Showing posts sorted by relevance for query encryption. Sort by date Show all posts
Showing posts sorted by relevance for query encryption. Sort by date Show all posts

SecretLayer: Advanced Steganography Software [Pro Version Download Now]

Posted by Avik Sarkar On 10/31/2012 06:08:00 am

SecretLayer: Advanced Steganography Software [Pro Version Download Now]

Hackers, security professionals and also many other people who are involved in this cyber domain must be familiar with the term 'steganography'. I do believe that many of us have used this finest technique many times, may be some times for fun, or may be some nasty jobs. For those who are not so familiar with Steganography, then it is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. In very simple word its one of finest art of deception. For your information, now a days Steganography has been widely used, or I should say misused by many terrorist organizations for transmitting their hidden messages. One of the most dangerous changeless with Steganography is, researcher can detect whether an image or text is containing hidden message, but so far they can't unveil the inside message. 
Today we will talk about an advanced tool which is designed to tweak the color of specific pixels. The tool is named 'SecretLayer' which lets you encrypt your data (so you're no worse off than before) and then hide that encrypted data in ordinary images, like the ones used every day on all websites and email attachments. 

The Pro version of Secret Layer supports encryption of your data: -




  • Encryption type: AES, Key length: 128, 196, 256 (bits)
  • Encryption type: Blowfish, Key length: 128, 196, 256, 384, 448 (bits)
  • Encryption type: Cast-128, Key length: 40, 64, 128 (bits)
  • Encryption type: Cast-256, Key length: 128, 160, 192, 224, 256 (bits)
  • Encryption type: DES, Key length: 64 (bits)
  • Encryption type: IDEA, Key length: 128 (bits)
  • Encryption type: RC5, Key length: 64, 128, 192, 256, 384, 448, 512, 1024, 1536, 2040 (bits)
  • Encryption type: Twofish, Key length: 128, 192, 256 (bits)



    • A container with the encrypted data is hidden inside of an ordinary-looking image. This is all done automatically and in the background: you don't have to do anything extra. To download SecretLayer click Here. Earlier I told you that Steganography is on the finest way of hiding your secrete message, besides it contains many threats, as it has been widely used by criminals for transmitting messages. So far those hidden contains can not be decrypted easily. So now its upto you, that how will you use such tools. Remember one lesson which we have already learnt from a Famous movie SpiderMan, that is 'With greater power there comes greater responsibility...'. So I urge you not to use such tools for negative purposes. 






    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Quantum Encryption Will Stop Hackers -Researchers Claimed

    Posted by Avik Sarkar On 4/07/2012 10:51:00 pm

    Researchers Developing Quantum Encryption To Stop Hackers

    The number of cyber-crime, hacktivism is kissing the sky, there is no doubt that hackers are constantly dominating the entire system & as expected the graph of cyber threat is rising higher & higher. To get rid of these researchers from the University of Toronto and the University of Vigo is developing quantum encryption method to foil hackers. Researchers say quantum encryption is what will finally stop hackers. University of Toronto Professor Hoi-Kwong Lo, a faculty member in The Edward S. Rogers Sr. Department of Electrical & Computer Engineering and the Department of Physics, as well as his team consisting of Senior Research Associate Dr. Bing Qi and Professor Marcos Curty of the University of Vigo, say they have found a new quantum encryption method that can trip up even the most sophisticated hackers. In an exclusive report ZDnet described- Quantum cryptography ensures that any attempt by an eavesdropper to read encoded communication data will lead to disturbances that can be detected by the legitimate user. As a result, quantum cryptography allows the transmission of an unconditionally secure encryption key between user1 and user2, even in the presence of a potential hacker, user3. The encryption key is communicated using light signals and is received using photon detectors. The encryption key in quantum cryptography isn’t some super-long password. Instead, it’s made up of light signals and photo detectors. In previous versions of the quantum key distribution (QKD) method, hackers could alter commercial QKD systems. In other words, the challenge is that user3 can intercept and manipulate the signals. Quantum hacking occurs when light signals subvert the photon detectors, causing them to only see the photons that user3 wants user2 to see.
    Now, Professor Lo and his team say they have come up with a solution to the untrusted device problem: the “Measurement Device Independent QKD” method. While a potential hacker may operate the photon detectors and broadcast measurement results, the two users no longer have to trust those measurement results. Instead, they can simply verify the hacker’s honesty by measuring and comparing their own data. This works because when user3 attempts to manipulate the photons that transmit quantum data, he or she also inevitably introduces subtle changes in the data stream. In Measurement Device Independent QKD, the two users send their signals to an untrusted relay, user4, who may or may not be controlled by user3. This fourth party performs a joint measurement on the signals, providing another point of comparison.
    “A surprising feature is that [user4]’s detectors can be arbitrarily flawed without compromising security,” Professor Lo said in a statement. “This is because, provided that [user1] and [user2]’s signal preparation processes are correct, they can verify whether [user3] or [user4] is trustworthy through the correlations in their own data following any interaction with [user3/user4].” A proof-of-concept measurement has already been performed. Professor Lo and his team are now developing a prototype, which they expect will be ready within five years.



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Security Experts Are Saying: Project 25 Mobile Radios Are Vulnerable

    Posted by Avik Sarkar On 8/27/2011 02:51:00 am


    Many users don’t know how to use encryption, and radios can be jammed with a child’s toy. A paper presented at this year’s APCO conference showed the vulnerability of some new and expensive encrypted digital mobile radios, particularly those used by federal law enforcement agencies. The researchers from the University of Pennsylvania found that it was very easy to monitor sensitive law enforcement operations, that users either didn’t turn on their encryption or thought their transmissions were encrypted when they weren’t, and that a $30 child’s toy could corrupt the radios’ signals enough to make them useless. They also found a way to make the radios transmit at will, so that direction-finding equipment could be used to determine their location.
    The radios with the identified problems operate on a relatively new protocol called Project 25 (P25). P25 is an initiative of the Association of Public Safety Communications Officers (APCO) and both users and manufacturers of radio equipment. P25 radios use digital transmissions on channels spaced 12.5KHz apart in the UHF and VHF bands. One of the objectives of P25 is to expand the number of channels available for use in the crowded radio spectrum. Presently, federal law enforcement agencies are the biggest users of P25 equipment, but other public safety organizations are adopting the standard as they replace their “legacy” radios. Eventually, all users in the VHF and UHF bands will be required to go to P25 equipment, as their licenses to operate on the broader channels and with analog equipment won’t be renewed by the FCC.
    Traffic over P25 equipment is transmitted in digital form, as bits of ones and zeros, rather than as an analog waveform as with older radios. The body of voice or data traffic is preceded and followed by several data frames of different lengths that identify the source, the type of information (voice or data) that follows, and when the traffic is encrypted, encryption keys that prevent the transmission from being heard by a radio which doesn’t have the matching codes. The authors of the paper found that the markings on the radios that turned the encryption on or off were so cryptic themselves that many of them thought they were transmitting encrypted, when they were actually sending “in the clear.” The knobs and indicators for encryption were poorly located, making it easy to turn encryption on and off while adjusting the volume or changing radio channels.

    There are blocks of frequencies allocated for the exclusive use of federal law enforcement agencies. These are allocated by the National Telecommunications and Information Administration, and are not published, as are FCC-allocated channels. The allocation is made by both region and user agency, so that a channel used by the FBI in New York might be the one used by the U.S. Forest Service in Boise. Even though the assignments are confidential, the researchers were able to scan the federal bands in two large U.S. cities and monitor ongoing operations at length. The encryption problem became obvious, as users openly discussed names and descriptions of informants, appearance and vehicles of undercover agents and surveillance operators, and plans for raids and arrests. The researchers used a $1000 bench-type receiver, but indicated that the same task could be accomplished with gear from Radio Shack.
    Techies are familiar with the acronym “RTFM,” or “Read the [Bleeping] Manual.” The manual for a P25 radio from one well-known manufacturer is 150 pages long. On top of that, most P25 radios are user-configurable, so that combinations of button presses and switch settings set the radio to work in specific ways the owner agency thinks is appropriate. The net effect is that — in addition to the 150-page manual — each agency has to publish their own user manual if they want their users to understand all the functions of the radio and how to use them. Of course, getting the users to read those manuals is another matter.

    Digital communications has several advantages over analog, one being that if a portion of a transmission is not received or corrupted in sending, an error-correction protocol identifies it and sends a request for a re-send. The University of Pennsylvania researchers found they could manipulate this mechanism and send a string of renegade error messages to a radio, triggering a string of retransmit requests. There would be no retransmit, as the messages pointed to a nonexistent message stream, but the nearly continuous transmission could be used with a direction finder to pinpoint the location of the radio. Someone who was running countersurveillance on law enforcement users would be able to tell by this method when officers were active, and where they were.

    A variation on the data packet manipulation worked to disable the radios entirely. The researchers purchased a toy text messaging device called an IM-Me http://uk.girltech.com/electronics-imMe.aspx , which sends and receives text messages between a computer and the toy, which looks like a text pager. By loading some custom firmware onto the device, it could be set to transmit corrupted data packets to P25 radios and confound their reception. The device had to transmit these packets for milliseconds at a time, making it very difficult to locate and identify.
    The authors of this paper are all “good guys” who have no agenda for compromising public safety communications, but if they can produce the hardware and software necessary to manipulate P25 radios, you can bet someone with less honorable motives can, as well. These new P25 radios are expensive; one available from Midland costs $3295. Hopefully, that custom-configuration capacity can be used to modify the radio firmware and close some of these security gaps. In the meantime, if your agency is using or contemplating a purchase of P25 radios, you should revisit your security procedures and contact your vendor to determine how vulnerable your communications may be.

    -News Source (Tim Dees & Police One)

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Microsoft offers keyboard with 128-bit encryption

    Posted by Avik Sarkar On 6/04/2011 04:53:00 pm


    Microsoft has unveiled the new Wireless Desktop 2000, a keyboard and mouse combo for $40. You can buy it now from Microsoft.com, though you should note that it requires either Windows XP (excluding Windows XP 64-bit), Windows Vista, or Windows 7. The Wireless Desktop 2000 includes Microsoft's first keyboard that features Advanced Encryption Standard (AES) 128-bit encryption – the same technology trusted by the US government to secure their wireless connections and which industry leaders consider to be one of the most secure encryption standards. AES is a unique pre-programmed 128-bit encryption key designed to help prevent your keystrokes, which are transmitted over-the-air, from being intercepted and deciphered. The keyboard also includes a pillow-textured palm rest for added comfort and caters to multitaskers with Taskbar Favorites for Windows 7.  The included Wireless Mouse 2000 features enhanced side grips, an ambidextrous design (meaning it can fit either hand), and also includes a Tilt Wheel for easy side-to-side scrolling. It uses Microsoft's BlueTrack technology, which means it can works on virtually any surface (except glass and mirrored surfaces). All of Microsoft's keyboards and mice come with a worldwide three-year limited hardware warranty.
    This appears to be a decent keyboard and mice combo for the price, but the addition of encryption is puzzling. Is Microsoft trying to tap into the paranoid market?

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Twitter is Offering SSL Encryption For Some Users

    Posted by Avik Sarkar On 8/25/2011 12:57:00 pm

     
    Twitter is slowly turning on automatic encryption on its website, a move following other major providers of web-based services to thwart account hijacking over wireless networks. Twitter has offered an option for users to turn on SSL (Secure Sockets Layer) encryption, but said on Tuesday that it will turn the feature on by default for some users. It did not indicate when the option would be turned on by default for all users.
    SSL encryption, indicted by "https" in the URL bar and sometimes a padlock in the browser window, is an encryption protocol used to protect communication between a client and a server. It is important to use because unencrypted information passed over wireless networks can be intercepted.
     


    To Know more about this topic Click Here


    -News Source (Twitter & PC World)

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    New enterprise security solutions for Sophos

    Posted by Avik Sarkar On 5/22/2011 09:31:00 pm





    IT security and data protection company Sophos has announced several new products on its enterprise security line-up, including a new light-weight mobile security platform designed for use on a wide range of mobile communication devices. Sophos Mobile Control provides protection on devices including Apple iPhones, iPads and Google Android and Windows Mobile devices. The system is designed to allow IT administrators to secure, monitor, and control configurations for smartphones running Apple iOS, Google Android and Windows Mobile operating systems. Sophos Mobile Control features a web-based console which allows IT administrators to centrally configure security settings, enable lockdown of unwanted features; and remote over-the-air lock or wipe if a device is lost or stolen. The web-based console is also designed to allow a constant monitoring of mobile devices to ensure consistent security policy enforcement, strong password policies and lock periods and ensure the control and installation of applications. The console also allows users to block the use of cameras, browsers, and sites such as YouTube. The service allows users to register new devices, lock or wipe devices on a self-service portal. It also controls access to corporate email via a secure gate allowing only properly secured and registered devices to access email. "Today, iPads, smartphones, and laptops are everywhere and connected to the web at all times. Mobile technology has allowed today's workforce to be far more productive but it has also opened up a new can of worms for IT teams as they must ensure that the data on those devices - especially the non-company-issues ones - are encrypted at all times no matter where the end user is. Sophos Mobile Control quickly and efficiently protects data on all iOS and Android mobile devices, giving those IT departments' peace of mind that their end users' devices are fully protected," said Matthias Pankert, head of Data Protection Product Management, Sophos. The second enterprise security product now available from Sophos is Sophos SafeGuard Enterprise 5.60, which provides encryption and data loss prevention (DLP) for desktops, laptops and removable media. SafeGuard is now designed to comprehensively manage all encryption options that fully support hardware drives, including Opal, software-based encryption, and hardware encrypted USB. It is also designed to manage enhancements to the latest versions of Sophos Endpoint Security and Data Protection. The new SafeGuard system is designed to provide up to 30 percent higher read/write throughput on solid state drives compared to the previous version. The software also reduces performance overhead with multiple central processing unit (CPU) processors running in parallel to minimise performance overhead of encryption and decryption, according to Sophos. It also includes active directory synchronisation; automatic event log; deletion; and enables scheduling of custom scripts for reoccurring tasks. "The explosion of smartphones and tablets, and especially the applications for these mobile devices, has pushed the presence of our corporate data even further out of the corporate data center.  The ability to protect our clients by maintaining security controls around this data is critical for businesses, especially financial services companies," said Pat Patterson, Information Security architect from Raymond James. The third software announcement from Sophos is the Sophos Endpoint Security and Data Protection 9.7 (Sophos ESDP), which id designed to deliver advanced labs intelligence via a single agent that enhances protection against zero-day and web-based threats along with real-time feedback to security and application policy settings via the cloud using Sophos Live Protection technologies. According to Sophos, the latest upgrade to Sophos ESDP (9.7) also includes encryption, data loss prevention, network access control, device control, application control, management, and reporting. The software is also designed to provide location-aware intelligent updating for mobile workers and extended tamper protection to help stop users from turning off key Sophos protection features, including anti-virus protection, updates, and client firewall. Sophes EDSP will also minimise computer CPU and disk I/O usage during while optimising  performance when users are active or away, according to the company. "IT organisations are facing unprecedented challenges securing their users, corporate data and infrastructure on consumer, mobile and cloud devices and platforms they do not own or control. It is incumbent upon security vendors to adapt and provide solutions that provide a full arsenal of protection against security threats and data loss, yet flexible and lightweight to protect users on any device, in any location," said Arabella Hallawell, vice president of Corporate Strategy, Sophos.

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

    Posted by Avik Sarkar On 10/07/2012 07:39:00 pm

    BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

    Now a days users of tablet is increasing everyday. Millions of people across the globe are using tablet for both personal and professional purposes. While the number of users and purposes of using tablet are rising, besides the matter of privacy and security arises. There are many companies who are manufacturing tablet, but before choosing, we should know which one is secured than others. According to a recent report by Context Information Security -the PlayBook of BlackBerry is the only device among three top tablets that gives users a good, safe division between their work and personal computing, a recent technology audit concluded.  The report faulted the PlayBook, as well as the Apple iPad and the Samsung Galaxy Tab, for default settings that don't automatically encrypt backups, and for not offering complementary and compatible tools for IT teams to manage a large number of devices at the business level. According to Jonathan Roach, Principal Consultant at Context and author of the report "While the iPad and BlackBerry PlayBook performed better, both still have security deficiencies -- including desktop software that fails to encrypt backups by default." He also said "Context found the PlayBook to be the most work-ready personal tablet of the three, due to its Bridge application's excellent support of barriers between work and personal profiles," 
    According to report by contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its "robust data protection and damage limitation facilities," but said on its news page that the device was still vulnerable to jailbreak attacks and "ineffective disk encryption unless a strong passcode policy is applied." 
    The report also found the Galaxy Tab's security features to be the least work-play ready, with weak disk-encryption support. The Galaxy Tab's lack of tools tailored to enterprise use makes it "very difficult to manage more than a small number of Galaxy Tabs in an enterprise environment," a point Apple also falls short on. The report criticized the Galaxy Tab's encryption as well. Even with encryption enabled, the report found that Samsung's device still "allows badly-written apps to store sensitive information on the unencrypted SD card." The report also praised all three tablets for their support of Exchange ActiveSync, a feature that allows crucial security settings to be managed from a central server running Microsoft software. But the study noted important differences among the devices that may make some tablets more appropriate for dual use in both the home and the office.
    "Despite that security advantage, RIM only managed to ship 130,000 tablets last quarter. By contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its 'robust data protection and damage limitation facilities,' but said on its news page that the device was still vulnerable to jailbreak attacks and 'ineffective disk encryption unless a strong passcode policy is applied" -Jonathan added


    To Download the full Report Click Here


    -Source (Context Information Security & NBC News)


    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Microsoft Announced Three Editions of Windows 8 Along With Key Features

    Posted by Avik Sarkar On 4/19/2012 06:51:00 pm

    Microsoft Announced Three Editions of Windows 8 Along With Key Features

    Earlier we have discussed on Consumer Preview Windows 8 & Windows 8 Developer Preview. Now In the official blog post Microsoft Windows Communications Manager Brandon LeBlanc Microsoft announced three editions of its upcoming Windows 8 platform: Windows 8, Windows 8 Pro and Windows RT, which was previously known at Windows on ARM, or WOA. According to Brandon LeBlanc’s post, Windows 8 Pro will include everything in Windows 8 along with advanced features such as encryption, virtualization, PC management and domain connectivity. Windows 8 Pro users will also be able to purchase Windows Media Center as a cheaper add-on. Microsoft recommends Windows 8 (the entry-level, limited functionality edition) for home use. As usual, this edition does not include BitLocker hard drive encryption, EFS file encryption or the ability to boot from a VHD. It is also not possible to access it using Remote Desktop (host). Computers running this edition are also unable to join domains and can't be managed using group policies. All these functions are reserved for Windows 8 Pro, as is the Hyper-V client for desktop visualization

    Key Features:- 

    Feature name Windows 8 Windows 8 Pro Windows RT
    Upgrades from Windows 7 Starter, Home Basic, Home Premium
    x
    x
    Upgrades from Windows 7 Professional, Ultimate x
    Start screen, Semantic Zoom, Live Tiles x x x
    Windows Store x x x
    Apps (Mail, Calendar, People, Messaging, Photos, SkyDrive, Reader, Music, Video) x x x
    Microsoft Office (Word, Excel, PowerPoint, OneNote) x
    Internet Explorer 10 x x x
    Device encryption x
    Connected standby x x x
    Microsoft account x x x
    Desktop x x x
    Installation of x86/64 and desktop software x x
    Updated Windows Explorer x x x
    Windows Defender x x x
    SmartScreen x x x
    Windows Update x x x
    Enhanced Task Manager x x x
    Switch languages on the fly (Language Packs) x x x
    Better multiple monitor support x x x
    Storage Spaces x x
    Windows Media Player x x
    Exchange ActiveSync x x x
    File history x x x
    ISO / VHD mount x x x
    Mobile broadband features x x x
    Picture password x x x
    Play To x x x
    Remote Desktop (client) x x x
    Reset and refresh your PC x x x
    Snap x x x
    Touch and Thumb keyboard x x x
    Trusted boot x x x
    VPN client x x x
    BitLocker and BitLocker To Go x
    Boot from VHD x
    Client Hyper-V x
    Domain Join x
    Encrypting File System x
    Group Policy x
    Remote Desktop (host) x

    Announcing the Windows 8 Editions:-  
    "First, Windows 8 is the official product name for the next x86/64 editions of Windows.
    For PCs and tablets powered by x86 processors (both 32 and 64 bit), we will have two editions: Windows 8 and Windows 8 Pro. For many consumers, Windows 8 will be the right choice. It will include all the features above plus an updated Windows Explorer, Task Manager, better multi-monitor support and the ability to switch languages on the fly (more details on this feature can be found in this blog post),which was previously only available in Enterprise/Ultimate editions of Windows. For China and a small set of select emerging markets, we will offer a local language-only edition of Windows 8.
    Windows 8 Pro is designed to help tech enthusiasts and business/technical professionals obtain a broader set of Windows 8 technologies. It includes all the features in Windows 8 plus features for encryption, virtualization, PC management and domain connectivity. Windows Media Center will be available as an economical “media pack” add-on to Windows 8 Pro. If you are an enthusiast or you want to use your PC in a business environment, you will want Windows 8 Pro.
    Windows RT is the newest member of the Windows family – also known as Windows on ARM or WOA, as we’ve referred to it previously. This single edition will only be available pre-installed on PCs and tablets powered by ARM processors and will help enable new thin and lightweight form factors with impressive battery life. Windows RT will include touch-optimized desktop versions of the new Microsoft Word, Excel, PowerPoint, and OneNote. For new apps, the focus for Windows RT is development on the new Windows runtime, or WinRT, which we unveiled in September and forms the foundation of a new generation of cloud-enabled, touch-enabled, web-connected apps of all kinds.  For more details on WOA, we suggest reading this blog post which shares more detail on how we have been building Windows 8 to run on the ARM architecture..."



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Cracking Bin Laden's Hard Drives

    Posted by Avik Sarkar On 5/06/2011 09:34:00 pm

















    According to the New York Times, "the team found a trove of information and had the time to remove much of it: about 100 thumb drives, DVDs and computer disks, along with 10 computer hard drives and five computers. There were also piles of paper documents in the house."
    An unnamed U.S. official told Politico that the Navy Seals had recovered "the mother lode of intelligence," and that hundreds of people were already at work analyzing it at a secret base in Afghanistan.
    "They're very likely to get a lot of really good, actionable intel off of these devices," since Osama bin Laden apparently had no direct connection to the Internet, said Greg Hoglund, CEO of security software and consulting firm HBGary, Inc., in a telephone interview. "So all of his work was done with outside couriers … and information that's coming and going is probably on thumb drives and DVDs, media like that," meaning that they likely stored important operational information.
    According to Hoglund, the effort to recover Osama bin Laden's data likely started with--and was part of--the raid, in a process that's known as battlefield exploitation, which seeks to extract as much data as possible while in the field. That's because it's much easier to extract information from a computer that's still running. Even if a hard drive employs encryption, if the drive is still mounted, then it's vulnerable. Furthermore, if the team can take physical memory RAM snapshots of a live device, this can help crack any encryption.
    Here's how the process works, said Rob Lee, a director at information security company Mandiant and a fellow at The SANS Institute, in a telephone interview: A military team will secure a location but not touch the computers. Next, computer experts--typically, contractors--traveling with the team come in and do a "clean takedown" of any machines. Little if any "deep dive" data analysis will be performed in the field, except perhaps some quick analysis in search of "low-hanging fruit," for example to note on a captured cell phone any phone numbers that the target recently called, or any recently sent emails. But the true payoff comes when intelligence analysts compare the captured data with "the hundreds of terabytes of data that they've already gathered over many years," for example to see how names, email addresses, and phone numbers match up.
    The goal isn't just to recover data, but to rapidly understand its intelligence context. "Instead of standard forensics, the terminology is called media exploitation, and in the intel community, that word has a high value to it," said Lee. He said the practice dates from the start of the Iraq War.
    Interestingly, both the data on the recovered devices as well as the devices themselves may provide valuable clues. That's because every USB storage device has its own serial number, which can be retrieved from any computer to which it's been connected. "You're able to track that USB device in every system it's touched," said Lee. That may help analysts better understand how the courier network operated, especially if the storage devices match up with previous PCs that they've encountered.
    The raid on Osama bin Laden's compound reportedly lasted 38 minutes, and recent accounts suggest that the facility may have been secured relatively quickly. That would have left time for computer specialists to go to work.
    "To process a computer that's in a running state, you're probably talking about 15 to 30 minutes," said HBGary's Hoglund. "A guy has a toolkit--a hardened briefcase, he sits down, plugs it in," and it provides him with a full view of what's on the RAM chips, and also allows him to image the hard drive. In addition, a subset of the information can be transmitted via VSAT--a very small, two-way satellite communications system--to intelligence analysts in for immediate study.
    What happens, however, if computers are powered off, as well as encrypted?
    "If you're doing encryption on the drive properly, meaning you've done your research, looked at the solutions, you follow best practices, have a strong key, and don't have a weak passphrase, then it will probably never be decrypted. Because drive encryption done properly is extremely difficult, it ends up being a brute-force problem," said Hoglund.
    To try and recover data in such situations, he said one standard practice is to remove the drives to an analysis facility that has crackers built using large arrays of field-programmable gate array chips. If a strong passphrase can be broken, that approach will do it within a week, or not at all. "It's like the event horizon--it's the threshold of tolerance," he said.
    But given Osama bin Laden's use of couriers--who might not be computer-savvy, and who may have needed to operate from places like Internet cafes--"I wouldn't be surprised to find out that they weren't using any type of encryption," said Hoglund.

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Advanced Encryption Standard (AES) Cracked

    Posted by Avik Sarkar On 8/23/2011 05:09:00 pm


    AES stands for Advanced Encryption Standard. It is a specification for the encryption of electronic data. It was first implied by US government. Today its is used to secure the top-secret government documents to online banking transactions. Recently cryptographers have discovered a way to break this encryption. The technique was revealed in Crypto 2011 cryptology conference in Santa Barbara, California.

    The research is the combine work of Mr. Andrey Bogdanov of Katholieke Universiteit Leuven,Mr. Dmitry Khovratovich of Microsoft and Mr. Christian Rechberger of Ecole Normale Superieure

    In this technique, the attacker is allowed to recover AES secret keys up to five times faster than previously possible. It introduces a tact known as biclique cryptanalysis to remove about two bits from 128-, 192-, and 256-bit keys. This research is groundbreaking as it is the first method of breaking single-key AES that is faster than brute force. 

    To download the Research Paper Click Here

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    eCrypt Me & eCrypt One On One -Incredible Email Security Solution (More Security & Privacy)

    Posted by Avik Sarkar On 3/23/2012 03:44:00 pm

    eCrypt Me & eCrypt One On One- Incredible Email Security Solution (More Security & Privacy

    To implement more security and privacy eCrypt Technologies has developed two incredible email security solutions in the United States. ‘eCrypt Me’ and ‘eCrypt One On One’ are the two latest security solutions which are cost-effective, user-friendly and easy to use. Both solutions are available on a trial basis on the company’s website. ‘eCrypt Me’ is a web based email security solution that offer a secure environment to users of all types of email. ‘eCrypt One On One’ is an email encryption software for BlackBerry smartphone users. Both of the email security solutions use a combination of AES256 and ECC521 algorithms to secure all data. According to Brad Lever, CEO of eCrypt technologies - “Our goal is to provide the highest level of security to users across the world. We believe in making security solutions simple yet effective, so that implementation of our solutions does not become a headache for our users”

    Brief Description:- 
    ‘eCrypt Me’ offers a web based email encryption, secure file storage and secure document sharing platform to all existing email addresses, whether its Gmail, Yahoo Mail, Hotmail, POP, IMAP, Exchange, GroupWise, or other. Users can use their existing email identities to send and receive emails on the platform. The web based email security solution includes a secure File Vault which secures online document storage and file sharing. The email security solution is very easy to use and secured data in unsecured, public, free Wi-Fi environments, preventing unauthorized data interception threats. For BlackBerry smartphone users, ‘eCrypt One on One’ provides the highest level of encryption, unbeatable by hackers. The encryption software is downloaded directly to the smartphone and embeds itself into the BlackBerry operating system. The software generates unique random key sets for each contact. Users can select which messages to encrypt by adding contacts to the software’s Secure Contact List. ‘eCrypt One on One’ has been designed to encrypt emails sent between two people. 

    For More information & to use eCrypt Click Here



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    XML Encryption Cracked By Researchers Of Ruhr University

    Posted by Avik Sarkar On 10/30/2011 04:26:00 pm



    Researchers at the Ruhr University of Bochum (RUB) say they have succeeded in cracking parts of the XML encryption used in web services, thus making it possible to decrypt encrypted data. The official W3C XML encryption specification is designed to allow the secure transmission of information between different e-commerce and financial systems. The attack is limited to where AES is used for encryption in the cipher-block chaining (CBC) mode; other techniques, such as using an RSA key and X.509 certificates, are not susceptible.
    According to the researchers, IBM, Microsoft and Red Hat Linux use the standard solution in web service applications for a number of large customers. The researchers say that, based on their findings, the standard should now be considered insecure. They plan to publish details about the problem at the upcoming ACM Conference in Chicago (ACM CCS 2011).



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    iPhone passcodes got hacked by Russian security firm

    Posted by Avik Sarkar On 5/25/2011 10:58:00 pm




    Apple devices running the latest iOS version 4 are now susceptible to having their passcodes hacked. This would allow someone complete access to your stored data.
    Russian security firm ElcomSoft claims to be the first company to have cracked the encryption system used to protect the iPhone, iPod touch and iPad. Alarmingly, it plans to sell the software to the highest bidder.
    The hack, which requires direct access to the mobile device, involves a combination of brute force attack (trying out every likely combination of a password) and breaking the encryption system itself.
    ElcomSoft admits that "explaining what we did to break this encryption is not exactly easy", but it basically involved decrypting security keys which are generated as a combination of the unique device ID and the user's passcode.
    The hack somewhat relies on user reluctance to implement strong passwords. iOS devices allow the use of four-digit passcodes, akin to PINs, which are fairly easy to remember and enter on the touchscreen. As there are only 10,000 available combinations, finding the code shouldn't take long.
    It's also possible to use longer passwords, but they require use of the on-screen keyboard in portrait mode, and can become a pain to enter every time the device needs to be unlocked. As with all password choices, using longer, non-dictionary words make Apple's mobile devices virtually uncrackable. This is particularly true if the backups stored in iTunes are also protected.
    ElcomSoft is planning to sell its cracking software, but promises it will only distribute to "established law enforcement, forensic and intelligence agencies." We'll resist the urge to get political, and leave it to your imagination who might end up with this software. That's assuming it's not already on BitTorrent.
    What isn't clear is whether the Apple's "nuke" function, which can be set to wipe data after a number of failed authorisation attempts, kicks in or if that has somehow been sidestepped.
    Our advice? Don't put sensitive stuff on your iPhone or iPad. If your iPhone is stolen or confiscated, you should remotely wipe it.

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Think Android: National Security Agency Disclosed Smartphone Strategy

    Posted by Avik Sarkar On 3/06/2012 08:42:00 pm

    Think Android: National Security Agency (NSA) Disclosed Smartphone Strategy
    The National Security Agency has come up with a security design that currently depends on Google Android smartphones, though the NSA contends it doesn't want to be wedded to any particular smartphone operating system. But its current "Fishbowl" phones, as they are called, are beefed-up highly secured Motorola Android smartphones that use double-encryption for voice traffic and a unique routing scheme for 3G network traffic back to the NSA first for security purposes. This design makes them suitable for classified information sharing with other like smartphones, according to Margaret Salter, technical director at NSA's information assurance directorate, who spoke about the so-called "Fishbowl" project, which today focuses on voice use of smart phones.
    "We wanted to use the commercial standards that are out there," said Margaret Salter, technical director in NSA's information assurance directorate. "We wanted plug and play — but that was hard." The NSA also wants interoperability in order not to be trapped in vendor ok-in, but this is turning out to be hard to achieve. Earlier in January 2012 NSA has released the first public release of the Security Enhanced (SE) Android Project, a program designed to find and plug security holes and risks in the Android flavor of Linux. SE Android is based on the NSA’s SELinux, first released in 2000.
    The NSA looked at SSL VPN as a standard and left no stone unturned in exploring commercial SSL VPN for mobile, but found utter lack of interoperability across vendor products. Salter said NSA also was frustrated with the lack of interoperability in Unified Communications Systems (UCS) products, noting that buying one piece often meant buying several others, there being little evidence of multi-vendor interoperability. So with some frustration, NSA changed to go with an open-source Session Initiation Protocol (SIP) server for the present. NSA also switched its mobile security strategy toward IPSec VPN, where things looked better in terms of interoperability than SSL VPN, and selected the Secure Real-Time Transport Protocol for Voice App and Transport Layer Security (TLS) with keys. This all means "the voice call is doubly encrypted," Salter said. "There's VoIP encryption and IPsec encryption."


    -Source (IT World)




    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage

    Posted by Avik Sarkar On 2/24/2012 10:32:00 pm

    Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage
    Earlier we haev discussed many times about one of the most famous and widely used exploitation framework named Metasploit. Yet again the Rapid 7 released another updated version of Metasploit. This update brings Metasploit to version 4.2.0, adding IPv6 support and virtualization target coverage. You'll also notice a new Product News section and update notification for our weekly updates. Since the last major release (4.1.0), added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads. 
    Brief About Metasploit:- 
    The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.
    Module Changes:-
    •     Novell eDirectory eMBox Unauthenticated File Access
    •     JBoss Seam 2 Remote Command Execution
    •     NAT-PMP Port Mapper
    •     TFTP File Transfer Utility
    •     VMWare Power Off Virtual Machine
    •     VMWare Power On Virtual Machine
    •     VMWare Tag Virtual Machine
    •     VMWare Terminate ESX Login Sessions
    •     John the Ripper AIX Password Cracker
    •     7-Technologies IGSS 9 IGSSdataServer.exe DoS
    •     Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion
    •     DNS and DNSSEC fuzzer
    •     CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
    •     CorpWatch Company ID Information Search
    •     CorpWatch Company Name Information Search
    •     General Electric D20 Password Recovery
    •     NAT-PMP External Address Scanner
    •     Shodan Search
    •     H.323 Version Scanner
    •     Drupal Views Module Users Enumeration
    •     Ektron CMS400.NET Default Password Scanner
    •     Generic HTTP Directory Traversal Utility
    •     Microsoft IIS HTTP Internal IP Disclosure
    •     Outlook Web App (OWA) Brute Force Utility
    •     Squiz Matrix User Enumeration Scanner
    •     Sybase Easerver 6.3 Directory Traversal
    •     Yaws Web Server Directory Traversal
    •     OKI Printer Default Login Credential Scanner
    •     MSSQL Schema Dump
    •     MYSQL Schema Dump
    •     NAT-PMP External Port Scanner
    •     pcAnywhere TCP Service Discovery
    •     pcAnywhere UDP Service Discovery
    •     Postgres Schema Dump
    •     SSH Public Key Acceptance Scanner
    •     Telnet Service Encyption Key ID Overflow Detection
    •     IpSwitch WhatsUp Gold TFTP Directory Traversal
    •     VMWare ESX/ESXi Fingerprint Scanner
    •     VMWare Authentication Daemon Login Scanner
    •     VMWare Authentication Daemon Version Scanner
    •     VMWare Enumerate Permissions
    •     VMWare Enumerate Active Sessions
    •     VMWare Enumerate User Accounts
    •     VMWare Enumerate Virtual Machines
    •     VMWare Enumerate Host Details
    •     VMWare Web Login Scanner
    •     VMWare Screenshot Stealer
    •     Capture: HTTP JavaScript Keylogger
    •     Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
    •     Asterisk Manager Login Utility
    •     FreeBSD Telnet Service Encryption Key ID Buffer Overflow
    •     Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
    •     Java Applet Rhino Script Engine Remote Code Execution
    •     Family Connections less.php Remote Command Execution
    •     Gitorious Arbitrary Command Execution
    •     Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
    •     OP5 license.php Remote Command Execution
    •     OP5 welcome Remote Command Execution
    •     Plone and Zope XMLTools Remote Command Execution
    •     PmWiki <= 2.2.34 pagelist.php Remote PHP Code Injection Exploit
    •     Support Incident Tracker <= 3.65 Remote Command Execution
    •     Splunk Search Remote Code Execution
    •     Traq admincp/common.php Remote Code Execution
    •     vBSEO <= 3.6.0 proc_deutf() Remote PHP Code Injection
    •     Mozilla Firefox 3.6.16 mChannel Use-After-Free
    •     CTEK SkyRouter 4200 and 4300 Command Execution
    •     Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
    •     Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
    •     HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
    •     Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
    •     Java MixerSequencer Object GM_Song Structure Handling Vulnerability
    •     MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
    •     MS12-004 midiOutPlayNextPolyEvent Heap Overflow
    •     Viscom Software Movie Player Pro SDK ActiveX 6.8
    •     Adobe Reader U3D Memory Corruption Vulnerability
    •     Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow
    •     BS.Player 2.57 Buffer Overflow
    •     CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
    •     Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
    •     McAfee SaaS MyCioScan ShowReport Remote Command Execution
    •     Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
    •     MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
    •     Ability Server 2.34 STOR Command Stack Buffer Overflow
    •     AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
    •     Serv-U FTP Server < 4.2 Buffer Overflow
    •     HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
    •     XAMPP WebDAV PHP Upload
    •     Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
    •     Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
    •     HP Diagnostics Server magentservice.exe Overflow
    •     StreamDown 6.8.0 Buffer Overflow
    •     Wireshark console.lua Pre-Loading Script Execution
    •     Oracle Job Scheduler Named Pipe Command Execution
    •     SCADA 3S CoDeSys CmpWebServer <= v3.4 SP4 Patch 2 Stack Buffer Overflow
    •     Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
    •     OpenTFTP SP 1.4 Error Packet Overflow
    •     AIX Gather Dump Password Hashes
    •     Linux Gather Saved mount.cifs/mount.smbfs Credentials
    •     Multi Gather VirtualBox VM Enumeration
    •     UNIX Gather .fetchmailrc Credentials
    •     Multi Gather VMWare VM Identification
    •     UNIX Gather .netrc Credentials
    •     Multi Gather Mozilla Thunderbird Signon Credential Collection
    •     Multiple Linux / Unix Post Sudo Upgrade Shell
    •     Windows Escalate SMB Icon LNK dropper
    •     Windows Escalate Get System via Administrator
    •     Windows Gather RazorSQL Credentials
    •     Windows Gather File and Registry Artifacts Enumeration
    •     Windows Gather Enumerate Computers
    •     Post Windows Gather Forensics Duqu Registry Check
    •     Windows Gather Privileges Enumeration
    •     Windows Manage Download and/or Execute
    •     Windows Manage Create Shadow Copy
    •     Windows Manage List Shadow Copies
    •     Windows Manage Mount Shadow Copy
    •     Windows Manage Set Shadow Copy Storage Space
    •     Windows Manage Get Shadow Copy Storage Info
    •     Windows Recon Computer Browser Discovery
    •     Windows Recon Resolve Hostname
    •     Windows Gather Wireless BSS Info
    •     Windows Gather Wireless Current Connection Info
    •     Windows Disconnect Wireless Connection
    •     Windows Gather Wireless Profile
    For additional information click Here. To Download Metasploit version 4.2.0 for windows & Linux click Here.

     -Source (rapid7)



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Red Hat Enterprise Linux (RHEL) 6.3 Released & Globally Available

    Posted by Avik Sarkar On 6/24/2012 05:41:00 pm

    Red Hat Enterprise Linux (RHEL) 6.3 Released & Globally Available

    Only six months after the release of RHEL 6.2. Red Hat officially announced the global availability of the next minor release of Red Hat Enterprise Linux operating system platform, Red Hat Enterprise Linux 6.3. Couple of months ago we got the Beta of RHEL 6.3 and with this final release Red Hat has tweaked the enterprise grade Linux distribution to add new capabilities in storage, virtualization, security, developer tools, file systems, scalability and performance.

    Highlighted Features :-
    • Developer Tools: In addition to OpenJDK6 support in Red Hat Enterprise Linux 6, the newly introduced OpenJDK7 allows customers running Red Hat Enterprise Linux 6.3 to develop and test with the latest version of open source Java. The Red Hat Developer Day is scheduled for June 26th at the 2012 Red Hat Summit & JBoss World. More about this and other capabilities will be presented, including the Red Hat Enterprise Linux toolset (updated GCC), performance optimization, thread programming and NUMA. For more information about developer day, please visit here.
    • Virtualization: Red Hat Enterprise Linux 6.3 helps smooth migration to a virtualized environment. This is achieved with the help of new Virt-P2V tools that can easily convert a Red Hat Enterprise Linux or Microsoft Windows system running on physical hardware to run as KVM guests. This release implements a more robust mechanism to protect data associated with defunct virtual machines. The method by which virtual disk images are securely wiped has been enhanced to allow greater security and stronger compliance with Payment Card Industry Data Security Standards (PCI-DSS).
    • Security: Users can now use two-factor authentication for securely accessing their Red Hat Enterprise Linux environment. This type of authentication mechanism is more secure than simple password based authentication. Two-factor authentication is being adopted into enterprise environments and is often referenced in industry standards. Red Hat Enterprise Linux 6.3 also includes advanced encryption capabilities so data blocks can be encrypted in parallel by taking advantage of underlying multi-processor capabilities. This is supported by the introduction of AES-CTR (Advanced Encryption Standard Counter Mode) cipher for OpenSSH. AES-CTR is well suited for high-speed networking environments.
    • Scalability: Red Hat Enterprise Linux 6.3 continues to test the outer bounds of scalability for an operating system platform by increasing the maximum number of virtual CPUs (vCPUs) per guest to 160 from 64. This is significantly higher than the 32 vCPU per guest limit for VMware ESX 5.0. The maximum supported memory configuration for KVM guests has also been increased from 512GB to 2TB.
    • File Systems: File system improvements include O_DIRECT support in FUSE (File system in user space). When enabled, all FUSE reads and writes go directly to storage, bypassing the server cache. This capability can lead to more consistent response times and predictable access to data by multiple accessors for certain use-cases, including database writes and deduplication. GFS2 (shared storage file system) can now read and write data to the disks faster than in previous releases for certain use-cases. In addition, file system check utilities for GFS2 can now be used to check the integrity of the older GFS1 file system.
    • Storage: The Logical Volume Manager (LVM) now provides support for RAID levels 4, 5, and 6 to simplify overall storage administration by consolidating all management functions, such as creating and re-sizing volumes, deploying RAID, and taking snapshots into a single interface. It is now possible to deploy Red Hat Enterprise Linux 6 as a FCoE based storage target server providing the high level of reliability and performance available with native Fibre Channel but at a significantly lower cost. This feature complements the FCoE Initiator support that was delivered in Red Hat Enterprise Linux 6.0.
    • Subscription Management: With Red Hat Enterprise Linux 6.3, by default customers can use Red Hat Subscription Management (SAM), an enhanced subscription management capability using X.509 certificates that allows customers to effectively manage subscriptions locally and report on subscription distribution and utilization. This helps facilitate compliance, upgrades, and long-term planning. Customers register their systems using Red Hat Subscription Manager to the Red Hat award-winning customer portal or an instance of Red Hat Enterprise Linux SAM. Customers who used RHN Classic subscription management with prior releases of Red Hat Enterprise Linux, can continue to use it or migrate to Red Hat Subscription Management.



    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    (LPS) Lightweight Portable Security

    Posted by Avik Sarkar On 7/26/2011 01:50:00 pm


    Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). It is a LiveCD distro designed by the US Department of Defense to function as a secure end node, in other words, a safe environment from which to access the web or a remote desktop host. Since the focus is on security, LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive, while providing tools such as a web browser, a file manager in addition to few other small tools. Administrator privileges are not required; nothing is installed! LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization’s private network and is available only on request. We requested for one and are yet to hear back from “them”.
    This livecd is very useful for not for whole organisation but some departments whose employees are on the move or carry critical data in and out of the organisation. In fact there are two version of the lightweight portable securityFREE download. Their brief use is as follows: linux distro available for a
    1. LPS-Public: It includes features designed to allow productive use of the Internet and CAC- or PIV-restricted Government websites from home or while traveling. LPS-Public comes preconfigured with a smart card-enabled Firefox web browser with Java and Flash support, Encryption Wizard-Public, a PDF viewer, a file browser, remote desktop software (Citrix, Microsoft or VMware View), SSH client, and the ability to use USB flash drives. This build does not contain any For Official Use Only (FOUO) material or any customized software. It is a very light distro and needs lesser RAM.
    2. LPS-Public Deluxe: It adds OpenOffice software, which is a Microsoft Office-compatible suite of office applications, and Adobe Reader, which allows PDF files to be digitally signed. A bit heavier distribution, requiring about a Gigahertz of RAM.
    LPS-Public allows general web browsing and connecting to remote networks. It includes a smart card-enabled Firefox browser supporting CAC and PIV cards, a PDF and text viewer, Java, and Encryption Wizard – Public. LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer. Our initial working with the linux distro leads us to believe that after logon, you are taken to a desktop that is rendered via IceWM – the window manager for the X Window Systems. You can use a WiFi connection too, but understandably, there is no support for printers and sound. Surprisingly, given the notoriety the Adobe Flash plugins, the distro includes a fairly recent Firefox with the Flash plugin pre-loaded. It also includes a few more Firefox add-ons. You also get a Remote Desktop client to initiate RDP requests. Another interesting thing we observed is that if you plan on using smart cards and you think that it might not be compatible with LPS, worry not as it has the OEM’s firmware updater built in!
    Features of LPS
    1. LPS differs from traditional operating systems in that it isn’t continually patched.
    2. LPS is designed to run from read-only media and without any persistent storage.
    3. Any malware that might infect a computer can only run within that session.
    4. A user can improve security by rebooting between sessions, or when about to undertake a sensitive transaction.
    Download LPS from the following links:-

    LPS-Public:
    1. LPS-Public ISO version 1.2.2 (LPS-1.2.2_public.iso) here.
    2. LPS-Public ZIP version 1.2.2 (LPS-1.2.2_public_iso.zip) here.
    LPS-Public Delux:
    1. LPS-Public Delux ISO version 1.2.2 (LPS-1.2.2_public_deluxe.iso) here
    2. LPS-Public Delux ZIP version 1.2.2 (LPS-1.2.2_public_deluxe_iso.zip) here

    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Related Posts Plugin for WordPress, Blogger...

    Site search