Wednesday, October 19, 2011

Encrypting your files

Encrypting your file system is a good way to prevent attacks from attacking the content of the file system externally where the contents are in encrypted form in the physical devices. The big trouble comes when your file system is decrypted at the moment when you are using the file system itself.


Below are some scenarios that would represent possible scenarios that I have mentioned.


Running your Operating System (OS) while some trojans managed to sneak into your OS. In such a case, even if you have a highly secure encrypted file system, the trojans present an insider threat as they exists within your file system and hide among your protected contents. No matter how strong your file system encryption is, these trojans existing inside your OS could simply grab your files (when you are using the OS, your file system is being decrypted and thus open to attack) that have been decrypted and send them to their owners.


Another scenario is when a user is being coerced into decrypted their entire file system for aggressors to obtain the plain form of the file system contents. File systems that have strategy to partition and trick aggressors via anonymity of ownership of the content (i.e. Rubberhose File System) could address such a problem.


As you can see, file system encryptions have the limitations of preventing people outside from looking into your file system content. I would not wholly ignore or condemn file system encryption as they are to me an external defensive wall.


I would recommend the use of "internal defense" by encrypting the files sitting inside your file system or devices that you think are important so in the events that a trojan slips in to harvest data on you, it would have a hard time decoding the "internally" encrypted files sitting in your file system. 


It would be better if you can encrypt your files on creation so that copies or temporary files and metadata of the contents will have lesser chances of fragmenting and being copied all over your file system as buffer data or simply to sit there for no reason.


Ultimately, these defensive techniques are to delay aggressors or to make it extremely hard for most aggressors to know the truth of your contents. Forceful coercion, human errors, key and screen logging to to detect the password you type into your file encryption program to decrypt those individually encrypted files are part of the arsenal that could defeat the encryption you have placed on your file system and each important files.


The best security is to simply not have it around at all but it is nearly impossible.


To summarise this short article, do not solely rely on encrypting your file system and devices. Encrypt the files inside the file system and devices that you think are important in an event your file system or OS is breached. There is no "ultimate security" for now.

Opera and security scandal

Read:
Such a scandal makes it hard for users to trust or to continue trusting either the researcher who disclosed the vulnerabilities or Opera themselves.


The best way to prevent such scandals is the publication of truthful conversation logs and archives to prove the point and provide valid evidences.


Such a scandal would simply put a dent anyway to either or both sides and it's not something good in the long run I guess.

Monday, October 17, 2011

Crime Sourcing and Crime as a Service

Read:


Watch:

Criminal outsourcing and Crime as a Service (CaaS) have been developed unknowingly by criminal groups and organisations. These materials are very useful for Cyber Forensics investigators and students and Security researchers.

Friday, October 14, 2011

Why your web profiles aren't safe

Read:

This should give you something to ponder about the reaches of the US government and their relentless appetite for more power and the ability to "subdue" (kill off) adversaries or oppositions of any sort. A tyrant indeed. There are much more cases out there that you can search for.

For those who love the online lifestyle, you have to simply be careful of what you put up there (no GPS or personal information that would be too obvious). Few actually respects privacy of themselves and others in this age.

SSH + HTML 5

Read:

Source Code:
Cool stuff. Imagine you can do SSH over HTML 5 via web browsers. Despite there are existing implementations, each of these implementations improves on the other. I have not tried it but the concept is good. The only problem is how much are you willing to trust that web browser and computer you are on ? The server-end running Python codes also makes it easier to handle.

Tuesday, October 11, 2011

Reacting to a hacked email account

In an event your email account or your friend's email account security have been breached, I have some ideas below that might help.

The reason I am writing all these is I have seen many people's accounts being used to send spam (because their accounts are hacked) and no one tells their friends about the breach so the correct reaction could not be taken and probably be deleted or sent to the spam mail or trash. Another reason is no one bothers about their accounts being hacked and be used for spam because their emails are not important to them. The huge mistake is, the usage of their hacked emails as "robots" or "zombies" to control, the person who is in control of the accounts (puppet master) can use these accounts for other malicious deeds and harm others. It becomes a chain reaction and may snowball into something big.

So enough of the talk and let's get into the topic.

My friend's email have been hacked !!!
Yes, you can tell your friend's email have been hacked. He/she sends you suspicious links (so don't click on "juicy" or obviously dangerous links). Another trend to note is the "To" list of people who would be receiving the malicious spam mail. The list of people in the "To" field (whoever that would receive the malicious spam mail) would be alphabetical. Who would ever be so careful to include people into the "To" list of receivers of an email in a very neat and well thought out alphabetical fashion other than a computer program ?

To summarise, you would notice a weird link in the email or some attachment that makes no sense and the list of "To" people (which would include your own email address) would be so neatly adjusted in an alphabetical fashion.

So how do you react ? Firstly, take a screenshot and forward back the link as an evidence to your friend's email (hoping he/she can still access his/her account). Contact your friend via a channel they usually would and tell them to change the password to something else that's not some default passwords people usually use (good password selection policy). Also advise your friend to change all other accounts that he had used that compromised account to register as well. The notion is that the intruder might have used the email account to request for password resets or some emails might contain passwords from account registrations that people might refuse or forget to change. Finally, if it's possible, ask your friend to alert the email provider of a possible breach so that the email provider can investigate their own security measures and carry out some security audits to ensure other users are safe.

My email have been hacked !!!
Ok, do not panic. Attempt to change the password in the email account and the other accounts linked to that email account that have been compromised. If you are locked out of your own accounts of any sorts, then notify the service provider (email or account provider) while they investigate into the matter. Notify your friends to be careful of the compromised accounts. The best way is to ask your friends to alert you any time when they suspect a spam from your account (this arrangement can be done without any event from happening yet as a safety precaution and a good security practise). All you need to do after you have warned the necessary people is to wait for the investigation to take it's course. There is nothing much you can do unless you would consider making yourself a new email account (and secure it safely with a new well-designed password).

Some additional measures to ensure security
Always use HTTPS (secure and encrypted) if the email or website provides one. If there is a setting in the website or email provider's options to turn on HTTPS, use it as the default instead of HTTP (insecure and unencrypted). Change passwords at least once every few months if possible and do not use the same password across multiple accounts. It makes predicting passwords so much easier. Use a password manager like KeePass (http://keepass.info/), KeePassX (http://www.keepassx.org/) or PasswordSafe (http://passwordsafe.sourceforge.net/) that have the capabilities to use strong encryption to store your personal information and passwords. Obviously, use a pretty strong password which you can easily remember to protect your password manager as the login password and DO NOT SHARE PASSWORDS !!

Conclusion
Overall, it is hard to deal with email account breaches as you might not be the owner of the email server. You are usually using a web-based email service someone provides you (Hotmail, Yahoo, Gmail...etc...) which you have very little control over. The above practises are thought out to reduce the damages a compromised account can do by acting responsibly. Do not forget, you might think that your email account is insignificant but it can be used to create bigger threats.


© 2011 Thotheolh / ThothTech. Part or whole of this article can be reproduced or quoted if their meanings are not distorted, else link them to this article.

Wednesday, October 5, 2011

Killing Freedom

Read:
What a shame for countries who sign such a restricting agreement and join in the ranks to try and grab the favours of a failing country whom cannot protect her own country's freedom like the USA. It is obvious that the USA created such an agreement for their own greed and motives and those who signed it played into the hands of the USA and their desires in an attempt to gain benefits from a country who has been owing the World Bank in trillions of US Dollars of loan.

Tuesday, October 4, 2011

Quality of Java installers

Hi decided to get a 64 bit "bin" extension installer for Linux installation of JDK 6 u 27 and when I executed it, this is what it gave ...........

Unpacking...
Checksumming...
Extracting...
./install.sfx.9113: 1: ELF : not found
./install.sfx.9113: 2: Syntax error: ")" unexpected
Failed to extract the files.  Please refer to the Troubleshooting section of
the Installation Instructions on the download page for more information.

And a file Java installer generated .....

What is that messed up file above that the Java installer generated !!??

This is the quality of Java from Oracle. Oracle have been screwing up Java badly for so many steps since it took over Java by "eating up" Sun Microsystem.

Oracle..... HOW THE HELL ARE YOU GONNA EXPECT US JAVA DEVELOPERS TO DEVELOP JAVA !!??

Broken Java installers for JDK 6u27 (64 bit), screwed up Java 7 features and possibly Java 8, undemocratic on the JCP board....

Oracle.... HOW ELSE DO YOU EXPECT US JAVA DEVS TO USE JAVA YOU PROVIDE !!??