Paradox
©
Fisana

Jump to content


- - - - -

~Open discussion for Privacy and Security Tip of the Day ~


  • Please log in to reply
59 replies to this topic

#41 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 04 January 2011 - 01:15 AM

Hello, Its been a while since I have been around so I thought I would share a little tidbit with all you. There is a little known security risk called ADS. No not advertisements, but Alternate Data Streams.

This is an oldschool hacker method to hide data in your Windows NTFS file system, preventing anti-virus/malware software from discovering and removing this data.

There are millions of ways to obscure malicious data, but this is one way that is often overlooked, and there is not many ways to prevent it. There is little use for ADS in legitimate applications today. You usually see FAVICON ADS used to inject icon files. Some other poorly written applications may have a legitimate (lazy) reason for using ADS..

To find out what ADS are hiding in your Operating System I would recommend a tool called ADS SPY.

________________________________
http://www.merijn.nu/programs.php
ADS Spy: A small tool to list, view or delete Alternate Data Streams (ADS) on Windows 2000/XP with NTFS file systems. ADS are a way of storing meta-information about files, without actually storing the information in the file it belongs to, carried over from early MacOS compatibility from Windows NT4. This meta-information is not visible in Windows Explorer.
Recently browser hijackers began using this technique to store hidden information on the system, and even store trojan executable files in ADS streams of random files on the system. Use with caution, Windows and several antivirus programs also store (temporary) information in ADS.
________________________________



Ok, now that you know how to remove ADS are you daring enough to make your own? There is nothing to download, you only need to use whats already on your computer. You may want to follow this tutorial to help you better understand what ADS are, and this is kind of FUN to learn to do yourself! Click the link below if you are intrigued by this sort of stuff...

Do you want to hide windows solitaire in a Microsoft word document without a noticeable difference in byte count? How about hiding the some naked pictures in your Yani mp3 file? :amazed:
_______________________
http://www.antionlin...ad.php?t=260002

#42 Guest_jay pheno_*

Guest_jay pheno_*
  • Guest

Posted 04 January 2011 - 10:17 PM

Hello, Its been a while since I have been around so I thought I would share a little tidbit with all you. There is a little known security risk called ADS. No not advertisements, but Alternate Data Streams.

This is an oldschool hacker method to hide data in your Windows NTFS file system, preventing anti-virus/malware software from discovering and removing this data.

There are millions of ways to obscure malicious data, but this is one way that is often overlooked, and there is not many ways to prevent it. There is little use for ADS in legitimate applications today. You usually see FAVICON ADS used to inject icon files. Some other poorly written applications may have a legitimate (lazy) reason for using ADS..

To find out what ADS are hiding in your Operating System I would recommend a tool called ADS SPY.

________________________________
http://www.merijn.nu/programs.php
ADS Spy: A small tool to list, view or delete Alternate Data Streams (ADS) on Windows 2000/XP with NTFS file systems. ADS are a way of storing meta-information about files, without actually storing the information in the file it belongs to, carried over from early MacOS compatibility from Windows NT4. This meta-information is not visible in Windows Explorer.
Recently browser hijackers began using this technique to store hidden information on the system, and even store trojan executable files in ADS streams of random files on the system. Use with caution, Windows and several antivirus programs also store (temporary) information in ADS.
________________________________



Ok, now that you know how to remove ADS are you daring enough to make your own? There is nothing to download, you only need to use whats already on your computer. You may want to follow this tutorial to help you better understand what ADS are, and this is kind of FUN to learn to do yourself! Click the link below if you are intrigued by this sort of stuff...

Do you want to hide windows solitaire in a Microsoft word document without a noticeable difference in byte count? How about hiding the some naked pictures in your Yani mp3 file? :amazed:
_______________________
http://www.antionlin...ad.php?t=260002





ty microscopeman ,, i went back over your info an agree an noticed you qouted irongeek ,, very good fellow if you ever met him ! :headbang:

thanx man :eusa_clap

#43 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 08 January 2011 - 12:14 AM

I thought I already replied to this.. Are we out of room on this page??

Its a small world after all. :amazed: I believe Iron and I have crossed paths in the cyber world...

Strange I didn't even know I quoted him until i looked at the forum again...

#44 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 29 January 2011 - 11:51 PM

::I2P::

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. Many applications are available that interface with I2P, including mail, peer-peer, IRC chat, and others.

http://www.i2p2.de/index.html

http://forum.i2p2.de...opic.php?t=2068

#45 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 31 January 2011 - 08:16 PM

-Freenet-
Freenet seems to be alive again so if anyone wants to check it out, it's a great way to share data anonymously. (anon through obscurity)
_________________________________________

http://freenetprojec...g/download.html

Freenet is free software which lets you anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums, without fear of censorship. Freenet is decentralised to make it less vulnerable to attack, and if used in "darknet" mode, where users only connect to their friends, is very difficult to detect.

Communications by Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to determine who is requesting the information and what its content is.

Users contribute to the network by giving bandwidth and a portion of their hard drive (called the "data store") for storing files. Files are automatically kept or deleted depending on how popular they are, with the least popular being discarded to make way for newer or more popular content. Files are encrypted, so generally the user cannot easily discover what is in his datastore, and hopefully can't be held accountable for it. Chat forums, websites, and search functionality, are all built on top of this distributed data store.

Freenet has been downloaded over 2 million times since the project started, and used for the distribution of censored information all over the world including countries such as China and the Middle East. Ideas and concepts pioneered in Freenet have had a significant impact in the academic world. Our 2000 paper "Freenet: A Distributed Anonymous Information Storage and Retrieval System" was the most cited computer science paper of 2000 according to Citeseer, and Freenet has also inspired papers in the worlds of law and philosophy. Ian Clarke, Freenet's creator and project coordinator, was selected as one of the top 100 innovators of 2003 by MIT's Technology Review magazine.

An important recent development, which very few other networks have, is the "darknet": By only connecting to people they trust, users can greatly reduce their vulnerability, and yet still connect to a global network through their friends' friends' friends and so on. This enables people to use Freenet even in places where Freenet may be illegal, makes it very difficult for governments to block it, and does not rely on tunneling to the "free world".

#46 Guest_jay pheno_*

Guest_jay pheno_*
  • Guest

Posted 31 January 2011 - 08:39 PM

i2p and freenet

both those places can be very dangerous ,,

id suggest not useing those for anyone till you are very clear on the "good an bad" of those places and how to secure your browser ,among other things !


never trust somone elses network for secureing data an privacy !

easy as hell to forget a setting or click somthen you didnt mean an fug everything up ... :horse::horse:




allthough they both opensource an plenty of info on there use ,, be warned till you read up !!!!



personally i wouldnt use them,, unless your a spy or passing data to evil minions ,,,,

#47 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 01 February 2011 - 07:42 PM

These services have their uses. There is really nothing dangerous about them. No more dangerous than the internet in general. You should never type in personal information into the internet period! If you use the service for its purpose and learn the purpose you will have no problems. I'm a security researcher and professional hacker/pen tester by trade, but this is J's thread so I will digress.

Edited by microscopeman, 01 February 2011 - 07:47 PM.

  • Erkee likes this

#48 Guest_jay pheno_*

Guest_jay pheno_*
  • Guest

Posted 01 February 2011 - 11:50 PM

These services have their uses. There is really nothing dangerous about them. No more dangerous than the internet in general. You should never type in personal information into the internet period! If you use the service for its purpose and learn the purpose you will have no problems. I'm a security researcher and professional hacker/pen tester by trade, but this is J's thread so I will digress.




hey ,,, no worries ,, what im getting at is that its one of those things that without really knowing what your doing you could get a false sense of security an end up not being as secure as you thought !

when i say dangerous i mean there are leo that set up servers an hackers that like to pen test on those machines ,,,


i really do appreciate your posting , just if you do post such programs in future maybe post a how too also so folks are not just blindly installing the programs an useing them ,,

#49 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 02 February 2011 - 11:19 AM

hey ,,, no worries ,, what im getting at is that its one of those things that without really knowing what your doing you could get a false sense of security an end up not being as secure as you thought !

when i say dangerous i mean there are leo that set up servers an hackers that like to pen test on those machines ,,,


i really do appreciate your posting , just if you do post such programs in future maybe post a how too also so folks are not just blindly installing the programs an useing them ,,


You are right sir, I did just rush these last couple of posts without proper explanation.. If you want to have these removed I'll re-post with specific uses and instructions. If you don't try to watch child pornography you should be alright with LEO.

#50 Guest_jay pheno_*

Guest_jay pheno_*
  • Guest

Posted 02 February 2011 - 12:16 PM

You are right sir, I did just rush these last couple of posts without proper explanation.. If you want to have these removed I'll re-post with specific uses and instructions. If you don't try to watch child pornography you should be alright with LEO.


no worries on removing the links ,,

if you wanna make new post with more info , please do !

on the childporn ,, yes that is the main thing the leo is on those networks for , but ive also seen weed for sale on there as well ,,, its hard to not get 20 kilos sent to your house ,,, you know ,, some folks might go wow i need it . i dunno just dont wanna tell folks to use it without knowing all about it kinda thing ,,

#51 XQCO

XQCO

    KNOW THYSELF

  • Expired Member
  • 269 posts

Posted 06 March 2011 - 02:30 PM

Does anyone use "pretty good privacy" open source encryption.

http://lifehacker.co...rypt-your-email
http://code.google.com/p/cryptophane/

#52 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 23 March 2011 - 10:28 PM

NOOOOOO! Page 2??? Its broken...
  • Erkee likes this

#53 stray dog

stray dog

    psychonauts unpaid intern

  • Expired Member
  • 65 posts

Posted 08 August 2011 - 11:48 PM

Does anyone use "pretty good privacy" open source encryption.

http://lifehacker.co...rypt-your-email
http://code.google.com/p/cryptophane/

No, but I've heard it's good. I use TrueCrypt, or a comparable whole-disc encryption built in with the Linux distro I run on my laptop.

There's a couple rules I've started following in regards to my computer security:
1. I only use my laptop to access Mycotopia or similar sites
2. The laptop is fully encrypted
3. The laptop does not ever connect to my home network, coffee shops or open wi-fi only

#54 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 30 March 2012 - 06:42 PM

DOWLNOAD TAILS
https://tails.boum.org/
Tails - is a live CD or live USB that aims at preserving your privacy and anonymity.
It helps you to:


  • use the Internet anonymously almost anywhere you go and on any computer:
    all connections to the Internet are forced to go through the Tor network;
  • leave no trace on the computer you're using unless you ask it explicitly;
  • use state-of-the-art cryptographic tools to encrypt your files, email and instant messaging.
You can download the TOR iso and boot it using Vmware Server or Virtualbox. This is an easy way to be sure that all data is forcefully piped out of Tor and no information can be leaked through Flash and other scripts. This will also not interfere with the settings on your "host" computer. For you non savy people out there, it is like having a computer loaded in your computer...

TO DOWNLOAD VIRTUALBOX
https://www.virtualb.../wiki/Downloads

INSTRUCTIONS TO MOUNT ISO
1. Open virtualbox manager
2. Click the "NEW" button at the top
3. Follow the wizard;
- Give your machine a name
- Choose LINUX, DEBIAN
- 192mb should be enough memory
- un-tick the "startup disk option"
4. After you finish the wizard you will see your machine
- Right click the machine>settings>storage>add attachment (at the bottom +)>browse to where you saved the Tails iso file and click open
5. you should be able to start your VM and everything you do in that machine will be piped through Tor anonymously

** every time you power down the machine it will be reset, to save something you can choose save image
** Check for new versions of Tails every so often...

Edited by microscopeman, 30 March 2012 - 06:58 PM.


#55 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 23 October 2012 - 04:42 AM

Update Tails. The updated ISO fixes some issues...

#56 microscopeman

microscopeman

    Mycotopiate

  • Free Member
  • 576 posts

Posted 06 December 2012 - 12:58 AM

DOWNLOAD Whonix
http://sourceforge.n.../wiki/Download/
Whonix - is an anonymous general purpose operating system based on Virtual Box, Debian GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two (virtual) machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.

Ok, This is an alternative to Tails (above post) with the benefit of being a fully operational operating system, but with the drawback of requiring some maintainance by the user (you). If you are comfortable with linux, you would treat it as you would any debian-based system with the one difference being, you will need to launch and maintain a virutal gateway (server), and then launch the workstation seperately. The pipes and connection go through the gateway providing more security, but these settings are already there for you. Whonix offers many more features, security, and otherwise, which Tails doesn't offer, or support "officially". I'd suggest reading the documentation and giving it a shot. There is really no reason to NOT surf mycotopia over a TOR pipe. If you are currently using Tails, good for you. Feel free to reach out to me in a PM with any questions and I'll try to help you out if you can't find the information here: http://sourceforge.n...first-time-user

#57 1nt0x1cat3d

1nt0x1cat3d

    VIP Member

  • Expired Member
  • 105 posts

Posted 24 February 2013 - 04:00 PM

id like to add security of instant messenger:

This is quick guide on how to use instant messaging for those that don't do it already. It's a great way to stay in touch with people when boards go down, do deals / talk off of boards person-to-person and talk faster than e-mail.

PIDGIN


Pidgin is an open source program that lets you log in to all your IM accounts at once and all managed in one program. Your friends list from ICQ, AIM, Y!M and jabber and any others will all be displayed in pidgin. IM windows are all handled by pidgin as well. It's a nice program.


1. Go to hxxp://www.pidgin.im and download the version required for your OS.


Install it.


2. Now get the OTR plugin from hxxp://cypherpunks.ca/otr


This plugin a) encrypts your conversations if you use it correctly and b) ensures the messages cannot be recovered.


If you're using a linux distro, sorry. You'll have to compile it from the source code, I guess, because they don't have an installer for you.


3. Run pidgin and make sure the OTR plugin is configured.


Go to Tools > Plugins


Find the Off-the-Record Messaging plugin and check the box next to it. Select that plugin and hit the button at the bottom of this box that says Configure Plugin. Make sure your Default OTR Settings have checked "Don't log OTR conversations" otherwise basically the point of having this OTR plugin with "perfect forward secrecy" is voided. Also make sure these two are checked: Enable private messaging, Automatically initiate private messaging. They probably are by default.


4. Make sure it's being run through tor or whatever proxy setup you're using.


Go to Tools > Preferences > Proxy


For tor, these should be the settings...


Proxy type: SOCKS 5
Host: 127.0.0.1
Port: 9050


5. You can now add your IM accounts.


Go to Accounts > Manage Accounts


Hit the Add... button.


Put in the account log in details that you have and make sure the proxy settings are right for each account, it's the 3rd tab in this Add Account window. If you Use Global Proxy Settings, it will use whatever you put in under step #4.


Now log in and you can instantly message and talk with anyone that's in your list. You can also add new friends to talk to by going to Buddies > Add Buddy....


How do you get an IM account to talk with people?


That depends on which one you want to use. Most people I know use ICQ, YahooIM and now Jabber is getting very popular. Jabber's the best in my opinion. There is no central server that can spy on everyone. ICQ is owned by AOL and they spy, like most IM companies, on conversations that aren't encrypted. They also record connecting IP addresses. ICQ is used by many carders because it is very popular in Russia.


Quote


How to get an ICQ account
Go to hxxp://www.icq.com/register and sign up for an account. You can use a dodgit.com or some other throw-away e-mail address. With dodgit.com you can just make up a name like [email protected] and have e-mails sent there. The account is instantly created once an e-mail comes to it. There is no password, so putting random numbers in the username is a good policy. They won't allow yopmail.com or mailinator.com, but if you want to use those, you can get an address at spambox.us and have it forward e-mails to your yopmail.com address or some other e-mail address you have if you don't want ICQ to know your real e-mail address.


You'll need to go to your e-mail and retrieve your ICQ information once you've filled out the registration form. They send a password, but you have to go find out your ICQ UIN (aka ICQ number). For that, go back to icq.com and log in with your e-mail address and ICQ password. Go to icq.com/people and click on My Profile on the right hand side. When you click on that, it will take you to your profile which will show you a number in the URL and elsewhere on the page below your name. That string of numbers is your username.


Now you can login to ICQ through pidgin with your new ICQ UIN and password.




Quote


How to get an Jabber account [written by Obelix]
1. In pidgin, go to Accounts > Manage Accounts > Add


2. Use these settings:
a. Protocol: XMPP
b. Username: <Your choice, suggested to use BB username>
c. Domain: headcounter.org [or whatever jabber server you want to use]
d. Resource: <nothing or a space, this will appear after your name if you put something here>
e. Password: <Make this unique, Pidgin stores passwords in plain text>
f. Check at the bottom "Create this new account on the server"
This section should look something like this: 7vmv54oox7hjkihn.onion/xmpp1.png


3. Under the proxy tab use these settings:
a. Proxy type: SOCKS 4 or SOCKS 5 depending on what your tor uses
b. Host: 127.0.0.1
c. Port: 9050
This section should look like 7vmv54oox7hjkihn.onion/xmpp2.png


If you set up everything in pidgin to run through tor, you can choose "Use Global Proxy Settings".


4. Hit Add. A box should pop up asking for your username and password once more, this is account registration.


5. Once the account is registered, be sure it is enabled in the account manager (check the box next to the new account) and start adding other users to your buddy list!


Each new user you add must be authorised by them before you can see presence information (presence info being able to see them go on or off-line for example). Also, each new account in Pidgin or Adium needs a new OTR key, but it should generate automatically after starting to talk to your first OTR-enabled buddy. Once you have your XMPP account and OTR key for it, you might find it easiest to have Pidgin/Adium auto-connect to it when you load the program.


Following these steps will give you an XMPP account on a European XMPP server with open registration that works very well over Tor (much better than older, proprietary communication networks like AIM). Using an open, standard protocol with a Free Software client all over Tor with OTR encryption on top of it seems to be the best upgrade path for instant messaging. The one major flaw as I see it is that there is no encrypted group chat.


Also, you can add buddies from any other federated XMPP server, including jabber.org, gmail.com, any LiveJournal chat user, Google Talk users, and even Facebook chat uses XMPP now but I don't know if their servers are federated with the rest of them. As long as you and your buddy has OTR and you connect to headcounter.org (or whatever XMPP server you choose) over Tor, you should be absolutely safe!!


***REMEMBER TO TURN OF ALL CHAT LOGGING IN PIDGIN OR ADIUM!!!!***




Some jabber servers I would suggest using...


headcounter.org
unstable.nl
jabberd.eu
0nl1ne.at
4business.nl
swissjabber.ch
swissjabber.li
amessage.ch
amessage.li


http://www.jabberes....ateway_icq.html




note: you can use yahoo,hotmail, any option pidgin gives you not just icq or xxmp "jabber"



#58 roc

roc

    Forum International Moderator

  • Moderator
  • 7,987 posts

Awards Bar:

Posted 25 February 2013 - 02:52 PM

Let's not forget to mention a VPN... even a paid service such as https://www.privateinternetaccess.com/

No spam intended.

#59 1nt0x1cat3d

1nt0x1cat3d

    VIP Member

  • Expired Member
  • 105 posts

Posted 01 March 2013 - 08:44 PM

I vouch use the vpn + tor pay with bitcoin

#60 preacher

preacher

    Former Member

  • Banned Member
  • 58 posts

Posted 04 March 2013 - 01:03 PM

Excellent thread very useful
and i can understand it better then securitytube

Edited by preacher, 04 March 2013 - 01:24 PM.





Like Mycotopia? Become a member today!