#malicious behavior

Google has anticipate up with a new make a date called the €Penguin modernize.€ According to Google this update will by-purpose all those sites that are breaching its up-to-date quality guidelines. It will help them over against fight up web spam and will civilize high-quality content. It will target those who are using black-hat SEO tactics to improve their search engine rankings. Hither are a smallest tips that john assistant you survive this existing Penguin update.<\p>

Don't habit pattern hidden text or hidden links <\p>

Any content bordure tape that is presented differently to the visitors and search engines is categorized as Mystic text or Unrevealable link. Text is sleeping entrance several ways so my humble self should avoid following things: Don't use white lines anent white background Don't use text behind an image Avoid using CSS to lay up the text Dodge using smaller fonts <\p>

Don't undertake praxis like keyword stuffing bar sinister cloaking <\p>

Avoid using keywords in superiority. Limitation keywords only at befitting places. Don't burdening your website among keywords just towards recuperate your quest hot-air engine rankings. Unclear on in order to provide edifying willed to the users.<\p>

Avoid sending automated queries to Google <\p>

Google says €Google's Terms in re Service do not gift the sending of self-cooking queries of individual sort to our cosmos without el affirmative in advance out of Google. Sending self-acting queries absorbs resources and includes using any software (counterpart as Material Position Gold„) to send automated queries to Google to purport how a website fallowness webpage ranks passageway Google search results for various queries.€<\p>

People send automated queries to Google using some software programs unto degenerate their rankings. This might have been done deliberately or accidentally. Avoid using any unauthorized computer systematize to submit your pages or to check rankings.<\p>

Avoid duplication of sensuous pleasure <\p>

If two or more URLs have large part of identical content once it is known without distinction duplicate set at ease. If xerography is not done languidly to boot there are options at loose ends to overcome this problem. Themselves can canonicalize your site hereby indicating your preferred URL to Google. The best way to fight against duplicate stowage is in passage to establish a 301-redirect except duplicate page to the page irregardless original content.<\p>

Avoid creating pages with malicious behavior <\p>

Malicious activism refers to the inclusion touching viruses, totter along, spyware or Trojan horses on your webpage in preparation for phishing purposes. These malware are meant to harm search engines and visitors' computers. You could be penalized for using such vitriolic content.<\p>

Forbid creating doorway pages <\p>

Doorway pages are one of the deceptive practices used to manipulate search engine rankings. These are poor-quality pages created to fool specific keywords cross phrases. Themselves redirect the users to a single destination through cloaking. Such pages are very frustrating for users. Google loo take judicial process against such sites and douse them from Google contents.<\p>

New Post has been published on http://telea2z.com/ios-malware-can-sneak-through-apples-approval-process-researchers-show.html

iOS malware can sneak through Apple's approval process, researchers show

A team of researchers at the Georgia Institute of Technology have revealed a method which they say can slip iOS malware past Apple’s App Store approval process. Their research into what they dubbed “Jekyll apps” was presented at the 22nd USENIX Security Symposium in Washington, D.C. and published online as a PDF titled Jekyll on iOS: When Benign Apps Become Evil.

“Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process,” explained the five-person team.

“The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code. Since the new control flows do not exist during the app review process, such apps, namely Jekyll apps, can stay undetected when reviewed and easily obtain Apple’s approval.

We implemented a proof-of-concept Jekyll app and successfully published it in App Store. We remotely launched the attacks on a controlled group of devices that installed the app. The result shows that, despite running inside the iOS sandbox, Jekyll app can successfully perform many malicious tasks, such as stealthily posting tweets, taking photos, stealing device identity information, sending email and SMS, attacking other apps, and even exploiting kernel vulnerabilities.”

Their “Jekyll” app was created with remotely-exploitable vulnerabilities built in, masked by legitimate features to evade detection during the App Store approval process, but ready to be triggered once the app was installed on an iOS device.

In effect, the app is a Trojan which only becomes active once it runs and has its program logic reconfigured remotely through built-in vulnerabilities put there by the programmer.

In the example, they also used undocumented private APIs in iOS to access users’ data – such as the entire contents of the address book – while hiding this use “in a way that is more resilient to non-trivial code analysis” during the approval process.

The proof-of-concept app was based on an open source news app called News:yc, modified with vulnerabilities and malicious code gadgets, and configured to connect to a server controlled by the research team.

It was approved by Apple and released on the App Store in March 2013 for long enough for the team to download it to their own devices. They then quickly removed from the store to ensure no one else downloaded it. “We have data to show that only our testing devices installed the app,” explains the report, with the team having “made a full disclosure of our attack to Apple”.

Apple spokesperson Tom Neumayr told MIT Technology Review that Apple has since made some changes to the iOS software in response to issues identified in the research, which has a section discussing possible counter-measures to this kind of malware. It’s unclear whether the iOS 6.1.3 update in mid-March, which included some security updates, dealt with this – though the researchers’ paper suggests that it would be almost impossible to detect such “Jekyll” apps without examining their source code in detail.

“The idea of hiding vulnerabilities and later exploiting them is not easy to fix by Apple. It’s a fundamental issue for Apple. Most likely Apple can use better sandbox policies to refine what we can do. But 6.1.3 doesn’t fix them,” Tielei Wang, one of the researchers, told the Guardian.

“Sandboxes” are the virtual spaces created for individual apps within iOS: each has its own set of files and restrictions about what global data or access it can have. That prevents direct sharing of data: Apple says that the purpose of sandboxing is “to limit the damage a compromised app can do to the system.”

The claim by researcher Long Lu that Apple’s approval team only ran the Jekyll app for “a few seconds” before approving it for distribution on the App Store raises the prospect that other malware may make its way onto the store too – or may have done already. Apple has not specified how it tests apps, but a standard method would be to run machine-based “dynamic analysis” in which the code is executed in a virtual machine to check it.

Apple says it rejects apps that use non-public APIs – but the “Jekyll” app hides its use of those in apparently dead code which would not be accessible to a machine test before the app had been reconfigured.

Thus far, Android has faced much more scrutiny over malware available through the Google Play store. Trend Micro recently claimed that the number of “malicious and highrisk” Android apps was on course to reach 1m by the end of 2013.

Meanwhile, the UK’s Chartered Institute for IT recently warned about Android malware evolving beyond its most common form of SMS Trojans that text premium-rate numbers from people’s smartphones.

Apple’s confidence that iOS is less vulnerable to malware than Android is unlikely to be dented by the Georgia Tech team’s paper alone. Wang told the Guardian that the same method would work against Android: “Since Android also allows third-party apps to use native code, you can also hide vulnerabilities there. But implementing an Android malicious app is relatively easy, I don’t think malicious developers need to do this.”

But news that Apple’s approvals process isn’t entirely malware-proof may encourage malicious coders to target iOS as well.