Tag Archives: IP address

Little TunnelBear (free) – A Drop Dead Simple VPN Built on Simplicity and Speed

I’m an Internet privacy advocate (regular readers will now pause – laugh – and say – “no kidding!”), and while the fight to rein in Google, and others, might seem unwinnable, privacy advocates have not lost the battle – yet. Which is why, I have a great interest in any tool that will either stop Google and other data accumulators from collecting, storing, and dissecting my private personal information, or inhibit their ability to do so.

As a result, I’ve long made it a practice to camouflage my IP address when searching for sensitive subject matter.  Sensitive subject matter doesn’t always involve porn. Although, ………….   Smile

Take a look at the following free VPN (Virtual Private Network) application – Little TunnelBear (a paid version with enhanced features is available), which allows you to surf the Web while hiding your IP address. Hiding your “real” IP address won’t leave traces of your private surfing activities – protecting you from snooping web sites, annoying advertisers, employers, curious family members, and of course – Google.

I’ve been running with TunnelBear, (for 6 months or so), on a daily basis – and I’m impressed – very impressed. This application is “snappy quick” which cannot be said of the majority of the 10 (or more), VPNs I’ve tested here in the last few years.

While the service is not entirely free (500 MB monthly free – an additional 1 GB is available (free) if one “Tweets” the application. Even with my heavy usage, I generally don’t run out of free data access (1.5 GB), until the 25/26th of the month.

At that point, I switch over to the free version of Expat Shield which unfortunately lacks the quickness of TunnelBear, with the additional handicap of being ad supported. Having said that, I’ll emphasize (from a previous review), that Expat Shield is a terrific application and, the developer is certainly entitled to generate revenue.

TunnelBear will get no points for a stylish  user interface …

image

…. but I can assure you, that in this case “hot looks” cannot compete with speed, simplicity  and ease of use.  And, TunnelBear has all that – and more.

Simplicity – no need to launch a Browser first. Switch on – choose your preferred locale (the UK or the US) then launch a Browser.

image

Please note that occasionally, you may find that instead of the UK, you will be assigned an alternative European IP address. Hungary and Holland come quickly to mind. It would be preferable, in my view, if the GUI reflected that fact.

Boost the freebie – If you have a Twitter account, and should you choose to do so, a quick Tweet is all it takes to bump up free data access to 1.5 GB. A very sweet deal, I think.

image

Following which, an email similar to that shown below, will confirm your additional 1 GB of data access.

image

I’ll repeat – Even with my heavy usage, I generally don’t run out of free data access (1.5 GB), until the 25/26th of the month.

Significant points:

There are no ads and the application doesn’t have to run in the background, or at startup.

Employs a minimum of  AES 128-bit encryption.

Normal surfing (hopping from site to site), showed no slowdown (none that I could measure in human terms) in connection speed.

Once the application has been started – all applications that communicate with a remote address will do so through TunnelBear.

As with all such applications, a leap of faith is required. While the application does shield you from prying eyes, the developer has full access. You need to consider the implications. In other words – do you trust the developer.

Here’s what the developer has top say on that issue –

“TunnelBear stores the absolute minimum amount of information required to operate our service. This information includes your email, first name, last name, # of times you’ve logged on and the overall amount of data you transferred for the month. We do NOT log any information as to the websites you visit, nor do we store your IP address after you disconnect.”

Having tested my fair share of anonymous surfing applications in the last few years, I’d judge this application to be as good, or better, than most.

Supported systems:

image

Download at: Developer’s site (http://www.tunnelbear.com/)

Additional information is available from the developer’s FAQ page here.

15 Comments

Filed under Android, Apple, downloads, Freeware, Google, Online Privacy, Software, Windows 7, Windows 8, Windows Vista, Windows XP

Simple Network Scanning With Free Wireless Network Watcher

imageIn this age of connected devices, and the proliferation of Wi-Fi, the number of “open networks” has jumped considerably.

While it’s true that wireless routers are supplied with encryption software -  working through the manual is often a frustrating experience for less technically inclined users. As a result, it’s not unusual for users to continue to use (widely known) default network names and passwords.

In a study commissioned by  the Wi-Fi Alliance in August of last year, it was discovered that only 59 percent of users have implemented wireless passwords, or encryption methods, that meet the basic criteria for strength and privacy.

In addition, the survey revealed that while “eighty-five percent of survey respondents understood that their Wi-Fi devices should not be set for automatic sharing, …. only 62 percent actually had auto-sharing turned off.” It’s easy to conclude then, that piggybacking on an unprotected wireless access point is perhaps more common than many might imagine.

So, how would you know if your wireless signal is piggyback capable, and is perhaps being used as the neighborhood access point? You could of course, install any one of the comprehensive open source network monitoring packages widely available for download. Provided, that is, you’re prepared to dig into a host of complex instructions and procedures.

A much simpler, but very basic solution, is offered by NirSoft’s Wireless Network Watcher. This free utility “scans your wireless network and displays the list of all computers and devices that are currently connected to your network.”

As you can see in the following screen capture (click to expand)  – the following connected device information is displayed: IP address, MAC address, the network card manufacturer, and optionally, the computer name.

Wireless Network Watcher

Better yet, you can set the utility to continuously monitor so that it will notify you of any new devices connecting to your network (with an audible signal if you like) – as illustrated in the following screen shot.

Wireless Network Watcher 2

System requirements: Windows 2000, XP, 2003, Vista, Server 2008, Win 7.

Download at: NirSoft (you’ll need to skip down the page to locate the download link).

Bonus feature – you can also use Wireless Network Watcher to scan a small wired network.

Wireless Network Watcher may not be jam packed with features – but, it does what it’s designed to do, and it does it very well. Additionally, the advanced options menu will allow you to scan selected IP address ranges, choose which adapter to scan from, and save the results to html.

More information about Wi-Fi security, including innovations that make setting up security easier, is available at www.wi-fi.org/security. Users can test their own security knowledge with a quick online quiz, watch animations about home Wi-Fi security, and download white papers with detailed information.

10 Comments

Filed under Connected Devices, downloads, Freeware, Network Tools, Software, Utilities

GoogleSharing Firefox Add-on – Stop Google’s Invasion of Your Privacy!

The campaign to convince people that the lack of personal privacy is of little concern to the average person, persists. Some pundits continue to enhance their careers by assuring us (at least those of us who will listen), that privacy, particularly Internet privacy, is dead and, we don’t care.

Consider these quotes from speakers at the Supernova conference, held this week in Philadelphia:

Jeff Jarvis, a blogger and media-industry pundit -

“I think we talk so much about privacy, privacy, privacy that we risk getting to the benefits of publicness (sic), that the Internet makes possible.”

Microsoft researcher, Danah Boyd -

“We have no definition of privacy.”

The only comment I’ll make regarding these two statements is – great sound bites, but BS nevertheless.

The most ludicrous statement I’ve heard regarding Internet privacy, comes from Google’s CEO Eric Schmidt -

“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

This, from a person who’s company’s very existence is predicated on the   virtually raping of the public’s privacy, for commercial gain. I’m not a conspiracy theorist in any sense, but I do believe that the very structure of Google constitutes an attack on a basic human right – the right to be “left alone”.

Schmidt may be a “whiz bang” when it comes to search engines, but I suggest that he’s a dud when it comes to the psychology of human beings. The truth is, the realities of the world we now live in continue to emphasize; despite the fact you have may have done nothing wrong – you have everything to worry about.

Noted security guru Bruce Schneier, put it in relevant context when he said:

“Privacy protects us from abuses by those in power, even if we’re doing nothing wrong at the time of surveillance. If we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness.

We become children, fettered under watchful eyes, constantly fearful that — either now or in the uncertain future — patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable”.

The majority of my friends are extremely concerned with the inroads that governments, social websites, commercial enterprises, and most particularly Google, have made into their private lives. They’re obviously not unusual if one considers this:

Disk wipe utilities, disk cleaning utilities, and file shredding utilities, are among the most popular free downloads on the Internet.

Most web Browsers offer a private browsing mode.

Encryption software is often advertised as a way to protect private, personal, or sensitive files.

Anonymizer applications, such as Hotspot Shield, are advertised as a way to protect a user’s online identity.

While there are multiple uses for the software applications, or application options, described above, a primary use of such software is to ensure a certain level of privacy. Of course, if you’ve done nothing wrong you don’t need to use these applications, right?   :)

Rather than using an anonymizer application, which in some cases can impact performance, there is another alternative, if you use Firefox as your Internet Browser – GoogleSharing.

GoogleSharing is a Firefox add-on developed by noted security expert Moxie Marlinspike, with one purpose in mind – preventing Google from tracking and retaining, user information.

The following graphics illustrate how this works.

Outbound search request:

image

Inbound search results:

image

Fast facts:

GoogleSharing is a custom proxy service.

Does not affect your non-Google traffic which it leaves completely untouched, un-redirected.

Combines search requests from many different users together, such that Google is not capable of telling what is coming from whom.

Each search request is assigned a unique identity.

Prevents Google from collecting information about you from services which don’t require a login.

Stops Google from tracking the user by IP address, Cookie, or any other identifying HTTP headers.

The system is completely transparent to the user. No special websites, no change to your work flow.

If you have any issues with Google retaining your user information, you should consider this add-on. Please be aware, I have not tested this add-on, and this post is for information purposes only.

For more information, visit: GoogleSharing

Download the add-on at: Mozilla

Additional resources related to privacy:

Electronic Privacy Information Center

Center for Democracy and Technology

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

13 Comments

Filed under Anonymous Surfing, Browser add-ons, downloads, Firefox Add-ons, Freeware, Privacy, Software, Windows Tips and Tools

Your Account Information Has Changed Phishing Attack

image The spam landscape changes constantly with new tactics and new threats evolving, seemingly on a daily basis. A recent tactic which appears to have found favor with cyber criminals is, the limited scale, targeted phishing attack – attacks which are aimed at a particular organization, or a particular industry segment.

Designating specific targets has some obvious advantages for cyber crooks, not the least of which is – most of us don’t get to hear about them. Since the focus is narrow, this type of threat typically slides under the radar and tends not to be reported due to the low numbers involved. Despite the low numbers, this type of attack can be surprisingly effective.

Given that the content is specific to the targeted recipient, the engagement factor, where the potential victim actually opens the email and attachments, is much higher than with a a broad scale shotgun attack.

Here’s a real world example of a current attack:

This week, in conversation with my friend Rod, an Australian antimalware company executive, he mentioned that his group of companies, and product users, had been targeted specifically as the following email samples indicate.

Sample 1:

Subject: Your antivirus.com.au account information has changed

Hello, xxxxx@antivirus.com.au.

We received your request to reset your antivirus.com.au password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.

If you didn’t request that your password be reset, please follow the instructions below to cancel your request.

Sample 2:

Hello, xxxxx a@nod32.com.au.

Please reply to this email message to confirm your subscription to nod32.com.au.

Your email address has been entered for a subscription to the nod32.com.au mailing list. However, your new subscription requires a confirmation that you received this email message and want to join this mailing list.

To confirm that you do want to join click here.

To unsubscribe immediately click here.

Thank you.

It’s obvious from the content, that the crooks involved in this attack have increased the chances of success, by providing the recipient with the opportunity to respond both positively, or negatively. If the recipient responds either way, the crooks win, and the victim loses.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address. It may take a little practice to realize the benefits in adding this precaution to your SOP.

For example, to do this is Gmail -

Log in to Gmail.

Open the message you’d like to view headers for.

Click the down arrow next to Reply, at the top-right of the message pane.

Select Show original.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Online Safety, Phishing, spam