Category: Security

Computer Security

Encrypt Gmail messages with SecureGmail

SecureGmail is an open source Chrome browser extension to encrypt and decrypt Gmail messages with one click. After installation you will see a red padlock next to the compose button in Gmail, clicking on it will launch the compose window with a red bar that says “Secured“. Unlike other encryption extensions, SecureGmail does not allow Google servers to keep a draft of your message and encryption takes place in your browser, Google will be unable to read anything other than scrambled text, however, attachments are not encrypted, SecureGmail only works for text.

You will be asked to enter a password after you have written the email and, optionally, a password hint. You will have to either, transmit the password to the receiver by secure means, or enter a password hint that the receiver can easily guess. When the other end receives the message he will see scrambled text and a warning saying “This message is encrypted, decrypt message with password“.

encrypted Gmail messages SecureGmail

The strength or SecureGmail is that Google is kept out of the equation by not giving the company any way to read plain text, SecureGmail open source code allows others to check for bugs and email encryption is extremely easy and quick, but there are also many SecureGmail downfalls, the first one is that both parts must have the same extension installed to be able to encrypt and decrypt data, the second problem is that sender and receiver must be both using the same browser, SecureGmail only works in Chrome, and a third obvious problem is that the password has be transmitted, this will encourage people to reuse passwords and it will reduce security.

SecureGmail can be useful for an organisation that has their email hosted by Gmail, but only for staff conversations as sending email to outsiders would be sure to slam against one of the problems highlighted above. If you need a way to encrypt email that can be delivered anywhere, consider learning about PGP and Enigmail or download the Mailvelope extension.

People concerned about privacy should not be using Gmail, but if you do, encrypting it will give the NSA some work to do in between reading clear text messages. Encryption can not protect you from the who is communicating with who server metadata, trying to fool the NSA using Gmail is like trying to win the lottery by praying to Allah, a total waste of time.

There are plenty of reasons not involving national security about why you will want to encrypt your email messages, like not wanting readable email messages stored in your inbox for ever and protecting yourself from embarrassment if a typo sends an email message to the wrong inbox. In scenarios where metadata collection is not an issue, an extension that encrypts email is adequate protection.

Visit SecureGmail homepage

14 March, 2015
Nitrokey, a thumbdrive to encrypt data, emails and logins

Nitrokey is a physical USB thumbdrive developed in Germany to encrypt email with OpenPGP, GnuPG or S/MIME, use One Time Passwords, encrypt your computer hard drive files, manage digital certificates and act as a double authentication token with websites that have adopted the Universal 2dn Factor U2F standard supported by Google services, OpenSSH and WordPress. The hardware design and software code of this encryption thumbdrive has been made open source to allow the review of their security and for developers to be able to integrate their own applications.

The thumbdrive keeps three RSA encryption keys of up to 4096 bits, they are all linked to the same identity but used for different purposes, authentication, signing and encryption, the keys are hardcoded in the device, this makes it impossible for viruses to extract them, the One Time Passwords are compatible with Google Authenticator and hardware encryption is using the AES256bit algorithm with plausible deniability using hidden volumes. The dongle comes with a default administrator PIN set to 12345678 that you should change.

Encryption USB thumdribe NitroKey

A more expensive version, called “NitroKey Storage“, allows you to store up to 64GB of encrypted data in the device, everything is secured using AES256bit hardware encryption. The USB thumbdrive will work in all operating systems, including Linux, it can be used for authentication as well as encryption.

If you are worried about a trojan horse in your computer stealing your encryption keys, Nitrokey can stop just that. Carrying your encryptions keys with you in your pocket, instead of having them in your hard drive makes identity theft less likely, and NitroKey’s open source lets you check its firmware integrity, the developers advertise this as a way to thwart the NSA practise of intercepting hardware in the post to implant backdoors on them.

This is not a very cheap dongle but in line with what encryption thumbdrives normally cost, you can buy a Yubikey for half price but it does not have any encryption abilities other than U2F authentication, Nitrokey offers email and data encryption on top of secure U2F logins.

The best selling point of this thumbdrive comes in the form of being open source supporting standard security programs. The developers also mention that the key has a tamper-proof design and that you can set up a hidden encrypted container to avoid mandatory surrendering of your data when crossing the border or in countries where it is illegal not to reveal your password to law enforcement.

Visit NitroKey homepage

18 January, 2015
Martus, the encrypted bulletin board for activists

Martus is an open source encrypted bulletin board for individuals and groups tracking human rights violations. It has been developed by Benetech, a non profit organisation pushing for social change. It is written in Java, available for Windows, Mac, Linux and Android, I downloaded the 130MB Windows version to try it out.

During installation a wizard guides you over the necessary steps to set it up, you will be forced to choose a strong password with a minimum of 8 characters and will be given tips to do it safely being told not to use dictionary words and to combine alphabet letters with special characters, everything will have to be entered twice before encrypting it in your device. If you forget your credentials nobody will be able to recover them, not even Martus staff.

Martus encrypted bulleting board Tor settings

Within the software there is the option to activate the Tor network to hide from your ISP that you are connecting to Martus servers and to get around filters if a server is blocked from your location.

The data you enter will be backed up to the server connecting to port 443 (SSL) or 997 using 3027 bit encryption, server administrators will not be able to read anything, data is encrypted with your own keys, and if you don’t wish to use the default Martus server, which during my tests resolved to an Amazon EC2 data centre in the US, any organisation can set up their own, “Advanced Settings” in Martus allow activists to enter the IP address of the specific server they would like to connect to together with the server public code and a magic word for authentication.

You will also be given a public Martus key, this is used to anonymously exchange information with your contacts, entering one of your friends access token in the address book allows you to be in touch with him and transfer encrypted data. There is no need to know any phone number, email address or Instant Messenger, the access code alone allows you to interact with others, anonymity can be strengthened further if you both use Tor, which only requires that you tick a button in Martus.

The hard part of Martus is to securely exchange access keys with your friends in a way that can not be intercepted, Martus recommends that you to use the Off-The-Record (OTR) software or a face to face meeting to do this.

Template forms in Martus can organise data records with little effort, or you can create a custom form yourself. The last step of the installation wizard involves exporting your account key to a secure location, like an external USB thumbdrive, to restore account access in case your computer is stolen or infected by a virus. The key is exported as a .dat file and optionally can be split in three pieces for extra security, in the later case, you will need all of the parts to access your Martus account. These parts can be distributed in between various members of a group living in different countries so that if one of them is compromised, it will not be enough to access the account.

Martus server settings

Martus report layout is plain and clear, two buttons on top allow you to connect or disconnect from Martus server or Tor with a single click and the tabs on the left hand side let you switch in between the received and saved reports, the form incorporates fields with the date, author and server where data is being backed up.

The Android version of Martus requires you to have a desktop Martus account first to be able to configure it, the rest works the same, data is encrypted with your passphrase on the phone to protect you if it is seized, and any picture, audio or text you have stored will have been already backed up to the Martus server and can be retrieved later on if the phone is confiscated, another choice is to designed a second person with access to your Martus desktop account to retrieve data you have uploaded in case you are not released from custody. Other nice details are that program automatically locks and asks for your password if you leave it running in the background, and there is a PDF manual you can download in multiple languages explaining how to operate Martus.

Martus Android phone

This is a very well thought out program, it has everything an activist needs, privacy with encryption, anonymity with Tor, no backdoor, the possibility to set up your own Martus server so that you don’t have to rely on others, and being able to share account credentials in between various people so that if something happens to one person, others will still be able to bring back any photos you have uploaded.

If anything could be improved in this program, is that there is no real time communication to sort out discrepancies, like a chatroom or IM, but you could always ask questions to your contacts adding them to a data form being shared.

Visit Martus homepage

15 December, 2014
Free encrypted webmail service Tutanota

Tutanota, meaning secure message in Latin, is a German based free webmail service with end to end encryption. Your email messages, attachments and subject are all encrypted in your browser using Javascript with a cipher combination of RSA 2048-bit and AES-128-bit before uploading data to Tutanota mail servers in Germany. The encryption keys remain in your power at all times, the company can’t see anything in plain text, they can’t restore your password or reset your account, anybody forgetting their password loses access to the messages.

If German authorities ever serve Tutanota with a court order to hand over a customer’s email inbox content, the company will of course comply with the warrant but all they will be able to deliver will be ciphered files with no decryption key. According to the email exchange I had with Matthias Pfau, one of Tutanota founders, they do not log IP addresses and only keep timestamps, the details are stored anonymously without any reference to your user account. Each mail in your inbox also contains the mail addresses of the recipients in clear text, kept until you delete the email, Tutanota has some ideas about how to hide the recipients address but it has not been implemented yet.

Encryped webmail Tutanota

You can open a Tutanota email account with minimal details, choose a username and password and that is it. During the very short registration you will find a link to a Wikipedia page with instructions on how to choose a strong password, a coloured meter on the page lets you know if your password is secure enough to withstand brute force attacks.

I appreciated the clean smooth webmail interface giving one click access to the different tabs and folders, with a security tab where you can see a list of of the successful and failed account logins with timestamps, no computer IPs are associated with customer accounts since no IP logs are kept.

Sending an encrypted email in Tutanota is effortless, it does not require customers to manage encryption keys or know much about security. The system is compatible with insecure email services like Gmail or Yahoo. When you send a secure email to somebody who is not on Tutanota, instead of receiving the full text, they receive a message with a link inviting that person to visit Tutanota servers to read the encrypted email, only readable with the correct password and decrypted locally in the browser.

By not sending the email message body, any organisation monitoring Internet traffic will not be able to intercept a copy of the encrypted data. A terrific way to stop mass surveillance on the Internet is to never let the data out on the wild web. The same security system that CIA director General Petraeus was using to communicate for an extramarital affair, he used a dead drop email account and never allowed messages to travel the Internet.

One can assume that the CIA director has classified knowledge to know how to best avoid surveillance, and presumably General Petraeus applied that privileged information to protect his own life, it is possible to learn a lot from observing the experts and copycat them.

Tutanota encrypted email exchange

Tutanota free email service is a major improvement over the dead letter box communication system, the company adds an encryption layer, and the people you communicate with do not have to change anything, they can securely reply to you using the same window where they are reading the received message.

Another important security fact about Tutanota is that they hired a German penetration testing company called SySS to try to find security vulnerabilities in their mail service, like cross site scripting. Tutanota was given an all clear certificate attesting that during the network scan and manual hacking that was attempted by security experts it was not possible for SySS to access any confidential data. If that is not reassuring enough, Tutanota source code is available for download released under the GPL license, you can use it to build your own email client or check it for bugs.

The zero knowledge approach of this email service, their no logs no decryption keys available policy, located outside of the UK and USA, very easy registration and utilization make Tutanota one of the best alternatives to Hushmail. If I have to complain about anything, is that, not being German myself, I do not like getting a .de email address (@tutanota.de), I prefer a .com domain to stop people from assuming I am German.

This security model is the future, spy agencies are not going to stop monitoring data travelling across the Internet, so, you just don’t send it, leave it on the server for others to fetch, superb.

Visit Tutanota homepage

5 September, 2014
The best XMPP/Jabber servers for anonymous chat

Jabber/XMPP is a decentralised instant messenger using the open source XMPP protocol, there is no central server that could be compromised, the multiple nodes construct a resilient and hard to monitor infrastructure. Dozens of XMPP servers, encryption and its open source nature make XMPP much harder to wiretap or shut down than cloud based Google Hangouts, Yahoo Messenger or Skype, all USA companies known to have a NSA backdoor.

One of Jabber/XMPP main vulnerabilities is that the server you are connected to is not trustworthy, this is a list of XMPP servers with the best privacy policies:

5th July XMPP: Swedish privacy foundation promoting free speech worldwide, in between other services they provide an open XMPP server with Off-The-Record Messaging (OTR) support, hosted in Sweden and with logs tuned off. They warn you that file transfers are not encrypted, only text conversations are.

Calyx Institute: A not for profit privacy and cyber-security foundation running a public Jabber/XMPP server that does not create any records of who you communicate with or keep logs of the content of any communications, this server forces you to use OTR, Off-the-Record Messaging, a cryptographic plugin that stops the server administrator from accessing plain text of your communications.

Dismail.de: Free public server located in Germany, you can register for an account using the web interface or your Jabber client. The privacy policy is very clear about how long for each one of your details are stored, metadata has to be saved for Jabber to work, it would be impossible to communicate with your contacts without saving who they are and your Jabber ID is of course also saved. Personal details like the IP address used to create the account and the files you upload are erased after a month.

Pidgin Jabber XMPP setup

Neko IM: Running a public XMPP server located in Norway, they claim that no more information is collected and stored than what is absolutely necessary, TLS everywhere is enforced and Jabber clients need to support a strong cipher or they will not be able to connect to the network. Being a free volunteer run project, this server uptime comes accordingly to this and no guarantees are made about uptime other than “as much as possible“.

XMPP Gajim Jabber chat

Countermail: This is a paid for service from a Sweden based email privacy company that provides the XMPP server xmpp.counternet.com with TLS and SSL encryption only available to email account holders. The username and password are randomly generated, you can not create your own, however, all XMPP clients supports “alias” or “display name” that you can manually set up and this is what other Jabber users will see.

SystemLi: Jabber server managed by an anti-capitalist tech collective. They do not retain any kind of data and a .onion link is available for those using Tor. To avoid spam accounts registration is only possible with an Internet browser.

About Jabber/XMPP security

Any IM client that supports the XMPP protocol can interact with other Jabber users, a few of the best know Jabber compatible clients are Pidgin, Thunderbird and Jitsi, they can be used for videocalls and sending files, but always remember that encryption and end to end does not mean that your computer IP is hidden. Jabber will help you protect from wiretapping with encryption but the server you use could log what you do and your contact could find out your home IP if you are not on a proxy or VPN.

Another benefit of Jabber is that the same username and password can be used to connect with the social network Jappix, unlike Facebook, you don’t have to provide your real identity to take part in Jappix. Another way to protect your online privacy is running your own Jabber/XMPP server with a custom logs policy, it is not hard to set up an XMPP server with basic understanding of Unix, search for Prosody or Tigase to find XMPP server software to run.

I included XMPP servers with a clear privacy policy of minimum logging or being offshore, those are the claims that the server administrators make, there is no way to verify any of them. If you are social activist RiseUp and Austici provide anonymous Jabber chat servers for people fighting for world change but they are not on the list because they are strictly for political activists.

Sometimes privacy minded individuals set up their own XMPP server and open them to everybody, due to the nature of one man operations, instead of including here privacy servers that have little backing and less chances of long term survival it is best that you check out an updated list of all public XMMP servers at https://list.jabber.at/

10 August, 2014
Cold boot attack protection with YoNTMA

YoNTMA (You’ll Never Take Me Alive!) is an open source tool to enhance Windows Bitlocker and Mac FileVault full disk encryption. It has been designed to protect the user from cold boot attacks. A side channel attack where an intruder with physical access to a machine retrieves the encryption keys from RAM memory.

Cold boot attacks can be used to get access to a fully encrypted hard drive. They are very difficult to achieve once the computer has been shut down, data remanence lasts less than a minute after you power off your computer. In that time an attacker would have to open up the computer case, extract the RAM memory modules and cool them down with liquid nitrogen before extracting the keys.

Cold boot attacks are not normally carried out by law enforcement because of the complexity and timing needed, but a cold boot attack can be easily completed if a computer is only secured with a screen lock by a user that has gone for a quick bathroom break or cup of coffee, a self executable .bat forensics file, like Mandiant Memorize, could be executed to extract the RAM memory of a fully encrypted laptop plugging in a USB thumbdrive into the locked computer, YoNTMA aims to protect you from this.

cold boot attack RAM memory liquid nitrogen

You’ll Never Take Me Alive! runs in the background monitoring when your screen locks, if it detects that the power or Ethernet cable is disconnected while the machine is locked, YoNTMA immediately puts the computer into hibernation mode to remove the encryption keys from RAM, sending them to the page file on the hard drive to protect you from a thief stealing your fully encrypted laptop and extract the keys a while later. When a computer is hibernating it is not possible to execute a program from a CD drive USB port, it needs to wake up first.

I personally feel that, if your data is so important that you need full disk encryption, it doesn’t matter if you leave the computer for ten minutes or ten seconds, you should never leave it on with the screen lock and it should be you sending it to hibernation when you need a two minutes bathroom break. But if you are the forgetful kind of person, there is no harm running YoNTMA in your computer, small things sometimes save the day when you expect it less.

This tool will likely be the most useful for companies enforcing rules to lazy employees and not private citizens with discipline and attention to details when dealing with encrypted data.

Visit YoNTMA homepage

11 June, 2014
Best programs to change your DNS settings

Every time you enter a URL in your computer browser a DNS query takes places and asks your Internet Service Provider to translate the typed in letters into an IP address so that you can visit the website, this is what is called a DNS query and if you happen to be in a country that censors the Internet or practises mass surveillance the sites you visit can be watched in real time. It is also possible for a spy agency or malicious hacker to sit in the middle of DNS queries and show you a fake website when you try to visit certain URL, then proceed to capture your login and password or serve malware to your computer.

The most common use for DNS monitoring it is Internet filtering, schools and companies do this to fend off adult material and the Chinese Great Firewall does this to block news websites about the Tibet.

The programs below come preconfigured with dozens of free DNS servers, a few of them have built-in parental controls to protect your kids, others offer censorship free DNS queries and do not log any activity, with the most security conscious offering encrypted DNS queries. The advantage of using one of these programs to change your ISP DNS servers, over doing it manually, is that it only takes one click and you don’t have to search DuckDuckGo for free public DNS providers.

ChrisPC DNS Switch: It comes with more than two dozen free DNS providers, one drop down menu allows you to select the network adaptor and another drop down menu classifies the DNS providers into “Anonymous” (no logs), “Family Safe DNS” (URL filtering), “Secure DNS” (malware filtering), “Regular DNS” and “Custom DNS” where you can manually enter the name server you would like to use.

ChrisPC DNS Switch

DNSCrypt Windows Service Manager: A DNS encryption only DNS changer, it helps you configure your network adaptor with one of their supported DNS encryption providers. At the moment consisting of DNSCrypt.eu in Europe and claiming to keep no logs, OpenDNS in the USA, CloudNS in Australia and OpenNIC in Japan. You are also given the option to choose UDP/TCP and IPv4 or IPv6.

DNSCrypt Windows Service Manager

QuickSet DNS: A minimalist Windows utility to change the DNS settings of your computer or router. This is one of the few DNS changing utilities that allows you to change your router DNS using a graphical interface. Optionally you can also use QuickDNS from the command line.

QuickSetDNS

DNSJumper: Windows DNS graphical interface where you can select the DNS of your choice out of a long list of public DNS servers (Comodo DNS, Norton DNS, Google DNS, etc). To change DNS settings often the program lets you flush the previously applied name servers with the click of a button.Clicking on the “Fastest DNS” button will automatically find the most expeditious name servers for you.

Name Server changer DNSJumper

If you are using a VPN to encrypt your connection your ISP could still be able to see what sites you visit monitoring the DNS servers, this is know as DNS leak. To avoid this risk you should change the default DNS servers in your router or computer. For extra security you should select a DNS provider that encrypts queries, it is the equivalent of HTTPS for DNS.

Note: If the DNS program does not have a DNS flushing button you can flush your DNS cache manually in Windows with: ipconfig /flushdns

20 May, 2014