It is that time of year. Holiday shopping, Black Friday, Cyber Monday (that still sounds like a XXX movie), and the like. Special offers abound, and the bad guys are ready to get you. Some simple steps to stay safer during the holidays.
This is the time of year that the criminal digital underground loves. People rushing to get the best deals they can, be it online or offline. The odds of someone clicking on a malicious link, increases with desperation, and of course making the deals looks good. Nothing will 100% guarantee that your going to be free of malware, or that your identity will not be swiped, but there are some simple things to remember to keep the risks at more of a minimum.
1) If it looks to be too good of a deal, it probably is, especially online. Deals are the easiest thing to snag someone online with. Pair that with fake URLs that look legit, and you have a recipe for disaster. The trick here is to find out what the real URL is. In Outlook and most browsers out can hover over links to see what they are sending you to. Doing a right click and copy hyperlink then pasting into notepad is a good way to see the full link itself for a quick check. If it shows something that bothers you, don’t go to it, don’t click on it.
2) Keep up to date with your purchases. This is easy enough to do with online banking. Check at minimum once a week online with your bank and credit card companies. Look for anything out of the ordinary. the faster you see something that looks fraudulent the faster things can be taken care of, and the less hassle there is overall.
3) Single Click on the web! I see this all too often. We as a society have gotten so use to double clicking to open programs that we forget it is a single click on a link. This is important because that second click could hit a hijacked ad on the site you were going to and at that point it is game over. You are pwnd and let the malware flood gates open.
4) Backup Backup Backup. Get an external drive that you only connect to backup your files, Use Mozy or Carbonite, do something to backup your files. Especially with Cryptolocker out there, the clean backup is important so you don’t have to pay to recover your files and take the risk that the bad guys are not going to keep their end of the bargain.
5) If you do not have to enter your pin on a pad, DON’T! Most bank cards can be used as “Credit Cards” (They have the Mastercard or Visa logo on them) meaning you do not have to punch in your security pin. Who knows if that pin pad is secure. Yes it only stops the pin from being gotten but that can be enough to stop someone from emptying your account.
Yes, these are basics, and yes milli0ns of people each year tend to not think about them. They are simple and pretty effective, but remember not perfect. If someone hacks the store or bank, you have no control over that. If the credit card or ATM machine has been tampered with, you don’t have control over that. Just do what you can to keep a little safer, and have a great holiday season!
The DMCA (Digital Millennium Copyright Act) is a powerful tool for copyright holders. Take down notices get served to many websites daily to remove infringing items, yet many are false positives. Will the DMCA harm cloud computing? I think its a good possibility.
I recently read an interesting article on SC Magazine about a security researcher who had her MediaFire account suspended for 36 hours because of a DCMA notification. The infringing files she had on the account for years, and were malware files that had been or were being researched by her and others. There is also the case of speeches from the recent political conventions been taken down off You Tube because of automated filters to prevent DMCA take down notices. The amount of false positives reported to the news outlets it a small portion of what actually is out there, but they tend to make big news.
So what does this all have to do with killing the cloud? The answer is quite a lot. If the filters and DMCA searches are conducted in a way that can breed a lot of false positives, such as just going by file names and sizes, then what is to prevent a DMCA notice and fight over a companies private files that have the same name as some other companies files? Better yet, what if something is named too similar to something from the entertainment industry? a presentation that uses music, hey there can be a DMCA takedown notice right there if a file scanner digs into it, or if you leave the name of the song in the filename.
The idea being that all these notices can help make people gun shy about moving or even using the cloud. Copyright is needed, yet has been blown way out of proportion in its longevity. Life of the artist plus 75 years is way to long, considering that copyrights were meant to foster innovation, not to allow someone to sit back on their laurels. Now we see that it can affect researchers which are reaching to the cloud to help analyze items in a file. This can affect not only the infosec area but other areas such as medicinal or other science research. All this because one is guilty until proven innocent. This can and will affect the future in more ways than we can see at this time.
The world of Technology is a fickle one. You can be a darling one minute and a hated evil empire the next.
There is a lot of talk going around on the technology websites. With all the announcements made recently there has to be. You have Microsoft’s Surface, Google’s Nexus 7, Apple’s new MacBook, and that is just the tip of the iceberg. As always there is much debate about what these things mean, not only to the world at large, but in terms of what a company is or is not. These opinions help shape the future of tech, and what company’s bottom lines will be. The problem is that those writing opinions are just that, opinions, but people take them as facts.
For instance, lets look at Microsoft and its reputation as an “Evil” empire. This thought, which started back in the 90′s, when Apple was on life support and when Microsoft was trying to outflank any competitor, mostly by using integration with less superior products. There was an Anti-Trust suit, Microsoft had to capitulate to oversight and allowing use of its APIs fairly. The tech world wanted Microsoft broken into multiple companies, like AT&T had been many years ago(and that turned out so well). Here we are now in an age where the world of technology is well more than just PCs. A world where overall, Microsoft is not that big of a player. Yes it still is the dominant PC operating system. The world of mobility though belongs to Apple and Google. The world of the internet belongs to Google and Facebook. Microsoft’s name and slips seem to measure bigger, get sounded louder, and last longer than any slip from any of these other companies.
Take a look at security and privacy. Microsoft has been working for years, and getting much better, at security. Third party applications, such as Flash and Java, have been the big holes into Microsoft systems recently. Yes there are still vulnerabilities found in Microsoft’s software, but the have gotten pretty responsive about patching those holes. Apple recently had the Flashback malware, which came through a Java exploit. A Java exploit which had a patch out from Oracle for 60 days before Apple decided to push it to the OSX machines out there. Apple has control over the updates that get pushed down to its devices. It doesn’t like playing with others. As a result, it has now changed its marketing about Macs and Malware, removing the idea that Mac’s do not get viruses from its marketing. There was a lot of talk about Apple’s problems with security, but overall it did not hurt Apple as a company. The average person didn’t even know about the whole deal. If it was Microsoft the whole world would have been down their throats and never forgotten.
For a second example of the hypocrisy in the world of technology, we can look at Tablets. Microsoft has announced it is making its own tablet called Surface. Most tech writers are pleased with this idea, but the OEMs are pissed. How dare Microsoft produce a tablet of its own. Yet when Google announced its own Tablet, the Nexus 7, these same OEMs had no issue with it. Apple produces the iPad, with utter control over it, and OEMs don’t complain. So why be up in arms over Microsoft? The issue at hand is that Microsoft has been burned by its partners on non-PC’s as of late (I won’t get into the whole HP PC stupidity). Think about it, Microsoft created a tablet type computer almost 10 years ago, besed on specific types of hardware, and the OEMs screwed it up, and overpriced it. Apple comes along with the iPad and its a revolution. Microsoft had the Windows CE phones (I had one and loved it back in the early 2000′s). The OS eventually got a bad rep as it became bloated, but when Microsoft fixed things with Windows 7 Phone were the OEMs ready to get back to producing items with it? No. For that matter, OEMs which have done the same thing with their support of Linux, claim to be supportive, and claim to be coming out with new products based on Microsoft technology, yet either come out with one item that is not pushed in the marketplace, or don’t ever come to market with the item. Now add on that Microsoft has its own store (like Apple), and you can understand why Microsoft would get into making a Tablet of its own.
The reality of it all is that people are letting certain things from the past cloud their judgement. They are not basing everything on the current facts only. Truth be told, Apple is a more controlling and “evil” empire because of its control than Microsoft is. Google has been shown to have a ton of privacy issues, as much if not more than Microsoft. Microsoft gets held to a higher standard because of their past and the Anti-Trust suit more than they should at this point. For technology to really grow right, we need to hold everyone to the same standards.