| User | Post |
|
10:07 pm
September 28, 2010
|
jamie
| | |
|  Golden Apple | posts 1820 | |
|
|
PC'c and the internet have been in the news lately. From Cyber-crime to the USA considering warrant-less taps on Internet communications. So here are some free programs I like for protection
http://www.truecrypt.org/downloads
Private encryption for your drives and communications. Also if you sell or give away a harddrive it has a good data erase program.
http://www.comodo.com/
I like this suite of tools and have used it over 2 years.
http://www.mozilla.com/en-US/
I have been using this browser for a couple of years and really like the features. It also has a Private browsing options.
|
|
|
|
|
10:17 pm
September 28, 2010
|
rus
| | |
|  Fresh Fruit | posts 10 | |
|
|
truecrypt is good for file storage.
might also check out the gnu privacy guard:
http://www.gnupg.org/
free for commercial or non-commercial use, does single file encryption and can be used to encrypt email.
|
|
|
11:00 pm
September 28, 2010
|
jamie
| | |
| Golden Apple | posts 1820 | |
|
|
Haven't tried that one. Welcome to Orchard rus
|
|
|
|
|
12:36 am
September 29, 2010
|
Justin Case
| | |
|  Bronze Apple | posts 647 | |
|
|
Be wary of keystroke loggers because no matter how great your encryption is, a keystroke logger will reveal your user IDs and passwords very quickly (which makes great encryption software such as PGP effectively useless).
Keystroke logging (often called keylogging) is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous keylogging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
In 2000, the FBI used a keystroke logger to obtain the PGP passphrase of Nicodemo Scarfo, Jr., son of mob boss Nicodemo Scarfo. Also in 2000, the FBI lured two suspected Russian cyber criminals to the US in an elaborate ruse, and captured their usernames and passwords with a keylogger that was covertly installed on a machine that they used to access their computers in Russia. The FBI then used these credentials to hack into the suspects' computers in Russia in order to obtain evidence to prosecute them.
Keystroke logging
Be wary of "free" flash (USB) drives you find laying around — they might contain malicious software that will compromise your security (as the U.S. Military found out the hard way a couple of years ago). Remember that old saying from the world of computer geeks: safe computing and safe sex have a lot in common. 
In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.
Defending a New Domain, The Pentagon's Cyberstrategy
Think about the larger picture when coming up with a plan to protect your information. Frr example, your security methods may be defeated if the personal information you post on a social networking site allows someone to break into your email account (which is how a hacker broker into Sarah Palin's Yahoo account during the 2008 campaign — she posted her date of birth and the city where she was born on her campaign site, which is all the hacker needed when challenged by Yahoo's security process).
Identity theft affects 9 million Americans each year. Knowing the most common methods identity thieves use could save your financial and medical health.
Top 5 Tricks of Identity Thieves
I consider data and personal information security to be on par with physical security when doing my prepping.
|
|
|
|
|
10:56 am
September 29, 2010
|
rus
| | |
| Fresh Fruit | posts 10 | |
|
|
jamie said:
Haven't tried that one. Welcome to Orchard rus
Thanks for the welcome!
On keyloggers: Good point. For something like gunpg / pgp, one can also keep one's keyrings ( secret and private encryption keys ) on removable media. Takes some fiddling with the configuration files, but then even with your passphrase an attacker can not open your encrypted files / mail.
Another option is using a bootable linux distro; even if a software keylogger is installed on your machine, running a different OS bypasses that. One the machine is rebooted, the different OS does not exist.
|
|
|
12:17 am
February 4, 2011
|
Justin Case
| | |
| Bronze Apple | posts 647 | |
|
|
I set up a home wireless network a year ago, but I took it down and went back to a cabled system last month. I wasn't worried about being hacked (because I was using good network security on my wireless router):
FBI agents held Malcolm Riddell against the wall and asked him why child pornography was flowing through his wireless router's Internet connection. For a few tense hours, Riddell faced the possibility of felony charges, prison time and permanent sex offender status. And it was all because his wireless router had been carelessly left open to hackers.
Has Your Wireless Router Been Hacked?
What I was worried about was not the crook who wanted my private information or my Internet connection for evil purposes. Rather, I was concerned that someone would learn I had a laptop computer and other electronic devices in my home. Then all they would have to do is buglarize my home and fence my stuff.
When you have radio transmitters in your home (which is what wireless connections have at each end), someone outside your home can use a laptop computer to discover your wireless home network if they are physically close enough. They don't need to be able to break into your network. Instead, your network will show up on their list of wireless networks when they use the wireless connection utility that is part of Windows (Macs have a similar feature).
A similar sort of thing happened in the early 1980s when cordless telephones first came out. The original models were unencrypted, so anyone with a Radio Shack scanner could drive through a neighborhood and find them. Then they would make long-distance phone calls and stick someone else with the bill (the industry called them "dial tone thieves" and their growing success lead to the encryption requirement as a way to thwart them).
The point is that being "gray" also means being aware that wireless consumer devices emit radio waves, which can be detected by garden variety criminals (using a stolen laptop computer, no doubt) who can then target your home as a place to rob.
BTW, when I went back to a cabled system, I had to log in to my router and turn off the radio. Many wireless routers have the radio on by default, which defeats the purpose if you want to be "gray" by using a cabled system.
|
|
|
|
|
1:51 pm
February 4, 2011
|
Gallo
| | |
| Bronze Apple | posts 924 | |
|
|
I'm sure the government can crack into 99.9999% of people's router passwords. Or they probably can get a backdoor entry from the manufacturer. Or simply break your door and confiscate your equipment.
Uisng a wireless router broadcasts a signal. It tells the world, or at least your neighbors, you have a router. This does not necessarily mean they can break the password to get on your network. Most routers come with 'administrator' as the default user name and password. So if you have fluffy as the password to the network and then forgot to change the router password, your neighbor can easily get on your network and take ownerhsip of your router.
I have my network password different than my router password and in addition I use the mac address of the machine as a second tier of security. So even if someone breaks the password to the network, if their mac address is not registered in the router they still can't get access.
Now if you really want to know who among your neighbors is a naughty person, setup a wirless router without a pasword to broadcast a signal and leave one old pc client tied to it. Then check the logs and see who's been peeking or you can post a funny welcome picture.
|
|
|
5:51 pm
February 4, 2011
|
Justin Case
| | |
| Bronze Apple | posts 647 | |
|
|
Gallo said:
Uisng a wireless router broadcasts a signal. It tells the world, or at least your neighbors, you have a router. This does not necessarily mean they can break the password to get on your network.
Because I have a strong password on my wireless router, I'm not worried about anyone being able to access my network (the James Bond hacker and the FBI will get through no matter what I do).
What I'm concerned about is the "signal" that is really being broadcast by my wireless router is: My home has wireless consumer devices in it (you know, the kind that are easy to steal and fence), so add my home to your list of places to burglarize.
Besides laptop computers, there are wireless game consoles, wireless printers, and WiFi TVs that are often in home wireless networks. A crook with a WiFi-enabled Smart Phone can walk by looking for "hot spots" to access. Even if my WiFi router is password-protected, the crook isn't interested in accessing my Internet connection; instead, he wants to steal my consumer electronics devices.
With my wireless router functioning in wired-only mode, at least a crook has to guess if I have anything worth stealing. One of my neighbors, on the other hand, uses his street address as his SSID (i.e., his wireless network name). I should probably say something to him because he has made it very easy for a WiFi-savvy crook to target his home. (His network is 150 feet away from me and is protected with strong security, but I know it exists because it shows up on my list of available wireless networks. The other SSIDs in my neighborhood, however, would require me to do some legwork with a portable WiFi device if I wanted to find out the exact homes where they are located.)
Back in the 1990s, the advice was to be careful when you recycle the packaging material for that new TV or computer you got for Christmas. A thief seeing that material out at the curb will know what's inside your home and can target it for a burglary. Having a wireless network essentially does the same thing for the crook who knows about WiFi electronics.
|
|
|
|
|
8:30 pm
February 4, 2011
|
MW
| | Over the Rainbow | |
| Golden Apple | posts 1622 | |
|
|
Cut up your debit card and dont use electronic transactions. Yes, I have stopped using my debit card, yes I have stopped all online transactions. I now pay my bills in person and in cash. I think I've mentioned my bank accounts already… I'm a true believer, people, and the time is fast approaching that will separate the 'men (plus Jamie, Lamb, et al) from the boys.'
|
All the kings horses and all the kings men won’t be able to put the empire together again. -anonymous
|
|
|
7:05 am
February 5, 2011
|
pm97
| | Florida | |
| Bronze Apple | posts 715 | |
|
|
MW said:
Cut up your debit card and dont use electronic transactions. Yes, I have stopped using my debit card, yes I have stopped all online transactions. I now pay my bills in person and in cash. I think I've mentioned my bank accounts already… I'm a true believer, people, and the time is fast approaching that will separate the 'men (plus Jamie, Lamb, et al) from the boys.'
I must have missed the post MW. Why'd you go this route? if you don't mind sharing)
|
|
|
10:12 am
February 5, 2011
|
cryingfreeman
| | Armagh, N Ireland | |
|  Core Member | posts 227 | |
|
|
Slightly related is this absolute masterpiece article on online anonymity: http://cryptogon.com/?p=624
|
|
|
1:03 pm
February 5, 2011
|
Gallo
| | |
| Bronze Apple | posts 924 | |
|
|
Good article , Cyingfreeman. I don't bother with online security other than the basics that would keep the common cyber crimial at bay: Strong passwords, normal browsing, don't open strange emails or attachments, etc.
Just like in life, on the internet, too, sticking to the grey man approach is the winning ticket. It is not a question if the goverment can track you down, but if you are worth tracking.
When you write something online, it is like shouting it off in a public place except the whole world could potentially listen.
So that's why when BO took office, I started saying on forums that I lost my ammo and guns in a boating accident.
|
|
|
3:18 pm
February 5, 2011
|
MW
| | Over the Rainbow | |
| Golden Apple | posts 1622 | |
|
|
I must have missed the post MW. Why'd you go this route? if you don't mind sharing)
I went this route due to a combination of seeing a good friend ruined by ID theft, knowing the ultimate futility in protecting electronic data (mine and my wife's military records were on a DOD laptop that went missing) and due to the fact that when the SHTF I truly believe that bank accounts and all manner of electronic transactions will be doomed. My reaction to this -or proaction- was to scale back until I reached a point of cash transactions, zero debit/credit card use and, yes, no bank account utilization. All firearms purchases are private and PM aquisition the same. I achieved this over the period of 6 months and it was only December '10 that my plans were completed. I have liquidated my 'paper' portfolio and converted into 100% liquid assets being tangible property of one sort or another. I contribute nothing to retirement. Folks, I am ALL IN.
|
All the kings horses and all the kings men won’t be able to put the empire together again. -anonymous
|
|
|
6:21 pm
February 5, 2011
|
pm97
| | Florida | |
| Bronze Apple | posts 715 | |
|
|
I'm immpressed. Thanks for sharing.
|
|
Login 
Register 
Search 
Forum
Print this Post 
Topic RSS 
