Three Free Apps to Encrypt, Decrypt Your Data

Financial data and other privileged information on a computer can easily be subject to intrusive viewing by those not authorized to do so.

Not many of us, it seems, bother to lock our computers while we’re temporarily away from the machine, creating a perfect opportunity for others to peek at our most sensitive and confidential files.

Quick tip: Press the Windows Key + L which, in Windows XP or Windows Vista, will lock your computer by displaying the Profile screen. When you click on your icon and type your password, you again have access to the PC.

Of course, it is not only those with physical access that can probe a computer for sensitive and confidential information. Internet malware attack statistics show, more and more, that this type of information is targeted by hackers/information thieves, for the purpose of identity theft.

Can it happen to you? The short answer is – you can count on an attempt. The reality is; there is no such thing as a totally secured internet connected computer. All internet connected computers are subject to attack.

To reduce or eliminate the security threat to your sensitive data, the most prudent course for you to follow is to encrypt your data. If you’re unfamiliar with data encryption; simply put, it is a process by which bits of data are mathematically jumbled with a password-key. The process makes the data unreadable unless, or until, decrypted by you.

The following are well tested, free encryption applications, that will encrypt your data and are suitable for a USB flash drive.

EncryptOnClick

EncryptOnClick is a free program that lets you securely encrypt and decrypt files. The program is very simple to use, and features military grade 256-bit AES encryption.

After you have launched the application, simply select the target file/folder you want to encrypt.

Following the easy interface, type a password for that file/folder which will then be encrypted. To open the encrypted file/folder at a later date, you must type the correct password.

Quick facts:

A very secure encryption and decryption method is used (256-bit AES encryption)

Files are both compressed & encrypted, which results in a smaller file

Password protected

Will encrypt single files or all files in a folder

Very simple to use interface

Can be used on a USB key

Fully Unicode enabled so filenames in any language can be encrypted

Will encrypt, decrypt, compress, and uncompress files which can also be opened and decrypted using third party programs like WinZip 9 – provided the correct password is used

Will detect if you’re decrypting a file that is in a temporary folder, and if so, will prompt you to see if you would like to decrypt it into a different folder

Command line parameters can be used

Complete help file

Free technical support, online forums, knowledge base, and FAQs at 2BrightSparks

Tip: Use on a USB key by copying the files EncryptOnClick.exe, EncryptOnClick.exe manifest, ExceedZip.dll to a named folder on the USB key.

System Requirements: Windows 98/ME/2000/XP

Download at: Download.com

TrueCrypt

TrueCrypt is an outstanding free open source software system, (one I have using for the last several years) for establishing and maintaining an on-the-fly-encrypted volume.

On-the-fly encryption simply means that data are automatically encrypted or decrypted just before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/correct encryption keys.

TrueCrypt uses 11 algorithms for encrypting private files in a password-protected volume. You can store your encrypted data in files, partitions, or a portable storage device such as a USB flash drive.

Once your encrypted files are mounted to a local drive with your password or key, you can manipulate those files, i.e. you can open, copy, delete, or modify them. When you have completed working on those files, you then dismount the volume and the files are then safely secured from unauthorized access.

Quick Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified – volumes cannot be distinguished from random data

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

System Requirements: Windows 2000/XP/2003/Vista

Download at: Download.com

My Lockbox

My Lockbox is a freeware software application that allows you to do just that, and then password protect those files on your computer.

Other users will not have access to these files, nor will they be able to accidentally, or otherwise, view them or manipulate them in any way.

The protected folder (lockbox) is hidden from all other users and applications on your computer; including the Administrator and the System. The lockbox (protected folder), is impossible to access not only from the local computer, but also from the Internet.

Following the on-screen instructions makes this program extremely easy to setup and use. The lockbox location, password, and parameters are configured during the easy setup procedure.

After the setup is completed, the lockbox will be hidden and locked until you, as the user, enter the valid password. My Lockbox Control Panel allows you easily change basic lockbox parameters: lockbox location, protection status, and password.

The program is effective, easy to use and best of all – it’s free.

Quick facts:

Very easy to use

Almost any folder on your computer can be password protected

Instant protection – no file scrambling

Lockbox folder is inaccessible even by the system administrators

Lockbox folder is inaccessible both locally and remotely

Lockbox folder can be protected in Windows safe mode

Hotkeys support – you can popup the Control Panel with a keystroke

Skinned user interface

Freeware

System Requirements: Windows 2000, XP, 2003 Server, Vista

Download at: Download.com

KeyScrambler Personal – A Must Have Browser Plug-in

KeyScrambler Personal is a free plug-in for FireFox, Internet Explorer, and Flock web browsers which protects all input you type into the browser from Keyloggers.

This free version of KeyScrambler encrypts your keystrokes at the kernel driver level.

Cyber-crooks are relentless in their pursuit of your money and let’s face it – it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Despite the best efforts of AntiSpyware, AntiVirus, and other Internet security products, you still face substantial risks while surfing the Internet. One type of malware that can expose you to financial risk is the Keylogger.

A Keylogger is a form of spyware which, once installed on a computer, can record every keystroke that is made on that computer, and transmit those keystrokes back to a cyber-criminal. The function of a Keylogger is to steal passwords, bank account numbers, and other personal information.

When you type on your keyboard, the input travels along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The compromised information is then sent to the cyber criminal who will exploit your passwords, bank account numbers, and other personal information.

By encrypting your keystrokes at the keyboard driver level, deep within the operating system, a Keylogger can be beaten since it can only record the encrypted keys, which are indecipherable.

Unlike AntiVirus and AntiSpyware programs that depend on recognition to remove Keyloggers that they know about, KeyScrambler will protect you from both known and unknown Keyloggers.

I’ve been using this great little plug-in for months now and feel more secure logging in than I once did. Despite this, I change all of my passwords frequently, since doing so, is just common sense.

BTW, it works on Windows7 RC.

Quick facts:

Protects user input in all parts of the browser against key-loggers.

Protects login credentials, credit card numbers, passwords, search terms and more

Works with IE, FireFox, and Flock: Java, Flash, PDF Forms

Email protection including Yahoo, Hotmail, and Gmail.

No learning curve.

Protects against Keyloggers even on security compromised computers

Requires no effort on your part after installation

In the top 5 FireFox Extensions for security and privacy

System Requirements: Windows 2000, 2003, XP, Vista (32-bit and 64-bit), and Windows 7

Download at: Download.com

Online Banking Safety Tips

As use of the Internet continues to expand exponentially, banks and other financial institutions have increased their use of the Internet to deliver products and enhanced financial services, or simply to improve communications with consumers.

The Internet, despite its fundamental flaws, does offer the potential for safe, convenient, and new ways to shop for financial services and conduct banking business, any day, any time.

While it’s true that the Internet has the “potential” for safe and secure financial transactions, safe banking online relies on you making good choices and decisions that will help you avoid costly surprises, or even carefully crafted scams and phishing schemes.

Despite all the hype concerning inpenetrateable system security, we have learned, much to our detriment, that no such inpenetrateable systems exist. The inescapable fact remains; you are your own best protection while conducting financial transactions on the Internet. So it’s important that you learn about, and take advantage of, security features offered by your financial institution.

Some examples are:

Encryption is the process of scrambling private information to prevent unauthorized access. To remind you that your transmission is encrypted, most Internet browsers display a small icon on your screen that looks like a lock or a key, when you conduct secure transactions online. Avoid sending sensitive information, such as account numbers, through unsecured e-mail.

Passwords, or personal identification numbers, should be used when accessing an account online. Your password should be unique to you, and this is extremely important, you should change it regularly. Do not use birthdates or other numbers or words that may be easy for others to guess.

Always carefully control to whom you give your password. For example, if you use a financial company that requires your passwords in order to gather your financial data from various sources, make sure that you are aware of the company’s privacy and security practices.

General security over your personal computer such as virus protection and physical access controls should be used and updated regularly. Contact your hardware and software suppliers, or Internet service provider, to ensure you have the latest in security updates.

(Click pic for larger)

Tips on safe computing practices when conducting your online banking at home, or at a public computer:

Never leave your computer unattended once you have signed in to online banking.

After completing your transactions, ensure that you sign out of online banking, clear your cache, and close your browser. Often, it is easy to forget to sign out of an online banking session

Keep your password and card number safe. This seems like a no brainer, but surprisingly many users do forget this critical step in the process.

Do not share, disclose, or provide your bank card number, or password, to another party or website other than your bank. Most banks will not send you an email requesting this information. If your bank practices this very unsafe routine; you should change banks.

Do not save your bank card number, or password, on a publicly accessed computer.

If you do use a public access computer such as at an Internet café or public library, to be safe change your password after completing your session by calling your bank’s telephone banking number.

When selecting a password, choose a series of characters that cannot be easily guessed by anyone else. The best passwords are made up of an alpha-numeric combination that’s more than four characters long and a combination of capital and lower case letters.

(Click pic for larger)

This is an example of an Online Banking email phishing attempt.

Don’t use:

A password you use for any other service.

Your name, or a close relative’s name.

Your birth date, telephone number or address, or those of a close relative.

Your bank account number, or bank card number.

Do not share your personal verification question answers with anyone, and do not disclose them in any emails. It’s simple; giving your password answers to another person, or company, places your finances and privacy at risk.

Encrypt Your USB Drive with Free Software

What is it they say about the shoemaker’s daughter – oh yes; she has no shoes!

What is it they say about the computer tech who consistently warns computer users to take particular care of USB drives to ensure they won’t be lost, or stolen? Well today they might say – he should be more careful and follow his own advice!

I have made a habit, these last several years, of carrying one or more USB drives with me no matter the activity I’m engaged in. So it wasn’t unusual that while skiing this past weekend, I had two flash drives with me. What was unusual though was – I lost both sticks on the slopes. Yes, skiing occasionally involves falling head over heels.

Other than the minor cost involved in replacement, and the drudgery of reinstalling my trusty ‘tech toolbox” no real harm occurred since both drives were encrypted. Nevertheless, the lesson learned here was – none of us are infallible.

Sure, I know, you’ll never lose your USB flash drive, and you take particular care to ensure it won’t be stolen. But does loss, or theft, of a USB stick happen? You bet. My recent experience is a perfect example. Just this past week, it was reported that in the U.K., 9,000 USB drives were found by dry cleaners in 2008.

The following are selected statistics, but they make the point that USB sticks, or other portable media devices, frequently get lost, or stolen.

- Privacyrights.org recently reported that in the last two years, personal information on over 244 million Americans has being stolen, or exposed in other ways.

- Recently in the U.K., an unencrypted Ministry of Defense USB drive was found on the floor of a nightclub. That’s not much of a story I suppose, but added to the other fifty eight Ministry of Defense unencrypted drives that were reported lost in 2008 which contained details of troop movements, locations, and travel accommodation, and it takes on a different perspective.

- In the U.S., The Transportation Security Agency (TSA) recently admitted the loss of an unencrypted external hard drive containing the personal, bank and payroll information of up to 100,000 of its former and current employees who worked for the agency from January 2002 until August 2005.

- Several months ago, unencrypted data on all 84,000 prisoners in England and Wales went missing after a contractor lost a USB stick on which it had been stored.

- According to Security Software Zone

“Government data loss and data leakages related to lost or stolen computer memory sticks, are now commonplace.”

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop/ USB flash drive theft or loss is not restricted to organizations; we know that it can just as easily happen to you or me.

To reduce or eliminate the security threat to your sensitive data, the most prudent course for you to follow is to encrypt your data. If you’re unfamiliar with data encryption; simply put, it is a process by which bits of data are mathematically jumbled with a password-key. The process makes the data unreadable unless, or until, decrypted by you.

Microsoft revealed recently that Windows 7, its next operating system, will include a feature that will let users encrypt USB drives.

In the meantime, here are a number of free encryption applications that will encrypt your data and are suitable for a USB flash drive.

EncryptOnClick

EncryptOnClick is a free program that lets you securely encrypt and decrypt files. The program is very simple to use, and features military grade 256-bit AES encryption.

After you have launched the application, simply select the target file/folder you want to encrypt.

Following the easy interface, type a password for that file/folder which will then be encrypted. To open the encrypted file/folder at a later date, you must type the correct password.

Quick facts:

A very secure encryption and decryption method is used (256-bit AES encryption)

Files are both compressed & encrypted, which results in a smaller file

Password protected

Will encrypt single files or all files in a folder

Very simple to use interface

Can be used on a USB key

Fully Unicode enabled so filenames in any language can be encrypted

Will encrypt, decrypt, compress, and uncompress files which can also be opened and decrypted using third party programs like WinZip 9 – provided the correct password is used

Will detect if you’re decrypting a file that is in a temporary folder, and if so, will prompt you to see if you would like to decrypt it into a different folder

Command line parameters can be used

Complete help file

Free technical support, online forums, knowledge base, and FAQs at 2BrightSparks

Tip: Use on a USB key by copying the files EncryptOnClick.exe, EncryptOnClick.exe manifest, ExceedZip.dll to a named folder on the USB key.

System Requirements: Windows 98/ME/2000/XP

Download at: Download.com

TrueCrypt

TrueCrypt is an outstanding free open source software system, (one I have using for the last several years) for establishing and maintaining an on-the-fly-encrypted volume.

On-the-fly encryption simply means that data are automatically encrypted or decrypted just before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/correct encryption keys.

TrueCrypt uses 11 algorithms for encrypting private files in a password-protected volume. You can store your encrypted data in files, partitions, or a portable storage device such as a USB flash drive.

Once your encrypted files are mounted to a local drive with your password or key, you can manipulate those files, i.e. you can open, copy, delete, or modify them. When you have completed working on those files, you then dismount the volume and the files are then safely secured from unauthorized access.

Quick Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified – volumes cannot be distinguished from random data

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

System Requirements: Windows 2000/XP/2003/Vista

Download at: Download.com

For those of you who are more interested in protecting files, or folders, on your home computer the two applications above will do the job nicely. Choice is good of course, so here is an additional free program that you might be interested in.

My Lockbox

My Lockbox is a freeware software application that allows you to do just that, and then password protect those files on your computer.

Other users will not have access to these files, nor will they be able to accidentally, or otherwise, view them or manipulate them in any way.

The protected folder (lockbox) is hidden from all other users and applications on your computer; including the Administrator and the System. The lockbox (protected folder), is impossible to access not only from the local computer, but also from the Internet.

Following the on-screen instructions makes this program extremely easy to setup and use. The lockbox location, password, and parameters are configured during the easy setup procedure.

After the setup is completed, the lockbox will be hidden and locked until you, as the user, enter the valid password. My Lockbox Control Panel allows you easily change basic lockbox parameters: lockbox location, protection status, and password.

The program is effective, easy to use and best of all – it’s free.

Quick facts:

Very easy to use

Almost any folder on your computer can be password protected

Instant protection – no file scrambling

Lockbox folder is inaccessible even by the system administrators

Lockbox folder is inaccessible both locally and remotely

Lockbox folder can be protected in Windows safe mode

Hotkeys support – you can popup the Control Panel with a keystroke

Skinned user interface

Freeware

System Requirements: Windows 2000, XP, 2003 Server, Vista

Download at: Download.com

Defeat Internet Keyloggers – KeyScrambler Personal (Free)

Cyber-crooks are relentless in their pursuit of your money and let’s face it – it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Despite the best efforts of AntiSpyware, AntiVirus, and other Internet security products, you still face substantial risks while surfing the Internet. One type of risk/danger that is rarely considered, or discussed, is the Keylogger.

A Keylogger is a form of spyware which, once installed on a computer, can record every keystroke that is made on that computer, and transmit those keystrokes back to a cyber-criminal. The function of a Keylogger is to steal passwords, bank account numbers, and other personal information.

A Keylogger in action: The to_my_love.scr (to my love screensaver), is currently circulating on the Internet by way of a personal invitation email. Clicking “yes” when your computer asks whether you want to install this screensaver, installs a Worm/Keylogger on the machine.

This Keylogger is capable of stealing IM passwords, email passwords, bank account numbers, and confidential/financial information. Using IM, email, and other contact information from the now infected computer, the Worm/Keylogger goes on to infect other machines. That’s right, the computers of friends, family, and perhaps even co-workers.

Protect yourself with KeyScrambler Personal: KeyScrambler Personal is a free plug-in for FireFox, Internet Explorer, and Flock web browsers which protects all input you type into the browser from Keyloggers. This free version of KeyScrambler encrypts your keystrokes at the kernel driver level.

When you type on your keyboard, the input travels along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The compromised information is then sent to the cyber criminal who will exploit your passwords, bank account numbers, and other personal information.

By encrypting your keystrokes at the keyboard driver level, deep within the operating system, a Keylogger is beaten since it can only record the encrypted keys, which are indecipherable.

Unlike AntiVirus and AntiSpyware programs that depend on recognition to remove Keyloggers that they know about, KeyScrambler will protect you from both known and unknown Keyloggers.

I’ve been using this great little plug-in for a few months now and feel more secure logging in than I did. Despite this, I change all of my passwords frequently since doing so, is just common sense.

Quick facts:

Protects user input in all parts of the browser against key-loggers.

Protects login credentials, credit card numbers, passwords, search terms and more

Works with IE, FireFox, and Flock: Java, Flash, PDF Forms

Email protection including Yahoo, Hotmail, and Gmail.

No learning curve.

Protects against Keyloggers even on security compromised computers

Requires no effort on your part after installation

In the top 5 FireFox Extensions for security and privacy

System Requirements: Windows 2000, 2003, XP, and Vista (32-bit and 64-bit)

Download at: QFX Software

For full, free, system Keylogger protection checkout, “Are You Being Tracked? – Get Snoop Free Privacy Shield” on this Blog.

Lose Your USB Stick and You Lose it All – Encrypt Now with Free Software!

Sure, I know, you’ll never lose your USB flash drive, and you take particular care to ensure it won’t be stolen. But does loss, or theft, of a USB stick happen? You bet.

How often have you read/heard the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a Laptop/USB flash drive stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop/ USB flash drive theft or loss is not restricted to organizations; it can just as easily happen to you.

The following are selected statistics, but they make the point that USB sticks, or other portable media devices, frequently get lost, or stolen.

- Privacyrights.org recently reported that in the last two years, personal information on over 244 million Americans has being stolen, or exposed in other ways.

- Recently in the U.K. an unencrypted Ministry of Defense USB drive was found on the floor of a nightclub. That’s not much of a story I suppose, but added to the other fifty eight Ministry of Defense unencrypted drives that have been lost so far in 2008, that contained details of troop movements, locations, and travel accommodation and it takes on a different perspective.

- In the U.S., The Transportation Security Agency (TSA) recently admitted the loss of an unencrypted external hard drive containing the personal, bank and payroll information of up to 100,000 of its former and current employees who worked for the agency from January 2002 until August 2005.

- Just last month unencrypted data on all 84,000 prisoners in England and Wales went missing after a contractor lost a USB stick on which it had been stored.

- According to Security Software Zone “Government data loss and data leakages related to lost or stolen computer memory sticks, are now commonplace.”

To reduce or eliminate the security threat to your sensitive data, the most prudent course for you to follow is to encrypt your data. If you’re unfamiliar with data encryption; simply put, it is a process by which bits of data are mathematically jumbled with a password-key. The process makes the data unreadable unless, or until, decrypted by you.

Here are a number of free encryption applications that will encrypt your data and are suitable for a USB flash drive:

EncryptOnClick

EncryptOnClick is a free program that lets you securely encrypt and decrypt files. The program is very simple to use, and features military grade 256-bit AES encryption.

After you have launched the application, simply select the target file/folder you want to encrypt. Following the easy interface, type a password for that file/folder which will then be encrypted. To open the encrypted file/folder at a later date, you must type the correct password.

Quick facts:

A very secure encryption and decryption method is used (256-bit AES encryption)

Files are both compressed & encrypted, which results in a smaller file

Password protected

Will encrypt single files or all files in a folder

Very simple to use interface

Can be used on a USB key

Fully Unicode enabled so filenames in any language can be encrypted

Will encrypt, decrypt, compress, and uncompress files which can also be opened and decrypted using third party programs like WinZip 9 – provided the correct password is used

Will detect if you’re decrypting a file that is in a temporary folder, and if so, will prompt you to see if you would like to decrypt it into a different folder

Command line parameters can be used

Complete help file

Free technical support, online forums, knowledge base, and FAQs at 2BrightSparks

Tip: Use on a USB key by copying the files EncryptOnClick.exe, EncryptOnClick.exe manifest, ExceedZip.dll to a named folder on the USB key.

System Requirements: Windows 98/ME/2000/XP

Download at: Download.com

TrueCrypt

TrueCrypt is an outstanding free open source software system, (one I have using for the last several years) for establishing and maintaining an on-the-fly-encrypted volume.

On-the-fly encryption simply means that data are automatically encrypted or decrypted just before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/correct encryption keys.

TrueCrypt uses 11 algorithms for encrypting private files in a password-protected volume. You can store your encrypted data in files, partitions, or a portable storage device such as a USB flash drive.

Once your encrypted files are mounted to a local drive with your password or key, you can manipulate those files, i.e. you can open, copy, delete, or modify them. When you have completed working on those files, you then dismount the volume and the files are then safely secured from unauthorized access.

Quick Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified – volumes cannot be distinguished from random data

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

System Requirements: Windows 2000/XP/2003/Vista

Download at: Download.com

For those of you who are more interested in protecting files, or folders, on your home computer the two applications above will do the job nicely. Choice is good of course, so here is an additional free program that you might be interested in.

My Lockbox

My Lockbox is a freeware software application that allows you to do just that, and then password protect those files on your computer.

Other users will not have access to these files, nor will they be able to accidentally, or otherwise, view them or manipulate them in any way.

The protected folder (lockbox) is hidden from all other users and applications on your computer; including the Administrator and the System. The lockbox (protected folder), is impossible to access not only from the local computer, but also from the Internet.

Following the on-screen instructions makes this program extremely easy to setup and use. The lockbox location, password, and parameters are configured during the easy setup procedure.

After the setup is completed, the lockbox will be hidden and locked until you, as the user, enter the valid password. My Lockbox Control Panel allows you easily change basic lockbox parameters: lockbox location, protection status, and password.

The program is effective, easy to use and best of all – it’s free.

Quick facts:

Very easy to use

Almost any folder on your computer can be password protected

Instant protection – no file scrambling

Lockbox folder is inaccessible even by the system administrators

Lockbox folder is inaccessible both locally and remotely

Lockbox folder can be protected in Windows safe mode

Hotkeys support – you can popup the Control Panel with a keystroke

Skinned user interface

Freeware

System Requirements: Windows 2000, XP, 2003 Server, Vista

Download at: Download.com

Kidnapped! – Gpcode Ransomware – Deja Vue All Over Again

When we think of kidnapping, extortion or blackmail, I think it’s safe to say, not many of us would consider our computer files as a likely victim. That is, unless we were familiar with a particular form of malware known as Ransomware.

Ransomware is a vicious form of malware, considering that it encrypts the victim’s files, and then demands a monetary ransom to decrypt the kidnapped files.

Once again the Ransomware Trojan, Gpcode/PGPCoder is on the loose. First encountered two years ago by Kaspersky Lab, this updated version of Gpcode/PGPCoder has returned, but in a much more advanced form.

Gpcode/PGPCoder is now using a 1,024 bit encryption key, as opposed to 660 bits in its last variant. It has been estimated it would require 30 years to break this new encryption key using a brute force attack; trying every possible password. Following the encryption of the target files the virus self destructs in order to evade detection.

More than 80 file-types on the PC including doc, txt, pdf, xls, jpg, png, htm, pst, xml, zip, and rar, are targeted for encryption, then the original files are deleted from the disk and replaced by an encrypted copy.

An attempt to open an encrypted file on an infected machine will produce a message similar to the following.

Hello, your files are encrypted with RSA-4096 algorithm.

You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us.

To decrypt your files you need to buy our software. The price is $300.

To buy our software please contact us at: – - – -

It has not yet been determined how Gpcode/PGPCoder infects the victim’s machine with the Trojan, so the following precautions are critical to the security of your system.

• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data. If you are infected this may be your only solution
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on the computer
• Install a personal firewall on the computer
• Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
• Ensure your anti-virus software scans all e-mail attachments
• Don’t store critical data on the system partition

Protecting Your Online Gaming Assets – It’s No Game!

I love computer gaming. In a real sense computer gaming was the driver behind my interest, in the early 1980’s, in becoming computer literate, and then taking that literacy to new levels of expertise.

Computer gaming has changed enormously of course from the early 1980’s to the present. The technical changes in both the games themselves, and the platforms the games run on, would have seemed like science fiction viewed from the perspective of the early days.

Online gaming has effectively opened up a whole new world of computer gaming, both literally and figuratively, and has changed the face and the complexities of computer gaming.

Played over the Internet, online games allow gamers to become part of a virtual world, consisting of literally millions of players who form online communities with all the associated social aspects of real world communities; the good, the bad, and the ugly.

Just as there are crooks and cyber criminals in a real world community, these same type of characters also inhabit the virtual worlds of Internet gaming.

You might wonder why virtual reality would mimic real life so closely that it would include virtual criminals. The answer is very simple – money, and lots of it.

In many virtual worlds, virtual currencies are used to purchase virtual possessions. You may be surprised to learn that these virtual possessions have real world value, in real world cash, and as in real life; a market exists for stolen goods in these other worlds.

The first step cyber criminals employ in stripping gamers of their virtual possessions (remember, real world cash), is password theft – an activity that has increased dramatically recently.

Stolen passwords for games such as World of Warcraft and Lineage are particularly valuable, since in these games it is common for less skilled gamers to buy/pay for, the virtual possessions they have been unable to acquire through skilled game play.

Increasingly, the thieft of passwords relies on specially designed malware, whose function is to steal online gaming passwords, allowing crooks access to gamers virtual possessions so that these possessions, just as in real life, can be sold.

Explaining just how this works Greg Hoglund, CEO of HBGary, developers of advanced software security technologies says, “Once a criminal learns a gamer’s username and password, he can log into the game and sell the victim’s virtual possessions for virtual gold coins. Those coins are then handed to another character in the game who sells the gold for real-world dollars at an online exchange such as IGE. IGE operates a network that deals with the legitimate buying and selling of virtual currencies and assets on the Internet.

Video gaming companies are now fighting back through the use of authenticators. An authenticator is an electronic device (see pic), which generates a unique, one-time use password which combined with the user’s regular password provides an increased security level against malicious attacks, including keyloggers and Trojans.

Blizzard Entertainment, the company behind such popular games as World of Warcraft, Lineage, Diablo and StarCraft sells an authenticator for $6.50 – although I noticed this morning that the Blizzard store is currently sold out.

Nevertheless, if you are one of the millions of virtual gamers, purchasing an authenticator to help protect your virtual assets, it seems to me, is vital.

In you’re interested in FREE online gaming then checkout an excellent article by Simon, one of my fellow writers on Makeuseof.com - Top Five Free Online Shooter Games.

Free EncryptOnClick – Simple, Secure, File/Folder Encryption

Financial data and other privileged information on a computer can easily be subject to intrusive viewing by those not authorized to do so.

Not many of us, it seems, bothers to lock our computers while we’re temporarily away from the machine creating a perfect opportunity for others to peek at our most sensitive and confidential files.

Quick tip: Press the Windows Key + L which, in Windows XP or Windows Vista, will lock your computer by displaying the Profile screen. When you click on your icon and type your password, you again have access to the PC.

Of course, it is not only those with physical access that can probe a computer for sensitive and confidential information. Internet malware attack statistics show, more and more, that this type of information is targeted by hackers/information thieves, for the purpose of identity theft.

Can it happen to you? The short answer is – you can count on an attempt. The reality is; there is no such thing as a totally secured internet connected computer. All internet connected computers are subject to attack.

To reduce, or eliminate, the security threat of sensitive data exposure, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It is a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until decrypted.

EncryptOnClick is a free program that lets you securely encrypt and decrypt files. The program is very simple to use, and features military grade 256-bit AES encryption. After you have launched the application, simply select the target file/folder you want to encrypt. Following the easy interface, type a password for that file/folder which will then be encrypted. To open the encrypted file/folder at a later date, you must type the correct password.

Quick facts:

• A very secure encryption and decryption method is used (256-bit AES encryption).
• Files are both compressed & encrypted, which results in a smaller file.
• Password protected.
• Will encrypt single files or all files in a folder.
• Very simple to use interface.
• Can be used on a USB key.
• Fully Unicode enabled so filenames in any language can be encrypted.
• OnClick will encrypt, decrypt, compress, and uncompress files which can also be opened and decrypted using third party programs like WinZip 9 (provided the correct password is used).
• Will detect if you’re decrypting a file that is in a temporary folder, and if so will prompt you to see if you would like to decrypt it into a different folder.
• Command line parameters can be used.
• Complete help file.

Free technical support, online forums, knowledge base, and FAQs at 2BrightSparks

Tip: Use on a USB key by copying the files EncryptOnClick.exe, EncryptOnClick.exe manifest, ExceedZip.dll to a named folder on the USB key.

Tip: If you need more encryption power checkout the review and download link for TrueCrypt on this Blog.

System Requirements: Windows 98/ME/2000/XP

Download at: Download.com

Free KeyScrambler Personal – Defeat Keyloggers While Surfing

Cyber-crooks are relentless in their pursuit of your money and let’s face it – it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Despite the best efforts of AntiSpyware, AntiVirus, and other Internet security products, you still face substantial risks while surfing the Internet. One type of risk/danger that is rarely considered, or discussed, is the Keylogger.

A Keylogger is a form of spyware, which once installed on a computer, can record every keystroke that is made on that computer, and transmit those keystrokes back to a cyber criminal. The function of a Keylogger is to steal passwords, bank account numbers, and other personal information.

A Keylogger in action: The to_my_love.scr (to my love screensaver), is currently circulating on the Internet by way of a personal invitation email. Clicking “yes” when your computer asks whether you want to install this screensaver, installs a Worm/Keylogger on the machine.

This Keylogger is capable of stealing IM passwords, email passwords, bank account numbers, and confidential/financial information. Using IM, email, and other contact information from the now infected computer, the Worm/Keylogger goes on to infect other machines. That’s right, the computers of friends, family, and perhaps even co-workers.

Protect yourself with KeyScrambler Personal: KeyScrambler Personal is a free plug-in for FireFox, Internet Explorer, and Flock web browsers which protects all input you type into the browser from Keyloggers. This free version of KeyScrambler encrypts your keystrokes at the kernel driver level.

When you type on your keyboard, the input travels along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The compromised information is then sent to the cyber criminal who will exploit your passwords, bank account numbers, and other personal information.

By encrypting your keystrokes at the keyboard driver level, deep within the operating system, a Keylogger is beaten since it can only record the encrypted keys which are indecipherable.

Unlike AntiVirus and AntiSpyware programs that depend on recognition to remove Keyloggers that they know about, KeyScrambler will protect you from both known and unknown Keyloggers.

Quick facts:

Protects user input in all parts of the browser against key-loggers.

Protects login credentials, credit card numbers, passwords, search terms and more

Works with IE, FireFox, and Flock: Java, Flash, PDF Forms

Email protection including Yahoo, Hotmail, and Gmail.

No learning curve.

Protects against Keyloggers even on security compromised computers

Requires no effort on your part after installation

In the top 5 FireFox Extensions for security and privacy

System Requirements: Windows 2000, 2003, XP, and Vista (32-bit and 64-bit)

Download at: QFX Software

For full, free, system Keylogger protection checkout “Are You Being Tracked? – Get Snoop Free Privacy Shield” on this Blog.