Lazybit

SIM Manager 2.5 is finally here, so far it is officially available only as an English version, but the other versions are on their way; it can be downloaded from this address: http://files.dekart.com/RC/SIMManager-25-RC2.exe So, what's new?

3G USIM extended phonebook support

SIM Manager is able to read all the 3G phonebook details, including the extended fields:

• second name;
• group;
• second number;
• second number category;
• email.

(click to view larger version)

(SIM Manager's edit USIM contact dialog)

A group management and secondary phone category tool is included as well. Now you can unleash the full potential of your 3G USIM card, explore all its contents and use its features to the maximum.

The best part is that you have all these contact details at your fingertips, you can manage them easily, using the full power of a computer (a real keyboard, a large screen) - no need to go through the pain of trying to do this with your phone's tiny keypad.

PLMN management

A PLMN is a "public land mobile network", and every SIM card contains several lists of mobile operators to which it will connect or not.

(click to see a larger version)

SIM Manager can help you manage the list of mobile networks to which the phone is not allowed to connect (FPLMN) and the list of networks to which it will connect if they are reachable (PLMN).

How is this option going to benefit you? It's primary purpose is to help you keep your bill under control.

When you travel, you leave your operator's network and enter the network of a partner mobile operator that has a roaming agreement with your mobile company. Agreements with different operators can have different fees, therefore it is in your best interests to choose the one which is the cheapest for you.

Use the FPLMN (Forbidden PLMN) list do indicate to which mobile networks you don't want your phone to ever connect. This list should include the serious offenders who charge a lot for their services.

The PLMN list contains a list of mobile networks to which your phone will try to connect when they are in range. First it will try to connect to the first network, if that fails - to the second one, and so on. With SIM Manager you can prioritize this list and change the order of preferred mobile networks.

The lists of mobile operators will contain some details you may find interesting, such as: the MCC (Mobile Country Code) and MNC (Mobile Network Code) of each operator. You can also determine the country and the name of each mobile network.

Armed with this tool, you can make sure that your vacations will never be ruined by the bills again - you have an instrument that gets you in control of the situation, so accidents simply won't happen.

Detailed reports

SIM Manager can generate a printable report of a SIM card, containing the entire phonebook, the SMS archive, as well as the lists of mobile networks.

This comes handy if you need a hard-copy for archival purposes.

 

Other changes

The new version includes several bug-fixes, as well as changes in the interface (now there is a Dutch translation, as well as a reviewed German and French interface).

So, you and your employer are not on good terms anymore and you think it is payback time? Here is a beginner's guide to expressing disagreement.

Disclaimer: the article does not focus on the moral and legal side of the issue, the focus is purely technical.

Note: a complementary article for employers will follow shortly, but if you're sharp enough you can derive the protection methods from this information.

The options are different, but if you're in the IT industry, the common choices are:

• change all the passwords and do not disclose them;
• delete all the data;
• encrypt all the data;
• apply subtle changes to the systems configurations, so that they seem to be working right, but somewhere deep inside a problem is waiting to happen;
• share private data with your employer's worst enemy.

Change all the passwords

It is a matter of time before they find a new person who knows how to apply the password reset procedure - most (if not all) systems have one. Sometimes it is as easy as reading the manual (which they should've told you to write in the first place) and following the instructions.

As an IT expert, you are aware of the fact that if someone has full physical access to a system - they can override pretty much every security measure.

Cons:

• it is a matter of time before they reclaim access to the resources. Since the bridges are already burnt down - your image suffers badly, your future employment opportunities are quite shady. You gained nothing.

Pros:

• easy to implement;
• it is more difficult and time consuming to get past this if there are remote resources (ex: servers) controlled by other companies, in other timezones;
• once they get everything back and sue you, you can say "I didn't want it to be serious, so I chose this trivial method" [then pray they'll buy that].

 

Delete all the data

This is a better approach, because in this case there is nothing to recover. They can have the passwords for every server, the key for every door - but there is nothing to be found behind any of the doors.

Cons:

• there are backups, you'll have to delete those too, thus there is more work to be done;
• there are data recovery techniques, you'll have to make sure they won't work
  • destroy the data (crash the hard disks; burn the DVDs, literally);
  • wipe the data - wiping is the process of deleting data, then overwriting it with other data, to prevent recovery software from being able to retrieve the original files. In spite of the belief that you need multiple overwrite-passes to make a file impossible to recover - even one pass is good enough.

Pros:

• the more time passes since the files were deleted, the more difficult it is to recover them. The employer will feel a lot of pressure because they have to do everything fast, or they'll have to disrupt the service for a while. This should make it evident for them that they should've given you the raise you asked for, it would've cost them less;
• if you were unprofessional enough to not make those regular backups, the employer will understand that they made more mistakes than they originally thought, one of them was that of employing you in the first place.

 

Encrypt all the data

This is an extension of the previous method, and it is psychologically more aggressive, because this time they know they have the files, and "all they need" is the password. This gives them the false feeling that they're almost there.

Cons:

• encrypting data takes time, especially if there are large amounts of it;
• you may be foolish enough to use an encryption program that has backdoors in it - which makes your effort useless;
• the employer may have keyloggers installed on your systems, thus they will be able to find the password - rendering the exercise useless again;
• if you use a weak password - they can guess it or brute-force it.

Pros:

• the method is meaner than simply deleting the data;
• even if they have full physical access to the system - it does not help them;
• if you are sure that you are using the best encryption program that does not have any backdoors and employs the best encryption algorithm, you're safe;
• if you use a smart card to encrypt the data, any brute-force or dictionary attack attempts will be futile.

 

Apply subtle changes to the systems configurations, etc.

If you need an example of this, remember the movie "Office space" to get an idea about how this is done.

Cons:

• they won't know you've had them, because these backdoors are so subtle - thus you lose some of the moral satisfaction;

Pros:

• when the new guy shows up, it may take a long time until the flaws are revealed (especially if you were insightful and weren't kind enough to document what you were working on, making it difficult to understand the system you left behind);
• you can exploit these flaws for many years, and perhaps get some benefits out of it. If you're not greedy and keep everything below the radar, you may never get caught.

 

Share corporate secrets with the competition

If you are not bound by an NDA, they won't be able to use this against you.

Cons:

• if you don't keep this low profile, future employers won't be able to trust you, and your career may not get far from where you're standing.

Pros:

• if there were no NDAs, technically you succeeded in making them suffer without breaking the law.

 

Final thoughts

All the methods above have one thing in common - you'll have to pay for it sooner or later, and there is no approach that enables you to get away scot-free.

I do not encourage employees to cheat their employers (and vice-versa), I consider that a direct dialogue is the best way to solve a problem, as well as to prevent it from happening in the first place. This article must not to be used as legal advice.

A new release is going to be made public in the nearest future - Private Disk 2.11 is here. This version brings us one step closer to Private Disk 3.0, adding some new features.

Private Disk Explorer is the major new feature of this release - it enables you to access your encrypted disks even on systems where you don't have administrator privileges.

Yes, that's right! Private Disk is the first program of its kind that can run on any computer, in any circumstances; from Windows 9x to Vista and the not-yet-official Seven - your encrypted files are at your fingertips.

 

You will be able to explore NTFS and FAT32 images, regardless of their size, having the possibility to add new files to an image, remove existing ones or replace them with updated versions.

From now on Private Disk is unarguably the best option for those who need rock-solid encryption and mobility.

Other changes include:

• faster start-up times - the 2.10 had a noticeable delay in its start up time, caused by the run as a service mode. This problem has been addressed, and now Private Disk is as quick as snappy as it used to be in the old days.
• improved Disk Firewall mechanism - Disk Firewall is another unique feature of Private Disk, we continue to tweak it and bring it closer to perfection, and to what it will become in the 3.0 version of Private Disk. In the 2.11 release the Disk Firewall is quicker and more stable.
• better portability support - in 2.10 we added a feature that created encrypted key backups automatically when the image was mounted; this feature is a great idea, but it lead to errors in cases when the image was stored on read-only media, thus making it impossible to write the backup somewhere. This problem has been fixed now.

Overall Private Disk became more polished and more reliable. Currently only the English and the Russian versions are available, other language versions will follow shortly.

PD Explorer is a free tool that enables you to explore Private Disk encrypted images even in the cases when Private Disk is not installed on the computer, even if you don't have administrative privileges.

You can view the contents of the encrypted disk, write or remove files from it - as you can normally do with an archive such as a ZIP file.

It is extremely simple in use, making it easy to add new files to the encrypted vault, delete or update existing files.

PD Explorer is compatible with NTFS images of any size, there are no file size restrictions, nor are there limitations about the maximum number of files that can be processed.

PD Explorer is a available for free, you can download it right now.

Most of us think that we're stuck with the letters assigned to the partitions by Windows - and that cannot be changed. C: will always be C: and D: will always be D:, etc.

If you are a Private Disk Light user, you may run into a problem - the disk cannot be mounted, because the letter it was supposed to be mapped to is already in use. Since Private Disk Light doesn't allow you to change the disk letter of the encrypted disk - you cannot access your data. There are several solutions to this problem.

Make sure the letters are available

Use the standard Disk Management tool (Start\Run\diskmgmt.msc) to modify the drive letter of an existing partition. You will see that letters can be changed at will, unless you're trying to change the letter of the system disk (in this case you will be trying to cut off the branch upon which you are standing).

Note that if you use NTFS, the partition can be mapped to a folder on another NTFS drive, not necessarily to a letter. Also, some partitions may not have a letter or a folder to which they are mapped - of course, the obvious disadvantage is that you won't be able to access them.

 

Install Private Disk (the non Light version)

With Private Disk, you get a lot of other security features, as well as many other handy features - among them is the possibility to edit the settings of an image and change its disk letter.

This approach is the opposite of the one. In the previous case we make available the desired letter, while in this one we "desire another letter".

You don't have to actually buy the program, you can make the changes while still in the trial mode (which is fully functional), and then go back to Private Disk Light. If you decide to stick to the full version, don't forget that you can get it for a discount.

Private Disk Explorer

PD Explorer is a new tool that is perfect for this job, if what you need is to simply extract the files from an encrypted image. Note that PD Explorer works with NTFS images, so it is not applicable if you have FAT32 or another file system.

This encrypted image browsing tool is not yet officially released, but you can get a copy from our forum.

Use another computer

Private Disk and Private Disk Light are both portable programs - they can run from removable disks without installation enabling you to encrypt a USB flash disk or a CD; all you need is another computer on which the disk letters you need are not in use.