Tuesday, October 29, 2013

Safe browsing tweet from Google this morning

I thought I would pass along Google’s own statement on safe searching (which it says is built into Chrome, Firefox and Safari), which the company reminded followers about on Twitter this morning, with this link

My own recent experience is that Webroot is fairly aggressive in identifying suspicious sites when going to them.  My Toshiba Satellite P875 goes to a Toshiba news site by default when I open Internet Explorer 10, and once in a while Webroot flags an ad on that site.

Yahoo! Safe search and Firefox searches, when MyWOT and McAfee Site Advisor, are fairly effective in warning about sites that have been flagged.  But several times Webroot has flagged sites not identified as risky by any safe search.  

This morning, Webroot flashed one warning on a Blogger panel, but the warning disappeared. Not clear what happened.  The Securie Anywhere panel says no active threats have been detected. 

Monday, October 28, 2013

Phone scams offering tech support --- be wary

Local media are reporting telephone scams for personal computer technical support, as written up by Microsoft here
Some callers claim that they will shut off your computer remotely if you don’t work with them.

I got a phone call on a landline (which I don’t publish on my sites) purporting to be from AOL last spring.  The caller started talking about wanting me to change AOL settings, and curiously Comcast XFINITY didn’t screen and identify it.   I did hang up on it.  But it is true that my subscription had expired because a credit card had not been updated after it was lost.   

Thursday, October 17, 2013

Facebook stirs controversy by allowing minors to change settings to public

Facebook has made another change to its privacy policy, setting the default settings now to “friends” for all new minor users and letting anyone (including minors 13 and over) change the setting to everyone.
Previously, the setting for minors had been “friends of friends” (second degree, or one degree of separation). 
Apparently some people are concerned that minors should not be able to post publicly to everyone. They fear that minors do not grasp the permanence of digital postings and of online reputation, but even “whitelisted” postings often get passed around.
CNET has the story here

New users over 18 still default to “public”.
The “Inside Facebook” story is here.

There is a story on NOLA here

Blogger has a minimum age of 13 and I'm not aware of any requirement to mark a blog private.  Google+ originally had a minimum age of 18, but was changed to 13 and apparently restricts postings to friends.  

Wednesday, October 16, 2013

Teen social media tragedy highlights social media security problems as well as possible Section 230 issues

Section 230 concerns may well be raised again after the tragic self-inflicted death of Rebeca Sedwick near Winter Haven, FL after online bullying.

But the 14 year old girl arrested for cyberstalking denies that she made the Facebook post that led to the tragedy.  She claims her account was hacked.

It may be that someone else got her password, and there is certainly a case for Facebook’s initiating two-step sign on, as has Google.  Banks should do it, too.  But it’s more likely that she was on a public computer somewhere and left herself signed on.  Although her attorney says she claims she hadn’t been on Facebook at all.

The question as to whether service providers should share responsibility for harmful use of their sites is bound to come back again because of this case.  But here, it seems as though maybe site security was the issue, rather than censorship, as is usually the case when Section 230 gets discussed.
The CNN story is here.
CNN mentioned that there are many new sites which cater to teens besides Facebook, and that parents need to know what their kids do, but parents have a hard time keeping up.  Chris Cuomo on CNN suggested strengthening parental liability laws.  Many of these sites would have security issues.
Why do 12 and 13 year olds need to be on social media, anyway?  Why aren’t they learning to relate to one another in the real world first?  It’s dangerous if kids believe that their social standing depends on the count of social media “likes”. 
This case, however, needs to be followed, both from the viewpoint of security and possible changes in downstream liability laws in the future. 

Sunday, October 06, 2013

ABC discusses the "CP" ransomware problem, and warns on 5 links never to touch

ABC News has a story on “The 5 Deadly Clinks: Links you should never touch”.  The article starts by discussing the ransomware scam that puts child pornography images on your computer.   It is said to come from Russia. This was discussed on here Sept. 23. 

The five most dangerous links are (1) unfamiliar mobile apps (2) Remote access, pretending to be ISP employees (I once got a suspicious call pretending to be from AOL) (3) Paying attention if visiting porn, with a warning that intentionally clicking on sites known to have “illegal” content (or providing the hyperlinks) can send you to prison (4) authority scams supposedly from banks (5) pharmacy and drug spam.

ABC’s story (by Adam Levin) is here.
On tip 3, remember that Wikipedia reports that the FBI sometimes runs stings to see who will “knowingly” click on illegal content.
Be careful, too, that accidental clicks are more likely on smartphones or touchpad laptops.


Friday, October 04, 2013

Federal indictment issued against some members of Anonymous for DDoS attacks against anti-piracy interests

The major media outlets are reporting on a big federal indictment, from the US district in Alexandria, VA, against thirteen members of the computer hacking group Anonymous, accused of engineering DDOS attacks against major parties who spoke out against piracy, especially through file-sharing. 
NBC News has a story, with a link to a PDF of the indictment, here

Any federal trial would be held in Alexandria VA and people who live in northern Virginia would be eligible for jury summons.  It would be a good question as to whether personal or professional experience with intellectual property issues would disqualify jurors, as would the possibility of a US attorney on the case knowing a juror personally through happenstance.  These sorts of possibilities may be more likely in a case like this than usual.
Reuters has a story by David Ingram on the Chicago Tribune site, here
Most attacks discussed in the indictment seem to have been done with phishing and getting home and small business user computers infected. 

News Super World also reports that a Reuters journalist was indicted separately.