security :: Curvve Media Blog

1Password 4: A Secure Vault for your Passwords and Confidential Data

Posted by | Software | One Comment

Why use 1Password?

I consider Agilebits' 1Password to be of my most important, and most recommended apps for Mac OSX and iOS. The premise behind 1password is that you can store all your passwords and important confidential data in a single encrypted location. 1Password also integrates with web browsers to automatically log you into websites using your stored passwords. This means that you can select different passwords for multiple sites without having to remember all of them.

1password4_1-800x456


1Password 4 adds additional encryption and security

Keeping all of your confidential data in a single location might seem like a recipe for disaster. So the real question is whether or not there is a reasonable level of security around the thing you are trying to protect – and I believe there is.

1password4-lock-screen

The team at 1password has updated and hardened their encryption algorithms, so easily decrypting your master file probably isn’t something you should be worried about.

According to Agilebits, 1Password 4 boasts a number of important security improvements, including a new keychain design with 256-bit AES encryption keys and data integrity checks that increase resistance to tampering. The design “forestalls many attacks that haven’t even been dreamt of yet,” AgileBits said.


Your security is only as strong as your master password.

With Agilebits handling the fortification of the wall protecting your data, your single greatest potential weakness in the defense of your data is your master password. If you’re unsure about how to select a strong password, please my tips on choosing a strong password.


New in 1Password 4: Password Auditing

1Password 4 has also introduced really handy password auditing feature which will analyze your saved passwords and let you know if any should be changed. Search criteria include weak passwords, duplicated passwords, and passwords older than a certain time period.

1password-4-security-audit


Dropbox and iCloud sync with your devices

Another incredibly important (and useful) feature is the ability to sync your 1password file between computers and devices using Dropbox and iCloud. Need your passport number or child's social security number when you are not at home? No problem, just pull it up with your 1password iPhone app. 1Password's built in sync will help you create, store, and fill-in passwords across Mac and Windows operating system, and mobile phones. Don’t worry, storing your data on the cloud isn’t something you need to worry about because the data is fully encrypted and you’ve selected a strong master password.

1password4-sync-options


Summary

Bottom line, I can’t live without my 1password. It has become my central repository for all critical information including copies of driver’s licenses, passports, and social security information. If I could only recommend a single app to a computer user, this would probably be it.

Price $49.95 | Download the Trial | Download in the Mac App Store

★ Parallels 7 destroys VMWare Fusion 4 in Windows and Linux Pen Testing Environments

Posted by | Software | 4 Comments

Parallels 7 vs VMWare Fusion 4

Desktop Virtualization Head to Head for Mac OSX

I started using Parallels 7 to run virtual machine labs to practice my security assessment skills. I've read a ton of reviews comparing Parallels 7 to VMWare Fusion 4, but I wanted to try testing the two myself. I'll save you the time and energy of this article and let you know now that Parallels Desktop 7 smoked VMWare Fusion 4.

Tests Performed

Tools Used

  • BackTrack 5: Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
  • Hackxor: Web app hacking game where players must locate and exploit vulnerabilities to progress through the story
  • Metasploitable – Exploitable VM to test against
  • Windows Vista

Tests Performed

  • Running Backtrack 5 alongside Metasploitable and Hackxor virtual machines
  • Converting pre-made VMWare images to Parallels images

Performance Results

The following machines were using in the performance testing of the two products:

  • 2011 Macbook Pro, 2ghz Core i7
    • 8gb ram, OSX Lion 10.7.2.
    • OSX and Applications running on OWC Mercury Extreme SSD
    • VMs running on 7200 rpm Scorpio Black
  • 2009 Mac Pro, Quad Core Xeon
    • 8gb ram, OSX Lion 10.7.2
    • OS and VMs running on separate 7200 rpm Scorpio Black hard drives
Test 1: Running Backtrack 5
System Details Score
Parallels 7
  • Using only a live instance of Backtrack 5, both virtual machines performed equally.
  • No visible signs of virtual machine lag or OSX performance degradation.
  • Tested with various scanning tools scanning and password brute forcing using John the Ripper.
10
VMWare 4 10
Test 2: Running a Backtrack 5 alongside Windows Vista
System Details Score
Parallels 7
  • OSX and both VMs performed great.
  • Boot up time for Windows Vista VM significantly faster with Parallels.
10
VMWare 4
  • Boot time & performance for Backtrack seemed to be about the same
  • Boot time for Vista VM measured at 3x SLOWER than parallels
  • Noticeable performance lag noticed when trying to run multiple VMs
7
Test 3: Windows Vista Standalone Performance and Lion Integration
System Details Score
Parallels 7
  • Even in a single instance, Parallels 7 performed faster booting Windows Visa
  • Lion Integration performed very well. No complaints or issues.
  • Running heavy applications like Visio booted very quickly. Performance continued as large documents were opened.
  • Startup and Shutdown times seemed normal compared to a normal Windows machine & suspend time only took a few seconds.
9
VMWare 4
  • Boot time & performance for Backtrack seemed to be about the same
  • Boot time for Vista VM measured at 3x SLOWER than parallels
  • Lion Integration performed well. No complaints or issues. 
  • Startup and Shutdown times seemed normal compared to a normal Windows machine & suspend time only took a few seconds.
  • Running heavy applications like Visio started quickly, but performance quickly degraded as large visio documents were opened.Performance became choppy and sluggish.
  • I really like the idea of having the “Start Menu” present from the task bar (as opposed to having it on the dock)
7
Test 4: Converting VMWare images to Parallels (and vice versa)
System Details Score
Parallels 7
  • Converting both Backtrack and Metasploitable VMs to Parallels virtual machines was extremely simple. Just select the VMWare file to be opened and Parallels automatically converts it.
  • Total time to convert the Backtrack 5 image (8gb) was about 90 seconds.

 

10
VMWare 4
  • Conversion process just as painless with VMWare
  • Conversion time for the Backtrack 5 image was about the same at 100 seconds. 

 

10

Final Score – Parallels is the clear winner

Parallels Desktop 7 is the clear winner. VMWare's performance really doesn't even come close. VMWare has some nice features, especially in the department of Windows unity/integration. Unfortunately, VMWare just doesn't cut it when compared to Parallels' overall performance. With Parallels, Bootup and load times are significantly faster. Overall system performance is also better when running virtual machines. In my opinion, Parallels Desktop 7 is the clear winner.

Parallels Giveaway Contest

As a result of the incredible performance tests, I was able to contact Parallels and arrange for a giveaway to our audience. Starting later this week, We will be giving away 4 copies of Parallels Desktop 7 for Mac, 1 per week for the next 4 weeks. Stay tuned for directions and more information on the contest!

Contact Us

Have a question? Send us a message. We'll get back to you soon.

captcha