Category Archives: Internet

When Making a Wi-Fi connection …

Some great advice and tips to follow when connecting your computer via Wi-Fi.

It’s a good idea to connect to public networks that require passwords when possible, as they tend to be more secure. Many public networks have a legal disclaimer stating network use and security. It pays to read these before connecting.

Turn Wi-Fi off We don’t mean you should turn your Wi-Fi off permanently, rather, when you’re not using your device, or are connected to another network, e.g., mobile data, turn your Wi-Fi connection off. If you have Wi-Fi on while connected to another network, your device can and will actively search for networks to connect to and often connect to an unsecure network, unintentionally exposing your information.

Use HTTPS when possible HTTPS stands for Hypertext Transfer Protocol with Secure Sockets Layer SSL. In layman’s terms this is a website that has been built with security of user’s data in mind. Many popular websites have a HTTPS version that can be accessed by typing in https://www.sitename.com. Using HTTPS makes websites a lot harder to hack, and it’s a good idea to get into the habit of using them when on a public network or connected to Wi-Fi outside of the office.

Use data not public hotspots Hotspots are public Wi-Fi connections usually provided by a company e.g., many coffee shops have Wi-Fi, this is a hotspot. These can be unsafe, so it’s much better to invest in a data connection for your device, or a mobile Internet stick, which are considerably safer as the data is encrypted before it’s transferred from the cell tower to your device.

Use a VPN A Virtual Private Network – VPN – connects multiple computers in different locations to the same network via the Internet. Many companies use this to connect and share data with satellite offices, as the data is encrypted and secure. The main benefit to VPNs is that you can connect to a public Wi-Fi network, and transfer data securely using the network’s bandwidth. Many businesses use some form of VPN, which makes it easy for you to keep your business data secure while out of the office.

There are also VPNs that allow you to securely access the Internet via a public Wi-Fi connection, while encrypting all data sent and making your computer anonymous.

Source: Beware when connecting to Wi-Fi – Wausau, Eau Claire, Green Bay | Network Solutions of Wisconsin.

The key is to make it as difficult as possible for someone to hack into your computer.

Advertisements

“Top sites are covertly cramming cookies down users’ throats”

If you don’t like cookies …

“The number of websites that allow visitors to be tracked by third parties may be surprising to some, but as consumers begin to understand that their online behavior can be recorded, enterprises will have to work even harder to ensure that consumers’ privacy expectations are met,” said Ray Everett, Keynote’s director of privacy services.

According to Keynote, much of the data that companies collect via cookies is used for behavioral advertising. Third-party trackers place cookies to track a user’s clicks and path through the Web and to know what a visitor buys at any given site.

The problem here is, users don’t have a clear way of knowing which third parties are planting cookies, how they’re using the data they collect (beyond, say, providing more expensive travel offers to Mac users), or how well those third parties are protecting potentially sensitive data. Given that users are becoming increasingly concerned about their online privacy, site operators may feel greater pressure from customers, advocacy groups, and the feds to do a better job.

Consider this:

Looking at the 2,500 most popular websites, the researchers discovered that 87 percent had cookies and found a total of 442,055 cookies in all.

In other words there’s lots of baking and distributing of cookies going on.

Read more:  Top sites are covertly cramming cookies down users’ throats | Internet privacy – InfoWorld.

What’s up with port 79 ?

Scanning for BGP hosts that are vulnerable?  From the ISC:

ISC reader Yew Chuan reports that he is seeing a steady increase in probes to tcp/79 (“finger”). Our own DShield sensors confirm this observation, as is visible on the image below. It’s been a while since we last had exploit attempts on tcp/79, and hardly anybody is using/running “finger” anymore these days. So .. what’s up? Anyone got packets?

Update 1330 UTC: Scanning for tcp/79 has been seen by many ISC readers, and most say the IP blocks it originated from are in China and Taiwan. No packets yet – looks like everyone has tcp/79 blocked, and only recorded the initial “SYN”.

For more info from the comments check out:  ISC Diary | What’s up with port 79 ?.

FBI cybercrime sting leads to 24 arrests

Another successful sting:

The FBI orchestrated a two-year cybercrime sting that resulted in 24 arrests, with some alleged hackers facing more than 20 years in prison for allegedly profiting from stolen information such as credit card and bank account numbers, law enforcement authorities announced today.

The U.S attorney’s office in Manhattan and the FBI announced the arrests and provided details of the sting operation, which involved FBI agents posing as hackers while the bureau set up a fake “carding” forum, according to the press release (see the full release below). Carding is the term for crimes associated with exploiting stolen personal information for profit. The forums helped “carders” communicate and, in some cases, find mailing addresses — usually empty apartments or houses — for products purchased with stolen credit-card data.

Read the rest:  FBI cybercrime sting leads to 24 arrests | Security & Privacy – CNET News.

Troubleshooting a Slow Network Connection

Great tips on network troubleshooting from the CompTia IT Pro networking blog.

  • Problem at the physical layer: Many times, I’ve found that slow networks occur because of some sort of problem with a particular device(e.g., a cable modem or a switch), or even the network cable itself. If you’re using a cable modem, try restarting it before contacting anyone or going any further. Check to see that all physical connections are sound; a loose wire can mimic other problems. Start here, and you’ll be able to move forward with confidence. Additional issues can include firmware update problems. One time, I had a cable modem that simply “bricked” because my ISP’s automatic update procedure failed. Other times, I’ve found that a cable modem hasn’t fully installed a firmware update, causing slowness. Sometimes you need to get a new modem; other times, you simply need to either complete the firmware update or simply restart it.
  • Network service problem: Start with diagnosing DNS issues. We all know what a completely failed DNS server can do to you. But have you ever been in a situation where you go to a familiar URL (e.g., http://www.bbc.co.uk) and then the browser tells you that it is “looking up” or “resolving” the URL? It will eventually find the URL and resolve it for you. This problem is likely due to a problem with your DNS server of that of your ISP. Restart the service if it’s your own; if you’re using a DNS server provided by the ISP, either switch to a backup server or inform them that there’s a problem. As with the previous piece of advice, actually restarting your computer can help resolve this issue, too. Additional services to consider include domain controllers, Microsoft networking / Samba servers, and torrent services. In some cases, network traffic will run slow because your network isn’t configured to prioritize certain traffic types. In other cases, you’ll need to set up port forwarding so that certain traffic types on your network will be properly forwarded by your router. For those of you interested in how an enterprise network prioritizes traffic, check out the following link about QoS.
  • Computing device issue: I once had a friend of mine who was convinced that his company’s ISP was at fault for slow network speeds. It turned out that his system was infested with spyware, causing a serious slowdown in networking. Removing the spyware solved the problem. In another case, the computing device had a problem because it had the wrong software driver installed for the network card. Resolving that issue resolved the slowdown issue nicely.

Head to the source to find out some other things to investigate when dealing with a slow network connection.

Enhanced by Zemanta

Hackers Outwit Security Systems

Thanks to “Man in the Browser”, even up-to-date anti-virus software combined with the latest generation of online banking security doesn’t protect those using online banking.

A test witnessed as part of a BBC Click investigation suggests even those with up-to-date anti-virus software could be at risk.

There is no specific risk to any one individual bank.

In the test the majority of web security software on standard settings did not spot that a previously unseen piece of malware created in the software testing lab was behaving suspiciously.

The threat does not strike until the user visits particular websites.

Called a Man in the Browser (MitB) attack, the malware lives in the web browser and can get between the user and the website, altering what is seen and changing details of what is being entered.

Some versions of the MitB will change payment details and amounts and also change on-screen balances to hide its activities.

With the additional security devices, the risk of fraud is only present for one transaction, and only if the customer falls for the “training exercise”.

“The man in the browser attack is a very focused, very specific, advanced threat, specifically focused against banking,” said Daniel Brett, of malware testing lab S21sec.

“[Although] many products won’t pick this up, they’ve got a much bigger scope, they’re having to defend against all the viruses since the beginning of time.”

Every time a new update to the malware is released, it takes the security companies a number of weeks to learn how to spot it – to learn its common features.

But one security company did privately concede that, if this threat had come from a source not known to be bad and started communicating with a web address also not on the black-list of “bad” sites – until they had discovered and analysed it – it probably would have beaten their protection.

The key in this cat-and-mouse game continues to be the user and how high they set want to set their security settings on anti-virus software.  But even then NOTHING is 100% secure when it comes to data.

Enhanced by Zemanta

SOPA is Dead

As a result of massive opposition, SOPA has been pulled in the House.

Lamar Smith, the chief sponsor of SOPA, said on Friday that he is pulling the bill “until there is wider agreement on a solution.”

“I have heard from the critics and I take seriously their concerns regarding proposed legislation to address the problem of online piracy,” Smith (R-Texas) said. “It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products.”

In addition Senator Harry Reid has cancelled a scheduled vote on its counterpart.

“In light of recent events, I have decided to postpone Tuesday’s vote on the PROTECT IP Act,” said Senate Majority Leader Harry Reid (D-Nev.) in a statement Friday morning.

It’s a step in the right direction when it comes to an overreaching attempt to control a free Internet.

Enhanced by Zemanta

Princeton Wins College Hackathon

Image representing Facebook as depicted in Cru...

Image via CrunchBase

An interesting competition put on by Facebook.

Overcoming stiff competition from MIT and Waterloo, Princeton won this year’s Facebook College Hackathon finals. Over the past few months, Facebook conducted run-off competitions at fourteen colleges across the United States and Canada, and this Friday held the finals at Facebook headquarters in Palo Alto. The Princeton team was the only one comprised mainly of women, and their winning project Color Me Bold allowed users to submit a photo of an outfit and receive instant, algorithmic fashion suggestions for how to improve its color scheme.

My personal favorite was MIT’s 2toBrowse, a Chrome extension that allowed two people on separate computers to both control active cursors and collaboratively browse the web. One users installs the extension, receives a special URL, and another can click it to instantly begin browsing together without having to download anything. The extension could help people teach their parents how to use a specific website, allow customer service departments to walk customers through solutions to problems, or provide entertainment.

Other high quality projects included Georgia Tech’s Skoole, an on-campus peer-to-peer SMS-based textbook exchange, and a cloud-hosted security system from the University of Illinois team that lets users access their personal browser settings and files from public computers using the proximity of their mobile phone as the key. Waterloo produced the most technical project, a JavaScript MapReduce distributed computing library.

The College Hackathon, also known as the Camp Hackathon, serves as a powerful recruiting tool for Facebook. By finding top young engineers and bringing them to the headquarters, Facebook increases the chance they’ll want to work for the company once they graduate — or drop-out like Facebook’s founders.

Go to the source to see some awesome video of the Facebook Hackathon.

 

Enhanced by Zemanta

Is any browser “safe”?

It’s a fair question considering this.

Judging from the headlines appearing this week on tech Web sites, you’d guess anyone using a browser other than Internet Explorer was a fool.

After all, IE version 9 scored a whopping 99.2 percent in NSS Labs’ worldwide test (PDF) of the ability of top browsers to detect socially engineered malware. IE 8 wasn’t far behind at 96 percent–the difference attributed by NSS Labs to the Application Reputation component added to IE 9‘s SmartScreen technology.

By comparison, the four other browsers tested were veritable social-malware sieves: Google Chrome 12 had a 13.2-percent detection rate, Firefox 4 and Safari 5 detected 7.6 percent, and Opera 6.1 percent.

But yet the results similar to this survey aren’t seen.

Such dramatic results should be easy to corroborate, but a search for similar results from other sources came up empty. Every other browser comparison I could find rated Firefox, Chrome, and (usually) Opera above IE in terms of security. In fact, SecurityFocus lists 62 current vulnerabilities in IE 8, some dating back more than two years. The site reports 17 vulnerabilities in IE 9 (note that some of the vulnerabilities for each browser are listed as “retired”).

By comparison, there are no vulnerabilities reported currently for Chrome 13, Firefox 6, Safari 5, or Opera 11.

The key to having a safe browser, no matter which one it is?

Whichever browser you prefer, ensure that you’re using the most recent version. Google Chrome updates automatically, IE gets its patches as part of Windows updates, and Safari is kept current via Apple Software Update. To set Firefox to update automatically, click Tools > Options > Advanced > Update (Windows) or the Firefox menu > Preferences > Advanced > Update (Mac) and make sure “Automatically download and install the update” is selected.

Enhanced by Zemanta

 

%d bloggers like this: