Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 926 results

  1. Microsoft Reduces the Amount of Telemetry Data Collected from Windows 10 PCs Other privacy changes implemented for Microsoft users First and foremost, Microsoft is introducing a new privacy dashboard on the web that lets users see and manage privacy data, including search history, location activity, and Cortana’s Notebook - information that the digital assistant requires to provide a more personal experience. In order to access this dashboard, you need to sign in with your Microsoft account and connect to account.microsoft.com/privacy, with Redmond promising to add more functionality and categories over time. Windows 10 changes As far as Windows 10 is concerned, Microsoft is announcing a new setup experience for users who install the new OS. The new option replaces the previous Express settings presented during the Windows 10 install, Microsoft says. Those upgrading from Windows 7, Windows 8 or performing a new clean install should be able to see what Microsoft describes as “simple but important settings,” while those who are already on Windows 10 will be asked to update privacy settings with a notification. These new settings will make their debut with the Creators Update, and will be integrated into an insider build shipping soon. The telemetry settings in Windows 10 will be simplified from three different levels to just two, namely Basic and Full. The Enhanced level will no longer be offered, and users who picked this one will be prompted to switch to Basic or Full after installing the Creators Update. But what’s more important is that the Basic level will collect a reduced amount of telemetry data from Windows 10 computers, according to Microsoft. “This includes data that is vital to the operation of Windows. We use this data to help keep Windows and apps secure, up-to-date, and running properly when you let Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also includes basic error reporting back to Microsoft,” the firm says. Users will be given full control over their privacy settings and will obviously be allowed to change them at a later time from the Settings app in Windows 10. Source
  2. Chinese Citizens Can Be Tracked In Real Time A group of researchers have revealed that the Chinese government is collecting data on its citizens to an extent where their movements can even be tracked in real-time using their mobile devices. This discovery was made by The Citizen Lab at the University of Toronto's Munk School of Global Affairs who specialize in studying the ways in which information technology affects both personal and human rights worldwide. It has been known for some time that the Chinese government employs a number of invasive tactics to be fully aware of the lives of its citizens. Though Citizen Lab was able to discover that the government has begun to monitor its populace using apps and services designed and run by the private sector. The discovery was made when the researchers began exploring Tencent's popular chat app WeChat that is installed on the devices of almost every Chinese citizen with 800 million active users each month. Citizen Lab found that not only does the app help the government censor chats between users but that it is also being used as a state surveillance tool. WeChat's restrictions even remain active for Chinese students studying abroad. Ronald Deibert, a researcher at Citizen Lab, offered further insight on the team's discovery, saying: "What the government has managed to do, I think quite successfully, is download the controls to the private sector, to make it incumbent upon them to police their own networks". To make matters worse, the data collected by WeChat and other Chinese apps and services is currently being sold online. The Guangzhou Southern Metropolis Daily led an investigation that found that large amounts of personal data on nearly anyone could be purchased online for a little over a hundred US dollars. The newspaper also found another service that offered the ability to track users in real-time via their mobile devices. Users traveling to China anytime soon should be extra cautious as to their activities online and should think twice before installing WeChat during their stay. Published under license from ITProPortal.com, a Future plc Publication. All rights reserved. Source
  3. Explained — What's Up With the WhatsApp 'Backdoor' Story? Feature or Bug! What is a backdoor? By definition: "Backdoor is a feature or defect of a computer system that allows surreptitious unauthorized access to data, " either the backdoor is in encryption algorithm, a server or in an implementation, and doesn't matter whether it has previously been used or not. Yesterday, we published a story based on findings reported by security researcher Tobias Boelter that suggests WhatsApp has a backdoor that "could allow" an attacker, and of course the company itself, to intercept your encrypted communication. The story involving the world's largest secure messaging platform that has over a billion users worldwide went viral in few hours, attracting reactions from security experts, WhatsApp team, and Open Whisper Systems, who partnered with Facebook to implement end-to-end encryption in WhatsApp. Note: I would request readers to read complete article before reaching out for a conclusion. And also, suggestions and opinions are always invited What's the Issue: The vulnerability relies on the way WhatsApp behaves when an end user's encryption key changes. WhatsApp, by default, trusts new encryption key broadcasted by a contact and uses it to re-encrypt undelivered messages and send them without informing the sender of the change. In my previous article, I have elaborated this vulnerability with an easy example, so you can head on to read that article for better understanding. Facebook itself admitted to this WhatsApp issue reported by Boelter, saying that "we were previously aware of the issue and might change it in the future, but for now it's not something we're actively working on changing." What Experts argued: According to some security experts — "It's not a backdoor, rather it’s a feature to avoid unnecessarily re-verification of encryption keys upon automatic regeneration." Open Whisper Systems says — "There is no WhatsApp backdoor," "it is how cryptography works," and the MITM attack "is endemic to public key cryptography, not just WhatsApp." A spokesperson from WhatsApp, acquired by Facebook in 2014 for $16 Billion, says — "The Guardian's story on an alleged backdoor in WhatsApp is false. WhatsApp does not give governments a backdoor into its systems. WhatsApp would fight any government request to create a backdoor." What's the fact: Notably, none of the security experts or the company has denied the fact that, if required, WhatsApp, on government request, or state-sponsored hackers can intercept your chats. What all they have to say is — WhatsApp is designed to be simple, and users should not lose access to messages sent to them when their encryption key is changed. Open Whisper Systems (OWS) criticized the Guardian reporting in a blog post saying, "Even though we are the creators of the encryption protocol supposedly "backdoored" by WhatsApp, we were not asked for comment." What? "...encryption protocol supposedly "backdoored" by WhatsApp…" NO! No one has said it's an "encryption backdoor;" instead this backdoor resides in the way how end-to-end encryption has been implemented by WhatsApp, which eventually allows interception of messages without breaking the encryption. As I mentioned in my previous story, this backdoor has nothing to do with the security of Signal encryption protocol created by Open Whisper Systems. It's one of the most secure encryption protocols if implemented correctly. Then Why Signal is more Secure than WhatsApp? You might be wondering why Signal private messenger is more secure than Whatsapp, while both use the same end-to-end encryption protocol, and even recommended by the same group of security experts who are arguing — "WhatsApp has no backdoor." It's because there is always room for improvement. The signal messaging app, by default, allows a sender to verify a new key before using it. Whereas, WhatsApp, by default, automatically trusts the new key of the recipient with no notification to the sender. And even if the sender has turned on the security notifications, the app notifies the sender of the change only after the message is delivered. So, here WhatsApp chose usability over security and privacy. It’s not about 'Do We Trust WhatsApp/Facebook?': WhatsApp says it does not give governments a "backdoor" into its systems. No doubt, the company would definitely fight the government if it receives any such court orders and currently, is doing its best to protect the privacy of its one-billion-plus users. But what about state-sponsored hackers? Because, technically, there is no such 'reserved' backdoor that only the company can access. Why 'Verifying Keys' Feature Can't Protect You? WhatsApp also offers a third security layer using which you can verify the keys of other users with whom you are communicating, either by scanning a QR code or by comparing a 60-digit number. But here’s the catch: This feature ensure that no one is intercepting your messages or calls at the time you are verifying the keys, but it does not ensure that no one, in the past had intercepted or in future will intercept your encrypted communication, and there is no way, currently, that would help you identify this. WhatsApp Prevention against such MITM Attacks are Incomplete WhatsApp is already offering a "security notifications" feature that notifies users whenever a contact's security code changes, which you need to turn on manually from app settings. But this feature is not enough to protect your communication without the use of another ultimate tool, which is — Common Sense. Have you received a notification indicating that your contact's security code has changed? Instead of offering 'Security by Design,' WhatsApp wants its users to use their common sense not to communicate with the contact whose security key has been changed recently, without verifying the key manually. The fact that WhatsApp automatically changes your security key so frequently (for some reasons) that one would start ignoring such notifications, making it practically impossible for users to actively looking each time for verifying the authenticity of session keys. What WhatsApp should do? Without panicking all one-billion-plus users, WhatsApp can, at least: Stop regenerating users' encryption keys so frequently (I clearly don't know why the company does so). Give an option in the settings for privacy-conscious people, which if turned on, would not automatically trust new encryption key and send messages until manually accepted or verified by users. ...because just like others, I also hate using two apps for communicating with my friends and work colleagues i.e. Signal for privacy and WhatsApp because everyone uses it. Source
  4. Steganos Online Shield VPN - 1 Year[365 Days] 2GB / 5GB / Unlimited* Per Month Promo by Auslogics Pals, this is not a new product from Steganos. It is the same old Online Shield 365. Now, it is just re-launched as Online Shield VPN. Actual Cost of OnlineShield VPN - 1 Year - $49.95. With Discount - $24.97 or $14.97. Now, you can get this for FREE - No Ads. NOTE: Limited Bandwidth - 2GB / 5GB / Unlimited* Per Month; 3 Devices; No Support; Personal Use Only. *Update: Some users are able to get Unlimited Bandwidth on at-least 1 key while using different browsers for 2 or multiple requests with different emails. Encryption Comparison between Steganos VPN Products: OkayFreedom VPN - 128-bit blowfish OnlineShield VPN - 256-bit AES More Info from TorrentFreak: https://torrentfreak.com/anonymous-vpn-providers-2016-edition2#steganos Links: Offer: https://www.steganos.com/specials/?m=auslogics0117&p=sos or https://www.steganos.com/specials/auslogics0117/sos Steps: Just click on any of the above links and enter your email. If you don't want to receive newsletters from Steganos Team, Uncheck the option. Now. Click on "Seriennummer anfordern". Check your mail and store the key. Tip: Note: Limited Period Offer. Current Status: Open. Downloads: Online Installer - Size: 2.6MB: https://file.steganos.com/software/downloader/steganos/sosintdle.exe Full Installer[Latest version]: https://file.steganos.com/software/sosint.exe - Size: 37.2MB (or) https://file.steganos.com/update/sosint.exe - Size: 37.2MB (or) https://file.steganos.com/software/wrappers/auslogics0117/sosintwr.exe - Size: 37.4MB (or) https://file.steganos.com/software/wrappers/pcformatpl0217/sosintwr.exe - Size: 35.4MB - Link not working. Use any of the above/below links (or) https://file.steganos.com/software/wrappers/downloadmixcom1216/sosintwr.exe - Size: 37.4MB (or) https://file.steganos.com/software/wrappers/pcgo0117/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/chip1116/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/chip/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/steganos/sosintwr.exe - Size: 35.4MB - Link not working. Use any of the above links Other Downloads: Android App iOS App Support/FAQ: https://www.steganos.com/service
  5. WhatsApp Security: Make This Change Right Now! Security researchers found a backdoor in the popular messaging application WhatsApp recently that could allow WhatsApp to intercept and read user messages. Facebook, the owner of WhatsApp, claims that it is impossible to intercept messages on WhatsApp thanks to the services end-to-end encryption. The company states that no one, not even itself, can read what is sent when both sender and recipient use the latest version of the application. It turns out however that there is a way for WhatsApp to read user messages, as security researcher Tobias Boelter (via The Guardian) found out. Update: In a statement sent to Ghacks, a WhatsApp spokesperson provided the following insight on the claim: WhatsApp has the power to generate new encryption keys for users who are not online. Both the sender and the recipient of messages are not made aware of that, and the sender would send any message not yet delivered again by using the new encryption key to protect the messages from third-party access. The recipient of the message is not made aware of that. The sender, only if Whatsapp is configured to display security notifications. This option is however not enabled by default. While WhatsApp users cannot block the company -- or any state actors requesting data -- from taking advantage of the loophole, they can at least activate security notifications in the application. The security researcher reported the vulnerability to Facebook in April 2016 according to The Guardian. Facebook's response was that it was "intended behavior" according to the newspaper. Activate security notifications in WhatsApp To enable security notifications in WhatsApp, do the following: Open WhatsApp on the device you are using. Tap on menu, and select Settings. Select Account on the Settings page. Select Security on the page that opens. Enable "show security notifications" on the Security page. You will receive notifications when a contact's security code has changed. While this won't prevent misuse of the backdoor, it will at least inform you about its potential use. Source Alternate Source - 1: WhatsApp Encryption Has Backdoor, Facebook Says It's "Expected Behaviour" Alternate Source - 2: WhatsApp Backdoor allows Hackers to Intercept and Read Your Encrypted Messages Alternate Source - 3: Oh, for F...acebook: Critics bash WhatsApp encryption 'backdoor' Alternate Source - 4: Your encrypted WhatsApp messages can be read by anyone Alternate Source - 5: How to protect yourself from the WhatsApp 'backdoor' Alternate Source - 6: 'Backdoor' in WhatsApp's end-to-end encryption leaves messages open to interception [Updated] Detailed Explanation of the Issue and Prevention/Alternatives:
  6. Bitdefender 2017 - Stable - Final - Offline Standalone Installers For Windows[x86 & x64] Bitdefender 2017 AV Plus / Internet Security / Total Security - Standalone Installers [Windows]: 32bit [x86] - [Size: 353.13 MB]: https://download.bitdefender.com/windows/desktop/connect/cl/2017/all/bitdefender_ts_21_32b.exe 64bit [x64] - [Size: 392.26 MB]: https://download.bitdefender.com/windows/desktop/connect/cl/2017/all/bitdefender_ts_21_64b.exe Bitdefender Agent - 2017 - Universal [Same Agent for AV Plus / IS / TS]: Screenshots: Install Notes: Precaution Note: If you've already installed older version of Bitdefender[incl. 2016 version], we are sure that you'll lose your settings. Please take note of configuration, settings. whitelisted files and links Download and Install Bitdefender Agent. When it starts downloading the install files, Stop/Close it immediately. Note: Check whether there the Agent is installed only once in "Add/Remove Programs" or "Programs & Features". Note: Check in "Program Files" for folder named "Bitdefender Agent". Now, start installing offline installer and proceed with installation. Note: Please choose respective download link based on architecture x86/x64 for smooth installation. Note: Don't worry about AV Plus/IS/TS. The installer automatically modifies the installation depending on the license you entered. Once installation is done, configure accordingly for best protection and to avoid files from getting deleted. Configure Whitelist files and links if you have any. It is better to keep note of the configured settings for future use. User Guide: Bitdefender Antivirus Plus 2017: https://download.bitdefender.com/resources/media/materials/2017/userguides/en_EN/bitdefender_av_2017_userguide_en.pdf Bitdefender Internet Security 2017: https://download.bitdefender.com/resources/media/materials/2017/userguides/en_EN/bitdefender_is_2017_userguide_en.pdf Bitdefender Total Security 2017: https://download.bitdefender.com/resources/media/materials/2017/userguides/en_EN/bitdefender_ts_2017_userguide_en.pdf Uninstall Tool: Uninstall Tool For Bitdefender 2017 Products: http://www.bitdefender.com/files/KnowledgeBase/file/Bitdefender_2017_UninstallTool.exe NOTE: Bitdefender 2017 Uninstall Tool require KB2999226. If you didn't install, you'll get error "api-ms-win-crt-runtime-l1-1-0.dll" missing. You can download it here - KB2999226 Uninstall Tool For Bitdefender 2016 Products: http://www.bitdefender.com/files/KnowledgeBase/file/Bitdefender_2016_UninstallTool.exe Uninstall Tool For Bitdefender 2015 / 2014 / 2013 Products: http://www.bitdefender.com/files/KnowledgeBase/file/The_New_Bitdefender_UninstallTool.exe Uninstall Tool For Bitdefender 2012 Products and Earlier: http://www.bitdefender.com/files/KnowledgeBase/file/BitDefender_Uninstall_Tool.exe
  7. It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users The app is now available for Ubuntu Linux and other distros Linux was the missing piece for them to achieve full status and offer their services across all major platforms, both on desktop and mobile. Discord is currently available for Android, iOS, Mac, and Windows, but you can also use it directly from the Web, using a compatible web browser. The app appears to be a direct competitor to Microsoft's Skype VoIP client, as well as the well-known TeamSpeak voice communication platform. It offers a wide range of features, including IP and DDoS protection, in-game overlay, smart push notifications, individual volume control, support for multiple channels, and a modern text chat. Other noteworthy features of Discord include support for codecs, permissions, and custom keyboard shortcuts, a direct messaging system and friends list. It also promises to keep the CPU usage as minimal as possible, offering low latency support for audio and automatic failover functionality. Install Discord on Ubuntu now The first stable release of the official Discord app for Linux systems, versioned 0.0.1, is currently available for download as a binary package for Debian and Ubuntu-based distributions, such as Ubuntu, Debian, Linux Mint, etc. However, to install it, you'll need to have a 64-bit installation. There's also a source tarball available for download in case you're not running an operating system based on Debian or Ubuntu, but you'll have to compile it. It appears that Discord 0.0.1 already made its way into the Arch Linux AUR repositories, and it's coming soon to Solus, too. Other distros may add Discord to their repositories in the coming weeks. Stoked to announce our super sick app for LINUX. Chris was massaging this for ages but it's like super sick now https://t.co/hQtQpZO95c pic.twitter.com/lVyDkBD3cN — Discord (@discordapp) January 11, 2017 Source
  8. Windows 10 Share “Soon With” Ads Microsoft plans to roll out the upcoming Windows 10 feature update Creators Update with a new Share UI, and will push ads in that UI. Microsoft is working on the next feature update for Windows 10 called the Creators Update. The new version of Windows 10 will be made available in April 2017 according to latest projections, and it will introduce a series of new features and changes to the operating system. The built-in Share functionality of Windows 10 will be updated in the Creators Update as well. We talked about this when the first screenshots of the new user interface leaked. The core change is that the Share user interface will open up in the center of the screen instead of the sidebar. Along with the change come ads. If you take a look at the following screenshot, courtesy of Twitter user Vitor Mikaelson (via Winaero), you see the Box application listed as one of the available share options even though it is not installed on the device (and never was according to Vitor). The suggested app is listed right in the middle of the share interface, and not at the bottom. Microsoft uses the Share UI to promote Windows Store applications. This is one of the ways for Microsoft to increase the visibility of the operating system's built-in Store. The Share UI is not the first, and likely not the last, location to receive ads on Windows 10. Ads are shown on Windows 10's lockscreen, and in the Windows 10 start menu for instance. While it is possible to disable the functionality, it is turned on by default. Ads in the Share UI will likely be powered by the same system which means that you will be able to turn these ads off in the Settings. Microsoft is not the only company that uses recommendations in their products to get users to install other products. I'm not fond of this as I don't like it that these suggestions take away space. While I don't use the Share UI at all, I do use the Start Menu. The recommendations there take away space from programs and applications that I have installed or am using. Yes, it is easy enough to turn these off, and that's what I did as I have no need for them. Should I ever run into a situation where I require functionality, say sharing to Box, I'd search for a solution and find it. I can see these recommendations being useful to inexperienced users however who may appreciate the recommendations. There is a debate going on currently whether to call these promotions advertisement, or recommendations / suggestions. Now You: What's your take on these? How do you call them? Source
  9. The Federal Trade Commission on Thursday sued Taiwan-based D-link in federal court. The FTC alleges that D-link routers and webcams left "thousands of consumers at risk" to hacking attacks. "Defendants have failed to take reasonable steps to protect their routers and IP cameras from widely known and reasonably foreseeable risks of unauthorized access, including by failing to protect against flaws which the Open Web Application Security Project has ranked among the most critical and widespread web application vulnerabilities since at least 2007," the FTC said in a complaint (PDF) filed in San Francisco federal court. The commission's move comes 11 months after the agency settled with Asus over its insecure routers that allowed attackers to remotely log in to them and, depending on user configurations, change security settings or access files stored on connected devices. Source
  10. Browser Autofill Data May Be Phished Data that you have saved as so-called Autofill data in your web browser of choice may be phished by sites using hidden form fields. Most modern web browsers support comfortable features like auto-filling forms on sites using data that you have entered in the past. Instead of having to enter your name, email address or street address whenever you sign up for a new account for instance, you'd fill out the data once only and have the browser fill out the fields for you any time they are requested afterwards. But autofill can also be a privacy issue. Imagine a site requesting that you enter your name and email address on a page. You would probably assume that this is the only data it requests, and that your browser will only fill out those fields and nothing else. Watch what happens when the developer of a site adds hidden fields to a page. Note that hidden in this regard means visible but drawn outside the visible screen. The browser may fill out fields that you don't see but are there. As you can see, this may include personal data without you being aware that the data is submitted to the site. While you could analyze any page's source code before submitting anything, doing so is highly impracticable. You can download the example index.html file from GitHub. Please note that this appears to work in Chrome but not in Firefox at the time of writing. It is likely that Chrome-based browsers will behave the same. Chrome will only fill out the following information by default: name, organization, street address, state, province, zip, country, phone number and email address. Note that you may add other date, credit cards for instance, to autofill. Since there is no way of stopping this from the user's end, it is best right now to disable autofill until the issue gets fixed. It is interesting to note that this is not a new issue, but one that has been mentioned since at least 2010. A Chromium bug was reported in mid 2012, but it has not found any love yet. Disable autofill in Chrome You can disable Google Chrome's autofill functionality in the following way: Load chrome://settings/ in the web browser's address bar. Click on "show advanced settings" at the end of the page. Scroll down to the "passwords and forms" section. Remove the checkmark from "Enable Autofill to fill out web forms in a single click". Mozilla Firefox does not seem to be affected by this. You can find out about disabling autofill in Firefox on Mozilla's Support website. Closing Words There is the question whether browser add-ons that support automatic form filling may leak data to sites that use hidden form fields as well. I did not test this, but it would be interesting to find out. Source
  11. IObit AMC Security Pro(Clean & Boost) for Android - 1 Year[365 Days] Promo by APKPure Links: Offer: https://apkpure.com/topic/giveaway-amc-security-pro Shared Key: Note: Limited Period Offer. Expires by 10 January 2017. Current Status: Open. Overview: Product Homepage Downloads: https://apkpure.com/amc-security-clean-boost/com.iobit.mobilecare/ (or) https://play.google.com/store/apps/details?id=com.iobit.mobilecare&hl=en
  12. Steganos Online Shield VPN - 1 Year[365 Days] 2GB / 5GB / Unlimited* Per Month Promo by PCFormat Pals, this is not a new product from Steganos. It is the same old Online Shield 365. Now, it is just re-launched as Online Shield VPN. Actual Cost of OnlineShield VPN - 1 Year - $49.95. With Discount - $24.97 or $14.97. Now, you can get this for FREE - No Ads. NOTE: Limited Bandwidth - 2GB / 5GB / Unlimited* Per Month; 3 Devices; No Support; Personal Use Only. *Update: Some users are able to get Unlimited Bandwidth on at-least 1 key while using different browsers for 2 or multiple requests with different emails. Encryption Comparison between Steganos VPN Products: OkayFreedom VPN - 128-bit blowfish OnlineShield VPN - 256-bit AES More Info from TorrentFreak: https://torrentfreak.com/anonymous-vpn-providers-2016-edition2#steganos Links: Offer: https://www.steganos.com/specials/?m=pcformat0217&p=sos or https://www.steganos.com/specials/pcformat0217/sos Steps: Just click on any of the above links and enter your email. If you don't want to receive newsletters from Steganos Team, Uncheck the option. Now. Click on "Seriennummer anfordern". Check your mail and store the key. Tip: Note: Limited Period Offer. Current Status: Open. Downloads: Online Installer - Size: 2.6MB: https://file.steganos.com/software/downloader/steganos/sosintdle.exe Full Installer[Latest version]: https://file.steganos.com/software/sosint.exe - Size: 35.2MB (or) https://file.steganos.com/update/sosint.exe - Size: 35.2MB (or) https://file.steganos.com/software/wrappers/pcformatpl0217/sosintwr.exe - Size: 35.4MB - Link not working. Use any of the above/below links (or) https://file.steganos.com/software/wrappers/downloadmixcom1216/sosintwr.exe - Size: 37.4MB (or) https://file.steganos.com/software/wrappers/pcgo0117/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/chip1116/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/chip/sosintwr.exe - Size: 35.4MB (or) https://file.steganos.com/software/wrappers/steganos/sosintwr.exe - Size: 35.4MB - Link not working. Use any of the above links Other Downloads: Android App iOS App Support/FAQ: https://www.steganos.com/service
  13. Firefox 52: Better Font Fingerprinting Protection Mozilla plans to integrate better font fingerprinting protection in Firefox 52; the new version of the web browser is scheduled for a March 7, 2017 release. The changes are already live in pre-release versions of the web browser. Font fingerprinting refers to one of the many fingerprinting options that websites and services have when users connect to them. The web browser reveals information during connect which the site or service may record. The core idea behind browser fingerprinting is to create a unique profile of a browser by using one, some or many parameters that are retrievable publicly. Tip: You can run browser fingerprinting tests like Browserprint or Panopticlick to find out about what your browser reveals on connect. Firefox 52: Better Font Fingerprinting Protection If you check for system fonts using a service like Panopticlick, you will get the list of supported fonts returned. This test requires only JavaScript to function, and has nothing to do with Adobe Flash's method of returning fonts as well. The screenshot above confirms that system fonts are revealed to sites using JavaScript currently. This is true for all Firefox channels, even development channels. The new change that will launch with Firefox 52 is an optional parameter that you can configure to restrict font access. So, instead of returning all fonts installed on the operating system, Firefox would only return the fonts that you have whitelisted. Side note: one could say that restricting fonts might make you even more unique, considering that the vast majority of browsers won't return only some or even no fonts at all. Also, being too restrictive may change fonts that the browser uses as well. Finally, some fonts appear to be added regardless of your choice currently. Adding only Helvetica to the whitelist for instance returned Courier, MS Sans Serif, Sans Serif and Times as well. It would obviously be better if Firefox would return only a standard set of fonts if the whitelist is activated. You need to do the following to use a system font whitelist in Firefox: Type about:config in the browser's address bar and hit the Enter-key afterwards. Confirm that you will be careful if the warning prompt is displayed. Right-click in the main pane listing all preferences, and select New > String from the context menu. Name the new parameter font.system.whitelist. Now add fonts to the whitelist separated by comma: Helvetica, Courier, Verdana is a valid value for instance. The change takes effect immediately. You may notice that fonts change in the browser UI or on websites as a response You can follow the feature's progress on Bugzilla. (via Sören Hentzschel) Source
  14. Ubuntu Touch OTA-14 Officially Released with Revamped Unity 8 Interface, Fixes Available now for all supported Ubuntu Phone/Table devices Ubuntu Touch OTA-14 has been in development for the past two and a half months, but it focuses on fixing bugs than adding new features. Probably the most exciting thing implemented in the OTA-14 update is a revamped Unity 8 design that sports a brand-new task manager with support for fuzzy backgrounds and app icons. "This time not so many changes released in overall but with the goal of introducing less regressions. Also, the commit log for this release isn't too verbose due to multiple different cherry-picking we had todo during the release. Possibly the best way to know what changed is looking at the Launchpad milestone," said Lukasz Zemczak. Oxide 1.17 and Opus audio codec support have landed Also new in the Ubuntu Touch OTA-14 update is version 1.17 of the Chromium-based Oxide web engine library, as well as Opus audio codec support, which was implemented in the qt-multimedia package. Among the improvements, we can mention that SMS notifications should now be displayed when the device is locked. Other than that, the device should no longer appear off during an image update, some alarm issues have been fixed, and it looks like vibrations will work again when other vibrations are enabled. There are various other small fixes, and for more details we recommend studying the full changelog on the Launchpad page of the OTA-14 milestone. Meanwhile, you can check your Ubuntu Phone or Tablet device to see if the Ubuntu Touch OTA-14 is available, as it has been released as a phased update, which means that it might take up to 24 hours to land in all regions. If you do not see the update, check again in a few hours, but by tomorrow, December 8, everyone should have it. Ubuntu Touch OTA-14 is currently supported on BQ Aquaris E4.5, BQ Aquaris E5, BQ Aquaris M10, BQ Aquaris M10 HD, Meizu MX4, Meizu PRO 5, Nexus 4, and Nexus 7 devices. Please note that the x86 emulator images don't work on Ubuntu 16.10 (Yakkety Yak) hosts. Check out the release notes for more details! Source
  15. NOD32 Antivirus & ESET Smart Security v8.0.319.0 English Silent Note: Update: - Excluded a new site that TNod use Credits to Cerberus (Scripting Help) ESET NOD32 Antivirus: 32Bit (Size: 70.6 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/1RCBMOLD/ESET_NOD32_Antivirus_v8.0.319.0_32Bit.zip_links 64Bit (Size: 79.9 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/07MFNOKR/ESET_NOD32_Antivirus_v8.0.319.0_64Bit.zip_links ESET Smart Security 32Bit (Size: 77.7 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/OLZAEFQI/ESET_Smart_Security_v8.0.319.0_32Bit.zip_links 64Bit (Size: 88 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/17IRIU9W/ESET_Smart_Security_v8.0.319.0_64Bit.zip_links ESET NOD32 Antivirus & ESET Smart Security v9.0.386.0 English Silent Note: Update: - Updated to v9.0.386.0 - Added a new key ESET NOD32 Antivirus: 32Bit (Size: 88.5 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/0PIHCVWO/ESET_NOD32_Antivirus_v9.0.386.0_32Bit_Silent.zip_links 64Bit (Size: 92.4 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/AFKOXL3O/ESET_NOD32_Antivirus_v9.0.386.0_64Bit_Silent.zip_links ESET Smart Security 32Bit (Size: 98.3 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/0QJWT5U1/ESET_Smart_Security_v9.0.386.0_32Bit_Silent.zip_links 64Bit (Size: 102 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/1PHMCQKT/ESET_Smart_Security_v9.0.386.0_64Bit_Silent.zip_links ESET NOD32 Antivirus & ESET Internet Security & ESET Smart Security v10.0.386.0 English Silent Note: A Video To See How Silent Work ESET NOD32 Antivirus: 32Bit (Size: 89.9 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/11FHVAEG/ESET_NOD32_Antivirus_v10.0.386.0_32Bit.zip_links 64Bit (Size: 94.2 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/06VU2MS0/ESET_NOD32_Antivirus_v10.0.386.0_64Bit.zip_links ESET Internet Security 32Bit (Size: 97.8 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/WSXMFBJF/ESET_Internet_Security_v10.0.386.0_32Bit.zip_links 64Bit (Size: 102 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/1JECDBE7/ESET_Internet_Security_v10.0.386.0_64Bit.zip_links ESET Smart Security 32Bit (Size: 98.3 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/SGZDUNBW/ESET_Smart_Security_v10.0.386.0_32Bit.zip_links 64Bit (Size: 103 MB) Site: http://www.mirrorcreator.com Sharecode[?]: /files/2L7XIBZ6/ESET_Smart_Security_v10.0.386.0_64Bit.zip_links Additional info for v9 & v10:
  16. DNSCrypt A protocol for securing communications between a client and a DNS resolver. Description dnscrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol and passing them to an upstream server. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver. While not providing end-to-end security, it protects the local network, which is often the weakest point of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries. List of free, DNSCrypt-enabled resolvers To get started, you can use any of the public DNS resolvers supporting DNSCrypt . If you want to add DNSCrypt support to your own public or private resolver, check out DNSCrypt-Wrapper, a server-side dnscrypt proxy that works with any name resolver. Installation: Windows 1. Download the win zip file from here http://download.dnscrypt.org/dnscrypt-proxy/ 2. Extract it to C drive . 3. Open up a elevated cmd / Terminal. Click on start and type cmd and press ctrl+shift+enter. 4. Go to DNSCrypt directory in cmd / terminal. cd C:\dnscrypt-proxy-win64\ 5. Now we will install proxy server and we had to choose dns server. we can choose any dns from file dnscrypt-resolvers.csv which is included in download. This list mainly support DNSCypt.it has a name, description, location, and whether they support things like DNSSEC and Namecoin. It also has the necessary IP addresses and public keys. . we had chosen " okturtles". There is a resolver list with file name dnscrypt-resolvers.csv, you can choose any resolver of your choice. If all goes well, you will get an output similar to this: [NOTICE] Starting dnscrypt-proxy 1.6.0 [INFO] Initializing libsodium for optimal performance [INFO] Generating a new key pair [INFO] Done [INFO] Server certificate #808464433 received [INFO] This certificate looks valid [INFO] Server key fingerprint is 3730:AAB4:B7FD:40F6:3C42: B12C:60DF:B615:8392:B6AF:9AA4:4CFD:C282:0BAC:E68E:2624 6. Time to install dnscrypt-proxy.exe --resolver-name=okturtles --resolvers-list="C:\dnscrypt-proxy-win64\dnscrypt-resolvers.csv" --install You should see this output. [INFO] The dnscrypt-proxy service has been installed and started [INFO] The registry key used for this service is SYSTEM\Current ControlSet\Services\dnscrypt-proxy\Parameters [INFO] Now, change your resolver settings to 127.0.0.1:53 7. Change your dns setting in network connections to 127.0.0.1. Source: For linux, freebsd etc please follow the tutorial of dnscrypt which can be found here http://dnscrypt.org/. 8. To remove use this command while the directory is selected at step 4 .\dnscrypt-proxy --uninstall Benefits of DNSCrypt: Easy to set up and it’s free. Encryption of web traffic: Phishing protection. Speed up your Internet experience. Unblock Government blocked websites
  17. CryptoPrevent Malware Prevention – A Brief History YES, this is the original CryptoLocker prevention tool you’ve read about, designed to prevent infection from the first “ransomware” threat which emerged in late 2013, encrypting valuable data on the infected PC and offering decryption in exchange for large payment. Within a few months of it’s release it created quite a buzz with features from Brian Krebs security blog (among many others) and by educators everywhere such as Kim Komando, Ken Dwight ‘The Virus Doctor’, the infamous Britec09 on Youtube, and ultimately reaching televised news such as CNBC and The Today Show! CryptoPrevent was originally developed as a small side project of Foolish IT LLC, a company recently formed by an experienced PC repair technician (specializing in virus and malware removal techniques) as an outlet for the development of tools designed to assist PC technicians on the job, such as our flagship d7 – PC Repair Technician’s Multi-Tool, as well as other now-deprecated tools such as the DataGrab backup tool featured on Lifehacker.com, and earlier malware removal tools such as the once popular KillZA (a fast and effective one-click removal and repair tool for ZeroAccess malware infections.) Suggestions for CryptoPrevent poured in from an already established customer base of experienced PC repair technicians across the globe (who were constantly combating these new emerging ransomware threats for their clients) as well as contributions from various professionals in the security industry taking notice of CryptoPrevent’s simplicity and effectiveness vs. traditional anti-virus/anti-malware, which weren’t producing any measure of protection from these new threats for well over a year after their emergence in the wild. It is no surprise that CryptoPrevent quickly became a very effective tool against a wide range of viruses and other malicious software, not just the original ransomware it was designed to prevent. Through continued development efforts to expand the software into something more than just a ‘security’ solution, as well as welcoming additional experience and talent to the CryptoPrevent research and development team, we are proud to have announced the release of CryptoPrevent v8.0 on November 1st, 2016! Article source New Features in v8 (Free and Premium Editions) New: Folder Watch – Monitors and protects common folders from items that match malware definitions. New: Submit Malicious Files – This will allow you to submit malicious files (which are not in our malware definitions) to review for inclusion in the default definitions. Improved: Program Filtering Protection – The original ‘BETA’ program filtering protections were very effective, but caused issues with running certain programs; now it offers vastly improved reliability as it is based on the new code platform of the coming 3rd generation ‘d7x’ PC technician utilities, it is thoroughly tested, and recommended for mass usage! Improved: SRP Protection – The original protection method since CryptoPrevent version 1 was automatically created “SRP” rules (aka “Software Restriction Policies” which are normally only available in “Professional” editions of the Windows operating system and only scriptable across Active Directory/domain environments.) CryptoPrevent v1 created 8 SRP rules for protection and v7.4.21 (the final v7) created just under 400 SRP rules, while version 8.0 currently creates just under 4000! That’s 10x as many as v7 and 500x as many as v1! New/Improved: Expanded Malware Definitions (Optional) – Expanded malware and ransomware detection definitions add cutting edge detection power to CryptoPrevent, and are updated at least weekly, although they may increase the risk of ‘false positive’ malware detections. (These are entirely optional; you may elect to keep the standard definition set with less risk of ‘false positive’ detections.) New Features in v8 (Premium Edition Only) New: HoneyPot Ransomware Protection – Very effective in preventing new and unknown ransomware from encrypting your files! When malicious activity is detected ALL non-essential programs are terminated, stopping malicious software dead in it’s tracks. Visit our Youtube playlist to see the HoneyPot Ransomeware Protections in action against several new ransomware threats! New: KillEmAll v5 Integrations – Based on the new code platform of the coming 3rd generation ‘d7x’ PC technician utilities, KillEmAll v5 allows for fast termination of non-essential programs including malware and ransomware, and is integrated into the new Tray Icon along with other useful features! New: Tray Icon Features and Notifications – Easily change/view CryptoPrevent settings or activate the KillEmAll v5 integration. Notifications are displayed when the original SRP, Program Filtering, Folder Watch, or HoneyPot protections have been triggered. New/Improved: Customization Abilities – Customize CryptoPrevent with powerful blacklisting/whitelisting support and in new ways including the new Folder Watch protections (which cannot be customized in the Free Edition.) Download CryptoPrevent
  18. Mine is extremely light, but undoubtedly powerful. Here is my setup: Defensewall ShadowDefender Keyscrambler Sandboxie (custom rules) (A2, SAS, MBAM used rarely, on demand)
  19. Bitdefender 2017 Build 21.0.22.1050 Overview: The Bitdefender proprietary technologies, based on innovative ideas and leading trends in the information security industry, continue to be internationally recognized as the best Internet security software. The independent organizations which reward BitDefender outstanding results through numerous prizes and certifications are: Av-Test.org, Virus Bulletin, ICSA Lab, Checkmark, PC World Top 100, just to name but a few. Homepage: https://www.bitdefender.com/ Changelog: https://forum.bitdefender.com/index.php?/topic/74181-latest-changelog/ A new Bitdefender Classic Line product update has been released with the following details: Affected software: Bitdefender Total Security 2017 Bitdefender Internet Security 2017 Bitdefender Antivirus Plus 2017 Platform: x86, x64 Version: 21.0.22.1050 This version fixes the following issues: Fixed a issue where the setup window would not show-up properly on high DPI machines Fixed a issue where the Trial would not start on a new account Fixed a issue where two Uninstall Surveys would open upon removing the product Fixed a rare issue where the Switch Account button would not activate on a expired account Fixed a rare crash caused by the Widget Fixed a rare crash caused by the Agent Fixed a issue where Wallet would not function under SafePay Fixed a issue where Paranoid Mode would block a connection without notification Fixed a issue where events would not be generated under Home/Office Fixed a issue where Aero was causing buttons to disappear from the UI Fixed a crash caused by the Subscription engine Fixed a issue where the OneClick Optimizer would places.sqlite in Firefox Fixed a rare issue where the Setup window would relocate randomly Fixed a issue where kabelmail.de users would not receive emails with the Anti-Spam enabled Fixed a issue where the Paranoid option would be available after disabling AVC Fixed a issue where the Setup engine could not create install folders Fixed a rare crash caused by the Notification Engine Fixed a issue where the Update frequency slider would revert to the default setting Fixed a rare crash caused by the Proxy handler Fixed a rare issue where the task for the Agent couldn't be created Fixed a issue where Wallet wouldn't autofill on Amazon and eBay Fixed a rare crash caused by the Settings handler Fixed a issue where the Security Report would show 0 files in the Vault Fixed a issue where the Vulnerability Scan would show the incorrect size of Windows Updates Fixed a rare crash caused by Bitdefender's Photon Fixed a issue where SafePay would randomly freeze on Surface Pro 3 devices Fixed a rare issue where the Widget would still show the animation for the Vulnerability Scan even after it has been completed Fixed a issue where the main interface would open after a delay when accessed from the system tray icon Fixed a issue where you the option to shutdown the machine after the scan would not be available The following improvements were included: Product interface fixes and improvements Several improvements to the Install Engine Various improvements to the registration logic Various improvements to the way the product reports errors Various improvements to the Firewall Module SafePay performance improvements Enhanced the way the product uninstalls itself from the system Improvements to the product's self-protect function Moved the Delete button from Wallet edit mode in view mode Wallet now displays the name of the wallet when asking for the password Improved Wallet's compatibility with several websites Added the option to enable Domain discovery (printer and shares) when the Adapter is set as Home/Office Improved the way Bitdefender scans emails through SSL/TLS/STARTTLS KB is unavailable at this time. Downloads: Online Installers: Bitdefender Antivirus Plus 2017 21.0.22.1050 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_antivirus.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_antivirus.exe Bitdefender Internet Security 2017 21.0.22.1050 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_isecurity.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_isecurity.exe Bitdefender Total Security 2017 21.0.22.1050 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_tsecurity.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_tsecurity.exe Offline Installers and Install Guide: Checksum - Dec 2016 Offline Installer Update: bitdefender_ts_21_32b.exe (application/octet-stream) - 370286912 bytes MD5: fa66ce0216fdacdc82aa4d38aaf76aa6 SHA-1: 197f8d08ab4006e6a2d513637052878f05749de0 SHA-256: 8cfd0d1680d764b41c77098c30ab75701f845e689a0a06453cc4750b22d6bb83 SHA-384: ee1c183b7af95b86d8a3d307ffbadf7124d6c56ee92427c4bcbc3cd2bf0d3f5d1537031631a6230dfd34b573ccb3f0cf SHA-512: c3adafe948556469d157e756d95fa73bf519c7c5c6f6d447d1b38277115290c33f196d2d504c6dea029de8d0ea44584d683ad8201d25d04ace0640fb7a942230 bitdefender_ts_21_64b.exe (application/octet-stream) - 411311224 bytes MD5: db7540479a062d70bb2bb11f48c6e475 SHA-1: 23155fa20411752c2807a72669f017ab66c9e742 SHA-256: 382f3e41a61d9e08bfacd0690480ec164e8129c7229ad5bba03379c2a77cc733 SHA-384: b0083d43e4b4890311aa509720665a298d10259d6df8bf47b266b0fb5cb488cb9f2171f177ab8bf6e3956d6512304f3d SHA-512: 86b96a0e8dc2542b82d60ca2f3c89c01916e62237e5089672f092cb90cf56f1bb866593e54da0800a07ddbd3538c130ff0fd5ff1c3a1f5d9bb1cd49abac6284e Bitdefender 2017 Offline Installation Guide:
  20. ISPs: Blocking The Pirate Bay is Dangerous Censorship Two major Swedish ISPs are warning that a possible court-ordered Pirate Bay blockade will introduce a dangerous and unwarranted form of censorship. Instead, they encourage copyright holders to collaborate with them to find better solutions to the piracy problem. The Pirate Bay is without doubt the most censored website on the Internet. Countries all around the world have ordered Internet providers to block subscriber access to the torrent site, with Europe being at the forefront. This week copyright holders and ISPs went to court in Sweden, as part of a prolonged legal battle to have the site blocked on its home turf. Two years ago Universal Music, Sony Music, Warner Music, Nordisk Film and the Swedish Film Industry filed a lawsuit to force Swedish ISP Bredbandsbolaget to block access to The Pirate Bay and Swefilmer. The rightsholders argued that the ISP is liable for the copyright infringements of its customers if it fails to implement a blockade. However, the Stockholm District Court disagreed and sided with the Internet provider in its ruling late last year. Now, both parties have argued their case before the Appeals Court. A final decision will be issued at a later date, but Bredbandsbolaget and fellow ISP Telenor warn that a blocking requirement will have serious implications. “It is a dangerous path to go down, which forces Internet providers to monitor and evaluate content on the Internet and block websites with illegal content in order to avoid becoming accomplices,” the companies write in a joint statement. Copyright holders have pointed out that similar orders were issued in neighboring countries, but the ISPs stress that a mandatory block will be an unprecedented form of censorship under Swedish law. “The copyright holders argue that the blockades they request are similar to those in neighboring Nordic countries. But with the legislation we have in Sweden, it means rightsholders’ demands require a form of censorship that has no equivalent in any other EU country.” The ISPs hope that the Court of Appeal will come to the same conclusion as the District Court; that ISPs which merely provide access to the Internet are not complicit in crimes that are committed by their customers. While Bredbandsbolaget and Telenor don’t expect that the case will go to the Supreme Court, they believe that the rightsholders will try to convince lawmakers to make blocking requests easier. This is not the right way to go, they say. “We don’t think that tougher legislation and blocking requirements are an effective way to stop the illegal distribution of copyrighted works on the Internet,” the ISPs note. Instead, they urge media companies and Internet providers to start collaborating to come to effective and mutually agreeable solutions. Thus far, they have shown little interest in doing that, the ISPs note. “We hope that the rightholders will be more open to dialogue when this lawsuit is over,” they conclude. Source
  21. Anti-Tracking Extension Privacy Badger 2.0 Is Out The Electronic Frontier Foundation released their anti-tracking extension Privacy Badger 2.0 for Firefox, Chrome and Opera yesterday. The extension is designed to prevent online tracking which is fundamentally different from how ad blockers operate. Instead of blocking scripts outright, Privacy Badger 2.0 will only block trackers. This means that ads may still be displayed, but that the extension puts an end to techniques that sites use to "follow" users around the web. The add-on places an icon in the browser's main toolbar that you interact with. It highlights the number of trackers that it blocked on a site, and displays options to allow individual trackers, or block domains that the extension did not detect as trackers. Privacy Badger 2.0 You are probably wondering how Privacy Badger 2.0 differs from the initial Privacy Badger released in 2014, and Privacy Badger 1.0 released in 2015. To find out, we have to dig deep as the EFF's own press release does not shed details on that. We have to look at the add-on stores to find out about the changes. Support for Firefox's multi-process architecture E10s is probably the biggest improvement over previous versions. Mozilla is still rolling out the feature to devices running the stable version of the Firefox web browser. Compatibility means that you can run Privacy Badger 2.0 alongside multi-process Firefox without major issues. Privacy Badger 2.0 may also be installed on Firefox Mobile for Android. This goes hand in hand with Privacy Badger sharing a code base now. Existing users of the extension may also notice performance improvements, the EFF refers to them as "huge", but mileage may vary. At least on my system, it is still not super fast. But there is more. Privacy Badget 2.0 may block WebRTC from leaking local IP addresses. Please note that this feature appears to be only available in the Chrome / Opera version of Privacy Badget 2.0, and not in the Firefox version. You find the option under "general settings" in the Privacy Badger options. You find the new "manage data" option in the settings as well. This enables you to import or export user data that includes whitelisted domains and filter settings. Privacy Badger 2.0 blocks so-called HTML5 pings as well in the new version, and will break fewer sites according to the EFF. Last but not least, it will also forget data when private browsing mode or incognito mode are used by the user. Firefox users reported that the extension breaks Google Docs for them, and there specifically Google Sheets. Closing Words Privacy Badger 2.0 is a major release, but it has its issues right now on Firefox. Google Sheets crashing, and WebRTC missing are just two of the reported issues right now that plague the Firefox version of the privacy add-on. If you do use it on Firefox, you better wait until those issues are sorted out before you upgrade to the new version. Source Changelog: New features with 2.0 & 2.0.1: Version 2.0.1 - Firefox Extension: Sanitize origin and action in popup Version 2.0 of Privacy Badger includes many improvements for users and developers, including: Support for “incognito” or “private” browsing Import/export capabilities, so you can export a backup of what Privacy Badger has learned about your tracker-blocking needs and import that into another browser Fixes to “break” fewer websites, ensuring that you can both block trackers and enjoy rich content Improved user interface translation for non-English-speaking users Blocks to prevent WebRTC from leaking your IP address Blocks to prevent HTMLl5 "ping" tracking Notable speed improvements (Firefox only) Multiprocess Compatibility (E10S) (Firefox only) A single code base for both the Firefox and Chrome versions Downloads: Details & FAQ: https://www.eff.org/privacybadger Firefox: https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/ Firefox[Optional Direct]: https://www.eff.org/files/privacy-badger-latest.xpi Opera: https://addons.opera.com/en/extensions/details/privacy-badger/?display=ru or https://addons.opera.com/extensions/download/privacy-badger/ Chrome: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp Chromium browsers[Optional Direct]: https://www.eff.org/files/privacy_badger-chrome.crx
  22. It's all fun and games until someone loses a life The Internet Society (ISOC) is the latest organisation saying, in essence, “security is rubbish – fix it”. Years of big data breaches are having their impact, it seems: in its report released last week, it quotes a 54-country, 24,000-respondent survey reporting a long-term end user trend to become more fearful in using the Internet (by Ipsos on behalf of the Centre for International Governance Innovation). Report author, economist and ISOC fellow Michael Kende, reckons companies aren't doing enough to control breaches. “According to the Online Trust Alliance, 93 per cent of breaches are preventable” he said, but “steps to mitigate the cost of breaches that do occur are not taken – attackers cannot steal data that is not stored, and cannot use data that is encrypted.” ISOC reckons the 'net's too interconnected for any single stakeholder to carry the can, saying organisations have “share a collective responsibility with other stakeholders to secure the data ecosystem as a whole. This includes vendors, employees, governments, and others. Should one of these links not function, the entire trust chain could be broken.” “Protecting users should be a goal in its own right”, ISOC says, as well as being a “business necessity”. One reason organisations don't pay enough attention to breaches is that it doesn't cost them enough – partly because what a breach costs users is not fully borne by an organisation that's been breached. With users at the centre of security solutions, ISOC says, breached companies should “include the costs to both users and organisations when assessing the costs of data breaches.” As the report notes, “organisations are spending more on prevention, but this has not yet noticeably lowered the number of breaches, or the impact and cost of breaches when they do occur. In turn, the cost of breaches, when calculated, typically focus on the cost to the organisation, and not the full cost for the users who were the ultimate victims of the breaches.” The second recommendation is obvious – except there are so few countries that bother: “Increase transparency through data breach notifications and disclosure”. That feeds into the third recommendation, because disclosure would help hold organisations to “best practice” data security. Fourth – if this recommendation gets traction, the backlash from businesses will be huge – “General rules regarding the assignment of liability and the remediation of data breaches must be established up front”. All of this, ISOC hopes, would create a market for systems and security measures that are trusted, because they're independently assessed. Special mention: IoT is a security 'black hole' If Internet of Things vendors aren't already feeling “beleaguered”, they must be close – and ISOC singles them out many times in the report. The ultimate reach of the Internet of Things means the default position of software companies – “you clicked on the licence, which limits our liability” – isn't good enough. “This lack of liability could lead to significant externalities imposed by a broader range of devices including health devices, baby monitors, and a wide variety of sensors,” the report says. “Likewise, someone shopping for a baby monitor, WiFi router, or connected car, has no way to learn how well it has been protected from attackers.” When the Thing in question is a connected car or a healthcare device, ISOC says disclaimers aren't good enough, because “the hack can also extend to personal safety, potentially at the cost of life and limb.” Article source
  23. First Version of Sandboxed Tor Browser Available Developers at the Tor Project have started working on a sandboxed version of the Tor Browser, currently available as an early alpha version for Linux systems. Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS. Lack of sandboxing exposed Tor Browser users Most modern browsers use sandboxed environments to run code their receive from websites. Chrome, Firefox, and Edge all use sandboxes to separate themselves from the OS. Despite being based on Firefox, the Tor Browser did not use this technique, meaning it was far less secure, even if it provided more features to protect user privacy. In recent years, the FBI has developed and deployed Tor exploits in order to identify and catch crooks hiding their identity using Tor. While the FBI's intentions appear to be good, the Tor Project knows that this type of exploits can be used for other actions besides catching pedophiles and drug dealers. An exploit that unmasks Tor users can be very easily used to identify political dissidents or journalists investigating cases of corrupt politicians. As such, protecting the Tor Browser against exploits and vulnerabilities that can expose the identity of its users is crucial. The easiest way to do this is to support a sandboxing feature that isolates the Tor Browser from other OS processes and limits its ability to interact and query low-level operating system APIs that can expose MAC addresses, IP addresses, computer name, and more. Work on sandboxed Tor Browser started in September The Tor Project started working on a sandboxed version of the Tor Browser in September 2016. Over the weekend, Tor developers have released the first version of this new & improved Tor Browser. As you can imagine, this is a very rough version. One of the Tor developers working on the project describes the browser as a "Gtk+3 based UI for downloading/installing/updating Tor Browser, configuring [T]or, and launching the sandboxed browser. Think `tor-browser-launcher`, that happens to run Tor Browser in a bunch of containers." Currently, this version is in an early alpha stage, and only available for Linux. There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here. Source
  24. Scammers Can Use Microsoft Edge Security Feature to Display Fake Warnings Security researcher finds way to abuse SmartScreen Manuel Caballero explains in a blog post that Microsoft Edge has a vulnerability that allows ms-appx: and ms-appx-web: commands to generate fake alerts very similar to the one issued by SmartScreen and which could be used in more complex schemes. For example, the attackers can use these warnings to convince unsuspecting victims to call a phone number, where phone scammers would attempt to steal users’ information. “As a bonus, when we place a telephone-like number, a link is automatically created so the user can call us with a single click. Very convenient for these scammers,” the researcher notes. Microsoft’s SmartScreen SmartScreen is a feature that’s available in both Microsoft Edge and Internet Explorer, but this bug has been demonstrated only in the default Windows 10 browser. In essence, SmartScreen is a super helpful feature that keeps users protected from websites that could be used to spread malware. “SmartScreen checks the sites you visit against a dynamic list of reported phishing sites and malicious software sites. If it finds a match, SmartScreen will show you a warning letting you know that the site has been blocked for your safety,” Microsoft explains. Microsoft is working hard to improve browser security in Edge, so it goes without saying that this is going to be fixed for sure in the coming updates. Edge receives updates on a regular basis and large OS updates, such as the upcoming Creators Update, bring a plethora of improvements for the browser, including features and fixes that are specifically supposed to make the app faster, more reliable and secure. Source Dear $h*t MS & Sh*tya Nudella, Don't ever tell Win 10 is secure than older or other OS'.
  25. Zemana AntiLogger Premium 2.70 - 1 Year[365 Days] Promo by GOTD Overview: Zemana AntiLogger recognizes, prevents and blocks any kind of online identity theft and financial deception. Zemana AntiLogger is a powerful, efficient, and user friendly app that keeps track of who is doing what on your PC. It monitors your PC against the bad guys and prevents any kind of attempts to record or steal your private data and blocks any kind of suspicious activity. Included Advanced Features: Secure SSL Ransomware Protection Cloud Scanning Keystroke Logging Protection Browser Cleanup Pandors Sandbox Real-time Protection More Info: Product Homepage, PDF brochure on Zemana AntiLogger Links: Offer: https://www.giveawayoftheday.com/zemana-antilogger-2/ Shared Key: Note: Limited Period Offer. Expires in 24 hours. Activate the license within the giveaway period to avoid activation issues. The program is available for $29.95, but it will be free as a time-limited offer. Current Status: Open. Downloads: Offline Installer v2.70.2.118[Size: 5.2 MB]: https://zemana.com/en-US/Download/AntiLogger/Setup/Zemana.AntiLogger.Setup.exe