Video: FBI director Robert Mueller at the RSA conference

March 6th, 2010 Comments Off

Just some FBI bullshit as usual, Robert Mueller, FBI director, attempts to convince big companies at the RSA conference in San Francisco, to work together, in what he calls a “partnership”.

I would have a higher regard for the people enforcing the law if they learned to respect people’s dignity and right to privacy in the first place.

For those who do not know, the RSA Conference is a meeting of information security professionals from around the world to debate, network and learn about computer security.

Share This Post
Read More »

How to stop DNS leakage while using a VPN

February 16th, 2010 Comments Off

The DNS leakage problem explained

Whenever you type a domain name, your Internet browser contacts a DNS server and makes a DNS Query.

Most Virtual Private Network providers fail to mention that while your connexion is encrypted using a VPN there is a high chance that a DNS leak will occur and your ISP will still be able to see what you are doing over the internet.

The problem occurs primarily when routers and computers are set to use automatic DHCP, this can force name lookups to bypass the name server supplied by the active VPN connection and instead use the one supplied by your ISP which allows them to see the websites you visit.

DNS leak test

If you want to check if you suffer from DNS leakage, connect to your usual VPN/proxy and visit http://entropy.dns-oarc.net

After you click on Test my DNS you should ignore everything and look only on top of the page where it says DNS Resolver(s) tested .

Use a whois tool to resolve the IPs listed there and if your ISP name comes up, then you have a DNS leak.

Mi5 spies behind schedule

Mi5 spies behind schedule

Solving DNS leakage

The easiest way I have found to stop DNS leakage is by not using the ISP name servers and choose a free public DNS provider instead.

List of free public DNS providers:

Comodo public DNS

NS1: 156.154.70.22
NS2: 156.154.71.22

Google public DNS

NS1: 8.8.8.8
NS2: 8.8.4.4

OpenDNS public DNS

NS1: 208.67.222.222
NS2: 208.67.220.220

DNSAdvantadge public DNS

NS1: 156.154.70.1
NS2: 156.154.71.1

Instructions to change your computer DNS settings

Instructions to use Comodo public DNS

Instructions to use Google public DNS

Instructions to use OpenDNS public DNS

Instructions to use DNSAdvantadge public DNS

After you have done the change, carry out again the DNS leak test mentioned above. You should now see the DNS belonging to your new choosen provider.

Note: It looks as if Comodo Secure DNS and DNSAdvantadge are using the same network (UltraDNS).

DNS Nameserver speed test

Changing your DNS server can also increase or decrease the speed at which the websites are resolved, you can test your nameservers speed with the free utilities below:

NameBench (DNS benchmark utility)

GRC DNS Benchmark (No installation needed)

Share This Post

Read More »

Review: Free speech webhosting NearlyFreeSpeech

January 29th, 2010 8 Comments

I have been with NearlyFreeSpeech webhosting for three years (not this blog) and this review is based on that experience. The fact that I have been with them for so long already indicates that I am happy with their services, although there isn’t too much competition in the free speech webhosting field and that also helped.

Besides webhosting, NearlyFreeSpeech.net also does domain name registration with whois privacy included.

At the time of writting this NearlyFreeSpeech fees are very cheap for static sites (no database and few pictures).  Just remember to change the settings on your account because by default it is set up to support PHP and once you change it to static site the price will go down.

You will need to pay in order to get support for your hosting account at NearlyFreeSpeech, but I have found their members only forum, to be very useful,  NearlyFreeSpeech staff hangs around there too and they will help you out whenever they can.

During my time with NearlyFreeSpeech I have always gotten free meaningful support from their forums. No question has gone unanswered.

Muhammed the prophet

Muhammed the prophet

The Good Stuff

As long as your content is legal in the United States, where NearlyFreeSpeech is based, you will have absolutely no problems with them, it does not matter if you are promoting pedophilia, Hitler, Stalin or anything similar, NearlyFreeSpeech will not take the content down if this is legal in the US and does not infringe on copyright.

You can pay via Paypal, credit card or sending a money order in the post, the last payment method being a rare find for a webhost.

NearlyFreeSpeech will also take anonymous donations to fund your hosting account, this is an excellent way for people to anonymously fund your website, with no involvement from your part, the donator will only need to indicate your hosting account number, which you can make clear on your site, and you will be notified by NearlyFreeSpeech every time someone sends money in.

NearlyFreeSpeech members can propose new features to be implemented and they are then submitted to a popular vote.  There is support for SFTP and SSH and the sense of community at the forums is also very good.

The Bad Stuff

The only way to upload your files is with an FTP or SFTP client, there is no web interface to do that. Nearlyfreespeech hosting control panel is unique to them and has been developed in house, its navigation is hard and you will need to get used to it, it also has far less features than the more usual cPanel.

It will be hard for you to work out what you are going to pay at the end of the year, the way used to calculate that is complex, consisting of the sum of number of active databases, bandwith used, space used, email forwarding used, etc.

You will need to pay to get hosting support and any hosting software you need to install will have to be done manually because you can’t do that from the control panel.

Barak Obama

Barak Obama

Conclusion

If your site is controversial but legal in the US, you will feel safe hosting it at NearlyFreeSpeech.

Their hosting panel is poor and hard to navigate and you will need not to know the basics of webhosting, such as how an FTP client works.

You will only be better off NearlyFreeSpeech if your website has specific software needs such as some peculiar CMS that you would like to install through the hosting panel. You may also be bothered by not being able to work out what the hosting is going to cost you at the end of the year.

Visit NearlyFreeSpeech


Alternatives to NearlyFreeSpeech:

- Invisihosting

- CrisisHost: Read my CrisisHost review

Share This Post
Read More »

Freebie: Free full version East-Tec Eraser 2009

January 16th, 2010 Comments Off

I came accross this offer at Softpedia today and I thought about sharing it with all of you. Valid until 31st January 2010, you can download a free full licensed version of East-Tec Eraser 2009.

I just downloaded and registered it and so far so good, it works fine with Windows Vista 64 bit. East-Tec Eraser is last year’s version of this software but still has lots of great features. It can clean your Windows registry, email software, Windows OS unwanted backups and page file, cookies, history, and a long etc.

East-Tec Eraser 2009 is highly configurable and it has a wide range of wiping methods.

Eas-Tec Eraser 2009 wiping software

Eas-Tec Eraser 2009 wiping software

Note: Do not fool yourself! East-Tec Eraser does a great job making life difficult for anyone trying to recover data from your computer. But if your life is at stake, use full disk encryption (Truecrypt)! Sometimes only a single picture or a single document is necessary to ruin your life for ever.

Free East-Tec Eraser 2009 (link valid until 31st January 2010):
http://www.east-tec.com/offers/softpedia/2009/eraser/register.htm (Offer gone!)

Late readers: get Eraser (Freeware):
http://sourceforge.net/projects/eraser/

Share This Post
Read More »

Review: OpenPGP encryption software cGeep Pro v4.07a

December 21st, 2009 2 Comments

By default e­mail is insecure, there are many risks to e­mail messages, unauthorized modification or viewing and sender impersonation of a message is something that Governments and crooks carry out on a daily basis.

PGP/GnuPG encryption of emails provides confidentiality and allows for digitally signing a message giving the recipient a method of verifying the identity of the sender as well as making sure the message has not been tampered with.


PGP encryption stopping spy agencies

Open PGP encryption stopping spy agencies

PGP/GnuPG solutions for securing e­mail are typically geeky which makes difficult widespread deployment to non technical people. There are some free utilities for Windows to be able to use PGP/GnuPG encryption, such as GPG4Win, Enigmail or FireGPG, but cGeep is by far the most user friendly OpenPGP software I have come accross.

I was glad to receive a free license from cGeep makers, Safelogic, to review its product and I am so pleased with their software that this is what I intend to use in the foreseeable future to encrypt all of my email messages.

cGeep PGP encryption interface

cGeep PGP encryption interface

Once installation is complete a cGeep wizard helps you to create your cGeep key pairs in just a few steps.

cGeep Pro ships with a plug-in for Outlook Office which offers total integration in the workflow of Outlook Office 2000/XP/2003/2007 users.

One click in Outlook is all you need to encrypt  and sign your emails and attachments, making this one of the easiest and most practical email encryption tools.

Through the Manage cGeep Keys window you can import a PGP key pair in .asc format directly and publish or retrieve a public key from any key server.

Encryption of email attachments of any format is possible, using asymmetrical or symmetrical keys with standard AES cryptography but you are not limited to email encryption, you can also use cGeep for file encryption before uploading it directly from cGeep to your FTP server.

This seems like a good feature for backing up sensitive files as it is the integrated file zipping feature.

The Good Stuff

Access to cGeep full source code is available for review, this is the best guarantee you can have against backdoors.

cGeep is based on OpenPGP, a non-proprietary protocol for encrypting email using public key cryptography, this makes cGeep broadly compatible and you can send encrypted files to people who use other OpenPGP software (PGP Corp, GnuPG, Hushmail, etc.)

Encryption can be done dragging a file and dropping it into the cGeep main window. It will also securely wipe files to make its recovery impossible and the software comes with different interchangeable skins/looks.

You can encrypt data and send it directly to an FTP server, you can also configure cGeep Pro to use a proxy for this.

Documentation is complete and comes in the form of a PDF file and tool tips, available in French as well as in English.

The Bad Stuff

There is no Linux or MAC version, cGeep email integration seems to be highly focused on Microsoft Outlook Office, leaving out dozens of other email clients.

Expert users may find cGeep lacks some customization in its options, for example you can not choose where to store the decrypted files and it will always place them in the same folder where the original files resides.

Although the data you upload to your FTP server is already encrypted, it would be good practise to let people use SFTP or FTP over SSL (FTPS), as FTP is a well known unsecure protocol that sends passwords in the clear.

Although not as simple to use, there are free OpenPGP encryption alternatives to cGeep.

cGeep file encryption interface

cGeep file encryption interface

Conclusion

cGeep is an excellent uncomplicated way to encrypt all of your emails, if you struggle to understand all the ins and outs of PGP encryption cGeep will guide you through all the process with easy to understand instructions and it specially integrates very well with Microsoft Outlook Office.

The fact that its source code is open to review adds peace of mind to those wary of backdoors.

If you can’t afford cGeep, you can still use some of the free email encryption alternatives mentioned above.

Visit cGeep OpenPGP Encryption

Share This Post
Read More »

Secret FBI subpoena demanding IP Addresses of all visitors to Indymedia.us

December 6th, 2009 Comments Off

It is only now that the subpoena has been fought off successfully in court that it can be know how the FBI attempted to get all the IP addresses of people visiting Indymedia.us, an independent news website. The subpoena also imposed a gag order and demanded the recipient’s silence under threat of being prosecuted for obstruction to justice.

Unfortunately for the FBI Indymedia has a no logs policy so besides being defeated in Court by the Electronic Frountiers Foundation, its request could not be fulfilled anyway.

I wonder what kind of people the US has protecting them from terrorism, unpaid fines and rape, when the FBI intelligence team is not aware that Indymedia does not keep logs?

This is actually public information that Indymedia has all over its website.

FBI: Fucktard Bureau of Investigation

FBI: Fucktard Bureau of Investigation

You can read all of the saucy details on how the Electronic Frontier Foundation won the case against this bogus FBI subpoena at the EFF webpage: Anatomy of a Bogus Subpoena

Indymedia UK security set up

Just for all the fucktard officers reading this who do not know how to use Google, let me tell you some of UK Indymedia security set up. (I will assume the security of their Worldwide Indymedia counterparts resembles it).

Hardware encryption:

There are two physical servers that are owned by Indymedia UK, both servers are fully encrypted, the passphrases required for the disk encryption software are in the region of 30-40 characters minimum, they are only stored in an encrypted format by trusted administrators.

If any of the servers are turned off for any reason the passphrases needs to be manually re-entered before the machine can become functional again. People who have physical access to the servers do not normally hold the passphrases, and in some instances, the passphrases are kept in a different country to where the machine is located.

Software anonymisation:

The UK Indymedia website uses software designed around a central publish server from which static HTML content is then copied to mirrors.

UK  Indymedia has employed up to 10 mirrors at any one time, the mirrors may be located anywhere around the world, when you post an article you will be redirected to one of these mirrors at random. Mirrors, like the publish server, are set up to not log IP addresses.

FBI top secret tip to always get it right

-"This is the best marksmanship I have ever seen" - said the
idiot man
-"How in the World do you do it?"
-"Nothing to it" - says the Fucktard Bureau of Investigation
 officer
-"I shoot first and draw the circles afterwards"
Share This Post
Read More »

The NSA worked on Windows 7 before its release

November 21st, 2009 2 Comments

The recent testimony of Richard Schaefer’s  to the Senate Judiciary’s Subcommittee on Terrorism and Homeland Security reveals that the NSA tinkered with Windows 7 before its release, it looks like one of the biggest voyeur agencies in the World is not missing a single opportunity to get its filthy pawns all over people’s operating system.

Richard Schaefer, NSA Information Assurance Director quoted

“Working in partnership with Microsoft and elements of the DoD, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft’s operating system security guide without constraining the user’s ability to perform their everyday tasks”

PRIVACY WARNING: Before visiting the NSA website use a proxy!

Full testimony: http://www.nsa.gov/public_info/speeches_testimonies/17nov09_schaeffer.shtml

USA spying on citizens

spooks spying on innocent citizens

Protection against possible NSA backdoors on Windows 7

If you are a Windows 7 user you will want to protect your life, wife and kids from outside interference, but this will be extremely hard now that it is known the NSA had access to Windows 7 before you.

The obvious advice is that you should not use Windows 7 at all, but if you must, at the very least try to stop any possible NSA malware with open source security software:

  • Do not use the Windows 7 firewall get some old computer and install a free open source firewall based on FreeBSD such as M0n0wall
  • Do not use Microsoft Windows Defender get a free open source antivirus such as ClamWin
  • Watch what data packets are being sent out and where, download a free packet sniffer such as Wireshark
Share This Post
Read More »

Video: Is privacy a thing of the past?

November 9th, 2009 Comments Off

A general look at World privacy, from Google maps to European biometric passwords, this video makes you think if privacy is an achievable target or a thing of the past that will never come back.

Share This Post
Read More »

United Kingdom airport gets digital strip search scanner

October 31st, 2009 2 Comments

As we all know the World is full of terrorists, child porn, kidnappers, drug dealers and people who don’t pay their taxes, Manchester airport Terminal 2, in the UK nonetheless, has found a new magic weapon to fight all the evildoers, the digital strip search, aka Rapiscan equipment, for your own security, before boarding on a plane you are to be seen naked by airport staff through x-rays.

UK child pornography law at odds with digital strip searching of kids

Since producing a naked image or pseudoimage of a child is illegal and they have no written parental consent for scanning children(i.e. taking a naked image), the only problem Manchester airport is facing right now is that their full body scanners probably contravene UK child porn law. The scanners have been banned for use on children until this is clarified.

The technology has already been trialled at Heathrow airport as well and if successful it could be rolled out across Britain.

Full body x-ray scanner UK airport

Full body x-ray scanner

The technology behind backscatter x-ray

Backscatter X-ray is a new imaging system which detects the radiation which comes back from the target, A “high energy x-ray beam” moves rapidly over the person’s form and a high resolution image of the person’s nude body is constructed when the scattered x-ray “from a known position” is detected. The images produced by the scan also show breast enlargements and piercings.

The USA following Brits ideas

The US has already taken delivery of x-ray machines from the same company, Rapiscan Systems, there are 23 airports in the United States – with 40 machines collectively – which are also running tests, but it is not clear about which airports they are placed at.

Will airport staff be able to resist this full body scan?

Woman ass X-ray scan

FAKED SCAN (illustration purposes)

Share This Post
Read More »

Review: Virtual Pritate Network for private internet surfing AceVPN

October 20th, 2009 Comments Off

I have been using AceVPN for three months now and this review is based on this length of time. Before getting into a Virtual Private Network for anonymous internet surfing purposes, you should understand that a VPN will make it more difficult for TLA agencies such as the CiA and Mi5 to spy on you, but a VPN is a single hop proxy, if they want you bad they will most likely have you.

For serious anonymous internet surfing you should use Tor, which unfortunately it is slow for most activities other than posting at bulletin boards.

At the moment there is a 50GB monthly bandwith cap on AceVPN, I think this is a very reasonable amount of bandwith, the average surfer will probably download half that and since P2P programs are not allowed on AceVPN I can hardly see anyone going over the limit.

The Good Stuff

Every time I have emailed AceVPN, around five times, I always got a useful reply in under 24 hours. AceVPN at the time of writing this, has servers in the US, UK and France and claims to be planning new servers at other countries.

One of the USA VPN I was using got blocked by Hulu, a US only TV website, apparently they do not like people from abroad being able to watch their films through a proxy. AceVPN has a secret list of VPNs to access US only sites such as Hulu TV, Pandora radio and Crackle TV, if you email AceVPN support and tell them you want to watch Hulu and they are blocking your proxy, they will send you a new non public configuration file with new servers for the VPN.

AceVPN uses OpenVPN to tunnel the data as opposed to the more unsecure PPTP, and besides Windows, AceVPN also works in Mac, Linux/BSD and the iPhone, any device where you can install OpenVPN should work.

You can choose the UDP or TCP protocol for tunneling. Normally you should choose the UDP protocol, this is que fastest method to download data through the VPN, the TCP protocol is provided because some ISPs and private networks block all UDP traffic to stop certain applications from accessing the internet.

World Internet Plugged In

The Bad Stuff

When you sign up for AceVPN they will send you a very hard to remember cryptic password that you can not change, you will need to enter this every time you want to access the VPN, better write it down somewhere, I personally have it saved on a .txt file on my Desktop.

AceVPN has servers in several countries but  in order to choose what server you want to connect to you will have to manually edit the OpenVPN config file in Notepad and comment out the servers you want to avoid, there is no control panel to do this.

Torrents and P2P programs are not allowed at AceVPN, even if some users use it, as  per terms and conditions this is forbidden.

Conclusion

AceVPN is great value for money and it stops your ISP from logging your internet activities making the life of those who spy on others much more difficult, AceVPN is also one of the cheapest VPN available and the wide choice of servers located in different countries guarantees that if one goes down you can still connect somewhere else.

Be aware that during my time with AceVPN one of their USA servers was seized by the FBI, this was due to a DMCA request according to AceVPN management.

While AceVPN claims not to keep logs, the FBI is known to have great computer forensic facilities and only God knows what kind of personal private data from innocent people they managed to retrieve from that server.

I will be greatly surprised if these professional meddlesome informers resisted the temptation of not looking at other users accounts, I will say it again because people’s lives may be at stake, never forget to use full disk encryption as a security back up. A VPN will make the spooks job more difficult but not impossible, privacy advocates are a high target for TLA, people who have a private life scare the shit out of them, they are not used to that, be ready for an early morning raid from people wanting to know what you do in your spare time, whether you use VPN or you don’t, the Obama deception is here, this is not a joke, the CiA means business, your little VPN will not be enough to stop them, think bigger.

http://www.acevpn.com

UPDATE: As of 01 December 2009, I am having serious problems to watch USA TV with AceVPN (it’s very slow), after various speed tests at http://www.speedtest.net I have detected that their USA servers are very slow at times, in the order of 500Kb/download.

This may change in the future but as for now be warned of this problem. Their French and UK server speed was acceptable.

Share This Post
Read More »
« Older Entries
Newer Entries »
Subscribe to RSS Feed
TopOfBlogs