There are reports today from many technology news sources and others like the Wall Street Journal that Google has been getting through the privacy settings of people using Apple’s Safari web browser on their iPhones and computers. Apparently they used a specific code that would trick the web browser software into letting them be able to monitor the users. The most interesting part of all of this is that Safari is set by default to block the type of tracking Google was doing. The code was actually found by a researcher from Stanford, Jonathan Mayer. Although Google is not alone is this, there are other companies reported by the WSJ to have used techniques like this. Apple is currently working on these work around and will work vigorously to put a stop to this privacy workaround. Most think this work around is used for Google to get a leg up in the social media game or is Google trying to poke holes into Apple’s phone software to show that Droids are better choice. What do you think people?
So as we know the iPad and iPhones have been pretty clean from getting malware and things of that nature. However now a Mac hacker by the name of Charlie Miller found a way to get a bad app into your phone right under Apple’s nose. Apparently Miller is going to present a method that exploits a flow in Apples restriction on code signing on iOS devices at the SysCan conference in Taiwan next week. Miller actually planted a sleeper app in the app store to demonstrate this trick, an app can actually phone home to a remote pc that downloads new unapproved commands onto the device and executes them at will, including stealing photos, reading contacts, make the phone vibrate or play sounds or re-purposing normal iOS app functions for malicious gain. ?Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,? says Miller. ?With this bug, you can?t be assured of anything you download from the App Store behaving nicely.?
Here is the video that will demonstrate the security vulnerability:
Microsoft’s popular free antivirus program Security Essentials has put in a mediocre showing in the latest quarterly tests from German test outfit AV-Test.org, finishing second to the bottom out of 22 products.
In Q1 2011 Security Essentials 2.0 (MSE) performed well at the least demanding test, that of spotting malware drawn from the industry-agreed Wildlist selection, scoring 100 percent. It also put in a good performance against a large group of recent malware samples selected by AV-Test itself, with a creditable score of 97 percent detection.
The product’s performance deteriorated sharply when pitted against 107 recent zero-day malware web and email malware attacks, described by AV-Test as ‘real-world’ testing’, spotting only half. The product’s performance in ‘dynamic detection testing’ - noticing malware on or post-execution - was also modest at only 45 percent.
The top-scoring product in the tests was BitDefender’s Internet Security Suite 2011, with a maximum weighted score of 6.0 across all tests, ahead of BullGuard Internet Security 10, F-Secure Internet Security 2011, and Kaspersky Internet Security 2011, all on 5.5. MSE scored 2.5, ahead of only one product, CA Internet Security Suite 2011.
A lot of the reason we see people buying Mac?s over PC?s is not just because of its ease of use but also because it has been virus free for the most part. Well now that might start to change as there are reports out there that a backdoor Trojan is floating around. The Trojan is a variant of a well known remote access Trojan *RAT*, it is known in Windows as the darkComet. It has come to be known on the MAC as the Blackhole RAT. The problem that can happen with Mac users is the Black Hole name is already being used by legitimate application that will increase security on your Mac. It helps you get rid of sensitive information like recently used file lists, data that is on the clipboard and much more.
It has been known to do these types of things to your PC:
Place text files on your desktop
Sending URLs to the client to open a website
Sending a restart, shutdown or a sleep command
Running arbitrary shell commands
Obstructing what you are doing by placing a full screen window with a message that only allows for you to click a reboot option only
Possible the worst of them all, using a pop up fake admin password window to try and phish out your password
It looks this Trojan is able to get on your system main through pirated software downloads, torrent sites, or anywhere you may download applications that need to be installed. So be careful where you download your applications.
When we used a dial-up connection to the Internet, security was not a significant problem. With today’s “always on” broadband connections, security has become a major concern. This discussion applies only to broadband connections like DSL or cable modem connections. Many broadband connections come with a router built in to the modem.
If the box that came from the telephone company or cable company has?more than one plug that looks like a wide telephone jack, chances are that you have a built in router.
This is what a?DSL Modem/Router looks like from the back.
To check your computer’s security, go to?Hacker Watch for a free security check.
To secure your computer, the first thing you need is a router. Every router has a hardware firewall. A router is the only device to appear on the Internet, and the router is a dumb device with no important data. Without a router, your computer is on the Internet, and there is important data on it. There are software firewalls but they are not nearly as effective as a routers hardware firewall. The built in firewall in Windows XP is particularly ineffective.
A router is not expensive, and it’s easy to connect. There are two basic types of routers: wired and wireless. A wired router may be purchased for as little as $10, while a wireless router for as little as $30. Every wireless router also has wired connections - usually 4 wired connections. For current prices, check?your local office supply store.
A router connects with standard Ethernet connectors, sometimes called Category 5 Patch Cables. It simply connects between your cable or DSL modem and the computer. Some early modems connected with a USB connector instead of Ethernet. If you have one of these, call your DSL or cable provider and they will replace it. Many DSL modems have both USB and Ethernet connections. If yours is connected with USB but the modem has both USB and Ethernet connectors, you just need to find the original box - there will be an Ethernet cable in it, or you can buy one at any office supply store for about $5.
If you have a cable connection and a wired router, you’re done. If you have DSL, there is one more step.
Since DSL uses your telephone line, there are more than one ISP’s on the line. A DSL connection has to connect to the right ISP. You will have to uninstall the connection software that came with the DSL package and tell the router how to connect. To uninstall the connection software, click on “Start”, click on “Settings”, click on “Control Panel”, click on “Add/Remove Programs”. Find the software that came with DSL modem and remove it. To tell your router how to connect, bring up your web browser (usually Internet Explorer) and go to?192.168.1.1. That is the standard router address. If that address does not work, find the address of your router in the router manual. Also find the router password. You now need to define the connection type. It will be called DSL or PPPoE. Select that type of connection and enter your DSL account name and password from the paperwork that came with your DSL package. You’re done for a wired router.
If you have a wireless router, there is another step.
Since a wireless router broadcasts a signal over the air, it should be secured through encryption. The signal can travel about 300 feet under ideal conditions. Also, the router password should be changed to prevent a hacker from taking over your router. Standard passwords are well known. If you choose not to secure the signal, someone could park in front of your house, and hack into your system or download hours of illegal music and you would be liable.
To secure your wireless router, you need to activate WEP, WPA, WPA2 or encryption. Every router is a bit different, so check the router manual for instructions. You can also turn off wireless operation and use the router as a wired router.
The reason we secure a wireless network is to stop people from using the services of our network who don’t have permission to utilize them. It is harder to secure a wireless network from hackers as compared to a classic wired network. This is due to the fact that a wireless network can be accessed anywhere inside the range of its antenna.
In order to secure a wireless network from hackers, we should take proper steps to save ourselves against security issues. If you don’t secure a wireless network from hackers, you might end up without its service. The consequence might also include the utilization of our network to attack further networks. To secure a wireless network from hackers, you should follow these simple wireless networking tips.
The first thing you have to do is to position the access point’s antenna in a place which restricts the range of its signal to go further than the required area. You should not put the antenna close to a window because glass can’t obstruct its signals. Place it in a central location of the building.
But you can go even further.
Use WEP:
WEP stands for Wireless encryption protocol. ?It’s a customary technique for encrypting traffic on a wireless network. You should never skip it as that will allow hackers to get instant access to the traffic over a wireless network.
Change the SSID, disable the broadcast of SSID:
SSID stands for service set identifier.? It is the recognition thread utilized by the wireless access point due to which the customers are capable of starting connections. For every wireless access point arranged, select an exclusive as well as unique SSID. Also, if it’s attainable, hold back the broadcast of the SSID out over the antenna. It wont appear in the listing of offered networks, while being able to provide services as usual.
Disable DHCP:
By doing this, the hackers will have to decode the TCP/IP parameters, subnet mask as well as the IP address in order to hack your wireless network.
Disable or modify SNMP settings:
Change the private as well as public community settings of SNMP. You can also just disable it. Otherwise the hackers will be able to utilize SNMP to get significant info regarding your wireless network.
Utilize access lists:
For additional security of your wireless network, and if your access point support this feature, employ an access list. An access list lets us determine precisely which machinery is permitted to attach to an access point. The access points which include the access list can employ trivial file transfer protocol (TFTP) now and then in order to download modernized lists to steer clear of hackers.
Wi-Fi and other wireless connections are all open to attack from outsiders and hackers. With this new and easy internet comes new and threatening risks. Hackers can get into your information and find out everything about you, including financial and personal, things you do not want out in the open.
By taking these steps, you can make sure that hackers stay on the outside.
