Tag Archives: forensics software

Live CD for anonymous internet browsing: The (Amnesic) Incognito Live System

After the sole developer of Incognito, arguably, the best Linux live CD for anonymous internet browsing, announced that he could not carry on with his work in the project, another anonymous live CD, Amnesia, decided to merge with Incognito Linux live CD, and hence, the (Amnesic) Incognito Live System was born.


Information security awareness poster
Information security awareness poster


Version 0.5 of The Amnesic Incognito Live CD is now out and includes lots of goodies for anonymous internet surfing, encryption and erasing your online tracks, such as:

  • Tor
  • Vidalia 0.2.8
  • Claws Mail 3.7.5 with OpenPGP support.
  • Pidgin automatically connects to irc.oftc.net with a randomized nickname.
  • At shutdown time, only prompt to remove CD; just halt when booted from a USB stick.
  • Forbid any IPv6 communication with the outside.
  • Added some wifi drivers: Ralink rt2570, rt2860 and Broadcom STA.

My hats off to this great live CD for anonymous internet surfing!

For those who fear that the Chinese or British secret services will seize their computers one day, a live CD is the sure way to avoid leaving any tracks on your computer.

The (Amnesic) Incognito Live System homepage


Freebie: Free full version East-Tec Eraser 2009

I came accross this offer at Softpedia today and I thought about sharing it with all of you. Valid until 31st January 2010, you can download a free full licensed version of East-Tec Eraser 2009.

I just downloaded and registered it and so far so good, it works fine with Windows Vista 64 bit. East-Tec Eraser is last year’s version of this software but still has lots of great features. It can clean your Windows registry, email software, Windows OS unwanted backups and page file, cookies, history, and a long etc.

East-Tec Eraser 2009 is highly configurable and it has a wide range of wiping methods.

Eas-Tec Eraser 2009 wiping software
Eas-Tec Eraser 2009 wiping software

Note: Do not fool yourself! East-Tec Eraser does a great job making life difficult for anyone trying to recover data from your computer. But if your life is at stake, use full disk encryption (Truecrypt)! Sometimes only a single picture or a single document is necessary to ruin your life for ever.

Free East-Tec Eraser 2009 (link valid until 31st January 2010):
http://www.east-tec.com/offers/softpedia/2009/eraser/register.htm (Offer gone!)

Late readers: get Eraser (Freeware):

Review: OpenPGP encryption software cGeep Pro v4.07a

By default e­mail is insecure, there are many risks to e­mail messages, unauthorized modification or viewing and sender impersonation of a message is something that Governments and crooks carry out on a daily basis.

PGP/GnuPG encryption of emails provides confidentiality and allows for digitally signing a message giving the recipient a method of verifying the identity of the sender as well as making sure the message has not been tampered with.

PGP encryption stopping spy agencies
Open PGP encryption stopping spy agencies

PGP/GnuPG solutions for securing e­mail are typically geeky which makes difficult widespread deployment to non technical people. There are some free utilities for Windows to be able to use PGP/GnuPG encryption, such as GPG4Win, Enigmail or FireGPG, but cGeep is by far the most user friendly OpenPGP software I have come accross.

I was glad to receive a free license from cGeep makers, Safelogic, to review its product and I am so pleased with their software that this is what I intend to use in the foreseeable future to encrypt all of my email messages.

cGeep PGP encryption interface
cGeep PGP encryption interface

Once installation is complete a cGeep wizard helps you to create your cGeep key pairs in just a few steps.

cGeep Pro ships with a plug-in for Outlook Office which offers total integration in the workflow of Outlook Office 2000/XP/2003/2007 users.

One click in Outlook is all you need to encrypt  and sign your emails and attachments, making this one of the easiest and most practical email encryption tools.

Through the Manage cGeep Keys window you can import a PGP key pair in .asc format directly and publish or retrieve a public key from any key server.

Encryption of email attachments of any format is possible, using asymmetrical or symmetrical keys with standard AES cryptography but you are not limited to email encryption, you can also use cGeep for file encryption before uploading it directly from cGeep to your FTP server.

This seems like a good feature for backing up sensitive files as it is the integrated file zipping feature.

The Good Stuff

Access to cGeep full source code is available for review, this is the best guarantee you can have against backdoors.

cGeep is based on OpenPGP, a non-proprietary protocol for encrypting email using public key cryptography, this makes cGeep broadly compatible and you can send encrypted files to people who use other OpenPGP software (PGP Corp, GnuPG, Hushmail, etc.)

Encryption can be done dragging a file and dropping it into the cGeep main window. It will also securely wipe files to make its recovery impossible and the software comes with different interchangeable skins/looks.

You can encrypt data and send it directly to an FTP server, you can also configure cGeep Pro to use a proxy for this.

Documentation is complete and comes in the form of a PDF file and tool tips, available in French as well as in English.

The Bad Stuff

There is no Linux or MAC version, cGeep email integration seems to be highly focused on Microsoft Outlook Office, leaving out dozens of other email clients.

Expert users may find cGeep lacks some customization in its options, for example you can not choose where to store the decrypted files and it will always place them in the same folder where the original files resides.

Although the data you upload to your FTP server is already encrypted, it would be good practise to let people use SFTP or FTP over SSL (FTPS), as FTP is a well known unsecure protocol that sends passwords in the clear.

Although not as simple to use, there are free OpenPGP encryption alternatives to cGeep.

cGeep file encryption interface
cGeep file encryption interface


cGeep is an excellent uncomplicated way to encrypt all of your emails, if you struggle to understand all the ins and outs of PGP encryption cGeep will guide you through all the process with easy to understand instructions and it specially integrates very well with Microsoft Outlook Office.

The fact that its source code is open to review adds peace of mind to those wary of backdoors.

If you can’t afford cGeep, you can still use some of the free email encryption alternatives mentioned above.

Visit cGeep OpenPGP Encryption


Video: Crash course in full disk encryption

This video is a talk held in December 2008 at the 25th Chaos Communication Congress, under the title Nothing to hide.

It is a crash course in full disk encryption concepts, products and implementation aspects. An overview of both commercial and open-source offerings for Windows, Linux, and MacOS X is given. A  programmer’s  look at the open-source solutions concludes the presentation.

If you are not encrypting your whole hard disk remember that opening and viewing files will leave recoverable traces in your operating system. If you care about privacy you should be using full disk encryption, Truecrypt is the way to go in Windows.

Click this link to download the crash course in full disk encryption papers.

I would say this is a video for intermediate/advanced computer users.

Video: Computer Forensics – What happens when you delete a file?

Computer Forensics Expert Steve Burgess explains what’s left over when a file is deleted, and what happens when it is created.

Make Encase forensics software crash

I recently found that the forensics software Encase has a security vulnerability, it is possible to make it crash while opening a file.

The file contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped files, which again contains 16 zipped, which again contains 16 zipped files, which contain 1 file, with the size of 4.3GB.
So, if you extract all files, you will most likely run out of space :-)

16 x 4294967295       = 68.719.476.720 (68GB)
16 x 68719476720      = 1.099.511.627.520 (1TB)
16 x 1099511627520    = 17.592.186.040.320 (17TB)
16 x 17592186040320   = 281.474.976.645.120 (281TB)
16 x 281474976645120  = 4.503.599.626.321.920 (4,5PB)

But the file I provide has been modified so that its digital signature will not be detected, I modified its digital signature by adding a harmless and legal pic of a bikini inside the zip I also changed its name.

Be warned that law enforcement agencies also use Encase as a standard so if your computer is ever seized WARN THEM that you have it, you could even be accused of obstruction to justice if you don’t.

This is a mirror copy of http://www.unforgettable.dk they are the original creators and not me, credit where is due.

Download 42.zip renamed as secret codes