CCC News


IT and Cyber Security News Update from

Centre for Research and Prevention of Computer Crimes, India


Courtesy - Sysman Computers Private Limited, Mumbai (

Since June 2005                                         January 16, 2015                                          Issue no 1531

Tenth year of uninterrupted publication

Today’s edition – 


STRENGTHEN : Maharashtra Cybercrime cell to get more muscle

BAN : UK prime minister suggests banning encrypted apps like WhatsApp, iMessage

FILM : 'Blackhat' brings cyber security to big screen

PRIVACY?? : Zombie Cookie - The Tracking Cookie That You Can’t Kill

IT Term of the day

Quote of the day


(Click on heading above to jump to related item. Click on “Top” to be back here)



STRENGTHEN : Maharashtra Cybercrime cell to get more muscle

By Dhaval Kulkarni


14 January 2015


The state government has decided to grant more manpower and facilities to the cyber crime cell, which deals with online crimes such as stalking, identity theft, and hacking.


The state government has decided to grant more manpower and facilities to the cyber crime cell, which deals with online crimes such as stalking, identity theft, and hacking.


Chief minister Devendra Fadnavis, in a Tuesday meeting with senior state government and police officials, decided to create 100 new posts in the Mumbai police to deal with cyber crime. A total of 1,000 staff, including these specially personnel, will be deployed for the purpose.


The police will also get new and well-equipped labs, better software and technical tools apart from more trained manpower to deal with cyber crime.


According to the CID's latest report, in 2013, a total of 907 cyber crime cases were registered in Maharashtra under the Indian Penal Code (IPC) and the Information Technology (IT) acts, in which 603 persons have been arrested. This is a rise from 561 cases of cybercrime in 2012, which saw 407 arrests.


The report says eve-teasing or harassment tops the list of crimes. Those in the 18-30 year group account for the largest number of people arrested under the IPC and the IT Act for their alleged involvement in these crimes.?


Cybercrime also includes theft of information or intellectual property, email bombing, virus attacks, internet time thefts and theft or damage of a computer system. In these crimes, computer programs are manipulated to facilitate crimes like fraudulent use of ATM cards and accounts, credit card frauds, or frauds involving electronic fund transfers and electronic commerce and electronic data interchange.


"Mumbai police presented a road map to create capacity to effectively deal with cyber crimes. It was discussed at length and approved," confirmed joint commissioner of police, crime, Sadanand Date.


Also see -



BAN : UK prime minister suggests banning encrypted apps like WhatsApp, iMessage

Having access to people's communications is vital for combating terrorism, David Cameron says

By Zach Miners

IDG News Service

Jan 13, 2015


The U.K. may ban online messaging services that offer encryption such as WhatsApp and Apple's iMessage, under surveillance plans laid out by Prime Minister David Cameron.


Services that allow people to communicate without providing access to their messages pose a serious challenge to law enforcement efforts to combat terrorism and other crimes, Cameron said Monday.


He didn't name specific apps, but suggested those with encryption would not jive with new surveillance legislation he's looking to enact if he gets re-elected this year. Such apps include WhatsApp, iMessage, Google Hangouts, Microsoft's Skype, CryptoCat, and more.


"In our country, do we want to allow a means of communication between people which, even in extremists ... that we cannot read?" Cameron said, adding later, "No, we must not."


"The first duty of any government is to keep our country and our people safe," he said.


He didn't say how the government might enforce the legislation or keep people from downloading such apps.


His comments follow the wave of shootings in Paris last week by Islamic extremists. Being able to gather information about people's communications, be that communications records or actual content, could help authorities to thwart and investigate attacks, Cameron said.


But his comments also come at a time of increased concern over government surveillance, and the loss of digital privacy in general. On the same day Cameron delivered his remarks, in the President Obama announced plans for new legislation that would give Americans more control over their data online. A Consumer Privacy Bill of Rights, Obama proposed, would allow consumers to decide what pieces of their personal data are collected by companies and decide how the data is used.



FILM : 'Blackhat' brings cyber security to big screen

American director Michael Mann is making a grand return with "Blackhat," a timely cyber-terrorism action flick starring Chris Hemsworth.American director Michael Mann is making a grand return with "Blackhat," a timely cyber-terrorism action flick starring Chris Hemsworth.


15 Jan, 2015


LOS ANGELES: American director Michael Mann is making a grand return with " Blackhat," a timely cyber-terrorism action flick starring Chris Hemsworth.

Australian actor Hemsworth sheds his "Thor" costume to become Nicholas Hathaway, a "black hat" bad-guy hacker released from prison to help American authorities dismantle a criminal network.


"Blackhat" hits theate'with cyber-crime very much in the headlines, with its Friday debut coming just two months after a devastating cyber-attack on Hollywood studio Sony Pictures.


That hack is believed to have been linked to "The Interview," which depicts a fictional CIA plot to assassinate North Korea's leader -- a storyline that infuriated Pyongyang.

Mann said the roots of his film can be traced back more than two years, as he began to understand the threats posed by cyber-terrorism.


The director -- whose last film "Public Enemies," came out nearly six yea'ago -- said he was motivated to make the film because "it takes place in our world as it is right now, right at the cutting edge of this moment."


Speaking at a press conference in Los Angeles, Mann said he consulted expert hacke'for the production, including one, Kevin Poulsen, who spent several yea'in prison.

"We wanted to know who are the black hat hackers, what motivates them?" Mann said.


Hemsworth, named the world's sexiest man in November by US magazine People, said he asked one of the hacke'if "knowing what you know... do you look at the world differently?"


"He started to laugh. He said: 'Man, people have no idea how exposed they are and how vulnerable they are.'"


The cyber-crime experts showed Hemsworth and American co-star Wang Leehom, who plays a Chinese government computer expert, how to mimic the body language of

hackers, including their typing mannerisms.


Hemsworth also shares the screen with two-time Oscar nominee Viola Davis, who plays an FBI special agent in the adventure that takes viewe'from Los Angeles to Hong Kong by way of Jakarta.


Also co-starring in the film is Chinese actress Tang Wei, perhaps best known for her role in Ang Lee's sultry spy drama "Lust, Caution."


The plot begins with a literal bang, as a Hong Kong nuclear power plant explodes thanks to the handiwork of a hacker, and Chinese authorities ask for American help finding the culprits.


Talking about cyber-terrorism was an "eye-opening experience," Mann said, adding that people are "vulnerable to intrusions from everywhere."


Mann's film "The Aviator" -- a Howard Hughes biopic starring Leonardo DiCaprio -- took home five Oscars. "The Insider" (1999), based on a true story about a tobacco industry whistleblower, earned seven nominations.


He also directed "Heat" (1995) and created the popular 1980s television show "Miami Vice."


The Sony hack was claimed by a group calling itself Guardians of Peace, but Washington has blamed the attack on North Korea -- a claim Pyongyang denies.


The group issued threats against cinemas and movie-goe'over the planned release of "The Interview," initially prompting Sony to pull the plug on the film's Christmas Day release.

However, hundreds of independent theate'rallied to show the flick, which was also made available online and via cable TV providers.  



PRIVACY?? : Zombie Cookie - The Tracking Cookie That You Can’t Kill

An online ad company called Turn is using tracking cookies that come back to life after Verizon users have deleted them. Turn’s services are used by everyone from Google to Facebook.

by Julia Angwin and Mike Tigas


Jan. 14, 2015


An online advertising clearinghouse relied on by Google, Yahoo and Facebook is using controversial cookies that come back from the dead to track the web surfing of Verizon customers.


The company, called Turn, is taking advantage of a hidden undeletable number that Verizon uses to monitor customers' habits on their smartphones and tablets. Turn uses the Verizon number to respawn tracking cookies that users have deleted.


"We are trying to use the most persistent identifier that we can in order to do what we do," Max Ochoa, Turn's chief privacy officer, told ProPublica.


Turn's zombie cookie comes amid a controversy about a new form of tracking the telecom industry has deployed to shadow mobile phone users. Last year, Verizon and AT&T users noticed their carriers were inserting a tracking number into all the Web traffic that transmits from a users' phone – even if the user has tried to opt out.


Users complained that the tracking number could be used by any website they visited from their phone to build a dossier about their behavior – what sites they went to, what apps they used.


In November, AT&T stopped using the number. But Verizon did not, instead assuring users on its website that "it is unlikely that sites and ad entities will attempt to build customer profiles" using its identifiers.


When asked about Turn's use of the Verizon number to respawn tracking cookies, a Verizon spokeswoman said, "We're reviewing the information you shared and will evaluate and take appropriate measures to address."


Turn privacy officer Ochoa said that his company had conversations with Verizon about Turn's use of the Verizon tracking number and said "they were quite satisfied."


Turn's actions were spotted by Stanford researcher Jonathan Mayer, and confirmed by ProPublica's testing.


Turn and Verizon also have a separate marketing partnership that allows Verizon to share anonymized information about its mobile customers. In April, Verizon sponsored a Turn event in New York City called " Bringing Sexy Back to Measurement."


Turn, which calls itself a "Digital Hub," may not be a household name but it is a huge back-end processor of ads on websites.


It works like this: When a user visits a website that contains Turn tracking code, the company holds an auction within milliseconds for advertisers to target that user. The highest bidder's ad instantly appears on the user's screen as the web page loads. Turn says it receives 2 million requests for online advertising placements per second.


For its auctions to work, Turn needs to identify web users by cookies, which are small text files that are stored on their computers. The cookies allow Turn to identify a user's web browsing habits, such as an interest in sports or shopping, which it uses to lure advertisers to the auction.


Some users try to block such tracking by turning off or deleting cookies. But Turn says that when users clear their cookies, it does not consider that a signal that users want to opt out from being tracked.


"There are definitely people who feel that if they clear their cookies, they won't be tracked, and that is not strictly accurate," said Joshua Koran, senior vice president of product management at Turn.


Turn executives said the only way users can opt out is to install a Turn opt-out cookie on their machine. That cookie is not designed to prevent Turn from collecting data about a user - only to prevent Turn from showing targeted ads to that user.


ProPublica's tests showed that even Verizon users who installed the Turn opt-out cookie continued to receive the Turn tracking cookie as well. Turn said despite the appearance of the tracking cookie, it continues to honor the opt-out cookie.


Initially, Turn officials also told ProPublica that its zombie cookie had a benefit for users: They said they were using the Verizon number to keep track of people who installed the Turn opt-out cookie, so that if they mistakenly deleted it, Turn could continue to honor their decisions to opt out.


But when ProPublica tested that claim on the industry's opt-out system, we found that it did not show Verizon users as opted out. Turn subsequently contacted us to say it had fixed what it said was a glitch, but our tests did not show it had been fixed.


Either way, this fix does not address the respawning of cookies that have been deleted– since Turn says it does not consider that an expression of user intent.

"It is our absolute desire to honor people's choices," said Ochoa, Turn's chief privacy officer.


For more coverage, read ProPublica's previous reporting on Verizon's indestructible tracking and AT&T's decision to stop using the technique.


Update, Jan. 16, 2014: In response to our revelation, Turn said it will suspend using its zombie cookie.



IT Term of the day

Domain Name

A domain name is a unique name that identifies a website. For example, the domain name of the Tech Terms Computer Dictionary is "" Each website has a domain name that serves as an address, which is used to access the website.


Whenever you visit a website, the domain name appears in the address bar of the web browser. Some domain names are preceded by "www" (which is not part of the domain name), while others omit the "www" prefix. All domain names have a domain suffix, such as .com, .net, or .org. The domain suffix helps identify the type of website the domain name represents. For example, ".com" domain names are typically used by commercial website, while ".org" websites are often used by non-profit organizations. Some domain names end with a country code, such as ".dk" (Denmark) or ".se" (Sweden), which helps identify the location and audience of the website.


Domain names are relatively cheap to register, though they must be renewed every year or every few years. The good news is that anyone can register a domain name, so you can purchase a unique domain name for your blog or website. The bad news is that nearly all domain names with common words have already been registered. Therefore, if you want to register a custom domain name, you may need to think of a creative variation. Once you decide on a domain name and register it, the name is yours until you stop renewing it. When the renewal period expires, the domain name becomes available for others to purchase.


NOTE: When you access a website, the domain name is actually translated to an IP address, which defines the server where the website located. This translation is performed dynamically by a service called DNS.



Quote of the day

Men, it has been well said, think in herds; it will be seen that they go mad in herds, while they only recover their senses slowly, and one by one.


Charles Mackay,

Extraordinary Popular Delusions and the Madness of Crowds, 1841



Note -

  1. As a member of this group, you get useful information to protect yourself and your IT assets and processes from various Computer and Related Crimes.
  2. If you think that your other friends/colleagues/acquaintances/relatives/foes/enemies also needs this information, forward the mail to them and request them to send their e-mail addresses and names to us with subject as "Subscribe".
  3. If you or someone has become victim of Computer Crimes or has any query on prevention, you are welcome to write to us.
  4. If you are not interested in it and would like to unsubscribe - send a reply mail with subject as "Unsubscribe".
  5. Disclaimer - We have taken due care to research and present these news-items to you. Though we've spent a great deal of time researching these matters, some details may be wrong. If you use any of these items, you are using at your risk and cost. You are required to verify and validate before any usage. Most of these need expert help / assistance to use / implement. For any error or loss or liability due to what-so-ever reason, CRPCC and/or Sysman Computers (P) Ltd. and/or any associated person / entity will not be responsible.