CategoryCryptoLab

Crypto Lab Technology Blog Postings

Android – WireGuard Installing & Documentation

A

Download Configuration Files First
After you purchase your VPN service you will be issued VPN configuration files. You can visit the download area where you can download the zipped files. 
Please follow the procedure for either Mac or Windows for downloading and unzipping your file. 

Mac Instructions

Windows Instructions

Download WireGuard app

There are two ways you can get the WireGuard app for Android:

Download it from Google Play

Download it from the F-Droid website

Import the configuration file

Open the WireGuard app.
Tap the add :plus: button
Tap Scan From QR Code.
Select Allow when asked if WireGuard access your camera.
Point your camera to a picture of the open .png file.
Name your VPN connection.

Connect and disconnect

In the WireGuard app, tap the toggle button  next to the location server you wish to use.
You will either connect or disconnect.
That’s it!

Edit A Connection

Click on the WireGuard icon  located in your desktop.
Click on the Tunnel (VPN Connection) you would like to edit.
Click the edit button (pencil).
Make changes to the name of the Tunnel.

On-demand activation

Enable this option if you are experiencing frequent disconnections or if you want to ensure that the VPN service is always active.

Click Settings >> Network & Internet >> VPN
Click the gear button to the right of WireGuard
Enable Always-on VPN
You can also enable Block connections without VPN if you’d like.

0

Linux – WireGuard Installing & Documentation

L

Linux Install Commands

You can follow the instructions located on this page:

All of these commands are run in a terminal window while you are logged into our Linux computer. Remember that if you run these commands remotely you will be disconnected after you enable your VPN connection.

Add the WireGuard repository to your sources list. Apt will then automatically update the package cache.

sudo add-apt-repository ppa:wireguard/wireguard

Get all your packages updated

$ sudo apt-get update

Install WireGuard. The wireGuard package will install all necessary dependencies.

sudo apt install wireguard

Configure WireGuard

The install commands below show as an example wg0. Each separate VPN connection will need to be installed with a different wg number.

Example:Atlanta VPN = wg0London VPN = wg1Newark VPN = wg2

It’s a good idea to write each of these down so when you do connect you know which one you are connecting to. Otherwise you can use a site like to find where you are connecting from.

You must run the command below from the directory that contains the .conf files that were taken or sent to you from the Algo VPN server. You can install multiple .conf files one after the other if you’d like.

sudo install -o root -g root -m 600 .conf /etc/wireguard/wg0.conf

Start WireGuard Service

Start WireGuard. This command must be used each time you want to start the VPN connection after you boot your computer. You will need to select the correct wg number to make the correct VPN connection.

wg-quick up wg0

Stop WireGuard

wg-quick down wg0

Check if the VPN connection started properly

sudo systemctl status [email protected]

Verify the connection to the AlgoVPN

sudo wg show

Optionally configure the VPN connection to come up at boot time. I don’t recommend this unless you know what you are doing.

sudo systemctl enable [email protected]

0

Staying Private Software

S

Below is a small list of software you can use to keep yourself Staying Private. I will be adding to the list as I do more research and reviews.

Encrypted Email – ProtonmailAll emails are secured automatically with end-to-end encryption. This means even we cannot decrypt and read your emails. As a result, your encrypted emails cannot be shared with third parties.

Self VPN – Algo VPN ServerIf you don’t hold your data, you don’t own your data and someone else might.

Secure Instant Messaging & Voice – SignalState-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure. Signal is in the process of releasing their next version that will support non-phone number based accounts.

Domain Registration – Orangewebsite.comOrangewebsite is able to offer you extended privacy and low online censorship by registering all the domains in an offshore location, outside of the USA or European Union.

UnstoppabledomainsTo send cryptocurrency, all you need to know is the recipient’s blockchain domain. Send BTC, ETH, and any other cryptocurrency with just one domain. No more worrying about sending to the wrong address

Jitsi audio/video server

Different computer logins for your different users. This helps with browser fingerprinting.
0

5 Myths About Password Managers

5

Password managers are the most recommended tool by security experts to protect your online credentials from hackers. But many people are still hesitant to use them. Here’s why password managers are safe, secure, and your best defense against password-hungry cyber criminals.

What is a password manager?

Think of it like a safe for your passwords. When you need something inside the safe, you unlock it. Password managers work the same for your online credentials.

You create a single, super-strong password, which acts like a key. Install the password manager app on your phone, computer, browser, and other devices. Your passwords are securely stored inside it. Anytime you need to log in to an account, unlock your password manager and retrieve your login info.

Myth 1 – Password managers aren’t safe or trustworthy.

With website vulnerabilities and security incidents on the rise, many people have grown to mistrust a tech tool to manage their passwords. What if the password manager gets hacked?

Reputable password managers take extra steps to lock down your info and keep it safe from cyber criminals.

A good password manager:

Doesn’t know your master password (so hackers can never steal it)Encrypts all your dataDoes not store any of your data on their serversCan generate strong, secure password

Myth 2 – Password managers aren’t 100% secure, so I shouldn’t use one.

No privacy tool can completely guarantee your online safety. Even the most elaborate lock can be broken into. Yet we still lock our doors to our houses and cars.

The alternative to using a password manager is to rely on your own memory to remember all your credentials. This inevitably leads to recycling passwords or using variations — a bad habit that hackers love.

Password managers can be such an effective security tool because they help us improve bad habits. With a password manager installed on your computer and phone, it’s a lot easier to take your logins everywhere so you can use unique, strong passwords on every account.

Myth 3 – Storing all my passwords in one place makes them vulnerable to hackers.

Password managers don’t store all your credentials together in one place. Any data you store in a password manager — passwords, logins, security questions, and other sensitive info — is securely encrypted. Even if the password manager gets hacked, cyber criminals would not be able to see your logins.

The only way to access your data is with a single master password that only you know. You use this password to unlock the manager on your computer, phone, or other devices. Once it’s unlocked, a password manager can fill in your logins to websites and apps.

Myth 4 – Remembering all my passwords is safer than trusting technology to do it for me.

Our memories sometimes fail us. Ever clicked a “forgot password?” link? It’s very common to use variations of the same password to make them easier to remember. With a password manager, you don’t need to remember any of your credentials. It can be installed on all your devices and will auto-fill your passwords for you. Once you get in the habit of using one, you’ll no longer have to worry about forgetting your credentials.

Myth 5 – It’s a huge pain to set up a password manager.

Sure, it takes time to log all your credentials in a password manager. But you don’t need to do it all at once. You can always start small and change just a few passwords at a time. Try installing a password manager and creating new, unique passwords for the websites you visit most frequently. Over time, as you log in to other sites, you can add others.

The information above was taken from FireFox Monitor
0

How Do They Know You Are On A VPN

H

How do websites know your’e coming from a VPN? The answer to that question is pretty easy…. Technology.

Companies Sell The Data

There are many companies that compile and sell IP address provider data. IPQualityScore is just one such company.

IPQualityScore maintains the most accurate database of VPN providers, including new servers and nodes that are added each day. By querying our API or processing a list of IP addresses, it’s very easy to accurately check if an IP addresses belong to a VPN provider. The VPN IP address can also be analyzed for risk analysis, location, and behavior history and similar data.

IP Blocking

A company like IPQualityScore might compile the data, but other companies like Cloudflare implement that data. Cloudflare can deny you access to a site if your IP address triggers an event. Maybe your IP address belongs to a company that hosts VPNs. One way to match an IP address to a company is via their ASN number. ASN numbers can tell other companies what their IP address might be used for. The example below is from NordVPN when I was testing out various VPN providers. While using NordVPN my IP address 64.44.55.156 was blocked from visiting a site. This happed quite a few times while testing their VPN service. But what this shows is that NordVPNs IP address (64.44.55.156) is owned by Nexeon Technologies a “Network Sharing Device or Proxy Server” service with ASN 20278.

With this information a website could block you based on knowing you are coming from a Network sharing device or proxy server.

Colocation Data Centers

A colocation (colo) is a data center facility in which a business can rent space for servers and other computing hardware. As you can see from the example below, this company has blocked the IP address range from being able to access their ordering website. You can get to their marketing side of their website using a VPN, but you can’t order food. Cloudflare has given the ability to block the IP address based on their knowledge of the IP address range.

What Is ASN?

ASN (Autonomous System Number) A unique identifier of an autonomous system on the Internet. Of the 65 thousand ASNs available, more than 30 thousand have been assigned to ISP (Internet Service Provider) and NSP (Network Service Provider). ISPs usually have only one ASN, but NSPs may have more than one.

What Is A NSP?

NSP (Network Service Provider) is an organization that provides a high-speed Internet backbone to ISPs and other service providers. Sprint, MCI and UUNET are examples of NSPs.

What Is A ISP?

ISP (Internet Service Provider) is a company such as AT&T, Verizon, Comcast, or MetroNet that provides Internet access to companies, families, and even mobile users. ISPs use fiber-optics, satellite, copper wire, and other forms to provide Internet access to its customers.

Look Up Your ASN

If you want to see who really provides your IP service, you can look them up on an ASN look up tool.

 

0

Ledger Hardware Wallets

L

Hardware wallets have come a long way. Love them or hate them they are here to stay. This blog is focused on helping you out with your Ledger NanoS and Ledger NanoX. This blog will grow over time and bring you help and information that you may need. 

In this blog I don’t want to rehash, too much, of what you can easily find out on the net. I want to bring you the harder issues to deal with. 

I will reference outside articles because I know my limits of explaining things and I also understand there are much smarter people in the space.  I can do the research so you don’t have to.

24 Words….. What?

An algorithm is used to derive the keys based on your seed words. Since the algorithm doesn’t change you can always generate the same keys with the same 24 words. This is also why it’s possible to simply guess a 24 word seed and you have a chance of finding someone’s coins. The chance is just infinitesimally small so it’s not worth the effort.

A Ledger Nano S or X can creates multiple addresses and thus multiple private keys for every cryptocurrency it supports. Since that list grows longer each month, the Ledger is able to manage hundreds of private keys. If you were to lose or break your Ledger, you can just buy a new one and restore all your wallets (private keys) with the 24 word seed phrase.

If Ledger or any other hardware wallet provider went out of business, you could still gain access to your private keys by Cracking Your Ledger. The wallet software knows the algorithm used to create those keys, so the software cracking process would just create them in the same way the ledger wallet hardware does.

What exactly are the 24 words that make up your private key? You might think that the 24 words come from a huge list of word from a dictionary. That’s just not true, they come from a list of 2048 words. This list of words is called BIP 0039 and the link to them can be found below. BIP stands for Bitcoin Improvement Proposal. 

BIP39 describes the implementation of a mnemonic code or sentence (a group of easily remembered words) to generate  deterministic wallets. It consists of two parts: generating the mnemonic, and converting it into a binary seed. This seed can be later used to generate deterministic wallets using BIP-0032 or similar methods.  If you want greater detail or something to read before bed, here is a nice Medium Article about it. 

Cracking Your Ledger

I haven’t seen this term used yet, so I guess I’ll coin the term.  So what is Cracking Your Ledger? Cracking your ledger is the process of using your 24 word phrase to gain access to the hidden private keys stored inside. Your Ledger wallet never sends your private keys outside of the device. It only approves the private key. The process of cracking your Ledger is pretty simple, but very dangerous (in my opinion). Once you crack your ledger I consider it compromised and you should never trust that set of 24 words (private keys) again. 

But why would you want to expose your private keys if you don’t have to? There are many reasons, but a simple example is claiming a forked coin. If you didn’t have your LTC on a disposable wallet (LTC core wallet) you would need your private keys to claim your LCC fork. The only way to do this is to crack your Ledger to expose your private keys and claim your fork with these private keys. 

Start by downloading the offline version of the BIP39 Tool. NEVER, EVER USE THIS TOOL ONLINE OR WHEN YOU ARE CONNECTED TO THE INTERNET.  If you didn’t understand what I just said, read it again. I have known people who have, with good intention, given their 12 or 24 word phrases to an online application or a support person who was going to help them. Both lost all their coins from their Secure Ledger Wallet.  It was not the Ledger’s fault that these coins were stolen, it was an end user issue. Please, never give out your 12 or 24 word phrase to anyone. The only place you should every type it in is directly into your physical Ledger (not LedgerLive).

The link to the download the BIP39 tool is below. Download and use this tool locally on your computer with your internet connection disabled. Yes, that includes both your Ethernet cable and your Wi-fi connection.

To see what it will look like when you download this to your computer and run it locally, you can visit this page:

Recovery Phrase Is Not Valid

I have to admit, that’s a scary phrase to see on any hardware wallet. But as it turns out, it does happen. There is really no information from Ledger on their site about this issue, but I know it occurs. From the research I’ve been doing, this error appears to be related to using the incorrect word or words. Using the method above to Crack Your Ledger is potentially one way to resolve this issue. But if you don’t have the correct words in the correct order cracking your ledger won’t help you.

One tool that may help you is the Seed Recovery Tool. The link can be found below.

There are a few requirements if you wish to use this tool. A good estimate of what your seed is, AND One of these four, in order of preference:for Electrum (1.x or 2.x), a copy of your wallet file (a wallet file using Electrum 2.8’s new full-file encryption won’t work here), oryour master public key (sometimes called an xpub), ora receiving address that was generated by your wallet from your seed, along with a good estimate of how many addresses you created before the receiving address you’d like to use, oran “address database”. If you don’t have i., ii., or iii. from above, please see the Recovery with an Address Database in the documentation.
0

How Secure Is Your Password?

H

Do you think your password is safe? I’d think again. Watch as the ‘Beast’ cracks billions of passwords a second. Dr Mike Pound demonstrates why you should probably change your passwords. I don’t have the understanding that Dr Pound does, so listen to an expert, not me.

Michael P. Pound is a researcher at the University of Nottingham.
0

Algo VPN – Create Your Own – Linux Server @ Linode

A

Below is a video on how to purchase your Linux Nanode at Linode. You first need to rent (~$5/month) Linux server and then install your Algo VPN Server (free – open source).

The first video explains how to create a Linux “Nanode” through a company called Linode. You first need to rent (~$5/month) Linux server and then install your Algo VPN Server (free – open source). I’d appreciate it if you used my affiliate code: Linode

If you wanted 2 different VPN locations, you would need to purchase 2 different servers through Linode. You can connect up to 250 devices per server, so you can share your VPN with friends and family.

A note about setting up at Linode or any other server provider. They might block your SMTP port. You just need to request them to open the port so you can send your email. SMTP can be used to send your email, but not necessarily. It really depends on the service you use. Have questions, hit me up.

You can find other videos that will walk you through adding wireguard, the software you run on your computer & mobile device, that allows you to use your Algo Server.

0

iOS iPhone & iPad – WireGuard Installing & Documentation

i

Download Configuration Files First
After you purchase your VPN service you will be issued VPN configuration files. You can visit the download area where you can download the zipped files. 
Please follow the procedure for either Mac or Windows for downloading and unzipping your file. 

Mac Instructions

Windows Instructions

Download WireGuard app

Open the macOS App Store and find the WireGuard app.
Click Get/Install icon to download and install the app.
Start the WireGuard app from your iPhone desktop

Import the configuration file

Click on the Add a tunnel button.
Click Create from QR code
Allow WireGuard to access your camera.
Name your VPN connection. You might want to name it something to remind you of what it’s location will be.
Select the VPN connection you would like to connect to. You will find these connection files from your main computer that you downloaded the .zip file onto.
That’s it!

On-demand activation

Enable this option if you are experiencing frequent disconnections or if you want to ensure that the VPN service is always active.

Tap the location server you want to use.
Tap Edit.
Scroll down to the end.
Enable Cellular or Wi-Fi or both.

0

Algo VPN – Create Your Own – Install Algo Server

A

The video below shows you how to install your Algo VPN on your Linux Server.

The templates referred to can be found below. I have included both Word/Excel and Pages/Numbers.

VPN Setup-Linode.docxDownload

VPN-template.xlsxDownload

VPN Setup – Linode.pagesDownload

VPN template.numbersDownload

To learn more about copying files via SSH read this document.

Notes Post Video:

I’ve made quite a few changes that I would like to include with the information above. I will do so when I have time, but here are a few notes

I now include Ad Blocking in the initial install. I also include a URL which I control so I can add anything I want without too much of a bother.I use Quad9 for initial DNS setting – Why Quad9? and How Update Your Algo

0

Recent Posts

Recent Comments