Dec 01

Ten measures to protect small and middle business data security(1)

Ensure recoverability of data

To do backup of existing data has been one of the key tasks of every business organization, only stupid administrators will take this kind of things as something superfluous. However, according to our experience, many enterprises don’t adopt extra measures to regularly check backup content.

Data disaster prevention mechanism

One reason why small and middle enterprises always suffer loss is the lack of forward-looking. Most of small and middle enterprises never make up adequate precautions for fires, floods and other natural disasters. Here what I must emphasize is that it’s necessary for all enterprises to store backup data in separate locations that is far from infrastructure.

Judge enterprise tolerance to data loss

Although in theory, it’s certainly more scientific to do full backup for all data. However, from the actual operations, all the information is often not necessary to be strictly protected. Companies should first determine themselves what type of data or which level of data loss can be tolerable. After a thorough understanding of their situation, we can begin modifying the backup system, letting data that is not needed disappears from backup list.

Estimate how long the daily data persists after losing data support

How long does your business persist when the enterprise doesn’t access specific data? Making sure this point can help enterprise determine how to make up restore time object (RTO). At the same time, it can help you easier establish suitable data maintenance system and hardware architectures。

Ensure that the backup system is secure and complies with regulations

The backup copy should be placed in specific location, the entire process must strictly follow relevant management system. Under possible circumstances, try to use data encryption technology to protect enterprise business information.

Oct 13

Shortcomings of weak password highlight, encryption software makes data in lost device secure

For documents, enterprise data, design drawing and other important information store in computer, we usually set the boot password to avoid unrelated persons’ view or steal, enterprise will also launch related training to enhance employees’ awareness of data protection. However, under many irresistible impacts, this part of risks of information security needs more attention. Since the crisis of weak password has been gradually occurred, when facing more mature hacker techniques and increasing leak phenomenon, to use file encryption software to add a secure lock to enterprise equipment can make classified data secure in any cases.

Security experts said that for the majority of ordinary laptop users, the most common-used information security defense method may be setting boot password, and they will set longer and more complex password if they need stronger safety, while in this situation, the thieves can dissemble the hard drive and read its original data in another computer. This is virtually easy.

For users having some computer knowledge, he may adopt some advanced security measures, for example, setting a password to lock computer hard drive so that you will be required for correct password every time you start the computer; and even some one dissemble the hard drive, and it’s difficult to read the original data. But with the continuous development of hacker attacks, only depending on password can’t prevent experienced thieves erasing system configuration information to break into the system to obtain classified information.

There a very important point which is often overlooked by enterprises, that is, setting password can’t completely avoid initiative leak. As both setting boot password and hard drive locking password are defense means, no matter how strong or complex the passwords are, they are useless to initiative leakers. To effectively prevent various leak events including employees leak, data leak caused by laptop loss or stolen devices, one of the best methods is to encrypt the valuable files. Classifying the users’ permission and copying protect files on LAN can avoid employees copy the company files away; besides, employees should be forced to add protection to working files store in laptop and other devices to avoid data loss caused by device loss.

Sep 09

Strife openly and secretly behind data encryption

In the information age, the U.S. National Security Council (NSA) almost becomes popular in the whole Internet. Not because they are credited with maintaining American security but because they rip off information, which makes them become enemy of users who strike to maintain network and freedom of network information security.

NSA has the world’s leading IT and personnel, meanwhile they are supported by U.S. government, which make them unscrupulous in the information world and the Internet.

According to “New York Times” online edition reports, a few years ago, the United States National Security Agency (hereinafter referred to as” NSA “) had implanted back door system into a International encryption technology that allows the United States federal to breach any data that was protected by this encryption technology.

There were reports that in 2006 the National Bureau of Standards and Technology helped develop an international encryption technology to assist countries and all walks of life to prevent their computer systems were hacked. But another United States federal agency — NSA—had stealthily implanted a backdoor system into the technology without many users knowing it, so that federal agents can decipher any data encrypted by this technology.

According to the documents leaked by former NSA contractor Edward Snowden, NSA has attempted to infiltrate each set of encryption systems, and often try to use the easiest means to achieve this goal. As modern encryption technology is extremely difficult to decipher, even with powerful supercomputers of the institution, it often failed to decipher. Therefore, NSA prefers to cooperate with major software developers and encryption technology licensors to secretly gain access permission to the system.

According to the news from “New York Times”, “The Guardian” and news site ProPublica, NSA can now access the code that’s originally used to protect commercial banking system, trade secrets, medical records and e-mail and Internet chat. Sometimes, NSA has forced some companies to give them access permissions.

These backdoors and particular access permissions are another evidence of the United States intelligence community’s ultra vires. Today, more and more businesses and individuals store most secret data on the cloud storage service, hence they need to be assured that their data is secure, but this relationship is mostly based on trust. Once users know the encryption system is sabotage, they will shake their confidence in these systems, which may have adverse impact on business activities.

People were originally thought that individuals, businesses and government agencies’ privacy in the general communications will be protected, but the fact that NSA implanted backdoor backdoor system might make such illusions shattered.

NSA tends to assure the U.S. government that they would decipher the communication or data that is suspected of illegal individuals or businesses. But weakening citizens’ ability of using encryption technology is obvious a practice of ultra vires.

New Jersey Democratic Congressman Rush Holt has proposed a bill, banning the government requiring software developers to implant backdoor in encryption software system. Outsiders believe that the bill should receive the unanimous support of the U.S. Congress. At the same time, a number of Internet companies including Google and Facebook are developing a new encryption system that is difficult for NSA to penetrate. These companies attempt to show an attitude that they are not secret partner of intelligence agency.

Jul 28

Use Heartbeat as Password – a New Encryption Method Appears

Since now many people don’t trust the traditional passwords, some technology companies began to explore other ways to ensure people’s online account safety. Some companies invented to use brain waves or fingerprints as passwords. Now there’s a new encryption method in the world.

A wristband called Nymi can detect user’s heart rate through ECG sensor, and allows user to use own heartbeat to decrypt device. This product can be used with iPad or even cars. This product manufacturer is Bionym from Toronto, the company’s developers said using human heartbeat to unlock the device is safer than using fingerprints, facial recognition and other external means to do that.

When first time getting the device, users simply need to use finger to press on the sensor of the wristband, the sensor will automatically monitor and store the user’s heart rate. The whole process takes about two minutes, after saving the user’s heartbeat, the device will only recognize the user’s heartbeat. Ordinarily, the sizes of people’s hearts are completely different, so produced electrocardiogram is unique.

Daily use of the device is also very simple, you need to press and hold the sensor with your finger, after a few seconds, the sensor will be able to identify the user’s heart rate, and use Bluetooth technology to connected with the device that need to be controlled to unlock the device. When wristband leaves outside of the scope of Bluetooth, the device automatically locks.

Nymi even works with the gesture control feature, for example, when a user is in the car, waving can open the drive side door or rotating the wrist to open the front passenger side door. In addition, the product also has a secure payment feature, at highway toll stations users can use it to scan the device charges, and the fees will be automatically deducted from the user’s account. The wristbands can also remind users of receiving a mail or social network message by vibration, while the device vibrates, the screen will also display.

This encryption method is limited used to protect devices. We now still use traditional password most. For example, we use traditional password to protect files/folders on computer or external hard drive.

Jul 14

Five Errors in Personal Network Protection

Owing to the frequently happened network security incidents and personal privacy and data leak issues, most of readers have already begun to pay attention to strengthening personal information protection and enhancing secure awareness. But unfortunately, currently there’s still some false information about data protection spreading among the public. These erroneous views spread between the network community and users, but seldom experts correct these errors. The following includes five representative security errors:

Error 1: I don’t have valuable information, nobody would hack my computer

Many people hold the similar argument. When you tell them to strengthen security measures (for example, improve the account password strength), they always say we don’t have valuable information and there’s no need to hack my computer.

In fact, today’s hackers often use phishing attacks. Once your cell phone information , email and social network information and other network information have been mastered by hackers, they would carry out further social engineering attacks (of course, the targets may be your friends in Contacts), and even cooperate with offline fraud, causing serious consequences.

Moreover, hackers or cyber criminals can not only make use of privacy information to start social engineering attacks, they can also invade your home router, laptop. NAS and even smart phone, they can change your device into zombie clients, even worse, they can use your device to initiate a variety of criminal activities, so you will not only be a victim but also an accomplice. Therefore, it’s a responsibility for us to enhance security awareness, improve security knowledge level.

Error 2: VPN or Tor can realize completely anonymous.

After Snowden event happened, Tor has stepped into the vision of people who are seeking asylum privacy. Many people may forget, Tor is also a paradise of botnet network and network black market. And more importantly, after Snowden event, some experts pointed out that Tor couldn’t help escape tracking of US intelligence agencies.

The most typical example is that by the end of 2013 a student of Harvard University – Eldo Kim used Tor to release bomb threat information and then arrested. Perhaps influenced by Snowden, Kim overestimated Tor’s “stealth” capability, and published false information of bomb attack by Tor, attempting to delay the date of the final exam, but unfortunately FBI officers soon found Kim’s classmate.

Similarly, VPN also do not have the stealth capability, for the design purpose of VPN is strengthening security, rather than being stealth.

Error 3: Mac address filtering plus turned off SSID broadcast can ensure WiFi network security

Many users think setting the MAC address filtering plus turned off SSID broadcast can ensure family WiFi hotspots security, which is actually a big misunderstanding. It may be useful for computer novice, but useless for computer geeks or hackers.

Remember that only WPA2 encryption standard level can effectively protect your WiFi network, and you must use strong password.

Error 4: Seamless browse can ensure security

Today, many browsers have launched a so-called “incognito browsing” security option, but in reality this so-called incognito can only prevent other users of your computer check and see your privacy information, but for network service providers such as providers of cloud disk, mailbox, social network, your activities are still under surveillance.

Error 5: I have never visited dangerous sites, so I don’t need to install anti-virus software.

Many people think that computer hacker is caused by browsing “dirty” sites, in fact. Nowadays many hackers use pub-style attacks”, which means that first of all attacking regular sites you frequently visit, and then sit back and wait to control your computer. In addition, browser plug-ins, malicious app will stealthily steal your important private information and data.

Hackers have been all pervasive and even your computer that’s never connected to the Internet may be infected with virus. Therefore, you need to keep good online habits including installing anti-virus software, enhancing anti-phishing awareness and password protecting personal files.

Jun 30

Best Defense is Equal to Attack

Speaking of BYOD, the best defense is attack, namely, making strategies in advance to achieve your desired results and to avoid potential risks.

BYOD (Bring Your Own Device) has stirred all walks of business processes. Some companies are fully enjoying the convenience brought by BYOD, yet some companies shy away from them. On the bright side, BYOD can potentially help companies save operating costs, help employees maintain a happy mood and improve office efficiency. But on the other hand, BYOD may also bring a series of problems and pitfalls in the various aspects of security, compatibility and so on. But through some planning and education, most of these problems and pitfalls can be avoided. We can have a look at the troubles brought by BYOD and corresponding resolutions to these problems.

Data leakage: Companies sensitive data leakage is always one of most concerned problems for companies. Employees bringing their own devices to company makes enterprise more worried. Employees may lose their smart phone or tablet; for these devices can easily be eyeing by thief. When the devices containing companies’ sensitive data get lost, the data may fall into wrong hands. One way to avoid this situation is to use file password protection program to lock sensitive data with password, and the other way is to use a remote deletion policy, namely when the employee’s mobile device is stolen, company can remotely delete the sensitive data on the remote device.

Password Leak: just like we usually carry several keys, employees’ mobile devices will store various passwords that are used to log in company’s network and applications. These passwords may exist in mobile applications, or may also be stored directly in the mobile device’s memory. Enterprises must establish a strategy to ensure that companies’ passwords won’t be stored in cache or any application in mobile device. An alternative strategy is that if employees want to save the password on the mobile device business (even login information), they need to use information/password saving application to properly encrypt them.

Productivity decline: When employees start BYOD, they will spend a lot of time on social network, chatting with friends or do other things unrelated to work. How to solve this problem? Since many devices are connected to operator’s mobile communication network, in which case the employees feel that their equipment is not bound by corporate policy. In order to avoid this situation, you should require employees’ mobile devices switch into WiFi network provided by the enterprise when entering company. 

Insufficient bandwidth: Many companies have been concerned about this problem. Most companies believe that the enterprise network bandwidth demands will be dropped after the use of BYOD, which is a big mistake. One of the advantages of BYOD is that employees also can use the mobile operator’s network networking to work when going out, but when they returned to the office, they are likely to connect desktop and their mobile devices to the corporate network, thereby increasing the burden on the enterprise network access bandwidth. Therefore, companies need to ensure that their network access bandwidth has sufficient load-bearing capacity.

Device Management: Many companies are asking how to manage a large number of mobile devices. Because of the many types of equipment, as well as different operators, companies is difficult to centrally manage all mobile devices. But what companies can do is to establish a set of network access control mechanism (NAC), and to control these devices via MAC address for each mobile device.

Over Autonomy: Once a company implemented a BYOD strategy, which’s equivalent to tell employees and users that businesses gives them a very high autonomy. Of course, this autonomy is likely to be abused by employees or network users. Therefore, even if the enterprises implement BYOD, they should let employees know that it doesn’t mean that they can use their own equipment in any activity. If necessary, you can also require employees to sign BYOD agreement confirming that they understand their mobile devices use behaviors in the enterprise are limited.

Jun 16

It’s time for you to abandon TrueCrypt

A series of aftermath of WindowXP end of support is gradually revealing. Currently open source TrueCrypt warn users of the tool’s security vulnerability on SourceForge official site; meanwhile, TrueCrypt also announced the termination of TrueCrypt development.

TrueCrypt warned on the official page with striking red font:

“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

This page exists only to help migrate existing data encrypted by TrueCrypt.

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.”

TrueCrypt’s warning and development suspension caused uproar on social media, since in the past decade, TrueCrypt had always been a very popular cross-platform open-source encryption program, so it’d been first choice for users who had needs of data encryption.

For a long time, TrueCrypt are famous for excellent encryption performance and good safety record, TrueCrypt could create a virtual disk on your hard drive without needing to generate any file, the user can access in accordance with the drive, all files on virtual disk are automatically encrypted, which need password to be accessed. TrueCrypt offers a variety of encryption algorithms, including: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish, other features support FAT32 and NTFS partitions, hide labels, hot start and so on.

In 2009, the Brazilian Federal Police confiscated five hard drives in banker Daniel Dantas’s Rio de Janeiro apartment in the Satyagraha action launched in July 2008. These drives used two types of encryption programs, one of which is TrueCrypt, the other is unknown 256 AES encryption software. After the expert failed to crack the password, the Brazilian government asked the U.S. for help in the beginning of 2009, however, the United States federal police also failed to crack the encryption after one-year attempt, and returned the hard drive. This incident makes TrueCrypt famous.

In 2013, Snowden exposure NSA can decrypt most Internet encryption technology; TrueCrypt supporters raised a lot of money to audit TrueCrypt security. From the first phase of audit results, there has not been found security backdoors.

Johns Hopkins University professor Matthew Green participated in the TrueCrypt security audit, he said TrueCrypt official warning looks really, unlike the hacker’s prank, and he also contacted the TrueCrypt secret private developers, trying to get more details.

Whatever the truth, TrueCrypt users should enhance viligance, TrueCrypt is no longer the indestructible who should begin vigilant, TrueCrypt encryption is no longer the indestructible encryption software. And it’s time for you to consider using other file encryption software as an alternative. There’re many file encryption solutions on Google, you can try and choose most suitable one. If you need file/folder encryption solution for Windows computer, you can try Folder Protector.

May 05

The troubles from BYOD and corresponding solutions

When talking about BYOD, the best defense is attack, that is, through setting stratagem in advance to achieve the expected results and to avoid the potential risks. BYOD (Bring Your Own Device) has stirred all walks of business processes. Some enterprises are fully enjoying the convenience brought about by BYOD, while some enterprises are staying away from it. On the bright side, BYOD can potentially help companies save operating cost, help employees maintain happy moods and improve office efficiency. But on the other side, BYOD may also result in a series of problems and pitfalls in security and compatibility and other aspects. However, through education and planning, most of these problems and pitfalls will be avoided. Now let me show you the troubles result from BYOD and the corresponding solutions to the problems.

Data leakage: company’s sensitive data leakage is always one of the most concerned problems for companies. Employees bring their own devices into the company, which makes the concern of data leakage more serious. Employees may lose their smart phones or tablets, what’s more, these devices easily become targets of thieves. Once the mobile devices with company sensitive data get lost, the data may well fall into wrong hands. To avoid this situation, admin of the business should urge employees to encrypt all files relate to company with password, so the files are still under protection even if the device are stolen or missing.

Password leakage: just like we usually carry several keys, there will be several passwords that can be used to logon enterprise network or service applications on employees mobile devices. These passwords may be stored on mobile applications or directly on the memory of the mobile devices. Enterprise must establish a strategy to ensure the password won’t be stored on cache or applications on the mobile devices. An alternative strategy is to use special password storing application to properly store passwords if employees hope to save enterprise passwords on mobile devices.

Productivity decline: when employees begin bringing their own devices, they will spend much working time on the social networks, chatting with friends or behaving other things unrelated to work. How to solve this problem? In order to avoid this situation, all employees’ mobile devices should be connected to WiFi network provided by the enterprise. If employees are aware of the network they are connected now is within the enterprise, they will more beware of the online behaviors and don’t spend too much time on things unrelated to work.

Compatibility issues: BYOD will bring a lot of problems about devices and platforms. You hope company’s IT system and business process will support Android, IOS, OS X, Blackberry, Linux, Windows 8 and other mobile systems; while companies wish to support only one or two kinds of platforms, for the limited platform make the support from company to mobile devices easier.

Device Management: many companies are wondering how to manage a large number of mobile devices. Because of various types of devices and different operators, enterprise can hardly centrally manage all mobile devices. But companies can at least establish a set of network access control mechanism (NAC), such as PacketFence, and to control these devices via MAC address for each mobile device. Of course, this requires that employees agreed the enterprise to record the MAC address of their mobile device. But companies need to realize that it takes much time to manage all devices and activities of these devices.

Virus infection: compared with desktop, the risk of virus infection of mobile phone platforms is relatively less. Therefore, users of mobile devices must install anti-virus software for their devices. The enterprise should designate antivirus products for employees, and regularly remind staffs to upgrade software and virus database.

Compare all devices to human beings, the mobile device is like people in adolescence, and there always be many problems. Enterprise makes use of mobile devices to assist the business; it must face various potential problems. The best solution is to prepare in advance and then resolve the problems quickly and timely when they arise.

Apr 08

Computer Password Cracking Methods Conclusion (1)

The administrator always confront with problems about password forget or password missing, the followings are the collection of some methods of password cracking. Power-on password is the first one we’ll meet, so let’s star from CMOS password cracking.  

1.       CMOS cracking

Even though the types of CMOS are various, their encryption methods are basically the same. The general cracking methods start from “hard” and “soft” aspects.

1) “Hard” remove method

The principle of this method is to process the CMOSRAM on the motherboard with electro discharge treatment, which makes the contents lost owing to lack of normal power supply parameters stored in CMOSRAM lacks normal power supply, and thus to remove CMOS password. Some newspaper or sites make much introduction about how to crack CMOS password, and the operation is very easy. But we will introduce an alternative technique, which is the method that a number of computer users like to use. This method is also simple: open the case, and pull off the hard drive or CD-ROM, floppy drive data cable from the motherboard, and then start the computer, BIOS will report an error during self-test and then automatically enter CMOS, at this time you can reset the BIOS content.

2) “Soft” remove method

Strictly speaking, the “soft” remove method is not as thorough as hard remove method, but it’s also very effective. CMOS password according to need can be divided into common user password and super user level password. The former simply restrict the changes to the BIOS, but it allows to normal start computer and run other software; but the latter completely ban access to a computer and BIOS.

1> crack common user password

First of all, boost a computer with DOS, input debug and then press enter in dos command line, and then use the data of listed methods to remove the CMOS password, restart the computer, the system will tell you the CMOS parameter is missing and require you to reset CMOS parameters. After testing, this is a very effective method.

2> crack the super user password

Here we need to resort to external tools. We choose the most classic BiosPwds, a freeware, which is suitable for computer users who are not familiar with dos.

2.       Crack system password

System password is the password you use to log on the operating system, it provides protection for your computer and protect your computer from unauthorized users’ accesses, so as to ensure computer and confidential data security.

1. Windows98/ME system login password

1> cancel

The easiest way is to enter nothing when logging on the password, directly click on “cancel” to enter the operating system. But this way makes you can only access resources in local computer but can’t access the network resources if your computer is a part of LAN.

2> add users

When you are blocked from the system owing to the password, you may as well add a user for the system, and then log in. Click “Start”->”Settings”->”Control Panel”, and then double click on “user”, open the “User Properties” dialog box. Then, input user name, password and customized settings following the prompts, and then click on “Finish”.

3> delete “PWL” file

Delete the .PWL file under the Windows installation directory and all personal information files under Profiles subdirectory, and then re-boost Windows, the system will pop up a password setting box without user name. You don’t need to input any content, just click on “Ok” and tehn Windows password will be deleted.

4> modify the registry

Run the Registry Editor, open the registry database “HKEY_LOCAL_MACHINE \ Network \ Logon” and change “username” to “0″, then restart the system, which also allows you to remove the password.

2. Crack WindowsNT password

If you have normal user account, there’s a simple way to get NTAdministrator account: first rename the logon.scr under c: \ logon.scr winntsystem32 as logon.old for backup, and tehn rename usrm gr.exe as logon.scr and restart. logon.scr is a loaded program when starting system, after restarting, the computer won’t appear logon password interface, but the user manager, at this time you can add yourself into admin group.

3. Windows2000 password

Use boot disk to boot computer or enter another operating system (eg Windows98), find the folder “X:\DocumentsandSettings\Administrator” (X is the disk where Windows2000 is placed), delete “Cookies” folder under this folder and then restart the computer, so you can quickly logon Windows2000 without password.

The above methods are used by admin to cope with problems of forgetting password or missing password, they shouldn’t be used to break other people’s computer. And the computer users who are afraid other people will invade computers without authority and steal personal information should take extra protection for the confidential and sensitive files and documents, such as using file encryption solution to protect files and folders.

Mar 24

How do individuals avoid NSA global network monitoring?

The massive surveillance data center built by NSA in Utah desert can screen and analyze most global network traffic from location, audio and video files, emails, social network and other digital documents. Of course, the organization that’s able to track our digital trail is not only NSA, at this privacy streaking era, all kinds of government agencies and commercial companies can master our words, conducts all the time. As a ordinary netizen, is there a reliable self-protective method?

Earlier this week, “Washington Post” has given five pieces of personal information security advice for escaping from NSA surveillance, including using Tor to surf the Internet, using Silent Circle to call. In fact, the Internet personal privacy problems are not limited to the NSA surveillance, in the past several years, the Chinese Internet companies user accounts massive disclosure and the threats to personal privacy and finance from Android phones’ malicious apps make customer privacy self-protective measures imperative.

At the age of anti-virus software is all free and invalid, everyone should understand the skills about personal privacy protection.

1. Use Firefox encryption plugin Tor to anonymously browse

To use Tor for anonymous browsing can prevent website browsing data from intercepted, so all kinds of insatiable Internet companies do not know what kind of ads should be pushed to you, NSA will also don’t know whom you are communication with. The whistleblower Snowden of NSA was photographed using Tor on the Internet.

Tor is a free Firefox anonymous browsing plugin, which’s able to encrypt network traffic data and can be used with Firefox browser on PC, Mac and Linux platforms. And encryption is at the expense of some of the browser’s speed.

It is noteworthy that Tor is not foolproof, for example in 2011 the hackers attacked Dutch certification authority NigiNotar, and created a lot of Facebook, Google, Skype and Tor fake digital certificates, the purpose was to monitor the Iranian Internet users. Similarly, according to Arstechnica reports, papers of USENIX Conference, the researchers also found that there are loopholes in Tor, which can be used to identify Bittorrent user’s identity.

2.  Use OTR app to encrypt chat

Snowden used a type of unknown OTR chat app when accepting the interview with the Guardian, this application can encrypt chat data, many free client support OTR, including Cryptocat and Adium of Mac OSX and IM+ for Android smart phone and iPhone.

3.  Use Silent Circle to encrypt voice and email, etc.

Silent Circle is a US native brand new personal communication encryption service, Silen Circle company announced that its four services would cut price while the NSA monitoring action burst, and these services include mobile phone voice encryption, text messaging encryption, VoIP voice and video call encryption and email encryption. This company claimed through an independent audit it ensured the services provided have no back door.

It is noteworthy that both the communicating parties must be users of Silent Circle if using Silent Circle encryption service. For those high-end business users who worry about information leakage, Silent Circle’s encryption service is very attractive.

4. Android mobile phone users use Redphone to encrypt calls and SMS

Android users are lucky, WhisperSystems company’s open-source software Redphone and TextSecure can provide security call and SMS encryption function. Similarly, both communicating parties must install Redphone clients. Thereinto TextSecure is used to encrypt text messages.

Redphone and TextSecure currently both have passed third-party audit to ensure that there is no back door.

5. Use PGP to encrypt data

PGP and the open source GPG that’s similar to PGP can be used to encrypt data and e-mail, these two software programs need a little bit knowledge to use, Snowden even had to make a teaching video for the Guardian reporter Greenwald.

6. Turn off phone, remove the battery

This approach sounds a bit radical, but this behavior when you don’t use mobile phone can prevent phone leaking your location information to mobile base station nearby. ACLU chief scientist Christopher Soghoian told the “Washington Post”: “laws of physics tell us that you cannot hide your location information to mobile operators.”

7. Stop using Windows and Mac OS operating systems

I believe that changing operating systems is a difficult decision, but considering that Microsoft has officially acknowledged having submitted global users data to NSA, the backdoor of operating system has become a real and serious problem. If you want to escape from “Matrix” and acquire free network user identity, you need to consider various versions of Linux including Ubuntu.

For ordinary computer users, information security including communication information and information placed in computer should be both considered. You need to try methods above to improve your information of communication security level, and for the information in computer, you can use third party tool file encryption program to set password to your folders.