Sep 20, 2013

The Best Tablets for Your Student

Technologically challenged? Then you may not see the benefits of a tablet over a laptop — but your teen does. Whether she's still in high school or headed off to college, the features that tablets offer students are ultra useful. First of all, they're sleek and less cumbersome than a laptop, making them easier to carry from class to class. Most teens are adept at touchscreen typing, thanks to hours spent smartphone texting, but for those who aren't, keyboards can be docked or connected via Bluetooth for typing. Saving notes and documents with these compact devices isn't a problem, either. Many tablets now come with free cloud storage.

With the decision made that a tablet will be the most useful school supply for your kid, the only thing left is the toughest decision of them all: which one should you choose?

Take Note of (and On) the Samsung Galaxy Note

Whether you choose the 8-inch or the 10-inch, students who prefer handwriting their notes to typing will love the Samsung Galaxy Note. It comes with an S Pen, a digitized stylus that makes writing, diagrams and drawings crystal clear. Researching or working among different apps is a snap with the multi-window mode.

X-Perience the Xperia

Lighten your student's load with the Sony Xperia Tablet Z. It's a fabulous reader that's ideal for students who want to go full-on digital with textbooks, eliminating the need to lug the hard copy versions around. Opt for the 10-inch screen for easier reading of said schoolwork and for viewing a video now and then. Every kid needs some downtime, right? The Xperia is a wise choice for the accident-prone, too. Being dust- and water-resistant, an occasional spilled drink or tumble into the dirt won't phase this tablet.

A Good Idea

If what your student is looking for are tablets for music and games, Lenovo has a couple of devices at both ends of the price scale. For a budget tablet, the IdeaTab A1000 is a functional little multimedia tablet that's been optimized for music. The speakers are superior quality, considering that the A1000 is a lower-end model. At the higher end is the super-light Miix 10, with a sharp, HD Multitouch LED screen, perfect for gamers on the go. The Miix comes with a keyboard, too, making it a useful alternative for a laptop.

An Apple for the Student

You knew that Apple would land in a list of tablets somewhere, and here it is. This year, it's the 4th generation that students will be packing back to school, and for good reason. The iPad is just about the closest a tablet can get to a laptop without actually being a laptop. It's a top performer, featuring a range of useful apps, crisp display, a quality camera, and Wi-Fi so fast, you'll get whiplash.

Fire Up Their Education With a Kindle

Originally e-readers, Kindles are now going head-to-head with the big guys as all-purpose tablets. The newest generation, the Kindle Fire HD 8.9, has features you'll find in most budget tablets, such as ease of use, an app library, your choice of email programs, and compatibility with Microsoft Office and OfficeSuite Professional 6. Plus, you can't beat the book and video content available through Amazon Prime. Another thing the Kindle Fire offers that can't be beat — even by the iPad — is the battery life, clocking in at approximately 10 hours.
Enhanced by Zemanta

Sep 18, 2013

How The NSA Bypasses Online Encryption

Ever since the recent Snowden leak revealed that the NSA has the ability to bypass most online encryption I got to thinking about how they would do that. I also wondered if the SSL protected websites I manage were secure from their eavesdropping. I think the answer is yes, they are still secure, and here's why.

The leak said that the NSA is able to break some encryption, but they mostly collude with companies to bypass the encryption altogether. In a recent report from Slate, they specifically named Google as one of the companies that the NSA uses for man in the middle attacks. From that article:
Now, documents published by Fantastico appear to show that, far from “cracking” SSL encryption—a commonly used protocol that shows up in your browser as HTTPS—the spy agencies have been forced to resort to so-called “man-in-the-middle” attacks to circumvent the encryption by impersonating security certificates in order to intercept data.

Prior to the increased adoption of SSL in recent years, government spies would have been able to covertly siphon emails and other data in unencrypted format straight off of Internet cables with little difficulty. SSL encryption seriously dented that capability and was likely a factor in why the NSA started the PRISM Internet surveillance program, which involves obtaining data from Internet companies directly.

However, in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format.
Okay, so now we know that the NSA can impersonate Google's SSL certificates. How do they do it though? First take a look at this:

If you go to https://www.google.com you can check the certificate as shown above. You will see one interesting detail, and that is that Google is their own certificate authority and therefore can hand out certificates to whomever they want... Including the NSA.

Guess what, Microsoft (Also named in the original Prism leak) does the same thing:


For those who don't know, MSIT stands for Microsoft Internet Authority:


So there you have it, I think it's safe to say that the way they bypass encryption, at least for Google and Microsoft users, is by obtaining certificates from Google's and Microsoft's certificate authorities and use them for man in the middle attacks. If the NSA has agreements with other certificate authorities like Verisign or Comodo, that remains to be seen, but neither of those companies were named in Snowden's leaks.

What do you think about this? Let us know in the comments.

Enhanced by Zemanta

How To Enable TLS 1.1 in Firefox 23

As many of you know, I setup my own email server back when Edward Snowden first leaked the story about the NSA's Prism program. I wanted to get my email off of Google, and not only make an email server as secure as I could, I wanted to make it so that the government couldn't request my emails from a third party without my knowledge with a national security letter.

Anyway, up until last month all modern browsers supported at least TLS 1.1 with the exception of Firefox. Since I don't use Internet Explorer, and I stopped using Chrome because of Google's involvement with the NSA, that really left me with Firefox. Since Firefox didn't support TLS 1.1 or TLS 1.2, I had to configure webmail on my server to use the less secure RC4 128 bit encryption to make my server PCI compliant, and mitigate against the BEAST Attack. Not to mention being able to access it in Firefox.

That's all changed now. Like I said, last month Firefox 23 came out with TLS 1.1 support! The only problem is it's not enabled by default. To enable it you need to do the following:
  • In Firefox type about:config in the address bar and you will get this error:
  • Click the I'll be careful button to proceed
  • Search for security.tls.version.max and change the value from 1 to 2
That's it, now Firefox will be able to visit websites with TLS 1.1. That's good because now you can disable all versions below TLS 1.1 which will mitigate against the BEAST and will allow you to use 256 bit encryption again!

That's exactly what I did on my email server. I configured GnuTLS to use 256 bit encryption and I disabled TLS 1.0, SSL3 and below. I also disabled 128 bit RC4, and disabled RSA to force perfect forward secrecy.

Are you going to force TLS 1.1 and TLS 1.2 now that Firefox supports it? Why or why not? Let us know in the comments.
[Via Hiawatha]
Enhanced by Zemanta

Sep 6, 2013

What To Take Away From NSA Leaks In Regards To Security and Privacy

English: Anonymous Español: Anonymous
(Photo credit: Wikipedia)
We all know of Edward Snowden's Prism leak by now. I mean, I've been writing about it quite a bit, but there are other revellations from Snowden's original leak that keep seaping out, mainly to boost the readership of The Guardian. If the latter wasn't the case, they would dump all the information at once wouldn't they?

With Prism we learned that the NSA made deals with big technology companies like Google, Microsoft and Yahoo to get direct server access to your data. In a recent revelation on Wired we learned that the NSA prefers to gain control over routers, and networking devices rather than workstation so they can gather data from multiple sources rather than just one. In the latest NSA revelation, we learn of a program called Project Bullrun which once again shows collusion with technology companies, this time to help them put a backdoor into commercial encryption solutions, primarily (From what I can tell) SSL.

Let us also not forget what Snowden said himself in an Ask Me Anything session on Reddit:
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
So with all of these revelations I've come to the following three conclusions about the NSA's capabilities, and what we can still do to protect our privacy:
  • You can't trust commercial security, you MUST use Open Source (Unless it's issued by the NSA).
  • SSL/TLS is not good enough. You must use alternative non-commercial encryption methods where you control the key generation, and web of trust (Such as using GPG).
  • Endpoint security is paramount! End-to-end encryption is not enough, you must harden your systems.
Do you agree with my assessments? Do you have anything to add? Sound off in the comments!
Enhanced by Zemanta

Getting the Most From Your Home Theater Set-Up

If you’ve been craving the ease and luxury of a home theater but can't tell a blu-ray movie from a Beyonce album, here's a basic breakdown of the elements you'll need and how they work together.

The AV Receiver

Although you can get away with plugging AV cables directly into the back of your television and from there to your stereo or DVD player, it's much easier to use an audio-video receiver. Not only do they make switching back and forth between different devices— say, DVD player, gaming system, iPod or stereo— much easier, they also amplify sound and route video signal from devices to the television.

First, decide between stereo or A/V (sometimes called surround sound). Although the first type of receiver works well for music, the second will do major heavy lifting for your home theater. Not only does it make surround sound possible, it will handle the job of switching from one input source to another with ease, which a stereo receiver won’t, says DigitalTrends.com. For more information about receiver specs and choices, like power, processing and more, see their Ultimate Buying Guide.

Cables

Next on the list, according to Digital Trends, is to sort out your cables. Place your receiver and television where you want them and pile on any other devices you desire in your home theater (Blu-Ray, DVD, gaming systems, stereo, record players). You’ll need audio-visual cables to connect from each device to the receiver, and from the receiver to the TV. Make sure they are long enough to wind behind the device if you want them invisible.

The TV

You probably thought the television was the most important element, and it’s certainly the one most visible to your family and friends. The main choices are between LCD (liquid crystal display) and plasma, screen size and resolution. LCD screens are better for daytime viewing, come in a greater range of sizes and are generally thinner, according to Dolby. Plasma screens, on the other hand, have a wider viewing angle so more seats in the house will get a good picture, and also have smoother motion— great for sports. If you really want to blow it out, get a front projector with a mounted screen.

The Speakers

Speakers come in a range of channels, and generally speaking, the more channels, the better the sound. They range from 5.1 to 11.1 speaker channels, and are more expensive the higher they go. Although the experience gets more realistic as you go up, a 5.1-channel system is most likely adequate for all home systems, according to Dolby. Bigger isn’t necessarily better when it comes to speaker size, however, so choose based on which fit best into the room you’re overhauling.

Cable Vs Satellite

You’ll need to decide on the television package that best compliments your viewing experience. Satellite and cable are competitive when it comes to cost, availability of channels, and extras like on-demand movies, pay-per-view shows and DVR capability. Satellites, however, offer every channel in HD, but require a dish installation as well as good weather, according to GetDirectTV.org. Cables are easier to install, but you won’t get every channel in high definition.

Installation

You can do it yourself or you can pay someone to come out to your house. If you've got a tech-savvy relative, they might be willing to help. If not, retailers like Best Buy offer some good deals through their Geek Squad.
Enhanced by Zemanta

Sep 5, 2013

Another Free "Powered By Ubuntu" Sticker Action Shot!

Here is another action shot I received from my Free Ubuntu Stickers offer. This one comes from Ubuntu user Kevin Kauffman who put all four of the stickers I sent him to use on this collection of desktop computers!



Looking good Kevin!
Enhanced by Zemanta

Sep 3, 2013

How To Prism Break Your Android Device

User big brother 1984
User big brother 1984
(Photo credit: Wikipedia)
If you have been reading Bauer-Power for the last few months, you know I have been feverishly trying to Prism-proof my devices as much as humanly possible. I've removed Windows from all of my computers, including my work laptop and replaced them with either Bauer-Puntu Linux or Lubuntu. I've gotten rid of Gmail, and setup my own email server with encrypted storage. I've switched away from Google Search and started using Start Page. Basically I've done my damnedest to rid myself of all things Google.

There are two things that I just haven't been able to get rid of until now. One is this blog which is hosted on Blogger. I am not going to stop using Blogger though because by it's very nature the Blog is public, so I'm not concerned if the NSA is reading my posts. The other thing I can't quite shake is my Android phone.

As the Network and Security Manager for a technology firm in California, I need to have a smart phone so I can read email, get alerts and generally be available 24/7. The options in the smart phone market though are very limited when it comes to being free of the NSA's Prism program. Apple, and Microsoft are the other major contenders in the smart phone realm, and both were named in the Prism program. I could switch to Blackberry I suppose, but having been a Blackberry user and Administrator in the past, I think I would rather gouge my eyes out first.

Nope, I will be sticking with my Android for the time being until the Ubuntu Edge comes out, or perhaps the Firefox OS devices hit the market. That doesn't mean I'm going to take things lying down.

I got the idea for this post from Prism-Break.org. Under their Android section they recommended using the mostly open-source alternative to the stock OS that comes with most Android devices known as CyanogenMOD. They also recommended Replicant, which is made up of 100% Free and Open Source Software (FOSS) however its device support is limited, and my CDMA Galaxy S3 from Sprint wasn't one of them. They do support the International version of the Galaxy S3 though.

CyanogenMOD is pretty good though, the only proprietary things they still use are the hardware drivers. Also, they now come with Privacy Guard built in so you can keep applications from accessing your personal information. That's key if you value your privacy. Finally, CyanogenMOD does not come with any Google Apps installed by default, including Google Play. This is perfect if you want to avoid being tracked by Google which is a big player in the Prism program.

NOTE: Make sure you backup your important information. This process will wipe all your settings and data. Also, this may void your warranty. Proceed at your own risk.

So here's how you do it:
  • Install the latest ClockwordMod Recovery image using Heimdall on Ubuntu. Here's a video that explains that process pretty well. The only difference is you don't need the cache.img part that he mentions, and for the Galaxy S3 it's --RECOVERY not --recovery:

  • Next you will want to download the latest stable CyanogenMOD ROM and save it to your SD card
  • Next boot into recovery. On the Galaxy S3 you do that by pressing the up volume + home + power, and letting go when you see the "Booting to recovery" in the upper left of the screen
  • Select Install from zip > Install from External SD
  • Browse to the CyanogenMOD ROM you downloaded and select it then follow the prompts to install
  • After installation reboot your phone and you should see the CyanogenMOD splash screen. If it gets stuck on the splash screen, you may need to go back into recovery and wipe your cache and start over
  • When your device is booted up you will notice how bloat free your phone is. You may also notice that you don't have any Google apps installed!
  • Before you go any further, I recommend enabling Privacy Guard by going into Settings > Security > Privacy Guard. Select the option to enable it by default for all new applications
  • I also recommend encrypting your device by going into Security > Encrypt Phone. You can follow my instructions here. With CyanogenMOD you can encrypt your device with either a pin number or a passphrase
  • Now you need some apps. Instead of Google Play I recommend the following alternative app stores which should give you most of the applications you would want. All can be downloaded and installed from the browser on your device: Amazon App Store, SlideME, and F-Droid
  • From F-Droid you can install K-9 Mail and APG so you can send and receive PGP encrypted emails
  • Download and install TextSecure and RedPhone for encrypted text and phone calls. They are not available via the alternative markets, so I made the APK files available here for download: (TextSecure and RedPhone)
  • Instead of Google Maps for navigation, install the Mapquest Maps GPS & Traffic app from the Amazon App Store
  • Install Orbot and Orweb from the F-Droid app to browse anonymously over the Tor network
  • Install Gibberbot from the F-Droid app to chat over IM with OTR encryption
  • Install DroidWall from the F-Droid app to enable and configure IPTables Firewall

That's about it, and frankly all you can do to opt out of the NSA's illegal surveillance of Americans under the Fourth Amendment to the Constitution on your Android device. In the end, even the open source version of Android that CyanogenMOD uses is still made by Google, so there is no guarantee that they didn't put something into the code that allows the NSA to have backdoor access.

Still though, limiting the Google applications you install and enabling Privacy Guard should prevent Google from collecting a lot of the information they would normally collect on you to turn over to Big Brother. Also, the addition of end-to-end encryption enabled applications, as well as Firewall protection will increase your chances of avoiding the NSA as well.

For those who scoff at the idea of being able to avoid the NSA's vast surveillance with encryption, just remember that Edward Snowden himself said that encryption is effective at thwarting the NSA.

Do you have any other suggestions or tips for opting out of Prism on your Android device? If so, sound off in the comments!
Enhanced by Zemanta

Sep 2, 2013

Site To Help You Opt-Out of The NSA's Prism Program

The seal of the U.S. National Security Agency....
(Photo credit: Wikipedia)
We all hate the idea of our government spying on us for no reason whatsover right? The idea that they are somehow keeping us safer by watching our every move is laughable at best.

Sure, they say they aren't really abusing this power they have granted themselves, but time and time again that has proven to be false.

Even though there are attempts at repealing these powers, we all know that the loss of our liberties is something that won't come back easily. History has shown that the only way to regain our liberty is through bloodshed.

Well, we aren't there yet, so in the meantime the only way you can protect your liberties is by avoiding proprietary software that the NSA has connections in, and encrypt all of your Internet activities.

Finding all the possible alternatives to the proprietary junk you are used to can be a daunting task. That is why one guy known as @zcpeng on Twitter made a website to help you find all the tools you need. It's called Prism-Break.org.

From the page:
Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Stop governments from spying on you by encrypting your communications and ending your reliance on proprietary services.
Don't forget that I have joined the fight against government surveillance as well with my own Linux distribution with tools built in to help you avoid the NSA called Bauer-Puntu Linux!
Enhanced by Zemanta



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam