Bypass ISP DNS hijack by changing DNS port on Ubiquiti USG router

The Background We talked earlier about how certain ISPs block websites by using DNS hijack methods and I had recommended using DNSCrypt to bypass it. Well, as part of my home network overhaul, I moved over from the consumer grade (but still decent enough) Asus router over to Ubiquiti stack which, among other things, lead me to use their “Unify Security Gateway (USG)” as the router. Now, this router is pretty decent and is running Ubiquiti’s EdgeOS (derived from Vyatta OS, which in turn is based on linux/debian). [Read More]

Indian ISP ACT Fibernet blocks bit.ly. Does DNS Hijacking

TLDR; Indian ISP ACT Fibernet (aka Beam Telecom) hijacks its users’ DNS requests (even when using public DNS servers like Google or OpenDNS) and blocks websites through this method. This has huge implications beyond website blocking and you can’t rely on anything that you are browsing anymore though there are ways available to make yourself safe. Aside: Indian ISPs are blocking benign/collateral damage sites now like bit. [Read More]

Solving The Android Permissions And Malware Puzzle

There has been a spate of security reports recently about Android apps being malware or suspicious. Most of these were found baseless but at least one was indeed correct (e.g. The Russian Trojan app). We also know that Android has a very good security model but even then, the rest of the reports also makes one think and focus on why an apps requires the permissions that it states it needs? [Read More]

Android vs iPhone: Security Models

Android and iPhone OS (iOS) have been at loggerheads for quite some time now. This is a take on which has a better security model to protect its users. I thought of writing it up because there have been a lot of discussions around me lately about which platform is more secure and I keep repeating the same points over and over at every one of them, so thought that in future I’ll just point them to this page :P [Read More]

Fill Your Password To Invite Your Buddies - Not So Fast!!

For the past many years, I’ve seen a trend that has been on a meteoric rise. Whatever new service you sign on for on the internet (especially the web2.0–oh-so-cool-you-have-to-tell-everyone-about-it ones), it gives you an option to fill in your e-mail ID and password and makes a generous offer of letting all your friends know about your new avatar and let them all join in the fun. Most of the people around me, it seems, don’t think twice before gladly accepting the offer, as is made apparent from the increasing amount of automated mails I’m getting with subjects like “Hey, don’t be left out! [Read More]