Time to own a Broadband Modem of my own?

Being a cable-broadband user has it’s perks and drawbacks.

We have (what I think is) a pretty standard hi-speed cable-broadband network access package.

Download speeds are decent and I don’t worry too much about upload speeds. We don’t do NetFlix/streaming, but YouTube, hulu, and VimeoHD streams all play very well with stuttering very rare.

What I have been aggravated about is the seemingly small-but-incremental service charge increases for our cable/internet service.

Thursday as I was driving between sites I happened to catch Susan Crawford discussing her book “Captive Audience” on the Diane Rehm show on our local NPR channel. Show link: Susan Crawford: "Captive Audience."  It was both educating and frustrating, particularly as both a consumer and network support guy. I really know better than to listen to “talk radio” programs while dealing with big-city traffic. It creates a vicious feedback cycle.

That later got me thinking -- again -- about the monthly $7.00 cable-modem rental fee we pay each month.  The charge started showing up on our bill again after some broadband service issues we were having. Comcast decided the issue was partially related to a bad/failing Comcast broadband router we had been provided when we signed up for the service. Turns out that when they replaced the router, they also began tacking on the rental fee that hadn’t been there before, apparently since it was the latest model. Nice.  I understand they sometimes remove the fee when a modem model goes out of support and they “give/donate” the modem to the subscriber.

Anyway, I looked into it and depending on the model of broadband router you get, you can probably recoup the cost in just over a year or so.

So here are some links I found that I want to keep for quick reference.

I haven’t made a final decision, but since we don’t have a “triple-play” deal, nor use their VOIP service, it looks like a pretty smart decision.

• Time Warner’s new $4 monthly modem rental fee incites class action suit - Ars Technica
• Open Security Research: Comcast and DOCSIS 3.0 - Worth the upgrade? - Open Security Research - This is the post that got me started researching the possibility of buying my own broadband modem. Excellent material from Tony Lee.
• 3 Ways to Get Rid of your Comcast Modem Rental Fee - 20SomethingFinance post by G.E.Miller
• How to Replace a Comcast Modem with your Own - 20SomethingFinance follow-up post by G.E.Miller
• DOCSIS Devices - list of currently supported and approved cable modems for Comcast/Xfinity networks.
• My New Modem by XFINITY - Models (and off-site links) for recommended devices for Xfinity customers looking to buy their own.
• Motorola SurfBoard SB6141 DOCSIS 3.0 Cable Modem - Amazon.com - I’m leaning to this device right now. I already have a rock-solid WiFi router downstream so I don’t really need/want an all-in-one device.
• Motorola SB6121 SURFboard DOCSIS 3.0 Cable Modem - Amazon.com - This was the model recommended by Tony Lee. It is was replaced by the SB6141 model but is still available at about $25 less than that model.
• Motorola SURFboard Gateway SBG6580 DOCSIS 3.0 Wireless Cable Modem - Amazon.com - Also highly recommended, but as I said, I really don’t need the built-in Wi-Fi features.

Thoughts?

--Claus Valca

Read More

Saturday Linkfest - Cold Pizza Edition

The other night on my way home from work, I was tired and exhausted. I didn’t feel like going grocery shopping for dinner so I punted.

I stopped by the pizza parlor, grabbed three large pies. We ate one for dinner, then have been snacking on cold-pizza leftovers for the past two days.

I’m almost out of slices so I guess it will be to the grocery store tomorrow for some real food again.

USB-based Windows System Install Options

The other day at work, a co-worker asked me for some feedback on a particular problem they had at home.

Seems that he had decided to upgrade (actually a fresh install) a laptop from Windows XP to Windows 7. Only problem was the CDROM drive was in pretty bad shape, and all he had was optical install disks. So how could he get the upgrade on.

Although I supposed he could find an external USB-based CD/DVD-ROM drive to use, that seemed like an unnecessary purchase. He did have a working Windows desktop system, however, so the solution seemed quite simple: create a bootable USB drive with the installation media present. Boot the laptop from the USB drive and install away!

So here are three methods to accomplish that task; full-hands on, Windows tool, and automated utilities.

If you are game and want to learn a bit of the structure of creating such a tool, then this TechRepublic post is perfect: How do I ... create an installation flash drive for Windows 7? I noticed it doesn’t have instructions to make the partition/device bootable via bootsect. BOOTSECT /NT60 <usb drive letter>    (Where <usb drive letter> equals your USB device).

Microsoft has a nice and simple tool to assist you with the process: Windows 7 USB/DVD download tool.  This guide How To Create Bootable Windows 7 USB To Install Windows 7 From USB Flash Drive (Using Windows 7 DVD/USB Tool) from Into Windows provides a nice walkthrough of the process.

Finally, there are some specialized utilities that give you a bit more control over the creation process. I particularly like these two:

• WinToFlash - Install Windows from usb - Home page
• Rufus - Create bootable USB drives

Piece of cake.

ForSec Bits

• EMET 3.5: The Value of Looking Through an Attacker's Eyes - ISC Diary - This was a fascinating post about the Microsoft Enhanced Mitigation Experience 3.5 toolkit and how it can leverage additional anti-malware protection on systems. I’m not sure a site-wide deployment would make a lot of sense, but for workbench systems and testing it might be a smart move to consider.
• Hunting Down and Killing Ransomware - Mark's Blog. Mark Russinovich provides an excellent technical review on dealing with scareware/ransomware infections on a system.
• A picture worth a 1000 barcodes? - ISC Diary - be careful what you post!
• Adobe Security Bulletins Posted - Adobe Product Security Incident Response Team (PSIRT) Blog
• Microsoft and Adobe close almost 40 holes - The H Security: News and Features. Time to patch Windows and Adobe holes again!
• Carving Station – RAR Files - M-unition. Mary Singh has a highly in-depth post coving file-carving from unallocated disk space. Not exactly light reading, Mary provides some excellent coverage on this topic.
• Freeware Release: Redline 1.7 - M-unition. New version released. download page
• TeamViewer 8 - Forensic Artifacts - Useful information on system artifacts left by TeamViewer 8 usage.
• You down with LNK? - SpiderLabs Anterior

Installing Stuff

• How to install Ubuntu on Acer’s $199 C7 Chromebook - Ars Technica
• Installing Windows XP to SSD - TinyApps.org
• Repurpose PCs with Windows ThinPC - Anything about IT (via tip from TinyApps bloggist).  See also AnandTech - Windows Thin PC: Windows, Slimmed Down

Tips for Techs

• No sound from Google Chrome: Adobe Flash issue and workaround - MarkWilson.it
• Easily Fix Or Delete Broken Desktop & Start Menu Shortcuts - AddictiveTips. Uses NirSoft tool ShortcutsMan for housecleaning.
• Free e-books for Windows administrators (updated) - 4sysops
• 150 Best Windows Apps Of Year 2012 - AddictiveTips
• Standalone Sysadmin - blog.  TinyApps bloggist pointed me to Matt Simmon’s great website a while ago. In addition to the great posts, Matt also provides a super-handy List of Subscribed Feeds covering all kinds of tech/sysadmin/forsec goodness. If you are new to RSS feeds and need a great “seed list” to get started with, look no further. Matt also provides a more current OPML file for use. Whew!

Network Monitoring

• PCAP Files Are Great Arn't They?? - SpiderLabs Anterior - fantastic examples of tshark-fu and other tricks for extracting great data-points out of PCAP files.
• Filtering with Message Analyzer - MessageAnalyzer Blog. It’s been a while since we have seen much chatter regarding the replacement for Network Monitor. Paul E Long has some great tips for filtering in the new tool; especially useful for those used to filter use patterns in Network Monitor. More posts promised soon.
• Installing Wireshark 1.8.4 and WinPcap 4.1.2 on a Windows 8 System - Moon Support Weblog

Tools, Utilities, and Updates

• Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61 - Sysinternals Site Discussion
• GMER 2.0 arrives - BetaNews review. Rootkit detection tool now adds support added for Windows 8 and x64 systems. GMER download pager
• JavaRa Definitions Updated - SingularLabs - Use these with JavaRa to help install/update/remove Java Runtime Environment installations on your systems.
• Dev Eject - version 1.0.26 beta - this is a fantastically clever tool that can not only help you eject removable devices from Windows, but it also can tell you specifically what is causing (locking) the device from ejection.
• Oracle VM VirtualBox - Now at version 4.2.6. Overview of significant changes: VirtualBox 4.2.6 delivers many fixes - BetaNews.
• TightVNC: What's New in TightVNC - Now at version 2.6.4. Download TightVNC
• DMDE (DM Disk Editor and Data Recovery Software) - free/$ versions - Interesting advanced file recovery tool. The free version is pretty limited but is a good place to start and play around with. Portable so no installation required. DMDE is a handy free data recovery tool for Windows experts - BetaNews review.

Firefox News

• Mozilla to Continue 64-Bit Windows Firefox Builds - Firefox Extension Guru's Blog
• Private windows coming to Firefox - Mozilla Links

Cheers!

--Claus Valca

Read More

Thoughts on Chrome(ium) Privacy Attainment

It is no secret to GSD blog fans that I’m a heavy supporter/user of Firefox browser. It remains my primary workhorse for web surfing. Updates come pretty steadily and performance and stability issues haven’t been an issue for me. Plus the specialized add-ons I use make it super-handy.

That said, the Google Chrome -- specifically Chromium Dev build -- is the browser I launch when I want to do mindless web surfing, or leave a full-screen web-page up while I am monitoring something specific.

When I help a friend/family-member set up a new system, I always install and give a walkthrough of Chrome. More times than not they quickly come to prefer it over Internet Explorer.

In fact, one of the only reasons I don’t use Chrome(ium) more is the continued (and probably “forever”) lack of a bookmark-sidebar option that Firefox has.  With my personal bookmarking/blogging habits, that feature is a “must-have.” Lacking that, hard-core regular usage of Chrome remains an exercise in frustration.  More on my attempts to overcome this in a follow-up post.

On my system I have kept two (portable) build versions of Chrome; Chromium (Dev) and SRWare Iron.

I use and prefer Chromium builds because they are updated quite frequently. I have been a long user of SRWare Iron because the developer has offered out a list of specific privacy feature enhancements under the hood that you don’t get with Chrome versions.

Additionally, there is Comodo Dragon Web Browser also based on Chrome and providing some additional security/privacy features. However I don’t use this version.

Chrome Flavors - Full Install versions

These versions will install a “full” version directly onto your Windows system

• Chrome Browser - Download current Chrome browser release version
• Chromium - The Chromium Projects (overview)
• Download Chromium - Download current Chromium browser release version
• SRWare Iron - Download a “privacy-enhanced” version build of Chromium
• Dragon Internet Browser - Download a “privacy-enhanced” version build of Chromium; includes “Domain Validation” feature from Comodo, cookie/web-tracking & browser download tracking for privacy.

Chrome Flavors - Portable versions

These “no-install” versions allow you to take your Chrome-browser with you on a USB stick…or if you just want to run it locally without installing onto your Windows system.

• Google Chrome Portable - PortableApps.com.  The main version level is right there at the top. This is the “mainstream” Chrome version. Scroll down a bit on the page and you will find  additional download links for portable versions of Chromium (Dev) and Beta release versions. This is the source of the Portable Chromium (Dev) package I use/update.
• Chromium Portable - This is another portable Chromium (Dev) package another group maintains.
• Iron Portable - Download the PortableApps.com version of SRWare Iron
• SRWare Iron - Look carefully and there is portable version (zip) offered on the developer’s download page.
• Comodo Dragon Portable - Basically this forum tip says to just download the regular version and pay attention to choose the “portable” version install option while doing so.
• Sandcat Browser - Syhunt. This is a specialized portable penetration-testing oriented web-browser based on the Chromium browser. Supports live HTTP Headers, request editor, fuzzer, JavaScript Executor, Lua executor, PageInfo extension, HTTP brute-force, CGI scanner scripts, and much more

Updating Challenges

I also have a bit of an OCD app updating problem. If there is a newer version out -- particularly important with browsers and browser-plugins for security reasons -- I download and apply.

This is a challenge for both my portable Chromium and portable SRWare Iron builds as they don’t have/support in-app updating. So I have to watch the webs/feeds for signals a new version is released then manually update them.

As of this post date, Chromium Dev is at 25.0.1364.29. SRWare Iron is at 23.0.1300.0.

So to remedy the issue I keep an eye open of the Chrome Release blog (via my RSS feed reader). Then I pop over and check the direct download page for the source of the particular portable version I use and snag it when it appears..usually just a few days later.

• Chrome Releases - Chrome release notice blog
• Google Chrome PortableApps / Additional Versions - SourceForge.net file repository downloads
• Chromium Portable - SourceForge.net file repository downloads
• SRWare.net • View forum - SRWare Iron Support (English) - New version releases noted at the top.

Rolling your own Privacy Build of Chrome - Overview

So, what I want to have is all the privacy enhancements of SRWare Iron but in the “current” level of Chromium (Dev) and on a regular basis. Could I manually tweak-out a Chromium installation to achieve the same (or similar) privacy gains? 

One of the nice things of SRWare Iron is that the developer does all this work for you under the hood. But if like me you are comfortable making lots of browser configuration changes manually, and don’t mind doing some research, maybe you can get to the point of having an up-to-date Chrome-based browser with most/all of the features the SRWare Iron version has.

Aside: This isn’t really meant to be a discussion on creating an “ultra-secure/private” web-browsing experience in Chrome. I’m not seeking a completely “stealth” web-browsing experience. I’m not interested in setting up proxy/TOR sessions to try to bypass network/ISP tracking, nor is it to discuss the merits of “in private” mode browsing and all that. Who really knows what/how-much deep-packet inspection and logging at ISP’s may be going on. Rather, this attempt is to reasonably minimize the number of tracking features normally encountered in standard web browsing sessions. Yes, those “features” can be used by ISP/web-sites/content-providers to “enhance” your browsing experience in serving customized web-content, advertisements, and search-results specific to your browsing habits. That may be a good thing or not depending on you perspective. I personally to prefer to pour my coffee black and then add cream/sugar/etc depending on my mood. Same with my browser.

I started looking at the list of primary feature comparisons provided by SRWare; Chrome vs Iron.

Once I was familiar with these items, I started hitting Google to see how I could make each change manually. I soon found what I was looking for.

My plan was to post a link to explain how to achieve each setting.

But then as I dug just a bit deeper, I started finding some interesting discussions about recommended security and policy settings for Chrome builds; as well as some updated comments on the relevancy of the items targeted in SRWare Iron.

So instead, I’m posting links to those as I think this approach will allow someone to better (and more easily) create a customized privacy/browsing configuration for their own Chrome usage needs.

• Google Chrome Privacy Whitepaper - Provided by Chrome, this excellent web-page outlines just about all the most critical features in Chrome/Dev that interface with Google and/or third-party services and sites including,
  • “Ominibox” predictions - how to enable/disable
  • “Chrome Instant” - search results and in-line prediction serving/logging
  • Google search locale
  • Phishing/malware protections - how to enable/disable
  • Navigation error tips - enable/disable
  • Google Update - (and those component ID tags)
  • Installation tokens, Promotional tags/tokens
  • Usage stats and crash reports - enable/disable
    
• SRWare Iron Browser - A Private Alternative To Chrome? - InsanityBit - I found this post to be very helpful in understanding the benefits that I was seeking to have in SRWare Iron. It is pretty clear the writer takes a position against SRWare Iron’s advertised benefits over stock Chrome/Chromium builds. After reading you can do additional research and come to your own conclusions. I found it very helpful and it led me to personally drop using SRWare Iron and just stick with my own tweaked-out version of Chromium.
  
• Chrome vs Iron (Privacy Comparison) with Poll for Chrome users - MalwareTips forum - This discussion thread contains discussion (and content) based on the previous link. It also touches on the Dragon build version, and has some screen shots of privacy features options in Dragon.
  
• Google Chrome Security Settings and Configuration Guide for Enterprise - Root777 - Ajit Gaddam has a really super post that outlines recommendations for a more secure enterprise deployment of Chrome. Even if you aren’t deploying it in an organization, I found the discussion and points super-helpful. Lots of background information. Some changes are made in Group Policy Editor, but there are tips that can be followed for manual configurations.
  
• Policy List - The Chromium Projects - List of policies that Chrome refers to and uses. Note that Chrome and Chromium policy settings will have different locations in the Registry depending on build.

Rolling your own Privacy Build of Chrome - Assistive Tools and Tips

If you don’t like the idea of making a lot of manual setting and configuration changes, then there are a number of excellent utilities and Chrome extensions that can assist you with the process.

In fact, these may be the only tools and tips most average privacy tweakers of Chrome need.

• How to remove Google Chrome installation ID for anonymous surfing? - TechTrickz - These are two older tools that remove the unique “client_id” for your chrome browser. I can’t find a direct link to Abelssoft’s UnChrome tool any longer but some download sites still have it. Chrome Privacy Protector from Aquila is still around Chrome Privacy Protector. I don’t know if these will work with “portable” versions of Chrome or not.  In fact, according to this post Chrome to ditch unique ID, sort of via The Download Blog back in 2010, this feature should now be ditched.
  
• Privacy manager - Chrome Web Store - I really like this Chrome add on. It provides awesome granular control over primary privacy settings, cookie handling, and some network behavior. I can’t believe I haven’t been using this tool from the very beginning! For a deeper review, see this AddictiveTips blog post: Privacy Manager: Chrome Security Settings & Junk Data Cleaning.
  
• Privacyfix by Privacychoice - Chrome Web Store - this Chrome add-on allows you to make specialized privacy setting tweaks to your Chrome browser. It is really easy to follow and does a great job explaining the options and makes it easy to change/restore the settings depending on what you need to accomplish.
  
• Adblock Plus - Chrome Web Store - Block most ads in Chrome and the tacking stuff that comes with them.
  
• FlashBlock - Chrome Web Store - Block Flash media from auto-launching without your permission.
  
• Google Analytics Opt-out Add-on (by Google) - Chrome Web Store - Use to instruct Google Analytics JavaScript to not sent any info about the website you are on to Google Analytics. More tips and background on this particular privacy subject here: Keep Google From Tracking Your Every Move Online - How-To Geek
  
• How to Optimize Google Chrome for Maximum Privacy - How-To Geek - Additional tips and info on tweaking Chrome for privacy.
  
• How to Set your Google Chrome for Maximum Privacy|Set google for privacy - Hack How - Additional tips and info on tweaking Chrome for privacy.

Cheers

--Claus V.

Read More