Sunday, February 19, 2012

Software : Tutorial: How to protect your passwords with KeePass

Software : Tutorial: How to protect your passwords with KeePass

Tutorial: How to protect your passwords with KeePass

Posted:

Tutorial: How to protect your passwords with KeePass

How to protect your passwords with KeePass

How many passwords do you rely on every day to live and function online? Think hard about all the accounts you have to log into – we're sure it reaches a dozen, including news sites, forums and others.

Do you leave them all logged in or do they generally all have the same password?

It's an uncomfortable question, because password management skills are something to which most of us would rather not draw attention. People in offices, for example, often write passwords on whiteboards.

The need for passwords is a problem that won't go away, but as we've seen recently, some cross-site scripting vulnerabilities rely on you leaving yourself logged into online accounts to do their fiendish work.

Luckily, there are ways of securely and portably managing all of your essential passwords. Why passwords?

Passwords have been around since antiquity. Guards would challenge people trying to enter restricted areas and only let them pass if they knew that day's word – hence the term. Used correctly, they're still an excellent method of securing access to resources.

The problem is that the need to remember so many of them means vulnerabilities quickly creep in. Today we have so many passwords and there are so many people trying to gain access to them that using some form of password management tool is becoming essential. The results of not doing so can be embarrassing to say the least.

How many times have you seen Facebook friends post shocking status updates, only to discover that a friend or family member had taken advantage of the logged-in account for a laugh? Beyond the embarrassment, reputations and even whole identities can be taken, and the rightful owner locked out, simply by changing the password on an account that's been left logged in.

Management tools

There are several excellent password management tools that will help you keep track of all the passwords you need for life online. They fall into four basic categories.

First, there are those that store your passwords securely on a local storage device and let you access them via a secret master key.

Next, there are those designed to run on mobile devices, such as smartphones. With the rise of cloud computing, there are now several password managers designed to follow you anywhere, which are accessed through a web interface.

Finally, there are hardware password management devices integrated into services, such as those used by banks which generate complex sequences of challenge and response codes to authenticate you.

What all these password managers have in common is the simple requirement to remember a single, master password that grants access to all the credentials they store. Many password managers will even fill in web forms for you, making login procedures more convenient.

Introducing KeePass

avast

ANTI-VIRUS WARNING: Opt to run KeePass normally, otherwise the database won't be saved

KeePass is a free password tool used by millions of people every day. More importantly, it's open source.

Where your passwords are concerned, this is a good idea because it means that anyone can inspect the source code, compile their own executable and be sure that no keylogger or malware is lurking and skimming off their credentials.

KeePass is available from http://keepass.info. Click the link to download Portable KeePass Version 2.17 (the stable edition). This requires no installation and will let you store passwords on a USB stick. This in turn lets you carry your passwords around securely wherever you go.

Once the file is downloaded, open it and look at its contents. Drag and drop all the files onto a USB memory stick, then close the zip file to discard it.

To run KeePass, simply double-click KeePass.exe. After a few seconds, the interface appears.

The first thing we need to do is create a secure database to store our passwords. To do so, click File > New. Navigate to the USB memory stick, name the database if you like, and click 'Save'.

A new window appears. Enter a password in the 'Master password' input box. This is the password that will be used to encrypt the database and is the only one you'll need to remember. Make this as long and as varied as possible.

As you enter the password, KeePass will calculate its strength. Enter the password into the 'Repeat password' box then click 'OK'.

A new window appears allowing you to configure various database settings. The defaults should be fine for the moment, so simply click 'OK' to continue.

The main window changes to show two example password and username pairings. KeePass refers to these as 'entries'. In the left-hand pane are convenient groups into which your passwords will fall. You can rename these, delete them or create new ones by right-clicking this pane.

Add passwords

Keepass interface

STRENGTH RATING: Adding a password to KeePass lets you assess its strength

To add a new entry to a group, select the group then right-click the main panel and select 'Add entry'. A new window opens. Enter a title, username and the password.

Again, KeePass will judge the strength of the password for you. Enter the URL for the login page where the credentials will be used, and finally click 'OK'. Now save the database by clicking the floppy disk icon at the top.

The most immediate way to use usernames and passwords saved in the KeePass database is to click on one, then click its URL in the lower pane of the user interface to bring up the relevant login page, and finally drag and drop the username and password into the input fields of the website. You can also right-click an entry, select 'Copy username' or 'Copy password' and paste the text into the input box on the website.

Note, by default, you have 12 seconds before the clipboard entry is erased to prevent malware stealing the pasted credentials.

You can also have KeePass attempt to automatically fill in the username and password fields when you visit a website and want to log in.

To do so, right-click the relevant entry and select 'Edit/view entry'. This makes the same window appear as when you added the entry's details. Click the 'Tools' button at the bottom of the window and a small drop-down menu appears.

Then click Select field reference > In username field. A new window appears. Due to a glitch, you must select the entry you want to modify again. Click both the radio buttons marked 'Username' in the lower part of the window, then click 'OK'. Click 'OK' on the parent window.

When you select the entry in the main user interface, the details including the URL appear in the lower pane. As before, click the URL to bring up the login page.

Return to KeePass, right-click the entry and select 'Perform Auto-type'. Back on the login page, the username and password fields should fill themselves in and log you in.

Most login pages allow you to enter a username then press [Tab], enter the password, and finally log in by pressing [Enter]. This is also the default action of Auto-type.

If you need to add an extra tab between username and password for Auto-type to log you in properly, you can edit the sequence by right-clicking on the entry, selecting 'Edit/ view entry' and clicking on the Auto-type tab on the resulting details window. Click the 'Override default sequence' button and you can add a new '{TAB}' to the sequence.

Securing KeePass

Securing keepass

SIMPLE FORMS: You can make KeePass fill login credentials automatically by setting up the Auto-type facility

KeePass has a lot of options for customising its behaviour, chief among which are the security settings. To access these, click 'Tools | Options'. The resulting window has several tabs. Ensure the Security tab is selected.

The four most important checkboxes are at the top of the pane, and relate to the length of time before KeePass locks itself after periods of inactivity.

However, there are also some very useful options in the lower pane. Among these are the options for locking the interface and exiting KeePass instead of locking. These are very useful in situations where you need to get KeePass off the screen as quickly as possible and have it secure itself.

Also make sure you tick the box that locks KeePass if you suspend the computer. That way, if you're running it on a laptop when you're out and about, you can simply close the lid and the program will be locked and secure when you (or anyone else) next resume operation.

If you visit lots of websites every morning when you first boot up, you can also have KeePass run automatically when the current user logs in. On the 'Integration' tab, simply click the box marked 'Run KeePass at Windows startup (current user)'. If you use this option, you will have to remember to have your USB memory stick inserted when you boot up the computer.

Many of the other options might seem as if they've been included simply because they're possible, but lots of them are actually very useful. One such option is on the Interface tab. Clicking 'Drop to background after copying data to the clipboard' brings the window behind KeePass to the front. If this is your web browser, it's a convenient way of grabbing focus to paste a username or password into a website's login page.

keepass master password

MASTER PASSWORD: After you set KeePass to run at boot, the master password window should appear

So, KeePass can securely look after all your passwords, thereby requiring you to remember just one. It's easier to change just one password on a regular basis rather than needing to change perhaps several dozen, but change it regularly you must. In fact, you should do it every few weeks or so.

It's easy enough to do by going to File > Change master key. As long as you remember to take your USB memory stick with you, you will never forget the passwords to your accounts no matter where you are and no matter how many times you change their individual passwords.

Tutorial: Turn an old laptop into a CCTV camera

Posted:

Tutorial: Turn an old laptop into a CCTV camera

Make a CCTV system using an old laptop

Look above the screen of a laptop or netbook, and there's a good chance you'll find a pinhole that hides a camera.

If you're anything like us, you haven't used this camera since last Christmas, when you tried to use it to connect to your family in Australia – then they had firewall problems and you all gave up.

We're going to put that neglected camera to use in a surveillance system – not the kind used by Gene Hackman in The Conversation, but a CCTV for stuff you'd like to keep an eye on, like the garage door or your rare Barry Manilow records.

We're using ZoneMinder. It runs alongside the Apache webserver, monitoring camera feeds and making them available through a web browser, but that's only the start. It can be expanded into a full home security system, complete with offline recording, motion detection and multiple camera zones, all of which can be run from your Linux laptop or netbook.

The first step is to get it working with a single camera – the one sitting above your screen.

Project requirements

A Linux PC

You can use either a netbook with a built-in Linuxc-ompatible camera or a PC with a webcam. We've used Ubuntu 11.10, but any recent version of Linux should work fine for this project.

A webcam

If you don't have a netbook or laptop, an external webcam attached to the PC will still do.

1. Troubleshooting

step 1

The key to a successful ZoneMinder installation is having a working camera before you start. ZoneMinder can't troubleshoot video input – it can only process what Linux has already configured.

The vast majority of cameras will be set up automatically, either when you install your distribution (in the case of a screen's bevel camera), or when you connect them to the USB bus. If a camera has been detected and a driver installed, the system will create the /dev/video0 virtual device on your filesystem.

You can check for it with the command line or a file manager. You might find it has a slightly different number, or no number at all, especially on older systems, but to test the camera, you need to make sure it's grabbing video data.

You can do this with the Gnome application Cheese, although it will need to be installed manually on the latest version of Ubuntu. You can use it to take photobooth-like images with the camera and add realtime effect to the video without any other configuration, but we prefer the austerity of VLC, which also needs to be installed.

This can stream video footage directly from the camera – just select 'Open capture device' from the File menu and make sure the video device name is '/dev/video0'.

If the video works, you can start installing ZoneMinder. If not, you'll need to check your system logs (type dmesg), but you'll probably have to track down custom firmware and a tool to load it into your camera.

If all else fails, you can use a cheap USB webcam or look into investing in a IP-enabled version.

From VLC, you need to make a note of the settings it's using to play back the video. You can see these by going to 'Tools > Media information' and selecting 'Codec details'. Make a note of the resolution and the codec being used – you'll need these when we add the camera to VLC.

2. Install ZoneMinder

step 2

Ubuntu 11.10 includes almost up to date packages of ZoneMinder. We recommend installing these rather than tracking down the latest packages so you don't have any problems installing further dependencies. Just search for 'zoneminder' in the new Ubuntu Software Centre and click 'Install'.

About halfway through the installation will appear to stop, but what's really happened is that a requester window has appeared behind the Software Centre and is asking for input. Switch to this using the 'Minimise window' icon on the top left.

The first request is asking for a password for the root MySQL account. MySQL is used as the database for all the non-video data, and the root password is needed to create a database, and for administration.

You'll then be asked for the mailname of your system. You can keep this and the following questions at their default values.

Unlike the old Ubuntu package manager, Synaptic, it's not always obvious when the Software Centre is installing dependencies, but you can check what else was alongside ZoneMinder by switching to the 'History | Installation' view. You should see many packages installed, including Apache and PHP5.

You can check Apache is running by pointing a local browser at http://localhost. You will see the 'It works' message.

You now want to make ZoneMinder the root page for your Apache server. To this, open /etc/apache2/ sites-enabled/000-default with your favourite text editor as an administrator (try preceding it with 'sudo nano' if you don't have one). Look for DocumentRoot and change this to /usr/share/zoneminder, then do the same with <Directory /var/www/> by changing the /var/www part.

We also need to add the user who's running the web services to the group that can access the video device. You can do this from the command line by typing sudo usermod -a -G video www-data.

'Video' is the group created by Ubuntu for accessing the device and 'www-data' is the username used by Apache. You can check the group has been added correctly by typing sudo id www-data, and the output should look something like the following: uid=33(www-data) gid=33(www-data) groups=33 (www-data),44(video)'.

Now type sudo service zoneminder restart (tab completion works here), followed by sudo service apache2 restart.

Load http://localhost into a web browser, and you should see the ZoneMinder web interface.

3. Add a camera

step 3

Don't be put off by the sparsity of the interface – there's plenty of power behind those frugal buttons.

The first thing we need to do is add our camera to the configuration. Click the 'Add new monitor' button. This will open another small window with five tabs.

On the first tab, change the name for the monitor to something descriptive – this will help if you decide to add any further cameras to your configuration later on. Below this, keep the source type set to 'Internal' and the function set to 'Monitor'.

Now switch to the second tab, labelled Source. In the first field, Device Path, enter the address of the video device we used earlier. For the majority of installations, this is going to be /dev/video0.

The capture method needs to be Video for Linux version 2 and the device channel is normally 0, although this is where we need to take our settings from VLC.

The device format should be either PAL or NTSC, but if one doesn't work, try the other.

Choose a capture palette from the menu that best corresponds to the codec used by VLC (ours was YUV420) and enter the width and height as the resolution from VLC too. Save the settings with the button at the bottom of the window and you should see your monitor listed in the main window.

The colour of each field in this table is important, and if anything is coloured red, that means it's not working. This is most commonly seen in the Source column, when an IP camera is no longer available or you've got the wrong device name in the monitor settings page.

You can check that it's working by clicking its name in the first column. This will open another window containing the video stream from your device.

4. Motion detection

step 4

The point of a monitoring system like this is that you don't have to waste hours watching footage. You want to be told if something happens, and ZoneMinder does this by enabling motion detection for your monitor.

This is hidden in the source configuration page we used before, and can be opened by returning to the main table and clicking on your monitor's device in the Source column. Look for the Function menu on the first page. It should read Monitor, and we want to change this to Modetect. Other options include Record and Morecord.

Record uses no motion detection, but records snippets of input at set interval. Morecord is a combination of motion detection and record. Make sure the Enabled flag is set.

With Modetect set, save the settings. The colours for that monitor will be different, and the function should say Modetect. If you click on the monitor, you'll still see the input from your camera, but motion detection is now running.

From now on, if the system detects any significant difference in the video view, it will trigger an internal alarm and record the event to a buffer. Try it with your hand. The state will change to Alarm and an event will be added to the list under the stream.

When you click the name of an event here, another window appears, and from this you can play the video that was recorded from the buffer before the disturbance to a period of stability afterwards. You can fast forward, rewind and skip to time slices.

5. Event management

step 5

Going back to the table view, you'll see that each event is also registered in the hour/day/week/month columns, and you can click on the numbers within these to show a filtered list of events corresponding to your time scale.

From the event management window, you can choose to archive events, export, delete and edit them, although the last option is only for adding text notes. You can also use the Filters button to specify criteria for events, with a timeline view that can be used to highlight which part of the image triggered the event.

Clicking on the red line of the event will open the playback window. If you want to be informed remotely when an event is triggered, open the Options window from the main table view. Under the Email page you'll be able to enter your address and server details so that you can be informed as soon as something is detected.

It can also upload the events, along with the video, to an FTP server, which is useful if you want things backed up before a burglar finds your laptop.

Fortunately, now you've created the ultimate expandable home CCTV monitoring system, it will never come to that.

Tutorial: How to install Android on other devices

Posted:

Tutorial: How to install Android on other devices

Installing Android on other devices

It's the open-sourced nature of Android that has enabled it to proliferate so widely, but it's the touch-friendly interface that has had it so eagerly embraced by so many.

This has enabled anyone that wanted, to direct their intellectual powers to porting Android to any device they want.

This has lead to disgruntled owners of Android devices that have waited a few months too long for OS updates to create their own updated builds.

Owners of devices with outdated or dead operating systems – such as Windows Mobile – have devised builds of Android of their own.

While people who just fancy the damn challenge have done it for perfectly functioning devices, such as the iPhone 3G.

Robot spares

HP touchpad

For this example we've picked the HP TouchPad, there was a lot of noise about this in mid-2011. HP announced it was dumping its WebOS division and there was a fire sale on its only tablet the HP TouchPad.

This runs WebOS, which, while in itself is a fine OS, has very limited third-party app support. With the death knell sounded for WebOS the challenge was on to create a working build of Android.

The renowned hacker group, CyanogenMod took up the challenge and delivered a working alpha in a month.

So how do you go about replacing the OS on a device? It's just like replacing an OS on a standard PC but with the added complications of gaining the right access to the original OS; having the tools to inject a replacement boot-loader; and having access to a replacement OS with the correct drivers in place. Sounds tricky, doesn't it?

Thankfully the internet is a vast and varied place, inhabited by helpful and intelligent types. Sites like http://xda-developers.com and http://rootzwiki.com host communities of avid Android fans, dedicated to creating builds of Androids for specific devices. These gals and guys have created an armoury of tools that people can easily reuse for a host of devices.

Missing a pillar

HTC phones

Three basic pillars are required: a copy of the target OS for the device; a system to inject this onto the device; and a boot-loader to kick start the device with the new OS.

The injection stage is interesting as it usually hijacks the manufacturer's built-in firmware upgrade or recovery process. Most devices provide a low-level recovery mode that involves holding down a combination of hard buttons as it's turned on.

With the HP TouchPad this is the Volume Up button. For other devices, such as the iPhone this is initiated via the software itself.

Beyond that initial process, of course, a build of Android is required, ideally but not necessarily with all the device drivers in place. As with Windows, lacking a driver doesn't necessarily break a device but renders that part – be it the GPS, Wi-Fi or audio for example – useless or in other cases semi-functioning or often functioning but lacking power-saving features. If you jump onboard a part-done build you'll often find such issues.

Last, the boot-loader kicks the whole thing off. For some devices, usually those that cannot be flashed, this is a one-time process that has to be rerun each boot. The HP TouchPad gets the best of all worlds as it can be partitioned and have a multi-OS boot-loader installed called Moboot.

You won a brick

iPhone android

Do be aware there is a chance of bricking your device. We strongly advise backing up your data and any files on it. It's well worth fully charging the device beforehand and leaving it plugged in as well.

Once the 'upgrade' is initiated don't interrupt it, even if nothing seems to be happening. Once Android is in place there can be issues with Android Market and it will often need installing separately, but we cover that below.

On some devices it may also block many apps as the device isn't correctly recognised. This can often be fixed by clearing and force stopping the Google Services Framework and then the Market via application settings.

Beyond this there's a world of Android enjoyment to be had. The Android 4.0 source code has been released too, so we're expecting a slow update for many devices to the tasty Ice Cream Sandwich.

Disclaimer: Future Publishing Limited provides the information for this project in good faith and makes no representations as to its completeness or accuracy. Individuals carrying out the instructions in this project do so at their own risk.

Installing Android: How to do it

Part 1: It's easy, like brain surgery

1. All your fault

prep 1

Let's be up front, this is third-party alpha software that replaces the boot-loader and installs Android. Things can go wrong and if they do it's all your own fault. We strongly suggest you back up.

Select Launcher > Settings > Backup to secure at least your settings. We'll outline later uninstall and emergency recovery options that could save a seemingly bricked device.

2. Get ready

prep 2

First, make sure your HP TouchPad has at least 2GB of space free. It's usually not an issue.

Next, you'll need your USB data cable to hand and download the required files from the RootzWiki page. Four files are essential: ACMEInstaller ZIP, CM7.1.0-tenderloin-a3-fullofbugs-signed ZIP, Clockwork Recovery ZIP and the Moboot ZIP.

Only extract the ACMEInstaller.

3. Get even more ready

prep 3

You will also need to download the HP TouchPad Novacom driver, this is usually part of the SDK but you can grab just the driver from here.

If you don't have Java installed grab that as well from http://java.com and run the JAR file you just downloaded. This installs the driver required to access the HP TouchPad in its recovery mode to inject the new boot-loader.

Part 2: Wipe out WebOS

1. Fire the files

install 1

Boot the HP TouchPad into WebOS as normal. Attach it to your PC via the USB and mount it as a drive. Open My Computer, locate the HP TouchPad and in the root create a cminstall folder.

In to this copy the three unextracted ZIP files: moboot, update-cwm, and updatecm-7.1. These represent the Moboot, ClockWork Recovery and CyanogenMod Android files.

2. Moment of truth

install 2

Eject the HP TouchPad from the PC as normal and power it down. Turn it back on while holding the [Volume Up] button. As soon as it's on a large white USB logo should appear.

Connect the HP TouchPad to the PC and it should be detected as new hardware via the Novacom driver. If the TouchPad isn't recognised you need to get the Novacom driver installed. Try a reboot if you haven't already.

3. Install Android

intsall 3

Extract the ACMEInstaller file to the desktop. Select Start, type 'CMD' and click 'OK'. In the command prompt type 'CD desktop', press [Return] to change directory to the desktop.

To start the Android install, type the following line into the command prompt. If Novacom cannot be found, locate the Program Files > Palm > SDK folder and copy it to the desktop: novacom boot mem:// < ACMEInstaller

4. Android activate!

step 4

After a moment of nothing, a stream of Linux command lines should appear. This install process will go on for ten minutes or so, after which the HP TouchPad will reboot. Ignore the boot-loader and Android will start.

Play to your heart's content but a big omission is the Android Market, but we can fix that and it's an excellent introduction to the ClockworkMod Recovery Mode.

5. Moah apps!

install 5

Legally Android Market cannot be distributed with CyanogenMod Android. Download the package from http://gooinside.me/gapps. Connect the TouchPad to your PC as a drive and copy this ZIP file to the root.

Eject and reboot the TouchPad, at the new Moboot boot-loader use the Volume Button to select Boot ClockworkMod and press the Home button to start.

6. The Market is open

install 6

ClockworkMod enables you to do all manner of low-level recovery and update things. Use the [Volume Button] to navigate to 'install zip', the sdcard refers to the internal storage. Use the [Home] button to select.

Select 'Choose zip from sdcard', select the gapps ZIP file you saved to the root. Confirm the warning, select 'Reboot system now' and let it reboot into Android. Now you have full Market access.

Part 3: Disaster recovery

1. Recovery options

recover 1

The ClockworkMod Recovery provides a number of recovery and restore features that can help reset and fix problems. Access it from the Moboot boot-loader using the [Volume Button] and [Home] button to select.

Options that can fix locking and freeze issues include: Wipe Cache Partition, Advanced > Wipe Dalvik Cache and Wipe User Data. The last one will reset Android to factory defaults.

2. Refresh Android

recover 2

Within ClockworkMod Recovery you're also able to reset CyanogenMod Android by effectively getting it to reinstall Android on top of itself.

Boot into WebOS, mount it as a drive and copy the CM7 fullofbugs ZIP file to the root. Eject and reboot the TouchPad and start ClockworkMod Recovery. Choose the 'Install zip' from sdcard option and select the Zip from the root.

3. Android begone

recover 3

If you decide Android's not for you the good news is that an uninstaller is available. We can see this being automated in the future but even in the alpha stage it's nothing you've not already done.

Download and extract the Uninstaller Zip file from the RootzWiki TouchPad website. Open a command prompt, change the directory to the Desktop and type: novacom boot mem:// < ACMEUninstaller.

4. It's all gone wrong

recover 4

The above step takes a few minutes for anything to happen but will restore your device to its pre-Android state, recovering partition space.

There is one last recovery option with WebOS Doctor found here. You'll need your HP WebOS account details, at least five per cent charge and Java installed. The entire reset process shouldn't take more than half an hour.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)