18 Dec 2008
A vulnerability has been discovered in Internet Explorer which is being rapidly exploited by some web site and about which you need to be aware. To read more: Microsoft's Advisory Service, and a simpler explanation can be read here: Secunia.
Thursday, December 18, 2008
Monday, December 15, 2008
Identity Theft: What it is & How To Avoid It
We can define roughly two levels of Identity Theft. First, Social Theft: This is your online identity. If someone steals your online identity it enables them to pretend they are you in online activities in the area of what has become known as Social Networking. A 'social network' is an association of people drawn together by family, work or hobby. The term was first coined by professor J. A. Barnes in the 1950s, who defined the size of a social network as a group of about 100 to 150 people. However, since the advent of the World Wide Web, social networking sites have evolved online and provide networks numbering millions of members. These are now virtual communities of people interested in a particular subject or just as a 'place' to "hang out" together. On these sites, members create their own online "profile" with biographical data, pictures, likes, dislikes and any other information they choose to post. They communicate with each other by voice, chat, instant message, videoconference and blogs. It is easy to see how these can become zones of danger for the unwary. Indeed, there have been plenty of news stories covering some of the pitfalls the unwary can fall into while networking on these sites. These unfortunate events can range from just nuisance level through to the more distasteful and criminal activities of pedophiles etc.
The area of concern in this column to the wider community is when someone assumes your identity to the degree they can start buying things in your name, running up huge credit card debt, phone bills and relieving you of large sums of money directly from your bank account, etc.
Sadly, identify hijackers very frequently get clean away and continue to perpetrate their crimes again and again. Statistically, the police have few prosecutions and are usually without any clue as to who the thieves may be.
Be Afraid, Be Very Afraid!
There is only one defense -extreme caution. The old adage, ‘vigilance is the price of liberty’, is again a truism. In this case, constant vigilance is required to stay free from all the various ways in which someone can steal your electronic identity and use it to steal from you. Sometimes, not just once, but again and again. Added to the pain and loss of this is the downstream difficulties associated with identity theft. Your ability to obtain credit is compromised, there are ongoing difficulties with the police, the hassle of proving you are not the person responsible for the credit card purchases made in your name and with your card and so on and so on.
In the End, It's All Very Easy For the Thief
Authorities do agree on one thing, it is very easy to hijack someone's online identity. For example, to do a credit card transaction in someone else's name, the perpetrator often only needs the following information:
- Your credit card number
- The expiration date of your card
- The billing address zip (or post) code
- The CVC number (that 3 digit number on the back of your card)
- Your name
Second: Harvesting Your Identity From Your PC
Because It's Likely All There On Your Computer
In this connected age, the scary fact is that all this information is likely stored in your computer waiting for a hijacker to get his or her hands on it. Further, you don’t need any fancy technology to dig it out. Unless your already practicing safe computing you can find it just by following these simple steps:
Go to an online form, you can use my Contact Centre form for the purpose if you like. But any form where you fill in information about yourself will do. By the way, I don’t harvest any information from my form. It is a simple email form and I haven’t even taken steps to guard against abuse on it. As a result I often get junk email off it when online nutters fill it in with gobbledygook and I have to waste my bandwidth and time and delete it from my inbox. So, use if freely, although, if I get an increase in misuse as a result of this invitation, I will certainly get busy and put some simple checks in place.
If, as you complete this form using Internet Explorer, Firefox or any other browser, and the information you enter, such as your name, phone number, bank account number, IRD/Social Security number etc and the details are automatically completed for you as you begin to enter them, you know your compromised.
This is because the information is stored on your computer and it is available to be harvested by an identity thief quite easily. If you’ve been using computers and the net for a while, you should know this by now. If not, consider yourself educated. Turn off auto-complete this instant and be many times safer as a result. If you’re running Firefox, my preferred browser, go to the Menu Bar and click ‘Tools’ and then the ‘Private’ tab. Check as many boxes as you can to make yourself comfortable about what information remains on your PC. You can also choose to have Firefox clear all your Private Data when you shut Firefox down. Click the ‘Settings’ button on the LHS of the Private Data section and check as many or all the boxes you feel comfortable with as well. In Internet Explorer go the Menu Bar and click ‘Tools’ and click the ‘Delete Browsing History’ option right now. Then go back to ‘Tools’ and choose ‘Internet Options’. Next, choose the ‘Privacy’ tab and move the slider you will see as high as you feel comfortable with. If you are now paranoid, you can click the ‘Advanced’ tab and check ‘Override cookie handling’ and check everything in sight –or whatever! While you’re there, if you wish, you can check the ‘Turn on pop-up blocker’ as well. You can have a look around at the other tabs while you’re in Internet Options and read all the information available.
Caution!
Be aware, that actions you take here will affect your browsing and you may wish to return and fine tune your settings. However, keep in mind that the point of the exercise is safeguarding your online security and privacy. To do this some of the fancy gizmos you find on the net and some of the easy options, such as having your browser remember passwords, may have to be missed out on. It’s up to you.
The Telephone
Now for the telephone! I mention this because it's amazing how trusting we can be. You can be asked a series of questions all related to your security and your identity by someone on the other end of the line and pass it all over without a second thought.
For example:
- IRD or Social security number (or last 4 digits)
- Mother's maiden name
- Email address
- Telephone number
Remember, if a thief can establish they are you, also over the phone, to another bank or financial organisation or business etc, they could ruin your life for a very long time. It’s worth taking precautions and, at the very least, being aware of the dangers.
This sort of information could allow a thief to transfer money out of your bank account, cancel your mobile phone, change all of your passwords, and access your email (probably via web mail) and much more.
How to Begin to Safeguard Yourself
Use Your Own Machine: Never do online transactions on any computer other than your own. Never at work, never on your friend's computer and NEVER NEVER at a public terminal.
Perform the simple check I outlined earlier and try it with your bank account number, IRD or Social security number, your phone number as well. Only start to do it with, say the first four or so numbers and see if your machine starts to complete it. If you know you’ve used another computer previously to do online transactions of any sort, and you can go back to that machine, use the steps I’ve outlined below to do the best you can to erase all stored information and hopefully you’ll wipe out any traces you may have left.
Remove All Personal Traces: Perform a system wide sweep of your own and any other machine you use, have used, to remove any traces of your online identity from them. If you would like help with this we, at Hamilton Office & Home PC Care are happy to assist. That’s what we do! Bear in mind that this means that you will have to type in your credit card number each time you need to use it. This might take a small amount of extra time, but to have your important numbers in your head, not in your computer, or any other, is better than leaving them lying around for someone to pick up. You can use encrypted software that you carry with you on a USB stick and have only one master password to remember. This is what I do and I use a little programme called Any Password for this purpose. This also has the facility to generate passwords that are reasonably secure. However, if you are a gazillionaire, then likely you are a target already and remember that sophisticated decrypting techniques and software are available that could possible crack any utility such as this. However, for most of us among the great unwashed, we aren’t that big a target and not likely to attract that amount of dedicated evil. At the end of the day, even your head is not totally secure. If a sufficiently large and well organised criminal organisation wants what’s in your head, I guess they can get it. “They have ways…!”
Scan Often: Scan your machine(s) for malware on a regular basis. Say, once every five or six days. Under the heading of malware we include, spam bots, denial of service attacks, and all sorts of other nasties. Malware dedicated to capturing your online identity is becoming steadily more common and you need to guard against it. So, install the best quality and the most highly recommended antivirus, antispyware and firewall you possibly can. More than one anti-spyware app is good. You can only run one antivirus programme on your computer, so make it the best you can find. These don’t have to cost the earth either. There are excellent free one’s available. Check out Hamilton Office & Home PC Care and go to my Tech links/Info page to check out my recommendations.
Secure Login: Set up a reasonably secure login password on your PC. Don’t use the obvious such as your wife’s or girlfriend’s name, your birth date, your street address, your phone number and so on. Work out something that you have to remember and don’t leave it written on a piece of paper stuck on or near your PC! If I had a dollar for every time I’ve seen that…
Log off: Log off from your PC when you are not in front of it. Even when going away for a moment or two. That’s all it takes for someone who knows what they’re doing to harvest personal information. An ounce of precaution is always worth a ton of cure. Trust me on this. On an XP based machine click, ‘Start’ then ‘Logoff’. On a Vista machine click, ‘Start’, then the little right arrow and ‘Logout’. If you’re using a laptop or notebook or netbook (see my blog about Notebooks v Netbooks) you might just have to close the lid. You can set this up by going to your Power Options in Control Panel.
Happy and safe computing,
John
Saturday, December 6, 2008
Buying a New PC & the Internet
Buying a New PC & the InternetCERT/CC has composed this Tech Tip concerning the growing risk to Internet users accessing the Internet without any knowledge about how to secure their nice new machine from the growing number of Internet nasties.
They say, "In recent months, we have observed a trend toward exploitation of new or otherwise unprotected computers in increasingly shorter periods of time. This problem is exacerbated by a number of issues, including (they say):
- Many computers' default configurations are insecure.
- New security vulnerabilities may have been discovered between the time the computer was built and configured by the manufacturer and the user setting up the computer for the first time.
- When upgrading software from commercially packaged media (e.g., CD-ROM, DVD-ROM), new vulnerabilities may have been discovered since the disc was manufactured.
- Attackers know the common broadband and dial-up IP address ranges, and scan them regularly.
- Numerous worms are already circulating on the Internet continuously scanning for new computers to exploit.
As a result, the average time-to-exploitation on some networks for an unprotected computer is measured in minutes. This is especially true in the address ranges used by cable modem, DSL, and dial-up providers.
Standard advice to home users has been to download and install software patches as soon as possible after connecting a new computer to the Internet. However, since the background intruder scanning activity is pervasive, it may not be possible for the user to complete the download and installation of software patches before the vulnerabilities they are trying to fix are exploited. "
Check my advice on PC Maintenance and Security
You can read the entire article here: www.cert.org/tech_tips/before_you_plug_in.html
Contact Hamilton Office & Home PC Care on our
PC Care
Tuesday, November 25, 2008
Confusing Messengers
We have: Windows Live Messenger, Windows Messenger, MSN Messenger and Windows Messenger Service. Confused?
Well, I don't blame you -I have to stop and think all the time. Here we go...
A rose by any other name.
Windows Live Messenger, Windows Messenger, MSN Messenger and Windows Messenger Service are, in fact, four names for three applications. Three apps that do two different things. Of which, I submit, only one you really want. Here's why...
If you're running XP Windows Live Messenger will do it all.
So, uninstall the lot except Windows Live Messenger. You don't need them. If you are running older versions of Windows visit 'Ask Leo' -why should I reinvent the wheel?
Better yet, uninstall the lot and switch to Yahoo Instant Messenger for all instant messaging.
Having said that, I use Windows Live Messenger quite happily. But then, I'm running XP Pro SP3. Yep, that's right, SP3. It's running very sweetly and I have had no problems, in spite of the bad rep in many forums. So is every machine I've installed it on to date.
Happy Days,
John
Friday, November 21, 2008
You're Windows based PC is a target!
The facts are simple. If you are running a Windows-powered computer, you are running the operating system which has the biggest bulls eye painted right on it. See, Windows is used by around 90% of the marketplace. And that makes it target #1 for hackers.Experiencing slow PCs and Servers?
At Hamilton Office & Home PC Care we have seen time and time again, customers computers or servers which are performing poorly, and much slower than they used to be when they were new. Often we have been asked by these customers if they need to buy new, faster, more expensive equipment. In 95% of the cases, the answer is a resounding NO!
It is a little known fact that, over time, especially with prolonged use of the Internet, computers get cluttered by applications, spyware, unnecessary background services, out of date hardware drivers, fragmented disk drives, corrupted or bloated windows registry, low swap disk space, and if you are really unfortunate, viruses. A worst case example was a customer's Pentium 3 computer with 256MB RAM that ran so slowly he was thinking of giving it away and buying another. This computer was brought back to life after an Hamilton Office & Home PC Care warrant of fitness (wof) and tune-up, the machine ran like new again.
This particular customer was using a well known, respected Anti-Virus product, which unfortunately was out of date because the annual subscription fee was too expensive, the customer was also using one of the better known Anti-Spyware products!
The Hamilton Office & Home PC Care answer!
We do not believe that expensive software is the best solution, we firmly believe in utilising the best open-source and freeware solutions that do not require ongoing financial commitments to get the latest protections. After tuning up your machines we will leave you with a free suite of applications to better protect you in future, including anti-virus, anti-spyware and automatic system maintenance regimes.
We utilise a multitude of tools, found and tested over many years experience, to clean up, tweak and protect your IT investments. In addition to software tools, often we need to draw upon our network of support experts with 25 years experience in IT to solve some issues that software alone cannot assist. The difference between Hamilton Office & Home PC Care and other computer services companies is that we do not aim to make any profit on software or hardware solutions, our IT expertise is our service, your satisfaction and referrals are our bread and butter. This way we can offer a highly competitive service and bring you better solutions that cost less.
Tips for avoiding scams & staying safe online:
Email Scanning: Ensure your e-mail scanning feature is ON by default, this ensures that all emails received with attachments are scanned for malware as soon as they hit your inbox.
Update: Always keep your security software up to date. Smart Update (and other similar automatic updating software): is an automatic and silent self-updating feature found in Spyware Doctor, PC Tools AntiVirus and PC Tools Internet Security, and many other useful free security products, that keeps your protection up to date at all times.
Quality Software: Install only trusted software from known and reputable vendors such as those recommended on this site.
Passwords: Use different passwords, particularly when transacting online. Ensure your password includes a combination of letters, numbers and upper/lower case.
Use a separate credit card for online transactions that has a low credit limit.
Finally, you say, something about PCs!
Have fun,
John
Contact Hamilton Office & Home PC Care and secure your IT & PC investment now!
All Things Change
We have entered another new era on planet earth. Certainly for the west, at any rate. Although, we, who live in the west should remind ourselves that we are not the major portion of the planets population. Even though we often delude ourselves into thinking that the sun rises and sets for our exclusive benefit and even at our behest!The most powerful nation on the globe now has a new president, and one of the smallest nations on earth has a new Prime Minister. John Key has replaced our PM of the past nine years, Helen Clark.
These two democracies have voted in the face of the economic downturn for a change of leadership. Are we clutching at straws? Do we imagine that a new political focus will make everything all right? Are we implicitly laying blame on the past administrations? Perhaps, more likely, we are simply doing the one thing the opportunity of democratic action allows us, making the one change the voting public can make. Coincidentally, maybe even fortuitously, it was election time. We could have been in the middle of our two mutual terms. We were right at the point of possible change -and both these democracies took the opportunity and made the change.
The fact remains, however, both these societies are consumer based, greed driven, materialistic in the extreme, and quick to react when there is any threat to our well being and life style. We borrow impatiently to gratify our wants instantly. Executive greed illustrates the point. Position and opportunity is exploited by us all and only limited by the degree of opportunity. It requires a powerful and compelling change in perspective to temper this and mitigate the long term effects. A temporary political adjustment will not do it. Ordinary people like you and I must effect change at a fundamental level and insist upon a value based system of personal and business dealings that is based the importance of the individual above all else. People are what matter. A nations most valuable asset is the people of which it is composed. Not the the GDP or the exchange rate. This is about the most radical adjustment that can be made within a society. Every consideration should be based upon this and not upon the financial or material gain that an opportunity offers. This is an idea that I ponder much upon and any comments are welcome.
To use the Vulcan greeting (from Star Trek for the uninitiated -are there any?)
Live long and prosper
(A variation on Shalom).
John
The Upside of Down
Periodically, I like to make comments related to topics not directly computer related. This post is one of those.The old adage, 'What goes up must come down' is also true in reverse. I've lived long enough to know that most things are cyclical. The weather (global warming -I'm pretty ancient!), boom-bust cycles... This present blip, regardless of the degree will cycle back up again in due course.
The real truth is, a dip in the economy simply represents OPPORTUNITY. Many will benefit hugely, others, sadly, will get hurt. Some things remain the same -those who've stayed out of the debt trap and have cash will seize the day, those who have over extended will pay the price. Cash is pretty much always king. Stay liquid and debt free. Be opportunist with money that you have earmarked for exactly these occasions and enjoy. Look for ways to expand by offering service and value and grow your business. Don't follow the crowd -the majority are seldom right.
Take care,
John
Hi! The object of this blog is talk about issues in and around the Home PC. I've been messing about with computers since the mid to late 80s so I guess you could call me an early adopter. That was a phrase that was around the 'net back in the early days of the World Wide Web when the word Internet evoked the response, "What's that?" I started introducing businesses to the idea of obtaining a 'web presence' and the common response, after explaining about the Internet, was, "Oh, I think it's just a fad. I don't think it'll take on really. Nah, I don't think I'll bother". I would then move into my blurb in order to convince them how sorely mistaken they were. Sometimes I succeeded, sometimes I didn't. Generally, things did OK, and then one fine day, the Internet was suddenly center stage and I no longer had to explain what it was, everybody knew. The it was like era of the Gold Rush. In New Zealand it was down south in Otago etc., in America the name most often thought of was the Klondike. Check shirt millionaires appeared over night. With the Internet we had the same thing. The Nasdaq was invented and just having a web site made you think you had struck it rich! It was just like staking a claim. Fortunes were made over night -and then the bubble burst and Nasdaq tumbled and it was all gloom and doom. Then, of course, it all found its level. But the world has never been the same again. History could well be divided into the days Before Internet (BI) to the days After Internet (AI). Well avoid any connotations that might arise in the minds of farming folk to those letters!
Now the astronomical cycles have turned over many times and names like Google, Microsoft, the Net, Apple, Mac, PC, software, online, chat, and so many more are all household names. Children by the age of five have inherited a world we had no concept of when we grew up. Connectivity is just a normal part of life. 'Getting away from it all' really means severing yourself from computers, mobile phones, etc for a break -and it's not easy to do. Rather like an addiction, we find living without a computer handy and mobile in your pocket leaves you feeling like the proverbial 'fish out of water'.
I'm going fishing on Saturday, out of the briny blue, and do not intend to take any forms of communication. I'm going off-line, and I can't wait! But, I know I'll feel that comfortable feeling of getting back to normal when I return. Such is the normalcy of being wired into the world-at-large.
Anyway, back to the purpose of this blog. I anticipate talking, and hopefully getting feedback and comment, about all sorts of topics related to the Internet, technology, computers (primarily and particularly as they affect the home user, but also small business), PDA’s et al.
Please send in your tips and tricks. I don’t know everything, not by a long country mile -as my adult children make me acutely aware! I’m a learner along life’s journey and all the help I can get is always gratefully received.
I’m trusting, that in the process, many will benefit. So, here we go.
Subscribe to:
Posts (Atom)
Posts
