Sunday, July 29, 2018

Simple Encrypted Drive

Simple Encrypted Drive.

We all have sensitive data that we need to keep them away from prying eyes. While there are so many free software and solutions available, they all have some advantages and disadvantages in using them. A discussion of available solutions are outside the scope of this blog. If you are interested in using a simple solution where you have 100% control of your sensitive information, read on.

Here is a simple shell script to encrypt your data locally in your hard drive or on a portable USB stick to take it anywhere. If your USB stick is lost or stollen, the data stored in there are of course useless to anyone. The way the script works is by creating an encrypted disk using a special filesystem driver (encfs) and allows you to copy your ordinary files (i.e. unencrypted) through the driver just like copying a file with your operating system's copy command. To access these files, you have to mount the drive with your passphrase. Once the filesystem is mounted, they are available through a mounted drive in plain form to retrieve or update your files. Once the file system is unmounted, they stay in your hard drive or usb stick in encrypted from. 

Here is how to use it.

./encrypted_drive.sh -d /tmp -m

In the screenshot below, I am using /tmp as the destination for my encrypted file storage. It can be anything like an ordinary directory in your computer or a USB disk mount ex: /Volumes/<mydisk> on Mac for example. Here is the screenshot of running the first time. Note: you need to choose a strong passphrase and remember that to access your files later.



Once the drive is mounted (see the screenshot above shows mounted drive on your desktop), you can simply copy your sensitive files using operating system copy command like shown below, or just drag and drop files like you'd do with any other drive/path. The mounted drive will stay mounted for 5 minutes and unmount itself automatically for security.


As you can see from the above screenshot the files are now accessible through the mount point (/tmp/decrypted) for reading and writing in plain form. Once you unmount using -u command, you see the files in /tmp/decrypted are gone and the actual files in encrypted form are in /tmp/encrypted which is useless if anyone got a hold of your USB drive or your computer containing these files.

The script is available in my GIT repo below. Download it and follow the instructions (below) to install the encfs which is required for this script to operate. Love to hear feedback.

GIT: https://github.com/aselvan/scripts/blob/master/security/encrypted_drive.sh

Instructions for installing encfs

#   Mac
#   run the following 2 commands on mac terminal (assumed you have brew installed)
#     brew cask install osxfuse
#     brew install encfs
#   
#   Linux:
#     Ubuntu/Debian: apt-get install encfs
#     Redhat/CentOS: yum install encfs  
#     Other: refer to your distro manual
#
#   Windows:
#      Sorry, wipe that crap and install Linux or get a Mac!
#
By at No comments:
Location: Plano, TX, USA

Sunday, August 30, 2015

How to protect your Facebook account with encrypted notifications




As part of the Facebook account security feature, Facebook sends various notification e-mails. All these notification e-mail messages are in plain text. For notification e-mails like "Login Alert", it is not a big problem if the mail content is plain text as it does not contain anything important. However, in the case of password reset request e-mail, it is a problem since the reset code is sent in plain text. If your e-mail account is compromised, for example by a session hijacking method, the hacker has access to your e-mail account until the session expires so they can request Facebook password reset and easily take over your Facebook account.

Note: How your account got session hijacked is outside the scope of this blog but typically, it can happen when clicking on phishing e-mails or visiting infected websites etc.

Recently (Jun 2015), Facebook introduced an option for users to request all notification e-mails in encrypted form. If you are already using or familiar with PGP, you can now provide your public key to Facebook so it will use it to encrypt all e-mail communications to you. Go to your Facebook profile and navigate your way to the "Contact and Basic Info" section of the "About" page (or click here https://www.facebook.com/me/about?section=contact-info).

See the screen shot below where I entered my public key.





Once you enter your public key (make sure to check the box to enable encrypted notifications) and save changes, you will get an encrypted mail from Facebook. You then decrypt the mail using your PGP tool and confirm using the link Facebook sends you. After this, all e-mails from Facebook will be encrypted using your public key so only you can decrypt it. In addition, you need to add Facebook's public key to your PGP keyring so you can verify the signature of the encrypted e-mail to ensure it is from Facebook. The key is at link below.

https://pgp.mit.edu/pks/lookup?search=0x2f3898cedee958cf&op=index

See this whole process in action--- Few days ago, someone tried multiple times to reset my Facebook account. For every attempt, I get an encrypted e-mail from Facebook as shown in the screen shot below.




Below is the screen shot after I decrypted the content using my private key.





So even if my e-mail account was compromised (highly unlikely), the hacker can't read the code sent by Facebook to reset my password since he can't decrypt the mail without my private keys. For PGP encryption/decryption, I use Google's 'End-To-End' chrome plug-in (not available in chrome Web Store yet but you can download source code and compile it). However, there are other tools and browser plug-ins readily available which you can easily install in your browser (chrome or firefox) to use PGP.

https://www.mailvelope.com/
https://chrome.google.com/webstore/detail/mymail-crypt-for-gmail/jcaobjhdnlpmopmjhijplpjhlplfkhba?hl=en-US
https://www.virtru.com/get-secure-email/

If you are new to PGP, the read the link below for a quick introduction before getting started on using Facebook encrypted e-mails.

https://ssd.eff.org/en/module/introduction-public-key-cryptography-and-pgp
https://ssd.eff.org/en/module/how-use-pgp-windows-pc
https://www.facebook.com/notes/protecting-the-graph/securing-email-communications-from-facebook/1611941762379302


By at No comments:
Subscribe to: Posts (Atom)