Hacker 10 – Security Hacker

Category: Security

Computer Security

  • MonkeySphere OpenPGP Web of Trust Certificate Authority

    MonkeySphere OpenPGP Web of Trust Certificate Authority

    MonkeySphere is a set of tools to securely exchange digital OpenPGP certifications, when faced with having to buy digital certificates from a expensive Certificate Authority with its own rules or offering non recognised digital certificates that will trigger a security warning, MonkeySphere allows administrators to create their own OpenPGP certificates, publish them to the web of trust for validation and certify it themselves. It can be used for https websites or SSH server authentication, it comes included with the Tails operating system set up to use Indymedia’s key server .onion hidden service (hkp://2eghzlv2wwcq7u7y.onion) using hkps:// and available through the internet on keys.indymedia.org, users can verify TLS certificates using MonkeySphere Firefox addon, compatible with other Mozilla based browsers like IceWeasel in Linux.

    Digital certificate browser warning
    Digital certificate browser warning

    Monkeysphere currently supports ssh and https and can be used for certificate revocation, expiration, ease of rekeying, etc.

    One problem with traditional Certificate Authorities is that their target is to make money and some companies are willing to cut in security and relax verification rules to achieve this, CAs also run in similar fashion to a cartel with the big Certificate Authorities recognised by major browsers charge exorbitant fees that only corporations can afford. The web of trust P2P model can provide an alternative but it is not extended enough to be reliable, therefore the best choice is a hybrid system and this is how MonkeySphere works, when you visit an https site with the Monkeysphere plugin installed in your browser if the X.509 digital certificate presented to you is not recognised by the browser validation will then be passed to MonkeySphere’s own validation agent avoiding a scary security warning.

    Visit MonkeySphere homepage

  • Send anonymous email through tor with TorBirdy

    Send anonymous email through tor with TorBirdy

    Using Thunderbird, a free open source email and Usenet client made by Mozilla, and the addon TorBirdy you can now send emails through the tor network, the addon will automatically connect to the tor proxy before login in and out of your email account to send SMTP email and retrieve new POP messages, as long as the chosen email provider does not block tor proxies. For extra security you might want to encrypt the email message, Torbirdy won’t do that for you.

    The addon uses SSL/TLS by default for both outgoing and incoming servers setting default server ports, IMAP push email, often used by advertisers, is disabled as it could expose your real IP. The email client itself is cross platform and has versions for Windows, Mac and Linux, forked Thunderbird versions like Ice Dove should also work with the Torbirdy addon, the anonymous live CD Tails has added Torbirdy to their list of future additions.

    TorBirdy Thunderbird anonymous email
    TorBirdy Thunderbird anonymous email

    The developers advice that users do not install any other Thunderbird addon that has not been reviewed by them together with Torbirdy as it could endanger anonymity. Since Thunderbird has a portable version that runs from a USB thumbdrive there is no reason why you should not be able to use Torbirdy as a portable email client to send anonymous messages, it might even get around public computer networks that block port 995 (POP) and 25 (SMTP). There are many free email services offering free SMTP but the sign up normally still has to be done using the web interface, needless to say that you should use tor for that.

    Note: This addon is still in development and might not be stable.

    Visit TorBirdy Thunderbird addon

  • Stop malware with Crystal Anti-Exploit Protection

    Stop malware with Crystal Anti-Exploit Protection

    Crystal Anti-Exploit Protection is a free utility to stop malware hijacking your computer, it will not replace your antivirus but act as a complement, the program will apply filters to your incoming and outgoing connections to decide if they should be allowed. Ironically enough my AVG antivirus flagged CrystalAEP as malware and I had to whitelist it.

    After launching CrystalAEP you will presented with a quick tutorial and asked to select all programs exposed to the Internet, like your Internet browser or messenger, CrystalAEP  will monitor them in real time, you can check what each program is doing in the alerts window, the default is set up at High Protection, programs security level can be individually modified using a level slider.

    Crystal Anti-Exploit Protection
    Crystal Anti-Exploit Protection

    CrystalAEP will stop malicious attacks carried out without user interaction, like a website instructing your Internet browser to load a module, but if you choose to willingly execute a process, i.e. download an unknow codec to see a cool video, then you will have to rely on your antivirus to pick that up. This program is targeted at advanced computer users, the expert mode has many configuration options that few people will understand, like DEP monitoring and COM/ActiveX monitoring, I would stick with the basic mode, it is adequate to stop malicious websites from exploiting software vulnerabilities.

    This tool consumes minimal resources and can be easily removed, it should help the computer paranoid, people visiting dodgy sites or those in high security environments to stop zero day exploits.

    Visit CrystalAEP homepage

  • Best Firefox addons for computer privacy and security

    Best Firefox addons for computer privacy and security

    Security Sanitizer: It will securely wipe your Internet browser cache, history, cookies, download&search list and saved passwords using the US DoD 5220 algorithm (3 passes) or a single pass overwriting.

    Encrypted Communication: It encrypts text messages password protecting them, the receiver will need to have the same addon installed and know the password. And easy way for low security email communications.

    Click&Clean: A one click Firefox browser addon to erase all temporary files, remove download files history, clean cookies, typed URLs, Flash Local Shared Objects and support for external erasers like Wise Cleaner and BleachBit.

    Tamper Data: For advanced Internet users wanting to view and modify HTTP/HTTPS headers and post parameters. Very useful to monitor traffic and see what data is being sent and received through Firefox.

    TamperData Firefox addon
    TamperData Firefox addon

    Ghostery: It reveals the companies that track you around the web when you visit a website and allows you to block the trackers giving the user ultimate control on what company cookies are blocked and which ones are allowed to prevail.

    Certificate Patrol: Shows what digital certificates have recently been updated to help the user decide if the change is legitimate. Helpful to stop websites with fake digital certificates, the user should have knowledge on how digital certificates work.

    BitDefender QuickScan: Online tool using cloud based antivirus services to quickly determine if a file is infected with malware, useful for a second antivirus opinion without having to install it in your computer.

    Browser Protect: Anti-hijacking extension to protect your browser from home page changes and  toolbars/search engine additions, protection level can be customized from high to low and URLs can be whitelisted.

    Stealthy: Fast proxy finder to hide your computer IP, it can be useful to access services only available in the US (Slacker Radio, CWTV), access banned websites like Facebook or fake your geolocation.

    Stealthy Firefox addon
    Stealthy Firefox addon

    LeetKey: It can encode plain text into L337, ROT13, BASE64, HEX, URL, BIN, DES, AES, Morse or DVORAK keyboard layout, it could be used to maintain private conversations on social networks or forums posting ciphered messages.

    KeeFox: A companion addon for KeePass password manager, KeeFox will connect to the password manager database and automatically fill in forms and password fields, automatically adding new entries to KeePass.

  • Review US anti-censorship proxy FreeGate

    Review US anti-censorship proxy FreeGate

    Freegate is a proxy software to enable people living in a country that censors the Internet to circumvent ISP filtering, it is one of the most used proxies in China and it is  hosted in hundreds of dynamic mirrors to outsmart the Chinese authorities, you can also request a download link emailed to you as FreeGate website is obviously blocked in China. The proxy was initially created by Falung Gong followers (a spiritual discipline banned in China), developed and maintained by Dynamic Internet Technology Inc. and it receives funding from non-profit American organizations, including the US Government.

    The project uses Hurricane Electric servers in California, you will get an US IP in that state when you use it, I had no problems watching Hulu (restricted to US residents) and listening to Pandora radio with FreeGate, at the time of my testing I was getting 1.5Mbp/s download speed, enough for video streaming, there are various servers available, all of them in the US, it is easy to switch in between them. The software interface looks outdated but is easy to manage, it contains a few extra options like erasing Internet Explorer history when the program exits and setting up a list of websites to connect directly without using FreeGate, it comes preconfigured to connect to some of the most popular Chinese websites like Baidu, Taobao and any .cn site without a proxy, a hotkey can be set up to hide/show FreeGate.

    Free US anti-censorship proxy FreeGate
    Free US anti-censorship proxy FreeGate

    The program automatically opens up Internet Explorer after executing it, it is possible to configure it with other browsers but it requires some manual tweaking changing the browser network settings, or you could download Gproxy Firefox addon to help you manage and switch proxy settings. There is no need to install FreeGate in your computer, the software will run from inside a thumbdrive with a double click but I was asked for administrator rights to allow FreeGate to pass through the Windows firewall and execute Java.

    Using FreeGate will not offer you the same degree of anonymity that the tor proxy does but it is considerably faster, if all you care about is bypassing an Internet filter FreeGate works very well, just remember that it has been designed for users in China, while it works elsewhere the developers are developing this proxy as a China centred circumvention tool and I doubt they will attend feedback from someone in Europe complaining that the can’t watch a US only TV film, this is also not a VPN, the only connection that will go through the proxy is the Internet browsing, all other applications (IM, torrents,SMTP) will be using your home computer IP.

    Some people report that the software is flagged by their antivirus, I use AVG antivirus and I did not get any malware warning, the software does not contain any trojan but it works similarly like trojan horses do penetrating firewalls, just make sure you download it from an official link. FreeGate is a good tool to have if you are going to travel to China or any other country with Internet censorship, like Iran and Vietnam.

    Visit FreeGate homepage

  • Convergence, a digital Certificate Authority replacement

    Convergence, a digital Certificate Authority replacement

    Convergence is an open source project that wants to replace Certificate Authority organizations issuing standardized X.509 digital certificates and confirm that the company signing it is who they say they are, for which a fee is normally charged, it can be very expensive to get a reputable Certificate Authority  (i.e. Verisign, GeoTrust)  that is included in all major Internet browsers root to confirm your identity. There has also been instances in which a Certificate Authority has been hacked by criminals, and likely nation states, to sign their unauthorized digital certificates with the own CA private keys allowing them to launch man-in-the-middle attacks against which the user has no defense.

    It is possible for someone to create a self-signed digital certificate, or buy a cheap one from a small Certificate Authority, but this will cause the Internet browser to beam a security warning during the SSL handshake and it easily scares off people not familiar with computer security.

    Convergence P2P digital certificate authority replacement
    Convergence P2P digital certificate authority replacement

    Convergence allows people to configure a dynamic set of notaries that use the whole network to validate the communication, instead of having someone else telling you who to trust a whole set of users decide who is trustable.

    Anyone can run their own notary, the notary trust level can be set by the whole network of multiple notaries, information exchange is immediate and hides the user IP address, Convergence intends to eliminate the problem that comes with blindly trusting a single Certificate Authority and places trust in the hands of the whole community using the notaries network to check a digital certificate history before validating it, for this to work it will be necessary a large number of notaries.

    Visit Convergence homepage

    Note: Only available for Firefox users as an addon.

  • DeOps, a secure decentralized Instant Messenger

    DeOps, a secure decentralized Instant Messenger

    DeOps, Decentralized Operations, is a Windows P2P instant messenger for secure file sharing and chatting, unlike Windows Live Messenger or Yahoo! Messenger there is no central registration server where to recover data from, all of the settings are locally stored in your computer, communications are P2P and ports are chosen at random to avoid traffic fingerprinting. The messenger, a small 3MB download, doesn’t have to be installed,it can be run from inside a USB thumbdrive or encrypted container, copying the profile there will move all of your settings along the way. I noticed that Windows Firewall blocked me when I launched the application asking for confirmation that I wanted to grant Internet access to DeOps this means that in guest computers you might need administrator rights.

    After launching DeOps you can create a global ID and secret passphrase for your organization, DeOps calls every separate P2P network an “organization“, each one of them can contain multiple chatrooms and groups. A deops:// link composed of a long alphanumeric string will be created for your group, you can copy it to the clipboard and share it publicly or in private with prospective members, to join your new darknet people will need to know the passphrase together with the link, the passphrase can easily be changed by the group founder in the settings.

    If you want to join an existing organization open a .dop DeOps Identity file or copy and paste a deops:// link inside the Join Organization window.

    Decentralized P2P IM DeOps
    Decentralized P2P IM DeOps

    To add buddies to your IM list copy and paste their personal deops:// link  inside the add window, to share files with everyone in the group place them inside “My Shared Files” area where they can be marked as public to be found by anyone using DeOps or private to be shared with darknet friends only, it is possible to copy and paste into websites a unique deops:// link of each file to be downloaded by other people using the same P2P messenger, the files you are sharing will only be available while you are online, file transfers are automatically swarmed (multi-sourced) when multiple people are downloading the same file.

    DeOps organization types

    • Public: Anyone can join by entering deops://orgname
    • Private: Only those invited can join, utilizes the lookup network to aid in finding new members.
    • Secret: Same as private except the look up network is not utilized. Best for large networks and LANs.

    You can find the usual IM settings like ignoring people in the network or set your status to Available, Away or Invisible, advanced options have diagnostics to automatically configure your router opening the necessary ports, successful network connection is displayed with a green bar. The tools section includes a bandwidth graph, crawler, lookup, file transfer status, technical logs (called Internals), data packets details and a searcher to find users and organizations that have chosen to go public, the help manual is very basic and has not been finished yet.

    The software includes a DeOps Internet simulator able to create dummy users and networks for troubleshooting, I did not experience any kind of problem and had everything set up in under 5 minutes. The weak spot of this software is that you are not anonymous, no measures are taken to hide your IP from other users, if someone you are communicating with is not who you think they are (infiltration, kidnapping), your real identity would be compromised.

     Visit DeOps homepage

    Note: This software development is on-going.