Senin, 20 Oktober 2014

Feature Baru Pada Android 5.0 - Lollipop

Android 5.0 membawa perubahan yang paling menonjol dalam hal desain sejak hari Android 4.0 Ice cream sandwich. Dinamakan "Material Design", Google telah memberikan semua desain baru untuk Android 5.0 dan meminta pengembang App untuk mengikuti hal yang sama dalam rangka untuk membangun kualitas App desain sistem yang ekonomis. Warna yang hidup dan berani dikombinasikan dengan semua tipografi baru membuat Android 5.0 menonjol dari rilis sebelumnya dan Android tetap menjaga kenyamanan saat digunakan.

Meskipun desain adalah fitur yang paling ditonjolkan dari Android 5.0, Android 5.0 adalah sistem operasi Android pertama yang mendukung prosesor 64-bit dan ART (Android Run Time), adalah runtime standar yang digunakan android untuk menggantikan Dalvik. Google menjanjikan 4X peningkatan kinerja dengan ART runtime.
Google juga memasukan feature optimasi hemat baterai yang mungkin dapat memberikan Anda sampai 90 menit penggunaan tambahan dibandingkan dengan versi Android sebelumnya.

Ini Feature terbaru dari Android Versi 5.0 (Lollipop) :

Material Design
·       A bold, colorful, and responsive UI design for consistent, intuitive experiences across all your devices
·       Responsive, natural motion, realistic lighting and shadows, and familiar visual elements make it easier to navigate your device
·       Vivid new colors, typography, and edge-to-edge imagery help to focus your attention

·       New ways to control when and how you receive messages – only get interrupted when you want to be
·       View and respond to messages directly from your lock screen. Includes the ability to hide sensitive content for these notifications
·       For fewer disruptions, turn on Priority mode via your device’s volume button so only certain people and notifications get through. Or schedule recurring downtime like 10pm to 8am when only Priority notifications can get through
·       With Lollipop, incoming phone calls won’t interrupt what you’re watching or playing. You can choose to answer the call or just keep doing what you’re doing
·       Control the notifications triggered by your apps; hide sensitive content and prioritize or turn off the app’s notifications entirely
·       More intelligent ranking of notifications based on who they’re from and the type of communication. See all your notifications in one place by tapping the top of the screen

·       Power for the long haul
·       A battery saver feature which extends device use by up to 90 mins
·       Estimated time left to fully charge is displayed when your device is plugged in
·       Estimated time left on your device before you need to charge again can now be found in battery settings

·       Keep your stuff safe and sound
·       New devices come with encryption automatically turned on to help protect data on lost or stolen devices
·       SELinux enforcing for all applications means even better protection against vulnerabilities and malware
·       Use Android Smart Lock to secure your phone or tablet by pairing it with a trusted device like your wearable or even your car

Device Sharing
·       More flexible sharing with family and friends
·       Multiple users for phones. If you forget your phone, you still can call any of your friends (or access any of your messages, photos etc.) by simply logging into another Android phone running Lollipop. Also perfect for families who want to share a phone, but not their stuff
·       Guest user for phones and tablets means you can lend your device and not your stuff
·       Screen pinning: pin your screen so another user can access just that content without messing with your other stuff

New Quick Settings
·       Get to the most frequently used settings with just two swipes down from the top of the screen
·       New handy controls like flashlight, hotspot, screen rotation and cast screen controls
·       Easier on/off toggles for Wi-Fi, Bluetooth, and location
·       Manually adjust your brightness for certain conditions. Then, adaptive brightness will kick in based on ambient lighting

·       A better internet connection everywhere and more powerful Bluetooth low energy capabilities
·       Improved network handoffs resulting in limited interruption in connectivity. For example, continue your video chat or VoIP calls without interruption as you leave the house and switch from your home Wi-Fi back to cellular
·       Improved network selection logic so that your device connects only if there is a verified internet connection on Wi-Fi
·       Power-efficient scanning for nearby Bluetooth low energy (“BLE”) devices like wearables or beacons
·       New BLE peripheral mode

Runtime and Performance
·       A faster, smoother and more powerful computing experience
·       ART, an entirely new Android runtime, improves application performance and responsiveness
·       Up to 4x performance improvements
·       Smoother UI for complex, visually rich applications
·       Compacting backgrounded apps and services so you can do more at once
·       Support for 64 bit devices, like the Nexus 9, brings desktop class CPUs to Android
·       Support for 64-bit SoCs using ARM, x86, and MIPS-based cores
·       Shipping 64-bit native apps like Chrome, Gmail, Calendar, Google Play Music, and more
·       Pure Java language apps run as 64-bit apps automatically
·       Bolder graphics and improved audio, video, and camera capabilities
·       Lower latency audio input ensuring that music and communication applications that have strict delay requirements provide an amazing realtime experience
·       Multi-channel audio stream mixing means professional audio applications can now mix up to eight channels including 5.1 and 7.1 channels
·       USB Audio support means you can plug USB microphones, speakers, and a myriad of other USB audio devices like amplifiers and mixers into your Android device
·       OpenGL ES 3.1 and Android extension pack brings Android to the forefront of mobile graphics putting it on par with desktop and console class performance
·       A range of new professional photography features for Android Lollipop that let you
·       Capture full resolution frames around 30 fps
·       Support raw formats like YUV and Bayer RAW
·       Control capture settings for the sensor, lens, and flash per individual frame
·       Capture metadata like noise models and optical information
·       State of the art video technology with support for HEVC main profile to allow for UHD 4K 10-bit video playback, tunneled hardware video decoding to save power and improved HLS support for streaming

OK Google
·       Easy access to information and performing tasks
·       Even if your screen is off, you can say “OK Google” on devices with digital signal processing support such as Nexus 6 and Nexus 9
·       Talk to Google on the go to get quick answers, send a text, get directions and more

Android TV
·       Support for living room devices
·       User interface adapted for the living room
·       Less browsing, more watching with personalized recommendations for content like movies and TV shows
·       Voice search for Google Play, YouTube and supported apps so you can just say what you want to see
·       Console-style Android gaming on your TV with a gamepad
·       Cast your favorite entertainment apps to your big screen with Google Cast support for Android TV devices

·       Enhanced low vision and color blind capabilities
·       Boost text contrast or invert colors to improve legibility
·       Adjust display to improve color differentiation

Now in 68+ languages
·       15 new additions
·       Basque, Bengali, Burmese, Chinese (Hong Kong), Galician, Icelandic, Kannada, Kyrgyz, Macedonian, Malayalam, Marathi, Nepali, Sinhala, Tamil, Telugu

Device set up
·       Get up and running in no-time
·       Tap & go: instant set up of your new Android phone or tablet by simply tapping it to your old one (requires NFC)
·       Whenever you get a new Android phone or tablet, you can bring over your apps from Google Play automatically from any of your old Android devices

And a whole lot more
·       Tap & pay: easily manage multiple payment apps by quickly switching between them
·       Print preview and page range support
·       Revamped display for battery, Bluetooth, data usage, and Wi-Fi settings and new search functionality
·       New device level feedback for Nexus devices in Settings > about phone > send feedback
·       Easier sharing with
·       Improved ranking of your options within the share menu
·       Android Beam: lets you share a file with someone nearby by gently tapping the two devices together
·       Where supported by the hardware, your device will wake up as soon as you pick it up or tap the screen twice
·       Improved hardware keyboard accessory support including support for multilingual, emoji input, search key, and improved app and system key chords

Dony Ramansyah
site :
blog :
email : dony.ramansyah[at]
Registered linux user : ID 400171

Bugs POODLE - Celah Keamanan Pada SSL v3.0

Tanggal 14 Oktober pihak google sudah mengeluarkan rincian dari kerentanan dalam desain SSL versi 3.0. Penyerang dapat mendapatkan akses terhadap data sensitive melalui session web yang tereknripsi seperti password, cookies, dan autentikasi lainnya. Bodo Möller menemukan masalah ini bekerjasama dengan Thai Duong dan Krzysztof Kotowicz (juga Googler).

Protokol SSL ini telah ada sejak 18 tahun yang lalu. Protokol ini telah digantikan oleh TLS 1.0 TLS 1.1 dan TLS 1.2. Walaupun begitu masih banyak server yang masih support terhadap SSL 3.0 ini. Layanan TLS  menyediakan sebuah fungsi downgrade dance. Maksudnya adalah awalnya pada saat handshake, server akan menawarkan protokol keamanan tertinggi misalnya TLS, tapi bila client ternyata tidak support terhadap protokol tersebut maka server akan menawarkan protokol security yang lebih rendah.

Nah ketiga peneliti diatas menemukan jenis serangan yang dapat meminta server untuk tidak menggunakan protokol TLS, tapi menggunakan protokol SSL 3.0  (downgrade dance). Setelah melakukan downgrade maka penyerang akan dengan mudah menjebol protokol SSL ini dan dapat mencuri http cookies atau http authorization header content. Kelemahan protokol SSL 3.0 ini  karena menggunakan enkripsi RC4 stream cipher atau Block cipher (CBC). Pata website kelemahan ini bisa dieksploitasi dengan serangan man in middel attack, penyerang mencuri HTTP cookies kemudian mendecrypt cookies dengan teknik serangan BEAST.

Banyak layanan yang rawan terhadap serangan Poodle ini,  Apache, nginx, Postfix, Dovecot, HAProxyserver dan puppet. Pada sisi client browser Firefox, Internet Explorer, Chrome, juga masih support SSL 3.0. Untuk menangani serangan ini dianjurkan untuk menonaktifkan protokol SSL 3.0 dan menggunakan TLS- Fallback- SCSV.

Ada layanan yang dapat digunakan untuk menguji apakah server kita rawan terhadap celah keamanan ini, silahkan dicoba disini

Beberapa bahan bacaan tentang celah keamanan ini bisa dilihat disini:

Saat ini satu-satunya cara untuk mengatasi bug tersebut adalah dengan menonaktifkan (disable) SSLv3, cara nya :

Buka file /etc/apache2/mods-available/ssl.conf dibagian SSLProtocol ubah menjadi

SSLProtocol all -SSLv2 -SSLv3

restart Apache

service apache2 restart

Buka file /etc/httpd/conf.d/ssl.conf dibagian SSLProtocol ubah menjadi

SSLProtocol all -SSLv2 -SSLv3

restart Apache

service apache2 restart

Menonaktifkan SSL 3.0, atau CBC-mode cipher dengan SSL v3.0, bisa digunakan untuk mencegah masalah ini, tetapi akan menyebabkan masalah kompatibilitas yang signifikan pada webserver, Oleh karena itu respon yang kami rekomendasikan adalah untuk mengaktifkan TLS_FALLBACK_SCSV. Ini adalah mekanisme yang memecahkan masalah yang disebabkan oleh SSL v3.0. Hal ini juga mencegah downgrade ke TLS 1,2-1,1 atau 1,0 dan  dapat membantu mencegah serangan di masa depan.

Untuk web browser Google Chrome telah mendukung TLS_FALLBACK_SCSV sejak Februari dan dengan demikian akan aman untuk digunakan tanpa masalah kompatibilitas. Selain itu, Google Chrome akan mulai perubahan pengujian hari yang menonaktifkan fallback untuk SSL v3.0. Perubahan ini akan merusak beberapa situs dan situs tersebut akan perlu diperbarui dengan cepat.

Semoga bermanfaat untuk teman semua

Dony Ramansyah
site :
blog :
email : dony.ramansyah[at]
Registered linux user : ID 400171

Install Antivirus Clamav di Linux Centos

Disini saya akan share sedikit info bagaimana cara nya untuk menginstall antivirus clamav dan bagaimana cara scan nya pada Linux Centos.

1. Aktifkan repository EPEL pada Linux Centos :

CentOS 6 – 32-bit

# rpm -Uvh

CentOS 6 – 64-bit

# rpm -Uvh

CentOS 5 – 32-bit

# rpm -Uvh

CentOS 5 – 64-bit

# rpm -Uvh

2. Install Clamav antivirus nya :

# yum install clamav clamd
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror, rhnplugin, security
This system is not registered with RHN.
RHN support will be disabled.
Loading mirror speeds from cached hostfile
 * epel:

Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package clamav.i386 0:0.98.4-1.el5 set to be updated
--> Processing Dependency: clamav-db = 0.98.4-1.el5 for package: clamav
---> Package clamav.x86_64 0:0.98.4-1.el5 set to be updated
---> Package clamd.x86_64 0:0.98.4-1.el5 set to be updated
--> Running transaction check
---> Package clamav-db.x86_64 0:0.98.4-1.el5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

 Package                         Arch                         Version                            Repository                  Size
 clamav                          i386                         0.98.4-1.el5                       epel                       1.8 M
 clamav                          x86_64                       0.98.4-1.el5                       epel                       1.6 M
 clamd                           x86_64                       0.98.4-1.el5                       epel                       261 k
Installing for dependencies:
 clamav-db                       x86_64                       0.98.4-1.el5                       epel                        86 M

Transaction Summary
Install       4 Package(s)
Upgrade       0 Package(s)

Total download size: 90 M
Is this ok [y/N]: y
Downloading Packages:
(1/4): clamd-0.98.4-1.el5.x86_64.rpm                                                                       | 261 kB     00:00    
(2/4): clamav-0.98.4-1.el5.x86_64.rpm                                                                      | 1.6 MB     00:00    
(3/4): clamav-0.98.4-1.el5.i386.rpm                                                                        | 1.8 MB     00:00    
(4/4): clamav-db-0.98.4-1.el5.x86_64.rpm                                                                   |  86 MB     00:30    
Total                                                                                             2.8 MB/s |  90 MB     00:32    
warning: rpmts_HdrFromFdno: Header V4 DSA signature: NOKEY, key ID 217521f6
epel/gpgkey                                                                                                | 1.7 kB     00:00    
Importing GPG key 0x217521F6 "Fedora EPEL " from /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : clamav-db                                                                                                  1/4
  Installing     : clamav                                                                                                     2/4
  Installing     : clamav                                                                                                     3/4
  Installing     : clamd                                                                                                      4/4

  clamav.i386 0:0.98.4-1.el5                clamav.x86_64 0:0.98.4-1.el5                clamd.x86_64 0:0.98.4-1.el5              

Dependency Installed:
  clamav-db.x86_64 0:0.98.4-1.el5                                                                                                


3. Update dulu database signature antivirus clamav nya :

# freshclam
ClamAV update process started at Mon Oct 20 09:59:28 2014
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
WARNING: getfile: daily-19121.cdiff not found on remote server (IP:
WARNING: getpatch: Can't download daily-19121.cdiff from
WARNING: getfile: daily-19121.cdiff not found on remote server (IP:
WARNING: getpatch: Can't download daily-19121.cdiff from
WARNING: getpatch: Can't download daily-19121.cdiff from
WARNING: Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
daily.cvd updated (version: 19521, sigs: 1209168, f-level: 63, builder: dgoddard)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 242, sigs: 46, f-level: 63, builder: dgoddard)
Database updated (3633439 signatures) from (IP:

4. Lakukan scanning virus pada folder yang di inginkan :

# clamscan -r /home

Semoga bermanfaat juga untuk teman semua.

Dony Ramansyah
site :
blog :
email : dony.ramansyah[at]
Registered linux user : ID 400171

Senin, 13 Oktober 2014

Scanning Malware Di Linux

Wah... sudah lama juga nih belum update blog nya, baru sempat sekarang, Kali ini saya akan coba sharing sedikit mengenai bagaimana cara nya untuk melakukan deteksi malware di OS Linux, Dulu pernah saya bahas juga untuk simple audit security dilinux pada tulisan ini.

Linux Malware Detect (LMD) adalah scanner malware untuk Linux yang dirilis di bawah lisensi GNU GPLv2, dirancang untuk mendeteksi adanya ancaman malware yang sudah tertanam di Linux. Selain itu, LMD ini sudah akan mendeteksi malware berdasarkan signature file nya yang berbasis hash MD5 yang dibandingkan juga dengan HEX pattern nya, Hasil scan LMB ini juga dapat dengan mudah diekspor ke sejumlah alat deteksi seperti ClamAV.

Kebetulan saya pakai Linux Centos untuk mencoba Linux Malware Detect ini. Langkah-langkah untuk melakukan instalasi nya adalah :

1. Download dulu LMD nya :

# wget

2. Setelah selesai download, jangan lupa di extract :

# tar -xvzf maldetect-current.tar.gz 

3. Kita masuk dulu kedalam folder hasil extract tadi, lalu jalankan instalasi nya dan pastikan linux nya sudah terkoneksi ke internet karena dibutuhkan untuk download signature yang dibutuhkan :

# ./ 
Linux Malware Detect v1.4.2
            (C) 2002-2013, R-fx Networks
            (C) 2013, Ryan MacDonald
inotifywait (C) 2007, Rohan McGovern
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet

imported config options from /usr/local/maldetect.last/conf.maldet
maldet(4130): {sigup} performing signature update check...
maldet(4130): {sigup} local signature set is version 201205035915
maldet(4130): {sigup} new signature set (2014100624041) available
maldet(4130): {sigup} downloaded
maldet(4130): {sigup} downloaded
maldet(4130): {sigup} downloaded
maldet(4130): {sigup} downloaded
maldet(4130): {sigup} downloaded
maldet(4130): {sigup} signature set update completed
maldet(4130): {sigup} 11792 signatures (9899 MD5 / 1893 HEX)

4. Edit file konfigurasi nya :

# vi /usr/local/maldetect/conf.maldet

Berikut option konfigurasi sederhana nya :

# The default email alert toggle
# [0 = disabled, 1 = enabled]

# The subject line for email alerts
email_subj="maldet alert from $(hostname)"

# The destination addresses for email alerts
# [ values are comma (,) spaced ]

# Ignore e-mail alerts for reports in which all hits have been cleaned.
# This is ideal on very busy servers where cleaned hits can drown out
# other more actionable reports.

# The default quarantine action for malware hits
# [0 = alert only, 1 = move to quarantine & alert]

# Try to clean string based malware injections
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = clean]

# The default suspend action for users wih hits
# Cpanel suspend or set shell /bin/false on non-Cpanel
# [NOTE: quar_hits=1 required]
# [0 = disabled, 1 = suspend account]
# minimum userid that can be suspended

Untuk melakukan scanning malware, misal nya kita akan melakukan scan terhadap folder home, maka perintah nya adalah :

# maldet --scan-all /home/
Linux Malware Detect v1.4.2
            (C) 2002-2013, R-fx Networks
            (C) 2013, Ryan MacDonald
inotifywait (C) 2007, Rohan McGovern
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(4397): {scan} signatures loaded: 11792 (9899 MD5 / 1893 HEX)
maldet(4397): {scan} building file list for /home/, this might take awhile...
maldet(4397): {scan} file list completed, found 61819 files...
maldet(4397): {scan} 61819/61819 files scanned: 0 hits 0 cleaned
maldet(4397): {scan} scan completed on /home/: files 61819, malware hits 0, cleaned hits 0
maldet(4397): {scan} scan report saved, to view run: maldet --report 100714-1657.4397

Anda dapat memeriksa hasil report scan malware  dengan menjalankan perintah berikut dan menambahkan report ID nya :

# maldet --report nomor xxxx.xxxxx

Dari contoh diatas, maka perintah nya :

# maldet --report 100714-1657.4397

Untuk mengkarantina file yang terinfeksi, jalankan perintah berikut sesuai dengan laporan ID nya, maka file suspect  akan dikarantina untuk pembersihan :

# Maldet -q SCAN ID
# Maldet -quarantine SCAN ID

Untuk membersihkan semua hasil malware dari scan sebelumnya :

# Maldet -n SCAN ID
# Maldet --clean SCAN ID

Mengembalikan file yang telah Anda dikarantina :

# Maldet -s FILENAME
# Maldet --restore FILENAME

Semoga bermanfaat untuk teman semua :)

Dony Ramansyah
site :
blog :
email : dony.ramansyah[at]
Registered linux user : ID 400171