Category Archives: security

How to secure your home computing environment.

Google:Weak Passwords Are Weak Link

Google capital G logoA recent CNet.com article reports that “At its I/O conference, two of Google’s top-level security experts, the director of security for Google Apps, and the head of Chrome security;  say the company is intensely focused on the issue, but passwords remain a thorny problem.” The “company”, Google, being intensely focused on security; in my opinion, remains to be seen. However, they stated “Unfortunately the human is often the weakest link in security.”

What a smoke screen! Instead of owning up to royally missing the boat on Google apps for the Android available through Google Play store, they talk about Continue reading

Advertisements

Leave a comment

Filed under Google, Internet Security, malware, passwords, security, software

Combat Soldiers To Get Android Phones

Android Phone LogoThe US Department of Defense announced recently that it has approved the use of Samsung phones running a “hardened” version of Android. Android!! The smartphone operating system that has been the target of hackers since it’s inception! The same one that has been plagued with malware-laden applications from Google Play App Store! Continue reading

2 Comments

Filed under Cybercrime, Google, In the News, Internet Security, malware, security, Warning

U.S. Dams Database Hacked

Abstract Fantasy Pink world mapSensitive information on 79,000 major U.S. dams has been compromised by a breach by Chinese hackers. The database contains information on vulnerabilities of every major dam throughout the U.S. You may be thinking; so what, dams are pretty non-exciting huge chunks of concrete and rock. Why would the Chinese, or anyone else, want this information? Continue reading

2 Comments

Filed under Cybercrime, Internet Security, security, Warning

Two-Step Verification:Know What It Is? You May Have To Soon.

Security my accountWhat is two-step verification (or authorization), and why are WordPress, Google, Microsoft, Dropbox and others proposing we use it?

Two-step verification (or authorization) is a security tool to protect your Internet accounts from being compromised even if your password is stolen. Continue reading

2 Comments

Filed under Cybercrime, Google, Internet Security, passwords, security, Warning

Internet Security: Do You Sandbox?–Updated

Vault with Safe-deposit Boxes InsideI’m reposting one of the all-time most popular articles I’ve written on this blog (it is third most popular). I’m doing so because our newer readers may have missed it and because using a sandbox is one of the most effective Internet security tools that can be used to protect your computer.

A computer security sandbox is a virtual computer environment which resides on the disk of your computer. By virtual, I mean a totally operable “computer” that is created and controlled by software and looks and feels to other software packages, browsers, and yes…malware; just like a computer—but it’s not. And…here’s the best part…the sandbox is completely controlled and sealed off from the rest of the host computer. So, if you were browsing the Internet using a sandbox and a virus got by your firewall and anti-virus protection and infected your virtual “computer” sandbox; the virus would be contained within the sandbox and at the end of your browsing session would be deleted without causing any harm to your real computer. Continue reading

4 Comments

Filed under How-To Corner, Internet Security, malware, security

Cyber Warfare: NATO Gets Serious

The Huffingtonpost.com blog has reported that the North American Treaty Organization “has released a ‘handbook’ to try [to] codify how international law applies to state-sponsored hacking, and its role in future wars.”

Just as the Geneva Convention has provided guidelines for conventional war fighting,  NATO’s cyber war law is designed to provide guidelines for cyber war fighting among nation states.

It reportedly contains some noteworthy provisions. It allows nations to respond to a cyber attack “that causes death or significant damage to property” with conventional weapons. It also provides that “An act of direct participation in hostilities by civilians renders them liable to be attacked, by cyber or other lawful means. Additionally, harm to direct participants is not considered when assessing the proportionality of an attack (Rule 51) or determining the precautions that must be taken to avoid harming civilians during military operations (Ruses 52 to 58).”

I think this means that a nation could respond to a cyber attack that causes property damage with missiles, tanks, military troops…and whatever. And it goes on to state that such an attack can be disproportionate to the damage of the cyber attack in its nature, ergo the use of missiles, tanks, military troops…and whatever.

It seems to address their knowledge of the seriousness of cyber war and  has the objective of putting current and future nation hacktivists or cyber warriors on notice that they will personally pay, possibly with their lives, for such an attack. Pretty serious business.

“The manual is not an official Nato document, and according to experts there is still no wide consensus on many aspects of how the law applies to online attacks.

The handbook was drawn up by Nato’s Co-operative Cyber Defence Centre of Excellence, who worked with 20 lawyers, the International Committee of the Red Cross and the US Cyber Command.

The three-year project is the first full attempt to decide how international law applies to online conflict.

It was launched in 2008 after attacks on Estonia from hackers inside Russia caused damage to infrastructure.

The book includes 95 “black letter rules” detailing how states can carry out and respond to cyber attacks within the boundaries of international law.”

The bottom line here is that this kind of approach, while admittedly heavy-handed, may be the only approach to stopping the runaway lawlessness which is today’s Internet. Any cowboy geek with a computer and access to the Internet can easily break our laws steal our money. The next step should be that a similar approach be taken against cyber criminals who steal our money. I’m not suggesting they be nuked, but I am suggesting that they be pursued by law enforcement agencies with the same tactics and lawful ability as if an armed and dangerous criminal. We need to get serious about stopping the lawlessness; and saving the Internet.

Reference: Huffingtonpost article

Be very careful…it’s dangerous out there.

Please comment on this article; we all learn from each other when our views and opinions are shared.

I hope you enjoyed this article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Remember, personal computing is a blast…keep it productive and enjoyable.

Best regards,

Paul

paulsinternetsecurity(at)yahoo.com

I’m also on Twitter, @PaulsInternet.

Images courtesy of FreeDigitalPhotos.net and FreeByte.com

Leave a comment

Filed under Cybercrime, Internet Security, security

Cyber Spying: Chinese Army Group Are Tip Of Iceberg

Security Binary DataA recent article in the Guardian.co.uk states that the recently reported Unit 61398 cyber spying group is but  “the tip of an iceberg of cyberwarfare that is now rising dramatically into view. …This is what Unit 61398 really represents: not just the ambitions of a stirring China, but the growing to maturity of a new ecosystem of warfare, espionage, activism and criminality. Last week a retired CIA director, Michael Hayden, compared it to the dawning of the atomic age at Hiroshima, saying: Continue reading

Leave a comment

Filed under Cybercrime, Google, Internet, Internet Security, security, Warning