Glasswire Review – The Complete Network Monitor

Glasswire might just be your complete network monitoring and security tool, for both professionals user and home users. I have found from use that it becomes an asset to your security policy, being that at work or home.

Glasswire - Free Features

Glasswire is packed full of features that are designed to not only make your life easier, but also give you piece of mind that your computer is safe from malicious software such as remote Keyloggers and Trojans. This proves evident when you consider the Webcam and Mic detection feature that will notify you if your webcam or mic is activated. And after the leaked documents from Edward Snowden, this concern is ever more prominent. The amount of people you see with tape or a cover over their laptops webcam is not to be ignored.  And rather than placing a sticker or tape over your webcam you could simply turn on the webcam and mic detection feature.

Glasswire -Webcam Detection

The webcam and Mic detection feature can also be used in conjunction with the network monitor, and if Glasswire detected the webcam was in use and you are to see suspicious network activity you would be able to deduce that there could be a Trojan or other remote element on the PC. These features combined make Glasswire a force to be reckoned with in regard to preserving your privacy and preventing your system being compromised.

GlassWire - NetworkScreen

Have you ever wanted to know what or how many devices are connected to your WiFi network, well Glasswire has the solution. Under the network tab you can choose to scan your network and from there it will build a list of all of the device connected to the network.

This will then let you label each device. The ability to label the devices is a nice touch considering in some household there could be as many as 4 iPhone’s that would all be identified by the same name.  And by labeling all of your devices each time you notice an unrecognised device on the network you will be able to carry out an investigation and remove any labeled device from the equation.

As well as this it also has a built in firewall, that can alow you to block or allow certain applciaitons from accessing the outside world. This feature could be very useful if you are to notices some suspicous activity and your first port of call could be to block its network access before investigatong further. This could potentaly save you a massive amount of trouble depending on the type of malware it is.

This slideshow requires JavaScript.

The user interface is warm and welcoming, and offer a few different skins so the user can add their own personal touch to it. And due to all of the option being very clear and easy to access it s quick and smooth to navigate without having to jump through hoops to find certain elements of the application.
GlassWire PricesGlasswire does offer a free option, and for most users, that might be all they need. It will still allow you to monitor your data usage and see a visual representation of network activity.
But considering the ‘Basic’ option starts at $49, paying for the added features will not break the bank and in most cases will cover your average user who may just want to see what is connecting to their wireless network and see what is using data on their PC (This could be beneficial if on a metered internet plan)

The next package the ‘Pro’ comes in at $99 but if you break that down at cost per computer it is only $33 a system. And bundle that with the remote monitoring ability it could be ideal if you have a home server, or multiple devices that you wish to kep an eye on.
And finally there is the Elite version, this I would imagine is targeted at business uses due to the number computers. But depending on your home set up it could be used for a home set up and with that many devices in the home a remote monitoring ability could save a huge amount of time, stress and worry.

To conclude, I personally feel that Glasswire take ‘Cyber Space’ and gives the user a real-time visual representation that would otherwise remain hidden or hard to interpret. It offers the user a nice and smooth experience while also delivering the information in a manner that you do not have to be a network engineer to understand. And I would highly recommend it to anyone who is looking to bolster their security policy at home or work.

Passwords – Good Practise

Recently I have started to use a new password manager and got asked why I did not just use the same password across all of my accounts online. And this lead to me thinking that people as a rule don’t know effective and secure practice to follow when using online accounts and passwords.

Firstly you should always use a different password for each of your online accounts, this could be having one password with many variations such as different letters or symbols within it. This is necessary these days as it only takes one of the platforms you use to get hacked and you could potentially lose access to all of your accounts.

So Here Are Some Good Password Practice

Password Practise
The steps above are a fairly comprehensive guide to develop a highly secure password, by memorizing a sentence you have written, the arduous task of having to remember your new or complex password is reduces. you can also incorporate information about the account you are logging into meaning each accounts password will be a lot easier to remember.

unnamed
TrueKey is a password manager utility from Intel, and not only does it store information for online accounts you can also put in information like your social security number. This turns out to be very useful when paired with the mobile app. TrueKey also offers a feature that will generate a password for each account, and then log you straight in from the application. Meaning once you have secured all of your accounts you will only ever need 1 password to gain access to them.

6a00d8341cc8d453ef01157025645b970c
This final method is a touch old school I know. But in my opinion nothing can beat a trusty notebook (Granted I am probably one of a few that still like handwritten notes.) But the beauty of using a notebook is that you never have to worry about getting hacked and they can be carried on you at all times. Ok, so this option might not be the best if you tend to lose things but other than that its a sure fire way to manage multiple account details offline.
 

And hopefully if you follow some of the steps listed above you should be able to maximize your online security. As it is commonly known that the weakest point in most security systems is the human element. And that is because a lot of people have poor security knowledge or training. And this can be down to a number of thing such as age or use case.

But again hopefully this helps and you can share it with your friends and colleague to again increase everyone online safety.

What is WannaCry

Recently you might have read that a computer virus by the name of WannaCry has been extorting money from people and organizations all over the world. But what is WannaCry and should you be worried?

WannaCry  (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a computer worm that has been effecting Windows computers over the past week. It is rumored to have been enabled and aided by some of the recent Vault 7 vulnerabilitys including EternalBlue that the NSA (National Security Agency) had been collecting and storing over the past few years. This has lead to one of the most widespread and effective ransomware’s that has been seen to date. Not just targeting your average user but also going after large corporations and organization such as the NHS (National Health Services)

wannacry_05_1024x774-0
The WannaCry GUI that users have been met with

But what does it all mean, this ransomware could have sat dormant for month (It very likely has) just trying to spread the infection to as many vulnerable machines as possible. Until it is then activated by either the creator or by s spesific time and date. Once the infection is triggered the malicious package then encrypts the users PC and demands the user to pay the “Ransom” in this case the amount was $300 or £231.59. This is a rather large amount of money and on the scale of the attack would have made it a very profitable venture if all of the effected users pay the money to gain access back to there device.

In the case of WannaCry effecting the NHS it could have potentially cost human lives as well, because it was effecting hospitals and GP surgery’s. Without having access to the patient information the medical practitioner might have been unable to proceed with a user treatment or potential be unable to access the patients personal information.  But WannaCry made a few fatal error is the design and execution of the virus. Firstly the ransom payment was required in bitcoins (Bit coins are a digital currency with no central regulation making it hard to track) but because there what only 4 addresses to pay the bit coins too and because they where hard-coded into application it means that the possibility of tracking them is a whole lot easier. And then there is the built in “Kill Switch” that was again hard coded into the application. This meant that to deactivate the ransomware, a website address needed reached. Meaning that researchers were able to find the target URL and register it meaning they then had the ability to deactivate the program.

For such an effective and wide spread virus it looks as if corners where cut, for example if the URL that was required for the “Kill Switch” had been coded to be random it would have made the pressure of finding the target URL much greater as there would not have been a clear target. And the next blunder was in the form of having only used 4 Bitcoin payment addresses, because of this it will make the authority’s job of tracking the Bitcoins slightly easier as they will just have to monitor bitcoins public transaction ledger know as the blockchain. It has also been found by Cisco researchers that the “Check payment” button did not actually do anything other than display one of 4 possible out come, meaning that the decryption of the devices was most likely done manually. But there is also speculation that the creator may just have send out a random handful of decryption keys to make it appear as if the payment has gained the user access to there machine again. If that is the cases then this virus should not really be called ransomware at all, as there is a strong possibility that even after the ransom has been paid the user will not just be given access back to their files, making this more Theftware.

hacking

But there has been further speculation from other security researches that this attack might have been made to look as if it was ransomware. This could mean that the creators had alternate motives. This could have been for a number of things, but when you consider the sort of things that where effected and completely parallelized (Hospital equipment, Trains and ATM’s) could it be possible that the ransomware side of this attack was merely a cover up? And when you consider that researchers at Kaspersky Lab have been finding evidence linking WannaCry to North Korea. This was in the form of similar code that had been used in a previous attack this year. A number of other big names in cyber security have also backed up these claims as they too have noticed drastic similarity within the code that has been used in both attacks. And when you look at the raising tensions between the USA and North Korea and acknowledge the fact that “cyber space” is the new battle field this could have just been a test run for bigger things to come, but of course this is all merely speculation.

But what do you do if your computer if effected by Ransomware and are there any procotions that you can take to make it less damaging.

Precautions to take


  • Always keep regular backups of any documentation and files that you need or do not wish to lose. You could back them up to an external devices such as a USB stick or an external HDD. The other option would be to back up your files and documents to one of the many cloud services such as GoogleDrive or Microsoft’s OneDrive.

 

  • Make sure you download and install regular updates on your operating system, this should hopeful help to prevent the vulnerability being present on your computer.

 

  • If you machine does get infected by ransomware the first thing you should do is disconnect your devices from the internet, this could possibility prevent the virus from encrypting all of your data.

 

 

 

 

Google Cracks SHA-1

A couple of weeks ago a report by Google came out stating they had managed to crack the SHA-1 (Secure Hash Algorithm 1) This Hash function was original developed by the NSA in 1993. And it is still used by a lot of websites today, although there are much newer versions that offers a lot more security as the maths and computing power to crack it is even greater it has not been as widely adopted.

These issue with the Hash Collision is that the idea behind SHA-1 was essentially each file would be given a unique header and in 1993 when this was first developed the for-site that there could potentially be a collision would have seemed impossible due to the amount of computing power required to even entertain this and the fact that PC and computer use was no where near as common as it is today. But although Google has managed to force a collision between 2 items having the same SHA-1 hash it did however take them 2 year with support from the university of Amsterdam. Combine the resources and computing power both a university and Google have and given it took them 2 years to achieve this means as an out-and-out security vulnerability it is not all that feasible that a hacker would be able to force a collision and potentially cause damage.

GoogleCollisionCrackImae
Source: Google Security Blog

Another reason this isn’t to much of a concern to the integrity of cyber security in my option is that SHA-2 is readily available, and already deployed meaning that even if the collision is able to be simulated again in much less time there is a very accessible upgrade path that will offer much greater security and also not lead to a time between SHA-1 is vulnerable and SHA-2 is being developed.

The Creator of both Linux and Git was warned about the possible vulnerability with SHA-1 in 2005 and proceed to continue using it for Git. This is because he felt it would be far to expensive and Git has layered security meaning that one layer might be compromised but that isn’t the end game.

In my opinion although it has been cracked in an experimental setting it would not be as accessable to do for malicious purposes unless it was a state sponsored attack because the resources and time required are not anywhere close to where hackers would feel it a useful tool. And furthermore companies such as Google and Microsoft already use SHA-256 so your average joe who uses YouTube and Gmail will have nothing to worry about in regards to their online privacy and security.

 

If you enjoyed that check out some other posts below

McAfee Cyber Threat Predictions 2017

Paid vs Free Anti-Virus Software