Daily Bits

Security

Russian ATM That Can Detect Lies

by Leave a Comment

Russian ATMThieves who make their living out of unauthorized ATM access are soon going to have to find a different source of income. I have, fortunately, never been a victim of ATM theft, but there are countless people who have been victimized via all sorts of modus operandi.

If Russian company Speed Technology Center succeeds in its latest project, however, ATM theft may become a thing of the past – and not soon enough, in my opinion! The company is currently in the testing stage of a cutting edge ATM that adds several layers of security. Currently, we rely heavily on the Personal Identification Number (PIN) for security. Banks and security experts give out all sorts of tips on how to keep the PIN safe, but inevitably, breaches occur – resulting in unauthorized access.

With Speed Technology Center’s new machines, the dependence on the PIN will be gone. Instead, the addition of voice recognition software plus the application of lie-detector technology will make security a tough nut to crack. More than that, however, the new machines are equipped with high tech measures such as the ability to scan passports, record fingerprints, and do a 3D facial scan. Impressive, really, but I am worried that thieves might resort to cutting of their victims’ fingers!

Seriously, though, this system seems to be working, as is being observed by Sberbank, the Russian bank doing the testing. The plan is to roll out these machines across Russia, in banks and malls. I think that it is a brilliant idea and that other countries/banks should follow suit. What do you think?

Beware of Scareware!

by Leave a Comment

I’ve heard of malware, but scareware?  Apparently, scammers are now playing on the fears of Windows users – fear of viruses and other malware.  In order to make money, they dupe people into thinking that their system is suffering from a relentless malware attack, hence the term scareware.  As the scammers prey upon those fears, they prompt users to download security updates that can “keep users safe.”

Obviously, they will charge for these updates.  The problem is that, one, the threat is almost always fake; and two, the security updates are just as fake.  The user who falls for this trick will end up being at least $50 poorer, without having anything to show for it!

This tactic was exposed earlier this week by Parveen Vashishtha from Symantec.  In a blog post, he outlined the modus operandi of this new breed of scammers. The trick is in knowing that browsers DO NOT ask you to download security updates via malware threat warnings.  If you do see something like the image below, chances are you are the target of a scareware scam.

If you’re thinking that people who are dumb enough to fall for this trick deserve it, think again.  The truth of the matter is that the trick seems to work so well – even some experienced users fall for it.  In fact, the scareware business has already made more than $100 million, according to the FBI.  Don’t laugh just yet.

Your safest bet is NOT to click the download button, obviously.  Of course, you also ought to make sure that your OS, security software, and browser/s are updated on a regular basis.

Internet Surveillance in America’s Future?

by Leave a Comment

Talk about Big Brother. As if the capability to run (legal) wiretaps weren’t enough, the United States government is now aiming to set in place systems that would allow them to (legally) wiretap electronic communication such as e-mail and Facebook messages! What the Congress wants is that if the government sends a provider a wiretap order, they should be able to provide the required information.

The implications are huge. Bottom line: anything you send online (whether you’re using a wired connection or a wireless one) can be retrieved and reviewed.

Of course, the average person should not have anything to hide (aside from potentially embarrassing private messages), but the idea that the government can take a look at private information/communication if it wishes is not something that people will welcome any time soon. From a technical point of view, this proposition also poses a lot of risks. According to James X. Dempsey, Vice President of the Center for Democracy and Technology, the government is “asking for the authority to redesign services that take advantage of the unique, and now pervasive, architecture of the Internet. They basically want to turn back the clock and make Internet services function the way that the telephone system used to function.”

The underlying reason for the government’s plan is that the Internet is being used as a venue for communication by terrorists and other individuals/groups that are threats to society. If they have the ability to monitor and scrutinize this venue, then the world might just be safer for it. While this is indeed a serious concern, I am not so sure that wiretapping is the best solution. The system might just open up a whole new can of worms.

What do you think?

Worried About Online Security? Go Online in Sierra Leone.

by Leave a Comment

How worried are you about your security when you go online?  AVG, one of the most recognized names in anti-virus protection and Internet security in general, recently conducted a study on the state of online security in various countries.  Involved in the study were 144 countries and 127 million systems.  AVG collected data relating to virus and malware attacks on these computers and collated their findings.

The results?

African countries did very well in the survey – seven of the 10 safest countries hail from the continent. Sierra Leone tops this list with an average of one attack per 692 users who surf the Web.  Next in line is Niger, with one attack per 442 users who surf the Web.  Other countries in the top 10 are Togo and Japan.  Here are the details for each continent (attack per number of users)

  • North America: 1  in 51
  • Europe: 1 in 72
  • Asia: 1 in 102
  • Africa: 1 in 108
  • South America: 1 in 164.

Basically, South America is the safest while North America is the most dangerous.

However, if the stats are broken down per country, the most dangerous countries are (first one being the most dangerous):

  1. Turkey (1 in 10)
  2. Russia (1 in 15)
  3. Armenia (1 in 24)
  4. Azerbaijan (1 in 39)
  5. Bangaladesh ( 1 in 41)

Roger Thompson from AVG is quick to point out, however, that this data does not exactly pinpoint which regions are completely safe from virus and malware attacks due to their nature – they are not really hindered by geographic boundaries.  He also notes that the results of the study may not be applicable in the near future as viruses and attacks do change over time.

One interesting thing that Thompson mentioned is how this data can be of use to travelers:

However, our research should also serve as a warning to all travelling abroad and using the internet. If you are travelling without your computer and use a public machine or borrow a friend or colleagues, ensure that when accessing web -based services like email, that you log out and close the browser when you have finished your session and that you don’t agree to store any passwords or log-in information on that machine.

If you are taking your laptop with you ensure you have backed up your data and removed any sensitive information from your machine.

If you don’t want the hassle of worrying about security, just take a vacation in Sierra Leone. 😉

Photo credit: highwaycharlie

iTunes Is Safe. Are You?

by Leave a Comment

If you have an iTunes account that you use to purchase apps, songs, etc. for, then you were probably one of those who have been anxious in the past day or so.  Reports that iTunes has been hacked spread like wildfire the other day.  Posts in mainstream sites such as TechCrunch probably served to make people more anxious and alleviate fears at the same time.  I say people probably got more anxious because TechCrunch showed proof that unauthorized (at least by the account owners) purchases had been made, but at the end of the post, there is a statement from Apple saying that they have not been hacked (which is still kind of a good thing).

So what is really happening?  What happened?  If iTunes has not bee hacked, then why have so many people lost money via “illegal” purchases?

John Paczkowski of Digital Daily offers an explanation:

…not much to their assertion that Apple (AAPL) is at fault here. There’s no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it’s likely because you’ve fallen victim to a bot attack or phishing scam–a variation on the one that’s been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions.

More likely than not, the PayPal accounts of the affected users are the ones that had been compromised.  Bottom line: iTunes is safe.

The question is: how secure are your PayPal accounts?  This is happening now, it has happened before, it will happen again.  Remember all those tips about passwords and phishing.  They just might save you a whole load of money.

Is Your Privacy Online Protected?

by 1 Comment

Practically everyone is online these days, and you can’t really keep track of all the information on you out there.  While you may be careful with what you post and what you do on the Internet, threats to privacy are very much real.  We’ve heard of horror stories about these issues all too often, but for those who haven’t experienced any problems, the threat may not seem that urgent. If you think this way, it is about time that you take a look at how protected you are.

Judging by the number of articles and posts on online privacy you can find, one should really take this issue seriously.  Here are a few ways by which you can make sure that your online privacy is protected.

Be smart with passwords

This is such a basic thing, but the need for solid passwords cannot be emphasized enough. Remember the simple rules: don’t use one password for all your accounts. Don’t use your name, your birth date, etc. If necessary, keep a file of all your passwords so you won’t have to worry about forgetting them.

Do not “engage” spammers in anyway

That means you automatically click SPAM. Do not bother to reply. Do not even click on the link that says “Unsubscribe” or something similar. Just click SPAM.

Don’t forget to log out

We used to own an Internet cafe many years ago, and I cannot count the instances wherein I would use a computer only to see that the previous user did not log out of Yahoo. You may say that you don’t use public computers, but it still is a good habit to develop.

For more tips and details, visit my sources for this post: The Telegraph and EFF.

Photo credit: opensourceway