How To Password Protect Files in Linux

The USP of Linux has always been the strong security and stability it offers. Per user/group permissions and ACLs (access control lists) take care of almost all the security needs of a home users as well as an enterprise customer. If there is a need for even more fine grained control, there are various flavors of Linux available that are specifically designed with industrial grade security in mind and certified by organisations such as the NSA.

If you’re a home user, though, all this doesn’t really matter to you. Sure, it helps to have seperate permissions for different users on the system, if you’re sharing your computer with, say, your sibling, but configuring ACLs for home a user is a little overkill, if you ask me.

If all you need is a way to password protect certain important files from the prying eyes of your siblings, kids or pesky neighbors, Linux doesn’t offer anything *out of the box*. Fear not, though, we have just the right tool for you.

Password Protect Files

mcrypt is a utility designed to encrypt/decrypt a file using standard encryption techniques. If you don’t have mcrypt installed, you can install it with the following command.

apt-get install mcrypt

To password protect a file execute the following command

mcrypt <filename>

The above command will output something like this.

khera@khera:~$ mcrypt test1
Enter the passphrase (maximum of 512 characters)
Please use a combination of upper and lower case letters and numbers.
Enter passphrase: Enter password here
Enter passphrase: Repeat password here

File test1 was encrypted.
khera@home:~$

By default, mcrypt creates a new encrypted file with the extension .nc added to the original filename and leaves the original file intact. If this is not what you want, and you’d rather not have any traces of the original file, use mcrypt with the “-u” option.

mcrypt -u <filename>

This will ask you for a password as usual and the only difference will be that when the command finishes executing, the original file, test1 in the above case, will be deleted.

Decrypting a Password Protected File

So, now you know how to password protect file but what about decrypting it.

Turns out mcrypt does that too. Just use mcrypt with the “-d” option and it will decrypt the file for you after confirming the password with you.

mcrypt -d <encrypted filename>

The output should look something like this

khera@khera:~$ mcrypt -d test1.nc
Enter passphrase: Enter password here
File test1.nc was decrypted.

Like, in the encryption phase, mcrypt doesn’t delete the original file by default and if that is what you want, use mcrypt with the -u switch.

mcrypt -u -d <encrypted filename>

This will decrypt the file and delete the original encrypted file leaving no traces of it on your computer.

How was that for an easy encryption/decryption utility?

Forget Passwords, Scan QR Codes to Login

Passwords play an important role in any internet user’s experience. After all, it is the most universal way to authenticate a user online. Wether you want to check your email, log-in to a social network, banking or any other website, chances are that you will have to set up an account and verify yourself every time you log into the site. In a study conducted by Microsoft it was found out that an average internet user has about 25 accounts online that require passwords. Internet gurus have always advised to use separate passwords for each account but if you adhere to that advice, it can become almost impossible to remember the correct password associated with each of our account.

Uniclau is a web based startup that can revolutionize the way users enter their password and it makes apt use of the device that is always with us – our mobile phone. The use of a cell phone to authenticate a user is certainly not new, and we had earlier reviewed the use of mobile phone to make your google account more secure.

With Uniclau you can do away with the hassle of remembering the username and password for any of your online account. To use the service, visit the Uniclau home page and install the uniclau extension for your browser and also the application for your iPhone or Android phone. Once that is taken care of, open the application from your phone. First time users will be prompted to set a pin and their email address which will have to be verified.

Installing the extension on your browser will display a QR Code next to the login field whenever you visit a website. All you need to do is scan this code from the uniclau application on your phone. For the first time for every website, you will have to enter the username and password associated with that account on your phone. For every subsequent access, scanning the code will automatically log you into the website on your browser.

 

Since scanning the QR code from your phone is all that is needed to log into a website, it can become risky if you ever lose your phone. However, that is also taken care of and a pin needed to start the application ensures that only an authorized person can use the unicalu app on the phone. In fact, added security measures such as defining friends and saving a PUK code can even protect you even when you lose your phone or your associated email id gets compromised.

Overall, uniclau is an impressive service that can remove all the woes of incorrect password attempts due to different password for each of our online account. Having said that, the service can also be slightly annoying at times as it occasionally displays the QR code when there is no login field on the page. However, I am pretty sure that upcoming updates will fix the problem.

So, if you have a working internet connection on your smart phone and a long list of passwords to remember, Uniclau is certainly the way to go.

How do you prefer to manage your passwords ?

Get All Round Security For Your Android Phone with Avast

Security is one area where no compromises should be made, be it for a personal computer or a mobile phone. Android developers too, have understood this very well which is why there are a lot of security applications available in the android market (now, Google Play). Among all the alternatives available, I found Avast Mobile Security to be an excellent (and free) security suite that outperforms many of its paid counterparts.

With features such as virus scanner, privacy advisor, application management, web shield, sms and call filter, firewall and anti theft, one can be completely at peace after installing it on one’s android device. Let us discuss the features in detail.

Virus Scanner

The most basic feature of any security application, this can be used to scan the installed apps and the memory card. Users can even schedule automatic scans on their desired day and time.

Privacy Advisor

Android users often complain that installing applications can result in compromising your private information on the phone. Avast privacy advisor shows you all the potential privacy issues along with the list of applications causing it. Examples include applications that can track your location or access your messages, contacts etc.

Application Management

This is a very simple yet handy tool that shows you all your installed applications and the currently running applications. The list can be sorted according to name, size, memory or CPU usage.

Web Shield

Accessing the web from your device exposes you to a host of threats such as phishing scams. Avast web shield automatically integrates with your default web browser and warns you whenever it detects a potential threat.

SMS and Call Filter

If you’re tired of all the marketing calls and SMS’s on your phone, the SMS and Call filter will prove to be a blessing. Create customized groups and then opt to block incoming or outgoing calls and sms’s at your desired days and time. Simple, yet effective.

Firewall

The Avast Firewall works only on rooted android devices and can be used to block all or selected applications from accessing your WIFI , 3G or data network.

Anti Theft

If the thought of losing your android phone gives you nightmares, then the anti theft feature alone will make you fall in love with the avast security app. To begin with, the anti-theft application can be both renamed and hidden so that any unwanted user does not know of its presence on the phone.

The application also gives you remote control over your phone via SMS commands. Every SMS command begins with your set password and this message is never displayed on your phone. With SMS commands, you can lock your phone, turn on a siren, locate the phone, make calls and SMS’s and much more. In case of a SIM change, the new phone number, along with the phone’s location, is sent to the pre defined numbers on your phone.

Some advanced options, such as to prevent USB access to the phone, forcing the data connection to remain active, and the ability to install or uninstall apps are also present but they require the phone to be rooted.

Conclusion

Avast! Mobile Security, without a doubt, performs exceptionally well and is certainly a must have application for any android phone. Moreover, it also defies the general convention of paid apps always being better than free ones.

Download Avast Mobile Security for free from Google Play.

Mac: How To Encrypt An External Hard Drive In Lion

Most computer users use or carry around some kind of portable hard drive or flash disk these days. Considering how we use our computers, almost all of those portable drives tend to store an alarming amount of sensitive data. Have you ever thought what would happen if you lose the disk and the data gets into the wrong hands ?

There are a lot of software solutions available that’ll let you encrypt the data on your disks but most of them are confusing to use and just a pain really. Not, if you’re a Mac OS X user.

Mac OS X lets you encrypt and password protect the contents of any connected disk. Follow our little guide to know how.

First of all, if it wasn’t obvious, connect your disk (using USB) to your Mac and launch the Disk Utility application.

The Disk Utility application will display all the drives that OS X has recognized on your computer in the sidebar. Select the drive that you want to encrypt.

Note: To Encrypt a drive, OS X has to format it and so you will lose all the existing data on the drive. If there is any important data on the drive, copy it to another location and then copy it back later.

Now, select the Erase tab and from the Format drop down list select “Mac OS Extended (Journaled, Encrypted).

You can also select the Case-Sensitive, Journaled, Encrypted option if you want your file system to be case sensitive.

Now, click the Erase button.

Disk Utility will now ask you to enter a password that you will use to access the contents of the encrypted disk. If you can’t think of a strong and memorable password yourself, I’d definitely suggest using the Password Assistant. Click on the little key icon next to the password text box and play around with the password assistant till you find a nice password that you can remember and one that is secure.

That’s it. Now, wait for Disk Utility to finish partitioning and encrypting the disk.

When the disk is ready for use, as indicated by Disk Utility, I’d suggest that you eject it and insert it again just to check if everything works as it should. If you followed the procedure properly, Mac OS X will ask you for a password to access your disk when you insert it again.

That’s it. Enter your password and you should be able to access the contents of your disk as always. When you’re finished using the disk, make sure you eject it properly so that no one else with access to your computer can access your data.

The only problem with this method of encrypting your external hard disks is that the data on the disk can only be viewed on a Mac OS X computer. Depending on your preferences, though, that may well be a good thing!

 

How To Make Your Google Account More Secure

Have you ever pondered upon the consequences of losing your Google login information to a malicious hacker on the Internet? However frightful the thought may be, the truth cannot be denied that users often lose their usernames and passwords and this generally occurs because of users accessing their account from public computers which are flooded with viruses, Trojans, Keyloggers etc.

Google’s 2 Step Verification method adds an extra layer of security to your Google account and keeps it secure even when you lose your login credentials. Whenever you try to access your account from an unauthorized device, Google will send you a code via a text or voice message. This code needs to be entered in order to successfully log into your Google account. This way, even if someone steals your username and password, they cannot access your account until they get hold your phone.

2 Step verification can be enabled for all Google services such as Gmail, Youtube, Blogger etc. To set up your additional layer of security go to your Google settings page and click on the edit link next to the 2 Step Verification text.

The next step will be to set up your mobile or landline phone number where you want to receive the code. Once you do that, verify your phone by entering the code that Google will send to your phone.

You will then be asked if you want to make the computer a trusted one. Trusted computers are those which require the Google verification code only once every 30 days. This prevents the annoyance of having to enter the code every time you log into your account from your own PC.

Do not make a public computer a trusted one as it will defy the whole purpose of setting up 2 step verification. However, if you have multiple computers, you can add all of them to the trusted list of computers from your Google account settings.

The last step requires your final confirmation and just a click on the ‘Turn On 2 Step Verification’ button.

Accessing your account after enabling 2 step verification does not change for trusted computers. However, if you try to login on an unrecognized device, a code will be sent to your phone immediately which needs to be entered for a successful login.


Since the 2 step verification method heavily relies on your phone for sending code, there can be problems in situations when you do not have your phone or there is no cell coverage. To counter this problem you can go to your Google account page and either add a backup phone number for your account or download an application (only for Android, iPhone or Blackberry) to generate the code. As a last resort, you can also keep a hard copy of upto 10 verification codes, each of which can be used only once.

To sum up, Google’s 2 step verification method is indeed an effective way to enhance the security of one’s account and strongly recommended for anyone who accesses his account from public computers.

How To Backup All Your Facebook Profile Data

FacebookFacebook is the world’s most popular social network with over 600 million users. 600 million users who post millions of status messages and upload millions of photos to the site every single day. In fact, Facebook is also the biggest online photo sharing site in the world.

But, have you ever thought what would happen to all that data if the site decides to shut down one day ? Or even worse, what if Facebook decides to ban you from using it for violation of some policy that you weren’t even aware existed ? This isn’t new and has happened to a number of people.

In such a case, wouldn’t it be nice to have an offline backup of all your activity on Facebook ?

Thankfully, the smart programmers at Facebook also realized this and built a feature that lets users take a backup of their profiles. The feature is built-in to facebook and we’re going to show you how to use it.

How To Backup All Your Facebook Data

Log in to you Facebook account and click the Account link on the top right corner of the page. From the drop down, select Account Settings.

Facebook Account Settings

Now, on the Account Settings page, you should see an option that says “Download Your Information”. Click the learn more link next to it.

Since, this option lets you download all the data in your facebook profile and the data may be a little sensitive, Facebook will ask you to authenticate again using your password. Enter your password and click the Continue button.

Download Your Facebook Data

Facebook will now tell you, approximately, the size of the data that you’re about to download. Just click on the Download Now button and Facebook will start backing up all your data. This process happens on facebook’s servers and you will receive an email once the process is complete. Be warned, if you’re a heavy facebook user, this process might take a while.

Downloading Profile Data

When your backup is ready to be downloaded, Facebook will send you an email with a link to a zip file containing all your profile data including your wall posts, pictures and any notes that you may have written. You may want to keep this file in a safe place if you’re paranoid about security.

Facebook Data Download Email

Did you find this post helpful ? Have you ever thought of taking a backup of your Facebook profile data ?

Say NO to Spam with Mailinator

How often have you shared your email address publicly and later regretted when you start getting spam?

Spam, without a doubt, is a problem which we all face. Many a times we are asked for an email address to sign up for a newsletter or register at a forum and then we usually end up with getting our email address spammed. Mailinator, an email service, has a very unique approach to solving this problem.

What does it do ?

To put it simply, Mailinator provides you with a temporary, disposable email address. Users can also create email addresses on the fly. This means that there is no need to register beforehand. Just use an email address of the form of email_id@mailinator.com and visit the website to check your inbox.

Needless to say, it’s not very secure to use Mailinator for sensitive information. Anyone can check your inbox as it does not require a password. But then, the site is not meant to be used as regular email service.

How does it reduce Spam ?

Very often, we need an email address to receive only a single email, such as a confirmation email for registering on a website or a forum. In case you have such a need, use any Mailinator email address and visit your inbox straightaway to receive the email. Once you are done with it you can simply choose to forget the email address, or use it the next time you require a temporary email address.

Before you use this service, do keep a few points in mind. As I have already mentioned, Mailinator does not require a password to view anyone’s inbox. So, it’s always a good idea to think of an unusual mailinator address and use it to prevent the inbox from being accessed by others.  Moreover, emails received on the site are deleted after a period of time. All attachments and emails with size more than 120k are also deleted.

To use the service, think of any name (upto 25 characters) and use it with any of the following domains :

  • @mailinator.com
  • @mailinator2.com
  • @zippymail.info
  • @suremail.info
  • @suremail.info
  • @binkmail.com
  • @tradermail.info
  • @safetymail.info
  • @spamherelots.com
  • @thisisnotmyrealemail.com

When you receive an email, you can read it by entering the email address in the “Check your inbox!” field on the website or by using the RSS field that Mailinator provides for all Inboxes.

Alternatives

There are a number of other alternatives available which offer similar service to that of Mailinator:

  • myTrashMail.com : Offers similar functionality with the domain @mailmetrash.com and also lets you create secure password based accounts.
  • 10 Minute Mail : Provides disposable email addresses that expire after 10 minutes. Time can be extended by 10 minutes each by clicking on the “Give me 10 more minutes” link on the website.
  • Mailexpire : Lets you create email addresses and then forwards all emails received on this address to your regular address for a chosen period of time. Useful in cases where the user is not sure about when he will receive the expected mail.
  • GuerrillaMail.com : Similar to 10MinuteMail except that the email address lasts for 60 minutes.

Conclusion

Mailinator is definitely a very good way to avoid spam that lets you use your “on the fly mailinator account” without any hassles of signing up and leave the task of eating all your spam to them.

How To Enable Private Browsing On Safari, Chrome, Firefox and Internet Explorer

Secure BrowsingWeb browsers have become an integral part of our lives and for a lot of people, a browser is the only way they interact with their computer.  For example, if you’re reading this post, chances are you’re using an Internet browser to read it. While you may not realize, all internet browsers collect and store a lot of information while you surf the Internet. Some of this information, like web page caching, is used for speeding up your experience surfing the web but other bits and pieces can be used to track your behaviour online, log you in automatically to websites and in general, help websites, or other individuals using your computer, identify your online behaviour.

If you only use your own computer to surf the web, this shouldn’t be a problem, but if you’re someone who’s paranoid about their security, most browsers also give you a way to disable this behaviour. Safari calls it the Private Browsing mode, On Chrome it is known as the incognito mode and Internet Explorer prefers the term InPrivate browsing. In this post, we’ll teach you how to enable the private browsing mode for your preferred browser so that the next time you’re browsing the internet from a public computer, you can be sure to not leave any breadcrumbs behind. Ok, that was a little cheesy but you get the drift !

Enable Private Browsing On Safari

Safari is probably the easiest when it comes to enabling the private browsing mode since it actually features a menu item under the Safari menu for precisely this purpose. Click on the Safari menu and select the Private Browsing option and you’re done.

Safari - Private Browsing

Incognito Mode On Google Chrome

Google’s Chrome Internet browser is fast gaining on the popularity charts and for good reason. It is incredibly fast and lightweight and still manages to pack in all the power features that it’s more mature competitors sport, including a private browsing mode that Google calls the incognito mode. To enable an incognito session on Chrome, just press the Ctrl+Shit+N key combination whenever you’re using Chrome and the browser will open a new window for you to surf privately. You can also open an incognito window from the File menu.

Chrome - Incognito Mode

Private Browsing On Firefox

Firefox is the only browser, among those that I use, that thinks of the Private Browsing mode as a “Tool”, instead of a “feature”. That is evident from the fact that, on Firefox, the option to start a private browsing session is present under the Tools menu rather than the File menu.

Firefox - Private Browsing Mode

InPrivate Browsing On Internet Explorer

Internet Explorer has been quite late in catching up with the other browsers but with version 8, the grand-daddy of internet browsers also has a private browsing mode called the InPrivate mode. To activate the InPrivate mode, simply use the ctrl+shift+P key combination.

We’ve covered the top 4 Internet browsers in this post, but if you use any other browsers that have a similar feature please let us know in the comments.

Image Courtesy: http://www.agfibertechnology.com/computer-security-threats-and-solutions/

Mac: How To Create An Encrypted Disk To Securely Store Your Data

Disk UtilityApple likes to claim that Mac OS X is one of the most secure operating systems available.

While it may be true that a default install of OS X, is usually more secure than a similar default install of a consumer Linux distribution, it is also true that the average Mac OS X user is far less computer savvy than an average Linux user. A default OS X install has almost no open network ports and even secure encrypted services such as ssh have to be started manually for the first time after installation. This, in my opinion, does make OS X a much safer bet for a home user than, say, Windows or even Linux.

But, if you’re still paranoid about securing your data and would like to store all your data encrypted on your computer, OS X has ways to do that also. OS X lets you create an encrypted volume on your computer that you can use to store your data. Access to this volume is through a password and without the password all an attacker would get access to is encrypted junk.

Disk Utility

To create an encrypted disk image, launch the Disk Utility application that is bundled with OS X and click on the New Image button. Make sure that you don’t select any volume from the sidebar when you click the New Image button as that will tell Disk Utility to create a copy of that volume instead.

Disk Utility

Select a name and size for your new disk and from the Encryption drop down select an encryption scheme. Apple offers two encryption schemes, 128-bit AES and 256-bit AES. Choose the one that suits you. Select Read/Write Image from the image format drop down and click on the Create button.

Disk Utility will then prompt you to enter a password. You can even use a password assistant that can help you create a reasonably strong password. Store the password in your keychain, if it’s too hard to remember it.

That’s it !

Disk Utility will now create a disk image and once it’s done, it’ll be mounted for you to use it for the first time. Copy your data to this Volume and unmount it to keep it away from prying eyes. The next time you double click on the disk image, OS X will ask for a password to open it for you.

How to revoke access to Twitter Applications

twitter If you, like me, are a fan of Twitter, I’m sure you try out a lot of twitter based applications. There are thousands of applications based on the Twitter API with hundreds more being launched everyday. While some of them are pretty useless, there are some gems that once you start using, are difficult to get rid off.

The usual apps, like the one I use for accessing twitter on my iPhone, only ask for my Twitter username and password and then store it on the device to communicate with Twitter on my behalf. But some applications, like the previously mentioned CoTweet, use your Twitter credentials to let you login to their site without creating an account.

Twitter’s OAuth API interface is used for this purpose and the advantage with this is that you don’t need to give the third party application your twitter login details and instead you login to Twitter directly and approve the third party app to use your data and to Tweet on your behalf.

Continue reading “How to revoke access to Twitter Applications”