What are finger print scanner and how does it work

 Malicious actors can harm us in so many ways that we cannot even fathom it. The most common tactic they use is by stealing someone’s identification and using it as their own. For this reason, many IT technicians are working on new technologies to get rid of these kinds of menaces. One of the most talked about technologies is Virtual Private Network (VPN). Many people are using free VPNs to attain security, keep their activities anonymous, and encrypt their traffic. However, there is another method of security that many people are unaware of. Technicians gave creation to the technology called Fingerprint Scanners.
What Is A Fingerprint Scanner?
A fingerprint scanner is a device used to identify a person by scanning their fingerprints. We have several ridges on our fingers. Additionally, every person has a unique pattern. Hence, a fingerprint scanner scans them to identify us.
There are also many types of fingerprint scanners. Some of these are as follows:
Optical reflexive
Capacitive
Mechanical
Thermal
Dynamic output
How Do Fingerprint Scanners Work
The sensor avails a light-penetrating microprocessor that can either be a charge-coupled device or a CCD, or a CMOS image sensor. In doing so, this creates a digital picture. Following this, the processor examines the image mechanically, choosing just the fingerprint, and then uses refined pattern-identical software to turn it into encryption.
This is merely how one type of scanner works. In the other kind, i.e., the capacitive type of scanners, the scanner scans the gaps between our ridges.
So when a person places his or her hand on any object, the ridges are the part that touches the surface. Therefore, these ridges are logged and the gaps distances are measured. In this way, the pattern is recorded. In other words, it means the distance between two ridges that never came in contact with the surface is noted down.
Uses Of Fingerprint Scanners
Fingerprint scanners greatly benefit humanity.
They:
are a secure form of identification.
reduce the work of the human brain.
increase the efficiency of work security.
help log people quickly.
Following are some pieces of equipment in which a fingerprint scanner is being used.
1. Laptops and Computers
Fingerprint Scanners are used prominently and most beneficially in our everyday laptops and computers. Thankfully, we have an option of creating a fingerprint configuration. This way, we can keep our laptops and PC’s secure from external attacks. Additionally, we can prevent someone from getting in without permission.
A fingerprint configuration will keep your information safe if you ever lose your laptop.
2. Smart Phone
Smart Phones hold a lot of our personal information. We keep friends/relatives numbers, personal photographs, and sometimes even our notes and private documents. Additionally, in the worst cases, we have banking apps with our credit card information or even social security numbers stored. Therefore, we can use fingerprint arrangement in our phones to keep such information safe and protected.
If your phone is ever stolen, a lock and a fingerprint confirmation will help prevent your information from being leaked or abused.
3. Online Banking
Just like phones and laptops, we also need fingerprint scanners in online banking. Malicious actors often target bank account details like code pins or account numbers. Therefore, using fingerprint scanners ensure that only you can access your bank information.
4. Automatic doors
Today, industrialization has increased so much that office and home security is moving towards automatic doors. However, these doors open only with the correct fingerprint scan. We call this a biometric lock. A person can add their fingerprints to it and then the door will open only when it scans those fingerprints.
Privacy And Security
Of course, we cannot say that fingerprint scanners are 100% reliable. There are ways to hack them. Hackers always find a way to invade into your personal and professional life. Here are some shortcomings regarding fingerprint scanners:
Hackers can use a 3D system of mildew that is created from a preserved fingerprint.
Mischievous and evil hackers can forge your fingerprint with the assistance of tools which are as plain as a luminous or transparent film and a circuit scribe.
Scanners can malfunction and prevent the user from full access if their skin is wet or if too much dust gathers on the devices.
Thus, you see fingerprint scanners does not guarantee privacy. Therefore cyber-crime departments should work more on the security of fingerprint scanners. However, these shortcomings in this relatively new technology does not negate the fact that fingerprint scanners are and will continue to be very helpful and eventually essential.
Tags: Banking, 

When I wrote about this in early March this year,many of you thought I was joking!!! It's kabale and next is another district... DISOs,GISOs,..... stay warned!!!

Police in Kabale district have arrested Samson Twasiima, the Butanda Sub County National Identification Registration Authority (NIRA) Officer on allegation of bribery and extortion.
The arrest was ordered by Kabale Deputy Resident District Commissioner Gad Rugaju.
Twasiima was arrested on Thursday during a meeting between Mr Rugaju and residents of Butanda, held at Butanda Sub County headquarters.
Rugaju says he called the meeting after several residents reported to his office complaining against the NIRA boss and his colleagues for extorting money from locals who are trying to register for national IDs.
Some of the residents like Winston Tumuheimbise, Elcana Byamukanga and Jonathan Niwamanya told the RDC that the suspect forced them to pay up to Shs 100,000 to accept their applications for the IDs.
Twasiima is also said to have been charging Shs 8000 and 20000 for birth and death certificates respectively from the locals.
In response, Norman Nsenga the Kabale and Rukiga districts NIRA Officer described the situation as unfortunate and apologized for the mess.
He clarified that the registration process for the National IDs is free and all the money supposed to be paid, 5000 for a birth certificate and 50000 for National ID replacement must be paid in the bank.
On his part, Twasiima admitted to have extorted the money from the residents but could not account for it. This forced Rugaju to order for his arrest by police.

Mighty UPDF to get new weapons

A colossal sum of money has been set aside for the purchase of an unnamed item by the Uganda Peoples Defense Forces.
The classified asset is billed at Shs 1.9Trillion, about 6% of the 2019/2020 national budget of 34.3tn.
The Shs 1.94Trillions, is separate from the customary classified expenditure of Shs 225bn also planned for in the same financial year.
The new development is contained in the Ministerial Policy Statement (2019/2020 budget) of Defense and Veteran Affairs ministry.
The annual classified expenditure for the last four financial years since 2015/2016 has been maintained at around Shs 600bn. The 2018/2019 classified expenditure was Shs 640bn.
The planned 2019/2020 total classified expenditure will be Shs 2.2bn, higher than the whole 2018/2019 defense budget of Shs 1.97tn. The 2019/2020 total defense budget stands at Shs 3.4tn, an increment of 58 percent.
The top UPDF generals, Ministers of Defense and Veteran Affairs and Permanent Secretary Rosette Byengoma did not divulge to Members of Parliament any detail about the classified asset during meetings by the Committee on Defense and Internal Affairs sitting at Parliament.
It shall be remembered however, that in mid-2014, the Defense Ministry entered negotiations with a Russian bank through the Russian state owned arms export company, Rosboronexport to acquire a USD$ 170m loan to support the acquisition of some classified equipment.
In 2012 Uganda bought 6 fighter jets from the same Russian state arms export company at Shs 654bn. The government had taken a total of Shs 1.7tn from Bank of Uganda to also buy other military assets from Eastern European countries.
The current Shs 1.94tn (USD$ 524m) can buy 14 multirole Sukhoi Su-30 Russian fighter jets, which are among the most popular in Africa, at the current USD$ 37.5m each. Uganda already has Sukhoi fighter jets in her air force fleet.
The same amount can also buy 112 advanced T-90 third generation Russian made battle tanks. Uganda already own 44 T-90 tanks also known as Vildamirs and the Africa’s biggest defense spender, Algeria (USD$ 10bn) has 572 similar fighter tanks.
Uganda’s Defense spending has also immensely increased from USD$ 500m to USD$ 921m. The defense budget is however projected to reduce to Shs 2.4tn or USD$ 640m in the next financial year of 2020/2021.
When contacted on phone the Ministry of Defense and UPDF Spokesman, Brig. Richard Kaaremire confirmed and defended the budget.
“We need that amount (Shs 1.9tn) to deliver on our mandate as the UPDF,” Karemire briefly said.
The UPDF has four main mandates: to defend and protect the sovereignty and territorial integrity of Uganda, cooperate with civilian authorities in emergency situations and natural disasters, foster harmony and understanding between defense forces and civilians and engage in productive activities for national development.
The Shs 1.9tn for a single classified vote is 48 times bigger than the total 2019/2020 budget of Ministry of ICT and National Guidance’s Shs 40bn.

NOKIA 7 PLUS PHONES SENT PERSONAL INFORMATION TO China.Nokia 7 plus phones have been hidden sending personal information to China. Finland has started an investigation after
NRK’s ​​disclosure.
As per NRK’s reports, The end user’s phone number, GPS location, mobile phone IMEI number has sent to the Chinese server. Every time when Nokia 7 plus devices were powered on or Unlocked the information sent to the server. Moreover, the data packages were in an unencrypted format that is more horrify.
NRK investigated and found the server domain vnet.cn. Vnet.cn domain is own by China Internet Network Information Center( China Telecom).
Likely, that this is an application intended for the Chinese market but which has been accidentally distributed to Nokia 7 Plus phones outside China’s borders. HMD Global refused to make comment to NRK on the matter.
Further more, uncovered code on Github by non-other than Qualcomm.
The only other clue comes courtesy of security researcher Dirk Wetter, who claims the offending APK package sending this data to China is named “com.qualcomm.qti.autoregistration.apk.” He had also investigated the network traffic to his Nokia 7 Plus, and saw the same remarkable packages.

All people in East Africa who use mobile phones are at a risk of falling prey to cyber criminals

C

Throughout my writings and research reports  i have presented to various blogs, websites,and as an experienced cyber security and threat intelligence analyst.I have for long time been warning all of you in East Africa of being subjective and prone to attacks from cyber criminals.I remember telling you of the behavior that show a phone or an technology equipment has been taken over by a malicious spy ware or any exterior intrusion. Some of the characters include fast draining of the battery,unfamiliar sounds in background when calling,slowness and unexpected shutdowns of internet browser and search engines.... etc.
Recently you had that president Uhuru Kenyatta's social media accounts were being intruded by unknown and anauthorised people!!!! How did it happen for a whole president with all availed technocrats. Its ridiculous however we as technologists know that it is possible. I have talked of many issues which President Uhuru Kenyatta's technocrats can put in mind,i know some of these presidents talk to fellow presidents even over the phones and social media and remember that some of your fellows are naturally "un ethical spies"... Try to read through articles on acidicsecurity.blogspot.com .
They are some features that can show that your phone haa been taken over by intrusions, these are:
You will see some unfamiliar apps installed on your phone without your knowledge. These apps include:
Load control:if this is installed on your phone,it means the one who haa remotedly installed it has a load control reciever and is able to recieve and record control data from activities taking place within and on your phone including date,time and gps coordinates.
Settings app:This is meant to provide an opening in the systems of your phone and set alternative settings on your phone that remotely replaces the activities of the original " settings " app on your phone.This rogue settings app has ability to monitor the victims phone,able to stealthily and quickly make glances over whats taki g place on the phone since it also enables PEEKING. it has permission to access to phonebook,camera,..etc as you Will see in the picture
Meter mark:This is a very dangerous app,basically and specifically is meant to take over the gps services on the phone. And because its able to have permission of access to phone storage,it downloads gps data of the phone when it is online and stores it so that it can use it when the phone is offline.it has the ability to import key hole markup language files to enable it display geographical data in all earth browsers like google earth.
Please,if you are a diplomat or a national figure who like making calls to  phone numbers in a highly suspicious country, always reset your phone before you use it for other national duties
You will alao see your phone assigned queer accounts you didn't request  e.gDongnao,others am not going yo reveal because am still making research on them
Some of these rogue apps can not be easily seen for many are remotely installed in the phones chip partitions.
For God And My Country

As you can see from the picture, 70% of these apps activities take place in the background and since such an app has permission to the storage, camera,phone,sms,......etc.. Then i think president Uhuru Kenyatta must not get shock as yo why,how and who infiltrate in his social media accounts.For example,if it has accessibly to cameras it can remotely take screen shots of taps one makes on the keyboard thus enabling him yo take or know our passwords.2.if it can take over the messaging syatem the A2F authentication is rendered a useless..........,since it also read contacts,it thus knows who we talk to most often!!!! I know you all are reading this and most of you as you always brand me  a Museveni spy,but lets put that aside ...and make sure you take a keen interest in the security of your data over uour phone

I have been investigating this online fraud by the one who claims is a brian white foundation ti help people...... Thisbis fraud,deal with him at your own peril

Him and otherbmanyfraudulent people who think can use social.Media to con people should stop

There are other characters who want to blackmail the gorvenment,important personalities should also stop...

We all have the right to expression but we shouldbuse it not to harm others

DRC president is in Rwanda again

Felix the burning issue is"" those numbers are owned by fraudsters"....i recieved their msgs in 2017,2018,....a friend of mine received theiFelix tsiskedi lands in Rwanda again for a meeting

SU-57 is the deadliest multirole air fighter

The Swedish jet has no outstanding characteristics in comparison to the fifth-generation Su-57’s, but reportedly has top of the line electronic warfare (EW) equipment and software, making it difficult for enemy jets to track it.
Commander of Sweden's Air Force, Mats Helgesson, stated that the country's recently developed Saab JAS 39 Gripen E jets were "designed to kill Sukhois" — Russia's top air superiority fighters, Finnish national broadcaster Yle reported. In a bid to further stress the Gripen E's effectiveness, Helgesson concluded that the aircraft have a "black belt" in fighting Russian jets.

Justin Bronk, an aerial-combat expert at the Royal United Services Institute, cited by Business Insider, said that the JAS 39 Gripen series is known for its outstanding EW capabilities, which are upgraded every two years.
"Several years ago the Gripen pilots got tired of being made fun of by German Typhoon pilots and came to play with their wartime electronic warfare and gave them a hell of a hard time", he said.
At the same time, Bronk noted that a pilot never knows in advance whether EW will woATCH Never-Before-Seen Footage of Testing of Su-57 Jet's Stealth Capabilities
Although it's unclear how powerful the EW components of the JAS 39 Gripen E are in comparison to those of the Su-57, as the two have never competed in the air, the Russian fighter jet is capable of carrying a far greater payload (10,000 kg, in comparison to 5,300kg for its Swedish counterpart) and reaching higher speeds (2.45 Mach in comparison to 2 Mach by the Gripen E). Additionally, Russian Sukhoi jets are known for their manoeuvrability in dogfights and ability to perform stunning feats in the air.

Who has been intruding in president Kenyatta's social media accounts

Like i have been alerting you for long,our socail media accounts are not secure!!! I have always told you that 2FA (two factor authentication) cannot help you.i proved this on gmail,yahoo,facebook,instagram..The process of sending us security codes as proof of our security is just bogus. Alot of social media accounts here in africa are prone to ss7 exploits and other state sponsored intruders.i remember telling via my facebook account around mid this month how a certain country had managed to sneak into accounts of its citzens whom it thought were ill talking about its situation.i had proved that after a mishap in Facebook's usual way of working.
On gmail,there are certaim spam messages telling you of bank accounts loaded with money or scholarships where you are convinced to tap on the links with faces of beautiful ladies.This is a dangerous link do not dare try it.
Sometimes when you are logged into your account,you see changes in the font size of your page yet you did not invoke such changes,this means your account is logged to in or on adifferrent device or application on a different device with different settings.
Recently the social media accounts ofof the president od kenya was recently intruded by unknown people.This led to the closing down of his accounts

How to set up two step verification on your social media account

One of the most remarkable developments in the consumer technology industry in the past two decades is the emergence of social media networks. Social media has revolutionized the sort of social connections and interactions we have offline. Additionally, it has enhanced how we communicate and stay informed.

Nowadays, billions of people around the world use one or several of the existing social networking platforms daily to communicate with family, friends, and colleagues. Also, many of us use some of our social media accounts to stay abreast with events and current affairs happening around us and in the lives of those we are connected with on the networks. Although it has its demerits, social media has indubitably brought great benefits to us.

With all the attractions of social networks, it’s easy to get immersed in your online engagement and forget an essential aspect of your digital life — security. However, the risk of account breach (unauthorized access) by bad actors with nefarious intent is real. In fact, every year, thousands of accounts are compromised. Affected users may have their personal details and identities stolen and sold to other bad actors who likely use them for criminal aims.

Two-Step Verification

Such account breaches necessitate the need for the companies behind the platforms to improve their security practices and safety features. One such security feature that is increasingly adopted is the two-step verification. Sometimes known as two-factor authentication (2FA), this account security feature requires any person attempting to gain access to an account to provide additional proof of authenticity — showing that they are allowed to access the account. That second step usually requires the person to enter a code sent to the account owner’s phone or answer a security question pre-defined and answered by the account owner. Only when the right code or answer is entered will the account be successfully accessed. In essence, this two-step verification provides an additional layer of account security.

The practical implication of this feature is that when someone attempts to login from a device not recognized as yours, you will get an alert on your mobile phone or email address about attempted login. Usually, the IP address and location of the unrecognized device will be included.

This two-step verification is significant because in the past before smartphones became popular, internet users only needed their username or email address and password to log into their accounts online. Increase in both password theft and sophistication of hackers became a real and growing concern. Furthermore, using,specially designed bots, hackers could break into potentially vulnerable accounts using stolen account credentials. 

Fortunately, nowadays on many web and mobile applications, users have the option to set up the two-step verification process for their accounts. In other cases, the process is compulsory.

Below we look at how this important security feature is implemented across some big social media platforms.

Facebook

As the most broadly used social networking platform, Facebook’s implementation of the two-step verification feature is unconditionally expected. Thankfully, Facebook users are allowed the freedom to turn on the account security feature using two second-step authentication methods namely:

• SMS codes sent as text messages to your smartphone.
• Access codes from a third party authentication app (e.g., Google Authenticator)

To activate the feature, you have to take the following steps:

1. When logged in, go to your Settings and select the Security and Login option.
2. Go down to the Use two-factor authentication option then click Edit.
3. Select the authentication method of your choice and then follow the instructions that appear on your screen.
4. Once you have turned on the chosen authentication method, click Enable.

Once that it successfully set up, when trying to log in from an unrecognized device, you will have the options to

1. Consent to login attempts from recognized devices.
2. You can also use recovery codes for situations when you don’t have your phone.
3. Tap your security key on another device. The security key can be added when setting up the two-step authentication process.

Instagram

Similar to its parent company Facebook, Instagram allows its users the option of setting up the two-step authentication process. The procedure requires either of the same two authentication methods as Facebook.

When the preferred method is SMS codes sent via mobile text message, the following steps have to be taken to activate the feature.

1. Go to your profile page and tap the menu icon in the top right-hand corner.
2. Select the Settings option from the list.
3. From the list that appears, selectPrivacy and Security.
4. Choose Two-Factor Authentication.
5. Tap on the switch icon next to Text Message.
6. If you don’t have a phone number confirmed and associated with your account, you’ll be prompted to provide it.
7. After entering the number, tap the next icon to complete the setup.

Alternatively, if your preferred authentication method is an authentication app, you’ll need to follow the steps below.

1. Go to your profile page and tap the menu icon on the top right corner.
2. Select the Settings option from the list.
3. From the list that appears, selectPrivacy and Security.
4. Choose Two-Factor Authentication.
5. Tap the Get Started button if you haven’t previously turned on the two-step authentication feature.
6. Tap on the switch icon next to Authentication App and follow the on-screen instructions.
7. To complete the process, enter the code you received from the authentication app.

Twitter

Twitter also allows its users to set up the two-step verification security feature. In order to set up what the company calls login verification, a user must have a confirmed email address and a telephone number confirmed and connected to the account. These requirements will help whenever account recovery becomes necessary. Twitter also offers two authentication methods – SMS code via text message and authentication code generated from a third party authentication app.

The following are the steps you have to take to set up your Twitter login verification via SMS.

1. From the top menu, choose the Profileicon and select Settings and Privacy.
2. Click on Account settings and then Set up login verification.
3. After reading the guiding instructions, click Start. 
4. Input your password and click Verify.
5. Tap or click Send code.
6. Enter the verification code you received on your device before you click Submit.
7. You should click Get Backup Code. Doing so will generate a code for future use in situations where you are without your valid phone number for whatever reason. It is advised you safely store the code. For example, you can take a screenshot of it and save it to your cloud storage application.

After successfully setting up the process, each time you attempt to login to Twitter, you’ll be prompted to enter a six-digit code sent to your confirmed phone number. You can learn how to use the authentication code method here.

WhatsApp

If you’re one of the more than 1 billion active WhatsApp users, you have the option to enable the double verification feature. When successfully activated, you’ll be required to provide a six-digit PIN each time you try to verify your phone number. The PIN is generated through the process of enabling two-step verification.

To turn on two-step verification on WhatsApp, you’ll have to:

1. Go to Settings.
2. Select Account.
3. Select Two-step verification.
4. Tap Enable.

You can also add your email address upon activating this feature. The email address will be an alternative for you to receive a link should you forget your PIN. Using the link, you’ll be able to disable two-step authentication. The company strongly advises users to be careful enough to give the correct email address since they do not verify the provided address. Similarly, if you never requested to confirm your phone number but received a link from WhatsApp, you’re advised to ignore it as someone else may be trying to do without your knowledge or permission.

LinkedIn

In order to be able to set up the two-step verification on LinkedIn, the user is required to have a phone number confirmed and associated with their account.

To activate the extra account security feature, you should take the following steps:

1. Click on the Profile icon with the label Me at the right area of the top menu bar.
2. From the drop-down menu, choose Settings & Privacy.
3. Under the Account section, select Login and Security.
4. In the new page that opens, select the Account tab (the first tab before Privacy).
5. Click Turn On on the right end of the Two-step verification to activate the feature. If you have not connected a phone number, you’ll have to click Change and then Add a phone number.
6. Input the verification code sent your connected phone number into the box and click Verify.

Snapchat

Snapchat offers the two standard authentication methods earlier mentioned. The following are the steps you have to take to turn on the feature.

1. When on the main Camera home screen, tap on the Profile icon located on the top left corner.
2. Tap the Settings icon shown as a cogwheel.
3. Select Two-Factor Authentication:
4. Follow the subsequent instructions that are provided on your screen.

The company also advises users who activate this feature to generate a Recovery Code and save it in a safe location. It will be helpful in scenarios where the phone is missing, or phone number is changed, or when the phone is restored to original settings.

Lastly, if you’ve never really used the two-factor authentication feature on your social media accounts, now is the time to do so. Use what you’ve learned here to protect your diappfrom  access by people who may be bent on doing you harm online. As a matter of fact, you’d be well advised to apply this vital safety feature across your other online accounts that hold valuable information (e.g., online banking application, financial trading or investing platfapplicationsthcare, and pharmaceutical applicatio