XPrivacy - Xposed Framework Module

About XPrivacy

In  earlier post, I had explained about Xposed Installer and OpenPDroid. The former explaining about modifying your ROM without modifying an APK or flashing a custom ROM, and the latter explaining about protecting your privacy and providing fake or null information to the apps that access your private data.

Now, today I'm going to explain about a combination of both Xposed and OpenPDroid. Yeah, enter XPrivacy module for Xposed Framework.  Wondering what is it?

I am going to explain about it in a minute, read on..!!

XPrivacy can be used as an alternative to OpenPDroid, though not as restrictive as OpenPDroid can be, but still is a great option for those who cannot patch their ROM to run OpenPDroid. XPrivacy can be used to prevent applications from accessing your private sensitive data.

XPrivacy does this by providing an application with null or fake data.

XPrivacy does not block the permissions of an application, it just provides the application with fake data, hence there'll be no problem of a particular application getting force closed because of using XPrivacy.

If providing fake or null data to an application causes problems in working of an application, then the same can be reversed. By default, all newly-installed applications will not be allowed to access any data, so that any new application cannot leak any sensitive data after its installation. After every application installation, XPrivacy will prompt to ask for the data you want the application to have access to.

As the developer of the XPrivacy module says, XPrivacy will monitor attempts made by all applications to access sensitive data. XPrivacy will highlight (with a yellow triangle) a data category for an application (or an application name in the application browser) as soon as data of the data category has been used. XPrivacy will also display if an application has internet access, indicating that the application poses a risk of sharing the data it obtains with an external server. If an application has requested Android permissions to access data in a data category, it will also be displayed (with a green tick), but this will only be shown when looking at an individual application, since checking permissions for all applications is quite slow.

XPrivacy is built using the Xposed framework. XPrivacy taps into a number of selected functions of Android through the Xposed framework. Depending on the function, XPrivacy conditionally skips execution of the original function (for example when an application tries to set a proximity alert) or alters the result of the original function (for example to return empty calendar data).

Installation of XPrivacy

1.    Requires Android Jelly Bean (4.1 and above) and rooted phone.

2.    Requires Xposed Framework installed.

3.    Download XPrivacy and Xposed fix for your Android version from  here.

4.    Enable XPrivacy in Xposed Installer > Modules tab.

5.    Reboot into Recovery mode.

6.    Flash Xposed fix for the version of Android.

7.    Reboot your phone.

If you have any queries, feel free to comment.!!

Share Desktop and Remote Desktop Viewer

Hello reader's today, I am going to discuss about share Desktop and Remote Desktop Viewer. Desktop sharing is very important feature of Linux operating system. You can access any computer in your network range. This application mostly used in colleges and in an organization where teaching or communication done by computer in a network.

Following are this way that indicate how to connect your computer to another one. This process can be done on any computer in a network, either you can give a permission to other user to fully access your Desktop or you can access another user Desktop as well. In teaching field you can give access of server to the student computer. In this way a lecturer can easily share his stuffs with others.

Step 1:

Press windows button on your keyboard and try to search Desktop sharing, open it.

Fig :-01

Step 2:

Click on “Allow other user to view your Desktop” option and close it. After this task other user can send you the request to connect your computer. This task must for the user whom others going to connect.

Fig :-02

Fig :-03

 

Step 3:

Now can search for “Remote Desktop Viewer”,open it.

Fig :-04

Step 4:

After opening of Remote Desktop Viewer, you can see a option protocol, and selected protocol is SSH, change it to VNC.

Fig :-05

 

Step 5:

Now in the next option that is Host, enter the IP address of the computer whom you want to connect. Select full screen option and click on connect button.

Fig :-06

 

Step 6 :

After clicking on connect you will get one black window, just wait till the other user whom you want to connect is allow your request.

Fig :-07

 

Step 7:

if the other user accept your request then you can see his/her Desktop on your screen and you have full access to do anything on his/her Desktop.

Fig :-08

This is a just a way to connect or share your computer's in a network. You can do much more things using this feature.

DNS Cache Poisoning

DNS stands for “domain name system.” Domain names are the human-readable website addresses we use every day. For example, Google’s domain name is google.com. If you want to visit Google, you just need to enter google.com into your web browser’s address bar.

Fig1: Command Prompt

However, your computer doesn’t understand where “Google.com” is. Behind the scenes, the Internet and other networks use numerical IP addresses (“Internet protocol” addresses). Google.com is located at the IP address 173.194.39.78 on the Internet. If you typed this number into your web browser’s address bar, you’d also end up at Google’s website. We use Google.com instead of 173.194.39.78 because addresses like Google.com are more meaningful and easier for us to remember. DNS is often explained as being like a phone book – like a phone book, DNS matches human-readable names to numbers that machines can more easily understand.

 Fig 2 :Poison

DNS cache poisoning, also known as DNS spoofing, is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones. One of the reasons DNS poisoning is so dangerous is because it can spread from DNS server to DNS server. In 2010, a DNS poisoning event resulted in the Great Firewall of China temporarily escaping China’s national borders, censoring the Internet in the USA until the problem was fixed.

How DNS Works:

Whenever your computer contacts a domain name like “google.com,” it must first contact its DNS server. The DNS server responds with one or more IP addresses where your computer can reach Google.com. Your computer then connects directly to that numerical IP address. DNS converts human-readable addresses like “Google.com” to computer-readable IP addresses like “173.194.67.102″.

 

Fig3: Working Of DNS

DNS Caching

The Internet doesn’t just have a single DNS server, as that would be extremely inefficient. Your Internet service provider runs its own DNS servers, which cache information from other DNS servers. Your home router functions as a DNS server, which caches information from your ISP’s DNS servers. Your computer has a local DNS cache, so it can quickly refer to DNS lookups it’s already performed rather than performing a DNS lookup over and over again.

Fig4: DNS Caching

DNS Cache Poisoning:

A DNS cache can become poisoned if it contains an incorrect entry. For example, if an attacker gets control of a DNS server and changes some of the information on it — for example, they could say that Google.com actually points to an IP address the attacker owns — that DNS server would tell its users to look for Google.com at the wrong address. The attacker’s address could contain some sort of malicious phishing website. DNS poisoning like this can also spread. For example, if various Internet service providers are getting their DNS information from the compromised server, the poisoned DNS entry will spread to the Internet service providers and be cached there. It will then spread to home routers and the DNS caches on computers as they look up the DNS entry, receive the incorrect response, and store it.

The Great Firewall of China Spreads to the US:

This isn’t just a theoretical problem — it has happened in the real world on a large scale. One of the ways China’s Great Firewall works is through blocking at the DNS level. For example, a website blocked in China, such as twitter.com, may have its DNS records pointed at an incorrect address on DNS servers in China. This would result in Twitter being inaccessible through normal means. Think of this as China intentionally poisoning its own DNS server caches.

Fig5: The Globe

In 2010, an Internet service provider outside of China mistakenly configured its DNS servers to fetch information from DNS servers in China. It fetched the incorrect DNS records from China and cached them on its own DNS servers. Other Internet service providers fetched DNS information from that Internet service provider and used it on their DNS servers. The poisoned DNS entries continued to spread until some people in the US were blocked from accessing Twitter, Facebook, and YouTube on their American Internet service providers. The Great Firewall of China had “leaked” outside of its national borders, preventing people from elsewhere in the world from accessing these websites. This essentially functioned as a large-scale DNS poisoning attack.

The Solution:

The real reason DNS cache poisoning is such a problem is because there’s no real way of determining whether DNS responses you receive are actually legitimate or whether they’ve been manipulated.

The long-term solution to DNS cache poisoning is DNSSEC. DNSSEC will allow organizations to sign their DNS records using public-key cryptography, ensuring that your computer will know whether a DNS record should be trusted or whether it’s been poisoned and redirects to an incorrect location.