As Recommended by Straight Talkin Mike - I Drive
5GB FREE Universal On Line Back Up
Back up your computer FREE
|The I.Q.D. Team Connection||
As Recommended by Straight Talkin Mike - I Drive
5GB FREE Universal On Line Back Up
Back up your computer FREE
The IQD Team....Straight Talkin Mike
Words of Warning ~~ The Anatomy of Con Men, Tiers, and so much more
641-715-3900 Pin 354332# 7 Minutes
July 17, 2012 or
641-715-3900 Pin 180911# 15 minutes
July 19, 2012 or
Straight Talkin Mike Comments about Article referencing the 10 year Period and the LOP
"Parliamentary Finance: Central Bank will continue to receive the old currency for a period of ten years" (Article is at bottom of this post - below comments made by Straight Talkin Mike on Thursday, July 5, 2012)
Straight Talkin Mike....July 5, 2012
So Shabibi Had a meeting with Maliki a year ago on June 19, 2011...So lets see they were ready a year ago...Its now July 5, 2012 - yes I would say they are ready to go...
This is going to be "RV for Dummies".....Let me break this down and understand why this is so important so all of the misinformation being given out on other calls can go away.....
You have 30 trillion dinars...thats the total M3 money supply...you have an internal money supply whats in the bank and whats in
the Iraqis pockets..thats the M1 money supply...thats a smaller portion of the total money supply..there are countries that hold dinar...We hold dinar in another country...Theres 15 trillion or less in country...most of that other is held outside of the country..there is not much held in the banks...
The reason this 10 yr period is so important is because when other countries cash out their money it goes to their Central Bank...Ours goes to the Federal Reserve Bank..Now they are not like all of us who just hit the lotto and are going to run and cash in your money and go out and spend it.....Central Banks are going to hold onto that money which means the have a 10 yr period to exchange what they have in their reserves for the new money.....they do that ...we don't do that....we just trade it in...this is almost like depreciating this money over 10 yrs for him as far as paying for the RV.....they are making it very clear to the world each time we see one of these articles that there is going to be a 10 yr period for these Central Banks to do that...
Now we may only have 2 yrs which is what they say and we are in this process and they are going to run them concurrently for 2
yrs and the new currency is coming out ....We believe that sometime before this currency comes out this RV will take place because you can't issue the new currency with money that is worthless because it costs more to print it than it does...
Now the debate can rage on all it wants on whether or not they are ready but when you have the Governor of the Bank a year ago telling them they are ready to do this and they wanted to do as of January of this year..June last year they went to Maliki and said we are ready to do this 2012...well all of the political stuff went on so they moved it to 2013 so they are beyond the point of no return..they know they are going to do this and that this is going to happen..as we move along this ride they are giving us all of friendly information to keep everybody on board...
Now everybody can come up with their theories and all of that other stuff...they are not not going to lop their currency...they are not going to take value away from it...we here on this team believe that this investment will be worth more than what we paid for it at some time in the future....Period... end of story...You can talk about all of the other theories, etc but this is basically what these articles are telling us and that the Finance Committee is on board.....I don't think we have had this kind of response from the Finance Committe ever....its almost like they are over zealous at the Finance Committee--they don't understand the difference between oversight and monetary policy..they think they have to implement all of this..so they are out there blabbering and talking away...half the time in these articles they don't know what they are are talking about - so when you read an article make sure where it is coming from..is it coming from the Finance Commitee or is it coming from Shabibi at the CBI...the more correct information is going to come from the CBI....the overblown info from the Finance Committes because they truly do not understand what that process is....so we really need to make sure you understand your frame of reference when you read these articles...but this is another article that lets us know that as they have been telling us for the last 1 1/2 years...there will be a 2 yr period...currencies will run concurrent which means they will have equal value....they keep on telling us that...and that at some point in time over 10 yrs people can turn these in and when they talk about people they are talking about the Central Banks...
It is truly that simple...people try to overcomplicate it....
Parliamentary Finance: Central Bank will continue to receive the old currency for a period of ten years
Published on Thursday, 05 / 2012 08:35 | posted by: Rasan | Print | E-mail | Hits: 253
BAGHDAD / With: revealed the parliamentary finance committee that the central bank has agreed to allow replacement of the survival rates for ten years from entry into the exchange, stressing that the three companies had to perform the printing new currency.
A member of the Finance Committee, the parliamentary Haitham al-Jubouri said in an interview to the correspondent of news agency future: "The Finance Committee and even the central bank were afraid of the process of handing over money to the Iraqi banks could see the manipulation or through which some of extortion in order to reduce the delivery time therefore, and after studying the abundant of the subject and agreed conservative central bank that there is a lot of time represented by ten years to the Imam on the currency exchange receipt of new surveys of the Iraqi currency and replace the old El Jadida. "
The Jubouri that "a mechanism to replace the currency will be in two years and the first three stages are the printing process and secondly the process of offering the two currencies in the markets of Iraq and the third pull the old currency and to keep only the new currency."
The Jubouri that "there are companies presentations were made to the Central Bank and the Iraqi government in order to compete on the process of printing new Iraqi currency as each company competes in terms of price, first hand, security second, and both these issues are two important too, noting that all the offers are under hand, but must first get to the final decision to switch the currency or not, and then can receive offers and discussed in detail. "
The Jubouri that "the offers made are from Switzerland and Russia and Brazil and that these offers are competing in terms of the quality of the paper and worker security primarily, so the offers must be subject to a discussion of a specialized committee of the Central Bank of Iraq to determine the priorities of the companies that can be printed Iraqi funds ".
The Central Bank of Iraq announced (29 September 2011) that the year 2013 will see the deletion of zeros and currency exchange rates, pointing out that the current formed a cluster of large cash estimated at 30 trillion dinars.
According to some economists that Iraq is ready for the time being to delete the zeros of the Iraqi dinar, pointing out that the deletion of zeros needed to stabilize the security and political as well as economic stability.
And declared the Iraqi Central Bank Governor Sinan Shabibi independent bodies during a meeting with Prime Minister Nuri al-Maliki, which was held in (June 19, 2011) is ready to create all supplies to replace the Iraqi currency. (Finished)
MORE FROM STRAIGHT TALKIN MIKE...
Cyber bank robbers attempt billion-dollar heist, targeting your money
By John R. Quain
Published June 26, 2012
The next Internet billionaires won’t be pushing social-networking apps. They’ll be breaking into your bank accounts.
An organized global cyber crimewave has been underway for months, according to a report released today from security firms McAfee and Guardian Analytics, attacking banks in Columbia, Germany, Italy, the Netherlands, the United Kingdom and the U.S.
A total of roughly $78 million was successfully siphoned out of bank accounts, according to researchers, with a potential total of $2 billion attempted. (Banks are understandably loathe to reveal losses and due to additional security concerns have not been identified.)
Analysts at the firms report that these thefts represent a new generation of attacks running off of hijacked servers that can be frequently changed to avoid detection and completely automated so that thousands of customer accounts can be broken into without even raising the owners’ suspicion.
By adapting two types of malware designed to steal passwords — known as Zeus and SpyEye — hackers can now invisibly record login information and add additional requests for information on what appear to be valid online banking pages. They can even intercept secondary, one-time only passwords, and then put the user on hold while they login and transfer funds to criminal accounts. After the transfer is complete, the software can even post false balances so that the victim is unaware of the theft until it is too late.
What is different about these new attacks is their high level of automation. It allows organized cyberattacks that can drain just a few dollars from multiple accounts without any intervention by the crooks. Furthermore, according to McAfee, the criminals look for large account balances — hence the researchers dubbed the crime spree “Operation High Roller.” In at least one case, the criminals made off with $130,000 from a single account.
The moral of this latest cyberscare story is that you cannot rely on your bank or financial institution to protect your money. In many cases, the financial institution’s profits are sufficiently high and the investment in additional computer security measures considered too expensive to prevent many of these attacks. As some analysts have told me, it’s considered part of the cost of doing business. Just make sure it isn’t your cost of doing business online.
First, you have to run some sort of anti-virus software. There are free basic versions out there from the likes of Avast, AVG, and BitDefender. Many of these monitor new threats and will warn you about suspicious Web pages.
Second, never, ever, ever open a link in an “official” e-mail message you receive. This is the primary way criminals lead thousands of users astray every day. If you get a message from your bank, open a separate browser and type in the URL that you usually use. It’s the only way to avoid being led astray.
Third, update your software: in particular the Web browser you’re using and Sun’s Java and Adobe’s Reader software (for opening PDFs). These programs are the favorite targets of hackers and new exploits are uncovered every week. Keeping them updated can often prevent so-called iFrame hacks that may compromise legitimate Web sites and secretly install malware on your computer. So instead of watching that Tree Girl video, check for updates whenever you have a spare moment
The computer security threats are clearly endemic, prompting the head of Britain’s spy agency, Jonathan Evans of MI5, to coincidentally come out this week to warn that the level of cyber attacks is now “astonishing.” Evans warned that the scale of such threats has now reached “industrial-scale” proportions.
So it’s no longer a matter of paranoia to check your software and Web surfing habits. It’s a matter of common sense.
From Straight Talkin Mike....ALERT
Fraud Ring In Hacking Attack On 60 Banks
Some 60m euro is stolen from bank accounts in a massive cyber raid, after fraudsters raid dozens of banks around the world.
7:16am UK, Wednesday 27 June 2012 Video: McAfee: Biggest Cyber Bank Robbery In History
By Pete Norman, Sky News Online
Sixty million euro has been stolen from bank accounts in a massive cyber bank raid after fraudsters raided dozens of financial institutions around the world.
According to a joint report by software security firm McAfee and Guardian Analytics, more than 60 firms have suffered from what it has called an "insider level of understanding".
"The fraudsters' objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research - Operation High Roller," the report said.
"If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as 2bn euro (£1.6bn)."
The automated malicious software programme was discovered to use servers to process thousands of attempted thefts from both commercial firms and private individuals.
The stolen money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro (£80,000) at a time.
Credit unions, large multinational banks and regional banks have all been attacked.
Sky News defence and security editor Sam Kiley said: "It does include British financial institutions and has jumped over to North America and South America.
"What they have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.
"It can get around some of the mechanisms that alert the banking system to abnormal activity."
The details of the global fraud come just a day after the MI5 boss warned of the new cyber security threat to UK business.
McAfee researchers have been able to track the global fraud, which still continues, across countries and continents.
"They have identified 60 different servers, many of them in Russia, and they have identified one alone that has been used to steal 60m euro," Kiley said.
"There are dozens of servers still grinding away at this fraud – in effect stealing money."
How many seconds would it take to break your password?
'Strong' isn't a detailed password-rating; go for a quintillions possible combos, then add a symbol
By Kevin Fogarty 56 comments
June 07, 2012, 8:00 PM —
Security breaches of mind-numbing size like those at LinkedIn and EHarmony.com set crypto- and security geeks to chattering about weak passwords and lazy users and the importance of non-alphanumeric characters to security.
And insisting on a particular number of characters in a password is just pointless security-fetish control freakishness, right?
Nope. The number and type of characters make a big difference.
[ Stupid security mistakes: Things you missed while doing the hard stuff ]
How big? Adding a symbol eliminates the possibility of a straight dictionary attack (using, literally, words from a dictionary. Adding a symbol, especially an unusual one, makes it much harder to crack even using rainbow tables (collections of alphanumeric combinations, only some of which include symbols).
How big a difference to length and character make?
Look below and pick which password-cracking jobs you'd want to take on if you were a computer. The examples come from the Interactive Brute Force Password Search Space Calculator: at GRC.com, the love child of from former InfoWorld columnist and freeware contributor Steve Gibson
How long would it take to crack my password: (Includes letters and numbers, no upper- or lower-case and no symbols)
6 characters: 2.25 billion possible combinations
Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 0.0224 seconds
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0000224 seconds
10 characters: 3.76 quadrillion possible combinations
Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 10.45 hours
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 37.61 seconds.
Add a symbol, make the crack several orders of magnitude more difficult:
6 characters: 7.6 trillion possible combinations
Cracking online using web app hitting a target site with one thousand guesses per second: 2.4 centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 1.26 minutes
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0756 seconds
10 characters: Possible combinations: 171.3 sextillion (171,269,557,687,901,638,419; 1.71 x 1020)
Cracking online using web app hitting a target site with one thousand guesses per second: 54.46 million centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second) 54.46 years
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 2.83 weeks.
Take Steve's advice: go for 10 characters, then add a symbol.
7 June 2012
LinkedIn users targeted in phishing scam after hack
Convincingly-designed emails like these have been sent to LinkedIn users
LinkedIn users have been targeted by email scams after hackers leaked more than six million user passwords online.
Emails designed to look like they were sent by the social-network website asked users to "confirm" their email address by clicking a link.
However, the link took unsuspecting recipients to a site selling counterfeit drugs.
Dating website e-Harmony has also admitted that a "small fraction" of its users' passwords have been leaked.
Approximately 1.5 million passwords from the US-based relationship site were posted online, reported Ars Technica.
The company said on its blog that it had reset the passwords of the affected users, who would receive an email with instructions on how to set new passwords.
On Wednesday it was revealed that 6.4 million passwords from LinkedIn had been posted on a Russian web forum, along with a message encouraging other hackers to help decrypt the "hashed" data.
Affected LinkedIn users have been told they will receive instructions in an email - but not with a link - on how to change their details.
HOW TO CHANGE YOUR LINKEDIN PASSWORD
Security experts have advised users to change their passwords on LinkedIn. Here's how: First, visit www.linkedin.com, and log in with your details
"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," said LinkedIn director Vicente Silveira, confirming that a breach had occurred.
He added: "These members will also receive an email from LinkedIn with instructions on how to reset their passwords.
"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords."
However, Ant Allen, from analyst firm Gartner, said LinkedIn must do more to inform their members about the situation.
"I'd really like to see a clearer statement from them on their front page," he told the BBC.
"A statement that they were taking steps to minimise the risks of passwords being exposed in the future and the risks to users if passwords were exposed would do a lot to reassure people. Simply saying, 'we need you to reset your password as a security precaution' is not enough."
Final tally 'higher' Security analyst Imperva said it believed the breach was larger than had been acknowledged, as the list did not duplicate individual passwords, even though many were likely to have been used by more than one user.
"The list doesn't reveal how many times a password was used by the consumers," the company said.
"This means that a single entry in this list can be used by more than one person. For reference, in the [social network] RockYou hack the 5,000 most popular passwords were used by a share of 20% of the users. We believe that to be the case here as well, another indicator that the breach size exceeds 6.5m."
The password breach came just hours after the company admitted it had updated its mobile apps due to a privacy flaw.
In a blog post, Skycure Security said the the mobile app was sending unencrypted calendar entries to LinkedIn servers without users' knowledge.
In response LinkedIn said it would "no longer send data from the meeting notes section of your calendar".
Great advice from Straight Talkin Mike....
USING PUBLIC WI-FI TO PAY BILLS AND SHOP CAN BE VERY DANGEROUS
Have you ever gone to the local hotspot at the McDonalds to browse the internet, have a cup of coffee and pay bills?
Well did you know you are at risk having your password and Identity stolen... Surprised?
Most people are...We have a false sense of privacy on the internet today and it can be damaging to you and your personal information. The nature of Public Wi-Fi is that it is open and Free....The word Public should be a clue as to how safe you really are on the network. Public Wi-Fi is an open network and all your information is open to anyone on the network to see and copy and use.
Ok....take a deep breath, now we can continue....Try this one day when you are traveling at the airport when connected to the Wi-Fi..click on your network neighborhood icon and you can see all the information from other peoples computers.
If you are paying bills any one can glean passwords and logons and you have given your information to them freely.
So how do you stop this?
First make sure your computer is up to date, all of the security patches are installed, you have a virus program and a Fire Wall running.
NEXT MAKE SURE YOU TURN OFF FILE AND PRINTER SHARING , so that others cannot see what you are broadcasting for others to share.
Remember it is possible to connect to any computer on the network.
Remember the internet is one big network and any one on that network can access your computer if you don’t take precautions.
Windows 7 has the most secure features to protect you. When you enter a new network it pops up a screen to ask you what type of network your are on, Public , home and work. Each network applies different security policies to protect your computer and disallow things like sharing. The most vulnerable operating system to expose to the network is Windows XP, so make sure at a minimum you are using Windows firewall to protect your computer from others.
Remember, and let me make it clear, on a public network it is never safe to do banking or shopping on a public Wi-Fi, because your data is never safe. If you need to do banking on the road, you should remote into your home machine via LogMeIn, Team View, etc.... this lets you securely use your home computer to do banking on a safe network.
Straight Talkin Mike
I have included a link and the News Article that will let you explore this further below:
Is It Safe To Bank On Public Wi-Fi? How Not To Get Hacked!
By Becky Worley | Upgrade Your Life – Wed, Feb 8, 2012
LINK TO VIDEO
Online banking has grown in huge numbers, and mobile banking is on an even faster rise. But accessing your sensitive financial data via computer can be dangerous. One well known computer virus that steals banking logons and passwords is thought to have infected over 3 million computers in the US alone, siphoning at least $70 million dollars from consumers. So how can you access your bank account safely?
We've enlisted the help of noted hacking researcher Darren Kitchen to find out:
• Is it safe to bank on a public computer, like at a library or in a school?
• Can you safely check your bank balance in a Wi-Fi café on your own laptop?
• How safe is it to check your bank account from your home computer?
• Is it OK to bank on your phone?
I've known Darren Kitchen for years. He hosts a podcast about hacking called Hak5 and has been interviewed by ABC News, the New York Times and Wired Magazine on various hacking topics. In short, he's the real deal, and he sat down with me to answer the following questions and demo what a hacker could do if you log on to the wrong Wi-Fi.
Is it safe to bank on a public computer?
Public computers in libraries, schools, and hotels are completely unsafe for any sensitive web browsing. You have no idea if they are secure or if a criminal has installed a key-logger that tracks every username and password you enter.
Can you safely bank online at a Wi-Fi café on your own computer
Answer: Probably not
Darren and I set up an experiment. With my own laptop, I logged onto the free Wi-Fi in a café while Darren sat across from me. I went to my bank site and entered my username and password. In real time, Darren intercepted the logon info. If that had been my real info he could have immediately logged onto my bank account (NOTE: I gave Darren expressed permission to hack my browsing — I need to say this for legal reasons. ALSO - I am a blond, but what you see in the video is not my real banking info.)
How did he hack my connection?
Darren brought his own router into the coffee shop. He can set it up to provide an open connection that is labeled "Internet" or "free Wi-Fi" or even includes the name of the café, something like "Cuppa Joe Wi-Fi." Simply put, he pretends to be the Internet access provided by the café. The scenario: you turn on your computer and log on to what you think is the Wi-Fi provided by the business. Even more deviously, Darren can create a Wi-Fi signal called Linksys, TMobile, ATT Wireless or GogoInflight. If your computer has ever connected to those legitimate networks in the past, it will be fooled into thinking it already has permission to connect — and does so through Darren's router.
"Once you're on my router, I am the Internet. I'm the man in the middle, so I can see everything," said Darren. "I'm essentially your Internet service provider, and inherently, I can eavesdrop and even change data on the fly. And when I see you're going to a bank, I can serve up my own [site] that looks and feels in every way like the bank's site."
And that's how he got my info. I thought I was going to a legitimate bank, but really it was Darren serving up an easily faked version of the site. It looked exactly the same as the real bank's site.
Bottom-line: if you must do sensitive web browsing over a Wi-Fi network in a public place you should be very sure you know that the Wi-Fi is actually provided by the business and being passed through their router. It should be encrypted so you need a password to log on. And finally, do you trust the business and its employees? There are enough risks that when I ask Darren if he would log on to his bank this way he says "Absolutely not."
How safe is it to check your bank account from home?
Answer: Safe, but be sure your computer is virus free
If you are connecting to the Internet at home over a Wi-Fi router that's encrypted with WPA2 security, you should be safe to log on to your bank.
BUT… big caveat! Are you sure your computer is virus free? Computer viruses are getting more devious about specifically targeting online banking information. The Zeus botnet has resulted in hundreds of millions of dollars funneled out of consumer bank accounts. If you have any doubt about the security of your home computer, it may be time to get serious about disinfecting it and protecting it with an antivirus program if you want to bank online without anxiety.
Is it okay to bank on your phone?
Answer: Yes, but…
Phones using Wi-Fi to connect to the Internet are susceptible to hacks just like the Wi-Fi café hack Darren exhibited. But phones using cellular data networks for their connection are MUCH harder to fool. It's not impossible. As Darren points out, he replicated the café's Wi-Fi with off-the-shelf router equipment. It's much harder to replicate a cell phone tower.
The biggest caveat for checking your bank account on your phone is to consider what would happen if the phone fell into the wrong hands. The financial and identity information on your phone has now become more valuable than the hardware itself, so thieves are getting much more sophisticated about mining bank and personal data from mobile devices. So keep a password screen lock on the phone and have a remote wipe program so you can delete all data if your phone is lost or stolen.
FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped
The Federal Bureau of Investigation is warning travelers to be on the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.
FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.
The Seal of the United States Federal Bureau of Investigation. (Photo credit: Wikipedia)
According to the FBI, there has been an increase in instances of travelers’ notebooks being infected with malicious software while using hotel internet connections. While attempting to set up the internet connection in the room, some users have been presented with a pop-up notifying them of an update a widely-used software product.
Accepting the update resulted in malicious software being installed on the notebook.
The FBI’s Internet Crime Complaint Center (ISC3) has offered up some good advice for travelers, including:
This advisory from the FBI follows a report by Bloomberg which claims that Chinese hackers have stolen private data from as many as 760 firms by hacking into the iBahn broadband and entertainment service offered to guests of hotel chains such as Marriott International Inc.
Firms compromised in this attack are believed to include Research in Motion Ltd. and Boston Scientific Corp., as well as some of the largest corporations and niche innovators in sectors such as aerospace, semiconductors, pharmaceuticals and biotechnology.
By breaking into iBahn’s networks, hackers may have had access to millions of confidential e-mails, even encrypted ones.
Last month, software engineer Justin Watt noticed during a stay at a Marriott International hotel in the U.S. that code was being injected into websites visited via the hotel WiFi in order to push third-party advertisement to users. According to an official statement from Marriott International, this was done “unbeknownst to the hotel”.
While the advertisements served were harmless, it can’t be reassuring to visitors to find that Marriott International didn’t know what was going on with its own network.
8 Privacy Threats Worse Than Google
4 Comments | Thomas Claburn | March 03, 2012 09:10 AM
Google has taken a lot of heat for combining several dozen privacy policies that few people ever read into a single set of rules that people might actually glance at, even if they don't really want to bother with the specifics.
The outcry is both appropriate and ridiculous.
Google explains, "A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies."
That's basically what Facebook's Beacon system did. But it's not just Google doing this, it's pretty much every online ad company and major Internet service. Get ready for the Soylent Green moment: The information economy runs on your information.
[ Read Google Insists Privacy Change Is Legal. ]
But worries about online privacy are ridiculous because we don't really want privacy. We want to feel like we're in control, whether or not we are or can be. We want a property right in the information we generate and passively express. You'd better hope that we never get that far because there won't be any information economy after that.
Privacy doesn't sell, at least beyond those in the market for tin foil hats. I've lost track of the number of companies that have tried and failed to sell privacy as a product. It doesn't sell because we'd rather be connected and share, because we'd rather have advertisers subsidize online services, and because it's difficult to place a value on privacy.
Worries about online privacy are ridiculous because much of the hysteria comes from companies using fear mongering to compete, from lawmakers who don't understand technology, and from interest groups with ties to industry. Real cases of privacy-related harm are few and far between. Remember the Borings, the couple in Pennsylvania that sued Google for photographing their property with a Street View car? They settled for $1. Google paid too much.
In a more recent Street View privacy-related lawsuit, a French man is suing Google for capturing an image of him urinating in his yard. Although his face was blurred, locals apparently recognized him. Maybe Google will have to shift to full-body blurring, to protect the privacy necessary to relieve oneself in public.
Worries about online privacy are ridiculous because we're so schizophrenic about privacy. Google has to blur the face of people captured in Street View images, yet these same people are probably present in the backgrounds of tourists' pictures and video posted to countless social-sharing websites. We surrender our privacy to our employers and yet accept that companies have a right to operate without much scrutiny. We submit to invasive body scanning at airports and become indignant at the thought of seeing ads tailored to our interests.
Though Google consolidated its privacy policies to allow it to generate more ad revenue by delivering more relevant ads, it also is offering what it believes is a better experience. So before you take up arms against Google, which is mainly trying to make enough money to pay for all those videos you're uploading and watching on YouTube, here, in no particular order, are a few privacy violators to worry about.
1. Shoulder surfers. Remember, you don't have much privacy and you have even less sitting in a cafe or on a plane where people can see your computer screen.
2. Hackers. No computer user with an Internet connection is immune from hacking, but you can mitigate the risk by choosing strong passwords and using two-factor authentication. Sure, it's a pain, but assuring that your computer is secure will help you maintain your privacy.
3. Other people. When things are going well in a relationship or friendship, it's all about sharing. When things turn to divorce, child-custody battles, or other disputes, you might realize that your enemies don't adhere to privacy policies. And even your friends might cause problems, posting pictures or sharing email messages that don't portray you as you wish to be portrayed.
4. Governments. If you're more concerned about what Google knows than you are about what governments know, consider whether any government is more true to the "Don't Be Evil" motto than Google. Who watches the watchmen?
5. Credit bureaus. Unlike consumer credit companies, what Google knows about you probably never prevented you from getting a loan.
6. Information vendors. Google might be able to point people to a lot of public information about you, but companies such as Intellius, when presented with an email address, will produce a report that includes a person's personal name, address, residential and cell phone numbers, and location details.
7. Your employer. Google is reasonably specific about the information it collects and it allows users a fair degree of control over that information. Your employer probably has a record of all the websites you've visited while at work and access to your work-related email. Before you sue for employment discrimination or back pay, be sure your own conduct online at work has been beyond reproach.
8. You. Google can collect only a limited amount of information if you haven't signed in to your Google account. And the company provides plenty of tools for limiting the information it stores. Have you done your part to protect your privacy? Here's a first step in the journey toward privacy awareness: Keep your voice down when talking on your mobile phone.
The list could go on. Insurers, retailers, ISPs, developers, telecom companies, electric utilities, grocery stores, and anyone rifling through your garbage might know more about you than you realize. Frankly, if Google's tracking is your major concern, you probably have very little to worry about.
That doesn't mean privacy isn't worthwhile. It's just complicated. We should expect and demand that companies are straightforward about how they're using information. Here Google and other businesses need to do more, to be more specific about how they leverage data. But we should not expect them to turn a blind eye to the information we don't take the trouble to protect, particularly if they make a good faith effort to be transparent and involve us in the process.
Trust as much as you have to, verify what you care about, block where necessary, and try to find your own personal comfort zone in the information economy.
New privacy rules might sound appealing, but they probably won't be very effective. Advertising has a way to surviving. And in the event it doesn't, guess who'll end up paying?
As enterprises ramp up cloud adoption, service-level agreements play a major role in ensuring quality enterprise application performance. Follow our four-step process to ensure providers live up to their end of the deal. It's all in our Cloud SLA report. (Free registration required.)
Straight Talkin Mike~~How can you detect if your computer has been violated and infected with DNS Changer?
How can you detect if your computer has been violated and infected with DNS Changer?
An industry wide team has developed easy “are you infected” web sites. They are a quick way to determine if you are infected with DNS Changer. Each site is designed for any normal computer user to browse to a link, follow the instructions, and see if they might be infected. Each site has instructions in their local languages on the next steps to clean up possible infections.
For example, the http://www.dns-ok.us/ will state if you are or are not infected (see below).
If you think your computer is infected with DNS Changer or any other malware, please refer to the security guides from your operating system or the self -help references from our fix page (http://www.dcwg.org/fix).
DNSChanger is not the end of the world
By Woody Leonhard on May 2, 2012 in Top Story
DNSChanger virus spells ‘Internet Doomsday’ … The end is nigh, according to the FBI … ‘Internet doomsday’ will strike us all on July 9 …
That’s what a couple of popular websites had to say about the DNSChanger virus. What a crock!
I’ve been writing about viruses for about two decades, and I don’t think I’ve ever seen headlines that ridiculous from sources that should know better.
DNSChanger is a real piece of malware — it’s a variant of the TDSS/Alureon family of Trojans — and it was a real problem until taken down Nov. 8, 2011, in a joint FBI–Estonian police action code-named “Operation Ghost Click” (FBI site).
Since then, it seems, DNSChanger has hit headline after headline — with dire warnings. Even local TV news programs have covered it in breathless terms, as if it were the worst thing to ever infect your computer.
Lemme tell ya. It’s easy to write scary headlines such as “New Mac Trojan makes your clicking finger fall off!” (no doubt because Mac mice have only one button) or “Log on to Windows and lose your life savings!” It’s not so easy to examine the threat, digest it, translate it into terms we can all understand, and make a few simple recommendations.
That’s the goal for this column. Is it true that, as a Huffington Post U.K. headline put it, “The end is nigh, according to the FBI!”? I don’t think so.
Exactly what does DNSChanger do? With an estimated four million infected computers — 500,000 in the U.S. alone — DNSChanger was one of the largest botnets ever disassembled. However, despite what you may have read, this botnet wasn’t designed to steal your credit-card numbers or bank-account passwords. DNSChanger rerouted your browser to websites that mostly sold little blue pills, antivirus products that didn’t work, and other scummy stuff.
The people behind DNSChanger received commissions from these fake pharmaceutical companies, rogue antivirus sites, and other unsavory cyber characters. The FBI avers that these “commissions” amounted to more than $14 million.
Typically, DNSChanger infected systems by posing as a codec needed for viewing videos streamed from adult sites. When you clicked to view these bogus videos, Windows Media Player would complain that it didn’t have the right codec. Users then downloaded the codec from the site, gave permission to install the codec, and — well, there you go.
(Given the amount of unauthorized Web surfing on business PCs, it should not be surprising that half of the Fortune 500 companies and roughly half of all U.S. government agencies now have one or more PCs infected with DNSChanger.)
As befits a TDSS/Alureon variant, the infection is a nasty one — full rootkit behavior that’s hard to detect and even harder to clean.
On Windows, the infection changes your computer’s DNS server, usually by hacking the Registry. (If you aren’t familiar with Domain Name Servers — the White Pages of the Internet — check out Susan Bradley’s April 5 Top Story.) With a subverted DNS server, you might type www.google.com into your browser — any browser — and end up at www.buyonlinepharmaceuticalsifyoudare.com. The bad guys set up several DNS servers that did exactly that.
Naturally, if you tried to go to common Web addresses that offer antivirus help, AV scans, patches, advice, or even news about DNSChanger, you were rerouted. Effectively, your browser belonged to DNSChanger.
DNSChanger meets its match on two continents As scary as that DNSChanger sounds, you no longer need fret over it — you no longer have to worry about DNSChanger changing your PC’s DNS server. The FBI and many other organizations — in the U.S. and in Estonia — took DNSChanger down. You might still get an Alureon infection, but it won’t be DNSChanger.
Although it took years, the FBI succeeded in identifying the people directly involved in the scam — six men in Estonia. The agencies also found the IP addresses of the DNSChanger servers: all were located within the U.S.
In a complex, well-coordinated action, Estonian police arrested most of the bad guys, who are now facing extradition to the U.S. To minimize Internet service disruptions to those four million infected PCs, the FBI and Internet Systems Consortium (the nonprofit company that maintains the ubiquitous DNS server software, Binds) pulled off an amazing technical feat: they quickly replaced the malicious servers with legitimate DNS servers. (Many PC users might still not know they’re infected. But at least they’re getting to their intended websites.)
Operation of the DNS server farm was given to a new organization called the DNSChanger Working Group, which consists of representatives from the computer industry and law enforcement. That left the FBI in the position of running a DNS server farm — and also left a nagging question.
The take-down aftermath, and what you can do For those four million PCs, what’s the smarter move: leave users unaware that they’re infected and maintain the servers indefinitely, or gradually shut down the servers and cut off small numbers of users at a time?
It’s a tough choice. There’s no right or wrong answer, from my point of view. The FBI and BINDS could perhaps try to intercept a handful of webpages and put up warnings on them. But that might scare the daylights out of a lot of people and leave them with the task of changing to another DNS server on their own.
The FBI and the DNSChanger Working Group originally had court permission to keep the server farm running until March 8. As the deadline approached, people fretted that shutting off the remaining infected machines (still millions of them, at that point) would cause a lot of panic. So they sought, and received, a court extension to July 9.
Will the DNSChanger Working Group look for another extension after July 9? I think it’s highly likely that they’ll ask for — and receive — an extention. Remember, though, somebody has to pay for running the temporary server farm.
So while we wait for an Internet Armageddon that will never come (at least not from DNSChanger), here’s something you can do (and have all your friends do, as well). Go to the DNSChanger Working Group Detect site and click the link at the bottom for your language or country. (Because you’re reading this in English, you’ll most likely click through to the main DCWG test page.) When you get to the DNS Changer Check-Up page, you’ll see a large graphic — if it’s green, you’re fine; if it’s red, you’re infected.
There are lots of DNSChanger-fixing programs out there. I’ve not run across any infected machines yet; but if I do, my first choice for cleaning them would be Windows Defender Offline, which I wrote about in my Jan. 5 Top Story.
Yep, this is one of the tests even your Aunt Martha needs to take.
Thanks Straight Talkin Mike.....
CISPA: the controversy surrounding it and how it might affect you
By Rachel Rose Hartman | The Ticket – 21 hrs ago
While much of America was gearing up to watch the NFL draft picks Thursday night, the House of Representatives passed a controversial cybersecurity bill to increase information sharing between private companies and the federal government.
The bill—H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA)—passed at 6:30 p.m. by 248 to 168, boosted by a Republican majority (206 Republicans voted for it, along with 42 Democrats). Debate on the bill was expected Thursday, but the vote was a surprise because it had been scheduled for Friday.
Here's a look at the controversy surrounding the bill, what's in store for its future and how it might affect you:
Check out our explainer below to find out more about CISPA :
• What is the purpose of CISPA? Michigan Republican Rep. Mike Rogers and Maryland Democratic Rep. Dutch Ruppersberger sponsored and, along with supporters, crafted CISPA to offer private companies new ways to protect themselves from potential economic cyberspies hailing from countries such as Russia and China. To accomplish this, the bill amends the National Security Act of 1947 (which contains no cyberthreat provisions) to increase information-sharing permission between U.S. businesses and the federal government. Supporters say information regarding cyberthreats will be more quickly and easily disseminated under CISPA.
• Why is it controversial? Opponents aren't arguing against discussing cyberthreats, but they're concerned about the scope of sharing and privacy issues. Under CISPA, companies will be permitted to share information with entities such as the Department of Homeland Security and the National Security Agency and won't be required to protect Internet users' personal data. The shared information is supposed to be related to cyberthreats, but many opponents argue that term is too broad and offers too many exemptions to current privacy laws.
• How does CISPA differ from SOPA? CISPA has been dubbed "the new SOPA," in reference to the Stop Online Piracy Act, a bill designed to curb copyright infringement by restricting sites that host pirated content. Congressional action on SOPA was postponed Jan. 20 after fierce protests from technology companies and others. SOPA centered around piracy, while CISPA is about cybersecurity. And while SOPA cracked down on domestic sites, CISPA is focused on overseas entities. Constitutional rights advocates, civil liberties groups and others oppose both bills. Unlike with SOPA, many tech companies, such as Facebook and Microsoft, support CISPA. The bill has already advanced in one chamber of Congress with a majority of support after amendments were added to define cyberthreats.
• Who opposes and who supports CISPA?
Against: The American Civil Liberties Union and other advocacy groups such as the Sunlight Foundation, the American Library Association and the Electronic Frontier Foundation are staunchly opposed to CISPA as a potential threat to Americans' constitutional rights. The White House on Wednesday threatened to veto the bill in part over privacy issues and has backed a competing cybersecurity bill offered in the Senate. A majority of House Democrats and 28 Republicans voted against the bill Thursday due to privacy issues and other factors. Rep. Ron Paul of Texas voted no on the bill, saying on Monday that it would create a "Big Brother" culture.
For: Many companies and groups including Facebook, AT&T, Intel, Microsoft, the U.S. Chamber of Commerce, the conservative Heritage Foundation and tech associations back CISPA as an effective way to combat overseas cyberthreats. Select members of Congress support CISPA for the same reason.
• What is the future of CISPA? Don't expect the Democratic-controlled Senate to rush to pass CISPA after the White House's veto threat. In addition to the president's opposition, CISPA must now compete with the Senate's own cybersecurity legislation.
Here’s How Your Identity Will Be Stolen: The Top 10 Scams
By Martha C. White | April 5, 2012
Looks too good to be True~~Fraud Risk Assessment Tests
Are you about to be a victim of Fraud?
Looks Too Good to Be True Website:
TAKE OUR TESTS
Many people aren't sure if they have been or are about to be become a victim of fraud. Take the following risk assessment tests and see if you are a potential victim:
Is your computer Protected?
Is You Child at Risk on Line?
Are you protecting your identity?
Are you safe from Financial Fraud Opportunities?
Are you an unwitting accomplice in Crime?
Are you at Risk to be Scammed Through an Internet Auction?
Authentic or Counterfeit?
Are you the Lucky winner in a sweepstakes or Lottery?
CLICK BELOW FOR TESTS
Internet Crime Prevention Tips
Straight Talkin Mike Post~~Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files
Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files
Prepared by the Internet Crime Complaint Center (IC3)
January 20, 2012
Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files
Cyber criminals can damage their victim's computer systems and data by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. By wiping, or "zeroing out," the hard disk drives, which overwrites good data with zeros or other characters, the criminals effectively erase or alter all existing data, greatly impeding restoration. This sort of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Completing network restoration efforts and business damage assessments may also be hampered.
The FBI and DHS encourage businesses and individuals to employ mitigation strategies and best practices such as:
To receive the latest information about cyber schemes, please visit the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes.
If you have been a victim of cyber crime, please file a report with the Internet Crime Complaint Center at www.IC3.gov.
Thanks to Jose from Puerto Rico who shared this great site all about Internet Scam & Crimes. Info on where to report them, how to prevent them, and monthly listings of New Internet Scams and Fraud.
INTERNET CRIME COMPLAINT CENTER (IC3)
(an FBI and the National White Collar Crime Center (NW3C), funded in part by the Bureau of Justice)
INTERNET CRIME COMPLAINT CENTER
INTERNET CRIME SCHEMES
Straight Talkin Mike Computer Security Blog