the attack #2 who unlock the car.

The current range to access the car owner’s key is ~2m. Between the two relays, up to 300m! What about the cost to build the devices? Approximatively 20€! (the cost of the main components). What in real case? Once the car is stolen and the engine running, it will only warn that the key is not present but it won’t stop! The only limit is running out of gas Countermeasures are: use a faraday cage or bag, remove the battery more strict timing constraints.

They are still improving the research and are now investigating how to relay this signal through TCP/IP (read: the Wild internet). [Slides are available here]

My next choice was to follow “Extracting All Your Secrets: Vulnerabilities in Android Password Managers” presented by Stephan Uber, Steven Arzt and Siegfried Rasthofer. Passwords remain a threat for most people. For years, we ask users to use strong passwords, to change them regularly. The goal was not here to debate about how passwords must be managed but, as we recommend users to use passwords manager to handle the huge amount of passwords, are they really safe? An interesting study demonstrated that, on average, users have to deal with 90 passwords. The research focused on Android applications. First of all, most of them say that they “banking level” or “military grade” encryption? True or false? Well, encryption is not the only protection for passwords. Is it possible to steal them using alternative attack scenarios? Guess what? They chose the top password managers by the number of downloads on the Google play store. They all provide standard features like autofill, custom browser, comfort features, secure sync and confidential password storage of course. (Important note: all the attacks have been performed on non-rooted devices) Manual filing attack: Manual filling is using the clipboard. 1st problem: any app can read from the clipboard without any specific rights. A clipboard sniffer app could be useful.

The first attack scenario was: Manual filing attack: Manual filling is using the clipboard. First problem: any application can read from the clipboard without any specific rights. A clipboard sniffer app could be useful to steal any password. The second scenario was: Automatic filling attack. How does it work? Applications cannot communicate due to the sandboxing system. They have to use the “Accessibility service” (normally used for disabled people). The issue may arise if the application doesn’t check the complete app name. Example: make an app that starts also with “com.twitter” like “com.twitter.twitterleak”. The next attack is based on the backup function. Backup, convert the backup to .tar, untar and get the master password in plain text in KeyStorage.xml. Browsers don’t provide API’s to perform autofill so developers create a customer browser. But it’s running in the same sandbox. Cool! But can we abuse this? Browsers are based on Webview API which supports access to files… file:///data/package/…./passwords_pref.xml Where is the key? In the source code, split in two More fails reported by the speakers:

Custom crypto (“because AES isn’t good enough?”)

AES used in ESC mode for db encryption

Delivered browsers to not consider subdomains in form fields

Data leakage in browsers

Customer transport security

How to improve the security of password managers:

Android provides a keystore, use it!

Use key derivation function

Avoid hardcoded keys

Do not abuse the account manager

The complete research is available here. [Slides are available here]

After the lunch, Antonios Altasis presented “An Attack-in-Depth Analysis of Multicast DNS and DNS Service Discovery”. The objective was to perform threat analysis and to release a tool to perform tests on a local network. The starting point was the RFC and identifying the potential risks. mDNS & DNS-SD are used for zero-conf networking. They are used by the AppleTV, the Google ChromeCast, home speakers, etc. mDNS (RFC6762) provides DNS-alike operations but on the local network (uses 5353). DNS-SD (RFC6763) allows clients to discover instances of a specific service (using standard DNS queries). mDNS uses the “.local” TLD via 224.0.0.251 & FF02::FB. Antonios make a great review of the problems associated with these protocols. The possible attacks are:

Reconnaissance (when you search for a printer, all the services will be returned, this is useful to gather information about your victim. Easy to get info without scanning). I liked this.

Spoofing

DoS

Remote unicast interaction

mDNS implementation can be used to perform a DoS attack from remote locations. If most modern OS are protected, some embedded systems still use vulnerable Linux implementations. Interesting: Close to 1M of devices are listening to port 5353 on the Internet (Shodan). Not all of them are vulnerable but there are chances. During the demos, Antonios used the tool he developed: pholus.py. [Slides are available here]

Then, Patrick Wardle presented “OverSight: Exposing Spies on macOS”. Patrick presented a quick talk yesterday in the Commsec track. It was very nice so I expected also some nice content. Today the topic was pieces of malware on OSX that abuse the microphone and webcam. To protect against this, he developed a tool called OverSight. Why bad guys use webcams? To blackmail victims, Why governments use microphone to spy. From a developer point of view, how to access the webcam? Via the avfoundation framework. Sandboxed applications must have specific rights to access the camera (via entitlement ‘com apple.security.device.camera’ but non sandboxed application do not require this entitlement to access the cam. videoSnap is a nice example of avfoundation use. The pending tool is audioSnap for the microphone. The best way to protect your webcam is to put a sticker on it. Note that it is also possible to restrict access to is via file permissions.

What about malware that use mic/cam? (note: the LED will always be on). Patrick reviewed some of them like yesterday:

The Hackingteam’s implant

Eleanor

Mokes

FruitFly

To protect against abusive access to the webcam & microphone, Patrick developed a nice tool called OverSight. The version 1.1 was just released with new features (better support for the mic, whitelisting apps which can access resources). The talk ended with a nice case study: Shazam was reported as listening all the time to the mic (even if disabled). This was reported by an OverSight user to Patrick. He decided to have a deeper look. He discovered that it’s not a bug but a feature and contacted Shazam. For performance reasons they use continuous recording on IOS but a shared SDK is used with OSX. Malicious or not? “OFF” means in fact “stop processing the recording” but don’t stop the recording.

Other tools developed by Patrick:

KnockKnock

BlockBlock

RansomWhere (detect encryption of files and high number of created files)

It was a very cool talk with lot of interesting information and tips to protect your OSX computers! [Slides are available here]

The last talk from my list was “Is There a Doctor in The House? Hacking Medical Devices and Healthcare Infrastructure” presented by Anirudh Duggal. Usually, such talks present vulnerabilities around the devices that we can find everywhere in hospitals but the the talk focused on something completely different: The protocol HL7 2.x. Hospitals have: devices (monitors, X-ray, MRI, …), networks, protocols (DICOM, HL7, FHIR, HTTP, FTP) and records (patients). HL7 is a messaging standard used by medical devices to achieve interoperability. Messages may contain patient info (PII), doctor info, patient visit details, allergy & diagnostics. Anirudh reviewed the different types of message that can be exchanged like “RDE” or ” Pharmacy Order Message”. The common attacks are:

MITM (everything is in clear text)

Message source not validated

DoS

Fuzzing

This is scaring to see that important information are exchanged with so poor protections. How to improve? According to Anirugh, here are some ideas:

Validate messages size

Enforce TLS

Input sanitization

Fault tolerance

Anonymization

Add consistency checks (checksum)

The future? HL7 will be replaced by FHIR a lightweight HTTP-based API. I learned interesting stuff about this protocol… [Slides are available here]

The closing keynote was given by Natalie Silvanovich working on the Google Project Zero. It was about the Shakra Javascript engine. Natalie reviewed the code and discovered 13 bugs, now fixed. She started the talk with a deep review of the principles of arrays in the Javascript engine. Arrays are very important in JS. There are simple but can quickly become complicate with arrays of arrays of arrays. Example:

var b = [ 1; “bob, {}, new RegExp() ];

The second part of the talk was dedicated to the review of the bug she found during her research time. I was a bit lost (the end of the day and not my preferred topic) but the work performed looked very nice.

The 2017’s edition is now over. Besides the talk, the main room was full of sponsor booths with nice challenges, hackerspaces, etc. A great edition! See you next year I hope!

[The post HITB Amsterdam 2017 Day #2 Wrap-Up has been first published on /dev/random]

from Xavier

#HITB Amsterdam 2017 Day 2 Wrap-Up

0 notes