Command Prompt Tricks, Hacks & Unknown Codes

Command Prompt, better known as cmd.exe or just cmd (after its executable file name), is the command-line interpreter on OS/2 and eComStation, Windows CE and Windows NT operating systems. It is the counterpart of COMMAND.COM in DOS and Windows 9x systems (where it is also called “MS-DOS Prompt”), or some of the Unix shells used on Unix-like systems. (More advanced Unix shells must be compared with Windows PowerShell, another command-line interpreter of Windows.) The initial version of Command Prompt for Windows NT was developed by Therese Stowell.

As the GUI operating systems keep on advancing, computing through commands prompts felt boring to many. This in turn resulted in the command prompts taking a backseat. These tricks and hacks will help you discover the command prompt.

Knowing about your internet connection details :

Well its always fun watching how the online hackers and thefts are caught by use of details like IP address and other information? What if you could decode yours too? Just type ipconfig/ all in the command prompt and press enter.

Along with your IP address and DNS servers, command prompt will provide you a list if other information too.

Wifi theft : Everyone is up for free wi-fi. Isn’t it? Command prompt will help you know if anyone is stealing your wi-fi.

Just follow the steps:-

1) Open your browser and visit the Gateway address of your router (find out by typing ipconfig in cmd).

2) Find the tab that mentions “Attached Devices” or something similar.

3) Find the computer name, IP address and MAC Address (sometimes called Physical Address or Hardware Address) of your computer using the previous trick.

4 )Compare it with those displayed by your router in Step 2. If you notice some strange devices, then someone may be using your internet connection.

Trace the hacker :  Want to make sure your computer is safe from hackers? Well command prompt helps you keep a check on that as well. Just execute netstat -a and you shall get the list of computers that your computer is connected to.

Now you know how much of a use command prompt can be from keeping your WiFi safe, to watching star wars.

Learn it Faster: The Entire Python Language in a Single Image

 What if you had to study one single page to get the complete idea of a programming language? In this article, I’m sharing an infographic to help you learn Python faster than ever.

This is the follow up of my article The Entire JavaScript Language in a Single Image. Today, we are sharing The Entire Python Language in a Single Image infographic with our fossBytes readers.

A China-based developer Yusheng has created this brilliant infographic that encapsulates the entire Python 3 programming language in a single image. Python is one of the most popular programming languages and it’s a skill every programmer must possess.

Yusheng’s mind map is here for you in easily understandable format that will help you to brush up your memory.

You can find the image online on GitHub, or save it directly from below.

You can also grab your Python Hacker Bundle here.

python 3 in one pic

TOP 10 Operating Systems For Hackers

Today we are discussing about top 15 advanced operating systems which has great penetration testing or ethical hacking tools. the top Os on this list is my favorite Linux distro Kali Linux because it is very popular in pentesting and it is developed by the same team of BackTrack (Offensive security). i am not including BackTrack on this list because it is no more available officially on their website and the next version of BackTrack is Kali Linux. the listed operating systems are here based on Linux kernel so it is all free operating system

1. Kali Linux

Kali Linux is a Debian-derivedLinux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni and Devon Kearns of Offensive Security developed it by rewriting BackTrack. Kali Linux is the most versatile and advanced penetration testing distro. Kali updates its tools and it is available for many different platforms like VMware and ARM. if you want to know more about Kali Linux then i recommend you read my previous article: An Introduction To Hacker’s OS Kali Linux And Setup Tutorial.

2. BackBox 

It includes some of the most used security and analysis Linux tools, aiming to a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, including also vulnerability assessment, computer forensic analysis and exploitation.

The power of this distribution is given by its Launchpad repository core constantly updated to the last stable version of the most known and used ethical hacking tools. The integration and development of new tools inside the distribution follows the commencement of open source community and particularly the Debian Free Software Guidelines criteria.

Click here to download

3. Parrot-sec forensic os

Parrot Security is an operating system based on Debian GNU/Linux mixed with Frozenbox OS and Kali linux in order to provide the best penetration and security testing experience. it is an operating system for IT security and penetration testing developed by the Frozenbox Dev Team. It is a GNU/Linux distribution based on Debian and mixed with Kali.

Parrot uses Kali repositories in order to take latest updats for almost all the tools, but it also has its own dedicated repository where all the custom packets are kept. This is why this distro is not just a simple Kali “mod” but entire new concept which relies on Kali’s tool repositories. As such, it introduces a lot of new features and different developing choices.Parrot uses MATE as a Desktop Environment. Lightweight and powerful interface is derived from famous Gnome 2, and thanks to FrozenBox highly customizable with captivating icons, ad-hoc themes and wallpapers. System look is proposed and designed by the community members and also members of Frozenbox Network, who are closely following the development of this project.

Click here to download

4. DEFT

Deft is Ubuntu customization with a collection of computer forensic programs and documents created by thousands of individuals, teams and companies. Each of these works might come under a different licence. There Licence Policy describe the process that we follow in determining which software we will ship and by default on the deft install CD.

Click here to download

5. Live Hacking OS

As i am said before Live Hacking OS is also based on linux which has big package of hacking tools useful for ethical hacking or penetration testing. It includes the graphical user interface GNOME inbuilt. There is a second variation available which has command line only, and it requires very less hardware requirements.

Click here to download

6. Samurai Web Security Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

7. NodeZero

It is said the necessity is the mother of all invention, and NodeZero Linux is no different. There team is built of testers and developers, who have come to the census that live systems do not offer what they need in their security audits. Penetration Testing distributions tend to have historically utilized the “Live” system concept of linux, which really means that they try not to make any permanent effects to a system. Ergo all changes are gone after reboot, and run from media such as discs and USB’s drives. However all that this maybe very handy for occasional testing, its usefulness can be depleted when your testing regularly. Its there believe that “Live System’s” just don’t scale well in a robust testing environment.

All though NodeZero Linux can be used as a “Live System” for occasional testing, its real strength comes from the understanding that a tester requires a strong and efficient system. This is achieved in our belief by working at a distribution that is a permanent installation, that benefits from a strong selection of tools, integrated with a stable linux environment.

Click here to download

8. Pentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable live cd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches – with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

Click here to download

9. Knoppix STD

Knoppix STD (Security Tools Distribution) is a Live CD Linux distribution based on Knoppix that focused on computer security tools. It included GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking. Knoppix STD version 0.1 was published January 24, 2004, on Knoppix 3.2. Thereafter, the project stagnated, lacking updated drivers and packages. A release date for version 0.2 has not yet been announced. A list of tools is available on the official website.

Click here to download

10. Blackbuntu

Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It’s currently being built using the Ubuntu 10.10 and work on reference Back|Track.

How to Crash Google Chrome With These 16 Characters in 2 Seconds

 Do you want to crash someone’s Google Chrome just for the heck of it? Here’s how to do it with 16 simple characters.

Due to a bug in Chromium engine, you can crash someone’s Google Chrome browser just by adding a NULL char in the URL string. The bug was discovered by Andris Atteka and he has explained in his blog.
He demonstrated the bug using 26 characters length string, but you crash Google Chrome using just 16 characters.

How to crash Google Chrome with these 16 characters?

Just copy and paste the following string in your Google Chrome (Chrome 45 or older) address bar, hit Enter and watch your Chrome tab or the whole Chrome browser will crash:

http://b/%%30%30

Be careful, this step will crash your browser instantly!!
The browser crashes even if you hover over the hyperlink given ahead using your mouse pointer: http://b/%%30%30

Why does Chrome browser crash?

“It seems to be crashing in some very old code. In the Debug build, it’s hitting a DCHECK on an invalid URL in GURL, deep in some History code. Given that it’s hitting a CHECK in the Release build, I don’t think this is actually a security bug, but I’m going to leave it as such.”

In my tests, the code affects both Windows and Mac. The bug also affects Opera and Vivaldi browsers, as both are build over the Chromium engine. However, it didn’t affect Chrome for Android.

This bug was only a local DoS issue, so Mr. Atteka didn’t get cover into the company’s bug bounty program.

Such bugs have been observed in the past and were quickly fixed.

Best Android Hacking Tools 2015

Download Best Android Hacking Tools 2015

As we all know hacking and pen testing is only can be done on computers. But now the world is changing now your mobile is small hacking toolkit using these apps. Must try all these best hacking apps or hacking tools.

Download Best Android Hacking Tools 2015.

#1 The Android Network Hacking Toolkit

In the last Defcon conference a new tool has been released by a security researcher and the tool is called “The Android network toolkit”. The has been developed for penetration tester and ethical hackers to test any network and vulnerabilities by using their mobile phones. This toolkit contain different apps that will help any hacker to find vulnerabilities and possibly exploit it. The company behind the app is an Israeli security firm called Zimperium.

#2 Nmap for Android

Nmap (network mapper) is one the best among different network scanner (port finder) tool, Nmap mainly developed for Unix OS but now it is available on Windows and Android as well. Nmap for android is a Nmap apps for your phone! Once your scan finishes you can e-mail the results. This application is not a official apps but it looks good.

#3 FaceNiff 2.4 final- Session Hijacker for Android

Your Facebook account is at risk, just like a Firesheep (for firefox hacking) there is a FaceNiff for hijacking the session of famous social networking websites includes facebook and twitter. FaceNiff is developed by Bartosz Ponurkiewicz who created Firesheep before but faceniff is for android OS.

#4 AnDOSid- DOS Tool for Android

DOS or denial of service attack is very dangerous attack because it takes down the server
(computer).AnDOSid allows security professionals to simulate a DOS attack (A http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.AnDOSid is designed for security professionals only!

#5 SSHDroid- Android Secure Shell

Secure shell or SSH is the best protocol that provides an extra layer of security while you are connecting with your remote machine.SSHDroid is a SSH server implementation for Android.
This application will let you to connect to your device from a PC and execute commands (like “terminal” and “adb shell”).

How To Download And Install iOS 9 For iPhone And iPad

How To Download And Install iOS 9 For iPhone And iPad

After much waiting, the iOS 9 has finally arrived to mobile devices of Apple. The new OS version brings a number of new features for consumers who can now count on changes in apps, a Siri remodeled and more changes with the new version of the operating system.

Download And Install iOS 9 For iPhone And iPad Also Must Follow The Procedure Before Doing This Workout.

From Wednesday September 16th, all consumers with compatible devices will acquire the updates of iOS 9. Check now how to perform the process on your device and enjoy to see some tips to ensure that your device is fully prepared for the news.

#1 Make sure your device is compatible

As with all operating system generations, older devices do not have sufficient hardware to run all features. So Apple can not extend the updates for all portable devices and limits the novelty to the latest electronics. Check out the list of all that can go through the update:

• iPhone 4S
• Iphone 5
• Iphone 5s
• iPhone 5C
• iPhone 6
• iPhone 6 Plus
• iPod Touch (fifth generation)
• iPad 2
• iPad 3
• iPad 4
• iPad Air
• iPad Air 2
• IPAD MINI
• iPad Mini 2
• iPad Mini 3

#2 Should Take Backup!

You are already more than used to hearing this advice before major updates, does not it? For iOS to take 9 to your smartphone or tablet to tip is valid again. Make a backup of your photos and applications enjoy iCloud to do this without external drives – and do not worry about the safety of your data.

#3 Clean up disk space

Before downloading and installing iOS 9, it is essential that you free up space on your laptop. If you already have iOS 8 installed on your device, it will take only 1.3 GB of space for the download and installation of the new system. On the other hand, who is still with older versions it will have to release at least 6 GB. Remember that have fewer files on the device may cause the whole process is faster and more stable.

#4 Don’t Forget To Make a Full Recharge

The update process is very time consuming in some cases, why iOS requires that your device is with the battery charged before starting the update.

#5 Now Just Download and install iOS 9

If you have chosen to make an “update on top,” can perform the entire upgrade process of the OS by the device itself. On the other hand, if you want to install the new system making a device formatting, the most appropriate is to conduct the process through iTunes and this is even more important to remember to backup your data.

On Phone: to update the device, you will have to access the Settings menu> General>Software Update. Then just accept the terms of Apple’s contract and wait for the download which may take more than an hour, according to the speed of your internet.

On the computer: if you prefer to download via iTunes, you will have to open the application and connect your device via USB cable in iTunes itself, select the device. Then look for the “Summary” pane and click “Check for Update“. Finally, you only have to click on “Download and update“.

Microsoft has developed its own Linux-based OS for cloud-based services

Finally Microsoft goes Linux, develops it’s in-house software-defined networking OS, ACS

Currently, Microsoft is working on a Linux-based operating system that is aimed at driving the networking hardware in the enterprise space. Until now, the diverse set of networking hardware available was run on different software platforms, which made managing them a nightmare.

Microsoft is working on building Azure Cloud Switch (ACS), which is the company’s first foray into switch hardware and it has Linux under the hood. The ACS will make it simple to control the hardware that powers cloud-based services.

The company calls it “a cross-platform modular operating system for data networking built on Linux.” The Linux-based ACS is a software to debug, fix and test software bugs much faster.

“We believe this approach of disaggregating the switch software from the switch hardware will continue to be a growing trend in the networking industry and we would like to contribute our insights and experiences of this journey starting here,” said Kamala Subramanian, Redmond’s principal architect for Azure Networking.

She also pointed out that, “It also allows us the flexibility to scale down the software and develop features that are required for our datacenter and our networking needs.”

Though Microsoft did not tell why it needed to develop its own Linux distribution, Subramanian said that ACS believes in the power of Open Networking and aims for easier configuration and management by integrating with Microsoft’s monitoring and diagnostics system. By moving away from the traditional enterprise interactive model of command line interfaces, it allows for switches to be managed just as servers are with weekly software rollouts and roll backs, thus ensuring a mature configuration and deployment model. Using Linux, ACS is also able to use the vibrant Linux ecosystem and support the Open Source and Third Party applications.

Subramanian says, “We’re talking about ACS publicly as we believe this approach of disaggregating the switch software from the switch hardware will continue to be a growing trend in the networking industry and we would like to contribute our insights and experiences of this journey starting here.”

The company writes, “At Microsoft, we believe there are many excellent switch hardware platforms available on the market, with healthy competition between many vendors driving innovation, speed increases, and cost reductions.”

The new Microsoft under Satya Nadella shows that it is not afraid to adopt open source technologies while implementing solutions, as long as it gets the job done. In this case, even Linux.

“seL4” is an Unhackable Kernel for Keeping All Computers Safe From Cyberattack

The Australian national research agency Data61 has developed an unhackable kernel named seL4 and proved its unhackable property mathematically. The kernel does this job by separating the critical systems and data from the kernel.

Today, the threat of cyber attacks isn’t just limited to computers and smartphones. With the ever-increasing intrusion of computers and electronics in our lives, ranging from our home automation system to cars, everything has become a hacker’s target.
This could also create problems in the battlefield where any software plays an important role in military and intelligence systems. Recently, in a DARPA drill, hackers were given the complete access to the computer of a Boeing Little Bird helicopter – but they were unable to disrupt the critical systems of the helicopter. How did this happen? Well, the computer in the helicopter was using a new operating system, based on an unhackable kernel.

Kernel is the heart of any computer’s operating system and if hackers can access it, they can do some irreparable damages to your system. Here, I’m talking about a very dangerous situation where security of power station systems, heart pacemakers, vehicles, weapons etc. could be compromised. The Australian national research agency Data61 has developed an unhackable kernel named seL4 – and proved this mathematically.

Gernot Heiser from Data61 writes, “My hope is that in 10 years’ time, anything that is security critical is running on our system or some other one built on the principles we’ve established.”

The seL4 unhackable kernel comes with some very secure characteristics. It can only do what it’s designed to do and its code is unalterable without permission. Along the similar lines, its memory and data can’t be read without permission. Another interesting fact: An earlier version of seL4, known as OKL4, could be found in millions of smartphones.

The seL4 unhackable kernel works this way by isolating the data and the kernel. This could also be used to run two operating systems simultaneously to stop the hacking.

The seL4 unhackable kernel could also be used in multiple situations like medical equipment, manufacturing plants, automobiles, satellites and more.

Watch the video below to know about the basics of a kernel:

With inputs from New Scientist

HP overhauls Cisco in cloud infrastructure equipment space

(c)iStock.com/CARVALHO_BRASIL

HP has finally overtaken Cisco in the cloud infrastructure equipment market, according to latest figures released by Synergy Research.

The two companies had been virtually neck and neck in the previous two quarters’ analysis, yet Synergy argues HP has grabbed the lead by virtue of its investment in the server and storage space, which now accounts for almost two thirds of the infrastructure market.

HP and Cisco maintain a huge lead over closest rivals Microsoft, Dell, and IBM, yet the two leaders represent only a quarter of the overall market. IBM was the market leader back in 2012 but has experienced a severe downturn since then, with a key reason being Big Blue selling its server business to Lenovo in 2014. Despite a slight upturn in fortunes this quarter, IBM remains behind Dell, having dropped from third place to fifth in the market between Q3 and Q4 of 2014.

At the top, however, the battle is well and truly joined – and the intriguing backdrop between the two companies adds fuel to the fire. Cisco recently unveiled new leadership in the form of CEO Chuck Robbins while HP is going ahead with plans to split the company in two, separating its computer and printer business from corporate hardware and services, with the latter forming Hewlett Packard Enterprise (HPE).

John Dinsdale, Synergy chief analyst, says the split – to be made official in November but already happening internally – could potentially enhance HP’s play in the cloud infrastructure equipment market. He toldCloudTech in an email: “If anything the impact should be a positive one resulting from a tighter focus of the senior management team on issues that are critical to HPE’s success.”

Regarding the move as an overall strategic play, Dinsdale argues it is a “great idea” – theoretically at least. But he warned: “Of course everything will come down to how well the transition is managed operationally. There is a lot of potential for management to take its eyes off the ball as it handles issues surrounding the transition.”

Cisco maintains a commanding lead in public cloud infrastructure, while HP holds all the aces in private cloud. The overall market, including hardware and software, is now running at approximately $16 billion per quarter. With the market having grown by 25% year on year, Synergy notes the latest figures represent good news for all vendors.

DDoS Attacks Are Now Stronger Than Ever, 12 Mega Attacks in Recent Times

Short Bytes: The infamous DDoS attacks have increased at a staggering pace in the recent past. According to a latest report, DDoS attacks have grown by 132 percent compared to this time last year. The internet has also witnessed 12 Mega Attacks in Q2 2015.

Do you know that Pentagon has announced that it is working to fund researchers and tools that help the organizations battle against the threat of the most common form of cyber-attack i.e. the distributed denial-of-service attacks (DDoS)? BGR says that Pentagon is looking to fund the researchers who can help the organizations recover from a distributed denial of service attack in maximum 10 seconds. Visit our guide to know more about the basics of how DDoS attacks work.
This program called Extreme DDoS Defense is something that is being inspired by the increasing number of DDoS attacks in recent times. DDoS attacks have become a greater threat in the second quarter of 2015, according to the latest State of the Internet report from Akamai.

Compared to this time last year, DDoS attacks have grown at an unprecedented pace of 132 percent. This increase is seven percent since the last quarter and the world has also seen 12 mega attacks that peaked at more than 1,000 Gbps and 50 million packets per second.

Q2 2015 SOTI Security figure_1-1 (FILEminimizer)
State of the Internet report from Akamai
According the report, Mega attacks have become more common and very few organizations have the technology to defend themselves against such attacks. The largest DDoS attack was recorded last quarter that lasted for more than 13 hours and peaked at 240 Gbps.

To carry out such attacks, the unsecured home devices that connect using the Universal Plug and Play (UPnP) Protocol are largely used as SSPD reflectors. Also, the world’s most popular blogging platform and content management system, WordPress is a regular and attractive target for attackers and they exploit the vulnerabilities in the third party plugins and themes.

“The threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter,” said John Summers, vice president of Akamai’s cloud security business unit. “Malicious actors are continually changing the game by switching tactics, seeking out new vulnerabilities and even bringing back old techniques that were considered outdated.”

According to Akamai’s, DDoS attacks have become the most commonly used method by the attackers to target an organization’s security, and cyber-criminals are deploying new tactics by seeking out new vulnerabilities.

Hackers get Free access to Premium Content on Google Play by Using Malware

CAPTCHA-BYPASSING MALWARE WHICH ALLOWS ACCESS TO PREMIUM CONTENT FOUND IN GOOGLE PLAY

A malware revealed by a security researcher at Bitdefender, is reportedly being used by hackers to bypass CAPTCHA authentication on Google play in order to get paid content for free.

Bitdefender Security Researcher, Liviu Arsene has recently revealed that a malware, identified as “Android.Trojan.MKero.A”  has found its way into the highly legitimate apps in Android powered Google Play Store by successfully evading the Google Bouncer’s vetting algorithms. This can cause a lot of trouble for the vendors who provide paid premium services of their products as the malware can now make such services available for free.

To bypass CAPTCHA authentication systems, the trojan redirects the requests to an online image-to-text recognition service, Antigate.com. Since the online service relies on actual individuals to recognize CAPTPCHA images, requests are sent back to the malware within seconds so that it can proceed with the covert subscription process.

After receiving the sent back request, the Trojan interacts with a command-and-control (C&C) infrastructure which loads the CAPTCHA code on the target link, parses an SMS code for an activation , and ultimately subscribe the user to the premium service.The following Image demonstrates it.

Google Play has been notified of at least seven apps that exhibit this type of behavior, two of which have been downloaded between 100,000 and 500,000 times. Moreover, these seven malware-harboring Google Play applications have been analysed and a list of 29 randomly generated C&C servers names were recovered from a single sample which did not have any encrypted strings. Hence, if any one of these locations became unresponsive –due to a takedown or any other reason – the malware on any infected device will automatically reconnect to the next C&C server in the preconfigured list and proceed with the preset instructions.

The total financial losses have been estimated to amount to a staggering $250,000, which is from the minimum $0.50 charged for sending the subscription SMS messages.

How Browser Cookies Work

Most Internet users are familiar with the term “Cookie” but only a few know what exactly it is and the purpose it serves. This article will help you understand the working of different types of browser cookies in a simple and easy to follow manner.

To begin with, a cookie (also known as browser cookie, Internet cookie, web cookie or HTTP cookie) is a small piece of data that websites store on your hard disk in the form of a text file. Cookies allow websites to store specific information helpful to remember each visitor uniquely. A cookie is set when the user visits a particular website for the first time. Thereafter, each time the user loads the website the browser sends the cookie back to the web server so that it can keep track of the user’s previous activity.

Purpose of Browser Cookies:

The following are some of the common purposes served by cookies:

• Enable automatic user log-in thereby eliminating the need for a password input
• Enhance user experience by storing user preferences so that the site can look different for each visitor
• Keep track of items in the shopping cart
• Record user’s activity such as browsing history, click patterns, page visits and so on

Types of Browser Cookies:

Session Cookie

Since web pages have no memories, a visitor navigating to a different page on the same website is treated as an entirely new visitor. This is where session cookies come in handy. It makes it possible for the website to keep track of the user from page to page so that user specific information such as shopping cart data, account details and other preferences are not lost during navigation.

A session cookie is stored in the temporary memory while the user is on the website. If no expiry date is specified during its creation, session cookies are normally deleted by the browsers upon closure.

Persistent Cookie

A persistent cookie facilitates websites to track user settings and information when they visit the same website in the future. Unlike most session cookies, a persistent cookie does not get deleted upon browser closure. This makes it possible for the websites to easily authenticate users upon revisits without having to login again. In addition, persistent cookies help enhance user experience by storing their previous inputs such as language selection, themes and menu preferences.

Secure Cookie

A secure cookie has a secure attribute enabled so that its content gets encrypted every time it moves between the web server and the browser. This cookie is used only in the HTTPS mode and thus offers protection against cookie theft.

Third-Party Cookie

Third-party cookies are those that originate from a website other than the one that you are currently using. For example, when you visit a website www.abc.com, all the cookies that come from this website are calledfirst-party cookies. Suppose, if this website (www.abc.com) is running an advertisement on its page from a third party website www.xyz.com, then the cookie that originates from this website (www.xyz.com) is referred to as a third-party cookie.

Structure of a Cookie

A cookie is comprised of the following seven components:

1. Name of the cookie
2. Value/Content of the cookie
3. Domain associated with the cookie
4. Path for which the cookie is valid
5. Attribute to specify whether the cookie requires a secure connection
6. Attribute specifying whether the cookie can be accessed by a script
7. Expiry information of the cookie

The following snapshot shows the contents of Google’s cookie stored on chrome browser:

---

---

Drawbacks of Cookies

Even though cookies make our lives easier on the Internet, they come with drawbacks as well. Some of the major ones are listed below:

• Shared Machines: Most people share their computers with their friends and family. As a result, a cookie set during the usage of one user may not be appropriate for the other user using the same machine. For example, when a new user revisits a shopping website such as amazon.com, he/she will be presented with all the information belonging to the previous user such as order details, shipping address and other personal preferences. This may cause annoyance to the new user as he/she may be required to change all the preferences once again to match personal requirements. Additionally, the exposure of previous user’s preferences and settings to the new user may raise security issues.
• Accidental Deletion: In many cases, cookies can get erased accidentally when you clear your browsing history or use a third party cookie cleaner program. When this happens all your stored settings and preference gets lost and the website treats you as a completely new user.

Privacy Issues

Since cookies are capable of tracking a number of user specific information such as online behavior and personal preferences, they can be used to hamper the privacy of users. A website may use cookie information to display related advertising products based on your previous purchase. For example, Google often stores and uses your search keywords to display matching advertisements on all its partner network. Some sites are also known to have engaged in selling the cookie data to third parties which seriously hurts the privacy of individuals.

How to Make An Invisible Password Protected Folder

Do you want to password protect your folder? Do you want to make it invisible so that it remains unnoticed by other users of your PC? Well, here is a way to do that.

In this post, I will show you how to make an invisible password protected folderin Windows without using any additional software.

How to Create a Password Protected Folder?

Here is is step-by-step procedure to do this:

Step-1: Create a new folder (Right-click -> New -> Folder) and give it any name of your choice. For instance I name it as ABC.

Step-2: Now, in this folder place all the important files, documents or any folders that you want to password protect.

Step-3: Right-click on this folder (ABC) and select the option Send To -> Compressed (zipped) Folder.

Step-4: Now a new compressed zipped folder gets created next this folder (ABC) with the same name.

Step-5: Double-click on this compressed zipped folder and you should see your original folder (ABC) here.

Step-6: Now go to the File menu and select the option Add a password (File -> Add a password)

Now a small window will pop up and here you can set your desired password. Once the password is set, the folder will ask for the password every time it is opened. Thus ,you have now created the password protected folder.

How to Make the Folder Invisible?

Step-1: Right-click on this password protected folder and select Properties.

Step-2: At the bottom select the option Hidden and press OK. Now your folder gets invisible (hidden).

Step-3: In order to unhide this folder, go to My Computer -> Tools -> Folder options. Switch to View tab, scroll down and under Hidden files and folders you’ll see the following two options:

• Do not show hidden files and folders.
• Show hidden files and folders.

Select the second option and press OK. Now the invisible folder becomes visible in its location. To access it you need the password. To make it invisible again, repeat step -1 through step-3 and select the first option and click OK. Now, the folder becomes invisible once again.

I hope that you’ve now understood how to create an invisible password protected folder in Windows. If you like this post, pass your comments! Cheers