Author: Kent Lawson

Ask the Expert: Can a Botnet Really Turn My Computer Into a Zombie?

Q: “I recently read about something called bots and botnets, and that these things can turn my computer into a zombie. What does that mean? Can you explain what botnets are and what they do?”

A: Botnets are a new and scary online phenomenon. In layman’s terms, a botnet is a network of infected computers that are controlled virtually by a botmaster.

With the rapid growth in bot infections, it’s vitally important that everyone get up to speed about this threat.

Night of the Living BotNets

Botmasters can take over computers in a variety of ways, but usually they do it by sending infected emails to unsuspecting users. When the user opens a file attached to the email, their machine becomes infected.

After a computer becomes infected, the botmaster adds it to his or her botnet, which is the network of infected computers. Infected computers are sometimes called “zombie” computers.

 

Ask the Expert: Twitter Opts In to Allowing You to Opt Out

Q: “I recently heard that Twitter was implementing the Do Not Track feature for its users. This sounds good, but I don’t really know much about it. Can you tell me more about Do Not Track?”

Twitter should be applauded for putting our privacy before their profits.

While the Do Not Track feature is not the only thing we should be using to protect our online privacy, it’s important that a social media company like Twitter supports robust privacy tools. The Do Not Track feature is one of those tools.

First, let’s take a look at the Do Not Track feature and its pros and cons.

Cell Phone Companies Sell Your Information to the Police

Did you know that cell phone companies routinely sell personal cell phone data to the police without a warrant or any oversight at all?

If you’re like most Americans, you probably know nothing about it.

No one outside of law enforcement and the cell phone companies know exactly what information is being exchanged and how often. Congress and the courts have no idea either.

And the cell phone companies are fighting very hard to keep it that way.

data broker

The Shady World of Data Brokers: How to Remove Your Sensitive Information From Their Databases

Did you know that there is an entire industry devoted to buying and selling your personal information?

This includes your current and past addresses, your age, the names of your neighbors, and your purchase history, among other things.

The companies that compile and sell this information are called data brokers. It is a huge industry, but most people don’t even know that it exists. And data brokers would like to keep it that way.

insecure

Ask the Expert: Are ‘Secure’ Websites Really As Secure As We Think?

Q: “All of my important websites (email account, financial accounts, and social media) use HTTPS, so this means that they are totally secure, right? That’s what I have always been told and I just want to make sure that I have nothing to worry about.”

A: Most of us assume that if a website uses HTTPS, it’s completely secure. The reality is that sites that use HTTPS are not as safe as most people think.

In fact, new information from SSL Pulse has highlighted just how insecure HTTPS really is.

snooping

WiFi Snooping: Wait, Isn’t that Illegal?

I am often asked if viewing another person’s Internet communications is illegal.

You would think it would be, right? It seems like a no-brainer.

The surprising answer is actually no. In the United States, at least, it is perfectly legal.

Should You Share Your Social Media Passwords with a Potential Employer?

Would you ever share your Facebook or Twitter login information if a potential employer asked for it? What if you getting the job depended on it?

According to the Associated Press, more and more employers are asking for this information from job applicants so they access the applicant’s social media accounts from company computers.

Most of the time, security and government agencies are the ones asking for social media login information. If you’re applying for this type of job, you probably aren’t expecting a lot of personal privacy.

internet crime

Why Internet Crime Actually Does Pay

Recently, Roger Grimes at InfoWorld published a fascinating article about how lucrative and safe it is for cybercriminals to commit identity theft on the Internet.

If you’re an ordinary criminal who likes to rob banks, you’re taking a big risk for a relatively minor reward.

The FBI reported that in 2010, U.S. bank robbers committed 5,628 bank jobs which netted $43 million. So the average bank robbery took in a little more than $7500. And 22% of the time, the criminals were caught and the money was returned.

 

Ask the Expert: Does Secure Browsing Really Keep Me Safe On Twitter and LinkedIn?

Q: I have an active Twitter feed and occasionally use LinkedIn for work purposes, but I am unfamiliar with how those sites secure my privacy. I read that both sites have introduced “secure browsing” but what exactly does that mean, and how is it keeping me safer?

A: A secure website has “https” in its URL and has a small lock symbol next to it. It’s used by most banks and online retailers to provide secure transactions.

WiFi Pineapple Redux: Hacking Toy Offers No Legitimate Use, Tricks Hotspot Users

You may remember an article I wrote last summer about “hack-in-a-box” tools that allowed novices to buy an off-the-shelf product that allowed them to hack wifi networks by simply flipping a switch.

One of the products I talked about is called WiFi Pineapple. As I wrote in last year’s post, WiFi Pineapple has only one purpose: to hack into unsecured wifi communications. They even admit it on their website:

The Government’s New Consumer Privacy ‘Bill of Rights’ a Positive Step Forward

The Obama Administration recently unveiled plans for a consumer privacy “bill of rights” that, at first glance, looks very promising.

The plan would give citizens more control over how their personal information is collected and used by online companies. It also sets standards regarding individual control, transparency, and accountability.

In a nutshell, this plan gives people the ability to opt out of having their personal data collected as well as forcing companies to adhere to clear and accessible privacy policies.

Got Personal VPN? Cisco Highlights Major Privacy Vulnerabilities of Wifi Hotspots

From session hijacking to session sidejacking, do you know all your vulnerable points in wifi hotspots?

If not, check out a new white paper from Cisco called “The Future of Hotspots: Making Wi-Fi as Secure and Easy to Use as Cellular.”

We have warned about these kinds of hotspot attacks for years, but it is significant that Cisco agrees with our analysis. After all, Cisco is the largest manufacturer of wifi equipment, having shipped 10 million wifi access points to customers.

If they are saying that wifi hotspots are inherently vulnerable to attacks, you can be sure that they know what they are talking about.