Dropbox Two Step Authentication

Dropbox Two Step Authentication

Have you ever heard about keyloggers?. Just in case you haven’t… keyloggers are a super simple piece of technology. They are software applications that can be installed in almost every PC / Mac, and they simply save every keystroke.

They’re invisible to the user. So… they just know everything you type. Including passwords. Keyloggers generate a logfile, which can be (in some cases) sent via email to the guy who is spying on you… and in other cases, they just generate a textfile somewhere in the system… which will eventually be downloaded, and your whole security exposed.

So… long short story, keyloggers are a threat to your email account, homebanking, skype, facebook… everything you use online, can be super easily “hacked”. That includes Dropbox!.

I don’t know about you, but i store personal files in Dropbox, such as pictures, and documents… i just use it as an online backup “just in case”. If i got hacked, the idea of someone else skimming through my stuff… well, it’s pretty scary.

So, what can we do?


Let’s set up Two Step Authentication!
  1. First things first. We’re gonna need to install Google Authenticator app. So, if you use an iOS device, get it here. If you’re an android user… (shame on you!)… get it here.
  2. Head to dropbox.com, and login with your account.
  3. Click in the top right corner, and find the ‘Settings’ link.
  4. Click on the ‘Security’ tab. You should see the following:dropbox-two-step-verification
  5. See the ‘Two-step verification’ option?. Click on ‘Change!’
  6. Follow the instructions, until you get the following barcode onscreen:dropbox-barcode
  7. Well, at this point, you need to launch Google Authenticator App. Tap the ‘ + ‘ button, and tap the ‘Scan Barcode’ option. You’re gonna need to scan the QR code you’ve got onscreen.
  8. If everything went fine, your Google Authenticator app should already have an entry with a 6 digit number matching your Dropbox Account.
  9. Please, keep somewhere safe your 6 digit rescue code. That will save you, in case of emergency.
  10. You’re all set!.

Next time you log into your Dropbox account, the system will ask you to enter the 6 digits given by Google Authenticator app. Why is it good? why you should use it?….

Remember when we spoke about keyloggers?. Well, imagine you’ve got a keylogger installed in your computer….. no one, even with your passwords, will be able to log into your account. Unless they ALSO have your phone.

It’s an extra security measure, which makes things even more complicated. You’re not unhackable. But at least no script kiddie will be able to simply hijack your system.

Stay safe!

Star Trek: Into Darkness

I’ve gotta say this. I’m a big fan of J.J.Abrams director. He managed to develop a fresh sci-fy style, which looks really attractive. If you compare science fictions movies from the past 10 years, with the latest Star Trek: Into Darkness movie… you’d be impressed.

Star Trek: Into Darkness

What i like the most of the new movies is the way they’ve recreated the whole Trek technology. I’m not into hi tech visual effects… but the technology that’s shown into the movie could deceit even guys with PhD’s… the transporter looks super real!.

Luckily, although the movie is a couple months away, we got to check out the trailer… right now!!.  It will be released on May 17th, and even the website is already up!.

By the way… J.J.Abrams is the father of Fringe. A sci-fi series that has been around for the past couple of years. If you have enough spare time i suggest you give it a shot.

And last but not least… if you’re into SciFy technology, i recommend you read Physics of the Impossible, written by Professor Michio Kaku.

In such book, he got to analyze every single Trek technology, and he gives an educated estimate of when the technology could potentially become a reality. For instance… the Warp Drive is estimated to show up in the next 100 years.

I don’t expect to live 100 years… but maybe, in my next incarnation, i’ll be able to jump into the Enterprise… why not???.

New iPhone Jailbreak Released

It’s been a while since the last iPhone jailbreak was made public. But all evil comes to an end, sooner rather than later. A couple days ago, a hacking group named evad3rs, published a brand new Jailbreak tool for iOS 6.x.

It’s claimed to be able to jailbreak any iOS device: iPod / iPad / iPhone / iPad Mini. I’ve tested it myself on two devices: iPhone 4s and iPhone 5. The results were impressive. They managed to combine at least 3 different exploits to make things work.

The process is quite seamless. You simply download the app, run it, and follow the instructions onscreen. The binary is available for OSX, Windows and even Linux.

You can download it here. What to do once the device is jailbroken?. You can perform an incredible amount of customizations, that are not available in the pristine version of iOS.

iPhone Jailbreak

If, on the contrary, you’re still running an old version of iOS, we suggest you check out this site. They’ve got a nice repository of information with the previous jailbreaks that were made available… who doesn’t remember BlackRa1n, LimeRa1n… JailbreakMe or GreenPoison?.

Those were golden times, but Apple has spent a lot on hardening iOS security (no wonder why they’re now providing devices to the US Government, while RIM is directed right ahead to chapter eleven).


By the way.. we do not encourage the usage of hacked / cracked software. If you like an app, please, support the devs!.

Checking the UUID of a DSYM file

So… you’ve got a crashlog, and you don’t know if a given DSYM actually matches with the original executable?. Well, there is a super easy way to verify this. Simply type the following, in your console:

[cc lang=”bash”]dwarfdump -u Project.app.dSYM/Contents/Resources/DWARF/Project[/cc]

Ideally, mdfind should help you locate the matching DWARF. But sometimes… symbolication requires extra debugging.

Crashing a Mac Easily

crashing-a-mac

So… you thought that OSX was the most stable OS ever developed… right?. Guess what… you can crash it super easily. Just try the following…

  • Open any OSX app. For instance, Safari.
  • Type in the location bar the following string:  File:///
  • See the crash onscreen?

It’s been reported in OpenRadar, and astonishingly, it’s only affecting the latest incarnation of OSX, Mountain Lion. You can crash Chrome, Safari… and probably, any app you’ve got installed.

What’s all the fuzz about?. Crashes can be used to get ownership of the IP pointer.. which is, in layman terms, the guy that says what-to-execute next. Long short story, this could potentially be used to develop an exploit, to scale permissions in the system.

Let’s wait for a patch… 10.8.3 is taking quite a long time to ship.