January 2010 – CYBER ARMS – Computer Security

Internet Surfing Safety Tips

Many people use online mail, banking and buy items on the internet now. The biggest question is,”What are some things I can check to increase my safety online?”

There are two ways to browse the internet, regularly and securely. Regular sites have the designation “http://” in front of the www. address, secure/encrypted websites us the “https:// designation.

What is the difference? Regular websites are not encrypted. Any information you enter into them is transfered across the internet in standard readable text. Secure sites encrypt the data you enter before sending it over the internet. This makes it very difficult, if not impossible, for someone to intercept and read this information.

Whenever you are asked to log in to a secure site, whenever you are purchasing items, or checking your financial information, glance up at the address bar and make sure that it says “HTTPS://” in front of the web address instead of “HTTP://” This tells you that your are using a secure site and that your information is being encrypted as it is sent over the internet. Standard sites are not encrypted.

Believe it or not, hackers have found a way to divert your HTTPS:// connections to a standard HTTP:// unencrypted address. So instead of your address bar at the top of internet explorer saying something like https://securebankingfor me.com it will actually say http://securebankingforme.com and your information that you thought was secure could be intercepted.

Oh, one last point, don’t rely on the lock icon that shows up in the address bar when on a secure site, hackers have found a way to duplicate that also. Always check for the “https://”

Daniel W. Dieterle

Search While Protecting Yourself From – Google?

“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

– Eric Schmidt, Google CEO

With the Google hack in headlines news recently, there seems to be another war going on. This one is against… Google. It appears that Google tracks EVERYTHING you do while you use its search features. Including the webpages you clicked on when doing your searches, the news you’ve read and the places that you asked directions for.

Moxie Marlinspike, computer software expert, penetration tester and the one who showed the world that SSL can be completely bypassed, is now taking on the privacy issues with using Google. His Firefox plug-in called “Google Sharing” connects you to a Google sharing proxy server that protects you from Google’s tracking methods. A full explanation and the software can be found at http://www.googlesharing.net/index.html.

As with any proxy type software, security is a risk, because you are opening a network path from your PC to an unknown system. But if your privacy concerns outweigh the risk, then Google Sharing may be the way to go.

Daniel W. Dieterle

Cyber Arms Race

“There’s an arms race going on in Cyberspace” , that’s the word today from Dave DeWalt, chief executive and president of McAfee. Here is the cyberwar tale of the tape according to Mr. DeWalt:

Countries with Cyber Weapons :
US, China, Russia, Israel and France
20+ Countries arming themselves with cyberweapons.

Cyber Statistics:
500% increase in new Malware attacks
60% polled say foreign governments infiltrated their corporate infrastructure.
Worldwide, US is the biggest cyberwar threat, China is number two.
Cyber attacks cost 6.3 million a day, 1.75 Billion a year worldwide.

Read the full story at Yahoo News.

China Involved in Google Hack?

It looks like China is still denying any involement in the recent google hack. The exploit used was a zero day attack. On January 21, Microsoft announced that they actually had known about the flaw since last September and it was in “the queue” to be addressed. Microsoft released Security Bulletin MS 10-002 in resonse to the attack.