Its been a really bad year for companies that have experienced cyber crime or have had serious data breaches. Most recently the Sony Corporation has been in the headlines for failing to properly secure its PlayStation Network which allowed hackers to steal hundreds of millions of users details and possibly credit card information. In April WordPress reported that hackers had gained access to their servers and had access to passwords and source codes of up to 25 million blogs, but no specific details were given. In march Epsilon one of the largest communication companies had a serious data breach that left its major clients which include JP Morgan, TiVo, Walgreens and Best Buy to name a few worried that their customer data had been stolen.
Continuing on, RSA, a company that makes SecurID authentication tokens, recently reported that alot of their data had been stolen after their networks were breached. This was a severe loss for the company causing them to re-issue security tokens of more than 40 million customers including the US Government. Voice of America which is a government website which posts official government news was hacked by a pro Iranian group and edited to denounce the US involvement in the Middle East protests. You can also add Google into the mix which has been facing huge cyber attacks from the Chinese for the last 6 months.
And just announced yesterday Citi Group one of the worlds largest financial institutions said that personal information on more than 200,000 of its customers had been stolen including account numbers and email addresses which would probably be used for phishing attacks.
There is no doubt that attacks and cyber crime will keep happening, and while you can try to protect your own personal data at home, just remember that you also have personal data stored on servers located around the world. Weather it be medical information, video rental history, frequent flyer miles, or the membership card at your local grocery store. All these companies keep records and are susceptible to being hacked.
So what can you do to prevent it? Well unfortunately not much. Keep up with the news and keep changing your details, emails, passwords etc. Check your bank balances frequently, use prepaid credit cards and hope for the best because cyber crime is here to stay. To protect yourself we have alot of information on Hide Yourself Online so spend some time to go through our website.
The White House and Obama Administration has just released a new strategy on how it plans to secure the internet and make it more safe and reliable in the next few years. The report titled “International Strategy for Cyberspace – Prosperity, Security, and Openness in a Networked World” can be found here.
The US government has been working hard lately introducing new bills to fight the increase in cyber attacks, hacks, and overall lack of privacy and security on the internet. With increasing threats from China, Russia and Japan, its not coming too soon as you may be aware the amount of companies being hacked in the USA has increased dramatically in the last 12 months.
The report is 25 pages long and basically lays out the challenges that will be faced and their vision for the future.
Following our post last week about the security of the online storage website Dropbox, they have responded to the claims and the FTC complaint filed against them.
The founder of Dropbox Drew Houston said “I take issue with the allegation that we have somehow lied or misled people for any kind of gain, we never put anything up there that was untrue, and now it’s leading to people think we are not secure.”
He claims that the website is upfront with users on their services, however they have also recently changed their website to word their policies a little different. He also did make a a statement saying that employees of Dropbox do have access to customer files but would only use them when legally required to do so.
Either way we don’t think its safe to store your documents on such sites unless they are encrypted previously to uploading with programs such as TrueCrypt. Do not rely on their encryption.
That is an interesting question, no doubt Osama Bin Laden would have been into some interesting stuff. Laptops and other computer equipment was seized when he was killed in Pakistan this week. As hard as it might be to picture the old man hunched in a corner with an old Sony Vaio atop a cardboard box in an old dusty room checking out the latest YouTube clips, reports are that the US has seized computer equipment and hard drives that were found in the compound.
I would bet that he is not computer savvy, but he must have had at least a few computer literate guys around him, after all the Taliban are known for making encryption software such as this program called Mujahideen Secrets that is used to encrypt and decrypt files shared between terrorist networks. So now that the US has all this data, can they really decrypt it all, and will he have secret terrorism plans on his computers or maybe just songs of Justin Bieber…
As much as we hate to rant on about the need for users on the internet to be using a Virtual Private Network to encrypt their data, there is just story after story out there of reasons why everyone should be using a VPN.
This one is a little old, but a worth while read none the less.
In March AT&T, the network service provider in the USA and Canada had a security lapse sending its Facebook traffic through China and then Korea due to a “routing mistake”. The private data was sent to Chinanet, a Chinese network provider, then via Chinanet to SK Broadband in South Korea, then to Facebook instead of directly to the Facebook Servers. Since Facebook does not use SSL or Secure Socket Layer protection, all this traffic was sent unencrypted to China and Korea where it could have been picked up and most probably was given those suspicious Chinese.
Now you may think that this is a one off incident, well you would be wrong. The internet is simply not a safe place. Users concerned about their security and privacy should be using a Virtual Private Network that encrypts the data sent between your computer and the final destination. For more information on this process please view our VPN Page, About VPN page and for a comparative list of VPN Services view our VPN Plan comparative page.
A secret iPhone feature related to the recent release of the iPhone 4 software has been found. The feature secretly tracks your movements across the world by using cell phone towers and wifi hotspots to pinpoint your location and keep a record of where you have been.
Security researchers Pete Warden and Alasdair Allan found this feature while digging into the new iPhone 4 software update and suggests Apple may plan to use this data at a later time, but its not known what they would use it for. The pair also developed a free tool that will help read and plot the data on your phone to a map, giving you an good idea of the data that is being recorded, secretly and without your permission! The free application for Apple’s Mac OSX operating system can be found here.
Below is a screen shot of the data found on one of the researches phone after he took a train ride in the USA. According to the researchers, one of which used to work with Apple for 5 years, they are still waiting for an official reply from Apple on this discovery.
An interesting fact for some of you that are not already using a VPN. Search engines such as Google, Bing and Yahoo keep all your search history including keywords, IP addresses, cookies etc. on file for 18 months after you did the initial search. Why do they need to keep this data on file? Well only they really know, but if you are not using a Virtual Private Network to hide your true identity than every search, every page and quite possibly everything you have done on the internet in the past 18 months has been tracked and recorded. Yahoo recently changed its policy from 6 months to 18 months after it changed from 18 months to 6 months a few years back.
It doesn’t stop with the search engines either. Google Analytics tracks every user going to a specific website, what they do on that site, how long they are on it, what pages they visit and when they leave it. It can also pinpoint your location down to a few kilometers as you can see if this screen shot below taken from our Google Analytics of a user in California.
From Google we can see your location, browser, network speed, internet service provider, screen resolution and more!
Alot of this information is also used to target advertisers. Have you ever searched for something like “how to hide my ip address” and then suddenly your seeing ads on several sites directed to that previous search? Yes you guess it right; the search engine has stored this information and is now targeting specific ads based on that search from cookies stored in your browser. You are now on their marketing list.
So how do you stop this type of behavior and stop yourself from being tracked? Simple you just need to do a few things.
1. Get a VPN, this is the most important security feature to surfing online, it will protect you by encrypting your connection and also hide your true identity by hiding your IP address. View a list of the top VPN providers here.
2. Use the private browsing features in Google Chrome, Firefox or Internet Explorer. This will make sure no data, history, cache or cookies are stored on your computer. In Google its called “Incognito Mode” in Firefox its Private Browsing and in Internet Explorer its called InPrivate browsing. If you need help setting them us send us a message on the Internet Security Forum.
3. Not a necessity, but don’t browse the internet when signed into your Google or Yahoo account. Keep 1 browser specifically for browsing the internet and another one for your emails and personal stuff.
Quite a bizarre story for you today, one so outrageous it doesn’t even sound true, however it was posted at the ACLU (American Civil Liberties Union) website earlier this month.
According to a complaint filed against the Michigan State Police, the police are using specialized portable devices to search and extract your personal information, videos, call history, emails and messages etc. on your cell phone during random routine stops on the cities roads. The device the police officers are using is called the UFED Physical Pro which are sold by a company called Cellebrite with a a slogan of “mobile data secured” well not in this case. The device which seems to be made to restore access to phones including a data dump and also recovering the lock and sim passwords does not appear to be made for the purposes of searching private citizens phones but the police are using it for their own purposes in violation of your 4th Amendment rights.
The ACLU has been investigating this case all the way back to 2008 with no success. You can find Information on the ACLU website. Just a thought though, imagine if this hardware and these tactics were used everywhere, including on laptop in airports at road blocks etc, is that a country you would want to live in? Perhaps this is just a trial and its success could see it rolled out in other cities across the USA.
A reader recently sent me in some pictures of a huge pile of secret and potentially dangerous documents dumped outside a business that had been shut down in his city which appear to be somewhere in France as alot of them are in French. I will post some of the images below but not all of them, they include company documents such as bank account numbers, bank statements, customer data, phone numbers, names and addresses, employee data such as names, phone numbers and addresses as well as resumes and qualifications. There were also purchase invoices, receipts and pretty much every single document a company would have on file dating back to 2003.I have removed some of the sensitive information to protect the employees.
I was quite shocked to see what this anonymous reader sent in, not only at what had been discarded simply on the street but that absolutely no care had been taken to protect their own data. This is just 1 company going out of business, now just think of the thousands or millions that went bust during the 2008 crash, and the ones that will go bust in the new crash, what do they do with all their documents, looking at the pictures below doesn’t it make you wonder?
Toshiba has recently announced the upcoming release of a new hard drive called the MKxx61GSYG which comes in sizes up to 640 gigabyte and is able to automatically wipe all data on the drive if it is removed from the paired computer. Simply put, if the drive detects that it has been removed from the host system it will cause either part or all of the drive to become crypto-erased. An interesting feature includes setting custom sections to be erased based on pre defined policies of the hard drive.
Toshiba is trying to push these new drives into devices such as multi-function printers and fax machines that retain images of faxes and printed documents but also said the technology would be very useful to laptop owners to protect their data from being accessed if their computer was to be lost or stolen.
Prices for the new drives have not been set but they are no doubt set to become very popular. Samples of the new drives are being sent out this quarter for testing and reviews. I hope we can see one in actions very soon, stay tuned for a a review of the new Toshiba MKxx61GSYG self erasing hard drive!
For more information on wiping hard drives please visit our Erase Your Data section of the website.
- Cyber crime and more data breaches in 2011 June 11, 2011Its been a really bad year for companies that have experienced cyber crime or have had serious data breaches. Most recently the Sony Corporation has been in the headlines for failing to properly secure its PlayStation Network which allowed hackers to steal hundreds of millions of users details and possibly credit card information. In April […]
- Is internet privacy impossible? June 10, 2011Internet privacy is becoming more and more of a topic of discussion these last few months as issues with Google, Apple and Sony are in the headlines. Privacy advocates are going as far as saying that privacy does not exist, it can’t exist and on the internet privacy is virtually impossible. In some way they […]
- Google Chrome update fixes 15 bugs June 8, 2011If you are using Google Chrome than you need to update to the latest version as Google as fixed 15 bugs including 5 high severity vulnerabilities. Along with these new bug fixes the new version allows users to delete flash cookies just like they can do with web cookies. Another new feature will prevent the […]
- Internet Privacy Bill rejected in California for the 2nd time June 5, 2011Bill SB242 also known as the internet privacy bill was rejected 19-17 by lawmakers in California for the 2nd time after coming under heavy opposition by those pesky social networking sites such as Twitter and Facebook who want the bill abolished because it will defeat the purpose of their website which is to exploit internet […]
- Gmail users – beware of fake login pages June 3, 2011Google sent a warning yesterday about targeted attacks on Gmail users that use phishing attacks to trick users to login to fake Gmail pages. The attackers thought to be Chinese seem to be targeting US officials that use Gmail (who would have thought they even do!?) and also political activists, journalists and military personnel. To […]
- Hide My Ass VPN launches new website June 3, 2011Hide My Ass VPN, one of the premier virtual private network companies has just released a new version of its website complete with a new blog. They have also 10 more VPN servers to their already large list of available ip addresses to use anonymously. Hide My Ass VPN currently offers 13,000 unique ip addresses […]
- Google Wallet payment system May 30, 2011Google has announced the release of their long awaited new payment system Google Wallet. This revolutionary new payment system allows users to pay at certain stores by swiping their mobile phones instead of their credit cards. The technology is fairly new at the moment so it only works on the Nexus S 4G by Google […]
- Inside Strong VPN – World class VPN services May 27, 2011One of the best Virtual Private Network services around at the moment is Strong VPN which is owned and operated by a Reliablehosting.com, one of the best hosting companies. In business for over 12 years, with 24/7/365 support its easy to see why people go with Strong VPN for their VPN needs. With over 900 […]
- New Private Browsing feature for mobile Firefox users May 22, 2011Mobile phone users with the Android operating system can rejoice today as Firefox releases a new version of its popular mobile web browser that includes the “Do Not Track Privacy Feature” which is already used in its desktop browser. Firefox for Android is currently the only mobile browser that us the do not track feature. […]
- Ant Video Downloader addon for Firefox a privacy concern May 22, 2011If you are a user of Firefox and have the Ant Video Downloader add on installed than we strongly recommend you remove it ASAP. The app which has recently been removed from the Firefox website has been found to be secretly collecting data about every website you visit and combines it into traceable data even […]