Firefox 37 Will Now Encrypt Non HTTPS Traffic

In an effort to protect its users privacy, the developers of Firefox web browser have made some serious changes that will allow to encrypt non HTTPs (http://) traffic. How is that even possible? You can thank opportunistic encryption, a technique, which encrypts the communication when connecting to another system. As a result, Firefox will route … Read moreFirefox 37 Will Now Encrypt Non HTTPS Traffic

GUIDE: Secure Erase your Solid State Drive (SSD) with Parted Magic

First off:
Don’t do this unless you NEED to. You don’t even need to secure erase your SSD when you reinstall. The only reasons to secure erase is if there is a drastic speed decrease from either a hard workload or a TRIMless environment which you need fix quickly or if your SSD is acting up. Otherwise TRIM and garbage collection will take care of everything automatically.
Erasing all the data on the SSD:
It is not safe to use DBAN Nuke or similar on SSDs. First, it’s not good for the drive, and second, it wouldn’t work properly anyway. Not good for the drive because it writes to the drive too many times. Wouldn’t work properly because just like the OS, DBAN and similar cannot control where it writes to on the drive. The SSD’s controller is responsible for that, and due to wear leveling algorithms, wouldn’t get you the intended results. DBAN in its current state, is not designed for SSDs. It is used for magnetic drives that have a tendency to retain “images” of previously stored magnetic data. It writes (and sometimes overwrites again) data to the drive, and what is called “secure erase” in DBAN, is different than a “secure erase” command issued by a program designed for SSDs. The secure erase command for an SSD is a command that tells the SSD’s controller to “flush” all of its stored electrons, that it has trapped, from the individual storage cells. It does not write to the drive in any fashion, like a DBAN secure erase does.With an SSD, all you need is to perform a “secure erase” with the proper software.
Secure Erase and NAND:
To learn about how NAND works at a technical level read this: (link)
Tunneling is used to alter the placement of electrons in the floating gate. An electrical charge is applied to the floating gate. The charge enters the floating gate and drains to a ground. This charge causes the floating-gate transistor to act like an electron gun. The excited electrons are pushed through and trapped on other side of the thin oxide layer, giving it a negative charge. These negatively charged electrons act as a barrier between the control gate and the floating gate. A special device called a cell sensor monitors the level of the charge passing through the floating gate.
NAND flash memory uses floating gate MOSFET transistors. Their default state is when the charge is over the 50%. If the flow through the gate is above the 50% threshold, it has a value of 1. When the charge passing through drops below the 50% threshold, the value changes to 0.
0’s are data, 1’s is erase….the fundamental laws of MLC NAND dictate this. You only write the 0’s when you write data to NAND.
So in an erased state the NAND has to report a 1.

Read moreGUIDE: Secure Erase your Solid State Drive (SSD) with Parted Magic

ATTN: Do not download #CryptoCoin Trader from #Sourceforge. Those who have ran the program on your PC, please format ASAP!

I spotted few mins ago that there is link to download a open source trading program call Cryptocoin trader. One anonymous user claimed that the source code is safe but i decided to run the precompiled exe on my VM to be sure. The program extracts qtbitcoin trader client and some suspicious executables (bridgemigplugin.exe, vbc.exe). … Read moreATTN: Do not download #CryptoCoin Trader from #Sourceforge. Those who have ran the program on your PC, please format ASAP!

Ubuntu Security: The Wifi Passowords Are Stored In Clear Text, Outside The Users Home

A user has reported that the wifi passwords are not encrypted on Ubuntu systems, being stored in clear text in a folder outside the user’s home, (/etc/NetworkManager/system-connections/) making it accessible for unwanted users. After this issue has been reported, a Canonical developer has explained in the mailing lists that this is caused by the fact … Read moreUbuntu Security: The Wifi Passowords Are Stored In Clear Text, Outside The Users Home

WARNING: A fake electrum website with malware is advertising on duckduckgo and yahoo.

If you perform a search for electrum on duckduckgo or yahoo, an ad claiming to be electrum.org will be at the top.
In reality the ad links to:
electrum-bitcoin org
The domain was created December 21.
This site is nearly identical to electrum.org except the download links give different files. All three of the files that can be download are much smaller than the real electrum and are most likely malware.
The three files are:
electrum.exe – 91136 bytes
electrum.out – 60316 bytes
electrum.zip – 32478 bytes

Read moreWARNING: A fake electrum website with malware is advertising on duckduckgo and yahoo.

Ultimate n00b guide to Bitcoin client installation and security/cold storage!

I previously submitted a thread which you can find here with a video tutorial to use the very robust Armory bitcoin client. But for this submission I will provide the instructions to use Electrum BTC client which provides “Instant on” (your client does not download the blockchain, it uses a remote server). This will show … Read moreUltimate n00b guide to Bitcoin client installation and security/cold storage!

Protecting your data: survey indicates that with 4 exceptions major companies fail miserably

With so much recent concern about how the NSA and GCHQ (and, likely, others) basically look at unencrypted traffic as an easy way to hack into your data, it’s becoming increasingly important for the big companies which manage tremendous amounts of the public’s personal data to encrypt as much as possible. The folks over at … Read moreProtecting your data: survey indicates that with 4 exceptions major companies fail miserably

CISPA: Who’s For It And Who’s Against It And Much More…

CISPA v3 is back!

We had believed, along with a number of others, that the Snowden leaks showing how the NSA was spying on pretty much everyone would likely kill CISPA dead. After all, the key component to CISPA was basically a method for encouraging companies to have total immunity from sharing information with the NSA. And while CISPA supporters pretended this was to help protect those companies and others from online attacks, the Snowden leaks have reinforced the idea (that many of us had been pointing out from the beginning) that it was really about making it easier for the NSA to rope in companies to help them spy on people.
ku-bigpic
Also, if you don’t remember, while CISPA had passed the House, the Senate had shown little appetite for it. Last year, the Senate had approved a very different cybersecurity bill, and had expressed very little interest in taking up that fight again this year. Except now, in an unexpected move, Senate Intelligence Committee boss, and chief NSA defender because of reasons that are top secret, has now announced that she’s been writing a Senate counterpart to CISPA and is prepared to “move it forward.”

Read moreCISPA: Who’s For It And Who’s Against It And Much More…

Full Disk Encryption Using Ubuntu In Most Secure Mode With AES-XTS-PLAIN64

Full Disk Encryption (FDE) is one of the best ways you can ensure all of the private information on your laptop stays private in case it’s lost, seized, stolen, or if you choose to sell or give away your computer in the future. This feature has been built-in to many GNU/Linux distributions, including Ubuntu, for many years. But until the recent release of Ubuntu 12.10, it was hidden away in the “alternate” text-mode installer of Ubuntu that many non-technical users don’t even know exists.
938430_55159550-hard-drive
Unlike passwords, full disk encryption can make the contents of a drive inaccessible to a powerful attacker who has possession of your computer. FDE provides the opportunity to protect your data with military-grade encryption that can’t be compromised on a reasonable timeframe. At least, not by any currently-known means. The only way to access the files protected by full disk encryption is to obtain the encryption key.
AES-XTS provides the most secure mode of full disk encryption. Unfortunately, it’s not available by default in many Linux installation packages. Ubuntu’s “alternate” installation image provides other implementations like AES-CBC, but not aes-xts-plain or aes-xts-plain64. If aes-cbc is good enough for you, it’s been available in the Ubuntu alternate installer for quite some time. A thorough but dated guide outlining the process is available here.
By downloading an Ubuntu desktop installation image and doing a little initial setup, you can use aes-xts-plain64 on your system. Aes-xts-plain and aes-xts-plain64 both provide the same mode of operation, but you’ll need to use aes-xts-plain64 if you want to format a partition larger than 2TB. Also, it’s important to note that using very large block sizes for XTS mode could lead to security issues. Using 512 byte block sizes mitigates this issue.

Read moreFull Disk Encryption Using Ubuntu In Most Secure Mode With AES-XTS-PLAIN64