iOS Encrypted Notes

In the past I have recommended Codebook Secure Notebook as an alternative to iOS’s native notes application.  I even went so far as to recommend NOT using the native Notes app.  However, I have recently completely reversed my position on this.  A third-party app is no longer needed to secure your notes.  Beginning in iOS 9.3.2, notes in the native Notes application can be secured with a password.  When password protected, notes are encrypted with AES-128.  This eliminates the need for a third-party application, which reduces overall attack surface.  Taking advantage of iOS encrypted notes is extremely easy and intuitive. Continue reading “iOS Encrypted Notes”

How to Verify HTTPS Certificates

Hypertext Transport Protocol/Secure (HTTPS) is the backbone of internet security.  It is a ubiquitious encryption that secures connections automatically.  Users do not have to enable it, and the security it provides is strong.  The cases of Lenovo, Dell, and GoGo Inflight Wi-Fi are all well-documented instances of HTTPS tampering. Most users blindly trust the green padlock in their address bar.  You should always verify your connection is actually secure before inputting authentication credentials or financial information.  When using tools like the Tor Browser this is especially relevant.  It is also very important when using public Wi-Fi or other insecure wireless networks.  This post details how to verify HTTPS certificates to ensure your connection is secure.

Continue reading “How to Verify HTTPS Certificates”

How-To: Tor Browser Bundle

My last post covered threat modeling the Tor Network.  While I have a very nuanced opinion of Tor, I do think it is ideal for certain use cases.  Unless contraindicated .  Using Tor is not difficult, but there are some potential pitfalls to be aware of.  This post will cover how to use the Tor Browser Bundle.

Download and Install the Tor Browser

The first step is to download the Tor Browser from  Before you install it you should verify the integrity of the file. The Tor Project has an excellent tutorial on how to do this here.  Additionally, I will begin to post checksums for the Tor Browser this month.  After you have verified the file, install it.  If you use a Mac, double-click the .dmg and drag the icon into your applications folder.  A few more steps are required if you use Windows, but setup is not difficult.  Instructions are available here.

Tor Browser Bundle

Begin Browsing with Tor

You are now ready to begin browsing.  Double-click the Tor icon.  Tor will as you to choose between “Connect” and “Configure”.  For the vast majority of use-cases connecting directly is your best option.  The “configure” option gives you the ability to use a bridge or proxy.  Using a bridge or proxy may be necessary if you are in a country or on a network that blocks Tor traffic.  Configuring a bridge or proxy is fairly intuitive, should you need to do so.

Tor Browser Bundle

When you connect to the Tor network, your request is first routed to a directory server.  This server will create your custom “circuit”, the network of three nodes through which your traffic will be routed.  When your connection is established, the Tor browser will open automatically.  You are now ready to browse through the Tor network.  The Tor Browser is a modified version of Firefox.  Browsing with Tor is superficially no different than browsing with Firefox with one or two exceptions.

Using Tor-Specific Features

Clicking the Onion button opens some options not available in Firefox.  It also displays your Tor circuit and allows you to change the following options:

  • New Identity:  This closes all open tabs and discards any browsing data, like cookies.  A new, clean instance of the browser is then opened.  I do not recommend this
  • New Tor Circuit for this Site:  This feature builds a new circuit for the tab that is currently open.
  • Privacy and Security Settings:  See below.
  • Tor Network Settings:  Allows you to configure bridges and/or proxies if needed.
  • Check Tor Browser for Updates:  Always keep your browser up-to-date.  I recommend checking each time you open Tor because updates are frequently released.

Tor Browser BundlePrivacy and Security Settings:  Click this to open an additional dialogue.  The privacy portion has four radio buttons.  Leave all of these checked.  The security dialogue contains a slider and allows you to choose a desired level of security (low, medium-low, medium-high, high). These settings correlate roughly to threat models.  The higher your threat model, the higher a level of security you should choose.  I believe you should always use “high”.  It is less convenient and requires a working knowledge of NoScript, but if you are going to use Tor you should use it to its full potential.  On the other hand, ease-of-use may convince more people to use it overall.

Tor Browser Bundle 4

Potential Problems with Tor

Tor is imperfect for everyday use.  There are reasons it is not incredibly common.  Among them: the Tor Network is slow.  Traffic is routed through multiple servers, usually in multiple countries.  This inevitably slows your traffic.  Additionally, your traffic is slowed at least to the speed of the slowest server in your circuit.  You will also be forced to solve captchas to visit or log in to some websites, and encounter other minor inconveniences. You will also encounter security issues when using the Tor Browser.  I addressed some of these in my last post.  My next post will address one of them specifically: exit node security through HTTPS.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

IronKey Secure Flash Drive Review

I have always been a bit skeptical of the IronKey secure flash drive.  While boasting some sexy features, the cost seemed probitive and unjustified to me.  After several reader questions I decided it was finally time to get one of these devices and try it for myself.  The result: I’m convinced that this is the ultimate in secure, portable data.  Due to its extreme cost I am still not converting over fully to IronKey, but I would if I could afford to.  There are several features of this device that make it desirable to both enterprise users and the privacy-minded.  Continue reading “IronKey Secure Flash Drive Review”

Cloud Storage Threat Models

It is likely that readers of this blog know where I stand on cloud storage.  I have been fairly outspoken against the practice of storing personal data in the cloud.  Unfortunately, I realize this may be an untenable solution for many who desire – or even require – the ability to use and access cloud storage.  Even I had a personal experience recently that made me re-think the utility of cloud storage.  Cloud storage does offer the benefit of being a strong hedge against data loss.  Losing data can be crippling for an individual, and even more so to a small business.  With these factors in mind (and at the request of a reader) I have taken a look at some cloud providers and developed some cloud storage threat models.

Continue reading “Cloud Storage Threat Models”

Codebook Password Manager Mobile App

I have written about Codebook Secure Notebook and the STRIP Password Manager, both here and in Your Ultimate Security Guide: iOS.  Due to some major recent changes to these systems they merit a revisit.  Zetetic, the company that publishes both of these applications, has merged them into a single app.  At first this concerned me greatly.  Though I loved STRIP and think it is one of the more secure password managers on the market, acceptable replacements exist.  What really concerned me was the potential loss of Codebook.  Codebook was an encrypted notes application for which I have not yet found a suitable alternative.  Fortunately Zetetic has given us our cake and allowed us to eat it, too.  The new application, Codebook Password Manager and Data Vault, combines the best features of both of these applications.

One of the stated reasons for the change was the name “STRIP”.  Originally STRIP was a light-hearted acronym for Secure Tool for Remembering Important Passwords.  Unfortunately, people searching for the app online often found many other, less savory uses of the word “strip”. The full name of the application is now a much more serious, though somewhat unweildy, Codebook Password Manager and Data Vault.

The new version of Codebook Password Manager provides the same password management tools as the old version.  My favorite among these is the organic ability to store TOTP/OAUTH tokens inside the app.  TOTP/OAUTH is the Time-based One Time Password/Open Authentication protocol that is commonly referred to as “Google Authenticator”.  This capability negates the need for a second authentication app on the device.  The new Codebook also mimics the old version’s ability to record and securely store notes.  I love the ability to jot down notes on my iPhone but hate that they are not securely stored.  I also dislike that the native iOS Notes application can by synced with (insecure) email accounts.  Codebook solves this problem by giving you an encrypted platform for securely storing notes.

Codebook Secure Notebook Screens

Codebook Password Manager is very easy to use.  Enter your password (or create a new one).  Once you are logged in to your database click the “+” icon in the upper-right side of the screen.  This will allow you to create a “New Entry” or “New Note”.  Entries are password managment fodder like usernames and passwords.  New notes are free-form entries that allow you to jot down thoughts, lists, etc.

I have only two complaints with the updated version of Codebook.  First, I miss the old Codebook shield icon.  The icon really doesn’t matter, but I really liked the old one.  Also worth noting: I miss some of the old menu options.  The old Codebook was a dedicated note-taking app and allowed me to choose my font and pitch.  The new version does not; alas the text in my notes look big and clunky in comparison. As I said, these are minor complaints and really don’t matter to the app’s function.

The new app is  available for Android, iOS, OS X, and Windows.

Wi-Fi SSID: To Hide or Not to Hide?

If you read just about any article about Wi-Fi security the question of hiding/not hiding your Wi-Fi SSID (Service Set Identifier) will almost inevitably come up.  The SSID is the Wi-Fi router’s “name”, and it is what you click on when you wish to connect to that network.  Most of these articles will say that hiding your SSID is counterproductive as it will make you more interesting to a hacker.  In full fairness, this also includes my own writing.  In both the Windows 7 and iOS editions of Your Ultimate Security Guide I recommended NOT hiding your SSID.  I had some reasoning for recommending this: in my estimation it amounts to profile elevation.  Like sending a Do Not Track request to a website, a hidden SSID makes you more distinctive than everyone around you.

But does hiding your Wi-Fi SSID alone really make you a more attractive target?  To quote the inimitable Ulysses Everett McGill of O’ Brother Where Art Thou?, “it’s a fool who looks for logic in the chambers of the human heart.”  To unequivocally say that an attacker will target you just because your SSID is hidden may not be tell the whole story, or may simply be dead wrong.  Criminals are not known for following the same set of mental processes that guide the actions of the average, law-abiding individual.  Sure, it may make you the more interesting target because you may seem like the more challenging target.  But just as equally, it may not.  The hacker may be looking for soft, langorous targets.  Or perhaps he or she is after a specific target that is not you.

I think the reason this is constantly brought up is that SSID hiding has been placed in the “security” category of features for Wi-Fi networks.  I contend that this is not a security feature at all.  Choosing not to broadcast your SSID is, in my opinion, merely a choice about how “noisy” you want your network to be.  While hiding your SSID cannot protect you from Anonymous, it do a few things.  It can prevent your neighbors from seeing  your network, and prevent kids in the waiting room at your practice from connecting to it.  Again, it will absolutely not prevent a determined adversary from finding your network.  There are various tools including inSSIDer and Kismet that will find these networks with ease.

My bottom line is this:

  1.  Hiding your Wi-Fi SSID network is a personal preference that is essentially neutral as a security measure.  It doesn’t necessarily make you less secure or a more attractive target, though it might based on factors that we can’t begin to model (i.e. human unpredictability).
  2.  Hiding your SSID for security reasons is ineffective and an example of security-through-obscurity.  If you are hiding your SSID as a security measure you should reconsider.

There are meaningful security measures you can take for your Wi-Fi network.  The best and strongest of these is to ensure that your signal is encrypted with WPA2.  The WPA2 protocol is actually very good (do not use WEP or WPA).  It offers much, much more protectiong than silencing your Wi-Fi SSID.  Another meaningful measure is to use a virtual private network; this will protect your traffic regardless of the security of your Wi-Fi.  It will also protect it at a much deeper level, and provide you with a bunch of other benefits.  We will delve much more deeply into Wi-Fi security in the upcoming Thirty-Day Security Challenge, so stay with me!

VeraCrypt Migration

I admit being a holdout for TrueCrypt.  I wrote about it in my Your Ultimate Security Guide: Windows 7 Edition.  I encouraged it’s use among my friends and family.  I have used it myself.  I have stood so strongly beside TrueCrypt for two reasons.  The first is The Audit.  Being independently audited is incredibly rare among encryption tools and I placed a great deal of trust in the audit which was only recently completed, and the results of which were mostly good.  There were some minor vulnerabilities but nothing to be overly concerned about, and certainly no backdoors.  The other reason I held onto TrueCrypt for so long (and it pains me to admit this) was nostalgia.  TrueCrypt was the gold standard for years and it had been with me through thick and thin, protecting my data on half a dozen personal laptops and across scores of international borders. Letting go of TrueCrypt felt like letting go of an old friend.

But, I didn’t hold onto it out of misplaced loyalty or nostalgia alone.  The audit was huge, and until I had a good reason to believe TrueCrypt was insecure there was no reason to switch.   But audits are not perfect, and now we have that reason.  A new privilege escalation vulnerability was discovered in Windows versions of TrueCrypt (almost two months ago now) that allows the compromise of your full system.  For this reason I am moving, and recommend moving to VeraCrypt as soon as possible.

VeraCrypt Migration
The VeraCrypt interface is updated but still comfortably familiar to TrueCrypt users.

Going back to an un-audited program feels like a huge step backward to me.  I don’t think the developers have maliciously inserted a backdoor, but code is complex and getting encryption right is hard. But there is a very big silver lining.  First, vulnerabilities like the one affecting TrueCrypt can be (and will be, and in this case, already have been) patched.  TrueCrypt’s vulnerabilities will never be patches.  Next, an audit is planned for VeraCrypt that will probably be undertaken after the program is in its next version and has added some new features.  Finally, by increasing the number of iterations from a maximum of  2,000 in TrueCrypt to as many as 500,000 in VeraCrypt, the newer program is significantly stronger against brute-force attacks.  Using VeraCrypt requires almost no learning curve for anyone familiar with TrueCrypt as the two programs are almost identical in up-front operation.

Unfortunately (or fortunately, depending on how you look at it), VeraCrypt and TrueCrypt volumes are incompatible.  This means that if you are using volume-level encryption you will have to create a new VeraCrypt volume, mount your TrueCrypt volume, and drag files into the new one.  If you are using full-disk encryption (which you should be) this will mean fully decrypting your machine and re-encrypting with VeraCrypt.  While it’s decrypted would be an ideal time for a clean install, too.

11/23/2015:  Shortly after this post was published this Ars Technica article was published indicating TrueCrypt is still safer than we thought.  This is good news, but the clock is still ticking on the aging encryption application.

VeraCrypt URL and Checksums:


SHA256: E885951442D91EF237EC6C4F4622C12D8AB7D377CC5DDFBE2181360072C429F1

SHA512: 80EA23F2D70786A0BC3E1ECEDE12A6644FF4507F0AE0C436E4E5367854F38C16020CE62C083B07C844CAA82117BBCE30029AF986DB41E8A7CD1693A104CAA440

Secure Notes for iOS: Codebook Secure Notebook Update

One of my favorite features on my iPhone is the ability to take notes.  Sadly, one of my least favorite features of my iPhone is the Notes’ inability to be encrypted or password protected, and its annoying tendency to backup to email accounts when you least expect it.  Because of the lack of security inherent in the native Notes app I began looking for a replacement several years ago and found Codebook Secure Notebook.

Codebook is a refreshingly simple app that encrypts your notes using AES-256.  Codebook also has some other cool security features.  It has a pretty standard Auto-Lock function that locks the app after a specified period of time ranging from one minute to one hour, and allows you to disable Auto-Correct.  Toggling the Auto-Correct slider to “off” prevents the phone’s dictionary from inspecting the contents of your notes, potentially preventing data from leaking in the OS from Codebook.  This is important if you store passwords, credit card numbers, or other especially sensitive data in this application.  The final setting that deals with security is Pasteboard: Clear on Exit.  This clears your clipboard when you exit or minimize the application.  This is helpful if you are copying text within Codebook, but you will want to leave this turned off if you copy text from Codebook into any other application.

Codebook does look dated (think iOS 5- or 6-ish)  though, and at the time of this writing has not been updated since version 1.6.4 which was released in January of 2013.  This gave me some pause when writing about the app in Your Ultimate Security Guide: iOS.  Though the look of the app doesn’t really matter I had real questions about whether or not it was still being supported.  The good news is that, yes, Codebook Secure Notebook is still being supported and an update is on its way very soon!  I had the opportunity to TestFlight this app and I am sharing a few screenshots below.

Codebook is everything I like in an app: simple, uncluttered with superfluous features, and secure by default.  I am incredibly pleased to know that Codebook will be around for the foreseeable future.  I would love to see a version of Codebook for Android, as well.  Codebook Secure Notebook costs $3.99 in the App Store but is money well spent.

IMG_2686 IMG_2690

IMG_2688 IMG_2689

Private Internet Access for iOS

During the writing of Your Ultimate Security Guide: iOS I had the opportunity to work with a lot of products that I probably wouldn’t have otherwise considered.  One of these is Private Internet Access for iOS (affiliate link).  Though over the years I have used a virtual private network on my iPhone and other mobile devices, and I have used Private Internet Access rather heavily, I had never used the two together until recently.  The Private Internet Access app for iOS is one of the most convenient VPNs I have used to date and the VPN that I will continue to rely on for my phones.

Private Internet Access for iOS
The iOS app’s homescreen. The PIA app is incredibly easy to use.

The PIA app is a certificate-authenticated VPN which means that installing the app also installs an authentication certificate on your device.  VPNs of this nature can be set to be always on, rather than credential based VPNs which must be manually reconnected each time you unlock the phone.  Though certificate-based VPNs are notorious for draining batteries rapidly, PIA has found a rather ingenous solution to this.  Rather than remaining always connected to the VPN server (which is the reason “always on” VPNs are notorious for killing batteries) PIA does not always remain connected.  Rather, it drops the connection when the device goes to sleep.  Upon unlocking the device, though, data connections are blocked until the connection is automatically reestablished.  Though your battery will not last as long as it would with a very judiciously used credential (username and password) authenticated VPN, the security PIA provides is well worth the shortened battery life.

Private Internet Access for iOS
Some of PIA’s exit server options from the iOS app.

I have written previously about the security and privacy benefits of using a VPN.  Private Internet Access provides all of these benefits, including encrypted traffic to and from the VPN server and mulitple exit servers in mulitple countries to choose from.  As I have also written before, PIA also allows you a number of anonymous payment options including BitCoin and redeeming store gift cards.  Yes, store gift cards, meaning if you have an old Starbuck or Home Depot gift card with a balance on it you can cash it in for VPN service.  Not only does this give you a way to use those small balances left on those gift cards at the bottom of the junk drawer, it also allows even the low-tech a way of purchasing VPN service anonymously.

Private Internet Access stores NO logs, allows unlimited bandwidth and five devices connected simultaneously, and costs just $40/per year.