<html lang="en">
<head>
<title>Security</title>
<link rel="stylesheet" type="text/css" href="/Styles.css" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="revisit-after" content="14 days">
<meta name="robots" content="index,follow">
</head>
<body vlink="#FDEFFC" alink="#FDEFFC">
 <meta name="viewport" content="width=device-width, initial-scale=0.9">
<table width="77%" border="0" align="center" bgcolor="#545454"><tr><td>

<table width="100%" border="-1" align="center"><tr><td><div align="center">
 <a href="/index.php" title="Home" style="border-style: none; color:black;"><img src="bande.jpg" style="max-height:auto; width:100%;"></a>
</div></td></tr></table>

<table width="100%" border="0" align="center">
<tr bgcolor="#717171"><td width="1%">
  <!-- Fichier à inclure dans une <table> d'un fichier .php et avec la commande ?php include('/translate.inc.php'); ? 
Zn 2022, cela ne fonctionne plus
<a title="Traduire en français" href=
http://translate.google.com/translate?sl=en&tl=fr&js=y&prev=_t&hl=fr&ie=UTF-8&u=http%3A%2F%2Ftransfiguro.free.fr/pc/secu2.php&edit-text=  target="_blank">
<img height="55" src="/translate.jpg" alt="Click for English" style="margin: 0px; border: #000 0px solid;" class=" noAlign"></a>

-->
 </td><td width="99%" align="center">
  <h2><center>Internet and security</center></h2>
</td></tr></table>

<table width="100%" border="0" align="center">
 <tr  bgcolor="#717171"> 
  <td>
   <div align="left"> 
    <p>Big problem! Obviously, the connection to internet on your computer is the place through which most of the malware that will install itself on your system will pass,
	far ahead the other sources: U.S.B keys, floppy disks, hard drives, and other removable media.
	This means that the real security problem posed by the internet come from yourself and your habits:
	it’s because you’ll be going to certain sites that are real user traps, or click on links in emails you receive,
	that you may infect your hard drive.</p>
   <p>If, as I recommend in the section <a href="secu.php">"Security, spywares, viruses, worms and other malicious parasites"</a>,
   you installed "MalwareBytes anti-malware", and not an ordinary anti-virus like Norton or Avast, you already have a curative but not preventive tool.
   With "Sentinel", you can detect a malware that has just been copied to the computer. However, it would obviously be better to never have one,
   wouldn't it? Yes, but how to do it ?</p>
   <p>The solution often mentioned is to talk to the user like to an idiot, by installing a powerful anti-virus (often Avast for individuals),
   to turn the computer into a fortress. Except that it doesn't always work. Let's take an example : you receive a seemingly official email,
   which informs you that the direct debit of your last bill has been rejected by your bank, and who asks you to pay as soon as possible,
   otherwise you will have additional costs, or even an end of service. This email kindly suggests, to immediately rectify the situation,
   to click on a link and fill out a form. You click, your browser launches and displays a page that looks exactly like a real official page.
   A form is there, you enter your personal information: surname, first name, address, customer number, bank details, bank card number, ...
   The trap closes on you: you have just given your credit card number to a thief in a far country.
   He will use your number to make purchases, and YOUR account will be debited.</p>
   <p>Therefore, you should <u>never</u> click on a link in an email.</p>
   <p>The internet addresses of your important sites, those of your bank, your taxes, your electricity, ..., must be absolutely safe.
   You can of course use your browser's favorites for this. Suppose you have bookmarked your bank's website address. 
   You receive an email that could really come from them. You launch your browser, you click on the right favorite, 
   you really log into your account, and see that everything is fine for you. You have just escaped a phishing attempt.</p>
   
   <p>But we can do much better. Imagine a program that stores the address of your important sites, your logins and password,
   which allows you to transfer this information to your browser by copy / paste or by emulating the keyboard,
   and whose database would be encrypted and protected by a single master password. When you receive a suspicious email,
   you run this program, and you click on the correct and valid internet address stored with your account data.
   Your browser will launch automatically and display the page for this address;
   then you copy / paste your username and password: you're on your real account even if the email was trying to take you somewhere else,
   and you didn't have to remember or type your account codes. This type of software exists. I present here two of them,
   the best known and the one of which I am the author. The most famous is called <a href="http://keepass.info">Keepass</a>.
   Keepass is portable, so without installation, and can be copied to a U.S.B. key. (avoids the risks due to keyloggers on other computers than yours).
   <br>
   <center><a href="http://keepass.info"><img src="keepass.jpg" style="max-height:auto; max-width:100%;"></a></center></p>
   <p>It is open source, like most software I am talking about. I suggest you try version 1, because someone would have found a security failure in version 2,
   but not in version 1, if my information is true.</p>
   <p><a href="/getfile.php?dossier=/pc&nom=keepass1.rar">Download Keepass 1.16</a> - 1.22 Mo -.</p>
   <p>Note 1: to protect the access to Keepass, you will need to have a password. But how not to need to type this on the keyboard?
   More generally, how to enter a password without typing it on the keyboard? Answer: using a virtual keyboard, that appears on the screen,
   and on which we can click on each letter of the password, but it should not communicate by emulating the physical keyboard,
   so that a keylogger cannot record anything. This is not the case with the one supplied with Windows, or any known software.
   The virtual keyboard should be integrated into the application managing passwords. This is not the case for Keepass, or any other known software,
   except the one I wrote, <a href="gdperso/gdperso.php">GDPerso</a>, which plays the same role as Keepass, but is safer. GDPerso is the best solution for you.</p>
   <p>Note 2: have a U.S.B key permanently connected to your computer, and put some important personal items in it like GDPerso.
   When you leave home, take your key with you. You will be safe from a hard drive failure or a thief;
   never be someone who can lose everything.</p>
   <hr>
   <p>Not being completely satisfied by Keepass and other similar software (Keepass is the most studied software by hackers, hackers reportedly successfully attacked Keepass2,
   and I do not find secure the transit of full passwords through the clipboard, neither the encryption methods used, which may turn out to be weak in the future),
   so I developed my own program for managing passwords and other personal data. It is designed to be an answer adapted to my needs, which can also be yours.
   I wanted it simple but practical, and fully secure if used correctly (you may not have to pass all the passwords through the clipboard,
   it has a virtual keyboard invisible to keyloggers, and I'm using an undecipherable secret key encryption method, even in the future).
   It's an interesting alternative to Keepass. Its name is GDPerso. You can read more on <a href="gdperso/gdperso.php">this page</a>.<br>
   <center><a href="gdperso/gdperso.php"><img src="gdperso/ecran1b.jpg" style="max-height:auto; max-width:100%;"></a><br>
   <i>Screen capture with multiple instances of GDPerso simultaneously.</i></center></p>
   <hr>
   <h2>Advertising, spy and internet:</h2>
    <p>User surveillance, done on a large scale by almost all news and sales sites, also poses a security problem.
	Already in 2013 we could for example find a call to the following sites on a page of a large newspaper:<br>
	-AT Internet,<br>
	-Brightcove,<br>
	-Facebook connect,<br>
	-Google +1,<br>
	-Google analytics,<br>
	-Ligatus,<br>
	-LinkedIn widgets,<br>
	-Smart ad server,<br>
	-Twitter button.<br>
	No fewer than nine different ways to spy on the user for a single page, this is where we were already in 2013.
	Today is even worse. The internet is even dirtier, and it is very sad.
	These links are often used to record your visit to a page to deliver statistics to the site that makes the page available,
	to display targeted advertising according to the profile created for each user, or social media sites or search engines to collect data.
	By visiting other internet pages with the same spies, they have a detailed profile of your habits, your tastes, your favorite sites,
	the subjects that interest you, what you buy, etc. There may also be malicious spies, it's hard to know, but it is possible.
	Remember, if something is technically possible, sooner or later there will be ill-intentioned individuals or companies exploiting it to their advantage.
	So, what to do? I recommend three precautions:<br>
	-First, use a browser that fights against spying and unwanted advertising. I am now using <a href="https://en.wikipedia.org/wiki/SRWare_Iron">Iron</a>,
	Slimjet or Firefox from a few years ago, in portable versions without installation.<br>
	-Second, block unwanted ads with <a href="https://github.com/gorhill/uBlock/wiki">uBlock Origin</a> installed as a browser extension.</p>
	<hr>
	<h2>Go further with Proxomitron:</h2>
	<center><img src="proxom.gif" style="max-height:auto; max-width:100%;"></center>
	<p>If you think that is not enough, if you wish to manage the blocking yourself by a customizable and powerful textual way, and you're ready to think,
	I suggest you another tool, old but powerful, and, it seems, has been forgotten since the death of its author, Scott R. Lemmon. It is the software proxy named Proxomitron.
	It is a small program to launch at the start of your work session. It is placed between your browser and the internet, to filter everything that is displayed.
	Proxomitron allows you to control your internet connection, according to the rules YOU have chosen.</p>
	<p>This software does not require installation program: just copy the contents of the archive to your hard drive,
	and launch Proxomitron.exe automatically when Windows starts, for example using the task scheduler or <a href="/pc/jtaches/jtaches.php">my JTaches program</a>.
	To have your browser address it instead of directly accessing your connection, configure the internet options in the control panel (for Internet Explorer and Chrome),
	or change the browser options (for Firefox and Opera). You must connect to the "localhost" address and to port 8080 for http and https access.</p>
	<center><img src="proxomitron.jpg" style="max-height:auto; max-width:100%;"></center>
	<p>The file named "URL Killfile.txt" in the "Lists" folder of Proxomitron is a text list that you can modify to define your own filtering rules.
	For example, to block ads displayed by links containing the word adserver, add the line * adserver *.<br>
	The options called "Outgoing Header Filters" and "Incoming Header Filters" allow you to modify the response that your browser provides to certain requests from the sites visited,
	like its name, the name of your operating system, but also to filter animated GIF images. There are many other possibilities that I cannot explain here.
	I therefore advise you to look at the documentation (<a href="http://www.proxomitron.info/45/help/Contents.html">available here</a>).</p>
	<p><a href="/getfile.php?dossier=/pc&nom=Proxomit.rar">Download Proxomitron</a> - 3,98 Mo -.</p>
    <p>Gift to reward your efforts: by blocking intrusive ads and spywares, you will reduce the amount of datas passing through your connection,
	and you will load the web pages faster. Have good surf in peace!</p>
   </div>
	<hr>
    <center><a href="/merci.php"><img src="/don.jpg"></a></center>

	
  </td>
 </tr>
</table>
<table width="100%" border="0" align="center" cellPadding="6" cellspacing="1" bgcolor="#717171"><tr bgcolor="#545454">
 <td bgcolor="#545454"><p><a href="/pc/pc.php">SOFTWARE MENU</a></p></td>
 <!-- Fichier à inclure dans une <table> d'un fichier .php et avec la commande ?php include('/stats.inc.php'); ?  -->
   <td align="center">
  <a href="/index1.php"><img src="/home.gif" title="Home"></a>
  </td>
  <!-- Fichier à inclure dans une <table> d'un fichier .php et avec la commande ?php include('/stats.inc.php'); ?  -->
  <td height="20" align="center">
  <a href="/contact.php"><img src="/mel3.gif" title="Contact"></a>
  </td>
  <!--  compteur Xiti --> 
  <!-- Fichier à inclure dans une <table> d'un fichier .php et avec la commande  ?php include($_SERVER['DOCUMENT_ROOT'].'/stats.inc.3.php'); ?   -->
 <!-- Enregistrement de l'adresse IP   -->
    <td align="right">
</td></tr></table>
</td></tr></table>
</body>
</html>