Hacker10

List of the best free Spyware removal tools

Antispyware software should be used in conjunction with antivirus software and not as a replacement, antispyware and antivirus have different functions, antivirus software for example, does not warn you of tracking cookies, good antispyware software will not cause you any incompatibility when you run it alongside an antivirus the developers will have designed it with that in mind.

Free antimalware tools

SuperAntispyware: Light on system resources, it has been designed not to slow down your computer during spyware scanning, it works alongside anti-virus software without compatibility problems, a very thorough antispyware tool, scanning your files, computer memory and Registry, it’s custom scanning engine allows you to check external USB devices like thumbdrives for spyware and exclude folders you are known to be safe in order to speed up the antispyware scan.

SuperAntiSpyware menu screen

MalwareBytes: Multilingual antispyware software that can detect spyware before installation and remove it if the computer has already been infected, the free basic version is very limited, it has no real time protection and no heuristics against zero day threats.

SpywareBlaster: It prevents installation of spyware, adaware and other malware designed to get into your system and invade your privacy. It doesn’t use any significant CPU or computer memory and will not slow down your computer while it protects your Internet browsing session, capable of running along other antivirus and firewall software.

SpywareBlaster malware scan

Spybot Search&Destroy: This malware protection tool provides complete information on any spyware it finds, it works in the backgrouond protecting you against new threats not found by your antivirus software, in between others, it protects you against toolbars installing in your browser without your knowledge and homepage hijacking.

SpywareTerminator: Real time HIPS protection, after scanning your computer SpywareTerminator will show you a list with easy to understand information of all of the threats it has found, the entries are classified by risk level and the user can decide what has to be removed, integrated with ClamAV open source antivirus which is included with the antispyware software download.

Lavasoft Ad-Aware: The free version provides basic behaviour based heuristic technology able to detect zero day threats, rootkit removal, integrated with Windows Security Center, spyware scanning can be scheduled and customized pin-pointing Ad-Aware to single files or external hard drives, you can submit suspicious files to Lavasoft technicians for analysis with just a click.

Beware of fake antivirus and antispyware!

A well know multimillion scam is run by fake software pretending to be a legitimate spyware removal tool that is not able to detect anything and makes computer users believe that they have been infected by malware by showing them window replicating a computer scan with annoying popups and scary messages, in order to remove the non existent malware from the operating system the user must to buy an “upgraded” version of the software which then removes the fake malware warming message.

Fake spyware alert

Stay out of brands you know nothing about, if you believe your system has been infected by spyware do as much research as possible on the Internet about the kind of malware you have, before upgrading to any paid for software whose brand you know little about inquire around first and most important of all, never install any pirated antivirus software in your system or buy it from dodgy sources, not only the updates for counterfeit antivirus will eventually stop working, but most times warez cracked antivirus software also comes embedded with a virus.

18 June, 2011
Trusted Platform Module cryptochip explained

Trusted Platform Module hardware contains a built-in chip with cryptographic capabilities able to perform RSA 2048 bit public key encryption and decryption with its own internal hardware engine for SHA-1 hashing, the private encryption keys are created within the TPM chip and never exposed to outside elements, TPM chips are usually found in high end notebooks, many of the of laptops using a fingerprint reader to login are linked to the motherboard’s TPM security chip.

A Trusted Platform Module chip stores digital certificates some of which are file encryption and login authentication keys, the data can only be decrypted by the TPM chip itself, one of the requirements for a notebook to contain a TPM chip is that the chip has been permanently attached by soldering it down to the motherboard, tampering mechanisms, e.g. tampering proof tape, are recommended but not mandatory.

A TPM chip can optionally forge a key tied up to specific computer hardware, aka “sealing” a key, by creating a snapshop of the computer values and hashing them (aka checksum), where a TPM sealed key exists, every time the computer boots file hashes are compared and if they do not match the computer will not boot, removing the hard drive from the device and plugin it in somewhere else will make it unbootable.

Trusted Platform Module encryption diagram

How to enable a TPM security chip

Not all computers have a TPM chip, it is normally found in enterprise level laptops, most of them come with the Trusted Platform Module chip disabled by default, you will need to enable it in the BIOS.

To enter the BIOS click on Del or F2 (depending on BIOS brand) while rebooting the computer, the TPM chip settings are found under “Integrated Peripherals” or in a separate “Security Section” that some motherboards have, choose to enable it, save the BIOS settings and boot your operating system, you will now need to install the motherboard device driver for the TPM chip, the motherboard manufacturer provides you with it.

TPM chip security considerations

Full disk encryption software like Bitlocker and PGP Whole Disk Encryption can be used with a TPM chip, but some basic security measures must be taken, like establishing ownership of your TPM chip by setting up its own unique password totally independent of other passwords. Because the private encryption keys will be stored inside the TPM chip, if you replace the computer motherboard or reset it to factory settings you will no longer be able to access your fully encrypted operating system.

Embassy Trust Suite, a business security suite that comes with most Dell business computers and can implement full disk encryption, makes use of the TPM hardware chip to generate encryption keys.

17 June, 2011
List of programs for full disk encryption

If you encrypt your whole hard drive including your operating system you will not have to worry about wiping data, clearing the Internet browser cache, deleting temporary files and encrypting individual files, all you will have to worry about is choosing a strong passphrase that can not be broken using a brute force attack (trying dictionary words).

The only way to access a fully encrypted operating system is by getting access to the computer while it is switched on (decrytped), you will save lots of time if you decide to encrypt your full operating system, it is not difficult and there is free software for that. Windows Vista and 7 come with BitLocker Drive Encryption for full disk encryption but only the more expensive business high end editions do and it has been designed for businesses with few home user features.

Full disk encryption software without backdoor

Truecrypt (Free): It’s wizard driven menu will guide you through the whole encryption process, there are many algorithm choices, if you do not understand what they mean leave all of the default choices on, they are secure enough for everyone. Truecrypt can encrypt external devices, create virtual encrypted drives and create a hidden encrypted operating system, to be used if you are forced to give up the password.

You will find it easy to find support for Truecrypt at computer security forums and Usenet groups as it is one of the most used full disk encryption programs.

Truecrypt encryption algorithm

DiskCryptor (Free): Open source encryption software, it can encrypt partitions that have already data on them, it supports AES, Twofish and Serpent encryption algorithms, allows you to encrypt USB flash drives and external hard disks with automatic mounting, support for key files, option to place the boot loader on an external device.

DiskCryptor full disk encryption

Symantec Encryption Dekstop: (Over $200): Suite of encryption applications to fully encrypt your operating system, external drive, USB thumbdrive, email and AIM Instant Messenger using PGP encryption. Software includes a data shredder. This product appears targeted at businesses, optionally it can deployed in multiple workstations using a central server.

Symantec Encryption Desktop PGP

DriveCrypt Plus Pack: (Over $100): Whole operating system encryption with AES256-bit, no backdoor, it can hide an undetectable operating system in the hard drive free space, this is useful if someone forces you give up your password, they would not be able to prove a second operating system exists, it can be used in conjunction with USB tokens for preboot authentication, login preboot screen can be changed, you can create your own.

DriveCrypt Plus Pack encryption

SecureDoc WinMagic (Over $100): Encryption of laptops, USB devices and desktop computers using AES 256 bit, certified FIPS 140-2 Level 2, it supports multifactor authentication at preboot level, no backdoor but password recovery is possible if you set it up, available in various languages, extended audit logging make SecureDoc a good option for businesses.

SecureDoc WinMagic full disk encryption

Full disk encryption performance

I have been using full disk encryption for over 5 years, I have used DiskCryptor, Truecrypt and DriveCrypt Plus Pack, in all cases there has been no computer slowdown while I was using full disk encryption, even using it on a low performance netbook with an Intel Atom CPU showed no noticeable performance issue.

If you are a home user you do not need to worry about full disk encryption slowing down your computer activities, the software normally needs very low resources to run on.

15 June, 2011
Quickly lock Windows in your absence with WinLockr

This free open source application will quickly lock your Windows computer while you are away doing something else and do not want to switch off the computer.

WinLockr is an easy to use application that besides locking the screen, it will disable the mouse and keyboard for extra protection, a key combination enables it again. The locked screen is replete of appropriate details, informing the user at what time the computer screen was locked and the failed unlock and shutdown attempts, WinLockr also protects against computer shut-off. If someone discovers your password to unlock the computer it will not be enough, they will also need to know the key combination to activate the keyboard to enter it in the login screen.

WinLockr to lock Windows desktop

If you choose it, you can set up WinLockr to unlock and lock your computer using a USB key instead of a password this makes locking Windows very quick and impossible for others to see what password you typed in since there isn’t one. Windows accounts can be set up with a password and lock the screen while you go away but it doesn’t have all of the features that WinLockr has, if you work in an office environment you will be better off protected using it instead of the default Windows lock screen.

Visit WinLockr homepage

13 June, 2011
Digital certificate email encrytion with Comodo SecureEmail
Sending email via Gmail, Yahoo and Hotmail it is like sending a postcard, anyone who comes across it can read its contents, that includes your ISP and your email provider, Gmail even scans your email contents to introduce what they call relevant publicity, encrypting email messages is the only way to make sure that no third party can eavesdrop on your communications.

There are a few specialist webmail providers that use encryption end to end but you are trusting them with your encryption keys, in security you must trust as few people as it is possible, the more people has access to your private encryption keys the easier a data leakage will be.

Comodo SecureEmail works locally in your computer to send, receive and store encrypted emails, including attachments, it is easy to use and deploy, and free, you can digitally sign emails to confirming the sender’s identity, a digital signature is even harder to fake than a real life pen and paper signature. The software is compatible with Windows Live Mail, Thunderbird, Eudora and other IMAP and SMTP email clients. Comodo SecureEmail comes with a wizard to easily import a Comodo email certificate for encryption and digital signing, or just choose to import someone’s public encryption key instead.

Comodo Secure Email

If the receiver of the emails does not use Comodo SecureEmail he can still read the encrypted messages using a web based reader, the messages will be encrypted using a single use session digital certificate.

Comodo SecureEmail main features
- Easy to use for newbies with automatic encryption and decryption of emails
- It supports most email clients even if they haven’t got built-in encryption
- Wizard to install the necessary digital certificates to encrypt and digital sign messages
- Web reader service to decrypt messages encrypted using a single use digital certificate (aka session certificate)
This email encryption software is light in resources, a small 6.5MB download and it is very flexible, you will not have to swap email software, once the digital certificates have been installed the whole encryption process is automated without having to exchange public encryption keys, encrypting emails using a digital certificate is as secure as using PGP keys to secure messages and easier to use for newbies.

Visit Comodo SecureEmail homepage
12 June, 2011
Prevent identity theft and fraud with Identity Sweeper

With hard disks getting bigger in size and thousands of files in our computers it is easy to leave behind personal data that could be used for identity theft, ~~Identity Finder~~ renamed Identity Sweeper stops the risk of data leakage by finding and securing private information, it would be a good idea to run something like this on your hard disk before taking your laptop to the repair shop or allowing anyone who is not your family access to your computer.

Identity Sweeper will scan your computer files searching credit card numbers, dates of birth, passwords, bank account numbers, driver license, phone numbers and other personal data that is often used by identity thieves, it can be used to search for country specific data like the Canadian SIN numbers, British NHS identification and Australian TFN account numbers.

After the scan the software will show you all of the data it has found on a detailed preview pane with statistics and it will offer to securely wipe it using US Department of Defense standards (DOD 5220.22-M), any wrongly classified data can be filtered out from future scans by marking it as ignore, if you need to have the data in your computer you don’t necessarily have to erase it and can use Identity Sweeper to encrypt it, the applications integrates with Windows Explorer creating context menu options for easy access.

Some of the locations that will be scanned for sensitive data include the Internet browser temporary files (IE and Firefox), cookies, messenger logs, text documents (.docx, .pdf, .txt, .rtf, .html), compressed files (.zip, .gzip, .rar, .bzip), email messages (Windows Mail, Thunderbird, Outlook Express) and others.

Identity Sweeper credit card protection

Identity theft contains all of the tools that are needed by those not using full disk encryption, a secure data wiper, file encryption and a password manager with the ice on the cake being the hard disk scanning for unsecured data useful to identity thieves. The free edition of this software is pretty basic, it comes with a data shredder and it only scans for credit card numbers and passwords, if you want the whole suite with all of the features you will have to buy it.

Visit Identity Sweeper homepage

10 June, 2011
Android SSH Tunnel hides your smartphone IP

You can surf the Internet anonymously using your Android phone installing this free open source app called SSH Tunnel, besides hiding your Android IP for privacy, if you live in China or any other country that censors the Internet, the SSH Tunnel will get around the filter.

SSH Tunnel app has a very easy to use interface, you can create profiles and separate networks using different SSH settings, if you are concerned about privacy you can enable traffic tunneling of all of the installed Android apps (with root access), if you don’t have root access you can still configure single apps to proxy the data transmission, Internet browser being the most obvious.

Android app SSH Tunnel

This app will work everywhere, but it has been designed with the intention to help people in countries with Internet filtering to get around it and it comes with a DNS Proxy to solve the DNS Pollution problem in China, it can also be used by people from outside the USA to listen to restricted music sites like Slacker Radio or Pandora, only available in North America, all you need besides this app is a SSH proxy server provider, most proxy services nowadays only offer VPN, there are few SSH tunnel providers left, one of them is VPNSecure, alternatively just get a shell account that allows SSH tunneling.

Visit Android SSH Tunnel homepage

21 May, 2011