Tag Archives: internet

Stop CISA to Stop Cyber Spying

Image By: lizzardo

CISA or the Cybersecurity Information Sharing Act of 2015 has not been passed yet. It could be up for a vote as early as next week but it appears that it might be delayed until fall.  President Obama has made no promises to veto this bill. The Electronic Frontier Foundation (EFF) believes that grassroots activism can kill this bill like it has other bad cybersecurity legislation in the past.

So, what is CISA? The Cybersecurity Information Sharing Act of 2015 was  intended to balance security and privacy. Senate Intelligence Committee Chairman Senator Richard Burr said that fifteen new amendments to the bill were designed to protect internet users’ personal information while enabling new ways for companies and federal agencies to coordinate responses to cyber attacks, according to a Wired article from January.

Critics of the bill argue that the bill does nothing to boost security and does nothing to prevent major cyber attacks that endanger the privacy of individuals. EFF argues that the bill encourages companies to share private information with the government and gives them sweeping liability protection when they do so.

“CISA is fundamentally flawed because of its broad immunity clauses for companies, vague definitions, and aggressive spying powers,” says the EFF Week of Action page, “Combined, they make the bill a surveillance bill in disguise. The bill may even make things worse for Internet users in several ways. That’s why we’re launching a week of action to make sure Congress is getting the message loud and clear:  CISA must not pass.”

Organizations that have joined with EFF for Week of Action include the American Civil Liberties Union, the American Library Association, The Constitution Project, and Freedom of the Press Foundation. EFF has a list of organizations that will be participating in the Week of Action and will update it as new organizations join the fight to #StopCISA.

Your Teen is Talking to Strangers and Giving Out Too Much Info

By: Wen Tong Neo

McAfee released a study in June that exposed a shocking revelation for the parents of tweens and teens. The 2014 Teens and the Screen study: Exploring Online Privacy, Social Networking and Cyberbullying exposed that teens often over share personal information and are willing engage strangers online.

The survey highlighted some important findings. Private lives are not so private. Teens often seek social networks considered to be the “no parent zone.” Cyberbullying is still prevalent on the world wide web and teens are often the victim. Cyberbullying conflicts are also carried into offline altercations.

Some of the statistics are startling. Continue reading Your Teen is Talking to Strangers and Giving Out Too Much Info

Stand Against Spying- A Coalition Seeking to Stop Government Mass Spy Programs

By: Alan Cleaver

A coalition of organizations from across the political spectrum has joined forces to fight mass surveillance by the National Security Agency (NSA). The group has launched a website called “Stand Against Spying” and has become a watchdog of Congress. Although the organizations are vastly different in terms of missions, goals, and communities they all agree that mass surveillance is a violation of the United States Constitution. Electronic Frontier Foundation, Tenth Amendment Center, Greenpeace, Freedom of the Press Foundation, and UpWorthy are all part of the coalition fighting back against the government spy programs created by the NSA.

Stand Against Spying allows users to put in their address and zipcode to see how their representative is voting on issues regarding mass surveillance. Each member of Congress is rated on his or her actions to end or promote mass surveillance.

The method used to rate members of Congress was different for the House and for the Senate. For the House, votes for the two strongest bills against mass spying were considered; the Surveillance State Repeal Act and the original version of the USA FREEDOM Act. Senate members were rated on whether they co-sponsored the original USA FREEDOM Act and if they have come out publicly claiming a commitment to cosponsoring the Act when Congress is back in session (July 7).

The website requests that users sign an open letter to President Obama. The letter sets out the goals, beliefs and mission of Stand Against Spying.

It reads:

“Dear Mr. President,

As citizens of the Internet, we believe that mass surveillance by the NSA and its global partners infringes on our civil liberties, runs contrary to democratic principles, and chills free expression.

We’re calling on you to take immediate steps to end the mass spying. Specifically, we urge you to stop the mass collection and retention of telephone records and Internet communications of hundreds of millions of people who are not suspected of a crime.

In addition, we call on you to provide a full public accounting of the intelligence community’s mass surveillance practices.”

Read the full letter here. Internet citizens are encouraged to sign the open letter to take a stand against spying.

 

Snapchat Suffers Major Security Breach Plans to Make App More Secure

Snapchat suffered a major security breach on New Year’s Eve when a reported 4 million usernames and passwords were collected by hackers.  Snapchat had been warned twice by security experts about a vulnerability in its system, according to Yahoo News.

Snapchat is a private company that has marketed itself on being a more secure alternative that Facebook and Instagram. It lets users send photo and video messages that disappear once viewed.  According to the New York Times, users of the self-destruct message service were sending 350 million photos a day in September –increased from 200 million in June.

Related content:  Are Instagram and Snapchat safe for Kids?

Security researchers were not convinced that the app actually deleted information.  The hackers who stole the usernames and passwords from Snapchat were actually security researchers with Gibson security who were able to hack into Snapchat’s servers and find the data that had been stored in a database similar to other big internet companies.

The security researchers posted the hacked information onto a website called SnapchatDB.info after privately warning Snapchat about the weakness in its system.  The researchers then posted a warning about the security hole online on Christmas Eve after the notice was ignored. Snapchat did patch the hole in the system but it didn’t do enough.  The data was not encrypted nor were there any basic security measures in place to prevent hacking.

The usernames and passwords put online in the data dump on New Year’s Eve had the last two digits of phone numbers removed. Snapchatdb.info has since been suspended for the data dump, but not before word spread of the breach.

The breach severely tarnishes Snapchat’s reputation and image. It could threaten the company’s rapid growth.

Gibson Security says users can delete their Snapchat accounts and ask their phone company to change their phone number in order to protect their information. Although, they warn that deleting the account won’t remove information from the leaked database information.

“Ensure that your security settings are up to scratch on your social media profiles. Be careful about what data you give away to sites when you sign up –if you don’t think a service requires your phone number, don’t give it to them,” Gibson told the Associated Press.

Snapchat is trying to reassure users’ that is has adopted security measures that would prevent spam and abuse. They also claim they are working to prevent “future attempts to abuse our service.”

Bradley Manning Acquitted of Aiding the Enemy

Bradley Manning was found not guilty of “aiding the enemy” by a military judge on Tuesday, July 29. Private Manning became notable for his release of hundreds of thousands of military and diplomatic documents. Manning released the documents to WikiLeaks for publication in 2009 and 2010.

Manning was arrested in May 2010. He was charged with 1 count of aiding the enemy, 9 counts of failure to obey a lawful order or regulation, and 24 counts of violating the General article of the Uniform Code of Military Justice. The last 24 charges included violations of the Espionage Act, Computer Fraud and Abuse Act, and Embezzlement and Theft of Public Money, Property or Records.

The total number of counts that Manning was charged with was 34. If he had been found guilty of “aiding the enemy” he could have potentially faced the death penalty.

While the court-martial judge, Col. Denise R. Lind,  ruled that Continue reading Bradley Manning Acquitted of Aiding the Enemy

New E-Mail Scams and Warnings: Citadel Malware Want to Extort Money

The FBI warns of another new virus making its rounds on the Internet and it does more than just try to shut down your computer. It also attempts to get money and credit card information from those affected.  When the computer is rebooted or restarted, a screen comes up telling the user that they have violated federal laws and that they now owe a fine.  Once the fine is paid, the virus continues working in the background and can steal credit card or banking information.

The following are the details of this virus attack:

Citadel Malware
This new Citadel malware has been established strictly to extort money from users who do not know any better.  When the computer is restarted or rebooted, an official looking screen from the FBI informs the computer user that the computer’s IP address has been locked. It states that this is due to child pornography or other misuse of the internet.  The user then must send $100 to the FBI as a fine through a throwaway prepaid money card.  This is called “ransomware” and is not something that the federal government has put on the computer.

Ransomware
Ransomware is a virus that specifically asks those who are affected to pay money to unlock their computer.  Once the amount requested has been paid, the computer is unlocked and can be used again.  Neither the FBI nor any other government agency would lock a computer due to any Internet browsing activity.  If they think there is something going on that requires their attention, they will seize the computer from the home and take it to their lab for further investigation.  Never pay a ransom such as this, no matter how official it may look.

Eradicating the Virus
If your virus protection software is not up to date then you need to do so immediately before you get the virus.  In the event that it is already on the computer, it must be taken to a professional who can get rid of the virus.  The only other way to remove it is to download software but that is not practical when the computer is locked.  Never send any money to anyone who states that is the only way to unlock the computer.  You also should also contact your banking institutions and let them know you have the virus and then file a complaint here.

The FBI reminds us:

To report potential e-scams, please go the Internet Crime Complaint Center and file a report. Note: the FBI does not send mass e-mails to private citizens about cyber scams, so if you received an e-mail that claims to be from the FBI Director or other top official, it is most likely a scam.

If you receive unsolicited e-mail offers or spam, you can forward the messages to the Federal Trade Commission at spam@uce.gov.

It is never fun getting a virus but most virus protection software can handle finding and removing the small ones.  This type of ransomware malware is relatively new and your virus protection needs to be up to date in order for it to be productive.  If you do get this virus, take your computer immediately to a professional who can safely and completely remove it and then file a complaint with the Internet Crime Complaint Center.

 

 

Guest post by Lisa Mason.  Lisa Mason is a freelance writer and VP of Special Media for Social Media Sun.

The Cybersecurity Act of 2012 is Defeated

On August 2nd the Cybersecurity Act of 2012 was defeated by the US Senate.  This bill would have allowed big companies to track what we do on the Internet and then give that information to the government.  The senate needed sixty votes in order for the bill to leave the debate stage and to go into the next step.

While this is great news for the cyber community, this does not mean that this is the end of this type of legislation.  President Obama is currently looking at other ways to implement some aspects of this bill including using an executive order.  The president is adamant about protecting the country from cyber threats.  He feels that our current system is outdated and inadequate for today’s big threats.

This may be bad news for the president but those ordinary citizens of the United States are happy that this bill was stymied.  The act made it clear that Continue reading The Cybersecurity Act of 2012 is Defeated

Investigator Alert: Microsoft email and telephone hoaxes resurface

It’s an “oldie” but apparently it is still a “goody” as the Microsoft technical support hoax resurfaces in an effort to trick Microsoft customers into releasing private, personal and credit card information.

There are several different methods used to gain your trust and your information.  But all of them are fakes and frauds.   Here are a few that Microsoft wants to make sure that their customers know about:

  1. Microsoft does not call customers to fix your computer.
  2. You have not won a Microsoft lottery.
  3. Credit card information is not required to verify your Microsoft account.
  4. Unsolicited email messages containing so called security updates do not come from Microsoft.
Official notifications regarding your security can be found on the Microsoft website.  But that’s not all.  There are currently 14 different updates planned to occur this week, several which are labeled “critical.”  These updates are designed to patch “holes” in the security of popular programs like Windows, Office, and Internet Explorer.  Internet Explorer will soon be updated every month instead of every other month. Security professionals seem to like this idea, “It looks like IE will be the story every month now,” said Storms, who noted there seems to be no shortage of IE vulnerabilities. “I don’t think they’re proving a point, that they’re patching just because they said they can every month, but because they have to.”
IT professionals will be happy to hear of patches to Exchange and SQL Server, “Those are two of the three things that are most important to IT in enterprises,” said Andrew Storms, director of security operations at nCircle Security. “Thank goodness SharePoint’s not included. But Microsoft is hitting two out of three in just one month.”
If all else fails when it comes to fighting hackers, Microsoft may take the “if you can’t beat them hire them” attitude that they have had in the past.  After all if they are good enough to get into the system, then they are good enough to protect it.
Have you encountered any of these types of scams here is where Microsoft would  like for you to report it.

 

Cybersecurity in the Senate: Time to take action

Do you appreciate your digital freedom? Do you know how to protect your security and remain safe on the Internet? If so, then you might have heard about the new Senate Cybersecurity bill S. 3414. The good news is that it is not CISPA. However, there are some downsides to this new bill. First, the privacy protections are under threat. They were added in response to the concerns of the Internet community but they may now be watered down or even removed completely as the bill advances through the Senate.

This is a common problem in these matters. The public hears about a proposed bill and support it but by the time it makes its way through the channels, you’re hardly looking at the same bill you supported in the beginning. This is why we have to step up and speak out.

Congress wants to use “cybersecurity” fears to convince people it’s ok to have their civil liberties challenged. They want to make you afraid of the dangers that exist online and believe that they are protecting you but the truth is they can protect you without invading your privacy.

When cybersecurity legislation is bad, it affects the privacy of the people. Often it will bypass the existing privacy laws and automatically send your personal data directly into the hands of the government without judicial oversight.

The Senate has introduced a new cybersecurity bill (S 3414) that addresses some of the most significant privacy concerns. While not perfect, S 3414 includes strong new privacy protections and we want to make sure they water them down while passing the bill. Continue reading Cybersecurity in the Senate: Time to take action

Does the FBI Need to Wiretap Websites to do an Effective Job?

America’s Federal Bureau of Investigation, the crime- busting branch of the federal government, wants to extend its wiretapping authority to the world wide web in an effort to more effectively control crime and prosecute suspects. The FBI claims that the proposed changes are a necessary modification to existing laws and they will help the FBI zero- in on criminal activity by harnessing the World Wide Web and secretly watching online activity.

What is This Proposed Change All About?

Back in 1994, Congress passed the Communications Assistance for Law Enforcement Act. It was a sweeping and controversial law when it passed because it allowed wiretapping on a telecommunications level and required telecom businesses to cooperate fully by modifying their electronic devices, equipment, and services to make them immediately compatible for surveillance.  This law has been in place now for almost two decades and supporters say that it has helped organizations such as the FBI and others in their efforts to track criminals and gather evidence.

Now, the FBI wants to extend the Communications Assistance for Law Enforcement Act to the internet and its proposal is based on the simple fact that the internet is a form of communication and therefore should be subject to the same rules and regulations as the telecommunications industries. The FBI wants to be able to access everything from Yahoo to Facebook and beyond and subject these online businesses to the same requirements as the telecom industry.

What is at Stake?

The FBI claims it only wants to protect the public and that the added ability to track potential criminals online would provide another weapon in its arsenal. Critics of the plan say it is another step toward a government- controlled state and a blantant infringement on privacy rights. If we allow government agencies like the FBI to tap our Facebook account and our instant message conversations, what step will they take next? Surveillance cameras aimed at the front windows of our homes? Listening devices placed on our doorstep? Continue reading Does the FBI Need to Wiretap Websites to do an Effective Job?