How Will We Protect Ourselves Virtually In The Future?

When I say virtually, I mean through technology.  When I say protect ourselves, I mean protect our identities, our data, our computers, our WIFI networks and our work environments.  The future is different the way you look at it. 

For some the future looks bright.  While the “bad” people out there keep getting smarter and find ways to make our technological lives miserable at times the “good” people are getting even smarter.  In the past being bad was easy.  All you had to do was be able to outsmart the anti-virus and spam programs.  You could prey on people who didn’t know how to protect themselves and do some pretty good damage without much risk of getting into trouble.  The governments of the world are looking into stiffening laws against these criminals which will give us the peace of mind that there is a penalty against them for what they do.  Right now we know that for someone to get arrested for hacking or spamming or the like they have to do a lot of damage before getting caught.  If the governments make their rules more stern we wouldn’t have to wait that long to see them pay.  Also the beautiful minds of the world are coming up with more protection for us.  There are numerous free software of the web to help protect our computers such as the following, just to name a few. 

Microsoft Security Essentials at http://windows.microsoft.com/en-US/windows/products/security-essentials
Spybot Search & Destroy at http://www.safer-networking.org/en/home/index.html
Ad-Aware at http://www.lavasoft.com/products/ad_aware_free.php
& AVG Anti-Virus at http://free.avg.com/us-en/homepage

In the past it seemed Sematic and McAffee were the only ones with protection and they were pricey and to avoid the cost people would just risk not having one.  This helps everyone to get into the game and protect themselves.

 

There is also a greater awareness of front line security such as passwords.  People are learning that simple passwords are not good enough and they need to choose stronger ones.  If they are not told directly through a friend or other resource they are being told indirectly.  When they sign up for a new service on the web for most instances they are not allowed to choose a simple password, they are being told they need to add numbers and extra characters to it.  For example, HSBC Bank, they have an online banking system.  For online banking we would want to make sure we are safe right?  We wouldn’t want anyone to see how much money we have (or how little most of us have) and who and how much we are paying out.  So HSBC takes that very serious and have put a lot of measures in place to protect us, the consumer.  See the page below and how HSBC protects their customers and the measures they take and how they, at the same time, try to educate on how the users can protect themselves, not just on HSBC’s site, but on all sites.
http://www.hsbc.co.in/1/2/personal/internet-and-self-service-banking/online-security

Then there is also better and cheaper technology coming for the “futuristic” security.  The stuff we’ve only seen in movies before.  The fingerprint and iris recognition type of stuff.  Some laptops already come with a fingerprint pad and software to only allow certain people to use your laptop.  Without this technology what do we have to separate us from all the other John Smith’s out there? Our Social Security Number.  And we all know how risky that is to share that information.  Iris’s and fingerprints are also unique to a person.  So the more this biometric technology is used the less we will have to share our SSN which is definitely a good thing.  See this video for example.  India is using Iris and fingerprint technology to create a biometric database to give all of their citizens an identity. 

All of this will make our virtual lives a little more easy to bear.  We will all be able to be more comfortable using our laptops, cell phones, desktops and other devices.  We should be safer but we all should know that we have to keep educated and use preventative measures to protect ourselves.

I’ve talked about the technology and how the future should look bright for most people but there are others out there who will think that the future is bleak.  They will think that there is no way to fully protect ourselves.  That the “bad” people of the world will always find a way to beat the system and hack us.  They are probably right, but if you look at cyber warfare this way you will never get to fully enjoy the technology available to us. 

Coming from the age where I lived through the world of going to the video store to rent a VHS movie and having to make the decision if I wanted to switch to the Beta tapes which were the movie source of the future I can see where technology has come in a short amount of time.  For a little over 10 bucks a month I can get access to Netflix and watch Movies and TV shows for free streamed to my TV.  For 8 bucks a month I can get access to Hulu to watch more recent TV shows than Netflix.  I don’t even need to go to the video store any more.  This is one example of how technology has improved.  So as technology improves so must the security that protects that technology.  I feel safe in the fact that companies like Microsoft dedicate teams to preventing security breaches before it happens.  That websites like Google and Bing make searching a for virus definitions and preventions so easy.  That websites like Download.com can give me free software to protect myself.  The future is bright, no matter what the naysayers say.  We just have to know how to protect ourselves and keep the light on.

Over the course of this semester I've written in this blog to complete the course.  What will I do with it after the course has completed.  To be quite honest I most likely will not continue writing in the blog.  To me life is too busy to do things such as this.  It’s the same reason I do not use Facebook, play video games, or use blogging sites.  With so much information and technology available you really do have to choose what you want to spend your time on.  Things like these I choose not to.  I do see advantages of the blog but not enough to where I could use it to further myself.  I could not use it in a portfolio because the meaning of a blog to me is to use opinion and a opinion is like a coin.  Some people agree with heads and some people agree with tails but how do you know that the potential employer you are sharing your blog with agrees with you?  Same as the controversy of employers looking at employee Facebook sites.  Outside of the blog I have learned a lot in this course.  Enough that I can say I’m walking away a smarter, more aware person.

Forget Cyber Monday - Lets Look At Cyberwatch Daily!!!

Our final project in the Computer Security class is to team up with a “virtual” classmate and basically create a Public Service Announcement (PSA) about computer security.  It seems easy enough.  Do the research and compile a PSA.  The fun part will be to make it interesting and memorable.  Most PSA’s are boring.  When I hear them they don’t make me want to change anything I do and in about a minute after hear them I forget them.  Defeats the purpose but that is how I react to them personally.  So the challenge to me is, not to just make one with facts but to do it in a way that the listener/viewer will remember what they heard/saw and eventually change their ways or at least remember to do a little research later on the subject. 

Cyberwatch, who sponsor’s the contest is a pretty neat organization.  They are dedicated to protecting all of us common folks online.  With very little protection from the long arm of the law we have to rely on organizations like Cyberwatch to Cyberwatch out backs.  Looking at their site they do a lot.  They do so much they may have already protected all of us in some capacity but we would never have known it.  I’m sure that’s the way they like it.  To protect the internet.

My partner and I chose passwords for our topic.  With so many portals that need a username and password it is nearly impossible to keep track.  So what do most of us do?  We try to use the same one.  I personally have Excel file that I keep all of mine written down on.  I have 57 password links.  For more than half I use the same one.  Just because it’s easy.  Doing the research I first found that using a strong password is important.  Look at this site, http://www.theinternetprivacyguide.com/the-basics-of-creating-strong-internet-passwords.  They tell you that if you get a lot of spam and junk mail daily you may have a weak password.  That makes sense.  If you, for example, use password as your password the people who send junk mail can easily figure out your password.   Look at the below video.  This person is showing us how a simple program can be download and installed to figure out a password.  The first time he runs it, it picks his password right away, within seconds.  Wow.  

 

I also found that there are numerous techniques that can be used to create very strong and easy to remember passwords.  Check out this site from Microsoft.  http://www.microsoft.com/security/online-privacy/passwords-create.aspx.  They’re suggestion is to take a sentence and pick the first letters from each word as a basis, then change it until you have a strong password.  Now you can just add a little to your password to customize it for each site so you can remember.  All you really need to remember is your base password really.  It’s better than making 57 unique passwords in my case. 

This video shows another persons take on it.  It’s really smart but me personally, I’d have to get used to it.  I’ll let you watch the video but it is something that I would have never thought of. 

Our class is all about keeping yourself safe when using technology and to avoid disaster.  We learned how the predators come after us and how to protect ourselves.  When we talk about computers, laptops, handhelds and phones, your first line of defense is your password.  That is why this subject is so important.

What I hope to take out of this project is a little more knowledge about passwords and to become a subject matter expert about it so I can help my friends, co-workers, and others a little smarter about what to do when they click on the link to “Create a New Account”.

P2P File Sharing Is Never Free

Wi-Fi, P2P and copyright infringement.  Some terrifying subjects.  WIFI is a very nice convenience.  You get the internet in your house, you buy a WIFI router, put a password on the access and boom, everything that can connect to the internet can connect wherever you happen to be.  The desktop computers, the laptops with the WIFI cards, the Wii, the Xbox, the iPhone, the iPad.  Everything that you used to have to pay separate for is now covered under that one internet fee (at least while you in the range of your router).  But it’s nice.  A week ago I thought that if I had a password on my WIFI I was protected.  I did not know that there was a layer of security below that that actually protected me.  I checked my setting.  My router uses WPA, not WEP, thankfully.  So I am secure.  I did give my password to my neighbor so they could piggy back on my internet to save them a couple of bucks.  But who knows if she didn’t give that out to a friend who was staying over and that person gave it to someone else.  Sort of defeats the purpose of my security.   So as a result of this new knowledge I have changed my password, outside of that, I think I’m safe.

As far as P2P and the copyright infringement that goes along with that I’m under control on that front.  I don’t do it.  I will definitely not say that I never did but I no longer do it so I have nothing to change.  Why did I stop may be a good question?  I did not stop because my conscious told me to because I was basically stealing.  I stopped because it was a hassle.   I’m 40 years old so when I was doing the downloading it was a while ago, it was soon after Napster got busted and Kazaa and Bearshare was the popular engines.  Internet wasn’t superfast then and 128MB of RAM was high performance.  You were also lucky to have Windows 98 still and not have bought a unit with Windows ME on it too.  I would download music and movies.  Music wasn’t so bad but the quality of the songs were not always great so you’d have to re-download until you got a good one.  The movies were disgraceful.  You’d click on a movie to download and 5 hours later it would be complete.  You open the movie to watch it when you find out you just downloaded a black and white Fred Astaire movie and not the one you intended.  Very frustrating.  Wasn’t worth the time for either.  Then the virus attacks and the malware.  Kazaa told you it was installing stuff which you accepted but some of the downloads had malicious programs attached and the anti-virus could not keep up with the black hatters who did this.  So I gave up.  I didn’t want to waste the time downloading garbage and I didn’t want to waste the time fixing my computer once a week to get it moving over 10 mph again.  To conclude, I don’t use P2P and I really don’t have the intention too.  I’m too cheap to spend money at iTunes.  The reason is with the iPhone there are apps where I can listen to music that I want, and with uTube there are outlets for video entertainment.  I use Netflix for my movies.  I’m satisfied with paying what I pay for the digital entertainment I can get.

Here is a copy of my router settings.  As you can see my router uses  WPA and has a password.  The name of the router is Bubba, has nothing to do with me, my family, or anything else that a passerby could relate to me.

Having done the research on my router I was interested what the local businesses are using for theirs.  So I installed some Wardrive software on my laptop, called inSSIDer and parked my car in front of Panera bread which is in a plaza with Home Depot.  As you can see from the screenshot Panera is a totally open, free, hotspot, network.  Same as a couple of the Home Depot ones.  But outside of their open one’s Home Depot uses WPA also. 

For the purposes of our class at NCCC I’m adding something to this blog that is very interesting with the P2P.  In 2002 Kazaa was pretty much the most popular engine to get freebies.  This article explains something that most of us were not aware about.  http://www.niagaracc.suny.edu:2048/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=6626574&site=ehost-live.  While we all knew they installed stuff we were all so excited to get free music and other stuff we flew by the EULA (End User License Agreement) and just hit accept.  This article tells us that there was something hidden in that EULA.  We were giving permission to Kazaa and its affiliate, Brilliant Digital to not only put a shared folder on our hard drive but to use our computers resources for their benefit.  They didn’t care if your computer was connect to Time Warner or your colleges server, you gave them access to use those resources.  This could partly explain why our computers were so slow back them!  But looking at the article it seems it didn’t take long for the active community to put a stop to it, or at least slow them down.  This is just another example of how nothing in life is truly free.  If you are getting something for free there is usually a cost, it just may not be of the color green.

Internet Security - Who's Secure? Are you?

The big question nowadays is how do you keep yourself safe on the internet.  Ten years ago it was a virus or a Trojan horse that could infect your computer.  Or a Macro from an excel file.  Then came the spam and pop up windows.  Everyone had to buy spam killer and pop up blockers.  As the defense against these attacks got better so didn’t the black hats that make them.  They came up with better ways to get inside your computer and they came up with ways to even use your computer as if it belonged to them with malware and botnets. 

What do all of these things have in common?  They can really only affect you if you do the wrong thing.  If you get an email from someone you don’t know, don’t open it, that’s what the spam filter is for.  If you do open it, for goodness sake don’t click on any hyperlinks.  Just saying this reminds me of when I was doing tech support for Sony computers at a company called Clientlogic.  A psychologist from New York City called.  He was getting the error, Operating System not found when booting up.  We booted to safe mode and looked at his partitions and nothing was there.  We couldn’t even find a C: drive.  I told him he was going to have to re-load the whole thing.  He started to yell at me.  He said he opened an email and all it said was “click the shiny red button” with a picture of a red button.  I asked him what he did and he said, “I clicked the red button of course”, and when I rebooted I got that error message.  This shows the point that you have to be careful with email.  If you don’t know who it is, don’t click it.  Another important thing this gentleman did not do.  He did not back up his data.  He had all of his client records on that computer.  This was in the late 1990’s so to get that data recovered was very pricy but that may have been his only choice.  I think I may have stumbled through 2 points at once but they are both examples of what you should do to protect yourself.

We found in this module that even that most protected person is not totally protected.  If a black hatter really wants to beat you up he will, he will know what the anti-virus companies have detected and he will adjust his program so you are not going to catch it.  He or she knows that eventually they will find a way to detect it and it will only make them work on another way to get to your computer.  When downloading music and movies were popular with sites like Napster and Kazaa there were many people getting snagged with a virus or worse.  You are downloading a song or a video that can easily have an executable attached to it.  Just hope it doesn’t say click the shiny red button when you open it.  It does show you that the black hatters do know what people want, at that time they wanted free music and movies, so may as well make the people pay for their free stuff.  I won’t even touch pornographic websites, as far as I’m concerned the people that troll those websites almost deserve to get their computer messed with.

So what did I learn to do to protect myself better in this module.  Not really too much as I like to think that I’m pretty safe.  When I shop online I really only use two means to shop.  I purchase a lot through Amazon and if I don’t use that I try to make sure the retailer uses Paypal for their transactions.  At least Paypal backs up what they do and that makes you at least think that they are looking at who they use for retailers because if they get too many complaints you would assume that they would stop using that retailer.

I did look at what I do with cookies.  I had mine set with no restrictions.  Plus every time I go to a website where I log in, I let windows remember my passwords.  While a lot of sites don’t allow this the ones that do, I go ahead and let them do it.   First what I did was go into internet options and under browsing history (Windows 7 system), I clicked delete files.  This lets you check the categories you want to clean out.  I do almost all of them but I am including cookies now.  Under the privacy setting I switched it to medium to try for a while.  This at least blocks some cookies. 

Other than that I stick to selectively reading emails from trusted senders, not opening strange attachments and using trusted sites, nothing “seedy”.  For anti-virus I just use Microsoft Security Essentials.  I find that it does just as good as a job as most other sites.  Here is link for a good review on this suite http://www.techradar.com/reviews/pc-mac/software/utilities/anti-malware-software/microsoft-security-essentials-640587/review.

Below is link to an interesting message from Norton Anti-Virus.  It shows one of those worst case scenarios.  A malicious system intrusion that can be devastating to the user.  If you have ever had this one happen to you or know someone who did you know it’s not easy to get rid of.  The problem with these ones is that they usually get to you before a company like Norton knows how to stop it as I had mentioned earlier.  It is nice to see a company trying to scare you into buying their product though.  Who would have thought that for only $100 you can get the whole Norton suite of internet products to protect you from such a heinous thing but at the cost of using up most of your CPU’s resources!!!  (Can you tell I’m not a Norton fan?).

So to summarize, my line of defence is pretty basic for malicious security threats.  I use Microsoft Security Essentials and I have adjusted my internet option settings to limit the amount of cookies that are put in my cookie jar.  To show you some examples I downloaded the program Jing to do some screenshots of my internet security measures.  (I did accept the EULA without reading the whole thing, I hope there isn’t anything malicious in there either!!!). 

Here are the settings I use for the Microsoft Security Essentials.  I run it overnight on Sundays.  I prefer to run the full scan as it looks at more deep folders. 

Here is a shot at the change I made to my cookies on the privacy tab of Internet Options.

Another good thing to do is to make sure you are doing your windows updates.  Here is a shot of my update history, I have it set to automatically check for updates.

Going back to my days as tech support.  One of the tools I always tried was called the system restore feature of Windows.  You can get to it through System tools on your menu or if you are in real trouble but still can boot to safe mode.  If you can boot to safe mode with command prompt you can type in %systemroot%\system32\restore\rstrui.exe  and it should launch the restore.  You have to try everything before putting in those recovery CD’s.  Heres a picture of my system restore.  Not many restore points.  The trick is to try to remember when the problem first started happening and I always suggest trying to find a restore point about a week before the start. 

Identity Theft - Is it still relavant?

Identity Theft used to be a big subject.  It's really no big deal until it hits you or someone you know.  Personally i've had one of my credit cards used for online purchases for a few hundred dollars.  It was pretty easy to take care of but was wasted time anyways.  I had to call the credit card company and advise them of the infraction. They cancelled my card and sent me a new one.  Then I had to go online and print out some forms, fill them out testifying that I did not make the purchases.  I mailed them in and waited.  All the while these charges were still on my card.  By the time they investigated it and wiped it off I did have to pay a little interest on that 300 but just getting rid of it was more than worth paying a little interest.  How do you prevent identity theft?  Even the most careful person could be subject to it.  You can take every precaution.  Probobly the best you can take is to never give your information but if your all like me, the allure of shopping online instead of going to a store is too great.  I'd rather run the risk and put my credit card info on the web than have to drive 45 minutes to a store to get the same thing that I can get without starting the car.  But on the same note we all go to doctors, we all have health and car insurance, we all have memberships all over the place.  Think about how many of those little barcode keychain things you could have if you kept them all.  You give your information everytime you get the Tops or Wegmans bonus card, the Best Buy Club card. Everytime you sign up for online banking or on Verizon to check your phone minutes online your giving some of your information.  You are trusting all of these people to protect it. 

I work at BlueCross BlueShield and a couple years ago we had a big incident with identity theft or at least the possibility of one.  We have alot of people who have laptops as they are constantly on the go and taking their work home alot.  One of these laptops became missing after an employee left the company.  It was the companies job to find out what that person had downloaded to his computer on the hard drive in the course of his working there and to see if he had any potentially important information.  To me, I thought it was pretty cool that a company can have the intelligence to be able to trace somebodys movements on the work servers to see what he did in fact have on that laptop.  So all of you going to school think about that before you do somthing not to smart at work thinking no one will ever know, your ther to work, not play.  Back to the story.  Once the company found who's information was on that computer, it was their responsibility to notify everyone that there was a possiblity their identities were in someones hands.  This was just a potential privacy breech but it turned out to be big.  We offered credit protection at the cost of the company and it seemed liked everyone called in to get that protection.  Our customer service department was buzzing for weeks taking calls and conferencing in the agency to get people set up with their credit protection.  But to these people, they were angry that the people they trusted did not have measures in place to make sure that this could not even happen.  The laptop was never found but there was also never an incident of anyone being comprimised which is good.  What did the company learn from this?  To give laptops to fewer people so they can be tracked better.  To allow no data to be put on hard drives but instead have people working from home connect to the network remotely through a VPN.  And most importantly to encrypt all data on these laptops and add extra security measure just to log onto the laptop.  I think it was an eye opener for the company but they handled it really great.  They accepted responsibility, did everything within their power to protect people who may be harmed and put in the measures to try and ensure that it will not happen again.

Click on the Identity Bandit to see an article about this incident.

BCBS Laptop Breach

So I guess yes, maybe Identity theft is still relevant.  You just have to be involved in it to make it more relevant to you.  Maybe we need some more creative identity theft commercials.  Check these out and reminisce. These were funny, and they actually made you listen to what they were saying and learn a little about identity theft, how could you not listen to these!!!

How does the digital world effect your life? And how do you use social media and is your employer watching?

Is digital commerce for the frugal or the not so motivated person?  I think shopping on the internet give you ultimate power to find a good price.  Where else can you see if the TV on sale at Walmart is actually a bargain when you can log on to the internet and see multiple other stores selling the same TV.   Maybe you can find one cheaper.  Or maybe you don’t want to drive to Walmart, put the TV in the cart, wait in line to pay for it, put it in your car, then lug it home, then carry it into your house.  That sounds like a lot of work when you can buy it online and have it delivered.  For me personally neither of these are the reason I like to shop online.  I like the online shopping alternative because it’s fast.  I don’t have to wait in line, I don’t have to look at different stores or I don’t have to think too much, I just click, order and wait.  So does digital commerce effect my home life.  Yes, it allows me to save time, money and sure, be a little lazy.

Digital communication effects my life at school.  I have a full time job, I own and live in an apartment building, I work part time at a restaurant, I have two children and I even participate in a weekly bowling league.  How can I fit school into this equation?  Digital communication is the way.  The opportunity to be able to take college course online is stupendous.  It fits my schedule because I can maintain my schedule and budget my time to get my work done.  I can use email and Angel to communicate with my teachers and classmates.  It is a virtual classroom.

In my occupation at BlueCross digital literacy is now in the forefront.  Health insurance is a business where there is competition.  The company as a whole is in a spot now where we feel the need to become more literate with technology.  What can we give to our customers that the competition cannot?  Can we build a better website?  Can we offer more paperless options?  Can we use digital means to promote health and wellness to our membership?  These are the questions that we are going through at my work to learn more about ourselves and what direction we need to go. 

Can Your Facebook Account Cost You a Job. 
Click on the Video and See How Well it's Doing for Kim!!!!

 

Should companies look at your social media to judge you as a worker or a worthy employee?  This is really a tough question.  Everyone who uses Facebook, Google+, MySpace or something like this should be aware that they are posting for the public.  They should know what they are doing.  The article, http://www.businessweek.com/debateroom/archives/2008/03/employers_get_outta_my_facebook.html, talks about the pros and cons of employers looking at your Facebook account.  At my work I have only heard Facebook 3 times in 7 years.  Once when they announce they were making their own Facebook page, once when a employee out on disability posted pictures of themselves doing physical activity online and the third time when we were having a labor dispute and Facebook was used as a forum and management was very interested in what they were posting.  I think the most important thing about the second two examples is that nothing from Facebook was used against them, no warnings, no write ups, nothing.  But I do ask myself was this information stored in the back of someone’s mind?  If there is a promotion or preferred work to be offered will they ask one of these people to do it before someone else?  That is not a yes or no question but it should be in the mind of an employee when they post these things.  Especially in a workplace.  You may have your privacy settings so the public can’t see you but if you have 500 friends, your secrets are bound to make it to the wrong person.

I am indeed creating this blog because it is a requirment of this class.  I have always been interested in how these work so it will be a learning experience.  I have never taken the time to research a blog but here we go.