Category Archives: Utilities

Beat Obama’s Bandits With TrueCrypt Free (Open-Source) Encryption

The so called “War on Terror” has long since lost its luster and should be appropriately reclassified as The War of Terror. The U.S. has been singularly impudent in terrorizing the terrorists but instead, it has managed to terrorize the rest of the world using a system of surveillance schemes that have gone off the board. Chalk one up for Al Qaeda – the only winners in this debacle.

In the meantime, Americans continue to live in fear – trading away freedoms for security in a war that is simple unwinnable. Obama, despite his assurances that he would “fight terrorism while maintaining our civil liberties” has been a principle mover in this assault on democracy.

And, the master of the reversal has more –

Obama, in a 2008 election sound bite, drew a sharp contrast with the Bush administration which he proclaimed, offered Americans “a false choice between the liberties we cherish and the security we demand.” And for good measure – for stooping “to spy on citizens who are not suspected of a crime.” It’s a surreal world we live in, is it not?

But why be satisfied with my ramblings? Here’s the video.

image

As America continues its slide into Fascism (eagerly joined in the venture by Canada, Australia, the U.K. and countless other self-advertised “democracies”), the justified expectation held by these governments is – you – yes, you – will take no active part in expressing your outrage at the escalating intrusions into your private life. Sadly, the undermining of democracy, or more to the point, democracy as we though we knew it, continues apace.

As a consequence (hardly the only consequence, of course), encryption technology is once again in the spotlight. And no, using encryption does not mean that one has something to hide.

Sophisticated and  aware computer users know, that financial data and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.

Putting Obama and his bad boys aside, here are some examples of how this might occur:

Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.

Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.

Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.

Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost, or stolen.

To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.

It happens to us all: Just this past week, I lost not only my house keys (first time ever) – but the USB key attached to the keychain. If you guessed that the drive was encrypted – take a bow.   Smile

TrueCrypt:

TrueCrypt is an outstanding free open source software application for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved – without any user intervention. The program automatically and transparently encrypts in real time.

No data stored on an encrypted volume can be read (decrypted) without the correct password/key file or correct encryption keys. The entire file system is encrypted (i.e., file names, folder names, contents, free space, Meta data, etc.).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). When you turn off your computer, the volume will be dismounted and files stored in the volume will be inaccessible and encrypted. You may of course, manually dismount the volume.

TrueCrypt offers a number of options – you can store your encrypted data in files, partitions, or on a portable storage device such as a USB flash drive.

Installation is simple and straightforward – no gotchas here. Lots of steps – but easy steps.

image

image

image

image

image

If you choose “Keyfiles”, be sure you understand the ramifications. This is an extra security step which has limited application for a home user. You do not need to select this option.

image

image

image

image

image

And – Win 8’s File Explorer reports that the volume has been setup successfully. If you expand the graphic below (click), you’ll also notice my first TrueCrypt volume on this HD from May 9, 2006.

image

Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.

Fast Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

Pipelined operations increasing read/write speed by up to 100% (Windows)

I’ve been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.

How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

System Requirements: Win 8, Win 7, Vista, XP, Mac OS X, and Linux.

Download at: TrueCrypt

Advertisements

14 Comments

Filed under downloads, Encryption Software, Freeware, Interconnectivity, Open Source, Software, Utilities

EULAlyzer – A Free Tool To Help “Uncomplicate” End User License Agreements

imageI’ve always considered that reading a EULA (End User License Agreement), is sort of like reading the phone book; and who reads a phone book?

I must admit that I get bored and distracted when reading EULA text; especially since I’m forced to read reams of small text, in a small window, which requires me to scroll continuously. I suspect, I’m not alone in this, and that most people just skim over the text; or more to the point – don’t bother reading the EULA at all.

However, there’s a downside risk in not reading the EULA carefully. By not reading the EULA carefully, we may let ourselves in for some unwelcome, annoying, and potentially dangerous surprises.

One of the most important aspects of any software license agreement is, the information it provides concerning the intentions of the software, and whether there are additional components bundled with the main application.

Additional components that could potentially display pop-up ads, transmit personal identifiable information back to the developer, or use unique tracking identifiers.

Not all software applications contain these additional components of course, but you need to be aware of those that do when you are considering installing an application.

Software developers who choose to employ these tools (to gather information for example), are generally not underhanded, and in most cases there is full disclosure of their intent contained in the EULA. But here’s the rub – virtually no one reads EULAs.

EULAlyzer, a free application from BrightFort (formerly: Javacool Software), the SpywareBlaster developer, can make reading and analyzing license agreements, while not a pleasure, at least not as painful.

This free application quickly scans a EULA, and points out words, statements, and phrases, that you need to consider carefully. Results are rated by “Interest Level” and organized by category, so it’s easy to zero-in on the issue that concern you the most.

image

Working similar to an anti-spyware program, EULAlyzer flags suspicious wording on a scale of 1 to 10 – based on how critical the disclosed information can be to your security, or privacy.

Let’s take a look at the license agreement for Piriform’s CCleaner.

You’ll note that there three areas of limited concern that have been flagged – as shown in the screen shot, below. Clicking on “Goto” icon will expand the related wording.

I’m very familiar with Piriform’s freeware applications – nevertheless, as is my habit, I read the EULA carefully.

image

Let’s take a look at the license agreement for GOM Audio Player.

Again, EULAlyzer has flagged a number of issues – but, in this case, these are issues that I considered very carefully before installation this application.

image

If you, like me, download freeware frequently, then you need to read the software license agreement carefully. EULAlyzer will make it easier for you to focus on the important aspects of the agreement.

There is no doubt that we could all use a little help in working our way through these wordy, but necessary agreements. The reality is, all software EULAs should be read carefully.

Fast facts:

Discover potentially hidden behavior about the software you’re going to install.

Pick up on things you missed when reading license agreements.

Keep a saved database of the license agreements you view.

Instant results – super-fast analysis in just a second.

EULAlyzer makes it simple to instantly identify highly interesting and important parts of license agreements, privacy policies, and other similar documents, including language that deals with:

Advertising

Tracking

Data Collection

Privacy-Related Concerns

Installation of Third-Party or Additional Software

Inclusion of External Agreements By Reference

Potentially Suspicious Clauses

and, much more…

System requirements: Windows XP, Vista, Win 7, Win 8.

Download at: Major Geeks

12 Comments

Filed under Don't Get Scammed, downloads, Freeware, Software, Utilities

InternetOff – Or Not?

imageI’m not in the habit of leaving the door to my home wide open – unlocked perhaps – depending on circumstances. But wide open? No. Nor, have I ever developed the habit of leaving my Internet connection wide open – unless I have a need to do so. Otherwise – I break the connection.

My Tablet computer is subject to the same set of rules. Unless I’m actively engaged with the Internet – off goes the Wi-Fi.

As a one-time user, and a big fan of the free ZoneAlarm Firewall (since the “olden days”), disconnecting from the Internet was as simple as flicking a switch from within the ZoneAlarm GUI –  “Stop All Internet Activity”. Until, that is, ZoneAlarm underwent “improvement” to the point that it became useless for my needs. But, that’s another story.

Next up, on the Firewall scene, was PC Tools Firewall Plus which offered the same – “switch off” capabilities. Unhappily though,  PC Tools Firewall Plus, went the way of the Dodo Bird (on Windows 8) – at least as a stand alone application.

Now running to catch up, I finally relented and activated Windows 8 internal firewall which, with the addition of the freebie application, Windows Firewall Control, suits my needs – for now.

image

Still, this is a fairly clunky method to accomplish a simple task such as shutting down a Network Adapter (Ethernet Card) – there has to be a better way. Other than pulling the Cat 5 cable.  Smile  And, there is.

Regular reader Hipockets, has reminded me (thank you Sir) that the freebie application – InternetOff – is designed to do just that – turn off an Internet connection.

Installation:

A couple of clicks ……..

image

…………… and, you’re finished.

image

Following the installation, you’ll find a “Globe” icon in the system tray which when activated, will bring up …….

image

Click – and you’re done – as shown in the following screen captures.

image

image

Reverse the process and, you’re back online. Quick, simple, and painless.

System requirements: Windows 2000, XP, Vista, Win7, 32/64 bit (Tested on Win 8/32 bit under which the application must be run as an administrator).

Download at: The developer’s site.

From the – “he got there first files.” Good friend and fellow blogger, Rick Robinette, posted on this application previously. You’ll enjoy reading Rick’s take on this neat little freebie.

13 Comments

Filed under 64 Bit Software, downloads, Freeware, Interconnectivity, Utilities

Free Replicator – Automatically Backup Files, Folders, Even Entire Drives

imageRegular reader Chris A., was looking for a solution to a long standing problem. Chris had a need to “create a daily backup of an Access database and, to keep adding daily copies instead of overwriting the existing copy each time” – automatically, and in the background.

As it turns out, Chris and I were in the same boat. I have a need to copy/backup several selected files/folders (including Blog posts and drafts) to a secondary drive on a daily basis. Up to now, I’ve simply done a simple manual “copy to” – when I remember to do so, that is.

“When I remember to do so” is more than a little haphazard and, I’ve occasionally paid the price through one system misadventure or another. Always a major bummer, that.

As in all things tech, there is a free solution. A solution Chris has recommended to me (thanks Chris) – Karen’s Replicator – which, if you have a similar need to copy/backup selected files/folders on a manual or scheduled basis, might be a perfect fit for you.

I’m into simple solutions – and, Karen’s Replicator is just that – easy and straightforward. Copying or backing up a folder, including subfolders, scheduled or manual – or a bushel of files/folders if you like, is driven by a fairly simple GUI.

Launching the applications brings up the following window allowing you to enable or disable jobs, manually run a job, view the Replicator’s log file, or change the program’s settings.

image

Since I’m most interested in scheduling the task of auto copying my Weblog Posts, in this test I set the application to start at 1:00 AM on July 8. I subsequently changed the time to 9:15 AM on July 7, and added an additional save location (not shown in this screen capture).

image

Both jobs were completed successfully in 63 ms.

image

A quick check to ensure that the relevant files have in fact been copied over.

image

And, a further test to ensure that the copied files can be opened in Windows Live Writer.

image

Scheduling a job, or series of jobs, can easily be accomplished from within the schedule window – illustrated below.

image

You can easily adjust customized job and application settings from the “Edit Settings” window.

image

In a short review, it’s rarely possible to cover all of the benefits of a particular application – and, this short review is no different. Karen’s Replicator has additional functionality other than the features I’ve highlighted here – which, you will no doubt discover should you add this super freebie to your utility toolbox.

System requirements: Windows XP, Vista, Win 7 (tested on Win 8).

Download at: http://www.karenware.com/powertools/ptreplicator.asp

Karen’s Power Tools web site has a wealth of additional free utilities that you might find useful.

9 Comments

Filed under Backup Tools, downloads, Freeware, Utilities

Lookeen – An Outlook Search Add-on That’s FAST!

https://bizchange.files.wordpress.com/2010/02/overloaded-man.jpg?iact=hc&vpx=794&vpy=103&dur=2755&hovh=223&hovw=226&tx=79&ty=136&sig=104081718647520250308&ei=_Y3HT5z1Eef30gGv65itDw&page=14&tbnh=160&tbnw=162&start=450&ndsp=35&ved=1t:429,r:31,s:450,i:149Currently, there’s a BlackBerry commercial running here in Canada in which a young woman declares that she gets over 1,000 emails a day. I have to admit, that the 1,000+ emails that she purportedly receives daily, led me to do a little figuring. Truth in advertising and all that.

Assuming that each email takes one minute to read, that translates into 16+ hours devoted to just reading emails. Perhaps it takes less time than that but, even cutting the read time in half would result in a full 8 hour day devoted to just reading emails.

Riding this train of thought, led me to consider just how this young woman managed (assuming that what she claims is true), to handle the time constraints imposed by this massive volume of correspondence – assuming, that at least some of these emails would require an after the fact action plan.

How would she, for example, search for and find, relevant emails, attachments, appointments, tasks, notes and contacts in a rather extensive  email achieve? And, do so quickly and efficiently – no small task.

Coincidentally, at roughly the same time that I was putting myself through mental contortions in an attempt to break down the 1,000+ email claim, I was offered an opportunity to take Lookeen, an email search solution designed to integrate seamlessly into Microsoft Outlook, for a test ride.

Fast facts:

  • Massive increase of E-Mail search speed
  • Finds e-Mails, attachments, appointments, tasks, notes and contacts
  • Supports Exchange Server, Public Folder and external PST-archives
  • Integrated Desktop Search: Search in local and Network Files
  • For enterprises: Central Indexing reduces Server and Network Traffic
  • Over 500.000 installations worldwide
  • Installation in a few clicks

Following an easy installation, the application launches into a brief tutorial as illustrated in the following self-explanatory screen captures.

Step one.

image

Step two.

image

Step three.

image

Step four.

image

Step five.

image

As shown in the following screen capture, you’ll note that Lookeen adds a simple, yet helpful, search box to Outlook.

image

Did I mention FAST?

In the following quick search, the application pulled up 697 related items in three tenths of a second.

image

In a more focused search, the application pulled up 79 related items in two tenths of a second.

image

In this brief overview, I’ve barely touched on the functionality of this super little Outlook add-on. You can also expect the following:

Lookeen will search everywhere in your Outlook data.

Have every email at your fingertips – no matter how much data you have!

The integrated real-time-indexing enables you to search your local emails (PST), Exchange Server, Public Folder, your complete desktop, and even network files, all while Lookeen is indexing your files.

Lookeen will find every mail – even in the largest of archives.

Execute parallel searches for e-mails, attachments, appointments, tasks, notes and contacts.

Integrated Desktop search enables you to search in documents and PDFs.

Install and manage Lookeen in your enterprise with group policies (Lookeen Business Edition) and use the Lookeen Shared Index feature to reduce server traffic (Lookeen Enterprise Edition).

You can download Lookeen and try it for free for 14 days.

Download at: Lookeen.

As for the young woman’s claim of 1,000 emails a day? Yeah, sure.   Smile

A big “Thank You” to regular reader Lee Garber for taking the time to point me towards this application. Thanks Lee.

7 Comments

Filed under downloads, Email, Integrated Solutions, Software Trial Versions, Utilities

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

imageThere’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

CurrPorts 2

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

image

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

image

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

image

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

12 Comments

Filed under 64 Bit Software, Don't Get Hacked, downloads, Freeware, Internet Safety Tools, Malware Protection, Software, Utilities

Simple Network Scanning With Free Wireless Network Watcher

imageIn this age of connected devices, and the proliferation of Wi-Fi, the number of “open networks” has jumped considerably.

While it’s true that wireless routers are supplied with encryption software –  working through the manual is often a frustrating experience for less technically inclined users. As a result, it’s not unusual for users to continue to use (widely known) default network names and passwords.

In a study commissioned by  the Wi-Fi Alliance in August of last year, it was discovered that only 59 percent of users have implemented wireless passwords, or encryption methods, that meet the basic criteria for strength and privacy.

In addition, the survey revealed that while “eighty-five percent of survey respondents understood that their Wi-Fi devices should not be set for automatic sharing, …. only 62 percent actually had auto-sharing turned off.” It’s easy to conclude then, that piggybacking on an unprotected wireless access point is perhaps more common than many might imagine.

So, how would you know if your wireless signal is piggyback capable, and is perhaps being used as the neighborhood access point? You could of course, install any one of the comprehensive open source network monitoring packages widely available for download. Provided, that is, you’re prepared to dig into a host of complex instructions and procedures.

A much simpler, but very basic solution, is offered by NirSoft’s Wireless Network Watcher. This free utility “scans your wireless network and displays the list of all computers and devices that are currently connected to your network.”

As you can see in the following screen capture (click to expand)  – the following connected device information is displayed: IP address, MAC address, the network card manufacturer, and optionally, the computer name.

Wireless Network Watcher

Better yet, you can set the utility to continuously monitor so that it will notify you of any new devices connecting to your network (with an audible signal if you like) – as illustrated in the following screen shot.

Wireless Network Watcher 2

System requirements: Windows 2000, XP, 2003, Vista, Server 2008, Win 7.

Download at: NirSoft (you’ll need to skip down the page to locate the download link).

Bonus feature – you can also use Wireless Network Watcher to scan a small wired network.

Wireless Network Watcher may not be jam packed with features – but, it does what it’s designed to do, and it does it very well. Additionally, the advanced options menu will allow you to scan selected IP address ranges, choose which adapter to scan from, and save the results to html.

More information about Wi-Fi security, including innovations that make setting up security easier, is available at www.wi-fi.org/security. Users can test their own security knowledge with a quick online quiz, watch animations about home Wi-Fi security, and download white papers with detailed information.

10 Comments

Filed under Connected Devices, downloads, Freeware, Network Tools, Software, Utilities