WarCarrier is a Linux ncurses tool to search for Wi-fi, and Bluetooth devices from a moving vehicle (wardriving) using a laptop or mobile device. WarCarrier GPS funcionality interfaces with a module that contains updated information on GPS satellites, Bluetooth supports Ubertooth Bluetooth, an open source 2.4 GHz wireless dongle.
For those who don’t know ncurses (new curses) is programming library to write a text based interface, do not be afraid of this, WarCarrier has a very pleasant well structured and coloured interface easy to figure out. One of the main strengths of this software is instant data logging that can take snapshots with satellite data (latitude, longitude and altitude), access points Mac addresses, and what kind of Wi-fi encryption is in place (WEP, WPA, WPA2), data can be saved as .txt or .html.
WarCarrier bluetooth and Wi-fi hacking
Logging will be of great use in a crowded city with multiple access points, you could drive around with your laptop behind the seat gathering data, stop for twenty minutes to look at the logs and go back to your desired target using the GPS coordinates listed in the logs. Or coordinates could be combined with Google maps to see a visual representation of Bluetooth and Wi-fi devices in the vicinity. If your target is not approachable by car it is possible to attach an antenna to your wardriving device and extend its range.
The application will be included in a future hacking live DVD of the same name being developed. Advanced Linux users can already download WarCarrier tool code, you will need to have Airodump-ng installed for WiFi monitoring and logging.
Intuitive Password is a free cloud based password management service, communication in between your browser and their server is encrypted with SSL, the servers are hosted inside an enterprise grade data centre protected with a firewall, audited and constantly scanned with antivirus software to quickly detect security breaches. To open an account with Intuitive Password you only need an email address that has to be verified clicking on a link, and setting up a security question, any other personal details are optional.
The security question is very important, I accessed the password manager using a VPN, that changed my computer IP and a message popped up saying that my current location had not been registered with the account and I was challenged to answer with the security question before I could log in, this will happen every time you change geolocation, i.e. travelling. Another security feature that is to be implemented soon is a two factor authentication, after marking a field with “Advanced Protection” you will be sent and asked for an SMS (Short Message Service) code before being able to view that field.
Intuitive Password online password manager
The password manager has an easy to navigate clean lay out, with a single click you can switch from a wide screen desktop view to tablet or smartphone view, it will work with any operating system and nearly all smartphones, data is synchronized on the cloud without the need to download any application.
There are pre-made templates to store credit card and bank details, the fields include input boxes specific to the data, like Swift code and expiration date, if you need a particular box Intuitive Password lets you create your own template and customize all fields, passwords can be shared in between colleagues accessing a “Shared Items” tab from where securely send secret passwords and view those sent to you by other Intuitive Password users.
The only thing that disappointed me is that the main page said it was compatible with the Opera browser but I could not manage to make it work with Opera and I had to switch to Firefox instead, overall, assuming server security is as good as they say, this could be a good alternative to more established online password manager services, Intuitive Password had one of the best user interfaces I have seen, it should help boost productive time.
After the recent arrest of CIA agent Ryan Fogle by the Russian counter intelligence agency Federal Security Service one of items they found in his possession and leaked to the press was a letter advising his Russian informer how to conduct secure email communications, this post will scrutinize these instructions to learn why the CIA adopted those particular security measures.
CIA Tip 1:“To get back to us please use an Internet cafe that has Wi-fi”
The Central Intelligence Agency is advising Wi-Fi to make sure that their informer does not use someone’s else computer, when you use a public computer you agree to being monitored by the system administrator, it is impossible to known what kind of surveillance or viruses exist in that computer and any data left behind, like visited and written emails are recoverable from the Internet browser cache even after years.
They are also making sure that if the informer home Internet connection is under surveillance by his ISP and checked by keywords, it will not be a threat.
CIA Tip 2:“Open a Gmail account which you will use exclusively to contact us” ; “As you register do not provide any personal info”
They get their informer to use an American email company that can be easily accessible by the US government if needed, they make sure that he is not stupid enough to open the email account using his real name or address or other small details that could be linked to him like his phone number or a real password recovery email address belonging to him.
CIA secure email instructions for spies
As a side note, there must be something good about Gmail security because former CIA Director General David Petraeus also decided to use a Gmail account for cheating on his wife last year, something I can think of is that Gmail login is with SSL and username and password can not be captured over insecure Wifi.
CIA Tip 3: “Once you register send a message to unbacggdA@gmail.com“: “In exactly one week, check this mailbox for a response from us“
The CIA gets his informer to email to another Gmail address from the same company, with this they make sure that email content will not have to travel over the Internet from one provider to another, if you send an email from Gmail to Gmail, presumably data never leaves Gmail servers.
The confusing email address the CIA is using makes it very difficult for a similar one to exist, so even if their informer makes a typo, the email will not be sent to someone else by mistake, it should bounce to his inbox instead.
CIA Tip 4: “If you use a Netbook or any other device (i.e. tablet) to open the account at a coffee shop please don’t use a device with personal data on it”
The CIA wants to avoid cross contamination, if the tablet is lost, stolen or hacked and accessed without permission, a third party could link the email exchange with the informer’s real job exposing him as an American spy.
CIA Tip 5:“If possible buy a new device (paying in cash) which you will use to contact us”
The best way to avoid mixing real life data with underground activities is using a dedicated device for illegal actions that will not be touched by anything else, this greatly reduces chances of a mistake and the device can be quickly disposed of if needed. The CIA also makes sure that the informer’s credit card can not be linked to the purchase of a new tablet, if the informer is investigated someone could notice in the financial transactions that he has spent money buying a new tablet nowhere to be found.
Other spy items
Other seized items showed to the press include a couple of wigs, three pair of sunglasses and a baseball cap, all of those items make facial recognition difficult if the Russians have that kind of software installed in their CCTV network (public transportation, street cameras, etc) to automatically flag people of interest. The British government has trialled facial recognition software on CCTV street cameras and Germany is known to employ it in Frankfurt international airport.
Another interesting item found in his possession was an RFID shield that prevents reading of RFID chips embedded in passports and ID cards, this indicates that the CIA does not trust those chips otherwise there would be no need to protect them from unauthorized reading.
CIA money bundle 500 Euro bank notes
Allegedly the CIA spy was also carrying a large bundle of €500 Euro bank notes, these are ideal for money smuggling and corruption. China for example limits its bank notes value to small amounts to make bribery more difficult, to carry a very large amount of money in Yuan would have required the CIA agent a box full of bank notes instead of a bundle, this could explain why the CIA wanted to pay the informer’s bribe in Euros and not dollars or Russian roubles.
Computer savvy people will wonder why encryption and proxies are not mentioned at all, I am guessing here that the CIA instructions are addressed to someone who is a total computer knob and even an old grandma could follow.
OpenPuff is a portable steganography tool supporting images, audio, video and Flash Adobe animation carrier files, it can conceal up to 256MB of data splitting files in between multiple carriers. Before hiding data everything is securely encrypted with AES, scrambled, whitened and encoded, this reduces the chances of anything hidden being detected by specialist tools, you must always remember to erase the original carrier files. If a computer forensics expert has access to both files and can compare them he should be able to prove that one of them contains hidden data even if it can not extracted because everything inside the has been encrypted. OpenPuff has sixteen different encryption algorithms you can use, this makes extracting data even more difficult as only the creator will know what cipher has been used, the tool supports well known secure algorithms like AES, Serpent and Twofish and more obscure ones, like Mars, Anubis or Clefia, a high speed block cipher developed by Sony Corporation intended for use in Digital Rights Management.
To stop steganalysis, the detection of hidden data, encrypted files are scrambled with a second layer using a pseudo random number generator (CSPRNG) seeded with a user chosen password with data shuffled using random indexes, a third security layer whitens scrambled data adding a high amount of ramdom noise with hardware entropy and the final fourth security layer encodes whitened data using a non-linear function. Very paranoid types can add a decoy file for deniable steganography, just like Truecrypt hidden container works, in OpenPuff you can reveal a password to an innocuous text and keep the real hidden message from view with a second password. Another feature is the ability to hide a mark inside a video, audio or photograph, useful for when you privately distribute a confidential file to a selected group of people, if the file is later on found leaked on the internet you can check the mark and track down the leak source.
OpenPuff steganography freeware
The software interface is a little overwhelming for the steganography novice and drag and drop doesn’t work, you have to select everything manually, but security experts should appreciate things like a window with bit selection options showing a huge list of supported carrier files and the ideal data percentage that can be hidden in each different extension to avoid detection, with a third optional password seeding the scrambling CSPRNG, you can use up to three passwords to hide data inside a file, the other end will have to know all of them to decrypt it.
Thanks to the support for a wide range of carrier files (.bmp, .jpg, .png, .mp3, .vob, .mp4, .3gp, .flv, .swf, .pdf, etc) the program makes it easy to embed hidden data anywhere on the Internet, from a blog to a photo sharing site like Flickr, saving you from having to personally contact a source, which could compromise his identity, but if you are hiding data in multiple files to decrypt them the other end will have to order the files in the right sequence. OpenPuff needs a little practise to get everything right but it is one of the most complete steganography tools I have seen and it has some unique features.
Eusing Maze Lock is a free pattern based screen lock to stop people from accessing your computer while you are away, the unlocking mechanism consists of nine dots inside a grid that have to be connected in a certain order with the mouse to unlock the screen. This type of screen lock is often found in smartphones, it is commendable for this company to bring a security tool that does not require you to remember yet another password. The unlocking pattern is easy to remember if you use it daily, otherwise a back up copy can be kept in a safe place, or uploaded to your email account so that if you forget the unlocking pattern diagram you can restart your computer or look at the online back up copy using another device.
The program will autolock the computer when idle, the background lock can be transparent or set to any image of your choice, the configuration tab allows you to specify the inactivity period before the computer screen locks, and optionally lock the keyboard or disconnect the computer from the Internet when the screen lock is activated, this stops people from messing around with your data if you have a document open in the background. If anyone attempts to get into your computer using the wrong pattern code a loud alarm siren sounds displaying a custom message on the screen and the computer will go into lock down for in between one and three minutes before any other unlocking attempt can be made, or alternatively the machine will shut down, the choices can all be set inside the configuration tab.
Free screenlock Eusing Maze Lock
This is an excellent screen lock that does all you need to protect a computer located in a shared room, but if your adversary is a state or corporation entity they will have the resources to acquire professional computer forensics software, like Passware Kit Forensics, able to get through any screen lock in a matter of seconds using your USB port and the autorun feature to execute a script mirroring your hard drive data or extract RAM memory even with the computer screen locked. If you adversary is low level, Eusing Maze Lock is hard to beat as a free and secure screen locker.
Dooble is an open source platform independent (Windows,Mac and Linux) Internet browser designed for privacy that comes with a secure P2P email client and serverless messenger called Interface, the browser rendering engine is based on WebKit, the same that Apple Safari uses, pages should look the same in both browsers. Dooble doesn’t need installation, it can run from a USB thumbdrive.
After launching this privacy browser for the first time you will be asked to enter a passphrase to secure your Internet session, the passphrase must be composed of a minimum of 16 characters or it won’t be accepted. Once it has been set up your Internet browsing history, cookies, cache, bookmarks, favicons and downloads will be encrypted using AES256 and SHA512 by default, itirations, encryption algorithm and salt length can all be changed in the Settings tab.
The security tab allows you to choose always HTTPS for websites when available, see the website IP address, hide your referrer, set the browser to Do Not Track, suppress redirections and automatically sweep cookies every hour. Creating a new profile is done with a GnuPG encryption key, you can have various browsing profiles each one of them containing own preferences.
Dooble privacy Internet browser
With the same browser you will be able to access I2P websites, an anonymous network routing traffic like tor does. I2P anonymously hosted websites are known by the extension .i2p and called eepsites, not accessible through regular Internet without installing special anonymizing software first, Dooble browser search box in the toolbar includes alternative search engines like Blekko, YaCy and WolframAlpha.
There are proxy configuration settings for HTTP and the integrated FTP client supporting Socks proxy. Dooble has a clean but simple interface, it needs 80MB free space to run and it loads quickly with low CPU usage, there are not many functional extras but it does all you need an Internet browser to do and its main selling point is obviously security, if you need to move in between computers with a portable browser Dooble will protect you in case of losing your thumbdrive but it will do nothing against trojan horses installed in a public computer and some countries make it a criminal offense to refuse to disclosure your password to law enforcement when requested, in those cases Dooble encrypted Internet browsing cache will not be of much help.
SafetyJabber is a Jabber instant messenger with integrated encryption for Windows, Mac OS, iOS and Android. The messenger uses the XMPP transmission control protocol (TCP), an open standard developed by the Jabber open source community and compatible with any other of the bountiful IM clients supporting XMPP, this includes Google Talk, Jitsi, Pidgin, Trillian and Gibberbot, but not ICQ, Yahoo Messenger or Skype.
After the installation you will be asked to create a new PGP keypair or to import your own, key length can be up to 2048 bit and the encryption keys password is optional. If you are familiar with PGP encryption everything will be intuitive, otherwise you can watch one of the video tutorials in the developer’s site or read the included help manual with screenshots, there is a user support forum too but everything appears to be in Russian.
Before you can start chatting you will need to create a Jabber account first in any Jabber public server, a list can be found with a quick Internet search. Once you have registered for an account enter the given server settings in Accounts>Add, specifying to encrypt the connection with SSL or StartTLS, those details should be given to you during registration. The Advanced Setings button allows you to enter proxy details to connect to the server, this will hide your real computer IP from the Jabber server.
Encryption OpenPGP messenger SafetyJabber
The premium version version of this program removes an advertising banner, allows for bigger encryption keys of up to 4096 bit, comes with a portable version and a screensaver utility with hotkeys to lock your computer while you are away and to quickly shut it down during an emergency using the hotkey. The program features are simple but enough for all one needs, you get notified when contacts come online, conversations can be logged and there are smilies and a system tray icon with sound notifications, all of this can be configured within the settings. You can download SafetyJabber source code from the official website, checking that there is no backdoor and freely modify the code to add anything you want were you to have the skills for that.
The most appealing thing from SafetyJabber for me is that you can look at the source code, very important for a security product, and they use an encryption standard like OpenPGP. This messenger will make sure that nobody can read the IM conversations with your friends, the private encryption keys always remain in your power and are not stored anywhere else, the only downside is that if you would like to send encrypted files you will have to pay for the premium version.
