Cyber Monday is coming

Leave a comment

Tomorrow is Cyber Monday, the online equivalent of Black Friday.  Online vendors offer great deals  — without the crowds, lines and hassles. While I never partake in Black Friday shopping (although I do practice Small Business Saturday shopping), I always try to get some time for Cyber Monday shopping!

Ah, but it is not without its problems.  There are great deals, but those that seem too good to be true often are just that, untrue.  People will pretend to give you bargains, and even pretend to be something they are not just so they can steal your money.  So, you need to be ready for them if you are planning to shop on Cyber Monday.  These are some hints that will help you keep safe.

  1. Only shop with companies you know.  Those little boutiques and great offshore stores may look like they offer great deals, but you may never get anything from them.  They should be avoided unless you are sure they exist because someone else has shopped there or you have some physical evidence that they exist.
  2. Don’t click on a link from an email to get to a website.  The link may look safe, but you do not know that link will direct your browser to where it says it is going.  If you must, copy the email address that it is visible and paste it into your browser manually.  Once you arrive at the page, look at it carefully to be sure it is the intended site and not a fake site made to look like a real site.  It is easy to reproduce logos, colors and the like to make a page resemble a legitimate business page even if it is not.
  3. Only provide your financial information  to websites that are secure.   Anything sent over a regular Internet connection can be captured by people with the correct knowledge and tools.  To avoid hackers having access to information such as your credit card number, you want to send the information over a secure internet connection.  Reputable stores will transfer you to a secure connection before asking for financial information.  You can tell two ways.  First, you should be able to see a locked padlock icon somewhere on your screen (it is different with different browsers, different versions and different kinds of machines).  For example, in Firefox on a PC, the padlock is at the top of the page near the “go back” button.  Also, even if you cannot find the padlock, look at the URL, or address in the locator window at the top of the page.  If it is a secure connection, the address will start with https:// (instead of the normal http://).  The “s” stands for secure.
  4. Try to use just one credit card online.  In today’s world there are lots of examples of hacking both online and at the brick and mortar stores.  It is a good practice to use a credit card online that is not your main credit card.  In that way if you are a victim of fraud, you can cancel the one card and still have another for your regular purchases.
  5. Keep passwords secure.  Most of us think passwords are a hassle.  While they are a hassle and it is hard to remember secure passwords or multiple passwords, they often are the only thing keeping your credit card and other personal information safe.  Keep them secure and keep them “strong” (hard to guess).  For more information on this, I recommend you look at the blog entry on passwords.
  6. ALWAYS use anti-virus software, a firewall and anti-spyware software.    It is amazingly easy to pick up malware on the Internet.  (For more information, check out my blog on malware.)  Having those tools available does not guarantee that you will not have problems anymore than putting locks on your doors will prevent you from being burglarized.  But, we all lock our doors at night.

Enjoy your hassle-free shopping, but be careful.  It is easy to forget there are undesirable people in cyberspace just like there are in most communities.  Avoid them if you can!

Facebook “Likes”

Leave a comment

If you have been on Facebook at all, you have been faced with the option to “like” a product, service, or business.  You might select to “like” it to make a statement of support.  More likely you selected “like” in order to get messages from the organization on your Facebook feed, or to register fora contest or coupons or the like.  If you are like most of us, you do not think much more about the action.

Facebook, and corporations that would like to advertise on Facebook, however, think a great deal about that click.  We all know that the organization will send us information on our feed about the product or service, thereby opening ourselves to advertising.   Facebook and the organizations that advertise want to achieve much more with this information.    This additional use is the source of a lawsuit in California claiming that Facebook and certain advertisers use the information without paying them or giving them a way to opt out.  According to an article in the New York Times,

The case focuses on an advertising tactic known as sponsored stories, in which Facebook users endorse brands, in some cases without their knowledge. For example, if users “like” Wal-Mart, the retailer uses their names and pictures in advertisements to their friends on the social network. Wal-Mart pays Facebook for the service.

In other words, they use your image and the fact that you “liked” the organization to advertise to your Facebook friends and even to others who may not know you over Facebook.  Think how much stronger advertising can be if they say “John Smith, Mary Jones and Ken Anderston all like this product.”  It is an endorsement.  Perhaps your “liking” had nothing to do with an endorsement … maybe it was just a way of getting information about a product — or even a competitor’s product.   It could be misleading to say you are advocating the organization, and might be down right wrong to say you are.  Hence, the California law.

Senate Bill 2105: Cybersecurity Act of 2012

Leave a comment

On Valentine’s Day, four Senators introduced Senate Bill 2105, which is also known as the Cybersecurity Act of 2012.  If you would like to read the bill as it was introduced, it is available in full as presented.   If passed, this law would authorize the Federal government to regulate the security of privately owned critical infrastructure, much of which is controlled by Internet-connected systems and susceptible to being hacked.  This includes electrical power grids, telecommunications networks, air traffic control systems, dams, and nuclear power plants.  Said differently, this would allow the Federal government to have security standards, to assess a company’s compliance, and to levy fines if the security is not sufficiently high.

Last week, the Wall Street Journal reported that a group of Senators have weakened the bipartisan legislation.   They responded to business lobbyists who claimed that such regulations would “regulations would create a costly and cumbersome process.”  Rather than requiring the companies to meet these regulations, they should be encouraged to do so.  According to Senator John McCain, “Instead, we must leverage the ingenuity and innovation of the private sector in partnership with the most effective elements of the federal government to address this emerging threat.”

I am perplexed as to why Senator McCain, who has a strong record on National Security, would take this stand …. unless he does not really understand the real and present threat of such an attack.  Consider the number of companies in the last few months that have reported a security breach.  Sometimes the breach provides thieves with passwords, which can be problematic enough, but sometimes instead it is social security numbers, bank accounts and more personal information.  The people whose identities are stolen have a never ending hassle to fix the problem.  Many companies do not take security as seriously as they should.  Even when security is a priority, the companies have a significant task keeping a step ahead of the hackers.

Now, take that up to a regional or national level.  Suppose the U.S. had no access to electricity or telecommunications equipment.  Suppose this is not for a couple of hours as you might get in a thunderstorm, but rather for an extended period of time.   What would that do to the company’s productivity?  What if it happened during peak holiday shopping and no one could buy gifts or food?  What if it happened on election day and half the people were not able to vote?  What if …. there are many horrible examples.

We have already proven this can happen.  Well, it is unclear whether “we” proved it or someone else proved it by the introduction of the Stuxnet virus into Iran’s nuclear reactor.  Not only did it stop operations, but it did it in a way to damage the plant and roll back their development.  Other similar viruses, aimed at the “Internet of Things” (such as a power plant) have also been identified.

People release viruses all the time — sometimes without even knowing the impact of what they have done.   Why do we believe it won’t happen here?  Personally I think it is because people just do not understand technology and what security breaches can do.   They understand bombs or people shooting guns and know how to respond.  But electrons?  It is easy to listen to those claiming to be experts and follow their advice.

I hope we get the legislation.  I hope that it is flexible enough to be able to adapt to the rapid changes in technology.  I hope we can find a way to protect ourselves before it is too late.  If you agree, please share your concern with your Senators and Representatives.

 

A postnote:  Even weakened, the bill failed.  Too many people thought telling infrastructure companies that they need to be secure was a problem.  Sigh.

Be Careful When Posting your Location on Facebook

Leave a comment

We have all seen the posts of people who need to share their current location.  They talk about the trip to Europe they will enjoy for the next two weeks,  the concert they are attending, or the restaurant where they will eat tonight.  They are sharing information with their friends.  Of course, we have talked before about controlling your security levels so you really only share with friends.  But, I suspect most people do not think of it a great deal.  So, I want to share a story.

There is a young woman in Chicago who works for Groupon, teaches rowing at one of the city’s finest Catholic high schools, and coaches a rowing team.  A few years ago she started an organization called Recovery on Water (ROW) for survivors of breast cancer.  Her mission is to provide them an opportunity to exercise because research suggests that regular exercise drops the likelihood of another tumor by half.  It seems like a good cause with a regular membership that exercises together and supports one another in their challenge.

This summer the founder decided she would row the perimeter of Lake Michigan to raise money for her cause in an effort she called Row4ROW.   As I understand it, she planned to row the entire perimeter alone and sleep on her boat.  Along the way she shared information about her cause and, of course, blogged about her experience, including her location.  All went well until last week when she was sexually assaulted while she slept on her boat (you can read the Sun Times story).   On July 12, her blog (written by a friend) read:

Jenn was set to row to Beaver Island on Sunday morning but was attacked and sexually assaulted by a man in the early morning hours. The attack occurred in an area south of Gulliver along Lake Michigan in Mueller Township, Schoolcraft County, Mich. Investigators have reason to believe the assailant traveled a significant distance to commit the assault.

The bold print on the last sentence is mine.  It appears from reading her blog that they have not yet caught the assailant.    However, it is interesting to note that they believe that he knew where to find this young woman simply by following her blog.  It is anyone’s guess how he knew to find her blog — it might have been random, or he knew of the effort, or someone posted it on Facebook (frankly, that is how I learned about Row4ROW).  But the point is that the young woman, traveling alone, sleeping on the water simply broadcast her location to the world.  And, she has paid for that mistake.

Many people suffer home burglaries or other crimes because someone knows they are not home because of broadcasts on social networking sites.  Even if all you do is to post a photo from your phone, a technologically sophisticated person can check the photo for information about your location (and, depending on your phone, might know exactly where you were and when you were there).

The young woman is now taking better precautions.  For a couple of days she rode a bike (with others)  until she could find safe locations for sleeping.  She is now back on the water finishing her adventure and raising more money and more awareness of her cause.  And, raising more awareness of the problems of social networking sites.

I do not know this woman, and I do not know anyone participating in the program.  However, I was moved enough by her determination to continue that I did contribute.  If you are so motivated, you can make a donation online.

 

Malware — DNS Change

1 Comment

You may have heard the reports that something called DNSChanger is expected to hit on July 9, but not known what it was or what to do.

First, what is a “DNS” and why do you care if it gets changed?  First, DNS stands for Domain Name System and it is the directory system that allows computers to locate one another.  Your computer has no understanding of a web address such as  http://internetuseforseniors.wordpress.com.  So, after you type that into your web browser, the computer goes to the DNS and asks for the URL to be translated into something it understands.  That something is called an IP address.  Like your home address, an IP address is made up on multiple parts.  Your home address has a street number, a street, a city, state, country (perhaps) and some code, such as a zipcode.  Similarly, the IP address has a series of components that identify a specific computer uniquely.  These addresses are of the form 134.124.25.18, where the first number indicates your domain and the last number identifies a specific computer in the domain;  the intermediary numbers are further demarcations of the location.

Without a DNS server, we would all need to type in the specific IP address.  Clearly that is not practical. So, if the malware has infected your computer, then on Monday you will no longer be able to type in a URL and have your computer understand how to direct the browser.

How did that malware get put on people’s machines?  Like most malware, it infected people’s machines when they clicked on some advertising link that downloaded software to computers without the user knowing about it.  Since the software was not causing any problems, people do not know that it is on their machine — until July 9.  (Of course, with regular malware checks, this would probably have been detected.)

To avoid a problem, check your system now.  Some services, such as Comcast, has notified the users whose machines seem to be infected.  Similarly, Google and Facebook may be posting a warning if they detect your computer is infected.  To check, go to http://www.dcwg.org and follow the directions for checking and repairing your machine if necessary.  Do it today so you don’t have a problem on Monday!

Facebook and Email

2 Comments

Last week Facebook decided to replace everyone’s default email address with a Facebook email address for everyone.  For example, they changed my email address to vicki.sauter@facebook.com.  I never saw an explanation for why they made this change, but I heard a lot of the discussion of the problems that it caused.

First, this change impacted how people could search for friends.    We all know you can search by putting a name in the box at the top of the screen labeled “search for people, places, and things.”  However you can also put in an email address there.  Suppose, for example, you were looking for John Smith.  There are a large number of John Smiths from which to choose and maybe your friend doesn’t have a photo, or is using a photo of his children, dog, or an interesting plane as a profile photo.  It may be impossible to know which John Smith is actually your friend.  However, if you search for his email address, let’s say jlsmith1234@yahoo.com, you will find him directly.  Once Facebook changed everyone’s email addresses, they hid real email addresses, so that this kind of search was no longer possible, thereby making searching difficult.

Second, there is no facebook.com email agent.  Yes, you can check messages by clicking on the globe icon on the left top of your facebook screen.  Not all messages sent via email seem to have been put there, however.  You also need to look in your “other messages” file;  I’ll bet you didn’t know there was an “other messages” file!  To get to these messages, click on the word “messages” on the left hand menu when looking at your newsfeed.  This click should show a another file called “other messages.”  I have not yet discovered how Facebook decides to deliver messages between your message folder and your other message folder.  However, you should check both.

Third, many people have smart phones and other smart devices that try to keep all of your contacts from different programs consistent.  If you have one of these, you should check your contacts and their email addresses.  Some devices replaced known email addresses with the facebook.com email address for all contacts.  This meant that you lost the real email address, which might cause problems for you if you need to actually email them.

Other devices decided that the contacts with these new email addresses at facebook.com were new contacts and therefore created a new profile for them in the contact/phone book list.  If you have a lot of connections between the your Facebook and phone book list, this can cause a lot of confusion.

What can you do?  Go to your “home” page (not your newsfeed) and click on “info.”  Scroll down to “contact” information and see if the accounts you want to be active are active. If you still have an email address at facebook.com, you can change it here.  (If you instead have the Timeline, click on “about” and edit your contact information.)

 

What are Flame and Stux-net and why should I care?

1 Comment

There has been much discussion in the popular press of late about something called Flame and something called Stux-net, especially with regard to national security. However, many people do not understand what they are and why they are so troubling. Basically both of these are “computer worms” which, like viruses, attempt to perform malicious acts to your computer. The difference between a “worm” and a “virus” really has to do with how they are propagated. Computer viruses are a type of malware that generally deletes or changes files. They must be permitted to execute code and write to memory, and so generally attach themselves to some program; when the user runs the program, he or she also runs the virus (unintentionally). A worm, on the other hand, can self-replicate and move through a network (like the Internet). Generally worms are designed not only to spread, but also to make specific changes to the computer, including taking control of all or part of the computer. The key to understand is that the worm can cause damage to the system.

First, let’s talk about Stux-net. You may have heard about this one in 2010 when it was reported that there had been a cyberattack on Iranian uranium-enrichment centrifuges. This worm had been introduced into the Iranian nuclear processing facility (people in the know think it was introduced on a thumb drive), and it took control of the control system. A control system manages and regulates the machinery under its control, so that humans (often quite far away) can read sensors and information about they system and make adjustments. In this case, facility being monitored was Iran’s nuclear processing facility. The control system sent messages to uranium-enriching centrifuges to spin at speeds well beyond their tolerances. Obviously then the centrifuges were damaged.

You might ask how the worm could have caused that problem. Well, the programmers of the worm found vulnerabilities in the computer programs that run the control system. It is the same process of programmers exploiting bad programming the operating system so our computers can get viruses.

The worm caused so much damage to the facility that it has set back the nuclear program in Iran. At the time, there was discussion at the time that it might have originated in the United States and Israel, but there was no evidence to back up that claim.

It is beyond the scope of this blog to discuss who was behind it and their motives. However, it is important to note that malware can get into a physical facility, such as power plants, water treatment facilities and other public utilities. These are things we have taken for granted as protected and safe. However, The Washington Post, reported that:

A recent examination of major control systems by six hacker-researchers working with the security firm Digital Bond found that six of seven devices in the study were riddled with hardware and software flaws. Some included back doors that enabled the hackers to download passwords or sidestep security completely.

In fact, according to The Washington Post,

Uncounted numbers of industrial control computers, the systems that automate such things as water plants and power grids, were linked in, and in some cases they were wide open to exploitation by even moderately talented hackers.

Further, they note,

A researcher at Cambridge University, Eireann Leverett, used Shodan to identify more than 10,000 control computers linked to the Internet, many of them with known vulnerabilities. Leverett concluded that many operators had no idea how exposed they were — or even realized that their machines were online.

Last week the press identified a new worm deployed in Iran called Flame. This seems to be primarily surveillance malware that allows someone to turn on microphones, look at data, track what people are doing on a computer, and perhaps even listen to nearby cell phone conversations. This worm was deployed to the Iranian oil industry and was attaching itself to control systems for the rigs and other equipment. It was detected and the Iranian government has unplugged those facilities from accessing the Internet. It has also created its own task force to combat these attacks and claims it intends to build its own Internet. This same worm has been found in the Palestinian territories, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

While the worms seem different, experts are not sure. They both move in the same fashion. In addition, computer experts say that the style of programming is similar between the two. Yes, it is true that there are styles of programming just as there are styles of writing. An expert can tell the reasons Emily Dickenson works are not confused with those of James Joyce. A computer expert can tell similarities in programming by how things are named, how they flow, and how different parts of the programs are hooked together. Worse yet, these experts claim to have found code that was apparently taken directly from Stux-net and put in Flame. All of those suggest similar authors.

What is the take-away for us? All of this mischief has put a spotlight on the fact that we, as a society, depend on computers for much beyond the business and pleasure applications we generally discuss. Everything from the car you drive to the utilities use computers to control them. And, where there are computers, there are people contemplating ways of breaking them. Most of these controllers were not visible to the average user, so they did not get attention from hackers. However, that also meant that their manufacturers often got lazy in building in the security to protect them. Now that they have the attention of the hackers, companies are scrambling to protect their controllers. Otherwise, we may be in for some rough times ahead at malicious or inadvertent attacks on our infrastrucutre.

Older Entries

Follow

Get every new post delivered to your Inbox.

Join 185 other followers