Practice what you preach: HTTPS Everywhere!

I have long been a proponent of the Electronic Frontier Foundation’s HTTPS Everywhere campaign. Using HTTPS for all websites, whether you are exchanging personally identifiable information or not, simply makes sense.

I don’t say this out of some concern about Big Brother and the NSA watching me. I say it because the average, everyday user expects privacy.

When average Jane sits down at a coffee shop and uses the free WIFI she would get really upset if a stranger started looking over her shoulder and watching what she was doing and what websites she was accessing.

What she doesn’t realize is that I could sit in my car in the coffee shop parking lot and use a free program like Wireshark to spy on everything she is doing without her ever knowing. That is, unless she is using encryption.

One of the best things users can do to protect themselves is use a VPN service. A VPN encrypts all of the traffic in and out of your computer. Some people use a VPN to connect remotely to their work intranet. Others use it to to protect their privacy or to anonymize their web browsing. But we are talking about average Jane here who has never even heard of this magical VPN thingy.

This is where HTTPS comes in. It doesn’t cost her anything and all internet browsers can do it right out of the box. Not only can it help prevent someone from snooping on her browsing, but it also ensures she is connected to the website that she thinks she is connected to.

For example, everyone has at some point typed a website URL incorrectly and ended up someplace else. If that someplace else is a malicious website attempting to pass as the legitimate site you can more easily identify it by looking at the site’s encryption certificate, or lack thereof.

So why don’t everyone’s websites support HTTPS? Because encryption certificates can be expensive. Fortunately, there is a great organization called the Internet Security Research Group. They have a free and open certificate authority service.

But wait, it gets even better! The Certbot from the Electronic Frontier Foundation makes it incredibly easy to enable HTTPS on your website and automatically provision (and renew) certificates from Let’s Encrypt.

Thanks to Let’s Encrypt and Certbot, I’ve now changed my website over to HTTPS. Now everyone else should too. Let’s Encrypt and Certbot make it so easy there really aren’t many excuses that can be made for not doing it.

For more information, check out:

Malware Analysis: Capstone Update 6 – Finished!

I probably could have kept working on this project for much longer, but like all good things it had to come to an end at some point.

I have learned so much, and as my adventure at Drake University comes to a close, I can’t wait to apply everything I’ve learned to the real world. Plus, I’ve found one more fun hobby. Don’t be surprised if you see the occasional malware analysis post every once in a while moving forward.

If you are interested in reading my final paper I am posting it here.

Mitigating x86 based Windows Cyber Incidents by way of Malware Reverse Engineering
(Full Paper)

Mitigating x86 based Windows Cyber Incidents by way of Malware Reverse Engineering
(Poster Presentation)

Christmas in Florida 2015

This slideshow requires JavaScript.

Malware Analysis: Capstone Update 5 – x86 and Advanced Static Analysis

Advanced static malware analysis is, how should I put this… advanced! One of the primary reasons I chose the topic of malware analysis for my capstone is that I knew it would truly challenge me to build and expand on the foundations that the Drake computer science program had laid for me. I must admit however that I didn’t truly appreciate how much this topic would push me.

One of the courses I am taking this current semester is called Computer Organization and Assembly Language Programming. I mentioned in a previous post that over the summer I started teaching myself x86 assembly language because I knew it would be integral to my capstone. After learning some of the basics I put off learning more until the semester started because I felt I would benefit from formal instruction.

When class started I was initially a little disappointed to learn that the organization and assembly course at Drake was going to be using MIPS instead of Intel x86. In the end the simpler MIPS curriculum was actually very complimentary to the x86 that I was learning independently. I think learning both simultaneously really helped solidify my understanding of both and did make reading x86 much easier.

I should back up a little to ensure you understand what I mean when I say that I’m learning x86 assembly language. Continue reading “Malware Analysis: Capstone Update 5 – x86 and Advanced Static Analysis”