Metadata embedded in a document or media file can tell a lot about its author, creation time and date, original file author and modifications, location on a computer network where data was created, standards used and custom metadata can all be included in text documents, images, PDFs, spreadsheets, video files, music and others, most people are not even aware that they are leaking information in the documents they publish on the Internet and free tools like Metagoofil, included with Backtrack, can easily extract this metadata and expose who is behind certain document or image and where and when it was taken.
The Metadata Anonymisation Toolkit will remove all metadata in files leaving it empty, however watermarks or steganographic tags won’t be removed but unlike metadata being added by default by many utilities, like Microsoft Office adding author name and smartphones adding GPS coordinates in photographs, watermarks are not usually inadvertently added and the original author will likely be aware of their existence, often inserted to track down forbidden sharing of confidential documents or pre-release movie versions. Summing up, MAT will protect you from accidental metadata leakage but not from customized metadata specifically included to track down the author.
This software can be found in Tails, JonDo Live-CD and Debian Linux, if you need a Windows or MAC tool check my list of programs to edit Exif data.
These encryption adapters are not to be confused with encrypted USB thumbdrives, the dongles do not store any data themselves, they are are simple hardware devices with a cryptochip to perform the encryption process making data only accessible using the dongle.
The USB ciphering dongle sits in between a USB host (desktop computer) and a USB device (thumbdrive, external HDD, blu-ray, etc), encrypting all data going through it before writing everything on the external device, there is no need to install drivers and no software is involved, encryption is hardware based with little performance issues, the dongle will work in any operating system.
In addition to desktop computers these devices can be used to encrypt data in tablets and smartphones as long as a USB port is present
Enova Enigma USB
NIST (National Institute of Standards and Technology)/CSE (Communications Security Establishment) certified, using hardware AES-256 ECB/CBC encryption strength. Data written to the USB drive through the Enova Enigma dongle is automatically encrypted and decrypted when read out from the drive, requiring no additional hardware or software.
Enova Enigma USB encryption dongle
It works in Windows, Mac, Linux and Android but configuration can only be done in Windows and data can not be encrypted in place you will have to start from zero wiping everything. USB3 compliant, there is more than one model, AES128/256bit in ECB or CBC mode, Cipher Block Chaining with AES256 is the most secure dongle, all models are strong enough to withstand state sponsored attackers but AES256 in CBC mode should buy you more time in case of future cryptographic breakthroughs.
A recovery password of up to 32 characters can be set up and used if you lose the device. A “Write-Protect” function protects the USB stick from malware infections, FIPS 140-2 certification of the crypto module is in progress.
Hardware-based, FIPS-certified AES 256-bit encryption, strong enough to protect top secret information in Government agencies, it does not require software or driver installation, operating system agnostic (Windows, Mac, Linux, Solaris, BSD), it can encrypt Blu-Ray, DVD or CD discs using an external burner connected to the dongle.
It is not possible to encrypt content already in place, you will have to format the drive first and restore the data.
Addonics CipherUSB encryption adapter
CipherUSB can be daisy-chained, if you insert two or more devices together to encrypt a drive it will be impossible to decrypt it again unless it is using the same two chained devices, this allows you to split the decryption keys in between more than one person.
The enclosure is made of plastic but tamper resistant, preventing opening of the unit without destroying the plastic housing, a power/activity LED will show that everything is working as expected. There is no backdoor but you have the option of inserting a recovery password of up to 32 characters long, if you lose your device you can buy a new one and decrypt the data using this recovery password, if you do not set it up the data would remain undecipherable.
CipherUSB can be used for full disk encryption, including the Master Boot Record, encrypted disks will show as blank when viewed.
After looking at the specs, both encryption adapters are equally secure, certified and fast, there is little difference in between them, Enova Enigma has the unique “read only” feature that stops malware from installing into the USB but CipherUSB specifically mentions on its page that they have no backdoor, Enova Enigma does not confirm nor deny anything about backdoors, this is an important piece of information that all security vendors should make clearly visible.
I would probably go for CipherUSB if I had to buy one of them, CipherUSB is slightly cheaper and I would get peace of mind about no factory backdoors included.
Truecrack is an open source Linux only tool optimized with Nvidia Cuda (Compute Unified Device Architecture ) technology, a computing platform able to process queries in parallel that can be used to crack Truecrypt volumes greatly speeding up brute force attacks, Truecrack will only work if the volume has been encrypted with the default Truecrypt settings RIPEMD160 and XTS block cipher mode based on AES. The software can read a list of passwords from a text file or generate a list of possible passwords from a charset of symbols defined by the user, a dictionary attack of 10,000 possible passwords with a length of 10 characters each will take 11 minutes to execute on an Intel Core i7 computer CPU, the same list of possible passwords in GPU mode (Nvidia Cuda technology) only takes 30 seconds to execute.
Truecrack will open a Truecrypt volume and retrieve the masterkey from its header section checking the success of the deciphering operation, if the password is right or wrong, querying the true and crc32 fields.
Truecrack brute force Truecrypt
This is not the first tool designed to crack Truecrypt, while Truecrypt default settings are safe, for what I have seen in other similar tools they are all optimized to crack Truecrypt encryption having into account that the user did not change the default cipher (AES) or key derivation (RIPEMD160) and they do not work when keyfiles have been used. Choosing a strong passphrase should stop any brute force attack on your Truecrypt volume but if you would like to play the paranoid card it would be a good idea to change the default settings to something else, like a cascade algorithm, and add a keyfile.
OrangeWebsite is a hosting company specialised in free speech hosting with its headquarters and servers based in Iceland, their terms and conditions allow you to host any controversial material with the only exception of neonazi websites because ethnic agitation is a crime in Iceland and sites that promote potential harm to minors or link to child pornography. You are also allowed to run a tor proxy or VPN using one of their servers, their range of services embrace private whois domain registration (outside the USA), shared hosting for small businesses or personal websites, virtual servers and dedicated servers. Customers can sign up for hosting, affiliate program and domain registration anonymously, you will only be asked for your email address and Bitcoins will be used for payments.
I was given a package to test their services and I was quite pleased with everything, I have been using cPanel for years but I had not problem getting used to their ispCP (Internet Service Provider Control Panel) administration panel used to manage domains and files, it is more simple than cPanel and has less features but enough to get the job done, if you would like to install WordPress or a similar platform and do not know how to do it, you can request to have it installed for you at no extra cost when you order the hosting plan. The welcome email will include all the details you need to set your website, host IP to FTP files, DNS server for your domain and a URL to access webmail (RoundCube), one of the addresses is indicated as special access without leaving any logs.
OrangeWebsite hosting control panel
Backups are performed daily but the SQL database will have to be downloaded manually using using phpMyAdmin where the username is your database user and password is the database user password, one main difference to have into account in comparison with cPanel.
OrangeWebsite should fulfill the needs of those longing for reasonably priced offshore free speech hosting and/or privacy email service (hosted or forwarded) located outside the EU and USA, the best part is that they accept Bitcoin payments making anonymity easier to achieve cutting payment processing companies and their silly terms and conditions out of the equation, this hosting company should also be suitable for people in need of personalised in-house support as opposed to big hosting companies where customers are just a ticket number to the staff. It should not be difficult for a customer to contact OrangeWebsite CEO if you have to.
UPDATE 2013: OrangeWebsite is now using cPanel for webhosting.
Cain&Abel is a long standing password recovery tool that can sniff passwords from the network you are in, crack encrypted passwords using dictionary, brute force and cryptanalysis attacks, record VoIP conversations creating an MP3 audio file, reveal password boxes, analyse encrypted SSH and HTTPS connections and much more. The target public are security researchers, network administrators and IT teachers but it can also be exploited by the bad guys of course, the developer will not help in illegal activities.
I downloaded this program from the official site and AVG antivirus gave me a warning that the software contained a trojan horse, due to how password crackers work it is possible your antivirus will trigger a security warning too, it is up to you to decide what to do, I also got a popup warning from Cain&Abel saying that I had Windows firewall enabled and this would stop some features, implying that I should disable it for everything to work. You will be asked to optionally install WinPCap a packet capture library, without it Cain&Abel wireless packet sniffing won’t work.
Cain&Abel password cracker
How to record a VoIP call with Cain&Abel
To record a VoIP call with Cain&Abel go to “Configure“, click the “Sniffer” tab, select the network interface card from the list and save the settings, now go to the “Sniffer” tab in the main window choose “VoIP” and “Start Sniffing“, from now on any voice over IP call that goes through the network will be encrypted and saved as MP3, you will have to wait until enough traffic has been generated before being able to listen to the audio file.
The configuration window can also be used to create self-signed fake digital certificates, retrieve a digital certificate using a proxy with the “Certificates Collector” or launch an ARP (Arp Poison Routing) attack with a real or spoofed IP and MAC address. This free password cracker is one of the most complete available in the market and an excellent tool to learn about computer security, everything is easily classified in tabs “Decoders“, “Network“, “Sniffer“, “Cracker“, “Traceroute“, “CCDU“, “Wireless” and “Query“, each one of those tabs contains related extra options.
To use Cain&Abel you should have some computer security background, this is not a tool for the complete beginner, the most basic tool Cain&Abel includes is a Base64 password decoder going up to a WPA PSK (Pre-Shared Key) calculator and an RSA SecurID Token calculator, this is an excellent tool to find out about passwords, it contains a password decoder, cracker and dumper as well as hash calculators with support for Wifi for network monitoring.
Every time you create a document, take a digital photograph or edit a movie, hidden data called metadata will be embedded inside the file, that data can contain the author’s name, date, software or camera used, copyright notices and even GPS Geolocation showing the exact location where a photograph was taken. BatchPurifier is a tool to remove metadata from dozens of different files, the Lite version reviewed here only works with .jpeg images.
Metadata found on JPEG files
Camera manufacturers and image editing software companies can come up with their own proprietary metadata embedding system embodying anything the developer wants to your photographs, typically a digital JPEG image metadata will contain:
EXIF (Exchangeable Image File Format) data automatically added to photos by all digital cameras and some scanners, details stored in EXIF show the date and time a photo was taken, camera brand and model, hardware unique serial number, exact location if the camera had GPS enabled (i.e. iPhone), and a small thumbnail of the photo that sometimes is not updated by software after you edit the image leading to a possible recovery of the original file.
XMP (Extensible Metadata Platform) is added by software tools and it contains details given by the user, like keywords, notes, description and category.
ICC profile contains colour management data used to be able to view a photograph in another device with different specs.
BatchPurifier image metadata removal
BatchPurifier Lite has a five step wizard interface guiding you through the metadata removing process giving substantial information on a side bar about what each acronym means, you can choose to only remove part of the hidden data ticking a checkbox next to each attribute, at the end you will be given the choice to save the image as new or overwrite the original file. It is possible to remove thousands of images metadata at once adding multiple jpegs or a whole folder including subfolders and even compressed .zip files with images inside.
Optionally there is no need to open up the program to clear an image metadata, BatchPurifier integrates with Windows shell menu, advanced users can use BatchPurifier from command line integrating it with a script, this could be used for example to automatically get rid of all metadata in files stored inside a certain folder .
Mymail-Crypt is a Chrome browser addon to encrypt messages with GPG operating within Gmail webmail interface, the project aims to be OpenPGP compatible to be able to communicate with anybody using public key encryption even if they have different PGP or GPG software. After installing Mymail-Crypt you will have to generate your encryption keys, this can be done with the addon, entering a password is optional and highly recommended, if you don’t use a password anyone breaking into your Gmail account will be able to decrypt sign and encrypt messages supplanting your identity. Encryption keys can and must be backed up.
Mymail-Crypt is fairly easy to use, you will see a button in Gmail compose screen with the options “Encrypt and sign“, “Encrypt“, “Sign“. Received encrypted Gmail messages can be read using the drop down menu “Decrypt” option and entering your password.
MyMail-Crypt GPG Chrome Gmail
The project uses an OpenPGP open source library called Openpgp.js , it runs locally in JavaScript, messages are encrypted/decrypted in your browser. This addon will stop Google and others from reading your emails during transit but email drafts and decrypted autosaves will be saved in the clear to Gmail servers, encryption only takes places after you click on the “Encrypt” button, it will not protect you while you are composing the message, the developer also warns that it is possible for Gmail to get hold of the encryption password monitoring the user when he types it in.
Another way to encrypt Gmail messages with GPG is using Thunderbird and Enigmail but it won’t work for webmail, or obtaining a digital certificate for your email client.
