Security Bytes – April 2013 – Rampant Identity Theft.
Identity theft is a crime that has been at the top of the charts for years and has been very popular with Internet criminals for some time. Recently, this crime has taken a morbid turn. This year identity thieves have been preying on the identities of deceased Americans at an alarming rate. They use the information obtained via various methods to apply for loans, scam mobile phone service and potentially other fraudulent activities.
The reason why this form of crime is so popular is because it is an impersonal crime where the thief never has to meet the victim face to face. Thieves can get away with this before authorities can spot fraud is because it frequently takes up to 6 months time for federal agencies to share deceased records with all the agencies involved thus giving perpetrators a head start. There are thousands of identities stolen every day! Worse yet a loved one that is suffering the loss usually is not vigilant during the mourning period to pay attention to credit monitoring.
So how does this information fall into the wrong hands?
Security Bytes – February 2013 – Passwords revisited
In a previous article I addressed the importance of creating complex and creative passwords to secure your sensitive data. This month I wish to revisit this issue and present some new alternatives to basic password generation.
For some time now Yubico (www.yubico.com), the company behind the Yubikey has been aspiring to help us manage passwords and streamline the process of logging into machines with single sign on hardware keys. As with all smaller security companies the adoption of the Yubikey as been slow. Now Google has partnered with them to create a seamless solution to work with their Chrome browser to streamline the way you log into websites thus greatly limiting the need for passwords at the websites we frequent. Granted the project is still in beta stages, it holds tremendous potential to eliminate the need for end user to create their own passwords at sites and potentially reuse passwords over and over again.
Security Bytes – December 2012 – I want my Java!
It is commonplace today for people to take their cup of coffee for granted, even though coffee for many is a precious commodity. Many of us take it for granted that when we go to a web site we see glorious graphics and eye stunning visuals that pop out of the page. Few realize that those images and visuals sometimes come from the use of Java from Oracle systems.
In recent months Java, Flash and other frequently used components from various developers have been under attack by hackers because of their wide spread use by consumers. The broad potential for compromise that this presents is what makes these products so enticing for hackers. In the past month a new exploit for Java was uncovered that potentially can compromise any system that is using Java no matter if the system is using the most up to date version. Note that the possibility for compromise exists no matter if one is using Windows, Mac or Linux platforms.
This lends the question: “ What is Oracle doing about this and what can one do in the meanwhile to lessen the risk for compromise?”
Security Bytes – January 2013 – New Year Security Tips
The New Year has begun and despite the best efforts of the Mayans to make us think the world was ending we are still here and the Earth is not 10,000 degrees!
This month I want to stress the importance of keeping track of your personal information from possible threats. These days more than ever we are continually required to give out private information when going to the mall, at the doctors office, when traveling, purchasing online, and other places. It is almost too difficult to keep track of where you give our information and how it is being used. In previous articles I have explained how to guard you private information when on the Internet and how to limit exposure to risk by purchasing a shredder for disposing of sensitive documents. Today I wish to heighten awareness when in public or business transactions.
The biggest risk people face is how 3rd parties distribute your information and how that information is used. For example, when you go to your doctor you almost always have to fill out countless forms that ask very personal information as well as financial and social security numbers. This information is governed my HIPAA standards and simply means that the provider collecting the information must ensure that the sensitive information is stored or disposed of in a proper way such that no one can inadvertently gain access to it. I have witnessed many cases where healthcare offices do dispose of the information in a dumpster to be shredded, but then put that dumpster in a public are where anyone can simply dive in a grab information.
What can one do?
Security Bytes – November 2012 – 1 hour Hack
This month I will cover a topic that has been publicized recently when Matt Honan, a senior writer for Wired magazine, had his digital life hacked in the space of 1 hour online.
The reason for this may not seem so significant at first, but it is important to consider the fine balance of functionality vs. security. In the space of 1 hour, hackers managed to gain access to several of his online accounts and several of his devices were remotely wiped in the process causing him to loose precious photos of his children (amongst other things). I am not going to go into the details of every step but rather touch on the main reasons for why these hackers were successful with their actions.