Monthly Archives: September 2008

Adeona – Free – Stolen/Lost Laptop Tracker Software

You’ll never lose your Laptop computer, and you take particular care to ensure it won’t be stolen, right? Of course you do. But does loss, or theft, of laptops happen? You bet.

Recent survey results from the Ponemon Institute, indicates that more than 10,000 laptops are lost, or stolen, each week at U.S. airports. Are you as surprised as I am?

Not surprised? Well, how about this astonishing statistic from the same survey: 65% of those lost or stolen laptops are not reclaimed, despite the fact that half the laptops contain confidential corporate information.

One can only hope that the data on these laptops was encrypted, although it seems when we read news stories about a lost or stolen laptop, the pattern seems to be as follows; – 200,000 (insert your own number here), bank account numbers, Social Security Numbers, names, addresses and dates of birth were on an unencrypted laptop stolen/lost earlier this week.

Other available statistics indicate that a laptop is stolen, not lost but stolen, every 53 seconds and 97% of stolen laptop computers are never recovered.

So what can you do to increase the probability that should your laptop be lost or stolen, you can increase the chances that it will be returned to you, than the above statistics indicate?

Adeona (named after the Roman goddess of safe returns), is a newly released small software client for tracking the location of a lost, or stolen laptop, that does not rely on a proprietary central service, but instead, is offered free by the Open Source community.

This powerful free software has been developed through collaboration involving the University of Washington, the University of California San Diego and the University of California Davis.

The developer’s website describes the application as follows:

Adeona is designed to use the Open Source OpenDHT distributed storage service to store location updates sent by a small software client installed on an owner’s laptop.

The client continually monitors the current location of the laptop, gathering information (such as IP addresses and local network topology) that can be used to identify its current location.

The client then uses strong cryptographic mechanisms to not only encrypt the location data, but also ensure that the cipher texts stored within OpenDHT are anonymous and unlinkable. At the same time, it is easy for an owner to retrieve location information.

Quick facts:

Private: Adeona uses state-of-the-art cryptographic mechanisms to ensure that the owner is the only party that can use the system to reveal the locations visited by a device.

Reliable: Adeona uses a community-based remote storage facility, ensuring retrievability of recent location updates.

Open source and free: Adeona’s software is licensed under GPLv2. While your locations are secret, the tracking system’s design is not.

The Mac OS X version can capture pictures of the laptop user, or thief, using the built-in iSight camera.

System Requirements: Windows XP/Vista, Mac OS X, Linux

Download at the developer’s web site: Adeona

For a review and download links to free encryption software read “Lose Your USB Stick and You Lose it All – Encrypt Now with Free Software!” on this Blog.

2 Comments

Filed under Free Laptop Tracking Software, Freeware, Geek Software and Tools, Interconnectivity, Open Source, Software, Utilities, Windows Tips and Tools

Steal Your Friends Passwords and Software Licenses!

I’ll bet that headline got your attention!

We all know that the purpose of computer passwords is to protect personal information that you’ve stored on your computer, and in your online accounts.

With access to your passwords, cyber-criminals (they come in all shapes, sizes and flavors – so don’t be fooled), can and will, steal your identity and without a doubt severely compromise your financial security. Stolen passwords have the potential to cause serious havoc in your life.

There are numerous ways of course that a password, or software license key, can be stolen. Popular methods employed by cyber criminals include, but are not limited to:

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity to start the process of infecting unaware computer users’ machines

Search engine redirection: Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines. Malware, including password stealers can be installed on a computer simply by visiting a site.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common recently. They are crafted to automatically download and install malware including password stealers on your computer without your knowledge.

Now, added to the burden we already carry in protecting our computers, our private personal information, and our confidential financial information, we now have to be careful, and perhaps even suspicious of our friends, or for that matter anyone, who inserts a USB drive including MP3 players into a USB port on our computer.

USBThief is a free hacking application – available for download on virtually every torrent download site that I investigated – which can be installed on a USB flash drive, or even an iPod, or other MP3 player. I haven’t tried to install this on a Digital Camera, but I suspect (with some modification), that it can be done. Consider how often a friend, or family member, has connected any one of these peripherals to your machine.

USBThief has been designed and crafted with only one purpose in mind, and that is to steal both the passwords, and software keys, on the duped party’s computer.

There is no requirement that the culprit is a seasoned hacker – all that’s needed is that an ethically challenged individual download the program; decompress the archive and put all the files located in the folder “USBThief” onto a USB drive.

After connecting and removing the tweaked USB drive from the victim’s computer, the cyber-criminal simply views the dump folder to view the captured information.

I have not written this article to produce paranoia, or to make you suspicious of either your family, or your friends, but so that you are aware of the ever increasing challenges we all face in protecting valuable information in a world that threatens us, at every turn it seems.

4 Comments

Filed under Don't Get Hacked, Geek Software and Tools, Interconnectivity, Malware Advisories, Privacy, Software, Spyware - Adware Protection, USB, Windows Tips and Tools

Drive-by Downloads – Update Your Browser Right Now!

Your Firewall and Security Applications along with your Browser security add-ons provide the ultimate in protection while you’re surfing the web, right? Well in a sense they do.

Paradoxically, it’s because current anti-malware solutions are marginally more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently.

More than three million unique URLs on over 180,000 websites are automatically installing malware via drive-by downloads, according to recent statements by the Google Anti-Malware Team.

Google has not been alone in noticing this trend by cyber-criminals using these techniques. According to IBM cyber-criminals are directly attacking web browsers in order to steal identities, gain access to online accounts and conduct other criminal activities.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on a deceptive popup window.

Drive-by downloads work by targeting Internet browser vulnerabilities to download and run malware automatically when a user visits the site. Don’t think that by staying away from dangerous website such as adult sites that you’re any safer. The fact is these infected websites are all over the Internet.

Often more than one program is downloaded, for example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

Recent statistics seem to indicate that 40% of frequent Internet users continue to use an outdated version of their current Internet browser. Statistics generated from my own Blog stats put this figure at 31%. These users’ are essentially already victims just waiting to be victimized again.

Do you want to ensure you are protected, or to reduce the chances you will become a victim? Then there is a really easy way to do that – update your browser to the latest version now. Right now!

While all Internet browsers can be subject to vulnerabilities, the free FireFox browser from Mozilla is the browser of choice for most security conscious users, and is preferred by those who tend to think “Geeky”, due to the amazing number of add-ons that increase safety and functionality.

Download FireFox here.

You need to be proactive when it comes to your computer’s security by making sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!” you can read it here.

For a different take on Google’s new browser checkout TechPaul’s “A Real Life Review of Google’s New Browser”.

3 Comments

Filed under Application Vulnerabilities, Browsers, Firefox, Freeware, Interconnectivity, Internet Safety, Malware Advisories, Online Safety, Safe Surfing, System Security, Windows Tips and Tools

Destroy Your Deleted Files with Free File Shredder 2

Many of us now own, and use a paper file shredder to destroy documents, and personal and financial papers, that we don’t want to fall into the hands of identity thieves or anyone else not entitled to have access.

So now, consider those files on your computer that you’ve deleted, sent to the recycle bin, and then flushed as you emptied the recycle bin. When you go through this process the deleted files are gone forever, right?

Well if you’re a typical computer user, you quite likely do believe that they’re gone forever, since the deleted files can’t be seen in Windows Explorer. In fact, you can’t find these files anywhere on your Hard Drive.

It may surprise you to learn that not only can I find those files but I can recover them as well. Oh, it’s not because I’m a super- duper tech wizard – although I will say, with some modesty, that I am. LOL.

Here’s the lowdown: when a file is deleted from your Hard Drive, what really gets deleted is the system link pointing towards the file, but not the file itself. Surprisingly, it is relatively easy to retrieve the deleted file using specialized file recovery software (often available as a free download), which takes advantage of shortcomings in the Windows operating systems.

Let me give you an example. Recently, as part of my personal commitment to give back to society, I agreed to rebuild 30+ computers (at no cost), being donated to a local charity for distribution to less fortunate families.

While working on these machines I noticed immediately that although the Hard Drives had undergone deletion, they had not been wiped. Since these machine had been donated by a government agency; that struck me as being negligent in the extreme.

To forcefully bring this situation to the attention of those who had committed this serious breach in security, I recovered a number of these files. Not unexpectedly, the recovered files did in fact did contain confidential information. In this case, confidential information on families on public assistance. As part of the process, I saved the recovered files to a floppy disk and presented the disk to the appropriate authorities.

It’s easy to see from this example, that deleted files (or a good portion of a file) can easily be recovered.

In order to delete or shred files permanently, to protect your privacy and potentially your security, or for any other reason for that matter, you need a program such as File Shredder 2 that is capable of overwriting the file with a random series of binary data multiple times.

This process is often called shredding. That way, the actual content of the file has been overwritten and the possibilities of recovering such a shredded file becomes mainly theoretical.

File Shredder 2 (rated by CNET’s editors as a 5 Star utility), is a simple but powerful program, with a straightforward interface, that many users judge to be better than some commercial file shredders. With File Shredder 2 you can remove files from your hard drive permanently, and feel confident that the file can’t be recovered.

Running the program allows you to choose between 5 different shredding algorithms, each one gradually stronger than the previous one. As well, it has an integrated Disk Wiper which uses a shredding algorithm to wipe unused disk space. I use this feature frequently, to clean up my drives (after running test applications), and to destroy any leftover fragments of previously deleted/uninstalled files.

If you’re looking for a great free file shredder application that does what it says it does, in an easy to understand manner, I highly recommend File Shredder 2.

Operating Systems: Windows NT, Windows 2000, Windows XP, Windows Vista

Download at: Download.com

Comments Off on Destroy Your Deleted Files with Free File Shredder 2

Filed under Disk Cleaners, Freeware, Geek Software and Tools, Privacy, Software, Utilities, Windows Tips and Tools

Fake/Redirected Search Results – Consequences for You

I hate being victimized! Unfortunately, all of us who use the Internet can be victimized in ways that sometimes defy credibility. Ironically, even those of us who specialize in Internet security can be targeted by cyber-criminals.

Several weeks ago, one of my Blog sites was the target of redirected search engine results. Essentially, what had been happening is this – when a search was made by a web user which produced a result listing my site, and the user clicked on that link, in some circumstances, the user was redirected to a site, or page, controlled by a hijacker.

While this exploit didn’t impact me financially, since I don’t run ads on my sites, it was disappointing knowing that cyber-criminals were potentially benefiting economically from the results of my efforts. Very often, the purpose behind this type of attack is the hacker’s need to increase his site’s reputation on Google, and other search engines, by fraudulently increasing the site’s hits. This can lead to an increase in profits generated by that site.

The dangers to you:

Those of us who are involved in Internet security know – cyber-crooks are unrelenting in their chase to infect web search results. We know that there has been a steady increase in the use of custom-built Websites designed to drop malicious code on computers, and in the manipulation of legitimate pages in order to infect computers with malware.

Earlier today, I read on the Darkreading Website, a security site for IT professionals, “that hackers have launched a multi-faceted attack on the Website of the popular AARP organization, rerouting traffic from the seniors’ association to pornography sites”. A bit chancy, I would have thought.

Other common techniques used by these cyber-criminals include the manipulation of search engine results, and the seeding of Websites among the top results returned by these engines. When a potential victim visits one of these sites the likelihood of the downloading of malicious code onto the computer, by exploiting existing vulnerabilities, is extremely high.

There are several ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate.

Another method is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.

So what can you do to ensure you are protected, or to reduce the chances you will become a victim?

Keep all applications (including your operating system) patched.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Turn off your computer or disconnect from the network when not in use.

Disable Java, JavaScript, and ActiveX if possible.

Disable scripting features in email programs.

Make regular backups of critical data.

Make a boot disk in case your computer is damaged or compromised.

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

Ensure the anti-virus software scans all e-mail attachments.

5 Comments

Filed under Browsers, Interconnectivity, Internet Safety, Internet Safety Tools, Malware Advisories, Online Safety, Search Engines, Spyware - Adware Protection, trojans, Viruses, Windows Tips and Tools

Wi-Fi Alternative? – Powerline Networking!

When most of us consider setting up a home network, we generally tend to be single minded. Automatically, it seems, we focus on Wi-Fi to the exclusion of any other network solution; and there are alternative solutions.

Wi-Fi has obvious advantages, not the least of which is it does away with the messy job of installing network cables which tend be unsightly, and in some cases difficult to install, particularly if run between floors.

On the other hand Wi-Fi can be a less than satisfactory solution to networking since issues such as distance between devices, thickness of walls and physical separation in the case of devices separated by floors, can impact Wi-Fi performance. In fact, in the past I have had less than acceptable performance with Wi-Fi devices located on different floors.

Power Line Communications (PLC) is a technology that uses the electrical wiring in your home, or your office, to provide network and Internet communication between attached devices, including computers, digital media devices such as a Tivo/Slingbox, and gaming consoles like the Xbox 360, PlayStation 3, or Nintendo Wii.

To network two computers, for example, you start by plugging the outlet adapters, which form the backbone of the technology, into the two appropriate electrical outlets. Then connect the outlet adapters to the Ethernet ports on your computers and voila! – you now have a basic network connection between the two machines.

Early on in the development of this technology performance was an issue, but in recent years relatively new improvements now permit up to 200Mbps transfer rates. In some European countries 400Mbps transfer rates are common. So playing games on more than one device; transferring video, music or other high-volume files on the network, or using devices such as network hard disk to store large files are not an issue.

As with Wi-Fi, the signals have the ability to travel a short distance outside your home, so this technology includes the capacity to set an encrypted password to enhance network security.

There is some resistance to this technology in the U.S. amongst short wave radio hobbyists, since it’s possible for these adapters to generate unacceptable interference to short wave radio communication.

Quick facts:

Simple to set up – just plug in

Instant network connection

No network cables to install

Easy Internet connection sharing Network – Computers, Game Consoles, HD Media Devices

Cost: $100 – $200 (approximate)

If you’re interested in additional information on this technology, then checkout Wikipedia, and the Universal Powerline Association website.

Suppliers of this technology include these familiar companies: NetGear and D-Link.

For a great article on setting up a network read “Which is Better Ethernet or Wireless” by TechPaul.

2 Comments

Filed under Easy Computer Networking, Geek Software and Tools, Interconnectivity, Networking, Windows Tips and Tools

Defeat Internet Keyloggers – KeyScrambler Personal (Free)

Cyber-crooks are relentless in their pursuit of your money and let’s face it – it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Despite the best efforts of AntiSpyware, AntiVirus, and other Internet security products, you still face substantial risks while surfing the Internet. One type of risk/danger that is rarely considered, or discussed, is the Keylogger.

A Keylogger is a form of spyware which, once installed on a computer, can record every keystroke that is made on that computer, and transmit those keystrokes back to a cyber-criminal. The function of a Keylogger is to steal passwords, bank account numbers, and other personal information.

A Keylogger in action: The to_my_love.scr (to my love screensaver), is currently circulating on the Internet by way of a personal invitation email. Clicking “yes” when your computer asks whether you want to install this screensaver, installs a Worm/Keylogger on the machine.

This Keylogger is capable of stealing IM passwords, email passwords, bank account numbers, and confidential/financial information. Using IM, email, and other contact information from the now infected computer, the Worm/Keylogger goes on to infect other machines. That’s right, the computers of friends, family, and perhaps even co-workers.

Protect yourself with KeyScrambler Personal: KeyScrambler Personal is a free plug-in for FireFox, Internet Explorer, and Flock web browsers which protects all input you type into the browser from Keyloggers. This free version of KeyScrambler encrypts your keystrokes at the kernel driver level.

When you type on your keyboard, the input travels along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The compromised information is then sent to the cyber criminal who will exploit your passwords, bank account numbers, and other personal information.

By encrypting your keystrokes at the keyboard driver level, deep within the operating system, a Keylogger is beaten since it can only record the encrypted keys, which are indecipherable.

Unlike AntiVirus and AntiSpyware programs that depend on recognition to remove Keyloggers that they know about, KeyScrambler will protect you from both known and unknown Keyloggers.

I’ve been using this great little plug-in for a few months now and feel more secure logging in than I did. Despite this, I change all of my passwords frequently since doing so, is just common sense.

Quick facts:

Protects user input in all parts of the browser against key-loggers.

Protects login credentials, credit card numbers, passwords, search terms and more

Works with IE, FireFox, and Flock: Java, Flash, PDF Forms

Email protection including Yahoo, Hotmail, and Gmail.

No learning curve.

Protects against Keyloggers even on security compromised computers

Requires no effort on your part after installation

In the top 5 FireFox Extensions for security and privacy

System Requirements: Windows 2000, 2003, XP, and Vista (32-bit and 64-bit)

Download at: QFX Software

For full, free, system Keylogger protection checkout, “Are You Being Tracked? – Get Snoop Free Privacy Shield” on this Blog.

3 Comments

Filed under Anti-Keyloggers, Anti-Malware Tools, Browser add-ons, Encryption, Encryption Software, Firefox Add-ons, Freeware, Interconnectivity, Internet Safety, Internet Safety Tools, Online Banking, Online Safety, Phishing, Privacy, Safe Surfing, Spyware - Adware Protection, Windows Tips and Tools