Hacker10

Secure operating system Qubes OS

Qubes OS is an open source desktop operating system from Polish security firm Invisible Things Lab, what makes this system more secure than other Linux distributions is that you can isolate components within disposable containers separating them from interaction with the rest of the OS. The distribution is based on Fedora Linux and runs virtualization software Xen Hypervisor to segregate applications assigning them to domains. The developers decided to use Xen over other virtualization software because its code is compact and easy to audit.

The user can define temporary coloured virtual machines for specific applications, for example, your email (Thunderbird), terminal (xterm) and web browser (Firefox) can all be contained within a virtual box, with one or more tools running inside each sandbox (called domain), if malware infects any of them it won’t spread to the OS and the domain can be restored to its original form. Qubes comes with KDE desktop, after logging in you will be shown Qubes VM manager listing the dom0 virtual machine, a default privileged Xen domain, and other virtual domains managing your network like netvm and firewallvm. If your network card drivers were to be compromised it would not affect the rest of the system integrity because networking has been virtualized.

Linux Qubes OS applications inside virtual machines

Qubes OS is a new approach to fight malware through easy to audit code, application isolation through virtualization and an easy to use graphical interface to segment the OS based on personal needs. You could sandbox your Internet browser with Qemu yourself or use Linux chroot to contain malware infections, but Qubes OS goes further than that, it virtualizes the whole OS, including network connection, firewall and external storage devices, it allows for advanced networking set ups based on different domain policies and the OS has been optimized to run lightweight virtual machines, Qubes OS principle is security by isolation, not the applications but the domains where the application dwells. This is not a veritable Linux operating system because it uses virtualization as its foundation with applications all virtualized in different compartments.

One downside to virtualization is that you will need a huge amount of RAM, Qubes OS developers advice a computer with a minimum of 4GB and a Solid State Disk which is faster to write and read than traditional drives albeit more expensive. Computer security is made up of layers and Quant OS does exactly that, it builds as many layers as possible to make an attacker’s life very difficult, this is a very powerful operating system for advanced users with a unique approach to computer security that should be implemented in any high security environment.

Visit Qubes OS homepage

6 December, 2012
Review Windows keylogger HeavenWard LightLogger

LightLogger HeavenWard is a keystroke monitoring tool marketed to parents to spy on their children computing activities. I was a little surprised that my Avast antivirus did not flag it as malware and allowed me to install it without any warning, only Comodo Firewall asked me for permission to execute the file and make some Windows changes but that is all. If you have administrator rights in the computer where you would like to install this keylogger there will be no problems, Windows uninstall menu did not show the keylogger program and the taskbar did not have any icon, but manually navigating to “Program Files” will show a folder named “HeavenWard/Lightlogger“.

Screenshots are saved inside a subfolder of “ProgramData“, used by Windows to store application settings, it is not possible for a user to manually navigate there unless you directly enter the path in Windows Explorer toolbar. The keylogger main window can be brought back from hiding using a configurable shortcut, make sure that to install it in your Windows administrator account and not your target’s account, you will be able to spy on computer guest accounts from within your own.

Windows keylogger HeavenWard LightLogger

The program is very complete when it comes to gathering data, you can see the list of visited websites, typed keystrokes that will include passwords entered in secure sites like email services and social networks, pasted clipboard content, programs run and timed screenshots that can be configured in quality and intervals, captured data is appended with the precise date and time of the event.

This keystroke monitoring tool could spy on your children’s computer activities as the developer says, the program could also be used against older people with a limited Windows account, but it can not be emailed to anyone, you will need physical access to the computer with administrator rights to install it and anyone with advanced computing knowledge and able to access an administrator account could see the traces left in Windows registry keys if they happen to like playing with it, the program makes no effort to hide its name (LightLogger) and the installation is done in the default Program Files folder.

I think that you can safely use this keylogger on anyone in the same computer who is using an account without administrator rights and not able to access Windows system files, otherwise, it would be too risky.

Note: This is not a free program, the trial version will show a pop up window every hour.

Visit HeavenWard LightLogger homepage

4 December, 2012
OpenPGP encrypted Instant Messenger SafetyJabber

SafetyJabber is a Jabber instant messenger with integrated encryption for Windows, Mac OS, iOS and Android. The messenger uses the XMPP transmission control protocol (TCP), an open standard developed by the Jabber open source community and compatible with any other of the bountiful IM clients supporting XMPP, this includes Google Talk, Jitsi, Pidgin, Trillian and Gibberbot, but not ICQ, Yahoo Messenger or Skype.

After the installation you will be asked to create a new PGP keypair or to import your own, key length can be up to 2048 bit and the encryption keys password is optional. If you are familiar with PGP encryption everything will be intuitive, otherwise you can watch one of the video tutorials in the developer’s site or read the included help manual with screenshots, there is a user support forum too but everything appears to be in Russian.

Before you can start chatting you will need to create a Jabber account first in any Jabber public server, a list can be found with a quick Internet search. Once you have registered for an account enter the given server settings in Accounts>Add, specifying to encrypt the connection with SSL or StartTLS, those details should be given to you during registration. The Advanced Setings button allows you to enter proxy details to connect to the server, this will hide your real computer IP from the Jabber server.

Encryption OpenPGP messenger SafetyJabber

The premium version version of this program removes an advertising banner, allows for bigger encryption keys of up to 4096 bit, comes with a portable version and a screensaver utility with hotkeys to lock your computer while you are away and to quickly shut it down during an emergency using the hotkey. The program features are simple but enough for all one needs, you get notified when contacts come online, conversations can be logged and there are smilies and a system tray icon with sound notifications, all of this can be configured within the settings. You can download SafetyJabber source code from the official website, checking that there is no backdoor and freely modify the code to add anything you want were you to have the skills for that.

The most appealing thing from SafetyJabber for me is that you can look at the source code, very important for a security product, and they use an encryption standard like OpenPGP. This messenger will make sure that nobody can read the IM conversations with your friends, the private encryption keys always remain in your power and are not stored anywhere else, the only downside is that if you would like to send encrypted files you will have to pay for the premium version.

Visit SafetyJabber homepage

30 November, 2012
OpenPGP webmail encryption with MailVelope

Mailvelope is a browser addon for Chrome and Firefox compatible with OpenPGP encryption standards, it will not only encrypt your webmail messages but also read any encrypted email you receive from people using different OpenPGP encryption software like Enigmail. The addon integrates directly into the browser and it comes preconfigured for use with the following email providers: Gmail, Yahoo Mail, Outlook.com and GMX. However it can be customized to work with any other webmail service and it also supports the RoundCube email software, frequently found in hosting companies offering email services with your domain name.

After installation you will be able to handle your public and private encryption keys, importing, exporting and generating keys. The user is always in possession of his encryption keys, no third party can be compelled to give them up and encryption is performed in your browser using javascript, the data never leaves your computer unencrypted. Using MailVelope interface you can send your public encryption key by email with a single click, or alternatively you could distribute your encryption key manually uploading it to a public keyserver. Encrypted emails can be composed in HTML or plain text, the feature that I liked the most is being able to send an encrypted email message to multiple recipients at once, for that to happen all that is needed is that the public encryption key of those who receive the email is available in your keyring.

MailVelope encrypted message

When you receive an encrypted message the addon will try and find the encryption key used to cipher the message in the keyring and prompt you for a password. Anyone familiar with the public/private key encryption scheme will find this addon a very easy way to encrypt and decrypt messages, it could also be used to post encrypted messages on any forum or Facebook if you want to. Being a browser addon means that it will work on any operating system and it can be added to a portable browser.

There are other free tools to encrypt webmail messages but this is one of the few that is not specific for a service and it will work with any webamil, together with the fact that MailVelope is an open source project using compliant OpenPGP standards makes this addon worthwhile to consider for those worrying about their personal messages travelling through the Internet like a postcard.

Visit MailVelope homepage

27 November, 2012
Post anonymous encrypted Twitter messages with AnonTwi

AnonTwi is an open source project to encrypt Twitter and Identi.ca public and private messages hiding the poster’s computer IP. The program interacts with Twitter API using SSL, which stops ISP eavesdropping for certain keywords, connection to Twitter servers can be anonymised with a socks or tor proxy and sending random HTTP header values. Long messages that do not fit in a single Tweet will be split, decryption of URLs and raw data is automatic for anyone using AnonTwi client, messages can be stored in your hard drive, even if Twitter deletes the account you would still be able to read the messages.

Encryption is performed with AES and SHA1, meant to be uncrackable if implemented correctly, since AnonTwi source code is available for download it can be checked for hidden backdoors and coding quality.

AnonTwi anonymous encrypted Twitter messages

Other privacy options include the possibility of sending fake GPS geolocation to appear that you tweeting from a different country, the client can be instructed to insert a random GPS value with each tweet, another choice called “suicide” will attempt to delete all of your tweets, private messages and close your account. AnonTwi supports UTF-8 and Unicode characters to write in Arabic or Chinese and post symbols with detailed colourful outputs, it works in Windows, Mac OS and Linux. Originally released as a command line only tool, it now has an interface that goes with it. You will need to get a Twitter API before you can use AnonTwi, this is not difficult, anyone can open a Twitter developers account and retrieve the API tokens with tor.

Normally you would want as many people as possible to read your Twitter messages, it is probably best to use this tool to simply hide your computer IP when posting public Tweets and keep the encrypted option for private messages only. The other part will need to know a previously agreed password before he can read encrypted communication.

Visit AnonTwi homepage

16 November, 2012
Remove Gmail advertisements with Gmelius

Gmelius is a cross browser (Opera,Firefox,Chrome,IE) extension to enhance your Gmail interface, after installing it you will be presented with a long list of settings with check boxes to easily decide what your webmail should look like. Other customizable options are removing chat and status of chat contacts, colourize navigation icons, remove People Widget, make header autoexpandable, apply the same font to all inbox messages and add attachment icons, to tweak these settings you just need to check or uncheck a tickbox.

Gmelius removes Gmail adverts

This extension will not stop Google email scanning your messages but by removing the advertisements, besides getting a better Gmail experience, you can get back at Google by depriving them of revenue earned invading your personal privacy. Nearly all free email services display advertisements of some kind but only the most busybody services like Gmail go to the extra length of scanning people’s personal messages.

If you care about privacy it’s best to use a different email service but if you are going to use Gmail because it has features you can not find elsewhere and you are not encrypting your messages removing advertisement will send Google a strong message about how relevant people think their adverts are.

Visit Gmelius homepage

13 November, 2012
Create your own Virtual Private Network with NeoRouter

Neorouter is a free application designed to remotely connect to other computers securely with just a couple of clicks and little configuration, it can be used to help a friend or family member troubleshoot computer problems giving you remote access to their machine or you can use it to connect to your home server or computer from work, to save in electrical bills the home computer can be left on standby and Neorouter will instruct it to wake up when you connect for the first time.

This VPN software allows you to bypass corporate firewalls that block P2P traffic, similar applications (e.g. Hamachi) get around firewalls routing traffic through a central server that can be at times slow depending on the number of users, Neorouter improves VPN speed relaying traffic through your router instead of a central server, it can be set up to use an HTTP or socks4/5 proxy server if necessary.

Private VPN network NeoRouter

The application is available for Windows, Mac, Linux, FreeBSD and Android, consisting of a client and a server that will work as a central hub creating a virtual LAN, the server can be set up on any router using open source firmware, like OpenWRT and Tomano. There is no limit to how many computers can be networked with this application creating a P2P friends only network where to share files, play games and communicate with each other in private, the connection will always be encrypted. Capabilities can be expanded with its built-in add-ons including VNC client, Telnet/SSH and SFTP, there is also a built-in firewall.

Travellers will be happy to know that you can download a portable Neorouter VPN client that can be run from within a USB thumbdrive and does not need administrator rights.

Visit Neorouter homepage

3 November, 2012