The Development of iGenomics, the World’s First DNA Sequencer on iPhone

One of the scientists from Cold Spring Harbor Laboratory (CHSL), Aspyn Palatnick, has successfully developed a tool to analyze the series of cellular genomes. The tool is claimed to be the first in the world and it is currently available on Apple’s app store with the name iGenomics. To operate it, the users only need to install the iPhone with a DNA sequencer cellular device. As a result, you can create your own cellular genetics lab. Yes, it may remind you of the “Tricorder” that appears in Star Trek movies.

iOS devices are chosen for the main media to install and use the app. The main reasons are practicality and mobility. Sure, it is possible to use it on bigger devices like a PC or laptop. However, it sounds less easy. Moreover, the app is intended for those who are in the work fields during pandemics. 

Purposes of the App

The app is developed to complete the device of small DNA sequencing produced by Oxford Nanopore. Palatnick said that because of the sequences that are getting smaller and smaller, there is no technology available to learn about DNA on cellular devices. Currently, there are only some major studies about the DNA. They are the DNA arrangement and analysis that are done in a big server cluster. Those activities also can only be done on a laptop with more complex programs.

Meanwhile, there is still no similar app that can be operated via smaller mobile devices like the iPhone. This is what makes Palatnick become really enthusiastic to create one. Additionally, the users of Smartphones have increased very rapidly in these recent years. The development of the app is expected to ease the users more in learning about and analyzing DNA sequencing.

The same reason is also stated by Schatz. There are many scientists who learn about pandemics and they must fly from one place to another surrounded by high risks for the sake of doing analysis in the remote area. iGenomics is expected to help them by making the genome study more portable, accessible, and affordable.

Functions and Benefits of iGenomics

The users can manage the AirDrop data from one to another. It enables DNA analysis even in a very remote location. You can also do it in an area without any internet access. So, it is not exaggerating if iGenomics later can also be used by astronauts in outer space.

Interestingly, there are indeed so many interests in DNA sequencing in space. Palatnick said that he tries to see whether there is a way so that they can get iGenomics there. So many people have been interested in doing this. it is proof of the impossibility to do the same analysis on a conventional computer. Yes, it is impossible to bring your computer or laptop to outer space or other remote areas on the earth. Your smartphone is more possible to be carried anywhere.

Furthermore, in the Gigascience journal, Palatnick and Schatz report that the algorithm of iGenomics can map DNA sequences faster than some virus pathogens including influenza and Zika viruses. The app can also more easily identify important mutations for diagnosis and treatments. To ease the users in using the app, online guides are available currently.

Although the app has not been used widely yet, Schatz dreams about iGenomics to help workers in fields as well as engineers more in the future. In one of his statements, he said that currently, almost all people have professional cameras in their pockets. it should not be too difficult to imagine that some years later, we can bring our own DNA sequencer in our same pockets also, in our smartphones. There will be more opportunities to measure our environments to look for and find pathogens and even do our own diagnoses.

Who is Palatnick?

iGenomics was programmed by Aspyn Palatnick. It is not a short period of time to see the product is perfectly done. Yes, he needs 8 years to complete it and Palatnick started the development in high school when he was still 14 years old.

Palatnick is indeed interested in the world of software aside from his ability in the area of DNA and genome. His ability has improved well as currently, he is no longer a student but a professional software engineer who works on Facebook. It makes him more experienced in developing apps for the iPhone. With support from Prof. Schatz and his laboratory, it seems reasonable if he can develop something incredible like iGenomics.

Is It True That Antivirus Able to Make a Computer Vulnerable?

Antivirus is software that is used to detect and remove viruses on a computer to avoid more serious effects such as data theft. There are many antiviruses used to deal with viruses on computers such as McAfee, Avast and Kaspersky. The virus itself is a program created to attack a file so that the file becomes interrupted to severe damage. Computer antivirus has a role to prevent the antivirus from damaging files on the computer by quarantining it and destroying it. However, some computer antiviruses also have weaknesses when used.

Antivirus protects the computer from harmful viruses, while the antivirus will likely make the computer more vulnerable to viruses. This deficiency should be overcome to provide maximum protection for the computer. Even popular antivirus can make a computer more vulnerable to attack. This discovery has been researched and tested by independent antiviruses such as RACK911 Labs regarding antivirus vulnerability. Several other laboratories are also researching weaknesses that may be possessed by antivirus such as Dennis Technology Labs and Av-Test Institute. Antivirus is important to be the vanguard of computers against computer attacks, while providing protection and minimizing the impact is important to be evaluated by antivirus.

What makes an antivirus program exploitable

When the antivirus identifies a file that is suspected to be dangerous, the antivirus will do its job to quarantine it to other parts and it can also directly destroy it and then prevent the user from operating it. Antivirus is given the privilege to browse into the system and has the authority to make changes to the system. This makes it more susceptible to viruses. Antivirus has access that can enter parts of the computer system. This may make other parties still able to access the system by trying to find weaknesses in the system and try to pin it down. To be able to carry out more optimal protection, it is important to update computer programs, so that the system can make the necessary repairs to protect the PC and the files contained therein.

What about free and paid antivirus?

Free antivirus provides protection for your PC against virus threats to keep it secure. Free antivirus provides basic protection against viruses in general, warns of harmful files and applications and cleans them. Protection is done thoroughly by cleaning the dangerous viruses automatically.

Paid antiviruses provide more optimal protection. Basically free and paid antivirus have in common that can provide protection against PCs from virus threats. Paid antivirus acts by preventing the occurrence of virus attacks so that the incoming virus can be suppressed as much as possible.

Choose a computer antivirus that has good features and suits your needs. You can search for many antivirus references by looking at many reviews on the internet. Of course there are many recommended antivirus for better protection.

How to protect computers more optimally

Always update the software

It is important to continue to improve your computer software. This update can help to improve security on the computer. By updating means adding additional features that are useful for improving computer systems, including for security. The addition of features will provide protection against system vulnerabilities with better ways.

Activate the firewall

To increase security, try to activate the firewall. The firewall’s role is to protect and even block illegal system traffic on computers and the internet. The firewall will carry out its function by protecting important data that is there.

Take advantage of antivirus and do regular updates

Antivirus can be used to prevent virus infections in computer systems and to block the virus from both free antivirus and paid antivirus. By doing regular updates to update the features better and so as to prevent various malware attacks. Thus, antivirus can work more quickly and efficiently. Make sure the antivirus is also anti spyware to prevent various negative effects on the computer.

Using passwords for protection of software

The use of passwords in software is very important especially for security purposes. Perentas might make it possible to steal identities to devices that are not encoded. The use of complex passwords and the different uses in each application will make it difficult for hackers to crack passwords. Don’t use passwords that are too general like birthdays, because users will find it easier to bottle your device.

Don’t give passwords carelessly

The important thing to watch out for is not giving passwords to anyone and any site. Make sure you keep the password for yourself. To log in to a website, make sure the website is safe and legal. If a malicious site is usually a computer antivirus will give a warning.

Microsoft Teams Successfully Neutralized Malicious GIF Attack

What if a seemingly harmless animated GIF image suddenly snatches your Microsoft Teams account and other sensitive information stored within? What if using the same image that you inadvertently open, the attacker can take over your business and even attack other accounts to which your account is connected? This apparently unbelievable case of internet hacking has actually occurred and—fortunately—successfully intercepted and neutralized by Microsoft in collaboration with CyberArk, the team of researchers that discovered it.

The Vulnerable Data

Full disclosure of the attack is revealed by CyberArk security researchers on March 23, 2020. The attack comes out in the form of a subdomain takeover whereby Microsoft Teams users who can be forced to send a token (cookies) to the compromised subdomains may render their confidential data vulnerable to stealing and hacking. These data may include passwords, private information, calendar reminders and scheduled meetings, business plans, business competition information, and other confidential data.

Subdomain Takeover Attack

This attack stems from Microsoft’s method in managing the sharing of data across different Microsoft Teams platforms and servers. Whenever users access their Microsoft Teams account and open an application, the platform will create a temporary access token and authenticate it. Supported services, such as Microsoft Outlook and SharePoint, will also create similar tokens.

Every content that is shared on the platform is protected by permission restriction so that only eligible parties can access it. Microsoft restricts its permission by using two cookies, “authtoken” and “skypetoken_asm.” The Skype token is then sent to Microsoft Teams’ website and its subdomains. Two subdomains, i.e. addsync-test.teams.microsoft.com and data-dev.teams.microsoft.com, are proven to be vulnerable to subdomain takeover attack.

The domino effect commences when the subdomains are taken over by an attacker. The automatically generated authtoken will be sent to the compromised subdomains. The attacker, who has received the authtoken, can generate a skype token that they can use to sneak into the victim’s Microsoft Teams account and to steal every piece of vulnerable information. With the acquired authtoken, the attacker can also perform various administrative tasks within the victim’s Microsoft Teams account, including reading and sending messages, create new groups, add new users and remove users from groups, and alter groups’ permissions.

In short, with the automatically generated authtoken, the attacker can practically take over the victim’s Microsoft Teams account and all the functions and data within.

How Does the Attack Occur?

The attack starts with the attacker sending a malicious GIF image to a victim through the latter’s Microsoft Teams platform. This is done after the attacker successfully takes over the vulnerable Microsoft Teams’ subdomains. The victim will less likely be suspicious about the received image because it is sent from within the platform after the subdomain takeover completes. The authtoken is generated and sent to the compromised subdomains when the victim opens the image and right before the image loads on the browser.

The victim only needs to open the attached image for the attack to succeed!

What If There Is Nothing to Steal?

Even if the attacker finds nothing of value when successfully sneaking into the victim’s Microsoft Teams account, the attack can still be dangerous for other accounts that happen to be connected to the victim’s account. The attack will navigate across different accounts like a worm and do more serious damages that can be beyond repair.

If the victim’s account is connected to a company account, the attacker can exploit this vulnerability to spread false information, to give fake instruction from the company’s authorities to the employees, and to do malicious actions that may lead to financial problems, data stealing, and business collapse.

Why Does the Attack Matter, Especially Today?

Microsoft Teams has long become a collaborative platform for both individuals and companies. Any undetected vulnerabilities on this platform will certainly become dangerous risks for all users. These risks are serious now and ever, so why it becomes even more serious today?

Companies are forcing their staff to work from home as Covid 19 strikes. When virtually everyone works at home, online collaborative platforms like Microsoft Teams become the primary hubs for various business interactions, transactions, and competitions. Attacks that occur there can lead to truly grave situations when the world’s economy practically runs on such platforms.

CyberArk security researchers reported their findings to Microsoft after discovering it on March 23. They subsequently worked with Microsoft Security Research Center to take the necessary measures to mitigate the potential attack. Microsoft immediately removed the misconfigured DNS as a part of the mitigation effort and released a patch to deal with the newly discovered vulnerability.

Google Buys Software Company CloudSimple

On July 2019, Google announced their partnership with CloudSimple to help more company teams move their on-site operations to the cloud but now, Google is straight buying them based on Vice President Engineering at Google, Rich Sanzi statement on Monday, “This agreement making our last collaboration with CloudSimple that we inform on July, it make us must advance a perfect Vmware migration solution with upgrade service for our users”

 CloudSimple announced at their Linkedin, “We’re excited to announce that CloudSimple is now a part of Google Cloud! We’ll continue to focus on accelerating our ability to help customers easily move their VMware workloads to the cloud” on Monday and “We got the improbable things to convert the firm workloads to the cloud by collaborating more critical with a cloud provider who can help CloudSimple with bigger investments and faster assimilation with the cloud to get the big impact of what we ask to them,” said Pangal in a written blog post. It is interesting because previously SimpleCloud was a company once central to Microsoft’s cloud ambitions.

So what is CloudSimple? CloudSimple is a firm that offers a service to the world’s leading cloud vendors to spread and manage workloads in a dedicated, private cloud in public clouds. With the full support of Microsoft and VMware, the first offering is a service for VMware. Pangal was established the CloudSimple in 2016, StorSimple is the previously found by him too. StorSimple is a cloud storage system builder that was bought by Microsoft. CloudSimple helps the company looking to move VMware workloads to the cloud without any transformation and continue to use the familiar VMware and cloud management tools they know. IT benefits from the aptitude and on-demand, the elastic infrastructure of the cloud, as well as lowering costs. The VMware project and plans for the designing, developing and optimizing the product which makes the computing more superfluous, available, accessible as well as easily scalable. There are three VMware products such as VMware server, workstation, and vSphere.

Vmware that show up on Google Cloud Platform, the users will get all of the intimacy form the cloud stuff, learning and keep their investment, as they behead on their cloud method and immediately give the latest  benefit to customers, run them flawlessly and safer from hybrid cloud area. Through Google’s existing partnership with CloudSimple, customers can drift their Vmare workloads from on-premise data centers directly into Google Cloud VMware Solution by CloudSimple, while also creating new Vmware workload as desired. The partnership with Google Cloud enables the mutual customers to run VMware workloads on VMware Cloud Foundation in Google Cloud Platform. The innovation prowess, modern infrastructure, and leadership in areas such as smart analytics convinced SimpleCloud that joining together with Google would further their joint vision. The acquisition came into real after GCP’s $2.6 billion deal in June to acquire Looker, the Business Intelligence (BI) specialist. As with Looker, CloudSimple is already a major GCP partner.

By acquiring SimpleCloud, this makes cloud competition increasing. Enterprise customer base is crucial to cloud service providers as their allocating to modernize IT infrastructure is increasing. The enterprises are fastly shifting from traditional application software to software as a service (SaaS), which is expected to contribute to the public cloud spending globally. However, Google’s acquisition of CloudSimple is likely to help it in delivering boost experience to enterprise customers. Moreover, customers will apply VMware tools and protect their investments with VMware on Google Cloud. Google acquires SimpleCloud is one of the Biggest Tech Breakthrough in a Generation. Became one of the earliest investors in a new type of device that experts say could have as much impact on society as electricity was discovered. Current technology will soon be out-of-date and replaced by this new device. In the process, it is expected to create many jobs and afford many benefits.

Things like this are actually not so surprising because as happened before, Google, which is a large company that has a combined company from aplhabet, the A-Z company. The names of the big and well-known companies owned by Google such as Google Maps, AdSense, DoubleClick and YouTube generate huge amounts of profits. In 2017, Google bought 11 company which are Limes Audio (Sweden), Fabric                   (United States), Kaggle (United States), AppBridge (United States), Owlchemy Labs (United States), Halli Labs (India), AIMatter (Belarus), HTC (portions) (Taiwan), Bitium               (United States), Relay Media (United States), and 60db (United States). In 2019, Google bought 7 companies, Superpod (United States), Alooma (Israel), Nightcorn (German), Looker (United States), Elastifile (United States), Socratic (United States), and the latest is CloudSimple (Unites States).

Indian WhatsApp users advised to update app over security concerns

With 400 billion users, India has WhatsApp’s largest user base. But the online messenger app has recently come under scrutiny in the country, as well in several other regions, after two recent serious security breaches.

The Indian Computer Emergency Response Team (CERT), the nation’s main cybersecurity agency, has asked Indian WhatsApp users to update the application to the newest version. The notice was issued after Facebook, the owner of WhatsApp, revealed that a major potential problem has been found on older versions of the widely used app. CERT classified this as a “High Severity” threat.

What the problem is

If an unknown number has sent you an MP4 file via WhatsApp, watch out. You could have been a victim of the latest hacking scheme.

CERT has released an official statement on its website. The statement reveals that there is a vulnerability in WhatsApp’s system. It means that an unknown remote attacker could exploit this vulnerability to install malicious spyware on a user’s phone just by using an MP4 video file.

The spyware is encoded into a specifically made MP4 file. It could be triggered even without user authentication. Once the receiver of the message opens the video, the spyware is automatically installed on the phone.

After the spyware is installed, the attacker could make changes to the phone system. According to CERT, the spyware causes a condition called Remote Code Execution (RCE) of Denial of Service (DoS). In other words, the remote attacker could launch commands to compromise any device that uses Android, Apple, or Windows operating systems. This problem has serious far-reaching implications because no matter where the users are located, their phones can still be targeted.

The problem can be found in both individual and business versions of WhatsApp until the newest updates were launched in October this year.

Similarity to the Pegasus Breach

This security problem is discovered just after the Pegasus Breach controversy. Earlier this year, WhatsApp came under fire after it was made known that its software has been abused by hackers. The hackers utilize the loophole in the system to install spyware on phones. The name of the malware is Pegasus. It is said to have targeted journalists, activists, and human rights lawyers, jeopardizing their activities and privacy.

Similar to the MP4 video method, Pegasus is also spyware that installs itself on the target’s phone. However, it exploits a weakness in the messaging app’s video call function. It is also more advanced than the other method. Even if the user does not answer the suspicious call, the spyware can still breach the phone.

An Israel-based corporation, NSO Group, has undergone public scrutiny because it was accused of providing the Pegasus spyware. WhatsApp has sued the tech firm in a US court, alleging that NSO Group has violated the app’s terms and conditions and holds responsibility for the attacks. But the NSO Group claims that it only cooperates with government agencies.

WhatsApp had informed users whose devices are potentially breached by the spyware. In India, at least 17 individuals’ devices were infected by Pegasus. These included activists and lawyers who champion human rights, as well as journalists. The government has denied having any part in the hacking.

Security improvements by WhatsApp

Facebook and WhatsApp had announced that they have come up with a solution for the vulnerability a few days ago. WhatsApp’s statement says that the app is “constantly working to improve the security” of their service.

Both Facebook and WhatsApp have claimed that the most recent security patch from the application has resolved the vulnerability issue. And WhatsApp has no reason to believe that its users were affected, its spokesperson said. However, no further details about the counteracting measures have been disclosed.

The messenger boasts that its end-to-end encryption makes it a secure means of communication. The encryption means that the messages can only be read on the sender and the recipient’s devices. But the claim is debatable. The two recent scandals are not even the first time the application has been criticized for endangering the security and privacy of its users.

Currently, WhatsApp is the messaging app with the largest number of users. But some are migrating to other applications such as Telegram in search of a safer option. The developers of WhatsApp must look into potential vulnerabilities and reinforce their defenses so as to prevent losing current and potential users.

In the meantime, do not forget to update the application on your device. You should take this precaution so that you can avoid any potential security breach. Otherwise, your device might be compromised.

Native Opera Mini Review

Native Opera Mini is not a new app for those who love to surf the web. It is a more streamlined browser than Opera browser but with some other additional settings. As a native app, there are some pros and cons you should know.

About Opera Mini

Opera browser has been one of the best browsers you might get. It has been developed for several versions and it has the same root after all. When it comes to the Opera browser, we might know several good things offered by this ap.

It has a built-in ad blocker that makes your surfing experience much better. The VPN is also equipped in this browser that will allow you to access all websites and videos even if those are banned in your country. Its battery saver is suitable for those who use it for the mobile phone.

Essentially, Opera offers faster performance compared to other web browsers and its Speed Dial start page boosts the browsing experience. To speed up slow connections, you can turn on the Turbo mode while it also cuts your data usage. For easy navigation, you can use gestures though. Its configuration options allow you to open RSS feeds.

However, this app might cause some sites to balk at considering they do not recognize the browser. Also, there is no reading list or reading mode. There is no social sharing tool available. There is no AJAX, Flash, or JavaScript support provided by Opera Mini. You cannot even choose to get a mobile or desktop version.

However, all of them are improved through its native version. The next section is where we will tell you anything about the native apps. Native apps allow the browser to be more useful, up-to-date and secured.

About Native Apps

In general, native apps can be more specialized compared to the web app. Native Opera Mini emphasizes the performance so it could do much better compared to web apps and cross-platform apps in general. Other than that, the native app can do anything cross-platform and web apps could do. Other than that, this browser provides the greatest strength compared to those two. The biggest weakness might be on its cost.

This version of Opera Mini also uses the system-level keyboard which is a different one. It might be the cons for those who what to use a finger-only keyboard without installing a third-party keyboard. However, this app is worth a try especially if you want to get a better browsing experiment as a militant fan of Opera browsers.

The development of native app costs more expensive than the development in the web or cross-platform apps. However, it is not the dead-end and it would not be wise if you make a decision based on the cost alone. Some other points like market potential make Opera invests on this app in the first place.

The Pros of Native Opera Mini

It has more varied options on marketing and strategic development points. The optimization is ranked better as well. Other than that, it has a better UI/UX design that will enhance multimedia and graphic content. Native Opera Mini gives the highest speed performance and much-improved functionality compared to the Opera Mini alone. It has better developer support as well. Compared to the Java version, this version is easier to install and operate.

The Cons of Native Opera Mini

As we have mentioned earlier, it is an expensive option that may affect your browsing experience by using the Opera Mini browser. Opera Mini is not the best web browser on the market today unless you upgrade it or purchase certain aspects if asked to. It requires users to sign up before using the browser which is not a convenient thing for some users.

Its initial Opera Link sync made an exception but it might sync your bookmarks just fine. You cannot change the size of the character and the smallest setting is still too big for VGA devices. However, since everyone uses a smartphone right now than it is not an issue anymore.

Generally, a native app can be invoked through the extension. However, Opera Mini by default will not allow users to set this up explicitly. It also does not support Italic character style.

More than anything, the Native Opera Mini has a lot of new things to offer for users. Considering there are tons of browsers that compete for the best browser in the world, Opera browsers also improve their service and performance from time to time.