Daily Bits

Security

Stay Safe On XP SP 2 After July 13

by

If you haven’t already heard, tomorrow is quite an important day for Microsoft Windows XP Service Pack 2 users. After tomorrow, Microsoft will no longer be providing automatic security updates for this version of their operating system. More information about this in my post last month.

If you’re really concerned about this issue, the easiest fix is to ditch XP, right? But it is totally understandable if you do not want to do that just yet. More so, there are ways by which you can continue to enjoy a relative degree of security while continuing to use XP SP2. Here are some tips.

Stick to XP, but upgrade to XP SP3. This version will continue to receive automatic updates till August of 2014 – that’s a long way off. You can either download and install SP3 using Windows Update, download a disc image (for use in more than one machine), or buy the installation CD (only $3.99).

If you really want to continue using XP2, here’s a simple fix that can increase your security: stop using Internet Explorer, if you haven’t already. I know very few people who continue to use this Internet browser for so many practical reasons. If I were you, I’d go with Chrome of Firefox (which has a new beta, by the way).

Here’s a no brainer – make sure your anti-virus software is up-to-date and reliable. This is assuming that you already have one installed. Even the free ones are pretty good, and they usually prompt you for updates anyway.

Security Tips When Using Public Wi-Fi

by

It’s a dream coming true, isn’t it? Most places you go nowadays, you can access the Internet via Wi-Fi. Most cafes are following the trend – even Starbucks, which has been resistant for quite some time. In some cities, the coverage is especially wide.

While this is pretty convenient for all of us, we should realize that using public Wi-Fi isn’t exactly the safest thing to do. Still, as long as you don’t access and transmit sensitive information, right? You might be wrong there – you cannot deny that there are many ways by which you can be prone to security issues when using Wi-Fi. With a little vigilance, though, you can make your access a little more secure.

Always use SSL, if possible.

That is, use HTTPS instead of HTTP. For example, when accessing Google, key in https://www.google.com/ instead of http://www.google.com/. The good news is that this is where Google is headed anyway. If you take a closer look, Gmail already uses HTTPS as a default. To make it even easier, check out HTTPS Everywhere, an add-on for Firefox.

Make sure your sharing settings are secure.

In other words, turn off all sharing! If you’re like me, you have certain files and folders that are shared for use at home. When you go out and use public Wi-Fi, however, it is better of you turn sharing off. How to do this? Go to Network and Internet -> Network and Sharing Center, then click Choose Homegroup and Sharing Options -> Change Advanced Sharing Settings.

Double check your firewall.

Sometimes, for one reason or another, I turn off my firewall at home. I don’t exactly remember the reasons, but I am pretty sure they were convincing at that time. Don’t take it for granted – operating systems come with basic firewall setups, but they can be your very first line of defense.

Cyber Security Bill Approved, Feared By Many

by

The Internet has become so big that the government just can’t seem to “ignore” it. In fact, laws have been cropping up left and right, so as to impose some measure of control over activities online. The most recent one is the Cyber Security Bill which the Senate Committee has just approved.

If you’re unaware of what the bill is all about, here’s a short description, courtesy of Politic365:

• Would establish a White House office for cyberspace policy and a national center for cybersecurity and communications, which would work with private U.S. companies to create cybersecurity requirements for the electrical grid, telecommunication networks and other critical “infrastructure” (water, electricity, banking, traffic lights and electronic health records)
• Allow the U.S. president to take emergency action to protect critical parts of the Internet, including ordering owners of critical infrastructure to implement emergency response plans during a cyber emergency
• The president would need congressional approval to extend a national cyber emergency beyond 120 days under an amendment to the legislation approved by the committee

Naturally, controversy has arisen, primarily because of the fear of the creation of an “Internet kill switch.” Imagine the power that any one person has if he has access to this kill switch. You can read through the Myth versus Reality document that Homeland Security has created, though, and decide for yourself if your fears are unfounded or not.

On the one hand, the concept seems sound – an attack is bound to happen one of these days and the government is being proactive in passing this bill. On the other hand, we know that it is open to abuse, and there are so many loopholes.

What are your thoughts and sentiments on the Cyber Security Bill?

No More Windows XP SP 2 Updates After July 13

by

Mark the date on your calendars, people! After July 13 of this year, Microsoft will stop rolling out updates for the stable operating system Windows XP Service Pack 2. News reports have not stopped sprouting left and right about the decision of the software giant to stop offering extended support for this particular operating system; and by no means are they rumors – the cessation of the support is confirmed.

Foremost of those who are worried are corporate clients who use Microsoft XP SP2 for many of their business computers. What is to happen if they stop getting those updates?

Experts say that while the news might initially be alarming, there really is nothing to worry about. The fact of the matter is that Microsoft XP SP2 will continue to be stable and secure in spite of updates not being offered in the future. More so, it really is only the 32-bit version of XP SP2 that will be affected. Those who are using the 64-bit version will still continue receiving automatic updates – way until April 8, 2014 in fact.

Here’s an added perk: for companies using the 32-bit version, there is the option to upgrade to Service Pack 3 for FREE. Believe it or not, it really is free. So there really is NO problem at all.

Then why is Microsoft stopping the updates for XP SP2? Windows 7 is out, and you know how it is. Pretty soon, XP will not be commonly used at all. In the meantime, hold your horses and don’t press the panic button. There is time enough to enjoy XP (whether it’s SP2 or SP3) and to transition to Windows 7.

AT&T Security Breach: iPad Users Beware

by

Boy, am I glad that I am not using an iPad right now! First of all, I really want the iPhone 4 (I think I have posted enough about that baby for now). Second, and more importantly, there seems to be a breach in AT&T’s security system which has affected countless iPad users.

What happened was that the e-mail addresses of some iPad users were exposed. Take a look at this image.

So what happened? There’s this group called Goatse Security, which is composed of hackers and security experts. The Examiner shares what these guys did:

Goatse Security used a PHP script to compile a list of the SIM card IDs in iPad 3Gs. Because the SIM card IDs are sequential, the script helped Goatse Security to determine which were legitimately being used by iPad 3Gs by going down a list of all possible numbers. Then, using additional scripts to masquerade as an iPad-like user agent, Goatse accumulated email addresses and the associated SIM card IDs for many iPad 3G users.

Just how many people have been affected? The estimate is more than 10,000 users! To make it worse, some high profile people were included in the list. Think White House Chief of Staff Rahm Emanuel and New York City Mayor Michael Bloomberg. Then there are other well-knonw people like Diane Sawyer, Harvey Weinstein (movie producer), and Janet Robinson (New York Times CEO).

AT&T has already taken action, and says the breach has been fixed, but no doubt, this will cause a big stir – if it hasn’t already.

MySpace to Unveil New, (Better than Facebook?) User Privacy Settings

by

MySpace is not going to take the issues confronted by Facebook with regards to privacy settings just like that. And so, to indirectly add injuries to the many problems faced by Facebook, MySpace has just announced that it will soon roll out a new and simpler privacy settings for MySpace users.

The first few lines of MySpace announcements clearly states what its goals are by this announcement. MySpace tells us:

The last few weeks have been fraught with discussion around user privacy on social networks. We want to take this opportunity to discuss our view of user privacy on MySpace and some of the core features that made MySpace unique from its inception.

It was short of saying, “…discussion around user privacy on Facebook.”

Anyway, according to the announcement, MySpace’s new and simpler privacy settings that will give users greater control over their information. The site is will provide setting options that include public, friends only, or public to anyone 18 or over.  In the coming weeks, MySpace will put the default settings for all users to – “friends only.” Of course, you’ll be free to change this option anytime.

And guess what? MySpace had this planned out for quite some time now.  And admittedly, the only reason why they are rolling these new setting options now is because of the recent issues hauled by media to social networks concerning privacy.

The question here is, will these in any way convince Facebook users who are dissatisfied with how Facebook has been handling privacy issues, to use MySpace for social networking instead? What are your thoughts?