|Read 2G SIM||+||+||+||+|
|Read 3G SIM||-||+||+||+|
|Read Nextel cards||-||+||+||+|
|Clear SIM card||-||+||+||+|
|View SIM properties||-||+||+||+|
|Improved write speed performance||-||-||+||+||Updates||-||-||+||+|
|Cost||Discontinued||Discontinued||Coming soon||USD 29|
What this means:
If you've made up your mind - you can upgrade to SIM Manager 3.
SIM Manager can retrieve the address-book and SMS from the iPhone, via iTunes' backups.
Depending on the firmware version of your iPhone, you can get lucky and recover deleted SMS as well. Take a look at this video for more details:
This procedure does not require a card reader, so technically you can try it out for free - since the trial version of SIM Manager is fully functional during the evaluation period.
Here is a download link for the current release candidate of version 3.0: dl.dropbox.com/u/3258602/DKbeta/SIMManager3-a.exe
Dropbox is a highly effective tool for file sharing and syncing between multiple computers or users. It offers great portability and easy access to your files from, practically, anywhere.
Dekart offers 2 different solutions to protect files on Dropbox.
Both solutions add a new level of security, which saves you in case somebody found out your Dropbox account's password or it got hacked, leaving your data intact. Each has its set of features that make them unique from one another, at the same time, offering the highest grade of protection and usability.
Encrypt files and folders and sync them using Dropbox, and access your secured data from anywhere.
In order to share the sensitive information with users that do not have Keeper, create Self-Extracting Archives and send them the password.
Create encrypted disks for secured file storage, and open private data from work, home or anywhere you have Private Disk installed.
Use the Portable Private Disk feature, to get extra space for your sensitive data to be stored.
We believe people should understand that, nowadays, when information technology is part of everyday life, it is important to keep your data safe.
I often bump into ads in which somebody states that a company can clone your SIM card, or that some wise-guy has the gear needed to clone a SIM card. A slight variation is made by the ads that state that one can make a SIM card hold more than one SIM card [i.e. if you have two SIMs, you can migrate them into one, thus there will be no need to switch cards when you feel like switching numbers or mobile operators].
Why cloning a SIM card is impossible? [for a usual human being like you and me]
Because a SIM card is a smart card, it has an operating system, a microprocessor and a file system. On top of that, it has a great authentication mechanism that allows the card to determine which actions can be carried out [and which ones cannot] by a specific user. Yes – it is similar to an OS with multiple users, in which an administrator [or root] can do anything, while somebody else [say, Guest] can only read a limited number of files.
A SIM card is made of directories that hold files, each file has its own use, for instance, one of them holds your address book, another one – your SMS archive, etc. These files can be read by us – mobile phone owners.
There are also system files, such as the ones that contain information about the secret keys used by the phone to connect to the mobile network. Such data are critical, and they cannot be changed by the user – i.e. by us.
In order to clone a SIM card, every single file must be read, including the ones that hold the low-level secret information. But, as you’ve probably figured out by now – the card’s protection mechanism will simply not allow that data to be read. Just imagine that you’re logged on as a guest, and you want to copy some files that only an administrator can access. For obvious reasons – you will fail.
So, if you really want to clone a SIM card, you need to “log on as an administrator”. Simple - but not possible for the end-user. Here are some extra facts that should help you understand why things are so.
When you buy a SIM card, the operator gives you the SIM card itself, and several codes: PIN, PUK [sometimes also PIN2, and PUK2]. The card is already formatted, meaning that its file system is created and it already contains some data. The PIN is something that allows you to “log on as a guest” and use the resources such as the address book. So there’s no way you can clone the card - insufficient privileges.
But how do mobile operators make changes to the card?
As stated earlier, a SIM card is just a smart card with a special format. Assume the mobile operator buys a thousand smart cards that are 100% empty. From the very beginning, the card manufacturer gives the provider the so called transport key (a.k.a issuer key), which is what is needed in order to perform any operation with the card. Afterwards, a person from the GSM operator formats the cards, creates the needed files, assigns the PINs, etc. and then the SIM cards end up on the shelves of stores and boutiques.
The conclusion is that the SIM card’s transport key is what you need in order to be able to actually clone it. But the problem is that the key is kept secret, for obvious reasons. Think about all the damage that could be done, all the financial scams, and so on.
So, when somebody says they can clone a SIM card, it is very likely to be a false claim, unless that person is an employee of the mobile operator, and has access to the transport keys. Even in that case, you can be sure that it is illegal, because no employee is allowed to disclose such information and use it for personal purposes.
But what about brute-force attacks?
Those won’t work, because a GSM SIM card [like any other smart card] will lock itself if an invalid PIN is entered a certain number of times. Afterwards, you can still unlock the card with the PUK, but if that fails too – the card will permanently lock itself. Meaning that its data are not available, gone, nada, zilch!
Technically, it is possible, all you need is a SIM card reader (or a PC/SC compliant smart card reader), and a hell of a lot of luck – so that you could guess the right key before the card locks itself. But let’s face it; the chance to succeed is probably much smaller than the chance of a pink unicorn materializing right now, right behind you!
Back to our money-making wise-guys – most often, the ad goes like this:
“SIM card clones, any operator, any country”.
Now that’s a bold statement! If it was just a once in a lifetime deal, somebody who can clone a SIM card of a single operator (where they used to work, but got fired, and now they fight back) – it would’ve been more credible. But being able to clone any SIM card means that all the transport keys of all the mobile operators have been compromised, and nobody noticed that.
No, I am not a statistician, but I did do a minor research, which included questioning almost everybody I know (who is technically literate). It turns out that everybody heard about people who clone SIM cards, but nobody has ever seen the process of cloning, or a home-made^ two-in-one SIM card in action.
With that said, ladies and gentlemen, I rest my case.
^ - Strictly home-made, because it makes sense when the operator itself provides such a service [which is not an uncommon thing]
So, you and your employer are not on good terms anymore and you think it is payback time? Here is a beginner's guide to expressing disagreement.
Disclaimer: the article does not focus on the moral and legal side of the issue, the focus is purely technical.
Note: a complementary article for employers will follow shortly, but if you're sharp enough you can derive the protection methods from this information.
The options are different, but if you're in the IT industry, the common choices are:
Change all the passwords
It is a matter of time before they find a new person who knows how to apply the password reset procedure - most (if not all) systems have one. Sometimes it is as easy as reading the manual (which they should've told you to write in the first place) and following the instructions.
As an IT expert, you are aware of the fact that if someone has full physical access to a system - they can override pretty much every security measure.
Delete all the data
This is a better approach, because in this case there is nothing to recover. They can have the passwords for every server, the key for every door - but there is nothing to be found behind any of the doors.
Encrypt all the data
This is an extension of the previous method, and it is psychologically more aggressive, because this time they know they have the files, and "all they need" is the password. This gives them the false feeling that they're almost there.
Apply subtle changes to the systems configurations, etc.
If you need an example of this, remember the movie "Office space" to get an idea about how this is done.
Share corporate secrets with the competition
If you are not bound by an NDA, they won't be able to use this against you.
All the methods above have one thing in common - you'll have to pay for it sooner or later, and there is no approach that enables you to get away scot-free.
I do not encourage employees to cheat their employers (and vice-versa), I consider that a direct dialogue is the best way to solve a problem, as well as to prevent it from happening in the first place. This article must not to be used as legal advice.
From time to time people ask me how to deal with cases of data loss. Usually I tell them about a tutorial that was written for Private Disk - the subtleties of backing up encrypted data. The problem is that data loss can happen to anyone, not only a Private Disk user, so I decided to write another guide, which is more generic, and is about data safety in general. It is true that there are more ways in which things can go wrong with encrypted data (because if you forgot the encryption key you actually lost all the data), there are still plenty of scenarios which can make someone unhappy even if they don't use encryption.
This is a story for those who are aware of the fact that we live in a world where Murphy's laws rule, those who understand the importance of backups, and are looking for a good backup strategy.
If you don't know why backups are important and why you need them, check out the reading material section in the end, or read about Murphy's laws when you have some time.
A good backup mechanism is
These are not mandatory, but having them is a bonus:
Make a list of files and directories that you need to backup.
If you have plenty of storage, you will probably want to backup the entire partition or hard disk, but this is not a good idea because:
Decide where you will keep the backups, these rules must be taken into account:
Here is a sample environment:
Lappie - a laptop which contains the following data I care about
Each time a backup is made, the old backups are pushed down, the fresh backup becomes #1, and the oldest backup is deleted. Note that even though the image says "new files", the backup will include the old ones too. Keeping three older copies is more than enough for the average user, but if you want to be able to travel back in time and see how your files looked like back in '45, you will obviously have to keep more than three previous copies.
To get the 3 features a good mechanism must have, only 2 tools are needed:
Windows comes with a task scheduling mechanism, you can access it via Control panel\Scheduled tasks. There are alternative programs which offer more features, but you will probably want to start with the standard task scheduler because you have it for free and it is already installed. There are reasons that can convince you to choose a different program for this purpose, they will be discussed later.
The tandem is nnBackup and nnCron, both programs come from the same company, they are light and very flexible, providing a broad range of features. They are not free, though there is a special offer for ex-USSR folks, they can get it for free; therefore you might want to take a look at some of the programs described above, or look for alternatives elsewhere.
nnBackup is the program that does the actual copying. You can read about its many settings in the manual, be prepared to make notes on a paper, or in a temporary text file. Once you are done, you will end up with a set of command line arguments that do what you want, for example:
nnbackup.exe verz -n 2 -sdn "onenote" -i D:\Stuff\MyNotes -o \\Servo\backups\Onenote -s -e -sa -zip -v -pc
nnbackup.exe verz -n 2 -sdn "Documents" -i D:\Stuff\TXTs -o \\Servo\backups\Documents -s -e -sa -zip -v -pc
nnbackup.exe verz -n 2 -sdn "trillian" -i D:\Soft\Trillian -o \\Servo\backups\Trillian -s -e -sa -zip -v -pc
And so on... as you can see, all the lines are identical, the only part that varies is the one that concerns the path of the source (where files are copied from) and the target path (where the files will be copied).
For the curious minds, here is what the command line arguments mean in the examples above:
In the same manner, I wrote the commands that will backup my other folders. Whenever I have a new type of data I want to backup, I can copy/paste an existing line and alter it accordingly. All these commands are saved in a BAT file, thus they will be executed one after another. All we need now is to launch this BAT file automatically on a weekly basis.
Watch out! some programs lock the files they use, so the files cannot be accessed by other processes (such as nnBackup, trying to make the copy). In this cases you have to make sure that the application is not running (ex: the mail client must be closed before the backup process is started, otherwise the mail archive cannot be read). To counter this, see if the program in question provides command line arguments (or any other mechanism) that allows you to close it correctly. Once you find out how to do that, perform that action before calling the backup script. If you don't know how to do that, then just close the programs by hand - but note that this goes against our philosophy - the backup must not require human intervention of any kind, because we can't trust humans...
nnCron comes into action now, this program will take care of running the backup script at the right time, re-run it if necessary, check if the network is active, etc. Creating a new task with nnCron is very easy, the screenshots below should be more than enough.
You can play with the other settings too, their names are self-explanatory. You will probably want to use the "host exists" feature, to verify whether the target backup machine is online; there are also various plugins that make it possible to use other conditions when evaluating whether a task has to run or not.
nnCron can keep track of multiple tasks; in this scenario, you will want two different scripts (one for backing stuff up on \\Servo, the other one for \\Hive), each script will have different settings for the time it should be run.
You don't necessarily need another computer for the backups, if you have an external disk, you can use it as the target path (i.e. instead of \\Servo\backups use F:\backups, replacing 'F' with the letter that corresponds to the external disk once it is mounted).
In the beginning you will probably not want to run the tasks in the background, because you want to see the progress of the transfer process, spot errors (if any). But after you do this a couple of times and you're sure everything works as you think it does, you can trust the system and let it work in the background.
The tips above are a set of general guidelines that are supposed to help you understand that good backups are a lot more than just copying and pasting files by hand in Windows Explorer.
A good backup mechanism must be thoroughly analyzed and tested before you can actually trust it. Do not let the apparent complexity dampen your spirits (I refer to finding the right command line arguments), once you get it figured out it is easy; but the most important part is that it is worth it. You will realize that when the first crisis comes and you get over it with no pain, trust me on that one.
Feel free to experiment with other similar tools (I will greatly appreciate it if you leave a comment and share your impressions), there are many of them out there.
Other reading material
Note: all the computer names were made up, coincidences with real world entities are just that - coincidences.
A report published recently by IC3 (Internet Crime Complaint Center), provides a lot of insightful tips to those who often engage in Internet commerce. The study was carried out in cooperation with the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance.
The study is extremely useful, as modern life is a path that will inevitably intersect with the Internet, whether we want it or not. The web helps us - consumers, do things faster and easier; the problem is that fraudsters get the same benefits. As a result, if you fall for an Internet scam, the damage can be of a greater magnitude, and it can be inflicted upon you so quickly that you won't even notice it happened. Here are some numbers that put things in perspective:
It is highly recommended that you look through it and study the charts, and the recommendations section, which explains how to deal with such cases, as well as prevent them from happening. The remaining part of this article focuses on the issue of identity theft, which sadly was not given enough attention in the survey.
It is interesting that the study concludes that identity theft is one of the smaller troubles, as shown in the chart below.
Such a state of things is quite strange, because another study (the Computer Security Institute survey for 2007) found identity theft a much more serious problem. Could it be so that the victims of identity theft are not yet aware of their status?
Another possible explanation is that the scope of the IC3 report is simply different, it focuses on issues that occur after a transaction is complete (i.e. it is assumed that everything was ok before the final click in the process), while the truth is that identity theft has much more serious consequences. There is no need to use fake cheques, there is no need to engage in a long conversation with a "Nigerian scammer", nor there is a need to get involved in auction bidding. With your data in their pocket, a fraudster can do anything in a clean way - the sellers will not suspect that something is wrong, because from their point of view, they are dealing with an honest person, and everything is legal.
Identity theft occurs when someone else uses your personally identifying information without your knowledge or permission, to obtain credit cards, loans and mortgages, buy various products on your behalf, leaving you responsible for the consequences.
To minimize the risk of identity theft, you have to make sure that all the ways in which an identity can be stolen (attack vectors) are taken care of.
2g 3g antivirus authentication beta biometry «blue screen» bsod business data domain driver email encryption «file system» form-filling gsm howto «identity theft» internet iphone keeper keylogger logon mobile password «password carrier» pc/sc portability privacy «private disk» release security service seven sim «sim card» «sim manager» «sim reader» «smart card» software tips token troubleshooting usb usim vista windows wiping xp