Regular readers will know that I keep a keen eye on security and protection on private data. Previously I covered using KeePass to store password (of course the best would be to keep everything in the head), using Tor and Privoxy for anonymous browsing and setting up a VPN to share data using Hamachi.
In this post (and the next), I want to share some tools that will secure your data on your harddisk.
Eraser is an open source security tool which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Why do you want to do this?
Continue reading ‘Wipe all trace with Eraser’
KeePass (review) is an opensource password manager which helps you to manage your passwords .
All your passwords are kept in one database, which is locked with one master key or a key-disk. You only have to remember one single master password or insert the key-disk to unlock the whole database.
Databases are encrypted using very secure encryption algorithms (AES and Twofish).
A new version, 1.06, is available. (Thanks to the update alert built into the program.)
Recently I acquired a software that required FTP access to my server, without which it cannot work.
I was shocked!
You see, in the last 7-8 years I have not use FTP on my servers. Even on the local office server I refuse to allow FTP to be installed. For file transfer I just use SFTP (Filezilla supports this).
Are you still using FTP, you might want to read the following and discover why it is time to take note
The traditional FTP protocol is highly insecure: it sends passwords in the clear. For this reason FTP has been recognized as one of the largest remaining security liabilities in most UNIX systems. As of 2006 FTP still remains one of the Internet’s most popular file upload mechanisms.
Another security risk lies not with FTP itself but with the widespread use of wireless internet connection.
With wireless, your FTP password travelling in clear over the air can be easily captured. You may be surprised that wireless attack is actually very easy. The kid next door may just be looking at your wireless traffic now.
So, if you are using FTP on your hosting server and at work, ask why. Security file transfer like SFTP, SCP, FTP over SSL are widely available. Perhaps it is time to ask if the hosting provider support them or move on to a more knowledgable hosting provider.
At this point I am still talking to the vendor to see how the FTP requirement can be relaxed or best removed.
Tor is one of those application that you most likely don’t need but useful to know that it exist when you need it.
Tor’s website describe it as “an anonymous Internet communication system“. Which doesn’t really helps to understand what it is.
The normal business user would not need to know how Tor works (read this overview if you want to know), only what it does.
One of Tor usage is to get pass blocked website. Which is what I am going to describe in this article.
If you work in some countries (no name here to protect this site) that filters web traffic you may want to read on.
Continue reading ‘Punch through web filter with Tor’
I consider myself a security paranoid. When I sign up with a site, I use a different password, sometimes even different username. Over the years I must have hundreds of account accumulated on the internet.
To help with remembering, I started with standard menonics, then use associations. Then I became more lazy started using standard passwords for sites that I don’t really care about.
Still, the problem is how to manage passwords overload ?
Let me introduce KeePass .
Continue reading ‘Remember all your passwords with KeePass’