Playing it safe6 min read . Updated: 17 Oct 2007, 12:58 AM IST
Playing it safe
Playing it safe
From the Kamasutra’s instructions for lovers to communicate without discovery, to Nazi Germany’s famous Enigma Cipher Machine deployed to protect sensitive communications during World War II, the need for information security at various levels has always existed.
From secret coded messages, steganography, writings in invisible ink, pig Latin, spy cams, eavesdropping bugs or international and industrial espionage, people have, through the ages, tried to do various things to protect their information.
Today, your laptops and PCs, with their stockpile of personal and confidential information, make attractive and easy targets for intruders and interlopers. And you don’t need to hire a data vulnerability assessment expert to tell you that. So, rather than stick your head in the sand and believe that no one can touch your data, check out these free security tools and live happily for the moment.
You’re tapping away at your laptop in a cafe (or any public place) and the call of nature summons. What do you do? Pack up and lug your laptop to the loo? Entrust your precious piece of silicon to the anonymous somebody at the next table? Chain it to your table? You don’t need any of these if you have Laptop Alarm installed. Depending on how you set it up, this ingenious 250KB freebie can sound an alarm the moment anyone tampers with your laptop in any way—tries to shut it down or suspend it, log off, remove the power cord or mouse...nay, even so much as move the mouse. Even in office, if you want a coffee but are insecure about your loveable luggable, launch Laptop Alarm and peacefully saunter off patting your post-lunch Buddha belly. No colleague will want to come snooping.
BananaScreen face recognition
You don’t need to envy Saif Ali Khan or his biometric Lenovo Y series laptop. If you have a webcam handy, you can do your own thing with face recognition technology. All for free. BananaScreen is an uncomplicated face recognition solution that makes your mug your password.
Your PC stays accessible and unlocked only as long as you stay put in front of it. Move out of the webcam’s vision for a predefined period and the drawbridge to your cyber castle is drawn up, denying all admittance until you show up again. BananaScreen doesn’t store images on the hard disk or tuck them away on the Internet. Only your face model—based on certain statistics of your facial features saved in a binary format that cannot be read by third parties—is stored locally. Let’s face it, this technology is future proof but not quite foolproof; changes in ambient lighting can deny you admission at times. Next? A retina scanner a la Tom Cruise in Minority Report maybe. Keep your eyeballs on this space.
Self-destructing email is mail that auto-expires. Poof! Simply vanishes or becomes unreadable after a predefined interval, or at the sender’s request. Such email can’t be printed, copied, forwarded, or saved. Why would you want mail to commit hara-kiri? Obviously for mail security: confidential recordless messages; mail tracking; marketing gigs; nosy employers who are always screening your incoming mail; nosier family members; and to register for various Internet services without fear of spam. Here are some interesting online and offline tools that offer a variety of ephemeral mail.
10 Minute Mail
Diceware password generator
For those of you who prefer to depend on the written (or rather typed) word for cloaking all clandestine data, listen up. Keeping your beloved’s/brat’s /dog’s name as your password is the most obvious “secret" that you can have—an “open sesame" to trouble. You’ve heard it before, but hear it again: A password needs to be less overt and less “crackable". The best way to generate a good, strong password is to use a password generator such as Diceware. This particular programme uses dice to select words at random (from a list of about 8,000 random words). Each word is also preceded by a five-digit number to compound the conundrum. Voila! No abracadabra here.
Contrary to what it connotes, this one isn’t about thwarting taverns. It’s about password generation again. PassPub randomly generates a bunch of unique passphrases from a selection of keyboard combinations, chemical elements, post codes, map references, and mnemonics. If you want none of that, go for basic regular passwords that can be from six to 12 characters. All these randomly generated passwords appear on a page and you just copy your pick. No registration is required or personal particulars requested and each generated page of passphrases is exclusive.
Clipperz password manager
Now that you’ve managed to conjure up some pretty complicated and uncrackable passwords, can you really remember them? To keep track of these, you now need a secure online password vault—something you can access wherever you are. And that brings us to a password manager tool like Clipperz. It’s safe, it provides local encryption within your Web browser, it’s free, and it’s also installation-free. Apart from acting as password keeper, it can cache other kinds of personal data such as PINs, TPINs, IDs, burglar alarm data, Internet banking codes, etc... If you think you may not be able to access the Internet, you can always hive your classified access data into Clipperz’s enciphered offline version. In its online avatar, Clipperz doesn’t need any personal information or email—a username and a passphrase does it.
When you delete a file, it merely changes its location to the Recycle Bin. Maybe you know this. And when you expunge it from the Bin, it can still be retrieved via an Undelete utility. Maybe you didn’t know this. However, you can use a little shredder like Sure Delete to permanently, irretrievably and everlastingly annihilate sensitive files.
Instead of merely deleting file references, it nukes the actual data itself. Outfitted with an easy-to-use interface, the programme has three modes of deletion: a Quick Wipe process (overwriting the file four times), a US Department of Defense routine (overwriting the file seven times with random data), and a Super Secure method (overwriting it as many as 24 times).
This is about maintaining on-the-fly-encrypted data—data that is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume (file names, folder names, contents of every file, free space, etc.) can be read (decrypted) without using the correct password (encryption key).
TrueCrypt can hoodwink files, folders, entire hard disk partitions, or a storage device (like a USB flash drive). The encryption is in real-time and automatic. A TrueCrypt volume can be up to 8,589,934,592GB and cannot be identified from random data. For the more tech savvy, TrueCrypt uses AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish encryption algorithms. It doesn’t save your password to the disk. Neither does it have a facility to recover encrypted data without the correct data key. The only way to recover your files is to try and “crack" the password or the key. You can safely install software and record and playback videos on a TrueCrypt volume.
Write to us at