Since the 1990s I have been very involved with fighting the military "don't ask don't tell" policy for gays in the military, and with First Amendment issues. Best contact is 571-334-6107 (legitimate calls; messages can be left; if not picked up retry; I don't answer when driving) Three other url's: doaskdotell.com, billboushka.com johnwboushka.com Links to my URLs are provided for legitimate content and user navigation purposes only.
My legal name is "John William Boushka" or "John W. Boushka"; my parents gave me the nickname of "Bill" based on my middle name, and this is how I am generally greeted. This is also the name for my book authorship. On the Web, you can find me as both "Bill Boushka" and "John W. Boushka"; this has been the case since the late 1990s. Sometimes I can be located as "John Boushka" without the "W." That's the identity my parents dealt me in 1943!
Tonight, for the second time in two weeks, I got a phishing email on a failed delivery of a FedEx package. The other one had come when I was expecting a package. The giveaway is that it had a zip file attachment.
It's a good idea if you have a UPS store address to have it email or text you when it receives a package, so you know what is legitimate.
DHL has had similar issues.
Tonight, when going to a non-existent blog posting on a reputable site (tech republic) an ad (for a "for-profit university" was served, as well as a bizarre xyz domain registration page. The trace showed loading of an ad service platform tnctrx (located in Loudoun County VA). No harm was done, but the site seems to have a little "malvertising" resulting in adware that went bad when loading. Trend Micro did not find any problems (processes or files) or flag anything.
Also, today, a Trend component coreServiceShell.exe was found to have crashed after finishing a routine full scan successfully (windows 10). Trend worked normally upon restart of Windows 10, which had just done a scheduled update cycle today.
Parents, or people who take on roommates or housemates, or rent out rooms in a home, or who even may offer more radical services like housing asylum seekers, might be concerned about the possibility that others could misuse their routers for illegal purposes. These could result, for example, in getting warnings from an ISP about copyright infringement or, in more extreme cases, child pornography, which can be detected automatically by places like NCMEC.
Most abuses, if they happen, are likely to have occurred through P2P file sharing or services like BitTorrent.
Can property owners protect themselves by monitoring router traffic?
This sounds like a topic about which there is mixed advice around.
ISP’s like Xfinity certainly have a record of all the IP addresses accessed by your router, but they don’t appear that easy to get at, at least according to this article.
Xfinity now sends combined router-modem units that take about an hour to set up. The process does work if you follow the directions exactly. You should wind up with a strong password (which you should save off line even in hardcopy) and WPA2 security standards. This is supposed to be OK.
You can implement a modern anti-virus package that screens websites. Right now, Kaspersky and Trend seem to be the strictest in protecting users from drive-by sites. But “the best” changes every year, with every visit to Best Buy and Geek Squad.
One idea could be to install OpenDNS (and here). But this does not appear to be possible at the router level if you have a combined unit. However it can be installed on individual computers, and may offer more protection against illegal activity than standard anti virus.
OpenDNS at the router level, if possible, could protect the homeowner from incidents where someone outside the home somehow hacks into the router. This may be more of an issue in apartments and condos (as has resulted in arrests of renters in Florida and New York State on at least two rare occasions). In detached homes, good home security goes along with cybersecurity: enforcing parking regulations, for example, in the neighborhood.
The downstream legal liability that a router owner could have for misuse, especially if the router owner was careless about security settings or did not install the router properly, is still a troubling and uncertain area.
This is a rapidly evolving topic.
Update: Jan.14, 2017
Further checks show that it can be done at the router level, but not all routers supplied by cable companies allow it. It's possible to "piggyback", and it may be possible in a guest account. I'm looking further. The same concerns will exist for disabling P2P.
A Major DDoS attack against a company(s) “DynDNS” (or maybe Dynatrace -- I've seen both companies named, not sure if this is different) that provides DNS routing disrupted
Internet connections for many Internet users in the US, especially the
northeast, early Friday. Curiously, the
company(s) does (do) not seem to have a press release for the incident yet.
Major platforms such as Twitter, Reddit, and Amazon were
affected for some users. But I
experienced no issues starting at 9:30 AM EDT today and watched a movie on
Amazon Prime. I found out about the
outage at first from Facebook user “Survival Mom”. I did experience a 5-minute DNS holdup on my Bluehost
Wordpress domains this evening that could conceivably be related, but the
outage was very short.
There have been at least three attacks today, that DYN and
some other companies (like Amazon especially) have spent the day
repelling.
Some users did not experience difficulties because their
telecommunications providers (Xfinity and Verizon in my case – I tried both)
use other services, or because their own computers cache the DNS information
(which I believe Windows 10 and later Mac OS’s do).
The DDOS came from botnets of “Internet of things” devices
with malware called Mirai. Well secured
PC’s (Windows, Mac’s) with modern anti-virus protection would not have been
vulnerable to becoming compromised. But separate webcams and digital recorders (which I have but which haven''t been connected recently) could have been infected.
Wired has one of the best stories, by Lili Hay Newman, "What We Know".
There are some claims on Twitter that Wikileaks engineered
the attack in conjunction with the treatment of Julian Assange. But it sounds plausible that it came from
Russia or North Korea. Update: Oct. 25
While I was on a PBS site in Google Chrome, Windows somehow loaded bloatware “Candy Crusg Doda Mash” (which Trend marks green), and the Google Chrome screen filled up completely, making the normal windows taskbars inaccessible, and forcing hitting of the power button to get it back.
A Trend quickscan did not show any problems after full restart.