In Europe a new law, the General Data Protection Regulation or (GDPR) is about to take effect. This new law will help insure that Europeans will have increased privacy protections. Preventing many companies from data mining their users personal information. In a phone interview with Reuters yesterday Mark Zuckerberg of Facebook declined to confirm that these new protections would be universally implemented. Skirting the issue. This would imply then that if you don’t live in the EU you will not be enjoying the same protections that millions of others will have by default.
When you combine this and the Cambridge Analytica / Facebook snafu, in which 50 million users privacy was ignored and their experiences on Facebook polluted via ads trying to push a certain political view, it does not look good for the privacy of the average American using Facebook.
So as has been always the case, you will have to be in charge of your own privacy while using the Internet. As these bigger companies are turning computer end users into their primary product.
So implement all the privacy changes that experts have already been talking about for a long time. Use https everywhere, privacy badger, popup blockers, VPN’s and of course go into the privacy setting on Facebook and set them to more secure settings.
Not sure how to do all this? Call your local Computer Expert, RenoGeek.
Seems like cloudflare wants to get into the DNS (Domain Name Server) business. They are promising faster and more secure name resolution along with not storing information for more than a week. Should give google and opendns a run for their money. If you want to try it yourself (at your own risk) change your computer or router settings to 1.1.1.1 or 1.0.0.1 and you can check them out at…
US cert has issued an alert (about 5 years late) regarding Tech support fraud. Where fake antivirus companies pretend to be Microsoft or some other well known company and demand that you must “fix” your computer or be reported or even arrested if you do not immediately comply with their demands for money.
I have written about this for many years, so it is nice to see when the government catches up with the rest of us in the computer support world.
Some of the highlights from the alert are…
HOW THE FRAUD OCCURS
Initial contact with the victim typically occurs through the following methods:
Telephone: A victim receives an unsolicited telephone call from an individual claiming the victim’s device or computer is infected with a virus or is sending error messages to the caller.
Search Engines: Individuals in need of tech support may use online search engines to find technical support companies. Criminals pay to have their fraudulent tech support company’s link show higher in search results hoping victims will choose one of the top links in search results.
Pop-up message: The victim receives an on-screen pop-up message claiming a virus has been found on their computer. In order to receive assistance, the message requests the victim call a phone number associated with the fake tech support company.
Locked screen: The victim’s device displays a locked screen with instructions to contact a faketech support company. Some victims have reported being redirected to alternate Web sites before the locked screen occurs.
The report goes through a few different attack scenarios but in the end comes down to not doing anything a new popup or person cold calling you on the phone tells you to do.
If you see such a popup or get the phone call, hang up and call your normal IT support company to make sure your ok.
You can read the full report here…
https://www.ic3.gov/media/2018/180328.aspx
And as always feel free to call RenoGeek for any tech support question you may have.
Seems with the loss of 5 billion or so in wall street value Facebook has finally found a reason to start taking some of its end users privacy concerns seriously.
Starting with a simplified interface you can now go into the depths of Facebook land and change “some” of the things you are shown while on their website.
If you are a long time user you may wish to plan some “away” time to wade through the hundreds if not thousands of categories that have been connected to your account and I would definitely suggest that you expand the settings to view to find all the ways the big “F” has been tracking you.
But if you take the time and go back once in awhile to review what new things they have learned about you delete them. You can keep what they know about you to a minimum.
Of course if you don’t have a reason to share everything with everybody on the planet you can also change the settings so that only your friends can see what you post.
At any rate it might be fun to see how much Facebook as learned about you.
(or not).
You can review and change your Facebook Ad privacy settings here..
Windows Spring Creators Update will feature a new utility called Timeline. It will let users see in chronological order all the activities they have performed on their computers. While this utility is being touted as something of a super “recently used” list. It may turn out to be a privacy issue. As anybody logged into your account will have an even easier time seeing what you have been up to.
While Microsoft says users will be able to change the settings of Timeline to show less (or no) information, it will as most settings on Windows 10 systems be buried. Meaning many if not most people will have little clue as to where they can adjust what is saved and shown.
I predict that this utility will be used against end users in a number of ways. Bosses at work demanding to see this log from workers to check up on them. (easier than asking the IT department to keep tabs on people).
And even IT support scammers using it instead of event viewer to give the impression that hackers are tracking their every move. In addition this provides a new attack vector for fake system utility programs. Claiming they will “clean” this new tracker and instead infecting users unknowingly.
Hopefully the good folks in Redmond, WA. Have already considered these possibilities and will provide some kind of hardening of this new program to prevent misuse of this utility.
But as with web browsers and email it will once again be up to the end user or their IT support staff to monitor and clean out the digital junk this new utility will create.
Cambridge Analytica is in the news for allegedly stealing user data from Facebook and then using it to help the GOP in the 2016 election. In short they took user data from Facebook profiles while users were interacting with a personality quiz.
While this company claims that they did not violate Facebook’s rules on how they handle data and that they also complied with their own “privacy” policy. It just goes to show that when using almost any “free” service online, you are paying for it in the end by supplying information about yourself to that company and any 3rd party they share or sell that information to.
While this case seems to deal primarily with people clicking on a Facebook link and then going to a 3rd party website to take a quiz. There are many ways that Facebook (or the companies they “work” with) can take (steal) your data.
So how do you protect yourself while in “Zuckerberg Land”? There are a number of ways to limit (but never eliminate) the chances your data ends up where you never expected it to.
Limit what information you share in your bio:
Do you real need to put every school you went to? Where you worked or work at? What your favorite restaurant or movies are? How you voted last time around? The State and city you live in? The more information you give away, the easier it is to collect and then refine what is know about you. Share less and be safer.
Change the privacy settings on Facebook:
Click on the help icon then settings and then privacy. Under “Your Activity” change your settings from “public” to “friends only”. Look at the other settings and decide what levels you feel comfortable with. For me I don’t wish to share my phone numbers and other info with strangers.
Don’t play that Game:
Every game, survey, quiz and who were you in a past life link on Facebook is for the most part paid for by an outside company. And that company somehow needs to pay to run the website that said link game or quiz is running from.
Most companies don’t give away stuff for free unless they are somehow going to make money from you. So the vast majority of these companies are gathering your information and selling it. Don’t play the games and take the quizzes and they will have less of your information.
The Takeaway:
The less information you give to Facebook (or any company online) the more privacy you will enjoy. So the next time a Facebook recommend or sponsored post appears in your feed offering to show you what Egyptian Pharaoh you were in a past life pops up. Keep scrolling…
It seems that the computer security company CTS has found 13 different flaws in modern AMD CPU’s. So for thoses that were going to jump off the Intel ship and switch to AMD, it may all be for not.
While I won’t get to far into why CTS released this information with only one days notice to AMD (and giving them no chance to repair the issues). It just highlights the need for much better testing of all CPU’s before being released for general use.
It also shows us all the need for more than just one or two big companies controlling the manufacture of most of the worlds CPU’s. As this forms a security bottleneck, where the failure of these two companies now jeopardises the security for almost everybody using a computer on the planet.
The fixes I predict, will take the same path as Intel’s did over the last few months. Deny a major problem, have O/S and software manufacturers try and patch things and then come out with their own firmware patches to address the issue.
But in the end these companies loose little because when they do come out with new “fixed” chipsets, people will flock to buy up the new, more “secure” CPU’s.
The big losers here are the companies and end users that will have to contend with less secure machines and the slowdowns of said machines once the patches are released.
As always make sure your IT staff or your personal computer technician or shop is up to date on these problems, so that they may protect both you and your company.
Every website you go to, every app you install and each social media account you open, more than likely has a privacy policy. The fine print as it were, that you must accept if you wish to use most modern services today. They are even baked into Microsoft Windows (I see the disclaimer each time I setup Windows in my computer repair shop), the ISP you used to get here and read this, your credit card issuers, banks, your home, car and student loans. As well as TV’s that can stream movies, Alexa and too many other products to list.
But of course these agreements let you know about the many protections these companies take to insure what they learn about you never gets out to the real world and that all your information is safe and sound with an army of employee’s guarding it with their very life’s, right?
To bad that is not the case in the 21st century. These privacy agreements let most companies sell, share and use your information almost any way they want. All those “free” websites, accounts and apps are paid for with every click you make and each cat video you watch. Ever notice after watching a bunch of videos about a subject, you see ads for something similar for weeks afterward? That’s your “privacy” in action. And it’s all legitimate and legal. All because you really “read” all the pages in your EULA and the Privacy policy, right?
Some of these documents can contain north of 100+ printed pages. So companies know they are safe stuffing almost anything they want into these “fair warning” agreements.
But while all this is bad enough, the really scary part is in many (if not most) cases deep, deep down in this document will be something to the effect of this…
“From time to time we may share some (or all) of your information with our partners, suppliers and on occasion with law enforcement or other legal entities that may have jurisdiction over data we have collected about you.”
And all these different companies and agencies in many cases are free to do whatever they like with your information once they acquire it from the primary company you shared your data with. In other words once one company gets your information in can then be shared or bought by other companies, who can then share or resell it to yet other companies.
So the fact that you might stay up every Friday night watching cat’s in tuxedo videos at 3am while also on review websites for the best pot shops in California could, after being shared over and over with different companies, end up being bought by your car insurance company that now raises your rates out of the blue because you have a higher risk of driving while under the influence.
The gist here is that you should read all agreements before clicking on the “agree” button. It might not be worth installing the next add rabbit ears to all my face shoots app, if your giving up information you never thought anybody can or should see.
As an example, here is a link to paypals “3rd party list”. They only share with 500+ companies. What could go wrong?
A study by CyberEdge, a computer security company. Found that only about 45% of the companies that try to pay off Hackers to get their files back, ever see their data again.
While not a huge surprise to me that some criminals turn out to be dishonest. It will be a great disappointment to the company or end user that probably spent hours, if not days trying to figure out how to turn cash into bitcoin in order to pay off the hackers. And then trying to navigate cyberland to then get that payment to said hackers. All for a less than 50/50 chance of ever seeing their files again.
The same study found that close to 90% of the companies and end users that made good backups on a regular basis were able to re-install their operating systems and recover the majority of their data from their backups.
For me it’s a no-brainer to do things right in the first place and make good backups that guarantee a much higher degree of recovery, at much less cost to you or your company in the end.
Backups are nothing more than a insurance payment to the future, when malware, ransomware or a failing hard drive can (and probably will) have you wishing you took the time to set up a good backup policy.
I know this to be true, because I see almost daily the results first hand of what happens when poor or no backups are made. And in the end it is much cheaper to make good backups now, than to pay off hackers or your employees to recreate years worth of lost data.
If you do not have a good backup plan in place (or don’t know if you do). Call RenoGeek today to setup a plan that will give you peace of mind.
A critical design flaw in Intel based CPUs, going back ten years has been discovered by security researchers. Who have coined the name “meltdown” to describe the bug built into most Intel based chips and by extension most of the worlds computers.
The flaw allows the Kernel memory in most x86-64 operating systems, Windows, Macs and Linux, to be accessed by specially written malware that could then provide a users data to an attacker or allow the attacker to install other software on the compromised system.
While Intel has ramped up its PR machine to downplay the flaw. I find it a bit odd from an ethics viewpoint that their CEO Brian Krzanich, sold 24 million dollars in stock options AFTER Intel was informed of the flaw by Google. As reported by Business Insider…
As a physical replacement (after a redesign) of every CPU sold in the last ten years would be almost impossible to accomplish, its going to have to be a software fix implemented at the operating system level to address this blunder.
Linux programmers already have a Kernel replacement being tested while Apple and Microsoft have made statements their operating systems will be patched in the days and weeks to come.
But due to the nature of the flaw all these fixes will have to bypass or change the way the O/S will address each systems Kernel memory, resulting in a system slowdown of anywhere from 5% to 30%.
So for some end users their computer may lose close to 1/3 of their speed overnight, after the respective patches are applied to their operating system. All to address Intel’s massive screw up.
I am sure the lawyers are already preparing their class action lawsuits as I write this. But it won’t be much help to the regular computer user.
And from a computer repair and support viewpoint, this will mean IT support departments, computer stores and independent computer repair technicians will start to soon receive a large influx of support calls from users that have no idea Intel’s bug is the cause of the coming slowdown and will demand a fix.
And unfortunately one will not be coming soon from Intel, as it takes years to redesign and re tool production for a new or at least updated CPU. And while many people may run out and buy a new computer once they discover their current computer’s performance hit after the patches are installed. It will not really do that much good if they try and get a system with the same specs as they had before. As the chips will still be defective.
UPDATE 1/10/18
While Apple, Microsoft and others have pushed patches to address this issue, it seems that these fixes are not ready for primetime just yet. With AMD chipset users and other systems that use certain antivirus products either being bricked after being updated or stuck in a reboot loop.
At this time as no real world attack has been demonstrated to be out in the “wild” just yet. It may be a better idea to wait to install these patches until they can be demonstrated to be working on the vast majority of systems. Not 100% safe, but better than bricking your system. I am sure in the weeks to come working patches will become available.
