Ghostery

Ghostery tracks the invisible web. Over 200 advertisers, hidden data collectors, ad networks, and web publishers are available for your perusal. There are plenty of great reviews for this sweet little extension. I wouldn’t leave my browser without it! Ghostery is available for Firefox, Internet Explorer, and Google Chrome.

Linux Magazine says “Tags, Web bugs, pixels, and beacons are all used to gather information about your Web habits. Ghostery is designed to block these unwelcome guests.”

Groovypost further expounds upon the value of using Ghostery, stating that it will “tell you exactly who is following your online surfing whether it be advertisers, analytics, or malicious tracking, Ghostery will keep you in the know.”

ReadWriteWeb: “Ever wanted to have instant information about any trackers used by a website you visit? Then take a look at Ghostery.”

Find out more about Ghostery at their website.

On Twitter Follow @ghostery | Become a fan of Ghostery On Facebook

*******************************

PDFmyURL

PDFmyURLis a neat little web app that can turn any url or web page into a PDF file instantly.Just type the url into the box, click the fancy P icon, wait for a few seconds, then download the file that appears in your browser.  Viola, you now have a very sharp and professional looking pdf file.

Before you leave the site don’t forget to click and drag their bookmarklet into the bookmarks toolbar of your web browser. You will now be able to turn any website into a pdf file by simply clicking on the bookmarklet of the site that you would like to turn into a pdf file!

The basic service is free.  If you want the more advanced features you can buy a one-year personal license for unlimited use of PDFmyURL at $9.95 USD. Options include removal of the PDFmyURL logo from downloaded PDF’s, the ability to set and save personal preferences, PDF orientation, and a slew of other options.

Example PDF File from the Tekblog:

Find out more about PDFmyURL at their website.

On Twitter Follow @PDFmyURL | Become a fan of PDFmyURL On Facebook

Until next time — Stay safe online!

12 Steps to a more secure Internet experience

Everyone who is a licensed driver initially had to pass a driving test that consisted of taking:

1. a written test
2. a road test
3. a vision test

Learning traffic laws and knowledge of what each road sign means is integral in facilitating an orderly and timely flow of traffic. Common sense dictates that all good drivers will attempt to avoid collisions with vehicles, objects, and pedestrians.

Do you know how to drive on the Internet?

Having little or no Internet knowledge can greatly impede Internet security concerns and expose home users to viruses, malware, botnets, rootkits, and a host of other data breaching vulnerabilities.

In essence, home users are the unlicensed drivers of the Internet. There are no prerequisite tests to pass.  Anyone can use the Internet as long as they have the correct components and services.  All you need to get on the Internet is hardware (computer and modem) and an Internet Service Provider (ISP), and you are good to go!

In reality, the Internet is the Wild Wild West of the 21st century. We do not want to live by government regulation or censorship, but, at the same time, most of us want to be able to travel the Internet safely.

The Internet itself is a dichotomy. It is the weakest link in attracting unscrupulous characters; the strongest link in disseminating information; entirely dependent upon a global backbone to support its digital structure; and independent of global boundaries. The Internet is the Yin and Yang of the information age, though ostensibly robust, it is the same time extremely vulnerable to client-side, web application, and zero-day vulnerabilities.

Where should you begin?

There should be some simple rules in place that all home users should follow prior to using the internet. You should (at minimum) read Internet 101 from wiredsafety.org to learn the basics.

Internet security for the home user should involve a layered approach.

When using a layered approach you would not depend upon just one security suite to become the total answer for all of your Internet security needs. Any single defense can be flawed. Instead, you should rely upon a combination of security products and strategies to effectively manage your Internet security.

“Layered security is about multiple types of security measures, each protecting against a different vector for attack.” — Chad Perrin, TechRepublic

Within the various security suites there is generally one or more components that may suffer a weakness or two. For example:  BitDefender Internet Security 2010 has an excellent anti-virus scanner but has weak anti-spyware scanning capabilities.  Though Webroot Internet Security Essentials 2010 rates high overall, the firewall is time consuming and difficult to configure. The suite also lacks parental controls, though they do offer a parental control product that is sold separately. Though Trend Micro Internet Security Pro includes an exhaustive feature base including backup and registry cleaning, their terminology differs from the industry standard and could potentially confuse a new user.

12 Steps to a more secure Internet experience

Review the Security Checklist Here

1. Test PC security at a trusted site (see security checklist)

2. Do not use a windows administrator account to surf the Internet. Microsoft recommends Setting up a Limited User account for Internet use.

If you are using an administrator account to surf the web and you get attacked from malicious software, the attacker can gain access to your computer through the administrator account. On the other hand, if you are using a limited account and get attacked from malicious software, the attacker only has limited access and won’t be able to do much of anything! (see security checklist for instructions)

3. Always create STRONG passwords.

Use strong passwords to keep the bad guys out, this should be your first line of defense.  Never use personal details or easy to guess passwords, and do not use the same password at every online site!

4. Keep your PC updated using Windows automatic update

5. Keep your anti-virus software (suite) up to date (be sure it is set to auto-update).

6. Run anti-spyware/anti-malware scans on a regular basis (see security checklist for instructions)

7. The ideal firewall configuration consists of both a  software and a hardware firewall

A software firewall is software program that helps protect a computer from unauthorized access.  It has built-in filters  that can prevent dangerous material from entering your computer.

A Hardware firewall can provide a strong degree of protection from most forms of external attack and can be configured without much configuration difficulty.  A hardware firewall is generally a small metal or plastic box filled with plug openings or ports. You would hook your computer up to this metal or plastic box via a network cable. Hardware firewalls do not prevent viruses.

8. Scan and detect application and plug-in vulnerabilities by using a software vulnerability scanner

Scan with Secunia PSI – This Personal Software Inspector program is automated and designed to scan and detect vulnerable, out-dated applications and plug-ins that expose your PC to attacks.

9. RUN a Host Intrusion Prevention System [HIPS]

In general terms a HIPS program seeks to retain the integrity of the system in which it is installed by preventing changes to that system from unauthorized sources. Normally it does this by generating a security popup alert asking the user whether any change should be authorized.  –Gizmo

10. Use link scanners for Internet protection from malicious websites (see security checklist)

11. Delete all Flash cookies on a regular basis (see security checklist)

12. Always BACK-UP.  Back-up your back-up too!

Now that we have covered security basics you should get better mileage out of your Internet experience.  For excellent Internet Security updates follow Security_FAQs on Twitter.  Be sure to follow his security lists too!

http://twitter.com/Security_FAQs/internet-security-2

http://twitter.com/Security_FAQs/internet-security-3

http://twitter.com/Security_FAQs/internet-security-4

Until next time — Stay safe online!

Update for July 3, 2010:  Whatever happened to #ch140 on #Twitter?

____________

While working on a Google doc about windows security tips for home users this afternoon, I asked @mikerigsby [Twitter] for windows security advice.  Mike responded that he could “type “home internet security tips” into Google & 2 out of 1st 10 hits is malware.”

This revelation alerted @technobozo (Donna) to ask “Mike, where did you come up with those stats?”  Mike responded, “it’s not an official %. Just from my personal experience.”

Unfortunately, we did not #tag these tweets, so I took the liberty to place this conversation into a Google doc – enjoy!

NOW Let’s continue in 140ch…

As Donna ended the conversation with >140ch, she left Mike and I completely dummiefied. Behind the scenes, we were direct messaging what “140ch” could possibly mean!

D mikerigsby “what is 140ch?”
D teksquisite “Lol. I was wondering the same thing.”
D teksquisite “140 characters but I totally didn’t get it either so don’t feel bad. Lol”
D mikerigsby “it just means 140 characters later! I was thinking it was 4square and meet in room 140ch LOL”
[Obviously I know nothing about Foursquare]

Until Next time – Stay safe online!

Recently, While watching the twitter public_timeline (TPT), I managed to get myself tangled up in an uncomfortable situation online.  While on the TPT I came across an alleged hacktivist, became overly curious, and followed up by conducting private research to better understand the intentions behind his or her hacktivism activities.

It wasn’t long before I began to notice discrepancies in the hacktivist’s focused cyber attacks. While conversing with this particular hacktivist I also drew some curious head shakes from security experts who allegedly had connections with the US government (AC).

In a nutshell, I managed to upset both the hacktivist and the AC’s! All of this online drama came about because I unintentionally set myself up for such a situation to occur.  Some of you may be wondering why I even bothered to pursue following and questioning such a controversial profile.

For as long as I can remember I’ve always been inherently curious. I was one of those kids who would find Santa’s hidden stash and secretly unwrap everyone’s Christmas gifts, then re-wrap all of the gifts back to perfection. Perhaps I was checking gift equality or I was just a nosy kid. Whatever the reason behind such invasive curiosity, this curiosity beast is one that I have to fend off and suppress on a consistent basis!

This type of curiosity could have easily become a Teksquisite reputation downfall. I could have been targeted both by the hacktivist and by government investigations. Though I did receive some direct communications via messaging and phone regarding statements I made about the hacktivist on twitter, I was not aware until much later in the game (by other concerned security
professionals) that this was a situation that I should graciously remove myself from.

“Harassment comes in many different forms and is not limited to physical or verbal abuse. Harassment can occur in any media or forum in which individuals interact.” –The Free Library

3 important steps to extricate yourself from situational cyberharassment

1. NEVER respond to flames.
2. NEVER confront the individual(s) with evidence or accusations
3. Remove yourself immediately from all hostile situations

The above steps should sever any type of online harassment situation almost immediately.  Although there may be some negative fallout from my particular situation, I anticipate that the steps I have taken above will successfully eliminate the possibility that cyberharassment will continue to exist.

If the above steps do not resolve a cyberharassment situation, you may be looking at the more serious case of cyberstalking.

“Cyberstalking and cyberharassment are very similar. Most people use them interchangeably, but there is a subtle distinction, typically relating to the perpetrator’s intent and the original motivation for their behavior.”

“While the two situations usually involve many of the same online tactics, cyberstalking is almost always characterized by the stalker relentlessly pursuing his\her victim online and is much more likely to include some form of offline attack, as well. This offline aspect makes it a more serious situation as it can easily lead to dangerous physical contact, if the victim’s location is known.” –Wiredsafety

In the past I have voluntarily worked with both Wiredsafety.org as an Internet Security Specialist and HaltAbuse.org as an Internet Security Advocate. Both organizations offer extensive help to victims of cyberstalking. If you are involved in an online situation that has escalated beyond the status of cyberharassment, be sure to contact one of the organizations listed above for further information on how to protect yourself online.

Until next time – stay safe online!

With the advent of banking Trojans  such as the Clampi virus spreading like wildfire across the Internet, the security of online banking and financial transactions needs to be addressed more so than at any other time in history.   The virus, called Clampi, “is pretty scary,” says Tim Wilson, editor of DarkReading, a technology security news site. “It’s worth worrying about.”  –USA Today

In mid-July 2009, an account manager at Ferma Corporation in Mountainview, CA logged in to the company bank account to pay bills online and within minutes his session was hacked in real time, forcing the company to suffer a devastating financial loss.  Why? Computer forensics revealed that the account manager had initially visited an infected website;  malicious malware was able to download to his PC while the malware secretly conducted 27 transactions totaling $447,000 loss to Ferma Corporation.

Windows operating systems are precariously dominant in securing infection via malware drive-by downloads, and consistently targeted by cyber-criminals.    Contracting a banking or financial Trojan is as simple as clicking on a tainted web page –  if your operating system has been  compromised or is vulnerable to attack.  With all the new malware variants morphing on a daily and sometimes hourly basis, Microsoft Windows continues to be the most vulnerable operating system on the planet.

A small business can minimize the risk of Internet fraud by:

Following the seven ways to secure your computer as outlined at Telegraph.co.uk and installing an extra layer of security such as Zemana AntiLogger.

Uber paranoid methods of protecting your financial transactions online:

Locking down and dedicating one windows workstation (fire-walled) that is isolated from the local network and is only able to access specific financial sites that are necessary to conduct financial transactions for the company.

Using a different operating system such as Ubuntu to perform all financial transactions for the company.  Let the OS handle all security, login to a limited account,  and always have the computer connected to a hardware firewall.

Until next time — Stay safe online!