Computer Science and General Technology

A discussion about events and topics in theoretical computer science and technology.

Trojan Horse

This paper will talk about malware, malware is code that is designed with capabilities to breach a system. I'm going to focus discussing a variety of malware, especially some well known malicious code.

  1. Trojan Horse:

A Trojan Horse is malicious code that is designed to appear as a harmless application. Like a video game that is offered as a download on a website you just visited. The Trojan Horse comes from the Odyssey, where a large horse holding soldiers is used to gain entry to the city of Troy. In the background, instructions are executed, that allow the Trojan to perform many tasks. Such as stealing passwords, installing additional malware, activating a webcam, taking a screenshot of the desktop, and more. Trojans can infect a system by malicious advertisements displayed on a popular website. Even the most trusted website can fall prey serving malicious ads.

  1. Worm:

A worm is malicious code that is capable of self-replicating. A worm doesn't need to attach itself to a file to spread. A worm will spread over a network, then infect any systems that are vulnerable. A worm infects a system by exploiting system vulnerabilities. Therefore, its a good practice to always apply patches as soon as possible. There would be less damage done if the system had the patches to protect against these vulnerabilities.

  1. Ransomware:

Ransomware is malicious code that prevents access to files, or a system. Then gives the opportunity to regain access to said system of files, in exchange for money. Ransomware is usually delivered via a Trojan, or an exploit kit. An exploit kit is malicious software designed scan a system for vulnerabilities. These include 0-day vulnerabilities, 0-days are vulnerabilities that are unknown to the company that provides the software. Exploits kits are used with malicious advertisements, or are placed on a website that has been compromised. An exploit kit will perform redirects until it stops on the final domain where the payload is delivered. The common payment method used with ransomware is bitcoin, a popular cryptocurrency. Another form of ransomware is the infamous “police ransomware, or “FBI ransomware”. This ransomware was delivered through malicious ads on pornographic websites. An exploit kit delivered the ransomware after successfully exploiting a system. This ransomware is called the Reveton Ransomware.

  1. Virus:

A virus is malicious code that has a long history. A virus infects a system, usually through infected media. Such as floppy disks, compact disks, and infected documents. A virus will spread by attaching itself to a file, or a disk. A virus performs actions like, deleting files, wiping an entire system, or constantly opening the optical drive. Computer viruses used to be mostly harmless. They would also be whimsical at times. The internet archive has a museum that showcases malware for MS-DOS systems, and other older operating systems here.

  1. Adware is an application that injects ads. These programs are bundled with other software. While adware isn't as harmful, its still considered unwanted. Hence the term PUP (Potentially Unwanted Program).

  2. Spyware is malware that secretly gathers activities, then reports them back to the organization, or individual that created the malicious program.

Avoiding Malware

To avoid malware its best to perform these important tasks.

  1. Keep Your Software Up To Date:

Always try to update to the latest version of the application from the software vendor. Use Ninite to make it easy to install the latest update.

  1. Back Up Your Files:

Always back up your files, that way when a problem occurs. You have a backup ready to get your system back up with all your important files included.

  1. Install from a legitimate website:

Avoid visiting websites that claim to offer free offers. These offers are too good to be true. So avoid these websites at all costs.

  1. Don't click on suspicious email attachments:

A friend, coworker, or relative. May have get their email account compromised. You will receive multiple emails, telling you to open the attachment. Email services have spam filters designed to help keep spam out of your inbox, but there is always the chance that a malicious email may get through and land in your inbox. Always double-check.

  1. Use Anti-Malware Programs:

Anti-Malware can help defend against infections. Always make sure to keep the signatures up to date. Although not every anti-malware program will be able to protect against every threat. It is still a good program to have.

  1. Use a multi-layered defense:

Use a firewall, anti-malware, good habits, and backups. One isn't enough, today you need to have multiple protections in place.

  1. Threat Modeling

Create a threat model that is tailored to the needs of you, or many. What is the biggest risk, what systems are most likely to be attacked, is your staff prepared, is your response to a threat effective? Always evaluate the environment around you. Then apply based on your findings.

This paper is based in the M.I.S.S. model, short for Make It Simple Security. A project I created a long time ago. The project is design by making security more accessible through making security less metaphorically painful.

Open-Source

I would like to discuss in detail about Firefox and Firefox forks with detail. This article will attempt to discuss about current technical involvement with these projects. Note, that not every possible aspect will be discussed here, but a great deal of information will be placed here none-the-less.

Firefox

Firefox is the open-source web browser web browser developed by Mozilla, and its many volunteers worldwide. The browser has since gone many transformations, with Quantum being the biggest change. The browser advocates to be private based browser. Although some people criticize Firefox for not being as private as they would like it, here is an explanation on why it doesn't come with any of the privacy settings configured by default.

The reason stems from usability, while first-party isolation and resist fingerprinting could be enabled by default. It could prevent a website from working at its best. Thus causing distress to the user. However many websites like PrivacytoolsIO provide resources to enable these privacy-oriented settings through about:config. While Google Safe Browsing is enabled by default. Bits of information is stripped out. Also, a list is generally downloaded to provide this capability. As stated here

From ghack's user.js:

There are NO privacy issues here. IF required, a full URL is never sent to Google, only a PART-hash of the prefix, and this is hidden with noise of other real PART-hashes. Google also swear it is anonymized and only used to flag malicious sites activity. Firefox also takes measures such as striping [sic] out identifying parameters and storing safe browsing cookies in a separate jar.

Browser studies and telemetry. While telemetry normally is used to track people. There are services that provide anonymous based telemetry that allow statistics to be gathered without violating privacy. If the user does not wish to participate in browser based experiments. They can go to about:preferences A.K.A options. Then uncheck the areas under privacy and security.

Web Extensions, are the current architecture that has replaced the previous XPCOM/XUL architecture. There was a debate on whether this was a good choice to make. There are people apposed to it, while others are for it. The reason why there was a discussion of it, originated from a security and development point of view. The old architecture suffered from extension permissions. Extensions could access the whole browser, while also accessing other extensions themselves. This posed a problem with malicious extensions. The old architecture made certain extensions prone to conflicting with a new release of Firefox. This could cause the extension, or Firefox to crash. There was also the issue with an extension that would be unable to function in the new release. A patch from the developer of the extension would be needed. In order for the extension to work. While many extensions have successfully been made compatible, there are others that aren't. This can stem from the extension is no longer under active development, trouble with making the switch, or outright deciding not to make the change. In this case, try to find a web-extension that what the previous extension did.

Currently Mozilla has been trying to create an open standard for web-extensions. Progress is slowly being made, but it hasn't been completed yet.

Waterfox

Waterfox is a Firefox fork, started by a student. The project uses the Pre-Quantum code v56. The project comes with the privacy oriented changes by default.

While Waterfox tries to be appealing to privacy respecting users. The problem lies in the security aspect of software. Waterfox doesn't include the latest Firefox code, due to the nature of keeping the old extension architecture. With two extension architectures supported at the same. There is the danger of a larger attack surface, and software bloat. The old extension architecture means running the risks of malicious extensions accessing the browser, and other extensions. While Waterfox does come with settings enabled by default, unlike Firefox. Most of the settings are able to be changed easily, with the help of online guides. Updates are also a problem. Waterfox doesn't have as many developers as Firefox. When an update arrives, the developer/s must integrate these patches into Waterfox before updating. This causes delays, that can result in a greater risk of application exploitation.

Pale Moon/Basilisk

Since both forks are from the same developer. I will join them together. Pale Moon is a browser fork that uses the Firefox ESR 38 code, while using the classic Firefox UI. Basilisk is another fork based on Firefox ESR 52. The rendering engine for both of these browsers is named Goanna.

Pale Moon aims to be another privacy respecting browser, with configurations made by default, unlike Firefox. Pale Moon also suffers from security flaws. Firefox v38 lacks many modern day capabilities, including security capabilities. One notable aspect is the lack of e10. E10 is what allows each tab process to isolate web content to prevent any leaks from happening. Without this protection, users are at risk of malicious code from accessing web content from the browser. This can cause manipulation of web content resulting in dangerous redirects, injection attacks, and more. From a security perspective, even Waterfox provides better support for modern security capabilities. Pale Moon and Basilisk also suffer from lack of developer resources. Basilisk also is able to support e10, but it was chosen not to enable it.

Tor Browser

The Tor Browser is a fork from the Tor Project. It is based on Firefox ESR v60. With plans to update to Firefox ESR v68 in the future. The browser comes configured with the ability to access the Tor Anonymity Network. Tor Browser also comes with HTTPS Everywhere and NoScript by default. The Tor Browser comes with API changes that help the Tor Browser become ambiguous. This helps protect against browser fingerprinting. A technique that advertisers, and websites can use to identify you. The Tor Browser recommends not to change any settings, to prevent you from creating privacy risks. More information can be located at the TorProject Website

The Tor Project has previously suffered from delayed patches also, but the Tor Uplift Project. Which is a collaboration with Mozilla and the Tor Project. Helps the Tor Project upstream their releases, to better keep up with the latest code.

Privacy and Security

Privacy and security go hand in hand. Security can also affect your privacy. For example encryption keeps users safe, and protects their privacy. Both need to exist in order to benefit each other. Respecting one over the other can result in an unbalanced experience, that doesn't give you the full benefit of both.

Creating a good fork

I have been considering for a while, of creating a browser fork of Firefox. One that one allow users to install with privacy oriented settings by default, or not too and let them choose to customize the settings themselves. This fork would include a standard and extended support release. Patches would come from Mozilla, and be applied by the time the patch is available. This project is called Nova. I would be glad to be head of this project and work on creating this fork.

 Stop Ads

A long time ago during the time of the dot-com bubble, online advertising was beginning to grow. Many of these websites stated, and still state today. Advertising is necessary to help cover web-server costs. However an employee working at Tripod, by the name of Ethan Zuckerman created the first pop-up ad. This advertisement opened a pop-up window to grab the attention of someone who was visiting the website hosting the script. This grew into an out of control situation, where pop-up ads became viral. That is until browsers started including pop-up blockers, Opera being the first one to add it to their browser.

There was also another method of fighting against these advertisements, the hosts file. A hosts file is a way for your computer to associate IP addresses with domains. Host files like MVPS associated the domains with the address 127.0.0.1. This address is called the local-host, A.K.A your computer. When a domain is associated with that IP, the domain encounters a lookup error. Therefore, you won't be able to connect to that domain. MVPS is meant as way to combat online advertisements, that have started to become invasive.

There is another way that advertisers are being thwarted. That is ad-blocking browser extensions. These go by the names of, Adblock Plus, Adguard, and uBlock Origin. These extensions work by blocking connections to these domains, and also hiding the advertisements by using CSS (Cascading Style Sheets). Many websites started implementing ad-blocker, blockers. These came in the form of warnings, stating to disable your ad-blocker to continue viewing this website. This was thwarted by anti-ad-blocker, blocker scripts. This allowed users to keep viewing a website without anymore fuss.

The reason users are doing this involves sending a message. That users demand to be treated well, to not be tracked over multiple websites. That is right, we demand that advertisers change their behavior. We won't stop until they do. DuckDuckGo has proven, that you can have advertisements that don't track you. Advertisers should start looking at this example, and put it into practice themselves. This was Ad-blocking, or how we chose to step up and fight the advertisers.

Thanks for reading!

Copy Me

No Google

Google is planning on making changes to the way extensions work in Chrome. Google claims that making these changes will provide better privacy and security. These claims are false. Google plans on changing the API that handles web requests. This will cripple the ability for extensions like uBlock Origin to function at its best. DeclarativeNetRequest will only limit the ability for developers to continue improving their extensions. For this I say no to Google's plans.

There are better that Google can improve the Chrome Web Store. They should start by having fast response when a extension is reported for abuse, a better automated system to detect malicious code, a better system to manually review extension code, and better guidelines. Google however, chooses to deny that this will be a problem for developers, but Google appears to care less for developers.

Here is what you can do to help combat this problem. Simply choose another browser, Firefox respects the wishes of the developer and the freedom to browse the way you like it. The time has come to start demanding companies to respect the freedom of its users, and not look to their own interests. I encourage developers to take a stand. Its my browser, and I'll use it how I like it.

References: https://www.theregister.co.uk/2019/06/21/google_chrome_manifest_v3/

https://www.xda-developers.com/google-chrome-manifest-v3-ad-blocker-extension-api/

https://www.eff.org/deeplinks/2019/07/googles-plans-chrome-extensions-wont-really-help-security

kopimi

Secure Online Shopping

 Information Security

In an ever-growing world of eCommerce, there is an ever-growing threat of malicious people looking to steal your information, and using your financial data for their means. Today I will be discussing about the many methods of keeping your data safe against these malicious people.

  1. Avoid Emails: Although emails are a way for businesses to promote deals, and exclusive merchandise, phishers will use target your inbox, attempting to pose as a business. Therefore its best to avoid looking in your inbox, this will prevent one vector of having of having your financial information stolen.

  2. Don't answer unknown calls: Unknown calls are likely to be from telemarketers, and fraudulent calls. Avoid at all costs. Install a call blocker application to filter out calls. While some calls may be missed by the filter, you will definitely have a lot less spam callers.

  3. Use websites with good encryption: A website that has a good content security policy is always recommended. HTTPS-Strict-Transport-Security, ensures that your browser connects through HTTPS only by default.

  4. Install HTTPS Everywhere: HTTPS Everywhere is an extension for Chromium and Firefox. The extension forces encrypted connections with websites that are known to support it. I recommend using the default settings.

  5. Use an Ad-Blocker: Ads can pose a problem by tracking your visits and some are malicious, by installing malware without having to interact with the advertisement at all. I recommend Ublock Origin, which is light on resources and is very effective.

  6. Avoid phishing sites: Some sites attempt to look like a legitimate version of a website, look at the URL address, check to see if their is anything different compared to the real address. Also, don't click on advertised search results, these results are a prime vector for abuse.

  7. Use Private Browsing Mode/Incognito Mode: When using private browsing mode, your cookies, history, and session won't be saved, this is an effective way at preventing access to your account, since your login sessions won't be saved.

  8. Look over your shoulder frequently: Shoulder surfing is when a person looks over your shoulder to get information, counter this by looking over your shoulder at a frequent rate.

That's all for now, use these practices, and you will have a much safer shopping experience, thanks for reading!

Rotten Apple

Recently, Apple has been putting out many commercials with the slogan “privacy, that's iPhone”. While Apple can say they're for privacy, you really can't trust that they really are. You also can't rely that Apple cares about your freedom. I'm here to explain why.

First off MacOS and iOS are both proprietary/closed-source systems. Apple doesn't want you to view the source code of their software. This affects privacy, because if you can't view the source code, then you can't determine what Apple is really doing behind the scenes is good or bad. Another reason is, you are already making connections to services such as iCloud, and since these services are proprietary, you can't trust Apple to handle your data.

Apple also doesn't respect your freedom, Apple has does this by embracing DRM. DRM stands for Digital Rights Management, DRM restricts your ability to use your product, how you like, wherever, whenever. Apple forces people to use their store on iOS for security reasons. Except, this isn't security, this is really control. Apple has put themselves as the gatekeeper of your system, they want you to use it how they want you to use it. Apple also solders their ram in the latest MacBooks, this is not okay. The consumer has the right to make a decision regarding their product. It isn't Apple's choice of how I upgrade my system.

If Apple wants to be respected, here is what they need to do.

  1. Let the user upgrade their hardware from other vendors without penalty

  2. Let the user review the source code

  3. Let the user install from other software sources on iOS

  4. Stop using DRM through iTunes

  5. Give better freedom towards experimenting with their system

Sources: https://gizmodo.com/apples-war-on-upgrades-continues-with-the-new-touch-bar-1789002979, https://www.defectivebydesign.org/apple

GNU/Linux

In our last discussion, I discussed about using Firefox to protect your privacy. Now, I will be talking about GNU/Linux, and how to you can get started.

What is GNU/Linux?, GNU, was started by Richard Stallman, and is run by the Free Software Foundation. Linux is a kernel, created by Linus Torvalds. The Linux kernel helped fill in the gap, that the Free Software Foundation had yet to fulfill. That is why any system using GNU software, and the Linux kernel, is called GNU/Linux. Many People just call it Linux, but this isn't technically correct, as Linux is just the kernel.

You may be asking. Why should I use GNU/Linux over Windows? Here are my reasons on why you should make the switch.

  1. Windows does not respect your freedom:

When you use Windows, you are using an operating system that is controlled by a software giant. Microsoft has many examples of not respecting the freedom of its users. Like when Microsoft employed DRM in Windows Vista, that controls what people can do with their media.

  1. Windows is closed source:

Windows is a proprietary operating system. Microsoft does not want you to know what Windows is doing behind the scenes. Because of that, you cannot trust what Windows is doing.

  1. Windows invades your privacy:

With the release of Windows 10, Microsoft has added many privacy invading functions in the operating system. There is location tracking, native advertising, and more. With Windows 10, you have become a prime target for tracking.

Here is a list of the benefits of GNU/Linux.

  1. Your freedom is respected:

With GNU/Linux, its your system. You can do whatever you wish with it.

  1. GNU/Linux respects your privacy:

You shouldn't have to worry about user tracking. With GNU/Linux you are free from tracking.

  1. Open-Source:

GNU/Linux is open-source, so you can look and see what is happening with your operating system.

Now on to getting started. My recommended distribution is Linux Mint. Mint provides a familiar desktop, for people who use Windows. Mint comes with support for multi-media out of the box. Mint is based on Ubuntu Long Term Support Release, so you get a stable experience with Mint. To get started download a ISO file from https://linuxmint.com. Next, write that image to a disk, or USB drive. I recommend balena etcher for writing to a USB drive. Then, boot into the live environment. Select what how you want to install Mint. If your family member won't be missing Windows, then select erase disk and install Mint. If your family member still needs Windows for some applications, then select install Mint alongside Windows. Follow the instructions in the install prompt. After that, you should be ready to go.

Note: For laptops, make sure you check “install third-party components”. The third-party components contain software and firmware, that allow your laptop to connect to Wi-Fi, and more.

Thanks for reading, I hope this was informative for you. Stick around for part 3!

Resources: https://fsf.org/, https://linuxmint.com/, https://www.fsf.org/windows/upgrade-from-windows#abuses, https://www.balena.io/etcher/, https://fossbytes.com/install-linux-mint-19-tara-guide/, https://www.fsf.org/about/what-is-free-software

Contact Me

Watchful Eye

Many of our family members use online services such as Facebook, Twitter, and Instagram. Today I'm going to give a brief rundown about taking your family in a better direction. I'm going to start with web browsing. In a second part, I will discuss about private messengers. So lets get right down to it.

Web Browser: A web browser, is an application that displays content on the world wide web. Many browsers have come and gone, but the popular ones active today are, Firefox, Google Chrome, Internet Explorer, Opera, Safari, and Microsoft Edge.

Many people in your family may use Google Chrome as their primary browser. However, many people are unaware that Google Chrome employs tracking to know more about you such as, your location, what you've recently visited, and your favorite things. Talk to your family about these concerns, and talk to them about trying out Firefox. Firefox is a web browser from Mozilla, an organization that has many people who strive for an open, and private web. Firefox supports a wide range of add-ons that can be used to help protect their privacy. Facebook container can restrict Facebook from tracking you around the web. Ublock Origin, can help block trackers and ads while you browse. Firefox also offers their own tracking protection in the browser. Firefox offers sync, to allow your family member to use their profile across their devices.

There are many more add-ons out there, visit addons.mozilla.org to get started. You can also visit support.mozilla.org, and walk your family member through the basics.

Stick around for part two!

Don't Expect Facebook To Fulfill Their Promises

Recently, Facebook has come under pressure, again. This time, it involves Facebook, blocking others from exploring their ad platform. This is a clear example, of why Facebook can't be expected to fulfill their promises. No matter what, Facebook will only focus on what they want. To maliciously spy and profit off of the user. This is why I'm currently using, and promoting, decentralized social networks. The current problem we face with getting people to join, involves the bad dependence that people have with Facebook. Most assume, that there is no other alternative out there, to replace Facebook. That is where the average Facebook user is wrong. Mastodon has proven to becoming a great alternative to using Facebook. The problem, also lies providing people with the proper information to using these services.

Once again this incident only proves one thing, Facebook is the big enemy in the tech triangle (Google, Facebook, and Microsoft).

Source: https://techcrunch.com/2019/04/29/facebook-accused-of-blocking-wider-efforts-to-study-its-ad-platform/

Tor

Hello, I am here to explain the Tor Browser, and how it can benefit you. I am also here to ease any concerns you might have about Tor. Lets get started.

First, what is the Tor network? The Tor network, is a network started by the U.S Naval Research Group. Onion routing passes information through what are called nodes, also called relays. The information is encrypted at least three times and travels through many nodes and relays run by volunteers. As the information passes, each node is given the information on where to send the information to next. This happens until the information is fully decrypted after leaving the exit relay. This process is like peeling back the layers of an onion, hence why it's called onion routing.

Now onto the Tor Browser. The Tor Browser is a modified fork of Firefox ESR (Extended Support Release) that allows anyone to easily utilize Tor. The Tor browser is modified to prevent websites from fingerprinting and trying to DE-anonymous the user. When using the Tor browser, its best to leave the browser with the default configuration. Any change can result in the user becoming identifiable, thus defeating the purpose of the Tor Browser.

Bridges are ways for a user to connect and use Tor when you can't connect directly to Tor because you ISP blocks Tor, Your system administrator blocks Tor, or your nation censors Tor. Bridges work by connecting through, for example, a meek-azure connection. This tactic is called domain fronting. This allows a user to circumvent the censorship put in place and use Tor.

Now to talk about the downsides. Because the Tor network encrypts your connection, browsing the web will be much slower, so patience is key when using the Tor browser. Using any services like BitTorrent can use up a lot of the bandwidth and cause the Tor network to slow down much more for everyone. Using BitTorrent with Tor can also leave you vulnerable for being identified.

Some common fears about the Tor Browser is the Dark Net. These domains end with a .onion, which is the a domain with the purpose with remaining anonymous and accessible to everyone. This domain is meant for access through the Tor browser. While there are illegal services out there that use these domains. There are a majority of pages that are ethical legal to use, such as the DuckDuckGo onion site.

For more information visit the Tor Project FAQ here: https://www.torproject.org/docs/faq.html.en