Hacker 10 – Security Hacker

Author: John Durret

  • Freeware screen lock Eusing Maze Lock

    Freeware screen lock Eusing Maze Lock

    Eusing Maze Lock is a free pattern based screen lock to stop people from accessing your computer while you are away, the unlocking mechanism consists of nine dots inside a grid that have to be connected in a certain order with the mouse to unlock the screen. This type of screen lock is often found in smartphones, it is commendable for this company to bring a security tool that does not require you to remember yet another password. The unlocking pattern is easy to remember if you use it daily, otherwise a back up copy can be kept in a safe place, or uploaded to your email account so that if you forget the unlocking pattern diagram you can restart your computer or look at the online back up copy using another device.

    The program will autolock the computer when idle, the background lock can be transparent or set to any image of your choice, the configuration tab allows you to specify the inactivity period before the computer screen locks, and optionally lock the keyboard or disconnect the computer from the Internet when the screen lock is activated, this stops people from messing around with your data if you have a document open in the background. If anyone attempts to get into your computer using the wrong pattern code a loud alarm siren sounds displaying a custom message on the screen and the computer will go into lock down for in between one and three minutes before any other unlocking attempt can be made, or alternatively the machine will shut down, the choices can all be set inside the configuration tab.

    Free screenlock Eusing Maze Lock
    Free screenlock Eusing Maze Lock

    This is an excellent screen lock that does all you need to protect a computer located in a shared room, but if your adversary is a state or corporation entity they will have the resources to acquire professional computer forensics software, like Passware Kit Forensics, able to get through any screen lock in a matter of seconds using your USB port and the autorun feature to execute a script mirroring your hard drive data or extract RAM memory even with the computer screen locked. If you adversary is low level, Eusing Maze Lock is hard to beat as a free and secure screen locker.

    Visit Eusing Maze Lock homepage

  • Facebook alternative, the Social Number network

    Facebook alternative, the Social Number network

    Social Number is a networking site where people can create groups to discuss any issues they like without having to reveal their real identity and connect with like minded people from all over the world, not just friends and family. The signing up process requires you to create a number of in between six and ten digits, this will be your ID, enter a real email address that needs to be confirmed and tick a box to corroborate that you are over 18 due to the nature of some of the groups.

    Other information like profession, college, interests and location is all optional, if you enter this data it will help Social Number find suggested discussion groups and pals, otherwise you can find them on your own with the search box. Private messages can be sent to other people in the network knowing their Social Number decimal.

    Facebook alternative Social Number
    Facebook alternative Social Number

    At the time of writing the most popular Social Number groups are hacktivism and sex, there are also discussions about depression and health issues that would be impossible to talk about somewhere like Facebook with your real name and risk being stigmatized for ever due to a temporary lapse. On the downside, foul language can also be found around, but nothing stops you from blocking abusive members or report harassment to the administrators.

    Social Number is what Facebook should have been if they really cared about privacy. Computer IPs are logged and they will be given to the authorities in case of illegal activities but Social Number makes sure that nobody searching the Internet for your name will be able to link it to your personal posts unless you reveal too much information yourself. The site also has an encrypted SSL connection to stop third party eavesdropping. A similar site to Social Number is the Experience Project, with many more users since it has been around for longer, but in Social Number they have a much greater focus in connecting with others at a personal level.

    Visit Social Number homepage

  • KProxy Agent, a portable Internet browser with proxy

    KProxy Agent, a portable Internet browser with proxy

    KProxy Agent is a Chrome based portable browser that comes preconfigured to handle HTTP requests through one of the free KProxy network of IPs to bypass Internet filtering. People using public computers at work and college will find it useful to access Facebook, YouTube and other typically blocked entertainment sites. The browser runs in Incognito mode by default (known as Private Browsing in Firefox). Chrome Incognito mode executes in RAM memory and does not store browsing history, cookies or cache in the hard drive, browsing traces will be gone and non recoverable after you close KProxy Agent, the developers claim that proxies encrypt data in between the browser and the sites you visit, any passwords or email you send can not be intercepted by anyone listening in, which makes this tool suitable for security in public Wi-fi access points.

    The speed tests I carried out on the free proxies gave me around 2MB-4MB, this is enough to watch online TV, taking advantage of this I managed to bypass geoblocking filtering and I was able to watch Hulu  from outside the US without problems, unfortunately the ping rate wasn’t so impressive and browsing Internet sites at times it felt slow, I solved it by choosing a different proxy server closer to home.

    KProxy Agent portable proxy browser
    KProxy Agent portable proxy browser

    KProxy Agent has been developed in Java, it will not work if this is not installed. Java has had numerous security problems in the past but it benefits from being multi platform, this portable browser will run in Windows, Mac and Linux or any other OS that has Java installed. Switching in between proxies can be done in a matter of seconds within a couple of mouse clicks but only US and German proxies could be found in the proxy list. KProxy Agent could benefit of a more detailed proxy information, instead of having ten different public proxies with the American flag next to them they could point out where exactly in the US each proxy is located, East or West coast and enumerate server load for each one of the proxies so that the user can choose the best one.

    It seems that KProxy Agent developers intend to make money with this program by getting people to upgrade to their faster premium proxy service, you will find KProxy Pro mentioned around but in a non obstructive way, if you only use an Internet censorship bypass tool occasionally the free version is just fine, you only need to trust KProxy owners with your data just as it happens with all other proxy or VPN services.

    Visit KProxy Agent homepage

  • German police testing FinFisher/FinSpy trojan horse tools

    German police testing FinFisher/FinSpy trojan horse tools

    A German ministry of the interior budget document leaked to Netzpolitik reveals that the Federal Criminal Police (BKA) is considering acquiring surveillance tools sold by British Gamma Group to monitor computer and Internet usage, German police is developing its own electronic surveillance tool called Spähtrojaner, at a cost of three million Euros but it will take more than a year to be finished and they need to deploy spying tools now, German magazine Spiegel quotes police sources confirming that they are already testing FinSpy trojan horses to eavesdrop in people’s computers.

    FinFisher/FinSpy espionage software is marketed as a crime fighting tool only available to law enforcement and it requires a UK Home Office export license to be sold outside the European Union, the software is of dual use and it has been launched in the past against political dissidents in Bahrain where security researchers managed to map suspected FinFisher Command and Control servers around the world.

    FinFisher/FinSpy trojan horse infrastructure
    FinFisher/FinSpy trojan horse infrastructure

    This government endorsed malware is normally installed in target computers using social engineering getting a user to open the trojan horse sending it through email, posting a file to a website for download, or getting physical access to the computer. A security researcher looking into a FinFisher trojan horse sent to political activists in Bahrain found out that the file was disguised as a .jpg written in Unicode Right-to-Left Override character with the .exe being found at the beginning of the file and not the end as it is usual, the exact trojan horse name was “exe.Rajab1.jpg” and it opened an actual cover-up photograph besides infecting the computer.

    According to that report FinFisher captured data was stored in a random Windows system folder called: C:\Documents and Settings\User\Application Data\Microsoft\Installer\{A69832D8-3F71-4241-7493-7551DB00C34C} prior to sending it to the command server.

    FinFisher toolkit Gamma Group
    FinFisher toolkit Gamma Group

    FinFly trojan horse can record VoIP conversations before they are encrypted by Skype or after they have been decrypted on the recipient’s side, it logs keystrokes and it can grab screenshots or activate webcams and microphones. A smartphone version called FinSpy mobile can wiretap Android, iPhone and Blackberry phones, antivirus software does not detect FinFisher tools, if you are afraid you can be targeted by it then consider virtualization of all of your Internet activities in VirtualBox or use a live DVD that has no permanent storage.

    Visit Gamma Group homepage

  • Dooble privacy Internet browser encrypts browsing data

    Dooble privacy Internet browser encrypts browsing data

    Dooble is an open source platform independent (Windows,Mac and Linux) Internet browser designed for privacy that comes with a secure P2P email client and serverless messenger called Interface, the browser rendering engine is based on WebKit, the same that Apple Safari uses, pages should look the same in both browsers. Dooble doesn’t need installation, it can run from a USB thumbdrive.

    After launching this privacy browser for the first time you will be asked to enter a passphrase to secure your Internet session, the passphrase must be composed of a minimum of 16 characters or it won’t be accepted. Once it has been set up your Internet browsing history, cookies, cache, bookmarks, favicons and downloads will be encrypted using AES256 and SHA512 by default, itirations, encryption algorithm and salt length can all be changed in the Settings tab.

    The security tab allows you to choose always HTTPS for websites when available, see  the website IP address, hide your referrer, set the browser to Do Not Track, suppress redirections and automatically sweep cookies every hour. Creating a new profile is done with a GnuPG encryption key, you can have various browsing profiles each one of them containing own preferences.

    Dooble privacy Internet browser
    Dooble privacy Internet browser

    With the same browser you will be able to access I2P websites, an anonymous network routing traffic like tor does. I2P anonymously hosted websites are known by the extension .i2p and called eepsites, not accessible through regular Internet without installing special anonymizing software first, Dooble browser search box in the toolbar includes alternative search engines like Blekko, YaCy and WolframAlpha.

    There are proxy configuration settings for HTTP and the integrated FTP client supporting Socks proxy. Dooble has a clean but simple interface, it needs 80MB free space to run and it loads quickly with low CPU usage, there are not many functional extras but it does all you need an Internet browser to do and its main selling point is obviously security, if you need to move in between computers with a portable browser Dooble will protect you in case of losing your thumbdrive but it will do nothing against trojan horses installed in a public computer and some countries make it a criminal offense to refuse to disclosure your password to law enforcement when requested, in those cases Dooble encrypted Internet browsing cache will not be of much help.

    Visit Dooble browser homepage

  • Mobile phone password manager WISeID

    Mobile phone password manager WISeID

    WISeID is a password manager available for Android, iPhone/iPad, Windows Mobile and BlackBerry, it has been designed to locally encrypt data in your phone using AES256, a very secure uncrackable algorithm that is a US government standard. You will be asked to enter a master password after installing the app, to unlock the database you can use a combination of face recognition or dot pattern together with the passphrase.

    Inside the app everything can be categorized into passwords, bank accounts, social network logins, credit cards, email accounts and others, data can be searched and optionally synced across devices using a Dropbox account.

    WiseID smartphone password manager
    WiseID smartphone password manager

    After storing the username and password for a website inside WISeID you can launch the URL to automatically log in, saving you time. The encrypted data is kept in the mobile device at all times, unlike Lastpass, there is no central server where accreditations are communicated. WISeID is open to the choice of registering with them and get a free X.509 digital certificate called WISeKey’s Personal ID or eID that can be used to encrypt and digitally sign email messages.

    There is no way to recover your data if you lose your master password, no backdoor built in. At the moment of writing WISeID is free, if this changes you might want to look into KeePass mobile password manager instead.

    Visit WiseID homepage

  • Brute force Linux encryption with LUKS volume cracker

    Brute force Linux encryption with LUKS volume cracker

    The Linux Unified Key Setup (LUKS) volume cracker utility is a Windows program built around FreeOTFE to launch a brute force attack against compatible Linux encrypted volumes like Cryptoloop, dm-crypt and LUKS, widely used Linux disk encryption schemes, with the later also ported to the Android phone.

    Operating LUKS volume cracker is very easy, select an encrypted volume first, select a dictionary you have, or build a custom one based on words likely to be used by the suspect and finally click on the huge “Crack” button, you will be given updates about the cracking process on the window below the program.

    LUKS volume cracker
    LUKS volume cracker

    The good news are that LUKS intentionally slows down password access to stop dictionary attacks and brute-force is not a real option unless a very easy password has been chosen or the attacker has a list of potential passwords. When you design a password do not get awed by its length, entropy (randomness) is a much more important factor in password security than the number of characters it is forged of, make sure special characters and blank spaces are present in it.

    If would like to destroy an encrypted LUKS volume there is no need to wipe the whole partition, erasing the header and keyslots is enough, by default, LUKS decryption keys are contained within the firs 2MiB of an encrypted LUKS partition. A salt value is also stored inside the header, it will be impossible for anyone to decrypt a volume without knowing it, not even if  the password is found out later on. Encrypted Solid State Disks and thumbdrives will still need full device wiping as wear levelling technology moving around data makes it impossible to securely overwrite an specific sector.

    To wipe the first 10MB of an encrypted LUKS volume (sda1) in Linux type:

    dd if=/dev/zero of=/dev/sda1 bs=512 count=20480

    Visit LUKS volume cracker homepage