Tag Archives: Internet service providers

Tech Thoughts Daily Net News – September 15, 2014

Use Google’s new panel in security settings to keep your account safe;  WhatsApp will soon support voice calling;  Five reasons why you shouldn’t buy a smartwatch yet;  5 Wearables More Interesting Than the Apple Watch;  Places Is A Sharing Platform That Puts Privacy First;  Best 10 smartphones for holiday buying season;  Leaked Clips Show Windows 9 In Action;  Windows 9 leaks: How to get its best new features today;  We’ve got a $35 Firefox OS phone; what do you want to know?  New malware spreads over Twitch chat;  Firefox sneaks out an “inbetweener” update;  Apple Pay gives Apple 0.15% of your purchase;  Games Review Round-Up – September 2014;  Seed Is Creating A Truly Idiot-Proof Internet Of Things;  USB Image Tool (free);  The War on Drug Tests;  Civil liberties are too important to be left to the technologists.

Use Google’s new panel in security settings to keep your account safe – The settings aren’t new, but the wizard-like presentation is a new addition. It walks you through five important security settings for your Google account.

WhatsApp will soon support voice calling – First spotted by the folks at NDTV Gadgets, an iOS permissions alert is the one that revealed the upcoming feature. If you haven’t given WhatsApp access to your microphone the app will notify you by saying “WhatsApp requires microphone access to send Voice Messages, record Videos with sounds, make and receive Voice Calls”. The feature seems to already be coded inside the app but it’s not yet functional.

Facebook Tests Disappearing Posts Feature – The option, which is being offered to a small subset of users, allows them to set posts to delete anytime from 1 hour to 7 days after they are initially published, The Next Web reports. Facebook has released many features to select groups of users in the past before deciding to either roll them out larger or go back to the drawing board. Though Facebook hasn’t publicly revealed what the tool actually looks like, some users have taken to Twitter to share screenshots.

Five reasons why you shouldn’t buy a smartwatch yet – With the long anticipated release of Apple Watch this past week, the company behind it put a lot of coal in the engine of the wearable train. For a solid year, the world hemmed and hawed about smartwatches, waiting to see what Apple would do. Now that they’re officially in the mix, here are a few reasons to sit this early-adopter’s segment out — at least for a year.

5 Wearables More Interesting Than the Apple Watch – There are plenty of reasons Apple Watch will be a winner, both in early 2015 when it’s released and it future generations of the product, when I think it will have more steam. But there’s something slightly disappointing about this device at the same time. It’s not very futuristic. Consider these five wearables that go beyond the wrist.

Tech Thoughts Daily Tech News 2

How to make webmail your default email in Chrome, Firefox, and Opera – When you click an email address your browser is handing off responsibility for a special kind of link, called mailto, to a desktop program. But it doesn’t have to be that way. In most modern Windows browsers you can turn a webmail account into your default email program. The only drawback is that setting a webmail service as your default is not system wide, meaning you have to set your preferred mail service as the default in each separate browser you use.

Best 10 smartphones for holiday buying season – Matthew Miller’s updated list includes the best Android and Windows handsets now available, as well as — surprise! — a new iPhone.

Places Is A Sharing Platform That Puts Privacy First – Places is a privacy-centric startup that’s building a secure Dropbox-style platform for file sharing and messaging — but one that has end-to-end, client-side encryption built in. It’s currently launched in early alpha and is inviting people to sign up for a forthcoming beta at Joinplaces.com. (The alpha is also open to Windows and Mac OS users.) Another twist is it’s also seeking to disrupt the server-client architecture of existing sharing platforms by enabling users to host their own content. With Places, the user’s content can be stored and served from their own Mac, PC or Linux machine.

Leaked Clips Show Windows 9 In Action – Around two weeks out from the purported release date of the technical preview of Windows 9, videos of the upcoming operating system have hit the Internet. German site WinFuture has released a mess of screenshots and videos of the upcoming code over the past few days, to our benefit. A number of clips are up for watching, detailing how Windows 9 will handle multiple desktops, the return of the Start Menu, and more.

wpsF6D1.tmp

Windows 9: Storage Sense is coming too – This feature, which was first made available in Windows Phone 8.1, allows you to easily manage your internal and external (microSD) storage. The feature makes it simple to understand what is filling up your space such as apps, games, videos etc. Simply put, it’s a total storage management solution in one app and it looks like it is coming to Windows 9 too.

Windows 9 leaks: How to get its best new features today – The Windows “Threshold” update rumored for April 2015? Windows 9, which is rumored to be announced in Technical Preview form in early October? No one knows. But you don’t have to wait to get those killer features. With the first universal apps hitting the various Windows Stores this week, here’s how to bring a Start menu, windowed Metro apps, and virtual desktops to Windows 8.1 today.

Verizon Tips a La Carte Internet TV Service in 2015 – Verizon is looking to roll out its Internet TV service by mid-2015, with an offering that will allow viewers to pick and choose the channels they want.

New ‘Cosmos’ browser surfs the net by TXT alone – While the number of mobile phones in the world continues to rise, most of the networks are yet to experience the joys of fast downloads – and in many places, the mobile network is the main contact with the outside world, since fixed networks haven’t been built. Enter the Cosmos Browser project: a bit of code that lets users browse the Web using just text messages. TXT messages can carry 140 characters, at eight bytes a character, which is 1,120 bytes per message. Multiply that by three-TXTs-per-second Cosmos consumes and we get a bitrate of 3.36 Kbps. Or about 50 per cent faster than the 2400 baud modems that kicked off consumer internet use in the West.

We’ve got a $35 Firefox OS phone; what do you want to know? – For $35, you get a spec list from six or seven years ago: a 3.5-inch 480×320 LCD, 1GHz Spreadtrum SC6821 SoC, 128MB of RAM, 46MB of internal storage, a 2MP rear camera, and a 1250mAh battery. There’s no 3G, GPS, front-facing camera, or camera flash, but at least you get Wi-Fi, Bluetooth, and EDGE data. There’s also a MicroSD slot (mandatory for taking pictures), dual SIM slots, and, oh yeah, it runs Firefox OS.

wpsF710.tmp

Skype version for broadcasters released to manufacturers – A special version of Skype designed for professional TV broadcasts reached another milestone with its release to manufacturers and the signing of three hardware partners. Skype TX, announced in April, combines hardware and software, and was created to let Skype video calls be integrated into a professional studio broadcast production.

How to install new fonts on the Android platform – If you’re looking for more customization on your Android device, let Jack Wallen show you how to add new fonts to help personalize or brand your Android smartphone.

Security:

Firefox sneaks out an “inbetweener” update, with security improvements rather than fixes – Usually, if everything goes according to plan, Firefox updates appear every six weeks. But if needs must, Mozilla delivers in-between updates, too, and that’s what has happened here, bumping Firefox from version 32.0 to 32.0.1.

Tasty Spam: Phishing Isn’t Just About Your Money – When we talk about phishing, we tend to focus on financial fraud, such as the fake bank websites and ecommerce portals. The attackers are looking for ways to steal our credit card numbers and online banking credentials. Cloudmark reminds us in this month’s Tasty Spam that phishing can target non-financial accounts, as well. The theft of celebrity photos from iCloud is a perfect example of attackers going after non-essential accounts and the kind of damage that could be inflicted. Cloudmark shared some types of phishing attempts against non-financial accounts which may be landing in your inbox right now.

Turning the tables on “Windows Support” scammers by compromising their PCs – Matt Weeks is one of the developers who contributes code to the open source Metasploit Project, a sprawling and continually updated security framework that functions as a repository for software vulnerabilities and is frequently used as a Swiss Army Knife for penetration testing. Weeks has published a long report on his site detailing how he was able to reverse-engineer the encrypted communications protocol used by Ammyy Admin, one of the most popular remote control apps used by tech support scammers, and then use that knowledge to ferret out a vulnerability in the Ammyy Admin application.

New malware spreads over Twitch chat, targets Steam accounts – If you use gaming video streaming site Twitch, you’ll want to be careful what you click on. A new piece of malware spread through Twitch’s chat feature will attempt to bleed your Steam account dry, according to security software maker F-Secure. The malware spreads through messages posted to Twitch chat that try to entice users into entering a weekly raffle. Click on the link, and a Java program will open up a phony raffle entry form. Once you fill out and submit the form (which, according to F-Secure, doesn’t actually get sent anywhere), the malware goes to work.

Company News:

Apple Pay gives Apple 0.15% of your purchase – Yesterday, we told you about Apple’s plans to monetize Apple Pay. By taking a small cut of the transaction fee a bank charges a merchant, Apple stands to make a large chunk of change. Now we get further details on just what kind of deals Apple may have struck with various institutions, and how much they really might be raking in.

wpsF750.tmp

HP Russia guilty of government bribery using “secret slush fund” – An HP subsidiary, HP Russia, pleaded guilty to bribing Russian companies in order to score a technology contract worth millions, US prosecutors said. The company has agreed to pay a $58.77 million fine in a prosecution brought by San Francisco federal prosecutors asserting the Foreign Corrupt Practices Act (FCPA), which applies to US companies and their subsidiaries abroad.

Google acquires online survey specialist Polar – Google has acquired Polar, a company that specializes in online polls that allows its customers to get “instant opinions on anything.” The deal was announced on Polar’s website and Dave Bresbis, vice president of engineering for Google+, welcomed the addition of Polar’s staff to his team in a Google+ post. Terms of the deal were not disclosed.

Ericsson buys Fabrix Systems for $95M to help put TV on any screen – The acquisition is intended to help service providers deliver what Ericsson calls TV Anywhere, for viewing on multiple devices with high-quality and relevant content for each user. Cable operators, telecommunications carriers and other service providers are seeing rapid growth in video streaming and want to reach consumers on multiple screens. That content increasingly is hosted in cloud data centers and delivered via Internet Protocol networks.

Oracle acquires media storage company Front Porch Digital – Oracle will likely pitch its database, content management tools and analytics packages to Front Porch customers such as A&E Television, BBC, Discovery and Nascar.

Games and Entertainment:

Games Review Round-Up – September 2014 – Each week we post a review round-up and news of the latest games on Xbox One, PlayStation 4 and on the PC. This week we have first impressions of Destiny and a review of Infamous: First Light.

wpsF78F.tmp

New Xbox 360 Holiday Bundles Announced – The first bundle is the “Xbox 360 500 GB Holiday Value Bundle” which will go on sale for $249. The pack will include copies of the ever popular Call of Duty: Ghosts and Call of Duty: Black Ops II, you also get a month of Xbox Live Gold to play online with. Next up is the “Xbox 360 Special Edition Blue Bundle” which includes everything from the above bundle along with an arctic blue console and controller and retails for the same price of $249, but will only be available at Walmart in America. Finally there is the “Xbox 360 4GB Kinect Bundle” which comes with Kinect Adventures, Kinect Sports and Forza Horizon. It also has one month of free Xbox Live access and retails for $249.

wpsF7A0.tmp

GTA V arrives November 18 on PS4 and Xbox One, PC gamers left waiting until January – In a press release Rockstar has confirmed that GTA V will launch for PS4 and Xbox one on November 18. However, if you’ve been waiting to play the game on PC, then stop looking forward to spending your Christmas roaming around Los Santos. Rockstar isn’t releasing the PC version until January 27 next year.

wpsF7DF.tmp

RollerCoaster Tycoon World preview: The ride never ends – I write some weird sentences in this industry. Here’s one: It’s 2014, and Atari is working on a RollerCoaster Tycoon sequel. I got an in-depth (but hands-off) look at the game recently, and here’s what I noticed.

wpsF81E.tmp

Off Topic (Sort of):

Seed Is Creating A Truly Idiot-Proof Internet Of Things – In the vast panoply of potential home networking protocols, there are only a few worth worrying about. Wi-Fi works well but it can go down and ZigBee and the like are sparsely supported. But Bluetooth Smart is local, secure, and easy to use. And that’s what Seed Labs is using to connect our lamps, our blinds, and even our tea kettles. This Polish startup has built a small chip – about as big as a postage stamp and twice as thick as one – that can go into any appliance. Chip-enabled devices will then show up automatically on phones that are compatible with Bluetooth Smart, allowing you to control lights, put the kettle on for tea, or drop the shutters. It’s a B2B play that could revolutionize how we think about home networking and control.

Putting Smartphone Zombies In Their Place – City planners are charged with designing cities for residents, from developing spaces for popular activities to balancing the needs of different constituencies. For planners in Chongqing, China, one of those constituencies are people absorbed in their smartphones, who have come into conflict with another group, often called human beings. So the city has done the obvious thing when two groups clash: you build special sidewalks to separate them from each other.

wpsF84E.tmp

Anita Sarkeesian shares the most radical thing you can do to support women online – Anyone looking to support women suffering from harassment online has a surprisingly simple place to start, says Anita Sarkeesian, founder of the web video series Feminist Frequency. “One of the most radical things you can do is to actually believe women when they talk about their experiences,” Sarkeesian told the audience today at XOXO Festival in Portland. It’s radical in part because of misinformation campaigns organized against high-profile women that accuse them of making up the threats against them — and it’s an issue that Sarkeesian has recent experience dealing with.

Most Americans Don’t Want Internet ‘Fast Lanes,’ Poll Finds – A particularly timely finding, as the public comment period for Federal Communications Commission’s proposed rule on net neutrality draws to a close. Two-thirds of Americans don’t like the idea of big web companies paying Internet service providers (ISPs) to deliver their content more quickly via so-called “fast lanes” on the Internet, according to a recent poll.

Colorado High Schooler Invents Smart Gun That Unlocks With Your Fingerprint – Colorado has a history with gun violence so it’s only appropriate that 17-year-old Kai Kloepfer, a high school student from Boulder, would want to apply biometric user authentication to firearms. Kloepfer just won the $50,000 Smart Tech for Firearms Challenge for his smart gun prototype. The gun works by creating a user ID and locking in the fingerprint of each user allowed to use the gun. The gun will only unlock with the unique fingerprint of those who have already permission to access the gun. The clearly brainy teen tells me he has an interest in information security. According to him, all user data is kept right on the gun and nothing is uploaded anywhere else so it would be pretty hard to hack. This potentially makes it ideal for military use as well.

wpsF88E.tmp

The War on Drug Tests – Marijuana is now legal for recreational use in two states, and for medical use in 23. So why can employers still fire you if you test positive for weed on a drug test?

Something to think about:

“I don’t like the fact that someone I don’t know … can pick up, if they’re a private citizen, one of these drones and fly it over my property.”

–      Supreme Court Justice Sonia Sotomayor

Today’s Free Downloads:

HandBrake 0.10 Beta 4 – Convert from many common multimedia file formats, including unprotected DVD or BluRay sources to a handful of modern output file formats.

Features:

Multi-platform, Multi-threaded Video Transcoder

Video Encoding to several popular formats (H.264, Mpeg-4, Mpeg-2, Theora)

File Formats (MP4 and MKV)

Audio Encoding (and passthru) – AAC, MP3, FLAC, AC3, DTS, DTSHD etc

Subtitle Support (SRT, SSA, VOBSub, Closed Captions)

Filters (DeInterlace, DeTelecine, Deblocking, Cropping, Scaling)

Chapters

Presets for common use-cases

wpsF8BD.tmp

USB Image Tool – USB Image Tool can create images of USB flash drives and MP3 players, that are mounted as USB drives. It allows you switch between images with different music styles on your MP3 Player or to make an exact backup image of your USB Stick.

Features:

create image files of USB flash drives

restore images of USB flash drives

compressed image file format

show USB device information

manage favorite USB images

command line utility

USB Image Tool works with any device, that implements the USB Mass Storage protocol. This includes flash drives, card readers and a lot of other devices, like digicams, cell phones and mobile music players.

USB Image Tool supports the globull secure mobile work environment.

wpsF8ED.tmp

In Pursuit of Freedom – The Pushback Continues:

Civil liberties are too important to be left to the technologists – A revolution is afoot in privacy regulation. In an assortment of white papers and articles, business leaders—including Microsoft—and scholars argue that instead of regulating privacy through limiting the collection of data, we should focus on how the information is used. It’s called “use regulation,” and this seemingly obscure issue has tremendous implications for civil liberties and our society. Ultimately, it can help determine how much power companies and governments have.

You are probably familiar with privacy laws that regulate the collection of data—for example, the military’s famous “don’t ask, don’t tell, don’t pursue.” When you interview for a job, the employer should not ask you about your religion, your plans to have children, or whether you are married. There’s also the national movement to “ban the box” to stop collection of arrest and old conviction data on job applications.

In a use-regulation world, companies may collect any data they wish but would be banned from certain uses of the data. In U.S. law, a good example of use regulation comes from credit reporting. Your credit report can be used only for credit decisions, employment screening, and renting an apartment. Or consider your physician: Her professional norms encourage expansive data collection, but she can use medical records only to advance patient care.

Bans on data collection are powerful tools to prevent institutions from using certain knowledge in their decision-making. But advocates of use regulations have some compelling points: Collection rules are too narrow by themselves. They ignore the real-life problem that we just click away our rights for the newest free service. And, increasingly, technologies gather data with no realistic opportunity to give notice to the individual at all. Some of these technologies can be used to infer knowledge about the very issues collection limitations attempt to protect. For instance, consider the Target Corporation’s ability to infer that a shopper was pregnant when she went from buying scented to unscented lotion. Use regulations shift the pressure away from notice and choice, making a more universal set of rules for data.

(Civil liberties are too important to be left to the technologists? Seriously?

Much to our disillusionment, we’re acutely aware that civil liberties are too important to be left to the bloody political class!)

Snowden: New Zealand’s Prime Minister Isn’t Telling the Truth About Mass Surveillance – Like many nations around the world, New Zealand over the last year has engaged in a serious and intense debate about government surveillance. The nation’s prime minister, John Key of the National Party, has denied that New Zealand’s spy agency GCSB engages in mass surveillance, mostly as a means of convincing the country to enact a new law vesting the agency with greater powers. This week, as a national election approaches, Key repeated those denials in anticipation of a report in The Intercept today exposing the Key government’s actions in implementing a system to record citizens’ metadata.

Let me be clear: any statement that mass surveillance is not performed in New Zealand, or that the internet communications are not comprehensively intercepted and monitored, or that this is not intentionally and actively abetted by the GCSB, is categorically false. If you live in New Zealand, you are being watched.

At the NSA I routinely came across the communications of New Zealanders in my work with a mass surveillance tool we share with GCSB, called “XKEYSCORE.” It allows total, granular access to the database of communications collected in the course of mass surveillance. It is not limited to or even used largely for the purposes of cybersecurity, as has been claimed, but is instead used primarily for reading individuals’ private email, text messages, and internet traffic. I know this because it was my full-time job in Hawaii, where I worked every day in an NSA facility with a top secret clearance.

The prime minister’s claim to the public, that “there is no and there never has been any mass surveillance” is false. The GCSB, whose operations he is responsible for, is directly involved in the untargeted, bulk interception and algorithmic analysis of private communications sent via internet, satellite, radio, and phone networks.

Australia: NSW Police use hacking software to spy on computers and smartphones: WikiLeaks data – NSW Police are using sophisticated hacking software to spy on smartphones and computers during criminal investigations, according to documents published by WikiLeaks on Monday.

FinFisher, also known as FinSpy, is surveillance software sold by German company Gamma International. The software is typically used by intelligence and policing agencies to break into computers and mobiles and can secretly log keystrokes and take screenshots.

It can also remotely capture Skype and instant messenger conversations and take control of computer microphones and web cameras to listen in.

The documents show NSW Police purchased approximately $2.5 million worth of licences for the software, starting in September 2011. They reveal the agency has held nine licences for FinSpy, FinFly, FinIntrusion, FinSpy Mobile and FinFireWire over the past three years.

NSW Police is named as the only Australian agency among many around the world to have spent a collective $72 million on the software. NSW Police did not deny the spyware’s use. (recommended by Mal C.)

The NSA and GCHQ Campaign Against German Satellite Companies – “Fuck!” That is the word that comes to the mind of Christian Steffen, the CEO of German satellite communications company Stellar PCS. He is looking at classified documents laying out the scope of something called Treasure Map, a top secret NSA program. Steffen’s firm provides internet access to remote portions of the globe via satellite, and what he is looking at tells him that the company, and some of its customers, have been penetrated by the U.S. National Security Agency and British spy agency GCHQ.

Stellar’s visibly shaken chief engineer, reviewing the same documents, shares his boss’ reaction. “The intelligence services could use this data to shut down the internet in entire African countries that are provided access via our satellite connections,” he says.

Treasure Map is a vast NSA campaign to map the global internet. The program doesn’t just seek to chart data flows in large traffic channels, such as telecommunications cables. Rather, it seeks to identify and locate every single device that is connected to the internet somewhere in the world—every smartphone, tablet, and computer—”anywhere, all the time,” according to NSA documents. Its internal logo depicts a skull superimposed onto a compass, the eyeholes glowing demonic red.

The breathtaking mission is described in a document from the archive of NSA whistleblower Edward Snowden provided to The Intercept and Der Spiegel. Treasure Map’s goal is to create an “interactive map of the global internet” in “almost real time.” Employees of the so-called “Five Eyes” intelligence alliance—England, Canada, Australia, and New Zealand—can install and use the program on their own computers. It evokes a kind of Google Earth for global data traffic, a bird’s eye view of the planet’s digital arteries.

Senator demands US courts recover 10 years of online public records – The head of the powerful Senate Judiciary Committee is urging the federal bureaucracy to restore a decade’s worth of electronic court documents that were deleted last month from online viewing because of an upgrade to a computer database known as PACER.

Senate Judiciary Committee Chairman Patrick Leahy (D-Vermont) said the removal of the thousands of cases from online review is essentially erasing history.

“Wholesale removal of thousands of cases from PACER, particularly from four of our federal courts of appeals, will severely limit access to information not only for legal practitioners, but also for legal scholars, historians, journalists, and private litigants for whom PACER has become the go-to source for most court filings,” Leahy wrote Friday to US District Judge John D. Bates, the director of the Administrative Office of the Courts (AO).

The letter, obtained by The Washington Post, blasted the Aug. 10 decision commencing “without any warning to the public, and without prior notification or consultation with Congress.” The letter said that “Given the potential impact of the AO’s recent decision, I urge the AO take immediate steps to restore access to these documents.”

Justice Sotomayor says technology could lead to “Orwellian world” – Supreme Court Justice Sonia Sotomayor says that without proper privacy safeguards, the advancement of technology could lead to a world like the one portrayed in “1984” by George Orwell.

Speaking to Oklahoma City University faculty and students, the justice said Thursday that technology has allowed devices to “listen to your conversations from miles away and through your walls.” She added: “We are in that brave new world, and we are capable of being in that Orwellian world, too.”

The President Obama appointee also discussed the lack of privacy standards concerning drones.

There are drones flying over the air randomly that are recording everything that’s happening on what we consider our private property. That type of technology has to stimulate us to think about what is it that we cherish in privacy and how far we want to protect it and from whom. Because people think that it should be protected just against government intrusion, but I don’t like the fact that someone I don’t know…can pick up, if they’re a private citizen, one of these drones and fly it over my property.

The justice’s remarks about drones comes as California is close to joining 10 other states requiring the police to get a court warrant to surveil with a drone. Those states include Florida, Idaho, Illinois, Indiana, Iowa, Montana, Oregon, Tennessee, Utah and Wisconsin. California’s bill is pending, awaiting action from Gov. Jerry Brown.

Swedish ISP urges European Commission to end ‘illegal data retention’ – Swedish law requiring network operators to retain communications metadata continues to breach European Union rules, according to Swedish ISP Bahnhof, which has asked the European Commission to intervene.

Together with the 5th of July Foundation, a Swedish organization that aims to protect online rights, Bahnhof sent an official complaint to the Commission. They want the Commission to initiate proceedings against the Swedish government “for blatantly ignoring” a judgment of the Court of Justice of the European Union (CJEU), they said in a news release.

The EU’s Data Retention Directive had previously required telecommunications and Internet service providers to retain their customer’s location and traffic metadata for investigatory purposes, but in May the CJEU invalidated the directive because it seriously interferes with fundamental privacy rights.

Bahnhof stopped retaining customer data and deleted all its records a few days after the ruling. It did so with the permission of the Swedish Post and Telecom Authority (PTS), which said at the time that ISPs could stop collecting data and delete records without consequence. After analyzing the verdict, the authority concluded that there would probably be “big problems” if it tried to enforce the Swedish data retention law that is still in place.

However, in mid-August the PTS ordered Bahnhof to start retaining data again, Bahnhof CEO Jon Karlung said. The PTS has made a 180-degree turn in policy by ordering Bahnhof—and Tele2, which also stopped retaining data for a while—to resume doing so.

1 Comment

Filed under Free Software Downloads, Internet Security Alerts, Latest Tech News

URL Shortening Sites Target Email Weakness

imageSites like Tinyurl.com and Bitly.com are the go-to places for Tweeters who do not want long URLs to eat up their typing space. However, shortened URLs have a second, more insidious use. They allow spammers and hackers past the old email filters and into your inbox.

Most email anti-spam engines were created before the use of embedded URLs in emails, not to mention shortened ones. Most anti-spam programs try to trace back the URL to see if the site is dangerous. However, a shortened URL can be used by hackers two ways.

The first way is simple. They plug the site they want you to get directed to into one of the known and trusted URL shortening sites available for free to the public. Because the URL shortening site is trusted, the link is trusted. However, the link does not take you to the URL shortening site; it takes you where it was originally directed.

Secondly, hackers get even more creative. Once the anti-spam filters get around the URL shortening sites, as some have done, hackers create their own URL shortening sites. Essentially, they shorten a site that’s already shortened. So, when you click on the link, you get redirected not once, but twice. The first redirection is safe, the next is a hackers.

This was “yet another example” of cyber-criminals adopting new technology to bypass traditional security measures, said Bradley Anstis, vice-president of technical strategy at M86.

“A lot of the traditional anti-spam engines were developed before Twitter, so they are not geared up to recognize embedded URLs as seen in blended email threats in spam, let alone shortened URLs that link to malicious, or compromised Web pages,” Anstis said.

Some frightening statistics:

In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).
The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April. (From Net-security.org)

So, what can you do to protect yourself? For one, never click on an email link if you do not trust the sender. Two, even if you do trust the sender, try to get to the link organically, meaning follow the normal method. If you are checking on a shipment, go through the main website instead of clicking on the link. These simple tricks will help to keep your computer and information safe from hackers.

Author Bio

This Guest post is by Christine Kane from internet service providers. She is a graduate of Communication and Journalism. She enjoys writing about a wide-variety of subjects for different blogs. She can be reached via email at: Christi.Kane00 @ gmail.com.

Update:

Here’s a super tip from anarchy4ever – “Some people may call me paranoid but I NEVER click on shortened url links. People should use url enlarger sites such as this one:
http://url-enlarger.appspot.com/

Just a personal observation – anarchy4ever is far from being paranoid – sounds like a very sensible solution.

6 Comments

Filed under cybercrime, Email, Guest Writers, Hackers, internet scams, Twitter

WARNING! You Are Now Connected To The Internet!

imageAny organization which provides services that expose the end user to risks – physical risks, financial risks, health risks………. expects that the user will assume the reasonable risks associated with the consumption of the service.

You can be sure, if you go on an African safari you will be required to assume the risk of being eaten by a Lion – ouch! If you venture on a mountain climbing vacation – you will have to assume all the risks associated with this type of activity – including the risk of personal injury, and even death.

image

In both of these extreme examples, you will be required to demonstrate that you are aware of the risks, and accept and fully assume those risks, and hazards, associated with the activity.

In order to protect its interests, the service provider will demand that you sign a liability waiver designed to mitigate its responsibility in all but the most egregious of circumstances.

This is a two-fold practical warning solution .

It ensures that the consumer has considered the risks, and found those risks tolerable.

It offers protection to the service provider in the event, the consumer behaves outside common sense boundaries.

Why then, I wonder – given the constantly deteriorating state of Internet security, and the privacy, financial, and assorted other risks that a typical users is expected to assume (users who are largely unaware of the assumed risks) – Internet service providers have not considered the appropriateness of providing a “WARNING! You Are Now Connected To The Internet!” notice to consumers on Browser launch. No waiver of liability required – just a constructive warning.

Such a notice, might offer practical advice such as the following – but certainly not necessarily limited to these innocuous tidbits.

Users should be aware that the Internet is not a secure medium and that third parties may be able to obtain information regarding users’ activities.

The validity or accuracy of information found on the Internet should be considered with caution.

Some resources and destinations may contain material that you might find offensive, or inappropriate.

Software downloaded from the Internet may contain malware.

I have no doubt that Internet service providers could make a persuasive argument as to why they don’t have an obligation to educate consumers on the very real risks associated with the use of their service. But, in my view, there are fundamental considerations over and above a – “they don’t have an obligation” mindset.

Just one consideration –

Lack of consumer security awareness has led to the creation of a cyber crime industry – and, there’s little doubt that it is an industry – which is responsible for the theft of $388 billion globally (Norton Cybercrime Report 2011), in the past year, alone.

Additional information from the Norton Cybercrime Report:

Every day of the past year, over 1 million online adults in 24 countries experienced cybercrime.    This can also be broken down to 50,000  victims per hour, 820  victims per minute, or 14 victims every second.  In just the last 12 months 44% of people have been a victim of cybercrime while only 15% have been a victim of physical crime in the same period.

Norton emphasizes the point (made here many, many times), that cyber crime can be largely prevented if – good security practices (which includes patched operating systems and applications), are followed.

All well and good – provided, consumers are regularly reminded of the Internet risks they face. It’s my view, that Internet service providers can do much more to raise an awareness of these risks.

It may be a pipedream when I think that ISPs should consider their moral obligation in this matter – still, I can’t help but think out loud.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under Opinion, Point of View