Your Ad Here

amazon

Monday 30 March 2009

USB Keys and security

The use of USB keys/sticks/drives has taken off with great enthusiasm. Thankfully, the use of floppy disks to transfer data has become more or less obsolete. However, most people are surprised to discover that their USB devices may be infected. This device is no different than the floppy disks of old. Furthermore, due to their small size, they are easily lost, misplaced or stolen. All the data is usually freely available for any person to access. For a start, run a rigorous antivirus scan on all your USB keys. Then start looking into password protecting them and finally encrypt the keys. I personally prefer AXcrypt for encrypting single files, mainly because it has the capability of encrypting a file and simultaneously creating an executable decryption file that requires a phrase to decrypt it. So if you are transferring a file to another person send the actual file and the phrase in two differentways at different times. The self decyption executeable has the added benefit that the recipient does not require the AXcrypt software installed on their computer. One word of warning though, Axcrypt does not have a backdoor ... AT ALL. If you encrypted a file, delete the original file and then forget the phrase ... you will never be able to get the data back.

To encrypt an entire drive/volume/usb key or the like, I prefer to use Truecrypt. This works well, should perhaps be used on all home systems that have any personal data on them. DO NOT encrypt your entire C DRIVE. The best solution for portable secure storage is to purchase USB keys with builtin encryption. I recommend that you seriously start investing in keys with encryption. It really is worth it. For daily use I use the Integral 1GB AT key with 256BIT AES Encryption. For something more robust I recommend using an Iron Key.

Common Sense and Caution must always be exercised.

Friday 27 March 2009

Phishing

What is phishing? It is a way of obtaining your details by deceiving you into thinking that you are entering them into a valid website. These websites are usually such good imitations of the originals, that most web users will easily be deceived. Espaecially as the website you see, mimics the website you expect to see. However, help is at hand. Most browsers do incorporate and anti-phishing element and if activated, this will flag up a warning to indicate that this site is dangerous.

Although this is useful, it is not infallible and further precautions should be taken. One such precaution is based on your ability to detect such sites where the browser has failed. Phishing sites are usually easy to detect if you know what to look for, and the URL's listed below are possibly the most valuable and informative that I have come across in a long time.

Perhaps we should be publicising Anti-phishing Phil. This is a website that teaches through the medium of play. Play the game and you will learn how to spot phishing URL's.

http://cups.cs.cmu.edu/antiphishing_phil/


http://wombatsecurity.com/antiphishing_phil/index.html



As always, please be cautious and apply common sense to your browsing and web usage.

Wednesday 25 March 2009

Business cards

Think about this for a while. The humble business card, paraded and deposited everywhere, offers a wealth of information to those intent on stealing an identity. What information does your business card hold about you?

1) your name
2) your employer's name
3) your contact details (telephone numbers, website URLs, email address, etc.)
4) your job title

and on some business cards, the following may be found
5) your education (for example, what degree you have and from where you have it)
6) the region for your employment activities (such as, Yorkshire Regional Manager)


How much more information would I need to be able to create a false identity? Ask yourself this question. These cards hold a wealth of information, and if the are distributed randomly to every person you see, you may inadvertently hand this information directly into the paws of an identity thief. Furthermore, even more information will be gleaned if the latter is done, because suddenly the thief has extra information to create a convincing false identity. Now they have your ethnic origin, regional dialect, know whether you are married or single, wear spectacles or use a walking stick. Get the picture?

The point I am trying to make is, use your business card wisely. Don't stop using them, but be more cautious and discerning about the destination of these valuable bits of card. Furthermore, ensure that the person who receives your card, really does want it and will keep it safe. In fact, print on the reverse of the card the following message

"Dear Sir/Madam,

Should you no longer wish to retain this business card, may I respectfully request that you destroy this card in the interest of identity protection. Many thanks.


Yours Sincerely,


{your name}"

Be cautious and exercise common sense!

Sunday 22 March 2009

Good, bad and ugly passwords

A quick post about passwords only. Password theft is on the increase and weak passwords are going to cause you all sorts of trouble. A few simple rules will assist in making passwords harder to crack:
1) use letters and numbers
2) if possible use extra characters such as $, &, £, !, and so on (however, some websites do not allow their use)
3) use uppercase and lowercase interchangeably and frequently
4) use longer passwords, preferably more the 8 characters long (the longer the better)
5) never use dictionary based words, regardless of language
6) never use as a password anything that can be associated with you (for example, UK post code, etc.)

So what is an example of a good password? This one will take some time to crack

ijDl4uFpHC!

If you feel that this is too much effort, then use the PASSWORD GENERATOR on the home page of this blog as a STARTING POINT.

Most importantly, never share you password with anyone and make certain you are not being observed entering your password. There are ways cracker use to obtain passwords, such as using keystroke loggers, but this I will cover at a later date.

Be CAUTIOUS, use COMMON SENSE, and stay SAFE!

Friday 20 March 2009

IMPORTANT : DNSchanger threat

The DNSchanger threat is not new, but it has resurfaced and is still annoying and dangerous. To completely comprehend the severity of this threat, it is important to understand the what, how and why of DNS.

So, ... what is the DNS? DNS is geek speak for Domain Name System. This is a means of changing the meaningful names of websites, such as www.bbc.co.uk, into a numerical value understandable to the various networking equipment that constitute the infrastructure of any network, even the biggest network namely the internet. Essentially it is a database that is used to identify the elements of the network with the intention of discovering the destination, and the best route to this destination, for requests made. There is much more to DNS than can be dealt with by a blog, however, in this instance you now have enough information to understand the threat.

DHCP Is geek speak for Dynamic Host Configuration Protocol. When a computer is connected to a network or Wireless access point, It will require some settings to make it work, such an IP address, Gateway address and DNS server address. These elements are only some of the many that need to come together to permit working on a network. With the exception of Wireless, there are 2 ways of ensuring that the computer obtains these settings, namely static and dynamic. Static addresses are entered manually and are changeed manually, whereas dynamic addresses are not. In order to obtan the dynamic addresses, the newly attached computer must first be set to obtain these dynamically by enabling DHCP. Once this is done, the computer will then send a DHCP request to the DHCP server on that network. After various handshakes and authentications, the server issues all the details for the computer to use. This is called a DHCP lease. The computer is now configured to use all the proper addresses in ordser to work on the network. In an ideal world at least.

How is it done? DNSchanger is a trojan that installs itself onto a computer or other network device and waits for DNS and DHCP requests. When this trojan detects that a DHCP request has been made, it responds before the DHCP server can and issues a false DHCP lease. False because it sets up incorrect routes and destinations by claiming to be the DNS server. When the computer then requests a website, it is directed by the false DNS to go elsewhere. This is usually a website that closely matches the website that was initially requested. Some are so convincing that most people are fooled by them, however, if you scrutinize these sites, you will always discover something odd that gives it away.

Why is it done? These websites are desinged to log and grab all the details you enter, and thereby grant the malicious of this world access to your accounts. These websites are called phishing websites, and they fish for your personal data.

Keep your system and all anti-malware (anti-virus, anti-spam, etc.) completely up to date and also make a note of the following address range. DNS settings with this address range being used should be considered suspicious.

The range 85.112.0.0 to 85.127.255.254 possibly indicate a compromised computer.

Periodically, run a full antivirus scan with the latest definitions to ensure you remain safe.

As always ... be cautious and use your common sense.

Sunday 15 March 2009

Dangerous Software : Peer to Peer

Believe it or not, but peer-to-peer software is probably one of the most dangerous items of software you could possibly run on your computer. With this type of software the risk is not only in downloading material that has a copyright on it, but in either intentionally or unintentionally serving the same software. So, if caught, you will be prosecutable on three different counts, namely acquiring illegal software, owning illegal software and distributing illegal software. Each carries with it its own penalty.

But more importantly, peer-to-peer (or P2P, as the industry knows it) runs on insecure lines and protocols which could be intercepted by crackers (the proper term for those intent on gaining access to your system or information). P2P software is usually the easiest way for a cracker to gain entry into an other secure network. One particular way of doing this is by incorporating scripts which are tagged onto the files downloaded by the P2P user who is usually unaware of this malicious addition. This addition is usually, though not empirically, referred to as the payload. Once the payload has been downloaded all that remains is for it to be activated. Once activated, the script "phones home" and then the rest is history, so too is your data and your security. If you are connected to the network at you place of employment you should receive a hostile visit from your local System Administrator (SysAdmin). If you do this on your home computer, you may not realize for some time that your computer has been compromised. Sure, the use of an antivirus and antispyware is a very good first step, however, many compromises do not appear as spyware or a virus. Furthermore, as mentioned before, no antivirus protects you against all computer viruses running rampant on the internet.Likewise for spyware.

If you have been compromised, you will need an entirely new arsenal at your disposal, such as rootkit revealers and hidden process detectors. You may think that you do not use any P2P software, but SKYPE is just that and only secondly is it a way of making telephone calls on the internet. While you are phoning someone you are using very little bandwidth, but SKYPE uses the remainer of your bandwidth by making your computer a SUPERNODE. Nodes are essentially computers that are used to offer the quickest path between two computers that wish to transfer files to from one to the other. SUPERNODES are similar except that they are used by many computers to transfer files to many computers. In geek speak, your computer has become a hub, which means all incoming data will be broadcast on all connections made to your computer. Suddenly, your bandwidth diminishes, your storage space is reduced, your memory is clogged up and you experience a dramatic drop in the performance of your computer which only drops more as time passes. Does this sound familiar? I sincerely hope not! Yet if it does, You will need to perform the following in the following order to have anyhope of regaining control:
1) Disconnect your computer from all networks immediately,
2) Backup your data completely because you may lose it or have to proceed to step 6 below,
3) Remove ALL P2P software completely,
4) Run full antivirus and antispyware scans, and particularly not if anything odd happens (such as not completing the full scan, parts of the antivirus not working, or anything else).
5) Restart MS Windows system in safe mode and do step 4 above again,
6) Wipe your Hard Disk Drive and reinstall, from scratch, your operating system and non P2P software. Although this is here given as the final option and last resort, it is infact the best option from the start, however, it may not always be the most practical option.

The simplest solution is to avoid P2P software entirely. There is no safe P2P software, even if you use encryption. For further reading visit
http://www.roseindia.net/community/spyware/dangers_of_peer_to_peer_systems.shtml


Remember to always be cautious, and exercise common sense! This alone will make a huge difference.

Thursday 12 March 2009

Phone calls : please take care

Although it is becoming rare, there are still people answering phone calls with "8627995 Jason Hutchinson speaking!"

How about saying anything of the following
"hello"
"hullo"
"what"
"speak"
"this had better be good"
"if it is not urgent, ... make sure I never find you"
"I know what you are thinking ... and you are right"
"I do not suffer fools ... you have been warned!"
"this call is being traced ... you have 43 seconds ... make it good"
"What is your name and where are you calling from"
"If this is a cold call, then your number goes to the authorities"

Obviously these responses cannot be used continuously, but this is where caller ID comes in handy. Maybe you want to use these on your friends as gags, but the important point I am trying to make here is that you should not volunteer any information. If your bank has called you, then politely hangup and phone your local bank using a number that you KNOW belongs to them. I suggest the same for police stations and hospitals and so on. In the case of the last two examples, get as much information from them as possible and then phone back AFTER verifying the number using a directory service. The reason for this is that it may not be your local police department or hospital calling you. This may increase your bills, but this will still be cheaper than the misery you will experience once your identity has been stolen.

In the USA you can use http://phonenumbers.addresses.com/phone.php but in other countries try using you preferred search engine and type "reverse telephone number lookup" or variations on that. The point is that you should never trust incoming phone calls unless you know the source. "Phone spoofing", the jargon for this type of activity, has existed ever since the phone was invented in 1860 (by Antonio Meucci) ... Yes, I know that Alexander Graham Bell is always accredited with its invention, but he invented the telephone(in 1875) in its modern form which we recognise today.

Phone spoofing has always been easy, becausethe victim will never know
1) the location of the caller
2) the intention of the caller
3) the genuiness of the caller
4) and the inability to see the caller

The latter is very important because humans are very visually aware. We all, subconciously, read the expressions of people we see. This ability allows us to determine what state the person is in, ie. happy, sad, friendly, bent on malice, and so on. With telephones we lose this ability, and moreover, we also lose the ability hear the most subtle changes in speech and tone. For all these reasons, and many more, phone spoofing has a higher success rate than you may expect.

As usual, be cautious and apply common sense.

Sunday 8 March 2009

Minimum requirements for safer computing

Upon purchasing your computer, it is likely that you were told to invest in a good solid anti-virus and firewall package. It is even likely that you were told to download some form of spyware or malware removal tool. All these are the standard bits of advice given, and they are good, but undeniably not comprehensive enough.

The first thing you should remember is that any computer is only as safe as the latest updates and upgrades. For starters, keep your operating system fully patched with the latest updates. Do the same for the anti-virus, firewall and anti-spyware. These are usually divided into types of downloads, namely definition updates and engine upgrades. The former contains the actual signatures/definitions the the software uses to scan the computer for malicious software, and the latter includes bits code used to enhance the performance and functionality of the software that will search for malicious code. Thus, only by keeping both completely up to date, do you stand any chance of keeping yourself safe.

However, antivirus, firewall and antispyware alone will not guarantee that you will be safe from malicious code. Furthermore, no single antivirus package will provide you with protection from all the viruses on the internet. Installing a second antivirus onto the computer is always an option, but I would not recommend doing this because you will waste system resources and possibly cause your computer to enter into a nonrecoverable state. The same applies to firewalls and anti-spyware. Some reputable antivirus vendors do online scans of your computer for virus signatures. One such example is Panda Security, but other exist and here you need to exercise caution and only consider reputable vendors.

So what else can you do to secure yourself? Well, ... a great many things, but first and foremost you should remove ALL software that you are no longer using or ever will use. These programs that are no longer being used are also no longer being updated, which make them a serious security risk to you. Any software you use should be the latest version available, or at the very least a version that is still being supported by the manufacturer.

Most computers also run services and servers that are normally unnecessary and may safely be turned off or removed without altering your computing experience. If you are uncertain about which of these are not required then make Google your very best friend. Many of these services and servers are used to compromise your computer.

To complete the minimum requirements for safer computing, do the following:
  • ensure that ALL user accounts have a complex alphanumeric password
  • disable the guest and all unused accounts
  • never use the administrator account unless it is specifically required to make system wide alterations
  • periodically (usually once a week for daily users) FORCE updates on all software on your computer
  • NEVER open emails from origins unknown and especially NEVER open attachments BEFORE scanning them with an antivirus
  • Disable all autoruns and scripting (such as javascript)
Obviously there is always more you can do, but for now lets deal with things in bitesize chunks.

Always be cautious and use common sense!

Value your Identity

I will not beat around the bush. Your identity is the most valuable possession that you have. Most people will claim their loved ones are their most valued possessions, but they can hardly be your POSSESSIONS. Your identity on the other is most definitely your possession, but it is not so uniquely. Identity theft is growing and you should take all the warnings very seriously.

Identity theft is nothing new. It has existed since dawn of consciousness and will continue ad infinitum. The more complex we make identities to be stolen, the more ingenious those who wish to hijack our identities become. This is a vicious circle and it will get worse. The important thing to remember is that your identity is your most valuable possession. If it is stolen it will affect you, your family, your community AND your fellow citizens in adverse ways. I am not exaggerating these repercussions. They are very real.

Guarding your identity is difficult and complex, however, you can make an immediate positive step towards keeping your identity safe by the application of 2 fundamental qualities that you already possess, namely COMMON SENSE and CAUTION. These are things I cannot teach you. You already own them. What I will do is help you with the remaining bits that will help keep your identity safe.

Unfortunately, there is no single panacea available to combat identity theft. In fact, the identities of deceased people have been used, reused and abused. Furthermore, it is not confined to the Internet alone. Your household garbage bins hold a plethora of information about you and all other members of your household. What would you do if the identity of your children is stolen?

What makes matters worse is that in most countries, you are still responsible for all the mischief created using your identity. So here is the first bit of advice that you should follow! Purchase some comprehensive identity theft insurance as soon as possible. Make sure that this insurance covers the following
  • ALL your credit, debit and store cards
  • ALL your travel documents (passports, identity cards/documents, driver licence, etc.) and certificates (birth, marriage, driving licence, etc.)
  • Confidential records (employment, hospital, education, etc.)
  • Any other items that the above did not cover
  • Ensure that your insurance give you access to proper legal aid/advice
  • And above all ... ensure that this insurance covers you against all liability due to a misuse of your stolen identity and assigns a case worker to deal with it all on your behalf.
Be cautious and always use your common sense!