Remove eSignature Presentation Computer

Those who have card readers at home (to be used with ID-cards) or mobile ID (used, among other things, for bank payments) will log in using their ID to a designated website, pick a candidate, click a few mouse clicks, and done.To ensure anonymity of voting, the hardware used for particular elections will then be publicly destroyed after the votes are counted (the electronic votes are normally taken some days before the physical votes, which sort of gives away some voting tendencies in advance). Still, it doesn’t stop the public from ever wondering each time elections come up about the anonymity and possible abuse of the system. Cases have been known where some heads of households would gather all ID cards of the family (especially old grandparents) and vote for whomever they chose.In recent elections, about 30 per cent of all active voters voted electronically. I know some people who never use this option for fear that records may remain. I personally fluctuate between voting electronically (“Meh, too lazy to go outside today”) and physically (“Elections day, come on family, time to do our citizen duty and have a nice walk!”).Update: just received my new ID card this week, and the envelope with the card reminds me when the next elections happen and encourages me not to waste my vote.

Cracked versions of software are created with the use of debuggers. (A debugger is a special type of software that lets programmers deconstruct their software into its constituent parts for the purpose of finding bugs, and thus de-bugging. Additionally debuggers can be used for reverse-engineering, or to see what is inside the software, to learn its logic. The latter method is used mostly by malware researchers to study what malware (or computer viruses) do on-the-inside. But it can be also used by an attacker to "crack" (or bypass) legal software registration, or at times, to alter normal behavior of software, for instance by injecting a malicious code into it.)For the sake of this example, I will assume that the software that is being "cracked" was compiled into a native code, and is not a .NET or a JavaScript based application. (Otherwise it will be somewhat trivial to view its source code.) The compiled native code is a bit more tricky "beast" to study. (Native means that the code executes directly by the CPU, GPU, or other hardware.)So let's assume that the goal of an attacker is to bypass the registration logic in the software so that he or she doesn't have to pay for it. (Later for lolz, he or she may also post such "crack" on some shady online forum or on a torrent site so that others can "use" it too and give him or her their appreciation.)For simplicity let's assume that the original logic that was checking for the software registration was written in C++ and was something similar to the following code snippet:In this code sample "RegistrationName" and "RegistrationCode" are special strings of text that a legitimate software user will receive after paying for the license. (The name is usually that person's actual name or their email address, and the code is some string of unique/special characters that is tied to the name.)In the logic above, the function named "isRegistrationCodeGood()" will check if "RegistrationName" and "RegistrationCode" are accepted using some proprietary method. If they are, it will return true. Otherwise false. That outcode will dictate which branch (or scope) the execution will follow.So the logic above will either show that registration failed and quit:Or, if the registration code and name matched, it will save the registration details in persistent storage (such as the File System or System Registry) using the function named "rememberRegistrationParameters()" and then display the message thanking the user for registering:A "cracker" will obviously want to achieve the second result for any registration code that he or she enters. But they have a problem. They do not have the C++ source code, part of which I showed above. (I hope not!)So the only recourse for an attacker is to disassemble the binary code (that always ships with software in the form of .exe and .dll files on Windows, and mostly as Unix executables inside the .app packages on a Mac.) An attacker will then use a debugger to study the binary code and try to locate the registration logic that I singled out above.Next you can see the flowchart for a snippet of code that I showed in C++, presented via a low-level debugger. Or, as the code will be read in the binary form after compilation:(For readability I added comments on the right with the names of functions and variables. They will not be present in the code that an attacker could see.)(To understand what is shown above an attacker will have to have good knowledge of the Assembly language instructions for the native code.)I also need to point out that having a disassembly snippet like the one above is the final result for an attacker. The main difficulty for him or her is to locate it among millions and millions of other similar lines of code. And that is their main challenge. Not many people can do it and that is why software "cracking" is a special skill.So having found the code snippet above in the software binary file a "cracker" has two choices:1) Modify (or patch) the binary.2) Reverse-engineer the "isRegistrationCodeGood()" function and copy its logic to create what is known as a "KeyGen" or "Key Generator."Let's review both:The first choice is quite straightforward. Since an attacker got this far, he or she knows the Intel x64 Instruction Set quite well. So they simply change the conditional jump from "jnz short loc_7FF645671430" at the address 00007FF645671418 (circled in red in the screenshots) to unconditional jump, or "jmp short loc_7FF645671430". This will effectively remove any failed registration code entries and anything that the user types in will be accepted as a valid registration.Also note that this modification can be achieved by changing just one byte in the binary code from 0x75 to 0xEB:But this approach comes with a "price" of modifying the original binary file. For that an attacker needs to write his own "patcher" (or a small executable that will apply the modification that I described above.) The downside of this approach for an attacker is that patching an original executable file will break its digital signature, which may alert the end-user or the vendor. Additionally the "patcher" executable made by an attacker can be easily flagged and blocked by the end-user's antivirus software, or lead criminal investigators to the identity of the attacker.The second choice is a little bit more tricky. An attacker will have to study "isRegistrationCodeGood()" function and copy it into his own small program that will effectively duplicate the logic implemented in the original software and let him generate the registration code from any name, thus giving any unscrupulous user of that software an ability to register it without making a payment.Vendors of many major software products understand the potential impact of the second method and try to prevent it by requiring what is known as "authentication." This is basically a second step after registration, where the software submits registration name to the company's web server that returns a response back to the software of whether the code was legitimate or not. This is done by Microsoft when you purchase Windows (they call it "Activate Windows") and also by signNow, and many other companies. This second step may be done behind-the-scenes on the background while the software is running, and will usually lead to cancellation of prior registration if it was obtained illegally.So now you know how software is "cracked".Let me answer why it is not possible to prevent it. It all boils down to the fact that any software code needs to be read either by CPU (in case of a binary native code) or by an interpreter or a JIT compiler (in case of JavaScript or .NET code.) This means that if there's a way to read/interpret something, no matter how complex or convoluted it is, an attacker with enough knowledge and persistence will be able to read it as well, and thus break it.There is an argument though that cloud-based software is more secure, which is true, since its (binary) code remains on the server and end-users do not have direct access to it. And even though cloud-based software is definitely the future, it has some major drawbacks that will never allow it to fully replace your conventional software. To name just a few:Not everyone has an internet connection, or is willing to upload their data online. Additionally someone’s internet connection can be very expensive or too slow to make the software run very laggy.Then there’s a question of distributed computing. For instance, Blizzard Entertainment would never make “World of Warcraft” to fully run on their servers due to immense computational resources needed to render every single scene for every player they have. Thus it is in their best interest to let each individual user’s computer to do the rendering instead.As a software developer myself, I obviously don't like when people steal software licenses. But I have to accept it and live with it. The good news is that there are not that many people who are willing to go extra mile and search for a cracked version of software. The main problem for those who do, is that by downloading a patched executable, or an attacker's KeyGen or a Patcher, they are effectively "trusting" him or her not to put anything "nasty" into it that was not "advertised on the package" (stuff like trojans, malware, or keyloggers.) So the question for those people becomes -- is it worth the cost of the software license to potentially infect your system with a nasty virus?On the other side of the equation, some developers react very negatively to any attempts to steal their software licenses. (I was there too.) They try to implement all kinds of countermeasures -- anything from tricking reverse-engineers, to adding booby traps in the code that may do something nasty if the code detects that it is being debugged, to obfuscating or scrambling the code, to enforcing all kinds of convoluted DRM schemes, to blocking users from certain countries. I personally try to stay away from all of those measures. And here's why:A) Any kind of anti-reverse-engineering tactics could be bypassed by an attacker with enough persistence. So why bother and waste my time when I can invest that time into adding something useful to my software that will make it more productive for legitimate users?B) Some code packers could create false positives with antivirus software, which is obviously not good for marketing of that software. It also creates unnecessary complexity for the developer to debug the software.C) Adding booby traps in the code can also “misfire” on your legitimate users, which will really infuriate them and can even lead to lawsuits.D) Any DRM scheme will probably catch some 100 illegal users and greatly inconvenience 10,000 legitimate ones. So why do it to your good customers?E) Our statistics show that about 75% of all illegal licenses come from China, Russia, Brazil, to name the worst offenders. (I also understand that the reason may be much lower incomes that people have in those countries.) The main issue for us though was the fact that if we enforce our DRM or add some strong registration authentication, many people that wanted to bypass our registration would simply use a stolen credit card number. And we had no control over it. Our system will use it to send them a legitimate license only to have the payment bounce in weeks time. As a result we would lose the money that were paid for the license, plus the credit card company will impose an additional chargeback fee to our account, which may range from $0.25 to $20 per bad purchase on top of the license cost.F) As was pointed out in the comments, some companies may actually benefit from allowing pirated copies of their software. Microsoft for instance gets a lot of free publicity from people using their Windows OS, the same goes for signNow with their Photoshop. That is a good point that I agree with.So my philosophy is now this -- if someone wants to go extra mile and steal our software, go for it! They went this far to do it anyway, so they probably have a good reason. On the positive side there are so many other customers that appreciate the work that goes into creating software that greatly outnumber those that don’t.PS. Thank you for all your feedback! It makes me feel good that the knowledge I shared is useful to others.

Very much true.The US military has massive power projection, more than any country in the history of man. The US has 11 (CATOBAR/STOBAR) Aircraft Carriers, while the next country has 1 which is, China, Russia, India, UK, and France. Also, the US Carriers are not just regular carriers, they are known as Super Carriers. Which is a term coined by the public to say that these carriers are so large that they exceed the definition of an Aircraft Carrier. Also, the US carriers were designed in the 70’s and countries are now just starting to make designs that could compete with the American Carriers. However, the US just redesigned the carrier and is coming out with the new Gerald R. Ford Class Carrier, which is supposed to be years possibly decades ahead of any other countries design. If you include Helicopter Carriers, and Amphibious Assault ships, that number jumps up to 20, soon to be 22. Then the next highest is tied between Japan and France with 4. My favorite part about the US having so many Aicraft Carriers is that if we divided them up between the major oceans, we could have 4 in each ocean… Crazy. The US carriers are also nuclear powered, they are the only carriers to be nuclear powered besides the French R91 Charles de Gaulle.Note the types of planes on the US Carriers. If you look at the USS Gerald R. Ford, it is fielding 5 different aircraft. 4 planes and 1 helicopter. We will look at the planes. Woden note, the USN has the 2nd largest Air Force in the world, right behind the USAF.First plane- McDonnell Douglas F/A-18 Hornet/Super Hornet: The plane is one of the most decorated planes, with thousands of successful missions, while requiring 3x less maintenance and failures than its counterparts. The plane has electronic warfare capabilities, air to air, and air to ground capabilities. Also, has spy and early warning capabilities. It was one of the first aircraft to heavily use multifunction displays, which at the switch of a button allow a pilot to perform either fighter or attack roles or both. The airframe is complex yet so simple, that a 4 man team can remove and install a new F404 engine in 40 minutes. Was also one of the very first 4th generation fighter on an aircraft carrier.Second plane- Northrop Grumman X-47B: This guy will be the very first and only Carrier based Drone. Northrop Grumman intends to develop the prototype X-47B into a battlefield-ready aircraft, the Unmanned Carrier-Launched Airborne Surveillance and Strike (UCLASS) system, which will enter service in the 2020s. So it’ll have strike options and surveillance capabilities.Third plane- Northrop Grumman E-2 Hawkeye: Many countries have AWAC systems or Airborne early warning and control. But only the United States have a Carrier based AWAC system. With the creation of this system, carriers that are hundreds of miles away from the nearest AWAC system, this plane gives the ability for a carrier strike group to potentially detect fifth-generation fighters like the Russian Sukhoi Su-57 and the Chinese Chengdu J-20 and Shenyang J-31 farther out. Also, gives the ability to guide fleet weapons, such as AIM-120 AMRAAM and SM-6 missiles, onto targets beyond a launch platform's detection range or capabilities.Fourth plane- Lockheed Martin F-35C Lightning II: This plane is the first and only carrier based 5th Generation Stealth fighter. The plane is meant as an air superiority fighter and a plane capable of ground support. It also has a very low, almost undetectable, cross section and radar signature. Besides radar stealth measures, the F-35 incorporates infrared signature and visual signature reduction measures. With the addition of a 5th generation stealth fighter, this gives the US military and Navy, the opportunity to do more damage and to have true air superiority over all other aircraft carrier based planes and land based planes. The US, in the event of a war, can now bring 5th gen fighters to the battle without the need of the Air Force against other 4th gen fighters, or possibly the few Chinese or Russian 5th gen fighters.Furthermore, the US have some of the best destroyers on the planet. With the highly acclaimed Arleigh-Burke Class Destroyer, and the brand new, low production Zumwalt Class Destroyer. The US has the most destroyers in the world with about double the next country, with another 4 undergoing sea trials and we are currently building 5 more and have awarded contracts for 5 more. By 2024 the US is expected to have 79 destroyers in service.Zumwalt Destroyer- The Zumwalt class warships are the largest destroyer ever built. The USS Zumwalt has unusual hull design optimized for wave piercing. There is a composite deckhouse. Angular shape minimizes its radar signature. The ship has hidden radar and sensors. The despite its size the USS Zumwalt has a radar signature of a fishing boat. Also it has reduced sound and infrared signature what makes this ship harder to detect. The ship is the First american surface warship to integrate electronic propulsion, it generates enough power to light up a small city. Sound levels of the Zumwalt are comparable with Los Angeles class submarines.Arleigh-Burke Destroyer- These guided missile destroyers entered service with the US Navy in 1991 were the first large US Navy vessel designed to incorporate stealth shaping techniques to reduce radar cross-section. Also these are one of the biggest destroyers in the world that incorporate highly advanced weaponry and systems. Hull profile of the Arleight Burke class signNowly improves seakeeping, permitting high speeds to be maintained in difficult sea states. The AN/SPY-1D phased array radar incorporates signNow advances in the detection capabilities of the AEGIS weapons system, particularly in its resistance to enemy electronic countermeasures. Missile are stored in vertical launch systems, that can also house smaller Evolved Sea Sparrow (ESSM) missiles, Tomahawk land attack cruise missiles, ASROC anti-submarine missiles. For point defense the ships are equipped with two Phalanx Close-In Weapon Systems (CIWS). Also there are 324 mm launchers for Mk.46 or Mk.50 torpedoes.Daily dose of freedom right here.Obviously, we can’t forget about the immaculate US submarine fleet. The US has some of the most advanced and quietest submarines. All of them use nuclear propulsion for extended range and stealth capabilities. The US has the…Ohio class (18 in commission) – 14 ballistic missile submarines (SSBNs), 4 guided missile submarines (SSGNs)- The U.S. Ohio-class submarines, of which 14 are Trident II SSBN, each capable of carrying 24 SLBMs. The first four which were all equipped with the older Trident I missiles have been converted to SSGN's each capable of carrying 154 Tomahawk guided missiles and have been further equipped to support Special OperationsSeawolf class (3 in commission) – attack submarines- The Seawolf class boats were intended to seek and destroy the latest Soviet ballistic missile submarines, such as the Typhoon class and attack submarines such as the Akula class. Seawolf class submarines are arguably the quietest submarines in the world ever constructed. It is exceptionally quiet even at high speeds. Most submarines need to keep their speed down to as little as 5 knots to avoid detection by passive sonar arrays, while the Seawolf class are credited with being able to cruise at 20 kots and still be impossible to locate. A Seawolf at 25 knots makes less noise than an older Los Angeles class submarine tied up alongside the pier. And these came out in 1989.Virginia class (11 in commission, 5 under construction, 2 on order) – fast attack submarines- The Virginia class submarines incorporate newly designed anechoic coating, isolated deck structures and new design of propulsor to achieve low acoustic signature. It is claimed that noise level of the Virginia is equal to that of the Seawolf class. The Virginia class submarines are fitted with 12 vertical launch system (VLS) tubes. These are used to launched Tomahawk land attack cruise missiles with a range of 1 700 km. Also there are four 533-mm torpedo tubes. These are used to fire a total of 26 Mk.48 heavyweight torpedoes and Sub-Harpoon anti-ship missiles. It is the first US submarine to employ a built-in Navy SEAL staging area allowing a team of 9 men to enter and leave the submarine.(Improved) Los Angeles class (34 in commission, 2 in reserve) – attack submarines- The Improved submarines are much quieter. It is described that improved Los Angeles class boats are 7 times quieter than the original Los Angeles class boats. The class features a very potent weapon array, including Mk.48 torpedoes, Sub-Harpoon anti-ship missiles and Tomahawk land attack cruise missiles. Tomahawk missiles can be launched from torpedo tubes of from dedicated vertical launching systems. These boats can operate under ice where the Russian ballistic missile submarines tend to hide.Surfacing of a US Submarine.Let’s move onto the air. While the USN has a quite capable Air Force. But that is dwarfed by the sheer magnitude and strength of the United States Air Force. The Air Force articulates its core missions as air and space superiority, global integrated ISR, rapid global mobility, global strike, and command and control. The USAF flys a multitude of different planes and helicopters. The USAF is the largest Air Force in the world, here is the list of what America flys. Most of these are at the cutting edge of innovation, with two of them being 5th generation stealth fighters. That’s really really good because no other country has an active 5th gen while the US has 2. The USAF also has the largest bomber, tanker, fighter, and transport fleets in the world. The USAF has so many staging areas around the world, that the US can have bombers or any other planes on station, anywhere around the world in a matter of hours.Attack: A-10, AC-130, MQ-1, MQ-9Bomber: B-1B, B-2, B-52HElectronic warfare: E-3, E-8, EC-130Fighter: F-15C, F-15E, F-16, F-22 (5th gen), F-35A (5th gen)Helicopter: HH-60, UH-1NReconnaissance: MC-12, RC-135, RQ-4, RQ-170, U-2, U-28Trainer: T-1, T-6, T-38, T-41, T-51, T-53, TG-16Transport: C-5, C-12, C-17, C-21, C-32, C-37, C-130, C-40, CV-22, VC-25Tanker: KC-10, KC-135Let’s look at the two of my favorite ones and the most technologically advanced planes in the world.F-22 RaptorThe F-22 Raptor air superiority fighter is almost invisible to radars. This aircraft carries a powerful array of weaponry. It is the most advanced and most expensive production fighter aircraft to date. Many of sensors and avionics of this plane remain classified. Engines of the raptor allow the aircraft to supercruise over long ranges, while thrust-vectoring nozzles, combined with a triplex fly-by-wire flight control system, make it exceptionally maneuverable. The highly integrated avionics systems also include a data-link, inertial navigation system with embedded GPS for high-accuracy navigation, and advanced electronic warfare, warning and countermeasures systems. Two central computers manage the automatic switching of the sensors between completely passive and wholly active operation, according to the tactical situation. Artificial intelligence algorithms fuse data from the sensors and present only relevant information to the pilot to reduce workload while at the same time improving tactical awareness. The datalink allows tactical information to be shared with other F-22s. The tech is so special that other countries, not even NATO allies are given the chance to procure the plane.B-2 SpiritThe B-2A Spirit is the silver bullet of US policy, reserved for use against targets of the highest priority. The B-2's stealth characteristics enable the undetected penetration of sophisticated anti-aircraft defenses and to attack even heavily defended targets. This stealth comes from a combination of reduced acoustic, infrared, visual and radar signatures (multi-spectral camouflage) to evade the various detection systems that could be used to detect and be used to direct attacks against an aircraft. Composites are extensively used to provide a radar-absorbent honeycomb structure; the bomber has a minimal IR signature, does not contrail and uses its shielded APQ-181 radar only momentarily to identify a target just before attacking. The onboard DMS is capable of automatically assessing the detection capabilities of identified threats and indicated targets. The DMS will be upgraded by 2021 to detect radar emissions from air defenses to allow changes to the auto-router's mission planning information while in-flight so it can receive new data quickly to plan a route that minimizes exposure to dangers. Also, most of the B-2s are stationed in Missouri, and they are capable of bombing any target in the world despite being in the heart of America.Now for the US ARMYThe US army it self is massive in numbers, coming in at 1.01 million personnel, it self is one of the biggest standing armies in the world, and that's just one branch of the US military. Also, in the US military, it is the largest branch out of them all surpassing any other branch by almost 600,000 personnel. They provide the bulk of security for the US's foreign interests. The mission of the U.S. Army is to fight and win our Nation's wars, by providing prompt, sustained, land dominance, across the full range of military operations and the spectrum of conflict, in support of combatant commanders. Which is mainly air domination and land domination. They mainly engage is conventional warfare, and asymmetrical warfare. The US Army's main responsibilities is preserving the peace and security and providing for the defense of the United States, the Commonwealths and possessions and any areas occupied by the United States, Supporting the national policies, Implementing the national objectives, Overcoming any nations responsible for aggressive acts that imperil the peace and security of the United States. The US Army is also home to some of the most dangerous, prestigious and hardest working special forces teams in the world such as the frontline special force, the Rangers, we also have the green berets and the iconic 1st Special Forces Operational Detachment-Delta (Airborne) also known as Delta Force. The US army is thought to be one of the most battle tested and battle proven militaries in the world. With the mobility of the USAF an army QRF can be anywhere on earth in less than 24 hours. The US ARMY uses the M1A2 Abrams tank. One of the most badass, heaviest, fastest, and battle hardened tanks in the world.This tank has incredible technology and armor. Also it has seen combat. It is one of the most feared MBTs. The M1A2 offers signNow protection against all well-known anti-tank weapons. This main battle tank uses advanced armor, reinforced with depleted uranium layers. The M1A2 has signNow level of protection against all known anti-tank weapons. It can also employ counter-IED equipment. The tank is armed with the same 120-mm M256 smoothbore gun as its predecessor. Range of effective fire is in excess of 4 km. This main battle tank is powered by a Honeywell AGT1500 gas turbine engine, developing 1 500 hp. The tank is one of the fastest in the world, clocking in (with no governor) at 60 mph while being THE heaviest tank in the world. As of April of 2018, the US has no combat losses with the Abrams, the Abrams has only been lost due to friendly fire, never to enemy fire.I don’t think I need to explain the marines. Just know that they use the same tech as the Army (with some exceptions) but they are also the main invasion force for the US. And they are badass.The US military signNow is massive with the Aircraft carriers and the 700+ military bases around the world. The US is truly the most powerful military in the world. The fact that they can have a men anywhere in the world in less than 24 hours and being able to bomb any place on earth, just proves how powerful the US military is.

Have you ever felt that something(like taking backup of files, deleting old files etc.) should automatically happen when you connect your pen-drive to your system?Let us take an example, Suppose your teacher wants you to copy your assignments into his pendrive in front of him. The pen drive contains your final examination paper. You want your ubuntu system to automatically copy all the data from that pen drive to your hard disk automatically in the background (without even opening a copy dialogue). Here is how to do it on ubuntu:1] First let us write a simple shell script which we want to execute whenever a pen drive is connected to our system. Let us write a simple script which copies all data from the connected device to your home directory.First open a new fileemacs $HOME/script.shand add following lines to that file.#!/bin/bash sudo mkdir -p /tmp/test sudo mkdir -p $HOME/device_data sudo mount /dev/sdb1 /tmp/test sudo cp -r /tmp/test/* $HOME/device_data/ sudo umount /tmp/test Save and close the file.This script essentially creates a new directory named "device_data" inside your home folder and copies all the data from the pen drive into device_data directory.(Note: You can write ANYHTING into this script, so use it wisely :P)Now let us make this script executable.sudo chmod +x $HOME/script.sh As this script needs sudo permissions, we need to make it sudo runnable. To do this add the name of the script into sudoers file.Open sudoers file.sudo visudo -f /etc/sudoers Now after the 25th line (%sudo…) add this line ALL=(ALL) NOPASSWD: /home//script.sh So now this script will run with sudo rights but will not ask for password! :)2]Now we need to tell our system to follow OUR rules (i.e execute our script) whenever a pendrive is connected. For this we need to create our own "udev rules" file. This file should be created in '/etc/udev/rules.d' directory.cd /etc/udev/rules.d Open a new file (with sudo rights):sudo emacs 91-myrules.rules Make sure the file name starts with "91". This gives your rules priority over other rules.Now add these lines into that fileACTION=="add", ATTRS{idVendor}=="****", ATTRS{idProduct}=="****", RUN+="/paht/to/your/script.sh" Make sure you enter proper path into RUN variable.Done!!Now plug any pendrive into your system and test this!Note: 1] When you connect your external drive this script will be run and your system won’t be able to use it unless this script execution is complete! So have some patience! :p 2] This answer is written for educational purposes only! Do not misuse it.Thanks Mehak Sharma for promoting the answer!

Seeing this message ? Don’t despair, you are among more than 200,000 computers in 150 countries which have been affected.(Know more at: WannaCry ransomware: Everything you need to know, Why the WannaCry cyber attack is so bad, and so avoidable - Video)Although, it was initially reported that the impact on India will be HUGE. It is now being reported that the impact will be MINIMAL/ Sporadic.(Ref: WannaCry ransomware cyberattack fails to paralyse India; some businesses hit - Times of India)But, the caveat is that the impact may go under reported. Experts say that the rampant use of pirated software in India may leave Indian companies unable to report if they have been affected by the Wanna Cry cyber attack.(Ref: WannaCry ransomwares impact in India may go under-reported due to rampant use of pirate software)So yes, It may do more good than harm. We do hope that this attack will instigate the people and the gov of India to take major steps against internet piracy and to implement advanced computer networks and security measures. But it is up to each and every user and network administrator, to secure their own systems.It is incorrect to say that India was most affected because it is least protected. In fact, the impact was much lesser than expected. The government too tried to dispel rumors about banking telecom or aviation being hit by the outbreak. "There is no major impact in India unlike other countries. We are keeping a close watch. There have been isolated incidents in Kerala and Andhra Pradesh," Union information and technology minister Ravi Shankar Prasad said.Prasad said a Cyber Coordination Centre will start operating from next month to take precautions against such attacks in future. Besides, the cyber security arm of the Centre has asked banks, stock exchanges, and other vital institutions to safeguard their systems against the malware.The IT ministry has also signNowed out to agencies such as the RBI, NPCI and UIDAI, to warn them about the risks associated with WannaCry, and help to secure their systems, in order to make sure that digital payments in India are not affected.The Reserve Bank of India has notified all banks to operate their ATMs only after updating software systems to avoid being infected by ransomware. Automated teller machines are vulnerable to such malware attacks as they currently run on an older version of Microsoft's Windows XP, making the update highly necessary.There are a total of 2.2 lakh ATMs in India, of which many old ones run on Windows XP, for which Microsoft has officially ended support in 2014.IMPORTANT: If your PC has been infected, the following information will be of help:- (Source: Cyber Swachhta Kendra: Wannacry/ WannaCrypt Ransomware)The WannaCry ransom ware is writing itself into a random character folder in the 'ProgramData' folder with the file name of "tasksche.exe" or in 'C:\Windows\' folder with the file-name "mssecsvc.exe" and "tasksche.exe".Ransomware is granting full access to all files by using the command:Icacls . /grant Everyone:F /T /C /QUsing a batch script for operations:176641494574290.bathashes for WANNACRY ransomware:5bef35496fcbdbe841c82f4d1ab8b7c2775a0631fb8229b2aa3d7621427085ad7bf2b57f2a205768755c07f238fb32cc7f7ccaa16fb15eb1c7399d422f8363e88495400f199ac77853c53b5a3f278f3e84c82835a5d21bbcf75a61706d8ab54986721e64ffbd69aa6944b9672bcabb6d8dd63adb68ef053e044a5a2f46e0d2cdb0ad5902366f860f85b892867e5b1e87d6114ba5f10ad67a4131ab72531f02dadb349b97c37d22f5ea1d1841e3c89eb4e372d07207b4da75b3434584cd9f3450f529f4556a5126bba499c26d67892240Use endpoint protection/antivirus solutions to detect these files and remove the sameUsers and administrators are advised to take the following preventive measures to protect their computer networks from ransomware infection/ attacks:In order to prevent infection users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010Microsoft Patch for Unsupported Versions such as Windows XP,Vista,Server 2003, Server 2008 etc. http://www.catalog.update.micros...To prevent data loss Users & Organisations are advised to take backup of Critical DataBlock SMB ports on Enterprise Edge/perimeter network devices [UDP 137, 138 and TCP 139, 445] or Disable SMBv1. https://support.microsoft.com/en...Apply following signatures/rules at IDS/IPSalert tcp $HOME_NET 445 -> any any (msg:"ET EXPLOIT Possible ETERNALBLUE MS17-010 Echo Response"; flow:from_server,established; content:"|00 00 00 31 ff|SMB|2b 00 00 00 00 98 07 c0|"; depth:16; fast_pattern; content:"|4a 6c 4a 6d 49 68 43 6c 42 73 72 00|"; distance:0; flowbits:isset,ETPRO.ETERNALBLUE; classtype:trojan-activity; sid:2024218; rev:2;)(http://docs.emergingthreats.net/bin/view/Main/2024218)alert smb any any -> $HOME_NET any (msg:"ET EXPLOIT Possible ETERNALBLUE MS17-010 Echo Request (set)"; flow:to_server,established; content:"|00 00 00 31 ff|SMB|2b 00 00 00 00 18 07 c0|"; depth:16; fast_pattern; content:"|4a 6c 4a 6d 49 68 43 6c 42 73 72 00|"; distance:0; flowbits:set,ETPRO.ETERNALBLUE; flowbits:noalert; classtype:trojan-activity; sid:2024220; rev:1;)alert smb $HOME_NET any -> any any (msg:"ET EXPLOIT Possible ETERNALBLUE MS17-010 Echo Response"; flow:from_server,established; content:"|00 00 00 31 ff|SMB|2b 00 00 00 00 98 07 c0|"; depth:16; fast_pattern; content:"|4a 6c 4a 6d 49 68 43 6c 42 73 72 00|"; distance:0; flowbits:isset,ETPRO.ETERNALBLUE; classtype:trojan-activity; sid:2024218; rev:1;)Yara:rule wannacry_1 : ransom{meta:author = "Joshua Cannell"description = "WannaCry Ransomware strings"weight = 100date = "2017-05-12"Strings:$s1 = "Ooops, your files have been encrypted!" wide ascii nocase$s2 = "Wanna Decryptor" wide ascii nocase$s3 = ".wcry" wide ascii nocase$s4 = "WANNACRY" wide ascii nocase$s5 = "WANACRY!" wide ascii nocase$s7 = "icacls . /grant Everyone:F /T /C /Q" wide ascii nocaseCondition:any of them}rule wannacry_2{meta:author = "Harold Ogden"description = "WannaCry Ransomware Strings"date = "2017-05-12"weight = 100strings:$string1 = "msg/m_bulgarian.wnry"$string2 = "msg/m_chinese (simplified).wnry"$string3 = "msg/m_chinese (traditional).wnry"$string4 = "msg/m_croatian.wnry"$string5 = "msg/m_czech.wnry"$string6 = "msg/m_danish.wnry"$string7 = "msg/m_dutch.wnry"$string8 = "msg/m_english.wnry"$string9 = "msg/m_filipino.wnry"$string10 = "msg/m_finnish.wnry"$string11 = "msg/m_french.wnry"$string12 = "msg/m_german.wnry"$string13 = "msg/m_greek.wnry"$string14 = "msg/m_indonesian.wnry"$string15 = "msg/m_italian.wnry"$string16 = "msg/m_japanese.wnry"$string17 = "msg/m_korean.wnry"$string18 = "msg/m_latvian.wnry"$string19 = "msg/m_norwegian.wnry"$string20 = "msg/m_polish.wnry"$string21 = "msg/m_portuguese.wnry"$string22 = "msg/m_romanian.wnry"$string23 = "msg/m_russian.wnry"$string24 = "msg/m_slovak.wnry"$string25 = "msg/m_spanish.wnry"$string26 = "msg/m_swedish.wnry"$string27 = "msg/m_turkish.wnry"$string28 = "msg/m_vietnamese.wnry"condition:any of ($string*)}Best practices to prevent ransomware attacks:Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.Establish a Sender Policy Framework (SPF),Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) for your domain, which is an email validation system designed to prevent spam by detecting email spoofing by which most of the ransomware samples successfully signNowes the corporate email boxes.Don't open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organization's website directly through browserRestrict execution of powershell /WSCRIPT in enterprise environment Ensure installation and use of the latest version (currently v5.0) of PowerShell, with enhanced logging enabled. script block logging, and transcription enabled. Send the associated logs to a centralized log repository for monitoring and analysis.Application whitelisting/Strict implementation of Software Restriction Policies (SRP) to block binaries running from %APPDATA%, %PROGRAMDATA% and %TEMP% paths. Ransomware sample drops and executes generally from these locations. Enforce application whitelisting on all endpoint workstations.Deploy web and email filters on the network. Configure these devices to scan for known bad domains, sources, and addresses; block these before receiving and downloading messages. Scan all emails, attachments, and downloads both on the host and at the mail gateway with a reputable antivirus solution.Disable macros in Microsoft Office products. Some Office products allow for the disabling of macros that originate from outside of an organization and can provide a hybrid approach when the organization depends on the legitimate use of macros. For Windows, specific settings can block macros originating from the Internet from running.Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.Maintain updated Antivirus software on all systemsConsider installing Enhanced Mitigation Experience Toolkit, or similar host-level anti-exploitation tools.Block the attachments of file types, exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsfRegularly check the contents of backup files of databases for any unauthorized encrypted contents of data records or external elements, (backdoors /malicious scripts.)Keep the operating system third party applications (MS office, browsers, browser Plugins) up-to-date with the latest patches.Follow safe practices when browsing the web. Ensure the web browsers are secured enough with appropriate content controls.Network segmentation and segregation into security zones - help protect sensitive information and critical services. Separate administrative network from business processes with physical controls and Virtual Local Area Networks.Disable remote Desktop Connections, employ least-privileged accounts.Ensure integrity of the codes /scripts being used in database, authentication and sensitive systems, Check regularly for the integrity of the information stored in the databases.Restrict users' abilities (permissions) to install and run unwanted software applications.Enable personal firewalls on workstations.Implement strict External Device (USB drive) usage policy.Employ data-at-rest and data-in-transit encryption.Carry out vulnerability Assessment and Penetration Testing (VAPT) and information security audit of critical networks/systems, especially database servers from CERT-IN empaneled auditors. Repeat audits at regular intervals.Individuals or organizations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and Law Enforcement agenciesGeneric Prevention Tools:Tool (NoMoreCry) to prevent Wannacry Ransomware by CCN-CERT:https://loreto.ccn-cert.cni.es/i...Sophos: http://Hitman.Prohttps://www.hitmanpro.com/en-us/...Bitdefender Anti-Crypto Vaccine and Anti-Ransomware (discontinued) https://labs.bitdefender.com/2016/03/combination-crypto-ransomware-vaccine-released/Malwarebytes Anti-Ransomware(formally Crypto Monitor)https://blog.malwarebytes.com/malwarebytes-news/2016/01/introducing-the-malwarebytes-anti-ransomware-beta/Trendmicro Ransomware Screen Unlocker tool:https://esupport.trendmicro.com/...Microsoft Enhanced mitigation and experience toolkit(EMET)https://www.microsoft.com/en-us/...Referenceshttps://technet.microsoft.com/li...http://www.catalog.update.micros...https://blogs.technet.microsoft....https://www.symantec.com/connect...https://securelist.com/blog/inci...https://securingtomorrow.mcafee....https://www.us-cert.gov/ncas/cur...http://blog.talosintelligence.co...https://www.trendmicro.com/vinfo...https://www.us-cert.gov/ncas/ale...http://blogs.quickheal.com/ms17-...http://blogs.quickheal.com/wanna...Wannacry/WannaCrypt Ransomware Presentation of CERT-In(PS: Thanks for reading/ upvotes. I write more here:- Jay Maan)

Hello concerned user, You are worried about a suspicion that a spyware or keylogger might be installed on your computer? If yes… I would like to educate you more about spyware/keyloggers, what to look for and how to totally get rid of them. For this, I would use the Blazing tools perfect keylogger as a detailed example for you to really understand how spywares work;The Blazing Tools Perfect Keylogger has been chosen for analysis because it has been found hidden in so many Trojans on the Internet and it’s be taught extensively how to get it out totally out of a computer permanently at Rehabculture Hack store. It's a good example of a common hook-type keylogger, although Blazing Tools markets its products to IT administrators and parents, the presence of their keylogger in many Trojans illustrates how people can package legal code and use it for malicious activities. The following features of the "Perfect Keylogger" are of use to anyone trying to spy on an unsuspecting user:Stealth Mode. In this mode no icon is present in the taskbar and the keylogger is virtually hidden.Remote Installation. The keylogger has a feature whereby it can attach to other programs and can be sent by e-mail to install on the remote PC in stealth mode. It will then send keystrokes, screenshots and websites visited to the attacker by e-mail or via FTP.Smart Rename. This feature allows a user to rename all keylogger's executable files and registry entries.This keylogger was installed on a test PC to show you how it works and what to look out for. The following capture, with the help of a tool such as SNAPPER, shows the changes in the files after installing the keylogger, as shown below in Figure 1.Figure 1. File changes made by the Perfect Keylogger.With the help of a free anti-spyware application such as Microsoft Antispyware, the registry entries made by the keylogger as well as its DLLs and EXEs can be seen below in Figure 2.Figure 2. Registry entries, .dll files and .exe files of Keylogger.The keylogger also runs as a background process which can be seen with the help of a tool such as SysInternals' Process Explorer, as shown below in Figure 3.Figure 3. Spyware process running in the background.This same keylogger was next installed on a different test PC through another program's installer and then configured to send keystrokes captured in an email to a test email-id. Ironically, the program used for this example was Spybot Search & Destroy, a legitimate freeware tool that does a good job of detecting spyware. This is a good example of how other legitimate applications can also be used to install spyware, unbeknownst to the reader.The procedure as described above is the Remote Installation feature. The information sent by email was then captured with the help of a network sniffer. For ease-of-use, Ethereal and the corresponding TCP stream is shown below in Figure 4 and Figure 5.Figure 4. Ethereal captures the keylogger's outgoing email.Figure 5. TCP stream of Ethereal capture.Since the content of this email is base64 encoded, the actual output can be seen only after decoding it with a base64 decoder. After passing the output through a base64 decoder, the part of the output of significance is shown as follows:Tuesday, 23 JanuaryIexplore.exe, 10:42 AMPaladion Networks: The Internet Security Architects - Microsoft Internet Explorerahmed_mobarak_1986eg@hotmail.com|alexander    [PASSWORD CAPTURED: alexander]It can be seen that the email-id (ahmed_mobarak_1986eg) and the password (alexander) are captured. Similarly, the keylogger can be used to capture all types of passwords including passwords used for proxies, email accounts, and online banking applications. It can also capture programming code typed by a developer, instant messaging text, and the URLs of websites visited by the user.New approaches:With the market being inundated with new anti-spyware products, spyware creators have now resorted to unorthodox methods of sustenance. One such example is the nasty ability of the spyware code to keep reinstalling itself. Although anti-spyware applications can remove the spyware's registry entry from one location, most of them are found lacking in cleaning hidden registry entries that try to have the software reinstalled on boot. Another approach is to make the spyware application load into memory very early in the boot process (before the Operating System loads user-level processes). In this case, when a user tries to uninstall the software with an anti-spyware application, the OS will not allow this as it tries to protect the integrity of a running program (spyware) that it doesn't control.Detection and removal:A spyware application is inherently very different in behavior and operation from a traditional virus or a worm, and therefore to most antivirus software, it may appear as a legitimate program. The fact is, virus signatures are very different from spyware signatures. Firewalls also are ineffective in dealing with them as spyware is either piggybacked with legitimate applications, hidden in a regular image file, or can occur as normal port 80 web traffic.Therefore, the essence of any spyware prevention exercise is first to ensure the operating system is fully patched to known vulnerabilities. The best prevention, aside from switching to less vulnerable operating systems like Mac OS X and Linux, is to educate users that it is not safe to click on anything and everything found on the Web, and they must also install only what is needed. Freebies on the Internet, ones which are often typically advertised in pop-up banners, must be totally abstained from. Other methods of avoiding spyware are to ensure the browser used is configured securely, and to have at least one good spyware detection and removal tool installed. Microsoft Antispyware, Ad-Aware, PestPatrol, and Spy Sweeper are some of the free tools that help in detecting and removing spyware.Please note that spyware is largely, but not exclusively, a problem with Microsoft's Internet Explorer. The user of more modern, feature-rich browsers such as Mozilla Firefox can virtually eliminate the spyware problem altogether. However, it is still the case that some websites are coded to only work with IE, and therefore switching to Firefox may not be a solution for 100% of a user's web surfing needs.Ultimately, the only protection and removal of these spywares/keyloggers is to get a computer security engineer to scan and get rid of these malwares permanently. You can get one at Rehabculture Hack store, because that was where we were taught how to detect and upgrade our system against all trojan horse worms and virus. Be informed, as “Information is power”…

Let's not take all the bogus “Low Indian self-esteem” answers/opinion here at face value. Let's talk about TECHNOLOGY!Design: The Tejas is an Unstable design with Relaxed static stability(RSS). Unstable design with RSS is more agile and maneuverable than conventional 4th generation “stable designs”. In simpler words, an unstable 2 wheeler bike will have better turn rates and agility than a stable 4 wheeler. I believe Tejas is the most unstable fighter in the IAF.2. Flight Controls: Unstable designs need a power Flight control system to maintain artificial stability in the air. In this regard, Tejas has the most advanced Flight control system in the world:- A Quadruplex (4 channel) Digital Fly by Wire system. The Su-30MKI is the only other fighter in the IAF with comparable Fly By Wire system. Mirage2000 has a very basic 2 channel Fly By Wire system, while the remaining fighters in the IAF still have mechanical controls and no Fly by Wire system.3. Aircraft Make: Tejas is a World beater in this category. Traditionally fighters were made completely of metal. But modern 4.5th generation fighters have a lot of advanced composites over metal in the airframe. Composites are easier to maintain, makes the fighter lighter and most importantly does not reflect radar waves making the fighter stealthy. Coming to Tejas, 90% of the Airframe surface area is made of composites, the highest in the world!4. Stealth: Tejas is not only the stealthiest fighter in the IAF but also arguably the stealthiest 4.5th generation fighter in the world. Its radar signature is estimated to be just 1/3rd of a Mirage2000. Apart from the use of composites and its small size a Y-duct inlet which shields the engine compressor face from probing radar waves, and the application of radar-absorbent material (RAM) coatings are intended to minimize its susceptibility to detection and tracking.5. Cockpit and avionics: The Tejas has a Glass cockpit with 100% Digital controls., unlike Mirage2000/Mig 29, etc which traditionally have a lot of analog systems controls in the cockpit. The biggest stamp of approval about the avionics are from the pilots themselves“"Tejas is best in its class with excellent onboard systems and avionics," said the ace pilot hailing from Srirangam in Tamil Nadu. He said the avionics in Tejas is leagues ahead when compared to other contemporary aircraft of its kind in the world. “Read more at https://www.oneindia.com/india/t...6. Talking Fighter? : Some of the most advanced software have gone into developing the Tejas making it an intelligent “talking machine”. The Tejas is highly responsive to the pilot’s inputs giving him all the information he needs to have access to. It tells you what all it is capable of and what it cannot do. The aircraft also tells you what is wrong with it. As an engineer, you need not to break your head to diagnose technical issues as it also pinpoints any issues during maintenance.‘Intelligent’ Tejas does the ‘talking’; pilots & engineers are not complaining7. Thrust to Weight Ratio: Tejas has a TW ratio of 0.96(100% fuel), which is the best in its class among all Light Combat Fighters in the world.Conclusion: To be fair, Tejas is one of the most advanced platforms in the world as of today. Its Design, Flight controls, Composite usage, Software, Avionics, and all other Core technologies are comparable to the Best in the World. Its wide range of Weapons package is also impressive! While Mig 29, Mirage2000, Jaguars start to get obsolete 12–15 years down the line..it will be the Su-30MKI and Tejas that will form the backbone of the IAF.Debunking some misconceptions about this brilliant fighter though :Tejas is overweight: No, Tejas is the Lightest 4.5th generation fighter in the world. Asking for anything lighter is living in unrealistic fantasy land.Weak Thrust to Weight Ratio: As mentioned before, the Tejas has a TW ratio of 0.96, best in its class. Offcourse its always better to have a higher TW ratio and the Tejas mk2 would possibly have a TW ratio of over 1.00, but 0.96 is from no angle “weak. Its better than Mirage2000, JF-17, Jas Gripen, FA-50, Jaguars to name some.Most of the parts are imported: False. Most of the parts are Indian. In terms of numbers, 25% of the components are imported. In terms of value, it is 40%.The third line of Defence: That's a bogus thing that keeps repeating.Su-30MKI is the first line..Mirage2000 second line..Tejas 3rd line bullshit. There is no such concept in the IAF. Though most fighters in the IAF are Multi-role, they excel at certain roles which are then appointed to them.High maintenance: Absolutely not. Its one of the easiest to maintain owing to the fact its single engine, Light, has a composite aircraft and advanced software to point out the issues.Low Range and Payload: Its Range and Payload is proportional to its Weight. You cannot expect a Horse to carry as much weight as an Elephant. In fact, I would say Tejas packs more than its Weight. Being just 6.5 tons, it can carry another almost 6 tons of Internal fuel + External payloads.And Finally to conclude-Overall How does Tejas compare to Migs and Mirages in the IAF? :To a specific query on how best was Tejas when compared to the MiGs and Mirages, Ranga said: "Generation ahead of Mirage, MiG. You can't compare apples with oranges."Read more at https://www.oneindia.com/india/t...Why is Tejas generation ahead of Migs and Mirages is explained in the first 7 points?

There are actually Three things you can do after you ‘earn’ your Bachelor degree in Physics :Continue your studiesGet a Job , orGive a JobAllow me to explain each in detail -Continue your studies :-> Here you have several Options:a) Pursue Masters from IIT by cracking IITJAM or from any other university on Physics and earn a PHd later on. You can also do Integrated PHd by applying and getting a good rank in JEST , TIFR , IISER etc.b) Pursue your Masters from any IIT (or from any other University) and then pursue MTech by cracking GATE. After MTech you can get placed in some PSUs or some reputed MNCs. Many prefer higher studies though (like PHd after Mtech). (P.S - IIT Kharagpur provides Integrated Mtech-PHd for Computer Science and Data Analytics after qualifying in GATE)c) Give an entrance test conducted by few universities for Btech and get into some good Engineering Colleges. (Ex : Jadavpur University in Kolkata conducts an entrance test for students of BSc(Hons) Physics. Qualified Candidates enter into 2nd year of BTech. Likewise Calcutta University provides Btech in Radiophysics.)d) Do Bachelors in Education(BEd) for a Teaching Job.e) MSc on other subjects like Biophysics, RadioPhysics, Geophysics, Instrumentation etc. Ex - MScTech in Geophysics from ISM Dhanbad (Note : the degree mention MScTech not MTech; Both are different).f) Other Masters programme in other disciplines if you want to do it like MCA, MBA, MA, LLB etc. (Being interested in Defence Services, personally I would have preferred Masters from Institute of Defence Studies in Pune and PHd later on— a path very few know or like to tread .)g) If you have a Gap in years after your BSc Physics and possess the thought that you will be unable to share the class with the younger generation, feel free to pursue distance learning through IGNOU. You can pursue your masters on other subjects via IGNOU or sit for an entrance examination for MSc. Physics (distance learning) which by the way IGNOU conducts in collaboration with Indian Institute of Astrophysics (forms available in the month of september).h) You can also pursue higher studies from Foreign universities. Of course you have to crack the competitive exams related for that purpose.2. Get a Job :→ You can Apply for Various entrance examinations for Banks(RBI Grade B, SBI PO, IBPS etc), Railways( ASM, Goods Guard, JE, RPF SI etc) , PSUs or State Units(AAI ATC, Electricity Executives, Forest Guard etc), Armed Forces(AFCAT, CDSE, Coast Guard(only interview) ), Civil Services(UPSC CSE, State CSE, IFoS) and Central/State Police Services( SSC CAPF, UPSC CAPF, SSC CGL etc). Crack these Examinations and earn a respectable service with the Central or State Governments or Banking Sector or PSUs.(PS : If you have completed MSc Physics then you can apply in Indian Navy as an Officer or else not. Indian Navy does not recruit candidates having just BSc in Physics. You either should have BTech or do MSc Physics- the condition valid even in UPSC CDSE recruitment)→ If you want a job in your core field(subject), there are exams like ISRO Scientific Assistant, SSC IMD Scientific Assistant, BHAVINI Scientific Assistant, NCPOR Scientific Assistant(which do not conduct any exam but only Personal Interview), NPCIL Scientific Assistant etc. which too are Govt Organisations that requires Bachelor’s in Physics as a qualification.(PS- If you complete MSc in Physics however you can apply for a relatively higher position in similar organisations for the post of Scientific Officer - Some institutes like BARC donot recruit candidates having a degree less than that of MSc.)You know the craze for Government Jobs, Don’t you? Some Jobs are indeed Earned. :)→ However You can always find a Job in the Corporate Sector. Ex: TCS, WIPRO etc.So, All the very Best if getting a Job is your sole Aim.P.S - Build and Develop Skills via sites(also Android App) like Udemy, Coursera, edX, Skillshare, Codecademy etc. Trust me sometimes recruiters will be much interested if they learn that you have invested some quality time in having knowledge which can give you an edge over other candidates. Also makes your Resume look quite attractive. Moreover guess what, most courses are totally free of Cost. After Completing the Course if you wish to have the valid Certificate with a signature and stamp from reputed universities, you can pay them a certain fee. Totally ok if you dont pay as those digital certificates will not hold much value over regular courses;but do keep in mind the skill you learn can make you top notch over others.Personally I prefer to pay as a token of appreciation. Doesn’t seem much(approx 3k INR & sometimes even only 600 INR) if you consider the fact that the knowledge you receive is immense and magnificent.3. Give a Job :→ Well you know what I am going to say. The Word that became the centre of attention lately in India- ‘Entrepreneurship’.Take risks, try out new ways, give people a source of Income, earn Fortunes and build your own Empire. And the thing is you don’t even need a Bsc or Physics to be a great entrepreneur. You don’t need to work for anyone, You can always work for yourself.But yes to be brutally honest- as lovely as the situation might seem- you will most likely Fail in this venture. Dont get me wrong but what I am saying here is the ‘Reality’. However I haven’t seen or met Entrepreneurs who didnot fail and yet achieved big.Who knows You might become the next Zuckerburg or the next Elon Musk - which by the way if you dont know, Mr. Musk has done his Bachelors in Physics. ;)These are the three things which I feel you can do. The Interest and the Will rests on you and you alone. I hope I was able to remove all your doubts. Still if you have one, feel free to comment.By the way, Upvotes are Welcome. Thank you for the 177 upvotes. Means a lot.All the Best for your future.(>_<) ♡Edit- Thank you Quorans for my first 500 upvotes.

Yes , it is mandatory to report your foreign bank accounts if your total balance(of all accounts) are over $10000 at any given time,It is a simple form and would not take more than 30 mins to complete. My tax consultant does this for me every year, but it’s pretty simple and you can do it yourself . If you fail to submit FBAR before deadline (Usually June 30) they may impose $10000 penalty per year delinquent.Also, if you are a US resident( i.e physically present in the U.S. during the year for 183 days or more.) it is required to open NRE account and convert your regular savings account to...