Category: Security

Computer Security

Share encrypted messages on social networks with Privly

Priv.ly is an open source project that allows you to communicate with others using the site of your choice while denying that site access to your data, everything is encrypted and shared through a link, the site can not be forced to reveal data it doesn’t hold and data retention won’t matter, by posting your messages through a link Google+, Twitter or Facebook will never have access to your private data. The messages will be automatically decrypted by people using the Privly browser addon making the process easy an automatic for everyone, only users whose public encryption key has been used to encrypt data will be able to read the message, it is possible to revoke access to a single user by not using his key and the content on the server can quickly be destroyed or changed.

At the moment Privly servers host the encryption keys to automate decryption and the extension pulls the encryption key and content off the server after your friend clicks on a Privly URL link, this makes the central server vulnerable to attack, there are future plans to change it by creating a P2P decentralized storage system making impossible even for Privly staff to read your messages, another vulnerability that the developers are working on is preventing the browser from caching encrypted messages.

Social network encrypted messages Priv.ly

Privly is an asymmetric public/private encryption key system, you could do this yourself encrypting your messages with PGP/GPG before posting them to a social network, Privly advantage over manual encryption is that it saves people time and makes the process easy by only needing a browser addon, their central delivery server also makes it possible to change or destroy a message after posting. You could try to achieve the same result using a self destructing messaging system but few of those services, if any, is open source. Privly is a good initiative to stop abusive social networks data retention policies and to stop censorship from software scanning the Internet for keywords.

The key for Privly to work is adopting a standard that everyone will understand as soon as they see it, in this case a URL, having too many ways of doing the same thing does not help spreading a technology, it all comes down to everyone agreeing on a system. You still have to solve the anonymity side of your messages as your computer IP is visible when you post a Privly link to a website.

Visit Privly homepage

Note: The project is still in development and might not be stable.

7 April, 2012
Free portable antivirus McAfee Stinger

McAfee Stinger does not need installation and can be run from a USB thumbdrive but it asks for administrator rights, this tool has not been designed as a replacement for a fully fledged antivirus, you could use it when you are travelling to check an Internet cafe computer before using it, McAfee Stinger is light on resources, small and fast. After executing it you can select a directory for scanning or scan the whole computer which took me 2 minutes for a 300GB hard drive, McAfee Stinger will scan subdirectories and compressed (.zip,.rar,.7zip) files too, if anything is detected you can choose to repair, rename, delete or report only.

Besides providing protection for travellers using unknown computers this tool can be used as a second opinion if you detect an anomaly, the first thing quality malware will do is to disable your local antivirus, that is why it is important to scan your files with two different antiviruses when something does not add up, as well as checking for outgoing Internet connections.

Portable antivirus McAfee Stinger

This tool scans the boot sector which is where rootkits tend to lodge, processes and registry are also scanned, with an heuristic check which sensitivity can be adjusted from Very low to Very high, the default is Medium. Heuristics is a system to detect antivirus like behaviour, meant to discover zero day never seen before threats. McAfee Stinger comes with a very limited list of virus signatures, around 4000, they can be seen by clicking where it says “List of viruses“, it is mostly made up of trojan horses, McAfee claims that it can remove prevalent Fake Alert malware.

If you suspect your computer is infected you might want to check other software that McAfee’s has on its free tools page AntiMalware section, RootkitRemover and GetSusp, both directed at beginners and easy to use, good computer security is made up of layers, the more passive and active security layers you have the less chances of infection, another choice is to use an online antivirus if you are comfortable allowing access to your files.

Visit McAfee Stinger homepage

16 January, 2012
Uninstall a Windows program safely with iObit uninstaller

iObit uninstaller is a tool to help you get rid of junk left behind by uninstalled programs, some of its advantages over the standard Windows uninstaller is that it will scan the registry and hard drive to find invalid keys and leftover files, allows you to uninstall various program in batch mode using a single click, and it has a “Force Uninstall” mode to eliminate software not listed in the Windows Add/Remove control panel or if the original uninstaller no longer works, however this is not guaranteed to succeed all the time.

It’s tabbed interface classifies installed programs in “Windows Updates” ; “Rarely Used” ; “Large Programs” ; “Recently Installed” ; “Toolbars” and “All Programs“. This makes it very easy to find what you want to get rid of, an instant search box is also included, after using the Powerful Scan you will be presented with all the leftover files found and asked if you would like to erase them, anything you do is logged inside a text file accessible from the menu together with a shortcut to Windows Restore Point to reverse changes, iObit uninstaller will create a restore point every time you use the advanced uninstall mode.

iObit free Windows uninstaller

This program does not need installation and it can used in portable mode, it is a good tool to have for IT administrators, however, it requires administrator rights, unlike some of their competitors iObit uninstaller does not track what changes are made to your computer when you install software, the program is not as complete as Revo Uninstaller Pro, but it is free, if you are having problems eradicating a hard to go program it is well worth a try.

Visit iObit uninstaller homepage

13 January, 2012
Defeat trojan keyloggers with KeyScrambler

A keylogger is designed to capture every single keystroke you enter on your keyboard, it is one of the most effective ways to spy on someone and steal data, keyloggers are able to capture email passwords, credit card details and encrypted container passwords. The first line of defence to stop a keylogger from infecting your computer is a good antivirus, the second line of defence, once a keylogger has managed to make it into your computer, is to use a virtual keyboard but this will slow you down and is still vulnerable to trojan horses taking screenshots.

KeyScrambler defeats keyloggers by encrypting keystrokes at keyboard level using Blowfish-128bit and an asymmetric RSA 1024bit key, the space key is also encrypted, a malicious trojan horse capturing keystrokes will only manage to gather undecipherable data, there is no need to read anything to use KeyScrambler it allows the user to work as usual with no learning curve, a small green toolbar sits on top of the browser and automatically activates when you enter data confirming that it is working.

KeyScrambler toolbar

This program is ideal for protection against new sophisticated keyloggers not detected by any antivirus in the market, the kind of trojans state sponsored spy agencies use, anyone working in a financial environment should have a tool like this installed in their computer. The application could be improved with some antiscreen capturing feature, passwords are normally behind asterisks, but what you see on the screen could still be read through screenshots. KeyScrambler free version is very limited, it only works with Internet Explorer, Firefox and Flock, any browser addon like Lastpass password manager will also be supported. The paid for version of KeyScrambler version adds East Asian languages input, protects Windows Explorer, Windows logon screen and extra applications like the Opera browser, Safari, Chrome browser, Winrar, Notepad, iTunes, Filezilla, Truecrypt, Bestscrypt, LibreOffice, Skype, long etc .

KeyScrambler does not defeat hardware keyloggers it only starts working once the keystrokes have reached the Windows kernel working at driver level, in order for someone to install a hardware keylogger they will need physical access to the computer, most users are not at this level of risk, I think that this a good tool to have for high security environments.

Visit KeyScrambler homepage

7 January, 2012
Steganography software Cipher Image hides text in pictures

Cipher Image let’s you hide plain text inside photos, a process known as steganography, it can hide messages of up to 64Kb in size, quite a few pages of information, the text has to be typed into the program, Cipher Image can not hide attached files. The data is hidden by replacing image pixels that are similar to each other making it unnoticeable to the human eye, the messages are encrypted using 128-bit, there is no mention of the algorithm used for this, images can be saved in 7 different file formats (jpeg, Gif, Tiff, Paintbrush, Windows Bitmap and OS/2 Bitmap), the included password generator can produce a random pass, it is not configurable and I did not find it useful as it will be impossible to remember whichever pass it produces, there is the option of saving the password in a .txt file but I would not advise it if the data is important.

Cipher Image steganography software

You will get tooltips with instructions when you hoover your mouse over the buttons, make sure to read them as the interface is not very intuitive it is easy to get lost, I would classify this tool as an adequate steganography program for low security stuff, mainly because it is not open source, the developers are not well known and the password generator is quite lousy, my only concern was encryption about which there is little information other than to say it uses 128bit, but people really won’t be able to spot any hidden text and that is what steganography is about, ideal to deliver secret messages using your Flickr or Picasa account, if you haven’t got any security agency going after you this program will get the covert communications job done.

Visit Cipher Image homepage

6 January, 2012
Advanced SSH and SFTP client Bitvise Tunnelier

Bitvise Tunnelier is a highly configurable Windows SSH client supporting TCP/IP tunnelling, in between others, it can be used as alternative to PuTTY for port forwarding for anonymous Internet browsing hiding your computer IP and getting around filters, there is integrated support for HTTP and Socks proxies, auto-reconnect, graphical SFTP with passive and active mode, FTP to SFTP bridge, client to server/server to client port forwarding, enabling/disabling encryption algorithms for SSH sessions, and saving of profiles. Terminal emulation supports vt100, xterm and bvterm terminals, the most common protocols in SSH servers, there is colour support for xterm and bvterm, RSA/DSA public key authentication, scriptable with a command line remote execution client.

Optionally you can use Tunnelier in command line mode, this is normally use by IT administrators, it comes with flexible command lines able to load profiles on launching, it can be run in portable mode preventing any Windows registry changes. A .paf (PortableApps) and U3 (proprietary format specially designed for flash drives with the U3 Launchpad) portable Tunnelier made by users is available, though not supported by Bitvise.

Bitvise Tunnelier SSH client

The makers of this software also develop WinSSHD (a Windows SSH server), Bitvise Tunnelier comes with features to remotely control it, Tunnelier supports speeds of up to 5 MB/s when connected to a WinSSHD server. If you are wondering how you could use this software to browse the Internet or access your email through an encrypted tunnel, be aware you will need an SSH server for that, Tunnelier is the tool that will allow you to connect to the tunnel just like OpenVPN software is the tool to allow you to connect to a VPN server.

To get access to a SSH server for port forwarding, set up your own at home on a Windows computer with something like MobaSSH (not very difficult), learn Unix command line (advanced) and get a VPS, or find an SSH tunnel provider. I have used KiTTY and PuTTY to create SSH tunnels for Internet browsing and they both worked fine, but for high configuration and a nice GUI (interface), Tunnelier can not be beaten.

Note: Bitvise Tunnelier is free for personal use and limited use inside organizations.

Visit Bitvise Tunnelier homepage

3 January, 2012
Check your Internet browser security with Qualys’s BrowserCheck

Qualys Browsercheck is an online test run by a vulnerability assessment company (Qualys) that scans your Internet browser version and outdated plugins after visiting their website. In order to perform a security analysis you will be asked to install a browser plugin available for IE, Firefox and Chrome, that will show complete information about installed applications, like path and associated files. If you do not wish to install Qualys plugin you can opt for a quick online scan with limited information running in your browser, this will only check for browser version, Flash, Shockwave and Java.

The results are neatly presented with an easy to understand colour code, if something has been found to be outdated you will be given a link to the official site from where to download an updated patched version of the software. After the updates have been applied you should rescan your Internet browser again to make sure everything went smoothly.

Qualys Browsercheck security test

If you can not update one of the vulnerable plugins installed in your browser, it is possible to disable them going into browser settings. The vsecurity test (with the browser plugin) includes the most used applications, like Adobe Flash Player, Sun Java, Shockwave, Apple Quicktime, Real Player, Adobe Reader and Windows Media Player together with inherent OS software like security updates, firewall and antivirus. Qualys security check plugin only works when you visit their Browsercheck website, you can uninstall it once you are done with it.

The vulnerability test is also available for mobile devices like Android, iPhone and iPad as well as little known browsers like K-Meleon, Sleipnir, MineField and Maxthon. A BrowserCheck business edition with a unique URL for company employees allows network administrators to view detailed user browser vulnerabilities in the network. Data collected by Qualys in these security test is anonymized and statistically released showing which are the most outdated plugins on the Internet, according to this data, Java appears to be the most likely application to be run outdated, hence exposed to hacking attacks.

Visit Qualys BrowserCheck homepage

27 December, 2011