Spy Pix is an steganographic tool to hide images inside others, the advantage over encryption is that while encrypted data indicates something of value being protected, by hiding data in plain sight an attacker would have to know first what he is looking for. This tool can be used to send secret messages to your friends, they will need to have SpyPix installed to reveal the hidden message.
The images are saved as .png (Portable Network Graphics), they could be uploaded to flickr or photobucket and your contact download it from anywhere in the world to decode it, the hidden image can contain a written message with instructions. This system avoids compromising your contacts, if your iPhone is seized by hostile authorities they could work out who you have been emailing with and follow the trail, uploading the image to a public website with thousands of visitors needs some guess work to find out who the receiver is.
iPhone steganography app SpyPix
Supporting for the built-in camera Spy Pix can use photographs you take as a carrier to hide other images, use a photo from your album or copy an image from another app, the photos can be easily blended using a slider that allows you to control end image quality, you can send them by email using a single button, the options aren’t amazing but they do everything you need and keeping it simple makes operating this app easy.
Spy Pix could be greatly improved if encryption was used and a password was asked to decipher the hidden image/message.
Developed by the US Air Force Software Protection Initiative, a unit building cost effective cyberdefences against nation-state class threats, Encryption Wizard is a portable program to encrypt files using AES128-bit. Java allows this tool to work across operating systems (Windows, Linux, Mac, Solaris), there is no need for administrator rights to execute it, Encryption Wizard can be carried in a USB thumbdrive.
Easy to use, dragging and dropping a file inside the window will start the wizard to secure your files, your password will be checked for dictionary words and you will be told how secure it is, a password generator showing the entropy bits is available in a different tab if you need it. After encryption the original files can be kept or securely wiped, additional options include encrypting your files with PKI/X509 digital certificates, or a smart card (CAC/ PIV) and you can choose to add metadata to an encrypted file which will help indexing software to locate it, right clicking on an encrypted file will also show its MD5 and SHA256 checksum hash, the developers claim that if anyone forgets the passphrase it is not possible to decrypt the file.
US Army Encryption Wizard
If you are going to encrypt multiple files you can compress an encrypt them in a single archive that will result in the extension .wza, individual encrypted files use .wzd, encrypted archives work the same way a password protected .rar file would, storing multiple files inside one. The software comes with a brilliant pdf help manual full of screenshots and clear instructions, there is no mention in the manual of being able to use Encryption Wizard to secure top secret documents, the manual recommends its use to encrypt financial information, send emails to soldiers and sharing files in between organizations using incompatible encryption solutions, it gave me the impression that it has been created to encrypt the day to day business of the private soldier (rosters, wages, assignments).
This tool is included in the US Army Lightweight Portable Security (LPS) secure Linux distribution and there is a Firefox addon to easily encrypt and decrypt files during upload/download. An Encryption Wizard Government Edition FIPS140-2 certified is available for US Federal Government employees and contractors.
Runscanner is a free antispyware utility that will scan your computer for all running processes, it can detect system changes made by malware, like startup programs that show advertisements and ransomware, page hijackers, accidental misconfiguration or garbage left behind by uninstalled software.
It only took a couple of minutes to scan my hard drive and all orphan files, registry keys and drivers, where clearly labelled in red making it easy to identify and select them for subsequent erasing. I could not see any evident false positive, only a few files that I did not know what they were for and I decided to keep them. Before deletion, using the “Fix it” button, you are given a clear warning about making sure you know what those files are.
In advanced mode you will also see a tab called “Extra stuff” where you can edit Windows host file (often modified to show adware), check autostart items, kill processes, see installed software, and restore Runscanner history backups. Reports, using its own .run file extension, can be saved an opened, the tabbed interface has other options like “Unrated items“, “Item fixer” and “Loaded modules“.
Free startup and hijack analyzer runscanner
The main window helps you distinguish files showing the item name, path, description, company and digital signer if any. When you find a suspicious item right clicking on it will allow you to submit the file for scanning to online antivirus “Virus Total” or look up the file MD5 at File advisor, Google or Runscanner database. Another button gives you quick access to a malware discussion forum where to ask questions.
The advanced mode is potentially dangerous unless you understand what many of the files showing up in the window are, deleting something by accident could render your computer unbootable or without Internet access, the beginner mode only has the “Scan” an “Update” buttons visible, with no tweaking options, making it very hard to cause damage.
Runscanner has many more features than the popular HiJackThis system analyzer, or Process Hacker, it is a good alternative to them and I would consider this tool for those who have already been infected or just want to make sure that everything is working as it should.
Metadata embedded in a document or media file can tell a lot about its author, creation time and date, original file author and modifications, location on a computer network where data was created, standards used and custom metadata can all be included in text documents, images, PDFs, spreadsheets, video files, music and others, most people are not even aware that they are leaking information in the documents they publish on the Internet and free tools like Metagoofil, included with Backtrack, can easily extract this metadata and expose who is behind certain document or image and where and when it was taken.
The Metadata Anonymisation Toolkit will remove all metadata in files leaving it empty, however watermarks or steganographic tags won’t be removed but unlike metadata being added by default by many utilities, like Microsoft Office adding author name and smartphones adding GPS coordinates in photographs, watermarks are not usually inadvertently added and the original author will likely be aware of their existence, often inserted to track down forbidden sharing of confidential documents or pre-release movie versions. Summing up, MAT will protect you from accidental metadata leakage but not from customized metadata specifically included to track down the author.
This software can be found in Tails, JonDo Live-CD and Debian Linux, if you need a Windows or MAC tool check my list of programs to edit Exif data.
Burner is an iPhone app allowing people to create as many disposable phone numbers as needed, the messages can be set to expire in a day, week or months and used to send and receive SMS, inbound calls or as voice mail, the caller ID will also be modified during outgoing calls and it can be replied to the disposable number. This app could be of use to post a throw away phone number to Craiglist or Facebook and wipe it if you get harassed or once the item has been sold.
Calls and messages go through your mobile network carrier but changing the sender ID so that it appears it came from your Burner disposable phone number, the receiver will be totally unaware and will not get any kind of warning about the sender using a disposable number. Burner interface allows you to organize your various disposable phone numbers creating new ones or erasing them. When a number is erased it will be gone for ever, future callers will hear an out-of-service message, the number could be recirculated again after a two week quarantine period.
Burner disposable phone number
Burner will keep logs associating your original phone number with the disposable one and disclosure it to US law enforcement agencies with a valid warrant, they do not say how long for logs are kept, terms and conditions also bar users from using Burner for “objectionable” activities, which could be anything they want.
Note: This is not a free app, only available in the US and Canada with future United Kingdom coverage planned.
These encryption adapters are not to be confused with encrypted USB thumbdrives, the dongles do not store any data themselves, they are are simple hardware devices with a cryptochip to perform the encryption process making data only accessible using the dongle.
The USB ciphering dongle sits in between a USB host (desktop computer) and a USB device (thumbdrive, external HDD, blu-ray, etc), encrypting all data going through it before writing everything on the external device, there is no need to install drivers and no software is involved, encryption is hardware based with little performance issues, the dongle will work in any operating system.
In addition to desktop computers these devices can be used to encrypt data in tablets and smartphones as long as a USB port is present
Enova Enigma USB
NIST (National Institute of Standards and Technology)/CSE (Communications Security Establishment) certified, using hardware AES-256 ECB/CBC encryption strength. Data written to the USB drive through the Enova Enigma dongle is automatically encrypted and decrypted when read out from the drive, requiring no additional hardware or software.
Enova Enigma USB encryption dongle
It works in Windows, Mac, Linux and Android but configuration can only be done in Windows and data can not be encrypted in place you will have to start from zero wiping everything. USB3 compliant, there is more than one model, AES128/256bit in ECB or CBC mode, Cipher Block Chaining with AES256 is the most secure dongle, all models are strong enough to withstand state sponsored attackers but AES256 in CBC mode should buy you more time in case of future cryptographic breakthroughs.
A recovery password of up to 32 characters can be set up and used if you lose the device. A “Write-Protect” function protects the USB stick from malware infections, FIPS 140-2 certification of the crypto module is in progress.
Hardware-based, FIPS-certified AES 256-bit encryption, strong enough to protect top secret information in Government agencies, it does not require software or driver installation, operating system agnostic (Windows, Mac, Linux, Solaris, BSD), it can encrypt Blu-Ray, DVD or CD discs using an external burner connected to the dongle.
It is not possible to encrypt content already in place, you will have to format the drive first and restore the data.
Addonics CipherUSB encryption adapter
CipherUSB can be daisy-chained, if you insert two or more devices together to encrypt a drive it will be impossible to decrypt it again unless it is using the same two chained devices, this allows you to split the decryption keys in between more than one person.
The enclosure is made of plastic but tamper resistant, preventing opening of the unit without destroying the plastic housing, a power/activity LED will show that everything is working as expected. There is no backdoor but you have the option of inserting a recovery password of up to 32 characters long, if you lose your device you can buy a new one and decrypt the data using this recovery password, if you do not set it up the data would remain undecipherable.
CipherUSB can be used for full disk encryption, including the Master Boot Record, encrypted disks will show as blank when viewed.
After looking at the specs, both encryption adapters are equally secure, certified and fast, there is little difference in between them, Enova Enigma has the unique “read only” feature that stops malware from installing into the USB but CipherUSB specifically mentions on its page that they have no backdoor, Enova Enigma does not confirm nor deny anything about backdoors, this is an important piece of information that all security vendors should make clearly visible.
I would probably go for CipherUSB if I had to buy one of them, CipherUSB is slightly cheaper and I would get peace of mind about no factory backdoors included.
Droidcat is a collection of security and penetration testing tools for security professionals, it includes packet sniffers, network tools, scripts and attack tools to check your own network security using an Android phone, the idea is to use a mobile phone as a penetration testing toolkit, source code is provided for review.
Droidcat Android PEN testing app
The developer’s plan is to compile a full suite of ethical hacking tools accessible using a single app, as more and more people start using smartphones this seems like a good idea , smartphones can be easily moved anywhere in a building inside your pocket taking advantage of Wifi proximity signal and people do not expect others to sniff passwords or run malicious scripts using a mobile phone.
