The attack of the Bluebourn


In this age of the digital world, it is important to keep yourself up to date with the latest information about the cybersecurity threats. The usage of smart devices like mobiles, TVs, digital watches, gaming consoles, IoT devices, smart home systems, network or servers can open the backdoors for the villain  i.e. hackers, spy agents, criminals and so on. They are continuously looking for such system where they can compromise the security to perform their agendas.

It is simply becoming essential for everyone to be always up to date about the vulnerabilities of the technology which they are using in their homes or offices.

What is Bluetooth?

Bluetooth is one of the most used technology for the limited communication purposes, and nowadays it is available on almost every smart device. It is mostly used for sharing data between users where they don’t need an exclusive broadcasting system like internet or GSM. Bluetooth can be utilized for sharing files and pictures, using a wireless headphone, connecting a digital watch with your mobile device or smart remote for the smart TVs. Even cars with Bluetooth enabled radios which allows you to connect with your mobile device while you are enjoying the ride.

Hello to Mr.Bluebourn

But today we are facing a threat from this Bluetooth technology which is called Bluebourn threat. But the most challenging part is, it cannot be protected by a firewall, proxy server, or by the anti-viruses running inside your devices. This threat can be spread in a stealth mode, and it does not require pairing the devices. Once it captures the device, it starts looking for the other nearest Bluetooth enabled devices, and that’s how it can become the most destructive threat which can impact an enterprise network.

According to the latest research and discovery by Aramis Lab, that due to this Bluebourn vulnerability many platforms are impacted. This threat is a cross-platform which means it does not matter if you are using IOS, Android or Windows you can be the next victim of this Bluebourn attack. However, there are some OS versions which are immune from this threat, but the majority are not.

Bluebourn is dangerous; it can enable a man in the middle aka hacker to perform remote code executions like stealing your credit cards, banking information, official business messages, email accounts and much more. If your employee is a victim of this vulnerability, then it means there are risks where your official network can be compromised even if your servers have no Bluetooth hardware.

A single victim’s phone can collapse the whole enterprise by send phishing emails through the user’s official accounts or asking other colleagues to download something without the knowledge of the real owner of the device.

The preemptive actions to avoid this attack

Even though this vulnerability is serious and can be exploited by the attackers but the mitigation is very easy, and anyone can do that. Do not use Bluetooth when you are not using it and do not turn your blue tooth discovery in public places. Always up to date, you’re device operating system because many OSes always releases the security patches.

As a human, it is on us how we can avoid such type of threats, and the best way is to keep yourself up to date with technologies and be aware of their security.



Why Pair Programming is important


The toughest job on earth is to hire people and then form them into a super hero’s team. In our current era, this is the biggest requirement when you are innovating large scale applications or research oriented development.

The biggest dilemma, most of the leaders I met are not able to control their team members and couldn’t form them into a rock-star team. In the perspective of development, I heard many times the argument like “your code is wrong,” “I am a better developer than you,” “Why did you select this approach it will be a significant risk, and you will pay for this.”

When more than one team members are working on a same project or product, they never wanted to step on each other code, but they always have funny comments about each other codes even if they were following the same organizational system policies, seriously most of the time it doesn’t matter.

The Pair programming is one of the best approaches to bring people come near to each other. If developers are working on the same project, it’s better to involve them on the same module or part of the product and force them to do the pair programming. Where one person can work as a watchmen, and the other one could put his hands on the keyboard with his driving seat.

When I was working on one of the forensic tool, my team leader and I was working together by following pair programming concepts. In the end, we started having a great bro chemistry, and it helped our communication with each other.

The biggest benefit of using pair programming is, it will form a great team. All the arguments will vanish, and the team will be more focused on the tasks, quality and naturally, it will help them to learn more things from each other.
There are variations of pair programming

1) Novice with Novice: This is more often better when you have two junior resources, and you are more concerned about the task and the code quality. Also, it can normalize the communication between these junior resources.

2) Novice with Experienced: This approach is very useful if you are more interested in the code delivery as well as you want to guide the junior with code policies, standards, quality, etc. In this pair, one must be a junior, and other must be experienced. The experienced programmer, most of the time, will code but he will also involve the junior programmer and guide him in between the work. This channel will decrease the hesitation phenomena from the junior. A good way to mentor a junior is a “novice with experience” pair programming.

3) Experience with Experience: This is one of the best scenarios when you need the batman and superman together who should be fighting against the common enemy like Doomsday. Experienced brotherhood can bring two different master’s skills; this will help in achieving a fast delivery of the release, research, quality of the code, and bringing different skills to one place. This technique will lead two champions on one table and decreases the heated discussion between them about who is better and who is not.

These days pair programming is having its new version with the name as remote programming where a different variation of pairs works together on the same workstation using remote access.

Try these techniques and form a team of better programmers.

14 Points required for a successful Software Development Team Leader


Software development is the combination of the art and science. The leadership skills in this field should not be compared to any other domain of the industries. A good leader knows how to move his development team by leading from the front, the software development team members will be sensitive if the leader who is leading does not know much about the technology.

They always look for such leaders who can “walk the talk” on the technology and fulfill his commitments. He also should know how to remove the blockage or obstacle in the technical anomalies.  A successful software development team relies on each and every team member, the following concerned points must be addressed by the leader for a successful software application or any enterprise product.

1) Respect Formula

Introduce “Respect each other formula” and show them “each member has a great value in the software development process”.

2) Skill Identification and Delegation

Delegate generously by identifying and understanding each team member. A leader must know who are weak and powerful in what key skills. The appropriate use of their skills will increase the chances to complete the project within or before the deadline.

3) Always be Positive and healthy attitude

He should always be a motivator especially when team morale is down. He should have a positive attitude to show them a true vision of the output from their development.

4) Faith and Discipline

Promote Discipline within the team but at the same time tackle their issues creatively. Introduce healthy discussion and have faith on your disciplinary ideas.

5) Sharing Code and Knowledge

Give them proper roles and teach them the art of sharing software development code by introducing “Coding Standard” which will enable all team member to follow same patterns and ethics.

6) Be a part of the solution

If the team is behind the schedule then it’s better to trust their wisdom as well. They sometimes stuck in a bug or an issue which needs time, in this kind of situation make sure to sit with them to understand the issue. If you can remove this obstacle by your hand then you should take the driving seat to do so. Doing this you will surely earn the respect from your junior.

But if you would say that you don’t care what the issue is and you are more certain to get this thing resolve then it can be a minus point for you; there is a difference between a wise leader and a dictator. Remember software development is a combination of art and science, so you have to be careful before choosing your decisions on such situations.

7) Never Underestimate the Power of a Presentation

Promote creativity and innovation in solving problems or producing the software. The UI/UX is the first impression goes to any individual who will buy the software. So you should use the designer and trust his wisdom by engaging team members with him. Such engagement will open user-centric issues and innovation to solve them.

8) Appreciation in front of the Big Boss

A good leader should appreciate and give credit for what his team deserves, especially in front of the management. There are many so-called leaders who become stingy in situations where they find their higher management.

9) Sometimes NO

Say “NO” to the management on the scheduled plans especially when they wanted to interfere your work by asking to “DO MORE”. Usually, developers don’t like if anyone would tell them that your work is not up to the expectation. Software Development is not a labor work, being a leader you must propagate it professionally to your management in order to defend your team. Your schedule, plans, and outputs should not be a victim of the corporate interference.

10) Second Chance

Evaluate the work in the end and give the team member a chance to improve himself. There are many situations when the junior resource will sound like a nonprofessional. In such situation, it is better to sit with them and discuss with them the situation. The self-correction is important for any resource to get change.

11) Champion preacher with Zero Ethics

If you find any developer who has a negative attitude and who propagate himself as a champion of everything, then simply fire him.

In software development, such people are not useful but they are here for making the environment unhealthy and bad. Choose wisely when hiring your team member, a good team member can bring positivity which can ignite the development faster.

12) Defend Yourselves and Kill the Politics

Being the leader you have to defend yourself too, you might face such times when you will be escalated behind by your own resources. If these escalations are unjustly propagated then there is a good chance that someone in your team is trying to politicize the situation to gain his own benefits.

If you find such politics in the software development team, then kill the politics by keeping things calm and discuss with the management. If they have chosen you as a leader then it is a must for them to close the doors to entertain such ignition of such negativity.

It is the role of the higher management to give the respect to the chosen leader, If they don’t trust the leader then it’s better to leave the organization. The team with politics or personal agendas can never create wonders.

13) Always be “Geek”

Being the leader you don’t need to be a 100% geek but you must know the trends in the technologies where they are heading to. A good software development leader always studied new programming languages, technologies or trends globally. They do not stick to the old tradition but always tries to bring new technique and strategies in their processes. Even if the speed is gradual it should be always progressive.

14) The fight between QAE and SE

Never ignore the power of Quality assurance engineer. The quality comes when you have critics, so always be ready to accept critics. Teach your team to respect the QAE and help them to learn and collaborate with them professionally.  The fight between Quality assurance engineers and software engineers will always be healthy and it will promote to learn from each other.

Conclusion :

Software development is not a labor work or service oriented work. It required logics, maths, conditions, and art. In the end, it required a good leader to execute it properly, from my perspective he should follow these 14 points. These points can be varied and there is no restriction in bringing more better ways to optimize your executions.

Facebook Virtual Reality or a tool to collect your facial biometric

Alright , in this digital world I feel we are turning into a zombie. A zombie whose emotions are now more capable to be calculated by the digital robots. In the individual’s digital world , his emotions , his thoughts , his awareness , his condition , his whole life is now remain forever on the social networking site.

Facebook a famous social networking site with trillions of pictures , selfies with individuals identifications and now they are introducing the next generation’s technology “VR”.

I first read about the VML back in 1999 , but It was a baby language of that time and I guess it was released too soon before we had any kind of digital VR devices like occulus. I learned the markup language and then I was ended up in thought that its too early for us to read this language. Today facebook has introduced the coolest technology on the internet and its called real time augmented virtual reality with fusion of social networking.

Now with this technology you can play with your friends even if you are at your own home , you can select Rome , Paris , Karachi or Toronto and all your friends through the internet will be gathered in one place. You and your friends can have great funny faces , they will be digitally converted into the cartoon caricatures type faces , you can create whatever you can imagine from a single sword or a cartoon car. Check out the cool video in the end of this article.

Now I will discuss about the problem, well , if you can see if you will use this technology your Eye’s Iris , Your Facial Features , Your body segmentation , Your hairs all will be saved inside the Facebook database. That means even though your all actions were saved previously by Facebook walls but now through virtual reality they are doing a lot more things behind the scene.


Again, now your every single data , related to you is under the roof of Facebook , where ever you will go you will be identified easily. Your real time faces in shape of videos will be saved inside the Facebook knowledge-base , if anyone will ever hack this Facebook , or if they will sale your data without your knowledge then …. believe me nothing will happen right. 🙂

This is the world where you are being watched and you are monitored for your all kind of actions.

Windows 10 with High DPI Scaling issues (how existing Apps turns into tiny)

I have recently purchased my new laptop HP Envy convertible Surface (Windows 10) and found everything looks cool but few applications were not displaying appropriately.
Netbeans Visibility Tiny Splash Screen and Menus
After new the installation of my Netbeans I have discovered that its menus and splash screen looks very tiny that even a man with the magnifying glass will have a problem to work on it. The splash screen was very tiny and the menu and some parts were very small on the screen, including Netbeans welcome screen from left and right sides.
Vmware 10 with Tiny resolution of guest os a
I also faced another big issue with my vmware menu and vmware guest OS screen resolution. For which I have tried everything in order to fix it by changing its display configuration or windows configuration but all efforts were gone in vain till I found a workaround.
Tiny menu under the File menu and Tiny Guest OS Ubuntu running with small resolution. I even tried myself with full-screen option but believe me It didn’t work.
Microsoft Solutions didn’t work for me:
My very first attempt was to check in the Microsoft forums and then I have found the following link. Even though I followed all the steps they mentioned but I was unable to get this thing fix.
I did not realize that there are some new display issues with Windows 10 available for a user like us as a gift. After some research, I found that the new Windows 10 with High Definition laptops by default it query every application on their startup that if the following app is aware with respect to the high DPI scaling if they receive the true flag from the application then they force to have the high DPI scaling. I even had tested the compatibility issue and tried all options but in the end, I have selected the “report to Microsoft” option and found the below information.
Microsoft is responsible: 
As far as I believe this is the Microsoft responsibility to mention this issue appropriately for users like us. Also, they need to put some intelligence in their algorithm to detect should scaling be used or not for an app. Many vendors by mistake put true in the DPIScale flag of the executable’s manifest or maybe they don’t even consider it to add this information but again Microsoft Windows 10 should take this responsibility to adjust all those applications with visibility issue. They suppose to work seamlessly on all Windows version if they are working fine on Windows 7 , 8 or 8.1 with other laptop’s resolution.
How to Fix this:  
Since I faced two application visibility issue e.g. vmware and netbeans so I will be strictly try to fix these two.
1) Download Resource Hacker since now you must fix this manually by yourself
2) Go to this link to download (And dont worry resource hacker is not bad application or anything which you should doubt , its information is available on all over on google and wikipedia as well)
3) Now open the resource hacker and open the executable of vmware or the netbeans
4) You will see following resource folders for vmware
5)Suppose you could not find this than no problem try to check a folder called 24 (You can find maybe in any other folder like below)
6) Suppose if you still dont find this then dont worry it means the developer of the app has not added any menifest file. It means you have to create that file by your self just like the below text.
<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?> 
<assembly xmlns=”urn:schemas-microsoft-com:asm.v1″ manifestVersion=”1.0″> 
  <application xmlns=”urn:schemas-microsoft-com:asm.v3″> 
      <dpiAware xmlns=””>False</dpiAware> 

7) In my case I were able to find the menifest file inside the vmware.exe, so I copied the whole menifest information and closed the resource hacker. (Do not change anything there its just to copy it)
8) Then with your notepade create a file inside the vmware directory beside vmware exe as “vmware.exe.manifest”.
9) Now change the following tag to FALSE
9) Suppose if you couldnt find that dpi aware tag then you can add below application tags just right after the assembly tags as below
<assembly xmlns=”urn:schemas-microsoft-com:asm.v1″ manifestVersion=”1.0″>
<application xmlns=”urn:schemas-microsoft-com:asm.v3″> 
      <dpiAware xmlns=””>False</dpiAware> 
9) Thats it , now we need to force our windows to use external menifest of the application as high priority, so for this open the registry regedit.
10) Go to the hkeylocal machine
11) After this restart the machine and look what the cool stuff (You need to restart only one time due to the changes in registry so dont worry next time for any manifest addition you do not need to restart it again)
Now the full screen works the way i want and i can now see the menu as well properly. Now go inside the guest os in full screen mode , then go in View menu of the vmware and press auto scale to Stretch.
12) For the netbeans when you will open the executable e.g. netbeans.exe or netbeans64.exe inside the resource hacker you will find inside the menifest something like below tags
<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>
<assembly xmlns=”urn:schemas-microsoft-com:asm.v1″ manifestVersion=”1.0″>
<assemblyIdentity version=”″
<description>nbexec Process.</description>
<!– Identify the application security requirements. –>
<trustInfo xmlns=”urn:schemas-microsoft-com:asm.v3″>
11) Here you can see the developer of the netbeans somehow are not using dpi aware tag thats why windows 10 was forcing it the way windows want and that caused the big visibility issue. So now add the application tag with dpiaware as false like below
<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>
<assembly xmlns=”urn:schemas-microsoft-com:asm.v1″ manifestVersion=”1.0″>
<application xmlns=”urn:schemas-microsoft-com:asm.v3″>
<assemblyIdentity version=”″
<description>nbexec Process.</description>
<!– Identify the application security requirements. –>
<trustInfo xmlns=”urn:schemas-microsoft-com:asm.v3″>
12) Save the new manifest like below inside the netbeans folder.
13) Now just run the application you will see perfect splash screen with perfect menu and perfect scaling of your applications.
How to solve your JAVA ISSUES ( JARS Executables DPI AWARE ):
1) Its very simple just creates two manifests with the above code.
2) These manifest name should be java.exe.manifest and javaw.exe.manifest.
3) Put these two files in your JAVA directories JRE BIN and JDK BIN.
4) Make sure to put in all places where your java is installed. If you have more than one JDK install or JRE install in both program files and program files x86 then you must have to put these files there.
5) Now when you will run the JAR through your IDE it will work. Regardless if the IDE is netbeans of eclipse.
I think Windows 10 is not smart enough to understand when and where it should force the High DPI scaling on Apps. I have purchased this laptop with windows 10 yesterday and more than 5 hours I have tried all kinds of display settings of the Windows 10. So If you are facing the same thing then kindly do not waste your time. Just follow this tutorial and do this manual workaround for your those apps which has display issues on Windows 10.
There are many other apps like android studio or phpstorm ide they works fine on this HDPI win10, so do not think if you need to apply this hack for all kinds of apps.
My previous laptop has windows 10 too,  but the resolution of the laptop was lesser than this one, so I think not all will face the same issue unless they will move to the HDPI with wide screen laptops along windows 10.
Note: If you have any better solution than this one then kindly share your solution in the comments.

How to use RSA public and private keys to encrypt and decrypt your data


RSA cryptography is one of the modern technique, where you do not need a shared-key to encrypt or decrypt your confidential data between two or more people.

A person who would like to send you a secret message can encrypt that message using your public key. The public key is a way to encrypt data which cannot be open by any other key but the private key.

Let’s have an example that Mr.ABC and Mr.DXY both want to communicate with each other privately. In this scenario, both will share their public keys with each other. The public key is not harmful to share with anyone, just as its name it can be shared publically. Even if a hacker gets your public key, he can not do anything, since a public key can encrypt the data which can only be decrypted by the magical private key. That is the beauty of the public key infrastructure cryptography.

So Mr.ABC will encrypt the message using the public key of Mr.DXY, and then he will send this encrypted data to Mr.DXY. On the other side, Mr.DXY can read this data by decrypting it using his private key. The same way Mr.DXY can encrypt any data using Mr.ABC Public key and Mr.ABC can decrypt it by using his private key.

Let’s suppose in the middle of this conversation a hacker on the network will able to retrieve the encrypted data. But the hacker can’t decrypt this data even with the public key of Mr.DXY or Mr.ABC. The only key that can decrypt such data is the Private Key.

So using PKI cryptography is very easy and efficient, you need to generate your public and private key. Send this public key to your friend, and he will send you his public key. Next time for any conversation decrypt the incoming message with your private key, and he will do the same. But you must encrypt the message with your friend key before sending him any message. Using 2048-bit keys are treated as strongest one.

How you can generate Public and Private Keys on your Windows or linux System, there are several ways to do that:

There several ways to do that some of them are as below.

1) Generate the Key-Pair Via Programming like Java

You can create the public and private key in any language. For example using Java you can create both keys using Java security Package. Afterward, you can save them in files.

 KeyPair keyPair = generate_keys(4096);

 PublicKey RSAPubKey = keyPair.getPublic();

 PrivateKey RSAPrivateKey = keyPair.getPrivate();

2) Using OpenSSL

It is very simple, in my case I am using LAMP package “easyPHP”. Which provides me Apache, MySQL, PHP with OpenSSL utilities for Windows. So just jump into the configuration directory of your apache server’s binaries.

a) go to C:\EasyPHP\binaries\apache\bin

b) Run the command file, OpenSSL.exe

(In case you just want OpenSSL then you can install OpenSSL from their official site of the or from any other RSA generator which you can find on the internet)

c) OpenSSL> OpenSSL genrsa -out myprivatekeypair.pem 1024

The above command will create a file in the same directory as myprivatekeypair.pem. This file contained both keys and should be treated as confidential or private.

d) Now export the public key from the PEM file.

OpenSSL> rsa -in myprivatekeypair.pem -pubout -out

3) Other ways for generating Key Pairs

You can use any tool like Putty or on the Windows makecert application to generate the key pairs in PFX or any other formats.

PHP code to encrypt and decrypt the data: 

$plaintext = ‘Hello whats up’;

/** Encrypt by Public Key ***/

$publicKey = openssl_pkey_get_public(file_get_contents(‘\\’));

$encrypted = “”;

if (!openssl_public_encrypt($plaintext, $encrypted, $publicKey))

die(‘Failed to encrypt data’);


echo “Your text is encrypted: “.$encrypted; 

/** Decrypt by Private Key **/

$privateKey = openssl_pkey_get_private(file_get_contents(‘\\myprivatekeypair.pem’));

$decrypted = “”;

if (!openssl_private_decrypt($encrypted, $decrypted, $privateKey))

die(‘Failed to decrypt data’);


echo “Your text is decrypted:”.$decrypted; 

Use cases of PKI Cryptography In development

Other than web applications following are few example where we can use PKI cryptography e.g Building chatbot , messenger , email exchange , securing IOT devices and Bitcoin communication.

Secure your smart phone in 34 Steps

1 ) Use your smartphone’s built-in security features , common security features contain keystroke pattern , PIN or password lock option. By going in android Settings>Location & Security you can enable these security features.

2) To more securely lock your device, you should instead use a pattern lock or a PIN code. Pattern locking has you draw a specific pattern on the screen, while a PIN code has you enter a numeric code to unlock the device.

3 )Smudges could also be a security loop-hole due to the screen of android. Suppose if you unlock your phone and then look at it from an angle, you will likely see a trail of smudges showing what your pattern looks like, or what digits your PIN code consists of. Such smudges appear because of our finger tips so to avoid such threat better to clean those smudges by a smudges cleaner or by using random patterns once you open your android phone. Doing that no one can detect your password pattern or pin code by checking smudges.

4) Avoid using free and unsecured WIFI access , because accessing a web via an open WI-FI network could be free and easy but it does come with many RISKS.

5) Don’t allow your android phone to connect automatically on any free Wi-Fi network. Automatically accessing Wi-Fi network means opening the door to just about anyone. If someone is on the same network with spy intentions then he could see your private chat, browsing or pictures etc. To stop automatic connectivity on Wi-Fi go to Settings>Wireless & Networks> Wi-Fi

6) There are many best antivirus available in the APP market which can be useful for your phone. You must Install an antivirus APP and track your phone because many times malicious code or existing installed app can become security threat for you. Two of the best free mobile antivirus apps are AVG’s Antivirus Free and Lookout they can be downloaded from the Google Play website.

7) Avoid third party websites who offers you new android apps but the best place to download new Apps is Google Play App market which is an official trusted website for android.

8) If you download any APP from non trusted website then you should be careful that a hidden Trojan , virus or malicious code could also be downloaded from the non trusted website within the APP. Always use Google App store for new applications.

9) Scrutinize every app that you download regardless of source, doing that you can figure out easily if the app which you are trying to download is harmless for your phone. Best way to do this is by checking reviews , numbers of stars and user community comments.

10) When you install any application try to understand the permission you are allowing before moving to the next step. Usually applications which require “Full Access to Internet” , “Authority to send Text Messages” or “Access to online accounts” are APPs that can be harmful for your privacy in android. So always be careful before allowing such permission to any APP, otherwise try to avoid such APPS.

11) Granting permission to APP means they can access your personal information , there was a virus that used to take silent pictures and spread it on the internet. Always be careful before granting permission even for the Camera Access.

12) Smart phones are not just phones but a complete package of your private information and data , when you give someone your phone make sure he can’t access your information.

13) Avoid mobile banking transactions on non private networks, they can be very harmful for your private data.

14) To stay protected anywhere anytime you can rely on solutions like “Tend micro mobile security for android” this protect digital files and provide security for mobile banking transaction.

15) Don’t let your Bluetooth connection always ON unless you need bluetooth communication. There are some intelligent malicious codes which spread through bluetooth communication and if a user accepts malicious bluetooth communication then it could even harm the Operating system of android.

16) Always accept blue tooth communication if you really know the computer Id or the phone ID of the person who will receive. Sometimes without assuring the receiver’s mobile ID person can do mistakes by sending his personal data or pictures to an unknown mobile phones.

17) Do not use a forever login session by your social Apps because some mobile apps asks you to should they remember your account password. This feature can enable your application to save your sessions where you don’t need to provide password again and again. It is advisable to always log off from your applications like Skype , Facebook , Google , MSN or twitter rather than granting your APP to remember your passwords. Few seconds of login password process is much more secure than having an unexpired online session for online App or website.

18) Always log out from your social APPs even if you are allowing some one to use your phone. This can protect your dataleak and prevent anyone to misuse your APP’s data.

19) Always remove chat and browser history for better security. This can also make your android run such application fast and optimize.

20) Device administrator permission is very useful for APPs like antivirus or spyware detectors. This gives them special powers, and makes them more difficult to uninstall. This can be a good thing—in the case of Lookout or other antivirus apps—but most applications should work without the extra permissions. As a general rule of thumb, you should only set an app as a device administrator if you trust it and have need of its extended features. A security app may ask to be made an administrator to help better protect your phone, but games and the like have no reason to make the same request. To review your device list with administrator permission follow these steps , access Settings > Security > Device administrators.

21) There are many good data protection application available on GOOGLE PLAY that can secure your videos , images and data by password. So if some one access your mobile phone he cant access those private images , videos unless he provide further password for the given folder or image.

22) If you have a rooted phone, be extra cautious about granting super-user/administrator access to any app. Make sure you understand the purpose of the Super-User access, and trust the developer enough to grant it. This is the highest level of access that anyone (or anything) can have on your Android device, so be really careful with this one.

23) Avoid Piracy under all circumstances; pirated apps that you obtain through illegitimate sources are dangerous for your android phone. Not only is it wrong ethically, it also poses the biggest threat, in that you never know how the pirated APK has been modified. Saving few dollers can be harmful than purchasing the non pirated APPs.

24) Always enable screen lock’s auto locking feature of your phone so it will lock the phone with pattern base password or pin-code.

25) keep updating the Operating System & Apps of your Android phone to reduce the risk of malware attack and for better security protection. If you regularly using internet through your phone then you will get notification when any update of your OS and apps will available.

26) Delete corrupt or faulty applications at any time when any app of your Android phone will get error or will show some warnings then instantly delete those apps because those error applications will harm your cell phone as a malware.

27) Keep checking if there is no duplicate APP exists in your android installed applications. Now a days many hackers are making duplicate apps which are most popular in Android market and if you use those apps then they can easily hack your phone. So it’s a recommendation that always download any type of application and game from Google Play Store

28) Encryption of data means translation of data into a secret code. This option is available for Android 3.0 & greater versions. To secure your data you must encrypt your phone data. To enable this option just go to Settings->>Security->>Check Enable Encryption. Suppose if your phone is stolen then also no one can’t access your data. So always enable the encryption option.

29) Use “SeekDroid” Application for minimizing the risk of losing your phone. If whenever you lost your phone then don’t be panic because this “SeekDroid” will help you to get back your phone. Just Log in to SeekDroid website and from there you can track your phone’s location easily. You can get this app from trusted Google Play Store.

30) Always backup your phone data, contacts & settings in a regular interval to Google website or to your personal computer. If anytime you face any type of problems then you can easily backup those data from your computer or from Google.

31) Pin-code with pattern lock helps to avoid too many fake pattern tries to unlock phone. After the limit of pattern tries security app opens the Pin-Code dialog to avoid data theft and assure if user is authentic. This way if user ever forgets his pattern he can unlock his phone by providing the Pin-Code or password.

32) There are some serious threats using bluetooth including Bluebugging,Bluejacking and Bluesnarfin by which hackers can hack your mobile phone with different techniques. So always use bluetooth when you are 100% sure about the other end is not a hacker or someone unknown to you.

33) Bluejacking is a technique for hackers, in which they get into cell phones and send strange or flirtatious messages to other Bluetooth users within a 10-meter range. The hackers wait to see the kinds of reactions they provoke from those receiving the messages, either through phone messages or the faces of the people receiving the messages. Avoid unknown bluetooth connection unless you trust the other end.

34) Another dangerous threat using bluetooth with non trusted person is Bluebugging. Which allows hackers to gain access to the command system of a phone without owners knowledge.Then hacker can easily extract contact diary, can listen to phone conversations, use the Internet, send emails from accounts and make phone calls.