Micro-Ram

New Intel SSD 520 Series Now Available

Intel has released their new 520 series solid state disks. These new drives feature a 6Gbp/s SATA III connection, new AES 256 bit full drive encryption, and automatic internal data-compression. Solid state drives are the ultimate in performance and reliability for your desktop or laptop computer. Talk to Micro-Ram to learn which SSD is right for you.

(Source: intel.com)

2012 New Years Resolution: Full Disk Encryption on Every Computer You Own

Micro-Ram recommends that everyone follow the great advice of the Electronic Frontier Foundation and encrypt the disk on every computer you own.

Windows users have built in support in Win7 and free options for XP & Vista via TrueCrypt. Apple users, please upgrade to 10.7 Lion and take advantage of the great new full disk encryption included in Lion.

This is a simple method of securing your data from lost / stolen computers. It is also ensures a worry-free exchange of drives when your disk wears out or is retired. Modern Intel (Core i5/7) processors built after 2009 include hardware based encryption routines using the American Encryption Standard (AES) for a negligible performance impact.

(Source: eff.org)

Lion DVD restore disc tool

Apple has released a tool for you to make a Lion DVD restore disc.

(Source: support.apple.com)

Uninstall Flash on Mac OSX

There are too many security issues surrounding the Adobe Flash player plug-in. HTML5 now supports video playback without Adobe Flash. After you uninstall, use Safari to visit youtube.com/html5 and click Join to view videos without Flash.

Download this file from adobe to quickly uninstall Flash from your Mac.

(Source: kb2.adobe.com)

Batch file loop to execute all exe files

Batch loop example to run every exe file in a folder with parameters (-z -m). Originally adapted for running a folder full of windows update exe files.

for %%i in (*.exe) do call %%i -z -m
Set Environment Variable to the Date and Time

Set a variable to the current Date and Time in Batch file:

for /F "tokens=2,3,4 delims=/ " %%i in ('date/t') do set d=%%k%%i%%j
for /F "tokens=1,2,3 delims=:. " %%i in ('time/t') do set t=%%i%%j%%k
echo The date is %d% and the time is %t%
Calculating a file hash

File hashing is a very important method for determining if a file is a perfect copy and also used to save upload time when checking files against virus databases like VirusTotal.

A hash function is any well-defined procedure or mathematical function that converts a large, possibly variable-sized amount of data into a small datum, usually a single integer that may serve as an index to an array. The values returned by a hash function are called hash values, hash codes, hash sums, checksums or simply hashes. [wikipedia]

My favorite freeware utility is called HashTab for Windows. I like it because it hides nicely in a tab off of the file properties menu. Right click on a file and a tab named “File Hashes” will appear after General, Security and other tabs varying by system. From this tab you can choose which hashes to calculate like MD5 and SHA1 and many more.

GPG Encrypted Email Mac OSX Thunderbird

This document is due for an update. Expect one soon. This document is for quickly installing ThunderBird, MacGPG and Enigmail for sending and receiving encrypted emails on Apple OS X 10.5.

Downloads

1. Download Mozilla Thunderbird v.2.0.0.22 [Mozilla] 2. Download MacGPG v.1.49 [SourceForge] 3. Download Enigmail v.0.96.0 [Mozilla]

Installation

Install Thunderbird, then MacGPG, then Enigmail. Note: Source [mozdev.org]

1. Install Mozilla Thunderbird

Double click on the Thunderbird2.0.0.22.DMG file. Then drag the Thunderbird.app file into the Applications folder. Drag the Thunderbird icon from Applications to the Dock to create a shortcut. Unmount the Thunderbird virtual disk by clicking the Up arrow in a finder window or by dragging the white disk on the desktop to the trash. Start Thunderbird and setup an email account. You will need your incoming server, outgoing server, user name and password from your email provider.

2. Install MacGPG

Double click on the MacGPG1.4.9.DMG file. Double click on the “GnuPG for Mac OSX 1.4.9.mpkg” Installer program. Click Continue (4 times) type in admin password if prompted, then click Install.

3. Install Enigmail

Start Thunderbird. In the menu bar of the main window you will see “Tools”. Select this, and then “Add-ons”. This will bring up a new window listing all of your Thunderbird plug-ins. In the lower left-hand corner of this new window you’ll see a button marked “Install”. Click this button. Tell Thunderbird where you saved the Enigmail .XPI file.

4. Create Keys

Start Thunderbird. In the menu bar select OpenGPG. Select “Yes I would like to use the wizard”. Select “No I want to create per-recipient rules…” Select “Yes” to “…change a few default settings…” Create a secure password to type every time you need to encrypt or decrypt an email. (This is not seen by anyone, it is only used to access the strong keys.) Click Continue at the Summary screen to begin key generation. Select Skip for “…create a revocation certificate…” as this key will have limited distribution. NOTE: We may want to upgrade key strength from default 2048 bit and adjust expiration from 5 years based on end-user feedback.

5. Exchange PUBLIC Keys

Open Thunderbird, OpenPGP, Key Management. Check “Display All Keys by Default” in the upper right. Right click on the key and select “Send Public Keys by Email”. Send the email. When you receive the email double click on the ABCDEF.ASC attachment and select “Import” Note: It is safe to exchange the PUBLIC keys over unsecured email as the PRIVATE key is required to encrypt a message. You do NOT exchange PRIVATE keys.

6. Final Settings

Turn off “Using GnuPG with Mozilla” in messages. Thunderbird / OpenPGP / Preferences. Display Expert Settings, Advanced tab UNCHECK “Add Enigmail comment in OpenPGP signature”. Set the recipients to always encrypt. Thunderbird / OpenPGP / Preferences. Display Expert Settings, Key Selection tab then click “Edit Rules …”

  • Click Add
  • Set OpenPGP Rules for “jeff@micro-ram.com”
  • Apple rule if recipient “is exactly”
  • click “Select Keys”, Select both your key and Jeff’s key.
  • Change rules to “Always” “Always” “Always”.
  • click OK
  • click OK

Sending Encrypted Emails

Select WRITE mail icon in Thunderbird, type in recipient and make sure the PGP Key in the lower right corner of the new email window is Yellow. A second verification is to click the down arrow next to OpenPGP icon in toolbar. Make sure ENCRYPT email is checked. Click send. You will be prompted for your passphrase if it has been less than 5 minutes since you lasted typed it in.

S3 Backup Script for Windows

This script is a simple batch file used to compress and encrypt a series of folders then upload them to Amazon S3. We are using the compression and AES encryption built into the commercial version of PKWare command line PKZip for Windows Desktop software. Purchase a license for PKZip for Windows (not SecureZip) and you will also be given a free license for the command line version PKZIPC.EXE. (If anyone has a freeware suggestion for replacing PKZip, please let me know.)

Save this script to your C:\ drive: S3_Backup.cmd. Modify the script to your needs by replacing the S3 Keys with yours. Make sure the bucket named “bucket1” is changed to the bucket you would like your backups saved to. Change the folder to backup from “C:DATA” to the folder you would like backed up. After a few test runs, use the Windows scheduler to run the script automatically at night.

Requirements: PKZip Console from PKWare $29 & S3COPY.EXE from jtitjing.com.

Optional: Blat - Command line email See the code for the script below.

: Batch File to Backup a folder and upload to Amazon S3
:  Schedule this script to run daily.
:  http://micro-ram.com

@ECHO OFF
: Set d to Date and t to Time
for /F "tokens=2,3,4 delims=/ " %%i in ('date/t') do set d=%%k%%i%%j
for /F "tokens=1,2,3 delims=:. " %%i in ('time/t') do set t=%%i%%j%%k

: Set your ZIP options and password
set zipoptions=-add=update -recurse -path=relative -password=12345678 -cryptalgorithm=AES -cd=encrypt

: Set your S3 key and security code
set s3key=ABCD1234
set s3sec=EFGH5678
set bucket=bucket1

: Temp working folder
set destdir=C:\S3_Backup
md %destdir%
cd /D %destdir%

: Create the ZIP File - change the zip name & change the folder to backup.
: Note: Multiple folders can be specified with a space. Ex ...backup.zip" "C:\data*.*" "D:\more*.*" >logs3.txt
PKZIPC %zipoptions% "%d%_%t%_accounting_backup.zip" "c:\data*.*" >log_s3.txt

: Copy to your S3 bucket
s3copy %destdir% %bucket% %d%_%t%_accounting_backup.zip %s3key% %s3sec% >>log_s3.txt

: Email yourself the log file
blat log_s3.txt -to you@domain.com -subject "%d% S3 Backup Complete"   

: Delete the temp file after uploading
del "%d%_%t%_accounting_backup.zip"

set s3key=
set s3sec=
set bucket=
cd

:done
SMIME Certificate Installation

Step 1.

  • Register for a certificate from instantssl for free or from comodogroup for $12/year.
  • Wait for the validation email.
  • Request the certificate.

Step 2.

  • Export the Certificate from the Web Browser into the email programs.

Step 3.

  • Load the Certificate into the Email client.

Mozilla Firefox - Tools / Options / Advanced / Security tab / View Certificates Mozilla Thunderbird - Tools / Account Settings / Security Outlook Express - Tools / Accounts / (account) Properties / Security Note: Outlook Express has the ability to export the public only key. This key needs to be given to your friends. (Unless it can pull from the public Thawte servers.) Reference: Mark Noble Guide