Computer users lose their privacy once their online presence and activities are no longer anonymous. Losing anonymity means that someone or a group of people are able to track online behavior. This includes knowing the user’s location or browsing habits.
Most people are not aware that their online activities are under surveillance. It should be noted that Internet Service Providers possess a full record of user activities, not to mention that search engines and websites likewise record all user activities in spite of claims that all data garnered are “anonymized” or has not been provided identifiable information. There are providers and sites that purposely collect personal information to sell to the highest bidder.Â
So how do we go about protecting our online anonymity? Users can consider using a software implementation that uses a network of servers that can effectively conceal usage and location. This highlights the layered nature of encryption wherein a data is encrypted and re-encrypted many times over on its way to its final destination. The process prevents undesirable elements from unscrambling and understanding the message sent. There are several tools available in the market today including Proxy.org, JonDonym, Ultra Surf, Tor, Proxomitron, and the Ultra VPN.
Another way to protect online anonymity is to install a good software firewall. Computer users can also stick to visiting highly reliable big sites such as Disney which are committed to upholding the highest standards. Upholding the highest standards simply means doing right with whatever information they inadvertently or purposely obtain from the customers.  There is also an option to maintain an alias email address to enable users to receive messages without revealing the true email address.
Tags: encryption, online anonymity
Categories: E-mail, Privacy & Anonymity
We all know the importance of having good and difficult passwords once we have access to a site or a network but one thing that many would have to consider would be the length. Others would want it short, but these are people who would not care of why they are given access. Others want it long normally something that they can easily remember such as their address or birthday. But how long should it be?
Traditionally, it should be at least 8 characters. Some are fine with 6 characters but for security reasons and avoiding hackers, it would be best to make it longer. A combination of alphanumeric characters would be better as it makes harder to crack for people who love to do mischief. So if this were the case, the potential combination would perhaps be your car plate number, bank account or even your driver’s license codes. With that in mind, you better make sure you also write it down and keep it in a safe place. This is in case you may forget it for some reason due to the tons of information you have stored up in your mind.
Regardless, a user should always make sure that the password he chooses is something he is familiar with. For most sites, we are asked to put secret questions to which we can answer for ourselves. But in choosing the right one, we must make sure that it is something only we know and not something that can be easily guessed by anyone. Failing to do so may put your access and credibility at risk.
Tags: encryption, passwords, security
Categories: Cryptography, Privacy & Anonymity
Research has shown that a survey conducted within a large company shows that although telecommuting is very much productive for many firms it tends to be on the downside for those employees who do stay within the physical office itself. This can be in the areas of personal assistants/secretaries and other office workers who are left to run the office in the absence of their counterparts/coworkers. This leads to dissatisfaction in the workplace hence lowering productivity and encouraging home-bodies to engage in dangerous liaisons from within and outside of the office.
The hatred felt is seen in the rising occurrences of these same people becoming the entry point for attacks on corporate networks when they visit social sites to pass on the otherwise boring day. This is also counterproductive for their attention to work and the other nuances such as physical security and IT security is so much a threat that it is under study on how to improve the working conditions for these people. They are distracted and left to do almost anything they please which is where the security gap seems to be, using the corporate network to access social sites to which they are members of. Even the installation of hardware and software security measures cannot guarantee security coverage at all angles for the main security risk is still the human behind the keyboard who does the typing and not on the structure of the system itself. It might be helpful to get them out more often to allow their facilities more practice letting the steam and pressures/boredom to dissipate. Role rotation may be a key but is not always feasible for there are certain knowledge associated issues that have to be addressed to be able to do that. Training and re-training people allows them to sharpen skills and add new knowledge to their already bored lives.
Tags: Mobile-Workforce, Telecommuting
Categories: General, Instant Messaging, IT Security Basics, Malware, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies
This has been proven true by incidents broadcast around the world in minutes or hours after they have happened. Many have suffered the consequences of such incidents in the UK, US and mostly each and every place on earth where people have had their information taken and used for no good before there was even a sign that there was a problem.
Big business has been reminded again and again that complacency is it’s worst enemy and they have failed again and again at the area. Why? Well first, total protection is almost always imperfect and somebody out there with enough intent and resources can break-in however expensive the protection methods may be. Next is that the best systems for protection is always the ones that cost too much yet they still remain vulnerable and hackable. Contrary to most ad’s you see in print, the internet or your Television there is no one true solution to protection, for if the hardware and software measures succeed in protecting you, the human behind the computer/s are always the biggest risk. That is why even the most expensive solutions are used in conjunction with other solutions to provide the best of both worlds combining physical and software solutions hoping that combination will be enough protection from the continuous influx of attacks from the web and elsewhere. Encryption is nice but it takes a lot of computing power to implement making it too expensive for implementation on all levels of the company. All of these high-tech solutions and hardware would be nothing if the people using the various computer systems in the said organization fail to use them so the weakest link in every system is still the human. Strict adherence and compliance is the key with systems that process information somewhat autonomously already in use doing the searching and classification of information without the user’s input. This uses the latest in Artificial Intelligence with minimal intervention or input from the users.
Tags: IT Security Basics
Categories: Cryptography, General, IT Security Basics, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies
I was only able to fit in two tips in the previous post but no worries, here are more things for you to look at.
To subscribe or unsubscribe? What to do?
You know those e-mail messages informing you of one thing or another and then at the bottom it says “To unsubscribe to this service, click on this link…” or something like that? Well, many are legit but here’s the thing – this tactic is also being used to get you to click on the link and gather information from you. What you should do, instead of immediately unsubscribing, is to first double check if you really have subscribed to that service. Otherwise, you just might find more spam mails in your Inbox. If you’re unsure, just mark the address as spam so that it can be filtered in the future.
Guard “important” e-mail addresses
Some people guard their phone numbers zealously. They would only give their numbers to people they know very well and people who they are ok with contacting them. How come, when it comes to e-mail, it seems that people are less guarded? It shouldn’t be the case. You don’t know who will end up knowing your e-mail address and start sending you stuff that you don’t need or worse, malware. If I were you, I’d set up another web e-mail account that is separate from your main e-mail account.
Remember: There is no such thing as absolute privacy
Whatever you code into your computer and send through e-mail is never ever really totally private. Just bear this in mind when writing anything. It will keep you safe.
Tags: e-mail security
Categories: E-mail, Privacy & Anonymity, Real-World Issues
I received an email about a year ago on 7 things to stop doing on Facebook. I will mention three of them and give real situations of friends and families who have almost been victimized by criminals because they failed to follow the necessary security protocols.
1) Using a Weak Password. A cousin of mine who was a first time user of Facebook, made the crucial mistake of using his social security number as his password. It was a misfortune that someone got a hold of his wallet and coincidentally tried his SS number to log on to his account. It was a good thing that is was his wife, and so he quickly changed his password, and hid his wallet in a locked safe.
2) Mentioning That You’ll Be Away From Home. A good friend of mine posted on his wall that he and his family are really excited to go on a 5-day Australian vacation after checking out Australia business directory. On the first day they were away, a neighbor called and said that there was a parked van in front of their house. He called the local police station immediately and had someone sent over. The van left just before the cop parked his car.
3) Permitting Youngsters to Use Facebook Unsupervised. This experience is probably the scariest of all. My 5-year old nephew has a Facebook account that he shares with his mom who is a nurse. She is usually at his side as he writes random messages to friends and family members. However, in the course of preparing dinner one night, a message from a stranger popped out as her child was chatting with another cousin. Good thing she caught it on time. She never found out who the message was from, but now she lets her son write emails instead.
Categories: General, IT Security Basics, Physical Security, Privacy & Anonymity, Real-World Issues, Tips
It is perhaps the headache of any IT head when it comes to implement policies to have a smooth running network and department. But while the essence of a good security system is evident, it is really the implementation part that is hard to accomplish.
For one, the transition and building of security awareness from various threats that can easily make their way towards an acclaimed secure network is abundant. Manually or transmitted, suspicious files will always find a way especially if you are not that adamant towards making sure that all bases are covered as far as the security of your system and data is concerned.
Many people fail to appreciate that value of the data they have gathered. They fail to appreciate the value of a strict IT policy mainly because all they care about is a workstation to use and opening files (both internal and external) as they please. So if you put all these things together, you can imagine the problems that an IT guy has to work with. But to some, taking the initiative such as passwords and some hardware exclusions has to be made.
If you notice, some drives like the usual floppy drives or even USB ports are either missing or disabled. To make them work, certain permissions and passwords are set for them to be enabled. Only the IT administrator would know these security measures and basic as they may seem, they really help a lot.
This is just a basic but effective way that IT personnel use. There are the usual network policies but for the sake of people who want to making it doubly sure, old and basic practices such as this is perhaps the best way to go.
Tags: it, management, policy
Categories: IT Security Basics, Network Security, Operating Systems, Physical Security, Privacy & Anonymity, Security Policies
Chances are that when you open your inbox today you’ll find an e-mail claiming to be from your bank, an e-commerce site, or another online site you’ve visited. They might offer you an upgrade to your account, inform you that there’s been changes to their, and asks you to verify your account information. This could be a phishing attempt to get sensitive information like your personal information or passwords. Fortunately, you can avoid getting scammed by taking these precautions:
- Be suspicious of any email with urgent requests for personal financial information. Phishers are getting more sophisticated in their attempts, so even if an e-mail appears to be legitimate, look for proof that it came from your e-commerce company. They should be personalized and carry information that only you and your company would know. They might show partial account numbers or other verification tools.
- Use anti-virus software and a firewall, and keep them up to date. Phishers sometimes include script that can track your activities on the internet without your knowledge.
- Never use the links in an e-mail to go to any webpage. Phishers will redirect you to a bogus site to trick you into logging in your account number and password. Log onto the website by typing in the web address to your browser. At the same time, never call any numbers in the e-mail. It could lead you to a VoIP provider that isn’t connected to your company at all.
- Never fill out forms in e-mail messages asking for your personal financial information. Your e-commerce company would never ask you to send sensitive information in that manner.
- Check your bank, credit, and debit card statements regularly to see if all your transactions are legitimate. Report any suspicious withdrawals immediately.
- Finally, report the phishing attempt you received to your company and other anti-phishing groups.
[tags]phishing,spam,spoof emails,indentity theft,pharming,spam filtering[/tags]
Tags: General, identity-theft, pharming, phishing, Privacy-&-Anonymity, Real-World Issues, spam, spam-filtering, spoof-emails, Tips
Categories: General, Privacy & Anonymity, Real-World Issues, Tips
Phishing over the web can be typified with that of trying to get personal information for mischievous use. Receiving unsolicited emails coming from unknown origins which would make you believe that you have won something in a lottery or a sweepstakes contest are the common forms of phishing.
The people who send you these emails are merely after your personal information. They would get information such as credit card numbers, bank accounts, and other useful information to which they can use over the web, an open space of being able to transact with a lot of security breaches that most people know today.
Some would even provide links to certain pages which are professionally done, all the more deceiving a person that the offer is for real. But the next time you get such e-mails from an unknown source, all you have to do is just think about it for a second. How can you get such mails from someone or something that you don’t even remember joining? The rest is history.
Tags: deception, e-mails, phishing, spam, web-extortion, web-swindling
Categories: IT Security Basics, Privacy & Anonymity, Tips
Living at home means that you have to share your computer with other people. In some companies, people also share workstations in case that they have different work shifts. In any case, it is important for you to make sure that your files are safe. Especially those that you use for work and those that contain confidential information.
Here are some tips for you:
- Make sure you are using a password that is not easy to guess.
If people know you well enough, they could probably figure out what password you will use. People tend to use passwords based on words, names and dates that important to them. Examples are pets‘ names and anniversaries. If you do this, chances are those who know you will be able to log in your computer using your account. Try changing your passwords every so often and make sure that they will be easy for you to remember but difficult to guess. Think of some cipher for it.
- Set permissions on your files and directories.
You could set that your files and directories will only be accessible to you. Do a chmod on them. Then again, whoever has root access will be able to get through. Maybe it would be easy for you to do this if you are the one with root access.
- Protect your files with passwords.
Although not everyone agrees with this, some people do this for their own sake. They feel better to have password protected files. A drawback, of course, is that if it has a difficult password to remember, you might as well have deleted your files.
- Log out of your account or profile.
If you have set your file permissions that you are the only one who can view, edit and execute the files, it will be pointless if you don’t log out. When you are the one who is still logged on, you leave your entire session open for intrusion.
Hopefully these tips have helped you deal with some of your dilemmas with regards to sharing your computer with other users.
Tags: computers, General, IT Security Basics, omputers, people, Privacy-&-Anonymity, Real-World Issues, security, Tips
Categories: General, IT Security Basics, Privacy & Anonymity, Real-World Issues, Tips
