Social Icons

Friday, June 13, 2014

CLOUDUSB : Another way to secure yourself....

1.     "Cloud" has been easily the most buzzy term in past few years for the computing industry. Case in point is the CloudUSB distribution, a project that promises to provide automatic backups and data along with privacy protection. The cloud name is catchy but the security is far less than promised....it is actually a USB-based Linux distribution based on Ubuntu 10.04 LTS(though old but works for general user..now I m on 14.04 LTS though). The idea is that you can carry your own Linux distribution with you for use anywhere, thus allowing anyone to use Linux on any computer and keep their data safe in the event the USB key is lost.

2.    CloudUSB uses the Dropbox service to synchronize data, so users who don't already have a Dropbox account will need to set up an account before being able to use the synchronization service. CloudUSB sets up a data and private-data folder for keeping sensitive files in. The setup.sh script that comes with the distribution uses encfs to set up an encrypted directory. It appears the script isn't properly encrypting the directory, though. When the system is rebooted, it does use encfs to mount the Dropbox/private-data directory as Desktop/.private-data. A step by step screen shot is shown below...i run this on a Virtual Box....and this can be downloaded at http://cloudusb.net/?DOWNLOAD












and there you are ready sett...go!!!!!!!!!!!!!

Monday, June 09, 2014

Hardening Linux : BASTILLE-LINUX

1.   Linux is gaining its pace in gaining new user base daily pan globe and with this increase it becomes all the more important to harden it because now Linux will soon be of interest to hackers....and in this post I am giving a brief introduction about Bastille, a software tool that eases the process of hardening a Linux system, giving you the choice of what to lock down and what not to, depending on your security requirements. It bundles many of the tasks routinely done to securely configure a Linux system into one package.It is a set of Perl scripts that run as an interactive program, asking questions for each step of the hardening process. The scripts explain each step well, enabling you to understand what security measures will be introduced by any changes you make and why. Bastille can also optionally save your choice of options to a file for remote deployment to other machines.

2. Bastille currently works with Red Hat, Fedora, SUSE, Debian, Ubuntu, Gentoo, and Mandriva distributions, as well as HP-UX. A beta version is also available for Mac OS X. Most of the distributions Bastille supports have it available as a package that you can install with the default package manager for the distribution. Once it is installed, just run Bastille as root.After you install it vide the Ubuntu Software centre,the ways to use and configure is shown vide screen-shots below :


















Google joins the ENCRYPTION Race : End-to-End Extension

1.    After Snowden leaks,one thing that has been most sought after is privacy and encryption and there have been a horde of tools and extensions that offer u the same vide many companies.Like in the last mail I mentioned about PROTONMAIL,there is another one in the offering from the horses mouth itself...ie Google offering an extension by the name of End-to-End extension...that
means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.It’s a Chrome extension intended for users who need additional security.

2.    Though it is not yet available since still in Alpha stage but as per the Google blog at http://googleonlinesecurity.blogspot.in/2014/06/making-end-to-end-encryption-easier-to.html,it is likely to be available soon for all chrome browser users as an extension.Google wants to make it harder to spy on email by encouraging maximum providers to adopt server-to-server encryption. The new tool is based on OpenPGP and is meant to be a more user-friendly encryption option than programs such as PGP, which can be difficult to configure and use.
3.   So till it releases.....no options other then to wait.....

Sunday, June 08, 2014

Encrypted Mail without being Technical : PROTONMAIL for You

1.    Often when we discuss about encrypting messages in emails we see it is generally confined to PGP extensions using Thunderbird, exchanging public keys and generating private keys and other encryption techniques incl Enigmail or installing GPG etc...but even after doing all this the whole thing is a bit complicated ....and no one likes complications....so when techies get complicated...it actually becomes kind of out of bounds for the common user anyway to use encryption in routine mails with each other.But with increasing rise in concern over security and privacy matters by the common user specially after Snowden revelations,the need has given us PROTONMAIL.

2. PROTONMAIL This new encrypted email service, called ProtonMail is a super-secure email service created in collaboration with the scientists from Harvard, the Massachusetts Institute of Technology and the European research lab CERN.It offers a user-friendly experience with full “end-to-end” encryption and encrypts the data on the browser before it communicates with the server, therefore only encrypted data is stored in the email service servers. So, even if someone gains complete access to the server, it will find only the encrypted data. Moreover, there is even a “self-destruct” feature in the email service which ensures your emails are only available for a limited period of time.Isn't it interesting?....

3.  At Protonmail,the decryption uses a combination of asymmetric (RSA) and symmetric (AES) encryption.So we have two cases wherein the user sends a mail from a Protonmail account to another user with Protonmail account and the other in which he sends a mail message to a non Protonmail user....

- For Protonmail to Protonmail emails, implementation of PGP is used where  key exchange is handled. So we have all the public keys. As for the private keys, when an account is created, it is generated on the browser, then encrypted with your mailbox password (which we do not have access to). Then the encrypted private key is pushed to the server so it can push it back to user whenever he/she logins.

- For PM to Outside emails, encryption is optional. If one selects to encrypt,  it uses symmetric encryption with a password that one can set for that message. This password can be ANYTHING. It should NOT be the Mailbox password. It needs to be somehow communicates to the recipient....few useful screenshots seen below :

 This is the screen at LOGIN
 Here you LOGIN
 Here is the second password before you finally LOGIN to the user interface
 Here is as you LOGIN
 This is the screen as you compose a mail.The point to be seen is the feature for choosing to encrypt your message and the expiration time.
 This is the mail received to a non PROTONMAIL user and we see there is a mail link it refers to!!!
 Once you click that link..you get a pop up for a password
 You enter the password and you will be able to decipher the password.


Saturday, June 07, 2014

[SOLVED] : result code ns error failure virtualbox

1. If you ever get this message "result code ns error failure virtualbox" while you use virtual box...don't you worry...simple steps will resolve as follows:.

The screens you see are shown below first just to ensure that your and mine problem is same :



2.    So first thing is your remove Virtual box from the Ubuntu Software Centre or you can remove the same manually from terminally as root with the following commands :

sudo apt-get remove virtualbox-\*

sudo apt-get purge virtualbox-\*

init 6

sudo sh -c "echo 'deb http://download.virtualbox.org/virtualbox/debian '$(lsb_release -cs)' contrib non-free' > /etc/apt/sources.list.d/virtualbox.list" && wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add - && sudo apt-get update && sudo apt-get install virtualbox-4.3 dkms
3.     These 4 commands from the terminal should get you through!!! all d best


Sunday, June 01, 2014

[SOLVED] Unable to mount SAMSUNG_Android : Error initializing camera: -60 : Could not lock the device

1.   This is a common issue for Ubuntu users trying to transfer files from a Samsung or any Android Mobiles.You get the following screen as seen below :


2.   Two simple terminal commands should be able to solve this issue :

First : sudo add-apt-repository ppa:langdalepl/gvfs-mtp

Second : sudo apt-get update

3.  Running these you will get something like this ready to explore the folders :