What Is NFC On Your Mobile Phone?

 

 

 

 

If you’ve looked at the hardware specifications for a top of the line handset at any point in the last few years, there’s a good chance that you’ve seen NFC listed on the spec sheet. But despite the age of NFC, it hasn’t yet become the norm for all smartphones. If you’re content with an older handset, or can’t quite justify springing for the latest top of the line model, you may be wondering what all the fuss is about. So here’s a rundown of what NFC is, how it works, and what it can be used for.

Advertisement

NFC stands for “Near Field Communication” and, as the name implies, it enables short range communication between compatible devices. This requires at least one transmitting device, and another to receive the signal. A range of devices can use the NFC standard and can be considered either passive or active, depending on how the device works.
Passive NFC devices include tags, and other small transmitters, that can send information to other NFC devices without the need for a power source of their own. However, they don’t really process any information sent from other sources, and can’t connect to other passive components.  These often take the form of interactive signs on walls or advertisements.
Active devices are able to both send and receive data, and can communicate with each other as well as with passive devices. Smartphones are by far the most common implementation of active NFC devices, but public transport card readers and touch payment terminals are also good examples of the technology.

How it works

Just like Bluetooth and WiFi, and all manner of other wireless signals, NFC works on the principle of sending information over radio waves.  Near Field Communication is another standard for wireless data transitions, meaning that there are specifications which devices have to adhere to in order to communicate with each other properly. The technology used in NFC is based on older RFID (Radio-frequency identification) ideas, which uses electromagnetic induction in order to transmit information.
This marks the one major difference between NFC and Bluetooth/WiFi, as it can be used to induce electric currents within passive components as well as just send data. This means that passive devices don’t require their own power supply, and can instead be powered by the electromagnetic field produced by an active NFC component when it comes into range, but we’ll talk about that in greater detail some other time. Unfortunately, NFC technology does not command enough inductance to be used to charge our smartphones, but QI charging is based on the same principle

 

Forgot Your Blackberry Password?

 

 

 

Your BlackBerry device password can't be recovered or changed if you don't enter your current password correctly. For security reasons, the only way that you can reset your password without knowing your current password is to delete all of your device data. You can do this by entering an incorrect device password multiple times.

Research In Motion recommends that you regularly create and save a backup file on your computer.

 

And Finally, The Google Inbox App Is Here!

 

 

 GOOGLE INBOX APP

 

 

If you are a Google fan then you definitely need to have this App. But it is not available for download on the internet right now but Google will email it to you on request. All you need to do is to send the Google Inbox team a mail to get the App. You can reach them at inbox@google.com, be the first to use the much awaited inbox App!

 

Android OS Maybe Hacked?

A flaw in Android's GUI framework let university researchers hack

into applications with up to 92 percent success rate.

They tested apps from Gmail, H&R Block , Newegg, WebMD , Chase

Bank, Hotels.com and Amazon.

"Changes in the shared memory side channel allow an attacker to

infer if there is an activity transition going on in the foreground,"

researcher Zhiyun Qian, an assistant professor at the University of

California at Riverside, told LinuxInsider.

"This is a design choice by modern OSes ... . The same attack may

work as well [on other mobile OSes]," he added.

Details of the Flaw

When a new screen or window is shown, the GUI framework

allocates a fixed amount of memory in the shared memory register

that's proportional to the size of the screen, Qian said. This memory

is allocated inside the app process and shared with a separate

window compositor process.

Shared memory is commonly adopted by window managers to

receive window changes or updates from running applications. This

gives rise to the side channel.

When a user downloads a malicious app, the shared memory lets

attackers steal information such as login credentials, and obtain

sensitive camera images such as photos of personal checks sent

through banking apps.

Existing attacks can be enhanced in stealth and effectiveness by

providing the target UI states; further, user behavior can be

inferred by tracking UI state changes.

How the Attack Works

The researchers first built a UI state machine based on UI state

signatures constructed online.

In real time, they inferred UI states -- called "activities" in Android

-- from an unprivileged background app.

They then exploited the designed functionality that allows UI

preemption, commonly used by alarm or reminder apps on Android,

to break the GUI integrity.

"This is akin to a combination of other well-known flaws such as the

Trojan Horse approach," Al Hilwa, a program director at IDC, told

LinuxInsider.

Trojan Horses capture user data with a decoy UI before error

messages are put out, and the real app is brought up once the data

is stolen. However, in the researchers' attack, "the real app is used

but another app is capturing the data, then throwing out an error

message," Hilwa said.

The findings put paid to the common notion that downloaded apps

cannot interfere with each other.

The Killing Fields

The researchers achieved success rates for their attacks of 92

percent for the Gmail and H&R Block apps; 86 percent for Newegg's

app; 85 percent for the WebMD app; and 83 percent for the Chase

Bank and Hotels.com apps.

They had the lowest success rate -- 48 percent -- with the Amazon

app, because it allows an activity to transition to almost any other

activity, making tracking difficult.

"We will shut down the vulnerability on Android first, followed by

iOS," James Wu, CTO and COO of Newegg North America, told

LinuxInsider. He expects these fixes to be in place by next week.

"At this time, there is no indication that any H&R Block client data

has been compromised as a result of this vulnerability," said

company spokesperson Gene King.

"H&R Block takes privacy and security very seriously, and we are in

contact with appropriate parties to address these reports," he told

LinuxInsider.

The researchers had not yet notified Google of the flaw, UCR's Qian

said.

On Responsibility and Defense

As for fixing the flaw, Newegg's Wu said, "everyone is responsible

-- the OS makers, app developers and phone users."

The researchers "did a good job at pointing out and educating

everyone about a possible vulnerability," he continued. "Now it is up

to all of us to do something about it."

OS vendors could eliminate the shared memory side channel, Qian

suggested, although that could impact backward compatibility. Or

they could redesign the GUI framework to avoid frequently

allocating and deallocating memory, instead preallocating double

the size of the memory. That approach would increase memory

consumption, though.

There are "not always perfect solutions," Qian admitted, noting that

each imposes its own penalties.

Richard Adhikari has written about high-tech for leading industry

publications since the 1990s and wonders where it's all leading to.

Will implanted RFID chips in humans be the Mark of the Beast? Will

nanotech solve our coming food crisis? Does Sturgeon's Law still

hold true? You can connect with Richard on Google+ .