Sunday, April 30, 2017
Friday, April 28, 2017
W10Privacy application details
In a previous Blog post I mentioned W10Privacy. What caught my attention was the technique of blocking Microsoft telemetry servers via hosts file edits. This is a good technique for blocking traffic AND allowing the resulting traffic re-direct to be viewed and captured. Microsoft "documented" the details of data they collect to improve and monitor Windows. Finding the detail of the details was an effort. Read the blog post a VERY interesting read on computer privacy for more detail.
After downloading the W10Privacy application I am able to view in detail and change a lot of settings to enhance the security and privacy of the Windows 10 creators update.
Some screenshots:
A word of caution.The purpose of this blog post is to illustrate the many settings concerning privacy in Windows 10 Creators Update. More may be added in updates to come. If you choose to change settings, be sure to take a restore point, proceed with caution, research your choices, monitor for the desired affect and any undesired affects.
Each setting offers more detail while hovering over that setting.
After downloading the W10Privacy application I am able to view in detail and change a lot of settings to enhance the security and privacy of the Windows 10 creators update.
Some screenshots:
A word of caution.The purpose of this blog post is to illustrate the many settings concerning privacy in Windows 10 Creators Update. More may be added in updates to come. If you choose to change settings, be sure to take a restore point, proceed with caution, research your choices, monitor for the desired affect and any undesired affects.
Each setting offers more detail while hovering over that setting.
Tuesday, April 25, 2017
a VERY interesting read on computer privacy
Thanks to the Windows SIG for this post:
https://privacytoolsio.github.io/privacytools.io/
I do not like using links in blog posts. A similar post contains a link to a similar tool/application that I do not think is safe.
Give this page a read, let me know what you think.
sccccyber@gmail.com
https://privacytoolsio.github.io/privacytools.io/
I do not like using links in blog posts. A similar post contains a link to a similar tool/application that I do not think is safe.
Give this page a read, let me know what you think.
sccccyber@gmail.com
Wednesday, April 19, 2017
How smart are smart phones?
Smart phones are a way of life for a lot of us. Often multiple smart devices. Many sensors abound to make our life better in these devices. How may sensors?
Rotation, Orientation, Ambient Light, Motion, TouchID, Device Temperature, NFC, Microphone(s), Barometer, Ambient Temperature, Proximity, Speaker(s), Gravity, Accelerometer, Gyroscope, Magnetic field, Ambient Humidity, Ambient Pressure, GPS, Bluetooth, WiFi, Hall Effect Sensor, Camera(s) to name a few. More sensors will be added in future smart devices.
Why so many sensors? To add richness and capabilities to applications that run on smart devices.
As with most things, there are benefits and not.
Researchers have developed java script to read some of the sensors in smart phones such that the java script in applications can determine the change in spatial orientation to determine the pin entered on the touch screen.
Will this happen to you on your smart device? Probably not. Can this happen to you? Probably.
The warning: from anywhere on the planet, applications can use any/all of these embedded sensors to "sense and transmit" the details of the environment around these smart devices.
Rotation, Orientation, Ambient Light, Motion, TouchID, Device Temperature, NFC, Microphone(s), Barometer, Ambient Temperature, Proximity, Speaker(s), Gravity, Accelerometer, Gyroscope, Magnetic field, Ambient Humidity, Ambient Pressure, GPS, Bluetooth, WiFi, Hall Effect Sensor, Camera(s) to name a few. More sensors will be added in future smart devices.
Why so many sensors? To add richness and capabilities to applications that run on smart devices.
As with most things, there are benefits and not.
Researchers have developed java script to read some of the sensors in smart phones such that the java script in applications can determine the change in spatial orientation to determine the pin entered on the touch screen.
Will this happen to you on your smart device? Probably not. Can this happen to you? Probably.
The warning: from anywhere on the planet, applications can use any/all of these embedded sensors to "sense and transmit" the details of the environment around these smart devices.
Monday, April 17, 2017
WARNING!!! Browser vulnerability (4/16/2017)
A common technique to lure you via your browser to an unsafe site is to use character encoding so the Universal Resource Locator (URL) is rendered in the browser's address bar as a site you intend, but do not want. Techniques in the past include backspacing.
Recently new techniques called Punnycode (use a search engine to see more details).
An example:
What makes this technique dangerous, the Punnycode can be registered and a certificate issued.
If/when this is done the user has little chance of catching the technique to lure you and your browser to an unsafe site.
Most browsers are vulnerable to this technique.
Friday, April 14, 2017
a LOT of 0-days released today (4/14/2017)
Shadowbroker released 0-day exploits today.
0-day exploits are computer codes that take advantage of vulnerabilities that have not been disclosed or patched. These exploits were stolen from the NSA/CIA recently. The timing of this large release - on a Friday before a weekend - AND exploits known by the United States government is a concern.
A lot of chatter on hacker forums will fuel new malware to attack computing infrastructure.
Please be extra vigilante and aware.
0-day exploits are computer codes that take advantage of vulnerabilities that have not been disclosed or patched. These exploits were stolen from the NSA/CIA recently. The timing of this large release - on a Friday before a weekend - AND exploits known by the United States government is a concern.
A lot of chatter on hacker forums will fuel new malware to attack computing infrastructure.
Please be extra vigilante and aware.
Tuesday, April 11, 2017
WARNING!!! Microsoft Word document 0-day
WARNING!!!
Security researchers warn of Microsoft Word document spreading Dridex banking trojan.
Most of the documents thus far are delivered via email with the Subject: Scan Data. The enclosure has had titles scan with some random numbers.
The normal protection of having macro expansion turned on do not work in preventing infection. Some reports indicate MacOS installations of Microsoft word are affected as well.
Be extra careful of emailed Word documents.
Security researchers warn of Microsoft Word document spreading Dridex banking trojan.
Most of the documents thus far are delivered via email with the Subject: Scan Data. The enclosure has had titles scan with some random numbers.
The normal protection of having macro expansion turned on do not work in preventing infection. Some reports indicate MacOS installations of Microsoft word are affected as well.
Be extra careful of emailed Word documents.
Saturday, April 8, 2017
Clearing the clipboard Windows PCs
In the last SIG meeting (4/6/2017) it was mentioned that clearing the Windows clipboard after using that clipboard for sensitive information is best practice.
In versions before Windows 10 the system kept several copies of the clipboard. With physical access to the memory of the PC, a forensic examiner or malware program can find these copies and access the information. In addition to the information the clipboard stores the type of information the clipboard contains is maintained. The clipboard can contain text, links, videos, etc.
For Windows 10 the security of the clipboard gained focus of the developers at Microsoft. If using Windows 10 it is better practice to copy new text to the clipboard than erasing via the delete or backspace keys.
The command line cmd /c "echo off | clip" will also clear the clipboard.
Additional methods, log off, restart the PC and Print Screen of a benign page. Clipboards are per user so one user can not access another user's clipboard contents.
For earlier versions of windows the clipboard was not as protected. The above mentioned techniques will clear the current clipboard but something or someone with access to physical memory and knowledge can gain access to the contents.
Since having a clipboard history is of value, there are applications that allow access to any or all previous clipboard contents. If you use those applications, you will need to use the application to clear their clipboards and/or history.
Subscribe to:
Posts (Atom)