The Tech Savvy Generation Myth Hurts All Of Us

Time to beat that dead horse again. Out of habit mainly, since statistically, it’s a total waste of time for me (and others, of course) to continue to advance the position that “education” should offer significant benefits in the fight against cybercrime. Users, it seems, remain unconvinced.

Unfortunately, there’s a huge imbalance in the fight against cybercrime. On the one side we have highly motivated, and technically astute, albeit despicable human beings – intent on causing harm. On the other side – you, me, and the rest – many of whom can be classed as stupidly arrogant in assessing their own technical capabilities. Tough talk? Not nearly tough enough from where I sit.

The Ponemon Institute and PC Tools, in a recent study/survey, marked this real gap between perceptions users have in their own abilities to stay safe on the Net, versus the reality. In a few words (my words, not theirs), too many computer users are dead stupid in assessing their own capabilities.

Hardly news though, is it? We’ve discussed this issue here, over and over. Which is why, I had a bit of a chuckle when I read Richard Clooke’s  (Richard is a highly competent online security expert at PC Tools, whom I’ve corresponded with occasionally) comment imbedded in the report –

“The longer term concern is that while many of us think that we are too savvy for online scams, the research demonstrates otherwise,” said Richard Clooke, online security expert at PC Tools. “Unless consumer behavior is addressed through education, the incidence of cyber criminals seeking to cash in on consumer trust and naivety online is likely to increase exponentially.”

Sadly, I’ll take issue with Richard’s last statement – good luck with the education thing. I have yet to see any improvement in “Internet Street Smarts” where education played a role – nor do I expect to. Why would there be, when the harmful myth of the “Tech Savvy Generation” continues to be taken at face value by so many.

Some time back, I wrote an article on this issue which has proven to be very popular with educational institutions, when used as a resource. If you missed this article, you’ll find it below:

Part Of The Tech Savvy Generation? How Tech Savvy Are You Really?

You’re part of a computer literate and technically competent generation – you know, the “tech savvy generation” we hear so much about.

So, when it comes to wandering through the risky Internet neighborhood that’s arguably full of predators, you tend not to worry.

You’re convinced, that since you’re a member of this tech savvy generation, when you surf the Internet, you can handle the dangers and pitfalls that wait for the typical unsuspecting user, (the user who’s not part of your tech savvy generation).

This unsophisticated non-tech savvy group are much more likely than you, to be pounced on by the multitude of scam artists, schemers and cyber crooks lurking in the shadows, just waiting for victims. Right?

It’s entirely possible of course, that you are computer literate, and technically competent. On the other hand, simply because you are a member of that generation who have grown up with computers, does not make you tech savvy. I hate to burst your bubble, but the concept of a “tech savvy generation” is a myth.

I understand why you may have bought into this myth. People love myths. It seems that we will buy into any myth provided it agrees with, or reinforces, our already held misconceptions.

Myths of course, get their status precisely because they do reinforce our beliefs, properly held or not. This myth (masterfully propagated by the media), continues to pose serious security risks for those who believe it.

Since I’m involved in Internet and system security, I have many opportunities to deal with the “tech savvy generation”, and overall, I find them no more competent than average/typical computer users.

Unfortunately, I find that not only does the tech savvy generation not know “what they don’t know”, they don’t want to hear about it because developing knowledge is hard, and it requires time and effort. Better to just hang on to the myth.

I’ll admit, that anecdotal evidence, while interesting, does not always tell the tale. On the other hand, gather enough anecdotal evidence and one may have enough data to propose a theory, that can withstand probing and prodding.

As a tech/geek/writer, I am in touch with loads of other techs/geeks/writers from around the world, on a fairly consistent basis. One undisputed reality that we all agree on is, the lack of knowledge exhibited by typical computer users, and that members of the tech savvy generation, are no more than typical computer users.

So, if you’re a member of the so called tech savvy generation, you need to consider these realities:

Cyber criminals count on your believing the myth. It makes their job just that much easier.

There’s a major lack of knowledge and skill relating to computers/connected devices, and security, in the tech savvy generation. You really are, just an average computer user.

Common sense tips:

Stop believing the myth.

Start being proactive when it comes to your computer and connected device’s security; part of that is making sure you have adequate software based protection to reduce the chances you will fall victim to cyber crime.

Recommended reading: Principles of Security: Keeping it Simple – by guest writer Mark Schneider, and – An Anti-malware Test – Common Sense Wins.

Gmail and Firefox 3.6.12 Are NOT Necessarily Compatible

Since updating to Firefox 3.6.12, just a few days ago, I had been struggling with all my Gmail accounts while running Firefox 3.6.12.

I could not compose new emails, reply to any of my received emails; could not make any adjustments in settings, and a host of other problems. Virtually any command was followed by the “Loading” notice, which simply sat there.

To continue to use Gmail I was forced to switch to basic HTML, which allowed me some functionality. If you have made a comment in the last few days which I have not replied to, or you have sent me private mail and you are still waiting for a reply, please bear with me.

The Gmail help forums are full of users looking for a solution to this aggravating problem, and to this point Google, operating with it’s usual “F*ck You” attitude, is essentially ignoring the issue. Google’s best advice is as follows – Please try clearing your cache and cookies (instruction below) or using a different browser.

If you are dealing with this compatibility issue, then don’t bother with this pointless advice. Instead, proceed as follows and the problem should be resolved. This procedure worked for me – after a huge amount of trial and error, and wasted time.

In Firefox type “about:config” (do not use quotes and there is a semicolon after about).

Ignore the “This might void the warranty” message.

In the filter bar, type “dom.storage” (do not use quotes – there is a period after dom).

In the “dom.storage.enabled”, you will see “value” – “false”.

Double click on “dom.storage.enabled” – the value will now read “true”.

Restart Firefox.

Finally, here’s a message for Google – Stop thinking like a Government, and pay some attention to the people who are responsible for your success – THE CUSTOMER!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Software License Giveaways – Go Big Or Go Home

If you get the impression that this article is a bit of a rant – you’d be right.

As a popular Blogger, I receive giveaway offers from software developers virtually everyday. You know the type – “Contest: We have 5/10 licenses to giveaway to your readers”, or something similar. I avoid them like the plague – and here’s why.

It’s a sweet deal for the software developer.

The Blogger writes a review on a piece of software he may not otherwise have even considered, which amounts to free publicity for the developer.

Depending on the Blog’s readership base, this can amount to significant free exposure.

The Blogger does all the back end work – testing the application (although I’m aware of some Bloggers who don’t), writing a review, replying to the contest entries; setting up the drawing to pull the winning entries; notifying the winners, etc.

All of this for what – so that 5 readers out of perhaps as many as 4/5000 daily readers, get a free one year license for a piece of software? All of this for a marginal increase in Blog traffic, which at best, is transient.

Contrast that type of low end giveaway with a “professional” giveaway, such as the following.

Zemana, the developers of the highly regarded security application AntiLogger, on two occasions in the past year, set up a special giveaway download page for Tech Thought readers, which resulted in 2,000+ licenses  being given away. No fuss, no muss, no waiting, no trusting to luck, professionally handled, and a win-win for all involved.

Ashampoo, a German software developer with over twelve million customers, periodically offers free multipacks of their programs for download with the only requirement being registration. At the moment Ashampoo is offering five of their best selling applications, at no cost.

Since I posted an article on this offer late yesterday, 300+ readers here, have taken advantage of this generous offer. Definitely beats a low end 5/10 license contest hands down. There’s no entry to fill out, and then having to trust that lady luck will reward you. Best of all – there’s no waiting.

You might wonder why I’d bother writing a piece like this. There’s a simple answer really.

It allows me to answer the many reader inquires I’ve received, as to why I no longer promote skimpy software giveaways.

It allows me to point out to readers, that mature software developers (like the two above), focus on the big picture in creating opportunities for users to benefit from giveaways – not 5 or 10; but, significant numbers of users.

It allows me to point out to other Bloggers that getting involved in low end giveaways is a mugs game – that the only marginal winner is a software developer, who has yet to grasp the fundamentals of marketing in the Internet age.

And finally, it allows me to point out to fellow Bloggers the truth of that old axiom – “If you work for nothing, you’ll never be out of a job.”

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Malware Attacks – How Much Disclosure Are You Entitled To?

I’m an advocate of full disclosure. I demand transparency (not always successfully), in every area that has the potential to impact my life at any level. Period.

Since cyber crime has the potential to affect me at a fundamental level, I expect that every aspect of all security vulnerabilities will be released by those you have access to this information. I’d be surprised if you felt differently.

As a reputable Blogger, I’m regularly updated by many of the leading security developers on recently discovered or pending security issues, so that my readers can stay current with changing malware conditions.

In fact, the objective of my Tech Thoughts Daily Net News column, is to do just that – notify readers of a seemingly never ending list of new security issues, as quickly as possible.

From time to time though, a security issue needs to be explained more fully. As an example, last week, BitDefender let me know of a so called Kiddie Script – Facebook Hacker, which can be used by amateur cyber crooks to construct malware designed to steal login credentials.

Based on the available information, I wrote an article “BitDefender Says Facebook Hacker: A Do-It-Yourself Kiddie Script Is On The Loose!” Not the first time, I might add, that I’ve reported on the availability of Kiddie Scripts, and the impact such freely available hacking tools can have on unwary Internet users.

I was not alone in reporting on this issue. Other tech sites that reported on Facebook Hacker included; hackinthebox, softpedia, itbusinessedge and techworld. As well, scores of prominent tech news aggregators, linked back to BitDefender’s original Blog post on this issue.

Imagine my surprise then, when I received a series of emails from a security developer executive, who argued that BitDefender, and by extension, me, had broken some sort of hidden rule – that it’s better to keep computer users in the dark with respect to certain security threats.

I must admit, I was taken aback by the implication that by reporting on Facebook Hacker, I was now part of the malware problem, and not part of the solution.

I’m on the far side of 50, and I’ve been at this game a very long time, so an insinuation that suddenly I’m part of the malware problem, definitely provoked a slow burn. Nevertheless, I was prepared to let this go. But, a security developer who can’t allow an alternative opinion, suggests a deeper issue exists.

Keeping computer users in the dark, at least in this security developer’s opinion, is less harmful than letting computer users know what they’re really facing in their increasingly difficult battle to stay safe against cyber criminals.

The gist of his argument was this – BitDefender, and again by extension, me, by reporting on Facebook Hacker, had told “every dickhead in the world where to find it.” So, I should have kept you in the dark.

Conveniently, the fact that  a Google search on “Facebook Hacker”, returns 24,900,000 results was not mentioned.

Curiously, in one email the following observation was made –

Until a couple of days ago Facebook Hacker was a low key (almost unknown, in fact) problem because very few people knew it existed….

Thanks to recent publicity there are now 34 anti-malware programs detecting the original … up from 20 a couple of days ago … up from a mere handful a couple of months ago.

So, you’d think that would be the end of the argument – that reporting on this issue was the right thing to do, since more antimalware applications are now  detecting malware produced by this kit – but no.

There was a further point that had to be made. One which negated the value of shining the light on this security threat.

If the grubs stay true to form there will almost certainly be more “upgrades” in the pipeline, and unlike the original which had limited distribution, a relatively minor payload, and little chance of success because most people aren’t silly enough to run an unsolicited email attachment, some of those “upgrades” might hit the mainstream as undetectable autorunners carrying vicious payloads.

Irresponsible “disclosures” telling perps where to download live malware ALWAYS do more harm than good!

Two questions need to be answered here:

First: What’s the point in paying for antimalware software unless there’s an implied agreement that the security vendor will do all that is necessary to seek out, and identify harmful threats, and develop an appropriate defense against these threats?

In this particular instance, that doesn’t seem to have been the case. Why did it take “recent publicity” before additional antimalware programs began detecting this malware?

Second: Why would cyber criminals need me, or anyone else for that matter, to point them to malware creation tools? The fact is, the Internet is awash in hacker sites. Pointing out that fact, was part of the purpose in writing the article.

I’ll restate my view, as I expressed it, in replying to these emails –

Being aware of danger is a prerequisite to preparing a defense against the danger. No, I’m definitely on the other side of the fence on this one. I expect full disclosure and access to information, not only in this type of situation, but in all areas where the information is required for me to adequately assess an issue.

I have a problem with anyone who sets themselves up as a arbitrator of what’s in my best interest. I don’t think I’m alone in recognizing that withholding information is rarely, if ever, in the public interest.

Do you see the value in full disclosure? Do you agree that antimalware vendors have an obligation to release information on threats that potentially can impact your Internet safety?

Or, would you rather remain unaware of existing, or impending security threats, and just take your chances with remaining malware free?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free PDF to Word Converter Is A Scam!

When is free, not free?

How about if you have to answer this question: 881 – (221 – (329 – 146) x 559)= ? or this question (274 – 332) – (34 x 504 – 813) = ? or……………. every time (after the fifth time, or so), you want to use the “free” application? But keep reading – all is not as it seems.

Normally, (but not always), when I recommend a piece of software I’ve tested it for a minimum of thirty days – banging it, slamming it, twisting it and turning it; all in an attempt to break it.

Some time ago, I downloaded Free PDF to Word Doc Converter (through Download.com), for testing. Since many developers choose to list their products features in this format, a PDF converter is the type of application that gets a workout around here.

The application I normally use for PDF conversion is, Nuance’s PDF Converter Professional 7. Average users however, are not likely to spent the hundred bucks for this application.

So, by the time I got around to using Free PDF to Word Doc Converter, for the fifth time, or so, the following screen appeared when I pushed the “convert” button.

My first response was annoyance. But, since this was part of testing the application, I went along with it.

After getting the FREE code and entering it in the appropriate box, the following warning appeared.

My first thought was – I made a mistake in the math. But that couldn’t be right since I actually got the code, and not an “incorrect answer” response. As well, while many people do crossword puzzles to keep their mind sharp, I work algebraic solutions every day, for the same purpose. I don’t normally make mistakes in basic math. But….

To be fair to the developer, I repeated this frustration process ten times. It turns out, the developer is an outright liar. This process is a scam – there is no way (despite inserting the correct code), to actually get free registration.

By this time I was pretty annoyed, so I dug into this app, and the developer, a little further. Additional investigation of the developer’s site showed that Norton DNS has now blocked this site, and with good reason. According to Norton – W32.Spybot.Worm, is imbedded in the site.

So, not only is the developer a liar, he’s a cyber criminal hosting a malware site.

Despite this, Download.com continues to host this application. Albeit, on their own servers. I’m very disappointed that CNET would even consider hosting this piece of crap. Shame on you CNET – you’re supposed to be better than this!

If you need a free PDF reader/convertor that actually works, then checkout Nuance PDF Reader (registration required). The PDF conversion function, is a cloud based service.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Part Of The Tech Savvy Generation? How Tech Savvy Are You Really?

You’re part of a computer literate and technically competent generation – you know, the “tech savvy generation” we hear so much about.

So, when it comes to wandering through the risky Internet neighborhood that’s arguably full of predators, you tend not to worry.

You’re convinced, that since you’re a member of this tech savvy generation, when you surf the Internet, you can handle the dangers and pitfalls that wait for the typical unsuspecting user, (the user who’s not part of your tech savvy generation).

This unsophisticated non-tech savvy group are much more likely than you, to be pounced on by the multitude of scam artists, schemers and cyber crooks lurking in the shadows, just waiting for victims. Right?

It’s entirely possible of course, that you are computer literate, and technically competent. On the other hand, simply because you are a member of that generation who have grown up with computers, does not make you tech savvy. I hate to burst your bubble, but the concept of a “tech savvy generation” is a myth.

I understand why you may have bought into this myth. People love myths. It seems that we will buy into any myth provided it agrees with, or reinforces, our already held misconceptions.

Myths of course, get their status precisely because they do reinforce our beliefs, properly held or not. This myth (masterfully propagated by the media), continues to pose serious security risks for those who believe it.

Since I’m involved in Internet and system security, I have many opportunities to deal with the “tech savvy generation”, and overall, I find them no more competent than average/typical computer users.

Unfortunately, I find that not only does the tech savvy generation not know “what they don’t know”, they don’t want to hear about it because developing knowledge is hard, and it requires time and effort. Better to just hang on to the myth.

I’ll admit, that anecdotal evidence, while interesting, does not always tell the tale. On the other hand, gather enough anecdotal evidence and one may have enough data to propose a theory, that can withstand probing and prodding.

As a tech/geek/writer, I am in touch with loads of other techs/geeks/writers from around the world, on a fairly consistent basis. One undisputed reality that we all agree on is, the lack of knowledge exhibited by typical computer users, and that members of the tech savvy generation, are no more than typical computer users.

So, if you’re a member of the so called tech savvy generation, you need to consider these realities:

Cyber criminals count on your believing the myth. It makes their job just that much easier.

There’s a major lack of knowledge and skill relating to computers/connected devices, and security, in the tech savvy generation. You really are, just an average computer user.

Common sense tips:

Stop believing the myth.

Start being proactive when it comes to your computer and connected device’s security; part of that is making sure you have adequate software based protection to reduce the chances you will fall victim to cyber crime.

Recommended reading: Principles of Security: Keeping it Simple – by guest writer Mark Schneider, and – An Anti-malware Test – Common Sense Wins.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Sex (ting) – Who’s Really Doing It? It’s NOT Just Teens!

Apparently, if we’re not thinking about sex, we’re talking about sex. If we’re not talking about sex, we’re engaged in sex. If we’re not engaged in sex, we’re thinking and talking and planning, on becoming engaged in sex. Whew – no wonder I’m so tired!

According to sexologists, anthropologists, psychologists and sociologists, (and other …ists, I’m sure), a common denominator amongst humans is the degree to which they think of sex.

Given that we all seem to have this supposed preoccupation with sex – is it any wonder then, that the Internet, and its associated connected devices, have become a common outlet for erotic fantasies.

The meshing of sex and tech, has generated a Pandora’s box of problems, and associated issues, that need to be resolved socially, legally, and morally.

One of these problematic issues, is the issue of sex, tech, and teens; more precisely – teenaged sexting.

It’s an issue that has been a focus of attention in the news recently (today in fact, on CNN) – at least here in North America.

And, in typical fashion in matters dealing with sexual issues, law enforcement officials, in many areas, have  abandoned common sense and regularly charge teenagers who exchange consensual nude photographs of themselves, with the production, dissemination, and possession of child pornography

So, is this just one more example of “officialdom’s” hysteria, and overreaction on sexually related issues? Or,  is sexting, particularly teen sexting, a real problem that requires the harsh application of punitive measures to eradicate?

The National Campaign to Prevent Teen and Unplanned Pregnancy,  weighed in on this issue in a recent survey; a survey which seems to indicate that teen sexting is a problem. You should be aware that additional independent statistics suggest; 28 per cent of parents are sexting fans.

Survey statistics:

15 Percent of teenagers who have sent or posted nude or seminude images of themselves say they have done so to someone they only knew online.

48 Percent of teenagers say they have received such messages.

71 Percent of teen girls and 67% of teen boys who have sent or posted sexually suggestive content say they have sent or posted this content to a boyfriend or girlfriend.

21 Percent of teenage girls and 39% of teen boys say they have sent such content to someone they wanted to date or hook up with.

44 Percent of both teen girls and teen boys say it is common for sexually suggestive text messages to get shared with people other than the intended recipient.

36 Percent of teen girls and 39 % of teen boys say it is common for nude or semi-nude photos to get shared with people other than the intended recipient.

51 Percent of teen girls say pressure from a guy is a reason girls send sexy messages or images; only 18 % of teen boys cited pressure from female counterparts as a reason.

66 Percent of teen girls and 60% of teen boys say they did so to be “fun or flirtatious”; their most common reason for sending sexy content.

52 Percent of teenage girls used sexting as a “sexy present” for their boyfriend.

44 Percent of both teen girls and teen boys say they sent sexually suggestive messages or images in response to such content they received.

40 Percent of teenage girls said they sent sexually suggestive messages or images as “a joke.”

34 Percent of teen girls say they sent or posted sexually suggestive content to “feel sexy.”

12 Percent of teen girls felt “pressured” to send sexually suggestive messages or images.

Apart from the legal issues, which can have grave lifetimes consequences, teenagers engaging in what they may consider harmless fun, run the risk of having to deal with the outcome of present day “harmless fun” in the future, which could impact their lives in ways not yet considered.

Think Before You Post, an online resource from The National Center for Missing and Exploited Children, designed specifically for teenagers, should really be a required component of everyone’s online education – not only teenagers.

The following tips are included on this online resource for teenagers to think about.

Use webcams or post photos online only with your parents’ and guardians’ knowledge and supervision.

Ask yourself if you would be embarrassed if your friends or family saw the pictures or video you post online. If the answer is yes, then you need to stop.

Be aware of what is in the camera’s field of vision and remember to turn the camera off when it is not in use. Checkout our recent article on web cam safety – “Big Brother” isn’t the only one watching you. “Uncle Nasty” is out there prowling the Internet too!”

Be careful about posting identity-revealing or sexually provocative photos. Don’t post photos of others — even your friends — without permission from your friends’ parents or guardians. Remember – once such images are posted you give up control of them and you can never get them back.

Recommended parental resources:

Text Ed – The LG Text Ed program will tackle pressing issues such as tween and teen sexting, managing children’s phone usage, the importance of self-esteem in a wireless world, recognizing potentially harmful and hurtful mobile phone behavior, and other concerns facing parents and their children.

Cyber Summer Safety Challenge for Kids & Teens – The Cyber Summer Safety Challenge was developed to get parents, teens and kids to start a dialogue about Internet safety, social networking, online threats and what they can do to protect themselves and their computers.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

It’s Time We Called Cyber Criminals What They Really Are – Terrorists

While it may be true that cyber crime doesn’t fit neatly into the restrictive classical definition of terrorism, (motivation is a definitive factor), nevertheless, cyber crime’s effect on Internet users’ is  arguably similar  – intimidation, coercion (think Rogue software), and instilling fear.

Motivation be damned! Simply because a hacker’s motivation is money, rather than political gain, hardly changes the effect of the crime. Cyber criminals, by my definition, are terrorists.

Consider the following two points:

If a group, or an individual, dug holes in a highway in your community making it unsafe to use, (put the motivation aside for a moment), how would you refer to that person, or group, based on the impact on you? The reality is – cyber criminals, blow holes in the Internet highway on a daily basis.

If you couldn’t get to work today, because a criminal gang held the subway system to ransom – with a bomb threat, how would you, or more particularly, law enforcement officials, refer to that group? The reality is – cyber criminals hold individuals, and web sites, to ransom every day.

As Shakespeare said, in Romeo and Juliet , “That which we call a rose, by any other name would smell as sweet.”  The point being – it doesn’t matter what you call a thing; what matters is – what the thing is. Cyber crime though, is a misnomer – terrorism is not.

This morning, when I was editing my Tech Net News column, I included the following high profile cyber crime occurrences which were reported over this past weekend. I could easily have added a dozen more, all from the last few days, but I think the point was made.

Newest Social Net Scam: Stranded Friend – Analysis: Beware a common hoax involving a hijacked email account and a plea for quick cash from a familiar name.

Trojan attacks now almost solely from legitimate websites – According to reports, surfers are now almost always attacked from the hacked web sites of legitimate providers. Previously the general assumption was that malware was only found on sex sites and other shady web sites, but these days all you need to do is visit the site of your favorite newspaper to come under attack.

Reports of Possible YouTube Hack Light up Social Media Sites – Reports have surfaced on social media sites that YouTube may have gotten hacked and that Apple’s iTunes App Store may also be compromised.

App Store Hacked – Two iPhone App developers have spotted what appears to be a hacking of the App store rankings by a rogue developer. What’s more concerning is that it seems individuals iTunes accounts have been hacked to make mass purchases of that one developer’s apps.

Existing penalties for cyber crimes, including those mentioned above, are far less than adequate. So, calling cyber criminals what they are – terrorists; would open up a whole new spectrum of possibilities – including the application of criminal penalties, and sanctions, more in line with the true nature of the offense – terrorism.

I’ve always been curious as to why it is, governments and law enforcement agencies, protect us across a broad spectrum – from noisy neighbors, all the way to ensuring our safety while travelling on airplanes. And yet, these same governments and law enforcement agencies, leave it us, at an individual level, to deal with cyber crime.

This hands off policy has led to staggering costs to world economies – (a Trillion dollars or more, annually), and the impact on individuals, is immeasurable.

I suspect, that if cyber crime was referred to in a more appropriate manner – terrorism; we might find ourselves less alone in our daily struggle to stay safe on the Internet.

What do you think:

Are you tired and frustrated with having to deal with cyber crime on your own?

Should the nature of cyber crime be reflected in a more appropriate way, by calling it what it is – terrorism?

Should the penalties for cyber crime be set at a level commensurate with the true nature of the offense?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Canada’s Super Spies “Discover” Cybercrime is a Threat

Canada’s Security Intelligence Service, CSIS, (Canada’s spies), according to a just released, heavily censored “TOP SECRET” memo, (no, I’m not making this up), has ferreted out a startling fact on cybercrime – it’s growing!

I can appreciate why this startling discovery needed to be designated “top secret”. Panic in the streets, possible riots, a reverting to pre- Internet days, are all conceivable outcomes should the average Canadian become aware that CYBERCRIME IS GROWING!

Here’s a sampling of the content from this “top secret” memo – “Compromises of computer and combinations networks of the Government of Canada, Canadian universities, private companies and individual customer networks have increased substantially”.

These “top secret” spies didn’t stop with just recognizing this previously unknown threat to Canada’s safety and security. After all, these are highly trained spies who, you have to know, are the cream of the crop.

No, they went on to craft a well thought out, highly creative response to this newly identified cyber security threat, and focused on this advice – “the federal government needs to take urgent action or risk being targeted by hackers who use social media, such as Twitter, to steal secret government or corporate information.

Wow, this is startling news. Hackers using social media, including Twitter. Who knew!

The Canadian Government responded to this newly discovered threat in its usual forthright and non-compromising manner, by assuring Canadians “they are working to develop a framework to deal with cyber-attacks”.

When I read this statement, I was overcome with a huge sense of relief. I felt like standing up and shouting “hurrah”. Yes!

Not only has my government put its best and brightest to work identifying this previously unknown threat, but it’s prepared to take action – at some point. I must admit, I was impressed with this.

What more can a citizen expect than to have a government which is, “working to develop a framework to deal with cyber-attacks”.

Now, if you’re a Canadian, I’m sure you must feel safer knowing that your government, assigned its “James Bond” department which used the latest high tech and secret tools (to secret to disclose here), to hammer down what had previously been just a rumor, that CYBERCRIME IS GROWING!

If you’re elsewhere in the World, and you have even a modicum of knowledge of the current Internet environment, and the enormous threat to your personal safety and security cybercrime represents, and has represented for some considerable time, you can now sit back and LYAO.

How clueless, and  inept, is a government which classifies as “TOP SECRET”, what is common knowledge held by anyone who can click a mouse button. If you’re a Canadian, then at the next election consider throwing these bums out.

Only in Canada, eh!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Google: Fake antivirus is 15 percent of all malware – Is this NEWS?

When I get into one of my “what the hell is going on” moods, I can’t help but consider mainstream media, and what a pathetic job it does when it comes to informing Internet users of critical consumer safety issues.

Part of my distain for so called News organizations, is based on mainstream media’s habit of consistently “coming late to the party”, when dealing with a technology issue that demands an immediate response.

Take Google’s recently released (April 28, 2010), 13 month study of Fake antivirus software, for example. Immediately upon release of this study, this “news” was everywhere on the NEWS.

So, what’s wrong with this “news” story? Well, how about this – This is NOT news! Certainly not “late breaking news”. Simply because this study is not news of course, doesn’t mean that it can’t be MADE news.

Here’s a clue for these News organizations – every day, for years now, typical Internet users’ have been exposed to this type of sophisticated malware and penetration attempts, just by surfing the Web. Oh, by the way, when you’re giving advice to consumers as to how they should deal with these issues – get the underlying technology issues right. That’s a minimum expectation!

The Google report is only marginally informative, contains limited new Internet security information of any value, and is, on the face of it, not news to anyone who has been even marginally aware of security conditions on the Internet during the past two years. Despite this, I found that every News channel that I generally watch, had a story in which the Google study was quoted.

Selected outtakes from the Google study:

A rise in fake antivirus offerings on Web sites around the globe shows that scammers are increasingly turning to social engineering to get malware on computers rather than exploiting holes in software.

Once it is installed on the user system, it’s difficult to uninstall, you can’t run Windows updates anymore or install other antivirus products.

Fake antivirus is easy money for scammers.

On this site, (like many others), we have been reporting on Fake AVs (rogue security software) since the first day essentially – more than 100 articles to date.

Additionally, guest writers on this site have addressed the fake AV issue. Guest writers such as Sergei Shevchenko, Senior Malware Analyst at PC Tools, who, in his guest article, “Be Prepared for 2010’s Malware – PC Tools Malware Trends in 2010”, offered readers a peek into the 2010 malware landscape and made the following observations respecting Fake antivirus applications – long before Google’s report.

Cybercriminals operate in the same way as legitimate organizations – they’re looking for the best return on their investment. It’s therefore inevitable that as we move in to 2010 there will continue to be increased interest in producing malware that brings swift and healthy dividends, with a focus on new and diversified rogue security solutions and in continuing to employ social engineering techniques.

When the initial “accumulation” phase of the rogue security software businesses comes to completion, we might expect cybercriminals to start using their budgets for establishing call centers, support lines, virtual offices, registering off-shore companies, and even launching advertising campaigns.

Users who keep an eye on the range of security software solutions on the market will be aware that many vendors already provide at least one of these services. The difficulty lies with making an informed choice on which offers the best protection – and that’s where the independent anti-malware testing labs come to the fore.

I’ll stop ranting now.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.