Category Archives: Internet Security

Torrent Seeding Explained

 

Torrent file sharing is one of the best thing ever to be made, it made sharing files of that are in the Gigabytes range effortless. One of the best features it has is its resume capabilities, this means should you lose internet connection for a moment or day (God forbid) it will resume on the progress it already made. I know you have the same questions that I have, if gravity stops things from falling into space but what’s stopping earth to float away, just kidding, I know the answer but how does torrent do this, traditionally you would download a file from one source/server, but torrent makes it possible you to download from multiple sources, using Peer to Peer technology (P2P).

Seeding

Seeding: after you’ve finished your download to help distribute it (you distribute the file while downloading, but it’s even more helpful if you continue to distribute the full file even after you have finished downloading). Chances are that most of the data you got was from seeds, the client will continue seeding until the torrent is removed (right-click the torrent, then hit Remove). Proper practice is to seed until the ratio of upload:download is at least 1.00. Remember it’s all up to you whether you want to seed or not, but your download was made faster by someone who seeded, how about we return the favor right. And this means that when a file has no seeds, two lifetimes won’t even matter, you cannot download that file.

So, to answer the question you are not asking because you don’t want to offend anybody, Seeding does not harm your computer.

Leeching

As they are referred to in torrenting terms, leechers, are those who are downloading and uploading at the same time.

Hope you found this helpful, and if you like clicking buttons click subscribe and share 🙂

Distributed Denial of Service (DDoS)

Distributed Denial of Service (DDos)

It is a destructive attack  make an online service unavailable by overwhelming it with traffic from multiple sources. It is generally used to target a variety of important resources, ranging from banks, newspaper websites up to personal blogs. This attack is sorely based on breaking access to online information or services between businesses and clients. Many times companies/victims bounce back by putting their servers back online but at that time the damage in costs as a result of down time has been already done.

DDos Tools

  1. Low Orbit Ion Cannon (LOIC) –  LOIC Download here
  2. R-U-Dead-Yet – Download Rudy Here
  3. Tor’s Hammer – Tor’s Hammer Download here
  4. DDOSIM—Layer 7 DDOS Simulator – Download DDOSIM here
  5. XOIC – Download XOIC here
  6. HULK (HTTP Unbearable Load King) – Download HULK here
  7.  PyLoris – Download PyLoris
  8. GoldenEye HTTP Denial Of Service Tool – Download Golden eye here
  9. DAVOSET – Download DAVOSET here
  10. OWASP – Download OWASP here

Cautionary Measures 

  1. Block/Blacklist rapidly repeating IP’S
  2. Create multiple layers

Create a Password for your USB

BitLocker is a full disk encryption feature that comes free with Windows operating systems, it is designed to help protect your data in all your drives. From USB’s to local disks, and if you have partitioned your drives, the new volume drive too.

However it should be noted that I DO NOT RECOMMEND THAT YOU USE IT ON YOUR MP3 PLAYER OR ANY OTHER MUSIC ONLY PLAYING DEVICES (I tried it on my MP3 player and on my way to school I wanted to play music, it was all encrypted, I had to decrypt it first but the files were intact. So let’s get started.

  1. Click the start button and then search “BitLocker Drive Encryption” This is the shorter way, you can still find it if you go to control panel. Double click on it1 Search bit.png
  2. All you drives will show here, make sure your USB is plugged in before opening the program, now choose the drive you want to encrypt. I have chosen drive “G:”2 choose drive to encrypt.png
  3. The next screen will prompt you to choose unlock method, for now lets choose password, and type in that password (Remember that Password Yo will use it to unlock your drive every time).3 select password.png
  4. On the next screen I would suggest you save that recovery key as a text file, and store it somewhere not on that drive. You will use it some day when you forgot your password to recover that password.4 choose recover key method.png
  5. Choose a folder to save your recover key5 save recovery.png
  6. This is what your recovery key looks like, but yours will be different.6 recovery key.png
  7. Next screen click on start Encryption, you might want to move all your files in your USB to your computer before encryption because it will lessen the encryption time, and move them back when you are done with encryption. But if you are encrypting you local disk, grab  pop corns cause you will be there for a while 🙂7 start encryption.png
  8. After the encryption has finished, this is what you will see the next time you try accessing files on that USB. Depending on your trust issues you can check the block where it says” Automatically unlock drive on this computer” then only that computer will not require password to unlock it, other computers will have to get in line for the password.8 enter password to open drive.png

 

Enjoy and don’t forget to share and subscribe

Easy access to all Chrome Passwords

Every time you logged on to Facebook, or any account on a website for that matter using Chrome or other browsers that haven’t been invented yet(I.E) you will get a pop up asking you to  save your password for easy login later, if you are certain that you are the only person who uses that computer well then good, go love your family or do something heart warming, but if not, well read up (meant to say listen up),  DON’T EVER SAVE PASSWORDS ON AN INTERNET BROWSER. Here is why, I will take you through decryption of chrome password encryption, it is so easy you won’t believe your marbles.

  1. Head over to settings1 settings.png
  2. Scroll down and click Show Advanced settings2.show advance settings.png
  3. Click on Manage Passwords3manage passwords.png
  4. From here you can see all saved passwords, and to see beyond the dots or starts click on “Show” and if you the person clicking show on your computer knows your password for the computer, all your online Passwords will be easy pickings4enter computer pass.png
  5. I know it looks a bit secure right? If you don’t share your user’s passwords you safe right? Well no. and here is why and how, choose the account you want to see the password in plain text. Logging into that site, it is not hard just click on next, Password already saved.4.5relogin.png
  6. After click next, you will see the password in dots (encrypted), highlight the password and then right click.6high light passwordinspect element.png
  7. Now the fun stuff, click on Inspect. If you are using other browser it might be “Inspect  element info” And here is what you should see. Your focus area is the red box.7double click on password.png
  8. Leave everything as it is but double on the password, next to “type=”8change type.png
  9. Change “Password” to ” text” and press entertype text and press enter.png
  10. And finally all your passwords out there for anyone to play around with, online life ruined and the pain and the man hours of starting over again, just DON’T SAVE PASSWORDS AND TEMPT PEOPLE.dadada password.png

Before you click I have read terms of service!

We have clicked ‘I have read and understood terms of service’ countless times without reading them, I am guilty of that too, but I was actually curious as to what I was accepting my life away to, so I decided to start reading them, and to my surprise it was a long online document composed of 256 pages, I did not understand how and when was I expected to finish that, so I went back to clicking accept, but I just had to know. So I compiled this blog post of what I found on the internet, you will find links to references at the bottom of the post.

But what are Terms of Service (ToS)?

Terms of service can be viewed as a contract you sign before you use the services of a website or application. It outlines what is required of you, and what is regarded as acceptable behaviour and what is not. All of this is to prevent abuse and to promote safety for fellow browsers and you must agree to it before having access to it or some parts of it.

From what I gathered on the internet there are different classes of ToS. The following is a list ranged from good “Class A” to a not so friendly “Class E” of websites we use on a daily basis.

Class A (SeenThis)

  • You are free to choose your copyright license
  • You can get your data back
  • Right to leave the service

 

Class B (GitHub)

  • You don’t grant any copyright license to GitHub
  • Changes can happen any time, sometimes without notice
  • You shall defend and indemnify GitHub Your personal information is used for limited purposes
  • Your account can be suspended and your data deleted any time for 

 

 Class C (Google)

  • Google keeps your searches and other identifiable user information for an undefined period of time
  • Google can use your content for all their existing and future services
  • This service tracks you on other websites
  • Google can share your personal information with other parties
  • Google may stop providing services to you at any time

 

Class D (YouTube)

  • Terms may be changed any time at their discretion, without notice to the user
  • They can remove your content at any time and without prior notice
  • The copyright license is broader than necessary
  • Reduction of legal period for cause of action
  • Deleted videos are not really deleted

Class E (TwitPic)

  • Twitpic takes credit for your content
  • Your content is for Twitpic and their partners
  •  Reduction of legal period for cause of action
  • You indemnify Twitpic from any claim related to your content
  •  Deleted images are not really deleted

So there you have it, a bit of sneak peek into the heart of ToS. But I haven’t answered your question right? What are you accepting your life away to? Here is  general building blocks of ToS.

TERMS AND CONDITIONS.png

To expand on the idea, here is what each section means.

  • Intellectual Property – This disclosure informs people that whatever media unique to your site is your property that is protected by copy rights law, and that will be your website, your web logo, creative visuals etc.
  • Termination – This will inform users that you reserve the right to terminate or limit user’s access to your website in cause of any rule violation.
  • Governing Law – This includes the country’s law concerning computer fraud and abuse and the implications of violating the laws. This will be the country that is hosting the website, and or where the headquarters of your company is at. This tends to be tricky because WordPress blogs are hosted in America and anyone around the world can create a blog hosted by WordPress.
  • Links to Other Web Sites This clause indemnify you from taking responsibility from any third-party webs links that are on your website. Your users should note that links provided do not necessarily express your views on that website and they have the right to open the link or not, and if they choose to do so, they should know it is their own risk. And also make themselves familiar with that website’s terms of service.

Okay, but now what is End User-License Agreement?

I also thought that a blog criticizing how long ToS are would be short too, but no, short doesn’t always means good. Now EULA, as it is referred to, is an agreement  between someone who purchases, installs, or downloads software, and the licensor or provider of the software. Same contract analogy but with software.

I can’t leave you without an example of course, I am not a monster.

EULA.png

So there you have, do not just accept but if you must do, at least you have a rudimentary idea of what you are accepting.

References:

  1. Terms of Service Classes
  2. Terms of Service Template
  3. End User-License Agreement Template