The highest form of ignorance is when you reject something you don't know anything about.

Wayne Dyer (b 1940)

Using Gmail as a Free Online Mass Storage


7385 MB of Free Storage, and counting....




Did You know that you could use a Gmail (Google Mail) account as an online mass storage?
No, I don't mean sending yourself 6000 emails in a row...
You can use it almost like an FTP , it's much easier than your 6000 emails!  here is how to:


First of all, you'll need a free Gmail account. Don't have one?   follow me ...
Second, even if you have, just create another one: easier, faster, bigger and safer ...
Done?
Ok, all you need now is a Firefox extension called Gspace, available here:  www.getgspace.com
The next time you'll open Firefox, go to "Tools" and click on the Gspace Tab
Follow the very simple instructions, and you'll be up and running in less than 1 minute.
Now you can use an extra 7400 MB of Storage ;-)  per account ;-))
You can share the account with a friend and upload / download large amount of data.
Plus, you'll read the FAQ and discover that you can create folders, view your pictures directly, create multiple accounts, upload, download, sideload and so on. 

Little side tips 

- Do NOT upload sensitive files, unless you are the king of cryptography.  It's safe but not under any warranty. Uploading your financial statement is NOT a good idea.  (You are on your own. Clear?)
- Do NOT transfer more than 1000MB per day or Google will freeze your account for 24 hrs (BTW, it's 1 GB of data and It is a lot)
- Max size per file is 19MB, (Google rules again). As you are smart you'll go around by Googling word such as "de-concatenation" or "deconcatenate"or the more colloquial "file splitter". If You are a Windows user, i would then recommend (highly) the very good WinRar from RarLab.
Last but not least: Don't forget that it is (Still) a mailbox. So If you set up Mail, Entourage, or Outlook to go fetch your mail on this account, it will.  Not only you'll upload the file, but as "mail", you'll download them to. Hence my advice to create a separate mailbox.



Little side notes 

As Gmail is a free service, they have set limits on the volume,  here are the "rules", straight from the source:
:It's likely that a normal Gmail users didn't notice that Gmail has a lot of limitations for sending messages. Here are some of them:
- 500 messages per day (i.e., you can hit 'Send' a maximum of 500 times)
- 500 unique recipients per message
- 2000 total emails per day (for example, you could send one message to a group of 500 people four times)

In addition to these limitations, "Google will temporarily disable your account if you send a message to more than 500 recipients or if you send a large number of undeliverable messages". According to the help center, you can only send a message to up to 100 people at a time if you use POP or IMAP.
Google explains that these restrictions were created to fight against spam and to prevent abuse:
If you want to hear it yourself : googlesystem.blogspot.com
I know, bummer!  But you can still create as many account as you want ....

How To Recover a Stolen Laptop or Desktop

Hire a Spy!

Works for: Mac / Windows / Linux / Ubuntu

It’s not funny to have your computer stolen, it even sucks BIG time.
Not only “they” take your belongings, but also they often go away with your memories and personal information.
A home insurance will only refund you cents on the dollar: Once the package was open, your precious laptop took a bad hit on the blue book; probably 30% the first day. A month after, your superb machine is obsolete and the value went down like a beer in the throat of a thirsty Irishman..
As for the rest …your precious pictures, emails, documents… bye-bye ..But most important, the thief may have access to bank accounts, Social Security Number, Credit Card information, and you know it’s were it is going to hurt really bad: Changing and securing all this information: Call the bank, Call the CC company, etc etc. In short: Good luck!

So, what can you do beside adding locks, alarms systems and hiring a bodyguard?
You could hire a spy!
For less than you will ever believe, you could hire a spy.
For how much? Well, between $49 and Free
Free is a very good price …So, read carefully, very carefully…
Multiple solutions exist: LoJack for computers ($$$) Mobile Me (via Back to my Mac), Undercover ($$) & Prey Project (Free)
In this post I will only look at Undercover & Prey, LoJack being a little expensive and Mobile Me having a serious stealth issue in my opinion. (a "Smile you're being filmed" would have more discreet)








First, how is it working?


As soon as your laptop or desktop is missing (stolen or lost), go to the website of the respective company and declare your computer missing, lost or stolen.
This action will activate a software (must be installed PRIOR to the activation) and this software will log the IP address used, take pictures, screenshots and sometime Keylogging and send all of that to either: an email address or create a report on a website
You’ll end up (with some chance) with at least, few pictures of the thief, screenshots and his IP address.
I have previously mentioned in this blog what was IP tracing and Keylogging, as well as webcam & microphone remote control.
The IP Address being a very easy way locate someone, even for noobs like the rest of us. For Law Enforcement Agency it's a joke: they'll get everything and even more.
Fee or Free?
Undercover being a (one time) fee service ($49), it has some features that Prey does not have: Keylogging and a nifty simulation of hardware failure, furthermore, Undercover will contact the authorities for you and provides them with all the necessary information.
Prey is Free, but you are on your own and it does not have Keylogging capabilities, or Hardware failure simulation.

Both system have limitations, and there is no guarantee that you will recover the stolen goods, but you have a much greater chance with them than without.
The Undercover Website explains all steps very well, and as I know you: let's move on to the free one: Prey

Be very careful, Prey is not easy to remove under Mac OS (and it should not be!)


Step by Step How to:
Go to the Preyproject website: http://preyproject.com/




Top left, select your language

Sign Up and Create an Account (email, pswd, etc)

Wait for the verification email, and activate your account

Create a Profile, up to 3 Devices. i.e 2 laptops, 1 desktop
Note carefully the API & Device number

Download Prey

Double click to Install










Select the Install option: Control Panel or Standalone



I would strongly suggest you
to use the Control Panel Option






Enter the general settings value, Timing and Language
Enter the API key and the Device Key (paste and copy from the website)
Important: Keep that for yourself!










Now that Prey is installed, go back to the website, log in and go to "My Devices"
Select a Device









Set up your Preferences:
Missing On/Off (by default is should be Off)
-But you are going to test it! Aren't you?
Auto update, Delay between executions, reports, etc
If your computer is not equipped with a built in webcam, the Webcam option is pretty much useless.
Action Module:
I would suggest to de-activate (Off) this option. A noisy pop-up appears and, in my humble opinion it has the only purpose of alerting the thief that something is happening.
I better have the chance to take few pictures of his face than letting him know that I am monitoring his activities.
Don't forget to UPDATE!



















Don't forget to UPDATE!

WARNING:
It may take up to 15 minutes the first time you activate Prey to receive a Report Don't panic, be a little patient.
Depending on your screen size, the Screenshot can be large, hence it may take Prey some time to transmit the Screenshot and the picture. (which is smart: using all your bandwith at once could alert the thief that something is fishy...)
I would also suggest to restart your computer after installing. It seems to me that it works better...
Pop Up Alert example. Bah!






Prey in Surveillance Mode

What if:
-You go on vacation for few days and come back to find your home burglarized?
The Thief may have visited you few hours ago, or few days ago..
If the villains just did it, it's Ok. Activate Prey and wait ....
But if they did it a week ago, your laptop may have changed hands few
times and was probably re-formatted.
A solution is to leave Prey on "Surveillance mode" : just de-activate the webcam & screenshot option, leave the Network logging & use the max interval for timing.
Prey will log every hour, but will not take pictures or screenshot.
If a thief pays you a visit, you'll have the 10 last IP.
When you realize the theft, then you can activate Prey on "Attack Mode": Pictures, Screenshot every 2 minutes ...
Here are the setting for a "Surveillance Mode"


WARNING II

Prey will not prevent the thief to access your data and files. if you have stored sensitive documents and files in your computer you should read the post about encrypting your sensitive data. Seriously.

WARNING III
Prey will not work if the thief:
Does not use internet
Format the Hard Drive (Prevent that with a Firmware Lock)
Blind the webcam (no picture)
Uninstall the program (Unix command, no App is visible under Mac OS)
Limitations:
No Keylogging: Too bad, with a Keylogger and some luck, a simple search on social networks and you'll have all the info you want.
IP Address:
Will only give you the location of the connecting server. If the thief connects from a relayed IP, you'll end up with the location of the main server. (try tracing the IP of an Apple store, you'll end up with AT&T in Kansas..)
You can trace back the IP using an IP Trace Route such as explained in this post . Nevertheless, even without the perfect location, you'll have enough information to contact a law enforcement agency. (Law enforcement in the US need a subpoena to request data from an Internet Provider.)
Bugs
Unfortunately, the green led of the webcam will go on when it takes a picture; It is the only visible sign that Prey is on. (other than digging deep into your Mac)

IP Tracing Example (from a Spammer using a corporate bot. yup! Mac and Cheese manufacturing companies are spamming you with enlargement pills. ViaKrap??? ) Btw, I need reduction pills.















Encrypted Disk Image


How to secure your data

You probably have a folder or a file somewhere containing sensitive data: passwords and login, few documents or scans of things that you want to keep private.

Keeping them accessible to all is not a safe solution, if your computer is gone AWOL, the “new” owner may have access to sensitive data.
If your Mac is protected by a Login password, please remember that it can be easily bypassed (Password reset via Unix command or by inserting the OS X CD )
Keeping your sensitive documents encrypted may prevent Id theft and protects you against unwanted access to files and folders on your Mac.

A solution to encrypt data in a very secure way is to create an Encrypted Disk Image
Encrypting just a file or a folder is not as safe as encrypting the whole image.
The “thief” will need to mount the entire disk to have access to it.
Here is How To, Step by Step

Go to "Applications" >>> "Utilities"

Select Disk Utility


- Select “New Image”
Select your options
- Volume Name i.e MrWhite
- Select the size, i.e 100 Mb for documents should be plenty enough. Use more if you have pictures, scans or Videos.
- Select the encryption.
I would suggest the 128-bit.  256 is super duper extra strong
- Click "Create"








Enter a password, or better, a Passphrase*.



UNCHECK “Remember password in my Keychain” otherwise, if the keychain is cracked you’ll be “SOL”
Please Note: If you forget this password you will not be able to retrieve it*. If you have a tendency to forget them, use Keychain...
- Click "OK"

The Encrypted Disk image is now created. To access it, double click the Icon on your Desktop and enter your Passphrase.
The Disk will mount and you'll be able to use it as any disk or storage. Drag & drop your document, folders in it.
To close the Disk Image:
Either Log off, or go to Finder, click on  and "Eject" disk Passphrase
To generate a good Passphrase, use letters upper and lower case, add numbers and for the sake of yourself, use signs too. As a tip, you can hold the Shift key while typing a number. (1=! 2=@, etc )
For the "Geek" of it, a password of 20 ch length, using upper & lower case, numbers and shift signs has 74 possibilities per character or 20^74 pos.
20 Ch length = 24,245,681,433,252,000 billions of billions possibilities. Enough to keep a cracker busy for millenniums

Password Reset  OS X 10.5
Leopard Only, Not Snow Leopard.
Login Password Reset: 
-If you do not know what you are doing, don't do it-
At Boot, press and hold   ⌘ + S  (Command + S) 
Wait few seconds, a command line will appear 
Then type verbatim: 
fsck -fy
(wait, it will take few seconds)
mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
dscl . -passwd /Users/UserName newpassword
(The password is now reset, you can login)


*
Note:
AES 128 or AES 256 is stupid strong. Your chances to crack an AES encryption are more than slim. If you remember 70% of the password, then contact me. If you try to crack it in blind mode, just forget it. 
If you have succeeded cracking a *Random* AES 128 password, please contact the CIA: They are looking for you with a juicy job offer.




Macs Are Absolutely Safe


WRONG ! WRONG! WRONG!

Few months ago I posted a short blog about the false sens of security that most Mac users have.  I've heard thousand time "Mac don't get viruses" or "Mac are not vulnerable"
As always, the best thing ever for a hacker or somebody with not so good intention, is to find an overconfident target.
Understand that ALL security measures can be either: by-passed, tricked, broken or cracked.  It's only a matter of time.
Rule #1:  Computers:  Everything that was done can be undone.
Rule #2:  The more confident you are, the greater is your chance to be a future victim.
Rule #3:  The weakest point on your computer is....you!

Hacking computers or Cracking security by a "direct attack" is getting harder and harder everyday, so red hat hackers and criminals are getting a good help from innocent(?) by-stander like you.
How?    
They use your trust, or this strange and absolute belief that what we see is real. You know for sure that your eyes can cheat you: a good optical illusion is an excellent proof.











So what if somebody could persuade you that what you see on the screen is "real"? could they trick you into clicking on something you would have never done before?
Not?
What if I told you that I could be watching you right now?  literally,  watching you.
Impossible? Watch this ...

In my eyes, this is one of the major security issue, the first one being Keyloggers
Keyloggers are programs that record every single keystroke or action on your computer.
From Password typed to Websites visited, they record everything silently.  It does not take long to realize that paying online, or visiting your bank website while keylogged could be more than disastrous for you.
Keyloggers are often installed via downloaded programs and as you grant access to this program with Admin Rights... you get the picture.

According to security Expert Dmitry Samosseiko FlashPlayer.dmg, HDTVPlayer3.5.dmg, MacTubePlayer.dmg, macvideo.dmg, play-video.dmg, Quicktime.dmg and  VideoCodec.dmg are often used to propagate such threats.
HDTVPlayer... hummm  sounds like an "encore"

The best you can do is to always ask yourself if you can fully trust that download or website.
Antivirus Programs for Mac exist, some are free, or have a 60 days free trial. You can always use the 60 days to scan thoroughly your system.
If like me you use Windows too (either on VM or Bootcamp), an updated Antivirus/Antimalware is mandatory.
Just keep an eye open and be safe...

Warning! Your PC is at risk of virus and malware attack


If you are here, it's probably because you have seen this "warning" 

 Warning! Your PC is at risk of virus and malware attack
 Your System requires immediate check!
 System Security will perform a quick and free scan of your PC for viruses and malicious programs

  Don't click on OK  !!!










You are probably looking for the answer of the following questions:

 "Is It a Real Antivirus?"   << NO!    Trojan FakeSmoke

"How do I stop this warning from popping up at every start of Firefox"

1)  Force Quit Firefox:   >> Force Quit >>  Firefox   or shortcut Command+Option+Escape
2)  Don't restart Firefox or it will pop up again
3)  You need to trash the file(s) session.js and session.bak in the FireFox Profile folder.
      As you Force Quit'd FireFox, those file will remember your last session and return to that page.

 The files are situated EITHER in :

Macintosh HD/Users//Library/Application Support/Firefox/Profiles/
   OR
Macintosh HD/Users//Library/Mozilla/Firefox/Profiles/




   
"username" being the name given to the account   i.e  "JimSmith"
 The files should be named "session.js" and "session.bak"
 Trash the files, but DO NOT empty the Trash until you have verified that you have deleted the right ones.







Restart FireFox  and verify that the Pop Up does not appear anymore.
 Fixed? Ok....

- Yes, it's a malware or a scam. It will try to make you pay for a fake Antivirus, and probably Hack something on your computer. (beside Hacking your credit card)
- Does it affect your Mac if you clicked Ok?  I don't know...I did not tried. Seems to be PC.
- In order to avoid a repeat: You can Ban the website using an Add-On Called BlockSite.
The Website is Hosted in Ukraine, The Owner as per the Whois, Is Registered in Florida.
 IP           213.155.22.194  Location:  Odessa, Ukraine.
 Whois    http://www.ip-adress.com/whois/213.155.22.194
 Using multiple alias for the Website ,
 2009-10-31|malwareurl_Directs to Trojan FakeSmoke| 213.155.22.193|

 As a reminder: 
 Always have on hand more than one Browser. Opera is the less likely to be targeted.
 Avast For Mac exist. And it's free. -Just in case .....