To date, Facebook is perhaps the most successful and widespread social networking site. It has transcended age and race, and practically everyone I know has an account. It has so much to offer, hence the amount of time that the average person spends on Facebook has skyrocketed in the past months. Even businesses and employers use Facebook to make their presence felt online!

But in spite of the allure and usefulness of Facebook, it does have some security issues. All the information that one enters can be accessed by the site AND its third party partners. With each application a user “allows,” his information is accessed, probably even shared with others. Unless a user changes the default privacy settings, practically anyone can access his information. This is something that not everyone really thinks about.

But the Canadian government found these issues important. In fact, the pressured Facebook to create some changes with regard to security. Thanks to them, several tweaks have been enacted. PCWorld featured this move and outlined the fixes.

One, Facebook had to fix the way applications access users data:

Apps will have to tell the user what information it wants and get express consent from the user beforehand. Information will be split into categories, which the user can check off before installing. Developers will also have to explain how that personal data will be used.

Two, what happens to a user’s information if he deactivates his account?

Users will be given an option to either deactivate or delete their accounts. Upon deactivation, they’ll be notified of the option to delete, and can elect to do so should they want all their data gone for good.

Three, what will happen to your account if you die?

Facebook will explain in its privacy policy what happens to an account after its owner passes away.

My thoughts – one and two are quite valid. Three, I am not so sure. You’ll be dead, why would you care? In any case, I wonder if Facebook will apply these fixes to the whole system or just for their Canadian users?

Tags: facebook, privacy settings, security, Social Networking, web sites

Categories: News, Privacy & Anonymity, Real-World Issues

Leave a Comment

One click is all it takes to be infected and for the avid PC user, it would be wise to make sure that you look before you click. Malware issues can come in different forms like:

1. Emails
2. Popups
3. Links via Instant Messaging

In fact, even if you know the person who sent you the link, you cannot entirely rely on your relationship and trust with them as the main reason for clicking on the link. This was done before but today, people have to be aware that there are some accounts that can be easily hacked or even impersonated.

Much of these issues have plagued us through the years. Some have had their share of problems dealing with Malware and Trojans. They are different from viruses but sometimes, they can do more harm compared to the traditional viruses.

Even having anti-virus or anti-spyware protection is not guarantee from being contaminated with them. Remember, a click is all that it takes and all hell will break loose. For most, it is easy to remedy since they can reformat their computer. But think about the files you may lose from the moment you click on these links.

It may be hard to save these files since chances are they have already been infected. With that said, your files and PC are practically good as dead. So the moral of the lesson is, don’t be trigger happy with clicking. You are just raisin the stakes of being infected by doing so.

Tags: Malware, security, Spyware, trojans

Categories: Malware, Spyware

Leave a Comment

For most companies, the computer room where the company servers containing the delicate data originating from daily transactions is the most important place in the office. So while the people here are trying to figure out ways to safeguard these servers, it would be likewise important to consider external security measures such as placing locks and monitoring the activities with the use of spy cams.

Why is this important? The right question should be geared on how well do you trust you IT personnel. Evaluate their personality and see the extent to which they may betray the company and place operations in jeopardy. This not of course to discredit them but in reality, a lot of people use their knowledge and access as leverage towards being able to command salaries and money-related deals that many of us know as blackmail.

Also, physical intrusion is always a possibility. No matter how secure your area would be, it can be breached at anytime if you do not address the right measure to make it harder for them to gain access to the computer room. In short, the harder it is to get in to you computer room, the better it is. This only means you have prepared on the physical aspect of securing your IT area which is a good approach the sake of safeguarding hardware and data.

Tags: Physical Security, security, spycams

Categories: Physical Security, Real-World Issues

Leave a Comment

If you are in charge of network security, one thing you may want to consider as far as laying down the law in safeguarding your network is the regular change of user passwords to avoid potential hackers and cracks based on how their passwords can be easily guessed.

For some users, it is easy to figure out their passwords. The normal passwords that people use include:

1. Birthdays
2. Anniversaries
3. Car Plate Numbers
4. Mobile Phone Numbers
5. Adding 123 to their names, or
6. Using “PASSWORD” as their password

Now there will be a lot of potential combinations depending on the length of the password. That is why the longer passwords (8 alphanumeric characters) are encouraged for users who access the network.

But while the probabilities of guessing or cracking passwords offer a lot possibilities, employing a regular maintenance as far as changing them is indeed something ideal to combat these hackers or malicious people from gaining access to the network and the programs in use.

Once cannot avoid the fact that some people’s curiosity and call for fame are the main reasons for wanting to be a hacker or code cracker. It is evident in people who are looking to try out their skill. They don’t think of the outcome which can cause a lot of problems.

So one good tip to avoid being hacked is to think like one. Once you do, think of security policies that can make it hard for you to breach a system. That is the best way to stay efficient in your line of duty in any organization.

Tags: network, passwords, security, systems

Categories: IT Security Basics, Network Security, Security Policies

1 Comment

Emails are supposed to make life easier but sometimes, it may be wise to choose who you give out your email to. Today, a lot of mischief can be done and normally this comes in forms of email attacks or email bombs. In such scenarios, don’t be surprised if you find your email downloading hundred to a thousand emails in one sitting. That is not the best part. You would be lucky if this was done only once since others would schedule it daily.

Why do they do it? One is for trials of these foolish software and the other can perhaps be for malicious reason. It is a fact that while many people on the web cannot be harmed physically, they can create headaches for you in the form of discomforts from the privileges you get from the web. One of the main elements an online user would need to use is his email and by doing these email attacks, it burdens the person on how to get important information usually sent through the web.

One cannot avoid such instances. But the best way to prevent it is to choose the people you give it too. For people you meet on the web, it would be wise to use free mail accounts from Gmail or Yahoo over your personal one. Avoid the troubles of such since it will not only be a discomfort, but a forgettable experience as well.

Tags: emal, explosion, security, spam

Categories: IT Security Basics, Malware, Security Policies, Spyware, Tips

Leave a Comment

If you are apprehensive regarding the competence of your current anti-virus software, do not fret. You can replace it with another one as long as you want but eventually you will grow tired of choosing which is really reliable. With that said, what would be a good alternative?

Online scanning has been around and while many don’t trust them, at least there is a separate device that can thoroughly check your computer and see if there are issues as far as viruses and malware is concerned. For sure, you will be getting reports on which files may need scrutiny. There will be definitely some high risk files, normally found in the cookies or temporary Internet folder, that can be detected.

Now comes the hard part. When they detect these malicious files, they can clean it as well. But before that happens, you have to pay them a hefty sum to do it. The scanning part is the freebie, it is the cleaning that will really cost you.

It is a familiar site we see from trialware software. Before you can enjoy the full protection, you have to register and pay for it. The same is the concept of online scanning services. Panda Software, McAfee and so on have been offering this service and they are surely better and safer.

Accuracy is not a problem. You can even see for yourself by basing the performance after it has been cleaned. You may be surprised to find that your computer operates faster than before. Perhaps because the malicious files are gone which are slowing your computer? You Bet!

Tags: online scanning, panda, security

Categories: IT Security Basics, Malware, Network Security, Security Policies, Tips

2 Comments

Perhaps the leading software companies of Kaspersky and AVG have finally gotten sick of being ripped off. If you will notice today, they have tightened their main flagship carrier, the virus definition updates and unless you have a truly certified copy, you will be blocked from enjoying the actual usefulness of the software for full-protection against viruses and Trojans online.

Apparently, some online users have used other mediums to be able to download and wisely crack full versions of anti-virus software. But while the program is easily downloadable, unless you have proper virus definitions, you are not really that protected. In fact, they are just additions to your system to which you may eventually be better off without them due to the load that they carry.

Download agents like file-sharing online has become a good source for most. Torrents are famous for this but this includes being susceptible to malware and Trojans, files familiar if you are fond of getting them free. These said files come complete with cracks and serial code generators, initially making users believe that they saved a lot of money from the official and licensed versions.

But today, you may see that certain updates are monitored and while you may have more than one serial for full version capability, you will be eventually blocked by their network, showing you that your serial has been blacklisted and place you in the trial version state.

Anti-virus protection is important. But to get supreme protection, you have to pay for it. So if you want to worry free protection, it would be best to get the licensed version. Say goodbye to the freebies and of course the Trojans.

Tags: anti-virus, security, software, updates, virus definition files

Categories: IT Security Basics, Network Security, Spyware

1 Comment

Here is another loophole for all iPhone enthusiasts and it has something to do with a security hole that has been categorized as a minor glitch by apple. Apparently the immediate resolution for this security hole is to reset the settings but the real issue has to do with potential openings given to attackers that can exploit the security holes and get access to files or maybe even do some mischief as most hackers are known to do.

Apple spokesperson Jennifer Bowcock said, “The minor iPhone security issue which surfaced this week is fixed in a software update which will be released in September.”

There is a simple workaround, Bowcock said: iPhone owners can simply change the settings so double-clicking the emergency button returns a user to the home screen, which will present a password login field if password protection is turned on.

Source

So a patch will be released by September and hopefully this issue will die down. But expect new problems to crop up once this has been settled. Being in the limelight and open for criticism is bound to result in a lot of things that should be considered and apparently iPhone has to be ready for them.

For a gadget that costs a lot, the iPhone is in for a lot of rougher sailing from the users and the critics. But before we advance a bit, it would be best to see first if this security glitch will be resolved with their so-called patch software due for release.

Tags: access, Apple, iphone, passcode, security

Categories: IT Security Basics, Network Security, News, Operating Systems, Real-World Issues

Leave a Comment

We all know the importance of having good and difficult passwords once we have access to a site or a network but one thing that many would have to consider would be the length. Others would want it short, but these are people who would not care of why they are given access. Others want it long normally something that they can easily remember such as their address or birthday. But how long should it be?

Traditionally, it should be at least 8 characters. Some are fine with 6 characters but for security reasons and avoiding hackers, it would be best to make it longer. A combination of alphanumeric characters would be better as it makes harder to crack for people who love to do mischief. So if this were the case, the potential combination would perhaps be your car plate number, bank account or even your driver’s license codes. With that in mind, you better make sure you also write it down and keep it in a safe place. This is in case you may forget it for some reason due to the tons of information you have stored up in your mind.

Regardless, a user should always make sure that the password he chooses is something he is familiar with. For most sites, we are asked to put secret questions to which we can answer for ourselves. But in choosing the right one, we must make sure that it is something only we know and not something that can be easily guessed by anyone. Failing to do so may put your access and credibility at risk.

Tags: encryption, passwords, security

Categories: Cryptography, Privacy & Anonymity

Leave a Comment

We keep on talking about how important it is to build on security for our computer and our network but we fail to realize that it will ultimately lie on how responsible the assigned user will be when it comes to safeguarding his username and password as far as access to the computer or network is concerned. Apparently, there is always a human error in these cases and if we look at some news briefs, we will notice that majority of hacking or intrusion issues originate at the hands of one person.

This is not actually saying that an assigned user has the ability to control or have companies at the tip of his fingers. Remember, one act of illegal practice can be a cause for legal action. In fact, it is easier to uphold the law on such a person to safeguard the interest of a company. So either way, no person in his right mind would want to bear the burden of being sued and taken to court for something that was bestowed upon him with complete trust.

Hacking is one thing but divulging is another. This is a practice that should be corrected in most cases. People fail to realize the importance of their participation in a network. No matter how great a security barrier is against any outside intruders, security protection includes making sure that the trusted employee is indeed a reliable one. In short, cleaning up the bad vibes and potential threats start internally rather than external.

Tags: computer, legal action, network, password, security, username

Categories: IT Security Basics, Network Security, Security Policies

Leave a Comment