Unlike encryption, where it is evident that you are trying to hide something from others, steganography allows you to hide secret messages inside a photo (audio, video, etc), post that photo to Flickr, Imgsrc or any other online photoalbum and nobody looking at your activities will notice that you are sending secret data, the receiver will also be safe by visiting a harmless website instead of being seen downloading encrypted messages.
OurSecret is a free steganography tool that can hide text or files inside other any other file, for the receiver to be able to read the message he will have to be using the same software, you can password protect your data to thwart accidental discovery. The carrier file can consist of an image, video, sound file or anything else, the file can be viewed as normal even after data has been hidden in them, after hiding data inside a file you will be offered a location to save it, you should get rid of the original file, an easy way to detect hidden data inside photos is by comparing the original file with the one holding a concealed a message, by destroying the original file you make it very hard to detect that something is hidden unless your opponent is specifically looking for steganography messages and has access to steganalysis tools.
Steganography software OurSecret
Steganography tools take advantage of unused bits of data in a file to hide data inside them, data is made up of bytes, with 1 byte being made up of 8 bits, if the less significant bit of each byte is modified to hide something inside it, the original file will still work as usual, a file header is another good place to hide data, it normally contains file type information, the end of a file is normally predefined and can be used too, hidden data can be added in those places without significantly altering the original file. By not adding any extra bits to the file and only modifying those that already exist, the chances of discovering hidden data is made more difficult, there are steganography detection algorithms that can be successful finding hidden data but extracting that data is much more difficult, specially if it has been encrypted.
Uncompressed files are the best ones to hide big files, for example, a bitmap .bmp image file will have more spare bits than a compressed .jpeg image, and a .wav sound file will be able to conceal more data than an already compressed .mp3 file.
ProtectOrion Data Safe is an user friendly file encryption software made by an Austrian company, after installing it you will be prompted to create a masterpassword, a password strength meter will let you know how secure your password is, the user is forced to enter a password made up of a combination of letters and numbers or special characters, otherwise it will be rejected for being too weak.
ProtectOrion main window is very informative, a toolbar above lets you know the full file path where data is being stored in Windows, and below you are shown the remaining free hard disk space and encrypted database size. Through the interface you can create folders where to classify your encrypted data (files and folders), just like you would do working on your operating system but with the data encrypted, a wastebin securely keeps any files you erase in case you change your mind.
ProtectOrion file encryption software
A Windows widget, called SafePad, holds over your desktop at all times if you choose so, it can be used to drag and drop files or full folders for automatic encryption with the AES256 cipher (used by many government agencies and banks), after dragging a file you can choose in what encrypted folder you would like to place it, ProtectOrion options allow you to specify if the original file should be securely wiped after encryption or only copied, leaving the original file intact, the software can be set to autolock after a preset time or manually locked if you need to go away from your computer, the encrypted database can easily be backed up anywhere you like and restored.
Another feature is a password manager where you can create groups of passwords, usernames and URLs, all nicely put together, you can paste passwords to the clipboard with a single click, for security, the passwords are automatically erased from the clipboard after 15 seconds. There is a portable version of this software that can be installed on a USB thumbdrive with ProtectOrion ToGo (7MB), encrypted passwords can be synchronized in between the desktop and USB thumbdrive.
Most of the software functions are intuitive but a complete well structured PDF manual is included anyway, my main concern with this software is the existence of temporary files when you open them, a common Windows problem is that the operating system can create automatic unencrypted backups of photos or documents you are viewing in hard to find places.
Freeware encryption ProtectOrion
Protectorion Data Safe claims to securely wipe files after adding them to the encrypted database but besides the fact that it stops data recovery software, they do not mention anywhere what method and how many wipes they use.
I think this could a good program for people who want something very easy to use with no learning curve, an eye candy interface and have very low security needs, if your opponent is someone well funded stay away from this encryption software, I saw decrypted temporary files created on the hard disk while the safe was open, once you close the encrypted safe the temporary files vanish, but I don’t know if they are securely wiped or not, there is no information about this anywhere.
Other encryption programs (Safetica, DiskCryptor, etc) create encrypted virtual drives where to store the data, that appears to me a far more secure solution than encrypting and decrypting every single file when you view them, even if they were wiped, the data leakage risk is still higher, the more files need to be wiped, the easier it is something can go wrong (ie computer crash leaving files decrypted before they have been erased).
ProtectOrion is the living example of whyjust because certain encryption software is using an unbreakable cipher like AES256 does not mean it is secure, how encryption is implemented needs to be considered too.
Note: The free version of this software is limited to 100 files and 5 passwords, a popup window invites you to upgrade your version when you open the software.
Spywareblaster is a free program to stop spyware from being installed in your computer, instead of allowing tracking artifacts to sneak in and having to scan your hard disk to remove them, Spywareblaster stops tracking software from installing in the first place, protecting the computer against adware, browser hijacks (anchoring your homepage), malicious ActiveX scripts, tracking cookies and flash content. You can enable and disable displaying of flash content through the easy to use Spywareblaster interface, another section allows you create your own custom list of blocked ActiveX controls and another section stores a backup of the Hosts file, a file used by your operating system to resolve IP addresses to an URL, commonly tampered with by malware to redirect you to other pages, the Hosts file can be rolled back to a certain time and date if that ever happens.
Spywareblaster stops adaware
This software consumes very few computer resources and can be used in conjunction with a firewall, antivirus and other antispyware tools without any compatibility problems, it should save you time in the long term by not having to continuously scan the hard disk searching adware. Unfortunately browser support is somewhat limited to those using Internet Explorer rendering engine (Maxthon, Avant, IE, etc) and Mozilla Firefox, Opera and Chrome users have been left out, if you do most of your Internet browsing with something other than Internet Explorer or Firefox, protection will be very limited.
The necessary database updates to keep up with the latest Internet threats are only automatic in the paid for version of this program, the free version has to be updated manually which is easy to forget, I wasn’t too impressed with Spywareblaster, is not bad but I do not see this as a must have, my main grudge is the lack of support for browsers other than IE and Firefox.
The current 32-bit IPv4 protocol, created in 1981, can have up to 4 billion of IP addresses, every device connected to the Internet needs one of them, including mobile devices, going beyond everyone’s foresight, the Internet is now running out of IP addresses, by the end of 2012 all available IPv4 addresses could have been given.
IPv6 is a brand new version of Internet Protocol set to succeed IPv4, it isn’t an upgrade since networks using both protocols are largely incompatible at packet level and can not communicate in between them, IPv6 is based on 128bit addresses, it will provide users with a near inexhaustible number of IP addresses. You can easily identify an IPv6 address because unlike IPv4 composed of four groups of numbers separated by dots, an IPv6 address is composed of eight groups of alphanumeric characters separated by colons.
Tip: Some IPv4 routers can be converted to IPv6 with a simple firmware update.
IPv6 addresses advantages
Efficiency: Data packet headers and packet forwarding through routers has been simplified to make it more efficient
Multicast: The transmission of a packet to multiple locations in a single send operation, aka multicast, is a base specification in IPv6 (optional in IPv4)
SLAAC (Stateless Address Auto Configuration): A standard IPv6 feature that allows IPv6 hosts to autoconfigure when connected to an IPv6 router, it is able to automatically assign IP addresses and device numbering.
Jumbograms: A jumbogram is a transmission data packet exceeding the standard Maximum Transmission Unit (MTU) IPv6 jumbograms contain a payload larger than the IPv4 limit of 65,535 eight-bit bytes (aka octets).
Geolocation: IPv6 address have more geolocation options than IPv4, the new IPv6 latitude and longitude system can be scaled down to nearly microscopic pinpointing.
Computer IPv6 address
IPSec (Internet Protocol Security): Originally designed for IPv6, and later expanded to IPv4, this Internet protocol secures communications encrypting and authenticating data packets for each session, IPSec is optional in IPv4 and mandatory in IPv6.
Mobile IPv6 (MIPv6): The MIPv6 protocol enables a mobile device to switch between networks, mobile devices are identified by their home address regardless of physical location, IPv4 sends the data packets to a proxy server for relaying to the target device.
IPv6 address examples: 2001:db8:ffff:1:201:02ff:fe03:0405 OR 2607:f298:1:109::7ba:1bd8 OR 2001:41d0:1:1b00:213:186:33:87
Note: IPv6 addresses will be rolled out progressively and they are expected to coexist side by side with IPv4 networks for a long time, it is the ISP responsibility to implement IPv6, not the user.
IPv6 privacy concerns
When an IPv4 user reboots the computer a new IP address is assigned by his Internet Service Provider DHCP server, with IPv6 making billions of IP addresses available there will be no need to request a new IP when the computer boots up and dynamic IP addressing (DHCP) should eventually disappear. The first half of an IPv6 address is static, identifies the network and it never changes, it can be stored, the second half of the IP is created by an IPv6 enabled device (i.e. your computer+operating system).
IPv6 128bit computer address
IPv6 stateless configuration uses the hardware device unique MAC address to create the IP last 64 bits, this means that your computer MAC address is exposed to the Internet, since any website you visit logs your IP they can also figure out your physical network card MAC address. IPv6 has something called Privacy Extensions (RFC 4941), enabled by default in Windows (not enabled in Linux and Mac OS X before Lion), it uses a random number generated by a computer algorithm to dynamically assign a varying address block when creating the IPv6 address so that your computer MAC address is not used and remains hidden.
Example of traceable IPv6 computer address 2001:0db8:1:2:60:8ff:fe52:f9d8
Take the last 64 bits (the host identifier) and add leading zeros: 0060:08ff:fe52:f9d8
Strip the ff:fe part from the middle. If these bytes are not there, then there’s no MAC address.
For the first byte: complement the second low-order bit (the universal/local bit; if the bit is a 1, make it 0, and if it is a 0, make it 1). So: 0x00 (00000000) becomes 0x02 (00000010).
Result: 60:8ff:fe52:f9d8 translates back to computer MAC address 02:60:08:52:f9:d8
Tip: If you see the characters “ff:fe” in the middle of your IPv6 address then your network card MAC address has been used to create it, if the characters are not there, privacy extensions is enabled and you do not need to worry.
IPv6 useful websites
Test IPv6: Runs a quick test giving you all kind of technical information on your IPv6 address indicating a score of your IPv6 and IPv4 stability and readiness
IPv6 Test: Checks your IPv6 and IPv4 speed and diagnoses connection problems, it tells you if a computer is using IPv6, it can test your ping latency and compare IPv4 against IPv6 performance, it can also test if a website is reachable using IPv6.
TunnelBroker: Free Tunnel Broker service enabling people to reach the IPv6 Internet by tunneling over existing IPv4 connections from an IPv6 enabled host or router to one of their IPv6 routers.
SixXS: Offers IPv6 Tunnel Broker managing and a number of IPv6 Tunnel Servers to end users.
This free password recovery software does not need installation and can be run from a USB thumbdrive but it requires administrator rights, once you execute it, you can remove the password for any Windows user using a drop down menu, you can enable or disable Windows account manager or change the Windows logon password without using the Windows control panel.
Advanced Password Recovery can retrieve stored wireless networks passwords, Instant Messenger account passwords from MSN, Yahoo Messenger, Google Talk, ICQ, Trillian and others, Windows Office password recovery for Microsoft Office software and Microsoft Exchange Server, and Internet browsers password recovery for all of the major browsers like Opera, Firefox, Internet Explorer and Chrome.
Advanced Password Recovery
Advanced Password Recovery also includes a basic password generator where you can specify password length and spawning of numeric or alphanumeric passwords, this is a nice bonus but you will be better off using a specialist password generator tool if you are going to use it often, the one included has very basic configuration options, there is no support for password lists or presetting password suffixes.
The software includes a utility called Password Encrypter to encrypt text , there is no documentation explaining how it is implemented, it does not not look like strong encryption, probably more indicated to stop the occasional coworker spying or someone who doesn’t have the time and motivation to try and break it.
This Windows SSH server built around CygWin (Linux environment for Windows) comes as a single executable and it is very easy to install, you can configure an SSH server on any Windows PC with just a couple of clicks, MobaSSH is registered as a Windows service it can be monitored like any other normal service, it will help you supervise and manage your Windows PC remotely allowing you to run commands and securely transfer files from any other operating system using a secure encrypted SSH tunnel, all you need is an SSH client on your end (OpenSSH, PuTTY, KiTTY) and MobaSSH installed in the computer you would like to have access to.
You will be able to administer a Windows machine using Unix commands as if it were a Linux operating system, the most useful GNU utilities are all included, the tool appears directed towards system administrators but home users with a small network at home can make good use of it too, you could for example, install MobaSSH on your home computer and securely connect to it from work or an Internet café using a portable SSH client on a thumbdrive to create an SSH tunnel and retrieve forgotten files or upload them to your home computer.
MobaSSH Windows SSH server
Commonly performed functions with MobaSSH include:
Use a Windows machine as a central backup server: With scp/sftp you can securely transfer files to the central server or write a script that will automatically run backing up a folder to the other offsite computer.
Manage a computer remotely without the logged in user even noticing: When you remotely log into a Windows machine remotely where MobaSSH is installed nothing is displayed on the screen, everything runs silently in the background, the user will be able to carry on working as normal.
Monitor what a Windows computer is doing: You can look at what programs/daemons are running on the computer and display the data packets crossing the network card in real time using TCPCapture, the network connection can be probed too using ftp/telnet/rlogin/wget/ping, etc.
Remotely run scripts on a Windows machine: Using bash, vim, chmod, cut, etc you can suddenly start an inactive script on a Windows computer, this can be done while a user is logged in.
MobaSSH main features
Execute commands on a remote Windows computer
Transfer files through an encrypted SSH tunnel
Retrieve information about the remote computer
Make backups of your computers over the network
Silently install software on remote Windows computers
Silently administer a remote Windows computer
The free version is for personal use only and it does not have advanced logging options, Samba domain users, hosts allow/deny configuration and service Keep Alive can only be found in the pro version. MobaSSH includes an easy to understand manual with screenshots, but you need to have a working knowledge of the Unix (Linux) command line in order to operate this tool, this is not difficult to learn.
Any hardware with a communications network interface card (NIC) will have been assigned by the manufacturer of the card a unique Media Access Control (MAC) address embedded on the network card, this address includes the manufacturer identification number, the make and model of the device could be embedded too. A MAC address takes the viewable form of six groups grouped in blocks of two hexadecimal digits (composed of numbers from 0 through 9 and letters from A up to F) separated by hyphens or colons.
Example MAC addresses: 00-B0-D0-86-BB-F7, 09:00:07:A9:B2:EB, D1-AD-04-EF-C1-02
A network interface card MAC address does not contain user information and it is not visible on the Internet, it remains behind the router, a router will use a device MAC address to identify a local computer, the router will be able to see and log the device MAC address when connected to, if you are using a public wireless access point for example, the access point will log your network card MAC address, time and date.
A network administrator could use this information to link your machine, i.e. laptop, mobile device, etc, with a particular Internet session, in order to do that you would have to lose control of the device and allow someone to examine it, using a VPN on a Wi-fi connection will not hide your MAC address.
Note: A computer MAC address is not related to Apple Macintosh computers, it is related to network cards.
How to find out a computer MAC address
Windows MAC address: Go to the command line (Run>cmd) and type ipconfig /all you will see a line that says “Physical address”, that is your network card burned-in address, aka MAC address, if you have a wireless router you will see more than one physical address, one belongs to the ethernet wired connection and the other to the wireless connection.
Apple Macintosh MAC address: Go to System Preferences>Network Icon>Show (select Built-in Ethernet)>Ethernet Card, the MAC address is listed next to Ethernet ID:, to determine the MAC address of a Wi-fi card select Show: Airport>Airport the address is listed next to Airport ID:
Linux MAC address: Become root at the command line (typing su or root) and type ifconfig -a the MAC address will be listed next to HWaddr on the first line, or type /sbin/ifconfig | grep HWaddr
FreeBSD MAC address: Type dmefg to see display MAC address or grep eth0 /var/log/dmesg or type ifconfig and look for the ether line, the MAC address will be written next to that.
Note: A hard coded MAC address is meant to be unique in the world, there can only be one NIC card with that number, if you spoof a network MAC address and it coincides with that of another device in the same local network there could be serious networking problems, or data could be forwarded to both devices, the consequences will depend on how the switch handles it.
How do I change my MAC address?
To physically change a network card MAC address it is necessary to remove the NIC card flash chip, re-programming it with new MAC address and putting it back on the card, changing your device network card will also change the hard coded MAC address, the easiest and quickest way to change a MAC address is by using special MAC address changing software:
DynaMAC: Freeware application to view and change any computer MAC address, including wireless cards, the user can specify the MAC address that should be used, the old address can easily be reset to the original one with a single click.
After downloading DynaMac choose custom installation to stop your homepage and default search engine from being changed (Ad-aware).
DynMAC free MAC address changer
Technitium Tmac: Highly configurable MAC address changer, it provides complete information on all of your network cards MAC addresses, you can select a random MAC address from the list of manufacturers that Tmac includes, it makes for a perfect MAC spoofing if you match it with your network card manufacturer brand.
Change computer MAC address manually
Change a MAC address in Windows: Go to Start>Network Connections>Network Sharing Center (Vista) (Network and Dial-up on XP)>, choose Adapter Settings, right click and choose Properties>Configure, Network Connection Properties>Advanced tab, review the list for “Physical Address” or “Ethernet Address” (each NIC utilizes a different name), click on Properties once you have found it, click next to Value and input your desired MAC address, the computer will have to be rebooted for the changes to take effect.
Change a MAC address editing the registry: You could change a network card MAC address editing the Windows registry, the address will be found around HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\ one of the subkeys labeled NetworkAddress contains it, you could cause serious damage to your operating system and need to reinstall it if you make a mistake editing the registry.
Change MAC address in Linux: Become root and use the ifconfighw command or GNU MAC changer.
Change MAC address in FreeBSD: Become root and use the ifconfig command with three steps.
ifconfig {name of the interface} down
ifconfig {name of the interface} hw ether {new MAC address}
ifconfig {name of the interface} up
Tip: Network administrators could be filtering access to the network based on a device MAC address, changing it while being part of a network could lock you out.
Note: MAC address changing software does not modify the embedded network card address physically, it instructs Windows (example OS) to use the MAC address specified in the registry.
Change a router MAC address
A router MAC address can be emulated/changed through the router interface, the process is known as MAC cloning, not all routers have this ability, the cheap ‘free’ router given to you by your ISP is unlikely to allow this.
Each device has its own interface and it is not possible to write instructions for all routers, read the router own instructions or make sure that you have a high end router and search the interface advanced configuration options for “MAC cloning”, in advanced configuration mode you should be able to enter a new MAC address, after which you will be asked to reboot./em/em
