Jump to content

Search the Community

Showing results for tags 'guide'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 32 results

  1. malakai1911

    Comprehensive Security Guide

    Comprehensive Security Guide NOTE: As of 1/1/2019 this guide is out of date. Until parts are rewritten, consider the below for historical reference only. i. Foreword The primary purpose of this guide is to offer a concise list of best-of-breed software and advice on selected areas of computer security. The secondary purpose of this guide is to offer limited advice on other areas of security. The target audience is an intermediately skilled user of home computers. Computer software listed are the freeware versions when possible or have free versions available. If there are no free versions available for a particular product, it is noted with the "$" symbol. The guide is as well formatted as I could make it, within the confines of a message board post. ii. Table of Contents i. Foreword ii. Table of Contents 1. Physical Security a. Home b. Computer c. Personal 2. Network Security a. Hardware Firewall b. Software Firewall 3. Hardening Windows a. Pre-install Hardening b. Post-install Hardening c. Alternative Software d. Keep Windows Up-To-Date 4. Anti-Malware a. Anti-Virus b. HIPS / Proactive Defense c. Malware Removal 5. Information and Data Security a. Privacy / Anonymity b. Encryption c. Backup, Erasure and Recovery d. Access Control (Passwords, Security Tokens) 6. Conclusion 1. Physical Security I just wanted to touch on a few things in the realm of physical security, and you should investigate physical and personal security in places other than here. a. Home How would you break in to your own home? Take a close look at your perimeter security and work inwards. Make sure fences or gates aren't easy to climb over or bypass. The areas outside your home should be well lit, and motion sensor lights and walkway lights make nice additions to poorly lit areas. If possible, your home should have a security system featuring hardwired door and window sensors, motion detectors, and audible sirens (indoor and outdoor). Consider integrated smoke and carbon monoxide detectors for safety. Don't overlook monitoring services, so the police or fire department can be automatically called during an emergency. Invest in good locks for your home, I recommend Medeco and Schlage Primus locks highly. Both Medeco and Schlage Primus locks are pick-resistant, bump-proof, and have key control (restricted copying systems). Exterior doors should be made of steel or solid-core wood and each should have locking hardware (locking doorknob or handle), an auxiliary lock (mortise deadbolt) with a reinforced strike plate, and a chain. Consider a fireproof (and waterproof) safe for the storage of important documents and valuables. A small safe can be carried away during a robbery, and simply opened at another location later, so be sure and get a safe you can secure to a physical structure (in-wall, in-floor, or secured to something reasonably considered immovable). You may be able to hide or obscure the location of your safe in order to obtain some additional security, but don't make it cumbersome for yourself to access. b. Computer Computers are easy to just pick up and take away, so the only goal you should have is to deter crimes of opportunity. For desktop computers, you may bring your desktop somewhere and an attacker may not be interested in the entire computer, but perhaps just an expensive component (video card) or your data (hard drive), and for that I suggest a well-built case with a locking side and locking front panel. There are a variety of case security screws available (I like the ones from Enermax (UC-SST8) as they use a special tool), or you can use screws with less common bits (such as tamper resistant Torx screws) to secure side panels and computer components. There are also cable lock systems available for desktop computers to secure them to another object. For laptop computers, you are going to be primarily concerned about a grab-and-go type robbery. There are a variety of security cables available from Kensington, which lock into the Kensington lock slot found on nearly all laptops, which you can use to secure it to another object (a desk or table, for example). Remember though, even if it's locked to something with a cable, it doesn't make it theft-proof, so keep an eye on your belongings. c. Personal Always be aware of your surroundings. Use your judgment, if you feel an area or situation is unsafe, avoid it altogether or get away as quickly and safely as possible. Regarding hand to hand combat, consider a self-defense course. Don't screw around with traditional martial arts (Karate, Aikido, Kung-Fu), and stay away from a McDojo. You should consider self-defense techniques like Krav Maga if you are serious about self defense in a real life context. I generally don't advocate carrying a weapon on your person (besides the legal mess that may be involved with use of a weapon, even for self-defense, an attacker could wrestle away a weapon and use it against you). If you choose to carry any type of weapon on your person for self-defense, I advise you to take a training course (if applicable) and to check with and follow the laws within the jurisdiction you decide to possess or carry such weapons. Dealing with the Police Be sure to read Know Your Rights: What to Do If You're Stopped by the Police a guide by the ACLU, and apply it. Its advice is for within the jurisdiction of the US but may apply generally elsewhere, consult with a lawyer for legal advice. You should a;so watch the popular video "Don't talk to the police!" by Prof. James Duane of the Regent University Law School for helpful instructions on what to do and say when questioned by the police: (Mirror: regent.edu) Travelling Abroad Be sure and visit the State Department or Travel Office for your home country before embarking on a trip abroad. Read any travel warnings or advisories, and they are a wealth of information for travelers (offering guides, checklists, and travel advice): (US, UK, CA). 2. Network Security As this is a guide geared towards a home or home office network, the central theme of network security is going to be focused around having a hardware firewall behind your broadband modem, along with a software firewall installed on each client. Since broadband is a 24/7 connection to the internet, you are constantly at risk of attack, making both a hardware and software firewall absolutely essential. a. Hardware Firewall A hardware firewall (router) is very important. Consider the hardware firewall as your first line of defense. Unfortunately, routers (usually) aren't designed to block outbound attempts from trojans and viruses, which is why it is important to use a hardware firewall in conjunction with a software firewall. Be sure that the firewall you choose features SPI (Stateful Packet Inspection). Highly Recommended I recommend Wireless AC (802.11ac) equipment, as it is robust and widely available. Wireless AC is backwards compatible with the earlier Wireless N (802.11n) G (802.11g) and B (802.11b) standards. 802.11ac supports higher speeds and longer distances than the previous standards, making it highly attractive. I generally recommend wireless networking equipment from Ubiquiti or Asus. Use WPA2/WPA with AES if possible, and a passphrase with a minimum of 12 characters. If you are really paranoid, use a strong random password and remember to change it every so often. Alternatives A spare PC running SmoothWall or IPCop, with a pair of NIC's and a switch can be used to turn a PC into a fully functional firewall. b. Software Firewall A software firewall nicely compliments a hardware firewall such as those listed above. In addition to protecting you from inbound intrusion attempts, it also gives you a level of outbound security by acting as a gateway for applications looking to access the internet. Programs you want can access the internet, while ones you don't are blocked. Do not use multiple software firewalls simultaneously. You can actually make yourself less secure by running two or more software firewall products at once, as they can conflict with one another. Check out Matousec Firewall Challenge for a comparison of leak tests among top firewall vendors. Leaktests are an important way of testing outbound filtering effectiveness. Highly Recommended Comodo Internet Security Comodo is an easy to use, free firewall that provides top-notch security. I highly recommend this as a first choice firewall. While it includes Antivirus protection, I advise to install it as firewall-only and use an alternate Antivirus. Alternatives Agnitum Outpost Firewall Free A free personal firewall that is very secure. Be sure to check out the Outpost Firewall Forums, to search, and ask questions if you have any problems. Online Armor Personal Firewall Free Online Armor Personal Firewall makes another great choice for those who refuse to run Comodo or Outpost. Online Armor 3. Hardening Windows Windows can be made much more secure by updating its components, and changing security and privacy related settings. a. Pre-install Hardening Pre-install hardening has its primary focus on integrating the latest available service packs and security patches. Its secondary focus is applying whatever security setting tweaks you can integrate. By integrating patches and tweaks, you will be safer from the first boot. Step 1 - Take an original Windows disc (Windows 7 or later) and copy it to a folder on your hard drive so you can work with the install files. Step 2 - Slipstream the latest available service pack. Slipstreaming is a term for integrating the latest service pack into your copy of windows. Step 3 - Integrate the latest available post-service pack updates. This can be done with a utility such as nLite or vLite, and post-service pack updates may be available in an unofficial collection (such as the RyanVM Update Pack for XP). Step 4 - Use nLite (Windows 2000/XP) or vLite (Windows Vista/7) to customize your install. Remove unwanted components and services, and use the tweaks section of nLite/vLite to apply some security and cosmetic tweaks. Step 5 - Burn your newly customized CD, and install Windows. Do not connect the computer to a network until you install a software firewall and anti-virus. b. Post-Install Hardening If you have followed the pre-install hardening section, then your aim will be to tweak settings to further lock down windows. If you hadn't installed from a custom CD, you will need to first update to the latest service pack, then install incremental security patches to become current. After updating, you'll then disable unneeded Windows services, perform some security tweaks, and use software such as xpy to tweak privacy options. Disable Services Start by disabling unneeded or unnecessary services. By disabling services you will minimize potential security risks, and use fewer resources (which may make your system slightly faster). Some good guides on disabling unnecessary services are available at Smallvoid: Windows 2000 / Windows XP / Windows Vista. Some commonly disabled services: Alerter, Indexing, Messenger, Remote Registry, TCP/IP NetBIOS Helper, and Telnet. Security Tweaks I highly recommend using a strong Local Security Policy template as an easy way to tweak windows security options, followed by the registry. Use my template (security.inf) to easily tweak your install for enhanced security (Windows 2000/XP/Vista/7): 1. Save the following attachment: (Download Link Soon!) 2. Extract the files. 3. Apply the Security Policy automatically by running the included "install.bat" file. 4. (Optional) Apply your policy manually using the following command: [ secedit /configure /db secedit.sdb /cfg "C:\<Path To Security.inf>\<template>.inf" ] then refresh your policy using the following the command:[ secedit /refreshpolicy machine_policy ] (Windows 2000), [ gpupdate ] (Windows XP/Vista/7) This template will disable automatic ("administrative") windows shares, prevent anonymous log on access to system resources, disable (weak) LM Password Hashes and enable NTLMv2, disable DCOM, harden the Windows TCP/IP Stack, and much more. Unfortunately my template can't do everything, you will still need to disable NetBIOS over TCP (NetBT), enable Data Execution Prevention (AlwaysOn), and perform other manual tweaks that you may use. Privacy Tweaks xpy (Windows 2000/XP) and vispa (Windows Vista/7) These utilities are great for modifying privacy settings. They supersede XP AntiSpy because they include all of XP Anti-Spy's features and more. You should use them in conjunction with the security tweaks I've listed above. c. Alternative Software Another simple way of mitigating possible attack vectors is to use software that is engineered with better or open security processes. These products are generally more secure and offer more features then their Microsoft counterparts. Highly Recommended Google Chrome (Web Browser) Mozilla Thunderbird (Email Client) OpenOffice.org (Office Suite) Alternatives Mozilla Firefox (Web Browser) Google Docs (Online) (Office Suite) Firefox Additions Mozilla has a Privacy & Security add-on section. There are a variety of add-ons that may appeal to you (such as NoScript). And although these aren't strictly privacy related, I highly recommend the AdBlock Plus add-on, with the EasyList and EasyPrivacy filtersets. d. Keep Windows Up-To-Date Speaking of keeping up-to-date, do yourself a favor and upgrade to at least Windows XP (for older PC's) and Windows 7 (or later) for newer PC's. Be sure to keep up-to-date on your service packs, they're a comprehensive collection of security patches and updates, and some may add minor features. Microsoft Windows Service Packs Windows 2000 Service Pack 4 with Unofficial Security Rollup Package Windows XP Service Pack 3 with Unofficial Security Rollup Package Windows XP x64 Service Pack 2 with Unofficial Security Rollup Package Windows Vista Service Pack 2 Windows 7 Service Pack 1 Microsoft Office Service Packs Office 2000 Service Pack 3 with the Office 2007 Compatibility Pack (SP3). Office XP (2002) Service Pack 3 with the Office 2007 Compatibility Pack (SP3). Office 2003 Service Pack 3 with the Office 2007 Compatibility Pack (SP3) and Office File Validation add-in. Office 2007 Service Pack 3 with the Office File Validation add-in. Office 2010 Service Pack 1 After the service pack, you still need to keep up-to-date on incremental security patches. Windows supports Automatic Updates to automatically update itself. However, if you don't like Automatic Updates: You can use WindowsUpdate to update windows periodically (Must use IE5 or greater, must have BITS service enabled), or you can use MS Technet Security to search for and download patches individually, or you can use Autopatcher, an unofficial updating utility. In addition to security patches, remember to keep virus definitions up-to-date (modern virus scanners support automatic updates so this should not be a problem), and stay current with latest program versions and updates, including your replacement internet browser and mail clients. 4. Anti-Malware There are many dangers lurking on the internet. Trojans, viruses, spyware. If you are a veteran user of the internet, you've probably developed a sixth-sense when it comes to avoiding malware, but I advocate backing up common sense with reliable anti-malware software. a. Anti-Virus Picking a virus scanner is important, I highly recommend Nod32, but there are good alternatives these days. Check out AV Comparatives for a comparison of scanning effectiveness and speed among top AV vendors. Highly Recommended Nod32 Antivirus $ I recommend Nod32 as a non-free Antivirus. Features excellent detection rates and fast scanning speed. Nod32 has a great heuristic engine that is good at spotting unknown threats. Very resource-friendly and historically known for using less memory than other AV's. There is a 30 day free trial available. Alternatives Avira AntiVir Personal I recommend Avira as a free Antivirus. Avira is a free AV with excellent detection rates and fast scanning speed. (Kaspersky no longer recommended, due to espionage concerns.) Online-Scanners Single File Scanning Jotti Online Malware Scan or VirusTotal These scanners can run a single file through a large number of different Antivirus/Antimalware suites in order to improve detection rates. Highly recommended. Whole PC Scanning ESET Online Scanner Nod32 Online Antivirus is pretty good, ActiveX though, so IE only. There is a beta version available that works with Firefox and Opera. b. HIPS / Proactive Defense Host-based intrusion prevention systems (HIPS) work by disallowing malware from modifying critical parts of the Operating System without permission. Classic (behavioral) HIPS software will prompt the user for interaction before allowing certain system modifications, allowing you stop malware in its tracks, whereas Virtualization-based HIPS works primarily by sandboxing executables. Although HIPS is very effective, the additional setup and prompts are not worth the headache for novice users (which may take to just clicking 'allow' to everything and defeating the purpose altogether). I only recommend HIPS for intermediate or advanced users that require a high level of security. Highly Recommended I highly recommend firewall-integrated HIPS solutions. Comodo Defense+ is a classic HIPS built into Comodo Internet Security, and provides a very good level of protection. Outpost and Online Armor provide their own HIPS solutions, and the component control features of the firewalls are powerful enough to keep unwanted applications from bypassing or terminating the firewall. If you want to use a different HIPS, you can disable the firewall HIPS module and use an alternative below. Alternatives Stand-alone HIPS solutions are good for users who either don't like the firewall built-in HIPS (and disable the firewall HIPS), or use a firewall without HIPS features. HIPS based on Behavior (Classic) ThreatFire ThreatFire provides a strong, free behavioral HIPS that works well in conjunction with Antivirus and Firewall suites to provide additional protection. HIPS based on Virtualization DefenseWall HIPS $ DefenseWall is a strong and easy-to-use HIPS solution that uses sandboxing for applications that access the internet. GeSWall Freeware GeSWall makes a nice free addition to the HIPS category, like DefenseWall it also uses sandboxing for applications that access the internet. Dealing with Suspicious Executables You can run suspicious executables in a full featured Virtual Machine (such as VMware) or using a standalone sandbox utility (such as Sandboxie) if you are in doubt of what it may do (though, you may argue that you shouldn't be running executables you don't trust anyway). A more advanced approach to examining a suspicious executable is to run it through Anubis, a tool for analyzing the behavior of Windows executables. It displays a useful report with things the executable does (files read, registry modifications performed, etc.), which will give you insight as to how it works. c. Malware Removal I recommend running all malware removal utilities on-demand (not resident). With a firewall, virus scanner, HIPS, and some common sense, you won't usually get to the point of needing to remove malware... but sometimes things happen, perhaps unavoidably, and you'll need to remove some pretty nasty stuff from a computer. Highly Recommended Anti-Spyware Spybot Search & Destroy Spybot S&D has been around a long time, and is very effective in removing spyware and adware. I personally install and use both Spybot & Ad-Aware, but I believe that Spybot S&D has the current edge in overall detection and usability. Anti-Trojan Malwarebytes' Anti-Malware Malwarebytes has a good trojan detector here, and scans fast. Anti-Rootkit Rootkit Unhooker RKU is a very advanced rootkit detection utility. Alternatives Anti-Spyware Ad-Aware Free Edition Ad-Aware is a fine alternative to Spybot S&D, its scanning engine is slower but it is both effective and popular. Anti-Trojan a-squared (a2) Free a-squared is a highly reputable (and free) trojan scanner. Anti-Rootkit IceSword (Mirror) IceSword is one of the most capable and advanced rootkit detectors available. 5. Information and Data Security Data can be reasonably protected using encryption and a strong password, but you will never have complete and absolute anonymity on the internet as long as you have an IP address. a. Privacy / Anonymity Anonymity is elusive. Some of the following software can help you achieve a more anonymous internet experience, but you also must be vigilant in protecting your own personal information. If you use social networking sites, use privacy settings to restrict public access to your profile, and only 'friend' people you know in real life. Don't use (or make any references to) any of your aliases or anonymous handles on any websites that have any of your personal information (Facebook, Amazon, etc..). You should opt-out from information sharing individually for all banks and financial institutions you do business with using their privacy policy choices. You should opt-out of preapproved credit offers (US), unsolicited commercial mail and email (US, UK, CA), and put your phone numbers on the "Do Not Call" list (US, UK, CA). Highly Recommended Simply install and use Tor with Vidalia to surf the internet anonymously. It's free, only downside is it's not terribly fast, but has fairly good anonymity, so it's a tradeoff. Keep in mind its for anonymity not for security, so make sure sites you put passwords in are SSL encrypted (and have valid SSL certificates), and remember that all end point traffic can be sniffed. You can use the Torbutton extension for Firefox to easily toggle on/off anonymous browsing. POP3/IMAP and P2P software won't work through Tor, so keep that in mind. Portable Anonymous Browsing The Tor Project now has a "Zero-Install Bundle" which includes Portable Firefox and Tor with Vidalia to surf anonymously from a USB memory stick pretty much anywhere with the internet. It also includes Pidgin with OTR for encrypted IM communications. Note: These won't protect you from Trojans/Keyloggers/Viruses on insecure public terminals. Never type important passwords or login to important accounts on a public computer unless it is absolutely necessary! Alternatives I2P functions similar to Tor, allowing you to surf the general internet with anonymity. IPREDator $ is a VPN that can be used to anonymize P2P/BitTorrent downloads. Freenet is notable, but not for surfing the general internet, it's its own network with its own content. b. Encryption For most people, encryption may be unnecessary. But if you have a laptop, or any sort of sensitive data (whether it be trade secrets, corporate documents, legal or medical documents) then you can't beat the kind of protection that encryption will offer. There are a variety of options available today, including a lot of software not listed here. A word to the wise, please, please don't fall for snake oil, use well established applications that use time tested (and unbroken) ciphers. Regardless of what software you use, the following "what to pick" charts will apply universally. If you have to pick an encryption cipher: Best: AES (Rijndael) (128-bit block size) Better: Twofish (128-bit block size), Serpent (128-bit block size) Good: RC6 (128-bit block size) Depreciated: Blowfish (64-bit block size), CAST5 (CAST-128) (64-bit block size), Triple-DES (64-bit block size) When encrypting large volumes of data, it is important to pick a cipher that has a block size of at least 128-bytes. This affords you protection for up to 2^64x16 bytes (264 exabytes) . 64-bit block ciphers only afford protection of up to 2^32x8 bytes (32 gigabytes) so using it as a full disk or whole disk encryption cipher is not recommended. The depreciated list is only because some of you might be stuck using software that only supports older encryption methods, so I've ordered it from what I feel is best to worst (though all three that are on there are pretty time tested and if properly implemented, quite secure). If you have to pick a hash to use: Best: Whirlpool (512-bit) Better: SHA-512 (512-bit), SHA-256 (256-bit) Good: Tiger2/Tiger (192-bit), RIPEMD-160 (160-bit) Depreciated: RIPEMD-128, SHA-1, MD-5. With all the recent advances in cryptanalysis (specifically with work on hash collisions) These days I wouldn't trust any hash that is less than 160-bits on principle. To be on the safe side, use a 192-bit, 256-bit, or 512-bit hash where available. There will be cases where your only options are insecure hashes, in which case I've ordered the "depreciated" list from best to worst (they are all varying levels of insecure). Many older hashes (MD4, MD2, RIPEMD(original), and others) are totally broken, and are not to be used. A quick software rundown, these applications are popular and trusted: Highly Recommended Freeware Whole Disk Encryption TrueCrypt Based upon E4M, TrueCrypt is a full featured disk encryption suite, and can even be run off a USB memory stick. TrueCrypt supports the whole disk encryption of Windows, with pre-boot authentication. Very nice. If you can't use whole-disk encryption (WDE), you can use the TCTEMP add-on to encrypt your swapfile, temp files and print spooler, and you can use the TCGINA add-on to encrypt your windows home directory. (Note: TCTEMP/TCGINA is less secure than WDE, and only preferable if WDE is not an option. WDE is highly recommended.) Freeware PKI Encryption GnuPG (GPG) GnuPG provides public-key encryption, including key generation and maintenance, signing and checking documents and email messages, and encryption and decryption of documents and email messages. Freeware Email Encryption Enigmail Enigmail is truly a work of art, it integrates with GnuPG and provides seamless support for encryption and decryption of email messages, and can automatically check PGP signed documents for validity. (Enigmail requires both Mozilla Thunderbird and GnuPG) Alternatives Encryption Suite (with Whole Disk and Email Encryption) PGP Full Disk Encryption $ PGP provides public-key encryption, including key generation and maintenance, signing and checking documents and email messages, encryption and decryption of documents and email messages, volume disk encryption, whole disk encryption, outlook integration, and instant messenger encryption support. c. Backup, Erasure and Recovery // This section is under construction. Backups Your data might be safe from prying eyes, but what if you are affected by hardware failure, theft, flood or fire? Regular backups of your important data can help you recover from a disaster. You should consider encryption of your backups for enhanced security. Local Backup Cobian Backup Cobian Backup is a fully-featured freeware backup utility. SyncBack Freeware, Macrium Reflect Free SyncBack Freeware and Macrium Reflect Free are feature-limited freeware backup utilities. Off-site Backup SkyDrive (25GB, filesize limited to 100MB), box.net (5GB) SkyDrive and box.net offer free online storage, useful for easy offsite backups. Be sure to utilize encrypted containers for any sensitive documents. Data Destruction It would be better to have your data residing in an encrypted partition, but sometimes that may not be possible. When sanitizing a hard drive, I recommend using a quality Block Erase tool like DBAN followed by a run-through with ATA Secure Erase if you really want a drive squeaky clean. Block erasing is good for data you can normally reach, but ATA secure erase can hit areas of the drive block erasers can't. As for multiple overwrite passes, there is no proof that data overwritten even one time can be recovered by professional data recovery corporations. For moderate security, a single pseudorandom block-erase pass (random-write) followed by an ATA Secure Erase pass (zero-write) is sufficient to thwart any attempts at data recovery. For a high level of security, a "DoD Short (3 pass)" block-erase pass followed by an ATA Enhanced Secure Erase will ensure no recovery is possible. Single-File/Free Space Erase If you are interested in just erasing single files or wiping free space, you can use the Eraser utility. Block Erase For hard drive block-erasure, use DBAN. ATA Secure Erase For ATA Secure Erasing, use the CMRR Secure Erase Utility. CMRR Secure Erase Protocols (.pdf) http://cmrr.ucsd.edu...seProtocols.pdf NIST Guidelines for Media Sanitation (.pdf) - http://csrc.nist.gov...800-88_rev1.pdf File Recovery Software This is kind of the opposite of data destruction. Keep in mind no software utility can recover properly overwritten data, so if it's overwritten there is no recovery. Highly Recommended Recuva Recuva is an easy to use GUI-based recovery utility. Alternatives TestDisk and PhotoRec These tools are powerful command-line recovery utilities. TestDisk can recover partitions, and PhotoRec is for general file recovery. Ontrack EasyRecovery Professional $ EasyRecovery is one of the best paid utilites for file recovery. d. Access Control (Passwords, Security Tokens) // This section is under construction. Secure Passwords //Section under construction. Your security is only as strong as its weakest password. There are a few basic rules to follow when creating a strong password. Length - Passwords should be at least 12 characters long. When possible, use a password of 12 or more characters, or a "passphrase". If you are limited to using less than 12 characters, you should try and make your password as long as allowable. Complexity - Passwords should have an element of complexity, a combination of upper and lowercase characters, numbers, and symbols will make your passwords much harder to guess, and harder to bruteforce. Uniqueness - Passwords should avoid containing common dictionary words, names, birthdays, or any identification related to you (social security, drivers license, or phone numbers for example). Secret - If you have a password of the utmost importance, do not write it down. Do not type them in plain view of another person or share them with anyone. Avoid use of the same password in multiple places. Security Tokens Security Tokens are cryptographic devices that allow for two-factor authentication. Google Titan Yubikey 5 Series 6. Conclusion And here we are at the end! I would like to thank all of you for taking the time to read my guide, it's a few (slow) years in the making and I've kept it up to date. This guide is always changing, so check back from time to time. Revision 1.10.020 Copyright © 2004-2012 Malakai1911, All Rights Reserved The information contained within this guide is intended solely for the general information of the reader and is provided "as is" with absolutely no warranty expressed or implied. Any use of this material is at your own risk, its authors are not liable for any direct, special, indirect, consequential, or incidental damages or any damages of any kind. This guide is subject to change without notice. Windows_Security_Template__1.10.015_.zip
  2. Brian12

    Malware Removal Guide

    "This guide will help you remove malicious software from your computer. If you think your computer might be infected with a virus or trojan, you may want to use this guide. It provides step-by-step instructions on how to remove malware from Windows operating system. It highlights free malware removal tools and resources that are necessary to clean your computer. You will quickly learn how to remove a virus, a rootkit, spyware, and other malware." Guide: http://www.selectrealsecurity.com/malware-removal-guide I'll be posting updates. :)
  3. A complete NoScript Security suite extension guide for the Firefox web browser version 57 and newer. The developer of the popular Firefox security add-on NoScript launched a Firefox 57 compatible version of the extension shortly after the release of the Firefox 57 browser. He worked with Mozilla to create the new version of NoScript and implemented options to migrate settings from classic versions of NoScript to the new version. The initial version received mixed reviews. Some users heralded the effort and were happy that NoScript was available for Firefox 57 and newer, others did not like the new user interface or criticized missing functionality. Now that the dust has settled, it is time to publish an updated guide for NoScript for Firefox 57 or newer. The NoScript for Firefox guide NoScript Security Suite is a browser extension for the Firefox web browser designed to give users control over the content that sites may run. The extension blocks JavaScript execution by default which improves security and privacy significantly. NoScript supports other features, XSS and clickjacking attack protections and other security enhancing features. The NoScript interface The main interface of the extension changed completely in the new version. The classic version of NoScript listed connections in list view on activation, the new version of NoScript uses a matrix instead similarly to how uMatrix handles connections. The interface displays a button toolbar at the top and below it the list of domains. NoScript lists the current domain at the top all the time and below it the third-party connections of the page. The padlock symbol displayed next to domains indicates that the connection to it uses HTTPS. Note that the padlock symbol is not displayed for some trust levels. Setting trust levels for domains Each domain listed by NoScript in its interface has a trust level associated with it. Default -- JavaScript execution is blocked as are objects, media, fonts, and WebGL. Trusted -- Allow JavaScript execution and other elements. Trusted Temporarily -- Allow JavaScript execution and the loading of other elements for the session or until revoked whichever is first. Untrusted -- Everything is blocked. Custom -- Gives you options to allow or disallow elements individually. You may make these temporary by clicking on the "nearly invisible" temp button next to custom. Each domain listed by NoScript has one trust level associated with it. A click on another trust level in a row switches it to the new one automatically. The NoScript options reveal the preset permissions for "default", "trusted", and "untrusted". There you may also change the default presets by adding or removing checkmarks. The elements that NoScript distinguishes between are: Script -- Any type of script the site attempts to execute. Object -- The HTML object tag. Media -- Media elements. Frame -- Frames that the site attempts to load. Font -- Font elements. WebGL -- WebGL elements. Fetch -- requests that use fetch APIs. Other -- unknown. The button toolbar Seven buttons are displayed on the button toolbar in the latest version of NoScript for Firefox. They are, from left to right: Close the interface. Reload the page. Open the Options. Disable restrictions globally. Disable restrictions for this tab. Set all on the page to temporarily trusted. Revoke temporary permissions. NoScript adds a context menu item to the right-click menu automatically. It has limited use though; a click on it displays the main NoScript interface at the top of the browser UI. You can disable the context menu entry in the options. Using NoScript Understanding how NoScript trust levels work is essential to using the extension to its fullest potential. NoScript indicates blocked items in its icon when you load sites in the Firefox browser. A click on the icon displays the connections the extension recognized and trust levels for each site. Note that these may not be all connections a site makes. Since you don't allow the execution of scripts by default, sites may not be able to initiate all third-party connections right away. If you allow scripts to run on the main domain, you may notice that it attempts to make additional connections when those get loaded. Tip: Hover over any domain listed by NoScript and click on it to open a page that is full of links to privacy and security services only to display information about the domain. It may not be necessary to make any changes to trust levels if the site functions properly. You may notice however that some features may not work properly on first connect. Since scripts and other elements are blocked by default, you may notice all sorts of issues related to that. Sites use scripts and other elements for a variety of things, from verifying form submissions and playing videos to often unwanted things such as advertisement or tracking. Changing a domain's trust level to "trusted" or "temporarily trusted" allows it to load additional elements whereas a trust level of "untrusted" prevents even more elements. Note that trusted and untrusted are permanent changes that remain available. Troubleshooting a site comes into play when you notice that site functionality is not available and suspect it is because of the protections that NoScript provides. You have a couple of options to deal with the issue. You could temporarily allow a domain or use the custom trust level to set permissions individually for elements. I'm not a fan of using the "allow all globally" or "allow all for the tab" options as they are often too broad. While they are comfortable, as you only need to press some buttons to get sites to work, using them eliminates most of the protective functionality of NoScript. NoScript comes with a whitelist that includes sites by default. You may want to check it in the options under "per-site permissions" to make sure that you trust them all. There is unfortunately no option to remove sites that are on the list by default but you can change the level from trusted to default or even untrusted. If you migrated from a previous version of NoScript, you should see all custom sites there. Check out our guide on using NoScript efficiently for tips on getting the most out of the extension. It offers ten tips, for instance what you may want to do if a site does not load properly with NoScript enabled. The options The options are somewhat limited at this point in time especially when you compare them to the options of the classic version of NoScript. The NoScript settings are divided into four tabs right now that offer the following functionality: General -- Configure preset permissions for the states Default, Trusted, and Untrusted. Also, enable "disable restrictions globally" and "temporarily set top-level sites to Trusted". Per-site Permissions -- displays all custom (non-default) permissions. Search included. Appearance -- hide the context menu item, disable the count badge of the icon, and enable the listing of full addresses in the permissions popup. Advanced -- manage XSS protection and enable debugging. Options can be reset, imported, or exported. Resources Official NoScript website: https://noscript.net/ NoScript on Mozilla AMO: https://addons.mozilla.org/firefox/addon/noscript/ NoScript GitHub: https://github.com/hackademix/noscript Source
  4. As soon as you start up a new Android phone, you get prompted to sign in with your Google account—but what if you don’t want to do that? Maybe you want to take advantage of Android but limit what Google knows about you, or maybe you just prefer the alternative apps; whatever the case, here’s how to live a Google-free Android life. Right from the start we’ll be honest and say it’s not easy using Android without Google—but it is possible. If you want a more convenient life, then you need to sign right in when prompted. The big miss if you don’t is the Google Play Store, but here we’ll show you how to get around that and various other obstacles along the way. We’re assuming you’re starting with a brand new Android phone fresh from the factory. You can de-Google-ify an existing Android handset, but you’ll need to reset it first through the Settings app, to get back to the original setup screen. That means all your existing apps and data get wiped, so you’ll need backups of all your important stuff somewhere. Setting up Android Welcome to your new (or factory reset) Android phone! The prompt to sign in with Google arrives about five screens in, after you’ve chosen your language and connected up to wifi. When you’re prompted to sign in, hit Skip instead, then hit Skip again to confirm that yes, you really do want to use Android without a Google account. A couple of screens later, Google very kindly asks if you want to opt in to some extra Google services: Location tracking and system diagnostic reports. If you’re not happy with either or both of these options, turn the relevant toggle switches off, then hit Agree to continue (you can’t use a phone with regular Google-provided Android on it without agreeing to some basic terms and conditions). And... you should then be in. Don’t worry if you see a few Google apps, because they won’t be connected to anything—Google Photos, for example, can work as a local image library manager without actually connecting to the cloud or a Google account. If there are any apps you want to get rid of, long-press on their icon and drag the icon up to the Uninstall link at the top. YouTube works perfectly well without a Google account to sign into, though you obviously don’t get access to any personalized apps or any of your playlists. Google Maps is another app that will work without a Google account if it’s pre-installed, though again you don’t get all the personal customizations. It’s important to note that a Google account handles various aspects of syncing and backing up Android as well, and you’re going to have to hunt around for alternative solutions. You won’t get Google Contacts synced over, for example—fine if you don’t want to use Google Contacts, but you’ll need to get something else in place or build up your contacts list from scratch on the phone itself. And these apps will still want to log data and information about you, even if Google doesn’t. As always, you can manage the permissions an app has (and the data it can therefore collect), up to a point—head to Settings and tap Apps & notifications, then App permissions to see a list and make any changes you deem necessary. Getting your apps The big miss if you don’t connect your Android phone to your Google account is the Google Play Store: Try and load up the Play Store app and you’ll just be met with the sign in screen again. To get around this, you need to start sideloading apps through your Android phone’s web browser. In times gone by you would need to authorize “unknown” apps (not from the Play Store) in Settings, but modern versions of Android ask for authorization on an app-by-app basis. You’ve got two choices here: Either embrace the Amazon App Store, which isn’t as comprehensive as Google’s but has most of the big-name apps, or transfer apps over one by one as you need them from the excellent APKMirror repository. Choose the former for an easier life (including automatic updates for your apps), or the latter for more control over your phone. If you’re taking the Amazon route, go to www.amazon.com/androidapp on your phone and follow the instructions on screen—you will have to confirm that you are ready to risk installing apps downloaded outside the Play Store, and tap through a couple of security warnings along the way. With that done, sign in with your Amazon account, and away you go. You get a lot of the major apps (Netflix, Spotify, Facebook, Instagram), though there are some omissions too (Snapchat, YouTube). Google’s apps are nowhere to be seen, but that’s the whole point of this exercise, isn’t it? The Amazon App Store doesn’t have the polish of its Google counterpart but it will keep everything updated and sorted for you. You can install apps straight from APKMirror instead of, or as well as, from the Amazon App Store. Head to the site in your browser, or download files on your computer and transfer them over through your file syncing tool of choice or via a USB cable. Again, you’ll need to tap through a series of security warnings as you install apps, but APKMirror is a reputable source (just don’t install anything too esoteric, just to be sure). APKMirror is likely to have most of the apps you need, though—as with the Amazon App Store—some of the latest games titles might be missing. You also can’t download any apps that cost money—these are strictly free apps. The other disadvantage is that your apps don’t auto-update, so you need to remember to do this manually on a semi-regular basis (APKUpdater is a decent effort at automating this process for Android versions up to 7.1). As you’re probably aware, you’ve got all kinds of alternative options for replacing Google apps: Outlook instead of Gmail, Firefox instead of Chrome, OneDrive instead of Google Drive, Flickr instead of Google Photos, MapQuest instead of Google Maps, DuckDuckGo instead of Google search and so on. To really rub salt into Google’s wounds, you could even try Apple Music. You might also have some alternative options from whichever company made your Android phone. Manufacturers like Samsung and OnePlus have some very competent apps for handling the basics of phone use that you can deploy instead of Google’s own apps (including, possibly, an app for managing your contacts). Less extreme and more extreme options You can tailor your approach to be more or less anti-Google, as you feel necessary. If you don’t want the hassle of an alternative app store, you can sign into the Play Store and get all the apps you need, without touching Google’s native apps like Gmail or Google Maps. As a result you’ll be giving Google a bit more information about yourself and about how you’re using your device, but you might consider the trade-off worth it for the extra convenience. Maybe install the Microsoft Launcher from the Google Play Store as an easy way of avoiding Google’s native apps and search, then stick to the non-Google apps we’ve already listed above. Alternatively you could go full-on anti-Google and install an entirely new version of Android—something like LineageOS. You’re going to need a device that works with the custom ROM, and the patience and know-how to flash it, but you’ll be left with a completely Google-free phone at the end of the process. Bear in mind that if you flash an alternative OS on your phone, you won’t have access to Google Play Services, which many popular and well-known apps rely on to work—especially when location access is required. You can add this on top of LineageOS, but that sort of defeats the process of installing a separate mobile operating system in the first place. The open source app store F-Droid (above) covers an impressive number of bases, and features apps you can use free of Google influence (including Google Play Services), but you’re also going to have to do without big-hitters such as Facebook, Spotify, Netflix and so on. Fine for those who yearn for the days of feature phones, not so great for the rest of us. It really depends on how much time and effort you want to invest and how little Google you want in your life, but you should find something that works for you. Ultimately you can get Android running with little or no Google influence—though perhaps not as easily as some EU regulators would like. Source
  5. With everyone from local scammers to government agencies trying to get hands on your data, there’s never been a better time to beef up your privacy game. Fortunately, there are a ton of options out there to keep your messages, files, and phone safe on Android. Before we begin, we should point this out: using a smartphone is always going to be a risk. Especially one running services from Google. You can use these tips and apps to protect some of your communication, but you’re never going to be totally off the grid as long as you’re using an Android phone. That doesn’t mean you have to make it easy on an attacker, though. Change These System Settings to Protect Your Privacy When you first get your phone, it’s a good time to start protecting yourself. During the setup, make sure you disable any options asking to track your data. After that (or if you’ve already set up your phone), there are a number of precautions you can and should take. We recommend everything on the following list, but they all come with some convenience sacrifice, so decide for yourself which ones you need: Set a strong alphanumeric password. Android gives you the option to use a pattern or PIN to lock your phone, but to be safe, you should use a strong alphanumeric password. Open the Settings app and head to Security > Screen Lock. Set a password that includes numbers and letters. Don’t use your fingerprint to sign in. Fingerprint sensors are convenient, but the law around them is complicated. While it’s still being hashed out in the courts, currently police can compel you to use your fingerprint to unlock your phone. It’s better to just not use it at all. On Nexus and Pixel devices, head to Settings > Security > Pixel Imprint and delete any fingerprints you’ve saved. Encrypt your phone (if it isn’t already). Some manufacturers don’t encrypt your phone by default. If you have to enter a PIN before the phone boots up, it’s probably encrypted already. Just to be sure, head to Settings > Security. Under Encryption, you should see “Encrypt phone.” If it says “Encrypted” below that, you’re good. Otherwise, tap it and follow the instructions to encrypt your phone. This may take a while and it may slow down some older phones, but it’s worth it to protect your data. Hide notification information from the lock screen. Android will show notifications even when your phone is locked, but you can hide sensitive information if you don’t want prying eyes to see. Head to Settings > Notifications then tap the gear icon at the top. Finally, tap “On the lock screen.” You can either choose “Hide sensitive notification content” to conceal things like messages and email contents, or “Don’t show notifications at all” to ensure no one sees anything. Disable Google’s tracking activity. Google is the biggest glutton for data around, so disabling their tracking is almost a Sisyphean task, but you can at least turn off as much as you can. Head to this link, click the menu button at the top, and choose “Activity Controls.” Here, you can disable location tracking, search tracking, voice tracking, and even your YouTube history. Note, Google may still keep some anonymized info about you, but this can minimize how much they have. Turn off Google backup. Google backs up a ton of information about your device, including call history, apps, and even what Wi-Fi network you’re connected to. If you’d rather Google not have that info, head to Settings > Backup & reset > Backup. You can either disable backups entirely (and make your own) or selectively disable the data you don’t want to store. Turn off any unnecessary app permissions. As of Android 6.0 (Marshmallow), Google finally lets you pick which permissions to give to apps. For starters, that means you should probably get an Android phone running Marshmallow if you’re concerned for your privacy. Then, head to Settings > Apps and tap the gear icon at the top. Then tap “App permissions.” Here you’ll be able to see permissions for things like Calendar, Contacts, Location, and Microphone. Tap each one and disable any apps you don’t trust. Keep in mind, this may break some apps if you’re not sure why they need that permission. If you’re really not sure you can trust an app, you might be better off uninstalling it. Turn on two-factor authentication. Your account is only as safe as your password (which isn’t very safe) unless you enable two-factor authentication. You can turn it on for your Google account here, and then for any of your other accounts on this list. It’s also a good idea to use an app like Authy to manage your authentication tokens, since it lets you lock the app with a PIN. This protects your tokens in the event someone steals and unlocks your phone. Enable Android Device Manager. ADM can find your phone remotely, so it might be a bit of a toss up from a privacy standpoint. On the one hand, it means Google will have information about where you are. However, you can also use it to locate or wipe your phone remotely. If you want that nuclear option in case you lose your device, this might be a good tool to have. That should handle a lot of the data and vulnerabilities that come with having an Android phone (though you should still assume there’s some kind of data being tracked from your account). However, that’s only part of the equation. Next, you’ll need to take a look at the apps you use every day. The Productivity Apps That Protect Your Privacy Most productivity apps are designed to help you get stuff done as conveniently as possible. Protecting your privacy, however, is rarely the most convenient. Consequently, you might need to use apps that are designed to protect as much data as possible, even if they have to forego useful features like cloud syncing or complex computer analysis. Some, like a VPN, you might not need all the time, but you should almost always be using apps like a password manager. Also keep in mind that if you received your phone from your company through the Android at Work program, your data will still be visible to them even if you use these apps. If you want to keep your information as private as possible, use your own phone and keep it as locked down as possible. Web Browser: Brave While lots of browsers claim to protect your privacy, we’ve found that Brave stood out as one of the best. It uses HTTPS Everywhere to keep your traffic encrypted and it blocks scripts, cookies, phishing, pop-ups, and ads. If you find that a site doesn’t work with Brave, you can selectively re-enable each of those features to figure out what’s breaking the site and even whitelist it if you decide it’s worth it to you. On the desktop, Brave has a weird system that lets users choose to pay publishers instead of seeing ads. However, this doesn’t appear to exist in the mobile version, so you can safely ignore it. It’s not perfect, but it gives you a lot more flexibility to block third-party data tracking than Chrome does. Email: ProtonMail or Gmail For the most thorough email privacy, ProtonMail is the way to go. It encrypts all of your messages by default. You can send email to other ProtonMail users and they’ll be able to read it like normal. If you send it to anyone else, they’ll be given a link where they’ll need to enter a password in order to read your message. This is a very inconvenient way to send email, but if you need to guarantee that no one but the recipient reads your email, this is the way to go. If you’re slightly less paranoid, Gmail is still an excellent way to keep your email private from everyone except, well, Google. Every email is sent over SSL and Google encrypts each message from sender to receiver. Unfortunately, Google itself is still able to see and scan your emails, and it may even have to turn some data over to the government if they receive a legal request. However, Gmail will at least protect your messages from some random snooper or someone who finds your phone (as long as you have a strong password and two-factor authentication, like we mentioned earlier). In general, email is pretty hard to secure since it always relies on a third-party server to send messages. If you’ve got a good reason to wear your tinfoil hat, you can always try rolling your own email server, but keep in mind it’s really hard. Messaging: Signal or WhatsApp If you really need to communicate with someone securely, Signal and WhatsApp are going to be much better for your privacy than email. Both of these apps feature end-to-end encryption, they don’t store your messages after they’ve been delivered, and they can both do voice calls on top of text messages. Inconveniently, both parties will need to have the app installed to use it, but it’s fairly easy to set up an account. For those who want the absolute most privacy possible, however, Signal offers a slight edge. It doesn’t store metadata about who you’re talking to, but WhatsApp does. Neither app knows what you’re talking about, but WhatsApp knows who you’re talking with and when. If WhatsApp receives a legal warrant, it can hand over that data. WhatsApp can also backup your messages to Google Drive, though they’re encrypted so that shouldn’t be that big of a deal. Even if law enforcement requested it from Google, they wouldn’t be able to read it. Still, it’s important to know that the backup is there. Password Manager: LastPass or 1Password The best way to protect a strong password is to not know what it is. Password managers can generate long, complicated passwords for you and automatically enter them into the sites you visit. Our favorite password managers are LastPass and 1Password. LastPass is free and lets you sync your password vault across platforms, but the downside is that it uses its own servers to do it. While your data is encrypted while it’s on LastPass’s servers, it’s still possible for it to get hacked if someone targets the company, which happened once. Their encryption was strong enough to prevent the attackers from gaining access to users’ stored passwords which is encouraging, but if you need to be super careful, you might not want to risk it. 1Password, on the other hand, offers two kinds of syncing. You can pay $3/month to sync your account through 1Passwords servers, or you can just use your own Dropbox account. You can also skip syncing altogether and store all your passwords in a local vault and manually copy them from one device to another when you need to. This makes sure that no one can get access to your vault, even if they attack a third-party. VPN: Hideman, Tunnelbear, or NordVPN Using a VPN is the most basic way to secure all of your web traffic. Once you connect to a VPN, your traffic is encrypted so no one snooping can see what you’re looking at. This is particularly useful when you’re on public networks where you might not control your internet connection. On this front, we like Hideman, NordVPN, and TunnelBear. Each service requires a monthly fee, but you get a small allotment of data for free each month. You won’t want to watch hours of Netflix with it, but it can help cover your traffic when you’re at the airport or hotel. Notes: Notes Lock Google Keep was a surprise hit for note takers, but you can’t lock your notes down and they’re all stored on Google’s servers to boot. Notes Lock on the other hand keeps all your notes on your device and secures them behind a pass code, PIN, or pattern lock (though for the best security, you should probably use the pass code). You can use Notes Lock to write down notes or create to-do lists in a variety of colors and fonts. Even as a generic notes app it’s pretty robust, which makes the security features the icing on the cake. If you want to sync your notes, you can choose to save your notes vault to Dropbox to share it between devices. Like with 1Password, this gives you more control over how your data is stored, rather than passing it off to a company like Google. Of course, this means someone could find your notes vault in Dropbox, but it will still be encrypted so they shouldn’t be able to read it anyway. Cloud Storage: SpiderOak Dropbox is pretty good at protecting your data, but if you need to go one step further, SpiderOak is the best way to store data in the cloud and keep it secure. The company employs a “zero knowledge” policy, using local encryption so it can’t read what’s in your files before you even upload them. SpiderOak doesn’t offer any free storage, but it offers 100GB/month for $5 which is competitive with services like Dropbox and Google Drive. This should be a good start to protecting your typical Android usage from prying eyes. Nothing in here (or anywhere, really) is 100% bulletproof, but you’ll be one step ahead of the pack, which is often enough to get your everyday attacker off your back. Article source
  6. How To Speed Up The Vivaldi Web Browser The following guide lists tweaks and suggestions on how to speed up the Vivaldi web browser to reduce lag and improve the browser's performance. Vivaldi is based on Chromium, and performance should not really be much of an issue because of this. However, the browser may feel sluggish or laggy at times, with actions like opening a new tab or switching to another tab being noticeably delayed. I noticed the tab delay issue recently on a modern system running Windows 10, and decided to look into it to find a solution. I did find the culprit after a while. If you open vivaldi://settings/all/ in a tab, all activities in the browser are delayed as long as the settings page remains open. So, make sure you close the settings when you are done modifying them. Speed up the Vivaldi web browser First thing I did was go through all browser settings to optimize the preferences for performance. Please note that some changes may reduce the functionality of the browser. If you cannot live without it, e.g. mouse gestures, then don't disable the option. vivaldi://settings/tabs/ -- I set the New Tab Page to "specific page" but without setting one. vivaldi://settings/tabs/ -- Disable "show popup thumbnails", "show tab thumbnails", "detect page title notifications", and "use unread indicators". This removes some eye candy from Vivaldi, and the highlighting of unread messages on select social media sites. vivaldi://settings/startup/ -- Make sure "lazy load restored tabs" is enabled if the browser is set to load the last session on start. vivaldi://settings/appearance/ -- Disable "use animation" and "use buttons in range controls". Try "use native window" to see if it makes a difference. vivaldi://settings/themes/ -- Edit the current theme, and make sure "accent color from active page" is disabled. vivaldi://settings/start-page/ -- Disable "show background image". vivaldi://settings/addressbar/ -- Disable "fast forward and rewind" vivaldi://settings/mouse/ -- Disable "allow gestures" and "allow rocker gestures". These settings may reduce some of the performance issues that you may experience when running the Vivaldi browser. The Task Manager Tip: I suggest you make use of the built-in Task Manager to monitor memory and CPU utilization of the browser, gpu, tabs and extensions. Extensions may slow down the browser, and you may want to disable some or even all to find out whether doing so improves the performance of the web browser. Vivaldi start up parameters Vivaldi supports pretty much the same startup parameters as Chromium and Google Chrome. While there may be some differences, you may use the following parameters to improve the browser's performance or resource usage further: --process-per-site This switches the multi-process model from using one process per page, to one process per site. Useful if you open multiple pages of the same site regularly at the same time, as you will save quite a bit of memory then. --disk-cache-dir=z:\vivaldi\ --disk-cache-size=104857600 This moves the disk cache that Vivaldi uses to drive z:\, and sets the maximum cache size to 100 Megabytes (the value is in bytes). If you have enough RAM, z: could be a ram disk to further improve the process. --enable-low-end-device-mode This enables low end device mode which improves memory consumption of the browser. --enable-low-res-tiling This enables low res tiling which helps on slower devices when scrolling pages. How to add the parameters On Windows, you right-click on the Vivaldi icon (for instance on the taskbar), and right-click on Vivaldi in the menu that opens. Select Properties in the menu that opens then, and add the parameters to the target field of the properties window. Make sure that there is a "blank" between the path and filename, and the first parameter, e.g. C:\Users\Martin\AppData\Local\Vivaldi\Application\vivaldi.exe --disk-cache-dir=Z:\Vivaldi\ --disk-cache-size=1073741824 Now You: Have another tip for improving Vivaldi's performance? Source
  7. Do It Yourself Online Safety FACT – If someone is really determined to find you, it isn’t very difficult to track you down especially if they are an abusive partner. Whether using real-life methods or tracing you using technology, it is always possible for someone to find you. Check out this cool test to find out how easily trackable you are. The good news – with Chayn’s DIY Online Safety guide (in 7 languages!), it’s a game you can beat them at! All of this through the helpful guidance of the Chayn Securikitties. Written in simple language, the guide will teach you everything you need to know about how you can be tracked – and how to hide your tracks on email, browsers, facebook and other platforms. This guide can be useful irrespective of your gender, location or situation. Read the guide in in English, Arabic, Spanish, French, Farsi, Pashto, Urdu and Russian. p.s. The guide is under a Share Alike 4.0 International license to feel free to use and distribute this! Starter pack https://chayn.gitbooks.io/basic-diy-online-privacy/content/ Advanced guide https://chayn.gitbooks.io/advanced-diy-privacy-for-every-woman/content/ Posted by chayn.co http://chayn.co/safety/
  8. Canonical Launches Ubuntu Tutorials Linux is arguably the most successful open source project in all of history. The success of the kernel -- and operating systems that use it -- are not due to any one man or woman. Actually, the achievements are thanks to the Linux community. In other words, it is a team effort -- developers, users, and more. For a Linux distribution, such as Ubuntu, to continue its progress, Canonical needs developers to remain interested -- this includes getting new people involved and educated. This week, the company launched Ubuntu Tutorials -- based on Google's open source Codelab. No, it is not self-learning for new workstation users, but for programmers and developers. "Ubuntu tutorials are a topic-specific walkthroughs, giving you a very practical experience on a particular domain. They are just like learning from pair programming except you can do it on your own! They provide a step-by-step process to doing development and devops activities on Ubuntu machines, servers or devices," says Canonical. The Ubuntu-maintainer further says, "You can as well work offline if you desire and always take your tutorials with you! Using the snap technology, we built a tutorial snap including the same content and the same technology as the one you can find on the website." Canonical shares the following details about the tutorials. Just as the Linux community is a group effort, so shall be Ubuntu Tutorials. You see, Canonical is asking for assistance in creating new tutorials. If you are interested in contributing to tutorials.ubuntu.com, the company shares the rather lengthy guidelines here. Will you participate in creating tutorials? If yes, tell me how in the comments below. Source
  9. Find Out If Your VPN Leaks Your IP Address Find out if your Virtual Private Network (VPN) connection leaks your computer's IP address and how it is leaked to plug the leak. Virtual Provider Networks (VPNs) are used for a variety of purposes. Common reasons include protecting one's privacy on the Internet, improving the security of the Internet connection, bypassing censorships and blocks, and using it for business purposes. If you use a VPN for privacy, regardless of whether that is your main reason for using it or just a nice addition, you may want to make sure that your "real" IP address is not leaked when you are connected to the VPN. The reason for this is simple: there is no privacy if the device IP leaks. The IP address links back to you directly. While a court order is usually required to link the IP to a name, it alone can reveal information such as the country and region you are connecting to directly. Find out if your VPN leaks your IP address It is suggested to verify that a VPN connection does not leak IP address information. I suggest you do so on every connect, but at least the first time you connect to it and maybe occasionally afterwards as well. There are plenty of sites out there that you can use for the purpose. Good news is that you only need to load one of them to find out whether your VPN leaks information. The site that I use frequently is IP Leak. You find other sites for that purpose listed on our privacy test resource listing. Note: It is recommended that you disable any script blocker (including ad-blockers) when you run the test as they may block scripts from running on the site that are required to give you an accurate reading. All you need to do is connect to the site, and wait for it to display the results of its analysis. This should not take longer than a couple of seconds. IP Leak tests the following: The IPv4 IP address. The IPv6 IP address. Whether WebRTC leaks the IP address. Whether DNS leaks the IP address. Whether a proxy is used (if not transparent). Torrent address detection. Geolocation detection. Look up of the IP address that reveals Tor and AirVPN use, ISP, organization, country, and more using public databases. User agent and system information. If you see different IP addresses or locations, say the correct one for the IPv4 IP address, and another for the IPv6 IP address, then there is a chance that third-parties that you connect to see both IP addresses as well. You may want to make sure that the IP address and the country that IP Leaks displays after the test matches the VPN Provider's network. Closing Words It is highly recommended to run tests regularly to find out if your VPN connection leaks your IP address. While you may not want to do so on each connect, I recommend you do so at least on first connect, on every software update, and every now and then in between. If you notice a leak, you may want to plug it before you start using the VPN. How that is done depends largely on the leak and the client you use to connect to the VPN. Some VPN providers provide leak protection options in the VPN clients that they provide their customers with. Now You: Talking about VPNs: which do you use and why? Source
  10. [Guide + Tested Fix] Windows Update in Windows 8.1[x86+x64]: Slow/Not Checking for Updates - High CPU/RAM Usage - Internet Usage but no updates detected - Last Update stays Days Ago or Never - No Internet Usage - Slow Installation Issues Many people fed up with Windows Update issues and many sites/forums and even the Microsoft Support requesting for a refresh/reset/reinstall/clean installation of the OS[Windows 8.1]. However, it is unnecessary if you follow the below tested guide. Also, those who have already done refresh/reset/reinstall/clean installation of the OS can make use of the fix in the end of the guide directly to fix Windows Update Issues. Many wonder when they install Windows 8, windows updates work fine but after upgrading to Windows 8.1, the issue starts again. Many of Windows troubleshooting guide including the Microsoft Support guides and everywhere ask users to Enable Automatic Updates and it'll download the necessary updates to fix the issue for recently installed OS devices[clean/fresh install]. However, this isn't working for most people. Also, the settings "Metered Connection", "Automatic Updates linked to Maintenance", Fast Startup and more settings hinder the normal fix on Windows 8/8.1 and later. Microsoft is really making things hard. If you wait for maintenance to fix, it won't. You'll either end up with maintenance completed but issue not fixed or maintenance doesn't run at set time. FYI: In my context, Windows Update corruption is mostly linked with inbuilt background tasks like Maintenance, Automatic Defragmentation and some of our own/scheduled/set time for "Sleep" or "Hibernate" settings/config. Note: Some sites/forums incl. Technet/Microsoft Support may recommend entering Audit Mode/OOBE Mode using Sysprep to check for updates and then boot to normal mode. However, it is currently reported by many that Windows Update doesn't detect any updates in this mode but stuck in checking for updates loop and also your OS may enter into Audit mode loop which mostly the tricks to come out doesn't work at all. It happened to me once. I had to re-install the OS completely again. Hence, please don't ever test it to fix Windows Update issues. FYI: In this guide, I'm not mentioning KB2919355 since the newer windows installation ISO already include this update. If you have a much older ISO, then you should check in "Installed Updates". If not found, download and install this update from here: x86 or x64. Please read install instructions and install the updates in the specified order or you'll land in a new trouble. Read "Steps to Avoid Searching for Updates Issue while using Standalone Installers" in the end of this post for faster installation initiation of standalone installer. Basic Steps: Note: Not applicable to recently installed OS devices[clean/fresh install] or if you recently used refresh/reset. Please skip the basic step and move to the next step. Others, follow the Basic Steps before proceeding to "Windows Update Fix - Tested". In Windows 8.1, if you experience issues with Windows Update, please follow the basic steps one after another. Check Connection Settings: Open "Internet Options" from IE or open Windows Explorer and copy paste "Control Panel\Network and Internet" and press enter. Click on "Connections" tab. Then click on "LAN Settings". Make sure "Automatically detect settings" is Enabled and others incl. Proxy are Unchecked. Now follow the further steps. Check Windows Update is turned on with proper setting and you have a stable internet connection: Note: Make sure that updates are turned on for other Microsoft Products and Services. You can check this here: Open Windows Update, you should see that: You receive updates stating "For Windows and other products from Microsoft Update". If it states, "Windows only", then click on "Change Settings" and check the box under "Microsoft Update". Inbuilt Windows Update Troubleshooter & Standalone Troubleshooter: Open Control Panel, Click "Find and Fix Problems". Alternatively, copy paste "Control Panel\All Control Panel Items\Troubleshooting" in address bar without quotes in windows explorer. Or Open Action Center and click "Troubleshooting". Under "System and Security", Click "Fix problems with Windows Update". Click on "Advanced" and click "Run as administrator". Now, click Next. Optionally, if you want to know the issues detected before fixing, then uncheck the "Apply repairs automatically" and then click Next. Take note of the detected error codes, issues and the fixes done. It'd be helpful, if you still have trouble after applying all the steps. Now Reboot[make sure the fast startup is disabled] in power options. Power Options-> Choose what the power buttons do -> change settings that are currently unavailable. After reboot, open both the task manager[to check network usage and activity, CPU usage and RAM usage] and Windows Update. Now, click on Check for Updates. Max time to wait on an average internet speed is 1 hour. If it solves the issue, well done. If not, try the same using latest Diagnostic Windows Update Troubleshooter from here. CHKDSK in command prompt: Open elevated command prompt, which means Command Prompt[Run as administrator]. Press "Ctrl + X" and press "Shift + A". Note: If your main partition is not "C:" drive, replace the "C:" with your main partition drive letter in the command "CHKDSK C: /F /R" without quotes and run it. It should ask for reboot(s). It should fix some Windows Update issues. If you still have issue with Windows Update, proceed to next step. Inbuilt DISM Tool: Make sure that you have internet connection turned on. Also, make sure you keep a copy of the log file from "Main partition->Windows->Logs->DISM->dism.log" after running "ScanHealth" or "RestoreHealth" or "Start ComponentCleanup". Open elevated command prompt, which means Command Prompt[Run as administrator]. Press "Ctrl + X" and press "Shift + A". Now, run the command "DISM /Online /Cleanup-Image /CheckHealth" without quotes. It should show no component corruption found. If it shows corruption found, run the command "DISM /Online /Cleanup-Image /ScanHealth" to check if the corruption is repairable. If repairable, Run the command "DISM /Online /Cleanup-Image /RestoreHealth". Note: It'll take few mins to hours. It starts doing its work from 20%. However, it stops in 40% too. If it shows corruption fixed, then the DISM part is over and proceed with sfc scan step-7. However, if you get corruption not fixed, then proceed with the sub-steps below. You need a Windows 8.1 OS installation ISO with "install.wim" file located in "sources" folder. If you don't have one, you can get it from Tech Bench download ISO for Windows 8.1. Since the Tech Bench download page is blocked after Windows 10 upgrade offer ended, Please Reply to this thread and I'll provide the unique Microsoft download link in PM. Once you have the ISO, mount the ISO. No need of third party tools. Just right click the ISO and choose "Mount". Now, open elevated command prompt and run the command "Dism /Online /Cleanup-Image /RestoreHealth /Source:wim:D:\sources\install.wim:1 /LimitAccess" Note: Replace "D:" with the exact drive letter of the mounted ISO. It should fix the corruption. If you get error, run the command "Dism /Online /Cleanup-Image /StartComponentCleanup" and then run the RestoreHealth Command above. If corruption is fixed, then you should run the sfc /scannow. You can view the usage guide here. Make sure you keep a copy of the log file from "Main partition->Windows->Logs->CBS->CBS.log" Now Check for Updates in Windows Update and if still taking hours with no detection or no internet usage with more CPU usage, proceed to next step "Windows Update Fix - Tested". Windows Update Fix - Tested: Note: This fix is also applicable for clean install / refresh / reset / recently installed devices. This fix doesn't have any Windows 10 connection or telemetry which makes it trusted fix from Microsoft. Download using Microsoft Update Catalog: Note: If you use IE with Microsoft Update Catalog with addon, you can continue using IE. Or if you have other browsers, you can use it instantly without any addon installation. Visit this page and click "Download" according to architecture and OS installed. In the pop-up window, click the link to start downloading the .msu file. Download from Download Center: You can visit this KB Details page and locate the downloads according to architecture and OS installed. Steps to Avoid Searching for Updates Issue while using Standalone Installers: Change Windows Update Setting to "Never check for updates" and Disable/Disconnect Internet. Install the update. Note: After installation started, change Windows Update Setting to "Check for updates but let me choose whether to download and install them" and enable Internet. Note: If you are already in a search for updates loop in standalone installer, close the window and use end process tree in open task manager -> Details tab -> wusa.exe. Once done, open main partition in Windows explorer and delete the newly created folder named in a type of encrypted code. Then follow the above 2 steps to install again. [Not-Recommended Fix] Alternatively, If you like to fix with Win 10 related update, you can manually install alternate fix KB3112336 or any newer Windows Update Client for Windows 8.1. Source: My own article guide by personal experience. Update - New Windows Update Client to fix if the above fix doesn't help:
  11. Quick And Simple Way To Prevent Laptop Power Cords Fraying I come across a lot of laptops with frayed power cords that are expensive to replace. Prevention is better than cure. Here's how to prevent the problem happening in the first place. As a MacBook owner, I've grown accustom to the fact that it won't be long before the cable on the power cord starts to fray, and once that's happened, it's only a matter of time before I'm giving Apple another $80 for a charger. Well, prevention is better than cure, so I've been taking steps to prevent the problem from happening, rather than dealing with it once it's started. And don't worry, this isn't specific to the MacBook - this will work on all brands of laptop power cords. This also works for smartphone or laptop power cables. I know, because I've tested this on the weakest of the weak charger cables - the Apple Lightning cable. I've been experimenting with a number of techniques over the past few months, and the best one I've come up with needs only two things: a pack of Sugru and a couple of small cable ties. Not heard of Sugru? It's a mouldable adhesive made of polysiloxane (silicone caulk) and talc. It sets into a durable, waterproof silicone rubber in about 24 hours, and it's stable between -50°C (-58°F) to +180°C (356°F). Here's what I do: Step - 1: Here's the laptop charger, the Sugru, the cable ties, and a pair of snips for cutting the cable ties. Step - 2: Next, I put a plastic tie at both ends of the cable (because I'm giving the Sugru treatment to both the connector end and the power brick end). It doesn't have to be super-tight, but you do need to be able to snip the tail off the cable tie as close to the lock as possible. The purpose of the cable tie is to give the Sugru something to grip onto. It does work without this, but I've found that this gives a more durable fix. Step - 3: Here's the Sugru. I'm using black because that's what I had. It does make a bit of a mess, so if you want to be tidy I suggest using white. Step - 4: Now you just start molding it over the cable and the existing strain relief. If you're thinking of doing this on a new power cord, I actually suggest you wait a few months because you'll find that the cable usually takes on a particular bend or twist, and then you can mold the Sugru to follow these bends. This, believe it or not, makes the fix stronger. And yes, I know my molding is messy. I never was any good at crafts. Step - 5: See how the Surgu molding at the connector end has a bend in it? I'm following what seems to be the way the cable wants to bend. Source
  12. How to get rid of a headache in TWO minutes: Man shares a bizarre guide to beating your migraine - and racks up millions of views YouTuber Kamil K. Wawrzyszko has shared a guide to ending a headache Involves visualising what colour and shape the headache is Viewers asked if he was a wizard but others were more cynical Whether it's a dull ache or feels like your skull's in a vice, most people have suffered from a headache. In fact, according to research, around 40 per cent of Britons suffer from headaches at some point to the extent that it affects their quality of life. But if you've tried popping a painkiller, sniffing lavender and downing a coffee to no avail, a YouTuber claims he has a simple but extremely effective trick that may be just the ticket. How To Get Rid Of Headache Or Migraine In 2 Minutes Or Less Got a headache that just won't go away? YouTuber Kamil K. Wawrzyszko has shared a bizarre and simple guide to ending a headache in just two minutes - and viewers claim it works Kamil K. Wawrzyszko, a business consultant and YouTuber of Kamil's View fame, has shared a guide to ending a headache in just two minutes. The video, which he first posted in 2012 but has gone viral this week and has received 1,685,571 views, sees Kamil sharing a weird trick. Speaking to the camera, he said: 'Although I am not a qualified doctor or psychologist, I have helped numerous people with their headaches, sleep patterns, and other health issues'. He then poses three simple questions to viewers, asking them: 'Where is your headache? What colour is it? What shape is it?'. He calls on viewers to visualise these before asking them again four more times. If you've tried popping a painkiller, sniffing lavender and downing a coffee to no avail, a YouTuber claims he has a simple but extremely effective trick that may be just the ticket 'By now it should have gone,' he says. 'If it didn't, you may need to watch this a few times; in most cases it works. In a separate video, he explains how he thinks it works. Whilst he trick may seem bizarre, people claim their headaches have actually diminished as a result of following his instructions 'The more you look at things, the more they disappear,' he claims. Whilst the trick may seem bizarre, people claim their headaches have actually diminished as a result of following his instructions. 'Are you a wizard? It worked..,' said one viewer. 'Wow! It worked! (Well I had to watch it several times)', added another. Another lady thanked him for his trick, saying: 'Thank you. You have taught me a way to release migraine naturally. I am VERY grateful,' and another viewer was equally thrilled: 'Oh my God I had a very bad headache and then it was gone after I thought about those questions I'm so freaked out, thank you so much,' she said. Others were less than impressed, with one user saying: 'It still hurts a little in my left temple but it helped a little ,' and another claiming: 'It worked only for 30 sec but after that headache came back.' Article source
  13. How to Turn an Old Hard Drive Into an External Drive So you’ve upgraded the hard drive in your computer, and you’re left with this old, seemingly useless bare hard drive. Don’t throw it away! It takes surprisingly little effort to turn an old (or new) hard drive into an external drive perfect for stashing your extra files on. Let’s look at how you can blow the dust off those old drives and save money in the process. Why Roll Your Own External Drive? You can, if you wish, head down to your local big box electronics store or favorite e-retailers, like Amazon or Newegg, and pick up an external drive at a seemingly decent price. But what seems to be a value on the surface isn’t always so. Not only is there no good reason to pay the hard drive company a premium to slap their drive in an enclosure on your behalf, there’s actually more than a few benefits to rolling your own external hard drive setup. First, if you already have a drive on hand, it’s extremely cheap to use it as an external drive, since the biggest cost (the drive) is already sunk and the smallest cost (the enclosure) is trivial by comparison. Even if you don’t consider yourself much of a hardware geek, there’s a good chance you have a few (or more) hard drives sitting around (we’ve got bunches sitting in drawers). Second, you get control over the drive quality and specifications. It’s a not so hush-hush secret in the hardware industry that external hard drive units rarely get premium drives, and even if you like the company you’re purchasing your off-the-shelf external drive unit from, that doesn’t mean you’ll be getting the cream-of-the-crop drive design from them in the process. If you use an old hard drive of your own or even purchase a new bare internal drive for this project, you’ll know exactly what you’re getting. Third, if you have a drive with data on it that you wish to retrieve, you can easily use your external enclosure to mount the hard drive and retrieve it. Yes, you could mount the drive internally on your desktop computer, but it’s a bit more time consuming, and can be impossible on some machines. And, on most laptop computers, it’s impossible to add an additional internal drive. (Although, if you’re only interested in a one-and-done data pull from the hard drive and have no intention of using it as an external drive, you might find the cable and techniques we use in this article to be more helpful.) Lastly, you’ll get more long term value out of rolling your own external drive since any drive can be used within the enclosure. When you purchase an off-the-shelf external drive, the enclosure is mated to its drive (sometimes even literally soldered together). You can’t just crack open that Western Digital MyBook and throw any old drive in there, but with a third-party external drive enclosure, you can. So when you want to upgrade your external drive, all you have to do is swap out the drive inside–instead of buying a completely new product. With all that in mind, let’s look at drive selection considerations, enclosure selection considerations, and finally how it all comes together. Selecting Your Drive Whether you’re picking through a pile of old drives gathering dust on your office shelf or you’re considering buying a new one for the task, there are a few things to keep in mind. We’d suggest reading over this section twice. Once to help you decide which drive you’ll use, and then again to jot down the relevant specifications of that drive before moving onto the next section of the guide focused on purchasing your enclosure. Drive Health This is your primary consideration when reusing an old hard drive: drive health. Obviously if you pulled the old drive from a machine because it was having serious issues like a clicking drive head or other problem, then you shouldn’t even consider using it as an external hard drive. Even if your drive isn’t having problems, you should absolutely check the SMART settings–a process akin to checking the hard drive’s health history. If it turns out the drive has a a bunch of red flags, like thousands of bad sectors, you should consider using a different spare drive or purchasing a new one for the enclosure. Drive Form Factor Hard drives come in two sizes. Mechanical hard drives and mechanical/SSD hybrids meant for desktop computers have a 3.5″ form factor, and are about the size of a modest paperback novel. They’re bigger than laptop-sized drives, but they’re also cheaper for how much storage you can fit. They also require an external power source, which means you’ll need to plug your resulting external drive into the wall. Exercise caution when coming between the mother drive and cub drive. SSDs and laptop-sized mechanical drives come in a 2.5″ form factor. The benefit of using a 2.5″ drive, as you’d expect, is the size–2.5″ drives are about the size of a smartphone. Further, most 2.5″ enclosures do not require external power, so they just have one cable: the one that plugs into your computer. No wall outlet or bulky transformer plug required. The downside to using a laptop size drive is that 2.5″ form factor drives are usually lower capacity (or very much pricier if higher capacity), and unlike 3.5″ drives that have a set height, 2.5″ drives can be 7mm, 9.5mm, and 12.5mm tall. Drive Speed and Capacity Since you’ll probably be plugging your drive in via USB, the drive speed won’t make a huge difference in terms of performance. Technically higher RPM drives will have a slight advantage over USB 3.0 connections (especially for seeking and writing tons of small files) but for most people the difference is likely negligible when all real world factors are included–like variables introduced by file sizes, how many devices are hooked up to each USB root on your computer, and so on. Drive speed is certainly a factor in terms of wear and tear on the drive, however, since faster drives generate more heat. If you’re surveying your drive pile or doing some shopping, you’ll extend the life of your drive by opting for a hard drive with a slow rotational speed (like 5,400 RPM) and skipping over drives with higher rotational speeds (like 7,200 and 10,000 RPM). If the drive is used infrequently, like you just fire it up to backup files once a month, the drive speed distinction (and the subsequent heat) is a moot point. If you intend to use the drive continuously, opt for a slower drive. Now, on the matter of drive capacity, there’s only one real limitation to be aware of. Older USB 2.0 enclosures don’t have the hardware/firmware to support larger drives so be aware that it’s best to pair a large drive (2TB+) with a newer enclosure. Drive Interface We saved this consideration for last because, for most people, it’s not even much of a consideration at all anymore. Hard drives are connected to a computer’s internals via either a PATA or an SATA connection type. PATA connections (also known as IDE) dominated the hard drive market from the mid 1980s well until around 2005 or so, and had a wide connector type that resembled a printer cable, seen below in the image above–note the very large molex-style power adapter at the far right. SATA, introduced in 2003, is now the dominate connection type and features a very skinny L-shaped port, seen above the PATA hard drive above. The data is transferred in the larger L-shaped connection point and the power in transferred in the small L-shaped connection point. Chances are, you have a SATA drive unless it’s a very old drive (or a newer drive used in a very old computer). But check your drive and compare it to the above image before you go looking for an enclosure. Selecting Your Enclosure Once you’ve identified the relevant elements of your hard drive, it’s time to pick out a compatible enclosure. While external hard drive enclosures tend to be pretty simple, there are a handful of considerations we recommend you keep in mind while shopping. Although our goal is to educate you as a consumer so you can select just the right enclosure for your needs, we won’t leave you hanging–through this section we’re including links to specific enclosures we recommend. Internal Interface And Drive Size We left off in the last section talking about drive interfaces. When shopping for an external hard drive enclosure, the first consideration is that you pick an enclosure whose interface matches your drive’s interface and size. Have a 2.5″ laptop hard drive with a SATA interface? You want a 2.5″ SATA enclosure. Have an old 3.5″ desktop drive with a PATA interface? You’ll want a 3.5″ enclosure that supports PATA/IDE. Finally, those of you purchasing enclosures for a 2.5″ laptop drive should be extra aware of the aforementioned drive height issue. Check the fine print on your enclosure to see if the drive enclosure accommodates 12.5mm height drives, 9.5mm height drives, 7mm height drives, or all/some of the above. Fortunately, 12.5mm drives are pretty rare, and nearly every 2.5″ enclosure works with 9.5mm and 7mm height drives. External Interface Second in importance is matching the external interfaces. Do you want to connect your enclosure via USB 3.0? FireWire? An eSATA port (which is very fast, but not available on many computers)? In the photo above you can see a variety of common interface types: on the left we have a 2.5″ enclosure with a micro-B connector, in the center we have a beefy metal USB 2.0 case (that we totally bought to match our Wii and store our games) that has a USB 2.0 type-B connection, and finally a newer 3.5″ enclosure on the right that sports a USB 3.0 type-B connection. Note that both the 3.5 drives have a power port–as we noted above it takes extra juice to run desktop size drives. Above all else, carefully check the specs of the enclosure you’re purchasing to ensure you’re getting exactly what you need–that cheap enclosure might seem like a great deal until you realize it’s so cheap because it’s only USB 2.0. Enclosure Material Hard drive enclosures come in two materials: plastic and metal. For infrequent and short duration usage, the material the enclosure is made out of doesn’t really matter. But for external drives that will see a lot of use (especially if you intend to leave them on all day), a metal body construction that turns the enclosure into a big heatsink for the hard drive is a must have. Heat is the enemy of all electronics and any little bit you can do to keep your hard drive cool is worth it. The photo in the previous section highlights this decision making mentality. The big white enclosure we bought for our Wii is a giant hunk of aluminum that does a fantastic job dissipating heat during long gaming sessions. For short backup sessions, the plastic bodies of the other two enclosures doesn’t really matter much in terms of heat retention/dissipation. Finally, we’d encourage you to skip wasting the money on “ruggedized” hard drive enclosures. You end up paying a premium for a rubber bumper or a little extra protection inside the enclosure case. And in reality, what are the chances you’re going to throw your drive on the floor in the first place? Rather than pay extra for a ruggedized drive, just search Amazon for a padded drive case to put the drive in before you toss it in your backpack or briefcase. You can find hundreds of simple padded cases for all drive sizes for less than ten bucks, like this $8 padded case. The Alternative: Docks and Tethers There’s a special place in every geek’s hardware arsenal for a hard drive dock or tethering cable, and it would be remiss of us not to mention it. While a proper enclosure is great for long term use, sometimes you just want to pop drives in an out for a quick read or copy. Better yet, nice docks also support multiple hard drive sizes and often include features like one-touch copying if you want to clone the drive. In such cases, who wants to deal with taking apart the hard drive enclosure to replace the drive? With a cable tether you just plug it right in and with a dock you can stick the drive in like dropping a piece of toast into a toaster. What these solutions lack in drive protection (they generally don’t enclose the circuit board on the bottom or shield the drive in anyway) they make up for in speed of use and ease of drive changing. The Bottom Line At the end of the day, don’t be afraid to spend the extra few dollars for better features because time is money. The difference between one company’s old USB 2.0 model with outdated features and their newer improved model with a USB 3.0 connection, support for large disks, and more, is almost always $5-10 (if that). When in doubt, just buy the newest model and don’t fall into the trap of saying to yourself “Well these look identical but this one is $3 cheaper…” You’ll hate yourself for skimping on the $3 when dumping all your movie files to the external drive takes an extra three hours. Putting It All Together With the work of learning about the ins and outs of external hard drives and purchasing the right enclosure behind you, the rest is easy peasy. If you have a tool-free or toolless enclosure, you literally just have to snap the case open (like opening the battery compartment on an electronic device) and slide the hard drive in. In the photo above you can see two toolless enclosures–thanks to the compact design of the SATA data and power connections, you can literally snap these enclosures open, slide the drive in until it clicks into place, and then snap the cover back on. Boom. Done. If your enclosure has screws, there are typically two that hold the case together and–just like the hard drive cage in your computer–four screws to mount the drive. At most, you’ll need a Philips screw driver and an extra sixty seconds of time to install the drive. Finally, we’ll save you a bit of panic. If you purchased a new bare drive for this project, when you plug the enclosure into your computer for the first time, you’ll see… nothing. The drive isn’t formatted yet, so your OS will ignore it until you do something. In such cases you’ll need to allocate and format the disk with Windows Disk Manager, use the Disk Utility in OS X, or use a tool like Gparted in Linux. After that, the drive should show up just like any other drive. Now that old disk isn’t gathering dust, you saved more than a few bucks in the process, and you’ve got an enclosure that will outlive the hard drive you slapped in it. Source
  14. Linux Survival Guide: These 21 Applications Let You Move Easily Between Linux And Windows If you need to navigate regularly between Linux and the Windows world, there are many applications that can make your job easier. We spotlight 21 quality applications that will pave the way. Apps that let you easily jump between Linux and Windows Last week, we ran an article detailing how easy it is these days to jump back and forth between MacOS and Windows. We spotlighted 20 applications that are identical across both platforms. As you might imagine, I got letters. Readers demanded to know why I didn't discuss Linux and how easy it is to switch between Linux and Windows. So that's what I'm doing here. While there aren't absolute brand-for-brand equivalents for about 30 percent of the applications, there are workable substitute solutions. In the following slides, I'll show you the applications that are an exact match on both Windows and Linux (and, by extension, MacOS), and highlight those where you'll need to use a different application to get the same work done. Read More - Slide Representation with notes.
  15. How to Play Pokémon Go On Your PC/Laptop Catch Pokemon with Pokemon Go on your PC/Laptop without ever leaving your desk, but it’s a little bit messy. If you are not living under a rock, you must have heard about Nintendo and Niantic’s gaming sensation, Pokémon GO, which is based on augmented reality. Pokémon GO requires gamers to walk around their neighborhood with the smartphones to capture Pokémon nearby. For now, Nintendo has not released this game for Windows devices. However, you can play this game on your Windows 10 PC using Android emulator such as Bluestacks. Since you can’t carry your Windows PC, you can use Fake GPS to fool the Pokemon Go on Windows PC/laptop that you are actually moving around. Even if you have Android smartphone or iOS device, if you want to collect all the Pokémons without leaving your desk, then the following may be your solution. Step by step guide to install Pokemon Go on your PC or Laptop Files to Download Download and Install BlueStacks App on your computer. The installation is simple and you simply need to follow the on-screen instructions to complete the setup. Once the program is installed, don’t launch it yet. We will have to download a few more files before we get started. Download KingRoot APK and LuckyPatcher APK. These apps will be used to gain Root access on BlueStacks player and then install our app as a system app. Download Mock Locations (fake GPS path) and Developer Options Tool APK. Finally, download the latest version of Pokémon GO. You can save all these files anywhere, however, Mock Locations should be saved in the Documents folder on your PC. Getting BlueStacks Player Ready for Pokémon GO. Open BlueStacks Player and wait for it to initialize. Once that’s done, navigate to the Android tab and from the left sidebar click on APK to install KingRoot APK. Once the app is installed, you will find it in the apps section. Run it once to gain root access on the BlueStacks Player. In the same way, install the Lucky Patcher app and run it. When prompted for Root Permissions, accept and close the app. Now to install the Location Spoofer app, open Lucky Patcher you just installed and then click Rebuild & Install at the bottom. Here, navigate to SD Card –> Windows –> Documents and click on the Mock Locations app to install it. Make sure you select Install as a System App when asked by Lucky Patcher. Install Developer Options Tool APK normally and turn the option off, if you see it turned on. Also, open up the Settings menu in BlueStacks and under location settings, make sure High Accuracy is selected. Finally, install the Pokémon GO app to start playing the game. Playing the Game Finally, when everything is set, open Lucky Patcher and launch the Mock Locations app. After the app is launched, click and hold on two locations on the map (the area which you want to explore in Pokémon GO), which then get selected. Next, click on the Play button. You will be asked to select a speed and here, give 4 kmph with 1 hour as a constraint modifier and start the path. Your Android device will now get your device location from the app which is the key ingredient to playing the Pokémon GO game. Now launch the Pokémon GO game, log in using your Google account and start playing the game. The avatar will follow the path you have given in the Mock Location app and you can collect Pokémons, take items from PokéStops and also do gym battles. Please make sure you turn off the AR (Augmented Reality) mode and play the game in a virtual environment. Conclusion So, that was all folks, you can now play Pokémon GO on your PC. Do ensure you don’t do big jumps on the map or you might get banned for location spoofing. Also, turn off the location of Windows PC if you are getting location errors while playing the game. But if you have a big park in your surrounding and it’s safe out there, I would insist you try the game there. It’s a lot more fun that way. Source
  16. 10 Ways To Free Up Hard Drive Space On Windows The guide lists ten methods to free up disk space on Windows computers using various native and third-party programs. 10 Ways to free up hard drive space on Windows lists ten methods to analyze and clear used hard drive space on Windows computer systems. While you might say that such a guide is no longer necessary, as we are in the age of the Terabyte hard drive, I respectfully have to disagree. First, older computers running Windows may not use a Terabyte drive as the main hard drive of the system. Second, Solid State Drives, while slowly picking up pace in regards to storage, are mostly used as 512 Gigabyte or less drives. In some cases, computers may have a 120 Gigabyte SSD or even less than that as the main system drive. If you check out Microsoft's newest Surface device, the Surface Pro 4, you will notice that two models come with 128 Gigabyte of storage only. Last but not least, even if your computer has plenty of space, you may want to free up drive space anyway as most of it is dead weight. 10 Ways to free up hard drive space on Windows The following ten methods may be used in conjunction with each other, or individually. Analyze disk space The very first thing you may want to do is analyze the disk space. This gives you a pretty good picture of the biggest offenders space-wise. I like to use WizTree for that but there are plenty of alternatives such as TreeSize Free, the Disk Analyzer of CCleaner, or Xinorbis. WizTree offers two view modes that are both useful. Tree View displays a tree hierarchy of folders and files sorted from largest to smallest. File View on the other hand puts the focus on files only. Both are useful in determining which folders and files use a lot of space. You may want to jump to the methods below that are most lucrative when it comes to freeing up disk space. If you spot a 16 Gigabyte Page File for instance, you may want to start there by reducing it. Previous Windows installations / Updates Cleanup When you upgrade Windows to a new version, a copy of the old version is kept for a period of time. This is done to give you the option to restore the old version should you run into issues or are dissatisfied with the new version of Windows. This copy may take up more than ten Gigabyte of storage space. It is a bit different for updates. When you install updates, old updates or files may become useless as they are replaced by new files. Windows keeps these around as well and does not remove them. Updates cleanup refers to removing outdated update files that are no longer required. Note: if you remove old Windows installation files or old updates, you have no option to go back anymore. It is suggested to use the operating system for a time before running these clean up operations. Tap on the Windows-key, type Disk Cleanup and hit enter. Confirm the UAC prompt that is displayed. Select the main drive (c usually), and click ok. This comes up only if more than one drive letter is used by storage devices. Click on "clean up system files" when the Disk Cleanup window pops up. Select the main drive again, and click ok. Each entry is listed with the disk space it occupies currently. While you may check them all, it is suggested to only check the items that you know you don't need anymore. Select "previous Windows installation(s)" to clear up old Windows installation files, and "Windows Update Cleanup" to remove old files that are no longer required. You may also want to consider removing log files, system dumps, and temporary files. Patch Cleaner is a third-party program that you may use to remove old updates no longer needed. Pagefile The Pagefile, located at x:\pagefile.sys where x is the drive letter, may appear like a relic of the past to you, especially if you have plenty of memory installed. It is used for caching, and using a fixed or dynamic amount of disk space for that. It may be quite large, 8 or more Gigabytes by default which usually is not required. Use the keyboard shortcut Windows-Pause to open the System Control Panel applet. Select Advanced System Settings when it opens. Click on the settings button under Performance when the System Properties window opens. Switch to the advanced tab and click on the change button under Virtual Memory. This displays all hard drives connected to the PC and the paging file size for each drive. You may change the paging file size by selecting a drive, switching to custom size, and adding initial size and maximum size values. You may also consider disabling the page file for secondary hard drives as well. As an example: on a computer with 16 Gigabytes of RAM, I set the pagefile size on drive c to 2 Gigabyte, and disabled it on all other drives. This worked well and I did not notice any issues using the computer this way. The initial pagefile size was 8 Gigabyte on the computer, which means that I regained 6 Gigabytes of disk space. Hibernate Hibernate is a power state in which everything that is open at the time is saved to disk. The idea is to load the content again from disk when the PC is fired up the next time so that you can resume exactly where you left. The data is saved to the file hiberfil.sys. Obviously, it makes little sense for you to disable Hibernation if you make use of the feature. If you don't however, you will free up Gigabytes of disk space by disabling the feature. Tap on the Windows-key, type cmd.exe, hold down the Ctrl-key and Shift-key, and hit enter. Confirm the UAC prompt that appears. This opens an elevated command prompt. To disable Hibernate, run the command powercfg.exe -h off. To turn it on again, run the command powercfg.exe -h on. The hiberfil.sys file is removed from the system as soon as you disable Hibernation. System Restore System Restore is a backup feature of the Windows operating system that uses disk space to store system snapshots. These snapshots may be created automatically by Windows, for instance before updates are installed, or manually by the user. Basically, what System Restore allows you to do is roll back the system to a recent state. System Restore may reserve quite a big of hard drive space for its functionality, and one option that you have to free up disk space is to reduce the reserved space. This means fewer snapshots that System Restore maintains at any point in time though. Use the keyboard shortcut Windows-Pause to open the System Control Panel applet. Click on "System Protection". The window that opens lists all drives and their protection state. On indicates that System Restore is enabled for the drive, off that it is turned off. Locate the main drive letter (usually c) and click on the configure button. This opens a new window with two main options: 1) turn system protection on or off and 2) change the maximum disk space usage of System Restore. You may reduce System Restore's max usage a couple of percent. How much depends entirely on you and other backup strategies you may make use of. I have set it to 2% on the main drive, and turned it off on all other drives. Clear Temporary Files Programs and Windows may use temporary files. Web browsers use them to store website files locally to speed up future visits. Temporary files are never essential, but they may help speed things up and perform certain operations faster. While it is certainly possible to clean temporary files manually, or through the settings in individual programs, it is often better to use specialized software for that. You may use Windows' own Disk Cleanup -- referenced above -- for that to a degree, but third-party programs like CCleaner or PrivaZer do a better more thorough job when it comes to that. CCleaner separates between Windows and Applications. Windows covers native programs and features such as Internet Explorer, Microsoft Edge or Windows Explorer. All you have to do is select the areas that you want analyzed for disk space usage and temporary files. Once done, hit the analyze button to check these locations and display the data they contain currently. You may then add or remove options or click on run cleaner to clear the temporary files. Note: If you select cookies under browsers, you will be logged out of services you are signed in at the time. You may also lose access to your browsing history if you select to clear the history. Tip: CCEhancer adds support for additional temporary file locations and programs to CCleaner. Move Temporary Files / Downloads Clearing temporary files is just a temporary solution to space issues you may experience. Programs and Windows continue to add temp files to the system as you use them. While you may run temporary file cleaners regularly to keep the data use in check, you may also want to consider moving folders to another drive if available. How that is done depends on the program you are using. Most web browsers for instance let you pick a download folder where all files get downloaded to. Some allow you to select temporary file locations as well, and the same is true for Windows. To move temporary file locations in Windows, do the following: Use the Windows-Pause shortcut to open the System Control Panel applet. Select Advanced System Settings when the window opens. Select Environment Variables when the next window opens. Locate the user and system variables TEMP and TMP. Note that they point to a directory on the hard drive, by default C: \Windows\TEMP for system variables and AppData\Local\Temp for user variables. Double-click on a TEMP or TMP entry, and change the drive letter and path to the temporary files folder to another drive. Check out these guides on how to change the IE and Edge download folder, or move the Firefox cache to another drive as examples on how to do that. Uninstall Programs Programs, and especially games, may take up a whole lot of disk space. Modern games are Gigabyte-sized, and it is uncommon that games use thirty or more Gigabyte on the hard drive when installed. One option to free up disk space is to remove programs and games that you don't require anymore. While you may use Windows' native tools to remove programs, it may not be the best of ideas for two reasons. First, Windows runs only the uninstaller but no cleanup operations afterwards. Second, third-party tools may provide you with size information on top of that which may help you during the selection process. Programs like Revo Uninstaller, or Geek Uninstaller offer that functionality. If you use Revo Uninstaller, switch to the details view mode after the program listing has been populated initially. Click on size then so sort the listing by file size. Move files / programs You cannot uninstall programs if you still require them. Moving may be an option in this case then, provided that you have another hard drive available. Please note that you may need to take hard drive performance into account as well. If you move a game from a fast Solid State Drive to a low spinning 5400 rpm platter-based drive, you will notice longer loading times. I have covered the process before, check out how to move large apps or games to another drive, for all the instructions you need. The basic idea is the following one: you move the app or game to another drive, and use symbolic links to make them point from the new location to the old one. All files are then accessible from the old and new location so that you don't lose any functionality. Duplicate files Duplicate files are another thing that you may want to look into. The gain depends largely on how the computer is used. If you like to download large bulk archives from the Internet for instance, or use different programs for the same purpose, thing file synchronization, then you may end up with duplicate files on the system that may take up a bit of disk space. The best way to handle this is to use third-party programs to find duplicate files on the system. There are numerous programs that provide you with that functionality: CloneSpy, DoubleKiller or Duplicate Commander are just three. The main difference between the programs may be the methods used to determine duplicates. Basic duplicate file finders compare file names and extensions only. More advanced programs may use hashes instead, or even use fuzzy logic to find nearly identical files (think a photo that is available in two different resolutions). Resources You may find the following resources useful. They may review programs that you may find useful, or provide additional information on certain clean up methods. Check if System Restore is enabled on Windows 10 Free disk space by cleaning up the Steam folder How I freed up 12 Gigabytes of disk space on Windows 7 Reduce the folder size of Thunderbird to free up disk space Remove old Chrome versions to save disk space Now You: Have another tip? Let us know in the comments. Source
  17. How To Install Linux On An Android Device Unleash the full potential of your Android device by installing Linux OS on it Installing Linux on Your device involve four steps which are -installing BusyBox, installing Terminal Emulator, placing required files in SD card and finally running the Linux OS. Step 1: Installing the BusyBox libraries Before you start you’ll need: Android Device 4 GB SD card(or more) Root Access Full Backup of your data(for recovery if something goes wrong) You can get BusyBox from Play Store by clicking here. All you have to do is to download and install it. Step 2: Installing a Terminal You’ll need a terminal emulator for using your Linux OS. Installing this is recommended. Step 3:Putting required files in place Connect your device to your PC (remember to enable the USB mount), and then download this file and this file. Create a new folder in your SD card and name it Ubuntu(or whatever you like) and then extract these files in the folder. Step 4: You’re almost ready Go back to the Terminal app and write “su’ again. Then write “cd /mnt/sdcard”. To confirm everything is working try to write “ls” and see if you can recognize your folders (you might find the ubuntu folder as well). To start our ubuntu write “cd /ubuntu” and then “sh ubuntu.sh”. This will execute many procedures which are trying to set your system. It will request to enter a resolution. Use number x number format to express it. For example: 600×400 is the proper format. For the best appearance and performance I suggest 800×480. Now everything is done. The ubuntu system is running , however we can’t see it. To see it , we must use a VNC app. We can download it from Play Store. Thats it! However if you feel any difficulty in any of the steps or require further information, you may drop your query in the comments. Source
  18. Download this Guide as a PDF 1 Overview "LinkedIn hack releases 167 million accounts." "Milwaukee Bucks organization accidentally leaks player financials onto the Internet." "4.8 Million V-Tech customer's data stolen." These headlines scream: software security is a big deal. While thinking about software security often creates that sinking, pit-like feeling in your stomach, it pales in comparison to the nausea that strikes when the CEO is on the news explaining that the software system you built leaked private information about users. There's no industry, no organization and no classification of software that is immune to the predatory antics of hackers. Personal information, corporate data, even high-profile social media accounts are under constant attack. Any server system accessible from the Internet is not just a potential target, but an actual target. When Microsoft first starting working on their Windows 2000 software system they wanted to see how well it would resist attack. To test this, they put a few servers onto the network and waited. Within hours the attacks began. We conducted the same experiment in 2016 and it took less than 60 minutes for the first brute force attack to come in from overseas. So as I mentioned before, software security is a big deal. Security is complex and for many software professionals an incredibly intimidating task that is easy to just ignore as a problem "outside the scope of requirements". However, this is no longer a viable option. Security has moved from a "we'll get to that eventually" feature to a priority. Security must be skillfully factored into designs, projects and timelines. This guide is for the software developer, architect or system administrator who doesn't want to spend a lifetime wading through cryptographic algorithms and complicated explanations of arcane system administration topics to tackle software security. We are a software development company and we have taken everything we know (and have learned through the years) about server and application security and distilled it into this simple yet detailed guide. This is not the sum of all things that could be or have been said about software security, but if you implement each of the concepts below your user data will be highly secure. There are two parts to the guide: Server Security and Application Security. We don't see one as more important than the other, so we strongly encourage readers to digest both sections with equal attention. We provide a series of guidelines and steps to harden the servers/applications and protect against direct attacks. This isn't a "Why" kind of guide; this is a "How" guide. We trust that those interested in the "Why" will find plenty of other resources to satisfy their curiosity. For those of you interested in the "How", let's get started. 2 TL;DR If you would rather not read our entire security guide (though we suggest you do), check out the Github project created around this guide. This project contains a set of scripts you can execute from your local computer to secure a remote server. The scripts perform most of the steps listed in this guide. The Github project also contains full configuration files based on the configuration detailed below that are deployed to the server by the scripts. NOTE: That is only half of the equation, so you will still want to read the Application Security section of the guide. Find our Github project here: https://github.com/inversoft/2016-security-scripts 3 The App and Contest We wrote a simple application in order to ensure everything in this guide worked correctly. Our application is a simple to-do manager. Users can register for an account and log into the application. Once logged in, users can manage their to-do list. Our application uses Node.js, Express and Sequelize for the server-side, Ember.js for the front-end MVC, and MySQL and Passport for the databases. Passport is used to store user data and MySQL is used to store the to-dos. We've open sourced all the code and deployed our application to a couple of Linode servers. We invite you to use our code to help secure your own applications and to also let us know if we've missed any security vulnerabilities. As an added bonus, we're giving away a new 15" fully loaded MacBook Pro to the first person who can breach our security. Since this guide is designed to prevent a hacker from gaining access to the full user database, we will be giving the prize to anyone that can prove access to our user database. More specifically, we aren't giving the prize for single user exploits or denial of service attacks. To win the prize, you must accomplish one of these hacks or something similar: Gain access to one of the servers our application is running on without detection. Prove an exploit that would allow retrieval of 50% or more of the user data stored in our database (via an application exploit or something similar). To make your lives easier, we're going to give you the IP addresses of both our servers (even though in a real situation you wouldn't know the IP address of the Database Server). Those IP addresses are: Application Server - Database Server - And finally, the front-end of our application lives here: https://hackthis.inversoft.com If you find an exploit or gain access to our servers, send us an email at [email protected] so we can verify it and send you the MacBook. As you read through this guide, keep in mind that most of the instructions below are framed as if you were building an application whose architecture is similar to the one that we built. However, any server-side application that uses a database can use any or all of the techniques covered below but you might need to make some tweaks in order to get our instructions to work for your specific application. 4 Server Security
  19. How To Become An Ethical Hacker Step by step guide to becoming an ethical hacker Hacking is one of the most misconstrued words in computer dictionary with some having glamorous connotation about it while others who view hackers with contempt. Hacking was mainly used in the “good old days” for getting information about systems and IT in general. However, it is now associated with the unauthorized use of computer and network resources. By definition, hacking is the practice of altering the features of a system, to accomplish a goal which is not in scope of the purpose of its creation. However, hacking has more to it than just altering a code, as it is a high paying career choice with huge reputation for successful hackers. In the last few decades, there’s been an increasing demand for ethical hackers (also known as white hat hackers or penetration testers) as they protect the computer systems from dangerous intrusions. Businesses and government-related organizations that are serious about their network security hire ethical hackers and penetration testers to help probe and improve their networks, applications, and other computer systems with the ultimate goal of preventing data theft and fraud. Ethical hackers use the same methods as their less-reputable namesakes, but document vulnerabilities instead of exploiting them, preventing potential crises and minimizing damage. What is Ethical Hacking? The term ‘hacking’ has very negative connotations, but that’s only until the role of an ethical hacker is fully understood. Ethical hackers are the good guys of the hacking world, the ones who wear the “white hat.” So what does the role of an ethical hacker involve? Instead of using their advanced computer knowledge for nefarious activities, Ethical hackers or white hat hackers identify weaknesses in data computer security for business and organizations across the globe, to protect them from hackers or criminals with less honest motives. This not only helps them earn a good and honest living but also keeps them away from facing prison time. To be a professional ethical hacker, you require motivation, dedication, initiative, self-education and formal training in ethical hacking. Getting Started Many ethical hackers start out by obtaining a computer science degree. Start with the basics: Earn your A+ Certification and get a tech support position. After some experience and additional certification (Network+ or CCNA), move up to a network support or admin role, and then to network engineer after a few years. The Network+ certification validates foundation-level knowledge in networks, including management, maintenance, installation, and troubleshooting. The CCNA qualification ensures the same abilities and aims at foundation-level expertise. Next, invest some time into earning security certifications (Security+, CISSP, or TICSA) and find an information security position. While you are there, try to concentrate on penetration testing and get some experience with the tools of the trade. Then work toward the Certified Ethical Hacker (CEH) certification offered by the International Council of Electronic Commerce Consultants (EC-Council for short). At that point, you can start marketing yourself as an ethical hacker. For a hacker, networking know-how is important. Ensure that you gain experience in related areas as well. Discover and play with Unix/Linux commands and distributions. Make sure you also learn some programming such as C, LISP, Perl, or Java. Also, spend some time with databases such as SQL. In addition, also learn about Windows and Mac OS. Soft Skills Hacking isn’t all technical. Just like any other IT job does, it also requires so-called soft skills. You will need a strong work ethic, very good problem-solving and communications skills, and the ability to say motivated and dedicated. Ethical hackers also need street smart, people skills, and even some talent for manipulation, as there may be times when they are not able to convince others to disclose credentials, restart or shut down systems, execute files, or otherwise knowingly or unknowingly help them achieve their ultimate goal. You will need to master this aspect of the job, which people in the business sometimes call “social engineering,” to become a well-rounded ethical hacker. Be a part of a project or sign up for a course Most youngsters want to take up hacking but don’t know where to start. Many of them think hacking happens at a click of fingers but it is not so. You have to put in lot of hours to get your hacking targets right. Websites such as Coursera and Udemy are a good place to learn these basic skills; you can also sign up for a course for the same. Depending on how to learn best, taking a step-by-step course with tutorials could be the way forward, or otherwise, find a project. Hacking, patches, improvement, and mods are all inter-weaved through understanding a programming language or an operating system. So, take up something that interests you whether it is streamlining and creating a program, or creating a gaming mod, or fixing a security issue, or joining community competitions offered by groups such as Hackthissite.org. Specialize Hacking is about choosing the right path and you need to specialize. You can’t go about hunting for desktop vulnerabilities one day and switch on to finding Android vulnerabilities on the next. If you really want to become a specialist, then do not limit yourself to just learning a programming language. There are a huge range of topics and subjects that you should research and learn about, including learning about the essential fundamentals. Learning about hacking history, the Metasploit framework, online security and privacy, social engineering, Shell, and databases are only some of the areas you should explore. Be a part of the bug lovers’ community Sharing helps and in hacking, sharing is often the key to success. The open-source community always welcomes people who have a good knowledge of computers, operating systems and programming and love to solve problems and think creatively. A great place to start is GitHub, which is not a wonderful way to meet other hackers, developers and both professionals and enthusiasts but also is a good way to polish your skills and have a hand in enhancing coding and streamlining. Stay legal Last, but not the least, it is important not to get involved in “black hat” hacking, which means intruding or attacking anyone’s network without their full written permission. Engaging in illegal activities, even if it doesn’t lead to a conviction, will likely kill your ethical hacking career. Many of the available jobs are with government-related organizations and require security clearances and polygraph testing. Even regular companies perform a basic background check to hire employees. So, ensure that you stay away from black hat hacking. Always, remember hacking pays well as long as you are on the right side of the law at all times. Source
  20. Author: Whitson Gordon Posted Today 7:00 AM Keep on hearing about encryption but still not sure what it involves? Heres a basic introductionto encryption, when you should use it, and how to set it up. What Is Encryption? Encryption is a method of protecting data from people you dont want to see it. For example, when you use your credit card on Amazon, your computer encrypts that information so that others cant steal your personal data as it is being transferred. Similarly, if you have a file on your computer you want to keep secret only for yourself, you can encrypt it so that no one can open that file without the password. Its useful for everything from sending sensitive information to securing your email, keeping your cloud storage safe, and even hiding your entire operating system. Encryption, at its core, is similar to those decoder rings you played with when you were younger. You have a message, you encode it using a secret cipher, and only other people with the cipher can read it. Anyone else just sees gibberish. Obviously, this is an incredibly simplified explanation. The encryption in your computer is far more complex and there are different types of encryption that use multiple decoder rings but thats the basic idea. There are also different levels of security when it comes to encryption. Some types, for example, are more secure but take longer to decode. Few, if any, encryption methods are 100 per cent foolproof. If you want a more detailed explainer on how encryption works, check out this article from the How-To Geek and this article from HowStuffWorks. They explain a few different kinds of encryption and how they keep you safe online. Should I Encrypt My Files? The short answer: yes. Things can be stolen even if you dont share your computer. All someone needs is a few minutes in front of the keyboard to retrieve anything they want. A login password wont protect you, either breaking into a password-protected computer is insanely easy. So should you encrypt your sensitive files? Yes. But theres a bit more to it than that. You have two big choices when it comes to encryption: do you just encrypt the important files , or do you encrypt your entire drive? Each has pros and cons: ◾ Encrypting a select group of files such as the ones that contain personal information keeps them safe without any extra complications. However, if someone had access to your computer, they could still break into it and view any non-encrypted files, access your browser, install malware, and so on. ◾ Encrypting your entire drive makes it difficult for anyone to access any of your data or even boot up your computer without your password. However, if you experience any corruption on your drive, its much less likely that youll be able to retrieve that data. We generally recommend against average users encrypting their entire drive. Unless you have sensitive files all over your computer, or have other reasons for encrypting the entire thing, its easier to encrypt the sensitive files and call it a day. Full disk encryption is more secure, but can also much more problematic if you dont put in the work to keep everything backed up safely (and then encrypt those backups as well). That said, well show you how to do both in this guide. Well talk a bit more about each situation in their individual sections below. How To Encrypt Individual Files Or Folders With TrueCrypt If you need to keep just a few files safe from prying eyes, you can encrypt them with the free, open-source, cross-platform TrueCrypt. These steps should work on Windows, Mac and Linux. Note that if youre encrypting files to send them over the internet, you can also use this previously mentioned 7-Zip method. Creating a TrueCrypt volume for your files is very easy just follow TrueCrypts step-by-step wizard. Heres an overview of what it entails: 1. Start TrueCrypt and click the Create Volume button. 2. On the first screen of the wizard, select Create an encrypted file container. 3. On the next screen, choose Standard TrueCrypt Volume. If you want to create a hidden volume (to further obscure your data), read more about how it works here. We wont cover it in this tutorial. 4. On the Volume Location screen, click the Select File button and navigate to the folder in which you want to store your encrypted files. Do not select an existing file as this will delete it instead, navigate to the folder, type the desired name of your encrypted volume in the File Name box, and click Save. Well add files to this TrueCrypt volume later. 5. Choose your encryption algorithm on the next screen. AES should be fine for most users 6. Choose the size of your volume. Make sure it has enough space to fit all your files, and any files you may want to add to it later. 7. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your data will be inaccessible. 8. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard. 9. Choose a filesystem for your encrypted volume. If youre storing files over 4GB inside, youll need to choose NTFS. Click Format to create the volume. To mount your volume, open up TrueCrypt and click the Select File button. Navigate to the file you just created. Then, select an open drive letter from the list and click the Mount button. Type in your password when prompted, and when youre done, your encrypted volume should show up in Windows Explorer, as if it were a separate drive. You can drag files to it, move them around, or delete them just like you would any other folder. When youre done working with it, just head back into TrueCrypt, select it from the list, and click Dismount. Your files should stay safely hidden away. How To Encrypt Your Entire Hard Drive On Windows With TrueCrypt The process of encrypting your entire hard drive isnt that different from encrypting individual files and folders (though TrueCrypt can only do this in Windows). Once again, the process is quite simple thanks to TrueCrypts step-by-step wizard. Heres what you need to do: 1. Start TrueCrypt and click the Create Volume button. 2. On the first screen of the wizard, select Encrypt the System Partition or Entire System Drive. 3. On the next screen, choose Normal. If you want to create a hidden operating system (to further obscure your data), read more about how it works here. We wont cover it in this tutorial. 4. Next, choose Encrypt the Whole Drive. This should work for most people, though if you have other partitions on your drive that you dont want encrypted, you may want to choose the first option instead. 5. When asked to encrypt the Host Protected Area, we recommend choosing No, unless you have a specific reason to do this. 6. If you only have one operating system installed on your computer, choose Single-Boot at this next prompt. If you arent sure, youre probably using a single-boot setup. If youre dual booting (say, with Linux or another version of Windows), choose Multi-Boot. 7. Choose your encryption algorithm on the next screen. AES should be fine for most users. 8. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your computer will be unbootable and your data will be lost. 9. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard. 10. Next, select a location for a TrueCrypt Rescue Disk, which will help you save your data if the bootloader, master key, or other important data gets corrupted. Give it a file name and save it. 11. Once youve saved the file (in ISO format), youll have the option to burn it to a CD or DVD. Do this now (using either Windows built-in tools or a program like ImgBurn) before you continue. Click Next when youve finished burning the disc (and keep the disc in a safe place!). 12. Choose a Wipe Mode for your data. None is the fastest, but if you want to ensure that your data is as secure as possible, choose one of the other options (3- or 7-pass is probably fine). 13. Run the System Encryption Pretest on the next screen. Youll need to restart your computer and enter your new TrueCrypt password when prompted. 14. If the test runs successfully, youll see the option to begin encrypting your drive. Let it run it will probably take a while (especially if you have a large drive). Thats it. From now on, when you start up your computer, youll need to enter your TrueCrypt password before you boot into Windows. Make sure you dont forget your password or lose that recovery disc if you do and something goes wrong, you wont be able to boot into your computer and youll lose all your data. How To Encrypt Your Entire Hard Drive On OS X With FileVault OS X has a built-in encryption tool called FileVault, and its incredibly easy to set up. All you need to do is: 1. Head to System Preferences > Security & Privacy > FileVault. 2. Click the lock in the bottom left-hand corner of the window to make changes. Type in your password when prompted. 3. Click the Turn on FileVault button. Copy down your recovery key and store it in a safe place (preferably not on your computer somewhere physically secure like a safe). We dont recommend storing it with Apple. 4. Restart your computer when prompted. When you boot back up, OS X will begin encrypting your disk, and your computer will probably run a little slowly while it goes. It could take an hour or more, depending on how big your hard drive is. Alternative Tools TrueCrypt has long been one of the most popular encryption tools out there, and its one of the easiest to set up. It isnt the only option, however. As we mentioned earlier, 7-Zip is also a great way to encrypt your files, as is BitLocker, which comes with the Pro version of Windows 8 (or the Enterprise and Ultimate versions of Windows 7). Check out our Hive Five on encryption tools for a comparison of some of the more popular alternatives if you want to try them out. Final Words As we mentioned at the beginning, encryption is not 100 per cent foolproof, but its better than leaving your files out in the open. Remember what encryption cant do it cant secure your drive if its infected with malware, if you leave it turned on in public spaces, or if youre using a weak password. Even if you put your computer to sleep, its possible an experienced hacker could recover sensitive data from your computers RAM. Dont let encryption lure you into a false sense of security: its just one layer of the security process. Lastly, remember that this is just a beginners guide to what encryption is and how it works. Theres a lot more beyond basic encryption of files and folders, like transferring encrypted data to your friends, securing your email with PGP, encrypting your Dropbox, or creating a decoy operating system to further obscure your information. Now that you know the very basics, dont be afraid to branch out and learn more about encryption and what you can do to secure your data. Good luck! Author: Whitson Gordon Posted Today 7:00 AM Source
  21. selesn777

    Image Resize Guide 2.2.2

    Image Resize Guide 2.2.2 Image Resize Guide is a program that allows you to change the size or aspect ratio of an image keeping the "important" features intact and remove objects from photo without visible traces. This program offers the following tools: Resize - allows you to change the image size.Crop - allows you to cut out an area of an image.Smart Remove - removes objects without visible traces.Smart Size - changes the image size removing "unnecessary" portions while keeping the "important" features intact.Smart Patch - allows to apply a patch from one area of an image to another.Website: http://tintguide.com/ OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 4,82 Mb.
  22. Picture Cutout Guide 3.2.3 + Portable Program offers these tools: Wide Edge - allows you to separate an object from its background and to store it for later transfer to another photo; applies background effects; Paste Object - pastes a separated image into another photo. Picture Cutout Guide includes animated demo samples: the program features; indication the object boundary; simple background erase; the background effects; complex background erase; photomontage. Features Website: http://tintguide.com OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 4,36 / 4,32 Mb.
  23. Photo Montage Guide 2.2.3 + Portable Photo Montage Guide - separates solid objects from an arbitrary background, applies background effects (filling, shadowing, blur, monochrome), allows transferring objects to another photo, makes a photomontage, allows you to change the size or aspect ratio of an image keeping the "important" features intact and remove objects from photo without visible traces. This program offers the following tools: Resize - allows you to change the image size.Crop - allows you to cut out an area of an image.Text - designed for inscribing images.Separation - allows you to separate an object from its background and to store it for later transfer to another photo; applies background effects.Paste Object - pastes a separated image into another photo.Smart Remove - removes objects without visible traces.Smart Size - changes the image size removing "unnecessary" portions while keeping the "important" features intact.Smart Patch - allows to apply a patch from one area of an image to another.Website: http://tintguide.com OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 5,20 / 5,17 Mb.
  24. Tint Guide Software Pack DC 02.06.2014 Picture editing software from Tint Guide: collage, photomontage, smart image resize and object removal, virtual makeup and virtual cosmetic. Our Picture Editing Software: include animated picture editing samples;can be used as plug-ins in Adobe Photoshop and compatible photo editing programs;have scanner (camera) twain support;run on Windows XP / Vista / 7 / 8, both 32-bit and 64-bit.Tint Guide Software Pack DC 02.06.2014 Beauty Guide 2.2.1Brightness Guide 2.3.1Cosmetic Guide 2.2.1Image Resize Guide 2.2.1Makeup Guide 2.2.1Pet Eye Fix Guide 2.2.1Photo Montage Guide 2.2.2Picture Cutout Guide 3.2.2Website: http://tintguide.com OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 36,21 Mb.
  25. Tint Guide Software Pack DC 29.05.2014 Picture editing software from Tint Guide: collage, photomontage, smart image resize and object removal, virtual makeup and virtual cosmetic. Our Picture Editing Software: include animated picture editing samples;can be used as plug-ins in Adobe Photoshop and compatible photo editing programs;have scanner (camera) twain support;run on Windows XP / Vista / 7 / 8, both 32-bit and 64-bit.Tint Guide Software Pack DC 29.05.2014 Beauty Guide 2.2.0Brightness Guide 2.3.0Cosmetic Guide 2.2.0Image Resize Guide 2.2.0Makeup Guide 2.2.0Pet Eye Fix Guide 2.2.0Photo Montage Guide 2.2.0Picture Cutout Guide 3.2.0Website: http://tintguide.com OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 36,13 Mb.
  • Create New...