Ransomware decrypters

Filing for future reference for reference in case of a ransomware infection. This list gathers together a list of tools and references that may allow you to get access back to encrypted files.

Remember the best way to not get infected is to install a cryptolocker prevention tool (I use the Cryptoprevent), watch the sites you go to, educate yourself on what a phishing attack looks like, don’t run as administrator, use opendns (or google safe browsing) and ensure you have a good backup that is not accessible from your normal machine with your normal credentials.

If you know of any others then please let me know.

Edit – https://www.nomoreransom.org/ is also a good resource and probably should be your starting point. It even allows you to upload an encrypted file (or the ransom note) and will then check what version of crypto you have and let you know if there is a decrypter available for you.

Book Review – The Art of Invisibility by Kevin Mitnik

The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick
My rating: 4 of 5 stars

A cautionary tale of just how visible you are on the internet and in todays connected society.

First off I am fully aware of the irony of posting a review of this book online on Goodreads, my blog and Facebook after reading a book on how to be invisible on the internet…..

This was a an entertaining read and although I work in the IT field, there were still some security facts in the book that I was not aware so I learnt a fair amount. There are also some useful references for security tools that I had not been previously aware of (although I’m not a security professional).

Despite the above, the book isn’t too technical to make the non IT person bored but it may well make them paranoid! There is a huge emphasis on becoming invisible in the book through extreme measures such as paying a complete strange to buy some gift cards at a store that doesn’t have cameras in the store OR on the way to the store, then using that to buy bitcoins – twice to ensure they are completely laundered and then using those new coins to purchase various items. Not something that the average person in the street is likely to ever do ……and I must admit I do wonder if someone needs to go to all that trouble, would they be reading this book?

There are useful hints and tips about using secure messaging, email etc that can be used by everyone just to keep their internet usage secure which are not too extreme for the day to day consumer.

But for the ultra paranoid/nefarious, this book will either help you solve some of your issues or make you even more paranoid as it brings up points you hadn’t thought of before….

Thanks to Netgalley for the opportunity to read and review this book.

View all my reviews

Cloudflare checker for Lastpass in PowerShell and .net

With the recent report of cloudflare credentials being cached/available in search engines, it is always wise to see just how many sites you’ve logged into recently. If you don’t use a password manager, then you will have a fun time going through your browser history, working out what sites you logged into and then changing your passwords.

Hopefully you are using a Password Manager by now and there are several routines available (with source) to check an exported list of urls from your manager of choice against a public list of cloudflare protected sites.
I used CloudFlareChecker as I could use powershell to filter out my password list to url’s first and then run the site list through the tool (which required the .net runtimes installed).
Out of 1200+ url’s in my password export, there were 25 sites using cloudflare. It didn’t take too long to change credentials and update the passwords in LastPass. Yes it’s worth doing for all sites – but I really don’t have time to log into that many websites!

If you don’t use LastPass then there are several other resources at your search engine of choice that will help you check firefox saved passwords (hopefully you don’t), Keepass or even check an individual website for potential issues.

As an aside, I’ve been trying out Dashlane as an alternative to LastPass but I’ve not been very impressed with it so far. It fails to recognise any saved credentials for Office365 and the extension doesn’t even activate in Chrome so I’m staying with LastPass. If you haven’t signed up for a Password Manager yet, then signing up with this Lastpass premium link gives us both a free month of premium access and if you have any questions then let me know.

Book Review: The Secret Language of Dogs

Image of front cover of The Secret Language of Dogs
Front cover of book

I grew up in a non dog (or even pet) owning household but loved dogs that came into my life through various means and our 110lb Doberman/Lab mix was so awesome. He was very easy to understand – feed me, pet me, “Hey – I was sleeping there” and “Welcome home Dad – here’s your giraffe” were all phrases that were very obvious to us.   Our new dog, Lola, or “Princess Fluffy Pants”, is not so clear as to what she wants so I hoped that this book would give me some insight into her brain.

At (allegedly) 2 years old, she is still very much a puppy and as a rescue dog has some very strange reactions to us.  Most of this is due to her separation anxiety – when we come home, she runs around the house like a lunatic for several minutes, she barks at people who come into the house and is very protective but when we are out and about she has no problems with strangers.

Getting the opportunity to read and review the Secret Language of Dogs was great timing.
The book is full of really cute pictures of dogs so it feels like you are reading a Pinterest or Instragram feed with a small bit of dog behavioural knowledge thrown in. There was a fair amount of information as to why the dogs do the strangest things, but not a lot of guidance on how to counteract that kind of behaviour. I would imagine that most people (including me) who read this book are looking for advice on how to change the dogs reactions to certain things – coming home, the postman or why does she still continue to pee in that corner after I’ve just taken her outside?
Unfortunately the book seems to be pretty light on actionable tips and I am still wondering why she is doing that and how to overcome those strange reactions. Our biggest challenge with Lola is her separation anxiety and the book didn’t really give many practical tips on dealing with this. We know we should try to slowly increase the time we spend apart from her, but as we have full time jobs it’s not like we can go from 1 hour apart to 2, to 3 to 4 etc. Strangely enough she is ok a lot of the time, but occasionally lapses into bouts of severe anxiety which results in “accidents” in the house

All in all, a quick, beautiful read and good for leaving out on the coffee table or in a veterinary waiting room, but more detailed information needs to be provided to make the book really useful.

*I received a complimentary copy of The Secret Language of Dogs from Blogging For Books for my honest review.

Lola our chabrador lying on a very orange couch
How can you resist this cute face?

Vorfreude® Single Rabbit Black review

I was pretty pleased to get the 10 pack of  Vorfreude® Single Rabbit Black 3m clips that help to keep cables organised as I don’t know about you but as I plug in a lot of devices into the computer and charger I often have that small moment of panic as I see the cable disappearing down the back of the desk as it is released from charging the phone and evil gravity pulls it down.

Although these are called single Rabbit’s, this doesn’t mean you only get one Rabbit (which would be really expensive!) you actually get 10 in the pack for $10– but each one will only hold 1 cable. Vorfreude does have different rabbits that can hold up to 3 cables and also in different colours to match your decor. These particular clips came with “rabbit ears” which don’t seem to serve much of a purpose apart from making it slightly easier to guide the cables into the clips.

The clips are pretty small and suitable for holding usb cables and such, but a power supply cable for a monitor or desktop are too big to fit in the hole of the clip which does reduce their usefulness a bit (see picture on the right for a monitor power cable on top of the clip.)

Monitor cable does not fit in the clip
Monitor cable resting on the clip
Glasses held in place at the edge of a table
Glasses (or cables) are securely held to the side of the desk

When working on a lot of computer parts it is handy to keep all the power cords for the power supply and monitors at the top of the desk ready for use but these clips would be too small for that. They are also too small to hold pens, but they do hold glasses firmly on the side of the desk (left).

The devices are stuck to your desk or other flat surface with 3m sticky pads – strong enough to stick firmly and not get knocked around easily, but they are also not a permanent fix so they are possible to remove without damaging the surface which is great if you haven’t quite decided where you want to put them.
Note that although I did receive this item at a discount, I would buy these again, but probably opt for the larger, dual models so I could keep 2 power cables safe on the top of my desk. However at the full Amazon price of $20 they would be overpriced – at $10 it’s not bad value. The clips seem to do the purpose and are described as small but they should really be a bit bigger for practical purposes – I’d give them 4/5 stars.

#Vorfreude

Book Review: The Tunnels – Escapes under Berlin Wall.

When I was a kid, I enjoyed the exciting tales of tunnels and escapes from prisons such as Colditz and as a young kid, that was basically all they were – thrilling tales of adventures and escapes. So naturally, a book about the Berlin Wall and the escapes (mainly) underneath it was going to be intriguing reading. I can clearly remember the night that it was announced that the wall was coming down and free movement was now available so although the ending of the book was not a surprise, it was still going to be an interesting read.

The Tunnels by Greg Mitchell front cover Greg Mitchell writes a very detailed and exciting book that gives details on several escape methods used to leave East Germany, not just tunnels although they are the primary focus. The depths that the diggers went to,their heroism and the risks that the escapees took deserves a wider audience and this book provides a very detailed account of what happened.

Apparently both NBC and CBS were trying to capture exclusive footage of tunnel escapes for their network and some of the book details the political twists and turns as the producers and networks attempt to get the films released despite the protestation of various governments who feared the political fallout and risks during this cold-war era. It was pretty scary to see just how close the US was to war with Russia in the cold-war era and how big of an impact the Berlin escapes were having.

The pictures included in the middle of the book give an additional indication of what happened under the streets of Berlin. I had not heard details of the escapes or seen pictures of the Berlin Wall so this book also provided a detailed history lesson from this era.

I thoroughly enjoyed the book and got a new appreciation for what happened back during those years and an appreciation for the freedom of movement that we currently enjoy. Highly recommended.

As a follow up to the book, I will be watching the NBC video, East Germans escape through tunnel that will provide an extra insight into the situation. I would recommend that you read the book before watching the film though.

A special thanks to Blogging for Books for the review copy of this book.

Remotsy – voice control for the tv

No more remotes
Image thanks to redjar at flickr

I just signed up for my first Kickstarter project for the remotsy package. A device that integrates with smartthings and alexa to control your remotes by voice. No more moving the cat and dog to see if they are sitting on the remote or hunting for them if they are not underneath them – instead I can just say “Alexa – continue watching Gilmore Girls” and the bluray will turn on, along with the tv and the lights can dim. This will be useful to reduce the number of remotes for our home entertainment system(currently at 4 total).
Watching the demo videa was amusing as they demonstrated Alexa commands – naturally my Alexa heard the ad and chimed in and although it got the time right, everything else was a “Sorry I don’t understand”
At $57 including shipping for a beta and a retail device it’s also pretty reasonably priced. There are quite a few packages left at the moment, but the project has just been released so I expect it to sell out pretty quickly

Review: TravelSafer digital pressure gauge

Both Brandi and I have had alerts in our cars come up to say that our tire pressures need to be checked. Unfortunately neither of the cars actually tell you *which* tire has the problem so it requires checking all 4 tires (which probably should be done anyway). Naturally the stations never have working air or pressure gauges and as I have an air compressor at home – I need a quick way of checking the pressures. I think this is actually caused by the temperature dropping and getting cold overnight as it only seemed to happen on the couple of cold nights we have had recently.

I already have one of those stick gauges – you put it on the valve stem and it shoots out a piece of plastic with marks to tell you the pressure and each tire came up with the right pressure give or take one psi so I wasn’t sure which tire had the problem.

I was given the chance to review the TravelSafer digital pressure gauge and due to the above issues I jumped at the chance to get a second opinion on the tire pressures.20161106_091352

The gauge arrived in see through plastic on a cardboard backing (left)  and was very easy to open which is a plus – no need to go and get scissors to open this.  It requires a 3v (supplied) lithium battery,  so the device was ready to use straight away. It does look like the screws that hold this device together are really recessed, so switching out the battery may require some long jewelers screwdrivers in order to take the two halves apart. Hopefully the battery lasts a long time!

 

 

When I went to check the pressure on the car, I discovered a major  shortcoming in that the device is pretty bulky and it was difficult to get the device on the valve without the hubcap getting in the way. The device is about 3cm wide so make sure you have plenty of room by the valve stem. You can see the difference in size with the image below – it was a bit too bulky (but not impossible)  to fit on the stem with the hubcap on and nobody is going to remove the hubcap to check their tire pressure!

gaugecomparison-smallThe device however does  seem to be accurate and was within 1 psi of my original manual device when I checked several tires so it’s reading is pretty consistent.  The pressure is displayed for about 30 seconds so you get plenty of time to remove from the tire and then check the readings. The image below shows the reading of 25.5 on the device and about 26-26.5  on the manual device
20161106_091746

 

The device The light of this device helps to see where the valve stem is has a blue light that is always displayed whenever you take a reading. During the day you are not going to notice it. It is pretty handy to see at night when you are trying to check the pressure. The light is not strong enough to ruin your night vision or read the paper with, but is enough for you to be able to see where the dark valve stem is in the dark. The reading display is back lit to make the numbers more visible.

The device also shows you the pressure in psi, bar, kpa or kg/cm – the vast majority of you are going to use this on your car tires but the other pressure readings will be useful for air compressors too (I guess?). Switching between the scales is a simple push of the power button to cycle through the 4 stages.

 

 

 

 

 

 

 

 

This device works well if your hub caps allow plenty of access to your valve stems and it makes it a lot easier to read the pressure of your tires. The light also makes it easier to use at night, but it’s not bright enough to use as a flashlight to navigate around the car in the dark.

Note that I did receive this item with a promo code and this doesn’t affect my review of this product – it  is a useful addition to the glovebox in the car, is easier to use than the manual device, but lacks some features that would make it the ideal tire pressure gauge for me. #TravelsaferDigitalTirePressureGauge

Last.fm password breach – you’re doing it wrong.

Last.FM logon page

I received an email from HaveIBeenPowned this morning – the incredibly useful service that lets you know if your username and password was released in a data breach. This time around it was last.fm – a streaming radio station that was pretty popular a long, long time ago.   I went to log into the system and checked my gmail account for email from last.fm to see if I had my membership confirmation email – nothing. I had 1 email from last.fm back in 2008 when I had received a friend request (I am so popular!) – that was actually a spam request.

Obviously I had not used the service for a very, very long time. The data breach occurred in 2012, was known about in 2012 and yet they had done nothing about it then. They had also not done anything about it recently after the data breach was leaked as I had not received an email lfrom them etting me know my account had been breached.

To add insult to injury, the old password was still active and I was able to log in with it. I can understand a small pokey geocaching website not understanding security correctly and leaving passwords the same after a data breach with only a small notification on the website, but even they reacted after I sent them an email to say they need to do something better and at least inform their visitors and ideally change their password.  Last.fm really have no excuse as they are big enough that they should know better and all of the accounts should have had their passwords changed once the breach was public or better yet, when they knew about the breach.

Instead, the list of usernames and passwords are still out there for people to search and log in with.

I guess the argument for not changing the account password is to let the subscriber log in with their original password that they know about. If the email address was now invalid and the password was changed by last.fm then the user would not be able to get into their account anymore….on the other hand if last.fm does not change the password, anyone could log into the account,reset the password, have access to all the data (including the persons email address) and the account holder would not be able to gain access. The hacker will not be able to change the email address though as they have put protection in place to prevent the email address being changed without a verification email link being clicked on so I guess that is something…..

This is also yet another reminder to use a password manager to “remember” all of your passwords for each site – don’t use the same one at each location. I highly recommend LastPass (unless you are a user with multiple accounts at Office365). At $12 a year  for syncing between all of your devices it is well worth the cost and if you sign up with the link above we both get an extra month for free. I used to use the free KeePass software which is standalone and doesn’t hook into your browser like LastPass but it can also sync between devices (with a bit of finagling.

What do you think – should last.fm have changed users passwords when the data breach went public?  Have you signed up for HaveIGotPowned?  If not – what are you waiting for – it’s free and a great first response tool to keep your accounts more secure.

Arj compression – anyone remember this?

We had an interesting ticket come in today where an antispam system had let through a file compressed with the arj format. This immediately brought back memories of compressing files back at university – in the very early 90’s and a format that used to be very popular but nowadays most people, including the rest of our techs had never even heard of.
I am guessing the spammers were hoping that their recipients have winzip, winrar or 7zip installed so they will be able to open the infected file and that as the file format is so old, av scanners will not check them.

Anyone else out there remember Arj files and anyone (dare to admit that they) still use it?