How to: Get rid off Microsoft’s OneDrive with one file.

With this shellcode you can get rid of Microsoft’s OneDrive plague. Which allows Windows (10) automatically store you private stuff and can be access by Microsoft staff for “juridical” reasons  according to the privacy statement.
Paste this code below in into your favor text editor such as notepad++ (which i recommend).

@echo off
cls
set x86=”%SYSTEMROOT%\System32\OneDriveSetup.exe”
set x64=”%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe”
echo Closing OneDrive process.
echo.
taskkill /f /im OneDrive.exe > NUL 2>&1
ping 127.0.0.1 -n 5 > NUL 2>&1
echo Uninstalling OneDrive.
echo.
if exist %x64% (
%x64% /uninstall
) else (
%x86% /uninstall
)
ping 127.0.0.1 -n 5 > NUL 2>&1
echo Removing OneDrive leftovers.
echo.
rd “%USERPROFILE%\OneDrive” /Q /S > NUL 2>&1
rd “C:\OneDriveTemp” /Q /S > NUL 2>&1
rd “%LOCALAPPDATA%\Microsoft\OneDrive” /Q /S > NUL 2>&1
rd “%PROGRAMDATA%\Microsoft OneDrive” /Q /S > NUL 2>&1
echo Removeing OneDrive from the Explorer Side Panel.
echo.
REG DELETE “HKEY_CLASSES_ROOT\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
REG DELETE “HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
pause

Then, save the file as file.cmd ( example OneDriveSucks.cmd), then execute the .cmd file as administrator by right click on it. Reboot computer and your are 1% in progress of privacy in Windows 10.

Why Linux Distro’s Are More Secured Than Any Other Operation Systems

Linux is an open source operating system where everyone can read the entire codes but still it is considered more secure as compared to the other operating systems. Linux has been extensively deployed in the tech market as many of the gadgets are Linux based and that is why more people are building trust on the Linux platform. To throw more light on why Linux has superior internet security capabilities, let us check out some of its security features.

Linux

Continue reading “Why Linux Distro’s Are More Secured Than Any Other Operation Systems”

The Complete Guide for Hidden Services And Staying Anonymous

The free Internet that many of us loved has become a surveillance web, serving governments and mega-corps, while abusing the rest of us. For those whose eyes are opening to this sad fact, I’ve have assembled this guide.

This purpose of this guide is to make Internet privacy as simple and concise as possible. Our intention is not just for you to understand, but for you to
act upon the information we give you.

Learning to protect yourself online is simple, and does not need to interfere with your daily activity. This is the complete  guide to surfing anonymously. What steps you choose to take depend upon what you wish to guard against. Each level will require more work or money to achieve, but gives much greater protection.

Large Man Looking At Co-Worker With A Magnifying Glass --- Image by © Images.com/Corbis
Large Man Looking At Co-Worker With A Magnifying Glass — Image by © Images.com/Corbis

Continue reading “The Complete Guide for Hidden Services And Staying Anonymous”

Warrant canary?! What the hell is a warrant canary?

warrant-canary

A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.

In 2002, the FBI used the newly-passed Patriot Act to demand that libraries secretly turn over records of patrons’ reading materials and Internet use. The libraries had to comply – even though such secret requests go against the entire ethos of a professional librarian. To get around the government’s mandate not to disclose the orders, some libraries came up with a potential workaround: they hung signs on their entrances stating, “The FBI has not been here (watch very closely for the removal of this sign).” The idea was that, like a canary in a coal mine, the presence of the sign would reassure the public, and its removal would signal to those watching closely that all was no longer well. An order not to disclose something may differ legally from an order compelling continued, false notices that no national security request has been served, and warrant canary notices work by exploiting that difference.

The hypothetical canary that provides individualized notices to each user illustrates the extent to which canaries are essentially end-runs around lawful gag orders. Companies exploit the potential legal loophole in the difference between compelled silence and compelled lies in order to communicate information that they would otherwise be prohibited from sharing. The fact that so many companies are adopting canaries, even at the risk of exposing themselves to litigation and—at the outside—potential criminal liability, highlights how out of step even routine national security requests have become with the companies’ willingness to turn over information on their users. Like Apple’s recent embrace of automatic encryption, canaries are a symptom of the growing public desire to maintain control over personal data. In the end, then, canaries do not only signal information about national security requests that companies couldn’t otherwise communicate; they also signal the dissonance between the government’s emphasis on secrecy and industry’s willingness to cooperate. The era of companies sharing data with the government in the name of patriotism with just a shake of the hand is now over.

Warrant Canary Examples:
  1. https://proxy.sh/canary
  2. https://www.ivpn.net/resources/canary.txt
  3. https://www.vpnsecure.me/files/canary.txt
  4. https://www.bolehvpn.net/canary.html
  5. https://lokun.is/canary.txt
  6. https://www.ipredator.se/static/downloads/canary.txt
Related warrant canary information:
Side-note: Using a VPN provider will not make you anonymous. But it will give you a better privacy. A VPN is not a tool for illegal activities. Don’t rely on a “no log” policy.

Firefox 37 Will Now Encrypt Non HTTPS Traffic

In an effort to protect its users privacy, the developers of Firefox web browser have made some serious changes that will allow to encrypt non HTTPs (http://) traffic.

How is that even possible? You can thank opportunistic encryption, a technique, which encrypts the communication when connecting to another system. As a result, Firefox will route HTTP (port 80) requests that are usually sent in the cleartext to a port of server administrator’s choice. In addition to that, users won’t experience any delays as connections will be fully established before they are even used.

The only requirement? A server must support HTTP/2 protocol and specify the AltSvc header.

As far as other important Firefox 37 changes go, it improves YouTube HTML5 playback on Windows as well as WebGL rendering performance, uses HTTPS for Bing search and improves protection against site impersonation via OneCRL centralized certificate revocation.

GUIDE: Secure Erase your Solid State Drive (SSD) with Parted Magic

First off:
Don’t do this unless you NEED to. You don’t even need to secure erase your SSD when you reinstall. The only reasons to secure erase is if there is a drastic speed decrease from either a hard workload or a TRIMless environment which you need fix quickly or if your SSD is acting up. Otherwise TRIM and garbage collection will take care of everything automatically.

Erasing all the data on the SSD:
It is not safe to use DBAN Nuke or similar on SSDs. First, it’s not good for the drive, and second, it wouldn’t work properly anyway. Not good for the drive because it writes to the drive too many times. Wouldn’t work properly because just like the OS, DBAN and similar cannot control where it writes to on the drive. The SSD’s controller is responsible for that, and due to wear leveling algorithms, wouldn’t get you the intended results. DBAN in its current state, is not designed for SSDs. It is used for magnetic drives that have a tendency to retain “images” of previously stored magnetic data. It writes (and sometimes overwrites again) data to the drive, and what is called “secure erase” in DBAN, is different than a “secure erase” command issued by a program designed for SSDs. The secure erase command for an SSD is a command that tells the SSD’s controller to “flush” all of its stored electrons, that it has trapped, from the individual storage cells. It does not write to the drive in any fashion, like a DBAN secure erase does.With an SSD, all you need is to perform a “secure erase” with the proper software.

Secure Erase and NAND:
To learn about how NAND works at a technical level read this: (link)

Tunneling is used to alter the placement of electrons in the floating gate. An electrical charge is applied to the floating gate. The charge enters the floating gate and drains to a ground. This charge causes the floating-gate transistor to act like an electron gun. The excited electrons are pushed through and trapped on other side of the thin oxide layer, giving it a negative charge. These negatively charged electrons act as a barrier between the control gate and the floating gate. A special device called a cell sensor monitors the level of the charge passing through the floating gate.

NAND flash memory uses floating gate MOSFET transistors. Their default state is when the charge is over the 50%. If the flow through the gate is above the 50% threshold, it has a value of 1. When the charge passing through drops below the 50% threshold, the value changes to 0.

0’s are data, 1’s is erase….the fundamental laws of MLC NAND dictate this. You only write the 0’s when you write data to NAND.

So in an erased state the NAND has to report a 1.

Continue reading “GUIDE: Secure Erase your Solid State Drive (SSD) with Parted Magic”

[Guide] Way to Disable Windows 10 Build-In Keylogger

As many of you know Windows 10 is logging every single step you take while testing it, because i love my privacy and many of you do same here is how to disable it.

Before/During Installation

  • Do not use Express Settings. Hit Customize, and make sure everything is turned off.
  • It’s strongly recommended that you use a local account with Windows 10.

After Installation

  • Head to Settings > Privacy, and disable everything, unless there are some things you really need.
  • While within the Privacy page, go to Feedback, select Never in the first box, and Basic in the second box.
  • Head to Settings > Update and Security > Advanced Options > Choose how updates are delivered, and turn the first switch off.
  • Disable Cortana by clicking the Search bar/icon.
  • (Optional) Disable web search in Search by going to Settings, and turning off Search online and include web results.

Slightly Complex

  • Open up the Command Prompt by launching cmd as an administrator, and enter the following:
sc delete DiagTrack
sc delete dmwappushservice
echo “” > C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
  • Open up the Group Policy Editor by launching gpedit.msc as an administrator. Go through Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds. Double click Telemetry, hit Disabled, then apply. NOTE: This only truly works in the Enterprise edition, but the final step provides a decent enough workaround for Pro users.
  • While still in the Group Policy Editor, go through Computer Configuration > Administrative Templates > Windows Components > OneDrive, double click Prevent the usage of OneDrive for file storage, hit Enabled, then apply.
  • Open up the Registry Editor by launching regedit as an administrator. Go through HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection, select AllowTelemetry, change its value to 0, then apply.
  • First, download the Take Ownership tweak and enable it. Then, head to the Hosts File by going through C:\Windows\System32\Drivers\Etc, take ownership of the hosts file, and add the following IPs into it.
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 telemetry.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 telemetry.appex.bing.net:443
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com

EXTRA: Don’t want to see any spaying/annoying advertisement’s ever in the app store and apps? You can add this list to your host file (same action as above)!

Up To You

Thats all Folks!

I’ve run a test for day all good, but its running under the hood / kernel its very hard to ensure

I have had no system crash or hiccups from this.

Got question or found something to edit?! Contact me via Twitter.

UPDATED: 30/1/2015

Linux Tails 1.0.1 – preserving your privacy and anonymity

00000

About:

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

* use the Internet anonymously and circumvent censorship;
* all connections to the Internet are forced to go through the Tor network;
* leave no trace on the computer you are using unless you ask it explicitly;
* use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

 

Home Doc: https://tails.boum.org/doc/index.en.html
Direct Download: http://dl.amnesia.boum.org/tails/stable/tails-i386-1.0.1/tails-i386-1.0.1.iso
Torrent: https://tails.boum.org/torrents/files/tails-i386-1.0.1.torrent

Enjoy!

ATTN: Do not download #CryptoCoin Trader from #Sourceforge. Those who have ran the program on your PC, please format ASAP!

I spotted few mins ago that there is link to download a open source trading program call Cryptocoin trader.

One anonymous user claimed that the source code is safe but i decided to run the precompiled exe on my VM to be sure.
The program extracts qtbitcoin trader client and some suspicious executables (bridgemigplugin.exe, vbc.exe).
brigemiplugin.exe description on task manager is open broadcaster software.

After some googling, it is obvious that the program is doing a live/recording video stream through a open source program from open broadcaster software http://obsproject.com/

Here are the screenshots

Even though the post has been deleted, there are 46 people indicated on sourceforge who have downloaded the program, please reformat your pc to prevent any potential wallet hacks.

Update: I’ve ran wireshark to sniff the network traffic produce by the malware, the malware connection is initiated from 185.17.1.222, Russian. ISP, Longbow Electric Llc. screenshot here

Update 2 I’ve did a search of the IP address. I believe it doesn’t belongs to any tor node, proxy or VPN. Hence it is very likely that 185.17.1.222 is either a dynamic or static IP from Longbow Electric Llc.

Update 3 I’m a undergraduate in NUS majoring in computer science security. I hope that this post will act as a warning for all potential future hackers who attempts to perform similar attacks (The community is watching you). Thanks everyone for the tips as well, it sure helps a little with my high tuition debt. 🙂 This is so much I can do for now, as I’m having papers from tomorrow onwards. Stay safe fellow bitcoiners!