fbpx

The dark web is essentially pop-up markets packed with drugs, weapons, child pornography, passports, you name it. You can even find counterfeit money or grenades.

SAN DIEGO — You have probably heard about the dark web, in fact, the name itself sparks a lot of curiosity. It is a place where you can buy all sorts of things, from illegal drugs, to passports and even explosives.

Many people think it is not accessible to the average Joe, but that is not the case. Federal prosecutor Sherri Walker Hobson says, “the problem is, not only can anyone do it in America, it is the person next door.”

No one knows that better than 39-year-old San Diegan Sky Justin Gornik. The Clairemont resident was locked up earlier this year for 70 months for buying and selling drugs on the dark web from 2014-2017. Some of the drugs included the deadly carfentanil.

Sherri Walker Hobson told News 8, “In light if the volume of packages he was receiving, they suspected he was likely a dark web vendor here in San Diego.” She went on to say, “I have been a prosecutor for 30 years, and it is shocking to me, we now have the ability to order drugs over the dark web.”

Hobson says patrolling the dark web is not an easy task.

Lance Larson is the co-director of San Diego State University’s Graduate Program in Homeland Security and an expert in both cyber security and homeland security. He says there are three layers to the web.

  • The surface web which is the sites you use regularly. The dot-coms such as Google.
  • The deep web which has data with complex information, legal documents and medical records
  • The dark web

The dark web is essentially pop-up markets packed with drugs, weapons, child pornography, passports, you name it. You can even find counterfeit money or grenades.

Larson says, “we think there is a use by common criminals of the dark web to be able to gather new tactics, or new ways to be able to scam people and to commit fraud."

So how can we go about making sure our personal information is safe? Larson says it is really tough because we give up a lot of info to companies we trust and unfortunately some companies do not have great cyber security practices. He says it is OK to ask how they are protecting your information.

He says some things that are easy to do include locking down your credit report or lock your username and passwords for sites by using multi-factor authentication. This is a security feature that requires more than just a simple password. For example, you would need to receive a text message with a code in addition to a password.

Larson says the dark web can easily be accessed with the proper router. He says “like the onion router, also known as ‘TOR’ without the users browser or history being exposed.” The dark web can also be downloaded to a cell phone.

We asked, is there legitimacy to the dark web? Larson said, “There are some really good legitimate reasons for the dark web. For example, in countries that have a censorship, the dark web allows people in those countries like news reporters to be able to report out and share on what's going on in their country.”

The dark web is so large it is impossible to know how many pages are out there, but undercover agents around the nation are constantly on the lookout. Prosecutor Sherri Walker Hobson says, “people have to think twice before taking something, even if is from your own friend. You can’t be careless anymore. It is like Russian Roulette.”

And just like Hobson, Larson says we can’t arrest ourselves out of the problem. Education is key. 

“It doesn't look like we're going to solve this by taking down dark web websites, here and there. It really comes down to policing our own children and understanding what to look for. Does our neighbor -  are they receiving packages that have things they have purchased on the dark web and reselling in our San Diego communities?”

 

[Source: This article was published in cbs8.com By Stella Escobedo - Uploaded by the Association Member: Jason bourne]

Categorized in Deep Web

Internet security, like vaccination, should aim to protect the whole herd.

Back in my days as a web developer, we did our development and testing in porn mode. Those outside the industry might refer to this as an “incognito window,” but the phrase “porn mode” is universally understood because usually no one opens an incognito window unless they’re about to load something unseemly.

I remembered that when I read Alistair Barr’s account of his attempt to delete his user data, under the auspices of California’s new Consumer Privacy Act. The process is so cumbersome — it takes more than two hours and requires uploading selfies and a photo ID — that it ends up having the opposite of the intended effect. Instead of granting consumer privacy, the act of submitting a data deletion request draws undue attention to those seeking anonymity.

 

This is where default options matter. If every browser window automatically opened in incognito mode, then it wouldn’t be considered incognito browsing, but regular web browsing. But if only outlaws take the time to safeguard their privacy, then privacy becomes a de facto outlaw product.

Many privacy products are already regarded this way. For example, Tor is a web browser that obscures a user’s internet activity by routing network data through a maze of relays. It’s useful if you’re a whistleblower trying to communicate with journalists, but it can also be used for illicit activity. In 2014, the Financial Crimes Enforcement Network found that a majority of suspicious activity reports filed by banks involved IP addresses associated with the Tor network. Today, many financial institutions preemptively block traffic that arrives through Tor. In some cases, banks automatically freeze a Tor user’s bank account. Virtual Private Networks, which hide a user’s activity from the internet service provider, are also frequently blocked. People who go to the effort of protecting their privacy inherently seems suspicious.

But what if we saw privacy protection as akin to a form of vaccination? When we get shots to immunize against mumps or measles, we not only protect ourselves; we protect society as a whole, particularly those individuals who can’t develop immunity. Vaccination is so important that it’s opt-out, not opt-in. Similarly, defaulting to stricter privacy settings would create a safer internet not only for those who adopt them, but for those who, for whatever reason, don’t.

On the internet, data brokers collect information on as many users as possible to generate detailed profiles based on demographics and affinity groups. The more people who cut off the data brokers, the less these companies can infer about any given user. When it comes to consumer privacy protection, setting privacy as the default option protects the most vulnerable members of society.

California’s new privacy law went into effect Jan 1, but will not be enforced until July 1. Compliance requirements are still unclear. The Wall Street Journal suggests that websites with third-party tracking must add a “Do Not Sell My Personal Information” button to their home page, a move that will likely be about as effective as placing your number on the National Do Not Call Registry, or pushing the “close door” button in an elevator.

The only way anyone can really have privacy protections is if everyone has privacy protections. Privacy laws are not helpful if users can only delete their data after wading through two hours of bureaucracy. Companies that profit from massive data collection are rightly optimistic that most users won’t bother with these steps.

    This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

    [Source: This article was published in bloomberg.com By Elaine Ou - Uploaded by the Association Member: Barbara larson]

    Categorized in Internet Privacy

    Unlock censoreship- and AWS-resistant websites.

    Unstoppable Domains today launches its native, censorship-resistant crypto browser. Users can now surf the decentralized web and send crypto payments directly to site addresses ending in .zil or .crypto.

    Blockchain Domains Built on Ethereum

    Like domain names used for surfing the traditional internet, Unstoppable Domains offers enthusiasts an opportunity to host a site on the Ethereum and Zilliqua blockchains. 

    Accessing these sites is also straightforward for those unfamiliar with blockchain-based technologies. Users simply add .crypto or .zil, like .com, to a corresponding Unstoppable Domain to navigate to different portions of the decentralized Internet. 

     

    What initially began as a mechanism for easily remembering cryptocurrency addresses, has now turned into a suite of products from the San Francisco-based team. Sending cryptocurrencies from wallet to wallet required users to either memorize a 40-character string of letters, numbers and symbols or copy and paste this string of information. 

    The former is cumbersome, while the latter has proven risky. 

    In 2018, Bleeping Computer reported a type of malware that would monitor users machines for cryptocurrency addresses. If detected, whenever the user would attempt to copy and paste the address, the malware would swap the address with the attacker’s. This way funds would be sent directly to the attacker rather than the intended recipient. 

    Thanks to upstarts like Unstoppable Domains and ENS Domains, both issues can be mitigated. The second step after uncensorable payments, has then been to build out uncensorable domains. 

    Screenshot 4

     

    nsofar as many of the world’s most popular sites are built on centralized services like Amazon Web Services (AWS), taking down a website is not difficult. In the unlikely case that AWS ever shutdown, much of the Internet as we know it would also disappear. Conversely, websites built on a blockchain are protected from seizures and from being stripped of content. 

    Many websites that use either a .crypto or a .zil are already available. When users download the Unstoppable Browser, they can use the Chromium-based browser to visit sites like cryptolark.crypto or timdraper.crypto.

    Interested parties can download the browser for either Windows or MacOS today. 

     

    Cosmos Dev Leaves Tendermint, Cites “Untenable” CEO as Reason

    Zaki Manian walks after internal conflict.

    inside-cosmos-secret-plan-to-dominate-crypto-research-1-768x403.jpg

    Tendermint Labs director Zaki Manian has resigned from his post. Tendermint is a core contributor to the Cosmos blockchain network.

    Zaki Manian’s Recent Hint at a Departure

    In early February, Manian tweeted his discontent with Tendermint CEO Jae Kwon, saying the co-founder “has obsessively focused on Virgo while neglecting and under resourcing IBC… threw a painstakingly planned hiring and resource improvement proposal out the window to become @BitcoinJaesus.”

    He labeled the CEO’s conduct “an untenable distraction.”

    Screenshot 5

     

    Manian intends to continue working on Cosmos, telling Decrypt:

    “There are people inside the company that want to portray this as a power struggle between me and Jae, and this as an outcome and me threatening x, y and z. But it was really me saying I don’t see a way in this arrangement to get the work done. And the best way to get the work done was for me to leave.”

    Tendermint Continues Development Work

    Tendermint is yet to comment on the high profile departure. The company’s vision “to create open networks in order to manage conflict and empower people to align on universal goals to enact positive societal and environmental change” appears to have come unstuck at its own workplace. 

    However, it does have a slate of over 100 projects in the Cosmos and Tendermint ecosystems. The Tendermint protocol is an interoperability network, on top of which Cosmos was built.

     

    How Cosmos’ lead developer’s departure will impact the relationship between the two networks remains unclear.

    China Sees Red: FCoin Transaction Fee Costs the Exchange Millions

    Unique business model costs exchange its business.

    Controversial-Ponzi-Transaction-Fee-Mining-Exchanges-In-Decline-768x403.jpg

     

    Chinese exchange FCoin today announced insolvency following internal “technical difficulties.” The platform’s founder has already announced a new project to help pay back the multi-million dollar capital reserve.

    “The Route to Hell Is Paved with Goodwill”

    So reads the first line of an ominous Reddit post from FCoin’s founder on Feb. 17.

    The announcement from Jian Zhang, formerly the CTO of Huobi, indicated that it would not be able to process user withdrawals because the exchange had become insolvent. “It is expected that the scale of non-payment is between [7,000 -13,000] BTC,” said the executive.

    The culprit behind such malpractice was the very mechanism that helped FCoin briefly become a top exchange in 2018. 

    The exchange leveraged a unique “transaction-fee mining” reward to bootstrap adoption. In practice, this meant that for every trade fee paid on FCoin, the users would be reimbursed entirely in the exchange’s native token, FToken (FT). 

    Users quickly flocked to the exchange, thus pumping the price of FT and inflating the exchange’s volumes on CoinMarketCap. At one point, the exchange overtook the likes of OKEx and Binance at its peak. 

    Zhang indicated that the team raked in between $150 and $200 million at this time, with payouts to “old FCoin users” as high as 6,000 Bitcoin. Soon, however, this very mechanism became the exchange’s downfall. 

    In its short existence, FCoin had been periodically paying out users slightly more than they could afford. The team did not notice this discrepancy due to poor analytical tools for measuring payouts. Even after they began buying back FT with company funds, a user base eager to leverage the underdeveloped business model had far outpaced the team’s ability to save a sinking ship. 

    Still, in an act of good faith, Zhang is determined to payout all remaining withdrawal requests.

    Over the next two to three months, the founder will fulfill all email withdrawal requests as part one of a two-part plan. The second part, relies on the success of a “new project,” said Zhang. He added: 

    “Once the new project is on track, I will begin the long-term mail withdrawal process, which may take 1-3 years. In addition, for the other losses of FT and FMEX investors, I am also willing to use the profit of the new project to compensate. The specific calculation method will be discussed with you at the beginning of the compensation.”

    At the time of writing, FT finished trading at ~$0.04, down from a high of nearly $0.30 in May 2019. FCoin reports a 24-hour volume in BTC/USDT of  approximately $115 million, according to CoinMarketCap. FT is the seventh highest-traded coin on the platform. 

    Binance Cloud to Offer Exchange-in-a-Box Infrastructure Service

    Binance set to enter the white-label market

    Binance-Launches-Binance-DEX-768x403.jpg

    Binance is set to develop white-label crypto exchange infrastructure for use by smaller exchanges, allowing them to focus on regulatory compliance.

    Binance Cloud Service Extends to Exchange Infrastructure

    Binance’s cloud service was already hinted at by the exchange’s CEO, Changpeng “CZ” Zhao, during an “ask me anything” session on Feb. 8. Their white-label exchange infrastructure will provide spot market and futures trading, bank API integrations, and fiat-to-cryptocurrency exchange services. 

    Exchanges will be able to rebrand the software infrastructure, to be hosted on Binance Cloud, to suit the needs of their local markets. A statement from the company explained:

    “The Binance Cloud service is an all-in-one solution, featuring an easy-to-use dashboard that allows customers to manage funds, trading pairs and coin listings, as well as multilingual support, depth-sharing with the Binance.com global exchange, and more opportunities to collaborate with the ecosystem.”

    White-Label Exchanges Nothing New

    White-label crypto exchange infrastructure is not new to the industry. The current market leader is AlphaPoint, which claims to provide infrastructure to “over 100 exchange operators.”

    Binance’s entry into the white-label market appears to be in line with the giant’s determination to redefine money and expand cryptocurrency access and services to a worldwide audience.

     

    With Binance-powered matching engines, security, and liquidity solutions, new exchanges would be able to access instant workability and scalability. Startup exchanges have historically faced daunting setup costs, with many failing to gain significant market traction.

    The 32nd largest exchange by 24-hour volume, according to CoinMarketCap, had less than half a million dollars in trading activity for the day at press time.

    Read More...

    [Source: This article was published in cryptobriefing.com By Liam Kelly - Uploaded by the Association Member: Bridget Miller]

    Categorized in Search Engine

    PortSwigger Web Security has released its annual rundown of the best web hacking techniques of 2019.

    The 10 methods, chosen by a junction of community and expert panelists, are defined, predominately, by breathing new life into once dated techniques.

    Collective research that succeeds in fixing some of the web’s more precarious holes is also the reasoning behind the chosen picks and cream of the crop from 2019.

    Take the third place entry from researchers Ben Sadeghipour and Cody Brocious – work that develops on existing knowledge in the field of Server Side Request Forgery (SSRF) to show how this technique can be adapted and applied to server-side PDF generators using DNS rebinding.

     

    Check out Sadeghipour’s presentation from DEF CON 27 for the full lowdown.

    As XSS vulnerabilities have entered mainstream awareness, cross-site leaks (XS-Leaks) have started to garner the attention of the researcher community.

    It’s therefore no surprise to see the second podium for this year’s Top 10 given to the collective effort in developing this type of attack, which was first documented over a decade ago but has since evolved to include an ever-growing list of variants.

    Whether it’s pushing forward research through Eduardo Vela’s introductory tutorial to the subject, or the team effort behind publicly listing known XS vectors, the use of the technique has not gone unnoticed – nor is likely to disappear any time soon.

    Just last week, Japanese researcher Takashi Yoneuchi unveiled what he’s calling ‘blind regular expression injection’ – a theoretical exploit that would fall under the XS-Leak family, and yet another indication that researchers have only just scratched the (attack) surface.

    But the number one spot in 2019 went to the researchers that quantified the real-world impact of web cache deception (WCD) vulnerabilities for the first time.

    “We were certainly surprised to take the top spot,” the team, which included Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, and William Robertson, told The Daily Swig.

    “We developed a methodology and built an infrastructure to perform large-scale experiments on hundreds of popular websites and found 37 exploitable instances.”

    Building on the original WCD technique initially documented by security researcher Omer Gil, the ‘Cache and Confused’ team additionally showed how the method could be altered in multiple ways to perform a successful attack.

    “We hope that this number one spot can help our work garner more attention from the wider security community and pave the way for speedy development of defences,” they said.

    “In the meantime, we strive to educate the internet community on the fact that web cache attacks are often system problems, and they need joint effort from server operators and web cache vendors to mitigate.”

     

    Community favorite

    Despite bounties earned being no concrete measure of web hacking success, HTTP desync attacks, a technique that revives the once feared HTTP request smuggling method, brought security researcher James Kettle $90,000, partly for its achievement in compromising PayPal’s login page… twice.

    Presented initially at last year’s Black Hat USA, Kettle was awarded the Community Favorite in the Top 10 – a clear winner for shedding light on the inconsistencies of the HTTP request protocol with finite simplicity.

    While hesitant to make predictions on what the list means for future developments in both web security and offensive hacking, James Kettle, head of security at PortSwigger and one of the lead panelists involved in curating the Top 10, finds certainty in the rising difficulty of breaking things in today’s online landscape.

    “The interesting thing this year, is that we’re seeing the top entries are increasingly collaborative, in that, the top three are the work of multiple different researchers, which build on the prior work from prior researchers,” Kettle told The Daily Swig.

    “We really saw companies reacting more to the web vulnerabilities that were discovered in 2019.

    “We saw Amazon release a new locked down version for their EC2 metadata end point, which is clearly related to the SSRF threat, and browser XSS filters getting removed [Edge and Chrome] is a partial result of XS-Leaks.”

    Web hacking hit list

    PortSwigger’s Top 10 Web Hacking Techniques of 2019 received 51 nominations, all of which were put forward by the infosec community.

    The Top 10 was selected by a panel consisting of Nicolas GrégoireSoroush DaliliFiledescriptor, and James Kettle.

    The full list includes:

    1. Cache and Confused: Web Cache Deception in the Wild via Sajjad Arshad, Seyed Ali Mirheidari, Kaan Onarlioglu, Bruno Crispo, and Engin Kirda
    2. Cross-Site Leaks via Eduardo Vela et al
    3. Owning the Clout through Sever Side Request Forgery via Ben Sadeghipour and Cody Brocious
    4. Abusing Meta Programming for Unauthenticated RCE via Orange Tsai
    5. Google Search XSS via Masato Kinugawa and LiveOverflow
    6. All is XSS that comes to the .NET via Paweł Hałdrzyński
    7. Exploring CI Services as a Bug Bounty Hunter via EdOverflow et al
    8. Infiltrating Corporate Intranet like NSA: Pre-Auth RCE on Leading SSL VPNs via Orange Tsai and Meh Chang
    9. Microsoft Edge (Chromium) – EoP to Potential RCE via Abdulrhman Alqabandi
    10. Exploiting Null Byte Buffer Overflow for a $40,000 bounty via Sam Curry

     

     [This article is originally published in portswigger.net By Catherine Chapman - Uploaded by AIRS Member: Clara Johnson]

    Categorized in Internet Privacy

    "In the future, everyone will be anonymous for 15 minutes." So said the artist Banksy, but following the rush to put everything online, from relationship status to holiday destinations, is it really possible to be anonymous - even briefly - in the internet age?

    That saying, a twist on Andy Warhol's famous "15 minutes of fame" line, has been interpreted to mean many things by fans and critics alike. But it highlights the real difficulty of keeping anything private in the 21st Century.

    "Today, we have more digital devices than ever before and they have more sensors that capture more data about us," says Prof Viktor Mayer-Schoenberger of the Oxford Internet Institute.

    And it matters. According to a survey from the recruitment firm Careerbuilder, in the US last year 70% of companies used social media to screen job candidates, and 48% checked the social media activity of current staff.

     

    Also, financial institutions can check social media profiles when deciding whether to hand out loans.

    _108600940_banksybarelylegal2006.jpg

    Meanwhile, companies create models of buying habits, political views and even use artificial intelligence to gauge future habits based on social media profiles.

    One way to try to take control is to delete social media accounts, which some did after the Cambridge Analytica scandal, when 87 million people had their Facebook data secretly harvested for political advertising purposes.

    While deleting social media accounts may be the most obvious way to remove personal data, this will not have any impact on data held by other companies.

    Fortunately, in some countries the law offers protection.

    In the European Union the General Data Protection Regulation (GDPR) includes the "right to be forgotten" - an individual's right to have their personal data removed.

    In the UK the that is policed by the Information Commissioner's Office. Last year it received 541 requests to have information removed from search engines, according to data shown to the BBC, up from 425 the year before, and 303 in 2016-17.

    The actual figures may be higher as ICO says it often only becomes involved after an initial complaint made to the company that holds the information has been rejected.

    But ICO's Suzanne Gordon says it is not clear-cut: "The GDPR has strengthened the rights of people to ask for an organisation to delete their personal data if they believe it is no longer necessary for it to be processed.

    "However, this right is not absolute and in some cases must be balanced against other competing rights and interests, for example, freedom of expression."

    The "right to be forgotten" shot to prominence in 2014 and led to a wide-range of requests for information to be removed - early ones came from an ex-politician seeking re-election, and a paedophile - but not all have to be accepted.

    Companies and individuals, that have the money, can hire experts to help them out.

     

    A whole industry is being built around "reputation defence" with firms harnessing technology to remove information - for a price - and bury bad news from search engines, for example.

    One such company, Reputation Defender, founded in 2006, says it has a million customers including wealthy individuals, professionals and chief executives. It charges around £5,000 ($5,500) for its basic package.

    It uses its own software to alter the results of Google searches about its clients, helping to lower less favourable stories in the results and promote more favourable ones instead.

    _108600440_googlegettyimages-828896324-1.jpg

    "The technology focuses on what Google sees as important when indexing websites at the top or bottom of the search results," says Tony McChrystal, managing director.

    "Generally, the two major areas Google prioritises are the credibility and authority the web asset has, and how users engage with the search results and the path Google sees each unique individual follow.

    "We work to show Google that a greater volume of interest and activity is occurring on sites that we want to promote, whether they're new websites we've created, or established sites which already appear in the [Google results pages], while sites we are seeking to suppress show an overall lower percentage of interest."

    The firm sets out to achieve its specified objective within 12 months.

    "It's remarkably effective," he adds, "since 92% of people never venture past the first page of Google and more than 99% never go beyond page two."

    Prof Mayer-Schoenberger points out that, while reputation defence companies may be effective, "it is hard to understand why only the rich that can afford the help of such experts should benefit and not everyone".

    _108598284_warhol.jpg

    So can we ever completely get rid of every online trace?

    "Simply put, no," says Rob Shavell, co-founder and chief executive of DeleteMe, a subscription service which aims to remove personal information from public online databases, data brokers, and search websites.

    "You cannot be completely erased from the internet unless somehow all companies and individuals operating internet services were forced to fundamentally change how they operate.

    "Putting in place strong sensible regulation and enforcement to allow consumers to have a say in how their personal information can be gathered, shared, and sold would go a long way to addressing the privacy imbalance we have now."

     

    [Source: This article was published in bbc.com By Mark Smith - Uploaded by the Association Member: Jay Harris]

    Categorized in Internet Privacy

    In Summary

    • Every time you use your Android device, access YouTube, Instagram or WhatsApp, even your internet provider is in on it - Big Brother is watching.
    • A fraudster now has key information that could allow them access banking details, government accounts etc.

    According to University of Massachusetts psychologist, Robert Feldman, 60 per cent of people lie at least once during a 10-minute conversation. Especially when you are trying to appear likeable, not offend, capable or competent. Do you know who you never lie to though? Google.

     

    Indeed, there is a high probability that Google knows you better than your spouse. The phrases you search for reflect your likes and aspirations, fears and trepidations - whether that is: News from Migori…Causes of red rashes...Arsenal vs Tottenham results…Best colleges for accounting …or How to get divorced (sssh don’t tell the wife!).

    If you think these are private conversations between you and your search engine, think again.

    INTERNET

    Every time you use your Android device, access YouTube, Instagram or WhatsApp, even your internet provider is in on it - Big Brother is watching. Who dares to say no when you are browsing the internet and the pop-up screen appears asking if you consent to The ‘Cookies’.

    I normally agree to these vaguely threatening messages, as I wish to continue using the site and who knows what will happen if you don’t accept.

    As Al Franken, former US senator, says of the tech companies: “Accumulating massive troves of information isn’t just a side project for them. It’s their whole business model…We are not their customers; we are their product.”

    And the problem is not so much that your search for ‘how many calories in a chocolate bar’, makes you a good candidate for Cadbury’s ads.

    The issue is whether all the other data that is collected about you is used as innocuously or in a worst-case scenario, is secure from hackers.

    Do you use Facebook?

    FACEBOOK

    The people’s republic of Facebook has over two billion netizens. It’s bigger than China, bigger than India and more populous than the whole of the African continent.

    Its de-facto leader, Mark Zuckerberg, has unwittingly inherited many of the same headaches as a world leader. For instance, how to keep the peace.

    The fact that Facebook may know more about you than your own government, makes it vulnerable to the sophisticated deceptions of unethical players whether it is Cambridge Analytica or Russia interfering with US election results; or other rogue elements such as terrorists using your platform to recruit followers for their misinformed ideologies.

     

    And you know how John and Mary post photos of their new baby girl Waceke on their timeline, telling you the birth was at 3.02am, and of course that mother and baby are well at Mater Hospital in Nairobi? Well, they have just unwittingly created a digital footprint that exposes their child to identity theft in the future.

    SOCIAL MEDIA

    A fraudster now has key information that could allow them access banking details, government accounts etc.

    Dear parents, there is a name for what you are doing. It’s called ‘sharenting’ meaning the over-sharing of children’s information on social media.

    And if you live in the land of the Eiffel tower, your child could sue you for this. Let alone that in 18 years’ time, Waceke may cringe at having her future beaus or potential employers viewing half-naked toddler pics.

    And you know how these days if you take a photo on an iPhone, it will be stored together with the name of your exact location.

    Without your knowledge, this information may be shared. The answer to protect our individual online privacy may be global regulation. However this will take eons and we can’t live without the internet till then. So in the meantime, be safe. Be careful what you share.

    [Source: This article was published in nation.co.ke By ADEMA SANGALE - Uploaded by the Association Member: Jason bourne]

    Categorized in Internet Privacy

    [This article is originally published in cpomagazine.com written by  - Uploaded by AIRS Member: Robert Hensonw]

    In an age where the Internet is simply an indispensable part of life, the use of a search engine is possibly at the foundation of the user experience. This is a world where near instantaneous access to information is not simply a ‘nice to have’ for researchers and writers, it is at the bedrock of our modern consumer society. Is the way in which we find takeout food, restaurants, household furnishings, fashion – and yes even friends and lovers. In short, without search engines, the machine that powers our modern world begins to falter.

    We are increasingly reliant on search engines – but it may be instructive to understand just how much data Google is now handling. Within Google’s range of products, there are seven with at least one billion users. In its privacy policy, Alphabet (Google’s parent company) outlines its broad and far-reaching data collection. The amount of data the company stores is simply staggering. Google holds an estimated 15 exabytes of data, or the capacity of around 30 million personal computers.1

     

    However, it is worth noting that Google is not alone in the search engine space. There are other players such as Microsoft’s Big. Yahoo Search and Baidu. All of them are mining data. However, there can only be that one ‘Gorilla in the Sandpit’ – and that is undoubtedly Google. To explore just how search engines may infringe on our rights to privacy Google gives us a yardstick to what they would characterize as ‘best practice’.

    Nothing in life is free … Including search engines

    Consumers are becoming increasingly aware that the old maxim of ‘nothing in life is free’ is even more applicable than when it was penned. In fact, there is an associated saying ‘if something is free you are getting exactly what you pay for.’

    Herein lies the problem with the use of search engines. They offer an essential service – but that service is certainly not free of cost. That cost is a certain level of intrusion into our lives in the form of search engine companies like Google gathering data about our online habits and using that data to fine-tune marketing efforts (often by selling that data to third parties for their use).

    But that is only the outcome of using a search engine. For many consumers and consumer advocate groups, the real problem lies deeper than that. It revolves around awareness and permission. Are search engine companies free to gather and use our data without explicit permission- can we opt out of such an arrangement?

    The answer is both yes and no. Reading search engine company user agreements it becomes clear that we (at least historically) we have been empowering companies like Google to use the data that they gather in almost any way that they see fit. But lately, we have seen a huge effort by search engine companies to make sure that consumers are aware that they can limit the amount of data that is gathered. That was not always the case – user agreements are almost never perused with great care. Most people are not freelance attorneys and are defeated by the legalese and intricacies of most user agreements and outlines of a privacy policy.

    However, the real problem is that although the gathering of data and the leveraging of that data for profit may represent a betrayal of the relationship between consumer and search engine company there is a larger issue at stake, beyond even the right to privacy – and this is data security.

     

    Google has a far from the perfect record as regards security – but it is better than many other tech companies. However, mistakes do happen. In 2009, there was a bug in Google docs that potentially leaked 0.05% of all documents stored in the service. Taken as a percentage this does not seem like a terribly large number, but 05% of 1 billion users is still 500,000 people. Google has no room for error when it comes to data protection.

    Another fact worth noting is that Google’s Chrome browser is a potential nightmare when it comes to privacy issues. All user activity within that browser can then be linked to a Google account. If Google controls your browser, your search engine, and has tracking scripts on the sites you visit (which they more often than not do, they hold the power to track you from multiple angles. That is something that is making Internet users increasingly uncomfortable.

    Fair trade of service for data

    It may seem that consumers should automatically feel extremely uncomfortable about search engines making use of the data that they gather from a user search. However, as uncomfortable as it may seem to some consumers are entering into a commercial relationship with a search engine provider. To return to a previous argument ‘there are no free lunches’. Search engines cost money to maintain. Their increasingly powerful algorithms are the result of many man hours (and processing power) which all cost huge amounts of money. In return for access to vast amounts of information, we are asked to tolerate the search engine companies use our data. In most instances, this will have a minimum impact on the utilitarian value of a search engine. Is this not a tradeoff that we should be willing to tolerate?

    However, there is a darker side to search engine companies harvesting and using data that they have gleaned from consumer activity. Take for instance the relationship between government agencies and search engine companies. Although the National Security Agency in the United States has refused to confirm (or deny) that there is any relationship between Google and itself there are civil rights advocates who are becoming increasingly vocal about the possible relationship.

    As far back as 2011, the Electronic Privacy Information Center submitted a Freedom of Information Act request regarding NSA records about the 2010 cyber-attack on Google users in China. The request was denied – the NSA said that disclosing the information would put the US Government’s information systems at risk.

     

    Just how comfortable should we be that the relationship between a company like Google and the NSA sees that government agency acting as a de facto guardian of its practices and potential weaknesses when it comes to data protection – and by extension privacy?

    It’s complicated

    The search for a middle ground between the rights of the individual to privacy and the bedrock of data protection vs the commercial relationship between themselves and search engine companies is fraught with complexities. What is becoming increasingly clear is that a new paradigm must be explored. One that will protect the commercial interests of companies that offer an invaluable service and the rights of the individual. Whether that relationship will be defined in a court of law or by legislation remains to be seen.

    Categorized in Search Engine

     Source: This article was Published staysafe.org - Contributed by Member: Grace Irwin

    The online world offers a wealth of resources for education, entertainment, and connection with other people. Unfortunately, the internet also poses new dangers, and those dangers threaten teens especially. The following guide provides the resources necessary for both parents and their teens to safely utilize the Internet.

    There are plenty of horror stories: one boy discovered that an entire website had been set up to denigrate him and encourage others to harass him at school. Another young woman was abducted by a man who had posed as a teen online, traced her to her home through the personal information she’d given out, and then stalked her to discover when she’d be home alone.

    Even the non-horror stories are troubling: one young woman found that an entire suite of social media accounts had been set up to impersonate her online. She wasn’t harmed personally by this crazy scheme, but others are less lucky: half a million teens have had their financial histories blemished from the start due to identity theft. And online scams abound—from prom dresses ordered online that turn out to be cheap knock-offs to software that secretly downloads itself and steers browsers to dangerous corners of the internet.

    Online life is as fraught with peril as real life, and it can be much harder for parents to monitor the risks their kids are taking in the virtual world. But as with the other challenges of growing up, getting knowledgeable about internet safety for teens, talking over your concerns with the teens in your life, and arming them against the obvious dangers can build your relationships with them—and prepare them for adulthood.

    94% Percent of Teens who Use a Mobile Device go Online Daily (source: Pew Research Center)

    Start with the Hardware

    You should start your child internet protection plan with one of the most vulnerable aspects of your teen’s online life, and one that may not be obvious because it’s there in plain sight. But if your teen has a laptop of their own (or if they routinely borrow yours) it can lead to a world of trouble. Left unattended in a public place, a laptop—which may offer unfettered access to e-mail accounts, personal information, and even vital passwords and credit card numbers—can be gone in seconds. So if you want to boost your teen’s cybersecurity, start by protecting their laptop.

    At a bare minimum, insist that they set up password protection on their computer. This may act as a deterrent: a thief having to choose between unattended laptops may not choose one that’s locked down with a password. The next step is a physical lock: computer cables are inexpensive and will allow your teen to leave their seat at the library or a coffee shop without having to decide whether or not to bring their computer into the bathroom.

    You can go an extra step by turning on the laptop’s locator function, which comes as a native feature in Apple OS and iOS, with PC versions available for installation on other platforms. This will allow you to locate the computer if it’s lost, and delete the data on the computer if it falls into the wrong hands.

    Finally, you should talk to your teen about the type of information they leave on their laptop. It may be tempting to record all their vital passwords and other useful information, but of course, doing so puts them at risk if someone steals it or manages to access it in some other way. At the very least, any files that they use to store this kind of sensitive information should be password protected.

    Malware, Viruses, and Spyware

    1. Set Up Password Protection
    2. Turn on the Locator
    3. Discuss Sensitive Information

    Protecting your computer means much more than physical protection, as important as that is. Much of the information on your computer can also be accessed by malicious software that can make its way onto your hard drive any time you connect to the internet, and sometimes when you’re connected to any network at all.

    Malware

    Malware is a generic term for all malicious software.

    Virus

    Among the types of malware is the Virus, a piece of software that will secretly enter a computer’s operating system and manipulate it into actions that damage it or hinder its performance.

    Trojan Horse

    Trojan horses are apparently innocuous applications or utilities that are used by hackers to insert malware into your operating system.

    Spyware

    Spyware is malicious software that allows a third party to take information off your computer without your knowledge.

    The frightening thing about malware is that you may not even know it’s on your computer until you look for it. If your teen complains about their computer’s performance, though, or if they claim that their web browsers are “acting weird” (prompting browsers to flood the screen with pop-up windows and erratic results on search engines are two common symptoms of computers infected with spyware), take action immediately.

    What’s more, if your teen downloads a trojan horse, it’s entirely possible that they’ll give the harmless-looking software all the permission it needs to damage your computer or steal vital information, including passwords and credit card numbers. So in addition to a robust virus detection program, it’s essential that you warn teens—and other users of your household computers—to be aware of the risks of downloading software from the internet, and to be leery of downloading any type of application from a non-reputable vendor.

    Fortunately, there are some straightforward ways to protect your teen’s computer: anti-virus software will take care of many of the greatest threats to your computer. Some manufacturers, like Apple, will provide anti-virus software for free, as will many internet service providers. Note, though, that anti-virus software needs to be updated to be effective.

    Protect Your Mobile Hardware

    Many of the same precautions you take with your laptops should be taken with mobile phones, tablets, and other devices that might contain similar types of sensitive information, or might be used to access personal information via the internet. Encourage your teen to use password protection and enable the device locator function on every device they own.

    At the same time, it’s not a good idea for teens to allow apps, in general, to use location services, since these may reveal where they live. Many devices will allow you to select what apps can use your location, so it might be worth the time to sit down with your teen and look at their phone or tablet’s location settings—to make sure, for example, that when they put a picture of their dog up on Instagram, they won’t also post your home address.

     

    Everyone loves the camera function on their phones, but they present another risk that comes with mobile devices. Even with the location function turned off, photos taken and shared online can, by sending landmarks out over social networks, provide almost as much location information as a phone’s location services function. Suggest to your teen that they take some care in choosing what shots to share, so they don’t reveal too much about where they live.

    ID Theft

    So why is it so risky for a teen to reveal where they are? Revealing credit card numbers, or passwords to online merchant accounts presents an obvious risk. But why would an address—or a photograph that gives their address away—cause problems?

    Unfortunately, teens are just as susceptible to identity theft as adults, and for teens, the consequences of someone using their information to apply for a credit card or access other financial resources can be just as bad, if not worse, than the consequences for an adult. Since teens don’t have a credit history already, having an identity thief run down their credit rating can make building a decent credit history an uphill battle from the very start.

    Even apparently innocuous information, like an address or a birth date—information that many people, not just teens, will sometimes include in their social media profiles—can be enough for a criminal to apply for a credit card, for example. And while you may stay on top of what they post on social media, teens, like adults, can also give out that information in an act of forgetfulness. Online quizzes or surveys are sometimes really just mechanisms by which scam artists try to get useful intel (a quiz might ask “what’s your mother’s maiden name?” for example, in order to get the answer to one of the most popular security questions).

    Teens should be cautioned against putting up too much identifying information online. Birthdates are out; addresses should be, too. Even if the information doesn’t seem like it’s going to be collected in any permanent way, there’s still a chance that it will be, and that it will be used by a scam artist to destroy a teen’s financial reputation before they’ve even had a chance to build it.

    “Unfortunately, teens are just as susceptible to identity theft as adults.”

    Scams and Online Shopping

     

    • Only Make Sales Through Reputable Platforms
    • Look Out for Hidden or Extra Fees 
    • Review Your App Subscriptions 
    • Limit Your Teen's Online Spending

    Online scam artists have other schemes besides identity theft, however. Online shopping presents its own dangers. In the notorious case mentioned above, a teenaged girl thought she was buying an expensive prom dress at a bargain price only to discover that the dress she received in the mail didn’t match the online photo at all. It was cheaply made, poorly fitted, and impossible to return.

    Again, these are risks that even adults fail to see in time, but you can help your teen avoid getting taken in by insisting on having a look at any purchase they make online. You can also insist that any sales go through reputable vendors like Amazon, or that, at the very least, they go through reputable sales platforms like eBay, where it’s possible to get purchase protection and the site’s management provides tools and assistance in resolving customer complaints.

    Some scams involve more than just a single purchase. Teens should, for example, be aware of one scam that promises “free” ringtones but charges a high monthly fee that the teen might not be aware of until it shows up on your credit card statement.

    Both these online scams involve disreputable businesses. But some online shopping risks are harder to spot. The teen years are probably too late for the “I didn’t know” excuse for in-app purchases, the $800 iTunes bills that are the stuff of legend. But some smartphone apps involve “subscriptions” that it’s easy to forget about, and that can ding your credit card for three, four, or five dollars on a weekly basis.

     

    So it makes sense to review your accounts on iTunes or other app marketplaces to make sure such subscriptions aren’t adding up. If they are, the best recourse is just to mention them to your teen and ask them to be more careful in the future.

    Finally, there are ways to limit your teen’s online spending. iTunes offers an “allowance” feature that will deposit a set amount in an iTunes account on a regular basis rather than simply giving the account unlimited access to a credit card. Many online marketplaces, from Amazon to Google Play, offer gift cards that can be redeemed online (this approach also keeps teens using more reputable retailers). Many online retailers will also accept cash cards—that is, what are essentially prepaid credit cards–as payment. And if you’re interested in high-tech solutions, you might want to look into VeeLoop, an app that allows your teen to seek your approval for items in their virtual shopping carts before an online vendor processes their purchase.

    Social Media: Online & In Public

    As bad as they are, scams and malware aren’t the only online dangers. Social media has dramatically expanded the amount of their lives that teens can live online. And while social media allows teens to keep up with friends and family, even across vast distances, a lot of life’s dangers have followed them online as well.

    Remember: social media is designed to convince users that they’re a part of a community. And while they do function as virtual communities, it’s easy to forget how many people can be privy to online conversations between friends. That’s why many teens may, without thinking, reveal vital information of the kind that’s most useful for ID theft and other criminal acts. Beyond that, wherever kids congregate, there’s a possibility for hurtful or inappropriate behavior, and the virtual world is no different.

    There are many social networks, but here’s a look at some of the most popular.

     

    FACEBOOK

    Many teens will have a profile on Facebook without using it much. Even so, Facebook’s platform allows for interactions with strangers, and its various levels of privacy and multiple means of sharing can make what seem like private interactions more public than a user may realize.

    TWITTER

    Like Facebook, Twitter isn’t the most popular teen social media platform, and while teens should continue to take care with it—and parents should be aware that there’s no way to prevent teens from coming across adult material, and no particularly effective means of stopping harassment—it’s tamer than some online outlets.

    INSTAGRAM

    Instagram is much more popular among teens, and it’s based primarily on sharing images which people in a user’s network can then comment on. Because it’s based on images, Instagram can tempt teens to post embarrassing or inappropriate images online, but it has similar privacy settings to Facebook, which means that the user can exercise some control over who can see their content.

    SNAPCHAT

    Snapchat takes Instagram a step further: it’s also based on sharing images presented as an occasion for comments. These images disappear after a few seconds, however, so things that appear on Snapchat may seem to be gone forever. As it happens, however, most devices can capture any images that appears on its screen. And while Snapchat now notifies users that when someone takes a screen grab of an image they’ve put up, some apps allow users to circumvent this feature. As a result, Snapchat is even more likely to lure teens into thinking an inappropriate or embarrassing picture will never be seen again.

    This may seem like an unmanageable array of platforms—and this list leaves out some other, less-used sites as well. But if you’re concerned about your teen’s online life, there are some easy ways to keep tabs on what they’re up to. You can ask what platforms they use most frequently and check their profile pages.

    You can also use a search engine to search for your teen’s name and see what results you get: if their social media profiles appear in search results, they may not be using their privacy settings appropriately. If that’s the case—and even if it isn’t—sit down with your teen and look at each social network site’s privacy settings to make sure that no sensitive information or embarrassing material can come in reach of people they don’t know. And if you’re active on social media, one simple way to keep up with your teen’s online life is to follow or friend them yourself.

    Given the various ways social media platforms make it easy to share photos, you may also want to talk to your teen about what constitutes “embarrassing” or “inappropriate.” It’s possible that they may have a different perspective than you, of course, but it’s also possible that they’re defining those terms without taking into consideration how far an image can spread, and how permanent it may be. Knowing that a future love interest, or an elderly relative, might someday see a comment or image they post online may change the teen’s perspective.

    Meeting People Online: Stalkers and Predators

    All parents fear the possibility of their child coming in contact with strangers who mean to do them harm. The risk of that happening through online interactions, and through social media, in particular, is very real. That’s because sensitive information isn’t only a boon to scammers hoping to profit off of identity theft: carelessly spread information, and thoughtless interactions with unknown people, can also put teens at risk of encountering stalkers, predators, and others who could harm them physically or emotionally.

    One threat that’s easier to avoid is that of the stalker, a person who gradually gathers information about a person in order to harass them or violate their privacy. You should remind your teen that even the blandest photo can reveal information about their age, what school they go to, where they live, and even times that they’re most likely (or least likely) to be alone. Privacy settings may help prevent the wrong people from getting that information, but teens should also use that awareness to restrict what they’ll give away in their profiles, pictures, or in an ordinary exchange of comments or messages.

    Predators—people who work to gain a youth’s confidence either in order to build an inappropriate relationship or in order to lure them into inappropriate behavior—are a bigger online safety concern. Many of the most popular social media sites or apps, including Instagram and Snapchat, are effectively electronic messaging services, and beyond the world of social media, teens can often get drawn into online forums, chat rooms, or other venues where they can have extended exchanges with people they don’t know.

    These virtual interactions have been a boon for online predators: according to statistics put out by the FBI and United Nations, at any given time there are 750,000 predators online looking to foster inappropriate, and sometimes illegal, relationships with teens. And there have been bad outcomes: teens have been lured into abductions and into sexual situations, and have been subject to sexual assault as a result of relationships begun online. And there’s a chance that none of the exchanges leading up to such an outcome will be easily visible to parents.

     

    750,000 Predators are online looking to foster inappropriate relationships with teens at any given time.

    One way to prevent such horror stories is simply to educate the teen. The website onlinesense.org, for example, offers a list of ways to recognize someone who’s trying to lead you into a potentially dangerous situation. For example, predators will:

    • Want to have private conversations with their targets.
    • Insist that their online relationships be kept a secret. 
    • Ask their targets to provide personal information, like their addresses, their full names, or phone numbers. 
    • Tend to do some stalking online to uncover information about their targets—and then make a show of how much they know. 
    • Ask their targets a barrage of questions in order to get their targets to release more personal information. 
    • Try to convince their targets that everything they’re doing, and all the information they’re revealing, is perfectly normal.

    Many of these behaviors would, of course, be easily spotted as obnoxious or creepy if they were done by a stranger the teen met in person, and that’s probably the best way to communicate the warning signs here: ask the teen to imagine themselves alone in a strange place with a stranger pestering them with questions or telling them to keep their meeting a secret. Remind them, too, that in the online world, it’s easy for someone to assume an identity: the 12 year old girl mentioned at the beginning of this article had been convinced by her abductor that he was also a teen, even though he was in his mid thirties. So don’t just encourage your teen to imagine a stranger asking them questions: have them imagine a stranger wearing a mask.

    If you suspect your teen may already be in contact with someone who doesn’t have their best interests at heart, it may be daunting to bring up the subject. Again, though, linking the issue to real life may be your best bet. You can, as you would with real acquaintances, ask to be (virtually) introduced. If a teen seems to be spending an inordinate amount of time in chat rooms, you can set limits as you would on any other social activity—and insist on being able to view browser histories in order to keep track. You can approach one of the teen’s trusted peers, older relatives, or mentors and ask them to do a reality check or inquire what’s going on. Teens often rebel against control, but they’re also often swayed by genuine and respectful concern.

    When the Predators Aren’t Strangers: Online Bullying

    Unfortunately, your teen’s emotional well-being may not be threatened by strangers only. Online bullying is a real possibility as well and can have devastating effects, leading to long-term problems with self-esteem. Bullying can also lead to depression and (in some tragic instances) suicide.

    As with real-life bullying, the shame associated with the experience can make it difficult for a teen to seek help or advice. Because the online world provides harassers with potentially unassailable anonymity, this, too, can make the teen unwilling to speak out. So it’s important to look for signs. If your teen:

    • Is avoiding online activities (such as gaming or social media) that they used to enjoy, and yet don’t seem to have traded these activities for something else they like to do
    • Seems to be relieved when coming away from their computer or device, as if they’ve just had an unpleasant experience
    • Seems to be routinely dismayed by messages they receive or by other interactions with people on their mobile device or computer
    • Are suddenly becoming much more secretive about their online experiences
    • Are showing signs of depression

    They may be subject to bullying online.

    If that’s the case, though, what can you do? You should, first of all, try to talk to your teen. According to Sameer Hinduja and Justin Patchin of the Cyberbullying Research Center, your first step should always be to sit down, ask what’s going on, provide unconditional support without “freaking out,” and very much take a problem-solving approach to the situation. Document the abuse, be ready to report it to the authorities and keep lines of communication open between you.

    Understand, too, that even if your teen isn’t being bullied, they may very well know of someone who is. If you can, encourage your teen to report bullying, if only to you. And just in case, remind them that in many jurisdictions the online harassment that we call cyberbullying is actually a crime, and can have serious repercussions for them if they’re involved. Even if they never become a cyber bully themselves, the fact that bullying is illegal may be enough for them to convince friends or acquaintances not to join in when others do it.

    58% Of Teens Have Downloaded an App to Their Cell Phone or Tablet

    How to Handle Gaming

    One online community in which bullying is especially prevalent is online gaming. Not that bullying is an unavoidable feature of such games: many teens may find a valuable social outlet in the community that springs up around their favorite role-playing game, or around the online component of their favorite console games. What’s more, many games themselves teach valuable lessons about teamwork, problem-solving, and other important developmental skills.

     

    At the same time, however, online games, just like neighborhood sports, can be an occasion for trash talk which then escalates to harassment or bullying. Especially for a teen whose social life revolves around an online community, the effect can be traumatic. As with other types of bullying, keep tabs on your teen’s mood and behavior, and try to look for signs that you might have a problem. Nor is bullying the only risk that online games present. Often games will include forums for online communication, and these can serve as tools for predators in the same way as social media.

    Finally, like other online activities, online gaming can gradually take over more and more of a teen’s life until it becomes an addiction.

    If you’re concerned about this prospect, here are some tell-tale warning signs of internet gaming addiction:

    • Obsessively thinking about gaming, even when the teen isn’t playing.
    • Lying about gaming activities—to family and friends
    • Deep distress when gaming activities are curtailed for any reason. 
    • Lack of interest in other activities, and neglect of hygiene, schoolwork, or other responsibilities, whether in the household or outside of it.

    If you suspect that your teen may be addicted to gaming, the first approach, as always, is to talk to them. Try to set limits and seek to tie the privilege of gaming to responsibilities they may be neglecting. If these approaches don’t work, you might want to try counseling or other professional help. A video game addiction is unlikely to be as damaging or difficult to overcome as an addiction to alcohol or drugs, but soldiering on against it without help is just as likely to damage your relationship with your teen.

    Should My Teen Have a Blog?

    Absolutely! Blogging—and webcasting videos via YouTube—can be a great creative outlet, and may inspire your teen to acquire the skills and dedication of a successful blogger, or the technical savvy (and even greater dedication) that a successful video channel requires. What’s more, bloggers, Youtubers, and podcasters (people who disseminate audio content via iTunes or other platforms) can in rare instances earn money from their efforts, which adds a key incentive for teens to persevere.

    At the same time, these outlets present some of the same dangers as other online activities. They can be a way for stalkers and predators to learn personal information about your teen, and—even more than social media—they put your teen’s actions, attitudes, and behaviors on public display, putting them at risk of later embarrassment or shaming, and even possible legal consequences if they say the wrong thing.

    If your teen is putting content online, be sure to go over with them the various risks of putting out personal information on the internet. And you may also want to lay down some ground rules, such as requiring all content to get your approval before it’s put out for the rest of the world to see.

    92%A survey of more than 600 teens found that nearly all shared their real name and photos of themselves, and most shared their school name, birthdate, and where they lived.

    Some Common Sense Guidelines

    In a world full of screens, it may seem futile to fight them for your teen’s attention. And yet you are your teenager’s anchor to the real world, and you may be the only one in their lives seeking to protect them from life’s dangers. That being the case, here are some general internet safety tips you can try as you work to keep your teen safe online.

    • Insist that your teen employ privacy settings on Facebook, Instagram, and other social media platforms. If the teen uses a shared computer for their online life, make sure that the computer stays in a common area in the house. This shouldn’t be done so you can look over their shoulders, but rather so you can get a glimpse of how their online life affects them (an essential for cyberbully prevention) and keep tabs on the amount of time they’re spending. If you’re concerned, this will also allow you to check their browser history.
    • Enforce general norms against screen use and online activity. “No phones at the table” is a good place to start, as is a set time to turn screens and phones off, enforced on school nights, or on any night when the teen needs to show up somewhere the next morning. If these limits turn out to be bigger battles than you expect, that will at least alert you to potential problems
    • Resist allowing the teen to use screens or phones in their rooms, even if those devices are properly theirs. Phones may be too much of a battle (and may be impractical to enforce), but try to keep their gaming screens, tablets, or computers out. This will help them get better sleep, and will once again allow you to get a glimpse of how they’re conducting themselves online
    • If you want to more closely monitor your teen’s online activities, consider taking advantage of some of the apps or software designed for that purpose, including Net Nanny, which allows you to control what websites your kids access, and will even warn you if your teen searches for an objectionable term. Secure Teen keeps call logs and allows you to read text messages. Teen Safe does all of this and more—including locking teens out of messaging when they’re driving and allowing you to track them via GPS.

    In the end, remember that helping your teen through life’s challenges—online and offline—is as much about communication as it is about control. Given enough time and the endless resources of the internet, teens can usually circumvent even the best apps and cheat the tightest household restrictions. But they won’t be able to hide their emotions if they have a problem, and whatever happens, they’re still going to want your approval. So take teens’ online lives seriously, but don’t forget that their online lives are still their lives, and part of the process by which they become adults.

    Categorized in Internet Privacy

    When reading Wikipedia’s 1992 Ten Commandments of Computer Ethics you can easily substitute “Internet” for “computer” and it’s amazing what you see…., for example the 1stCommandment “You shall not use the Internet to harm other people.”  Here are all Ten Commandments of Internet Ethics (with my minor edits):

    1. You shall not use the Internet to harm other people.
    2. You shall not interfere with other people’s Internet work.
    3. You shall not snoop around in other people’s Internet files.
    4. You shall not use the Internet to steal.
    5. You shall not use the Internet to bear false witness.
    6. You shall not copy or use proprietary software for which you have not paid (without permission).
    7. You shall not use other people’s Internet resources without authorization or proper compensation.
    8. You shall not appropriate other people’s intellectual output.
    9. You shall think about the social consequences of the program you are writing or the system you are designing.
    10. You shall always use the Internet in ways that ensure consideration and respect for your fellow humans.

    For those of us who used the Internet 1992 it’s great to see that the Ethics of the Internet in 1992 (from the Computer Ethics Institute) applies in 2016!

    Source: This article was published vogelitlawblog.com By Peter S. Vogel

    Categorized in Internet Ethics

    A new form of malware hit the internet Tuesday, shutting down systems across Europe and impacting companies from the U.S. to Russia. Unfortunately, the attack, which early reports indicate seems to have hurt Ukrainian organizations and agencies more in particular, is still largely a mystery for security researchers.

    A form of ransomware, the malware encrypts a victim’s PC and demands that they pay $300 in exchange for the keys to unlock their computer or lose all of their data. The attack even managed to affect radiation monitoring equipment at the exclusion zone around the Chernobyl nuclear disaster site, forcing workers to rely on manual checks instead.

     

    Cybersecurity firms originally believed the malware to be a perviously known form of ransomware called Petya, but Kaspersky Lab says it’s actually a different, unknown version kind of ransomware, causing the cybersecurity company to dub it NotPetya.

    Interestingly, the Petya/NotPetya software uses a Microsoft (MSFT) Windows vulnerability similar to the one exploited by the WannaCry 2.0 ransomware which hit the web a few weeks ago. But it looks like that exploit, which was originally used by the NSA and called EternalBlue, is just one of three attack points this ransomware takes advantage of.

    If your computer is infected with malware, your best bet is to simply erase the entire system. Ransomware programs sometimes require you to pay in Bitcoin, an anonymous currency that can’t be tracked.

    However, criminals have increasingly begun demanding payment in the form of iTunes or Amazon gift cards, since the average person doesn’t know how to use Bitcoin, according to McAfee’s Gary Davis.

    The amount you have to pay to unlock your computer can vary, with some experts saying criminals will ask for up to $500.

    To be clear, ransomware doesn’t just target Windows PCs. The malware has been known to impact systems ranging from Android phones and tablets to Linux-based computers and Macs.

    Where it comes from

    According to Davis, ransomware was actually popular among cybercriminals over a decade ago. But it was far easier to catch the perpetrators back then since anonymous currency like Bitcoin didn’t exist yet. Bitcoin helped changed all that by making it nearly impossible to track criminals based on how victims pay them.

    There are multiple types of ransomware out there, according to Chester Wisniewski, a senior security advisor with the computer security company Sophos. Each variation is tied to seven or eight criminal organizations.

    Those groups build the software and then sell it on the black market, where other criminals purchase it and then begin using it for their own gains.

    How they get you

    Ransomware doesn’t just pop up on your computer by magic. You actually have to download it. And while you could swear up and down that you’d never be tricked into downloading malware, cybercriminals get plenty of people to do just that.

    Here’s the thing: That email you opened to get ransomware on your computer in the first place was specifically written to get you to believe it was real. That’s because criminals use social engineering to craft their messages.

    For example, hackers can determine your location and send emails that look like they’re from companies based in your country.

    “Criminals are looking are looking up information about where you live, so you’ll click (emails),” Wisniewski explained to Yahoo Finance. “So if you’re in America, you’ll see something from Citi Bank, rather than Deutsche Bank, which is in Germany.”

     

    Cybercriminals can also target ransomware messages to the time of year. So if it’s the holiday shopping season, criminals might send out messages supposedly from companies like the US Postal Service, FedEx or DHL. If it’s tax time, you could receive a message that says it’s from the IRS.

    Other ransomware messages might claim the FBI has targeted you for using illegal software or viewing child pornography on your computer. Then, the message will tell you to click a link to a site to pay a fine — only to lock up your computer after you click.

    It’s not just email, though. An attack known as a drive-by can get you if you simply visit certain websites. That’s because criminals have the ability to inject their malware into ads or links on poorly secured sites. When you go to such a site, you’ll download the ransomware. Just like that, you’re locked out of your computer.

    How to protect yourself

    Ransomware attacks vulnerabilities in outdated versions of software. So, believe it or not, the best way to protect yourself is to constantly update your operating system’s software and apps like Adobe Reader. That means you should always click that little “update” notification on your desktop, phone, or tablet. Don’t put it off.

    Beyond that, you should always remember to back up your files. You can either do that by backing them up to a cloud service like Amazon (AMZN) Cloud, Google (GOOG,GOOGL) Drive or Apple’s (AAPL) iCloud, or by backing up to an external drive.

    That said, you’ll want to be careful with how you back up your content. That’s because, according to Kaspersky Lab’s Ryan Naraine, some ransomware can infect your backups.

    A ransomware attack screen designed to look like an official message from the F.B.I

    Naraine warns against staying logged into your cloud service all the time, as some forms of malware can lock you out of even them. What’s more, if you’re backing up to an external hard drive, you’ll want to disconnect it from your PC when you’re finished, or the ransomware could lock that, as well.

    Naraine also says you should disconnect your computer from the internet if you see your system being actively encrypted. Doing so, he explains, could prevent all of your files that have yet to be encrypted from being locked.

     

    Above all, every expert I spoke with recommended installing some form of anti-virus software and some kind of web browser filtering. With both types of software installed, your system up to date, and a backup available, you should be well-protected.

    Oh, and for the love of god, avoid downloading any suspicious files or visiting sketchy websites.

    What to do if you’re infected

    Even if you follow all of the above steps, ransomware could still infect your computer or mobile device. If that’s the case, you have only a few options.

    The first and easiest choice is to delete your computer or mobile device and reinstall your operating system. You’ll lose everything, but you won’t have to pay some criminal who’s holding your files hostage.

    Some security software makers also sell programs that can decrypt your files. That said, by purchasing one, you’re betting that it will work on the ransomware on your computer, which isn’t always the case. On top of that, ransomware makers can update their malware to beat security software makers’ offerings.

    All of the experts agree that the average person should never pay the ransom — even if it means losing their files. Doing so, they say, helps perpetuate a criminal act and emboldens ransomware makers.

    Even if you do pay up, the ransomware could have left some other form of malware on your computer that you might not see.

    In other words: Tell the criminals to take a hike.

    Source: This article was published Yahoo Finance By Daniel Howley

    Categorized in Internet Privacy
    Page 1 of 4

    airs logo

    Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

    Get Exclusive Research Tips in Your Inbox

    Receive Great tips via email, enter your email to Subscribe.

    Follow Us on Social Media

    Finance your Training & Certification with us - Find out how?      Learn more