The Entrepreneur Forum | Startups | Entrepreneurship | Starting a Business | Motivation | Success

GOLD! Take Your Computer Security Seriously! YOU Are At Risk!

jmusic

Meep.
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Mar 4, 2015
139
239
164
39
So really it all comes down to trust.

A common moniker for security-minded folk is "trust no one."

If that statement is taken to its logical conclusion, I'd wind up in a cabin in the woods, growing all of my own food inside a hermetically sealed greenhouse. So really that means to me that we need to make informed decisions with the realization that nothing is perfect.

I remember watching "The Amazing Spider Man," and when Peter Parker first sneaks into the lab he watches the doctor login to a crazy security panel, then duplicates the same code. This is a clear example of why 2FA is effective.

2FA = something you HAVE + something you KNOW.

Where it breaks down is in the enforcement side. What does the bank or service do when someone (possibly even YOU) calls claiming they lost they? This is where the social engineering vulnerabilities come in to play.
 

Become a Fastlane INSIDER to view the forum ad free.

Ninjakid

Platinum Contributor
Speedway Pass
Jun 23, 2014
1,760
3,691
891
Canadianadanada
Yup, and a huge market with tons of opportunity.
Web design and development has gotten a ton of attention in recent years, but cybersecurity is an extraordinarily valuable field which sometimes gets overlooked. Yet large firms such as Google and Facebook will pay mountains of cash to anyone who will help keep their data secure.
 

Christopher777

Bronze Contributor
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Jun 13, 2017
139
253
174
Manila, Philippines
twitter.com
Weird to say but windows seems more secure right now, they're doing a lot of things right.
Haha, well, I can't help but laugh man. Windows is the least secure of OS's. It might be that they're constantly catching up but it's just too darn lucrative for hackers to exploit.

Don't believe me? Just download Adwcleaner right now. It's free and downloadable with a google search. It will detect a lot of stuff that your AV often disregard.

Sounds like you were targeted.
It's possible. They were probably tipping their toes first. But it's also possible that his PC was just a little node of a larger network of infected machines and the small withdraw was part of the plan to keep it low.

There are software programs that can take over your PC and they are called FUD (fully undetectable). They trade this stuff expensively in the underground.

I played around this stuff as a hobby. You will not believe the kind of things that are possible.

Points to remember :

1. Change passwords often and have complex ones.
2. Update your stuff. All that needs updating.
3. Strong and reliable antivirus. ESET, Bitdefender, etc choose the smart ones that have HUGE signature databases that gets updated often, like cutting edge. Choose those that have firewalls, heuristics and automated action.
4. Train your staff with security practices. (USB procedures, clicking links, email links, phone call procedures etc)
5. Backup software, licenses and data regularly.
6. Consult a security specialist if it's that important. You can never be too sure.
7. If your business has a database of credit cards, email addresses, software, office documents, private photos and videos, you are a possible target.
8. If you are running windows, have the basic security stuff in place. Windows is like the guard of the castle that always got outsmarted.
9. Screen staff.
10. Have a cloud service as a failsafe if possible.

It's hard to stop a hacker. It's like almost impossible because they have massive leverage, knows how to use it and they have the attitude of a juggernaut.

The best you can do is to protect yourself from the shotgun attacks. If you are being targeted or suspecting the same, get help before it's too late.

Anyways, if you have any questions or help on anything security related, just PM.
 
Last edited:

-Brian-

New Contributor
Read Millionaire Fastlane
Jul 19, 2017
10
17
19
46
Florida
Nice thread, lots of good advice.

Assume that you will be hacked, or are probably hacked and don't know about it yet. If you are targeted, its only a matter of time. What high profile company/govt hasn't been hacked yet?
  • Have good backups (I like crashplan.com)
  • Keep things updated (can't stress this enough)
  • Use 2FA (I prefer to use a non-text/sms based system, such as Authenticator Plus as it supports backups (phone hardware dies)
    • Make sure for each 2FA account, you print out the recovery codes and put them in a safe/somewhere safe, if your phone break or lose 2FA, you can still login to disable 2FA until you get another phone, etc.
  • Freeze your 3 credit bureau if in the US, with so many hacked companies now, the higher risk is someone losing your private information, then you having your identity stolen. World’s Biggest Data Breaches & Hacks — Information is Beautiful
  • Use encrypted devices (Apple is the leader here, iOS is designed to be crypto hardened at the chip/manufacturing level).
 

journeyman

Bronze Contributor
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Apr 18, 2017
92
193
147
United Kingdom
Very useful thread.
I recently realized how unsafe public hotspots are and purchased a VPN subscription. The reduced speed sucks but safety above all... I even keep it on in my home connection now that I got used to it.

Also since I used the same passwords over and over, I decided to move to 1Password Manager. It took me absolute ages to move all my stored passwords there and create new, random ones but it was worth it. It really is a great service, by remembering just one password you are set.
 

LiveEntrepreneur

Bronze Contributor
Read Millionaire Fastlane
Speedway Pass
Aug 17, 2017
435
303
128
30
Australia
Best thing to do is store it on paper lets see them hack that lol. I am generally pretty good with computers don't need an antivirus software even though I got one but I should probably upgrade my security more.
 

VentureVoyager

Bronze Contributor
FASTLANE INSIDER
I've Read UNSCRIPTED
Aug 19, 2017
45
113
135
29
Bali
Great topic. By the way, can you recommend a reliable antivirus for windows that is not as incredibly annoying as most of them? Is there such a thing as an effective antivirus that won't make your life miserable?
 
Last edited:

LiveEntrepreneur

Bronze Contributor
Read Millionaire Fastlane
Speedway Pass
Aug 17, 2017
435
303
128
30
Australia
Great topic. By the way, can you recommend a reliable antivirus for windows that is not as incredibly annoying as most of them? Is there such a thing as an effective antivirus that won't make your life miserable?
Also have Malwarebytes as a backup or hitmanPro. If you can't login normally go through safe mode with networking so you can update the software then run a scan.
 

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
May 29, 2013
1,396
6,646
1,496
Louisville - Kentucky
www.serpwoo.com
I took this to heart after reading this thread this week.

I'm a power user when it comes to my desktops and laptops so I always thought it would never be me.

However, after reading this thread I did some digging and noticed my email was released in a breach of other sites along with my password over at Have I been pwned? Check if your email has been compromised in a data breach

I advise you to look to see if your email and password is listed. I had been reusing my password on a few other sites, so this got me worried and thinking. Since then I have been using Lastpass with more unique passwords on all services and sites. Sometimes I'll reuse a password for sites that I am not too worried about, like I might use the same password to sign up for trial accounts of SaaS software or the same password for all forums ( reading material, nothing where I make a transaction ).

This week I switched from Chrome to Firefox and backed it up with several privacy plugins as well as:
  • Changed my router DNS and TeamViewer settings on all my computers
  • Enabled 2FA on several services
  • Encrypted my Macbook, also increased security and privacy on it all the way around
  • Changed my desktops and PC based laptops to more secure settings
  • Using LastPass more then simple/complex passwords ( meaning, I use phrases now instead of 1 string of characters )
Part of what made me get more involved is hacking and data breaches are happening more and more and more than compared to 10 years ago. The scale of which is happens is also greater. I can't rely on just a password and my own desktop security, I have to worry about Yahoo getting breached or Myspace and my details leaking out.

And what about my kids laptops and iPads? Someone gets into one of those and then see's my networked computers and gets into those.

I'm still making changes, but the most important stuff is locked down in some way now. If someone were to steal my username and password for 1 site, they can't get into another 2nd site with it. If someone stole my laptop or cellphone, they can't log into it or take the drive out and try to read it from another device because it's encrypted.

If someone wants to read my deleted files, the free space and recycle bin have been wiped with 32 passes to make them almost unrecoverable.

Sure, if someone really wants my data I am sure they can get it. However, I feel that I have protected myself against most hackers and other people looking for an easy find.

Thanks for the thread and bringing it my attention a bit more.
 

Become a Fastlane INSIDER to view the forum ad free.

VentureVoyager

Bronze Contributor
FASTLANE INSIDER
I've Read UNSCRIPTED
Aug 19, 2017
45
113
135
29
Bali
@SquatchMan thank you for this recommendation. I think I will buy it.
How about VPNs? There's so many I have no idea which to chose. Are some of them faster than others while granting the same level of security?
 
OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
I can't rely on just a password and my own desktop security, I have to worry about Yahoo getting breached or Myspace and my details leaking out.
Exactly. The US government has been hacked multiple times. Banks have been hacked. Yahoo had a breach a few years back. Lastpass itself had a breach.

The services we all use every day are NOT secure enough. The best protection is to make sure that there is no 'key to the castle', but rather a labyrinth.

Also keeping oneself on as much of a down low as possible, don't be a dick on the Internet so that people wanna hack and doxx (release sensitive info to the public) you, and remembering that social engineering (not necessarily technological breaches) is how a lot of hacks take place.

No single point of failure. No key to the castle.
 

lowtek

Platinum Contributor
FASTLANE INSIDER
Read Millionaire Fastlane
Summit Attendee
Speedway Pass
Oct 3, 2015
1,490
4,691
1,130
37
Phoenix, AZ
damn, I've been pwnt.

Going to change my passwords. Moving to a new system of:

Core Phrase + site name

Where the core phrase contains 3 - 4 highly uncommon words and a special character in an unusual position ( i.e. not substituting a @ for an "a" )

And also, I switched to Linux months ago .... so viruses are a much smaller concern.
 

ddzc

Gold Contributor
FASTLANE INSIDER
Speedway Pass
May 22, 2012
571
1,200
388
Toronto
I need to stop procrastinating with this, I still have my pwds in a notepad. Thanks again for the reminder. I did recently lock my hdd down with bitlocker, highly recommended. For pwd, I know KeyPass is wideley used, even with big corporations. I might also purchase a secondary # with voipms and use it for two factor authentication.
 

ddzc

Gold Contributor
FASTLANE INSIDER
Speedway Pass
May 22, 2012
571
1,200
388
Toronto
Hey everyone,

I want to share a little story. I'm in the domain investing space, as a side hobby and just found out about a story where a hacker stole a domain from someone. All of the information was revealed and how it happened.

1. Domain was hosted with Godaddy. Whois information was wide open for inquiry reasoning from interested buyers and prospects who may want the domain
2. Domain was linked to an aol email account
3. Hacker got in to his email address, immediately changed all of his personal information including his backup email to ensure the original owner couldn't recover it in a short time span
4. Hacker went to godaddy, reset the password with the email account he now had access to
5. Hacker transferred a domain out of the account and in to his own
6. Hacker had the opportunity to steal up to 1000 names. This could have gotten really ugly! But he only took one
7. Hacker updated the whois with different information and a valid email
8. Original owner reached out to a lawyer for advice and was advised that it would cost him 15K to file a lawsuit. Domain was worth around 4K. Not worth it
9. Original owner decided to send an email to the hacker to try and buy it back from him or get it back by some other means
10. Hacker replied via mobile (he had the original owners number). Probably used a voip or fake number, which is easily obtainable with third party apps
11. Hacker requested $1500 in bitcoin to be received the same day or the domain was getting sold off on the darkweb
12. After several days, the original owner got the domain back for a very small fee

The hacker also provided information to him upon request on how he got in. We can all learn from this, which is why I'm sharing this.

The hacker obtained his credentials from the LinkedIn hack which occurred back in 2012. The domain owner was using the same password for his email address which was linked to his Linkedin account. Back in 2012, 6.5 million passwords were leaked on to the dark web. They were sold to guys like this hacker for a couple grand. This hack happened just two weeks ago.

Pay attention to the news in the cyber world and always stay informed. Act immediately when these data breaches occur. Linkedin, Yahoo, Ashley Madison, all of these big sites were hacked and your email/passwords are available on the darkweb for purchase, RIGHT NOW. It takes me 5 mins to use tor and gain access to the darkweb and purchase these myself. If you have any accounts from any of these sites which were compromised, and your passwords are the same for your banking, paypal, shopify, email, cpanel, domain accounts, etc etc, you need to act now. Change them to something different immediately, today!
 

Gray Blimp

Contributor
Read Millionaire Fastlane
I've Read UNSCRIPTED
Jun 21, 2016
26
32
23
What does everyone recommend for PC backup services?
 

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
May 29, 2013
1,396
6,646
1,496
Louisville - Kentucky
www.serpwoo.com
What does everyone recommend for PC backup services?
I was using CrashPlan a long time ago, had like a 5 year plan with them. When it expired I didn't renew up.

I am looking into BackBlaze atm though. Very cheap and highly recommended.

I am also using a version of BitSync ( now known as resilio.com ) to do "backups" in a dropbox type fashion for certain files I want on different computers. but not in the cloud.
 

loop101

Silver Contributor
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Mar 3, 2013
623
961
363
After reading about it here, I looked for it and couldn't find it either.



Yup, and a huge market with tons of opportunity.
I've been interested in cybersecurity/infosec for quite a while, but have not thought of a good way to make it a Fastlane business. As a single worker, it seems time-bound, like being a dentist. You can charge a lot of money, but only for the hours you work. There are also legal risks if something goes wrong. For example, if a customer is hacked, or if they think you did something wrong.

To get a high-paying infosec job, you need to work for the US military, or banks. For that, you really need a security clearance (for military), college degree, infosec certs, and (ideally) networking experience.

For a single person, it seems impossible. The only people I have seen in Infosec who do really well, are those who manage large groups of Infosec workers. I guess this would be "Intentional Iteration" across lots of worker bee employees. This guy started an infosec solutions provider, and is now worth $200M: Robert Herjavec - Wikipedia

It's probably not too hard to be self-employed, but it doesn't seem scaleable without having employees.

Any suggestions?
 
OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
It's probably not too hard to be self-employed, but it doesn't seem scaleable without having employees.

Any suggestions?
Yea: get employees. Lol

There are several IT contracting companies around. There are also LOTS of software suites that people aren't using correctly.

Basic IT and security infrastructure could be set up by low-level people (I was doing it at 16 for a car dealership, only a year of training from my high school, with an 18 year old and under the guise of a 20 year old). Advanced people could be the consulting arm.

It's easiest to get people who are recent victims of an attack, as they're on high alert. Everyone else doesn't think it'll happen to them.

You could even go real small, to Internet entrepreneurs who are some of the most at-risk people out there. Give them a suite and charge them a consulting fee. (PM me and something something soliciting message $100/hr I'll do it for ya, see my authority with a GOLD thread on the Fastlane Forum + some basic high school training in computer infrastructure and security lol)

I have Herjavec's book with me right now, it's all about sales + sales teams; nothing to do with computer security. He talks more about Dancing with the Stars than computer security.
 

Become a Fastlane INSIDER to view the forum ad free.

OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
This news is a little late.

EQUIFAX, one of the Big 3 credit bureaus, just got hit with a data breach.

If you have ever checked your credit score with Equifax, your data may be compromised. IF you have used Equifax's online systems, your data may be compromised.

Massive Equifax data breach hits 143 million - BBC News

WHAT GOT STOLEN?

It's unclear at the moment, but it includes credit card numbers and personally identifying information. There isn't any evidence that commercial credit reporting has been compromised, but if it has: your business might be at risk.

WHAT DO YOU DO?

If you think your data has been compromised, you may benefit from putting a credit freeze on your account. Call up one of the credit bureaus and request a credit freeze. What this will do is prevent anyone (including yourself) from taking out additional debt in your name.

You may remove this freeze at any time.

https://www.equifaxsecurity2017.com/

Use this site (which is run by Equifax themselves) to check whether or not you have been affected. If you have, you will be provided free credit monitoring by Equifax, with the ability to request a credit freeze.

If your credit card info has been compromised, don't fear. Figure out which credit card you used by giving them a call (just ask for the last 4 digits) and report the card as lost or stolen. You'll get a new one in the mail in about a week or so. If you think you might be in trouble, don't F*cking wait!

If you try to call Equifax today, I guarantee you'll be put on hold and left there for several hours. You're not going to get a hold of a real person very easily just because of the size of this hit. Do it anyway.

NOTE: There is a chance that this hack is bigger than Equifax is willing to say. If that's the case, then we could be talking about an incident of cataclysmic proportions. We could be talking about a hit to the credit reporting system as a whole.

---

I guess I'll use this opportunity to talk about identity theft and how F*cking damaging it could be.

Identity theft is simply the use of someone else's identity in order to get something. Credit, loans, or even using one's name to commit a crime. Typically, identity theft is committed by the friends and family of the victim. However, data breaches are different.

Data breaches are like gold mines for identity fraudsters. Often times, the people who get hit are caught unaware because they don't know that their info has been caught in the breach!

Equifax announces that 209,000 customers were affected, however BBC estimated it could be up to 143 million people. That's more than a third of the population of the US. Is a 1 in 3 coinflip a chance you're willing to take?

If someone knows your legal name, DOB, and your social, they could take out loans in your name ranging from credit cards to mortgages. If they go delinquent, this affects your credit score and it could take years for it to recover (even after you get it all sorted out).

Identity theft insurance might help you, and Equifax is offering this to people affected. However it's not a foolproof solution.

---

Please don't WORRY. ACT. If you think you might be in trouble, go to https://www.equifaxsecurity2017.com/ and check to see if your information has been breached.

Other data breaches have happened recently. Check out Have I been pwned? Check if your email has been compromised in a data breach to see if your email has been compromised.
 
OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
NOTE: Canadian and UK customers may be affected too
 

ApparentHorizon

Gold Contributor
Speedway Pass
Apr 1, 2016
785
2,302
553
Greenville, SC
Few more:
- Your password length is more important than its complexity
- Your antivirus only fights off what it recognizes in its database. If a new virus comes along it can take months to years before it's recognized
- Win10 can collect personally identifiable information (Ultimate Windows Tweaker 4 helps restrict these shenanigans)
 

G-Man

Legendary Contributor
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Jan 13, 2014
1,767
9,504
2,186
This news is a little late.

EQUIFAX, one of the Big 3 credit bureaus, just got hit with a data breach.

If you have ever checked your credit score with Equifax, your data may be compromised. IF you have used Equifax's online systems, your data may be compromised.

Massive Equifax data breach hits 143 million - BBC News

WHAT GOT STOLEN?

It's unclear at the moment, but it includes credit card numbers and personally identifying information. There isn't any evidence that commercial credit reporting has been compromised, but if it has: your business might be at risk.

WHAT DO YOU DO?

If you think your data has been compromised, you may benefit from putting a credit freeze on your account. Call up one of the credit bureaus and request a credit freeze. What this will do is prevent anyone (including yourself) from taking out additional debt in your name.

You may remove this freeze at any time.

https://www.equifaxsecurity2017.com/

Use this site (which is run by Equifax themselves) to check whether or not you have been affected. If you have, you will be provided free credit monitoring by Equifax, with the ability to request a credit freeze.

If your credit card info has been compromised, don't fear. Figure out which credit card you used by giving them a call (just ask for the last 4 digits) and report the card as lost or stolen. You'll get a new one in the mail in about a week or so. If you think you might be in trouble, don't F*cking wait!

If you try to call Equifax today, I guarantee you'll be put on hold and left there for several hours. You're not going to get a hold of a real person very easily just because of the size of this hit. Do it anyway.

NOTE: There is a chance that this hack is bigger than Equifax is willing to say. If that's the case, then we could be talking about an incident of cataclysmic proportions. We could be talking about a hit to the credit reporting system as a whole.

---

I guess I'll use this opportunity to talk about identity theft and how F*cking damaging it could be.

Identity theft is simply the use of someone else's identity in order to get something. Credit, loans, or even using one's name to commit a crime. Typically, identity theft is committed by the friends and family of the victim. However, data breaches are different.

Data breaches are like gold mines for identity fraudsters. Often times, the people who get hit are caught unaware because they don't know that their info has been caught in the breach!

Equifax announces that 209,000 customers were affected, however BBC estimated it could be up to 143 million people. That's more than a third of the population of the US. Is a 1 in 3 coinflip a chance you're willing to take?

If someone knows your legal name, DOB, and your social, they could take out loans in your name ranging from credit cards to mortgages. If they go delinquent, this affects your credit score and it could take years for it to recover (even after you get it all sorted out).

Identity theft insurance might help you, and Equifax is offering this to people affected. However it's not a foolproof solution.

---

Please don't WORRY. ACT. If you think you might be in trouble, go to https://www.equifaxsecurity2017.com/ and check to see if your information has been breached.

Other data breaches have happened recently. Check out Have I been pwned? Check if your email has been compromised in a data breach to see if your email has been compromised.
Also read: By signing up on Equifax’s help site, you risk giving up your legal rights
 

G-Man

Legendary Contributor
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Speedway Pass
Jan 13, 2014
1,767
9,504
2,186
Has anyone here invested in ID theft insurance? Opinions?
 

AArora

Bronze Contributor
Read Millionaire Fastlane
I've Read UNSCRIPTED
Aug 2, 2017
102
126
140
39
USA
Unreal that the scumbag insiders stole their stock after they found about the hack.. SIX WEEKS AGO.
 
OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
If you're an Equifax customer, you may be entitled to a cash settlement due to the breach.

If you're not an Equifax customer... you still may be entitled to a cash settlement.

The arbitration clause mentioned earlier is bullshit as this is obviously Equifax's fault.

Baltimore law firm leads class-action lawsuit against Equifax

Keep in mind that this story is still developing. This could be one of the biggest stories of the century (or it'll fizzle out in favor of what Trump did at Mar-a-lago... smh)

It could change the face of credit reporting.
 
OP
OP
The-J

The-J

Legendary Contributor
EPIC CONTRIBUTOR
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
Aug 28, 2011
3,471
7,812
1,736
Ontario
Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security

This is a different level of incompetence. It's systematic incompetence. You absolutely, positively, CANNOT trust anyone but your own a$$.

What's insane is that we never actually trusted these companies (TU, Eq, Ex) with our information. We trusted our BANKS and everyone else to trust the right people. Next thing you know, your bank is gonna have a huge data breach.

And let's not even get into social engineering and the possibilities behind that. Do you really think some schmo making $10/hr REALLY gives a F*ck about the sensitive information that you dictate to him over the phone? F*ck no.

I don't wanna live on this planet sometimes.
 

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
May 29, 2013
1,396
6,646
1,496
Louisville - Kentucky
www.serpwoo.com
Since I run a SaaS and I have a family, I have been more and more concerned about privacy not only for myself, but my clients ( freelance, agency, & SERPWoo ).

I've been looking at tools and such for sharing data and files and lot of them seem cumbersome having to install a certain app that you also have to pay monthly for. That ,or the app is free but cumbersome, maybe it's no longer maintained or you can't view the source to ensure its solid.

I wanted something I could send my mom and she could easily use for free with apps she might already have. Like Dropbox or some other public file sharing site.

I mean, why can't something be extremely easy and simple with already existing tools almost anyone has or can get easily for free too? Something that isn't a vault but still secure to pass to other people on already existing platforms like Dropbox or Box.com or even Amazon S3? Even just plain email....

So I came up with something that seemed secure enough for me to use until I find something better. Something that I didn't have to worry needed to stay maintained ( like other platforms ) and something that others could view the source of and trust to use.

privacy.zip

The way it works in a nutshell is:

1. You place items in the "base" folder.
2. You click the .bat file
3. You enter in 3 passwords
4. An embedded copy of 7zip archives whatever is in the "base" folder 3 times, each archive has the passwords you put in
5. 7zip password files are AES 256 encrypted
6. You must know all 3 passwords to get the file(s) you encrypted
7. Anything in the "base" folder is deleted now ( the original file ), but even in the "recycle bin" the copy is encrypted too, so no chance of prying eyes.
8. You can now share what you encrypted on Dropbox or some other public file share with another person without much risk of having what you encrypted read by someone else.
9. The other person does not need 7zip. They can open the archive with WinRar or another unzip/zip tool.
10. I'm sure someone can find a flaw. There is a flaw in everything, even paid tools. At least this is free and simple enough my mom can use quickly without more/other software. That was the goal of this.. easy, simple, free


If this works out, I'd like to make it a larger tool set for use by the masses publically. Right now, its just a "concept" without having to have a "vault" like other apps.

.
 
Last edited:

eliquid

( Jason Brown )
EPIC CONTRIBUTOR
FASTLANE INSIDER
Read Millionaire Fastlane
I've Read UNSCRIPTED
Summit Attendee
Speedway Pass
May 29, 2013
1,396
6,646
1,496
Louisville - Kentucky
www.serpwoo.com
I should point out that in the batch file ( .bat )

Line 21 I have this setup as "C:\Encrypt\"

If you uninstall this elsewhere on your system, you have to change that line. Users you send the file to will not have to do anything.

Next version I will put in code to detect/use without a direct folder path
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Post New Topic

Please SEARCH before posting.
Please select the BEST category.

Post new topic

Fastlane Insiders

View the forum AD FREE.
Private, unindexed content
Detailed process/execution threads
Monthly conference calls with doers
Ideas needing execution, more!

Join Fastlane Insiders.

Top Bottom