Security

You are currently browsing the archive for the Security category.

How to Search Encrypted on Google

July 5, 2011 in Internet, Security | No comments

Google has a pretty clumsy URL for searching with SSL, like Wikipedia. However, the encrypted version of Google Search is currently only in beta, so it may be the reason behind it. Anyway, here is the URL to it:

To change to your country’s version, replace the last two letters en to something more fitting. In my case sv since I’m from Sweden.

With the Firefox add-on Add to Search Bar you should be able to add an entry for this version to your search bar. And as with all other search fields in Firefox, it’s possible to add a keyword for the search field by right clicking the field and pressing “Add a Keyword for this Search…”.

However, if you care about your privacy, don’t forget to check out DuckDuckGo. Click here to read my short introduction to the search engine.

Tags: , , , , ,

How to Browse Facebook Encrypted

July 2, 2011 in Internet, Security | 2 comments

As far as I know will only the Account Settings page on Facebook encrypt your connection if you haven’t changed the default settings. Not even the login page seems to connect over SSL by default, which seems a bit strange for such a large site. Maybe they don’t really care about the users’ security.

However, on the Account Settings page there is an option below Account security that asks you if you want to browse Facebook on a secure connection. I can’t see a reason to not use it, so I advise you to go in there and update your account. :) I have done it myself on all my accounts, and I haven’t experienced any problems.

The flaw with this is that you have to be logged in to make Facebook realise that you want to use an encrypted connection. Therefore doesn’t the login page use SSL by default, so you have to manually add an s to http in the URL.

By using https will you be protected from applications like FireSheep, even if you are on a unencrypted network. And you will also protect your data from being read by others on the way between you and the server.

Tags: , , , ,

How to Use the Encrypted Version of Wikipedia

June 28, 2011 in Internet, Security | 6 comments

For long I didn’t know that there even existed an encrypted version of Wikipedia, since you can’t reach it by simply adding an s after http. The regular address that you are used to looks like this:

And the secure address looks like this:

So it’s a bit lot longer and troublesome to access. However, that mustn’t be a problem. If you are using DuckDuckGo as your search engine and has set it to search through SSL, it will automatically change the outgoing Wikipedia links to the encrypted version. If you would like to have the encrypted Wikipedia as an option in the search bar in Firefox, you can add an entry for it with this add-on.

If you are curios about DuckDuckGo, read my short blog post about it:

Tags: , , , ,

Alternative to Google Search: DuckDuckGo

June 27, 2011 in Internet, Security | 1 comment

A search engine that I have heard some talk about lately is DuckDuckGo, which I also recently have set as my default search engine in Firefox.

The advantage over Google is that they value the user’s privacy much higher. DDG doesn’t track you, you can set DDG to always search through their encrypted version (https), and you can also set DDG to prevent the sites you visit from knowing what keywords you used to get to them. On the following page you can find the privacy settings, along with many, many more options (far more than those Google offers for their search engine):

What I like as a Swede is that they also have an option to choose region, which will increase the search results from that country. So I have in my Firefox search box added one entry for the regular DuckDuckGo, and one for it with the region set to Sweden.

If you wonder why you should be careful when you search stuff on the Internet, you can visit www.donttrack.us. It’s a homepage by DuckDuckGo that describes how the tracking of you works when you are using Google.
I’m not a person who searches for herpes, illegal stuff or something similar. But I can’t say that I really like to share all my keywords and data that I put into the search box with (advertisement) corporations and people around the whole world.

If you look around on DuckDuckGo you will find many smart features, like !Bang. So it’s a really competent search engine, that not only doesn’t track you and values your privacy, but offers good search results, loads of options and many features.

Tags: , , , ,

Internet War Against WikiLeaks Opponents

December 10, 2010 in Internet, Politics, Security | No comments

WikiLeaks

Right now is the secret “organization” Anonymous fighting a war against opponents to WikiLeaks, as you can read in many newspapers. They are angry because Julian Assange was arrested two days ago, and now they are seeking revenge. The main targets have until now been VISA, Mastercard, Amazon and Paypal, since they disabled the ability to donate money to WikiLeaks. And donations are WikiLeaks’ only income source, so it definitely hurts them.

The attack actually seems pretty organized just for this once. There are plenty of websites where you can get information about the attacks and how you can help in the fight. For an example: http://pastehtml.com/view/1c8i33u.html. The attacks are also being discussed on web forums, like 4chan, and Flashback if you understand Swedish.

Here are three links to their Twitter feeds where you can read news about the attacks and which site that is the current target:

If you want to get involved – I really recommend you to join the IRC server. There are a couple of thousands users logged in and discussing attack related stuff.

The attackers also have a radio channel, which a guys broadcasted live on yesterday. He was playing music and calling VISA and Mastercard, asking them what was wrong with their sites. You can find the URL to the stream on their IRC. But here are two links to the stream, don’t know if they still work tho:

Apparently they have created a new Facebook too, since their first one was deleted:

See ya on the battlefield! I believe this can evolve into something really interesting. At the moment there are about 9000 computers performing DDoS attacks.

Tags: , , , , , , ,

Change to hacker “safe” password

August 20, 2010 in Security | No comments

According to this article, is a 7 characters passwords pretty hopeless nowadays, because of the GPU-power that the regular consumer graphic cards got. Instead does the article recommends you to change to a longer password, with at least 12 characters. Then I can feel a bit safe, with my 15 characters password. :)

I wonder when we will need to have full sentences as passwords due to the increasing power in our machines.

Just so you don’t get me or the article wrong. It’s only “safe” with a 12+ characters password as long as the hacker doesn’t have access to the database, with the password stored in it in plain text. Then is it only helpful with a long password if it’s hashed and/or salted.

Tags: ,

Crack hashes with IGHASHGPU

June 12, 2010 in Applications, Security | No comments

I found a very nice and fast software for cracking hashes, like sha1 and md5. It went through almost 1000 million hashes per second on my computer, compared with Cain which did about 6,5 millions per second. But I have only a half broken ATI 4870. This is what the website says about 5970:

Recovery speed on ATI HD 5970 peaks at 5600M/s MD5 hashes and 2300M/s SHA1 hashes.

And that is freaking awesome!

Tags: ,

Decrypt passwords with Cain & Abel

June 10, 2010 in Applications, Security | No comments

I have used Cain & Abel before (some years ago) for network sniffing. But today, when I wanted to try out decrypting passwords, I googled and found out that Cain & Abel can do that too. Or maybe I shouldn’t call it decrypting, because I was solving hashes. It worked great, but it takes a huge amount of time when it’s more than 6-7 characters in the password. Therefore can it be a good idea to download a rainbow table if you want to minimize the time spent “decrypting”.

http://www.oxid.it/cain.html

Tags: ,