If you don’t have the time or wish to download, install and configure PGP-based software application for email encryption, there’s an easier solution available for you. HushMail offers a free, web-based email service that has a built-in support for PGP email encryption.

All encryption and decryption is done on-the-fly and completely transparent to you. You can also upload your friend’s public-key to the HushMail server using HushTools, and likewise, your friend can download your public key so that both of you can send secure emails back and forth. Continue Reading »

Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them. Continue Reading »

Suppose you need to access your email from an insecure environment, such as an open wireless hotspot or an airport. When using a public (insecure) network, the potential security risk is that your valuable data can be sniffed by bad guys.

While majority of free e-mail providers, such as Google GMail and Yahoo! do provide options to login securely using https connections over secure socket layer, some email providers (business and free) don’t offer any encryption at all. To tackle this problem, we’re going to create a secure SSH tunnel over the insecure public network. Continue Reading »

Looking for a free and reliable security package for you PC? Try out CoreSecurity Core Force. Core Force is a comprehensive security solution for Windows. It provides security features to protect against malicious programs and external attacks that exploit and leverage security vulnerabilities in Windows and third-party software applications.

How does it work? Core Force enforces its own set of security configuration independently of Window’s configuration. You can configure security settings for the entire operating system or on a per application basis for specific programs such as email readers, Internet browsers, etc. They can include inbound and outbound network traffic restrictions, file system access restrictions to files and folders and registry access restrictions to registry keys and values. Continue Reading »

Practically all UNIX-based servers run a SSH server to allow remote administration across the Internet. From time to time, you might notice a large number of failed login attempts. Often, these are brute-force attacks against your SSH server

In this hack, we’ll show you 5 tips to protect machines running SSH daemons from brute-force attacks. Continue Reading »

Data Execution Prevention (DEP) is a set of hardware and software technologies that help prevent damage from malicious software that attack your computer by executing arbitrary code from memory locations due to software vulnerabilities. DEP works by making sure that software uses system memory safely, blocking a technique used by hackers to exploit software vulnerabilities and install malware.

In a nut shell, DEP software works alone or with compatible microprocessors (Intel and AMD) to mark memory locations as “non-executable”. If a program attempts to write code and execute it from a protected location, DEP closes the program and notifies you. The software-only version of DEP is not as effective as the hardware version. Yet, it’s strongly recommended to turn it on. Continue Reading »

Accidentally deleted an important word document? Office crashed and your presentation was damaged? If you got Vista, you can restore any file within minutes thanks to Vista previous versions feature.

Vista automatically creates previous versions of your files without you having to create a backup of them manually. Previous versions are basically backup copies of files and folders that Vista automatically saves as part of its system restore procedure. These backup files are typically created once a day. Continue Reading »

While the adoption of web applications for conducting online business has enabled companies to connect seamlessly with their customers, it has also exposed a number of security concerns stemming from improper coding. Vulnerabilities in web applications allow hackers to gain direct and public access to sensitive information (e.g. personal data, login credentials).

Web applications allow visitors to submit and retrieve data to/from a database over the Internet. Databases are the heart of most web applications. They hold data needed for web applications to deliver specific content to visitors and provide information to customers, suppliers etc. Continue Reading »

Suppose you’re at an open wireless hotspot and wish to connect the Samba server from your Windows laptop, but you don’t want to send data (documents, authentication hashes etc.) over the air in plain text.

Using SSH tunnels, you can encrypt all your network traffic and redirect it through a trusted computer when you’re connected to an untrusted network. The goal of this hack is to enable Windows users securely access shared files on any Samba server. Continue Reading »

When you tell Firefox to remember your user-name and password to a login service, it encrypts the access credentials and stores them in a database file in your profile directory. Yet, anyone can open Firefox’s password manager and view your secure login credentials.

In order to keep prying eyes out of your login information, one can set a master password to provide an extra layer of privacy. However, if the password is forgotten, there’s no way to recover the lost login credentials. Continue Reading »