tag:blogger.com,1999:blog-38158603636649994912024-03-13T12:31:44.029-04:00BitmongerBob Brown's musings on computers, computing, and related topics.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.comBlogger25125tag:blogger.com,1999:blog-3815860363664999491.post-33208897515703936432023-04-30T18:27:00.001-04:002023-04-30T18:31:41.800-04:00Porn Spam Killed Google Drive<p>I have a Google Drive account. I like it, and I used to use it a lot. I'm a retired professor and I visit K-12 schools to talk to kids about STEM. I could put my stuff on Google Drive and when I got to a school, there it all was, ready for me to use.</p><p>No more. Now I open the web interface to Google Drive and I find a dozen of more files shared with me, and they're all spam for pornography sites. Many of them have pictures, and all of them have suggestive titles, albeit with creative spelling. I wouldn't dare open Google Drive in a classroom.</p><p>It's back to flash drives, I guess, or maybe Microsoft OneDrive.</p><p>The sad thing is that Google could fix this approximately instantly.</p><p>What is needed is a check-box setting that says, "Only allow those in your contacts to share files." I check the box and the problem is solved!</p><p>Google probably can't turn that on by default, but you get an acknowledgement page every time you use the "report abuse" function. A big notice, right there, with a button to turn the "contacts only" setting on, and the first time one reports abuse could be the last time one sees spam in Google Drive. They also send an email acknowledgement and could put another notice in there.<br /></p><p>Too bad they haven't done it.<br /></p>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-50450741958731494032021-03-09T18:46:00.035-05:002022-05-17T09:48:18.846-04:00Crypto to Go<h3 style="text-align: left;">How to Implement Encrypted Email at Work or on the Road<br /></h3><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody><tr><td style="text-align: center;"><a href="https://1.bp.blogspot.com/-P2x67F-wky0/YEfZUhDSaoI/AAAAAAAADCI/Xmfyn26tFtI2C8lxANQj_XKL6uPNsARVwCLcBGAsYHQ/s289/nsa_eagle.jpg" style="margin-left: auto; margin-right: auto;"><img alt="American eagle wearing headphones and clutching Ethernet switch." border="0" data-original-height="289" data-original-width="250" height="200" src="https://1.bp.blogspot.com/-P2x67F-wky0/YEfZUhDSaoI/AAAAAAAADCI/Xmfyn26tFtI2C8lxANQj_XKL6uPNsARVwCLcBGAsYHQ/w173-h200/nsa_eagle.jpg" width="173" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-size: xx-small;"><span style="font-family: verdana;">Image courtesy of the<a href="https://www.eff.org/" target="_blank"> <br />Electronic Frontier Foundation</a>. <br />Send them money.</span></span><br /></td></tr></tbody></table><p><b>Note:</b> <i>I was very excited about Mailvelope. It seemed to be a way for people less geeky than I to use encryption. Sadly, the developers of Mailvelope have chosen to cripple the free version. As I write this, it will not handle encrypted messages in the PGP/MIME format, which may be most messages encrypted with software other than Mailvelope. In other words, it isn't compatible with other software, and so <b>I can't recommend Mailvelope's free version.</b> The paid version may be better.</i><br /></p><p>Eight years ago Edward Snowden exposed the lengths to which intelligence agencies had gone to collect every bit of information about everyone. I wrote a series of posts exhorting people to encrypt their email on the grounds that "it's none of their damn' business!" The first one, <a href="https://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html" target="_blank">It's Time to Encrypt Your Email</a>, has links to the others.</p><p></p><p>Almost no one did it because it's too much trouble. I'm a retired professor, and at the time I was able to use my personal laptop both at home and in my university office. Most people don't have that luxury, and most people didn't want to go through the fiddly steps to set up encryption. Further, many, perhaps most, people use web based mail systems like Gmail. <i>Encryption that happens on the provider's server is not secure</i> because the mail provider necessarily has the crypto key; it can be subpoenaed, bought, stolen, or coerced. (If the concept of <i>key</i> seems strange, read <a href="https://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html" target="_blank">A Little About Encryption</a>.) </p><p>This article tells you how to implement encryption for your web mail and use it at home or at work, without installing any software on your Windows computer at work. I can write it because a friend told me about the Mailvelope software.<br /></p><h4 style="text-align: left;">What We're Going to Do<br /></h4><ol style="text-align: left;"><li>Acquire a key-ring size USB drive</li><li>Generate a couple of very strong pass-phrases <br /></li><li>Set up encryption on the USB drive (optional)<br /></li><li>Install a portable version of Firefox on the USB drive </li><li>Install <a href="https://www.mailvelope.com/en/" target="_blank">Mailvelope</a> in Firefox on that USB drive</li><li>a. Generate new crypto keys using Mailvelope or,<br />b. Export your existing crypto keys and import them into Mailvelope.</li></ol><p>When you're done, you'll be able to send and receive securely-encrypted messages anywhere there's a Windows 10 computer you can use, and without installing anything on that computer. (Most of this stuff will work on a Mac, but you'd have to install the Mailvelope browser add-on on the computer. Your boss might frown on that,<i> and</i> you will be handing a crypto key that should be secret over to whomever has access to that computer.) </p><p><b>Note:</b> If you don't need "to go" and only want to be able to encrypt web-based mail at home, just generate a pass phrase, install Mailvelope on your favorite browser, and use it to generate keys. Done! If you want to go portable later, you can export your key pair from Mailvelope and import the same keys into the portable version.<br /></p><h4 style="text-align: left;">Who Do You Trust?</h4><p>Before any of this, we need to talk about issues of trust. I think it's very unlikely that the U.S. National Security Agency can crack the encryption described below. If they can, they don't dare admit it because it would start a rush to develop better, uncrackable encryption. The weak link in what I'm going to describe is who has access to your cryptographic private (secret) key. Specifically, you are trusting the developers of Mailvelope not to snarf up your secret key <i>and</i> the passphrase that protects it and ship them off someplace nefarious. I think it's highly unlikely because it's the kind of thing security researchers look for, and covert communication between a browser running Mailvelope and a server in Faroffistan would be pretty easy to detect. If you use Thunderbird or GPG you're trusting those developers, too, and that's almost certainly OK for the same reasons.</p><p>Here's the biggie: Every time you plug that USB drive into a computer, you're trusting whomever has administrative control over that computer not to have installed software that secretly copies the contents of the drive. That's a question of risk tolerance. I use encryption so confidential things like my nieces' social security numbers can be emailed to me, and because "it's none of their damn' business!" I'd trust a computer at my university, and maybe even one in the business center of a hotel. If my life depended on the secrecy of my communications, I'd be much more careful. YMMV.</p><h4 style="text-align: left;">USB Drive</h4><p style="text-align: left;">If you're going to take your crypto to work, or perhaps traveling, you need portable storage. Find a USB drive that suits your style. Look for small size, a metal case, maybe a loop for a key ring, and a brand name like Kingston, PNY, or Sandisk. No eBay or no-name drives because you'll want this thing to be reliable.</p><p style="text-align: left;">A 16GB drive is plenty, and the smallest capacity likely to be available. You should be able to find something for less than $15. I like <a href="https://www.bhphotovideo.com/c/product/1598355-REG/kingston_dtkn_32gb_datatraveler_kyson_flash_drive.html" target="_blank">this one</a> and you can get two for $16. That will let you make a backup. It's 32 GB, which is more than you need, but it'll work fine.<br /></p><p style="text-align: left;">Make a backup copy of your drive from time to time. Just copy everything to a folder on your home computer. <br /></p><p style="text-align: left;">When you're done with the drive, I suggest physical destruction with a hammer. Reformatting is not always effective at destroying information on flash drives.<br /></p><h4 style="text-align: left;">Pass Phrases</h4><p style="text-align: left;"><b>Note: </b>If you already have a key pair <i>other than with Thunderbird</i>, it is already protected by a pass phrase. You won't need to generate a new pass phrase to use Mailvelope.<br /></p><p style="text-align: left;">In portable mode, you won't have your trusty password manager to paste passwords in for you. You will need a pass phrase to protect your private (secret) key, and you may need another to protect your encrypted USB drive. Everyone who does anything with security has seen the <a href="https://xkcd.com/936/" target="_blank">XKCD cartoon about passwords</a>. "Correct Horse Battery Staple" is the kind of pass phrase you can generate using <a href="https://theworld.com/~reinhold/diceware.html" target="_blank">Diceware</a>. Four words are too few; use six or even more. Memorize your pass phrases, and also write them down and put them in a safe place. Here's a comment about <a href="https://security.stackexchange.com/a/10297/52741" target="_blank">the strength of such a passphrase</a>.</p><p style="text-align: left;">To generate a pass phrase, roll the dice, read the numbers from left to right as digits 1 to 6, and look up that number in a word list. Use real dice or the dice at <a href="http://random.org/dice">random.org</a>, which use an excellent source of randomness. Use the Electronic Frontier Foundation's<a href="https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases" target="_blank"> long word list</a>. Six throws of five dice will generate a six-word pass phrase.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-mOwQcX6a85M/YEh35clkrRI/AAAAAAAADCU/M_NvhrCGFdk3zfi1yy6RRKiFEHZcayBVgCLcBGAsYHQ/s280/dice_21265.png" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="58" data-original-width="280" height="41" src="https://1.bp.blogspot.com/-mOwQcX6a85M/YEh35clkrRI/AAAAAAAADCU/M_NvhrCGFdk3zfi1yy6RRKiFEHZcayBVgCLcBGAsYHQ/w200-h41/dice_21265.png" width="200" /></a></div>This roll, 2 1 2 6 5, is the word "crane" in the EFF long word list. I tried six rolls and got "crane abridge unmixable congenial unclog dismay." It's easy to make up a little story that makes those words memorable. "There was a crane on a-bridge; unmixable is the opposite of congenial, and if you can't unclog, you get dismay."<br /><p style="text-align: left;">You need a pass phrase to protect your private key. If you're going to encrypt your USB drive, you'll need a second one. The reason you shouldn't use the same pass phrase for both is obvious, right?<br /></p><h4 style="text-align: left;">Encrypt Your USB Drive (Optional)</h4><p style="text-align: left;">If your USB drive is lost, stolen, confiscated by the cops, or otherwise is out of your possession, an attacker must crack the pass phrase protecting your private key in order to decrypt your communications. If you've also encrypted the drive, the attacker must first crack the drive encryption. Even better, if the drive is encrypted, there's no hint that it contains cryptographic software until the drive encryption is first cracked. Security professionals call this defense in depth.<br /></p><p style="text-align: left;">Encrypting the drive means memorizing two pass phrases. Whether to do that depends on how secure you need your communications to be and on the possibilities of the drive leaving your control.</p><p style="text-align: left;">Encryption will go fastest if you start with an empty drive, that is, do the encryption first. To encrypt a USB drive, connect a formatted USB drive to a Windows 10 computer. Select Control Panel > System and Security > BitLocker Drive Encryption, or just type "bitlocker" in the program search. At the bottom of the panel, under Removable data drives - BitLocker to Go, find the drive to encrypt and click "turn on BitLocker." When prompted, click "Use a password" and type your passphrase twice. You can save your recovery key to a file or print it. Click "Encrypt only used disk space" and "Next." Select "Compatible mode" and click "Next." Click "Start encrypting." The process will take one to two minutes on an empty drive.</p><h4 style="text-align: left;">Install Portable Firefox</h4><p style="text-align: left;">Download <a href="https://portableapps.com/apps/internet/firefox_portable" target="_blank">Portable Firefox</a> onto your flash drive and run the installer. (There's a <a href="https://portableapps.com/apps/internet/google_chrome_portable" target="_blank">Portable Chrome</a>, too, but it wants a Google login that you may not want to provide.) You will need to close any other instances of Firefox, such as a desktop version, to run Portable Firefox. You can save yourself a click every time you use this if you move everything in the <i>FirefoxPortable</i> directory to the root directory. You can delete the installer program. Consider making a donation to Portable Apps.</p><h4 style="text-align: left;">Aside: A Note About Cryptographic Keys</h4><p style="text-align: left;">Public key cryptography, which is what this is all about, uses a <i>key pair</i>, two different keys. The one called the <i>public key</i> can be given to anyone, and is often uploaded to public key server computers. People use your public key to encrypt messages for you, and also to authenticate messages digitally signed by you.</p><p style="text-align: left;">The other key of the pair, called the <i>private key</i>, or sometimes <i>secret key</i>, is used only by you to decrypt messages encrypted with your public key and to apply your digital signature to messages. It should be kept <i>absolutely secret</i>, which is why you shouldn't just install Mailvelope (which needs your private key) on your work computer. There's more detail in <a href="https://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html" target="_blank">A Little About Encryption</a>.<br /></p><p style="text-align: left;">You'll have two choices concerning cryptographic keys when you install Mailvelope. It's pretty critical to make the right decisions because, in general, email systems decide which key to use to decrypt mail based on the sender's email address. If one address has more than one key pair, things can get very confusing. <i>Do not generate a new key pair with Mailvelope if you are already using encryption with the email address you intend to use with Mailvelope.</i><br /></p><p style="text-align: left;">If you've never used encryption before, or never generated a key pair for the email address you will use with Mailvelope, you can let Mailvelope generate a key pair for you. Skip to the next section.</p><p style="text-align: left;">If you already have a key pair you want to use with Mailvelope, you will have to export a copy of both private and public key and import them into Mailvelope. Read on!</p><p style="text-align: left;"><b>Export your key pair:</b> You will need to export copies of both your public key and your private key from your existing encryption software or email software to import them into Mailvelope. How to do that depends on the software you're running.</p><p style="text-align: left;"><b>Thunderbird:</b> Select the account from which to export the key pair; it's the line just above "Inbox." Choose<i> End to End Encryption</i> from the top line. Select the key you want to export; it will probably already be highlighted. Click the chevron or down-arrow in the upper right corner of the box for that key and select "More." You will need to select <i>Backup secret key to file. </i>That actually includes your public key as well. When you export your secret key, you'll be asked to set a password. Use the pass phrase you generated for your private (secret) key. You will end up with a file with a long file name ending in secret.asc. You will import this into Mailvelope.<br /></p><p style="text-align: left;"><b>Kleopatra: </b>Select the key you want to export in the "My Certificates" window. <i>Export secret keys</i> is within the file menu. You will need to supply the pass phrase used when the key was generated. You'll get a file ending in SECRET.asc. You will import this into Mailvelope.<br /></p><h4 style="text-align: left;">Install Mailvelope<br /></h4><p style="text-align: left;"><!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>HE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:6.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman",serif;
mso-bidi-language:AR-SA;}
</style>
<![endif]--></p><p style="text-align: left;">
</p><p class="MsoNormal">Open Portable Firefox. (Ypu;ll have to close desktop Firefox first.) Go to <a href="https://www.mailvelope.com/en/">https://www.mailvelope.com/en/</a> and click the magenta “Download Mailvelope”button.</p><p class="MsoNormal">You will be transferred to <a href="https://addons.mozilla.org/en-US/firefox/addon/mailvelope/">https://addons.mozilla.org/en-US/firefox/addon/mailvelope/</a></p>
<p class="MsoNormal">Click the "+ Add to Firefox" button, then click “Add” in the dropdown from the browser address bar.That dropdown tells you the permissions you're giving Mailvelope, so look at it!<br /></p><p class="MsoNormal">Decide whether to click “Allow this extension to run in
private windows” and check or not.<span style="mso-spacerun: yes;"> I don't see any need to allow that. Your mail provider knows when you connect to them. I guess if you had a secret email account you were trying to hide from someone who had access to your computer's browsing history, you might want to check it, but not otherwise.<br /></span></p>
<p class="MsoNormal">Note the Mailvelope icon at top left. Click the blue “OK,
Got it”</p>
<p class="MsoNormal">Click the Mailvelope icon, then “Let’s start.”</p>
<p class="MsoNormal">Choose either “Generate key” or “Import key” depending on
whether you have a key pair from another cryptography program.</p>
<p class="MsoNormal"><b>To import keys:</b></p>
<p class="MsoNormal">Click “import” and “select files.<span style="mso-spacerun: yes;"> </span>Drag the key file into the gray window,
or click “Add file” to browse for it.<span style="mso-spacerun: yes;">
</span>When ready, click “Import keys”</p>
<p class="MsoNormal">Review the keys that are being transferred and, if all is
well, click “Confirm.” The private key you just imported will be marked as the
default key.There's more about keyservers below.<br /></p><p class="MsoNormal">Click the > at the right of the box containing the key.
(Be careful not to click the trashcan.) In the pink box that says “The key is not synchronized with
the Mailvelope key server,” click the “Synchronize” button. Each email address associated with your key pair will receive an email message with a link you must click to show that you have access to that email. Click the link(s).</p><p class="MsoNormal">Go to Options and check "Sign all outgoing messages." This will put
your digital signature on your outbound mail. I've written a separate
post about <a href="https://bitmonger.blogspot.com/2014/12/about-pgp-signatures.html" target="_blank">how digital signatures work</a>.</p>
<p class="MsoNormal"><b>To generate a key pair:</b><br /></p>
<p style="text-align: left;"><i>Note: Generate a new key only if you have never used encryption with the email address you're setting up. Otherwise, use the existing keys as described above.</i></p><p style="text-align: left;">Click the "Generate" button and fill in your name, email address, and the pass phrase twice. Optionally un-check "Upload public key to Mailvelope Key Server." Leave it checked if you're generating a for-real key, but, but be sure to un-check if experimenting and plan to throw away the generated key. If you choose to upload your key, your email address will receive an email
message with a link you must click to show that you have access to that
email. Click the link(s).<br /></p><p style="text-align: left;">Go to Options and check "Sign all outgoing messages." This will put your digital signature on your outbound mail. I've written a separate post about <a href="https://bitmonger.blogspot.com/2014/12/about-pgp-signatures.html" target="_blank">how digital signatures work</a>.<br /></p><h4 style="text-align: left;">Using Mailvelope</h4><p style="text-align: left;">Once you've reached this point, you don't need me any more. The Mailvelope folks have good directions here: https://www.mailvelope.com/en/help#first_mail</p><p style="text-align: left;">There some alternate directions here: https://freedom.press/training/encrypting-email-mailvelope-guide/<br /></p><p style="text-align: left;"><i>Please do read the final two sections. They're important. </i><br /></p><h4 style="text-align: left;">Keys and Key Servers</h4><p style="text-align: left;">You either generated or imported a <i>key pair</i>, two keys. The <i>public key</i> can safely be given to anyone; it is used to encrypt messages intended for you and to verify your digital signatures. Your private key should be accessible only to you.<br /></p><p style="text-align: left;">Your email address is necessarily on the key server.</p><p style="text-align: left;">Key management<br />Select key<br />PGP Fingerprint at bottom right<br /></p><h4 style="text-align: left;">And a Final Note About the Law</h4><p style="text-align: left;">The FBI, DEA, CIA, TSA, DOJ, and every other TLA (three letter agency) hate encryption because it prevents them from taking certain shortcuts. That said, in the United States, <i>using strong encryption is completely legal. </i>It is very different in some other countries; it's up to you to know your laws.</p><p style="text-align: left;">Can "they" make you reveal your pass phrases? As of spring, 2021, that's an unsettled question in the United States. Where I live, within the jurisdiction of the United States Court of Appeals for the Eleventh Circuit, the answer is no; the Eleventh Circuit has ruled that passwords and pass phrases are "testimonial" and so protected by the Fifth Amendment of the Constitution. Other Circuit Courts have ruled differently, so this is a question that's ripe for consideration by the Supreme Court. Even within the jurisdiction of the Eleventh Circuit, expect to spend money on lawyers if you need to protect your right not to reveal that pass phrase.</p><p style="text-align: left;"><i>It is not safe to depend on strong encryption to protect you from the consequences of illegal acts.</i> Those TLAs solved crimes long before electronic communication and strong encryption existed.</p><p style="text-align: left;">And the final word: The TLAs and other authoritarian types would love to make strong encryption illegal. When deciding who to vote for, make their stance on legality of encryption an important consideration. It not only protects your email, it's crucial to online commerce, credit, and banking.<br /><br /></p><span><a name='more'></a></span><div style="text-align: center;">
<i>Copyright © 2021 by Bob Brown <br />Last update: 2021-03-14<br /></i></div>
<div style="text-align: center;">
<i> </i><a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a></div>
<span property="dct:title" style="font-size: x-small;" xmlns:dct="http://purl.org/dc/terms/">Crypto to Go</span><span style="font-size: x-small;"> by <a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="https://creativecommons.org/licenses/by-sa/4.0/" rel="license">Creative Commons Attribution-ShareAlike 4.0 License</a>.
</span><p></p>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-77002349007015177292020-01-26T16:38:00.003-05:002021-03-18T03:53:18.595-04:00Verify that Email Address!<h3>
I Get Confidential Email, <br />and My Own Email Address Can't be Used</h3><p>
Last week I received the complete travel itinerary of a couple who're taking a trip on Southwest Airlines. I have their full names because the TSA says so, that's why. I know when they won't be home and where they're going. I know when they're coming back. They live in a medium-sized town in Texas and one of the couple has a somewhat unusual first name, so it was pretty easy to find their home address. It's a good thing I'm not a burglar!<br />
<br />
Today I created a new AppleID because I got an Apple device for the first time. I couldn't associate my Gmail address with that account because it was already in use. Apple accepted my alternate email address without verification.</p><p><i>Someone</i> set up a teacher account at DeltaMath.com using my email address. This unknown person with unknown motives is now able to enroll students, possibly your kids... as me! (I used the "forgot password" function to take over that account and protect your kids.)<br />
<br />
I know people who routinely receive email for people in other countries and court filings that should be confidential at least until they enter the public record. Same story.<br />
<br />
How could such things happen? Southwest, Apple, and DeltaMath were very careless; they blindly accepted the email address that someone typed into their form. They simply don't care about either the quality of their databases or the security of their customers.<br />
<br />
Email can go astray in a number of ways. A simple error in entering an email address could inadvertently change it to the valid address of a third party. A person who is concerned about unwanted email might deliberately provide a “false” address that is actually the correct address of an unknown third party. Although unlikely, it is not impossible that someone could be the target of criminals who gain unauthorized access to the person’s email.<br />
</p><h3>
Legitimate Companies Verify Email Addresses</h3>
OK, spammers are never going to do this, but every legitimate company should verify every email address before accepting it as legitimate, and certainly before sending anything confidential to that address. It's not hard, and the cost after implementation is extremely low. I guesstimate that, in a professional setting, this would take a person-week, including specifications, managerial approval, and quality control. Actual coding should take much less than a day. <br />
<br />
Legitimate emailers should add to their customer databases an email status indicator with values unconfirmed, confirmed, and invalid. When an email address is first added to the database, the status should be set to unconfirmed and an email to that address should be generated automatically. The email should thank the person for providing an email address and should have a prominent link by which the recipient can confirm the email address and consent to receiving email from the sender. Clicking the link should change the status to confirmed.<br />
<br />
The same email should have a “this isn’t me” link; clicking the link would set the status to invalid.<br />
<br />
No legitimate company should never send email to an address with a status of invalid. Whether to send anything other than the confirmation message to an unconfirmed address is a business decision, but I’d recommend against it in order to protect your customers’ privacy. It might be better to send another confirming email if there is further interaction with that particular customer.<br />
<br />
The status of existing customers should be set to unconfirmed, or perhaps pending, and a confirming email sent when there is new activity on the account.<br />
<h3>
Well, then Why Not?</h3>
Companies that don't bother to do this are either spammers or they simply don't care about either the quality of their databases or the security of their customers. That's especially true in the case of companies that send information that's even mildly confidential.<br />
<br />Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-7684996722800592552019-08-11T13:22:00.002-04:002019-08-12T11:30:31.255-04:00Using a MikroTik cAP as a Home Wireless Access Point<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a> </i></span></div>
<br />
<b>Beware:</b> if you follow these instructions and then expose your device to the Internet, it will be hacked immediately. The instructions that follow are for installing the cAP inside an <i>already firewalled</i> network. <b>You have been warned!</b><br />
<h3>
The MikroTik cAP</h3>
The <a href="https://mikrotik.com/product/RBcAP2nD" target="_blank">MikroTik cAP</a> is a very cool device. It's about the size and shape of a smoke detector and can be easily ceiling-mounted in any location that you can reach with an Ethernet cable. It's a PoE device, so the wall wart that powers it can be in a network closet, or, in my case, in the garage, where there's a UPS. The trouble is, it's a <i>router</i>, running the full RouterOS product. It's designed to be plugged directly into the ISP's interface device and be the only source of Internet where it's installed. I wanted to use it as a wireless access point in a mostly-wired network, and there was the rub! <br />
<h3>
Initial Access</h3>
You will need a wireless device with a reasonable screen and keyboard, like a laptop. Out of the box, the cAP's configurator is accessible only through the wireless interface. That makes sense if the Ethernet interface is exposed to the wilds of the Internet, but it makes initial access hard. The setup guide says you can associate with the cAP and it'll give you an compatible address via DHCP. That didn't work for me. Neither did MikroTik's Winbox software.<br />
<br />
So, set your wireless device with a fixed address of 192.168.88.88, a gateway of 192.168.88.1, and no DNS. Fire up the cAP and cause the laptop to associate with it. Now you can open 192.168.88.1 with a web browser and you will get the web interface. If you make a configuration mistake, you can get back to this state by holding the reset switch of the cAP while powering on and for five seconds afterward, until the LED starts to flash.<br />
<h3>
Gather Information</h3>
I suggest assigning a fixed internal address to the cAP, so you'll need an <b>IPv4 address</b> that's not in your DHCP pool. You will also need your IPv4 <b>netmask</b>, the address of your <b>default gateway</b>, and the addresses of your<b> DNS server(s)</b>.<br />
<br />
If, at this point, these instructions "seem complicated" you have overextended yourself. The cAP is not really a consumer device. Return it and get a consumer AP.<br />
<h3>
Configuration</h3>
Everything I read warned me not to mix changes to the Webfig interface with changes to the Quick Set interface. I wasn't able to accomplish everything that way. Here are the steps.<br />
<br />
<b>Set DNS:</b> Click Webfig (top right) then, in the menu at the left, IP and then DNS. Add the addresses of your DNS servers. Click the down-triangle to add more addresses. Click the "Apply" button.<br />
<br />
<b>Delete the firewall rules:</b> Still in Webfig and IP, click Firewall. Delete all the rules except "drop invalid" and "special dummy rule to show fasttrack counters" by clicking the tiny minus-sign button before each rule. This will allow future configuration through the Ethernet interface. <i>If you expose the Ethernet interface to the Internet, it will also enable hacking of your AP. </i><br />
<h4 style="text-align: center;">
<i><span style="font-weight: normal;">Click the images to enlarge. </span></i></h4>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-l6cVUbFquEM/XVBFQnuYQiI/AAAAAAAACU8/WeAaWMrW0EQr4f2Z0WSVBVs4h1fDy2qygCLcBGAs/s1600/firewall_rules.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="685" data-original-width="1302" height="336" src="https://1.bp.blogspot.com/-l6cVUbFquEM/XVBFQnuYQiI/AAAAAAAACU8/WeAaWMrW0EQr4f2Z0WSVBVs4h1fDy2qygCLcBGAs/s640/firewall_rules.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<b>Return to Quick Set</b> by clicking the button at the top right. Leave the pull-down at the top right set to "WISP AP," the default. Set each of the following:<br />
<br />
<b>Network name:</b> This is the service set identifier (SSID) that the cAP will broadcast.<br />
<br />
<b>Set network security:</b> Check "wpa2" and "aes ccm" unless you have very old devices that need WPA or TKIP, in which case check those, too, and plan to replace the old devices! In "WiFi password" put the preshared key. It should be long but easy to type. Four <a href="https://en.wikipedia.org/wiki/Diceware" target="_blank">Dicewords</a> will give almost 52 bits of entropy. (Note that hacking this key requires physical proximity to the cAP.)<br />
<br />
You can later set up a MAC access control list from the "Wireless" selection of Webfig if you like.<br />
<br />
<b>Set network parameters and admin password:</b> Under "Configuration" select "bridge."<br />
<br />
Under "Bridge" choose "Static" and fill in the IP address the router is to have, the netmask, and the default gateway. DNS servers were set earlier.<br />
<br />
Fill in the router administrative password twice. (Make this a good one; an adversary who gets past the preshared key can then try to brute-force the administrative password.) The two password fields will be replaced by a "Password" button after the password has been set and the configuration applied.<br />
<br />
<b>Apply the configuration:</b> Click the "Apply configuration" button. You will lose your connection to the router because its IPv4 address has been changed. You can now remove the fixed address from your laptop and browse to the IP address you just set from a wired or wireless connection to your network.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-RSOsAQzU814/XVBMHNR9KEI/AAAAAAAACVo/Tv5SKFOfl9MV1LnFe1acpW3vdYq9n3vwwCLcBGAs/s1600/mikrotik_final_2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="795" data-original-width="1067" height="476" src="https://1.bp.blogspot.com/-RSOsAQzU814/XVBMHNR9KEI/AAAAAAAACVo/Tv5SKFOfl9MV1LnFe1acpW3vdYq9n3vwwCLcBGAs/s640/mikrotik_final_2.png" width="640" /></a></div>
<h3>
Update the RouterOS Software</h3>
Return to the router, log in, and on the Quick Set screen, press the "Check for Updates" button. If an update is offered, apply it by clicking the "Download&Upgrade" button.<br />
<h3>
Optimize WiFi Performance</h3>
Author 'gryzli' has written a guide for <a href="https://gryzli.info/2015/06/20/mikrotik-optimizing-wi-fi-performance/" target="_blank">optimizing RouterOS WiFi performance</a>. He's absolutely right about the <a href="https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en_US" target="_blank">WiFi Analyzer app</a> for your Android phone.<br />
<br />
It is unfortunate that RouterOS uses frequencies rather than channel assignments. Wikipedia has a list of <a href="https://en.wikipedia.org/wiki/List_of_WLAN_channels" target="_blank">channels and frequencies</a>.<br />
<hr style="width: 75%;" />
<br />
<div style="font-size: small; text-align: center;">
Copyright © 2019 by <a href="https://www.blogger.com/facultyweb.kennesaw.edu/rbrow211=" rel="author">Bob Brown</a>
<br />
<a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="https://i.creativecommons.org/l/by-sa/4.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>Using a MikroTik cAP as a Home Wireless Access Point</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a<br />
<a href="http://creativecommons.org/licenses/by-sa/4.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.</div>
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-21292110433526760142019-07-28T15:01:00.001-04:002021-02-22T03:06:13.309-05:00Thoughts About Cloud Storage<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;"><i>There is no cloud, only a bunch of computers you don't own, run by people you don't know. </i></span><span style="font-size: x-small;"><i><span style="font-size: x-small;"><i>—</i></span>Anonymous </i></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: x-small;"><i> </i></span></div>
<i>TL;DR:</i> Cloud storage might be suitable for storing backups provided one can afford the storage space and bandwidth needed. It is not suitable for storing the only copy of anything. Data stored with a cloud service <i>must</i> be encrypted using strong encryption to protect it from disclosure. Cloud resources must never be set up as an "always on" mapped drive.<br />
<h3>
<span style="font-size: large;">Cloud Storage and How it is Used</span></h3>
Cloud computing, or cloud storage, isn't really just a bunch of computers you don't own. It isn't just "on the Internet," either. It's a <i>lot</i> of computers and some very clever software that, together, have six important characteristics:<br />
<ol>
<li>Self service: When you establish a "cloud" account, there's no human intervention at the other end. That's convenient because there's no waiting to set up an account, add storage, etc. It's also crucial to keeping the cost down.</li>
<li>Excellent network access: A cloud provider might serve millions of subscribers and must provide sufficient speed and responsiveness to make the customer's connection, not the cloud provider's connection, be the bottleneck.</li>
<li>Elastic scalability: People can make new accounts, or decide to add hundreds of gigabytes to their storage allocation, and the infrastructure must deal with that. (But, note that paying for 100 GB of storage doesn't mean 100 GB is immediately allocated to you; that doesn't happen until you use it.)</li>
<li>Resource pooling: The necessary scalability is achieved by sharing massive resources among many subscribers. For the big cloud providers, "many" means millions or tens of millions. The principle of multi-tenancy means your data will share disk space and CPU cycles with that of many others. It's up to that clever software to keep things separate.</li>
<li>Redundancy: The cloud provider will keep multiple copies of customers' data on different servers; failure of a single server, or even of several, will not compromise the data. The really big cloud storage providers keep redundant copies across multiple data centers.</li>
<li>Measured service: This implements the principle of paying for what one uses. Google will provide 15 GB free; beyond that, there's a charge. For cloud storage, generally what's measured is storage used. Other cloud services might also measure CPU seconds, transfer bandwidth used, or other resources.</li>
</ol>
With all of that, cloud storage might seem to be the perfect answer to limited storage and disk failures for consumers. Not so fast. We need to consider the way we use cloud storage, the properties of a secure system, and the causes, probabilities, and consequences of failure.<br />
<b><br /></b>
<b>There are two ways one could use cloud storage: as primary storage </b>and as <b>backup storage</b>. When cloud storage is used for primary storage, the only copies of data are those "in the cloud." Failure of the cloud storage means irretrievably lost data. If cloud storage is used for backup, the operational copy of data is stored elsewhere, usually on local drives. Both the local storage and the cloud storage would have to fail to cause loss of data.<br />
<br />
Cloud storage can also be used for file sharing. Shared files are still either primary or backup, depending on whether another copy exists.<br />
<h3>
Security and Threats</h3>
The security of a system can be measured by three properties:<br />
<ol>
<li>Confidentiality is the condition that data have not been revealed to unauthorized people.</li>
<li>Integrity means data has not been altered or destroyed.</li>
<li>Availability means data can be used by authorized people when needed and with suitable response time.</li>
</ol>
To analyze the security of any system, we need to analyze the threats to the confidentiality, integrity, and availability of its data. Broadly, those threats are disclosure, alteration, and denial.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-aSPbg0R5D2Y/XT3RWLOgZQI/AAAAAAAACSo/-9VtEvgivK4f67vyQUp52jJN9VIVp_mXgCLcBGAs/s1600/risk_matrix.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="191" data-original-width="579" height="131" src="https://1.bp.blogspot.com/-aSPbg0R5D2Y/XT3RWLOgZQI/AAAAAAAACSo/-9VtEvgivK4f67vyQUp52jJN9VIVp_mXgCLcBGAs/s400/risk_matrix.png" width="400" /></a></div>
<br />
I rate the risk of disclosure as high. All major cloud storage providers scan uploaded files for contraband, specifically for child pornography. Dropbox, and possibly others, scan shared files for material protected by copyright. Even if you are absolutely certain you have no electronic contraband, a false positive could lead to law enforcement action. Resource pooling and multi-tenancy mean one subscriber's data could be accessible to others in the event of a software error. Poorly protected accounts, <i>e.g.</i> by weak passwords, could make data accessible to malicious outsiders. Finally, a configuration error by the subscriber could share data not intended to be shared; <i>this is probably the most likely risk.</i><br />
<br />
The risk of alteration is low; the nature of cloud storage protects the integrity of data. An exception might be a configuration or software error that erroneously makes data shared and writable by others, or a malicious attack on a poorly protected account. <br />
<br />
The risk of denial is medium. Although redundancy and good network access mean that data will likely be available from the cloud provider, access also requires that the customer network be functioning. Failure of the cloud provider's business could make data unavailable. That need not be a financial failure; provider Megaupload was shuttered by United States law enforcement authorities and the stored data became permanently inaccessible. Some cloud providers assert the right to remove files that violate their terms of service. Finally, if a cloud drive is "mapped," that is set up to be viewed by the customer's operating system as a local resource, malicious software known as ransom-ware could render the contents inaccessible by encrypting the data.<br />
<h3>
Using cloud storage effectively</h3>
<span style="font-size: small;">The consequences of disclosure, alteration, or denial could result in irrecoverable loss of data if cloud storage is used as primary storage. <b>Cloud storage must never be used for primary storage.</b></span><br />
<br />
<span style="font-size: small;">If cloud storage is used for backup, the consequences of alteration or denial are less severe; one is without backup until the situation is corrected. However, denial caused by ransom-ware could make both primary storage and backup inaccessible.</span><br />
<span style="font-size: small;"><b> </b></span><br />
<span style="font-size: small;">For backup data, the consequences of disclosure are severe. Even if disclosure does not lead to investigation by law enforcement, information in primary storage will be disclosed. That could include financial user IDs, account numbers, and passwords, medical information, and other confidential data. That leads to two conclusions:</span><br />
<ol>
<li><span style="font-size: small;"><b>Cloud storage used for backup must never be "mapped" as a disk drive</b> accessible to the operating system in order to protect it from malicious software.</span></li>
<li><span style="font-size: small;"> <b>Backup data on cloud storage must be be protected by strong encryption</b> to protect against inadvertent disclosure and scanning by the cloud provider. </span></li>
</ol>
<h3>
Other considerations</h3>
<b>Encryption:</b> The only safe encryption is that for which you generated and hold the encryption key. If the cloud provider holds the encryption key, you are trusting them not to unlock your data. A strong encryption algorithm is needed; I recommend AES with a 128-bit key. Suggestion: keep copies of the crypto key on two separate USB drives stored in different buildings; do not keep a copy on the system being backed up.<br />
<b><br /></b>
<b>Storage size and cost:</b> A 500 GB laptop drive will need at least 2 TB of backup space to do progressive backups. That would be $50-75 if paid annually.<br />
<br />
<b>Bandwidth:</b> A 500 GB drive that's 60% full will take nearly a week to upload at DSL speeds and over 24 hours at 10 Mb. A 15 GB progressive backup will take nearly 25 hours to upload at DSL speeds and almost four hours even with a 10 Mb connection. To use cloud storage effectively for backups, you'll likely need a 50 Mb or faster Internet connection.<br />
<br />
<b>Account security:</b> Use a strong password to protect your cloud account. Choose a provider that offers two-factor authentication. If possible, use a physical token like a <a href="https://www.yubico.com/" target="_blank">YubiKey</a> or an app that generates one-time passcodes; pass codes sent by text message are not secure because of <a href="https://www.wired.com/story/sim-swap-attack-defend-phone/" target="_blank">SIM-swapping attacks</a>.<br />
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
<i><span style="font-size: x-small;">Copyright © 2019 by Bob Brown<br />Last update: 2021-02-22<br /></span></i></div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/4.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="https://i.creativecommons.org/l/by-sa/4.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="https://purl.org/dc/terms/"><i>Thoughts About Cloud Storage</i> by</span> <a href="https://www.blogger.com/profile/10329126915794755200" property="cc:attributionName" rel="cc:attributionURL" target="_blank" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en_US" rel="license" target="_blank">Creative Commons Attribution-ShareAlike 4.0 Unported License</a>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-36527064006149876582016-02-27T13:22:00.000-05:002017-07-13T12:29:00.866-04:00Avoid the Wretched Spammers at MailChimpI've had the same email address for a long time, so it's gotten passed around. It's also short, so people who think they're inventing an email address often hit on mine. I get a lot of spam.<br />
<br />
About half of it comes from MailChimp. The people at MailChimp will tell you, "we help our customers comply with spam laws and best practices." It's not true. They're spammers.<br />
<br />
To understand that, we first need to define spam. I like the definition from <a href="https://www.spamhaus.org/consumer/definition/">Spamhaus.org</a>. Spam is unsolicited bulk email. Bulk email is OK; I subscribe to several mailing lists. They send bulk email, and I get it because I want it. Unsolicited email is OK... in fact, it's even normal. An old friend recently sent me email inviting me to lunch. Great! It was unsolicited, but I was happy to get it.<br />
<h3>
It's Spam, Jim!</h3>
Email is spam when it is both bulk and unsolicited. In the case of bulk mail, "unsolicited" means "<span class="body">the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent." Those words are from Spamhaus, and I couldn't say it any better. It's about consent. "Verifiably granted" means what is sometimes called the double-opt-in. The emailer sends you a message that says, in effect, "Thank you for signing up for our stuff. Click here to validate your email address." <i>That </i>is verifiable. That is what MailChimp doesn't do.</span><br />
<h3>
<span class="body">Don't Get Tarred with MailChimp's Reputation</span></h3>
<span class="body">If you are thinking of email marketing and you're thinking of hiring help, be careful not to get tarred with the reputation of a spammer. If people get spam from you, they'll naturally and correctly think you're sleazy. That's what will happen if you hire MailChimp. They send from several domain names, and every time I find one, I block it on my home email server. That mail "bounces;" it gets rejected without being delivered at all.</span><br />
<span class="body"><br /></span>
<span class="body">I also have an email address with one of the big, public email providers. I haven't figured out how to block entire domains there, but I do block the individual spammers, one by one. Their future messages get received and go into my spam folder. The sender paid MailChimp to send that message, but I never saw it. Don't let that happen to you!</span><br />
<h3>
<span class="body">"Just Unsubscribe"</span></h3>
<span class="body">No.</span><br />
<span class="body"><br /></span>
<span class="body">I feel no obligation to "unsubscribe" from anything to which I didn't subscribe in the first place. In fact, I see a great advantage in <i>not</i> unsubscribing. It makes the sender's email campaign that much more expensive because the sender pays for those messages that go into my spam folder. Don't let that happen to you. I feel no obligation to make spamming cheaper or more cost effective. Besides, unsubscribing just confirms that the email address works.</span><br />
<h3>
<span class="body">Be Like Me</span></h3>
<span class="body">When you get spam, block the sending domain entirely. If you can't block the domain, block the specific sender. Only unsubscribe if you cannot block domain or sender. Spam works because it's cheap. Help make it more expensive. And never, <i>ever,</i> buy anything from a spammer. Read what <a href="https://www.spamhaus.org/consumer/removeisformugs/">Spamhaus says about unsubscribing</a>. Remember, it's spam if it's both bulk and unsolicited.</span><br />
<br />
<br />Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-30524946704809998632014-12-07T13:58:00.008-05:002021-02-21T18:50:11.362-05:00About PGP Signatures<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br /></div>
I started attaching PGP digital signatures to my work email a few months ago. That's kind-of an appropriate thing for me to do since I'm a teacher of computer security. For many people, that signature is just a mysterious hunk of garbled letters either appended to the email message or sent as an attachment. Such a signature looks like this:<br />
<br />
<div style="background-color: #eeeeee; border: 1px solid black; font-family: Courier New, Courier, monospace; font-size: small; margin: auto; padding: 1em; width: 90%;">
-----BEGIN PGP SIGNATURE-----<br />
Version: GnuPG v2.0.22 (MingW32)<br />
<br />
iQEcBAEBAgAGBQJUhI42AAoJEDF1nN<br />
o3X4aWzXYIAIYZwzleZljYhf6ZKseaxfBY<br />
ORMAUWikdmkuzaLg25ngwtBYyjfTUMPfJpVSK4p1IgV6zWFDAbT0m0HZjmxuuWOl<br />
JqEoWc/Qa4f1tWF7Oc0Mrb0qfIUEEckAkf43MCN8BQxzUz2tkbegsx+TWcsgiz4X<br />
vUmdL2F5vfBoArvmi1SW8aqvEbJaMhIvfYAiD9LeX1RtKr8Z0a2RFO4/tkbS7Kh4<br />
d5FTBkm2ddhzfp+Z2hgrU72T07dteO1u0JrCOLCDZT+jKEE7CJ7OowziVpL4oDwU<br />
uie39l4VdkSPOqxrEaKIw2ehvrO/pP/mP0MnyHClnFSISxw8LhFT0G5+5+a0JEA=<br />
=y4bG<br />
-----END PGP SIGNATURE-----
</div>
<div class="a3s" id=":pq">
<br />
Ewww... that's <i>ugly</i>! But why?<br />
<br />
<h3>
A PGP Digital Signature Authenticates the Message</h3>
When people get email, they naturally assume that the name on the<i> From:</i> line is the sender of the message, especially if it's someone they know and with whom they communicate frequently. Unhappily, that doesn't have to be true; it is trivially easy to <a href="https://en.wikipedia.org/wiki/Email_spoofing" target="_blank">forge a sender's identity</a> in email. The PGP digital signature provides strong evidence that the message is actually from the purported sender and that it hasn't been tampered with in transit.<br />
<br />
<h3>
How Does it Work?</h3>
The PGP digital signature depends on two cryptographic technologies, cryptographic hash functions and public key cryptography. A cryptographic hash function produces a "fingerprint" for a message. The text of the message is input to a computer program that computes the hash code, called a "digest." Every possible message probably has a unique digest, and even a tiny change in the message would change the computed digest dramatically. Why is it called "hash?" Look at the example above!<br />
<br />
Public key cryptography uses two keys called <i>public</i> and <i>private</i>. The public key is widely available, often published a key server like the <a href="https://keys.openpgp.org/" target="_blank">OpenPGP key server</a>. If you know someone's email address and they have a PGP key pair, you can probably find their public key easily. A very useful feature of PGP keys is that they are cryptographic inverses of one another. If you encrypt a message using my public key, it can only be decrypted with my private key. If I've carefully kept my private key, <i>um,</i> private, only I will be able to decrypt the message. It works the other way, too. If I encrypt a message using my private key, which only I have, anyone can get my public key and decrypt the message, but I'm the only one who could have encrypted it because only I have the private key. So, a message encrypted with my private key is digitally signed.<br />
<br />
My email program generates a PGP signature by first computing a cryptographic hash digest from the message, then by encrypting the digest using my private key. The recipient can use my public key to decrypt the digest. If the rest of the process works, the message could only have come from me because only I have the corresponding private key. The recipient then computes a new digest from the message using the same cryptographic hash algorithm. The newly-computed digest is compared to the decrypted digest. If they're the same, the decryption worked and the message hasn't been tampered with because tampering would have caused the newly-computed digest to be different.<br />
<br />
I wrote that a valid PGP signature "provides strong evidence that the message is actually from the purported sender and that is hasn't been tampered with in transit." How strong? The main consideration is whether the sender has kept his private key truly private. Anyone with a copy of my private key can sign a message that will appear to come from me. You also have to trust that neither the cryptographic hash algorithm nor the public key algorithm has a flaw that can be exploited. Modern cryptographic algorithms are strong enough to make the cryptographic safety of PGP signatures a good bet.<br />
<br />
<h3>
What is PGP, Anyway?</h3>
PGP stands for "Pretty Good Privacy," invented by <a href="https://en.wikipedia.org/wiki/Phil_Zimmermann" target="_blank">Phil Zimmerman</a> to allow exchange of secure (confidential) and authenticated messages. Zimmerman's original PGP ran into patent problems and Zimmerman himself was the subject of a long criminal investigation for "exporting munitions," namely cryptographic algorithms. (The FBI, CIA, NSA, TSA, DHS, DoJ and every other three-letter agency known to man <i>hate</i> encryption because it makes dragnet surveillance and casual snooping very difficult. With that said, I cannot emphasize too strongly that, in the United States, <i>there is nothing illegal about using encryption. )</i><br />
<br />
I'm actually using the implementation of the OpenPGP standard built into the Thunderbird email client.<br />
<br />
<h3>
What About Snooping?</h3>
A digital signature doesn't do anything to protect the confidentiality of a message. To do that, one must encrypt the message itself. It's easy to do, and if you start sending me encrypted email, I'll be sure my replies are encrypted. That way, even the NSA won't know what kind of pizza we're planning to have. See the articles below for instructions.<br />
<br />
<h3>
Want to Know More?</h3>
I've written a series of three articles on using and understanding encryption:<br />
<ul>
<li><i>I<a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html" target="_blank">t's Time to Encrypt Your Email</a></i></li>
<li><a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html" target="_blank"><i>Using Encrypted Email</i></a></li>
<li><a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html" target="_blank"><i>A Little About Encryption</i></a></li>
</ul>
There's also plenty of information in the links above. Knock your socks off!<br />
<br />
<a href="http://xkcd.com/1181/" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://3.bp.blogspot.com/-yAweDPWp0wg/UYy45lbNisI/AAAAAAAAAM8/0HYnZVC8Wb8/s1600/xkcd_pgp_signed_pgp.gif" /></a>
<br />
<h3>
Too Long; Didn't Read</h3>
The <span style="font-size: x-small;"><a href="http://xkcd.com/" target="_blank">XKCD</a></span> comic,
which everyone who does anything with technology ought to read, explains PGP digital signatures this way.<br />
<br />
You have to actually <i>validate</i> the digital signature, not just check that it's present to be certain. But really, if the signature is there, odds are good that it will validate, and if you have any doubts, you can validate and be sure. How? Probably your email client will do it for you. For details, see <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html" target="_blank"><i>Using Encrypted Email</i></a>.</div>
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by <a href="https://plus.google.com/107541903539257008645?rel=author">Bob Brown</a></div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="https://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>About PGP Signatures</i> by</span> <a href="http://bitmonger.blogspot.com/" rel="cc:attributionURL">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-71815403498097616272014-08-27T09:25:00.002-04:002019-08-23T05:34:59.097-04:00A Note on Card Safety<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br /></div>
There's been a lot in the news lately about malicious software invading stores' computer systems and stealing credit and debit card numbers. A couple of people have asked me about how to be safe using credit and debit cards. I wrote a big long piece about that. After I read it, I decided it was mostly useless. It can be boiled down to three rules:<br />
<ul>
<li>Use your credit card sparingly, </li>
<li>Use your debit card almost not at all, and,</li>
<li>Check your accounts frequently.</li>
</ul>
Using your cards sparingly minimizes attack opportunity. It is true that big, national organizations like Target and Neiman-Marcus have been compromised but it is also true that smaller organizations are often easier targets for the bad guys. Each time you use that card, you potentially expose it to theft. If you use a card for fast food or sundry purchases a dozen times a week, you've potentially exposed it a dozen times a week. It really won't hurt you to carry some cash and make those small purchases with cash. If you're worried about getting mugged, ask yourself how often that has happened and set the amount of cash accordingly. Also, remember that not having cash won't keep you from getting mugged; it'll only limit your loss. If you're worried about losing your wallet, remember where you keep those credit cards!<br />
<br />
I carry about a hundred dollars and pay for nearly every small purchase with cash.<br />
<br />
If you decide to use a card, and you have a choice, use a credit card, not a debit card. If you use a credit card and become the victim of fraud, it's the card company's money that's tied up. If you use a debit card, it's <i>your money</i> that is gone. A $5,000 fraud on a credit card is bad because you'll have to wrangle with the card company about whether you have to pay that fraudulent charge. A $5,000 fraud on your debit card is <i>much worse</i> because it's your money, not theirs, that's been stolen. You will probably eventually get most of it back if the fraud is reported promptly, but while you are dealing with your bank, that money is not available to do things like buy food or pay your mortgage.<br />
<br />
I use my debit card in exactly two places: my bank's teller machine and a store that gives me a discount for debit but not credit. So, those are my only two potential exposures to fraud.<br />
<br />
Speaking of teller machines, there's a threat other than malicious software. It's the "<a href="http://krebsonsecurity.com/all-about-skimmers/">skimmer</a>," a device that attaches to a teller machine or credit card reader like those on gas pumps. The card gets read twice, once by the skimmer and once by the real device. So, your transaction works, but the bad guys now have the numbers, too. You guard against skimmers by using the same teller machines, gas pumps, etc. as often as possible and noticing what they look like. If something looks funny when you visit, go elsewhere and then check with your bank.<br />
<br />
If your card number is used for fraud, the sooner it's reported, the sooner it can be stopped. Early detection lets you limit the damage. These days, we can check our accounts on line in seconds. You should check every account at least weekly, and your debit card account daily. It's especially important to keep an eye on that debit card. Federal law limits your liability to $50 for fraud reported within two days. After that, it's $500 until 60 days, then unlimited! (If you have so many cards that checking would be hard, you have too many cards!) <br />
<br />
Reduce opportunity for fraud by minimizing your use of cards and reduce your personal exposure by using credit cards, not debit cards.If fraud occurs, find it early by checking your statements regularly.<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by <a href="https://plus.google.com/107541903539257008645?rel=author">Bob Brown</a></div>
<br />
<a href="https://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="https://purl.org/dc/terms/"><i>A Note on Card Safety</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-43231329198179844592014-06-23T08:20:00.000-04:002014-08-23T11:01:29.931-04:00Hack Your WiFi Password? Easy!<div class="Bt Pm" style="max-height: none;">
<div class="tG QF">
</div>
<div class="Ct">
<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br /></div>
<b>Using free WiFi? Here's something to watch for:</b> If you have a wireless router, you know you can set it up to broadcast any name you want. (Mine is "emorycottage.")<br />
<br />
If you have service from AT&T or Comcast you know they're promoting their free WiFi hotspots like crazy.<br />
<br />
Well,
the Bad Guys have discovered this, and place wireless routers that
broadcast names of "attwifi" or "xfinitywifi" in likely places. If your
phone is set up to associate with such a hotspot automagically, it will
connect to the evil hotspot. If the attackers spoof a login screen, you could <i>transmit your AT&T or Comcast password</i> to the operators of the evil hotspot. Even if there's no login, you're on a network you think you can trust, but you can't.<br />
<br />
What
to do? Don't allow your gear to connect automatically. Consider where
you are if your gear asks for permission to connect, and <b>never, ever</b>
use your carrier's WiFi password for anything else. Especially not for your email
account, because if the Bad Guys can take over your email, they can
probably reset your passwords for other accounts... like your bank.</div>
</div>
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by <a href="https://plus.google.com/107541903539257008645?rel=author">Bob Brown</a></div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>Hack Your WiFi Password? Easy!</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-91615045830739498152014-05-06T21:43:00.001-04:002016-07-15T20:46:52.738-04:00The IBM Model M Keyboard and Modern Computers<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br /></div>
I love my IBM Model M "clicky" keyboard. It has pounded out everything I've written for a quarter-century, including a master's thesis, a doctoral dissertation, thousands of reports, budgets, email messages, and even a small book. What's so great about it? The click! There's a nice, satisfying click sound at the instant the key makes contact. There's good tactile feedback, too. You can feel when the key has made contact. You don't have to bottom out each key press, and that means less effort when typing. The letters are molded into the key caps, not painted on; the keys on my keyboard look as good today as they did a quarter-century ago.<br />
<div style="border: 1px solid black; float: left; margin: 1em 1em 1em 0; width: 300px;">
<img src="https://4.bp.blogspot.com/--UsdROVztK8/U2vzxmUkKrI/AAAAAAAAAh4/rJpDWkD1Uvs/s1600/model_m.png" />
<br />
<div style="font-size: 80%; text-align: center;">
image by <a href="https://www.flickr.com/photos/mattjb/">Matt Burriss</a> <a href="https://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons license</a> </div>
</div>
Have I made you want one? You can buy a brand-new Model M keyboard, made from the original IBM design, and even using the original IBM molds. They're made by <a href="http://pckeyboard.com/">Unicomp</a> in Lexington, Kentucky, USA using the original IBM equipment. There's one specifically for Mac computers, too. They cost $80 to $120 plus shipping.<br />
<br />
Not convinced that you should pay a hundred bucks for a keyboard? It will make your life and work easier, and it'll last forever. Computers may come and computers may go, but your Model M keyboard will go on and on. Read what NPR's <a href="http://www.npr.org/templates/story/story.php?storyId=100076874">Martin Kaste has to say</a> about it.<br />
<h3>
Using an Older Model M</h3>
If you're lucky, as I am, you have an original Model M keyboard. You also have a problem; the keyboard has a PS/2 type plug, and modern computers do not have PS/2 sockets! (New Model Ms from Unicomp come with a USB interface.)<br />
<br />
You will need a <a href="http://www.amazon.com/gp/product/B000BSJFJS/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B000BSJFJS&linkCode=as2&tag=httpwwwemoryc-20&linkId=XJTAQIJHJPPPNSSN">PS/2 Keyboard To USB Adapter</a><img alt="" border="0" height="1" src="https://ir-na.amazon-adsystem.com/e/ir?t=httpwwwemoryc-20&l=as2&o=1&a=B000BSJFJS" style="border: none !important; margin: 0px !important;" width="1" />. Cheaply made "bulge in the cable" adapters do not work. Use the link to get the right thing. (Disclosure: Amazon pays me a few cents if you buy using the link. I'm almost up to a dollar a month in commissions.) You will probably also need a short <a href="http://www.amazon.com/gp/product/B000E5CYW8/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B000E5CYW8&linkCode=as2&tag=httpwwwemoryc-20&linkId=YPFSRQMZD4DW3ZDP">USB extension cable</a> because the adapter is too fat to plug directly into many USB sockets. Plug directly into the computer or into a powered USB hub; an unpowered hub will not work because of the power requirements of the keyboard.<br />
<h3>
Cleaning up that Model M, and USB Conversion</h3>
If you're like me, after a couple of decades enough glop has dropped into your keyboard to be truly disgusting. The nice people at Unicomp will clean and thoroughly test your keyboard for $30 plus shipping. Email them at <a href="mailto:support@pckeyboard.com">support@pckeyboard.com</a> for an RMA number. When you have the RMA number, order a <a href="http://pckeyboard.com/page/category/Repair">Class 1 keyboard repair</a> and ship your keyboard off to them. (They can do more extensive repairs in the unlikely event that you have a non-working keyboard, but it might be better just to buy a new one from them.)<br />
<br />
For a little extra, Unicomp will make the USB conversion for you. If you're going to send your keyboard in for cleanup, order the USB conversion, too. That's far better, and possibly less expensive, than using an adapter. (It was $10 when I had mine done; that's less than the price of the adapter. Check with Unicomp for the current price.) <br />
<h3>
Converting the Keyboard to USB Yourself</h3>
Some people, handy with soldering irons, have installed the USB adapter inside the keyboard case. The idea is attractive to me because the adapter hanging from a cable on my laptop dock is un-aesthetic. I haven't tried it, but it might not be hard to do. A little time with Google should find some help.<br />
<br />
But really, just get Unicomp to do it for you. They're the professionals. <br />
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by <a href="https://plus.google.com/107541903539257008645?rel=author">Bob Brown</a></div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="https://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>The IBM Model M Keyboard and Modern Computers</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-89032488400168962542014-04-18T12:13:00.001-04:002014-08-23T11:06:52.570-04:00Virtualizing Windows XP<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br /></div>
<b>Well... <i>this</i> is revolting. A slip of a finger erased a multi-page post. I have tried to re-create it, but this is not the original post.</b><br />
<br />
<hr />
<br />
You followed my advice in<i> <a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html">The Four Choices of the Windows XPocalypse</a></i> and you have a shiny new computer with a shiny new operating system. It might be Windows 7, but it's more likely Windows 8.1. It might even be Linux or MacOS. <i>Now</i> you find out that one or more of your Windows XP applications won't run under your new operating system, and you really need it. What to do? What to <i>do?</i><br />
<br />
Well, you could haul out your old computer when you need it, and if it's a laptop, that might even be practical. What you really want is all your stuff on one machine, where you can use it when you want to.<br />
<h3>
Windows 7's Virtual XP Mode</h3>
Windows 7 includes a<a href="http://windows.microsoft.com/en-us/windows7/install-and-use-windows-xp-mode-in-windows-7"> virtual XP mode</a> that will let you run your XP programs under Windows 7. You will have to reinstall your XP applications and any files they might need.<br />
<br />
There is no XP mode in Windows 8, nor in Linux or MacOS, so it's not a long-term solution, and may not even work for you now. Even if you have Windows 7 and your install media, your Windows XP setup may be so complex that replicating it under Windows 7 isn't practical.<br />
<h3>
Virtualizing Windows XP</h3>
A "virtual machine" is a software package that simulates actual computer hardware. For helping XP live on, the virtual machine software runs on your new computer, and Windows XP runs on the virtual machine. There is software that's free for personal use that'll do this. The exception is MacOS, where you will need a $60 software package.<br />
<br />
You will need your Windows XP computer, with it's disk intact. You'll also need an external hard disk at least as big as the Windows XP disk and virtualization software, which is free for most personal applications. You may also need a new license and product key for Windows XP. There's more on that below.<br />
<h3 id="creating">
Creating the Windows XP Virtual Image</h3>
If you bought your Windows XP computer with XP pre-installed, please read <a href="http://bitmonger.blogspot.com/2014/04/virtualizing-windows-xp.html#key"><i>About the Windows XP Product Key</i></a> below before you start this process. If you're not sure whether your XP system has one of those OEM keys, you can try this process and See What Happens™. The worst that can happen is that you'll have to do it again after you change the product key.<br />
<br />
You make a virtual machine from your running Windows XP computer by running the <a href="https://my.vmware.com/web/vmware/evalcenter?p=converter&rct=j&q=&esrc=s&source=web&cd=3&sqi=2&ved=0CDcQFjAC&url=http://www.vmware.com/go/getconverter&ei=thBUU7bxL7PSsATy5YGADA&usg=AFQjCNH3Et0HlSZPzkw2VZxLVZoNZ_yY5g&sig2=JwbtlkYGJqdlvvYy5gi4Tw&bvm=bv.65058239,d.cWc&cad=rjt">VMWare vCenter Standalone Converter</a>. It's free from VMWare, but you have to register to get it. The longer XP goes unpatched, the more dangerous it is to connect it to the Internet. I downloaded the converter (and all the other software I used for this project) using my new system and moved it over with a flash drive.<br />
<br />
Install the vCenter Converter on your running XP system and run it. Direct the output to your external disk, which should be empty. (If it's not, format it. Use the "quick format" option.) This will take several hours – mine took about four – so best to plan to run it over night.<br />
<br />
When the converter has finished, shut XP down, move the external drive to your new system, and go to <a href="http://bitmonger.blogspot.com/2014/04/virtualizing-windows-xp.html#running"><i>Running Your Virtual Machine</i></a> below.<br />
<h3 id="key">
About the Windows XP Product Key</h3>
Microsoft sold licenses for Windows XP to computer manufacturers at a steep discount. The catch is that the license is "locked" to the specific configuration of your XP computer. Such a license is called an OEM (original equipment manufacturer) license, and it will not run under a virtual machine. If you try it, you'll get an "activation required" screen during the startup process of the virtual machine.<br />
<br />
There is no way I know of to get past the activation screen. Putting in a new product key doesn't work, and calling the phone number on the screen connects you to a robot with no sympathy for your plight. You have to change the product key before you virtualize the XP system.<br />
<br />
<b>Getting a New Product Key:</b> You will (probably) need a product key that matches the version of XP you have. So, if you have XP Home Edition, you'll need an XP Home product key; if you have XP Professional, you'll need an XP Pro product key. There are two kinds of licenses and product keys that will work, retail licenses and volume licenses. If you ever bought, but did not use, a copy of Windows XP, you own a retail license, and the package will have the product key you need. If you can find it. Retail licenses for XP are for sale on eBay at prices ranging from $20 to over $100. Expect prices to go up as these become rarer.<br />
<br />
You may be able to talk the I.T. people where you work into giving you a product key for a volume license of XP. (Remember, though, the VMWare software is free only for personal use; if you're doing this for work, you'll need VMWare licenses.) Educational licenses for XP are not locked to particular hardware, so you can use an education license if you have one.<br />
<br />
I am told that one can find product keys that will work through searching the web. I haven't tried that. You shouldn't, either, because it's probably illegal. (In the words of the late <a href="http://en.wikipedia.org/wiki/Jay_Rosenberg">Jay Rosenberg</a>, I have been politic and you have been warned.)<br />
<br />
<b>Cloning the XP System:</b> This step is optional. Because I am conservative and risk-averse, I used the free edition of <a href="http://www.macrium.com/reflectfree.aspx">Macrium Reflect</a> to make a clone of my XP system disk. I booted from the cloned disk and changed the product key there. My thinking was that if I somehow rendered the working disk unbootable, I'd still have the original. That step took several hours and turned out not to be necessary for me. (Although the free edition will do everything you need to do for this step, the folks at Macrium Software have done everyone a service by making it available. Consider buying the licensed edition if you can afford it.)<br />
<br />
<b>Changing the Product Key:</b> To change the product key of a running XP system, you will need the <a href="http://windows.microsoft.com/en-us/windows/help/genuine/product-key#T1=tab03">Windows XP Product Key Tool</a>, still available (so far) from Microsoft. Download it, run it, and type in the new product key. You will probably have to reboot your computer, but it either will not need activation, or will activate over the Internet without trouble. (If it doesn't, you'll be glad you made that clone disk!)<br />
<br />
Once your XP system has a retail or volume license product key, you can return to <a href="http://bitmonger.blogspot.com/2014/04/virtualizing-windows-xp.html#creating"><i>Creating the Windows XP Virtual Image</i></a>.<br />
<h3 id="running">
Running Your Virtual Machine</h3>
You use the free <a href="https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/4_0">VMWare Player</a> to run your virtual machine on Windows or Linux. For MacOS, you will need <a href="https://www.vmware.com/products/fusion/">VMWare Fusion</a>, which costs $60. There's a free 30-day trial of VMWare Fusion, so you can be sure this works for you before you put your money down. Download and install the correct virtual machine software for your computer.<br />
<br />
Connect the disk with the XP virtual machine image on it and double-click the dot-vmx file; Windows XP will start and run in your virtual machine! (If you get the dreaded "activation required" screen, you will need a different product key. See <i><a href="http://bitmonger.blogspot.com/2014/04/virtualizing-windows-xp.html#key">About the Windows XP Product Key</a> </i>above. As far as I know, there's no way to get past the activation screen. You will need to rebuild the virtual machine image with a retail or volume license product key.)<br />
<br />
After you have Windows XP running, you will want to install the VMWare tools into the virtual machine. There will be a button below the virtual machine screen that will start the process for you. It takes two or three minutes.<br />
<br />
You also need to read what Byron Brewer has to say about <a href="http://www.bryonbrewer.com/?p=223">very slow shutdowns</a> of VMWare virtual machines. I added the four-line change suggested by Brewer directly to the dot-vmx file by editing it with Notepad.<br />
<br />
Use "msconfig" and "Add/Remove Programs" to get rid of things that start automatically. They will make opening your virtual machine very slow, and may engage in unwanted Internet access. <br />
<br />
It is an increasingly bad idea to use your XP virtual machine for anything having to do with Internet access. Most especially you should not use Internet Explorer. XP is limited to IE 8, and web browsers are a primary vector for malicious software. Also avoid Flash, Java, and Acrobat in web browsers. Best advice: No Internet access from that virtual machine. You might even want to delete IE 8, Flash, Java, and Acrobat.<br />
<br />
If all you do is look at stuff on your virtual machine, you probably don't need to worry about the virtual disk, except to back it up from time to time. If you are writing to the disk as well as reading, you will want to read what VMWare has to say about <a href="http://pubs.vmware.com/workstation-10/index.jsp?topic=%2Fcom.vmware.ws.using.doc%2FGUID-2719ABE9-C082-478D-8F17-1CEBBD5B0A82.html">compacting virtual disks</a>. Make a backup before you compact.<br />
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by Bob Brown </div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>Virtualizing Windows XP</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-71283705555126285922014-04-12T00:20:00.004-04:002014-05-09T22:47:11.843-04:00The Four Choices of the Windows XPocalypse<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span><br />
<br />
</div>
It's April, 2014, and Windows XP is dead. Although XP has its detractors, it has served us very well for a dozen years. It's unfortunate that Windows Vista was, or was perceived to be, such a dud. It was possible to upgrade in place from XP to Vista, and more people would have done it if Vista hadn't gotten such a bad rap. It did, and they didn't.<br />
<br />
<i>Now what?</i><br />
<br />
There are four possibilities:<br />
<ul>
<li><a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#keepon">Keep on with Windows XP</a></li>
<li><a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#buynew">Buy a new computer, get a new OS</a></li>
<li><a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#upgrade">Back everything up and upgrade the operating system</a></li>
<li><a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#linux">Dump Windows and use Linux.</a></li>
</ul>
I've fully tried the last three three of them, and am messing around with the "Keep on with XP" option. I'll write a little bit about my experience with each one, but first a recommendation: <b>Buy a new computer and get a new operating system.</b><br />
<br />
There is actually a fifth choice: run Windows XP as a virtual machine on your new computer. That's the subject of a separate blog post, <a href="http://bitmonger.blogspot.com/2014/04/virtualizing-windows-xp.html">Virtualizing Windows XP. </a><b><br /></b><br />
<br />
This article tells what to do, but not so much about how to do it. None of this stuff is hard, but you might want to have a techie friend work with you through whichever option you choose.<b> </b><br />
<br />
One other thing: to accomplish either of the latter two possibilities, you will need an external disk drive, which will cost you $90 to $150. You really need one of these anyway so you can back up your data.<br />
<h3 id="keepon">
Keep on With Windows XP</h3>
I can't really recommend this one. Eventually, some bad guy will find a serious flaw in Windows XP and <i>Microsoft won't fix it.</i> Do you care? Yes, you do! Operating system flaws put your data at risk. Irreplaceable photographs could be deleted or corrupted. If your web browser knows your banking password, or something equally important, the bad guys could get it. They could send spam through your computer or mount attacks on others from your computer.<br />
<br />
With that said, Windows XP did not turn into a pumpkin on April 8, and no hard drives exploded. If you're a little careful, you could get several more years out of Windows XP. How do you be careful?<br />
<br />
<b>Run Windows Update:</b> Microsoft released security patches for WinXP on April 8. Be sure you've got them by running Windows update. If you had automatic updates turned on, you should already have the latest updates, but it won't hurt to check. If you had automatic updates off, keep running the update process until it tells you there are no updates. <i>Do this now</i>, in case Microsoft removes the XP updates from their servers.<br />
<br />
<b>Dump Internet Explorer:</b> The latest versions of Internet Explorer will not run on XP; we're stuck with IE 8, which is not being updated any more, and the web browser is the entry point for a lot of malicious software. The most current versions of <a href="http://www.mozilla.org/en-US/firefox/new/">Firefox</a> and <a href="https://www.google.com/intl/en/chrome/browser/">Chrome</a> work on XP. Get one or both. Do not use IE 8 for anything. At all.<br />
<br />
<b>Don't be "Administrator:"</b> Many of us, myself included, were in the habit of using a login account with Administrator privileges. The trouble with that is, if malicious software finds its way into your computer, it will have administrative privileges, which means <i>it</i> can do great damage. Make a new account, like "Bob Brown Adm" and give it administrative privileges. Change your regular account to have limited privileges, and use that one unless you really need to administer something.<br />
<br />
<b>Disable Java and Flash in the Browser: </b> These are major entrances for malicious software, and if they're enabled, they will <i>run automatically</i> if you reach an infected site. By the time you know there's a problem, it will be too late.<br />
<br />
<b>Run Anti Virus Software:</b> Although your operating system won't be updated when new security flaws are found, your anti-virus program<i> may</i> be able to defend you from some of them. If you are already running Microsoft Security Essentials, Microsoft has promised updates through July, 2015. If you don't already have an anti-virus product and need something free, try <a href="http://www.avast.com/en-us/index">Avast! 2014</a>. My recommendations for paid products are those from<a href="http://usa.kaspersky.com/products-services/home-computer-security/"> Kaspersky</a> or<a href="http://www.f-secure.com/en/web/home_us/home"> F-Secure</a>. Don't try to run more than one A-V product on the same computer. They don't work or play well together.<br />
<br />
<b>Keep your other Applications Up to Date:</b> The operating system is not the only thing bad guys can attack. If you are running other applications, keep them up to date. Software makers <i>may</i> keep publishing updates, especially security updates, for their Windows XP applications for some time after Microsoft support has ended. If there are updates, get them, regularly! <a href="http://secunia.com/vulnerability_scanning/personal/">Secuinia PSI</a> will help you find out what applications need updating and help you get the updates.<br />
<br />
<b>Have Good Backups: </b> You should be doing this anyway. The most valuable part of your computer is generally your data. You'll need an external drive and backup software, or one of the cloud backup services. I like the external drive approach because it's under my control. Power off that backup drive when you're not actually making backups, or malicious software could infect it, too. <br />
<br />
<b>Stay Away from Public Networks:</b> If you are at home or at work, you're almost certainly connected to the Internet through a network address translation (NAT) device. It's not really a firewall, but it does protect your computer from unsolicited network packets. A public network <i>could</i> assign a registered address to your computer, which would expose it to the Internet with no protection at all. It's not likely, but it could happen. You have to worry about the network operator and whoever else may be on the same network, too.<br />
<h3 id="buynew">
Buy a New Computer, Get a New OS</h3>
<div id="buynew">
This is the path of least resistance, although not the path of least money. It's not as expensive as you might fear, though. Buying Windows 8.1 will cost you over $100 unless you are eligible for an education discount, and you can buy a new computer with Windows 8.1 pre-installed for less than $400. (That's a pretty minimalist computer, but you can get one that's highly capable and still be in the three-figure price range.)<br />
<br />
You can save your data, most of it automagically, but you will have to re-install your apps.<br />
<br />
<b>Transfer Your Data:</b> With both computers connected to the same network, install the (free from Microsoft) <a href="http://www.microsoft.com/windows/en-us/xp/transfer-your-data.aspx">PC Mover Express</a> software on both computers. If possible, use a wired network; this may take forever if you try to do it wirelessly. Laplink has a<a href="http://www.laplink.com/index.php/individuals/pcmover-for-windows-8/cables/"> special Ethernet cable for $10</a> if you don't have a wired network available. (By the time you add shipping, it's $22, though.) Order it when you order the new computer, and you'll have it when you need it. (You <i>might</i> be able to use an Ethernet crossover cable if you have one around. I haven't tried this.)<br />
<br />
Follow the directions and PC Mover Express will migrate all your data, including most application settings, to your new PC. Plan to do this over night as it could take many hours. When I did this, it found everything except my Lotus Notes files and the profile for the Firefox web browser. The free <a href="http://mozbackup.jasnapaka.com/">MozBackup</a> program will save and restore your Firefox profile and those of other Mozilla products, like Thunderbird.<br />
<br />
<b>Buy and Install Start8:</b> The<a href="http://www.stardock.com/products/start8/"> Start8</a> program ($5.00) restores the start button to Windows 8.1. Microsoft has promised to put the start button back in a later release, so you may not need Start8. Or, you may be happy with Microsoft's "start screen" and not need Start8.<br />
<br />
<b>Reinstall Your Applications:</b> You will need to reinstall you applications from the original CDs or DVDs. If you've downloaded free software for XP, you 'll have to download it again. And, some old software may not work with Windows 8.1.<br />
<br />
<b>Put the Old PC in a Closet:</b> Once you have everything like you want it, put the old PC in a closet for six months or so. If you find there's something you need from it, you can haul it out, fire it up, and copy what you need to a flash drive. If you don't discover that you need anything in that six months, you probably got everything when you copied the data.<br />
<br />
<b>Finally, Nuke the Old Disk:</b> When you are confident that you no longer need anything from the old PC, destroy any data that may be on the disk. This is a critical step, especially if you've saved passwords in your web browser, stored credit card numbers, or otherwise put sensitive data on there. <a href="http://www.dban.org/download">Darik's Boot and Nuke</a> is a free program for secure erasure of disks. Download the image file, burn it to a CD or DVD, and boot the old computer from the CD. <i>Be careful with this!</i> It will completely erase the disk(s) in any computer from which you boot it.<br />
<br />
Once you've done the boot-and-nuke operation, there will be nothing on the disk of the old PC, including the operating system. You can now recycle it, donate it, or (try to) sell it. Do not have high hopes for selling it, though. It might bring enough to buy a lunch. <br />
<br />
Or, you could <a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#linux">install Linux</a> on the old PC and keep it as a spare or donate it to a church or school. Installing Linux will effectively wipe any previous data. If you want to be especially cautious, run boot-and-nuke first.</div>
<h3 id="upgrade">
Back Up Everything and Upgrade the Operating System</h3>
<div id="upgrade">
You want to keep your own hardware, but run a newer operating system. You first have to find out whether your hardware will <a href="http://windows.microsoft.com/en-us/windows-8/upgrade-from-windows-vista-xp-tutorial">support Windows 8.1</a> because you can't buy Windows 7 any more. If you are unsure whether your system meets the specifications, you can download the "Upgrade Assistant" from that link and it'll tell you. You will need to know whether your computer has an <a href="https://answers.yahoo.com/question/index?qid=20080507041238AAkW95t">x86 or x64 CPU</a> to know which flavor of Windows 8.1 to buy. Do note that a copy of Windows 8.1 will cost you $100 or more unless you can get an education discount. You will want to think about <a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#buynew">buying a new PC</a> or <a href="http://bitmonger.blogspot.com/2014/04/surviving-windows-xpocalypse.html#linux">dumping Windows in favor of Linux</a>.</div>
<div id="upgrade">
<br /></div>
<div id="upgrade">
You will be able to back up and transfer your data files, but you'll have to reinstall your applications, and some of them may not work under Windows 8.1 </div>
<div id="upgrade">
<br /></div>
<div id="upgrade">
OK... you've decided to go ahead...</div>
<div id="upgrade">
<br /></div>
<b>Back Up Everything:</b> You are going to blow your installation of Windows XP completely away when you install Windows 8.1. If you have <i>anything at all</i>
on your XP computer that you want to keep, copy those files to an
external disk before you start to install Windows 8.1; otherwise, they'll be
gone forever! Remember, this applies to pictures, documents, movies,
etc. You cannot use your Windows XP applications under Windows 8.1.<br />
<br />
<b>Install the Operating System:</b> Install Windows 8.1 from the DVD you got when you bought the operating system. When you're done, you will have a bootable computer with nothing on it except the OS and a few applications that came with it.<br />
<br />
<b>Buy and Install Start8:</b> The<a href="http://www.stardock.com/products/start8/"> Start8</a>
program ($5.00) restores the start button to Windows 8.1. Microsoft
has promised to put the start button back in a later release, so you may
not need Start8. Or, you may be happy with Microsoft's "start screen"
and not need Start8.<br />
<br />
<b>Reinstall Your Applications:</b>
You will need to reinstall you applications from the original CDs or
DVDs. If you've downloaded free software for XP, you 'll have to
download it again. And, some old software may not work with Windows
8.1.<br />
<br />
<b>Restore Your Data Files: </b> Attach the external disk to the computer and copy the data files from your backup to their new home. The structure of Windows 8.1 is different from that of XP. You may want to explore around a bit before you start copying the files.<br />
<br />
You will want to hang on to that external disk for a while before you write over it in case you missed getting something off of it. (If you missed putting something on it, it's gone forever!)<br />
<h3 id="linux">
Dump Windows and Use Linux </h3>
If your computer is not up to running Windows 8.1 and you mostly use it for surfing the web and using web-enabled email, you can run Linux and be happy. You can even do a little word processing or maybe watch a DVD using Linux. Your WinXP "apps" will be gone, though, along with WinXP.<br />
<br />
Don't listen to people who tell you that Linux is only for techies. You will find modern Linux distributions very similar to what you're used to. <br />
<br />
<b>Back Up Everything:</b> You are going to blow your installation of Windows XP completely away when you do this. If you have <i>anything at all</i> on your XP computer that you want to keep, copy those files to an external disk before you start to install Linux; otherwise, they'll be gone forever! Remember, this applies to pictures, documents, movies, etc. You cannot use your Windows XP applications under Linux.<br />
<br />
<b>Get Lubuntu Linux:</b> <a href="http://lubuntu.net/">Lubuntu</a> is a lightweight edition of the Ubuntu Linux distribution. Download it using your Windows XP machine and make a bootable flash drive. You will need to know whether you have an <a href="https://answers.yahoo.com/question/index?qid=20080507041238AAkW95t">x86 processor or an x64 processor</a>. Once you have that bootable flash drive, you're done with XP! Boot from the flash drive (you may have to play with the BIOS boot options to do that) and you will install Lubuntu Linux.<br />
<br />
You will do the following steps after you are running Linux. There is an enormous amount of software for Linux. Some is for generic Linux distributions and some is specific to a particular distribution. If you can't find a package specifically for Lubuntu, use the Ubuntu version or the generic version.<br />
<br />
<b>Install a Browser: </b> Lubuntu comes with Firefox pre-installed. If you prefer, you can install Chrome. When you have Lubuntu running, use Firefox to do a search for "Chrome Linux" and you'll be good to go. (I didn't put a link in here because it won't do you any good until you're already running Lubuntu.)<br />
<br />
<b>Install Libre Office:</b> <a href="https://www.libreoffice.org/download/libreoffice-fresh/#change"> Libre Office</a> is a cross-platform office suite with many of the features of Microsoft Office. The best feature is that it's free!<br />
<br />
<b>Install VLC:</b> The <a href="http://www.videolan.org/vlc/#download">VLC media player</a> is also free and works with Linux. If you have a suitable sound card, you can use VLC to listen to music. You may even be able to watch DVDs, depending on your hardware.<br />
<br />
<br />
<hr style="width: 75%;" />
<br />
<div style="text-align: center;">
Copyright © 2014 by Bob Brown </div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/"><i>The Four Choices of the Windows XPocalypse</i> by</span> <a href="http://bitmonger.blogspot.com/" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-26554350185379590052013-05-04T15:47:00.004-04:002021-03-17T14:45:01.177-04:00A Little About Encryption<h4 style="text-align: center;">
<span style="font-weight: normal;"><span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span></span></h4>
This is the third of three posts on encrypting email. The others are <a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html">It's Time to Encrypt Your Email </a>and <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using Encrypted Email</a>. <br />
<h4>
About Encryption</h4>
Encryption mathematically scrambles the bits of your email messages or
other documents so that the content is impossible to read without
reversing the encryption process. The encrypting process combines a
long and random collection of bits called the <i>key</i> with the
message to to produce an encrypted message, called the cipher text.
This is analogous to putting the message in an envelope, except that the
envelope cannot be opened without the key. The cipher text can be
safely sent to the recipient electronically; even if the message is
intercepted, the adversary will not be able to read it. Decrypting the
message involves reversing the process using the <i>same key</i>, as shown in the diagram. A system of encryption that uses the same key for both encrypting and decrypting is called <i>secret key</i> or or <i>shared key</i> or <i>symmetric key</i> encryption.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<img border="0" src="https://4.bp.blogspot.com/-9xW9FIVP3KI/UYSReoI0AgI/AAAAAAAAALs/h9GqxYj-jug/s1600/symmetric_crypto.gif" /></div>
<br />
You've spotted the problem! Sender and recipient must each have a copy
of the key, so you have to figure out a way to get the key to your recipients securely and hope they keep it secure. You also have to have a separate key for each person with whom
you want to correspond; otherwise, all will be able to decrypt everyone else's messages. Symmetric key encryption has important uses as we see below, but for correspondence, it doesn't scale well when used by itself.<br />
<h4>
Public Key Cryptography</h4>
In the 1970s, three groups of researchers independently invented a
mechanism that uses two different keys with the same message, one to
encrypt and one to decrypt. The key usually used for encrypting is called the
public key, and the key usually used for decrypting is called the private key.
Here's what's important: a message encrypted with one's public key can <i>only</i>
be decrypted using the corresponding private key. You can give the
public key to anyone, and they will not be able to decrypt messages that
others may have encrypted with the same public key.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<img border="0" src="https://1.bp.blogspot.com/-GO9sXGGxk5g/UYSRo2a-WNI/AAAAAAAAAL0/cLcGDVZOaEQ/s1600/public_crypto.gif" /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
You can give your public key to everyone with whom you correspond. Only
you will be able to decrypt the messages they encrypt for you. In
fact, there are public key servers that will allow you to post your own
public key and to look up the public keys of others. One such key
server is <a href="https://keys.openpgp.org/">keys.openpgp.org</a>. You will
probably want to upload your public key to that one or another. You
could try looking up the public keys of others right now by clicking on the link.<br />
<h4>
Hybrid Cryptography</h4>
There's a problem with public key cryptography: it's a lot of computational work. Encryption using public key cryptography can take as much as 10,000 times longer than encrypting the same message using symmetric key cryptography. Encrypting a message could take from several minutes to hours. We probably don't want to wait even a few minutes for the encryption process.<br />
<br />
Symmetric (shared) key encryption is much faster, with times in seconds for even very long messages. But, as we saw earlier, the problem is how to get a copy of that shared key securely to the recipient. The solution is to use public key cryptography to solve the <i>key exchange problem</i>. The sender generates a random number that's used to create a key for symmetric key encryption, using something like the <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard">Advanced Encryption Standard (AES.)</a> So, encryption can be completed very quickly. The symmetric key is called a <i>session key</i> when used this way because each key is used for only one message or communication session. The session key itself is encrypted using public key cryptography and the recipient's public key. Because the session key is short – perhaps 256 bits (32 bytes) – the time to encrypt it is minimal. The encrypted message and encrypted session key are packaged together and transmitted to the recipient. This two-step process is called <i>hybrid cryptography</i>, and is almost always the way public key cryptography is employed to secure messages from eavesdropping.<br />
<br />
The recipient reverses the process. The session key is first decrypted using the recipient's private key. Then, the session key is used to decrypt the message. Besides speeding up the process, use of session keys and hybrid cryptography actually improves the security of messages because it deprives an adversary of the chance to collect many messages encrypted with the same key. That's important for two reasons: having a large collection of text encrypted with a single key may make the cryptanalyst's job easier, and, if the key for one message is cracked, all the messages are revealed. (Of course, if the cryptanalyst can recover the recipient's private key, the public key no longer offers security. But, if the cryptanalyst cracks one session key, the other messages remain secure because they were encrypted with different session keys.)<br />
<h4>
Idea: A Digital Signature</h4>
The two keys of a public key crypto key pair are cryptographic inverses of one another. A message encrypted with one key of a pair can only be decrypted with the other key of the same pair. In the normal course of things, Alice would encrypt a message using Bill's public key, and Bill would decrypt it with his private key. That would keep the message confidential while it travels over an unsecure channel.<br />
<br />
If Alice encrypts a message with her <i>private</i> key, Bill or anyone else could decrypt it using Alice's public key. There's no confidentiality because the message can be decrypted with Alice's public key, and that's, well, public. However, if we believe that Alice has guarded her private key carefully, only she could have encrypted the message. So, we can say that Alice has <i>digitally signed</i> a message that was encrypted with her private key.<br />
<br />
Encrypting a message with a private key (to sign it) has the same problem as encrypting with a public key to secure it, namely that it would take a very long time. We need a way to characterize a specific message that is shorter than the message itself.<br />
<h4>
Cryptographic Hashes</h4>
In the early days of computing, it was common to add up a series of numbers before entering data into a computer, then add them up again with the computer. If one got the same total, that was a good indication that the data entry process was free of errors. Sometimes the numbers were things like birth dates, where a total did not have any meaning other than as a check for consistency. Such totals were called "hash totals."<br />
<br />
The characters that comprise a computer message are just numbers. In theory, we could add them up to get a hash total that could serve as a consistency check on the message. In practice, it's a little more complicated. <br />
<br />
A <a href="https://en.wikipedia.org/wiki/Cryptographic_hash_function">cryptographic hash function</a> has three special properties. First, even a tiny change in a message, like adding a zero to make $100 into $1,000, must change the computed hash code. Second, it should be impossible, given a message, to create another message that produces the same hash code. There exist hash codes that are thought to meet both criteria. We can think of the computed hash code as a kind of fingerprint for a message. Different messages always have different fingerprints, even if the difference in the messages is very small. A hash code computed over a message is called a <i>message digest</i>.<br />
<br />
The third property is that one cannot reconstruct the message given only the message digest.That's important because the digital signature exposes the message digest to an adversary.<br />
<h4>
The Digital Signature Improved</h4>
Given that we can compute a cryptographic hash, we can improve upon our idea of a digital signature. Instead of encrypting the entire message with her private key to sign it, Alice can compute a cryptographic hash over the message and encrypt the hash code only using her private key. Since the hash code is short – perhaps 256 bits – it, like a session key, can be encrypted quickly even with public key cryptography. The encrypted hash code is sent along with the message to serve as the digital signature.<br />
<br />
Such a digital signature not only authenticates the sender, it protects the message from tampering while in transit. Here's why: Anyone can decrypt the digital signature using Alice's public key, but only Alice could have encrypted it. Bill can verify the message by computing the hash code anew, then comparing it with the decrypted hash code sent with the message. If they're equal, we can be sure the message actually came from Alice. We can <i>also</i> be sure the message hasn't been altered. If Evil Eve had altered the message, the hash code Bill computed would be different from the one Alice computed. The computed hash code wouldn't match the decrypted hash code, and the digital signature validation would fail. (Eve can't replace the hash code after altering the message because doing so requires Alice's private key, which only Alice has.)<br />
<h4>
Putting the Pieces Together</h4>
We can encrypt a message using hybrid cryptography, and we can authenticate it using a digital signature. If we put those pieces together, we can package a message that only the intended recipient can decrypt, and for which the authenticity of the sender is assured.<br />
<br />
The diagram below shows what happens when Alice's encryption software prepares a digitally-signed and encrypted message for transmission to Bill. Plain text (unencrypted) information is represented by green boxes, encrypted information by red boxes, and keys by orange boxes. The package of information that is transmitted to Bill is surrounded by a blue box. The digital signature is "sort of green" because, although it is encrypted, anyone can decrypt it using Alice's public key.The circle-plus symbol indicates encryption.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-3TWr3X-wZsk/UbQtC6u9VSI/AAAAAAAAAO0/MeTBRgOt4lE/s1600/encryption_400w.gif" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://4.bp.blogspot.com/-3TWr3X-wZsk/UbQtC6u9VSI/AAAAAAAAAO0/MeTBRgOt4lE/s1600/encryption_400w.gif" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
Alice's encryption program uses a cryptographic hash algorithm to compute a message digest of the plaintext message, then encrypts the message digest using Alice's private key to form the digital signature. A random number generator is used to produce a session key. The session key will be used only once, for this message.<br />
<br />
The plaintext message is encrypted using the session key and a symmetric key encryption algorithm such as <a href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a>. The session key itself is encrypted with Bill's public key.<br />
<br />
There are three encryption operations. Symmetric key encryption is used for the "main" message because it is comparatively fast. Public key encryption is used to produce the encrypted session key and the digital signature. This works because, although public key encryption is slow, both the message digest and the session key are small, perhaps 32 bytes each. The "package" sent to Bill includes the three main components shown in the diagram and some additional information. It identifies Alice as the sender, Bill as the recipient, and names the encryption algorithms used. It is possible to include more than one encrypted session key. If Alice wanted to send the same message to both Bill and Charlie, the package would include a copy of the session key encrypted with Bill's public key and another copy encrypted with Charlie's public key.<br />
<br />
<i>Bill Receives the Message</i><br />
<br />
Bill gets the packaged message over the Internet by email, or perhaps in some other way. The session key was encrypted by Alice using Bill's public key. Using Bill's <i>private</i> key, Bill's crypto program decrypts the session key. The session key is used to decrypt the actual contents of the message. Since only Bill has a copy of his private key, only Bill can decrypt the session key, and hence decrypt the message. The message is now available in plaintext. The next step is to check that it really came from Alice and is not a forgery.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-aWUnE0mfqTM/UbQ1Q7gq7DI/AAAAAAAAAPE/Ya7vZuH9o-k/s1600/decryption.gif" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-aWUnE0mfqTM/UbQ1Q7gq7DI/AAAAAAAAAPE/Ya7vZuH9o-k/s1600/decryption.gif" /></a></div>
Alice digitally signed the message by encrypting a message digest using her private key. We know two things about that. Since the digest was encrypted with Alice's private key, only Alice's public key can decrypt it. Since only Alice has a copy of her private key, only Alice could have encrypted it.<br />
<br />
Bill uses Alice's <i>public</i> key to decrypt the digest that is the digital signature. Bill also computes a new message digest from the plaintext message. The decrypted digest and the computed digest are compared. If they are equal, Bill has confidence that the message actually came from Alice, and also that it hasn't been tampered with. If they're not equal, then something is wrong and Bill must mistrust the message.<br />
<br />
The <i>amount</i> of confidence Bill has in the authenticity of the message depends on the amount of confidence Bill has that Alice has kept her private key secure. If Bill is sure that Alice has kept her private key secure, then Bill can be sure the message came from Alice. If malicious Mallory has gotten a copy of Alice's private key, then Mallory could have forged the message.<br />
<br />
Notice that if Eve the eavesdropper can intercept a copy of the message, Eve can decrypt the digital signature with Alice's public key because it is, well, <i>public</i>. However, it doesn't do Eve any good because one of the characteristics of that cryptographic hash is that the message cannot be reconstructed from the message digest.<br />
<h4>
Digital Certificates</h4>
In a <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">previous post,</a> I wrote about signing others' public keys as a way to improve
our confidence that the key actually belongs to the person it claims to belong to. We saw earlier how a message could be both authenticated and protected from tampering through the use of a digital signature. A public key can be protected in the same way. When a public key is digitally signed, the result is called a <i>digital certificate</i>. <br />
<br />
The purpose of a digital certificate is to bind an identity to a public key. When you created your public/private key pair, you put in your own email address, but you <i>could have</i> claimed to be alice@example.com or even president@whitehouse.gov. If you could get someone to use such a public key, thinking they were corresponding with the real Alice (or President) you'd be able to decrypt the messages because you have the corresponding private key. A digital certificate helps us increase our confidence that a particular public key actually belongs to the claimed party. It <i>binds an identity to a public key</i>.<br />
<a href="http://1.bp.blogspot.com/-Pl1BEHrWHLI/UaQJ3MN6ViI/AAAAAAAAAOE/swNK5T1DSa4/s1600/digital_certificate.gif" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://1.bp.blogspot.com/-Pl1BEHrWHLI/UaQJ3MN6ViI/AAAAAAAAAOE/swNK5T1DSa4/s1600/digital_certificate.gif" style="padding: 1em 1em 1em 0px;" /></a>The diagram at the left is a simplified representation of a digital certificate. The part in green is all plain text. It identifies alice@example.com as being the owner of the given public key. This certificate has two digital signatures, one by Bob and one by Charlie. By signing this certificate, Bob and Charlie are certifying that they have checked that the given public key actually belongs to alice@example.com. <br />
<br />
Here's how it works. The certificate is just a message consisting of an identifier, a public key, and other information in plain text, the part shown as green in the diagram. Each signature has two parts, identification of the signer, shown in yellow-green and stored as plain text, and an encrypted hash code, shown in red and encrypted with Bob's <i>private key</i>. Someone who knows and trusts Bob can compute the hash code directly, using the part of the certificate shown in green, then use Bob's <i>public</i> key to decrypt the part shown in red under Bob's identifier. If the computed hash code and the decrypted hash code match, we can have confidence that the part of the certificate in green hasn't been tampered with, and that the public key given really does belong to Alice. How much confidence we have depends upon <i>how much</i> we trust Bob. If we don't know or trust Bob, perhaps we know Charlie or someone else who has signed Alice's key. The subject of trust was discussed in <i><a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using Encrypted Email</a></i>.<br />
<br />
A digital certificate can be signed by a number of individuals, creating a <i>web of trust</i>, or by a single trusted organization, called a <a href="https://en.wikipedia.org/wiki/Certificate_authority">certificate authority</a>. OpenPGP uses the web of trust model.<br />
<h4>
A Note on the Strength of Cryptography</h4>
Modern cryptosystems are very difficult to break, but probably not impossible to break. If you used a 4,096-bit key size when you generated your key pair, cracking your encryption would take dozens of years using the best algorithms and fastest computers available. Of course, Moore's law means that computers are getting faster, and in a dozen years, 4,096 bits may not be enough. For now, even with a 2,048 bit key size, you are probably safe from any person or agency except possibly the <a href="http://www.nsa.gov/">NSA</a>. <br />
<br />
The weak points are the private key, stored on your computer and
the passphrase, stored in your head. If an adversary can get both of
those, your privacy is toast. Without them, your privacy is protected
against casual snoopers, and even persistent snoops like reporters. You are in more danger from something like this than you are from a computational attack. Your private key backup is another weak point. Guard it carefully. <br />
<br />
<div center="" class="separator" text-align:="">
<a href="http://xkcd.com/538/" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-2SRtORS4qrI/UYV36voSuXI/AAAAAAAAAMQ/aR-HAYd0RtQ/s1600/xkcd_crypto_wrench_security.gif" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
While we're talking about the strength of cryptography it's time for a warning: <i>don't roll your own</i>. While it might seem very cool to design and implement your own cryptosystem, it turns out to be surprisingly hard to do right. Unless you have the equivalent of a Ph.D. in mathematics with an emphasis on cryptology, it's an extremely bad idea to trust important information to home brewed crypto. Experiment all you want, but when you're serious about protecting information, use cryptosystems developed by experts, examined by other experts, and that have withstood the test of time.<br />
<h4>
Cryptography and the Law</h4>
There's
a different question when it comes to law enforcement: can you be
compelled to decrypt documents? Even if law enforcement
agencies cannot crack your encryption, they may be able to get a court
to order you to decrypt documents yourself or to surrender your passphrase. If you refuse, you might be
held in jail until you change your mind. Whether the Fifth Amendment
protection against self-incrimination means you do not have to reveal your passphrase or
the contents of encrypted documents has not been settled as of summer,
2013. Different courts have ruled differently. There is also a distinction at law between being forced to divulge your passphrase and being forced to produce documents in plain text (decrypted) form.<br />
<br />
I'm not
a lawyer, and cannot give legal advice. Good, common sense advice is
not to do illegal things nor possess illegal materials. Encryption may
delay an investigation, but it is unlikely to save you from the
consequences of illegal actions.<br />
<br />
With that said, I cannot emphasize too strongly that, in the United States, <i>there is nothing illegal about using encryption. </i><br />
<br />
<hr style="width: 75%;" />
Previous article: <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using Encrypted Email</a><br />
<br />
<div style="text-align: center;">
<i>Copyright © 2013 by Bob Brown <br />Last updated: 2021-03-14<br /></i></div><i>
</i><br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="https://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a><br />
<span property="dct:title" style="font-size: x-small;" xmlns:dct="http://purl.org/dc/terms/">A Little About Encryption</span><span style="font-size: x-small;"> by <a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
</span><br />
<hr style="width: 75%;" />
<i><i><span style="font-size: xx-small;">Some of the symbols used in some of the illustrations were borrowed from a document on the subject of <a href="http://technet.microsoft.com/en-us/library/aa998077%28v=exchg.65%29.aspx">public key cryptography</a> by Microsoft.</span></i> </i><i><i><span style="font-size: xx-small;">Thanks, Microsoft! The <a href="https://www.xkcd.com/">XKCD</a> cartoons are used under the terms of the <a href="http://creativecommons.org/licenses/by-nc/2.5/">Creative Commons Attribution-NonCommercial 2.5 License</a>.The quotation by Ken White is used by permission.</span></i></i><br />
<i> </i>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-63472511288073846652013-05-04T15:46:00.004-04:002021-02-22T03:32:51.040-05:00Using Encrypted Email<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span></div>
<span style="font-size: x-small;"><i> </i></span> <br />
This is the second of three posts on encrypting email. The others are <a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html">It's Time to Encrypt Your Email </a>and <a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html">A Little About Encryption</a>. <br />
If you've followed the directions in "<a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html">It's Time to Encrypt Your Email</a>," you have an email client that's set up to encrypt messages you send and decrypt messages you receive. Now what?<br />
<h4>
Someone To Write To</h4>
Being the first person on your block to have public key cryptography for
your email leaves you with no one with whom you can correspond securely. Let your frequent
correspondents know about these articles and help them get started with
public key cryptography for their email. If you recruit two people to
use encryption and each of them also recruits two more, soon everyone
will be doing what we should be doing.<br />
<h4>
The Subject May Not Be Encrypted</h4>
If you're using Thunderbird version 78 or higher, the subject lines of your messages will be encrypted. Other encryption mechanisms may not encrypt the subject. This means that anyone who can eavesdrop on your mail stream can read your subject lines. If your main reason for encryption is to foil casual snooping, just use subject lines as usual, but be aware that you are potentially revealing information. Alternatively, you can use uninformative subjects like, "Encrypted message." (An eavesdropper will be able to tell which messages are encrypted anyway, so you haven't revealed anything.) For voluminous correspondence, where subject lines might be needed to categorize messages, and should not reveal information to eavesdroppers, you could use a <a href="https://en.wikipedia.org/wiki/Code_%28cryptography%29" target="_blank">code</a>. A subject of, "Spending weekend with Grandpa" might indicate one type of message, and "What about pizza?" another.<br />
<br />Or, you could use Thunderbird, which encrypts the subject line.<br />
<h4>
Traffic Analysis</h4>
An adversary who can eavesdrop on your email can see with whom you correspond even if the contents of the messages remain hidden. Sometimes inferences can be drawn from that information. For example, if the owner of a successful private company suddenly starts communicating with investment bankers, one could speculate that the company is about to go public. Traffic analysis countermeasures are <i>far</i> beyond the scope of this article, but users of encryption should be aware of the possibility that "they" know to whom you are writing, even though they can't read the messages.<br />
<br />
It is increasingly the case that email systems use <a href="http://en.wikipedia.org/wiki/Transport_Layer_Security">TLS/SSL</a> encryption between client and server, and from one email server to another. Although that makes traffic analysis more difficult, he header information of email messages is necessarily unencrypted while the message is "at rest," either on a server or at the origin or destination. An adversary with access to an email provider's servers can read all of the header information: sender, recipients, and the rest, and possibly subjects. Some adversaries, like governments, might be able to compel access to email providers' servers. Of course, if the adversary can install monitoring software on the computer at the origin or destination, no part of the message is secure, even if the body is encrypted.<br />
<h4>
Digital Certificates</h4>
If <a href="http://xkcd.com/177/" target="_blank">Evil Eve the Eavesdropper</a> could somehow replace Alice's public key with Eve's own, then Eve would be able to read messages intended for Alice. We guard against that by embedding public keys in digital certificates. A <i>self-signed</i> digital certificate is a digest (electronic fingerprint) of the public key and identifying data, computed using a <a href="http://en.wikipedia.org/wiki/Cryptographic_hash_function">cryptographic hash function</a> and encrypted with the owner's <i>private</i> key. Because public and private keys are cryptographic inverses of one another, anyone can compute the digest of Alice's digital certificate, then use Alice's public key (from the certificate) to decrypt the digest from the certificate, and finally compare the two. In theory, if the two digests match, one should be able to trust the public key. In practice, a self-signed digital certificate provides no significant protection against replacing both the public key and the encrypted fingerprint. Self-signing <i>does</i> protect the certificate from tampering.<br />
<br />
We overcome the problem that Eve could have generated a completely forged certificate by having the digital certificate signed with the private keys of one or more trusted third parties. One approach is to use a single trusted party, the certificate authority. The other approach, and the one employed by OpenPGP, is to have that key fingerprint signed by several third parties in whom we place varying degrees of trust. (<i>Note:</i> As of spring, 2021, the <b>Hagrid keyserver at keys.openpgp.org does not support key signing.</b>)<br />
<br />
A third party signs a certificate by computing the digest of the identifier and public key, then encrypting it with the signer's <i>private</i> key. The signer's identity is added to the signature. Anyone can find the signer's public key and check the digital signature as described above.<br />
<br />
There is more about digests in <a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html"><i>A Little About Encryption. </i></a><br />
<h4>
Key Signing</h4>
If a third party whom we trust has signed Alice's key, we can have a great deal of confidence that we really have Alice's key and not Eve's because changing the key would invalidate the signature. If we don't know the person who signed Alice's key, we have a lot less trust. Perhaps Eve has subverted the signer.<br />
<br />
If several people have signed Alice's key, our confidence increases because Eve the Eavesdropper would have had to subvert each of them. The more signers, the more confidence we can have, especially if one of the signers is known to us. This creates the "web of trust" that lets us have confidence that the public keys of others have not been tampered with, and does so without the need for a central authority.<br />
<br />
You may be asked to "sign" someone's key, or you may want to ask someone to sign yours. To have a friend sign your key, approach the friend in person, with your name or email address and key fingerprint written on paper. If your friend agrees to sign your key,your friend will take the paper, obtain your public key from a key server, and verify that the key fingerprint you supplied on paper patches that of the key from the key server. If the two fingerprints match, your friend will get your key from a key server, "certify" the key as belonging to you by adding his digital signature, and send it back to the key server.<br />
<br />
There's no need to go wild, but your key will be more trusted if at least four or five people have signed it; more is better. Try to have it signed by people who move in different circles; that will increase the probability the someone who needs your key will know someone who has signed it, or "know someone who knows someone."<br />
<h4>
A Key Signing Party </h4>
Since getting people who can verify each others' identity to sign each others' public keys is a Good Thing, and since socializing with like-minded people is also a Good Thing, you might want to host (or instigate) a key signing party. You won't even need access to computers at the party. The host prepares a list of attendees and information about their public keys and makes a copy for everyone at the party. Attendees bring their own key information and picture IDs to the party. Each guest checks the information for each other guest, and then later signs the keys of those whose information checks out. The "later" part is why you do not need, and should not have, computers at the party.<br />
<br />
There are many sets of instructions for organizing key signing parties on the web. The best one I've found so far is the <a href="http://w4kwh.org/keysigning-party-guide/" target="_blank">W4KWH Key Signing Party Guide</a>.<br />
<br />
If you host or attend a key signing party, be sure you scrupulously verify the identification and key information of everyone whose key you intend to sign. Do not make this mistake:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://xkcd.com/364/" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-DTLI8RFkNu8/UYnZMbmeWjI/AAAAAAAAAMk/tiLUqlIWCMY/s1600/xkcd_signed_key_responsible_behavior_revised_three_panels_400w.gif" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<h4>
Trusting Others' Certifications</h4>
Suppose Alice wants to communicate securely with Bob. She retrieves Bob's public key from a key server and finds that it has been signed by Charles, David, Frank, and George. Can we say more about how certain Alice can be that she <i>really</i> has Bob's public key than, "signed by four people?" Yes, especially if Alice knows any of those people, or knows anyone who has signed their keys..<br />
<br />
Alice (and you) can assign a level of trust to every key on her keyring of public keys. This is a subjective decision; Alice (and you) get to decide. The levels of trust are:<br />
<ol>
<li>Unknown</li>
<li>Untrusted (known to sign public keys carelessly or maliciously; see the cartoon!)</li>
<li>Marginally trusted (probably careful when signing public keys)</li>
<li>Fully trusted.</li>
</ol>
Anything signed with Alice's own private key is assumed to be fully trusted; everything else is initially set to "unknown." Alice can change the trust level of keys on her keyring. If Charles's key is on Alice's keyring, she can set its trust to "marginally trusted" or even "fully trusted."<br />
<br />
Given the idea of levels of trust, one can apply an algorithm to help Alice decide whether the key she has retrieved from a key server for Bob is really his. A key is valid (<i>i.e.</i> trustworthy) if two conditions hold. First, it must have been signed by "enough" trusted keys. "Enough" means:<br />
<ol>
<li>Alice has signed it herself, <i>or</i></li>
<li>It has been signed with at least one key that is fully trusted by Alice, <i>or</i></li>
<li>It has been signed with at least three keys marginally trusted by Alice.</li>
</ol>
The second condition is that the path of signatures from Bob's key to Alice's has five or fewer steps. That may seem very restrictive until one considers the concept of <a href="http://en.wikipedia.org/wiki/Six_degrees_of_separation" target="_blank">six degrees of separation</a>.<br />
<br />
Those are the default parameters for GnuPG; you can change the parameters to be more or less restrictive. Levels of trust are private, and are not shared or exported when you sign someone else's public key.<br />
<h4>
Creating a Revocation Certificate </h4>
Once a key has been uploaded to a key server, it is effectively impossible to remove. Yet, you might want to remove your key for a number of reasons. It might be something as scary as having your private key compromised, or as mundane as getting a new email address, which is effectively a new identity. (You can also deal with a new email address using subkeys, which are explained in the <a href="http://www.gnupg.org/gph/en/manual.html" target="_blank"><i>Gnu Privacy Handbook</i></a>. Subkeys are really the right way to deal with new addresses.) Although you can't remove a key from the key servers, you can <i>revoke it</i>... if you have a revocation certificate. Revoking your key tells everyone it is no longer effective to use that public key.<br />
<br />
The revocation certificate must be signed using your private key. One of the reasons you might want to revoke a public key is that you no longer have access to the corresponding private key. As I wrote in <a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html" target="_blank">an earlier post</a>, that can happen if you forget your passphrase or have a disk failure. So, generate that revocation certificate soon after you generate your key pair. Once you've generated a revocation certificate, <i>do not import it</i>. You will do that only if you're ready to revoke the public key. Instead, store it someplace safe. Remember, anyone who can get access to your revocation certificate can revoke your public key.<br />
<br />
You will need to use the command interface of GnuPG to create your revocation certificate. Open a command window and navigate to the directory where gpg.exe is stored. On my computer, that's<br />
<div style="text-align: center;">
\Program Files\GNU\GnuPG. </div>
The command line to enter is<br />
<div style="text-align: center;">
gpg --output <key ID>.revoke.asc --gen-revoke <key ID></div>
Where <key ID> represents the eight hex character ID of the key for which you want to create a revocation certificate. Here, edited slightly, is what it looked like when I created a revocation certificate for key ID 375F8696. What I typed is in bold.<br />
<br />
<div style="background-color: #eeeeee; border: 1px solid black; margin: auto; padding: 1em; width: 90%;">
<pre><b>gpg --output 375f8696.revoke.asc --gen-revoke 375f8696</b>
sec 2048R/375F8696 2013-04-07 Bob Brown <my_email>
Create a revocation certificate for this key? (y/N) <b>y</b>
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? <b>1</b>
Enter an optional description; end with empty line:
>
Reason for revocation: Key has been compromised
(No description given)
Is this okay? (y/N) <b>y</b>
You need a passphrase to unlock the secret key for
user: "Bob Brown <my_email>"
<b>passphrase entered here</b>
2048-bit RSA key, ID 375F8696, created 2013-04-07
ASCII armored output forced.
Revocation certificate created.
</pre>
</div>
<br />
The result will be a file called <key ID>.revoke.asc; in the example, 375F8696.revoke.asc, in the same directory where you ran the command. <i>Do not leave it there!</i> You need the revocation certificate if you lose access to your private key, which could happen if your computer is stolen or your hard disk fails.<br />
<br />
These instructions came from the <i><a href="http://www.gnupg.org/gph/en/manual.html" target="_blank">Gnu Privacy Handbook</a></i>. I recommend having a good look at it to see what else one can do with <br />
<h4>
Signing Unencrypted Messages</h4>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://xkcd.com/1181/" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://3.bp.blogspot.com/-yAweDPWp0wg/UYy45lbNisI/AAAAAAAAAM8/0HYnZVC8Wb8/s1600/xkcd_pgp_signed_pgp.gif" /></a></div>
GnuPG can be used to add a digital signature even to messages that haven't been encrypted. Such a digital signature makes the messages tamper-evident and provides for cryptographic authentication of the sender. It also adds PGP headers and a base 64 encoded digital signature to the <i>body</i> of the message, making one's messages somewhat ugly. There are two reasons for signing unencrypted messages. One, of course is to provide tamper-resistent, authenticated messages. The other, and possibly the more important one, is for it to cause recipients of such messages to say, "WTF?" and thereby open a discussion of why they, too, should be encrypting their email. For that second reason alone, it may be worth it.<br />
<h4>
Validating (Verifying) Signed Messages</h4>
Mail clients like Thunderbird can be configured to add digital signatures to all messages by default, even those that are not encrypted. Some can also be configured on a per-address basis. Consider adding a digital signature to all of your email, or at least to mail sent to friends who might be amenable to encrypting their own email.<br />
<br />
The cartoon is a little tongue-in-cheek... well, a <i>lot</i> tongue in cheek. Validation of signatures is automagic if the recipient is using an email client that understands OpenPGP. Such a client may even conceal the headers and just give a green bar or other indication that the message has been authenticated. Someone using an email client that doesn't understand OpenPGP can still validate digital signatures. To do so, copy the entire message, beginning with "-----BEGIN PGP SIGNED MESSAGE-----" and ending with "-----END PGP SIGNATURE-----" and save it to a temporary file. It can then be validated using the Decrypt/Verify File function of Kleopatra. (It's under the File menu.) The recipient must have imported the sender's public key certificate.<br />
<h4>
Thunderbird Portable Edition</h4>
My laptop goes where I go, so I can deal with encrypted email just about anywhere. If you primarily use a desktop computer and set up encryption there, it might be difficult to read or send encrypted email from elsewhere. One solution might be <a href="http://portableapps.com/apps/internet/thunderbird_portable" target="_blank">Thunderbird Portable Edition</a>. This is Thunderbird bundled with the PortableApps launcher so that it will run from a USB flash drive. Using Thunderbird this way leaves no information behind on the host computer. The Windows operating system is required.<br />
<br />
If you set up and use Thunderbird Portable Edition, <i>your private key will be on that flash drive</i>; be sure to guard it well. Consider using an encrypted flash drive.<br />
<br />
If you use any of the PortableApps applications, please consider making a donation or buying one of their flash drives. The software is free; the effort of making it portable is supported by donations.<br />
<br />
<hr style="width: 75%;" />
Previous article: <i><a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html">It's Time to Encrypt Your Email</a> </i> Next article:<a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html"><i>A Little About Encryption</i></a><br />
<br />
<div style="text-align: center;">
<i>Copyright © 2013 by Bob Brown <br />Last update: 2021-02-22<br /></i></div>
<br />
<a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a><br />
<span property="dct:title" xmlns:dct="http://purl.org/dc/terms/">Using Encrypted Email</span> by <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
<br />
<hr style="width: 75%;" />
<i><i><span style="font-size: xx-small;">The <a href="https://www.xkcd.com/">XKCD</a> cartoons are used under the terms of the <a href="http://creativecommons.org/licenses/by-nc/2.5/">Creative Commons Attribution-NonCommercial 2.5 License</a>.The quotation by Ken White is used by permission.</span></i></i> Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-14925168787151278182013-05-02T08:21:00.007-04:002021-03-14T10:42:12.318-04:00It's Time to Encrypt Your Email<div style="text-align: center;">
<span style="font-size: x-small;"><i>My people have no tradition of proofreading. —<a href="http://www.popehat.com/">Ken White</a></i></span></div>
<br />
<h4>
Too long; didn't read</h4>
I set out to write some simple instructions on setting up encrypted email. Being a college teacher, I couldn't resist answering the "because" question for every step. I also wandered into the ways one could use encrypted email and the other features available. The article became <i>way</i> too long for anyone to actually use, so I've broken it up into three parts. This is the first of the three. The other two are:<br />
<ul>
<li><a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using encrypted email</a></li>
<li><a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html">A little about encryption</a>.</li></ul><p style="margin-left: 40px; text-align: left;"><i>This article has been extensively revised because the Thunderbird email client now supports native encryption. </i><i><i><span style="font-size: x-small;">(Note added 2021-02-21)</span></i></i><br /></p><ul>
</ul>
<h4>
Why Encrypt? </h4>
We've read about "<a href="https://www.google.com/?q=hacker+breaks+into+email">hackers</a>" and <a href="https://www.google.com/?q=reporter+hacks+into+email">reporters</a> breaking into peoples' email. The FBI is back again with a proposal that would make "wiretapping" electronic communications easier. It's probably already too easy. If you're not sure, ask <a href="http://en.wikipedia.org/wiki/David_Petraeus">David Petraeus</a>. Current (2013) law provides very little protection for email messages and almost none for messages left on your mail provider's server for longer than 180 days. According to the <a href="https://www.eff.org/who-has-your-back-2013">Electronic Frontier Foundation</a>, some of the biggest providers of email (Apple, AT&T, Comcast, Verizon, and Yahoo) <i>do not require warrants</i> for access to "content," which appears to include email. (2019 data.) In the summer of 2013, we found that snooping by the <a href="http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_print.html">NSA in particular</a> is far more widespread than most of us had imagined.<br />
<br />
Most of the personal email most of us write is completely innocent, things like deciding on where to go for pizza, but even innocent email can contain confidential information. I needed the Social Security numbers of my nieces and nephew to make them beneficiaries in case of my death. Even though those exchanges were innocent, they contained information others should not have. I have recently been reminded that anything you communicate to your lawyer should be encrypted to protect the attorney-client privilege.<br />
<br />
As you can see, there are good reasons for keeping your email confidential. The best one is that the contents of your email are <i>none of their damn' business!</i> whoever "they" may be. You can protect your personal email by encrypting it, and it's easy to do. Read on to find one way to do it.<br />
<br />
Following these instructions will allow you to encrypt mail that you want encrypted, and all the software you need is free. Messages that you don't want encrypted will not be. That's important because many of the people with whom you correspond will not have encryption set up at "their end." Tell the ones who don't about this article!<br />
<h4>
Two Ways to Encrypt Email</h4>
Email can be encrypted using one of two standards, <a href="http://en.wikipedia.org/wiki/S/MIME">S/MIME</a> or <a href="http://en.wikipedia.org/wiki/Openpgp#OpenPGP">OpenPGP</a>, that are not interoperable. The Thunderbird email client discussed below is ready for either standard out of the box. The trouble is, S/MIME requires a digital certificate for which you might have to pay. These instructions are for <b>OpenPGP</b>, which is based on a "web of trust" rather than on digital certificates. (If you have friends who use S/MIME encryption, <a href="http://www.comodo.com/home/email-security/free-email-certificate.php">Comodo</a> offers free certificates with a one-year expiration period. You <i>can</i> install both S/MIME and OpenPGP encryption, but you have to keep track of who uses what.)<br />
<h4>
Note for Users of MacOS </h4>
The instructions below will work for MacOS, but after I wrote this, the folks who develop GPG Tools for Mac released <a href="https://gpgtools.org/">Version 2 of GPG Mail</a>. I don't have access to a Mac, so I haven't tested this personally, but a colleague with a Mac says it just snaps in and works. If you use the Apple Mail application, you can probably just install GPG Mail instead of following my outline. Before you start, please do read about pass phrases, key generation, and making a backup of your private key, below; that information is applicable to configuring GPG Mail. You should actually read the whole article, and the two that follow. If you try using GPG Mail, <i>please</i> leave a comment reporting your experience. <i><span style="font-size: x-small;">(Note added 2013-08-11.)</span></i><br />
<h4>
What We are Going to Do</h4>
These instructions are primarily for Windows users, but the software described will run on Linux and Mac OS as well. This may seem long and complicated, but if you take it step-by-step, it'll be easy. I recommend reading through the entire post before you start. Here's what we're going to do:<br />
<ol>
<li>Install a "local" email client, Mozilla Thunderbird, on your computer. You may already be using Thunderbird.<br /></li>
<li>Devise a passphrase to protect your private key. </li>
<li>Generate your own public/private key pair.</li>
<li>Enable OpenPGP encryption in Thunderbird.<br /></li>
<li>Upload your public key to a keyserver.</li>
<li>Make a backup of your private key. </li>
</ol>
Optionally, you may want to create a revocation certificate and have your public key signed by a few other people. There's more on that in <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using Encrypted Email</a>. <i>(Note:</i> As of spring, 2021, the keyserver at keys.openpgp.org does not support key signing.)<br />
<h4>
Install a Local Email Client</h4><p>
To start with, you will need an email client that runs on your own computer. If you are already running Thunderbird, be sure you're running version 78 or higher and you're done with this step.<br />
<br />
Otherwise, download and install <a href="https://www.mozilla.org/en-US/thunderbird/">Mozilla Thunderbird</a>. In most cases, Thunderbird can configure itself automatically with just your email address because it has a database of settings for major email providers. If, for some reason, automatic configuration fails, you will need, from your email provider, the server addresses and port numbers to configure IMAP or POP incoming mail and SMTP outgoing mail. These should be available from your email provider's support site. You will also need to know the connection type, which will often be SSL/TLS. </p><p> If you use Thunderbird, to keep your private key secure, you <i>must</i> set a master password. Use a pass phrase, not a word, as described in the next section.<br /></p><h4 style="text-align: left;">Devise a Passphrase </h4><h4 style="text-align: left;"><span style="font-weight: normal;">It is important that you keep your private key private. You will use a "password" for that. Your encryption is no stronger than this word or phrase. <i>Please</i> don't use any of the <a href="http://xato.net/passwords/more-top-worst-passwords/">top 10,000 passwords</a>. I recommend using a phrase you will remember, something like, "My best times are those I spend at the beach." That is very easy to remember, but it would be difficult even for someone who knows me well to guess it exactly. The phrase should be more than a couple of dozen letters to foil automatic guessing, but you may have to type this phrase every time you encrypt or decrypt a message, so don't write a book!</span></h4><p>
<br />
The people who write password cracking software are onto the rules of grammar. For a little more strength, you might rephrase as Yoda-speak: "Those I spend at the beach my best times are," or change the grammar around in another way.<br />
<br />
For the strongest passphrase, generate it with <a href="https://www.eff.org/dice" target="_blank">Diceware</a>. You can also read the original <a href="http://world.std.com/~reinhold/diceware.html">Diceware</a> article. Use real dice or the <a href="https://www.random.org/dice/" target="_blank">dice from random.org</a>. Throw five dice per throw and use the Electronic Frontier Foundation's <a href="https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases" target="_blank">long word list</a>.<br />
<br />
If you forget your passphrase, you're toast. Write it on a slip of paper and put it in a book you use infrequently. When (if ever) you are <i>absolutely sure</i> you have it memorized, tear that slip of paper into tiny pieces and flush them.<br />
</p><h4>
Generate a Key Pair</h4>
Once you've settled on a passphrase, you are ready to generate your public and private keys. <span class="menu">From the "hamburger menu" at the top left, choose</span> <i><span class="menu">Account Settings</span></i> > select your account > <span class="menu"><i>End-to-End</i> <i>Encryption</i></span> ><i> </i><span class="button"><i>Add Key</i>. The default size of 3,072 bits is probably enough. For extra strength, choose 4,096 bits. I made my key unexpiring. For highest security, expire the key at intervals.</span>
<h4>
Upload Your Public Key to a Keyserver</h4><p>
To make your public key as public as possible, upload it to a keyserver. The keyservers talk to each other, so uploading to one of them is generally enough. Thunderbird is configured to use <a href="https://keys.openpgp.org/">https://keys.openpgp.org/</a> as its keyserver. It isn't (yet) clear to me whether your public key is uploaded automagically. About an hour after you've configured encryption, go to the keyserver using the link above and search using your email address. If it finds you, you're done.</p><p>If not, do the following: Within Thunderbird's<i> End-To-End Encryption</i> panel, click "OpenPGP Key Manager." In the Key Manager, select your key and choose <i>File</i> > <i>Export Public Key(s) to File</i>. Save the exported file and in a web browser, navigate to <a href="https://keys.openpgp.org">keys.openpgp.org</a>. Choose the upload link from the main page, browse to your file, and upload it. Click<i> Send Verification Email</i>.<br />
</p><h4>
Make a Backup of Your Private Key</h4>
Earlier I wrote that if you forget your passphrase, you're toast. The same thing is true if you lose your private key. If you've followed these instructions, your private key is stored on your computer in Thunderbird's profile directory. A disk crash or a new computer might mean you can no longer decrypt mail that others send to you. To prevent that, make a backup of your private key now and any time you make a change.<br />
<br />
To do that, within Thunderbird's <i>End-To-End Encryption</i> panel, click "OpenPGP Key Manager." In the Key Manager, select your key and choose <i>File</i> ><i> Backup Secret Key(s) to File</i>. You will need to set a password. If you forget the password, you're toast. If someone else gets a copy of the file and guesses the password, you're toast. Copy the backup to a flash drive, preferably encrypted, or burn it to CD and guard it carefully. Maybe make more than one copy. I have a copy in the safe deposit box at my bank.<br />
<br />
Exporting your private key also exports your public key. If you ever need the backup, you will be able to import it.<br />
<h4>
What About Web Mail, Tablets, Smart Phones?</h4>
To be secure, encryption and decryption necessarily has to take place on the "end device," your computer, tablet, or phone. If it happened at your email provider's server, your email provider would have to have your key. If they have your key, they can divulge the contents of your email, perhaps accidentally or perhaps under a secret court order.<br />
<br />
If you were using a web mail client, it will still work, but you won't be able to send or read encrypted mail. The post on <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html">Using Encrypted Email</a> includes a brief discussion of Thunderbird Portable Edition, which will let you use encryption with others' computers.<br />
<br />
For phones and tablets, there is software for Android that will let you use encryption, and <a href="https://itunes.apple.com/us/app/opengp/id414003727?mt=8">software for iOS </a>that will allow reading, but not creating, encrypted messages. A <a href="https://itunes.apple.com/us/app/ipgmail/id430780873?mt=8">new iOS app</a> seems to provide full encryption and decryption. I've successfully installed <a href="https://play.google.com/store/apps/details?id=org.thialfihar.android.apg">APG</a> and <a href="https://play.google.com/store/apps/details?id=com.fsck.k9">K-9</a> on my Android tablet and can send and receive encrypted mail. I'll try to write some instructions presently. (Didn't happen.)<br />
<h4>
About Your Work Email</h4>
Even if you work for a very permissive organization, they probably wouldn't appreciate your adding encryption to your work email. Beyond that, free email accounts are readily available for personal use. I finally subscribed to a paid email service for my personal email on the basis that "free" is often worth the price charged. Mixing personal and work email can cause you serious problems. For some examples, search on "fired because of email" for stories like <a href="https://money.usnews.com/money/careers/articles/2008/08/04/7-ways-your-e-mail-can-get-you-fired" target="_blank">this one</a>.<br />
<h4>
Some Terminology</h4>
These definitions may help you navigate the documentation of the programs with which you will be working. <br />
<dl>
<dt><b>OpenPGP</b></dt>
<dd>OpenPGP is a standard describing a mechanism for both encrypting
and digitally signing files. Those files may be email messages or a "plain" data file. There is no "OpenPGP" program;
two programs that implement the OpenPGP standard are described below.</dd>
<dt><b>PGP</b></dt>
<dd>PGP was a company, since acquired by Symantec, and also the name of that company's products.
The PGP products implement the OpenPGP standard. They're commercial
products; they cost money. People pay Symantec money to get technical
support, regular product upgrades, etc. If you are installing
encryption for a company, and not for personal use, consider the Symantec
products or those offered by other companies. There was a free version of PGP, but it is now very out of
date and should not be used.</dd>
<dt><b>GnuPG</b></dt>
<dd>GnuPG, also called Gnu Privacy Guard or GPG, is a free and
open-source implementation of OpenPGP. As with other free software,
support consists only of forums, mailing lists, and web articles.
Upgrades and fixes are contributed by a dedicated group of volunteers.</dd>
<dt><b>Certificate</b></dt>
<dd>GnuPG refers to your public key and those of others as <i>certificates</i>
because that's what they are. What's produced is a public key with a digital signature
signed with the corresponding private key. That's a self-signed digital certificate.
While it doesn't provide any assurance of correct binding to an
identity, it <i>does</i> provide protection against tampering. </dd></dl>
<h4>
Ready for More Information? </h4>
Now that you have encryption set up, read <a href="http://bitmonger.blogspot.com/2013/05/using-encrypted-email.html" target="_blank">Using Encrypted Email</a>. For an overview of how this all works, try <a href="http://bitmonger.blogspot.com/2013/05/a-little-about-encryption.html" target="_blank">A Little About Encryption</a>.<br />
<br />
<b>Did You Do This?</b><br />
<br />
Every encrypted message is a tiny protest against the government's massive surveillance apparatus. Please encourage others by leaving a comment below. It can be as short as "I did it!" or as long as a description of your experience, but you really will help others. Please spread the word by sharing this post. Linking is easiest and lets me make updates, but the Creative Commons license lets you copy the entire post, too.<br />
<hr style="width: 75%;" />
<div style="text-align: center;">
<i>Copyright © 2013 by Bob Brown <br />Last update: 2021-03-14<br /></i></div>
<div style="text-align: center;">
<i> </i><a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license"><img alt="Creative Commons License" src="http://i.creativecommons.org/l/by-sa/3.0/80x15.png" style="border-width: 0px; display: block; margin: auto;" /></a></div>
<span property="dct:title" style="font-size: x-small;" xmlns:dct="http://purl.org/dc/terms/">It's Time to Encrypt Your Email</span><span style="font-size: x-small;"> by <a href="http://bitmonger.blogspot.com/2013/05/its-time-to-encrypt-your-email.html" property="cc:attributionName" rel="cc:attributionURL" xmlns:cc="http://creativecommons.org/ns#">Bob Brown</a> is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/deed.en_US" rel="license">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.
</span><br />
<hr style="width: 75%;" />
<i><i><span style="font-size: xx-small;">The quotation by Ken White is used by permission.</span></i></i>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-20140955423700349442013-01-21T20:04:00.001-05:002013-01-28T10:25:56.287-05:00DenyHosts Remove / Delete an IP AddressIf you got here from a search, it's because you're looking for a way to remove an IP address from the tables used by the DenyHosts program. Read on! <br />
<br />
<a href="http://denyhosts.sourceforge.net/">DenyHosts</a> is a nifty Python program that monitors Unix/Linux log files for failed SSH logins and, after a configurable number of attempts, adds the source IP address to /etc/hosts.deny. It's a simple but effective intrusion prevention system for SSH servers.<br />
<br />
I'm a college teacher and I operate a server that my students use via SSH. I run DenyHosts to stop SSH hacking, which happens all the time from all over the world. At the beginning of each semester, it's not unusual for several students to lock themselves out due to multiple failed login attempts. The DenyHosts FAQ gives <a href="http://denyhosts.sourceforge.net/faq.html#3_19">instructions for removing addresses</a> that should not have been added. It's a fiddly, time-consuming process, and I wanted to automate it. I wanted to be able to type:<br />
<div style="text-align: center;">
<span style="font-family: "Courier New",Courier,monospace;">denyhostsRemove 12.34.56.789</span></div>
and have the address removed from all the places from which it should be removed. (The IP address in the example is an obvious fake for obvious reasons!)<br />
<br />
Here is a bash script that will do that.<br />
<h3>
The Script</h3>
<b><span style="font-family: "Courier New",Courier,monospace;">#!/bin/bash<br />echo Removing $1 from denyhosts tables<br />WORK_DIR=/usr/share/denyhosts/data/ <br />IP=`echo $1 | sed 's/\./\\\\./g'`<br />service denyhosts stop<br />eval "sed -i /$IP/d /etc/hosts.deny" <br />eval "sed -i /$IP/d ${WORK_DIR}hosts" <br />eval "sed -i /$IP/d ${WORK_DIR}hosts-restricted" <br />eval "sed -i /$IP/d ${WORK_DIR}hosts-root" <br />eval "sed -i /$IP/d ${WORK_DIR}hosts-valid" <br />eval "sed -i /$IP/d ${WORK_DIR}users-hosts"<br />echo $1 >> ${WORK_DIR}allowed-hosts <br />service denyhosts start</span></b><br />
<br />
That's it; copy and paste this into a file in the root user's space, make it executable, and you're good to go! But before you copy-paste it (which you are encouraged to do) please read my notes below and any comments there may be.<br />
<h3>
The Notes</h3>
First let me say that I do not spend my days writing bash shell scripts. I am absolutely, positively certain this can be improved upon. I'm certain it's not bullet-proof, and it's probably not even bullet-resistant.<br />
<br />
If you can help by improving on it, please make comments below. You'll help me and everyone who finds this page and considers using this script.<br />
<br />
There's no error checking in what's above. I'm not even sure what should be checked, much less how to go about checking it. Deletion of lines will fail silently if the script is given a bogus IP address or a correctly-formed address that doesn't exist in the files edited. However, it <i>will</i> add whatever is given as an argument to the end of the allowed_hosts file; That's probably not what is wanted if the argument to the script is bad.<br />
<br />
There should probably at least be a check for the argument being empty because that'll create an empty line in the allowed-hosts file. Ideally, one would validate that the argument was four numbers 0-255 separated by periods.<br />
<br />
One could go even further and exclude 127.0.0.* and any IP address with a zero first octet. There may be other things that should be excluded.<br />
<br />
There may be a way to set WORK_DIR for a specific installation. I used the default, and so the script will have to be edited for those who did not.<br />
<h3>
How it Works</h3>
Most things should be pretty obvious. The fourth line, where $IP is defined, escapes the periods in the IP address so the address can be used in a regular expression. The lines that begin with "eval" delete any line with the given IP address from the file specified. The -i switch instructs sed to write the edited file back to the input. I understand that not all versions of sed support -i. Be sure to test.<br />
<br />
<b>Beware! </b>The second-from-last line:<br />
<div style="text-align: center;">
<span style="font-family: "Courier New",Courier,monospace;">echo $1 >> ${WORK_DIR}allowed-hosts</span></div>
<span style="font-family: inherit;">appends the given IP address to the allowed-hosts file. This will keep it from being blacklisted again. That may not be what you want to do in general, and it's certainly not what you want to do if you run this with an invalid IP address.<b> </b>Remove or comment that line of you want to allow an address to be listed again, and be sure to edit the allowed-hosts file if you accidentally run the script with an invalid address.<b><br /></b></span><br />
<br />Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-37810104565394090262012-07-14T17:46:00.000-04:002014-08-17T21:26:31.059-04:00Six Simple Rules for Secure Storage of PasswordsA few weeks ago, password files from LinkedIn, Last.fm, and eHarmony were released by crackers. Yesterday it was Yahoo and today it's nVidia and Billabong, an Australian clothing retailer. The Yahoo and maybe Billabong passwords were stored as plain text, a particularly egregious mistake.<br />
<br />
In (a tiny bit of) defense of the yahoos at Yahoo, the file that was stolen and released came from a system not developed at Yahoo. Yahoo bought Associated Content and renamed it Yahoo Voices. Apparently no one at Yahoo thought to do a security audit of the systems they acquired when they bought Associated Content.<br />
<br />
Unhappily for over 400,000 people, Associated Content and later Yahoo used email addresses for user IDs. Other organizations do this too. All the time. In at least some cases, it is likely that the hapless subscriber used the same password for Yahoo as for the email account. Oops! <br />
<br />
Securing passwords is not rocket science. Here are six simple rules for securing stored passwords. Toward the end, I'll give you a seventh rule that might have saved Yahoo's bacon even though they violated rules two through six and maybe rule one.<br />
<ol>
<li>Plain text passwords must be transmitted from user to host over an encrypted connection, <i>e.g.</i> SSL/TLS. </li>
<li>No password will ever be stored in plain text; all passwords will be hashed. </li>
<li>The password hash will use a salt of non-trivial length, <i>e.g.</i> 128 bits. </li>
<li>Each password must have a different, random salt. </li>
<li>The hash function must be resistant to collision attacks. </li>
<li>The hash function must be computationally expensive and difficult to parallelize. </li>
</ol>
Let's look at each one of these in turn. <br />
<br />
<h3>
Plain text passwords must be transmitted from user to host over an encrypted connection</h3>
This one ought to make sense right on its face. If someone can install a <a href="http://en.wikipedia.org/wiki/Packet_analyzer">network sniffer</a> between a user's web browser and the the server they're trying to talk to, that someone can capture passwords unless they're encrypted. I've never worried much about the garden variety hacker capturing passwords with a sniffer. Unless they could get close either to my computer or the the server I want to talk to, it would be like drinking from a fire hose. However, if the FBI, CIA, NSA, and/or Sheriff are after you, they can probably do it. The same is likely to be true in certain other countries. Using an encrypted connection makes it<i> much harder</i> to snoop on passwords as they're sent to the server.<br />
<h3>
No password will ever be stored in plain text; all passwords will be hashed</h3>
"Hashed" means that when we set up the account for someone on our server, we transform the password into gibberish, or "<a href="http://en.wikipedia.org/wiki/Cryptographic_hash_function">hash</a>." To produce the hash, we want to use a function that cannot be undone. So, given the hash value, there is no way to "decrypt" it to recover the original password. If an attacker succeeds in capturing the password file, he or she still cannot undo the hash; the passwords are safe. (Not.)<br />
<br />
After an account is set up with the hashed password, when our user wants to log in, we just run the hash function using the password supplied with the login attempt. If the result of hash function gives the same value that was stored when the account was set up, we believe that the password given matches that when the account was set up, and allow access. (But, see the section on collision resistance below.)<br />
<h3>
The password hash will use a salt of non-trivial length</h3>
Although you cannot undo a password hash to recover passwords from the hashed file, it isn't really necessary to do so. An attacker can take a large electronic dictionary plus a list of commonly used passwords and run the whole list through the hash function. The attacker now has a list of dictionary words and their hashes. If a hash from the stolen password file matches a hash in the attacker's list, the attacker has determined the password, and done so without inverting (or "decrypting") the hash. How does an attacker know which hash algorithm to use? <a href="http://en.wikipedia.org/wiki/Kerckhoffs%27s_principle">Kerckhoffs' Principle</a> says that, to be secure, we must assume that an attacker knows the system. A determined attacker can try many hash algorithms. As soon as one produces a hit, the attacker knows that's the one in use.<br />
<br />
To defend against the use of dictionaries of plain text words and their hashed equivalents, we add some random bits to the password before hashing it. Cryptographers call this a "<a href="http://en.wikipedia.org/wiki/Salt_%28cryptography%29">salt</a>." If we just add a zero or a one bit, now an attacker must compute the hashed dictionary twice, once for the case of zero and once for the case of one. That doesn't help much, but if we add 12 random bits, the attacker needs 4,096 encrypted dictionaries. Adding 32 random bits to the password before hashing it means the hacker has to make 2<sup>32</sup> or more than four billion encrypted dictionaries. With 128 bits, the attacker would need 2<sup>128</sup> encrypted dictionaries. That's a Very Large Number Indeed. (It's about 3.4×10<sup>38</sup>.) Pre-computing that many copies of a hashed dictionary may be theoretically impossible because of the amount of energy required for the computation.<br />
<br />
Of course, we have to store the salt someplace, and if an attacker can get the password file, the attacker can probably get the salt, too. That leads to the next rule.<br />
<h3>
Each password must have a different, random salt</h3>
Instead of just one salt for everyone, use a different, random value for each user. You only have to calculate it once, and you store it with the password hash. By making the salt very large (see above), a system could have millions, or even hundreds of millions, of users but the chance that two users would get the same random salt remains very small. Now the attacker has to hash the dictionary file for every user password to be tested. The problem just got significantly harder.<br />
<br />
Each salt must be as close as we can get to truly random; if you use
something like user ID for the salt, an adversary can predict it. Such random numbers are generated using an algorithm called a <a href="http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator">cryptographically secure pseudo-random number generator</a>.<br />
<br />
A second salt, called a "key," used system-wide and not stored with the hashed password adds still more work for the bad guys. Such a scheme is called a "keyed hash." One place to store the key is as a constant in the programs that process passwords. <br />
<h3>
The hash function must be resistant to collision attacks</h3>
A hash <a href="http://en.wikipedia.org/wiki/Collision_attack">collision</a> occurs when two different passwords generate the same hash. For example, if "icecream" and "darkbeer" both generate the hash "etaionshrdlu" then either password can be used to log on to the account which has that hash. (By the way, both of those are pretty miserable passwords.) The salt helps, but we still need to avoid collisions. If "darkbeer" isn't in the cracker's dictionary, but "icecream" is, they've <i>still </i>cracked your password!<br />
<br />
Happily, cryptographers know all about collision attacks, and so they design hash functions that are resistant to such attacks. Perhaps now is a good time to caution you against "roll your own" cryptography. It turns out to be surprisingly hard to do right, and you don't need to. There is software that will do what you need, freely available.<br />
<h3>
The hash function must be computationally expensive and difficult to parallelize </h3>
We should be more worried about criminals cracking passwords than about "hackers" cracking passwords. <a href="http://en.wikipedia.org/wiki/Willie_Sutton">Willie Sutton</a> robbed banks because "that's where the money is." Criminals want to steal your login credentials for the same reason, and some of them can devote impressive resources to the task. When we say that the hash function must be computationally expensive, we only mean that it takes the computer a long time to turn the plain text password into the hash code. You won't care, and probably won't even notice, if it takes a quarter second longer to log in to some server. However, if each try at password guessing takes a quarter second, that's four guesses per second for the attacker, instead of potentially billions of guesses per second.<br />
<br />
Graphics cards with multiple processors are available and cheap. If an adversary can spread computation among multiple processors, then "computationally expensive" might no longer mean "slow." So, the hash function should be designed so that it is difficult or impossible to divide the work among multiple processors.<br />
<h3>
About users and passwords</h3>
Your users will pick terrible passwords. No amount of programming can completely prevent that. Attackers know this, and they'll try common passwords even if you've made a brute force attack too difficult. For some fun reading, type <a href="http://www.google.com/search?q=100+most+common+passwords">100 most common passwords</a> into your favorite search engine and have a look at a few of the lists. (<i>Um,</i> and if you find any of your passwords on any of the lists, <i>change 'em right now!</i>) <br />
<br />
You can help users pick good passwords by providing some guidance and, most especially, providing for very long pass phrases. To see what I mean, check this <a href="http://xkcd.com/936/">cartoon from XKCD</a>. Suggest that, when people register on your site, that they pick a pass phrase rather than a password, and maybe even link to XKCD.<br />
<br />
Some security experts will disagree with me, but I think trying to force particular combinations, like "one uppercase letter, one number, one punctuation character" makes matters worse rather than better. It encourages people to re-use passwords or to write them down. Writing passwords down isn't necessarily bad in and of itself, but it provides an opportunity for something else to go wrong.<br />
<h3>
About these six simple rules</h3>
Following these six simple rules will make it much harder for attackers who steal your password file to recover plain text passwords. Following the rules does not make guessing impossible, so if there's a breach, you <i>have to notify people</i>. With luck, the things you've done will provide time for you to notify your subscribers in case of a breach and for them to change their passwords elsewhere. They'll also keep people from saying (about <i>us</i>) "How could they be so stupid?"<br />
<br />
None of these things will prevent your password file from getting stolen in the first place. That's a subject for another day, but see below for one suggestion. None of these things will save the user who chooses "keepout" for a password.<br />
<br />
One last thing about the simple rules above. Attackers can't easily recover a password even if they have the password file. <i>Neither can you!</i> So, you'll have to provide a mechanism for the hapless person who forgets a password to reset it. There is no way to tell them what it was. Another subject for another day is how to keep an adversary from subverting the password reset process, but it's something to worry about.<br />
<h3>
Password software</h3>
There is time-tested software, developed by real cryptographers, that will help you store passwords in a way that meets the last five tests. (You have to use SSL or TLS to meet the first one.) If you're storing passwords, look into bcrypt, scrypt, or PBKDF2. This really isn't rocket science. One just needs to understand the need to do it. There is an excellent tutorial, with example software, at <a href="https://crackstation.net/hashing-security.htm">crackstation.net</a>. If you're implementing a password storage system, or your're just curious about the mechanisms, it's quite worth the read.<br />
<h3>
The seventh rule: Parameterized queries</h3>
The Yahoo password file was stolen through an <a href="http://en.wikipedia.org/wiki/SQL_injection">SQL injection attack</a>. It seems possible that others were stolen in the same way. SQL injection is also a subject for another day, but one bit of advice will stop SQL injection attacks cold: use <a href="http://en.wikipedia.org/wiki/Prepared_statement">parameterized queries</a> for all database operations.<br />
<br />
May password file compromise never happen to you. <br />
<br />Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-89281450109968392232012-01-07T17:40:00.000-05:002014-06-28T01:41:38.543-04:00Total Defense, Anti-Virus, Etc.The experience I have with Total Defense and the Total Defense anti-virus product is worth warning others about. If you're thinking about buying something from Total Defense, read on. <br />
<br />
I gave up paid computer consulting a year or so ago when the last company I was working with was sold. I still do some unpaid consulting, including for a doctor who gives away more medical care than he charges for. Some years ago I bought, with his money, a Computer Associates (CA) perpetual license for their anti-virus product. All was well for five years. Yesterday I uninstalled one license from one of the practice's three computers to move it to a new one. When I installed it on the new computer, it immediately reported that it was expired!<br />
<br />
Well, I'm careful when I spend other people's money, so I had the order number, license keys, etc. all at hand. "This won't be a problem," says I, "I'll just call customer service and they'll tell me how to fix it."<br />
<br />
Didn't work. I reached a woman with a barely-understandable Indian accent who pretended not to understand the meaning of "perpetual." When I insisted that they look up the original order using the order number I had right in front of me, I was told that technical support could not do that, but they'd transfer me to customer service. OK. There was an interminable wait, then a man with Yet Another thick Indian accent insisted over and over that I "just have to pay the renewal fee." This man also pretended not to understand "perpetual," even after looking up the order. He also completely ignored my many requests to talk with a supervisor. I finally, after 23 minutes of this, hung up in frustration rather than saying what I thought of this treatment, which, of course, is exactly what they wanted me to do. (Yes, I <i>am</i> tough enough to be polite even in circumstances like this one.)<br />
<br />
Bottom line: the people at Total Defense, "a former division of CA" will not help you when things go wrong.<br />
<br />
The good news is that Microsoft Security Essentials seems, from all reviews, to be an effective AV product. It has had time to mature. (It was introduced in fall of 2009.) And it's free for home and small business use! It works with 32 bit XP and both 32 and 64 bit Windows 7. <a href="http://windows.microsoft.com/en-US/windows/products/security-essentials%20">http://windows.microsoft.com/en-US/windows/products/security-essentials </a><br />
<br />
Bye, Total Defense! See you around!Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com3tag:blogger.com,1999:blog-3815860363664999491.post-82795169397757075832011-11-22T22:05:00.008-05:002011-11-22T22:39:01.652-05:00Did the ISP Supply a Bridge or a Router?This week I helped two friends configure wireless devices and get them working. In both cases, the root of the problem was understanding what services were provided by the <abbr lang="en" title="Internet Service Provider">ISP</abbr>'s device and what services should be provided by the wireless device. In one of the problematic cases, a cable connection, the ISP supplied a transparent bridge that allowed a single device to be configured using <abbr lang="en" title="Dynamic Host Configuration Protocol, a mechanism for automatically configuring computers for a particular network.">DHCP</abbr> and provided a registered <abbr lang="en" title="Internet Protocol">IP</abbr> address. In the other case, a <abbr lang="en" title="Digital Subscriber Line">DSL</abbr> connection, the ISP supplied a consumer-grade router with network address translation, <abbr lang="en" title="Domain Name System, the system that translates names like google.com to Internet Protocol addresses">DNS</abbr> forwarding, and the ability to configure clients using DHCP. Configuring the wireless device properly required an understanding of the ISP's device.<br />
<h2>Definitions:</h2>For the purposes of this document, <i>bridge</i> and <i>router</i>, when applied to the device supplied by the ISP, have the following meanings.<br />
<h3>Bridge</h3>A <i>bridge</i> supports a single IP address and serves to translate (bridge) between one transmission medium and another, for example, between TV cable and Ethernet, between DSL and Ethernet, or between Ethernet and WiFi.<br />
<h3>Router</h3>The term <i>router</i> is misused slightly here to mean a consumer product that requires a single IP address on its outside (wide area network, or WAN) port and supports multiple client devices, each with its own IP address, on its LAN ports. To support multiple “inside” IP addresses, a consumer router necessarily implements network address translation, or NAT. It generally also provides DHCP configuration of clients and DNS forwarding. It could optionally provide a bridge between media types. It might provide other services, such as <abbr lang="en" title="Network Time Protocol">NTP</abbr> relaying.<br />
Although I've misused the term <i>router</i> slightly, my use here is consistent with industry practice and shouldn't confuse anyone. Strictly speaking, a "router" connects different networks,<i> i.e</i>. networks where the network part of the IP addresses are different. A consumer-grade wireless device does that, but also provides the other services listed above.<br />
<h2>Algorithm:</h2><pre>IF the ISP device operates in bridge mode
then set up the wireless device as a router
ELSE
// The ISP device is a router, so
Set up the wireless device as a bridge </pre><pre> </pre>So, the key question becomes, "Did the ISP supply a bridge or a router?"<br />
<h2>Is the ISP device a bridge or a router?</h2><h3>Data Collection</h3>Record any manufacturer information or model numbers on the physical device. Google is your friend.<br />
Connect a device running Microsoft Windows to a port on the ISP device, open a command window, and issue the command <b>ipconfig /all</b> <br />
<br />
Find the section of output labeled <i>Ethernet adapter Local Area Connection</i> and record the following:<br />
<br />
IP address: ___________________________<br />
<br />
Subnet mask: _________________________<br />
<br />
Default gateway: ______________________<br />
<br />
DHCP server: _________________________<br />
<br />
DNS servers: ________________________<br />
<h3>Testing and Inference</h3><i>Assumption:</i> a device such as a laptop that’s plugged directly into the ISP device “just works,” so it was configured using DHCP and there’s a DHCP server someplace in the ISP's infrastructure.<br />
<ol><li>If there are two ISP boxen, the one connected to the TV cable or DSL line is almost certainly a bridge and the “inner” one a router. Consider the pair together to be a router.</li>
<li>If there’s only one Ethernet connector on the ISP box, it’s probably a bridge. If there are multiple connectors, it’s probably a router. </li>
<li>If the IP address from the data collection step is <b>not</b> one of the following, it’s almost certainly a bridge:<br />
10.x.x.x<br />
172.16.x.x to 172.31.x.x<br />
192.168.x.x</li>
<li>If the default gateway and DHCP server are not the same IP address, it’s almost certainly a bridge.</li>
</ol><h3>Acid Test</h3>If there are multiple Ethernet ports on the ISP box, connect two client devices to two of the ports. If both clients work and report different IP addresses <b>within</b> the ranges listed in step 3 above to <b>ipconfig /all</b> then the ISP device is a router with probability one. Otherwise, it’s almost certainly a bridge.<br />
<br />
If there’s only a single port, establish a configuration like this:<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/-bztgNj40Xus/TsxiF5L27nI/AAAAAAAAAGg/Y4ZONwqxqXw/s1600/bridge_or_router.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Diagram showing two computers connected to the ISP's device" border="0" height="175" src="http://4.bp.blogspot.com/-bztgNj40Xus/TsxiF5L27nI/AAAAAAAAAGg/Y4ZONwqxqXw/s320/bridge_or_router.png" width="320" /></a></div><br />
If both clients work and report different IP addresses <b>within</b> the ranges listed in step 3 above to <b>ipconfig /all</b> then the ISP device is a router with probability one. Otherwise, it’s almost certainly a bridge.<br />
<h3>Of Course, It Could Be a Duck</h3>Most consumer grade routers can be configured to operate in bridge mode. Unless you can get access to the configuration mode of the ISP device, if it acts like a bridge, treat it as a bridge. If it acts like a router, treat it as a router.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-42451821913487558552011-06-08T15:06:00.000-04:002011-06-08T16:12:38.749-04:00Turn Off Facial Recognition on FacebookFacebook has quietly (silently!) rolled out a feature that attempts to identify your face in pictures your friends upload, and then suggests that they "tag" you in such pictures.<br />
<br />
Your first reaction might be, "So what? They're my friends... they're going to tag me anyway." Well, maybe, but maybe not. It depends upon what's in the picture, why it was uploaded, and how much value your friends put on your privacy. Imagine, say, a wedding reception. The bride and groom are the center of attention, looking beautiful and handsome, respectively. But, in the background, is me, or maybe you, with a death grip on a beer and chatting animatedly with the bride's little sister. In the ordinary scheme of things, the guy with the beer probably wouldn't get tagged, but if Facebook suggests it... well, have <i>you</i> ever clicked "OK" without thinking?<br />
<br />
"So what? Everybody drinks at wedding receptions." Well, maybe, but do you <i>really</i> want to be the guy with the beer in more than perhaps one picture? Or something equally innocent that could be misinterpreted?<br />
<br />
Then there's the question of accuracy. Maybe all overweight white guys with grey beards look alike to Facebook's software. "Surely my friends would notice the mistake and fix it." Well, maybe... have you ever clicked "OK" without thinking.<br />
<br />
Don't forget Mark Zuckerberg's dream of world conquest. After enough pictures get tagged, Facebook's facial recognition software will know what you look like. When will "they" decide to turn on automatic recognition? And for the huge volume of pictures that have already been uploaded?<br />
<br />
Am I paranoid? Facebook's history of stepping on privacy says not.<br />
<br />
Convinced? OK... here's how you turn this "feature" off. This stuff is well hidden, so stay with me. If the screen shots are hard to read, click on them to expand them.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-TwFOiIyNw6M/Te_E8DjLTNI/AAAAAAAAABo/hT6x18CoH3o/s1600/fb1.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><br />
</a></div><div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-cpwFdiAqhyo/Te_GpmDeNsI/AAAAAAAAABw/2kUG-fcJvsQ/s1600/fb1.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://1.bp.blogspot.com/-cpwFdiAqhyo/Te_GpmDeNsI/AAAAAAAAABw/2kUG-fcJvsQ/s1600/fb1.gif" /></a></div><div style="font-family: Arial,Helvetica,sans-serif;">In the upper right of your Facebook page, click "Account" and select "Privacy Settings." (Notice that I've blurred the images of others that appear in this screen shot.)</div><div style="clear: both;"><a href="http://3.bp.blogspot.com/-J12bizloTE8/Te_F-7Ht5FI/AAAAAAAAABs/Yr0twkEBiXw/s1600/fb2.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="236" src="http://3.bp.blogspot.com/-J12bizloTE8/Te_F-7Ht5FI/AAAAAAAAABs/Yr0twkEBiXw/s320/fb2.gif" width="320" /></a><br />
<div style="font-family: Arial,Helvetica,sans-serif;">Within "Privacy Settings" find the "Sharing on Facebook" section and click on "Customize Settings." (Told you it was hidden!)</div></div><br />
<div style="clear: both;"><div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/-tOb77wFzFrY/Te_HTB3tZRI/AAAAAAAAAB0/eoXyFkcF_Q8/s1600/fb3.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="128" src="http://4.bp.blogspot.com/-tOb77wFzFrY/Te_HTB3tZRI/AAAAAAAAAB0/eoXyFkcF_Q8/s320/fb3.gif" width="320" /></a></div><div style="font-family: Arial,Helvetica,sans-serif;">Finally, next to "Suggest photos of me to friends," click the "Edit Settings" button and change the setting to "Disabled." Click "Okay" to save your changes.</div></div><br />
<i><br />
</i><br />
<div style="clear: both;"><i>Whew!</i> That was a lot of trouble. However, you've turned off automatic recognition of your mug. For now.<br />
<br />
However, don't forget that Facebook's software can still learn what you look like because your friends have probably already tagged pictures of you by hand and will probably do so again in the future. <i>EEeeww!</i></div>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-38655374151432378952010-01-08T14:03:00.000-05:002014-04-21T08:15:24.981-04:00Rescuing a Dead PC<b>Note: This was written in 2010; some parts are specific to Windows XP.</b><br />
<hr />
<br />
Three times in the past week colleagues and I have been confronted with computers where the hardware was OK, but the software had been compromised to the point that the computer wouldn't boot. In one case, a re-installation of the operating system fixed the problem, but at a loss of some irreplaceable data.<br />
<br />
Having had my fingers in all three of these, it seemed like a good time to make some notes. There are numerous other ways of dealing with this problem, but what I've written here is likely to work in a majority of cases, and is likely to preserve one's data in most cases. This method also uses tools that are accessible to almost everybody. (I guess I have to add that, while this has worked for me, these suggestions are presented without warranty; if any of these steps don't make sense to you, it is probably time to get help.)<br />
<br />
I've added a couple of notes at the end about recovering from a lost Windows password, and what to do if a system screen, like "Help and Support," either won't open at all or opens to a blank screen.<br />
<i><br />
</i><br />
<i>Before trouble strikes...</i><br />
<br />
<b>Assemble a Crash Kit</b><br />
<br />
Your "crash kit" should include:<br />
<ul>
<li>A USB-attached external hard drive</li>
<li>A copy of the PING software or other partition image software</li>
<li>A bootable Windows rescue disk</li>
<li>The hardware manufacturer's Windows install disk, plus drivers, etc.</li>
</ul>
You might also want to include bootable anti-virus rescue disks in your kit, and possibly a second USB drive. (If you get two, <i>label them</i>!)<br />
<br />
Get a little satchel for this stuff and keep it all together in one place. A plastic tackle or tool box from a hardware store is ideal. You will also want a "CD wallet" to hold the CDs so they don't rattle around loose in the box.<br />
<br />
You are going to use the USB drive to make backup copies of data, so it needs to be about twice as big as the biggest hard drive you have. I've had good luck with Buffalo Drivestation brand drives, and colleague recently bought a 1 TB Drivestation for $114.<br />
<br />
PING is a partition imaging program available here:<a href="http://ping.windowsdream.com/"> http://ping.windowsdream.com/</a> It is free, but there's a way to make a donation. I encourage you to do so since this will be a part of your operational kit. I suggest 40 Euros, about $60. Make a PING disk and save the ISO image on your USB drive. (Make a "tools" directory for this stuff.")<br />
<br />
It is easy to find instructions for making a rescue CD. One that I have tested, but not rigorously, is here: <a href="http://www.howtohaven.com/system/live-windows-rescue-cd.shtml">http://www.howtohaven.com/system/live-windows-rescue-cd.shtml</a> Substitute "SP3" for "SP2" in the instructions. Test the disk that you make. Save an ISO image of it on your USB drive in the Tools directory.<br />
<br />
Kaspersky, F-Secure, and BitDefender all provide free, bootable anti-virus rescue disks. You might want at least one, and maybe all three, in your crash kit. (Trouble is, something that gets by your own anti-virus might slip past those, too.)<br />
<br />
I'm pretty sure you want a copy of Malwarebytes' Anti-Malware. There is a free license for personal use, and also technician and corporate licenses. I urge you to pay the appropriate license fee if it becomes a part of your regular procedures. Even if you use it only once, pay the $25 for the personal license and help keep these people in business.<br />
<br />
You should get a copy of Secunia's Software Inspector. There's a free Personal Software Inspector for personal use and licensed versions for corporate use. <br />
<br />
"Rip" ISOs of the manufacturers' disks onto your USB drive so that you have one for each flavor of machine you support, and also include physical CDs. (You make the Tools directory so that you can reproduce the CDs if something happens to one, not to use directly.)<br />
<br />
<b>Using the Crash Kit</b><br />
<br />
When faced with a machine that won't boot, or won't operate as intended because of some kind of software problem, including virus or spyware infections, do these things:<br />
<br />
<i>1. Free up space on the USB drive:</i> If you have used the USB drive previously, you may need to delete subdirectories from previous rescue operations to make space on the drive. You need about twice as much space as the space used on the drive being rescued.<br />
<br />
<i>2. Make a copy of the failed machine's disk:</i> From a working computer, create a subdirectory to identify the computer being repaired. Example: for a Dell computer, create a subdirectory using the service tag number as the name. Make an "image" subdirectory below that. With the failed machine turned off, connect the USB drive and boot from the PING CD. (Having the machine off when you connect the USB drive guards your USB drive against malicious software on the failed machine.) Use PING to make a copy of the failed partition, usually <b><span style="font-family: "Courier New",Courier,monospace;">C:</span></b> in the new "image" subdirectory on your USB drive. Now you can get back to the starting point no matter what else happens.<br />
<br />
PING can copy about 30 GB an hour, so allow some time for this step. The result is a series of binary files, each sized to fit on a CD. However, you can also use a working PC to restore the image files to a second USB drive. Now you can copy data files, etc. However, a USB-to-USB transfer will be very time-consuming, and it isn't time to do that yet. The PING copy is only for backup purposes at the moment.<br />
<br />
Some people might prefer to make a "direct image copy" of the disk in the failed machine, and there are software products that do that, too. You'll have to use your USB disk a little differently if you go that route. You'll probably have to set up a "recovery" partition onto which to load the image.<br />
<br />
<i>3. Try to repair the boot records:</i> If the computer won't boot at all, it may be as simple as a corrupt boot record. Boot from the manufacturer's Windows install disk, type R to get to the recovery console, provide the administrator password, select the proper partition, and type<b><span style="font-family: "Courier New",Courier,monospace;"> fixboot c: </span></b> You might also attempt to repair the master boot record with <b><span style="font-family: "Courier New",Courier,monospace;"> fixmbr</span></b>. Microsoft warns that one might corrupt the partition table if the MBR is infected with a virus and suggests running a virus scan before attempting to repair the MBR. You can list the partition table with the <b><span style="font-family: "Courier New",Courier,monospace;">map</span></b> command of the recovery console. Take some notes!<br />
<br />
There is more information about the recovery console here: <a href="http://support.microsoft.com/kb/314058">http://support.microsoft.com/kb/314058</a><br />
<br />
If you can boot after repairing the boot records and everyting "looks OK," go to step 8.<br />
<br />
<i>4. Run anti-virus software:</i> If the problem is known or suspected to be malicious software, you can run one (or more) of the bootable scanners. These take many hours (allow overnight) to run and may not really help because a virus that escaped the installed anti-virus program (you <i>do</i> have an installed anti-virus program, right?) may escape the bootable scanner, too. The good news is, that if one of these works, you're nearly through! <br />
<br />
If running anti-virus corrects the problem and you are reasonably certain that any malicious software has been eradicated, go to step 8.<br />
<br />
<i>5. A. Boot from the rescue disk:</i> After making the image, shut down the machine and boot from the rescue disk with the USB drive still attached. You can now "rescue" files by copying them to the USB drive in the directory for the machine being serviced. If the problem is malicious software, be careful not to copy executable-type files. See <a href="http://antivirus.about.com/od/securitytips/a/fileextview.htm">http://antivirus.about.com/od/securitytips/a/fileextview.htm</a> for a list of files to worry about.<br />
<br />
<i>5. B. Copy files:</i> Copy the files to be rescued to corresponding subdirectory names on the USB drive. You may want to copy the entire Documents and Settings subdirectory. Be sure you get the user.id file for Lotus Notes users. Talk to the user of the machine in trouble about what other files may need to be saved. (Remember, you still have an image of the whole disk. You can "back up" as long as that image exists on your USB drive, so a missing file isn't a disaster until you finally erase the image.)<br />
<br />
<i>6. Do a Windows upgrade/repair install:</i> Boot from the manufacturer's Windows install disk and choose "install windows." The installer should detect the presence of the current Windows installation on the hard disk and ask whether you want to "upgrade" or perhaps "repair" the installation. That's the right answer unless you're trying to eradicate stubborn malicious software. The Windows repair/upgrade installation will replace Windows files and registry entries as necessary to get a bootable system, but will (try to) preserve data and installed programs, along with their registry entries.<br />
<br />
If you can boot after the upgrade/repair install, go to step 8.<br />
<br />
<i>7. Do a fresh install of Windows:</i> This has the effect of driving a stake through the heart of everything on the disk, good or bad, and burying it at a crossroads at midnight. This is a last-resort kinda thing to do. But, if the hardware is healthy, this is almost certain to get you back to a working machine. The possible exceptions are malicious software that has written to the computer's flash memory or to reserved areas on the disk. Those problems are beyond the scope of this article.<br />
<br />
<i>8. Update, virus scan, restore point:</i> You're almost there! Run Windows Update repeatedly until it finds no high priority updates. Install and run F-Secure's Blacklight rootkit eliminator from here: <a href="http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/index.htm">http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/index.htm</a>l Install and run Secunia's Personal Software Inspector from here: <a href="http://secunia.com/vulnerability_scanning/personal/">http://secunia.com/vulnerability_scanning/personal/</a> or use the appropriate commercial version. Update any out-of-date software found by the PSI scan. Make sure virus definitions are up to date and run a full anti-virus scan. This will probably take overnight to complete. Create a system restore point and return the machine to service.<br />
<br />
<b>Blank "Help and Support" (or other) Screen</b><br />
<br />
If you try to run Windows Update or System Restore from the Help and Support link, you may find that Help and Support will not start, or that it displays a blank screen. Several Microsoft (and other) programs use the Internet Explorer rendering engine to manage their displays. Remove IE using Add/Remove programs and reinstall it. Alternatively, just re-installing IE 8 from the Microsoft download page may fix this problem.<br />
<br />
<b>Lost Windows Password</b><br />
<br />
PING can blank the local administrator password on a computer, allowing you to reset both administrator and user passwords.<br />
<br />
<b>No Network Access</b><br />
<br />
If a computer is otherwise working as it should, but has either no network access at all or no Internet access, a possible problem is a failed uninstall of a Norton security product. This sympton can show up months or years after removing a Norton product if a remaining module is "tickled" by some other software change. If you are not currently using Norton products, download and run <a href="http://service1.symantec.com/support/tsgeninfo.nsf/docid/2005033108162039">Symantec's Norton Removal Tool</a>. <i>Be sure</i> you read the warnings, especially about ACT! and WinFax before you do this.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com1tag:blogger.com,1999:blog-3815860363664999491.post-11255989944160724602009-11-18T00:13:00.000-05:002009-12-16T23:17:09.757-05:00CLEAR InternetI <i>really-really-really</i> wanted to fire AT&T on Sunday after their automated troubleshooting system told me there was no problem and hung up in my ear.<br />
<br />
So, I went to CLEAR.com and gave them my credit card number. (Big mistake.)<br />
<br />
They have a cute application that will take the MAC address of your laptop's wireless modem and tell you whether it will do WiMAX. I typed mine in and it said, "Yea, verily, you can do WiMAX." Unhappily, it lied to me. More on that in a moment.<br />
<br />
In the meantime, my CLEAR home modem came today. Oh, boy! I'll set that sucker up and fire AT&T! Revenge is nigh. (Wrong again, dog breath!) <br />
<br />
Before decomposing my whole home network, I connected the CLEAR modem to a ThinkPad and fired it up. Two bars on the signal strength scale; only one bar if I stand close by. {Sigh.} But maybe it will be OK... I'll run the <a href="http://www.speakeasy.net/speedtest/">Speakeasy Speed Test </a>and See What Happens (tm);. Maybe it'll be OK.<br />
<br />
Too bad... you can't run <i>anything</i> on CLEAR without accepting their on line agreement. They present the agreement in a scrolling text box that's about five lines high, but they do provide a link to a <a href="http://www.emorycottage.net/misc/Welcome%20to%20Clear.pdf">printable version</a>. If you are signing up with CLEAR, <i>print it!</i> And <i>read it!</i> You really need to read this. Among other things, you agree to binding arbitration. You might also be agreeing to termination fees, too. The text of the agreement is ambiguous. Since it was written by lawyers, I have to believe that was purposeful. {Sigh} Since it was written by CLEAR's lawyers, I have to believe it is to CLEAR's advantage. And so, I worry about it.<br />
<br />
The binding arbitration clause means you give up your right to sue and your right to trial by jury. If I were pretty sure CLEAR was going to work, and/or I were pretty sure I knew what my financial exposure was, that would be OK. However, you have to accept the onerous click-wrap agreement before you can test, and that is <i>not</i> OK. <i>Don't do it!</i><br />
<br />
I mucked around with the modem's Web interface before I fired CLEAR. You can turn DHCP off, but I couldn't figure out how to set the "inside" address for the modem. (The outside address is determined by CLEAR.) Not being able to set the inside address is a problem if you have a non-trivial home network, as I do.<br />
<br />
CLEAR doesn't have an email support option. (Don't want a written record?) The on-line chat support was responsive (time-wise) but not helpful. ("You have to accept the agreement before you can use the service." Well, I <i>knew</i> that! That's the crux of the problem.) They did give me a toll-free number to cancel service, and that appears to have worked. They're supposed to be sending me a return label for the modem. We sh'll see.<br />
<br />
And then there's that cute app that determines whether one's laptop speaks WiMAX. As I mentioned earlier, it lies. So, I found out about the lie after I ordered (for $$$) a suitable WiMAX modem for my laptop. It hasn't arrived yet, and I won't be able to use it when it does. Too bad for me. I should have kept my pants on and tested CLEAR before I ordered the modem for the laptop. (Not from CLEAR.) Oh, well. One lives and learns If one is lucky.<br />
<br />
Bottom line: CLEAR has an <a href="http://www.emorycottage.net/misc/Welcome%20to%20Clear.pdf">onerous contract</a> to which you'd be a fool to agree. Their lawyers think we're fools. Time to prove them wrong. <i>Don't buy </i><b>anything</b><i> from these turkeys!</i> You cannot tell (because the document is ambiguous) what you're agreeing to, and you <i>have</i> agreed to binding arbitration. Don't <i>do</i> it!<br />
<br />
<i>On December 12, 2009...</i><br />
Clear did send a return shipping label, and they sent it promptly. They went up a couple of notches in my estimation because of that. Unhappily, the increased estimation was temporary.<br />
<br />
It took a couple of weeks before they posted a credit to my credit card account. I shouldn't have been surprised when they held back $25.00. In other words, my "refund" was only a partial refund.<br />
<br />
I filed a dispute with my credit card company. Still waiting to see how that turns out, but the bottom line remains, you can't believe what CLEAR tells you.<br />
<br />
<i>On December 16, 2009...</i><br />
I disputed Clear's hold-back and my credit card company agreed with me. (I've been their customer for 25 years and only disputed one other charge. YMMV.)<br />
<br />
Instead of challenging the dispute, Clear just charged me another $25 on a new charge. Turkeys!<br />
<br />
And then they did it again! As of this morning, I was $50 in the hole.<br />
<br />
I'll dispute those and eventually get my money back. What this means to you, dear readers, is that it is <b>not safe to give Clear a credit card number</b> because they have shown they will make unauthorized charges to your account.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-38894375083231990882009-11-04T23:24:00.000-05:002009-11-04T23:33:58.406-05:00Windows 7 on a ThinkPadI'm going to be Mister Never Had Vista, and I think I'm not going to be alone!<br />
<br />
Now that Windows 7 is officially available, I decided I'd better start learning something about it. I have an IBM ThinkPad T-43 with one gig of memory and a tiny 30G hard disk. I decided to put Windows 7 Professional on it to See What Happens (tm).<br />
<br />
I was using a "generic" Windows 7 install, and not one customized for the ThinkPad, and that made me worry that things like the eraserhead pointing stick might not work. However, the installation worked like a champ and all was well at the end. Apparently Lenovo (or IBM) provided Microsoft with at least a basic driver kit. Good.<br />
<br />
I downloaded ThinkVantage System Update (TVSU). It took several iterations before I had everything up to date. Apparently TVSU understands prerequisites, but makes one iterate over them. That doesn't seem too bad as it only has to happen once. TVSU for Windows 7 can be downloaded <a href="http://www-307.ibm.com/pc/support/site.wss/TVSU-UPDATE.html">here</a>.<br />
<br />
The only real problem I had is that TVSU tried to install an unsupported External Controller flash on my 1871-type T-43. I had to borrow a USB floppy and do a flash from diskette to get over that. Happily, it didn't brick my T-43.<br />
<br />
I wish I had not installed ThinkVantage Access Connections. Windows 7 does a lot of what one needed Access Connections for. That's OK, too, because installing Windows 7 was an experiment. I intend to blow the installation away and start over in a month or so. (And yes, I <i>did</i> keep good notes.)<br />
<br />
In summary, Windows 7 works even on older Thinkpads, and, with enough updates, you will get the drivers you need. (But please don't try this with a mission-critical machine, OK?)Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-10424704973885232582009-07-10T12:21:00.000-04:002009-07-10T12:41:02.341-04:00ThinkVantage Access ConnectionsI like my ThinkPad and I appreciate the flexibility I get from managing network connectivity using ThinkVantage Access Connections. However, the ThinkPad got into a state where <span style="font-style: italic;">any</span> change to a wired or WAN Miniport profile caused the Ethernet connection to fail with error "<span style="font-style: italic;">DHCP server not responding." </span>Wireless connectivity continued to work, although it took me a long time to figure that out.<br /><br />Similarly, any change to the Access Connections (like trying to upgrade to the current version) caused wired connectivity to fail.<br /><br />For a long while, the only solution I found was to revert changes using Windows system restore. Last weekend I decided I had had enough, and spent the time to out-stubborn the problem.<br /><br />It turns out that deleting and re-adding the Ethernet NIC using Windows Device Manager and Add New Hardware did the trick. I could now change profiles, upgrade software, etc. without breaking my wired connection. Good!<br /><br />However, deleting and re-adding the NIC broke all my WAN Miniport connections. VPN access and even dial-up no longer worked. Happily for me, "harrisb" had posted a solution for this one on a Lenovo forum: <a href="http://forums.lenovo.com/lnv/board/message?board.id=Special_Interest_Windows&thread.id=398">http://forums.lenovo.com/lnv/board/message?board.id=Special_Interest_Windows&thread.id=398</a> It's one I would <span style="font-style: italic;">never</span> have figured out on my own!<br /><br />So, I am back to being a happy ThinkPad camper.<br /><em></em>Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0tag:blogger.com,1999:blog-3815860363664999491.post-6484079620364724742009-07-10T11:04:00.000-04:002009-07-10T11:14:07.060-04:00BitmongerI'm Bob Brown and I've spent thirty years managing technology and another dozen (with some overlap) teaching about it at the university level. I'm still teaching and I do a bit of consulting.<br /><br />In the process, I frequently prove that experience is what you get when you're expecting something else.<br /><br />To help others share those hard-won experiences, one hopes with less labor and frustration, I want to write about them, sharing answers with others who may face the same problems. We shall see how I do.Bob Brownhttp://www.blogger.com/profile/10329126915794755200noreply@blogger.com0