Security

Cleanse Your Browser & VPN Services

As mentioned in my newsletter, to keep your Internet activities private, you should cleanse your browser history and cache contents, as well as setting up a VPN connection.

As you know, there are quite a selection of browsers: Internet Explorer, Edge, Chrome, Safari, Firefox, Opera and more.  The procedure to remove history and cache contents is different depending on your browser.  This website (www.refreshyourcache.com) gives excellent instructions on how to accomplish this for all these browsers.

For VPN services, here are 4 alternatives that deserve some attention, among many others:

  1. OpenVPN – free
  2. ExpressVPN  – $6.67 per month.
  3. NordVPN – $2.75 per month.
  4. CyberGhost – $2.75 per month.

They are very easy to install, connect and have different features as well as number of VPN servers around the world. Using VPN ensures your Internet communication is secure and confidential.

May the privacy be with you!

Cybersecurity 101

My first encounter of computer breach happened almost 40 years ago when I just started as a systems programmer after graduating from MIT. My computer terminal was mis-behaving at random intervals.  Sensing a potential intruder, I wrote a small system utility to monitor and trap the offender.  Once trapped, my utility would identify and lock the hacker’s computer, display a 5-second count down clock and promptly crash the computer when the clock ticked to 0.  It didn’t take long to identify and confront the culprit. I smacked his head with a rolled up newspaper!

Fast forward to now. With the proliferation of Internet, cyberhackings are much more frequent, complex and damaging nowadays.  We hear and remember high-profile ones like Equifax, Home Depot, Target, Sony…  But according to 2016 State of SMB Cybersecurity Report, almost 50% of small businesses got hacked.

“Most small-business owners don’t think they’re at risk. As a result, … they are indeed ill-prepared to safeguard against an attack,” said Bryan Seely, a network engineer famous for hacking into the FBI.

You, my business customers, are small businesses.  I have to care. I don’t want you to fail. Yes, I know about antivirus software, firewalls and encryption.  But that’s baby stuff and I know there’s so much that I don’t know. So,

In a moment of insanity, I signed up a course on Cybersecurity: Technology, Application and Poilicy from MIT xPro.  I instantly regretted my witless decision after looking at the ridiculous syllabus, plus there’s a test weekly for 6 weeks before the final exam. Arrrrgh.

It started this week….  and I’m happy to report that MIT professors haven’t changed.  It’s fire hose water boarding time.  I just took week 1 assessment test…. We’ll see.

Drop me a line if you are curious about information flow tracking, taint propagation, trusted computing base, fully homomorphic encryption or obliviuos random access memory.

Am I having fun yet?!

Computer Scam Log Entry #4

Fake Email #4: Accountant receives email from colleague with invoice to pay vendor via wire payment.

Visiting Geeks: The from email address was correct and clicking the blue “from email” link shows colleague’s correct email address.  Forwarding the invoice was also usual procedure except the content to wire payment raised suspicion from the accountant and alerted Visiting Geeks. Visiting Geeks examines the email message routing details and determined that it was sent from Lagos, Nigeria.  This kind of spoofing is done frequently by criminals and not too difficult to carry out.  It doesn’t necessary mean that the colleague or the accountant’s  computers were compromised.

Take Away:  Even legitimate looking emails could be a scam. Anything out of the ordinary should raise an alarm.