Pre & Post RV Facts

The IQD TeamWords of WarningAnatomy of Con Men Tiers and More

3/5/2013

The IQD Team....Straight Talkin Mike

Words of Warning ~~ The Anatomy of Con Men, Tiers, and so much more

641-715-3900 Pin 354332# 7 Minutes
July 17, 2012 or
http://download3.freeconferencepro.com/rec/1264699943-20120718214725-25252525.wav

641-715-3900 Pin 180911# 15 minutes
July 19, 2012 or

http://download3.freeconferencepro.com/rec/1264699943-20120720225847-52523698.wav

Spokeo~~Instructions on How to Remove Your Information

3/3/2013

SPOKEO
Instructions on How to Remove Your Information

http://www.spokeo.com/

Enter Name OR Phone # or email address (don't forget to check your cell, your home, etc)

IF it shows up....click on the link address at the top of the page and copy it

Go to the bottom of the page and Click on Privacy or click here http://www.spokeo.com/privacy

Scroll to the bottom of the page and insert the url you copied

Then enter your email address (make sure it is NOT your main email address or this will just happen again)

Then enter Code

Click on Remove Listing

Go to your email for further instructions....you must click on the link to finish the process

ABOUT SPOKEO

Spokeo is a leading people search engine. We aggregate vast quantities of public data and organize the information into attractive and easy-to-follow profiles.

You can search for anyone using: Unlike other people search sites, Spokeo merges “real life” information (address, email address, marital status, etc.) with social network data (Facebook profiles, Twitter feeds, etc.) providing you with a profile that is among the most comprehensive profiles available on the Web.

Spokeo was founded in 2006 by Harrison Tang and a couple of his classmates at Stanford University. Working out of their parents’ basement, they developed a technology to better keep up with their friends online. Spokeo has since grown to become a leading solution to America’s connectivity needs. Our mission is to help people find, learn about, and connect with others more easily than ever.

Spokeo Privacy – Get the Scoop from the Source
http://www.spokeo.com/blog/2011/01/spokeo-privacy-get-scoop-from-source/

Straight Talkin Mike~~How many seconds would it take to break your password?

6/9/2012

How many seconds would it take to break your password?

'Strong' isn't a detailed password-rating; go for a quintillions possible combos, then add a symbol

By Kevin Fogarty 56 comments

June 07, 2012, 8:00 PM —

Security breaches of mind-numbing size like those at LinkedIn and EHarmony.com set crypto- and security geeks to chattering about weak passwords and lazy users and the importance of non-alphanumeric characters to security.

And insisting on a particular number of characters in a password is just pointless security-fetish control freakishness, right?

Nope. The number and type of characters make a big difference.

[ Stupid security mistakes: Things you missed while doing the hard stuff ]

How big? Adding a symbol eliminates the possibility of a straight dictionary attack (using, literally, words from a dictionary. Adding a symbol, especially an unusual one, makes it much harder to crack even using rainbow tables (collections of alphanumeric combinations, only some of which include symbols).

How big a difference to length and character make?

Look below and pick which password-cracking jobs you'd want to take on if you were a computer. The examples come from the Interactive Brute Force Password Search Space Calculator: at GRC.com, the love child of from former InfoWorld columnist and freeware contributor Steve Gibson

How long would it take to crack my password: (Includes letters and numbers, no upper- or lower-case and no symbols)

6 characters: 2.25 billion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 0.0224 seconds
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0000224 seconds
10 characters: 3.76 quadrillion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 10.45 hours
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 37.61 seconds.
Add a symbol, make the crack several orders of magnitude more difficult:

6 characters: 7.6 trillion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 2.4 centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 1.26 minutes
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0756 seconds
10 characters: Possible combinations: 171.3 sextillion (171,269,557,687,901,638,419; 1.71 x 1020)

Cracking online using web app hitting a target site with one thousand guesses per second: 54.46 million centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second) 54.46 years
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 2.83 weeks.
Take Steve's advice: go for 10 characters, then add a symbol.

SOURCE

Straight Talkin Mike~~LinkedIn users targeted in phishing scam after hack

6/7/2012

7 June 2012

LinkedIn users targeted in phishing scam after hack

Convincingly-designed emails like these have been sent to LinkedIn users

LinkedIn users have been targeted by email scams after hackers leaked more than six million user passwords online.

Emails designed to look like they were sent by the social-network website asked users to "confirm" their email address by clicking a link.

However, the link took unsuspecting recipients to a site selling counterfeit drugs.

Dating website e-Harmony has also admitted that a "small fraction" of its users' passwords have been leaked.

Approximately 1.5 million passwords from the US-based relationship site were posted online, reported Ars Technica.

The company said on its blog that it had reset the passwords of the affected users, who would receive an email with instructions on how to set new passwords.

On Wednesday it was revealed that 6.4 million passwords from LinkedIn had been posted on a Russian web forum, along with a message encouraging other hackers to help decrypt the "hashed" data.

Affected LinkedIn users have been told they will receive instructions in an email - but not with a link - on how to change their details.

HOW TO CHANGE YOUR LINKEDIN PASSWORD

Security experts have advised users to change their passwords on LinkedIn. Here's how: First, visit www.linkedin.com, and log in with your details

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," said LinkedIn director Vicente Silveira, confirming that a breach had occurred.

He added: "These members will also receive an email from LinkedIn with instructions on how to reset their passwords.

"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords."

However, Ant Allen, from analyst firm Gartner, said LinkedIn must do more to inform their members about the situation.

"I'd really like to see a clearer statement from them on their front page," he told the BBC.

"A statement that they were taking steps to minimise the risks of passwords being exposed in the future and the risks to users if passwords were exposed would do a lot to reassure people. Simply saying, 'we need you to reset your password as a security precaution' is not enough."

Final tally 'higher' Security analyst Imperva said it believed the breach was larger than had been acknowledged, as the list did not duplicate individual passwords, even though many were likely to have been used by more than one user.

"The list doesn't reveal how many times a password was used by the consumers," the company said.

"This means that a single entry in this list can be used by more than one person. For reference, in the [social network] RockYou hack the 5,000 most popular passwords were used by a share of 20% of the users. We believe that to be the case here as well, another indicator that the breach size exceeds 6.5m."

The password breach came just hours after the company admitted it had updated its mobile apps due to a privacy flaw.

In a blog post, Skycure Security said the the mobile app was sending unencrypted calendar entries to LinkedIn servers without users' knowledge.

In response LinkedIn said it would "no longer send data from the meeting notes section of your calendar".

Source

Straight Talkin Mike~Using Public Wi-Fi to Pay Bills & Shop Can Be Very Dangerous

5/20/2012

Great advice from Straight Talkin Mike....

USING PUBLIC WI-FI TO PAY BILLS AND SHOP CAN BE VERY DANGEROUS

Have you ever gone to the local hotspot at the McDonalds to browse the internet, have a cup of coffee and pay bills?

Well did you know you are at risk having your password and Identity stolen... Surprised?

Most people are...We have a false sense of privacy on the internet today and it can be damaging to you and your personal information. The nature of Public Wi-Fi is that it is open and Free....The word Public should be a clue as to how safe you really are on the network. Public Wi-Fi is an open network and all your information is open to anyone on the network to see and copy and use.

Ok....take a deep breath, now we can continue....Try this one day when you are traveling at the airport when connected to the Wi-Fi..click on your network neighborhood icon and you can see all the information from other peoples computers.

If you are paying bills any one can glean passwords and logons and you have given your information to them freely.

So how do you stop this?

First make sure your computer is up to date, all of the security patches are installed, you have a virus program and a Fire Wall running.
NEXT MAKE SURE YOU TURN OFF FILE AND PRINTER SHARING , so that others cannot see what you are broadcasting for others to share.
Remember it is possible to connect to any computer on the network.
Remember the internet is one big network and any one on that network can access your computer if you don’t take precautions.

Windows 7 has the most secure features to protect you. When you enter a new network it pops up a screen to ask you what type of network your are on, Public , home and work. Each network applies different security policies to protect your computer and disallow things like sharing. The most vulnerable operating system to expose to the network is Windows XP, so make sure at a minimum you are using Windows firewall to protect your computer from others.

Remember, and let me make it clear, on a public network it is never safe to do banking or shopping on a public Wi-Fi, because your data is never safe. If you need to do banking on the road, you should remote into your home machine via LogMeIn, Team View, etc.... this lets you securely use your home computer to do banking on a safe network.

Straight Talkin Mike

I have included a link and the News Article that will let you explore this further below:

Is It Safe To Bank On Public Wi-Fi? How Not To Get Hacked!

By Becky Worley | Upgrade Your Life – Wed, Feb 8, 2012

LINK TO VIDEO
http://news.yahoo.com/video/us-15749625/28233096

Online banking has grown in huge numbers, and mobile banking is on an even faster rise. But accessing your sensitive financial data via computer can be dangerous. One well known computer virus that steals banking logons and passwords is thought to have infected over 3 million computers in the US alone, siphoning at least $70 million dollars from consumers. So how can you access your bank account safely?

We've enlisted the help of noted hacking researcher Darren Kitchen to find out:
• Is it safe to bank on a public computer, like at a library or in a school?
• Can you safely check your bank balance in a Wi-Fi café on your own laptop?
• How safe is it to check your bank account from your home computer?
• Is it OK to bank on your phone?

I've known Darren Kitchen for years. He hosts a podcast about hacking called Hak5 and has been interviewed by ABC News, the New York Times and Wired Magazine on various hacking topics. In short, he's the real deal, and he sat down with me to answer the following questions and demo what a hacker could do if you log on to the wrong Wi-Fi.

Is it safe to bank on a public computer?
Answer: No
Public computers in libraries, schools, and hotels are completely unsafe for any sensitive web browsing. You have no idea if they are secure or if a criminal has installed a key-logger that tracks every username and password you enter.

Can you safely bank online at a Wi-Fi café on your own computer
Answer: Probably not
Darren and I set up an experiment. With my own laptop, I logged onto the free Wi-Fi in a café while Darren sat across from me. I went to my bank site and entered my username and password. In real time, Darren intercepted the logon info. If that had been my real info he could have immediately logged onto my bank account (NOTE: I gave Darren expressed permission to hack my browsing — I need to say this for legal reasons. ALSO - I am a blond, but what you see in the video is not my real banking info.)

How did he hack my connection?
Darren brought his own router into the coffee shop. He can set it up to provide an open connection that is labeled "Internet" or "free Wi-Fi" or even includes the name of the café, something like "Cuppa Joe Wi-Fi." Simply put, he pretends to be the Internet access provided by the café. The scenario: you turn on your computer and log on to what you think is the Wi-Fi provided by the business. Even more deviously, Darren can create a Wi-Fi signal called Linksys, TMobile, ATT Wireless or GogoInflight. If your computer has ever connected to those legitimate networks in the past, it will be fooled into thinking it already has permission to connect — and does so through Darren's router.

"Once you're on my router, I am the Internet. I'm the man in the middle, so I can see everything," said Darren. "I'm essentially your Internet service provider, and inherently, I can eavesdrop and even change data on the fly. And when I see you're going to a bank, I can serve up my own [site] that looks and feels in every way like the bank's site."

And that's how he got my info. I thought I was going to a legitimate bank, but really it was Darren serving up an easily faked version of the site. It looked exactly the same as the real bank's site.

Bottom-line: if you must do sensitive web browsing over a Wi-Fi network in a public place you should be very sure you know that the Wi-Fi is actually provided by the business and being passed through their router. It should be encrypted so you need a password to log on. And finally, do you trust the business and its employees? There are enough risks that when I ask Darren if he would log on to his bank this way he says "Absolutely not."

How safe is it to check your bank account from home?
Answer: Safe, but be sure your computer is virus free
If you are connecting to the Internet at home over a Wi-Fi router that's encrypted with WPA2 security, you should be safe to log on to your bank.

BUT… big caveat! Are you sure your computer is virus free? Computer viruses are getting more devious about specifically targeting online banking information. The Zeus botnet has resulted in hundreds of millions of dollars funneled out of consumer bank accounts. If you have any doubt about the security of your home computer, it may be time to get serious about disinfecting it and protecting it with an antivirus program if you want to bank online without anxiety.

Is it okay to bank on your phone?
Answer: Yes, but…
Phones using Wi-Fi to connect to the Internet are susceptible to hacks just like the Wi-Fi café hack Darren exhibited. But phones using cellular data networks for their connection are MUCH harder to fool. It's not impossible. As Darren points out, he replicated the café's Wi-Fi with off-the-shelf router equipment. It's much harder to replicate a cell phone tower.

The biggest caveat for checking your bank account on your phone is to consider what would happen if the phone fell into the wrong hands. The financial and identity information on your phone has now become more valuable than the hardware itself, so thieves are getting much more sophisticated about mining bank and personal data from mobile devices. So keep a password screen lock on the phone and have a remote wipe program so you can delete all data if your phone is lost or stolen.

SOURCE

Straight Talkin Mike~~8 Privacy Threats Worse Than Google

5/5/2012

8 Privacy Threats Worse Than Google

Google's privacy policy tweaks this week caused a fresh flurry of outrage. But Google should not be your top privacy worry.

4 Comments | Thomas Claburn | March 03, 2012 09:10 AM

Google has taken a lot of heat for combining several dozen privacy policies that few people ever read into a single set of rules that people might actually glance at, even if they don't really want to bother with the specifics.

The outcry is both appropriate and ridiculous.

Worries about online privacy are appropriate because online privacy is terrible. Remember Facebook's Beacon ad targeting system, which caused similar controversy in 2007? Well, read Google's new privacy policy, the part about pixel tags.

Google explains, "A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies."

That's basically what Facebook's Beacon system did. But it's not just Google doing this, it's pretty much every online ad company and major Internet service. Get ready for the Soylent Green moment: The information economy runs on your information.

[ Read Google Insists Privacy Change Is Legal. ]

But worries about online privacy are ridiculous because we don't really want privacy. We want to feel like we're in control, whether or not we are or can be. We want a property right in the information we generate and passively express. You'd better hope that we never get that far because there won't be any information economy after that.

Privacy doesn't sell, at least beyond those in the market for tin foil hats. I've lost track of the number of companies that have tried and failed to sell privacy as a product. It doesn't sell because we'd rather be connected and share, because we'd rather have advertisers subsidize online services, and because it's difficult to place a value on privacy.

Worries about online privacy are ridiculous because much of the hysteria comes from companies using fear mongering to compete, from lawmakers who don't understand technology, and from interest groups with ties to industry. Real cases of privacy-related harm are few and far between. Remember the Borings, the couple in Pennsylvania that sued Google for photographing their property with a Street View car? They settled for $1. Google paid too much.

In a more recent Street View privacy-related lawsuit, a French man is suing Google for capturing an image of him urinating in his yard. Although his face was blurred, locals apparently recognized him. Maybe Google will have to shift to full-body blurring, to protect the privacy necessary to relieve oneself in public.

Worries about online privacy are ridiculous because we're so schizophrenic about privacy. Google has to blur the face of people captured in Street View images, yet these same people are probably present in the backgrounds of tourists' pictures and video posted to countless social-sharing websites. We surrender our privacy to our employers and yet accept that companies have a right to operate without much scrutiny. We submit to invasive body scanning at airports and become indignant at the thought of seeing ads tailored to our interests.

Though Google consolidated its privacy policies to allow it to generate more ad revenue by delivering more relevant ads, it also is offering what it believes is a better experience. So before you take up arms against Google, which is mainly trying to make enough money to pay for all those videos you're uploading and watching on YouTube, here, in no particular order, are a few privacy violators to worry about.

1. Shoulder surfers. Remember, you don't have much privacy and you have even less sitting in a cafe or on a plane where people can see your computer screen.

2. Hackers. No computer user with an Internet connection is immune from hacking, but you can mitigate the risk by choosing strong passwords and using two-factor authentication. Sure, it's a pain, but assuring that your computer is secure will help you maintain your privacy.

3. Other people. When things are going well in a relationship or friendship, it's all about sharing. When things turn to divorce, child-custody battles, or other disputes, you might realize that your enemies don't adhere to privacy policies. And even your friends might cause problems, posting pictures or sharing email messages that don't portray you as you wish to be portrayed.

4. Governments. If you're more concerned about what Google knows than you are about what governments know, consider whether any government is more true to the "Don't Be Evil" motto than Google. Who watches the watchmen?

5. Credit bureaus. Unlike consumer credit companies, what Google knows about you probably never prevented you from getting a loan.

6. Information vendors. Google might be able to point people to a lot of public information about you, but companies such as Intellius, when presented with an email address, will produce a report that includes a person's personal name, address, residential and cell phone numbers, and location details.

7. Your employer. Google is reasonably specific about the information it collects and it allows users a fair degree of control over that information. Your employer probably has a record of all the websites you've visited while at work and access to your work-related email. Before you sue for employment discrimination or back pay, be sure your own conduct online at work has been beyond reproach.

8. You. Google can collect only a limited amount of information if you haven't signed in to your Google account. And the company provides plenty of tools for limiting the information it stores. Have you done your part to protect your privacy? Here's a first step in the journey toward privacy awareness: Keep your voice down when talking on your mobile phone.

The list could go on. Insurers, retailers, ISPs, developers, telecom companies, electric utilities, grocery stores, and anyone rifling through your garbage might know more about you than you realize. Frankly, if Google's tracking is your major concern, you probably have very little to worry about.

That doesn't mean privacy isn't worthwhile. It's just complicated. We should expect and demand that companies are straightforward about how they're using information. Here Google and other businesses need to do more, to be more specific about how they leverage data. But we should not expect them to turn a blind eye to the information we don't take the trouble to protect, particularly if they make a good faith effort to be transparent and involve us in the process.

Trust as much as you have to, verify what you care about, block where necessary, and try to find your own personal comfort zone in the information economy.

New privacy rules might sound appealing, but they probably won't be very effective. Advertising has a way to surviving. And in the event it doesn't, guess who'll end up paying?

As enterprises ramp up cloud adoption, service-level agreements play a major role in ensuring quality enterprise application performance. Follow our four-step process to ensure providers live up to their end of the deal. It's all in our Cloud SLA report. (Free registration required.)

Source

The IQD Team~~Words of Warning~~Anatomy of Con Men Tiers and More