Tag Archive | "encryption"

Beware of Unscrupulous Computer Repair Shops


I recently came across about an interesting article that I wanted to share.  It relates to computer repair shops and how an undercover operation by a news organization exposed some of their shady practices.

The article as originally published on pcpro.co.uk and explains how software to automatically turn on the built in webcam and record every keystroke mouse click was used to expose these shops and their bad practices.

Here is an excerpt from the article:

He also begins searching our hard drive until he finds log-in details for our Facebook and Hotmail accounts. With a cackle he removes a memory stick from around his neck, plugs it in and then copies them across.

He also discovers our holiday photos and copies those of our researcher in her bikini. The spy software takes a snapshot of the files on his memory stick.

The PCPRO article goes on to  explain how the techs opened a folder named “Private” and began pursuing documents and photos and even begins copying them for personal use.

With a cackle he removes a memory stick from around his neck, plugs it in and then copies them across.

Most worryingly, when he discovers log-in details for our online bank account, he logs onto the bank’s website and attempts to break into the account. He only fails because the details we created were false.

The real message behind the article is simple.  Be aware of what is on you computer and take measures to protect sensitive data.  The simplest way is to encrypt sensitive files and folders.  Use products like TrueCrypt or the small utility I wrote about called Easy File Locker to make sure those files are hidden and unreadable by anybody.

It’s a little bit of extra work, but will certainly put you at ease if you ever need to hand over you computer to a technician for repair.

P.S. Not all technician are searching through your files and photos.  The article does go on to report on how one company’s technician fixed the problem without violating anyone’s privacy.

Posted in Hardware, Quick TipsComments (2)

Paranoid About Your Sensitive Files – This Utility May Help You Sleep At Night

Most of us have file on our computer that should not and are not for public consumption.  However, that bank account file, password file, confidential report, or sensitive exposé newspaper article that is for your eyes only, has to live somewhere.  How do you keep these file from being opened, read, or even visible to anybody?  Encrypting the data is one way, but that can be cumbersome and even confusing to some of us.

Easy File Locker (Windows Only)

Easy File Locker is a small utility that can help you protect your sensitive files. Easy File Locker allow you to select files or folders and decide what kind of permissions to set.  You can choose to allow read, write, delete, and even decide whether you want the file to appear in a file listing (meaning it won’t show up in explorer or by doing a directory listing using the DOS Command Prompt). You can even set a password to prevent users from opening the utility where you can view the files.

Easy File Locker is free and easy to install. Simply download from Easy File Locker and run through the install wizard.

easy file locker setup
Once installed, you need to run the application to open the interface and choose to start protecting files.
Add files or folders to protect by clicking on the “plus” signs in the toolbar.

easy file locker ready

easy file locker settings

Select the type of protection and click on the “OK” button.

easy file locker set password
Don’t forget to set a password before exiting the program. This give you an added level of protection by not allowing anybody to open and modify the permissions of the files you are protecting.

Once files are protected, users will get a permission denied message if they try to modify the file when they access levels are restricted.
A very nice feature of Easy File Locker is that it also stops access to file even when the computer is booted into safe mode.

easy file locker delete file via explorer

easy file locker delete file denied

Even files access from the Command Prompt is protected.

easy file locker dos denied

The system is not foolproof of course. You do have to remember to set a password, and if you forget it, then I’m not sure you have any options but to recreate the files from scratch (that is if you have not hidden them and can remember all of the file you tried to protect).  The same can be said for encryption tools like TrueCrypt, so don’t let that discourage you.

For those of us who have a few files that need to be kept from prying eyes, Easy File Locker is the perfect little utility.

Posted in Software ToolsComments (2)

WPA Wi-Fi Encryption Has Been Compromised

It now appears as though the widely adopted wireless connection protocol of WPA is no longer secure. Researchers have found a way to compromise the wireless security protocol of WPA in a matter of a few minutes.  The protocol has been adopted by a number of organizations and companies, which could be forced to change their wireless implementations.  The news comes from to us from PC World.

Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes.

Next week at a Tokyo conference, both Tews and Beck will show an audience how they are able to crack the encryption.WPA Cracked

In a previous post, I mentioned the use of WPA and asked that we all stay away from WEP (as it was insecure) and still stand by that statement. What we really need to think about, is using WPA with AES encryption instead of TKIP. The use of AES has not been compromised and is still considered to be safe.

Should You Be Worried?

Although it is a fairly new discovery, cracking tool kits have been updated with the necessary code to exploit the vulnerability. If someone is out there trying to get onto your wireless network and cracking your encryption, they probably are already aware of the new vulnerability and have the latest tools to do so.  Anybody can be a target, and there are some easy things you can do to protect yourself.

Make Sure You Are Not At Risk

If you have a fairly new router (as far back as 2005 in some cases), you can simply choose to use AES encryption with WPA — or switch from WPA to WPA2 (which has not been compromised). If you only have WEP as an option, then you should consider using a very long password for your wireless connection — one with random letters, symbols and numbers. The longer and more complex the password, the more secure. Go to grc.com/passwords to generate a secure password.

Photo credit Steven Riehl

Posted in Networking, Wi-FiComments (0)

Related Sites