close
  • Ga chevron_right

    VeraCrypt offers open source file-encryption with cross-platform capabilities

    Danie van der Merwe · news.movim.eu / gadgeteerza-tech-blog · Yesterday - 17:04

TrueCrypt eventually closed down, but a replacement project called VeraCrypt quickly sprang up to fill the void. VeraCrypt is based on TrueCrypt 7.1a and features many improvements over the original (including significant algorithm changes for standard encrypted volumes and boot volumes). With VeraCrypt 1.12 and later versions, you can use custom iterations for increased encryption security. Better yet, VeraCrypt can load old TrueCrypt volumes, so if you were a TrueCrypt user, it's easy to transfer them over to VeraCrypt.

Back in the day when we had clients or officials travelling overseas into the then 'Communist' countries I'd recommend they use Truecrypt on a USB key to protect their data. Today we have VeraCrypt, wihich is a big improvement for the reasons stated in the article below. It is a cross-platform product that will work on most storage mediums and provide security and privacy.

The article below gives an overview of how to get going but I don't think it covered the hidden volume feature which is amazing, and helps if you are forced to give up a password.

See https://opensource.com/article/21/4/open-source-encryption

#technology #privacy #encryption #security #opensource #veracrypt

  • Encrypt your files with this open source software

    Many years ago, there was encryption software called TrueCrypt. Its source code was available, although there were no major claims that anyone had ever audited or contributed to it. Its author was (and remains to this day) anonymous. Still, it was cross-platform, easy to use, and really, really useful.

  • favorite

    1 Like

    ericbuijs

  • Ga chevron_right

    Here are Some Interesting Facts About Website Hacking - 3 Common Vulnerabilities Which Don't Take Rocket Science To Fix

    Danie van der Merwe · news.movim.eu / gadgeteerza-tech-blog · Monday, 29 March - 11:37

Threat actors generally use 3 methods to hack the website: Access control, Software vulnerabilities, and Third-party integrations.

Just regularly patching and updating software already makes a massive difference, and assess carefully what 3rd party libraries or plugins you make use of. Read reviews and check how recently it was updated. For passwords, it is NOT about changing them regularly, but it is about unique and more complex passwords being used. It's these simple things that make the biggest difference.

See https://www.ehackingnews.com/2021/03/here-are-some-interesting-facts-about.html

#technology #security #websites #hacking #vulnerabilities

  • Pu chevron_right

    Librem 5 and Librem 5 USA: What are the Differences?

    pubsub.do.nohost.me / Purism · Friday, 26 March - 16:37 · 2 minutes

We sometimes get questions from customers who are trying to decide between the Librem 5 and Librem 5 USA , such as whether someone living in the USA must buy a Librem 5 USA (Answer: both Librem 5 and Librem 5 USA work in the US) or whether the Librem 5 is $1999 (Answer: the Librem 5 is $799, the Librem 5 USA is $1999). If you are trying to decide between the two phones and want to understand what makes the Librem 5 USA a premium product, in this post we’ll highlight the differences between the two.

What’s the Same

Librem 5 and Librem 5 USA have the same Purism authored schematics, Industrial Design (ID), and Mechanical Design (MD), they both run the same firmware, kernel (Linux), operating system (PureOS), and applications from the PureOS Store. Both products are from Purism, a US-based Social Purpose Company . Both phones work in all the regions of the world by using a removable region-specific modem module included and installed in the phone.

Trust & Verify

Both the Librem 5 and Librem 5 USA have public schematics (they’re the same schematics, since they’re our schematics) for public verification. They both have X-rays released after manufacturing of the PCBAs to verify hardware chips and placement. Both phones are fully Purism designs top-to-bottom. Both phones have all source code released for reproducible verification of no tampering and public verification.

What’s Different

The core differences between the products are based on the Librem 5 being contract manufactured in China while the Librem 5 USA is manufactured at our facility in Carlsbad, California.

Librem 5

The Librem 5 PCBAs (the two boards inside the chassis) are manufactured in China. The PCBAs are then assembled into the Librem 5 Chassis, and imported to our facility in the USA for final assembly, flashing, testing, and fulfillment.

Librem 5 USA

The Librem 5 USA PCBAs are manufactured in our facility in Carlsbad, California—therefore are Made in the USA Electronics—for a secure hardware supply chain in the USA. The PCBAs are then assembled into the Librem 5 Chassis (engraved with ‘USA’ on its side), and have final assembly, flashing, testing, and fulfillment all done at our Purism facility.

The immediate benefits of the Librem 5 USA are to support US labor laws, Made in USA Electronics, secure hardware supply chain, and US manufacturing.

Price

The Librem 5 is $799 while the Librem 5 USA is $1999

Both are Great

Regardless of which product you choose, you will end up with a phone that’s on your side, designed from the bottom up to respect your freedom and protect your privacy and security.

The post Librem 5 and Librem 5 USA: What are the Differences? appeared first on Purism .

  • Ga chevron_right

    How to protect documents with a digital signature in open source ONLYOFFICE Desktop Editors v.6.2

    Danie van der Merwe · news.movim.eu / gadgeteerza-tech-blog · Thursday, 25 March - 12:23

ONLYOFFICE Desktop Editors is a free open-source office suite (much like LibreOffice) that contains viewers and editors for text documents, spreadsheets, and presentations. Along with offline work, it’s possible to connect the app to the cloud (ONLYOFFICE, Nextcloud, ownCloud, Seafile) and collaborate on docs online. The code repository is available on GitHub under AGPL v.3.0 license.

LibreOffice has similar functionality and interesting to note by them that whilst ODF format is fully signed including the metadata, this is not the case for OOXML (docx) as they have to disable the signing for metadata as Microsoft does not sign the metadata (I wonder why?).

See short tutorial at https://www.howtoforge.com/how-to-protect-documents-with-a-digital-signature-in-onlyoffice-desktop-editors/

#technology #opensource #onlyoffice #digitalsignature #security

  • Ar chevron_right

    Dark web bursting with COVID-19 vaccines, vaccine passports

    news.movim.eu / ArsTechnica · Tuesday, 23 March - 15:13

Dark web vendors are selling falsified COVID-19 vaccination records.

Dark web vendors are selling falsified COVID-19 vaccination records. (credit: Check Point Research )

Tired of waiting to get your vaccine appointment? For just $500, you could get a COVID-19 vaccine dose tomorrow (overnight shipping not included). Too rich for your blood? How about a vaccination card for just $150?

Security researchers have seen a spike in listings on dark Web marketplaces in recent weeks. The sites are advertising everything from vaccine doses to falsified vaccine certifications and negative test results. Currently, more than 1,200 listings are offering a variety of vaccines, including Pfizer, Moderna, Johnson & Johnson, AstraZeneca, Sputnik, and Sinopharm.

Investigations by researchers at security firm Check Point have been monitoring the sites for COVID-19-related activity since January, and they report a three-fold increase in such activity over the last three months. It’s unclear if the doses are legitimate, and even if they were, there’s no guarantee that the vials have been stored at the correct temperature, potentially rendering them useless.

Read 5 remaining paragraphs | Comments

index?i=30WvQX48D9I:2dkTfZd29cI:V_sGLiPBpWUindex?i=30WvQX48D9I:2dkTfZd29cI:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Pu chevron_right

    Librem 14 Security Features

    pubsub.do.nohost.me / Purism · Monday, 22 March - 19:54 · 7 minutes

The Librem 14 was designed based on a long wishlist we made to build our dream laptop. When we first announced the Librem 14 we stuck to the features we knew for sure would be part of the first revision. Over the next few months as we worked through prototypes we were able to announce new features such as dual RAM slots and a number of exciting security features. While these features are mentioned on the Librem 14 product page , I thought it would be useful to collect all of the security features of the Librem 14 into a single place.

Hardware

Our previous Librem laptop lines touted a number of unique hardware security features and we have learned many lessons over the years as we use the hardware ourselves and get feedback from security-minded customers. With the Librem 14 we have been able to improve hardware security across the board.

Hardware Kill Switches

Our most famous hardware security feature is our hardware kill switches (HKS), a set of physical switches that disables the webcam and microphone, or WiFi, in hardware. Placing a sticker over a webcam is a nice start, but with HKS you can be sure that your computer isn’t spying on you and can conveniently enable the camera and microphone only when you need it.

We got feedback from a number of customers that having HKS on the side meant you had to crane your neck to see the current state and find the right switch. We also heard that some customers were flipping HKS when inserting their laptops into a case. With the Librem 14 we have moved the HKS back above the keyboard and have added LEDs to make the current state of the hardware obvious at a glance. We have also extended the webcam/microphone hardware kill switch so that it also disables the microphone in the headphone jack .

Ethernet Port

A physical Ethernet port might not seem like a security feature to some people, but for people facing particular threats it’s a critical security feature. The ability to remove the WiFi card completely, or at least keep it disabled with a HKS, and access the network over a physical Ethernet port, means you can completely avoid entire classes of attacks on WiFi cards and protocols.

Firmware Write Protection Switches

Another security feature that’s completely new to the Librem 14 is a set of switches on the motherboard that will allow you to write protect the BIOS and EC firmware . Currently the physical switches are implemented, but we still need to complete some software and configuration work so that they actually trigger write protection.

Librem 14 Firmware Write Protect Switch in the Off Position Librem 14 Firmware Write Protect Switches in the Off Position

Firmware

After the hardware, the next area to focus on for security is the firmware–code that runs on discrete chips on your hardware that straddles the fence between hardware and software. Supply-chain attacks on firmware continue to be a growing concern in the security community so we take a number of additional steps on the Librem 14 to help secure its firmware.

Intel Management Engine

Perhaps one of the most famous bits of firmware on a modern Intel computer is the firmware for the Intel Management Engine (ME)–a chip that initializes Intel hardware and that is required for it to boot. Because the ME has core access to your hardware, because the code is proprietary so it can’t be audited, and because some versions of the ME include Active Management Technology (AMT) that enable IT administrators to control machines remotely over the network, there have been some concerns that the ME might contain secret backdoors. Also, as the features of the ME expand, there have also been concerns that the increased attack surface might allow attackers to exploit flaws in ME firmware and take remote control over a computer.

Like in past Librem laptops we select the simplest version of ME firmware available, without AMT, so that we begin with the smallest possible attack surface. Next we disable the ME by setting what is known as the HAP bit so that after the hardware is initialized the ME is disabled. In the past we have also performed an additional step of “neutralizing” the ME (overwriting most of the ME firmware with zeros, leaving only the bits critical to booting). As the Librem 14 is newer hardware running a newer version of the Intel ME, we haven’t yet been able to neutralize it, but hope to be able to add that in a future firmware release.

PureBoot

PureBoot is the name we give for a suite of technologies we use to secure the boot process. It starts with our boot firmware based on free software projects coreboot and Heads that help you detect firmware tampering when paired with a Librem Key . When you order a Librem 14 with the PureBoot Bundle , we pair the laptop with a Librem Key at our facility so that when you boot the laptop with the Librem Key inserted, the key will blink green if the system is safe, and blink red indefinitely if it detects firmware tampering.

PureBoot also extends into the operating system itself and will detect any tampering in the kernel or boot configuration files and alert you to them before it boots. Finally, PureBoot can even be configured to use your Librem Key to unlock disk encryption.

Embedded Controller

In addition to the Intel ME, another area of concern for firmware security is the embedded controller (EC). This chip manages the keyboard in addition to many other things :

With more tasks assigned to the EC, the software and its capabilities grew which makes it a pretty essential piece these days, especially for laptops. So the first thing the EC needs to do is to control the power up and power down of the machine, which means to enable or disable certain voltage domains, doing that in a controlled fashion honoring dependencies (often some power rails are derived from others), and also taking into account the power supply constraints of the main CPU in certain power modes. This is especially important for low power states like suspend to RAM where you just want to power what is needed. There are also other very interesting peripherals attached to the EC. Of course the EC controls the keyboard matrix, i.e. it assigns keypresses in that matrix to key scan codes sent to the main CPU.

Normally the EC runs proprietary firmware, and like with the ME, due to the level of access the EC has (such as the fact that it controls the keyboard), there is concern over what an attacker could do with backdoored or hacked EC firmware.

Starting with the Librem 14 we are freeing the EC firmware which will not only allow you to audit the firmware for backdoors and security flaws, but also give a Librem 14 owner much more control over their hardware. The blog post I linked above goes into much detail about the EC overall as well as our plans for it.

Software

By default the Librem 14 will ship with PureOS Byzantium–our latest and greatest release of PureOS featuring many security and feature updates while being accessible and convenient for the average user to use. For users who want even more security, perhaps at the expense of some convenience, we also offer Qubes as an operating system option on the Librem 14.

We have a long history of Qubes support on our hardware and treat Qubes as a first class operating system at Purism. Because Qubes makes heavy use of hardware virtualization, the average Qubes users finds themselves running ten or more virtual machines simultaneously, with some users running many more than that. With the 6 core, 12 thread tenth generation Intel i7 CPU, fast NVMe storage, and dual SO-DIMM slots allowing a maximum of 64GB RAM, we believe the Librem 14 is the best laptop for Qubes .

Anti-Interdiction

Finally, some customers face security threats such that having their laptop tampered with during shipment is a real concern. Other customers simply want the peace of mind that their laptop hasn’t been tampered with. Regardless of the reasons, Purism offers a premium anti-interdiction service where we work with a customer over encrypted email to model their particular threats and custom-tailor our anti-interdiction measures both on the hardware itself with glitter nail polish and tamper-evident seals, and on the software with an integrated PureBoot Bundle using customer-supplied secrets.

A close-up of the unique pattern of blue glitter nail polish on the center screw. A close-up of the unique pattern of blue glitter nail polish on the center screw.

Conclusion

We are very proud of the Librem 14 and believe that its combination of hardware, firmware, software, and anti-interdiction features make it one of the most secure laptops you can buy.

Discover the Librem 14

Order now

The post Librem 14 Security Features appeared first on Purism .

  • Fo chevron_right

    How To Unblock YouTube Video And Other Streaming Sites?

    pubsub.do.nohost.me / FossBytes · Monday, 22 March - 13:12 · 3 minutes

unblock youtube

With more than one billion videos being watched every day, YouTube is the world’s most popular video streaming service. However, not every video uploaded on YouTube might be available to you.

This is where we step in!

In this article, I’ll describe different methods to unblock video on streaming sites like YouTube, and help you access YouTube without any hassle.

Why is this YouTube video blocked?

Before moving ahead and listing different methods, take a minute to find out popular reasons why you’re unable to binge-watch content on YouTube or other video streaming sites.

While most of the videos on YouTube are available worldwide, many of them come with their own licensing terms and conditions. Copyright and regional restrictions, as defined by the video uploader, prompt YouTube to show messages like “ Sorry, this video is not available in your country “.

The second common reason is the manual restrictions enforced by local law enforcement agencies, schools, office network admins, ISPs, etc.

Important: While we believe accessing content and videos freely on the website is an integral part of your freedom, we’d advise you to respect your local laws and authorities, and avoid any legal trouble.

How to unblock YouTube videos?

1. Get a VPN

While many online guides list a proxy network as the go-to method to open YouTube, I recommend using a trusted VPN. The reason for doing so is simple — a VPN provides you the double advantage of bypassing and encryption.

A VPN will first encrypt your internet request and then route it to another country. This results in bypassing local YouTube restrictions and also hiding your online activity. Here’s our article on how to choose the best VPN provider for additional reading.

Here are some VPN recommendations as per our testing as well:

2. Use SmartDNS

SmartDNS works by helping you connect to a proxy server that’s in the same country as the YouTube video you’re trying to watch. By knowing which country you need to connect to unblock a particular video, SmartDNS proxy allows you to re-route your traffic.

Please note that just like most proxy services, SmartDNS only unblocks the restrictions and doesn’t provide any added layer of security.

SmartDNS is also offering a 14-day free trial to get you started in no time!

You can also use services like Google Public DNS or other free services, but they are unlikely to be the ultimate solution.

3. Use Tor Browser

Open Source Software Windows 10 10 Tor Browser

As we all know, Tor is the ultimate tool to stay anonymous and it can also be used to defeat censorship. With the help of its encryption layers and worldwide server locations, Tor makes it easy to hide your IP address and unblock content.

But using Tor for unlocking banned YouTube videos isn’t my first recommendation as you’ll experience unreliable speeds on the Tor network — something that could be a deal-breaker for many. Also, setting up Tor could be a bit hectic for some of you.

4. Use a Proxy

As we’ve already explained in our VPN vs Proxy article , a proxy service doesn’t give you the protection of encryption. So ensure that you don’t end up sharing private and sensitive information over a proxy connection.

HideMyAss (HMA) is one such free YouTube proxy provider that makes your YouTube experience smoother.

5. Check site settings in Chrome

It’s also possible that you might have accidentally added YouTube website to the restricted/banned list. To check and unblock YouTube videos, open youtube.com in Chrome and click on the icon just left of the address bar. Now click site settings and remove any restrictions from the setting page.

Tip: How to setup a VPN to unblock YouTube?

Since using a VPN is the best method to access YouTube videos from anywhere, follow our dedicated VPN setup guide and learn how to use a VPN service to its maximum capability.

The post How To Unblock YouTube Video And Other Streaming Sites? appeared first on Fossbytes .