Category: Network Security

Apple has now released a software fix for the Flashback trojan

Articles

A look at Apple’s Flashback removal tool | MacFixIt – CNET Reviews

Apple releases fix for Flashback malware | Engadget

Downloads – Apple’s support Website

Java Update for MacOS 10.6

Java for MacOS Lion

My Comments

Apple has reacted to the groundswell of concern about the recent Flashback malware and have issued updates to its Java runtime environment for both MacOS Snow Leopard and Lion.

Here, they have implemented a check-and-remove routine for this Trojan as part of the installation routine for the new Java runtime environment. For most Macintosh users, this will simplify the process of removing any existence of this malware as well as keeping this runtime environment up-to-date.

The CNET article also gave a detailed review of what goes on as well as how to fix situations if the installation takes too long and the procedure hangs. As I have posted previously, Apple could improve on the issue of providing system maintenance and desktop security software so that Mac users can keep these systems in good order.

The Apple Macintosh platform–now the target for malware

Introduction

In the late 1980s when the scourge of computer viruses hitting popular home and small-business computing platforms was real, this issue was exposed across all of the platforms that were in use during that year. This encompassed Apple’s two desktop platforms i.e. the Apple II and the Macintosh; along with the Commodore Amiga, the Atari ST and, of course the MS-DOS-driven “IBM” platform. Of course, the computer magazines ran articles about this threat and how to protect against it and disinfect your computing environment from these software pests.

But through the 1990s, the Windows / DOS systems were the main malware target, especially the Windows 98 and XP systems that ran Internet Explorer due to their popularity. The other platforms weren’t targeted that much due to their lesser popularity in the field and the computer press didn’t touch on that issue much. It was also because some of these platforms like the Amiga and Atari ST weren’t being supported any more by their manufacturers.

But lately there has become a trend for people to hop from the Windows platform to the Macintosh platform due to reduced targeting by malware authors and the perceived hardening that Apple has done to this platform. This has been recently augmented by the popularity of the iOS mobile-computing devices i.e. the iPhone, iPod Touch and iPad as well as elegant computing devices available to this platform. All of these factors has led to an increased popularity of Apple Macintosh computers in the feild and they have become a target for malware authors.

But most Macintosh users run their computers with the Apple-authored Safari Web browser and are likely to implement Apple iWork or Microsoft Office productivity software. They also run these computers without any desktop-security or system-maintenance tools because they perceive that Apple has made the task of keeping these computers in ideal condition easier than with the Windows platform.

What can Macintosh users do

Macintosh users can harden their computers against malware by installing and keeping up-to-date a desktop security suite. A free example of this is the Avast program that has been recently ported to the Macintosh platform and another paid-for premium example is the Kaspersky desktop-security suite. These programs are, along with a system-maintenance suite like Norton Utilities, a must-have so you can keep these computers working in an ideal condition.

Another practice that I always encourage is to keep all the software on your Macintosh computer lock-step with the latest updates. This can also help with dealing with any bugs or stability issues that may affect how the software runs on your computer. Here, you may want to enable a fully-automatic update routine for security and other important updates or a semi-automatic routine where the Macintosh checks for these updates and draws your attention to any newly-available updates, that you then deploy.

It is also worth disabling Adobe Flash Player, Java and similar “all-platform runtime” environments if you don’t need to run them. There are many articles on the Web about this in response to the Flashback Trojan Horse. Otherwise make sure that the runtime environments are kept updated. Similarly, you may want to change your default Web browser to a purely-open-source browsers like Firefox or Chrome, which is more likely to be kept up-to-date against known bugs and weaknesses. This was also made easier with new-build installations of MacOS X Lion i.e. when you had a new Macintosh with this operating system “out of the box”. Prior operating systems had the Java runtime installed by default and this survived any operating-system upgrade.

What Apple needs to do

Apple needs to come down from its silver cloud and see the realities of what is involved with keeping a computer in good order. For example, they need to provide desktop-security and system-tuning tools so that users can keep their Macintosh computers in tip-top condition and free from malware. They also need to transparently and immediately implement all updates and upgrades that Oracle releases for the Java environment in to their distribution or allow Oracle to distribute the Java environment  for the Macintosh platform.

As well, they need to take a leaf out of Microsoft’s book by implenenting a “default-standard-user” setup that has the user operating as a “desktop-user” privilege level by default. Then the user is asked if they want to go to an “administrator” privilege-level when they perform a task that requires this level and only for the duration of that task. This is important with home and small-business computer setups where there is typically only one fully-privileged user created for that system.

Conclusion

What the recent “Flashback” Trojan Horse has done is to bring the Apple Macintosh platform to a real level where issues concerning desktop security and system maintenance are as important for it as they are for other platforms.

CEBit 2012

Introduction

The CEBit 2012 IT show in Hannover, Germany is one of may technology trade shows covering the European area where there is a strong crossover between product classes. It was positioned at work-based computing but is competing with Mobile World Congress in Barcelona, Spain (smartphones), Internationaler Funkaustellung in Berlin, Gernamy (consumer electronics) and Photokina in Cologne, Germany (digital imaging) as a European showcase platform for consumer and small-business information technology.

It has carried through the overall key trend of work-home computing and the always-mobile business life. This is more so with the emphasis on portable computing equipment and equipment to service the data cloud.

Key issues and trends in computing

Privacy and security in the online age

A key issue that has been raised through this year’s CEBIT show in Hannover is how US-based companies are limiting data privacy in the eyes of Europeans. Regular readers of HomeNetworking01.info may have seen articles being published about this issue, especially an industry interview that I did with Alastair MacGibbon and Brahman Thyagalingham, concerning the responsibility of service providers if something goes awry with the data in their care.

This was brought about through the recent privacy and security changes at Google as well as an increase of data being held “in the cloud”. There was also an underscoring of the improtance of trust concerning data in the Internet Age.

Technological trends

PCs and laptops

These “regular” computers have not been forgotten about even though there is a lot of interest in the tablets and smartphones. It has been led about through the imminent release by Microsoft of Windows 8 which is available as a consumer-preview version at the time of writing. One feature pitched about this operating system is that it was intended to bridge home and work computing lifestyles with mechanisms like Windows To Go “boot-from-USB” setups.

As well, there was the imminent release of the Ivy Bridge chipset and processor families by Intel with these offing graphics that are just close to “gaming quality” but with economical power consumption. There was a “Super SSD” drive also being premiered which had 512Gb of solid-state storage in a 2.5” housing for the current generation of portable computers.

This year has seen more of the Ultrabooks being released by the various manufacturers and in different variants.

An example of this was Acer showing their new range of equipment with the Timeline Ultra M3. This was a so-called “15-inch Ultrabook” which had an optical drive and NVIDIA GeForce discrete graphics, with variants available with a hard disk or solid-state-drive only for their secondary storage.

Acer had also premiered their V3 lineup of 14”, 15” and 17” budget-friendly laptops with the 17” variant having a Blu-Ray optical drive. They also premiered the V5 11”, 14” and 15” slim mainstream laptops with the 14” and 15” varieties being equipped with discrete graphics as an option.

Toshiba also fielded a variant of the Portege Z830-120 Ultrabook with WiDi Wi-Fi-driven display link technology and was promising a “brown-goods” LCD TV with WiDi display functionality. I would say that this function may appear in a higher-end LCD chassis which serves a particular run of high-end lounge-room sets.

Of course, there would be some computers that are positioned as “bridge” units between the regular laptop and the tablet, typically being equipped with a touchscreen and a keyboard at least. Examples of these would include ASUS “Transformer” variants with detachable keyboards or “swivel-head” convertible laptops. These could be based on either an ARM RISC microarchitecture or the classic Intel microarchitecture with them running Windows or Android. They would be pitched at those of us who like the touchscreen tablet experience but also want to use a proper keyboard to create content.

Smartphones and Tablets

The smartphone and tablet scene at this fair has been affected by two issues. One is Apple releasing their third-generation iPad with the higher-resolution “Retina” display and A5x graphics subsystem concurrently with this show, setting the cat among the pigeons. Of course, the patent fights are still on with Apple over tablet-computer design with some of the lawsuits still not resolved.

The other is that a lot of the smartphones and tablets destined for Europe were premiered at the previous Mobile World Congress in Barcelona, Spain. But there were a lot of the tablets being exhibited in Hannover.

Key features that were being put up included near-field communications which enabled “tap-and-go” payment and data transfer for these devices, larger screens for this device class, LTE wireless-broadband and DLNA implementation. As well, the Android devices are being released with quad-core processors, keyboard docks, glasses-free 3D, full HD graphics and other more attractive features.

As for LTE 4G wireless broadband, an increasing number of European mobile carriers are rolling out LTE networks through their market areas and are launching phones, tablets and modems that work with this technology.

Conclusion

What it sounds like is that the CEBit show is underpinning a mobile cloud-driven computing environment which is to support “regular” and mobile usage classes.

Security issues concerning field-updatable device software raised in HP lawsuit

Article

HP sued over security flaw in printers | Security – CNET News

My comments

An increasing trend that I have covered on this site and have noticed with equipment that I have reviewed is for the equipment to be updated with new firmware after it is sold to the customer.

Field-updating practices

Previously, this practice involved the device’s user using a regular computer as part of the update process. In a lot of cases, the user would download the update package to their computer and run a special program to deploy the update to the connected device. If the device, like a router, was connected via the network, the user uploaded the update package to the network-connected device via its management Web page or other network-file-transfer methods.

Now it is becoming more common for one to update the software in their device without the need to use a regular computer. This would be done using the setup options on the device’s control surface to check for and, if available, load newer firmware. 

It also includes the device automatically polling a server for new firmware updates and inviting the user to perform an update procedure or simply updating itself during off-hours for example; in a similar vein to the software-update mechanisms in Windows and MacOS.

As well, an increasing number of devices are becoming able to acquire new functionality through the use of “app stores” or the installation of add-on peripherals.

The HP lawsuit concerning printer firmware

Just last week, there has been a lawsuit filed against HP in San Jose District Court, California, USA concerning weaknesses in the firmware in some of their printers allowing for them to accept software of questionable origin. Issues that were raised were the ability to load modified software that could facilitate espionage or sabotage. This was discovered through lab-controlled experiments that were performed on some of the affected printers.

As all of us know, the firmware or apps are typically held on servers that can be easily compromised if one isn’t careful. This has been made more real with the recent Sony PlayStation Network break-ins, although data pertaining to users was stolen this time. But it could be feasible for a device to look for new firmware at a known server and find compromised software instead of the real thing.

They even raised the question not just about the software that is delivered and installed using a computer or network but the ability to install ROM or similar hardware chips in to the device to alter its functionality. I would also see this including the ability to pass in code through “debug” or “console” ports on these devices that are used to connect computers to the devices as part of the software-development process.

This could have implications as equipment like home appliances, HVAC / domestic-hot-water equipment and building security equipment become field-programmable and join the network all in the name of “smart energy” and building automation. Issues that can be raised include heaters, ovens or clothes dryers being allowed to run too hot and cause a fire or building alarm systems that betray security-critical information to the Social Web without the users knowing.

Further ramifications of this lawsuit

Device manufacturers will have to look at the firmware that governs their products in a similar vein to the software that runs regular and mobile computing equipment. This includes implementing authenticated software delivery, software rollback options and the requirement to keep customers in the loop about official software versions and change-logs (differences between software versions).

In some cases, business computing equipment like laser printers will have firmware delivered in a similar manner to how computer software is rolled out to regular computers in larger businesses. This includes software that enables centralised firmware deployment and the ability to implement trial-deployment scenarios when new firmware or add-on software is released.

Devices that have proper-operation requirements critical to data security or personnel / building safety and security may require highly-interactive firmware delivery augmented with digital-signature verification and direct software-update notification to the customer.

Similarly, security-software vendors may push for a system of integrating software solutions, including “edge-based” hardware firewall appliances in the process of software delivery to other devices.

Conclusion

What I would like to see out of this case if it is allowed to go “all the way” is that it becomes a platform where issues concerning the authenticity, veracity and safety of field-updatable firmware for specific-purpose devices are examined.

Google Secure Search–more than just privacy-enhancing

Article

Scareware slingers stumped by Google secure search • The Register

My Comments

Google has allowed users to perform a “Secure Search” option where their search-engine transactions are encrypted between the Google servers and their computer. This can be either facilitated through the user typing https://www.google.com or setting it as a default for their Google services account.

Obviously this feature is intended to provide a private secure-search sessions over open networks like Wi-Fi hotspots that are set up in the common open manner. But this also has a side benefit where destination Web sites don’t know what search terms are passed to them, thus making it harder to tune search search listings without the use of tools like Google Analytics.

The key obvious benefit is to stop the appearance of “poisoned” search listings that lead users to “scareware”. These are Trojan Horses which appear to be legitimate system utilities but are intended to separate the user from their money by spruiking horrendous system conditions to the user. Of course, I have had to deal with this menace by removing these programs from various friends’ computers.

The only limitation with this setup is that it only applies by default for people who are currently logged in to a Google service of some form like GMail. For users who share computers, they would have to start a Google-services session then head to the Google.com Website to start searching; or simply remember to type the https prefix. This can be achieved through the Google bookmark, favourite item or Intranet page hyperlink pointing to https://www.google.com .

At least this is another Web security item that offers more than is typically highlighted.

Twitter–who see what and when

Another increasingly-popular social network service is Twitter. This was intended as a “microblogging” service but some people have been implementing it as another social network.

Like the similar Facebook article that I have written for Facebook novices, this will list who will see which information you post when you use Twitter. Here, I would recommend this as a bookmark or favourite or as something to print out and keep near the computer or have available on the business intranet.

Twitter lexicon

Tweet A public Twitter post. Also to leave a public post on Twitter
Follow To subscribe to a Twitter user’s Tweets (public comments)
Follower A person who subscribes to a user’s Tweets. Is also capable of receiving direct messages from the users they follow.
Hashtag A reference tag that is preceded by a # (hash) symbol and is used for filtering Tweets on a topic. Used primarily in front of cities, TV shows, brands, etc.
Mention or Reply A Tweet that features a Twitter user with that user’s name preceded by an @ symbol.

Who sees what

What you do Who sees this  
When you post a Tweet All your Twitter Followers  
When you Retweet someone’s else’s Tweet All your Twitter Followers Your followers will see the original Tweet suffixed by “Retweeted by <your_user_name>”
When you reply to someone else’s Tweet or mention another user in your Tweet All your Twitter Followers The Tweet will have the other person’s username preceded by the @ symbol and the user will be able to see the mentions or replies in the “reply / mention” filter
When you send a direct message to a Follower Only that specific Follower that you address Your Follower has to be following you to be able to be contacted by a Direct Message

What to do where on Twitter

General comment or broadcast message Post a Tweet Be careful what you write as all followers or potential followers can see what you write.
Reply to someone else’s Tweet or mention a Twitter user where confidentiality isn’t required Post the tweet using the Reply or Mention tools Again, be careful what you say when you write these posts.

This can be good for congratulating the user or offering some sympathy on an event they Tweeted about.

Direct private message to a Follower Post a Direct Message  

 

If someone follows you on your Twitter account, it may be a good idea to check that person out when you receive the notification by email. Here, you could then consider following that person and being able to use direct messaging as appropriately.

It is also worth noting that a lot of social Twitter users use “textspeak” (abbreviations and acronyms for common expressions used when sending SMS messages) when they send out Tweets. So you may have to use resources like the Urban Dictionary to help you understand some of this lingo.

Feature Article – Basic information about provisioning public Wi-Fi hotspot service

Introduction

You might be considering setting up that complimentary hotspot for your guests to use but there are certain risks to be aware of concerning the security of your business and your guests’ data and identity.

Risks that have been highlighted include confidential-data and identity theft performed against customers as they work this data from their portable devices; as well as clandestine computer activity like the downloading or serving of illegal content; or the distribution of spam email, performed using computers connected to public Internet networks like wireless hotspots.

As well, there may be other imperatives required of people who provide Internet access to the public. These imperatives, asked for by various local, state / regional or national governments may include requirement like keeping a log of whom you provide Internet access to or requirement for session tracking. Therefore I am not therefore in a position to explain how to satisfy these needs and it is best to seek local advice on this topic.

Therefore, your business should know who is using the hotspot service and be able to make sure that the people who benefit are the business’s customers or guests. This means that the customers or guests are actually going to be operating the network device that they use when connecting to the service and also operate it on your premises. As well, your customers know that they are going to actually benefit from your hotspot service when they log in to this service.

The cafe or bar as a “second office”

This is more important for the cafe as an increasing number of businesspeople use these places as “second offices” where they can work without unnecessary office-borne distraction or as places where they meet their colleagues or business partners. Here, these people will be working on workplace-confidential data and most of these workplaces place high value on the security of this data as it travels between the laptop and the workplace’s main computer systems.

In fact, the reason I have decided to publish this article was because a cafe that I regularly visit in Camberwell (Melbourne, Australia) had just started to offer free public Wi-Fi access but I had wanted them to provide a free Wi-Fi service that is safe for their customers. Here, they had an ordinary wireless router as the Internet service but they needed help in getting this service working properly and safely. They also wanted to make sure that this resource was available just to their customers as part of their customer service.

Your equipment

When you start out with your complimentary-use hotspot service, you may use a wireless router hooked up to a separate Internet service or use one with a “guest-access” or hotspot function and is connected to your common Internet service.

This should be set up to cover your public area such as the bar areas in your bar or the dining room in your cafe. In some situations, you may need to use an additional access point to cover larger areas or get your signal past thick walls. This is something I have covered in this site as a separate article.

As well, if your equipment works on 802.11n technology, it should be set to work in compatibility mode where it can work with 802.11g and 802.11n devices. This is to cater for the fact that most devices that are in circulation, especially smartphones, are likely to work with 802.11g technology and people may operate battery-operated 802,11n-capable devices in 802.11g mode in order to conserve battery runtime.

Dual-band setups

It may be an asset to consider a dual-band setup for your wireless hotspot. This will use a radio presence on the 2.4GHz band as well as the newer 5GHz band and is supported by an increasing number of newer laptops, tablets and smartphones. The new waveband comes in to its own for multimedia applications like video conferencing or photo and video uploads to social media as well as taking some pressure off the 2.4GHz band for legacy equipment to use.

This can be achieved with a router / gateway or access point that implements simultaneous dual-band operation or you can add a 5GHz access point or a dual-band access point set up for 5GHz operation to your existing network.

Here, you need to make sure you still have your network set up for 802.11b/g/n operation for the 2.4GHz band and 802.11n operation for the 5GHz band. If your equipment supports 802.11ac Wi-Fi, you may have to make sure that the 5GHz aspect works in a compatibility mode for both 802.11n and 802.11ac equipment. As for the SSID (Network Name) which is talked about below, you can use the same SSID for both bands and the clients’ computer equipment switches between the bands automatically.

Your SSID or Network Name

The SSID or network name is very important to your hotspot’s identity. Here, it should reflect your business’s name and have a reference to public or guest Wi-Fi service. An example that I used for a basic complimentary-use Wi-Fi hotspot that I set up at a coffee lounge just recently was MORAVIA-PUBLIC-WIFI. Here this reflected the coffee lounge’s name (MORAVIA) as well as stating that the service was a public Wi-Fi hotspot service hosted by this business. Therefore, you can then identify any “evil-twin” or “fake-hotspot” devices left on or near the premises that exist to capture customers’ sensitive data.

This SSID must be used in all signage advertising your hotspot and the signage must reflect your company’s identity. This means that it either has your company logo and name or be in your company’s styling. In this case, the signage about the hotspot should at least exist beside the cash-register and the door, preferably at eye-level or near the main handle or pull.

Hotspot security

Basic security

Your hotspot network should be secured with a WPA-PSK passcode which your staff should give out to customers who want to use hotspot service. As well, the network should have wireless-client isolation enabled, so that customers who are using the hotspot cannot browse on to each others’ computers.

Previously, there wasn’t any wisdom in implementing link security on a public-use wireless network but now that most computers and handheld devices support WPA-based link security for wireless networks, adding this function to WPA-level is still worth it for achieving some control and security in a public-use wireless network.

It is still important to change the WPA-PSK passphrase regularly such as at least twice a month. Some environments may require the passphrase to the changed every week. This is so that it becomes hard to set up a “fake hotspot” using your service’s credentials or keep a computer logged in to the hotspot service without you knowing.

People who use “open-frame” computing devices based on recent versions of Android or Windows may find that this job may be simplified. One method, which works with both the operating systems, is to use WPS push-button setup on consumer routers that are suitably equipped and are serving as dedicated hotspot devices. But another method is to make a QR code representing the SSID and WPA passcode as a machine-readable form and print this out on to a card that you hand to your customer. Then they scan this code with their Android or Windows 10 device with the appropriate reader software.

As well, your hotspot should properly support VPN pass-through for all protocols so that business users can log in to their workplace VPNs  without any headache.

Special hotspot-gateway devices

It may be worth knowing that if you want greater control over your public Internet service, it may be worth implementing a “docket-printer-based” wireless hotspot gateway like the Netcomm HS-1100, Solwise WAS-105R or Zyxel N4100.

Here, these devices direct users to a login page where they have to key in a session login and password that they transcribe from a paper docket that is printed from a docket printer attached to the hotspot gateway. If you intend to offer a paid service, these devices put you in a position to use the payment methods and paths that you use to accept payment for your goods and services.

This is unlike some other hotspot gateway setups that require the potential user to pay another company directly using their credit card or an account maintained by that other company using a payment form hosted by that hotspot. Typically, a lot of these setups are managed in a manner where you don’t have much control over how the service in provided and the service may be provided in a manner not dissimilar to how most vending and amusement machines are provided where you don’t own the equipment, representatives visit the premises to maintain the equipment and you get a small “cut” from the takings.

As well, the session login parameters that your users type in from these dockets exist only for a particular time limit. This is also important for people who run a paid service, but can be useful for managing complimentary service so you can be sure that the people who are using your service are your customers or guests who are in your public areas.

If you do run one of these dedicated hotspot gateway devices, such as a “docket-printer-based” device, the wireless network that these devices operate should still have WPA-PSK security with the passphrase changed regularly. The “docket-based” devices will list the WPA-PSK passphrase on that same docket so your customers can still log in to your hotspot from their device.

Hotspot 2.0 / Wi-Fi Passpoint functionality

Hotspot-gateway devices that supports Hotspot 2.0 or Wi-Fi Passpoint operation, including firmware updates that bring this functionality to existing equipment, is also worth its salt. This provides for improved login experiences including the ability to have your venue described in the list of available Wi-Fi networks when your customers use compatible along with a simplified signup or login procedure. It also supports link-level security between the user’s computer or phone and the access point.

When you enable Hotspot 2.0 or Passpoint functionality on your hotspot gateway device, make sure that your establishment’s details are properly entered when you fill out the setup form for this function. Here, if your users have equipment that supports this technology to the letter, they can identify your establishment in a more qualified manner so they are sure that the Wi-Fi service they are connecting to is the one you are providing at your business.

Of course those of us who use devices that don’t support this functionality can still benefit from Wi-Fi hotspot service on these services as long as “universal” authentication is enabled on the gateway device.

Branding options

If you do implement these devices, make sure that you know how to brand the customer-facing user interfaces.

Most of these devices can allow you to upload a graphic and integrate it in to the login interface or they can allow you to upload customised login screens or point to a Web server for the login interface graphics. The latter option may appeal to you if you have a good hand with creating basic HTML Web pages.

Here, make sure that you have your business name and logo and, if you can do it, set the colour scheme to your business’s colour scheme. As well, make sure that your business name appears on the access dockets that your hotspot gateway prints out.

Power outlets

With a hotspot, always expect that some of your customers will use the power outlets on your premises to power their laptops or smartphones from AC power to avoid compromising battery runtime. This is more so with customers are operating older equipment that has batteries that are “on their last legs” or are working VPN sessions in order to “pick up” files from work and want to be sure this is done properly.

Here, a few double outlets near the tables can work wonders here and if an outlet is used for powering a device like a lamp, the device could be connected to the outlet via a multi-socket power-board with extra outlet space for a few appliances.

Conclusion

Once you know how to choose and set up your public-use wireless network properly, you can make sure that this is a service that your customers and guests will benefit from fully. This may even put your business “on the map” as far as customer-service extras are concerned.

UPDATES

I have done some revisions to this article which was originally published in August 2011 to reflect the arrival of newer technologies like 802.11ac dual-band Wi-Fi wireless technology, Wi-Fi network credentials via QR codes, and Wi-Fi Passpoint technology.

Fake “virus-infection” phone calls–be aware of them

News Article

Phone scammers target computer owners | ABC News Australia

Alert over scam phone calls about bogus computer virus | Wolverhampton City Council (United Kingdom)

My Comments

Just today, a friend of mine who I live with received a phone call on our house phone saying that their computer is infected with a virus and she was being instructed to do certain procedures on the household computer. Luckily she told the caller to hang up and put the phone down and didn’t head towards the computer. This was very good for someone who hasn’t much familiarity with computer technology.

This is part of a scourge that is affecting home and small-business computer users and computer novices are more likely to be at risk of this fraud because they may not know the difference between a virus attack or a computer being very sluggish.

There has been some press coverage and coverage in government consumer-protection Websites and bulletins around the world concerning this topic, with a lot of weight placed on reference to the scammers claiming they represent Microsoft. But the scammers can pretend they represent other legitimate IT companies like antivirus software firms.

If you needed outside help regarding computer issues, you will most likely have initiated the contact yourself, whether through your computer-expert neighbour, relative, friend or acquaintance; your workplace’s IT support if your workplace has such a department or your computer supplier.

What these callers tend to do is to lead the user to download and install malware, usually in the form of spyware or fill in forms with email addresses and credit-card details in order to facilitate various forms of fraud against the user. This can be in the form of milking their bank account and credit-card of useable funds, inundating their email inbox with spam email or stealing other information that is confidential to them or their business operations.

So I would encourage all users to be careful of unfamiliar “call-centre” phone calls about computer viruses or similar issues and simply hang up when they receive these calls. As well, they should keep their desktop security programs on their computers up-to-date so as to protect against the various scams.

Other tactics that you may consider would be to threaten the scammers with legal action or question them about whether they can do business legally in your country. A good example would be asking them for their tax-registration details that are required of them if they do business in your country, such as the VAT registration details if you are in Europe or the Australian Business Number if you are in Australia.

Mobile Users Becoming More Susceptible to Phishing Scams

Article

Mobile Users More Susceptible to Phishing Scams – www.enterprisemobiletoday.com

My comments

Why are mobile (smartphone and tablet-computer) users more susceptible to phishing scams?

The main reason is that the operating interface on the mobile computing devices is totally different to the operating environment on a desktop or laptop computer.

One main reason is that most of these devices don’t have a large display area in their Web browsers or email clients due to them having smaller display screens. This leads to the software designers designing a “clean and simple” user-interface for software pitched at these devices with minimal controls on the interface; which eliminates such concepts as fully-qualified email addresses and URLs. A lot of these devices even conceal the address bar where the user enters the URL of the page to be visited unless the user directly enters a URL that they intend to visit. Similarly, the email client only shows the display name for the incoming email, especially in the commonly-used “list-view”.

It is also augmented by the lack of a “B-option” interface in a mobile operating system. This is compared to what is accepted in a desktop operating environment with functions like right-clicking with a multi-button mouse or using Ctrl-Click on a single-button-mouse-equipped Macintosh to gain access to a context-sensitive secondary menu. Similarly, all scientific calculators used an [F] key and / or an [INV] key to modify the function of formula buttons either to gain access to the inverse of a formula or obtain another formula.

Such an option would allow the user to select a “function” button before selecting the option or displayed item in order to open a context-sensitive secondary-function menu or select a secondary function.

This discourages users from checking the URL they intend to click on in an email or the fully-qualified email address for an incoming email.

What could be done?

The Web browser and email client could support “phish detection” which could provide a highly-visible warning that one is heading to a “phishy” Web site or receiving a suspicious email. This function is just about provided in every desktop email client that most of us use but could be implemented in a mobile email client. Similarly, an email service could integrate filtering for phishy emails as part of its value-added spam-filter service.

There could even be the ability to have a “magnifying glass” touch button on the browser or email-client user interface which, when selected before you select an email address or URL, would show the fully-qualified email address or URL as a “pop-up”. This would have the domain name emphasised or written in a distinct colour so you know where you are going. This same interface could also be in place if one enters a URL directly in to their Web browser.

The mobile browsers could also support the Enhanced Validation SSL functionality through the use of a distinct graphic for the fully-validated sites. As well, a wireless-broadband provider or Wi-Fi hotspot could offer a “phish-verify” proxy service so that users can see a “red flag” if they attempt to visit a phishy Website similar to what happens in Internet Explorer when a user visits a suspicious Website.  This is similar to how some mobile providers warn that you are heading to a website that isn’t part of their “free-use” Website list and they could integrate this logic in to these proxy servers.

Conclusion

In general, the industry needs to look at the various user scenarios that are or are likely to be in place to improve secure Web browsing and email. Then they have to enable user-experience measure that can allow the user to verify the authenticity of Websites and emails.

This is more so as the small screens end handheld devices end up as the principal Web user interface for people who are on the move. It will also become more so as the “10-foot” TV interface, with its large screen with large text and graphics, D-pad navigation technique and use by relaxed and mostly-tired viewers relaxing on comfortable furniture becomes a mainstream “lounge-room” interface for the Web.

Microsoft Security Essentials–now free to small shops and offices and the like

News article

Microsoft Security Essentials available to Small Businesses on October 7

My comments

Microsoft have an entry-level antimalware program called Security Essentials which was previously available free to home users and students. This required all business users to consider using their premium Forefront Security Suite or other competing desktop security software solutions for their computer security.

This put small businesses and organisations lie shops, medical practices, religious organisations, non-profits and the like who had a few computers on their network in a very difficult position especially when it came to easy-to-manage desktop security software, Now Microsoft have answered this need by varying the End User License Agreement for this program to allow small business users with up to 10 computers to run this program.

One of the reasons that I am pleased with this change is that it is easy for the owner of a small organisation (who is responsible for that organisation’s IT) to set up and manage desktop security on Windows-based computers with this easy-to-manage program. It works in conjunction with Windows Firewall and has very little that is needed to adjust, which will please most of this kind of user who may not have good computer skills.

This therefore may be a way for a small shop or similar operation with a few Windows computers to save money on their desktop security software. One improvement I would like to see is for Apple MacOS users to benefit from a free desktop-security program because as this platform becomes popular, malware writers will target it.