الثلاثاء، 31 مارس 2015

Google Maps now lets you turn any location into a game of Pac-Man

Your neighborhood just got a lot more interesting. Google has released a new feature for Maps that lets you turn any location into a game of Pac-Man — all you have to do is click the new Pac-Man button that resides in the lower left corner of the screen. When you do, whatever section of the world you're looking at will transform into the pixelated arcade classic, complete with four colorful ghosts and the iconic music. While developers have created similar hacks before, this version of Google Maps Pac-Man comes directly from Google, and even supports mobile devices. This isn't the first time Google has mixed video games and Maps in time for April Fools' Day, as last year the company let you catch Pokemon using its mapping tool. As for Pac-Man, you can play it right now — and be sure to check the support page for tips on the best places to play.

Source Verge
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: , ,

Anonymous Hackers Threaten Israel with 'Electronic-Holocaust' on 7th April

The famous cyber hacker group Anonymous has vowed an 'Electronic Holocaust' against Israel in response to what the group calls 'crimes in the Palestinian territories'.
In a spooky video "message to Israel" posted on YouTube March 4, Anonymous declared yet another cyber attack on April 7, which is one week before Holocaust Remembrance day.


Totally in news delivering style, the video clip shows a man wearing an Anonymous mask and threatening to take down Israeli servers and websites related to critical infrastructure next week, promising to 'erase you from cyberspace'.
"We will erase [Israel] from cyberspace in our electronic Holocaust," says the video. "As we did many times, we will take down your servers, government websites, Israeli military sites, and Israeli institutions."
The cyber activist group declared Palestinians youths as a 'symbol of freedom', and urged them to "never give up. [Anonymous] are with you and will continue to defend you." The group criticized the Israeli government, saying that they have not stopped "endless human right violations" and "illegal settlements."
The video subtitled in Arabic and delivered in English electronic voice, possibly to hide the identity of the real person. The footage includes images of Israeli Prime Minister Benjamin Netanyahu sitting with military leaders and members of his cabinet, as well as images from the Gaza conflict.
The video also shows images of injured Palestinian children and bombed areas that appear to date from Operation Protective Edge conducted by the Israel Defence Forces (IDF) last summer.
"[Israeli government] killed thousands of people, as in the last war against Gaza in 2014. [Israel] have shown that you do NOT respect international law," says the electronic voice, promising "We are coming back to punish you again."
"We always say expect us but you always fail. We are unexpected; we’ll show on 7 April 2015 what the electronic holocaust mean…," the video continues.
Anonymous then continued with a message to the "foolish Benjamin Netanyahu, and all leaders in the Zionist entities" warning that cyber attacks on Israeli government websites, sensitive data and devices will continue "until the people of Palestine are Free."
In past, Anonymous has targeted Israel a number of times. A cyber attack, called OpIsrael attack, in April 2013 claimed to have caused $3 Billion worth of damage to Israel, when the group targeted about 30,000 Israeli bank accounts, 100,000 websites, 5,000 Twitter accounts and over 40,000 Facebook pages.

Sourc The Hacker News

During Operation OpIsrael, Anonymous hacking group published the personal data of 5,000 Israeli officials over the Internet, which included names, ID numbers and personal email addresses.
Past targets of the the hacktivist group includes official websites of the Israeli prime minister, the Bank of Israel, the Israeli Defense Force (IDF), the Embassy of Israel to the United States and the Israeli President’s official website.
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: ,

StartUp : StayZilla : How Stayzilla came in the top five online travel agents in the country


Background:
Yogendra Vasupal, a dropout student from college who has keen interest in books came to know about computers in 1999, started undertaking freelance projects and web based applications and e-commerce portals. After earning about Rs.1 lakh from his freelance work, he wanted to do something with books but in search of its value he and his two friends, Sachit Singhi and Rupal Surana became online travel agents.

Yogi (as his friends’ call him) wanted to launch an e-commerce portal of his own. After studying market he along with his both friends launched ‘Stayzilla’.
Chennai-based Stayzilla claims to be the largest in the alternate stays segment, which books in the budget and value-stay segment. It also claims to be one of the top five online travel agents in the country.

Fund raising:
Started in 2010, Stayzilla has more than 1,200 locations with over 20,000 properties in its platform. It has raised $20 million, series-B round of funding, from Nexus Capital and existing investors Matrix partners to fund its expansion plan. Unlike other entrepreneurs, funds were never a major issue for them as Yogendra was already earning enough to pitch in initially called Inasra.com, it was rebranded as Stayzilla in 2010.

Current Status:
Sachit Singhi is the director, partnership, at Stayzilla and takes care of daily operations. Rupal Surana is the chief operating officer at Stayzilla. He said that when there were no other opponents in the segments in internet was not so popular, they went to meet hotels owners in Tier-II Tier-III cities and convinced them to tie up.

Scale up:
Sachit Singhi said the company hopes to close the financial year with a gross booking value of Rs.70 crore as compared to Rs.12 crore in 2013-14.They are targeting Rs.500 crore gross booking value in 2015-16 as we are growing nerly 10 times year-on-year.

Snippets from the Start up World
OYO Rooms raises RS.150 crore
Oyo Rooms, a network of budget hotels, has raised Rs.150 crore from Lightspeed, Sequoia and Greenoals Capital. It claims it has 200 hotels in 10 cities and books 50,000 room nights a month. It plans to expand its network to 1,000 hotels in 25 cities by this end of this year.

Roposo.com raises $5 million
Roposo.com, a social network focussing on fashion, backed by flipkart co-founder Binny Bansal , has raised $5 million in a series-A investment led by the technology-venture investor Tiger Global, the company stated. Existing investors such as Indian Quotient and Bansal also participated in this round.

Teewe raises $1.7 million
Mango Man Consumer Electronics, owners of HDMI dongle Teewe, which allows users to stream video content from a smartphone and watch it on their smart television, has raised $1.7 million from venture capital funds Sequoia Capital and India Quotient, according to media reports. It plans to use the money to buid new devices focusing on music and audio.

Urjas Energy raises $100,000
Mumbai-based Urjas Energy Systems has raised $100.000 in angel funding for its expansions plans. The three year old clean technology company makes multi-fuel gasifiers that work with the variety of agro wastes, which can replace fossil fuels used for heating in industries. The company is currently being incubated by IIT-Bombay’s Society for innovation and entrepreneurship and began commercialising its product eight months ago.

Yogurt labs raises Rs.72 Lakh
Mobile video production firm yogurt labs has raised Rs.72 lakhs in convertible notes from a clutch of investors Nick Adams and Kiran Bhat, the author of No Holy Cows in Business. Convertible notes are an instrument used by seed investors who wish to delay establishing a valuation until a later round of funding. Yogurt has developed a do-it-yourself platform for videos.
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: ,

الجمعة، 27 مارس 2015

Edward Snowden speaks why he is not a spy of Russia?

Edward Snowden speaks:

Edward Snowden:Good question, thanks for asking.
The answer is "of course not." You'll notice in all of these articles, the assertions ultimately come down to speculation and suspicion. None of them claim to have any actual proof, they're just so damned sure I'm a russian spy that it must be true.
And I get that. I really do. I mean come on - I used to teach "cyber counterintelligence" (their term) at DIA.
But when you look at in aggregate, what sense does that make? If I were a russian spy, why go to Hong Kong? It's would have been an unacceptable risk. And further - why give any information to journalists at all, for that matter, much less so much and of such importance? Any intelligence value it would have to the russians would be immediately compromised.
If I were a spy for the russians, why the hell was I trapped in any airport for a month? I would have gotten a parade and a medal instead.
The reality is I spent so long in that damn airport because I wouldn't play ball and nobody knew what to do with me. I refused to cooperate with Russian intelligence in any way (see my testimony to EU Parliament on this one if you're interested), and that hasn't changed.
At this point, I think the reason I get away with it is because of my public profile. What can they really do to me? If I show up with broken fingers, everybody will know what happened.

Edward Snowden replied to a question asked by max_fisher in reddit

The question was: [–]max_fisher 1801 points  
For Edward Snowden:
Russian journalist Andrei Soldatov has described your daily life as circumscribed by Russian state security services, which he said control the circumstances of your life there. Is this accurate? What are your interactions with Russian state security like? With Russian government representatives generally?
مرسلة بواسطة في ليست هناك تعليقات:
التسميات:

Best Parathas in Dehradun , Uttarakhand - Parantha Point

Picture showing Parathas
If you are looking for parathas so delicious that you won't forget their taste for a lifetime, you must visit PARATHA POINT in Dehradun.They are the best parathas in the entire city.As Dehradun is the education hub of Uttarakhand , there is a large student population , most of which is attracted to Paratha Point. We did a survey regarding Paratha Point and the results were surprising , above 90% of students believed that these were the best parathas ,they had eaten.

So if you are in Dehradun, you must visit Paratha Point , PREMNAGAR

How to reach Parantha Point?

Parantha Point is in Premnagar, Dehradun.The nearest landmarks to it are IMA (Indian Military Academy) and the FRI(Forest Research Academy).

You can get a bus/vikram/auto to Premnagar from ISBT, GhantaGhar(Clock Tower--main centre of Dehradun) or any other place.

Once you reach Premnagar , it is very easy to reach Premnagar as it is only 25 metres from the main chowk(square, though it is only 3 way). From the Premnagar Chowk , you will have to walk 25 metres towards the Chandigarh highway.

What is the variety of Parathas?

There is a large variety of parathas from aaloo (potato), aaloo pyaaz (potato with onions), anda (egg), gobhi(cabbage), paneer(cheese), mix, sweet, ... etc.

What is the cost of Parathas?
Cost is very effective and relatively cheap seeing the high standards of parathas.A simple aaloo paratha costs about 15 INR.
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: ,

The FIFA 15 Ultimate Team of ALAN SHEARER

Comment your FIFA 15 Ultimate Team
مرسلة بواسطة في ليست هناك تعليقات:
التسميات:

Video: Arsenal U-21 defeats Nike Training Academy

This Nike Training Academy defeated U-21 Teams of PSG and Barcelona but were defeated by Arsenal 2-1.Hector Bellerin was in the squad, lets see how many players can you recognize,comment.

SEE MORE HECTOR BELLERIN IS THE FASTEST PLAYER AT ARSENAL
See the video  of the match below:


مرسلة بواسطة في ليست هناك تعليقات:
التسميات: ,

الخميس، 26 مارس 2015

Adcom Kitkat A 47 Mobile (Grey) Rs.3759 with Rs.800 Cashback

M.R.P :- ₹ 5,000
Discount :- 25%
Offer Price :- ₹ 3,759
₹ 800 Cashback for Shopping more

When you expect the best from yourself, why get satisfied in less when it comes to anything else? Putting our experience together, we bring to you this creatively designed, Adcom Kitkat A 47 Mobile for high quality and performance. Not only dependable, this product is equally desirable helping you make your life simpler, smarter and better.

Features :-
  • 1.3 Ghz Quad Core Processor
  • Android v4.4.2 Kitkat
  • 4.5" Screen
  • 4 GB Internal Memory Expandable to 32 GB
  • 5 MP Camera
  • Dual Sim
  • 512 MB RAM
  • 3G and Bluetooth v4.0
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: , , , , ,

Mystery solved? Alone at controls, co-pilot sought to 'destroy' the plane


The co-pilot of the doomed Germanwings jet barricaded himself in the cockpit and "intentionally" sent the plane full speed into a mountain in the French Alps, ignoring the pilot's frantic pounding on the door and the screams of terror from passengers, a prosecutor said Thursday.
Co-pilot Andreas Lubitz's "intention (was) to destroy this plane," Marseille prosecutor Brice Robin said, laying out the horrifying conclusions reached by French aviation investigators after listening to the last minutes of Tuesday's Flight 9525.

The Airbus A320 was flying from Barcelona to Duesseldorf when it began to descend from cruising altitude of 38,000 feet after losing radio contact with air traffic controllers. All 150 on board died when the plane slammed into the mountain.

Robin said the pilot, who has not been identified, left the cockpit, presumably to go to the lavatory, and then was unable to regain access. In the meantime, Lubitz, a 28-year-old German, manually set the plane on the descent that drove it into the mountain.
Robin said the commander of the plane knocked several times "without response." He said the door could only be blocked manually.
"The most plausible, the most probably, is that the co-pilot voluntarily refused to open the door of the cockpit for the captain and pressed the button for the descent," Robin said.
He said the co-pilot's responses, initially courteous in the first part of the trip, became "curt" when the captain began the mid-flight briefing on the planned landing.
The information was pulled from the black box cockpit voice recorder, but Robin said the co-pilot said nothing from the moment the commanding pilot left.
"It was absolute silence in the cockpit," he said.
During the final minutes of the flight's descent, pounding could be heard on the cockpit door as plane alarms sounded but the co-pilot's breathing was normal the whole time, Robin said.
"It's obvious this co-pilot took advantage of the commander's absence. Could he have known he would leave? It is too early to say," he said.
He said Lubitz had never been flagged as a terrorist and would not give details on his religion or ethnic background. German authorities were taking charge of the investigation into the co-pilot.
Robin said just before the plane hit the mountain, the sounds of passengers screaming could be heard on the audio.
"I think the victims realized just at the last moment," he said.
The A320 is designed with safeguards to allow emergency entry if a pilot inside is unresponsive, but the override code known to the crew does not go into effect — and indeed goes into a lockdown — if the person inside the cockpit specifically denies entry, according to an Airbus training video and a pilot who has six years of experience with the jets.
Airlines in Europe are not required to have two people in the cockpit at all times, unlike the standard U.S. operating procedure after the 9/11 attacks changed to require a flight attendant to take the spot of a briefly departing pilot.
In the German town of Montabaur, acquaintances told The Associated Press that Lubitz appeared normal and happy when they saw him last fall as he renewed his glider pilot's license.
"He was happy he had the job with Germanwings and he was doing well," said a member of the glider club, Peter Ruecker, who watched Lubitz learn to fly. "He gave off a good feeling."
News of how investigators thought the plane crashed shocked the families, the airlines and everyone who heard the chilling, blow-by-blow description from the prosecutor. Lufthansa CEO Carsten Spohr said the airline was already "appalled" by what happened.
"I could not have imagined that becoming even worse," Spohr said in Cologne. "We choose our cockpit staff very, very carefully."
The families of victims were briefed about the conclusions just ahead of the announcement.
"The victims deserve explanations from the prosecutor," Robin said. "(But) they have having a hard time believing it."
Robin said the second black box still had not been found but remains of victims and DNA identification have begun, he said.
Lubitz had obtained his glider pilot's license as a teenager, and was accepted as a Lufthansa pilot trainee after finishing a tough German college preparatory school, Ruecker said. He described Lubitz as a "rather quiet" but friendly young man.
Lubitz' recently deleted Facebook page appeared to show a smiling man in a dark brown jacket posing in front of the Golden Gate Bridge in California. The page was wiped sometime in the past two days.

Lufthansa said Lubitz joined Germanwings in September 2013, directly out of flight school, and had flown 630 hours. The captain had more than 6,000 hours of flying time and been a Germanwings pilot since May 2014, having previously flown for Lufthansa and Condor.
The circumstances of the crash are likely to raise questions anew about the possibility of suicidal pilots.
In the 1999 crash of an EgyptAir jet off Nantucket that killed all 217 people on board, U.S. investigators found the co-pilot intentionally caused the plane to go down despite the pilot's efforts to regain control. Egyptian officials rejected the findings, saying the crash may have been caused by a mechanical failure.
___Source Paris Associated Press
مرسلة بواسطة في ليست هناك تعليقات:
التسميات:

McIlroy split was like someone dying, says Wozniacki

 Rory McIlroy of Northern Ireland and his former girlfriend, tennis player Caroline Wozniacki of Denmark, wait at the fourth tee during the final round of the Deutsche Bank Championship golf tournament in Norton
Former world number one Caroline Wozniacki says she felt like someone close to her had died after the split from golfer Rory McIlroy last year.
The Dane was quoted by Britain's Independent newspaper as saying her world was turned upside down when the Northern Irishman ended their relationship in May after wedding invitations had been sent out.
"In my head I had everything until that moment," said Wozniacki. "I had a great career, I was getting married, I have a perfect family. There was really nothing going against me. I was happy, very happy.
"Then all of a sudden something happens you don’t expect. You see your world turned around, literally from one second to the next. I didn't know how strong I was until that happened and I didn't know how much you can actually take. It really feels like someone close to you has died.
"That taught me so much. I grew up so much in that short amount of time. I also realized who is always there for me and who is just there when things are good.
"You learn about life. You have to enjoy it while it's there. You have to enjoy all the great moments. I think now when I look back I wouldn't have been without it because now I really know I'm strong, I know what I want, I know what I can accept, what I can't accept."
The biggest break-ups in sports
Their careers initially went in different directions after the split with McIlroy, who is now the world's number one golfer, winning the BMW PGA Championship at Wentworth as Wozniacki suffered an embarrassing first-round exit at the French Open.

"When I walked into the stadium or on to the court everybody was staring at me," said the Dane. "I felt the pity. I was like: ‘I’m OK. I’m fine. Don’t give me your pity. Don’t come up to me and stroke me. I’m not a child. I’m going to be fine'.
"I was trying in the match but I wasn't there. I have to be happy to play. I have to be excited. At the time it was like a funeral for me."
Wozniacki has since returned to form, reaching her first grand slam final since 2009 at the U.S. Open in September and going back up to number five in the world.
Source Reuters
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: , ,

Drew Barrymore's Post-Baby Body Felt Like a 'Kangaroo with a Giant Pouch'

Drew Barrymore
Drew Barrymore paints quite the picture about whether body felt like after having two children, Olive, 2, and Frankie, 11 months.
"After making two babies, holy cow, does your body do some crazy stuff!" she admits to Glamour magazine. "It’s hard to stay positive and love yourself." Even when you're Drew Barrymore!


"You feel like a kangaroo with a giant pouch; everything's saggy and weird," the 40-year-old actress recalls. "But you think about how beautiful it is that you’re able to make children. When I lose sight of that, I exercise, read Dr. Seuss’s Oh, the Places You’ll Go!, and spend time with my kids. Then I start to see things that are bigger than myself."
While her body image has gotten her down in the past, Barrymore looks to the positive. "My hair [is my favorite feature]. It takes a licking and keeps on ticking," she quips. "I destroy it time and time again, and it’s still there, semi-happy.”
She adds of her locks, "I love playing with it; it’s like my personal plant -- I keep getting to prune it."

Source ET ONLINE
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: ,

Harry Styles Cries Onstage After Zayn Malik Quits One Direction, Liam Payne Reflects On 'Strange 24 Hours'

Harry Styles
Harry Styles cried onstage during One Direction’s Wednesday night concert in the Indonesian capital of Jakarta after Zayn Malik announced that he had quit the popular band. At one point, while Liam Payne, Louis Tomlinson, and Niall Horan continued singing, Styles turned around and wiped away tears, having become overcome with emotion during the concert.
During another part of the show, Payne put his arm around a visibly upset Styles, after Tomlinson had stretched out his arm around an imaginary (and missing) Malik. Hours later, Payne took to Twitter to reflect on the shocking departure of his bandmate Malik. He tweeted around noontime in Jakarta, “So glad to be in bed after a long and strange 24 hours.”
Indeed, it was a strange 24 hours. Earlier, Malik said in a statement that after five years of touring he felt it was the “right time” to quit and apologized to fans for having “let anyone down.” Still, he stated that it felt “right in my heart,” and explained that he wanted to live his life privately like “a normal 22-year-old… out of the spotlight.”
As Gossip Cop reported, Malik’s quitting One Direction caused legions of fans to express sadness and grief on Twitter. Others, however, were enraged and directed their anger at Malik’s fiancee Perrie Edwards. Many called the Little Mix singer a modern-day Yoko Ono, referring to John Lennon’s wife who’s often blamed for the breakup of The Beatles.

Source Gossip Cop
مرسلة بواسطة في ليست هناك تعليقات:
التسميات: , ,

Opening Minds: Bank Tunneling 101



Introduction


On the internet every day there´s really a staggering amount of information generated and to keep up with all this, businesses are being forced to stock up on new equipment to be able to store it all. For example, IBM´s new server that can process 100 cyber monday’s worth of transactions a day.


James Hamilton, VP and a prominent engineer for Amazon shared some pretty mind-blowing stats about the current state of data storage. Two stats especially telling from the article:
-Every day, Amazon Web Services AWS adds enough new server capacity to support all of Amazon´s global infrastructure when it was a $7b annual revenue enterprise (in 2004).
-S3 has a 132% year-over-year growth in data transfer.

Accordingto Facts Hunt, in 2014 there were:

14.3 billion web-pages on the internet.
48 billion web pages indexed by Google.
14 billion web pages indexed by Microsoft Bing.
672 Exabytes or 672,000,000,000 Gigabytes (GB) of accessible data
43,639 Petabytes of global internet traffic in 2013
More than 900,000 servers in Google
More than 1 Yotta-byte ( thats septillion byte) of total stored information on the internet (it also isn´t related to a small green star wars character that talks backwards in anyway).


Note: Currently Microsoft leads the industry in number of servers with 1,000,000 which is 100,000 more than Google.
In December 2012, IDC and ECM estimated that the digital size of the universe (this would be all the digital data created, replicated and consumed this year) was 2,837 exabytes (EB) and they predicted that number growing to 40,000 EB by 2020. Just so you have an idea of what a ridiculous amount of data that is, it´s the equivalent of a million terabytes (TB) or a billion gigabytes (GB). This means, according to IDC and EMC´s prediction every person on the planet on average will contribute 5,200 GB to the digital universe (or 325 16gb iphones).
Looking at this from a security perspective, it becomes increasingly clear that with so much information generated there will be a lot of sensitive data. Whether it be your own, your friends or your relatives´, it´s coming from everyone and is being sent to a lot of different places. An unfortunate consequence of this huge influx of data, is the much publicized rise of cyber-crime. Unfortunately , far from being something that people find out about quickly and get it taken care of easily, it can go on for months or years without people even realizing they were the victim of an attack. Once people realize that a cyber-crime has occurred, it can be a long and arduous process to correct all the resultant problems.

Anyone that wants to rob something valuable, only has to find one fault in the system while ¨the good guys¨ have to think of all the different places and variations of possible attacks (a slightly more difficult task one might say). With all this in mind, it´s vital to maintain a sensible balance between security, practicality, budget and intellect.

The idea of this investigation series is to show that seemingly harmless public information on the internet can be used for illicit personal gain and criminal activity.

History

Not all losses of information or goods are what we would call ¨cyber/ IT¨ security breaches. Using a couple of examples, we´re going to analyze a very interesting type of robbery; that of the bank tunnel. 

These are not something that can be made on a whim and require a huge amount of planning and investment of both time and money.

Why, you might ask? Because bank tunnels are one of the thefts with the greatest impact from a physical security viewpoint and many times, they carry large financial implications as well.

¨Okay, I get that they can be a problem, but what does this have to do with IT security¨?

For a couple of reasons. First, it's important to remember the physical and the IT realm are never far apart. Second, we're going to show below how we can exploit public information to assist us with one of the most difficult part of planning a tunnel (the location).

Just so we have a little context, we are going to talk about bank tunnels (or holes) that have been utilized to extract valuables from different places, focusing primarily on banks and safes. With this in mind, we tried to be as thorough as possible. While, we found different examples in a number of different countries. We decided to go into a little more depth for countries in the Americas region.

Below we are going to list some of the more exceptional cases that we were able to find (listed by country).

Argentina
USA
Brazil
Canada
Colombia
France
Germany
United Kingdom
Thailand
A visual summary of all the examples we mentioned:

Country Bank Year Distance Money Valuables
Argentina Banco Galicia
1976
AR$5.000.000 50kg of Jewelery
Argentina Banco Mercantil
1992

200 safe boxes
Argentina Banco Credito
1997
 50 mts AR$5.000.000
Argentina Banco Río
2006
AR$8.000.000 8kg+ of jewelery
Argentina Banco Macro
2011
US$3.000.000+
Argentina Banco Provincia
2011
 30 mts AR$10.000.000
Argentina Banco Galicia
2011
 20 mts AR$500.000
Berlin Commerzbank
1995
 170 mts $12.400.000
Berlin Berliner Volksbank
2013
 30 mts L$8.300.000
Brasil Banco Central
2005
 200 mts R$160.000.000
Canada Royal Bank
1986
 6 mts US$196.000
Colombia Banco de la República de Pasto
1977
 50 mts AR$82.000.000
Colombia Caja Agraria
1991
 20 mts

EEUU Cobb Exchange Bank
1964
 42 mts US$1.000
EEUU First Interstate Bank
1986
 30 mts US$270.000
EEUU Bank of Quitman
1986
 20 mts US$20.000
EEUU Bank of America
1987
 20 mts US$91.000
Francia Société Générale bank
1976
 8 mts L$6.000.000 Jewels
Francia Société Générale bank
1976
$5.000.000
Francia Banco Río
1987
 46 mts
300 Deposit Boxes
Francia Crédit Lyonnais
2010
EU$24.000.000
Thailand Thai Bank
1994
 15 mts US$100.000
UK Lloyds Bank
1971
 15 mts L$1.500.000 260 Safes
UK Blockbusters
2012
 12 mts L$6.000
UK Tesco Store
2014
 30 mts L$100.000+

Technical research

One of the most important decisions when deciding to build a tunnel, is like most brick and mortar business endeavors, a matter of location. The different variables one should keep in mind are: proximity, movement, waste elimination, sound, etc.

Looking at it from a security perspective, we had the idea one day to see how difficult it would be to develop a system that recommends (given a target using GPS coordinates or address) an optimal place to start digging a tunnel. To start off, first we are going to search places reasonably close, as a way of starting to filter our results. For the moment, we´re not going to consider other variables.

To begin the search we will need the following_
- Public information of the banks
- Information of Real Estate rentals and sales
- GPS

Results:
The map below shows only some of the cases mentioned above:




Bank Information
For public information on banks we searched the different bank branches on their websites,  or well-known sites and online directories. The searches we did, were restricted to Argentina, Brazil and the United States, but of course any country could be included. Some of the information was extracted a little more by hand than others, but generally we used a process called scrapping in most cases.

Buildings
For the part concerning buildings or possible sites to start constructing the tunnels, we used a number of different sites. In Argentina we used zonaprop, sumavisos and mercadolibre. The first two it turns out didn't have APIs (or at least not accessible to third party users), but MercadoLibre fortunately did have a library in python making it quite easy to make requests or find things we wanted.

In other Latin American countries, such as Brazil, we can also use MercadoLibre. Although it might not be the best possible search engine for real estate, it provided sufficient information for our purposes. Thus, for Brazil we used the same API. (we only had to change a couple of characters to get it working the same as in Argentina).

In the US it was a little more complicated. The APIs that are out there, didn't give out so much information and what they could do was quite limited. They showed estimated prices in an address database (or in another database with buildings categorized by ID (which you can get to through other means) or simple mortgage prices. Only Zillow gave us any ¨useful¨ data that would be useful to automate our search.

Geopositioning (GPS)
The answer for this was pretty easy. Google maps provides us with a function in it's API whereby by simply giving an address we can obtain the geographic coordinates of the location. This is similar to what is regularly done using the navigator but more automated.


Applications

Google Maps
Like we said above, the only thing we needed from Google maps was to be able to calculate the geographic coordinates using a physical address as a starting point. The code for this was pretty straight forward and only a couple of lines were needed.

import json
from urllib2 import urlopen
from urllib import urlencode

GEOAPI_AUTH = "YOUR_API_KEY_AUTH"
GEOAPI_URL = "https://maps.googleapis.com/maps/api/geocode/json?"

def getCoordinates(addr):
    params = urlencode({'sensor' : 'false', 'address': addr, 'key' : GEOAPI_AUTH})
    data = json.loads(urlopen(GEOAPI_URL+params).read())
    if data['results']:
        return (data['results'][0]['geometry']['location']['lat'],
        data['results'][0]['geometry']['location']['lng'])

    return None

With this information, we then needed to be able to calculate distances. Once we have the coordinates of a target and a possible candidate, we can evaluate it by calculating its distance.

import math
GEO_ERR = -1

def getDistance(coordA, coordB):
    if coordA and coordB:
        R = 6371
        dLat = math.radians((coordB[0] - coordA[0]))
        dLon = math.radians((coordB[1] - coordA[1]))
        lat1 = math.radians(coordA[0])
        lat2 = math.radians(coordB[0])
        a = math.sin(dLat/2) * math.sin(dLat/2) + \
        math.sin(dLon/2) * math.sin(dLon/2) * math.cos(lat1) * math.cos(lat2)
        c = 2 * math.atan2(math.sqrt(a), math.sqrt(1-a))
        d = R * c
        return d * 1000
    return GEO_ERR

Remember: We used -1 so that we know when the calculation for the distance isn't working (whether it be because of the API or some other problem with the coordinates.

Ex. How long is the plaza that goes around the famous Obelisk in Buenos Aires?

getDistance([-34.6044185,-58.3815473],[-34.602953,-58.381634]) = 163.1492529420307 mts

With these results and using the distances that the different tunnels had as a base, we can estimate that for our purposes we are interested in up to 300 meters (anymore based on prior successful tunnels is probably too much (think about all the dirt you need to get rid of)!

Zillow API.
The problem with the majority of the APIs for real estate that we find is that the majority of the data is private and the stuff that is available publicly isn't particularly helpful or rich in detail.

Adding to that, the way one can see the information manually is pretty straight forward but if you want to automate it using an API, we aren't able to get enough information.

Putting it simply, the API only lets you access the information of the property, only if you have the ID itself, but without the proper ID you can't search using other filters or criteria. However, the page lets you search using the zip or postal code and using this we get an ¨interesting¨ quantity of real estate in the area (that is enough for our PoC).

However, with a mix of scrapping and using the API we were able to get what we wanted.

Thus, we can find properties by putting in the zipcode, the city and the name of the state. Lets try it using San Francisco, California, 94121.

The search engine automatically formats (if it's right), the url to the following:
http://www.zillow.com/ciudad-estado-codigopostal

For example it would be: http://www.zillow.com/san-francisco-ca-94121

As we can see in the web page, on the right you have some recommended properties with their Zillow Property ID. This we are going to use a little later with theAPI to get additional information, that right now the web page doesn´t let us access.

We define a regexp to match the Ids "\/[0-9]*_zpid\/" and after we implement a request to access directly, a city inside a state, changing the location depending on its zipcode.

import re
from urllib2 import urlopen as uopen

ZILLOW_PATTERN = re.compile("\/[0-9]*_zpid\/")

def getCandidates(city, state, zcode):
    domain = "http://www.zillow.com/"
    url = "%s%s%s%s" % (domain, city, state, zcode)
    raw_results = uopen(url).read()
    return set(ZILLOW_PATTERN.findall(raw_results))

Why did we decide to do it like this? Because at first there weren't a lot of options and second because the majority of banks' directories in the US have the zipcode next to the physical address of the bank, which is really important for us to be able to improve the proximity when we do our searches.

Once we have all the IDS we have to put them into the API, we are then able to get an address for any property, which for our purposes is of utmost importance.

from urllib2 import urlopen as uopen
import math
import xml.etree.ElementTree as ET
import re

ZILLOW_AUTH = "YOUR-API-KEY-AUTH"
ZILLOW_ESTIMATE = "http://www.zillow.com/webservice/GetZestimate.htm?zws-id="
ZILLOW_PATTERN = re.compile("\/[0-9]*_zpid\/")


def getCandidates(bank_coord, city, state, zcode):
    domain = "http://www.zillow.com/"
    url = "%s%s%s%s" % (domain, city, state, zcode)
    raw_results = uopen(url).read()

    candidates = []
    for x in set(ZILLOW_PATTERN.findall(raw_results)):
        xml_response = uopen(ZILLOW_ESTIMATE+ZILLOW_AUTH+"&zpid="+x[1:-6]).read()
        root = ET.fromstring(xml_response)

Until here, we've gotten all our data about the properties using the API in xml format. Now, were going to parse through the most important parts and obtain the distance. For each candidate we're going to save them in a list, ordering them by proximity to the bank.

        lat = getVal(root.find('response/address/latitude'))
        lon = getVal(root.find('response/address/longitude'))

        if lat != None and lon != None:
        candidates.append([getDistance([float(lat), float(lon)], bank_coord), homedetail])

        candidates = sorted(candidates, key=lambda x: x[0])
After we're only going to show the candidates that don't go over the distance limit.


    for distance, details in candidates:
        if distance > LIMIT:
            print "[-] Skipping next candidates, over %s meters" % LIMIT
            break
        print "[!] Found candidate:"
        print "[+] Distance:", distance
        print "[+] Details:", details
        print "-------------"

This will wrap-up the part about the United States. If we were to ¨standardize" the input, (which isn't too tricky), we can repeat the process for any bank.

MercadoLibre API
A little different from how we were doing things with Zillow, the only option we have with MercadoLibre is to look for properties with three filters (State, City, Neighborhood) and (unfortuanetely) there's no way to order the results in a useful fashion. Clearly, at least for someone that is looking for prices about a specific area, probably Mercadolibre isn't going to be that useful and you are going to have better results using a ¨real estate" API (because we can search for proximity). Due to this, our results are going to depend a bit on luck and how much we can abuse the three filters.

For Argentina, we're going to use a couple of city in the province of Buenos Aires and some parts in the Capital Federal district. For Brazil we'll use São Paulo state. The search process for both countries is pretty similar.

In particular, MercadoLibre's API was without quesiton one of the easiest to work with in general. It was simple to use and the development part to do testing (with documentation included that they provide) is sufficient to be able to understand everything.

Below, we find a simple (but complete) example of how to obtain the full list of buildings using a python library which can be downloaded here for free.


from meli import Meli

MELI_CID = "1337"
MELI_AUTH = "YOUR-API-KEY-AUTH"

meli = Meli(client_id=MELI_CID, client_secret=MELI_AUTH)

url = "/sites/MLA/search?category=MLA1459"

r = meli.get(url)

if r.status_code == 200:
    print r.content

The response you save in JSON format for the results of the question. In this case the URL represents the parameters that the API receives.

We're not going to write too much explaining how the whole API works because it’s not our goal and because there is already a lot of literature on this topic. We are going to use MLX as our notation for each country (the X represents the country). MLA for Argentina and MLB for Brasil for example. The category filter is set to buildings (1459) and that’s what we're going to look at. .

After, for filtering all the search results, with all the parameters that would be useful for us, we can see below.

/sites/MLA/search?category=MLA1459&state=Buenos Aires&city=Capital Federal&neighborhood=Microcentro"

Really, for each value for the filters there is a unique ID in the database and this isn't always necessary when we want to apply all the filters at once.

The filters have IDS looking like this:

"capital federal": "TUxBUENBUGw3M2E1"
"belgrano": "TUxBQkJFTDcyNTJa"

All the IDs (generally) are associated with their physical location. For example if there are two cities in different provinces with the same name, when we use the ID, automatically it’s going to show which province the place belongs to. It's not too difficult at all to get everything and put together a good database, so luckily solving our conundrum isn't proving too complicated, now that we have public data and free access.

This works to our advantage because the searches we can do by filtering by the smallest denomination, which in our case would be by neighbourhood. If we are trying to analyze a bank in Buenos Aires proper and the address of the bank is in Belgrano (a neigborhood in Buenos Aires), we only need to use the neighbourhood filter.

/sites/MLA/search?category=MLA1459&neighborhood=TUxBQkJFTDcyNTJail.

Also, by limiting and offsetting we can cut down our results to get the prices.

The rest is interpreting the results, getting the address of each property and calculating the distance between the bank, for which we are applying the filters and see if the address is useful.

Our results
It's important to remember that the views we are going to provide are through Gooble Maps and they're really only for us to better orientate ourselves a bit (the distances to do a tunnel don't need to take into account which way the streets are going and these kinds of things ;)

Some close ones we got for Brasil, Sao Paulo
In the case of Banco Safra, the coordinates from the news send us 6 meters from the bank, but in the article the address is much farther away. This would be a false positive but not because of our search mechanisim, but because we are depending on if the users fill out correctly the search fields.

And sometimes we find one building works for different banks.
    From closest to farthest away we have some of the results we got for Argentina, Buenos Aires

    Some examples we got for USA, San Francisco, taking advantage of the request limit for the API

    Here,you can check out the different buildings mentioned with their corresponding bank in the general map (ordered by country)

    Contingency Plan:

    We believe that the organizations, law makers and financial institutions should make new requirements and precautions in the buying and selling of real estate for those located near centrally strategic points. For us, banks should try and be proactive about this, trying to figure out if they are really at risk for this kind of robbery and what precausions they should take. 

    Future work
    Mercadolibre.
    Additionally, we can do a lot of improvements to be able to accelerate the process automatically and with better performance.

    In the case of MercadoLibre, as the filters are what gave us the most trouble, we could organize the information of the banks by filters (that they're going to apply), and for each result we compare with all the banks in the group, saving us a bit of unnecessary searches.

    If we have the following banks:
    Banco A, Buenos Aires, Capital Federal, Palermo, Mario Bravo 1000
    Banco B, Buenos Aires, Capital Federal, Belgrano, Cabildo 100
    Banco C, Buenos Aires, Capital Federal, Palermo, Honduras 1000
    Banco D, Buenos Aires, Capital Federal, Belgrano, Virrey del Pino 100
    Banco E, Buenos Aires, Capital Federal, Palermo, Córdoba 3000

    The banks A, C and E the same filters apply:
    State : Buenos Aires
    City: Capital Federal
    Neighborhood: Palermo

    and for banks B and D the following:
    State : Buenos Aires
    City: Capital Federal
    Neighborhood: Belgrano

    With all the final address sorted out, we can group them by filter. Each filter is a type of unique key that the group banks would share. If we're able to do this, instead of an attempt for each bank, we only need to try with the filters and we should be able to compare the distance for each one of the members.

    Zillow
    In Zillow's case, there was a way to control the limits of the API. The quantity of the petitions is by AUTH KEY, but by putting any real email address we can bypass the limits. Afterwards, its a matter of checking when we have reached the limit (put a counter if you want) and rotate different KEYs.

    Google maps
    The Google Maps APU also has a limit, but APIs such as MercadoLibre don't and this gives us the opportunity to get more coordinates of different buildings (although they're not always there). In the case of googlepi, we got to the limit of the number of the times we could use the coordinates.

    Services
    Another thing we could do is pay for all the services that we used, if we wanted to reduce the limits or get rid of them all together. The paid version of the API for Google Maps l lets you do searches around a specific area and filter by category. One of the categories you can find is called ¨banks", need we say more?.

    Spoiler: If you only try with the avialibe properties, having the nearby banks (uisng the bank filter) we ŕe able to get the most complete results of our searches.

    Conclusion
    As we've been able to show, the first step for finding a good place for our tunnel is really easy. 

    We believe that this type of research helps us to be aware that the information one can find is abundant and people can use this information in productive or counterproductive ways (I suppose it also largely depends on what one's definition of productive is, for some robbing a bank would fall in the first category).

    Do you know who to trust with your information?

    Funny facts
    #1.- While robbing Banco Rio de Acasuso in 2006, the tunnelers all the time stayed in one shop, they ordered pizza and soda and sang happy birthday to one of the hostages.

    When the police decided to go into the bank, they only found the hostages, the tunnel where the thieves had fled, toy weapons and a weapon saying ¨In ricachones neighborhood, no weapons or grudges. It's only money, not love¨.

    #2.- While robbing the Banco de la República de Pasto in 1977, the criminals had time to tell some jokes. On the vault they wrote in big letters ¨Chanfle, he wasn't expecting my cunning¨.

    #3.- Australian men tried tunneling into a jewelery store and tunneled into a KFC by accident. It was their third attempt trying to rob the jewelery store.
    Useful Links.
    Branches for banks and safe boxes, official web pages.
      This will be the second of a series of articles highlighting different ways to abuse public accessible information. Also, a big thanks to Matias A. Ré Medina and Francisco Amato for their huge contributions to the article.





      مرسلة بواسطة في ليست هناك تعليقات:
      التسميات: , , , , , , , , , , , , , ,
      الاشتراك في: الرسائل (Atom)