Archive for June, 2012

Government Sponsored Online Tracking May Compromise Privacy

June 29, 2012 Leave a comment

A new legislation passed by theUKgovernment sanctions the legal tracking of all the social media activities of users, along with the emails and other internet activities, in the country. The government has sanctioned this bill in a view that this tracking will help the law enforcement authorities in keeping track of criminals and terrorists who are increasingly making use of social media platforms to co-ordinate and execute their misdeeds.

But this does raise some serious questions about the social media privacy of the other users. If there was a database which contained all the data regarding the online behavior of a person, another person with access to that has the potential to misuse it. Anything from robbery, kidnapping and blackmailing to online fraud, can be possible. The bill faced a lot of opposition from the libertarian Conservatives but it remains to be seen how the data will be regulated.

Accessing Details,but Not  Content

Tom Brake, one of the top Libertarian officials, said that they were not exactly against online tracking, but believe that a level of discretion has to be maintained while doing so. The current proposal might cost millions of dollars for the government as they have to keep a record of all the content flowing through the internet. He suggested an alternative where the officials made provisions to track the details of the sender and recipient of the message and the location from which it was sent. If the behavior seems suspicious, then the contents of the communication should be accessed and analyzed for any potential threat to national security.

Government Requests Being Turned Down By Companies

There is a law which states that telephone companies, mobile service providers and ISPs have to provide data which they maintain to keep track of the customers bills. But these companies do not keep track of the content which their customers access because it’s a violation the customers’ privacy rights.

But government requests these days increasingly border on content related queries, which the companies cannot provide for a simple reason that they essentially do not have it. Company officials said that  more than 25% of the requests are being turned down because the company does not have the data to provide to the authorities. This is one of the reasons why the government is so keen on having its own tracking database.

Access to Personal Information without a Warrant?

Previously, theUKgovernment and law enforcement authorities had to apply for a warrant before accessing personal information. But if the new bill is implemented, it would mean the data would be at their fingertips and they can access it even if they have a shred of doubt. Lawmakers claim that extreme discretion would be maintained in this matter. But as time goes on, the people who are responsible might become a little more lenient, trying to make things easy. In the name of clearing doubts and establishing authenticity, social media and online privacy might be totally destroyed.

Other Possible Solutions to This Dilemma

The existing method seems fine for tracking online activities of people. Furthermore, there can be a bill implemented to facilitate implementation of an infrastructure solely meant for this purpose. This will allow the authorities to track people of interest only, on the internet and gather data. But a proper protocol has to be established in terms of determining who those people would be.

Although this bill is in its initial stages, there might come a time when there is a database which has information about all your online activity. So even if you have taken measures to stop cookies/tracking online, you might still be under government surveillance.

Categories: Our Products

Social Engineering: One of the Latest Online Security Threats

June 28, 2012 Leave a comment

If you know anything about IT security, you will understand that hacking requires a lot of effort on the part of the hacker. You will have to identify the node/nodes you are going to hack, try to beak down or get around its security measures and then access the data. This can take up a lot time and at the end of it, you might not succeed as you expected. To counter this unknown, hackers became more innovative and came up with a method where the people provide access to their computers on their own. This method of gaining access to a personal data  is called as social engineering.

What Exactly is Social Engineering?

To explain social engineering, let us take the example of a hunt taking place in the wild. To lure the prey, hunters use bait. It is not that every animal is attracted by the bait. But the ones which take it are not spared. This is exactly the same principle used in Social Engineering also.

Hackers disguise themselves as some legitimate people offering their services to unexpected web users. They approach the victims via emails, messages on social networking sites through anonymous social media accounts, and even through text messages. The approach is designed in such a manner that the victim does not doubt the authenticity of the hacker.

Once they establish a level of trust and their fake identity, the hackers will send one or a couple of links to the victims, telling them to visit the link to complete whatever fake process they had initiated. Once the unsuspecting victim clicks on the link, they provide the hackers with access to their computer. What follows is well known to everyone. Stealing sensitive information, personal information, authentication codes, bank fraud; the possibilities are endless.

Preying On the Weaknesses of Human Nature

To be adept at social engineering, hackers should have a basic understanding of human psychology. Curiosity is one of the main traits of human nature and sometimes, people act against their better judgment for the sake of satiating it. The level of curiosity is not the same in everyone. Some will be more curious than the others.

In a way, social engineering is an art. It depends on how well the hacker can lure people to click on the links which they send. At this point of time, you might feel  that all you need to do is stay away from links forwarded by anonymous people, but it is not as simple as you think. Mind is a fickle friend and you never know what you will feel in the next moment. There have been cases where people have been convinced to such an extent that they disabled their security features to access potentially dangerous link. Such is the level of attraction these hackers create toward their link.

How Can You Avoid Social Engineering Tactics?

Caution is the best tool against social engineering tactics. Don’t bother even if you go to the extent of being paranoid about unknown links you receive. The internet is a potential minefield and you never know the next mine you might click on. Always stick to the reputed and trusted sites. If your anti-virus or internet security warns you that a particular link should not be visited, don’t click on it.

Never get enticed by anonymous online offers, however lucrative it might seem on the outset. Also, avoid any requests for your personal information like your name, address, bank account number etc. Those are attempts to get information willingly out of you.

Also, ensure that you keep track of all your online accounts such as social media, banking accounts, professional networks and any other online accounts you might have. Do not hesitate to shut down the account if you notice any abnormal behavior.

Categories: Our Products

6 Easy Steps to Create a Secure Password

June 27, 2012 Leave a comment

One of the biggest dilemmas that we face while creating an online account is deciding the password for it. When you hear news about accounts on social networking sites, professional sites, banks and other online accounts being hacked into and misused, you may wonder how you can really secure your account with a password. Some are of the opinion that passwords don’t matter much, with the hackers having algorithms that cracks lengthy passwords of up to 20 characters in just under a few minutes. This is a wrong notion.

Importance of a secure password

Creating a password is the first step in securing your online accounts. Although hackers have the capability to guess them using algorithms, you can make their jobs harder by choosing unique and distinct passwords. No algorithm is perfect, and you never know if that software can crack your password. When many accounts on a particular site have been hacked, some still remain safe. The reason for this is their truly distinct passwords. Here are a few steps which will help you in keeping your passwords unique and secure. Although some of them might seem trivial, studies have shown that these are the tips which most people ignore and make their accounts more vulnerable.

Longer the password, more secure it is

The time that the software takes to guess the password depends on the number of characters present in it. The longer the password, more time the software will take to guess. Almost all sites identify hacks quickly and take preventive measures. So, there is every chance that the site will identify the hack and prevent it by the time your password is hacked, keeping it safe.

Add more variety

Add all kinds of symbols and letters into your password. Most algorithms use the brute force method to hack passwords. If you have more variety in your password, the number of possible combinations will also increase and hence will make the password more secure.

Don’t use the same password for all online accounts

Security experts are of the opinion that hackers will target sites with weaker security measures in place, to obtain passwords. When they have the codes, they will try to identify the same account on different sites and try the same code. If you have the same password for different accounts, you will fall prey to this method. So always, keep your password unique for each site.

Be creative with Passwords

Passwords don’t have to be grammatically correct or  be spelled properly. The more haphazard your password is, lesser is the chance of your account being hacked into. An expert from a leading security company advised that you should consciously make grammatical mistakes while creating a password, so that it makes the job of a password cracker difficult.

Regularly change passwords

A recent study conducted on three social networking sites revealed that people hardly change their passwords and only two out of hundred people do so, on a regular basis. The study also revealed that people only change their passwords if they forget their existing one. Change your password on a regular basis, preferably weekly or once in ten days. While changing, vary the pattern of the new password.

Avoid personal information in passwords

Do not have passwords containing your name, age, date of birth, or any such personal information. In today’s age, it is very easy to get your hands on the personal information of the person of interest. Even though you take steps to stop cookies/tracking online, there are other ways to access on your information. So make sure your password doesn’t contain any such details in it.

Follow all tips

It won’t help if you just employ one or two of the aforementioned tips for creating your password. All of the tips must be implemented if your password has to be secure and safe.

Categories: Our Products

Automated Banking Fraud Tool Discovered

June 26, 2012 Leave a comment

Ever since online banking was introduced, banks and security providers are keeping a close eye on how the hackers find a way to access these accounts. Key-loggers, trace mails, spyware, malware, viruses, etc were the common tools used by miscreants to gain access. Leading anti-virus companies came up with ways to tackle all these. Although the security measures did not ensure 100% safety, a semblance of safety was established.

Recently, hackers have found a new way of hacking into online accounts: enter the ATS (automatic transfer system) tool. This tool will get installed on your computer without your knowledge and make transfers automatically to the miscreants’ account.

How ATS Hacks Your Online Banking Account?

Before this novel hacking method was developed, hackers used to access your account with your login credentials, which means the login IP and node could be traced. This tool however is activated when you login to your online bank account. Till then it remains dormant, thus evading the anti-virus scans.

When you access your online bank account, the tool will automatically perform online transfers to other accounts within the bank. Since you have logged in, the online account administrators will not sense a threat and assume that you are the one making the transfers.

If you think you might identify this when you are logged in, you are wrong. The tool will also modify your account statements in a way such that the transfer performed by the tool is non-existent. You will only see the transactions you have performed. This way, you will not suspect any foul play until you check the balance another time or visit the bank. But it will be too late by then.

How Your Computer can Be Infected by the ATS

Your computer is infected by the ATS tool through the same way a virus, spyware or a malware  enters your computer. It can be hidden in emails that you open, get downloaded without your knowledge and remain hidden on your system. It can also be attached to files downloaded from illegitimate sites, pornographic sites and even compromised legitimate sites.

The advantage these files have is that they do not show typical behavior pattern of malicious software. So, your anti-virus or internet security has no way of guessing that it is a potentially dangerous software. It also remains dormant at all times and is activated only when you access an online bank account.

The ATS tool can also be hidden in software with no digital signature. Imagine you are downloading some software to convert the file format of your audio files and download some random software from the internet. The ATS tool can be easily hidden in that software. When you unpack the software package, the ATS tool is also extracted onto your computer.

How to Safeguard Against the ATS Tool?

The first and the foremost thing that you should keep in mind, is to never even enter illegitimate or potentially dangerous sites. There will be no way of judging if your computer is infected or not. So, prevention is always better than cure. Never install any software which doesn’t have a digital signature. All legal software is required to have a digital signature.

Make periodic visits to the bank, preferably once a week, to access your bank account details personally. That way, the account details cannot be modified and the real details will be available for you to see. Also, avoid interaction with unknown people on social networking sites. Hackers use fake identities and anonymous social media  accounts to lure unsuspecting people and redirect them to ATS tool infected pages.

In Case You Are Victimized

Report the incident to the bank and law enforcement authorities immediately. Also ensure that if any further funds are left in that account, you either withdraw them or move them to another account immediately.

Categories: Our Products

How ‘Faceprints’ Can Jeopardize Your Online Privacy

June 25, 2012 Leave a comment

Ever since social networking was introduced, people are being associated to their online profiles with pictures. This was a revolutionary concept considering people provided their own pictures willingly and there are no copyrights or privacy violation issues. This means that there are pictures, through which your identity can be established on the World Wide Web. However, there might be a database in some remote location that might contain a digital rendering of your face, making it easy for recognition. This is called ‘Faceprint’.

What is ‘Faceprint’?

A fingerprint is unique for each and every person. This difference can be noticed if you closely study the patterns of two or more different prints. There will be differences in the spacing between two lines, the curvature of the lines, the number of lines, the pattern in which the lines originate and culminate, etc.

In the same way, a pattern can be established for each face. The curvature of each face, the way the jaw line originates and culminates, the spacing between eyes, color of eyes, the dimensions of nose, etc. This is the same approach that facial recognition software adopt to recognize faces. Imagine if such a database is present through which people can access your personal pages. The implications could be disastrous.

Why is Faceprint Important?

Companies are investing a lot of money in developing applications which can recognize faces. A face is more accessible than a fingerprint and can be easily captured using a camera. Furthermore, there will be no need to inconvenience the person of interest unnecessarily by asking them to log in the fingerprint.

The Good and Bad of Faceprint

There are many good applications of faceprint. It will enable you to track and tag pictures of your buddies on social networks, locate the location of a person through video feeds, recognize potentially dangerous people and question them, etc.

But the same faceprint can be used in a bad way too. It can help criminals to get an insight into the private life of a person and plot their devious scheme. It can assist companies in giving an insight into the personal lives of their employees or potential employees. Criminals can use faceprint to unearth valuable data about a target to help them in plotting their activities.

Need to Strictly Regulate the Usage of Faceprint

Facial tagging is not a new thing and has been around from more than three decades. It did not pose such a serious problem till the introduction of social media networks. Nowadays, people seem to publish their lives on networks like Facebook and Twitter. With some careful analysis and timing, anyone can deduce the personality of the person of interest through his/her social media network behavior. This has been proved by a study conducted in a university a couple of years ago.

People Need to Be More Discreet

The solution to this problem can only be though the general public themselves. As much as they like to show what is going on in their lives to their friends,  people should adopt a level of discretion when it comes to posting personal data on social networking sites. They should realize that any miscreant can take advantage of that data and can cause problems.

Celebrities, public servants and other famous people should take special care to ensure that too much information on their private life should not be leaked to the public, directly or indirectly. A study conducted by the FBI showed that social media sites are the number one preference for miscreants who want to spy on their targets. It also highlighted how they use anonymous social media accounts to get in touch personally with the targets. All this can be avoided if the people themselves are a bit more careful and discreet on their online endeavors.

Categories: Our Products

How To Bypass Local Blackouts to Catch Up On Live NFL Games?

June 22, 2012 Leave a comment

Local Blackouts are probably the worst thing that could happen when you are watching a live NFL game. The reason for the blackout can be varied, but at the end of the day, you will be missing out on the game. There are many ways to overcome local blackouts and catch up with the game on the internet. Some of them are illegal while others require extensive knowledge of computer and internet networks.

But here are a few simple ways to bypass the local blackout and watch live streaming of your favorite NFL game.

Using Media Streaming Devices

This method will require the assistance of an accomplice who is watching the game in a non-blacked out region.  They will be streaming the media from their TV to your computer, laptop, or any other device with internet connectivity.

There are certain tools that help you in streaming live TV to PCs and other devices. You can search online for those tools and find the one that best suits your requirement. Your helper has  connect your chosen tool to the TV and select the streaming option. There will be an URL which is used to access the media stream. Your partner can share that URL with you.

The remaining steps are simple. All you need to do is access that stream using the URL you have been provided with. There will be a delay of a couple of seconds but you can watch the live feed of the NFL game. Here, only internet charges are applicable. That is excluding the initial cost of the streaming gadget you choose.

Usage of Proxy Servers

Another way of accessing the live feed from your PC or laptop is  to reroute your connection through a proxy server. For those of you who are not aware of what a proxy server is, it is a standalone server through which you can redirect your internet traffic. For example, say that  you are living in Los Angles and you need to watch a game being streamed somewhere else. Obviously, you do not have access because you are in a blacked out region.

Usually, blackouts are ensured through the monitoring of IP addresses that is accessing the feed. If the IP address is from a blacked out area, access is denied to the server. Else, it is granted. When you use a proxy server, you will be using that server to access the feed. When you use a proxy, it is the IP of the proxy server that will be visible to the source server, and not the IP from the blacked out region. So, the server will grant access and you can easily access the feed.

How to Access A NFL Feed Using a Proxy Site

Use the internet to find a proxy site. There are hundreds of proxy sites but not all of them are legit or unrestricted. Finding one maybe tricky but if you look closely at a couple of results, you will get an idea on how to differentiate an authentic proxy site from a fake one.

The next step is to change the settings of your browser to proxy settings. You can use the internet as a source for finding out how to do this. Then, you get to the tricky bit of bypassing the blackout. You have to try out a couple of proxy sites, as most of them are not capable of streaming a live feed. You can verify by accessing a YouTube video. If it runs smoothly, so will your NFL feed. The next step is to type in the URL for a live NFL feed and you are good to go.

Categories: Our Products

Can You Trust Social Networks to Protect Your Kids When Online?

June 21, 2012 Leave a comment

Facebook has recently announced that it is considering allowing kids under 13 years of age to register and use its services. While the kids are super excited, alarm bells have been going off in the heads of worried parents. It is not helped by the fact that recently Habbo, a social networking game, and Skout, a flirting app which is location-based, were reported to have a security issue where adults used the services to sexually exploit underage users.

Network Security is never Foolproof

Regardless of the number of security measuresimplemented and the steps taken by social networking sites, the fact of the matter is that network security is never foolproof. With the advancement in technology, people can easily cover their tracks to an extent where the credibility of their existence can be questioned. In fact, anonymous social media accounts have become quite common these days. Every new security measure has a loophole and the hackers are united when it comes to cracking a new security measure.

Identity of an Online User Can Never Be Definitively Established

Social networking sites have this facility where the user can display only what he/she wants to display. This means, you can never know if the user at the other end is who he/she is claiming to be or someone else. Even pictures and videos can be faked. Even on kids networking sites, adults can pose as kids, which is a serious security threat to the kids considering they are innocent and unaware of the bad things in the world. They can be easily manipulated and taken advantage of, as it allegedly happened in the case of Habbo and Skout.

Parents Role in Protecting their Kids

Some parents feel that they have done their job after installing the security software and allowing the kids to only the specified and safe sites. But that is a grave mistake on their part. Parents need to be pro-active when it comes to social networking of their kids. This is very difficult considering most kids consider parents to be an obstacle in their social life.

One strategy that parents can adopt is by being involved with your kids’ social network. Since you will be on their list of friends, you can keep a tab on the other friends your kids make. If any particular account makes you suspicious, you can make your kids understand that the account might be compromised and convince them to remove the suspicious account from their list.

Age Limits Do Not Work

Social networking sites have age limits for their users. But it is not like you have to submit a document that validates your age before your account is activated. All you need to do is use a fake year for your date of birth and you are good to go. If you think that your kids are on a social network with age limits and assume that they are safe, think again.

Setting Some Ground Rules

You can strictly instruct your children on some basic ground rules which will keep them safe. For example, instruct the kids to never share details through which they can be tracked. These details include phone numbers, address, daily activity details, etc. Ask them never to meet up with a person who they befriended online. This is the main way in which miscreants gain access to unsuspecting people, including children, and exploit them.

There is No Perfect Solution to This Problem

The only way you can be totally reassured about this problem is by banning your kids from using social networks, which is not an option considering the role a social network has in a youngster’s life. The best you can do is keep warning your kids to stay on guard and also monitoring them in any way you can to ensure that they stay safe online.

Categories: Our Products