Category: Safety

Serious OS-X and iOS Security Vulnerability Completely Opens Up Your ALL Your Secure Communications

Rotten_plus_GreenApple

It had been know for MONTHS that there was a serious security flaw in iOS and possibly the latest version of OS X that could allow attackers to surreptitiously circumvent the most prevalent Internet security protocol – TLS/SSL and and Security Certificate validations. The issue is a “fundamental bug in Apple’s SSL implementation,” This can allow attackers to view ANY of your ‘secure’ Web communications. This includes e-mail, banking sites. Facebook etc..

Apple finally released an ‘emergency patch’ to the latest version of iOS last week, but it appears that the flaw affects more than just Apple’s mobile platforms. It actually affects the latest versions of OS X – Apples latest desktop Operating System too!!

If you have an iDevice I’d recommend backing it up; via iTunes or any of the other methods I’ve previously recommended. Then checking for any System Updates. Tap Settings > General > Software Update. Then download and Install to download the update. [Updates might download automatically while your device is connected to Wi-Fi and a power source.]

As for you Desktop computer, well there lies the rub. Apple appears to have at first done the usual – deny, then downplay, then finally admit there is a serious problem and ‘promise a quick fix/patch’. [It’s really crazy that they are able to get away with this so often; I guess those reporting are too busy licking Apple sack….but I digress]

So what to do..

If you use the Desktop Apple Operating System – OS X you should always use the latest versions of Chrome or Firefox for internet browsing to help mitigate some of the possible exposure. [I NEVER use Safari and always recommend to all my clients that they don’t either]. Even if you’ve take the latest update on your iDevice I’d still recommend I’d recommend Chrome for iOS.

Here one of the latest articles I’ve found with a VERY good explanation. You should at least read this! But I’d recommend hitting all my sources.

Be safe folks!

Sources to read 1, 2, 3

Disable UPnP to Protect Yourself from New Security Hole Found in Wi-Fi Routers.

If you don’t know. And most of you probably don’t. There is a major security flaw that has been recently aggressively exploited. It could allow people with malicious intent access your system(s). Mac, Windows PC and Linux, all are vulnerable because this is NOT a OS flaw, but a router flaw! So please don’t think you are safe just because you by into the belief (very wrong by the way) that ‘your’ type of Operating System ‘doesn’t get infected…’.  Scans from security companies have shown about 50 MILLION vulnerable access points already.

It is strongly suggest that end users, companies, and ISPs take immediate action to identify and disable any internet-exposed UPnP endpoints in their environments.
UPnP is pervasive – it is enabled by default on many home gateways, nearly all network printers, and devices ranging from IP cameras to network storage servers.

Rapid7.com has an online tool here  that can check the external interface of your router and let you know if you are vulnerable.

To fix/resolve this issue all you need to disable UPnP on your wireless router.
Since each router is different, you’ll need to login to your wireless router’s admin panel (use the manual to figure that out), and then find the UPnP setting. This may require someone with more skills (like your teenager) or an IT professional (preferred method) to turn this off for you you. But however you do it, please do it.

Be safe. Smile

Avoid Internet Doomsday: Check for DNSChanger Malware Now

Some background:
The DNS system is a network of servers that translates a web address — such as http://www.google.com — into the numerical addresses that computers use to locate actual websites, computers and servers. It is known as the Internet’s phone book, which translates URLs to the IP address for the server hosting the Web site. This is not only true for Web sites, but also for any other Internet-based service being used, including servers for e-mail, backups, synchronization, chat programs, and calendars AND antivirus programs to update themselves.

Back in November, law enforcement authorities working with the Federal Bureau of Investigation arrested six of the seven individuals in Estonia responsible for infecting millions of Windows and Mac machines worldwide with the DNSChanger Trojan. As part of the “Operation Ghost Click” raid, FBI agents also seized over 100 servers at data centers throughout the United States masquerading as legitimate DNS servers.

If the FBI were to simply shut down the DNS network, then the millions of computers that had been affected by the malware would instantly no longer be able to access the Internet, and given the scope of this malware infection, would suddenly cut off many and very likely have a notable negative impact globally. Being infected with the malware, these systems would not benefit from users checking for and changing their DNS settings, since the malware would continually revert it and thereby continually disrupt communications.

To prevent this, the FBI instead chose to keep the rogue DNS servers active and convert it to a legitimate DNS system for infected computers. Since November 2011, there has been a campaign by the government, security agencies and MANY high profile internet service providers (ISPs) to notify users of the DNSChanger malware and offer services to help users identify systems that are infected.

Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.

To quickly and easily see if this may affect you and what you can do about it visit this site

Click on the link in the middle of the page and you will be notified if you are currently infected.

If you are infected/compromised you can visit this page for resolution tips and instructions.

Remember this trojan/virus will affect PC’s AND Macs. Better safe than sorry. Or you could always call me for a hou$e call when your system won’t connect to the internet.

You can read the FBI’s page here.

Google has one here

Facebook also has one here.

Thoughts on Privacy, Anonymity and Security

One thing I deal with a great deal in the information/technology  and security field are the very separate concepts of privacy, anonymity and personal security.

Do you think that anonymity and privacy are the same things? Wrong. Do you think that because you are anonymous your information is secure? Wrong There are differences that are important when we want to distinguish what methods you need to protect yourself from attackers and surveillance. Let’s define anonymity,privacy and security. First the definitions:

Anonymity typically refers to the state of an individual’s personal identity, or personally identifiable information; being publicly unknown. Or a condition in which an individual’s true identity is unknown. Read more here

Privacy is usually thought of a person’s right and or ability to control access to his or her personal information. Read more here.

Computer (and ‘information) security primarily means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. Read more here

So anonymity does not equal privacy or security. Let’s see two examples:

In the first example say you are using a proxy server, a VPN service or Tor to surf anonymously (these offer different levels of anonymity). Your true (or should I say ‘originating’) IP address and therefore your identity (computer/network wise) is hidden. Someone who watches the traffic between your computer and the network cannot see your true identity. However, he can see the traffic and therefore gain access to your personal information. In this case your anonymity is safe but your privacy is not. Worse still, your personal data can contain information to identify you so that both your anonymity and privacy are undermined.

In the second example you protect your data using both data encryption and a secure protocol such as SSL. You control who has access to your personal information. The actual packets of digital information are hidden/encrypted and the information therein cannot be accessed. However, if you don’t protect your anonymity an attacker will know who you are. This might help him in password and social engineering attacks or allow a law enforcement agency to force you to reveal your passwords and lose your privacy.

For true online safety, both privacy and anonymity must be secured.

There are literally thousands of more detailed articles available to you by doing a simple search on Google, Bing or Yahoo or whatever on “privacy vs anonymity”. There are guys who’ve written their PhD thesis’ on this subject, so there is obviously loads of information available if you want some greater depth than my simple explanations.

But I just wanted to remind you to do some of the simple things that can mean a great deal.

  • 1st. And foremost get some kind of security software or suite (Symantec, McAfee, Trend Micro, MalewareBytes, Eset, MS Security Essentials etc.) AND KEEP IT UPDATED AUTOMATICALLY!!.
  • 2nd. Keep your Operating System updated.
  • 3rd. Keep your browsers and especially the plug-ins (like Adobe Flash and Acrobat) updated.
  • 4th. Use ‘HTTPS’ on ALL your important communications like email, Twitter, Facebook etc. For Facebook look here. You should also use something like ‘no script’ to ensure https connections.
  • 5th. Clear out your internet cache every time you close your browser. You can set all the common browsers to do this automatically or use one of my favorite tools – CCleaner. There is even a Mac version which I wrote about recently.

It is nearly impossible to be truly anonymous and completely private. BUT you can have some security in both of these with a little diligence and common sense. Read some of my other posts on security for other more detailed information.

Please practice safe and secure computing.

More on backups and archiving

“UPDATE!”

After a few weeks of removing loads of nasties from Windows and Mac machines and recovering data from dead or corrupted drives from both types of systems because of malware/viruses and hardware failures, I thought I would republish this.

I must ask you – in this digital age what price will you put on your data?! You family pictures, you financial documents and communications – everything? I don’t ask this lightly. For only a couple of hundred dollars you can KNOW that you will be safe!

People PLEASE HAVE A SYSTEM BACKUP – COMPLETE AND TESTED!!

I have been asked again to explain in more detail with examples of how I personally backup/archive my data. My previous article is here and should be read first.


So here it is in a simple, I hope, form.

I have two external HDDs (actually many but for example this will work) I use Acronis as my primary imaging software. If you use OS X you can use Time Machine, Carbon Copy or Apple’s built in disk image utility. I covered these in the post above.

To create my images I use an external HDD mount, like this.  with drives something like this or this. You can mount the drives in your system if you like or use any other external type of drive. I just like the ease and economy of this set up. It also makes it easy to just take the drives, place them back in the protective bags they come in and put them( rotate) into a safe deposit box.

I create a full image of my system on external HD #1 on Jan 1st  – HD01_Jan_image01.tib
On Jan 2nd I create a full image of my system on external HD #2 – HD02_Jan_image01.tib

I now have two images on two separate drives.

At the end of week one for the month I create an incremental backup to external HD #1 – HD01_Jan_image01_02.tib (or whatever Acronis auto names it.)

At the end of week two for the month I create an incremental backup to external HD #2 – HD02_Jan_image01_02.tib

At the end of week three for the month I create an incremental backup to external HD #1 – HD01_Jan_image01_03.tib

On the 1st of the next month I create a new FULL image to HD #2 – HD02_Feb_image01.tib. Once that image is created I can then delete the previous months images ON THAT drive.

On the 2nd of the month I create a full image to HD #1 – HD01_Feb_image01.tib. Once that image is created I can then delete the previous months images ON THAT drive.

This assures me that if my system were to die AND one of my external drives failed I would lose no more that two weeks of data – usually just one week or less!

You should also copy or store one of the external drives in a fire safe or safe deposit box for true disaster recovery!

As with any good backup plan you should regularly test your backups! Either do a full restore (highly recommended) or at least validate and mount your images to insure they are fully readable.

If you wish to, or have to, for compliance issues (corporations) you can archive your monthly images to additional external drives. I do. I have images of machines that are long gone (some over ten years!) and I have been able to retrieve data I needed very easily and quickly. In fact I needed a Photoshop file recently that I was able to retrieve from one of my images of an old Mac G3!!

Archive3

I hope this helps. Please don’t be the person who loses important personal, family or business data because you couldn’t take a little time and effort to set up a backup and recovery plan. The costs and time are insignificant when compared to the cost of loss!

Massive Data breach again – protect yourself

The names and e-mails of customers of Citigroup Inc and other large U.S. companies, as well as College Board students, were exposed in a massive and growing data breach after a computer hacker penetrated online marketer Epsilon.

The list of companies is HUGE! TiVo, JP Morgan Chase, Capital One Financial, US Bank, the Kroger grocery chain, teleshopping company HSN Inc., Verizon Communications Inc, Blackstone Group LP’s Hilton Hotels, Kraft Foods Inc, and AstraZeneca and more.
According to the reports only email addresses and name information was stolen. So you may just get an extra does of spam. But you can never be sure.

You can read more about it HERE and HERE.

Update Even more news here!

My advice is to reset your account passwords if you use any of these merchants and as always, use extremely strong passwords – preferably using applications like LastPass or KeePass to create super strong passwords and manage all your accounts information.

Either of these apps should be used by EVERYONE anyways. LastPass being the easiest for most.

Keep safe folks!