Top 10 Secret Agent Security Tips and Tricks When dealing with computer security, an often overlooked security risk is so-called "deleted files". When files are deleted, nothing is actually done to them aside from marking them as "free-space". The OS may get around to overwriting them sometime when it needs the space, but a deleted file could sit on a drive completely intact for weeks of usage (the bigger it is the bigger the chance it will be at least partially overwrited). Encryption applications that do not involve real-time decoding (a special driver decrypting files on-the-go vs an application decrypting and re-encrypting files), often do not have secure methods of wiping files (or the user is unaware of them), and hence the files are left in an unencrypted state on the drive when deleted. The only way to assure deleted files remain that way (or at least make their recovery very difficult and time-consuming) is to have an application overwrite the drives free-space with random 0s/1s, ideally multiple times.
Use TrueCrypt and Skydrive to encrypt your sensitive files and store them in the cloud. NSA proof. Accessible anywhere. | Christian Fleischhacker How to use TrueCrypt and Skydrive (or Google Drive, DropBox, SugarSync, etc.) to encrypt your sensitive files and store them in the cloud – making them NSA proof and accessible anywhere. Protect your Intellectual and Creative Property. Here’s how. Download and install TrueCrypt. Sign up for a free Live account at and then download and install the SkyDrive application. Launch TrueCrypt and click Create Volume. Select Create an encrypted file container and click Next. Select Standard TrueCrypt Volume and click Next. Click Select File. Select Your SkyDrive folder and type in a name for your new encrypted document folder – in this case PrivateFiles.tc – and click Save. Click Next. The bigger the volume you create the longer it will take to synchronize to SkyDrive and your other computers. 32 MB can store a lot of files, click Next. Type in your password click Next. Click Format. Click Exit and wait for the container to synchronize with SkyDrive.
Mac OS X touché par un ransomware propagé par Transmission Un nouveau type de malware fleurit de plus en plus sur le web, peut être en avez-vous entendu parler ou même l'avez-vous vécu, ce logiciel malveillant s'installe et chiffre toutes vos données puis vous réclame de l'argent pour vous rendre vos données. Tout le monde est touché, les serveurs des entreprises, les particuliers, les NAS (un épisode sur les Synology fut douloureux pour certains utilisateurs) et aujourd'hui se rajoutent les Mac. Pas parce que l'OS est mauvais, et la sécurité de Mac OS X n'est pas remise en question mais le résultat reste le même : le parc est aussi touché. Comment cela est-il possible ? Comme le rapporte paloalto networks, le malware KeRanger s'est glissé dans des installeurs de Transmission dans sa version 2.90. Gatekeeper a été mis à jour pour bloquer cette version particulière de Transmission 2.90 et Apple a révoqué le certificat en plus de mettre à jour XProtect.
Getting Website Security Implemented, The Right Way - Freedom Hacker There is current tension over security and the surveillance state together. One side stands for personal security, while the other side stands for national securit. Where do we strike this balance? Recent hype has developed on the pro-personal security side in the making of government proof products. But lets step back, government proof? When someone uses the word government proof, everyone suddenly becomes scared and on edge because it easily sounds like a ‘terrorist’ or ‘criminal’ operation, especially to policy makers. In a recent seminar at Def Con 22, Christopher Soghoian, principle technologist at the ACLU, outlines why we need HTTPS encryption across the web and how to get system administrators to actually implement it without using scare tactics. The general population does not push for system administrators or whole companies to implement security features across their website. The implementation is vital, but the outcome could be devastating.
How to Vanish with a New Identity Dark Side or not, it's always good to say, "Hey, folks. Don't forget, this is illegal. Do it at your own risk. LH is not responsible for any trouble you may cause/get yourself into!" First of all, Dark Side articles have a completely different vibe than almost every other article. In other words, they rarely "fit" with the feeling you get from Lifehacker, especially if you've been here since before Dark Side articles began popping up regularly. Adam Dachis, however, is spinning it to advocate identity theft. Let me make this final point clear: I am not against these types of articles in general. Presenting both ways to protect yourself from identity theft and then ways to steal another person's identity (with a joking tone or not)? They should probably create a separate site dedicated to Dark Side posts. Amen.
Protect Your SkyDrive Files From The NSA Using TrueCrypt Omar Shahine and Mona Akmal from the SkyDrive team held an AMA on reddit answering user questions. We’ll be sharing any interesting tidbits. A number of users asked if the NSA could access their files on SkyDrive. Your SkyDrive account and your private files are password-protected.When you upload or access private files on SkyDrive, we encrypt information sent between you and our servers using Secure Sockets Layer (SSL) to prevent eavesdroppers from seeing your files when in transit.Once your files are on our servers, we work to prevent hackers from accessing your data by employing sophisticated physical / electronic security measures. Microsoft employee and reddit employee formerlydrinkingguy77 mentioned: of course. Now, the whole thing would synch every time you changed any part of it, but you would be guaranteed privacy. Omar Shahine: We don’t currently have that option. Source: Reddit
Locky - Tout ce qu'il y a à savoir sur le malware du moment Vous êtes quelques-uns à m'avoir demandé d'écrire un article sur le nouveau malware qui fait rage en ce moment : Locky. Et bien voilà. Qu'est-ce que Locky ? Locky est ce qu'on appelle un ransomware, c'est-à-dire un malware (pour Windows) qui prend en otage vos fichiers en les chiffrant et qui vous réclame une rançon à payer pour pouvoir déchiffrer vos précieuses données. Apparu en février 2016, Locky serait l’œuvre des mêmes personnes qui ont lâché le ransomware Dridex en 2015. Comment Locky se propage-t-il ? Comme la plupart des ransomwares, Locky se diffuse par email (envoyés grâce à un botnet) dans lesquels se trouve une pièce jointe mortelle. Quant au nom de l'expéditeur, ce n'est jamais le même. Le fichier Word (.doc) attaché contient un texte étrange qui indique d'activer les macros pour pouvoir le lire. Quels sont les dégâts qu'il engendre ? Voici les fichiers qui sont chiffrés et dont l'extension est changée en .locky (d'où le nom du malware Comment se protéger contre Locky ?
How to Survive a Party or Social Gathering as an Introvert