Hacker 10 – Security Hacker

Hacker10

  • Prevent identity theft and fraud with Identity Sweeper

    Prevent identity theft and fraud with Identity Sweeper

    With hard disks getting bigger in size and thousands of files in our computers it is easy to leave behind personal data that could be used for identity theft, Identity Finder renamed Identity Sweeper stops the risk of data leakage by finding and securing private information, it would be a good idea to run something like this on your hard disk before taking your laptop to the repair shop or allowing anyone who is not your family access to your computer.

    Identity Sweeper will scan your computer files searching credit card numbers, dates of birth, passwords, bank account numbers, driver license, phone numbers and other personal data that is often used by identity thieves, it can be used to search for country specific data like the Canadian SIN numbers, British NHS identification and Australian TFN account numbers.

    After the scan the software will show you all of the data it has found on a detailed preview pane with statistics and it will offer to securely wipe it using US Department of Defense standards (DOD 5220.22-M), any wrongly classified data can be filtered out from future scans by marking it as ignore, if you need to have the data in your computer you don’t necessarily have to erase it and can use Identity Sweeper to encrypt it, the applications integrates with Windows Explorer creating context menu options for easy access.

    Some of the locations that will be scanned for sensitive data include the Internet browser temporary files (IE and Firefox), cookies, messenger logs, text documents (.docx, .pdf, .txt, .rtf, .html), compressed files (.zip, .gzip, .rar, .bzip), email messages (Windows Mail, Thunderbird, Outlook Express) and others.

    Identity Finder credit card protection
    Identity Sweeper credit card protection

    Identity theft contains all of the tools that are needed by those not using full disk encryption, a secure data wiper, file encryption and a password manager with the ice on the cake being the hard disk scanning for unsecured data useful to identity thieves. The free edition of this software is pretty basic, it comes with a data shredder and it only scans for credit card numbers and passwords, if you want the whole suite with all of the features you will have to buy it.

    Visit Identity Sweeper homepage

  • Android SSH Tunnel hides your smartphone IP

    Android SSH Tunnel hides your smartphone IP

    You can surf the Internet anonymously using your Android phone installing this free open source app called SSH Tunnel, besides hiding your Android IP for privacy, if you live in China or any other country that censors the Internet, the SSH Tunnel will get around the filter.

    SSH Tunnel app has a very easy to use interface, you can create profiles and separate networks using different SSH settings, if you are concerned about privacy you can enable traffic tunneling of all of the installed Android apps (with root access), if you don’t have root access you can still configure single apps to proxy the data transmission, Internet browser being the most obvious.

    Android app SSH Tunnel
    Android app SSH Tunnel

    This app will work everywhere, but it has been designed with the intention to help people in countries with Internet filtering to get around it and it comes with a DNS Proxy to solve the DNS Pollution problem in China, it can also be used by people from outside the USA to listen to restricted music sites like Slacker Radio or Pandora, only available in North America, all you need besides this app is a SSH proxy server provider, most proxy services nowadays only offer VPN, there are few SSH tunnel providers left, one of them is VPNSecure, alternatively just get a shell account that allows SSH tunneling.

    Visit Android SSH Tunnel homepage

  • Types of Virtual Private Network protocols explained

    Types of Virtual Private Network protocols explained

    A VPN tunnel sets up an encrypted data connection in between your computer and a remote server, any request you make to download or upload data, like viewing a website or making an FTP transfer, will be routed through an encrypted tunnel stopping third parties from eavesdropping on the content, your own ISP will not be able to log and find out what sites you have visited, all they will see it is the address of the remote VPN server your are connecting to and the port used.

    Virtual Private Networks are often used by remote workers to connect to their company server and by home users who want to stop third parties monitoring them, VPNs get around Internet censorship, protect your Wifi connection at public computers and give you a different computer IP located where the VPN server resides.

    A Virtual Private Network can not speed up your Internet connection, it will limit the available bandwidth to that of the server, you will never get more bandwidth that the one the VPN server has available, if the VPN is located far away from your country the ping rate will suffer, for best performance, always try to use a VPN as close as possible to your home.

    Some insecure VPN protocols are used in conjunction with IPSec, a protocol to secure traffic on IP networks, IPSec will implement encryption and authentication in VPN protocols that lack it.

    Virtual Private Network different protocols

    Point-to-Point Tunneling Protocol (PPTP): Commonly used in Microsoft products, the PPTP protocol specification does not describe encryption and authentication, it simply tunnels the traffic. Microsoft runs an improved version of the PPTP protocol with encryption, supporting 40-bit and 128-bit, but numerous vulnerabilities have been found and  PPTP it is not considered secure, this protocol should be used as a last resort.

    Layer Two Tunneling Protocol (L2TP): An improved version of PPTP, not secure by itself but often implemented with IPsec, L2TP/IPsec encrypts the data transmission and also provides integrity. Some smartphones like the iPhone will not work with OpenVPN unless it has been jailbroken, you can use L2TP in those cases.

    VPN tunnel encryption
    VPN tunnel encryption

    Layer 2 Forwarding (L2F): Developed by Cisco, this tunnelling protocol does not provide encryption, L2F was designed to tunnel PPP traffic.

    Secure Socket Tunneling Protocol (SSTP): It encapsulates PPP or L2TP traffic through an SSL connection, supporting AES encryption, this protocol is only available in Windows since Windows Vista SP 1 version, it has been integrated into the remote access architecture of Windows, SSTP VPN tunnels can be established on top of IPv6 based networks.

    What is OpenVPN?

    OpenVPN is not a VPN protocol, it is an open source application to establish a VPN tunnel, it uses SSL/TLS encryption and it can get through firewalls.

    OpenVPN software uses a preshared key or digital certificate to authenticate with the VPN server, many VPN providers provide their own VPN client, this customized VPN software is based on the original open source OpenVPN program, the typical VPN provider adds some extra features, e.g. server location map, brands it with its name and makes an eye candy interface, the security and inner workings principles remain the same.

    Virtual Private Network and Email

    Because many VPN services provide a no logs service, some spammers take advantage of it to send mass emails, many VPN providers block sending of SMPT email through the tunnel.

    To stop spammers, VPN services allowing sending of email will limit the number of messages that can be sent in a given time, other VPN services will whitelist your chosen SMTP to allow that specific customer to send email through an specific service that it is not an open relay which is what spammers use most, a solution to send email through a VPN is to use webmail.

  • AES encryption algorithm security explained

    AES encryption algorithm security explained

    The Advanced Encryption Standard, aka AES, was selected by the National Institute of Standards and Technology (NIST) after a 5 year process in search of an encryption algorithm capable of protecting sensitive government informationwell into the next century and to replace the obsolete and aging Data Encryption Standard (DES) used until then.

    The AES cipher is now the standard symmetric-key encryption algorithm for the US Government, this encryption cipher was not only chosen for it’s security, AES arithmetic is based on XOR operations and bit shifts making it fast.

    AES is sometimes referred to as Rijndael, a wordplay based on the names of the two Belgian cryptographers who invented AES, Joan Daemen and Vincent Rijmen, strictly speaking Rijndael it is not the same because AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits and Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.

    Encrypted data
    Encrypted data

    The AES cipher has been approved by the NSA for encryption of TOP SECRET information but just using AES is not enough to make sure nobody can crack it, the implementation of the algorithm is important too, that is why the US Government announced that “The implementation of AES in products intended to protect national security systems and/or information must be reviewed and certified by NSA prior to their acquisition and use“.

    Encryption algorithm used by the US Government

    The US Government established that information classified as SECRET could be safeguarded using AES with key lengths of 128, 192 and 256 bits while TOP SECRET data must use AES with 192 or 256 bits key length, AES offers a sufficiently large number of possible key combinations to make a brute force attack – trying every possible key-  impractical for many decades.

    Technological advances, roughly, double the speed of computing processors every year, in a scenario where encryption software using the AES cipher has been correctly implemented, if the attacker were to be someone owning state sponsored resources, i.e. a large network of supercomputers, in theory, cracking AES encrypted data might be possible in around approximately 50 years at the earliest.

    Technical reading: NIST Computer Security Division

  • Free file encryption software BCArchive from Jetico

    Free file encryption software BCArchive from Jetico

    When you compress files you will be saving computer hard disk space, bandwidth and speeding up data transfers, file compression is useful to get around email maximum file attachments size too. Commendable file compression tools will allow for password protecting of compressed files, the most popular file compression software, WinZip and WinRar both have sound uncrackable file encryption protection, but they are not free, they show you a nagging screen asking you to buy the software.

    BCArchive is %100 free from day one and its encryption features beat WinZip and WinRar hands down, this file compression and encryption tool is multilingual, available in Arabic, Chinese, German, Farsi, Russian, Spanish and Turkish, it creates its own .bca compressed encrypted file or a self extracting .exe for people without BCArchive installed to be able to decrypt it.

    BCArchive encryption key manager
    BCArchive encryption key manager

    BCArchive integrates nicely with Windows shell right click, encryption and compression of a file can be done using two mouse clicks, if you use a password that is too short the software will not allow you to encrypt the file forcing you to use a better passphrase, when using symmetric encryption you can choose what encryption algorithm to use, some of the available ones are IDEA, Blowfish 448, AES Rijndael, Serpent, Gost, Cast5 and 3DES, you can choose the hashing algorithm as well SHA1, SHA256, RIPEMD160 or MD5. BCArchive symetric encryption ciphers are all well known in the cryptography community and considered sound, the best is to stick to the defaults if you don’t know which one to use.

    It is possible to use asymmetric encryption with public and private secret encryption keys, you can create standard PKCS #12, X.509 public encryption keys within BCArchive key manager or import your own PGP keys created elsewhere, BC Keymanager allows you to import your PGP encryption keys directly from the Internet connecting to a PGP public key server.

    To encrypt files use the interface or drag and drop files inside the BCArchive window,  you can compress and encrypted files of up to 2 Terabytes in size. When you view files these are extracted to a temporary folder and securely wiped when the archive is closed, for those who are geeky, BCArchive can be run from the command line.

    BCArchive main features

    • Self-extracting of encrypted files
    • Drag and drop of files and Windows shell integration
    • PGP compatible asymmetric public/private encryption keys, RSA, ElGamal / Diffie-Hellman
    • Symmetric encryption ciphers, AES, Blowfish-448, IDEA, CAST5, GOST 28147-89 and 3DES
    • Secure hashing algorithms SHA-256, SHA-1, MD5 and RIPEMD-160
    • Data securely wiped from temporary folder after viewing

    Visit BCArchive homepage

  • Alqeda’s email communication system exposed

    Alqeda’s email communication system exposed

    The seizure of Bin Laden’s computer and posterior forensic analysis of his hard disk and USB memory sticks is starting to bear fruit, according to a counter terrorism official speaking anonymously with Associated Press, although Bin Laden had no phone or Internet access at his hide out, he would still send emails to others using intermediaries.

    Bin Laden himself would first write emails in his offline computer, save them to a thumbdrive and pass it on to a trusted courier who would then go miles away from Abbottabad to an Internet cafe and send the Al-Qaeda leader email messages copying and pasting them, that same courier would also save and copy all of the replies to Bin Laden onto a memory thumb drive and take them back to the compound for Bin Laden to read in his computer.

    The Navy SEALs reportedly gathered 100 flash memory drives after they killed bin Laden, containing thousands of email messages and hundreds of email addresses, expected to lead to a small flood of subpoenas to email providers demanding computer IP connection addresses, and account holder details.

    Al-Qaeda explosives training manual
    Al-Qaeda explosives training manual

    Al-Qaeda operatives are known to change their email addresses often, it is likely that many of those email addresses have already been closed down but email providers do not erase all of the data from their server straight away, it can be kept for years after the account has been closed down, most likely months thought, email contents are not typically stored, but the last connection IP address with time and date are. Bin Laden’s computer hard disk also contained a huge amount of electronic documents that are still being looked into by Arabic translators working for the US Government.

    Computer forensics Bin Laden computer

    Bin Laden’s computer forensic analysis could be carried out by the National Media Exploitation Center (NMEC) a little known Department of Defense organisation that is designated as “clearinghouse for processing DoD collected documents and media“, their priorities are likely to be to discover imminent plots and finding out Al-Qaeda operatives living in the USA.

    The most likely scenario is that a wide range standard law enforcement computer forensics software (Encase, FTK, Sleuthkit) will be used, they will not rely on just a single tool, assuming no encryption was used, the forensics software will first index everything on the machine allowing for quick manual searches of keywords, terrorists are known to use keywords for their targets and comrades, this makes law enforcement work much more difficult when documents are leaked and conversations overheard.

    Al-Qaeda encryption software

    The US Department of Defence isn’t revealing if Bin Laden was using any encryption, but it is known that a few years back Al-Qaeda supporters released via an Islamic forum called Al-Ekhlaasan an encryption program called Mujahideen Secrets 2, it was the second release of this encryption software targeted at Al-Qaeda supporters, it can encrypt emails, securely wipe data and encrypt text messages as ASCII for easy posting at bulletin boards and websites.

    This custom Al-Qaeda encryption tool, still used, provides different encryption algorithms, including AES,  and symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit), it can be run from a USB thumbdrive to be used from an internet cafe, there is no need to install it in your computer.

    Al-Qaeda encryption software Mojaheeden Secrets
    Al-Qaeda encryption software Mojaheeden Secrets

    As good as the Asrar al-Mujahideen encryption tool can be, one downside of using this custom tool to cipher messages is that the encrypted messages always start with the unique text: “#—Begin Al-Ekhlaas Network ASRAR El Moujahedeen V2.0 Public Key 2048 bit—” giving away that the user is likely an Al-Qaeda supporter since this encryption software is not publicly available for download.

    The Al-Malahem Media Foundation from Al-Qaeda in the Arabian Peninsula – AQAP, publishes an online English language magazine called Inspire Magazine that always ends with the a three different contact email addresses and a copy of their public encryption key created with Mujahedeen Secrets.

    Al-Qaeda in the Arabian Peninsula (Yemen) has proved itself an adaptable professional terrorist organization that ditched traceable mobile phones in favour of walkie-talkies and uses coded names, they routinely use encryption for emails when they must send them.

    A copy of Mujahedeen Secrets 2 encryption software with an English interface and Arabic instructions, can still be downloaded from the US Government funded Internet Archive website:
    http://ia600403.us.archive.org/33/items/Asrar-Mujahideen/new_asr_v2_4.rar

    The .rar file is password protected with: Asrar@_EkLaAs.TsG@[$^/!p@]z-2008

    UPDATE 2016: It has been recently confirmed in the news that Yahoo Mail acting under a secret US subpoena was mass scanning all email traffic in real time to detect messages containing the identifier header that this software adds and reporting them to law enforcement for further investigation.

    Reference: http://www.reuters.com/article/us-yahoo-nsa-order-idUSKCN12800D

  • List of free programs to edit digital images Exif data

    List of free programs to edit digital images Exif data

    When you take a photograph with a digital camera or edit it with a graphical editor, there will be data embedded in the image file, most smartphones also embed metadata in the pictures they take, this semi hidden data it is called Exif (EXchangeable Image File Format) data, Exif data is not exclusive of image files, it can also be found in audio and video files.

    In images, Exif data typically includes the date and time the picture was taken, type of camera and model, software used to edit the image, picture resolution, and if the device used to take the photograph has GPS capabilities, like the iPhone, it will also include the geographic coordinates of where the photograph was taken.

    How to view image data in Windows

    You can access image file Exif data in Windows locating the image file, right clicking on it and selecting “Properties” from the menu that appears, the “Advanced” tab of “Properties” shows further details, Windows does not show all of the embedded metadata on a file, a proper Exif data viewer will do.

    Digital photographs metadata, aka Exif data, can be read by software programs, if you open, edit and then save an image file with software that does not support metadata you risk losing it altogether.

    Exif data viewers

    Free Photo Viewer: Lightweight Exif data viewer that shows aperture, shutter speed, ISO value, camera model, focal length, time and date, flash settings, etc. IPTC comments are also supported and displayed, you can view all of that in full screen if you wish.

    InfanView: This small free photo viewer show Exif/IPTC/comments information from JPG files, the Exif data can not be edited but the IPTC and comments can, IrfanView plugins are available for download extending the photo viewer capabilities.

    Programs to edit and modify Exif data

    GeoSetter: Image utility that can read and most digital cameras RAW images, it shows existing geo coordinates and tracks on embedded Google Maps, Internet access needed. GeoSetter can change a digital image GPS coordinates, the date it was taken, IPTC data and much more.

    GeoSetter GPS Exif data
    GeoSetter GPS Exif data

    ExifDateChanger: It can change a digital image Exif date indicating when it was taken, the changes include minutes and seconds, it can rename files and captions. Exif Date Changer free version is  limited to JPG files, if you upgrade to the Pro version many other file extensions are supported for Exif editing.

    ExifEraser: Free lightweight software to erase all of your images Exif data, useful if you plan on posting them to the Internet and would like to erase personal details from your photos. Easy to use, lightweight, with no installation needed, it erases digital images EXIF/IPTC/XMP information.

    ExifPilot: It views images metadata directly in Windows explorer, you can edit and create digital images Exif, Exif GPS, and IPTC data. It can export and import EXIF and IPTC data to MS Excel, the free version can only edit one photograph at a time, to batch processing digital images Exif data you need to upgrade ExifPilot with a paid for plug-in.

    ExifPilot Exif image data editing
    ExifPilot Exif image data editing

    ExifTool: Platform independent command-line application for reading, writing, and editing meta information contained in digital images, audio and video files, it supports supports many different types of metadata including Exif, GPS, IPTC, XMP, JFIF, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP and ID3.

    PhotoME: Multilingual free metadata editor supporting all of the dominant digital camera brands, it shows information that the camera writes to the image file as well as information that can be calculated from the meta data, it can read ICC profile data, IPTC-NAA tags, Exif tags, GPS data, etc.

    PhotoME digital images Exif data editor
    PhotoME digital images Exif data editor