Rule 41 — FBI Gets Expanded Power to Hack any Computer in the World

Hacking multiple computers across the world just got easier for the United States intelligence and law enforcement agencies from today onwards.

The changes introduced to the Rule 41 of the Federal Rules of Criminal Procedure by the United States Department of Justice came into effect on Thursday, after an effort to block the changes failed on Wednesday.

The change grants the FBI much greater powers to hack into multiple computers within the country, and perhaps anywhere in the world, with just a single warrant authorized by any US judge (even magistrate judges). Usually, magistrate judges only issue warrants for cases within their jurisdiction.

That's the same the FBI did in its 2015 investigation into child pornography site Playpen, in which the agency hacked into some 8,700 computers across 120 different countries.

The Supreme Court approved the changes to Rule 41 in April, allowing any U.S. judge to issue search warrants that give the FBI and law enforcement agencies authority to remotely hack computers in any jurisdiction, or even outside the United States.

Democratic Senator Ron Wyden attempted three times to block changes to Rule 41 that potentially risks people using Tor, a VPN, or some other anonymizing software to hide their whereabouts, but the efforts were blocked by Republican Senator John Cornyn of Texas.

The rule change should take effect on 1st December, today, barring surprises.

On the one hand, privacy advocates and legal experts have described the rule change as the extensive expansion of extraterritorial surveillance power that will allow agencies like the FBI to carry out international hacking operations with a lot less of a hassle.

On the other hand, the DOJ argued that the changes to the rule will help investigate modern internet criminals, allowing investigators access computers whose locations are "concealed through technological means," like the Tor anonymity network or VPNs (Virtual Private Networks), and devices used in botnets that have become powerful cyber weapons.

Assistant Attorney General Leslie Caldwell highlighted these concerns in a blog post published last week, saying if a criminal suspect is using Tor or VPN to hide its real location, it becomes tough for investigators to know his/her current location.
"So in those cases, the Rules do not clearly identify which court the investigators should bring their warrant application to," Caldwell said.
But what would happen if the FBI hacks the botnet victims, rather than the perpetrators? Or what if the government abuses this power to target nation states?

In a speech, Wyden said that the changes to Rule 41 amounted to "one of the biggest mistakes in surveillance policy in years," giving federal investigators "unprecedented authority to hack into Americans' personal phones, computers, and other devices," Reuters reports.

Other critics worry that the changes to Rule 41 would give the FBI unfettered ability to hack innocent users whose electronic devices have been infected with botnet malware without their knowledge, or anyone who keeps their identities private online.

To this concern, Caldwell argued that investigators accessing the devices of botnet victims "would, typically, be done only to investigate the extent of the botnet," or in order to "obtain information necessary to liberate victims’ computers from the botnet."

Caldwell further argued that the rule change would not allow the FBI to conduct "Mass Hacking;" in fact, failing to implement the rule change "would make it more difficult for law enforcement to combat mass hacking by actual criminals."

Recommanded : Hackers Steal Millions From European ATMs Using Malware That Spit Out Cash

Cyber Attack Knocks Nearly a Million Routers Offline

Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices.

Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites.

Now, more than 900,000 broadband routers belonging to Deutsche Telekom users in Germany knocked offline over the weekend following a supposed cyber-attack, affecting the telephony, television, and internet service in the country.

The German Internet Service Provider, Deutsche Telekom, which offers various services to around 20 Million customers, confirmed on Facebook that as many as 900,000 customers suffered internet outages on Sunday and Monday.

Millions of routers are said to have vulnerable to a critical Remote code Execution flaw in routers made by Zyxel and Speedport, wherein Internet port 7547 open to receive commands based on the TR-069 and related TR-064 protocols, which are meant to use by ISPs to manage your devices remotely.

The same vulnerability affects Eir D1000 wireless routers (rebranded Zyxel Modem) deployed by Irish internet service provider Eircom, while there are no signs that these routers are actively exploited.

According to Shodan search, around 41 Million devices leave port 7547 open, while about 5 Million expose TR-064 services to the outside world.

According to an advisory published by the SANS Internet Storm Center, honeypot servers posing as vulnerable routers are receiving exploit code every 5-10 minutes for each target IP.

An intercepted packet showed how a remote code execution flaw in the <NewNTPServer> part of a SOAP request was used to download and execute a file in order to infect the vulnerable device.

Security researchers at BadCyber also analyzed one of the malicious payloads that were delivered during the attacks and discovered that the attack originated from a known Mirai's command-and-control server.
"The unusual application of TR-064 commands to execute code on routers has been described for the very first time at the beginning of November, and a few days later a relevant Metasploit module had appeared," BadCyber wrote in a blog post. "It looks like someone decided to weaponize it and create an Internet worm based on Mirai code."
It all started early October when a cyber criminal publicly released the source code of Mirai, a piece of nasty IoT malware designed to scan for insecure IoT devices – mostly routers, cameras, and DVRs – and enslaves them into a botnet network, which is then used to launch DDoS attacks.

The hacker created three separate exploit files in order to infect three different architectures: two running different types of MIPS chips and one with ARM silicon.

The malicious payloads open the remote administration interface and then attempt to log in using three different default passwords. After this is done, the exploit then closes port 7547 in order to prevent other attackers from taking control of the infected devices.

"Logins and passwords are obfuscated (or "encrypted") in the worm code using the same algorithm as does Mirai," the researchers say. "The C&C server resides under domain name, which can be found on the Mirai tracker list."

More in-depth technical details about the vulnerability can be found on ISC SansKaspersky Lab, and Reverse Engineering Blog.

Deutsche Telekom has issued an emergency patch for two models of its Speedport broadband routers – Speedport W 921V, Speedport W 723V Type B – and currently rolling out firmware updates.

The company recommends its customers to power down their routers, wait for 30 seconds and then restart their routers in an attempt to fetch the new firmware during the bootup process.

If the router fails to connect to the company's network, users are advised to disconnect their device from the network permanently.

To compensate the downtime, the ISP is also offering free Internet access through mobile devices to the affected customers until the technical problem is resolved.

Recommanded Microsoft Shares Telemetry Data Collected from Windows 10 Users with 3rd-Party

Microsoft Shares Telemetry Data Collected from Windows 10 Users with 3rd-Party

Cyber security is a major challenge in today's world, as cyber attacks have become more automated and difficult to detect, where traditional cyber security practices and systems are no longer sufficient to protect businesses, governments, and other organizations.

In past few years, Artificial Intelligence and Machine Learning had made a name for itself in the field of cyber security, helping IT and security professionals more efficiently and quickly identify risks and anticipate problems before they occur.

The good news is that if you are a Windows 10 user, Microsoft will now offer you a machine learning based threat intelligence feature via its inbuilt Windows security service, which will improve the security capabilities available on Windows 10 devices.

But, the bad news is that it is not free.

The company is offering this "differentiated intelligence" feature on its newly added service to Windows 10, dubbed Windows Defender Advanced Threat Protection (WDATP), which helps enterprises detect, investigate, and respond to advanced attacks on their networks.

This becomes possible after Microsoft recently signed a deal with FireEye that integrates the security vendor's iSIGHT Threat Intelligence into Windows Defender Advanced Threat Protection.

As part of the partnership, Microsoft will give FireEye access to all the telemetry data from every device running Windows 10, Australian website ARN reports.
"FireEye has invested in nation-state grade threat intelligence, and we are strategically partnering with industry leaders to operationalize this high-quality intel," Ken Gonzalez, FireEye's Vice President of Corporate Development, said in the official press release.
"By working with Microsoft, we’re able to offer differentiated threat intelligence within WDATP and together help make organizations more secure."
It's no secret that Windows 10 collects all sorts of usage information on users and sends them back to Microsoft, which then uses this telemetry data to help identify security issues, fix problems and improve the quality of its operating system.

This telemetry data includes information on the device running Windows 10, a list of installed apps, crash dumps, and other statistics from devices powered by its latest operating system.

However, this Microsoft's data mining capability also raised some privacy concerns among Windows users.

This newly-signed deal with FireEye is the first time that Microsoft has publicly agreed to share telemetry data of Windows 10 users with a third-party, which is definitely worrying for many users.

At this moment, the official press release says nothing about Microsoft providing FireEye with access to data collected from Windows 10 users.

Microsoft has yet to comment on this matter.

Hackers Steal Millions From European ATMs Using Malware That Spit Out Cash

ATM hackers who long relied on tactics of stealing payment card numbers and online banking credentials to steal millions are now targeting the bank itself to steal cash directly from the machines.

Earlier this year, a gang of cyber criminals infected several ATMs with malware in Taiwan and Thailandthat caused the machines to spit out millions in cash, and the gang members then stood in front of the infected ATMs at the appointed hour and collected the money.

Now, the FBI has warned U.S. banks of the potential for similar ATM jackpotting attacks, saying that the agency is "monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector."

ATM jackpotting is a technique used to force automated teller machines to spit out cash.

According to Russian cyber security firm Group-IB, cyber crooks have remotely infected ATMs with malware in more than dozen countries across Europe this year, which forces machines to spit out cash.

The world's two largest ATM manufacturers, Diebold Nixdorf and NCR Corp., said they were aware of the ATM attacks and had already been working with their customers to mitigate the threat.

The cyber criminals have been targeting ATMs for at least five years, but the latest hacking campaigns mostly involved small numbers of ATMs due to the fact that hackers required physical access to the machines to collect cash.

Group-IB did not name the banks targeted in the campaign but said the victims were located in Armenia, Bulgaria, Estonia, Georgia, Belarus, Kyrgyzstan, Moldova, Spain, Poland, the Netherlands, Romania, the United Kingdom, Russia, and Malaysia.

Both Diebold Nixdorf and NCR said they had already provided banks with information on how to thwart the attack, Reuters reported.

"We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks," said Owen Wild, NCR's global marketing director for enterprise fraud and security.
The disclosure of the new campaign comes months after two large ATM hacks, wherein hackers stole $2.5 Million from Taiwan's First Bank and $350,000 from Thailand's state-owned Government Savings Bank.

While Group-IB believes the attacks across Europe were conducted by a single criminal group, dubbedCobalt, the FBI believes the malicious software used in the attack could be linked to the Russian ATM gang known as Buhtrap, the Wall Street Journal reported.

However, citing the tools and techniques used by both groups, Group-IB believes that Cobalt is linked to Buhtrap, which stole 1.8 Billion rubles ($28 Million) from Russian banks between August 2015 and January 2016.

How to free up space with storage tools in Android 7.1

Squeezing out enough storage space is one of the ever-present struggles of smartphone life. Android 7.1 brings some integrated tools to handle this all in one spot. To check out what’s here, go to Settings > Storage.As with previous versions of Android, you’ll see a breakdown of storage used by category.

However, check out a new tool by selecting Manage Storage at the top of the list. You’ll see an option for Smart Storage, which when toggled on will automatically remove backed up photos and videos when your phone's storage is almost full. If you have a Pixel (the first phone with Android 7.1), you get free storage at full resolution. 

Then, if you select Free up now you get more specific options for removing items. Since these items look for apps or photos that haven't been used in a long time, you may not see a ton of suggestions right away, especially if you have a new Pixel or just reset your device with Android 7.1
Finally, you can get more specific details about which apps and other elements of your phone are the main storage culprits. 

From the shared storage menu you can touch on any of the categories, like apps, images, or videos. This will let you know what’s using up the most room.
Also, touch the overflow menu and go directly to Free up space if you know you want to start right away on some purging.

How to add a Hibernate option to the Windows 10 Start menu

At the end of every day do you still dutifully close every file and program window before shutting down your PC? That’s the standard way to handle things, but for quite a few versions of Windows, Microsoft also offered the ability to use Sleep and Hibernate modes instead of just a regular shut down.
In Windows 10, however, Microsoft decided not to include hibernate with the rest of the shut down options under Start > Power by default. The good news is it’s easy to put the option back.

Why hibernate?

 Hibernation is kind of a mix between a traditional shut down and sleep mode primarily designed for laptops. When you tell your PC to hibernate, it saves the current state of your PC—open programs and documents—to your hard disk and then turns off your PC. Then when it’s time to start it up again all your previous work is ready and waiting for you.
Unlike sleep mode, it doesn’t use any power, but it does take longer to start up again.

Setting it up 

To add Hibernate to Start > Power, click on the Cortana/search box in the taskbar and type power options. The first result you see should be a Control Panel setting of the same name. Click on that.

Once the Control Panel opens, select Choose what the power buttons do from the left-hand navigation panel.

Then at the top of the next screen click on the link that says Change settings that are currently unavailable.

Now scroll down to the bottom and under Shutdown settings click the checkbox next to Hibernate. Next, click Save changes and you’re done.
 Go to Start > Power and you should now see Hibernate among all the rest of the shut-down options.

Everything You Need to Know About Getting Started with the Raspberry Pi

Now over four years old, the Raspberry Pi, a cheap credit-card sized computer, has taken the computing and DIY world by storm. Read on as we guide you through everything from buying to powering to running the tiny dynamo.

What Is the Raspberry Pi?

The Raspberry Pi is a credit-card sized computer designed and manufactured by the Raspberry Pi Foundation, a non-profit organization dedicated to making computers and programming instruction as accessible as possible to the widest number of people.
Although the original mission of the Raspberry Pi project was to get inexpensive computers with programming capabilities into the hands of students, the Pi has been embraced by a diverse audience. Tinkers, programmers, and DIYers across the globe have adopted the tiny platform for projects ranging from recreating retro arcade cabinets to controlling robots to setting up cheap but powerful home media devices.
Introduced in 2012, the original Raspberry Pi (what we now refer to as the Raspberry Pi 1 Model A) featured a system-on-a-chip setup built around the Broadcom BCM2835 processor–a tiny but fairly powerful mobile processor commonly used in cellphones. It included a CPU, GPU, audio/video processing, and other functionality all on a low-power chip paired with a 700Mhz single core ARM processor. Over the intervening years the foundation has released multiple revisions (switching out the Broadcom chips for improved versions and upping the CPU power with a 1.2GHz quad-core chip).
Although the Pi is an amazing little device that has grown by leaps and bounds since its introduction, it’s important to emphasize what the Raspberry Pi is not. The Raspberry Pi is not an outright replacement for your desktop computer or laptop. You cannot run Windows on it (at least not the traditional version of Windows you know), although you can run many distributions of Linux—including distributions with desktop environments, web browsers, and other elements you would expect in a desktop computer.
The Raspberry Pi is, however, an astoundingly versatile device that packs a lot of hardware into a very inexpensive body and is perfect for hobby electronics, DIY projects, setting up an inexpensive computer forprogramming lessons and experiments, and other endeavors.

What’s on the Raspberry Pi Board?

In the early years of the Pi foundation, the Raspberry Pi came in two versions at two different price points: the Model A ($25) and Model B ($35). If you needed less hardware (the Model A had one less USB port, no Ethernet port, and half the RAM) you could save ten bucks.
As manufacturing costs fell and the Pi gained more and more attention, they were able to increase the hardware specs of the device significantly while keep the cost the same–eventually unifying all models with the introduction of the Raspberry Pi 2 in 2015 and the Raspberry Pi 3 in 2016. Put another way: the best Raspberry Pi available at any given time has always cost $35. So what do you get when you buy a $35 credit card sized computer?

The current generation Raspberry Pi 3, seen above, sports the following hardware:
  • 1.2 Ghz ARM processor Systems-On-a-Chip (SoC) with integrated 1GB RAM.
  • 1 HDMI port for digital audio/video output
  • 1 3.5mm jack that offers both audio and composite video out (when paired with an appropriate cable).
  • 4 USB 2.0 ports for connecting input devices and peripheral add-ons.
  • 1 microSD card reader for loading the operating system.
  • 1 Ethernet LAN port.
  • 1 Integrated Wi-Fi/Bluetooth radio antenna.
  • 1 microUSB power port.
  • 1 GPIO (General Purpose Input/Output) interface.
What the heck is a GPIO? The Raspberry Pi comes with a set of 26 exposed vertical pins on the board. These pins are a General Purpose Input/Output interface that is purposely not linked to any specific native function on the Raspberry Pi board.
Instead, the GPIO pins are there explicitly for the end user to have low-level hardware access directly to the board for the purposes of attaching other hardware boards, peripherals, LCD display screens, and other hardware devices to the Pi. For example, if you wanted to take an old arcade controller and wire it directly to your Raspberry Pi to give your arcade a more authentic feel, you could do so using the GPIO interface.
Although we will not be using the GPIO header in today’s “getting started” tutorial, we do take advantage of it in other tutorials, like our Raspberry Pi LED indicator build that uses an LED breakout board attached to the GPIO header.

Where to Buy the Raspberry Pi

In the original version of this guide, we strongly cautioned readers against buying from Amazon or eBay. In the early days of the Pi’s skyrocketing popularity, it was really difficult to get your hands on a unit, and if you bought from anyone but an Raspberry Pi Foundation authorized seller, there was a good chance you would either overpay or end up with a very suspect product in your hands.
Today you can still buy from an official Pi reseller, like one of the many companies supplied by the Pi Foundation sanctioned distributor Element14, but the risk of buying from a third party or through Amazon has plummeted. In fact, we’ve bought all our Pi units from Amazon for the last few years without issue.
There are multiple versions of the Pi, but if you’re just getting started, you should absolutely buy the most current generation of the device–the Raspberry Pi 3. Practically every old Pi tutorial on the internet still works with the older models, but many of the projects you may wish to undertake (especially if you want to use the Pi as a video game emulator or the like) really benefit from the newer hardware.
In rare instances, however, you may want to hit up eBay to buy an older and cheaper Pi model. Our tutorial on turning a Pi unit and an LED board into a weather indicator, for example, doesn’t need a beefy new Pi unit and works just fine on the original 2012-era Raspberry Pi 1 Model A.

The Other Stuff You’ll Need

The Raspberry Pi is just a bare board–it doesn’t come with a case, any cables, or even a power source. So, you’ll have to purchase these things yourself along with your Pi. Here’s the other stuff you’ll need to buy (if you don’t already have it lying around).
A stable power source: The Raspberry Pi draws its power from a microUSB port and requires a microUSB-to-AC adapter. Because the Pi is a micro computer and not simply a cellphone getting a battery topped off, you need to use a high quality charger with stable power delivery that provides a consistent 5v with at least 700mA minimum output for older model units and 2.5A for the Pi 3.
Here’s a chart, courtesy of the Pi Foundation, outlining suggested and minimum power requirements.

Using a low-quality or under-powered charger is the number one source of system instability problems and frustration with the Raspberry Pi. You can stave off a pile of future headaches by simply getting a very high quality power source, preferably one designed for the Pi, right out of the gate. We recommend the CanaKit brand 5V 2.5A power supply ($10). It’s built specifically for use with the Pi, it can supply enough stable power for the oldest to the newest units, and it won’t leave you with boot issues or corrupt data like some random cellphone charger from your office drawer might.
A case: The Pi ships naked; you are going to need a proper case to enclose it. You can pick up an acrylic/plastic case for around $10-25, or go the more creative route and craft your own case (as many did shortly after the Pi was released).
When you’re shopping, be careful to check you’re purchasing the right case for you model. Significant changes to the Raspberry Pi board over the last few years, including the movement and outright removal of certain ports, means older cases won’t fit newer models.
No particularly picky or flashy? The $8 Raspberry Pi 3 case from the Pi Foundation is a tough value to beat. Want something flashy? The sky’s the limit–Amazon is filled with really cool Pi cases like this laser cut “Bel-Aire” case that looks like tiny artifact from the 1950s.

A 4GB+ SD card: The older Pi units used a full size SD card but the Pi 2 and Pi 3 use microSD cards. The Raspberry Pi Foundation recommends, at minimum, a 4GB Class 4 SD card. But since SD cards are cheap these days, we recommend going for at least an 16GB Class 10 SD card for an older Pi or a 16GB Class 10 microSD card for the newer models. You may have one lying around already, but not all SD cards will necessarily work–check out this table from to see a list of tested working (and not working) cards for the Pi.

Audio/Visual cables: If you’re connecting your Pi to an HDTV or newer computer monitor with HDMI support, you will need an HDMI cable–all PI units support HDMI output. For digital video to a standard computer monitor that lacks an HDMI port, you will need an HDMI to DVI cable for the video signal and a 3.5mm stereo cable for the sound (as you’ll lose the sound in the HDMI to DVI conversion).
Some Pis also have analog outputs for older TVs. If you are connecting and older Pi to an analog television set, you will need an RCA cable for the video and a 3.5mm stereo cable for the sound. You don’t need to purchase a specific RCA cable for the task, you could even use a yellow-red-white tri-cable you have laying around—just make sure to match up the colors on both ends of the cable when you plug it in.
If you need to connect a newer Pi unit to an SD/analog video source you will need to purchase an adapter cable known as a 3.5mm to RCA adapter or a TRRS AV breakout cable. Because such cables are notorious for being out of spec/standard and not working with the device you want, we highly recommend just picking up this cheap and highly reviewed unit that is known to be compatible with the Raspberry Pi.
An Ethernet cable or Wi-Fi adapter: Network connectivity isn’t an absolute necessity for the Pi, but it makes updating (and downloading) software so much easier and gives you access to a wide variety of network-dependent applications. And obviously, if your project relies on being connected to your network or the internet, you’ll need Wi-Fi or Ethernet.
All versions of the Pi have an Ethernet port onboard, so you can just plug in an Ethernet cable and go. If you want to use Wi-Fi, the Pi 3 has Wi-Fi built in. If you have an older Pi, you can buy one of the many micro Wi-Fi adapters compatible with the Pi. We have had great success with the tiny Edimax EW-7811Un adapter and have used it in multiple builds.
A Mouse and Keyboard: Even if your ultimate goal is to build a headless file server or other no-input-peripherals/monitor device, you will still need a mouse and keyboard to get your Pi up and running.
Any standard wired USB keyboard and mouse should work without any problems with your Raspberry Pi. There is one caveat to that statement, however: per USB design specifications, USB-based keyboards and mice should draw less than 100mAh of power but many models disregard that specification and draw more.
On older Pi units, this extra draw is problematic, as the USB ports were notoriously fussy. If you find that your peripherals are drawing more than 100mAh each, you will need to use a powered USB hub (see below). On newer models this should be less of a problem as the USB ports are significantly improved and the units user bigger power supply units.
You may find it useful to check out this large list of verified Pi-compatible peripherals maintained by
A powered USB hub (optional): If your peripherals are out of spec or you need to attach more than two devices (such as a keyboard, mouse, and USB Wi-Fi adapter), you will need an external USB hub with its own power source.
We tested all the powered hubs we had laying around the office with the Pi—from nice brand-name Belkin powered hubs to no-name hubs—and had no problems with any of them. That said, we would recommend checking your existing hub or potential purchase against the hub section of the aforementioned eLinux peripheral list.

How to Install an Operating System on the Raspberry Pi

Now that we have assembled all the requisite hardware, Pi and peripherals alike, it’s time to get down to the business of loading an operating system onto your Pi. No matter what project you’re doing, installing an operating system on the Pi will generally follow the same procedure.
Unlike a traditional computer where you have a BIOS, a drive that supports removable media (such as a DVD drive), and a hard drive inside the computer, the Raspberry Pi simply has an SD card reader. As such, you are not going to follow the traditional computer-setup route of inserting a boot disk and installing your operating system to an internal storage device. instead, we are going to prepare the SD card on a traditional computer, and load it into the Raspberry Pi for further unpacking/tweaking.

Step One: Choose and Download Your Operating System

If you’re working on a specific project, you may already know what operating system you need to download. If you’re just looking to tinker, you’ll probably want a general purpose Linux distribution for the Pi. While there are a wide variety of Linux distributions available for the Pi, the distribution we are going to use in our example is the best-supported and most stable: Raspbian, a version of Debian Linux optimized for the Raspberry Pi.
For this step, you will need a separate computer with an SD card reader.
First, start by grabbing a copy of Rasbian from the Raspberry Pi Foundation. There are two versions of Rasbian: “Rasbian Jessie with Pixel” and “Rasbian Jessie Lite”. Pixel is the new (and very pretty) desktop interface the Raspberry Pi Foundation released in the Fall of 2016. The lite version does not have the more GPU hungry Pixel desktop and retains the old (and rather ugly) previous Rasbian desktop system. Unless you have older hardware and require the lite version, we suggest you download the “with Pixel” edition.\

Step Two: Write the OS Image to Your SD Card

Now that you’ve downloaded Raspbian, you need to write the image to your SD card. Etcher, a free program for Windows, macOS, and Linux users makes the process simple.
First, plug your SD card into your computer. Next, fire up Etcher.

Flashing Raspbian is a simple three-step process:
  1. Under “Select Image,” point Etcher to the Raspbian IMG zip file you downloaded earlier.
  2. Under “Select Drive,” pick out your SD card from the list of options. Note that your system drives will not show up as an option, but any external hard drives you have plugged in might. If you’re unsure which drive is which, unplug all external drives save for the SD card you want to write to.
  3. Finally, click “Flash!”, and your SD card will be ready for use in no time.
Etcher is a very streamlined program that makes the process a lot easier. Advanced users might prefer the command line method, which is outlined over at for curious macOS and Linux users.

Step Three: Put Your SD Card in the Pi and Start It Up

Now, it’s time to start up your Pi for the first time. Attach all the necessary cables and peripherals to your Raspberry Pi except for the power cable—this includes the HDMI or RCA cable, the USB hub, the Ethernet cable, and anything else you’ll need.

Once you have all the cables attached to both the Pi and their respective destinations, insert the SD card. After the SD card is seated firmly, insert the microUSB power cable. There is no power button on the Pi–as soon as you plug in the power cable, it will begin booting up.

Almost immediately, you will see the boot sequence go scrolling rapidly by—similar to the view above. If you’re running the Pixel version of Rasbian Jessie, however, the view will quickly be replaced by a simple splash screen:

Seconds later, you’ll be kicked over to the Pixel desktop when the boot process is complete.

Congratulations, you’ve successfully booted up your Pi for the first time. For those of you familiar with the early versions of Debian on the Raspberry Pi and its very spartan desktop, you’ll immediately not how nice this looks by comparison. It’s like we’re computing in the 21st century!
Next, we’ll teach you how to configure Raspbian on your Pi.