July 17, 2012

DIY Super Secure USB Stick

A USB flash drive is a great tool, but what if you were to lose yours? Do you carry confidential information that you don’t want in the wrong hands?

There is a simple way to carry the most confidential information on a USB flash drive, without the fear of someone getting it, even if you lose your USB stick.

Lets say for example that you have an 8GB flash drive. The first thing that you should do, is download Truecrypt onto your computer. Then use Truecrypt to create a 4GB (or whatever size you prefer) encrypted volume on the USB stick. Now, in order to access the encrypted partition, you will need to mount it using Truecrypt. To avoid a situation where you need access to the encrypted files but do not have Truecrypt installed,  just copy the Truecrypt executable to the un-encrypted partition of the USB stick, that way you can just “RUN” Truecrypt from the USB stick and mount the encrypted partition.

Once that is complete, feel free to carry any personal documents and files within the encrypted partition without the fear of someone obtaining them. Truecrypt is so strong that even the FBI can’t break it! The remaining, unencrypted partition is available to use just as you normally would, you now have a place to store both secure and non-secure files.

 

Have a question? Contact me at dennis@thecommongeek.com

If you found this useful, please share. Thanks!

Filed Under: Encryption, Security Leave a Comment
June 30, 2012

Surf Anonymously With Proxies

Lets start with a little basic explanation of IP addresses and proxy servers. An “IP Address” is the address assigned to you by you by your ISP “Internet Service Provider”. This address identifies you on the internet and is captured by the websites you visit. Therefore, if you are on a website that is illegal, you can easily be tracked down by the authorities. The police would simply subpoena the ISP who was responsible for assigning the IP Address and the ISP would give them your name and address so they could come and lock you up.

A “Proxy Server” or “Web Proxy” is a server or computer system that acts an an intermediary for requests from clients seeking resources from other servers. When you use a proxy, the proxy server is actually the IP Address that gets captured, therefore leaving you undetected. The proxy server makes the request on your behalf and then serves the info back to you through your browser. For example, by using a proxy, it may appear that the person accessing a website is in Spokane, WA when in fact, they are in New York.
There are a few different reasons that people use a proxy, unfortunately, a lot of them are for illegal reasons, which I do not condone. On the other hand, a lot of security conscience people use proxies because they don’t want people monitoring their traffic, browsing habits and physical location. Most proxies these days are web proxies, meaning that they utilize the web as opposed to an intranet style proxy server.

There a few ways to use a proxy, the first is by visiting a website called www.proxy.org where you will see a box on the right hand side with a list of proxies, simply choose a proxy and a new tab will load with an address bar. From that point forward, all of your web surfing should be bounced off the proxy. You may also way to check out the TOR project, a website dedicated to annonimity online. TOR offers their own secure browser, as well as many other options. TOR is simple to use and it’s free.

Another web proxy that I like is www.proxify.com which is free, but has a paid version as well with additional features. Here is a list of features that are included in the paid subscription.

  • No ads, delays, or popups - We don’t serve advertising of any kind on proxy pages.
  • Faster - Our subscription service provides fast anonymous surfing.
  • No file restrictions - Access to over 40 normally restricted file types (such as: mpg, mov, mp3, avi, aiff, zip).
  • FTP access - Ability to download files via the FTP protocol.
  • More secure - Keep your browsers cache clean with security features like encoded URL’s and blanked page titles.
  • Unlisted IP’s - Beat Internet censorship with our secret “subscribers only” site.
  • More bandwidth - Ability to download files up to 50 MB (This is over 12 times more than free accounts.).
  • No image restrictions - No restriction on number of images which are displayed per page.
  • Priority access - Only subscribers can access Proxify during peak usage times.
  • Priority support - Our professional staff answers email promptly.
  • More accessible - Ability to use one of our many alternative URL’s.
  • Very affordable - Just $40 USD for 3 months of access. If you subscribe via PayPal or Credit Card and leave automatic billing enabled, this rate will be “Locked in” even if our price increases.
  • And more - Many special features for subscribers only.
If you have a question, please email me at dennis@thecommongeek.com
If you found this useful, please share.


Filed Under: Security Leave a Comment
June 21, 2012

3 Tips For Workplace Security

If you are like me, tied to a desk all day in an office full of people you are most likely vulnerable to losing your personal info.  If I go to lunch, someone is likely to plop their butt down at my desk and start checking their Facebook, email, Craigslist or some shady site that could likely infect my machine.  This is what I do to keep my info secure.

          • This is super nerdy, but highly effective. I created an encrypted volume with Truecrypt, once that volume is mounted there is a PortableApps system inside the encrypted volume that I launch. Once the PortableApps is loaded, I use the integrated Firefox browser, therefore keeping everything I do secure within the encrypted volume. Once I dismount the encrypted volume, the Firefox browser within the PortableApps program is totally secure.

          • If I walk away from my computer for a short time and don’t feel like dismounting my encrypted volume, I use a program called ClearLock which quickly locks the screen, but leaves it transparent. This is great solution for quickly locking things down, but won’t keep you secure if someone where to reboot the machine.

          • You should definitely use a password manager, do NOT allow the browser to save any passwords. Also, make sure that the browser is set to dump cookies when it closes. Personally, I use LastPass, but there are several other options out there like KeePass, Roboform and PasswordSafe

            • Have a question? email me at dennis@thecommongeek.com 

            If you found this interesting, please share.

Filed Under: Security Leave a Comment
June 6, 2012

Two-Factor Authentication Made Easy With Yubikey

With so many hackers out there stealing information, it’s time to really take a look at how you handle your passwords and login practices.  These days, a simple word or name is no longer safe. Even if you have a strong, alpha-numeric password with plenty of special characters, you are still subject to man-in-the-middle attacks and keyloggers.

A simple and genius solution for  multi-factor authentication is a product called Yubikey a tiny USB device from a company called Yubico. Yubikey provides a unique one-time password, to guard against common password stealing attacks. There are several companies that have partnered up with Yubico to form a community I personally use Lastpass which is part of that community. Lastpass is a password vault that can be used to manage tons of account credentials, including credit card and personal data used when completing forms. As you can imagine, you would want the best possible password for such valuable personal info. For that reason, I use my Yubikey with Lastpass for rock solid security. You can even purchase a Yubikey with a one-year subscription of Lastpass Premium included here. A single Yubikey standard only costs $25, a very affordable price for such a great product.

I will be giving away a Yubikey including a 1-year subscription to Lastpass on June 20, 2012 at 9pm CST. All you need to do is leave a comment, telling me what kind of method you use for creating a secure password (please don’t tell me your password is “password”). You can also copy and share this post via Twitter:                             “Two Factor Authentication Made Easy With Yubikey” http://goo.gl/Rpbhq #YubikeyRocks

 

If you found this post useful, please share. Questions? email dennis@thecommongeek.com

Filed Under: Passwords, Security 17 Comments