iSafePDF is a free open source utility to encrypt, digitally sign and timestamp your PDF documents, after using it, the encrypted document will still be viewable with any PDF reader (if you know the password), the program is very easy to use, divided into tabs, each one of the tab can carry out a function, like encryption and digitally signing the document, there are additional security options to stop document printing and modification.
iSafePDF document digital signature
You can create a time stamped signature using a Time Stamping Authority (TSA), making your digital signature valid even if the certificate key expires, in the Document tab you can change the PDF MetaData information, like author, title, subject and keywords (to find the PDF easily).
This free software to encrypt and digitally sign PDF documents is portable, no installation is needed to use it, the only downside it is that documents can only be encrypted/digitally signed one at a time, it has no batch processing.
One of the most used online password managers, LastPass, winner of numerous IT awards, like PC Magazine editor’s choice and featured in IT podcasts like Security Now, is asking all its users to change their main account password after detecting an abnormal data transfer on their servers.
LastPass has noticed unexplained traffic and it is possible that encrypted data was pulled out from their database, the people who would be at risk in that scenario are those users using a weak password to log in, LastPass encryption algorithm is sound but using an easy to guess password makes it crackable using brute force attack, which consists in quickly trying all of the dictionary words in a matter of hours using specialist password cracking software.
Those using a weak easily guessed masterpassword stand a good chance to be affected, LastPass recommends all of its users to change their main password account, the amount of data transferred by the hackers appears to be enough to contain the user’s email and salted hashed (encrypted) password.
Is LastPass still secure?
The company is announcing the roll out of a one-way encryption algorithm even stronger than the one they are using, PBKDF2 using SHA-256 on the server with a 256-bit salt utilizing 100,000 rounds.
I would be concerned about about storing all of your passwords online, whether encrypted or not, breaking into LastPass, or any other online password manager, would mean a profit of millions of dollars for malicious hackers, just imagine what they could get, email accounts, online banking details, credit card numbers (stored in notes), date of birth and names (stored in profile), forum usernames for identity theft, etc.
I would imagine LastPass is pretty high in the list of targets for cybercriminals, my main concern with LastPass it is that like all of the online password managers out there, their PR claims that their servers are extremely secure, but even the USA Government secret services get hacked, I don’t think any server out there is 100% secure if it is connected to the Internet.
My other concern, with online password managers in general, not only LastPass, is that the company will have a personal interest in minimizing the incident, LastPass for example it is not even admitting they have been hacked.
Password security hacker
I doubt LastPass would come out public with this if they did not believe the chances of someone having hacked their servers were pretty high. Can hackers erase all of their IP traces or is LastPass unwilling to admit they have been hacked for certain? Whichever the case, poor log auditing or a company covering it up, the result it is the same, not trustworthy.
Every time I see a company with its user’s database compromised (Gawker, Sony, Lush, etc), I notice a total lack of transparency, you just have to sit down and trust that the company with a direct economical interest in not making fuss over the incident explains the details of what exactly happened and what security mistakes they did.
You should also be aware that due to all of the people login into LastPass at once to change their password the server could not handle it and it momentarily it blocked some user’s access, a Denial of Service attack locking you out of your password manager is another hazard you are exposed to by using an online password manager.
Online password manager alternative
The obvious LastPass, or any other online password manager, alternative it is an offline password manager, a good choice would be KeePass which is free and open source. By using KeePass you are making sure that you will be in control of you passwords database at all times, if you are a LastPass customer, read the instructions to import LastPass passwords into KeePass.
Nobody knows their exact date of death, as we invest time and money online storing digital data you should write a will including details on how to access your online account IDs and passwords alongside any offline financial bequeaths.
There are dozens of free services offered by third party companies, blogs, social networks, photo sharing, etc, nobody ever thinks about what will happen to that when you die, name in your will what social networks you belong to as this sometimes has sentimental value for family members, they might also have monetary value, email addresses used to recover a password could open the door to a Paypal or Alertpay account.
Hotmail: If you provide a death certificate and proof of power of attorney with a photocopy of your Government issued ID, Hotmail allows relatives to order a CD with all of the messages in the deceased user’s account, the email password account will not be provided.
Gmail: To get a copy of all of the messages in the user’s account you will need a death certificate, proof of power of attorney, photocopy of you Government issued ID and a copy of an e-mail the deceased has sent to the person making the request.
Yahoo Mail: Yahoo’s policy states that they will not grant access to a deceased users’ accounts unless there is a court order from a judge but the deceased user’s next of kin can ask for the account to be closed emailing them the death certificate.
Facebook: It will follow a family’s wishes to take down a deceased user’s profile or keep it in a memorial state removing status updates and only allowing those whom he/she had befriended to view the profile and post comments on it.
Flickr: If the account is open to the public Flickr will keep it up, any photos marked private will remain that way and family or friends will not be allowed to access them.
Gold treasure legacy
Many companies do not have a policy for when someone dies, it is always best that you always write in your will details of your valuable online assets, for example, if you have an online Casino account with money inside, or a Paypal account make sure your relatives know about it and they will be able to access the funds when you pass away.
To find more information about what requirements companies ask to access an online account of someone who has died visit the site below.
Digital cameras have a unique serial number, many cameras will embed this number in the digital photographs you take, more specifically it is included in what it is know as the EXIF (Exchangeable Image File Format) data, other data is also included there like geolocation, camera model, data and time, author,etc.
Not all digital cameras store the camera’s serial number in the photographs, this will not work for everyone, it is also possible to erase or fake the EXIF metadata, Facebook for example, will automatically strip the EXIF data from pictures uploaded to your account, erasing EXIF data takes times and many people do not bother with it or just don’t know how to do it.
Stolen Camera Finder is a website that will search pictures on the web taken with your camera, they do this by looking at the camera’s unique serial number stored in the pictures.
An Eye-Fi card is composed of a memory card with wireless capabilities, it will upload all of your photos online automatically as soon as it detects an open Wifi access point in range, best of all, an Eye-Fi card will automatically tag your pictures and videos geographically with the details of the exact location where they have been taken.
If your camera has been lost or stolen look at your online photo account, e.g. Flickr, SmugMug, to see if any pictures have been uploaded there recently, then look at the metadata (EXIF) and you will have not only the thief photographs but also the location of where the photos where taken, you should facilitate this information to the police for them to follow it up.
One problem you will find is that most Wi-fi access points need a password and if your Eye-Fi card has not been configured to use it it won’t be able to access the Internet, it can be solved buying a high end digital camera with built-in 3G the latest Eye-Fi cards can be made to work with it an upload the photos using your camera built-in 3G Internet.
Journalists and bloggers living in dangerous places will also appreciate the ability to upload their photos online instantly while erasing the pictures from their digital camera memory card just a couple minutes after they have been taken.
Death it is not a possibility but a certain fact that only depends on when and not if, it makes sense to prepare a list of all your valuable online accounts like Paypal, Google account, Flickr, eBay, Amazon, Hotmail, domain registrar accounts, etc, for your loved ones.
You could store all of your digital accounts user names and passwords inside an encrypted file and tell your next of kin what the password is, with instructions to open it up and seize your digital accounts after you die, or you could use an online trustee that will take care of all of your digital assets and pass them on to your selected beneficiaries.
The companies managing your online accounts will verify that you have died before carrying out any instructions, you can leave a last email to be sent after your death, including attachments with photos or documents, some trustee services can be directed to update your social media accounts (Facebook, LinkedIn, Twitter, Flickr, etc) announcing you have died.
Online legacy companies
AfterSteps: They will send you a detailed planning guide to understand how everything works, you can upload any digital document and receive reminders about your progress completing the whole process. The company guarantees that your end of life plan will be received by your designated verifier, usually a family member or loved one, after you pass away.
Digital legacy services AfterSteps
Legacy Locker: After human verification process of your death or incapacitation, Legacy Locker will grant access to your loved ones to your digital accounts and digital documents or photos stored with them, until then, all of your stored data is kept encrypted and nobody can access it, not even the company can view your data.
Legacy Locker online trustee after death
SecureSafe: Any online account with a password and a username can be left with SecureSafe, there are various plans available, the basic one transfers your passwords and usernames to your designated person after death verification.
SecureSafe online legacy services
AssetLock: It will organize all of the data you would like your family to know about if anything happened to you, this is not an online will but a digital assets manager that will pass on everything to your loved ones when you pass away, data is encrypted using AES 256bit. You should create various accounts and write down the credentials on your paper will for the benefactors to be able to log in and read the data.
AssetLock online digital assets
MyWonderfulLife: This service will help you plan your funeral online leaving letters for your loved ones and notes telling them where everything is located and what your last wishes are, you can even write your own orbituary after sharing stories and memories.
Software firewalls are most suitable for home users not running a network, they are installed in the operating system and only protect that particular machine, a software firewall will screen requests going in and out of the computer and determine whether the request between the client and the source is valid by looking at the predefined rules and verify the interaction.
For a software firewall to be effective, its configuration rules will need to be set up properly. One of the main differences between software firewalls and hardware firewalls is that software firewalls restrict Internet access by application and hardware firewalls work looking at the port and URL address.
Software firewall advantages:
Cheaper than a hardware firewall
Easier to configure than hardware firewalls
You can install a software firewall on a laptop and take it with you
Software firewalls application filtering makes them flexible
BitDefender Internet Security firewall
Software firewall disadvantages:
They don’t protect a whole network needing one copy for each computer
Software firewalls consume more CPU and memory resources than hardware firewalls
Software firewalls have less configuration options than hardware firewalls
Hardware firewall basics
A hardware firewalls is a device placed in between your computer and the Internet, they are harder to configure than software firewalls, the high end broadband routers can come with an embedded hardware firewall inside, these are targeted at the home user and much easier to set up than a proper hardware firewall for businesses.
Basic hardware firewalls use packet filtering, they scan packet headers to determine their source, origin and destination addresses, and whether the incoming traffic is related to an outgoing connection, such as a request for a website, this information is compared with the preset rules that determine whether the packet should be forwarded or blocked.
The most advanced hardware firewalls can do stateful packet inspection looking into the contents of the data packet and state of the connection allowing the firewall to make decisions about packets based on context as well as the defined rules.
Hardware firewall advantages:
A single hardware firewall can protect your entire network
They run on their own dedicated CPU and memory not taking away computer resources
Hardware firewalls can not be disabled by malware as easily as software firewalls can
A single hardware firewall can protect multiple computers not needing a license for each computer
Hardware firewalls still protect the computer when the operating system crashes
Hardware firewall WatchGuard XTM 2Series
Hardware firewall disadvantages:
A single router firewall is considerably more expensive than a license for a single software firewall
Hardware firewalls are more difficult to configure than software firewalls
Hardware firewalls need physical space where to install it and cable layout
A hardware firewall protecting the whole network will affect multiple computers if it fails
What firewall to use?
The average home user will be well protected with a software firewall, they are easier to manage and much cheaper in price than a dedicated hardware firewall. Large corporations and schools with big networks will need a hardware firewall as they are more cost effective, representing good value for money when defending a large network of computers and not having to pay licensing fees.
When you use a firewall you still need antivirus and antispyware software installed in your computer, a firewall will protect you from intrusions while an antivirus protects you from malicious code running inside your computer.
Your computer is open to attack from the moment you connect it to the Internet, even if you do not do anything with it, if the computer IP is visible on the Internet that is all that it is needed for a malicious hacker to attempt a break in.
A firewall is designed to shield a single computer or private network through a set rules that permit legitimate communications to pass and stops non authorized connections, firewalls regulate traffic in and out of the network using packet filtering, a proxy service or stateful inspection. A good firewall will deny unauthorized incoming requests probing all of your computer ports trying to find one of them open to launch an attack.
Companies dealing with highly confidential data, i.e. banks, implement strict firewall rules in their network only allowing employees access to one part of the network and stopping them from accessing sensitive areas. The most advanced firewalls have the ability to ban content based on the words used to perform a search, they also make use of updated URL blacklists containing unsuitable websites, these options are meant to stop network users from coming across inappropriate content and wasting time on non productive websites.
Simple firewall diagram
Home users tend to use software based firewalls, this is secure enough, schools and corporations with a large computer network will use a hardware based firewallnot having to install it on each one of the computers and being able to set it up inside a dedicated IT room instead of next to the computers.
How to Access Windows Firewall Settings
The Windows operating system included a built in firewall starting in Windows XP, to locate Windows Vista firewall go to Start(Windows logo)>Control panel>Security>Windows firewall>Change settings
Using Windows security control panel you can turn on and off your Windows firewall which is activated by default unless you change the setting during the operating system installation. The Windows built-in firewall is very basic and it lacks advanced configuration in comparison to third party software firewall packages, Windows firewall will only protect you from attacks coming from the outside, if a trojan manages to lodge in your computer and wants to send data from inside your computer to the outside world, Windows firewall will not warn you of the nasty outgoing connection.
To update Windows firewall you need to go to Start>All programs>Windows update, the Windows firewall updates itself using Windows update, it does not have any special update button.
Windows built-in firewall settings
If you install a second software firewall in your computer you should disable Windows built-in firewall, as their traffic filtering rules may conflict with each other, most software firewall will automatically disable Windows firewall during installation.
Most popular free firewalls
Agnitum Outpost Security Suite: Free lightweight all round security suite including antivirus, antispyware and antispam features, its default settings are enough for most users needing very little tweaking, for more information read my Outpost free Security Suite review.
Comodo firewall: Comodo firewall is available for download as a standalone program or bundled with Comodo Internet Security Suite, the later providing antivirus and anti-malware protection too. Comodo Firewall will cross-references any new software you download with a whitelist of over 15 million trusted files and applications.
Online Armor free firewall: It prevents and removes spyware, very easy to use without too many annoying popups, Online Armor guards itself and other software from tampering by third party applications and it dettects keyloggers.
ZoneAlarm firewall: This free firewall will resist malware attacks, its SmartDefence Advisor reduces the number of pop ups you get, comes with automatic Wi-Fi security setting activation, antiphishing protection, a toolbar, 2GB of online free storage, an antivirus and parental controls.
