MiniLock: a program to keep your private files private

Image courtesy of  Yuri Samoilov at Flickr.com

The creator of an encryption program that wasn’t successful released another one with a renewed concept: making encryption so easy that anyone can do it, in order to stay protected from the prying eyes that spy on digital communications.

Espionage, a century ago, could be as simple as setting up a copper wire on an official telephone line and start eavesdropping. Today, one hundred years later, that way of spying is something to laugh at, and it may even seem endearing. Current espionage systems are so incredibly sophisticated that few words actually manage to escape the network of technological eyes that are constantly watching the digital messages circulating on the planet: SMS, emails, social networks, phone calls, and so on.

The world’s public opinion is divided between those who justify tracking and those who believe that a compulsively observed population will result in the most barbaric totalitarianism imaginable. Hackers and tech-savvy experts, though, were the first to denounce the machinery that states and governments were setting up to delve into any private space. The best known cases are those related to Julian Assange and Edward Snowden, but there are many more.

This community is also trying, with a lot more courage, to avoid an ultra-controlled future. For years, hackers have been creating encryption technologies to shield messages and making them only accessible to the person who sends and receives them. Many of them called themselves “cypherpunks”. People like Assange spent a lot of time creating free encryption systems for people to express themselves freely on the Internet. The identity and contents of a message are inaccessible except for the sender and the recipient.

For years there have been services that have been trying to stay out of this global espionage network consisting of governments and businesses. As an example we can find web browsers (Tor, Chrome’s incognito mode or Firefox’s private browsing), mail services (Lavabit, Riseup), instant messaging clients (Telegram) or search engines (DuckDuckGo).

But outside of those environments, for the average user, encryption remains a bit of a mystery. Software engineers and similar experts, however, work harder to make it easier and lighten the weight of this unprecedented network of espionage. One of those hard-working people is security consultant Nadim Kobeissi, who created and released a browser plugin that is capable of encrypting and decrypting files in just a few seconds, and was featured in an article from Wired magazine.

The program is called MiniLock. It is free and open source -you can find its source code in GitHub-, and it was presented for the first time in New York’s Hope X hacker conference in July of 2014. Kobeissi hopes to develop software so simple that anyone can use it. “It’s super simple, approachable, and it’s almost impossible to be confused using it”, said Kobeissi to the aforementioned magazine.

Image courtesy of Christiaan Colen at Flickr.com

MiniLock first appeared as a beta version and, according to its creator, it began still in an experimental phase. The extension is capable of encrypting virtually anything, ranging from videos embedded on an e-mail message to photos stored on a USB drive. These encrypted documents can also be stored, safely, on services like Dropbox or Google Drive.

In this desire for simplicity, MiniLock requires no registration or a signup process. The only thing the user has to enter is an extremely secure password, which means that it must be comprised of a combination of at least 30 letters and numbers.

Kobeissi has been working for quite a while on encryption systems. The consultant is probably better known for his Cryptocat chat program. But, according to Wired, that project had security flaws. In a pessimistic view this could mean that the hacker community can view MiniLock with a skeptical eye. An optimistic outlook may focus on something different. Kobeissi himself says that he has learned a lot from Cryptocat and he’ll avoid the mistakes he made back then. One example is the fact that he chose not to release the program right away via Google’s store. Instead, he posted the code on GitHub in order to allow other coders and experts to assess it, check it and correct it beforehand.

Information leaks have turned into a trending occurrence, an especially significant one when it comes to fighting corruption. Certain systems, such as the open-sourced SecureDrop, have allowed citizens to present documents and all kinds of complaints to major news outlets, in a secure and anonymous way, to protect the identities of the whistleblowers.

The controversy that came after Snowden’s revelations about the NSA encouraged the creation of platforms such as Trsst, a microblogging site similar to Twitter, which describes itself as “encrypted, anonymized and decentralized”.

Encrypting information will probably end up being a common practice. And maybe, hopefully before long, it will turn into something as simple as creating a zip file today.

Related contentRead Don Burns’ “Threema, a messaging app that cares about your privacy”

Did You Know Wireless Devices Were This Important in Today's World?

Image courtesy of Jope at Flickr.com

Telecommunication devices have come a long way from the time of smoke signals and notes on a pigeon's foot, but one of the most amazing advances has by far been the possibility of doing all of this without any of the traditional wires needed. Wireless communication does not only refer to smart-phones and Wi-Fi, it is every kind of possible communication where there is a transfer of information or power, but there is no connection whatsoever. The most common and known is the radio, which can be at short-wave and travel only a few meters, or as much as millions of kilometers for deep-space communication. You can find on the list great variety in the different types of communication like two-way radios, PDAs, GPS, garage door openers, wireless gadgets like headphones, keyboards and mice, broadcast and satellite television and of course cell phones and Wi-Fi. If you take a minute and start to really analyze how many of the devices you use on a regular basis are wireless, and not to mention which ones you’ll be using a year from now. Wireless is on the rise while offering consumers a more pleasurable experience without any of the hassle brought on by cables, and receiving the same service. 

We think wireless and of course we immediately think Wi-Fi and the advances there have been with 4G and now 5G communication, which you can read more about on the Don Burns Blogspot page, but it goes beyond that. Wireless communication, believe it or not, started off even before the 1900s when Guglielmo Marconi developed the first wireless telegraph, which started off a wave of other inventions including basic data compression, initial technology behind cellular phones, and radiotelephones during the early 1900s. From there, you could easily list the devices that started popping up in the 50s and 60s from microwave signals and satellites, which were launched into space. Around this time, some associations also started appearing with the purpose of controlling communication as it started to be implemented, among these were: The Federal Communications Commission (FCC), and the International Telecommunications Satellite Consortium (INTELSAT). In the 80s, you could definitely say there was a boom in technology and it can be said this was the birth of the cell phone, since this is when the technology we know today was refined, leading to the beginning of the “technological wars” that would establish the competition grounds for digital cellular standards in 1989. In the 90s, there’s no surprise when records are broken, and the 10 million milestone was surpassed by cell phone users and the size of the internet just continues to exponentially grow.

The 2000s brought tons of new and interesting advances that now allowed users to interact more than ever. This tech had become such a part of everyday life that in 2009 it was registered that over 6.2 billion minutes were used by clients and more than 5 billion SMS messages were sent per day, all via wireless networks. During these years, was also the creation of the iTunes and the Android Play Store bringing about a brand new way of interacting. Apps on smart phones are now integrated into almost every part of our lives, and it seems that this is not the end of it. From here there was an even more advanced integration, which is the Internet of Things (IoT), allowing users to use the internet networks to communicate with devices around the home, office or city to carry out specific tasks.

Image courtesy of ollierb at Flickr.com

So, even though this was a brief timeline, you need to also realize that there are different types of wireless signals, which will be determined by the device being used. For instance, on a TV you are either using analog video or digital video, whereas on a cell phone you are using voice, be it via analog or digital, 3G, 4G or LTE, Bluetooth, or two-way radio. Satellites can carry all types of signals independent if they carry voice, audio, video or data, or even if they do so through analog or digital. The other consideration is the frequency of the signal, which are all supported by these satellites from 3400 MHz to 23 GHz, or others. Then you Wi-Fi and Bluetooth, and finally radio which synchronizes on AM and FM radio. In this whole mix you’ll find devices that could be transmitters, receivers, or transceivers. Each of these will take on a particular role in the wireless communication service: wireless clients (which are the stations that use the connection to interact), access points (which the host of the signal), and Ad-Hoc Nodes (which allow a network of devices to connect to a specific access point).

The list could go on about devices or wireless tech, but at the end of the day the purpose of all of this is maintaining communication as we have the possibility of going mobile. There’s now doubt that there will only continue to be advances in this field in the years to come.

Threema, a messaging app that cares about your privacy

Image courtesy of Dr. Motte at Flickr.com

Telegram is surely the app that we usually resort to in order to demonstrate how an app can offer a very high level of security and privacy to its users, with certain characteristics such as end-to-end encryption and secure chats that take to the next level the fact that we can feel safe when we take part in a conversation with sensitive information. The developers of Telegram have struck a chord with a need that came from millions of users after the events that took place with Edward Snowden and the NSA.

Now we have another application that follows this path and that presents itself as one of the most secure ones to stay out of reach from hackers, corporations and government agencies, and, once and for all, it can be used in a completely anonymous way.

The app is called Threema and we could say that it's the opposite to the ones that we use everyday -such as WhatsApp- in terms of security and privacy.

Security comes first

Telegram is a big bet, and so is Line with the implementation of end-to-end encryption. WhatsApp would later adopt this method, though a bit later than its competitors. If we want to jump to the next level, we’ll get to Threema. It's not a free app, something that some users may not like, but those who want to have access to certain privacy and security features will shortly find in it a great destination for completely anonymous conversations.

Threema is an app developed by a company in Switzerland that has been endorsed by the German government. The servers are located in Switzerland as well and we could say that it’s one of the countries that cares the most about users’ safety and privacy.


With that being said, these servers will only store the minimal amount of information, and the users’ devices will act as clients and servers. The Swiss servers will only act as intermediaries to transfer information from one device to the other. Said information, will be encrypted.

Anti-hacker encryption

Image courtesy of  Melina Sampaio Manfrinatti at Flickr.com

Without a doubt, announcing that it will be impossible for hackers to access your private information will be an attractive statement to them, but this is due to an encryption method based in the open-source library NACl (Networking and Cryptography library). This is why in order to impede copies of information or unauthorized backdoor accesses, the encryption keys are generated and stored securely in the devices of the users, as we mentioned before. 

Threema has stated that group subscriptions and contact lists are only managed from the user’s device. Once the messages have been delivered, they delete themselves so that the files that remain locally will stay, encrypted, within the smartphone or tablet.

The following are several of Threema’s features:

• Text messages and voice messages 
• Sending of all kinds of files: PDF, GIF, MP3, Doc, ZIP and so on.
• Sending images and video and the ability to share your location.
• Group chats in which new members can be deleted at any time.
• ID verification of contacts through personal QR codes.

It’s also worth noting that Threema doesn't require the use of a phone number or an email address. Each user receives a random ID from Threema to identify themselves.

You may not find many of your contacts with it, but it's only a matter of time. It also has a specific function in terms of privacy which differentiates it completely from other apps.

The company that created Threema is made out of -you guessed it- three employees. The startup managed in just 24 hours to double the size of their user base and the app got to the first place in the charts of paid apps in Germany.

Threema combines components of social networking with some of them coming from messaging apps and, on the other hand, apps aimed towards customization. Anonymity is definitely a key factor around which the app revolves.

The German government endorsed the usage of alternative apps for private communications. The app also allows you to find other users by syncing your contacts, but this step is completely optional. You can also share information such as your location on a map, all without leaving the app. If you want, you can exclude individual contacts from the sync process, it features an internal image viewer, a contact list that can be classified according to your needs, blocking of individual contacts, quick switching between different chat conversations, custom nicknames for unknown contacts and several other useful features that will help you keep your conversations away from eavesdroppers.

Even though it doesn't feature the option of voice calling, users can send voice messages. It's available for iOS and Android, and it’s a little less expensive if you have a Windows phone.

Related content

Read Don Burns' "The importance of cryptography in points of sale"

Some 2016 communication trends you need to know

Image courtesy of  RL GNZLZ at Flickr.com

Etymologically, the words trend and “turn” are closely related: they derive from the same Old Norse root: trendr. Trends are new directions, transformations, changes. If our time could be described with a social phenomenon, the lot of increasingly, frequent and definite trends is the right one. The communications sector is an example of how these trends occur very quickly. Some of these trends, which have had prominence in the current year, will be analyzed in this post.

Related: Find Out What Happens When the Telecommunications Industry Discovers 3D Printing

According to Forbes, communication with Millennials is a priority, and one of the ways this will be achieved more efficiently is through human capital investments in call centers. It will certainly develop the necessary technology to achieve the necessary communication.

Several call centers have invested a considerable amount of money on improving communication technologies. The aim has been, for a long time, an effective agent management and a continuous improvement of customer service. Today, the focus of many investments in this sector is real-time communication with users through virtual channels (WebRTC and SMS, for instance), because the Millennials seek, above all, direct and immediate interaction with customer service for solving their problems quickly and efficiently.

Brands will be the new activists. It’s important to keep communities together, but we need to live the experience of living among them and to see them in action. Because of the new kind of consumers, who judge everything based on economic and social policies of brands, we continue to see how brands give more weight to those political and social issues that concern people, placing values at the heart of its communication strategy.

On the other hand, virtual reality as a channel of choice is another important trend this year. While consumers need more experiences and less linear communications, virtual reality will become a key trend in the current 2016. This system has been generally used in the gaming and adult entertainment community, but content creators and communications professionals will use this kind of platforms to help people to assimilate certain realities. Users ask for new experiences in real life every day (or something that closely resembles.) Virtual reality has been very useful in the education sector (driving and flight simulators, for example), to the point that in the future will be a need to impart knowledge of all kind. Since during 2015 the technological advances in this field of communications were tremendous, this year things will move faster. “Brands not only need to ensure that they understand the impact that technology may have on the strategy,” says Don Burns, leader in the telecom industry, “they also must know when to use it and where to turn it into work.”

Image courtesy of  Tyler Pruitt at Flickr.com

In addition, in the flowcharts of companies, Youtubers may have a significant presence to stream content to workers. Companies need to decode new cultural codes, just like Youtubers: a social phenomenon of a decade that started in 2006 and has revolutionized the way information is transmitted at present.

Large 2016 marketing campaigns don’t just make noise to catch attention: they provide a good service. IBM, for example, has protected people from the rain under their ads on the street, and Samsung has set up giant screens in the back of their trucks where they project an image of the traffic through a camera on the front of the vehicle, to show drivers a good view that the truck is blocking. Marketing campaigns will be increasingly active every day.

The traditional model of 'funnel' sales belongs to the past. Consumers go directly to the end point of purchase today. While large online retailers are always seeking the amplitude, brands must seek depth. They guide their ad contents and campaigns to create a good experience with the brand. It makes it possible for consumers not only back, but remember the brand anywhere when purchasing.

The Internet of Things (IoT) is changing the way the global society communicates with itself. This phenomenon of hyper-connectivity will produce a paradigm shift of huge proportions, difficult to foresee (almost like the invention of the steam engine or the discovery of electricity.) Every day, more devices and objects of daily use are connecting to internet and providing useful information for users and businesses. In ten years, the number of smart objects will exceed the fifty billion of units. This year, more and more brands want their products to use IoT technology to improve the user experience and their sales and services as well.

Finally, the Millennials are destroying advertising. iOS 9 has allowed ad blocking, but the market is not ready to react. In 2016, brands will need to improve native advertising, as well as exploring new ways to generate notoriety in the top of the funnel (from sponsored podcasts and agreements with bloggers who are influencers, vloggers and Instagrammers), to a renewed commitment to activities experiences.

The importance of cryptography in points of sale

Image courtesy of hrp_images now at Flickr.com

When we analyze the security of point of sale (PoS) applications, we must keep in mind the necessary presence of magnetic bands and the data of the owners of cards, which are extremely sensitive information, both for the owner as well as for the financial institution that provides them.

In any space in which there’s information that needs to be protected and safeguarded, there lies the imperious necessity of using cryptographic solutions, the ones that originated in battlefields and which today are capable of protecting the confidentiality and integrity of said data. It's not enough to use certain safe protocols, it is also necessary and imperative to make a correct and proper implementation at a software and hardware level.

As obvious as it may seem, cryptography is an essential part of a point of sale, as well as in any other digital forms of payment used today. Complementing the pillars of confidentiality and integrity, authentication and non-repudiation come into play, which means that an operation cannot let itself be unknown to the user.

In terminals, mainly three groups of cryptographic algorithms converge which are used in heterogeneous technologies, where they mix with one another and with many architectures within the point-of-sale devices. Each one of these groups has advantages and disadvantages in relation to one another.
The main point where we will be able to distinguish great differences are linked to resource consumption, speed and even the ease of implementation in the different sections that point-of-sale devices have. The way of storing a password, the way of encrypting the communication between two points or even the degree of safety needed will be the way in which either one of the following algorithms will be implemented.

Symmetric-key algorithms

The same password is shared for the encryption and decryption of information. This algorithm is very fast, but at the same time it is less secure and it definitely needs both parts to have already exchanged their key or password to begin the communication. A couple of examples of symmetric-key cryptography are the 3DES and AES algorithms.

Asymmetric-key algorithms

Image courtesy of MIKI Yoshihito at Flickr.com

They contain two keys: a public and a private one. This way, the same one cannot be used to encrypt and decrypt the information. Both keys are generated at the same time and the private one is safeguarded, which is the one that will be used to read; and the public one is distributed, which is the one that will write, encrypting the communication. Two extensively used examples of asymmetric-key cryptography or public key infrastructure (PKI) are email messages sent through PGP (Pretty Good Privacy), or the network traffic encrypted with SSL or TLS. These are widely used in transactional websites or those that require the user to enter a set of credentials.

One-way algorithm or hash

These functions capture a variable-length information and generate an output commonly called fixed-length hash, based on the input. These functions used in cryptography have the property of being easily calculated, which is why they're widely used to store passwords, since it is difficult -in many cases- to recreate the input if only the value of the hash is known.

When it comes to encryption algorithms, size does matter

A general rule for all encryption algorithms is: the bigger, the better. This is due to the fact that the most simple way of attacking encryption is a brute force attack, testing all the possible combinations of bits, until finally the desired string is found. With the data combination processing capacity of modern computers, it is possible to apply brute force techniques to obtain relatively long passwords made out of several bits or characters.

For instance, DES with a 56 bit combination password can be cracked in less than a day. However, the addition of more bits to the string will exponentially increase the time required for the cracking process to finish. The most widely used hash algorithms are MD5 (128 bits) and SHA1 (160 bits) which curiously are not very robust when it comes to security in comparison with Triple DES or AES, both of which are recommended by the NSA.

To sum up, the diversity in the different types of point of sale devices, both in modular and compact machines, will keep rising and the telecommunication technologies will also accompany this constant evolution, generating greater indices of speed and availability. However, cryptographic algorithms in many cases don't go hand-in-hand with the development of point of sale devices from the initial stage of the design, which leaves an open window through which cyber criminals are able to break into systems and extract different types of information.

Malicious codes are able to sort these cryptographic processes in payment terminals or point of sale devices, applied in certain specific layers with the intention of capturing sensitive information.

Recent contents

Read Don Burns' "What Is Encryption And How Can It Work For Me?"

What Is Encryption And How Can It Work For Me?

Image courtesy of Intel Free Press at Flickr.com

We truly live in an era where information has become one of the most traded commodities available. Is it possible to ensure that the information we send, receive, create and store in our devices stays safe and accessible only to those you want to share it with?

The use of encryption software has been associated with paranoid conspiracy-theory enthusiasts who believe the government is out to get them and wants to steal their information. However, as ridiculous as it may sound, they are not entirely wrong. Your information can be at risk but not exactly the way you think. Identity theft, hacking, state-sponsored snooping and even advanced steps of social hacking may take place by violating your electronic privacy accessing your files, pictures and personal computer content.

You’ve probably heard the word “encryption” many times before but are unsure of what it means exactly, how it works and what can you do to take advantage of its benefits.

First of all, encryption is a method of protecting information in a way so that only those intended by you are able to access it. Using encryption is not something new, and the basic concept of it remains the same even if the tools available to encrypt have changed. Rudimentary forms of encryption have existed since the times of the Old Kingdom of Egypt when non-standard hieroglyphics were carved in monuments. It wasn’t until around 800 AD when Al-Kindi invented a frequency-analysis technique for breaking mono-alphabetic substitution ciphers, something that proved to be the most fundamental cryptanalytic advanced until WWII.

Encryption uses algorithms to jumble data into a string of code that is complete gibberish to those who do not have permissions to see the information. Those permissions come in the form of an encryption key that decodes the information and rearranges characters and code so it can be read the way it was meant to and without the key it is impossible to decrypt the data.
Data can be encrypted in transit, meaning when the information is traveling towards its destination; or at rest, when the data is stored at a terminal or server. End-to-end encryption for communication platforms is considered the most secure. If messages are end-to-end encrypted, only the people who are having the conversation have the keys to decrypt what’s being sent.

Software for encryption is very easy to use nowadays and it doesn’t take much to get started. Here you can see a very easy info-graphic showing you all the necessary steps to do basic encryption for folders in different operative systems. 

It is important to choose an encryption key length that is strong enough to withstand any attacks or attempts to decrypt your data. An AES 128-bit encryption key is considered suitable for your security needs as it can have more than 300,000,000,000,000,000,000,000,000,000,000,000 key combinations.  

Encryption software gathers random data before encrypting your files, also known as entropy. The password you use will be part of this random data gathered to cipher the files, this is why it is very important that you choose a long passphrase, in addition, you should not use any dictionary words to avoid brute force attacks. A brute force attack consists of an automatic process where all of the dictionary words are quickly input at the password login window. As computers have become increasingly faster this can be done in a matter of hours or less using cloud computing.

Here are some tips to follow:

Image courtesy of Kevin Spencer at Flickr.com

• Always choose an encryption program that uses a standard cipher that has been approved and tested by experts, like AES for example.
• Do not use common dictionary words as your password, use a long passphrase made up of capital and small letters with punctuation signs and numbers that will remember and try not to write it down anywhere
• Do not use the passphrase you use to encrypt your data for anything else like your email, Facebook or any other computer password.
• Never trust a third party service to store your encryption keys or carry out the encryption implementation, if you store data online encrypt it yourself in your computer before uploading it.
• Watch out for key-loggers and malware in your computer that could capture your keystrokes and your secret passphrase, use an antivirus and firewall and always keep it up to date.
• Never reveal to anyone your password, not even to a support department whose staff could be outsourced overseas or could be impersonating someone else. Always verify personnel before giving out any of your information over the phone

All of your information is valuable and should be protected, so take the necessary steps and get in the positive habit of encrypting your files and your communicated over the web.

If you want to learn more about encrypted communications and more advances in telecommunication technologies, be sure to check out our many articles at our blog at Don Burns’ Blogspot.

Anonymity on the Internet: which is better, VPN or Tor?

Image courtesy of Blue Coat Photos at Flickr.com

Complete anonymity on the Internet is impossible and, in the best of cases, a particular phenomenon unfeasible of being maintained for extended periods of time. However, both the VPN and Tor networks help hide the user's identity from third parties. But which one of them is better? Let’s take a look at the similarities, differences, advantages and disadvantages of using VPN and Tor.

Online privacy has become a growing concern for millions of users worldwide, either due to the fact that they’re sharing all kinds of personal information with third parties such as Facebook, Google or Twitter; or to prevent possible attacks by cybercriminals; monitoring by government agencies like the NSA or to limit access to certain websites.

Even though some still believe that surfing the Internet is an anonymous activity, reality is stubborn. The incognito mode or private browsing offered by browsers like Google Chrome, Mozilla Firefox and others is not an effective method of maintaining your anonymity on the Internet, which is why more users are choosing to use a VPN or connecting through Tor.

Both are two methods of transport to surf the Internet. However, the differences between Tor and VPN networks are considerable: a VPN could be likened to an ultralight aircraft, pretty fast but also expensive; whereas Tor, could be compared with a bus, available to anyone, but much slower.

Advantages of using Tor

The purpose of Tor (The Onion Router) is anonymity when surfing the Internet. To do this, the user’s information bounces between different nodes before reaching its destination, so the last server is unable to know the location and private information such as the IP address of the source.

We said at the beginning that there’s no such thing as complete anonymity, and Tor is no exception. Although it’s one of the best systems to surf anonymously, the network’s end node decrypts the data to access the required destination by the initial user, opening the door to possible vulnerabilities. It is hard, but not impossible.

If you browse via Tor, it is essential for you to be aware of the fact that it is not a bullet-proof system. The security level is very high if you use secure connections (HTTPS), but otherwise it’s low.

To maintain your anonymity it’s essential that you avoid sending unencrypted personal information such as your email address, location or mobile phone.

Advantages of using a VPN

Image courtesy of PhOtOnQuAnTiQuE at Flickr.com

In simple terms, VPNs (Virtual Private Networks) add a private network -tunnel- on the main network of the user. Basically, a VPN grabs your connection, encrypts it and sends it to another server. Instead of your computer going directly to Google, it first accesses an intermediate server and, from there, it goes to Google.

Using a VPN is recommended, for example, when browsing within a public Wi-Fi network because otherwise you’ll be at risk of third parties seeing everything you do online. When using a tunnel, only your connection to the intermediate server will be visible, which is the one that actually makes the requests to Google, Facebook and other sites.

Another advantage of using a VPN versus the usual navigation is that you can “fool” the rest of the world about your location: if you are in New York and the VPN server you use is in London, all of the websites that you visit will believe that you are a user from England, which opens the possibility of skipping geographical limitations in all types of content.

When is it best to use Tor? And a VPN?

Although there are some providers of free services like Hola, most VPN services -the most powerful ones- are paid. By contrast, the Tor network is free by definition, because it employs the user’s connections to establish the nodes.

Anonymity in a VPN network is in any case relative, given the fact that even though they promise not to store information about their users, it is difficult to think that they can keep their promise if a court order comes.

Tor guarantees a higher level of online anonymity, as long as the the user takes some precautions, but it’s not as impenetrable as the NSA has tried to show in recent years. The biggest disadvantage of Tor is that browsing speed is very limited.

When to use a VPN? If you are an intermediate user concerned about online privacy and the use of your data by third parties the recommended option is a VPN. You will have a considerable latency, but the speed of your connection will be enough to play HD videos on sites like YouTube or Netflix.

When to use a Tor network? This system is used in situations that require a high level of anonymity, especially with the threat of governments or intelligence agencies. It’s reliable, for instance, for journalists working with sensitive documents and leaks, but the biggest disadvantage is that the connection speed is quite slow.
Recent contents

Read Don Burns’ “How The Evolution of Sensors On Smartphones Makes Life Easier”

Learn how to defend against the MITM attack

Image courtesy of Blue Coat Photos at Flickr.com

The Man in the Middle attack is also known as a bucket-brigade attack, or Janus attack in cryptography. As its name explains, the attacker keeps himself between two parties, making them believe that they are talking directly to each other over a private connection, when actually the entire conversation is being controlled by the attacker. In a previous article, Don Burns explained all about the Man in the Middle attack, now you can learn about the defense. Since MITM attack can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other, the two crucial points in defending against it are authentication and encryption. A number of cryptographic protocols include some form of endpoint authentication specifically to prevent these attacks. For example, Secure Sockets Layer (SSL) can authenticate one or both parties using a mutually trusted certification authority. However, SSL is still not supported by many websites yet. Fortunately, there are three effective ways to defend against a man-in-the-middle attack even without SSL.

Virtual Private Network

A VPN extends a private network across a public network, e.g., the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network while benefiting from the functionality, security and management policies of the private network. You can start creating a virtual private network (VPN) by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols or traffic encryptions, such as PPTP (Point-to-point Tunneling Protocol) or Internet Protocol Security (IPsec). All data transmission is encrypted so that even if being intercepted, the attacker will have no idea about the content of the traffic. As a transfer station, the safety and reliability of the VPN server are very crucial to the security of your whole communication system. So, if you do not have a dedicated VPN server yourself, you are advised to only choose well-famed VPN server provider.
After establishing a remote VPN server, either manually or using some reliable online tool, you can follow these steps to create a Point to Point connection: First, Click “Control Panel” in the startup menu. Then, select “Network and Internet”. Go to “Network and Sharing Center” and Click “Set Up a new connection or network”. Once in the “Set Up a new connection or network” dialog, select “Connect to a workplace” and then press “Next”. In the “Connect to a Workplace” dialog, click “Use my Internet connection (VPN)”. Then, input the IP address of the VPN server and press “Next”. You will have to input your username and password, then press “Create”. And finally, Click “Connect Now”. After following these steps, all data transmission is encrypted so that even if being intercepted, the attacker will have no idea about the content of the traffic.

Proxy Server with Data Encryption

Image courtesy of Defence Images at Flickr.com

Use a reliable proxy server and encrypt the transmission between you and the proxy. If you only want to conceal your IP address for a specific amount of time and are not concerned with the security and performance, go for the free web based proxy services. But if you have the necessity to hide IP address on a regular basis, need high security and performance, go for paid VPN services like HideMyAss VPN (one of the most popular and trusted VPN service that allows people to easily conceal IP address and protect their online privacy) or VyprVPN (world’s fastest VPN services that allows people to easily conceal their real IP)

If you want to make sure your IP is changed, type “my IP address” on Google before and after using any of the above services. Just compare both the IP addresses and make sure they are different. If yes, that means you have successfully changed your IP address.

Secure Shell Tunneling (Linux/Unix)

SSH tunnel consists of an encrypted tunnel created through SSH protocol connection. SSH tunnel can be used to transfer unencrypted traffic over a network through an encrypted channel. You can use SSH tunnel to securely transfer files between an FTP server and a client even though the FTP protocol itself is not encrypted. SSH tunnels also provide a means to bypass firewalls that prohibit or filter certain internet services.

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding TCP ports and X11 connections. A Secure Shell (SSH) tunnel consists of an encrypted tunnel created through an SSH protocol connection. Users may set up SSH tunnels to transfer unencrypted traffic over a network through an encrypted channel. Using a tool like OpenSSH on a Linux/Unix system you can tunnel all of the traffic from your local box to a remote box that you have an account on. SSH tunneling can be thought as a poor-man’s-VPN. It is handy in situations where you would like to hide your traffic from anybody who might be listening on the wire or eavesdropping. You can use such tunnel between your computer and your Unix/BSD/Linux server to bypass limits placed by a network.

Moment lenses for iPhone: a Little review to get acquainted

Image courtesy of  Warren R.M. Stuart at Flickr.com

Technology right now is amazing everybody everywhere at all times. Every day we see a new advance and a new breakthrough that amazes us in every way possible. For example, mobile phones and their applications. We see new things come out every day and new apps that help people get entertained or organize their lives or even start a new business. 

Well, there are some other devices out there that can be considered as accessories for the iPhones that are also getting very trendy. One of those accessories is the lens that can be attached to the iPhone and used as a regular camera.

These accessories make the camera on your iPhone have all the variations that any other camera has when you apply the lenses. These accessories appeared in the market due to the demand form users to have more option to pictures when they were in trips and vacations. Also, professional photographers wanted more options to the camera that already had amazing applications for their back up pictures.

Two of those lenses are the Moment Wide Lens and Tele Lens that offer the users something a little different, something especially practical: unlike other iPhone camera lenses that sit on top of your phone, Moment’s lenses attach to your iPhone’s lens using a special plate which is specially good for travelers and people that want to have variety on the go for their iPhone pictures. This feature is a thin, strong piece of metal that adheres to the back of your phone like a sticker and has a screw that works just like the lens screw that you can find in DSLR camera and that allows you to screw on different lenses. The brand Moment went live in Kickstarter to look for funding for this pair of lenses in 2014. Yes, the lenses help the users take better pictures, but the mounting system is the state of the art that attracts so many buyers.

This system sticks to the phone and has the hole that will receive the lenses. Installing the Moment lenses’ adhesive plate is not a big deal and does not require a great amount of time. This plate-based installation system is an amazing advantage for techies that love to have the latest iPhone model because they can use the same lenses in their new IPhones without buying new lenses, but by buying a new mount for 10 dollars and installing it in their new phones

It is not all peaches and cream because you have to semi-permanently attach the mounting plate to your iPhone. You really have to be committed to having lenses and to using your phone as a camera more often than regular people. If you decide later on that you really don’t want the mount any more on your phone, you will have to heat the mount system up using a hair dryer in order to get it off your device. Also, special occasions are a key thing. Neither lens is very big as compared with other lenses but they are bulky and not comfortable to have around all day. So you have to choose the moment to put them on. Attaching the lenses isn’t exactly a quick process, either. When you see something you want to snap a shot of, you have to reach into your bag, pull out the pouch, take out the lens, and then line the lens up just right so that it locks into place. 

Image courtesy of  Warren R.M. Stuart at Flickr.com

When you use the lenses the difference in the photos is amazing. For example, the telephoto lens allows you to capture close up pictures of things that are very far that you could never get with your regular iPhone camera. There was a very happy user that took a close-up photo of Alcatraz from a dock where she could barely make it out with her eyes, and she could actually see it in the picture. When using the telephoto lens along with the iPhone’s built-in zoom she was able to get close enough to read previously unreadable signs and get a good look at people who were once just small figures in the frame.

On the other hand, with the wide angle lens users can take pictures that cover crowds and that include as many things possible into the frame at very closes distances. For example, you can take pictures of buildings when you are standing in front of them or across the street. There’s a bit of frames on the corners of the images, but nothing that couldn’t be easily removed in a photo editor or with a little cropping.

Take a look at this amazing article to understand more about gadgets for smartphones and how they are changing the way we use mobile technology.