SECURITY ON AND FOR YOUR PERSONAL COMPUTER

Here are some programs and ideas to help you keep your data secure from unwanted tampering or observation in transit and secure on your computer even if taken. This is my paranoid page for the paranoid!!


An early decision to be made by anyone thinking about computer security, is as to why they want or need it. In other words, what do your expected security problems consist of? Consider seriously.

1. It could be that someone in the same building may read or tamper with specific files, so that you need to render them invisible, or if seen, un-intelligible. Computer operating systems can hide directories from inexperienced users, and encryption can make them un-intelligible to unauthorised people once found.

You can also lock doors, computer cabinets/keyboards, and use software to require a password to get past the screen-saver.

2. It could be that someone outside the same building can do various things to your computer, or your data.

    3. There are many programs available now that enable computer enthusiasts to access your machine via the Internet and damage it or the programs.

      3-1. Several programs enable people to inspect the directory
       structure and actual files on your machine, via the Internet.

      3-2. Others enable people to log your activity (these are not only
       hackers or other snoopers; see the recent reports about Netscape 4.5)

       Goto here. for this story.

       if the link does not work, get the story here.(e-mail me if you can't get it)

    4. Virus and trojan programs coming in via floppy disks are also a real potential threat.

    5. Have you been accessing files and storing information in a way that contravenes the law? There are Government agencies that have the job of detecting who breaks the law this way, tracking them down, taking their computer and using the data on it as evidence in a prosecution. I am referring not only to computer enthusiasts (hackers) who 'break in' to other sites; but people who obtain pictures of other people (usually without clothes on); the laws of different countries vary considerably in these regards. Then too there are those people who trade in pirated software, and in child porn, over the Internet. Internet and other tools are available to detect their activity, and to be prudent they need to cover their backs.

People also may have access to the TEMPEST technology referred to below to monitor your computer from outside your building by wireless means.

Decide what you need to protect, then act.

If you need more convincing, consider the following:

to see more, go to - http://www.dreamscape.com/dream98/statement.htm - which begins ....
"On October 27th, the New York State Police, acting under the orders of Attorney General Dennis Vacco, seized computer equipment used by Dreamscape to provide its Internet subscribers with access to thousands of newsgroups which are available through the Internet. The seizure was purportedly for the purpose of gathering evidence of illegal conduct by persons originating child pornography. Dreamscape is not accused of any wrongdoing."
Of course, any person contributing to newsgroups and who has not used some method to cover their tracks, can be easily traced.

In the week following, (i.e. the first week of November ), staff of the Department of Internal Affairs ( the pornography censors/police in NZ ) in New Zealand entered the home of a school teacher in Whangarei and confiscated his computer, computer disks, and videos. In my opinion it is likely that there was international collusion.

Too far-fetched you think? Read the extent of interception of paper mail, telephone, people movements and so on carried out in the UK and the USA, in the book "SpyCatcher" by Peter Wright, former Assistant Director of MI5; (William Heinemann Australia, 1987, ISBN 0 85561 166 9 , paperback). Should be available at any decent second-hand bookshop. I paid $4.50. Every major Post Office in the UK has or had a room set aside for the covert opening of mail, actively staffed by people intercepting mail to people being monitored. Not to mention radio work they did that leads right into TEMPEST.

In New Zealand, the SIS (Security Intelligence Service) recently got into hot water over their 'counter-espionage' burglary of the Christchurch house of a person who is an active watcher of Government industrial negotiations, in particular the forthcoming APEC leaders' summit conference to be held in Auckland next year.

Go to: |here| & |here| & |here| & |here| & |here| if you want to read current reports of SIS work.

So, decide what you need to protect, then act.

You must realise that nearly anywhere you go on the Internet you may leave tracks pointing back to yourself.


WARNING!
In some countries, the possession/use of encryption technology is itself an offense.

It is your responsibility to find out what applies to you in this regard.


RPK Invisimail.

An affordable e-mail encyption program for all,
Not subject to USA restrictions on export of encryption programs.

RPK Invisimail - excellent and fast.

There have been lots of incentives to develop another encryption and privacy program for modern desk-top computers and programs of the 1990's. To mention but two of these reasons; the challenge for a talented academic mathematician to show that he could develop and put into practice the sort of mathematical theory that is sometimes mentioned in journals such as Nature, Scientific American and New Scientist, and the prohibition imposed by the government of the USA on the export outside the USA of certain technologies including encryption programs.

The inventor of RPK Public Key Cryptography has created an entirely new (and patented) cryptography system that might be compared with the USA-based and patented RSA system. However, the RPK system is from 10x to 100x faster, and also is able to be used in electronic chips and circuitry. There is a choice available between 127, 521, 607 and 1279 bits, the last of which is extremely powerful encryption.

The programs offered by RPK Invisimail help with e-mail security.

For more details, go to The Internet base of RPK Invisimail

And go to here for recent information on the world scene and where RPK Invisimail fits in.


Recently, I have discovered another excellent set of security programs from Dugannon, Northern Ireland.

Internation Software Solutions here. have excellent products called secure-all and iProtect

These products are designed to provide absolutely secure file encryption on your PC.

They incorporate the Blowfish method of encryption, designed in 1993 by Bruce Schneier. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for both domestic and exportable use

Blowfish is unpatented and license-free, and is available free for all uses.

To find out more about Blowfish, go to here. and here.


Other products are available from: here Where Nick Payne has Cryptext


Of course, one other method you might consider, if you are really concerned about your electronic data being filched from behind your back, is to put it onto a ZIP drive or similar removable medium, and take it with you; in encrypted form if you are concerned to near a paranoid degree. Recent developments in the form of highly compact removable media are quite exciting, and the news bears watching in this regard. At the time of writing, ZIP drives holding one gigabyte of data are available for a reasonable price.


Another form of protection, for those who suspect they need to protect their information and activity from electronic detection through the walls by equipment that can select, receive and record signals radiated from their computer, monitor, and cabling, comes under the general heading of TEMPEST. (Transient Electromagnetic Pulse Emanation Standard). If you think this stuff is far-fetched, ask any-one who has had their un-licenced TV in use detected from a van parked on the street nearby.

It is possible, with some hard work and knowledge, to reduce stray radiation of signals to undetectable levels through the use of thorough shielding with specific materials.

If you search, for example using "Ask Jeeves" at All-In-One", for TEMPEST COMPUTER SECURITY, a set of surprisingly detailed links will come up.

As an example, go to here. or here.


Viruses

You owe it to yourself to obtain and install at least one good program that checks for viruses and eliminates them. If you are using the WWW at all, you ought to get one that checks data coming in 'on-the-fly'; Dr Solomon's is one such. You should keep these programs up-to-date, as new viruses, sometimes of totally new kinds, are being let loose on the computer world all the time. W95-CIH is one such, which destroys Flash Bios on the 26th of each month.


Trojans and server programs.

There are some programs that enable other people to monitor your computer activity at least when you are connected to the web and maybe when you are not. Two of these are so-called 'trojans' that establish a 'server' inside your computer which can then be controlled by someone else on the World-Wide-Web. "Back Orifice" from Cult of the Dead Cow, and "NetBus" here are two of these programs. There now programs and manual methods available to help the PC user to deal with these two programs, one of these is "NetBuster' from here that can turn the tables on the person who installs NetBus on your machine.

There are several reputable programs that are designed to turn a PC into a server. Some also have the ability to be used to obtain information from a remote PC; one such is FTP Serv-U or Serv-U which can be downloaded from here. This kind of activity is something that may need to be guarded against.

There is another program that comes from a Company that I would have thought was above such activity, but the program "ICQ Snif" from Mirabilis has the ability to report back to the Company the programs that are on your computer and whether or not they are properly registered. This can be dealt with as follows (courtesy Terry Blount and his Crack Talk Newletter).

Mirabilis (ICQ) has the potential to obtain application specific data from users system registries through their registry value
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\DefaultPrefs\Auto Update

It has allowed the Mirabilis server to modify your ICQ client and send it commands when connecting to their servers. It's been seen to instruct PC's to send various components of the system registry to the ICQ servers periodically. This allows Mirabilis to see what software you have installed on your computer, serial numbers used, your name, your company and in some instances even your home address! Check this out ...

http://members.xoom.com/funky_fred/icq.html . Here

Note.. just copy and paste this regedit4 info to a text file and name it icq.reg then find the icq.reg you just created and saved with windows explorer and click and import it to disable this option.

--- cut here ---

REGEDIT4

[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\DefaultPrefs] "Auto Update"="No"

--- to here ---


Perhaps you believe that once you have 'erased' or 'Deleted' a file, or removed it from the 'Recycle Bin', has gone for good.

Not so.

Deleted and erased files can easily be un-deleted and un-erased using readily available software. If you want to ensure that a file is un-available even if your computer is disassembled and special techniques used to strip magnetic signals from the surface of the hard-drive, it is necessary to write over the 'erased' file with a special program that will write, perhaps many times, a chosen pattern of characters that will greatly obscure what used to be there. Norton Utilities used to contain two such programs, called 'WipeDisk' and 'WipeFile' to carry out just these actions.

Additionally, some operating systems and programs carry backups and records in places additional to what you think. These can sometimes be hard to find. Netscape, for example has in their browser programs a file called 'Global History' that records every URL accessed. Also, most Internet browsers routinely record a backup set of files in the browser Cache. To deal with that, the Windows OS program called TweakUI can assist, and should be followed with the use of 'WipeFile' or 'WipeDisk' by the very paranoid.

To get some idea of what I mean ...

You'd like to know where you've been for the last few weeks? What was that URL you accessed 4 weeks ago?

On the URL line for Netscape, type ... global:history ........You might be surprised.

With the browser Opera, the procedure is a little different as the information is help in a text file "global.dat" in your Opera directory; try this - C:/opera/global.dat -

For MSIE ( MicroSoft Internet Explorer ) the equivalent command is - C:/windows/history -

You can empty these files if you want to.

However, with MSIE the record that your computer keeps goes even further elsewhere, to two depths.
In "C:\Windows\temporary Internet Files\ " there are four Cache directories, and these are chock-a-block full of copies of what you have copied or looked at ...

And, in each of these directories, are two *.dat files that list every place you have visited. As if you'd want to know. Actually, sometimes that can be helpful, as when you have forgotten where you got something from 6 months ago and you need it now. But the information can also be useful to other people who would very much like to know where you've 'been'. If you have concerns about your security, it might be vital to edit these files.


ZD Net recently posted a course of information for anyone to use.

Go to here and take a good look at the facilities offered. It seems that I'm among good company in looking at these issues!


Why have I bothered to put this information together?

Once, I was browsing in one of the NEWS areas ( there are more than 10,000 of them, readily accessible, but not if you use MSIE or Netscape, and not from all ISP's - my browser is Opera - a small but powerful program that will fit on a floppy and run very well on a 386 with an 8Mb HDD) and I found that a lot of the letters posted there had been removed - by some sort of Censor, was my best guess. Given the newsgroup I was browsing, I couldn't quarrel too much with that. But then I noticed one posting that had been censored and I could tell that it was about computer security, and it occurred to me that the people doing the censoring also didn't want computer users to have access to technology that would make life more difficult for the censors.

I followed up on the link and soon found that a computer security company had sent me a copy of a powerful security program. I decided then that it would be a good idea to share my findings with others, hence this. I don't have much fondness of the idea that (as in George Orwell's "1984" ) 'Big Brother is Watching Me'


Now that I mention George Orwell's "1984", 'Big Brother is Watching Me', not that I'm paranoid (much) let me mention a couple of other things that have come to my notice in the last few months, just to let you know the way things are headed, as if you didn't know .....
This page is under development (aren't they all?).

Back to homepage

Back to base at Caverock