Published September 4th, 2007
in News.
AT&T has provided parental controls for its DSL internet customers for some time. The controls allow parents to setup accounts that they can monitor for their children. The parental controls will then send reports to the parents about the child’s internet activity. Today, AT&T has announced that they will now offer a parental control service for their cellular service. Parents can now restrict their children’s cell phone usage to cut down on those high cell phone bills and to keep their child safe. Some of the settings allow the parents to cap the amount the child can spend on ringtones or block calls or text messages from specific phone numbers.
While I am not sure the service is worth the $4.99 a month it demands, I can see its benefits. I have seen kids run cell phone bills up to $500 plus due to over usage of text messaging, and this service could help greatly in this situation. At the same time, it comes down to trust in your kids and the respect they show. If a kid cannot respect the responsibilities of the phone, maybe they don’t need one to begin with.
Read more…
Published September 4th, 2007
in General Info.
Infosec by Paul will finally be coming back to life shortly. I need to update some of the software on the site, but hopefully within the week the site will be active again. I apologize for the long break and will continue my consumer security news soon.
Published April 20th, 2007
in General Info.
I am at a very busy crossroads in my life and will be taking the next month off from writing this blog. In that month I will also be considering where I want this blog to go. I have been thinking lately of making it more of an opinion based blog and possibly opening it up to more than just security. If something like that happens, Infosec By Paul would not be such a fitting name any longer so there may be some major naming and address changes for the blog.
Check back in May to see where this is going to go…
Published April 17th, 2007
in Online Safety and Software.
Toolbars have been popping up from security vendors such as Symantec and McAfee lately that will assist in helping you to identify if a website that you are on is a safe or unsafe site. Typically these toolbars have been using a database of known bad sites to identify the good from the bad. Recently these tools have been reworked and now do a little something extra.
McAfee’s SiteAdvisor and Finjan’s SecureBrowsing plugins allow users to not only see how safe the site is that they are currently on but will also allow the user to see how safe the sites are inside of a Google, MSN, or Yahoo search, or links inside of popular IM clients, email clients such as Gmail and Hotmail, and in some social networking clients such as MySpace and Blogger.
This is a big step forward in the technology. It now not only checks a database for known bad sites, but it also examines the pages one by one actively as you view them or as a link to the page appears on the website you are currently on. For example, you could be searching for “Cats” in google, when the results come up they will have a green, yellow, or red icon next to each one to indicate if they are safe or not. Check out the links above for more information and to download the software. Every little bit that we can get to help identify malicious sites is helpful since the creators of these sites are becoming very good at what they do.
Published April 17th, 2007
in Online Safety.
Chris Jenkins from the washingtonpost.com site had an interesting article this weekend about stalkers in today’s society. Apparently they are moving from physically stalking people to stalking them through means of cheaply acquired, or free technology. People are starting to get into their victim’s email by stealing or guessing passwords or they are placing GPS devices on their victim’s belongings to track them in their day to day activities.
While I wouldn’t get paranoid about it (unless you have really pissed someone off), it is a good read to make you aware of what is possible. Check the story out over at the washingtonpost.com
Published April 17th, 2007
in Online Safety.
As the final day for filing taxes is upon us we once again encounter malicious websites that try to connivence people to file their taxes with them. These sites will accept the information from a user and then change the bank account information to that of the attacker, then they will file the taxes with the IRS so that they can obtain your refund.
The House voted on Tuesday to punish these types of sites. While this is a good step towards doing away with these malicious sites, the penalties often do not outweigh the gains that the site owners gain from such a fraud. The maximum penalty in this case is $25,000 or 1 year in prison, Often these sites will make much more than the maximum fine, which is why the sites continue to pop up.
The IRS said that this is a problem every year around the end of tax season. I highly doubt that this is an issue that will end any time soon, especially if the maximum penalty remains so low. If you are filing your taxes online this year, make sure to go directly to your tax preparer’s website by manually typing the address in or go to www.irs.gov for further information.
Published April 17th, 2007
in Security Risk!.
Skype is an online phone service that also offers chat, similar to or Instant Messenger clients such as MSN and AIM. The attacker sends a link to a malicious file in an instant message. When the user clicks on the link the file will download on the machine and then anything is possible. Currently the file only resends itself too everyone in your Skype contact list, sets your Skype status to “Do Not Disturb” and shows pictures of women.
It has long been known not to click on suspicious links in an instant message, this kind of attack is nothing new. If you are a Skype user, or the user of any other instant message, do not click on the links in messages that are received from people you do not know and you will be ok.
Published April 15th, 2007
in Online Safety.
CNet.com has put together a portal for information on keeping your kids safe online. The page includes links to things such as how parents can keep tabs on their kids, cyberbullying, net threats, and more. This is a page that all parents need to check out.
Published April 13th, 2007
in Security Risk! and Online Safety.
Attackers have are constantly trying to figure out a new way to get into your system. It used to be a great deal easier for them before users were educated about computer security. Now many users know not to click on suspicious links as it may bring loads of malware with it. Attackers have turned lately to something known as social engineering. An attacker will gain a users trust through social engineering by appealing to the user in some way.
Recently attackers have been sending out email with subjects about current top news stories. Users who want to know more about the story will inevitably open the email without thinking. They will then see in the email that they must download the story, which is conveniently attached to the email. The user, being so interested in the story, will download the story. The download may actually open a news story for the user to read, but in the background malicious software is now running on the system.
The software of choice lately has be a worm, and sometimes a trojan horse. These programs lay the ground work to turn the machine into a zombie. A zombie PC is one that can be called upon at any time by the attacker. The machine will work normally for the user until the attacker calls on it through the internet. The machine will then perform any task that is asked of it by the attacker.
I constantly ask people to be very cautious with their emails and their attachments. Some advice by CNet.com is to scan all email attachments before opening them with your anti-virus scanner. I also tell people to contact the person who sent you the attachment on the phone, see if they really did send it, and even then, exercise some caution.
Attackers are very resourceful, and can seem very trust worthy.
Published April 9th, 2007
in Updates/Patches.
Apple released a firmware update to their new wireless N router, the Airport Extreme Base station. The firmware fixes two security related issues with the current hardware. The first fix involves IPv6, the next version of IP addressing, something used to give all devices on the internet a unique address. By default this was turned on, but the firmware disables IPv6 from outside networks automatically.
The next issue that was fixed related to the Airport disk. On the Airport Extreme base station you can attach an external USB hard drive to share it across the network. You can setup a password for access to this drive, but under the prior version of the base station you could still view the names of the files on the hard drive without having the password. This is what the second portion of Apples updated firmware corrects. You can no longer view the file names without the password for the drive.
You can install this update through the Airport utility software that came with your Airport Extreme base station.