ADVERTISEMENT

Security

Security is one of the most significant considerations when owning any technology, as you can lose data and finance if not careful. You’ll find articles here that cover various apps and options, threats to browser and device security, and some tips.

Password Security: What Users Know and What They Actually Do

The study "password security: what users know and what they actually do" was conducted by the department of psychology from the Wichita State University. The study investigated the common password generation practices of online users. All participiants took part in a survey querying (1) the types and number of different password protected accounts maintained; (2) actual practices used in generating, storing and using passwords; (3) practices believed they should use in generating and storing passwords; and (4) general demographic information.

Hardware Keylogger

This little device has apparently been used to pull of one of the greatest bank heist in history. You attach this device to the keyboard cable at the back of the pc and it´s able to record 130000 keystrokes. The bank robbers installed this device inside the bank and got access to Sumitomo Bank's wire transfer capability. With all the information at their hand they proceeded to transfer more than 400 million $ to various foreign accounts.

bank secure website

How secure is my bank's website?

I don´t know a single large bank that does not offer its customers a way to use a website to do their transactions. There is unfortunatly no single standard set for bank websites and many companies tend to misjudge the importance of a secure website. The Secure Web Bank website did take a look at websites from US, Canadian and European institutes and check wether those provided a SSL Login page and Two Factor Auth for their customers.

True Crypt 4.2 released

You might know that I´am using True Crypt for some months now to encrypt and decrypt my entire removable hard disk that has 300 Gb capacity. All happens in realtime and I can´t see and witness any slowdowns so far. I´am able to download content to the drive with 14.2 Mbps and its working like every other hard disk. Yesterday a new True Crypt version was released and it has some amazing new features, let us take a look at some of them:

HTML Page Crashes Windows

Ok this seems to be serious. If you open a webpage that contains a certain html code your windows will crash. The html is looking like this:

netstat

Tracing a Hacker

Tracing a Hacker is a article aimed at beginners that want to learn the basics of finding out if there is someone connected to their system who should not be connected to it. It gives a rough introduction to some basic concepts like tcp/ip, ports and how hackers find their targets. This is a good read if you don´t know what they are about. After that Omar starts of by explaining the netstat command which lists all the sources that are connected or currently connecting to your computer. If you are running p2p software this can be a lot of connections. I suggest you start of by disabling most tools that you might be running while on the internet. So, no p2p, no messengers aso.

Charon 0.6 released

This is the follow up to the proxy filtering program Calamity. It provides a fully customisable way of filtering out unwanted proxies via control files, a proxy tester to check anonymity - and a fully functional search engine crawler to find lists of posted proxies. Included within the kit is a php checker which can be uploaded to your own webspace to spread the processor load and bandwidth of the actual testing. This is fully integrated into Charon where it will simply send your pages lists of proxies and harvest the results

microsoft windows malicious software removal tool

Microsoft Windows Malicious Software Removal Tool

A new version of the Microsoft Windows Malicious Software Removal Tool has been released as well yesterday. The new version is able to remove infections by specific prevalent malicious software. It´s able to detect 64 infections, that´s three more than the previous version. The three new infections that are detected are Locksky, Reatlle and Valla according to the german newsmag pcwelt.de.

ADVERTISEMENT

250 web proxies

Lots of people are demanding more proxy sites because many have already been banned by their school or workplace. It´s not easy to find new ones but maybe the list from econsulting might help you. They have a list of 250 web proxies that might not be banned. I think it´s worth a try if you are that desperate.

Home Network Router Security Secrets

Todays world is becoming a wireless one. If you signup for a new internet provider you have most of the time the choice of a modem that uses cables and one that is wireless. Now, most people tend to chose the wireless one because their homes don´t look that messy after all, cables everywhere seems to turn certain people off quite a bit.

Setting up your own proxy server

Lot´s of people complain that webproxys are not working at their works / schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free webhosting service that supports either php or cgi or b) your own website that is being hosted by a webhosting company.

ie proxy changer

IE Proxy Changer Program

I don´t think a lot of my visitors are still using the Microsoft Internet Explorer but there are some that do. My first advice would be to change the browser immediatly to firefox or opera, for those who are to lazy or have other reason to keep the insecure browser the IE Proxy Changer is a nice little addition to the internet explorer.

Password Recovery Speeds

Now this is an interesting analysis of password recovery speeds. It compares password length and chars used to the time different computers need to bruteforce the password, ranging from Class A (speed of a pentium 100) to Class F (supercomputers, large scale distribution) computers.

Altiris Software Virtualization Solution 2.0

I´ve written about virtual computers before and found a nice way program to make the same method available for virtual software installations. Altiris Software Virtualization Solution lets you install every kind of software in a protected environment that prevents access from this software to your core system. This is great if you want to try out some new alpha / beta software or software that you are suspicious about.

How to surf anonymously on the Internet

The question that many people ask is why would someone want to surf anonymously in the first place. Why would someone who does not do something illegal want to surf anonymously at all ? I can think of lots of reasons, here are a few:

10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery)

The guys of darknet.org.uk have posted a new article that lists the 10 best security live cd distros. Each distribution is introduced in a small paragraph and features links to the distributions homepage.

proxy

A new Proxylist

I found a new list of proxy sites, 300 in total. Should be something for everyone and I suppose you find some that work in your environment. Head over to proxylist.wordpress.com to check them out.

Windows Worms Door Cleaner

The little freeware application Windows Worms Door Cleaner has a very strange name if you ask me. It´s purpose is to disable certain services that worms rely on to attack your system.

Securing Your Web Browser

A cert.org guide that helps you configure your web browser for safer surfing. It starts with the question why you should secure your web browser and explains common web browser features like Java, ActiveX and Cookies. After that introduction the important part of the article begins with chapter 3 Vulnerabilities and Attack Vectors. Common vulnerabilities like Cross-Site Scripting, Spoofing and Cross-Zone and Cross-Domain Vulnerabilities. The article does not explain everything in great detail but provides links to a in depth explanation.

Dvd Rootkit on the way

Some weeks ago Sony made the attempt to protect the music from some of the cd´s they distribute by adding a rootkit software which would be installed if the user wanted to play the cd on his personal computer. The technique had its flaws and was only working on windows but it still ment that a rootkit was installed on the pc and other scripts could use this rootkit for malicious purposes. After a large outcry from the web community Sony decided to pull the cd´s from the shelves and offer a tool to uninstall the rootkit. (which you would only get through a long process)

Google copies your hard drive content

Breaking news from the electronic frontier foundation website which warns users to use a feature called Search Across Computers of the google desktop software. This feature apparently stores copies of documents, such as word, pdf or text, on googles own servers.

Building a better Password

Most people tend to use passwords that they can rememeber easily. If you take a deeper look many use the same password for most of their password protected activities which is a high security risk. Break one, get access to all.

11 things to do after a hack

Lets assume your system has been hacked. What steps would you undertake after the hacking attempt ? The article written at techtarget.com tries to answer the question and presents a checklist of things to do after being someone hacked into your system. Its more of a checklist for corporate networks than for individual computers but it would not hurt to take a look and probably get some new ideas that you did not think about.

Home PC Firewall Guide

I know that some of you are using a firewall and therefor the home pc firewall guide site might be worth a visit. The website has more sections than I can list here so i stick with some interesting ones and leave the rest to you. To start with a good one, Installig Security Products, a guide on how to install security type software on a new windows operating system.

cookies can be spyware

How to detect and remove spyware

This guide will provide you with the means to detect and remove spyware that is installed on your system. Before we start we should define the term spyware. There are different categories of spyware, like adware and malware, that make it difficulty for the user to distinguish between them and select the right tool for their removal.

How to Secure your Wireless Network

A friend of mine moved to a new house and had to change his internet provider as well. The room with the computer and the one with the phone line were not close to each other and he decided to buy a wireless lan router and use it to connect to the internet.

We had to do a scan of the surroundings of course and found lots of unsecured wireless lan networks. I don´t know why people keep these unsecured, maybe its laziness, maybe they simply don´t know the risks involved. Its like leaving your doors open when you leave your house. Lots of things can happen..

Securing your PC with True Crypt

Only a few days ago I wrote a first small article about true crypt and recommended it. Back then I bought a usb 2.0 hard drive with 300 GB capacity and encrypted its entire partition with true crypt. This was done to test the programs functionality but also to see if it would slow down my main computer (athlon 64 3000+, 1 gb ram).

To my great suprise it did not slow down the pc and I decided to expand the encryption to cover all my hard drives. Let me tell you why and how i did this and why you should also be considering this.

Clam Win Antivirus

After a lot of people told me that I forgot one of the best anti-virus freeware products out there I decided to take a look at Clam Win to get a better judgement on the claims made. The good thing besides that its free is that it´s also Open Source which makes it more transparent than the rest of the free antivirus programs.

94 Essential Tips for Staying Safe

Pc Magazine wrote a article with such a long title that I had to cut it to make it fit, the article "Maximum Security: 94 Essential Tips for Staying Safe" has some useful tips for everyone that wants to have a secure as possible computer. They divided the article into several categories, system, networking and wireless, e-mail, Web surfing, malware, and mobile.

Beginners Guide to Securing a Pc

You´d probably heard this before. Everyone should secure his personal computer. You read stories like this in every other computer mag, your geeky friends probably tell you the same and even name some programs that you should use because they are the best and most secure. I know that you would like to have a secure computer, well a secured computer, there is nothing like 100% security if you are on a network or the internet. Keep that in mind.

Atelier Web Firewall Tester

Did you ever ask yourself if your firewall is secure enough for your internet activities ? The major concern nowadays is related to pieces of software installed in your computer which may contact and exchange information with the outside World without being authorized and noticed by you.

proxy november

Web Proxy List November 2005

Its always a good idea to have some web proxies at hand. You can use them to hide your own ip when you navigate to a site that should not have your IP in their logs. You can use them to
bypass web restrictions / censorship from schools, universities and business and also use them if your country is one of those that likes to prevent its people from collection information on their own.

user-accounts

Change your Windows XP Password even though you can't remember it

I found an interesting article over at logicalexpressions.com that presents an astonishing solution if you have forgotten your windows xp password. This is clearly a security hole because everyone is able to change the passwords, the only requirement would be to have the original windows xp cd at hand.

prevent google analytics

Prevent Google Analytics from tracking your visit

Today google launched their free tracking tool for webmasters. It keeps track of visitor movements and clicks on the webmasters site. There are probably some visitors who don´t like their movements and clicks to be analyzed in detail.

How to remove the Sony - XCP DRM Rootkit

This article explains it all. It provides links to consumer made cd listings that contain the rootkit software, shows how cds with the rootkit software look like, explains how one can check his personal computer for the rootkit and finally gives a detailed walkthrough on how to remove the rootkit software manually from your computer.

Sony halts production of 'rootkit' CDs

After lots of controversy about their rootkit music cds Sony announced today that it will halt the production of rootkit music cds. It seems that consumer and media backlash finally paid off.

First Trojan using Sony DRM spotted

The first trojan using Sony´s rootkit software to hide itself has been discovered by anti-virus companies.

Sony and the rootkit, the story continues

The news spread like fire last week: Sony has a installer on some of their music cd´s that might install a rootkit on customers pc´s if they put them into their personal computer. The rootkit software could not be uninstalled by normal means and has already been used by hackers to hide World of Warcraft cheat scripts from being detected by Blizzards Warden client.

online proxy

New online proxy.

Here is another of those online proxy sites that allow you to surf without revealing your ip at the destination site. Its available at xanproxy.be

Universal Music Group Music Cds may also install rootkits

And another player joins the rangs of the companies that might install spyware with their Music Cds when you put them into your pc drives. "Fontana Distribution, part of Universal Music Group and distributors for Upstairs Records Inc., are encouraging the independent records labels they distribute to use content protection on their CDs. "Twelve Eighteen", featuring the hit song "Summer Nights", carries the same content protection currently being used by Sony BMG.

John Lopez of Upstairs Records commented: "we are very pleased with the seamless production of the album. The media player on the CD has a good user experience and we intend using the technology on more new releases."


SPREAD THE WORD

GHACKS NEWSLETTER SIGN UP

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up