Dedicated to my late brave, beautiful and silly mummy, Debra Ross. I love you mumster.

Skip navigation

Category archive for security

Because archives are so much easier than having just hundreds of posts on the home page. I learned that the hard way.

Only one problem with strong encryption

2008.07.14 – 23.07

Screenshot of a large amount of files being transferred to an external TrueCrypt volume on Mac OS X

By Ruben Schade | Also posted in mac os x, screenshots | Comments (1)

Recover forgotten passwords in Camino

2008.05.29 – 13.31

AFTERWORD: I created this entry because I was frustrated that there were lots of guides to recover passwords in Safari (and Firefox, and Opera) on Mac, but not Camino. The procedure is about the same, but nobody had it shown anywhere as such.

One of the (many, many!) problems I encountered when I lost my phone recently was losing my password for Wireless@SG! When I signed up for the free public wifi system in Singapore I was issued a password in the form a text message on my phone. Of course, now that my phone and I have parted ways I don’t have that password.

ASIDE: I really should have written the credentials down somewhere safe besides my phone! Hindsight is a remarkably powerful and largely useless tool.

Keychain Access.app As it stands now though I can still log in to Wireless@SG because Camino remembers my password and enters it in for me automagically. What I wanted to know was, is there some way to retrieve the password from Camino in a form other than a string of asterisks? As it turns out, one of the primary reasons I still keep going back to Camino (greater Mac integration and consistent Mac interface) turned out to be my saviour, in the form of the Mac OS X Keychain.

If you have a password that Camino remembers but you don’t, you can retrieve it by opening Keychain Access.app in /Applications/Utilities/. You’ll be presented with a list of accounts that OS X has remembered the passwords for.

Double click the site that you can’t remember the password for, then click the Show Password checkbox at the bottom of the window that appears. You’ll be prompted to enter your Mac OS X login credentials. Voila, your password is presented:

Keychain Access.app

Of course, I changed my password shortly after!

By Ruben Schade | Also posted in how-to, internet, mac os x | Comments (1)

Just ordered a Yubikey

2008.05.24 – 23.54

YubikeyAfter listening to a recent episode of Security Now I’ve gone ahead and purchased myself a Yubikey!

The Yubikey is a phenomenal new device that’s smaller than most memory keys that when plugged into a USB port and the loan button on the case is pressed, a one time password is generated and entered. It does this on any HID enabled operating system including my beloved Mac OS X and FreeBSD without extra drivers because it shows itself as a regular USB keyboard. It’s so beautifully simple!

The best part is that the API is open and accessible from a number of different programming languages such as Ruby, PHP and Python (not sure about Perl just yet).

In the coming weeks I’m going to try to implement my Yubikey into my Ruby CMS. I’m really excited!

By Ruben Schade | Also posted in hardware, internet, programming | Comments (1)

VIM security note for FreeBSD folks

2008.05.19 – 20.09

Installing vim on FreeBSDIf you install the vim text editor either from packages or ports, just a reminder from the FreeBSD Security Team:

SECURITY NOTE: The VIM software has had several remote vulnerabilities discovered within VIM's modeline support. It allowed remote attackers to execute arbitrary code as the user running VIM. All known problems have been fixed, but the FreeBSD Security Team advises that VIM users use 'set nomodeline' in ~/.vimrc to avoid the possibility of trojaned text files.

If you install lots of ports at once or just happened to have vim installed automatically because it was listed as a dependency, you may not have see that message. Take care.

By Ruben Schade | Also posted in bsd, free and open source | Comments (0)

My favourite free Windows 2000 security tools

2008.04.08 – 02.24

Windows 2000-tanIn this second post in my unintended short series on how to use Windows 2000 in a virtual machine (for pesky software you can’t run under Wine on your efficient Unix-like machine or your beautiful Mac), I’m looking specifically at security software. If you use Windows all the time you probably already know about these, this is specifically for people who don’t really use Windows unless absolutely necessary!

Service Pack 4 Network Installer
This absolutely goes without saying! I much prefer downloading the so-called Network Installer and running it separately, that way if in the future you need to re-apply it or even install it on another system you don’t have to download files again.
Rollup Update 1
Download and run this after you install Service Pack 4, and you’ll get all the updates that were released up to September 2005. You’ll still have a lot more patches to install when you run Windows Update afterwards, it bit will go much faster.
Avast Antivirus or AVG Antivirus
Both of these freeware virus scanners are world class, fast, lightweight and miles better than any of the really expensive utilties such as Norton. AVG uses less system resources, but I like the way you can set Avast to update itself and its definitions automatically. Up to you, they’re both fantastic. My only suggestion if you choose Avast would be to uncheck the "Skins" feature in the installer, the normal interface is the best.
Spybot - Search and Destroy
I’ve always preferred it to Lavasoft’s AdAware; I’m not sure whether it’s the cute message to his wife in the installer, or its no-nonsense interface :-). The latest versions even include a feature called TeaTimer which runs in your system tray and warns you when any application is attempting to edit the registry, very nice!
TrueCrypt
A very slick and easy way to create encrypted virtual folders, or you can use it to encrypt your entire drive, on the fly. According to some basic benchmarking by Steve Gibson on the Security Now podcast/audio magazine/New Time Radio programme, the latter method in fact even makes your drive perform better than without it! If you’re running Windows 2000 within a virtual machine on Mac OS X it provides a great way to secure your virtual disk image without having to keep it within an encrypted DMG image as I used to do. And it’s Free and Open Source!
GRC freeware tools
If you’d rather not poke around and change registry settings or hidden system files yourself, Steve Gibson has bucket loads of freeware software tools that can do more things than I have time to post here. Most of them can be downloaded, used once and archived, no need to install which is nice.

Windows 2000 security apps in action

By Ruben Schade | Also posted in how-to, redmond | Comments (2)

A philosophical security question

2008.03.24 – 19.27

If implementing a standard leads to an unavoidable security hole, should you follow it?

By Ruben Schade | Also posted in formats | Comments (3)

Dodgy Windows virus scanner on FreeBSD!

2008.03.23 – 23.49

For some reason this evening while searching for information about how to grate cheese using only rubber bands MacGyver style (or maybe while I was searching for SQlite information for Ruby, I don’t remember) a random message box popped up:

Your Windows installation could be infected with viruses!

Given I’m on FreeBSD (they didn’t even check whether their victim was running Windows?!), just for a laugh I decided to click OK and see what they showed!

Really dodgy fake Windows virus scanner

I was expecting the usual silly looking website with affiliate links for piles of overpriced and unnecessary security software, but instead a new fake web software screen appeared, complete with animated progress bars and an evolving list of "infections" that the "software" had "detected". When it was done another fake message appeared which linked to an executable file to download, presumably containing spyware or a virus. Taking a look at the source on the page itself, each button triggered the same JavaScript download function.

ASIDE: The JavaScript code took up more space than any of the HTML. I’ve never seen that before, quite eye opening. Scams like this need more 1337 programming skills than I thought. And all the more reason to disable JavaScript except for trusted sites!

I must say, despite the fact the Windows logo is different in four different places and the grammar is terrible, the animations and fake scan results are pretty well done. For most savvy and intermediate computer users the flaws would be pretty obvious and they’d probably laugh them off, but the scary thing is I’m sure there are plenty of people who would find this whole shameless charade convincing. Just like all these hoaxes, they seem to target this group; heck if they can net one person out of a few thousand, the whole exercise has been… how does Richard Quest put it… profitable.

Malware distributor, I stick my tongue out at thee!
Malware distributor, I stick my tongue out at thee!

For what it’s worth though, and on the bright side, it was really hilarious seeing this whole thing act itself out… in KDE on a FreeBSD machine where the windows look completely different, the colours don’t match, the fonts aren’t even the same and the .exe file it tried to download to the machine wouldn’t have been able to run itself even if it did make it to the hard drive to start off with!

Sorry guys, there’s no Microsoft Windows code to exploit on this machine!

By Ruben Schade | Also posted in bsd, kde, redmond, screenshots, spam | Comments (1)

How to run Internet Explorer securely?

2007.12.06 – 11.48

To comment on any article or weblog post over on ZDNet you must register and hand over more information than I needed to open a bank account here in Singapore! That aside though, after you’ve filled in the registration form you scroll down the page and are given a list of checkboxes next to newsletters you want to subscribe to.

As you can see I unchecked every single one, yet every day now I get two Windows ZDNet tech newsletters which are especially useful to a Mac and FreeBSD user such as myself… go figure!

Anyway one of the articles which I received in my inbox was entitled How to run Internet Explorer securely which includes a string of screenshots like this one:

Evil IE

And here I was under the impression that the best way to securely use Internet Explorer was to uninstall it along with Windows and install FreeBSD or Linux with Firefox or Opera! In fact that first point is even the recommendation of US federal authorities:

The Computer Emergency Response Team or CERT which advises the US Government has warned that users should stop using Internet Explorer for surfing the web. The world’s most popular browser, it has been described as being riddled with security flaws and is vulnerable against hackers and snoopers.

A number of leading organisations have also backed the move away from Internet Explorer as a recent investigation has shown that criminals can exploit the program to record keystrokes inputted by the users, so that they may steal credit card and other personal information and use the details for their own gain.

Johannes Ulrich, CTO for Sans Internet Security stated that the recently exposed flaws were a wake up call for users to switch to another browser. He continued to say to keep on using Internet Explorer is like playing the lottery.

- adamantean.com

By Ruben Schade | Also posted in funny, redmond | Comments (0)