These 5 streaming music services lead the pack http://bit.ly/nDLyCN
Our techs can help you make this choice & many more!
GeeksOnCall.com
Wednesday, July 27, 2011
These 5 streaming music services lead the pack
Whether you prefer free streaming at your computer, paid streaming on the go or the ability to host your own music in the cloud, there are more streaming music services coming online now than ever before. Here's a look at five of the most popular ones.
We asked readers which streaming music services you preferred, now that there are so many new contenders and old names that offer new features. You responded, and the votes are in. Now we're back to highlight your top five.
Spotify
Spotify has long been one of the most popular streaming music services across the pond, and the service's launch in the U.S. last week certainly earned it some fans. Spotify has a music library at least 15 million songs large, free and tiered premium plans ($4.99/month for Unlimited and $9.99/month for Premium) and support for most major desktop and mobile operating systems. Plus its wide userbase, partnership with Facebook and growing popularity mean you'll likely be able to find what you want to hear. Got your invite? Get started with our essential Spotify tools.
Grooveshark
Grooveshark is another of our favorite streaming services. Completely free, unless you want mobile access, Grooveshark boasts a huge library of user-uploaded songs, mashups, remixes and more. The service makes it incredibly easy to hop over, type in a song you want to hear and click play to just hear it, no accounts, strings or payment plans attached. You'll have to pay for the desktop player (essentially an AIR version of the site) and the mobile app ($6/month for Plus removes ads, $9/month for Anywhere adds the mobile app) but if you have playlists and friends using Grooveshark, it may be worth it. The last time we asked, Grooveshark was your favorite streaming music service.
Pandora
Built on the Music Genome Project, Pandora was one of the first Internet-radio services, able to propose songs to you based on songs that you've previously enjoyed. Pandora is still one of the most popular music discovery services available. It's not music on-demand, as in you can't request a specific song and hear it, but it does an unparalleled job at introducing you to new bands, artists and songs you may like. The service is free, although ad-supported and with limited listening time and lower audio quality. Pay for Pandora One ($36/year) to remove ads, bump up the audio quality and get unlimited listening, as well as a desktop player.
Google Music Beta
While Google Music doesn't really offer streaming in the same way the other services do, you do get storage for 20,000 of your own songs and the ability to access them from any web-connected computer and your Android phone. Even though the service is still in beta, it's already one of the most popular cloud music services. When you sign up, Google gives you some songs to listen to, but you're expected to upload your own. Once you do, you have access to them anywhere you go. Google Music is completely free.
Rdio
Rdio is a social music service, and what you have to listen to is highly influenced by what your friends are listening to and enjoying. The service crashed on the scene last year to rave reviews for its broad music library, social features and shared albums and playlists, and mobile apps for just about every smartphone platform. You can look around for music, but Rdio does a great job of getting you interested in the things that your friends are listening to first, and then leading you from there. You can try Rdio for free for a week, but after that it's either $4.99 to use it on the web or $9.99 for web and mobile access, and the ability to download songs for offline play.
Now that you've seen the top five, it's time to vote for an all-out winner.
This week there was a three-way tie for No. 6, all worth noting as honorable mentions: MOG, another subscription-based music service that's well loved for its 11 million-song library, and impressive radio and music discovery features, tied with Microsoft's Zune Pass, which exceeds the media player that spawned it. Zune Pass has a massive music library, a beautiful desktop player and offers subscription and pay-per-download options. Subscribers get credits they can spend on songs to download and keep forever each month. Rhapsody also tied, sporting 12 million songs, mobile and desktop apps for streaming and downloading, and tiered subscription plans based on the features you need.
Our techs can help you make this choice and many more!
Visit GeeksOnCall.com or Call 1-800-905-4335
We asked readers which streaming music services you preferred, now that there are so many new contenders and old names that offer new features. You responded, and the votes are in. Now we're back to highlight your top five.
Spotify
Spotify has long been one of the most popular streaming music services across the pond, and the service's launch in the U.S. last week certainly earned it some fans. Spotify has a music library at least 15 million songs large, free and tiered premium plans ($4.99/month for Unlimited and $9.99/month for Premium) and support for most major desktop and mobile operating systems. Plus its wide userbase, partnership with Facebook and growing popularity mean you'll likely be able to find what you want to hear. Got your invite? Get started with our essential Spotify tools.
Grooveshark
Grooveshark is another of our favorite streaming services. Completely free, unless you want mobile access, Grooveshark boasts a huge library of user-uploaded songs, mashups, remixes and more. The service makes it incredibly easy to hop over, type in a song you want to hear and click play to just hear it, no accounts, strings or payment plans attached. You'll have to pay for the desktop player (essentially an AIR version of the site) and the mobile app ($6/month for Plus removes ads, $9/month for Anywhere adds the mobile app) but if you have playlists and friends using Grooveshark, it may be worth it. The last time we asked, Grooveshark was your favorite streaming music service.
Pandora
Built on the Music Genome Project, Pandora was one of the first Internet-radio services, able to propose songs to you based on songs that you've previously enjoyed. Pandora is still one of the most popular music discovery services available. It's not music on-demand, as in you can't request a specific song and hear it, but it does an unparalleled job at introducing you to new bands, artists and songs you may like. The service is free, although ad-supported and with limited listening time and lower audio quality. Pay for Pandora One ($36/year) to remove ads, bump up the audio quality and get unlimited listening, as well as a desktop player.
Google Music Beta
While Google Music doesn't really offer streaming in the same way the other services do, you do get storage for 20,000 of your own songs and the ability to access them from any web-connected computer and your Android phone. Even though the service is still in beta, it's already one of the most popular cloud music services. When you sign up, Google gives you some songs to listen to, but you're expected to upload your own. Once you do, you have access to them anywhere you go. Google Music is completely free.
Rdio
Rdio is a social music service, and what you have to listen to is highly influenced by what your friends are listening to and enjoying. The service crashed on the scene last year to rave reviews for its broad music library, social features and shared albums and playlists, and mobile apps for just about every smartphone platform. You can look around for music, but Rdio does a great job of getting you interested in the things that your friends are listening to first, and then leading you from there. You can try Rdio for free for a week, but after that it's either $4.99 to use it on the web or $9.99 for web and mobile access, and the ability to download songs for offline play.
Now that you've seen the top five, it's time to vote for an all-out winner.
This week there was a three-way tie for No. 6, all worth noting as honorable mentions: MOG, another subscription-based music service that's well loved for its 11 million-song library, and impressive radio and music discovery features, tied with Microsoft's Zune Pass, which exceeds the media player that spawned it. Zune Pass has a massive music library, a beautiful desktop player and offers subscription and pay-per-download options. Subscribers get credits they can spend on songs to download and keep forever each month. Rhapsody also tied, sporting 12 million songs, mobile and desktop apps for streaming and downloading, and tiered subscription plans based on the features you need.
Our techs can help you make this choice and many more!
Visit GeeksOnCall.com or Call 1-800-905-4335
Tuesday, July 26, 2011
Low-tech Internet scams harvest billions of dollars
http://bit.ly/qKbXcc
Protect your data and your money!
Visit GeeksOnCall.com
http://bit.ly/qKbXcc
Protect your data and your money!
Visit GeeksOnCall.com
Low-tech Internet scams harvest billions of dollars
Those poorly written spam e-mails often seem more annoying than threatening, but they can wreak financial havoc on their victims. Precise statistics are hard to pin down, but experts believe global Internet fraud scams people out of hundreds of millions to billions of dollars each year.
Internet fraudsters have traditionally preyed on the vulnerable, including older victims who aren't as well-versed in computer technology. But scammers' skills at deception have improved so greatly over the years that even seasoned Internet users often have to do a double-take before they realize they've been duped.
For instance, a widely used, relatively new scheme that's difficult to detect features pop-up notifications that look just like antivirus software alerts. They usually say something to the effect of, "Your computer has been infected with 49 viruses, click OK to quarantine them."
Clicking OK sends the user to a website that claims their antivirus software license has expired, and a payment needs to be made before the virus problem can be mitigated.
These sites look completely legitimate -- and, adding to the scheme's plausibility, many of the spoofed websites even have working customer service phone numbers with "operators" on the other end of the line who will gladly take your money.
Another stealthily and fast-growing attack is called "spear phishing": sending e-mails to specific recipients from spoofed addresses that look completely legitimate. The attacks often appear to be from loved ones, claiming to be in an emergency situation and asking for money.
These schemes show that Internet scam artists, who had long been thought of as too unsophisticated to be considered real "hackers," are venturing into the realm of some of the more expert cybercriminals.
"Now, there isn't a very big gap in their capabilities," said Dave Aitel, president of security firm Immunity Inc. and a former computer scientist at the National Security Agency. "Re-shippers and check fraudsters are now just an arm of organized cybercrime."
Social hacking
Unlike their organized counterparts, online fraudsters tend to live below the poverty line and lack legitimate employment opportunities, according to Eric Fiterman, founder of security startup Rogue Networks and a former FBI cybersecurity special agent. Many steal to survive.
Even without the vast resources or technical skill of their more advanced criminal peers, Internet fraudsters are good enough at trickery to make their schemes successful.
"You could be a check fraudster with no technical skills, just social engineering skills," said Ajay Gupta, CEO of Gsecurity, an IT security contractor.
One common scheme asks people to deposit a check in their bank for a large sum and then wire most of that money to a recipient in a foreign country -- usually Nigeria.
"It sounds so obvious; alarm bells should be going off that this is a crime," Gupta said. "But the check that person receives look absolutely legit. Banks think it's real too."
Of course, check fraud and other scams are far from a new phenomenon. But the Internet has given fraudsters the platform they need to make their "business" profitable.
"Check fraud has been going on since we have had checks," said Bill Pennington, CEO of WhiteHat Security, a website security company. "What's new is that the Internet has taken down all geographical barriers. My grandmother did not have to worry about running into a Nigerian check fraudster at the grocery store."
The vast majority of people immediately identify these schemes as frauds, so fraudsters like to cast as wide a net as possible. Spam is one of the primary tools they use. The fraudsters often rent out botnets -- very large groups of compromised computers -- to send their messages to thousands, even millions, of recipients.
"They're casting wider and wider nets," said Angelo Comazzetto, product manager at IT security company Astaro Corp. "If they used to send 10,000 e-mails and get just a 1% response, now they'll send 10 million e-mails and get a 0.03% response."
Fraudsters don't just spam; they also prey on people using dating sites, job sites and classifieds.
For instance, AOL (AOL) autos, Craigslist or other online used car classifieds often host ads for cars at half their Kelley Blue Book value. If you inquire about the car, the seller will ask you to wire them a down payment before they ship you the car -- an irreversible transaction that siphons off money you'll never see again, never mind the car.
Just like in the offline world, Internet scam artists lure unsuspecting victims in by using very real-sounding, but fake charities, "make money from home" schemes, and deals. As you'd suspect, fraudsters don't have many scruples. Some recently took advantage of the California wildfires, for instance, setting up fake insurance websites aimed at victims.
Individuals aren't the only ones to be targeted by scam artists.
E-tailers face the threat of so-called "re-shippers," who buy merchandise with stolen or fake credit card numbers, or reverse their PayPal or credit-card payments after they've received the goods.
There are a few tip-offs of likely fraud -- mismatched billing and shipping addresses are a big red flag -- but few e-tailers have the resources to investigate every suspicious order.
"It's a sad call I have to make when someone pays with a stolen credit card, and I have to let the credit card's real owner know," said Michael Ellison, vice president of IT solutions retailer Virtual Graffiti. "It happens all the time."
When done well, the schemes can be very difficult to detect. Still, even with their improving skills, Internet scam artists don't come close to the capabilities -- or success rate -- of their counterparts in organized crime syndicates.
Protect your data and your money!
Visit GeeksOnCall.com or call 1-800-905-4335
Internet fraudsters have traditionally preyed on the vulnerable, including older victims who aren't as well-versed in computer technology. But scammers' skills at deception have improved so greatly over the years that even seasoned Internet users often have to do a double-take before they realize they've been duped.
For instance, a widely used, relatively new scheme that's difficult to detect features pop-up notifications that look just like antivirus software alerts. They usually say something to the effect of, "Your computer has been infected with 49 viruses, click OK to quarantine them."
Clicking OK sends the user to a website that claims their antivirus software license has expired, and a payment needs to be made before the virus problem can be mitigated.
These sites look completely legitimate -- and, adding to the scheme's plausibility, many of the spoofed websites even have working customer service phone numbers with "operators" on the other end of the line who will gladly take your money.
Another stealthily and fast-growing attack is called "spear phishing": sending e-mails to specific recipients from spoofed addresses that look completely legitimate. The attacks often appear to be from loved ones, claiming to be in an emergency situation and asking for money.
These schemes show that Internet scam artists, who had long been thought of as too unsophisticated to be considered real "hackers," are venturing into the realm of some of the more expert cybercriminals.
"Now, there isn't a very big gap in their capabilities," said Dave Aitel, president of security firm Immunity Inc. and a former computer scientist at the National Security Agency. "Re-shippers and check fraudsters are now just an arm of organized cybercrime."
Social hacking
Unlike their organized counterparts, online fraudsters tend to live below the poverty line and lack legitimate employment opportunities, according to Eric Fiterman, founder of security startup Rogue Networks and a former FBI cybersecurity special agent. Many steal to survive.
Even without the vast resources or technical skill of their more advanced criminal peers, Internet fraudsters are good enough at trickery to make their schemes successful.
"You could be a check fraudster with no technical skills, just social engineering skills," said Ajay Gupta, CEO of Gsecurity, an IT security contractor.
One common scheme asks people to deposit a check in their bank for a large sum and then wire most of that money to a recipient in a foreign country -- usually Nigeria.
"It sounds so obvious; alarm bells should be going off that this is a crime," Gupta said. "But the check that person receives look absolutely legit. Banks think it's real too."
Of course, check fraud and other scams are far from a new phenomenon. But the Internet has given fraudsters the platform they need to make their "business" profitable.
"Check fraud has been going on since we have had checks," said Bill Pennington, CEO of WhiteHat Security, a website security company. "What's new is that the Internet has taken down all geographical barriers. My grandmother did not have to worry about running into a Nigerian check fraudster at the grocery store."
The vast majority of people immediately identify these schemes as frauds, so fraudsters like to cast as wide a net as possible. Spam is one of the primary tools they use. The fraudsters often rent out botnets -- very large groups of compromised computers -- to send their messages to thousands, even millions, of recipients.
"They're casting wider and wider nets," said Angelo Comazzetto, product manager at IT security company Astaro Corp. "If they used to send 10,000 e-mails and get just a 1% response, now they'll send 10 million e-mails and get a 0.03% response."
Fraudsters don't just spam; they also prey on people using dating sites, job sites and classifieds.
For instance, AOL (AOL) autos, Craigslist or other online used car classifieds often host ads for cars at half their Kelley Blue Book value. If you inquire about the car, the seller will ask you to wire them a down payment before they ship you the car -- an irreversible transaction that siphons off money you'll never see again, never mind the car.
Just like in the offline world, Internet scam artists lure unsuspecting victims in by using very real-sounding, but fake charities, "make money from home" schemes, and deals. As you'd suspect, fraudsters don't have many scruples. Some recently took advantage of the California wildfires, for instance, setting up fake insurance websites aimed at victims.
Individuals aren't the only ones to be targeted by scam artists.
E-tailers face the threat of so-called "re-shippers," who buy merchandise with stolen or fake credit card numbers, or reverse their PayPal or credit-card payments after they've received the goods.
There are a few tip-offs of likely fraud -- mismatched billing and shipping addresses are a big red flag -- but few e-tailers have the resources to investigate every suspicious order.
"It's a sad call I have to make when someone pays with a stolen credit card, and I have to let the credit card's real owner know," said Michael Ellison, vice president of IT solutions retailer Virtual Graffiti. "It happens all the time."
When done well, the schemes can be very difficult to detect. Still, even with their improving skills, Internet scam artists don't come close to the capabilities -- or success rate -- of their counterparts in organized crime syndicates.
Protect your data and your money!
Visit GeeksOnCall.com or call 1-800-905-4335
Monday, July 25, 2011
Mac batteries could be hot tool for hackers http://bit.ly/qcIBgZ
Make sure your computer is safe
Visit GeeksOnCall.com or 1-800-905-4335
Make sure your computer is safe
Visit GeeksOnCall.com or 1-800-905-4335
Mac batteries could be hot tool for hackers
msnbc.com - 7/22/2011
Suzanne Choney
We worry a lot about our computers' -- and increasingly our phones' -- security vulnerabilities. But how could a laptop's battery be used for malware or other mischief?
It might, at least in some Mac batteries, according to security researcher Charlie Miller, who has previously discovered exploits in iPhones and iPads as well as the Android mobile operating system.
Miller says modern batteries in laptops like MacBooks, MacBook Pros and MacBook Airs have an embedded chip to help the batteries perform more efficiently. But those chips have default passwords that could be easy for a hacker to figure out, he says, then potentially plant malware that infects the laptop. Troublemakers could even mess with the battery itself to the point it catches fire or explodes, he says.
He knows first-hand, after essentially testing his theory out and destroying seven batteries (with some of fruits of his handiwork shown in the photo above).
"These batteries just aren't designed with the idea that people will mess with them," Miller told Forbes. "What I'm showing is that it's possible to use them to do something really bad."
Miller, who works for Accuvant Labs, plans to share a proposed fix for the potential problem at the Black Hat conference next month. A program called "Caulkgun" would change the battery "firmware's passwords to a random string, preventing the default password attack he used," Forbes said.
Miller says he has let Apple know about the problem, but has yet to hear back from the company.
Make sure your computer is safe!
Visit GeeksOnCall.com
1-800-905-4335
Suzanne Choney
We worry a lot about our computers' -- and increasingly our phones' -- security vulnerabilities. But how could a laptop's battery be used for malware or other mischief?
It might, at least in some Mac batteries, according to security researcher Charlie Miller, who has previously discovered exploits in iPhones and iPads as well as the Android mobile operating system.
Miller says modern batteries in laptops like MacBooks, MacBook Pros and MacBook Airs have an embedded chip to help the batteries perform more efficiently. But those chips have default passwords that could be easy for a hacker to figure out, he says, then potentially plant malware that infects the laptop. Troublemakers could even mess with the battery itself to the point it catches fire or explodes, he says.
He knows first-hand, after essentially testing his theory out and destroying seven batteries (with some of fruits of his handiwork shown in the photo above).
"These batteries just aren't designed with the idea that people will mess with them," Miller told Forbes. "What I'm showing is that it's possible to use them to do something really bad."
Miller, who works for Accuvant Labs, plans to share a proposed fix for the potential problem at the Black Hat conference next month. A program called "Caulkgun" would change the battery "firmware's passwords to a random string, preventing the default password attack he used," Forbes said.
Miller says he has let Apple know about the problem, but has yet to hear back from the company.
Make sure your computer is safe!
Visit GeeksOnCall.com
1-800-905-4335
Friday, July 22, 2011
Hackers Shift Attacks to Small Firms http://bit.ly/oqNuxm
Residential or Business- Geeks On Call can help you! Visit geeksoncall.com Now!
Residential or Business- Geeks On Call can help you! Visit geeksoncall.com Now!
Hackers Shift Attacks to Small Firms
wsj.com - 7/21/2011
Geoffrey A. Fowler and Ben Worthen
Recent hacking attacks on Sony Corp. and Lockheed Martin Corp. grabbed headlines. What happened at City Newsstand Inc. last year did not.
Unbeknownst to owner Joe Angelastri, cyber thieves planted a software program on the cash registers at his two Chicago-area magazine shops that sent customer credit-card numbers to Russia. MasterCard Inc. demanded an investigation, at Mr. Angelastri's expense, and the whole ordeal left him out about $22,000.
His experience highlights a growing threat to small businesses. Hackers are expanding their sights beyond multinationals to include any business that stores data in electronic form. Small companies, which are making the leap to computerized systems and digital records, have now become hackers' main target.
"Who would want to break into us?" asked Mr. Angelastri, who says the breach cut his annual profit in half. "We're not running a bank."
With limited budgets and few or no technical experts on staff, small businesses generally have weak security. Cyber criminals have taken notice. In 2010, the U.S. Secret Service and Verizon Communications Inc.'s forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa Inc. estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.
Hacking at small businesses "is a prolific problem," says Dean Kinsman, a special agent in the Federal Bureau of Investigation's cyber division, which has more than 400 active investigations into these crimes. "It's going to get much worse before it gets better."
In the time it takes to break into a major company like Citigroup Inc., a hacker could steal data from dozens of small businesses and not get detected, says Bryce Case Jr., a former hacker who broke into several government and corporate websites a decade ago and now runs an online message board for hackers called Digital Gangster. Now that small companies use computers, "the juice has become worth the squeeze," he says. "Even a pizza place has addresses, names and credit-card information."
Mr. Case, now a consultant in Colorado Springs, Colo., who helps small businesses identify security problems, has a trick for showing clients just how weak their systems are. He sometimes calls employees pretending to be a tech-department worker or consultant doing work for the boss and convinces them to tell him their passwords. "All you have to do is get a hold of one not-so-competent person and you're in," he says.
The fact that there are so many types of security threats makes it difficult for small firms to protect themselves. In April, the FBI issued an alert about a style of attack in which hackers steal a business's online banking login details and use them to transfer funds out of the business's account. That's what happened to Lease Duckwall just after 1 p.m. on Nov. 2, when someone logged into his company's bank account for Green Ford Sales Inc. in Abilene, Kan. The hacker added nine new employees to the car dealership's payroll and transferred $63,000 to them.
Mr. Duckwall learned about the transfers at 7:45 a.m. the next day. He called his bank, which froze the funds in six cases. But three payments had already been withdrawn by the recipients and the cash wired offshore.
"I don't have a clue" how or why his company was targeted, says Mr. Duckwall, who is still out about $22,000.
The costs of a breach can put a small company out of business. In 2006 and 2007, a Bellingham, Wash., restaurant called Burger Me LLC had its computerized cash register hacked. Criminals made untold numbers of fraudulent charges on customer credit cards.
After the incident, a credit-card company shut down Burger Me's account and put a hold on thousands of dollars in incoming payments, says Rich Griffith, its former owner. By late 2008, fees and lost business from not being able to accept credit cards put Mr. Griffith in so much debt--$12,000 for investigation and remediation costs alone--that he closed his formerly break-even burger joint.
The cyber attack "cost me my dream," says Mr. Griffith, 47 years old. The hacker who stole the data was never identified.
Financially motivated attacks typically rely on computer code that hackers plant on victims' computers, often as attachments or links in emails sent to employees. While these malicious programs are well known to security experts, hackers tweak them frequently enough to render them undetectable to antivirus software.
Bigger companies, while not immune, generally do a better job of protecting themselves. AT&T Inc., for example, has a command center with giant screens that track all the traffic on its network. Other large companies mine data for warning signs, taking note when an employee swipes an identity badge in New York only to log onto the network from California, for instance.
Smaller companies are less likely to grasp the security threat. A 2010 survey by the National Retail Federation and First Data Corp. of small- and medium-size retailers in the U.S. found that 64% believed their businesses weren't vulnerable to card data theft and only 49% had assessed their security safeguards.
One of the most common styles of attack on small businesses targets credit-card information that a hacker can sell or use to make fraudulent purchases. To gird against this, the major credit-card companies in 2006 formed an industry group called the Payment Card Industry Security Standards Council, which establishes minimum technical protections for businesses that accept credit cards.
While credit-card companies require all businesses that accept their cards to comply with those standards, known as PCI, they have few measures to enforce them for small businesses. Bob Russo, general manager of the PCI Council, says many small businesses neglect basic security measures such as changing default passwords.
Mr. Angelastri's case shows how even a business that tries to protect itself can fall victim to hackers.
A Chicago native, Mr. Angelastri, 52, started his company in 1978 when he bought out the small street corner newsstand he started working at after high school. Over the years, he grew his business to two 1,500-square-foot locations in Chicago and Evanston, Ill., carrying more than 5,000 different magazines.
City Newsstand didn't have a computer technician on staff. But Mr. Angelastri had decades of experience with computers after converting to a computer-based cash register in 1990. That first computerized register, known as a point-of-sale, or POS, system, wasn't hooked into the Internet. Every time it needed to process a credit card, it would use a telephone modem to log into the bank.
Four years ago, he upgraded to a now-standard Microsoft Corp. Windows PC that connected directly to the Internet. Mr. Angelastri didn't ignore security. He regularly updated the payment software on his computer to keep up with the latest standards. About two years ago, he got a local technology contractor to install a payment processing system called PC Charge, made by VeriFone Systems Inc.
On April 14, 2010, he received an email from Accelerated Payment Technologies Inc.'s X-Charge, a sales agent for his credit-card processor, saying MasterCard had identified "some sort of breach or compromise" within his system. It didn't specify what, and asked him to fill out a questionnaire and return it within two weeks.
Mr. Angelastri checked his systems and called in an outside technology consultant. That investigator found one problem on his computer--a piece of hacking software known as malware--which the investigator removed. Still, X-Charge kept forwarding him emails between MasterCard and a payment processor called Global Payments Inc. that suspected fraud.
After a sixth email warning in June 2010, Mr. Angelastri says MasterCard demanded he hire a forensic investigator to do a thorough review of his system, essentially a digital version of the investigations that police often conduct at crime scenes. Mr. Angelastri hired Chicago-based Trustwave Inc.
A Trustwave investigator worked at Mr. Angelastri's newsstand until 2 a.m. one morning looking for cyber clues as to how his system might be leaking credit cards to hackers.
The investigator discovered a program called Kameo was capturing everything that came into Mr. Angelastri's system before it even reached the PC Charge payment software. Kameo was exporting that information over the Internet, giving hackers credit-card numbers, customer names and other details.
It turned out the hackers had been lurking in his system since April 15, 2009. They had gained access to Mr. Angelastri's computer through a program he used to periodically access his technology system from outside the shop. The program could be used by anyone who knew the password, and he had picked an especially weak one: "pos," a common nickname for the cash-register software that was also the system's user name.
Bob Cortopassi, Accelerated Payment Technologies' compliance security officer, said the breach happened because of a "lack of basic security requirements" and isn't the fault of its payment system. MasterCard declined comment on Mr. Angelastri's case, and Global Payments declined to comment.
Security experts say hackers routinely scan the Internet for computers configured this way. Such searches are fast and easy, and often the computers they find have weak passwords.
The hack on Mr. Angelastri's newsstand highlights another murky area of cyber attacks. The people whose information is stolen often are never informed, despite varying state laws that require breached organizations to notify them.
Small businesses like City Newsstand don't typically record the names and contact information of their customers and payment-card companies discourage businesses from keeping credit-card data. Mr. Angelastri never learned exactly which of his customers were affected, or how many.
Many small businesses complain they get little support from law enforcement or the credit-card industry once they are hit. After the investigation, Mr. Angelastri sent the report back to his credit-card processing company. It demanded he improve his technology, including installing a new higher-grade firewall. He also cut off access to the open Internet for the computers with the cash register software. Now all they can do is pass information to the credit-card processor.
Mr. Angelastri says he is still paying off the $22,000 he spent on the investigations and security improvements. City Newsstand has thin margins, he says, on about $1 million in annual sales.
He reported the incident to the Chicago and Evanston police, but he never followed up. A spokesman for the Evanston Police Department said the department only has jurisdiction to look into crimes committed in the city, which it defines based on where the hacker is located. The Chicago Police Department didn't respond to a request for comment.
Mr. Angelastri also spoke a few times with the Secret Service, the federal entity charged with investigating hacking attacks, but he says that investigation didn't go anywhere. The Secret Service declined to comment.
Mr. Angelastri still doesn't know who attacked his system, but the hackers left some clues. Trustwave's investigation found that a Yahoo email address was receiving the data being collected by the hacker's malware. A message sent to that address by The Wall Street Journal wasn't returned. Yahoo said it doesn't comment on individual account holders.
The data also was being sent to an Internet server in Russia hosted by a Russian hosting company called FirstVDS, according to the investigation.
Aleksandr Belykh, the head of the abuse department of FirstVDS, said the user of the virtual server identified in the City Newsstand investigation is Russian, and his firm hadn't received any complaints about it. The company shut the account down in June after its owner failed to pay the bill. Mr. Belykh wouldn't disclose other details.
Mr. Angelastri still marvels that his business was attacked at all. "We thought there would be very little chance that somebody would come into a business of our size to pull off something like this," he says.
--Nonna Fomenko contributed to this article.
Residential or Business- Geeks On Call can help you!
Visit geeksoncall.com or call 1-800-905-4335
Geoffrey A. Fowler and Ben Worthen
Recent hacking attacks on Sony Corp. and Lockheed Martin Corp. grabbed headlines. What happened at City Newsstand Inc. last year did not.
Unbeknownst to owner Joe Angelastri, cyber thieves planted a software program on the cash registers at his two Chicago-area magazine shops that sent customer credit-card numbers to Russia. MasterCard Inc. demanded an investigation, at Mr. Angelastri's expense, and the whole ordeal left him out about $22,000.
His experience highlights a growing threat to small businesses. Hackers are expanding their sights beyond multinationals to include any business that stores data in electronic form. Small companies, which are making the leap to computerized systems and digital records, have now become hackers' main target.
"Who would want to break into us?" asked Mr. Angelastri, who says the breach cut his annual profit in half. "We're not running a bank."
With limited budgets and few or no technical experts on staff, small businesses generally have weak security. Cyber criminals have taken notice. In 2010, the U.S. Secret Service and Verizon Communications Inc.'s forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa Inc. estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.
Hacking at small businesses "is a prolific problem," says Dean Kinsman, a special agent in the Federal Bureau of Investigation's cyber division, which has more than 400 active investigations into these crimes. "It's going to get much worse before it gets better."
In the time it takes to break into a major company like Citigroup Inc., a hacker could steal data from dozens of small businesses and not get detected, says Bryce Case Jr., a former hacker who broke into several government and corporate websites a decade ago and now runs an online message board for hackers called Digital Gangster. Now that small companies use computers, "the juice has become worth the squeeze," he says. "Even a pizza place has addresses, names and credit-card information."
Mr. Case, now a consultant in Colorado Springs, Colo., who helps small businesses identify security problems, has a trick for showing clients just how weak their systems are. He sometimes calls employees pretending to be a tech-department worker or consultant doing work for the boss and convinces them to tell him their passwords. "All you have to do is get a hold of one not-so-competent person and you're in," he says.
The fact that there are so many types of security threats makes it difficult for small firms to protect themselves. In April, the FBI issued an alert about a style of attack in which hackers steal a business's online banking login details and use them to transfer funds out of the business's account. That's what happened to Lease Duckwall just after 1 p.m. on Nov. 2, when someone logged into his company's bank account for Green Ford Sales Inc. in Abilene, Kan. The hacker added nine new employees to the car dealership's payroll and transferred $63,000 to them.
Mr. Duckwall learned about the transfers at 7:45 a.m. the next day. He called his bank, which froze the funds in six cases. But three payments had already been withdrawn by the recipients and the cash wired offshore.
"I don't have a clue" how or why his company was targeted, says Mr. Duckwall, who is still out about $22,000.
The costs of a breach can put a small company out of business. In 2006 and 2007, a Bellingham, Wash., restaurant called Burger Me LLC had its computerized cash register hacked. Criminals made untold numbers of fraudulent charges on customer credit cards.
After the incident, a credit-card company shut down Burger Me's account and put a hold on thousands of dollars in incoming payments, says Rich Griffith, its former owner. By late 2008, fees and lost business from not being able to accept credit cards put Mr. Griffith in so much debt--$12,000 for investigation and remediation costs alone--that he closed his formerly break-even burger joint.
The cyber attack "cost me my dream," says Mr. Griffith, 47 years old. The hacker who stole the data was never identified.
Financially motivated attacks typically rely on computer code that hackers plant on victims' computers, often as attachments or links in emails sent to employees. While these malicious programs are well known to security experts, hackers tweak them frequently enough to render them undetectable to antivirus software.
Bigger companies, while not immune, generally do a better job of protecting themselves. AT&T Inc., for example, has a command center with giant screens that track all the traffic on its network. Other large companies mine data for warning signs, taking note when an employee swipes an identity badge in New York only to log onto the network from California, for instance.
Smaller companies are less likely to grasp the security threat. A 2010 survey by the National Retail Federation and First Data Corp. of small- and medium-size retailers in the U.S. found that 64% believed their businesses weren't vulnerable to card data theft and only 49% had assessed their security safeguards.
One of the most common styles of attack on small businesses targets credit-card information that a hacker can sell or use to make fraudulent purchases. To gird against this, the major credit-card companies in 2006 formed an industry group called the Payment Card Industry Security Standards Council, which establishes minimum technical protections for businesses that accept credit cards.
While credit-card companies require all businesses that accept their cards to comply with those standards, known as PCI, they have few measures to enforce them for small businesses. Bob Russo, general manager of the PCI Council, says many small businesses neglect basic security measures such as changing default passwords.
Mr. Angelastri's case shows how even a business that tries to protect itself can fall victim to hackers.
A Chicago native, Mr. Angelastri, 52, started his company in 1978 when he bought out the small street corner newsstand he started working at after high school. Over the years, he grew his business to two 1,500-square-foot locations in Chicago and Evanston, Ill., carrying more than 5,000 different magazines.
City Newsstand didn't have a computer technician on staff. But Mr. Angelastri had decades of experience with computers after converting to a computer-based cash register in 1990. That first computerized register, known as a point-of-sale, or POS, system, wasn't hooked into the Internet. Every time it needed to process a credit card, it would use a telephone modem to log into the bank.
Four years ago, he upgraded to a now-standard Microsoft Corp. Windows PC that connected directly to the Internet. Mr. Angelastri didn't ignore security. He regularly updated the payment software on his computer to keep up with the latest standards. About two years ago, he got a local technology contractor to install a payment processing system called PC Charge, made by VeriFone Systems Inc.
On April 14, 2010, he received an email from Accelerated Payment Technologies Inc.'s X-Charge, a sales agent for his credit-card processor, saying MasterCard had identified "some sort of breach or compromise" within his system. It didn't specify what, and asked him to fill out a questionnaire and return it within two weeks.
Mr. Angelastri checked his systems and called in an outside technology consultant. That investigator found one problem on his computer--a piece of hacking software known as malware--which the investigator removed. Still, X-Charge kept forwarding him emails between MasterCard and a payment processor called Global Payments Inc. that suspected fraud.
After a sixth email warning in June 2010, Mr. Angelastri says MasterCard demanded he hire a forensic investigator to do a thorough review of his system, essentially a digital version of the investigations that police often conduct at crime scenes. Mr. Angelastri hired Chicago-based Trustwave Inc.
A Trustwave investigator worked at Mr. Angelastri's newsstand until 2 a.m. one morning looking for cyber clues as to how his system might be leaking credit cards to hackers.
The investigator discovered a program called Kameo was capturing everything that came into Mr. Angelastri's system before it even reached the PC Charge payment software. Kameo was exporting that information over the Internet, giving hackers credit-card numbers, customer names and other details.
It turned out the hackers had been lurking in his system since April 15, 2009. They had gained access to Mr. Angelastri's computer through a program he used to periodically access his technology system from outside the shop. The program could be used by anyone who knew the password, and he had picked an especially weak one: "pos," a common nickname for the cash-register software that was also the system's user name.
Bob Cortopassi, Accelerated Payment Technologies' compliance security officer, said the breach happened because of a "lack of basic security requirements" and isn't the fault of its payment system. MasterCard declined comment on Mr. Angelastri's case, and Global Payments declined to comment.
Security experts say hackers routinely scan the Internet for computers configured this way. Such searches are fast and easy, and often the computers they find have weak passwords.
The hack on Mr. Angelastri's newsstand highlights another murky area of cyber attacks. The people whose information is stolen often are never informed, despite varying state laws that require breached organizations to notify them.
Small businesses like City Newsstand don't typically record the names and contact information of their customers and payment-card companies discourage businesses from keeping credit-card data. Mr. Angelastri never learned exactly which of his customers were affected, or how many.
Many small businesses complain they get little support from law enforcement or the credit-card industry once they are hit. After the investigation, Mr. Angelastri sent the report back to his credit-card processing company. It demanded he improve his technology, including installing a new higher-grade firewall. He also cut off access to the open Internet for the computers with the cash register software. Now all they can do is pass information to the credit-card processor.
Mr. Angelastri says he is still paying off the $22,000 he spent on the investigations and security improvements. City Newsstand has thin margins, he says, on about $1 million in annual sales.
He reported the incident to the Chicago and Evanston police, but he never followed up. A spokesman for the Evanston Police Department said the department only has jurisdiction to look into crimes committed in the city, which it defines based on where the hacker is located. The Chicago Police Department didn't respond to a request for comment.
Mr. Angelastri also spoke a few times with the Secret Service, the federal entity charged with investigating hacking attacks, but he says that investigation didn't go anywhere. The Secret Service declined to comment.
Mr. Angelastri still doesn't know who attacked his system, but the hackers left some clues. Trustwave's investigation found that a Yahoo email address was receiving the data being collected by the hacker's malware. A message sent to that address by The Wall Street Journal wasn't returned. Yahoo said it doesn't comment on individual account holders.
The data also was being sent to an Internet server in Russia hosted by a Russian hosting company called FirstVDS, according to the investigation.
Aleksandr Belykh, the head of the abuse department of FirstVDS, said the user of the virtual server identified in the City Newsstand investigation is Russian, and his firm hadn't received any complaints about it. The company shut the account down in June after its owner failed to pay the bill. Mr. Belykh wouldn't disclose other details.
Mr. Angelastri still marvels that his business was attacked at all. "We thought there would be very little chance that somebody would come into a business of our size to pull off something like this," he says.
--Nonna Fomenko contributed to this article.
Residential or Business- Geeks On Call can help you!
Visit geeksoncall.com or call 1-800-905-4335
Thursday, July 21, 2011
Google notifies users of malware infections http://bit.ly/pf9oUn
Let our techs screen your computer- Visit geeksoncall.com to schedule now!
Let our techs screen your computer- Visit geeksoncall.com to schedule now!
Google notifies users of malware infections
NEW YORK (CNNMoney) -- Google said Wednesday that it has begun to display a malware warning in its search results to a group of users with infected computers.
The search company said it discovered a certain strain of malware when performing maintenance on one of its data centers. Google (GOOG, Fotune 500) noticed some "unusual search traffic" coming from some computers that were sending requests to Google through a small number of intermediary servers called "proxies."
The infected computers included those from several companies, whose security engineers helped Google analyze the traffic. They determined that the computers that were rerouting traffic through the proxies were infected with the same malicious code.
Users whose computers are sending requests to Google through those proxies will now see a big yellow notification at the top of their search results that indicates their PC may be infected.
"We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections," said Damian Menscher, security engineer at Google, in a blog post.
Google's notification only applies to those whose computers are infected with the particular strain of malware that it discovered. Google didn't give any details about what the malware that they discovered does, other than saying attackers can control compromised computers' Internet traffic.
Some malware allows attackers to gain full control of a computer or log key entries to steal users' credit card numbers or credentials like usernames and passwords.
Malware can be inadvertently installed by a user by clicking on an infected e-mail attachment or downloading a compromised advertisement on a website.
Google's notification links to a Q&A about how to resolve the infection, including a list of reputable antivirus programs.
The search company said it discovered a certain strain of malware when performing maintenance on one of its data centers. Google (GOOG, Fotune 500) noticed some "unusual search traffic" coming from some computers that were sending requests to Google through a small number of intermediary servers called "proxies."
The infected computers included those from several companies, whose security engineers helped Google analyze the traffic. They determined that the computers that were rerouting traffic through the proxies were infected with the same malicious code.
Users whose computers are sending requests to Google through those proxies will now see a big yellow notification at the top of their search results that indicates their PC may be infected.
"We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections," said Damian Menscher, security engineer at Google, in a blog post.
Google's notification only applies to those whose computers are infected with the particular strain of malware that it discovered. Google didn't give any details about what the malware that they discovered does, other than saying attackers can control compromised computers' Internet traffic.
Some malware allows attackers to gain full control of a computer or log key entries to steal users' credit card numbers or credentials like usernames and passwords.
Malware can be inadvertently installed by a user by clicking on an infected e-mail attachment or downloading a compromised advertisement on a website.
Google's notification links to a Q&A about how to resolve the infection, including a list of reputable antivirus programs.
Wednesday, July 20, 2011
Nearly 700 Toshiba customers' emails, passwords stolen http://bit.ly/pFaQrf
Protect your data with our help- Visit GeeksOnCall.com
Protect your data with our help- Visit GeeksOnCall.com
Nearly 700 Toshiba customers' emails, passwords stolen
msnbc.com - 7/18/2011
Athima Chansanchai
Nearly 700 Toshiba customers' emails and passwords have been stolen from the company's U.S. servers, the latest company to be hit by hackers, although it doesn't appear to be the work of the same groups that have infiltrated Arizona law enforcement, Orlando tourism or PBS.
TechEYE.net reported that the hacker VOiD targeted Toshiba and claimed "to gain usernames and passwords on 450 of the company's customers" as well as about 20 re-sellers and 12 administrators on the company's Electronic Components and Semiconductors and Consumer Products sites.
VOiD is a person whose Pastebin account shows previous alleged hacks of databases of Pakistan and Botswana government officials and the National Bank of Cambodia. There is no mention of Toshiba, but the latest entry on July 17 is labeled only as a "Random Dump." It contains more than 1,160 usernames and passwords.
Then it appears Toshiba was hit again, on July 11. The company admitted to the Wall Street Journal that 681 customers' emails and passwords had been compromised out of 7,520 accounts of customers who had registered their information, which was housed in the U.S.-based Toshiba America Information Systems (TAIS).
While there were no credit-card information or Social Security numbers among the missing information, and it's a much smaller number than other hacked missions, the data could be used to hack into the users' other accounts online, as people tend to use the same combination on other sites they frequent.
But if and when the first hack is confirmed, then there could be more than 1,100 customers whose accounts have been pinched.
Toshiba told the Wall Street Journal that they'd "notified the customers of the possibility that their data has been compromised," and that it is still investigating the hackings. We'll update you if and when we find out more.
Protect your data with our help.
Visit GeeksOnCall.com or Call 1-800-905-4335
Athima Chansanchai
Nearly 700 Toshiba customers' emails and passwords have been stolen from the company's U.S. servers, the latest company to be hit by hackers, although it doesn't appear to be the work of the same groups that have infiltrated Arizona law enforcement, Orlando tourism or PBS.
TechEYE.net reported that the hacker VOiD targeted Toshiba and claimed "to gain usernames and passwords on 450 of the company's customers" as well as about 20 re-sellers and 12 administrators on the company's Electronic Components and Semiconductors and Consumer Products sites.
VOiD is a person whose Pastebin account shows previous alleged hacks of databases of Pakistan and Botswana government officials and the National Bank of Cambodia. There is no mention of Toshiba, but the latest entry on July 17 is labeled only as a "Random Dump." It contains more than 1,160 usernames and passwords.
Then it appears Toshiba was hit again, on July 11. The company admitted to the Wall Street Journal that 681 customers' emails and passwords had been compromised out of 7,520 accounts of customers who had registered their information, which was housed in the U.S.-based Toshiba America Information Systems (TAIS).
While there were no credit-card information or Social Security numbers among the missing information, and it's a much smaller number than other hacked missions, the data could be used to hack into the users' other accounts online, as people tend to use the same combination on other sites they frequent.
But if and when the first hack is confirmed, then there could be more than 1,100 customers whose accounts have been pinched.
Toshiba told the Wall Street Journal that they'd "notified the customers of the possibility that their data has been compromised," and that it is still investigating the hackings. We'll update you if and when we find out more.
Protect your data with our help.
Visit GeeksOnCall.com or Call 1-800-905-4335
Tuesday, July 19, 2011
Sites Feed Personal Details To New Tracking Industry http://bit.ly/nWJFmH
Let our techs ensure your data is protected- GeeksOnCall.com
Let our techs ensure your data is protected- GeeksOnCall.com
Sites Feed Personal Details To New Tracking Industry
wsj.com - 6/30/2011
JULIA ANGWIN and TOM MCGINTY
The largest U.S. websites are installing new and intrusive consumer-tracking technologies on the computers of people visiting their sites--in some cases, more than 100 tracking tools at a time--a Wall Street Journal investigation has found.
The tracking files represent the leading edge of a lightly regulated, emerging industry of data-gatherers who are in effect establishing a new business model for the Internet: one based on intensive surveillance of people to sell data about, and predictions of, their interests and activities, in real time.
The Journal's study shows the extent to which Web users are in effect exchanging personal data for the broad access to information and services that is a defining feature of the Internet.
In an effort to quantify the reach and sophistication of the tracking industry, the Journal examined the 50 most popular websites in the U.S. to measure the quantity and capabilities of the "cookies," "beacons" and other trackers installed on a visitor's computer by each site. Together, the 50 sites account for roughly 40% of U.S. page-views.
The 50 sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia Wikipedia.org, installed none. Twelve sites, including IAC/InterActive Corp.'s Dictionary.com, Comcast Corp.'s Comcast.net and Microsoft Corp.'s MSN.com, installed more than 100 tracking tools apiece in the course of the Journal's test.
The Journal also surveyed its own site, WSJ.com, which doesn't rank among the top 50 by visitors. WSJ.com installed 60 tracking files, slightly below the 64 average for the top 50 sites.
Some two-thirds of the tracking tools installed--2,224--came from 131 companies that, for the most part, are in the business of following Internet users to create rich databases of consumer profiles that can be sold. The companies that placed the most such tools were Google Inc., Microsoft. and Quantcast Corp., all of which are in the business of targeting ads at Google, Microsoft and Quantcast all said they don't track individuals by name and offer Internet users a way to remove themselves from their tracking networks. Comcast, MSN and Dictionary.com said they disclose tracking practices in their privacy policies, and said their visitors aren't identified by name.
The state of the art is growing increasingly intrusive, the Journal found. Some tracking files can record a person's keystrokes online and then transmit the text to a data-gathering company that analyzes it for content, tone and clues to a person's social connections. Other tracking files can re-spawn trackers that a person may have deleted.
To measure the sensitivity of the data gathered by tracking companies, the Journal created an "exposure index" for the top 50 sites. Dictionary.com ranked highest in exposing users to potentially aggressive surveillance: It installed 168 tracking tools that didn't let users decline to be tracked, and 121 tools that, according to their privacy statements, don't rule out collecting financial or health data. Dictionary.com attributed the number of tools to its use of many different ad networks, each of which puts tools on its site.
Some of the tracking files identified by the Journal were so detailed that they verged on being anonymous in name only. They enabled data-gathering companies to build personal profiles that could include age, gender, race, zip code, income, marital status and health concerns, along with recent purchases and favorite TV shows and movies.
The ad industry says tracking doesn't violate anyone's privacy because the data sold doesn't identify people by name, and the tracking activity is disclosed in privacy policies. And while many companies are involved in collecting, analyzing and selling the data, they provide a useful service by raising the chance Internet users see ads and information relevant to them personally.
"We are delivering free content to consumers," says Mike Zaneis, vice president of public policy for the Interactive Advertising Bureau, a trade group of advertisers and publishers. "Sometimes it means that we get involved in a very complex ecosystem with lots of third parties."
The growing use and power of tracking technology have begun to raise regulatory concerns. Congress is considering laws to limit tracking. The Federal Trade Commission is developing privacy guidelines for the industry.
If "you were in the Gap, and the sales associate said to you, 'OK, from now on, since you shopped here today, we are going to follow you around the mall and view your consumer transactions,' no person would ever agree to that," Sen. George LeMieux, R-Florida, said this week in a Senate hearing on Internet privacy.
Let our techs ensure your data is protected.
Visit GeeksOnCall.com or call 1-800-905-4335
JULIA ANGWIN and TOM MCGINTY
The largest U.S. websites are installing new and intrusive consumer-tracking technologies on the computers of people visiting their sites--in some cases, more than 100 tracking tools at a time--a Wall Street Journal investigation has found.
The tracking files represent the leading edge of a lightly regulated, emerging industry of data-gatherers who are in effect establishing a new business model for the Internet: one based on intensive surveillance of people to sell data about, and predictions of, their interests and activities, in real time.
The Journal's study shows the extent to which Web users are in effect exchanging personal data for the broad access to information and services that is a defining feature of the Internet.
In an effort to quantify the reach and sophistication of the tracking industry, the Journal examined the 50 most popular websites in the U.S. to measure the quantity and capabilities of the "cookies," "beacons" and other trackers installed on a visitor's computer by each site. Together, the 50 sites account for roughly 40% of U.S. page-views.
The 50 sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia Wikipedia.org, installed none. Twelve sites, including IAC/InterActive Corp.'s Dictionary.com, Comcast Corp.'s Comcast.net and Microsoft Corp.'s MSN.com, installed more than 100 tracking tools apiece in the course of the Journal's test.
The Journal also surveyed its own site, WSJ.com, which doesn't rank among the top 50 by visitors. WSJ.com installed 60 tracking files, slightly below the 64 average for the top 50 sites.
Some two-thirds of the tracking tools installed--2,224--came from 131 companies that, for the most part, are in the business of following Internet users to create rich databases of consumer profiles that can be sold. The companies that placed the most such tools were Google Inc., Microsoft. and Quantcast Corp., all of which are in the business of targeting ads at Google, Microsoft and Quantcast all said they don't track individuals by name and offer Internet users a way to remove themselves from their tracking networks. Comcast, MSN and Dictionary.com said they disclose tracking practices in their privacy policies, and said their visitors aren't identified by name.
The state of the art is growing increasingly intrusive, the Journal found. Some tracking files can record a person's keystrokes online and then transmit the text to a data-gathering company that analyzes it for content, tone and clues to a person's social connections. Other tracking files can re-spawn trackers that a person may have deleted.
To measure the sensitivity of the data gathered by tracking companies, the Journal created an "exposure index" for the top 50 sites. Dictionary.com ranked highest in exposing users to potentially aggressive surveillance: It installed 168 tracking tools that didn't let users decline to be tracked, and 121 tools that, according to their privacy statements, don't rule out collecting financial or health data. Dictionary.com attributed the number of tools to its use of many different ad networks, each of which puts tools on its site.
Some of the tracking files identified by the Journal were so detailed that they verged on being anonymous in name only. They enabled data-gathering companies to build personal profiles that could include age, gender, race, zip code, income, marital status and health concerns, along with recent purchases and favorite TV shows and movies.
The ad industry says tracking doesn't violate anyone's privacy because the data sold doesn't identify people by name, and the tracking activity is disclosed in privacy policies. And while many companies are involved in collecting, analyzing and selling the data, they provide a useful service by raising the chance Internet users see ads and information relevant to them personally.
"We are delivering free content to consumers," says Mike Zaneis, vice president of public policy for the Interactive Advertising Bureau, a trade group of advertisers and publishers. "Sometimes it means that we get involved in a very complex ecosystem with lots of third parties."
The growing use and power of tracking technology have begun to raise regulatory concerns. Congress is considering laws to limit tracking. The Federal Trade Commission is developing privacy guidelines for the industry.
If "you were in the Gap, and the sales associate said to you, 'OK, from now on, since you shopped here today, we are going to follow you around the mall and view your consumer transactions,' no person would ever agree to that," Sen. George LeMieux, R-Florida, said this week in a Senate hearing on Internet privacy.
Let our techs ensure your data is protected.
Visit GeeksOnCall.com or call 1-800-905-4335
Monday, July 18, 2011
Got an iPhone? Download this security fix now http://bit.ly/pQ3LZR
Look to GeeksOnCall.com and our techs for all your security needs.
Look to GeeksOnCall.com and our techs for all your security needs.
Got an iPhone? Download this security fix now
msnbc.com - 7/15/2011
Rosa Golijan
pple has just released iOS 4.3.4 -- a minor update for its mobile operating system -- and you should go download it if you happen to own an iPhone, iPad, or iPod Touch. Why? Because it fixes a pesky PDF-related security vulnerability.
The security vulnerability meant that a user -- or a sneaky hacker -- could gain ultimate power (root privileges) on an iOS device by opening an infected PDF file using the Safari app.
On one hand, this vulnerability is great for those who wish to jailbreak -- or unlock -- their own iOS devices using a website called Jailbreakme.com so they can run unauthorized software. But on the other hand, this is a big issue because an individual with devious intentions could trick someone into opening up an infected PDF file and abuse the security vulnerability to access or even steal sensitive data without the iOS device owner's knowledge.
You can get the update by plugging your iOS device into your computer and hitting the "check for updates" button in iTunes. Do note that the 4.3.4 version is intended for the AT&T iPhone 4, the iPhone 3GS, the iPad 2, the iPad as well as third and fourth generation iPod Touch devices. Folks who own a Verizon iPhone 4 will find an update labeled 4.2.9 instead -- but it'll offer the same fix.
Turn to Geeks On Call for all your security needs.
Visit us at GeeksOnCall.com
Or call 1-800-905-4335
Rosa Golijan
pple has just released iOS 4.3.4 -- a minor update for its mobile operating system -- and you should go download it if you happen to own an iPhone, iPad, or iPod Touch. Why? Because it fixes a pesky PDF-related security vulnerability.
The security vulnerability meant that a user -- or a sneaky hacker -- could gain ultimate power (root privileges) on an iOS device by opening an infected PDF file using the Safari app.
On one hand, this vulnerability is great for those who wish to jailbreak -- or unlock -- their own iOS devices using a website called Jailbreakme.com so they can run unauthorized software. But on the other hand, this is a big issue because an individual with devious intentions could trick someone into opening up an infected PDF file and abuse the security vulnerability to access or even steal sensitive data without the iOS device owner's knowledge.
You can get the update by plugging your iOS device into your computer and hitting the "check for updates" button in iTunes. Do note that the 4.3.4 version is intended for the AT&T iPhone 4, the iPhone 3GS, the iPad 2, the iPad as well as third and fourth generation iPod Touch devices. Folks who own a Verizon iPhone 4 will find an update labeled 4.2.9 instead -- but it'll offer the same fix.
Turn to Geeks On Call for all your security needs.
Visit us at GeeksOnCall.com
Or call 1-800-905-4335
Friday, July 15, 2011
Tablet Strives to Plug Into Laptops' Port Abilities http://bit.ly/qKzGQ2
Ensure your data is backed up and synced properly- GeeksOnCall.com
Ensure your data is backed up and synced properly- GeeksOnCall.com
Tablet Strives to Plug Into Laptops' Port Abilities
WSJ.com - 7/15/2011
WALTER S. MOSSBERG
Like many laptops, the Thrive, above, has full-size USB and HDMI ports.
While Microsoft and Apple are working to bring aspects of tablet computing to the next versions of their computer operating systems, one big computer maker,Toshiba, is going the other way: It is introducing a tablet that emulates a laptop in some key respects.
Unlike other well-known tablets on the market, the new Toshiba Thrive, a 10-inch Android model available this month, sports a full-sized USB port that works with a wide variety of devices and files; a removable battery; and a file manager application like those on PCs. It also includes a full-sized SD slot for flash memory cards and a full-sized connector, called an HDMI port, that can use a standard cable for linking to a high-definition TV.
Walt Mossberg reviews the new Toshiba Thrive, a 10'' Android model tablet. Unlike most other tablets on the market, the Thrive emulates a laptop in a number of ways including its removable battery, SD card slot, and USB port.
Some tablets, such as Acer's Iconia, have a few of these features, but I haven't previously tested a tablet with all of them. And they aren't built into the tablet that dominates the market, Apple's iPad.
Like Acer, Toshiba is trying to differentiate the Thrive from the iPad with a lower price. The base model of the Thrive will cost $430, which is $69 less than the entry-level iPad 2. However, there's a catch: It only has half the memory, 8 gigabytes, versus the base $499 iPad 2's 16 gigabytes. A Thrive model with 16 gigabytes of memory will cost $480, or just $19 less than the comparable iPad 2.
This first tablet from Toshiba is Wi-Fi only. But the company plans a model with cellular connectivity in the fourth quarter.
I've been testing the Thrive for about a week, and found it to be a mixed bag. Its laptop-like features, especially the USB port, worked very well and will be welcomed by users who have yearned for an easier, more standard way of getting files into and out of a tablet.
Like most tablets introduced this year, it is thick and heavy compared with the iPad. Like all Android tablets, it offers only a tiny fraction of the tablet-optimized apps available for the iPad, which claims 100,000 such programs.
And in my standard tablet battery test, its performance was weak, only a bit more than half of the iPad 2's.
Design
The Thrive, which has rounded edges, weighs in at 1.6 pounds. It's 0.62 inch thick, and about 11" long by 7" wide—shaped to optimize viewing of widescreen videos. That means it's best used in landscape mode. Its back, which is rubbery and ribbed, feels comfortable, and snaps off, to provide access to the removable battery.
The standard case, above, is very bulky.
Extra batteries cost $80 each, and the company offers a variety of colorful replacement backs for $20 each.
The edges offer an array of switches and ports--some hidden behind little covers--including a mini-USB port for connecting to a PC or Mac. There's a proprietary connector for attaching the Thrive to two optional docks. The device includes front and rear cameras.
There are also a couple of optional cases. I found the standard case to be very bulky. Also very bulky is the included AC adapter, for charging the Thrive, that's the size of a small laptop charger.
USB
I focused a lot of my testing on the USB port, which worked very well. In my tests, I was able to successfully connect a variety of small flash drives and access their files, or copy them to the internal memory, using the File Manager app. Toshiba also includes a Media Player, which handles music, photos and videos, regardless of whether they are in internal memory or external storage.
I was also able to easily connect a variety of other devices to the USB port, including a camera, a wired keyboard and mouse. The USB port handled an external hard drive as well, once I converted it on a computer to the only hard-disk format the Thrive recognizes, which is called exFAT.
I was even able to simultaneously use a flash drive and a wired mouse with the Thrive by plugging in a small USB hub--a gadget that's like a power strip for USB devices.
SD Card and HDMI Port
The Thrive can handle SD cards up to 128 gigabytes in capacity--though the largest of these currently cost around $300. In fact, Toshiba justifies the low internal memory on its base model Thrive by noting that users can add memory via SD cards. In my tests of several SD cards, all worked fine.
I connected my HDTV to the Thrive via a plain-vanilla HDMI cable and it played videos, photos and music through the TV without any problems.
Battery Life
The Thrive fared poorly in my standard tablet battery test, in which I set the screen brightness at 75%, leave the Wi-Fi connected and collecting emails in the background, and play videos back to back until the juice is gone. It managed just 5½ hours before shutting down, compared with slightly over 10 hours for the iPad 2 during the same test.
Toshiba claims the Thrive's battery will last up to 11 hours in more general and varied use, and, while I couldn't test such a vague claim, I was able to go a couple of days between charges while doing intermittent Web surfing, emails, social networking, book reading and game playing. But the screen— which sucks power on all tablets--was off for hours at a time during this period.
Performance
In general, the Thrive performed crisply, handling almost everything I tried and running numerous programs at once.
However, it crashed multiple times. The tablet spontaneously rebooted once when I removed a flash drive and the popular game "Words With Friends" crashed twice. Several other apps also crashed.
Unlike the iPad, the Thrive will play Adobe Flash videos and websites, but, as with other Android tablets, this capability varies unpredictably. Some Flash videos played well, others poorly or not at all. A couple crashed the browser. And the beautiful Picnik photo-editing website, which depends on Flash, wouldn't work at all.
Cameras and Sound
Both cameras worked OK for stills and videos. But the sound, which Toshiba says is superior to that on other tablets, was tinny on several songs compared with the sound on the iPad.
Trial Software
One more similarity, alas, that the Thrive has to laptops is that it comes pre-loaded with craplets, limited or trial apps you may not want. Its bundled version of QuickOffice, a productivity program for viewing and editing Microsoft Office documents, can only view files, not edit them. A security program works only for 30 days before you must pay for it. A printing program will only print five pages before payment is required.
Bottom Line
The Thrive is a good alternative to the iPad for people who place high value on having standard ports, especially a USB port, and a removable battery. While it suffers from many of the downsides of other non-Apple tablets, it is closer to a laptop, and that will please people looking for laptop features in a tablet.
Ensure your data is backed up and synced properly
Visit GeeksOnCall.com
Or call 1-800-905-4335
WALTER S. MOSSBERG
Like many laptops, the Thrive, above, has full-size USB and HDMI ports.
While Microsoft and Apple are working to bring aspects of tablet computing to the next versions of their computer operating systems, one big computer maker,Toshiba, is going the other way: It is introducing a tablet that emulates a laptop in some key respects.
Unlike other well-known tablets on the market, the new Toshiba Thrive, a 10-inch Android model available this month, sports a full-sized USB port that works with a wide variety of devices and files; a removable battery; and a file manager application like those on PCs. It also includes a full-sized SD slot for flash memory cards and a full-sized connector, called an HDMI port, that can use a standard cable for linking to a high-definition TV.
Walt Mossberg reviews the new Toshiba Thrive, a 10'' Android model tablet. Unlike most other tablets on the market, the Thrive emulates a laptop in a number of ways including its removable battery, SD card slot, and USB port.
Some tablets, such as Acer's Iconia, have a few of these features, but I haven't previously tested a tablet with all of them. And they aren't built into the tablet that dominates the market, Apple's iPad.
Like Acer, Toshiba is trying to differentiate the Thrive from the iPad with a lower price. The base model of the Thrive will cost $430, which is $69 less than the entry-level iPad 2. However, there's a catch: It only has half the memory, 8 gigabytes, versus the base $499 iPad 2's 16 gigabytes. A Thrive model with 16 gigabytes of memory will cost $480, or just $19 less than the comparable iPad 2.
This first tablet from Toshiba is Wi-Fi only. But the company plans a model with cellular connectivity in the fourth quarter.
I've been testing the Thrive for about a week, and found it to be a mixed bag. Its laptop-like features, especially the USB port, worked very well and will be welcomed by users who have yearned for an easier, more standard way of getting files into and out of a tablet.
Like most tablets introduced this year, it is thick and heavy compared with the iPad. Like all Android tablets, it offers only a tiny fraction of the tablet-optimized apps available for the iPad, which claims 100,000 such programs.
And in my standard tablet battery test, its performance was weak, only a bit more than half of the iPad 2's.
Design
The Thrive, which has rounded edges, weighs in at 1.6 pounds. It's 0.62 inch thick, and about 11" long by 7" wide—shaped to optimize viewing of widescreen videos. That means it's best used in landscape mode. Its back, which is rubbery and ribbed, feels comfortable, and snaps off, to provide access to the removable battery.
The standard case, above, is very bulky.
Extra batteries cost $80 each, and the company offers a variety of colorful replacement backs for $20 each.
The edges offer an array of switches and ports--some hidden behind little covers--including a mini-USB port for connecting to a PC or Mac. There's a proprietary connector for attaching the Thrive to two optional docks. The device includes front and rear cameras.
There are also a couple of optional cases. I found the standard case to be very bulky. Also very bulky is the included AC adapter, for charging the Thrive, that's the size of a small laptop charger.
USB
I focused a lot of my testing on the USB port, which worked very well. In my tests, I was able to successfully connect a variety of small flash drives and access their files, or copy them to the internal memory, using the File Manager app. Toshiba also includes a Media Player, which handles music, photos and videos, regardless of whether they are in internal memory or external storage.
I was also able to easily connect a variety of other devices to the USB port, including a camera, a wired keyboard and mouse. The USB port handled an external hard drive as well, once I converted it on a computer to the only hard-disk format the Thrive recognizes, which is called exFAT.
I was even able to simultaneously use a flash drive and a wired mouse with the Thrive by plugging in a small USB hub--a gadget that's like a power strip for USB devices.
SD Card and HDMI Port
The Thrive can handle SD cards up to 128 gigabytes in capacity--though the largest of these currently cost around $300. In fact, Toshiba justifies the low internal memory on its base model Thrive by noting that users can add memory via SD cards. In my tests of several SD cards, all worked fine.
I connected my HDTV to the Thrive via a plain-vanilla HDMI cable and it played videos, photos and music through the TV without any problems.
Battery Life
The Thrive fared poorly in my standard tablet battery test, in which I set the screen brightness at 75%, leave the Wi-Fi connected and collecting emails in the background, and play videos back to back until the juice is gone. It managed just 5½ hours before shutting down, compared with slightly over 10 hours for the iPad 2 during the same test.
Toshiba claims the Thrive's battery will last up to 11 hours in more general and varied use, and, while I couldn't test such a vague claim, I was able to go a couple of days between charges while doing intermittent Web surfing, emails, social networking, book reading and game playing. But the screen— which sucks power on all tablets--was off for hours at a time during this period.
Performance
In general, the Thrive performed crisply, handling almost everything I tried and running numerous programs at once.
However, it crashed multiple times. The tablet spontaneously rebooted once when I removed a flash drive and the popular game "Words With Friends" crashed twice. Several other apps also crashed.
Unlike the iPad, the Thrive will play Adobe Flash videos and websites, but, as with other Android tablets, this capability varies unpredictably. Some Flash videos played well, others poorly or not at all. A couple crashed the browser. And the beautiful Picnik photo-editing website, which depends on Flash, wouldn't work at all.
Cameras and Sound
Both cameras worked OK for stills and videos. But the sound, which Toshiba says is superior to that on other tablets, was tinny on several songs compared with the sound on the iPad.
Trial Software
One more similarity, alas, that the Thrive has to laptops is that it comes pre-loaded with craplets, limited or trial apps you may not want. Its bundled version of QuickOffice, a productivity program for viewing and editing Microsoft Office documents, can only view files, not edit them. A security program works only for 30 days before you must pay for it. A printing program will only print five pages before payment is required.
Bottom Line
The Thrive is a good alternative to the iPad for people who place high value on having standard ports, especially a USB port, and a removable battery. While it suffers from many of the downsides of other non-Apple tablets, it is closer to a laptop, and that will please people looking for laptop features in a tablet.
Ensure your data is backed up and synced properly
Visit GeeksOnCall.com
Or call 1-800-905-4335
Thursday, July 14, 2011
Amazon to launch touchscreen tablet, report says http://bit.ly/rlJzj1
Get help with all the latest technology
Call us today 1-800-905-4335
Get help with all the latest technology
Call us today 1-800-905-4335
Amazon to launch touchscreen tablet, report says
cnn.com - 7/13/2011
Brandon Griggs
(CNN) -- Amazon, the online retailer that ignited demand for electronic readers with its Kindle, might be entering the increasingly crowded tablet computer market.
Citing unnamed sources, The Wall Street Journal reported Wednesday that Amazon will introduce a color touchscreen tablet before October that will compete with Apple's popular iPad and other similar devices.
People familiar with the product told the Journal that it will have a 9-inch screen and run on Google's Android operating system. It won't have a camera, they said.
The device will go beyond the Kindle in allowing customers to play movies, music and other content -- books, too -- downloaded from Amazon.com, the Journal reported. Amazon reportedly isn't developing the product itself, unlike the Kindle, but instead will outsource production to an Asian manufacturer.
Amazon did not immediately return a request for comment.
Rumors about Amazon making a tablet have been swirling for almost a year. Some reports have said the Seattle-based company is partnering with South Korean manufacturer Samsung, which will build the device.
Amazon CEO Jeff Bezos hasn't exactly doused the speculation. Asked by consumer Reports in May about the possibility of Amazon launching a multipurpose tablet device, Bezos said to stay tuned.
Reaction was swift Wednesday afternoon in the blogosphere, which seemed to accept the Journal report as fact.
"The lack of a camera is disappointing, but it may be a sign that Amazon is positioning its tablet as more of a competitor to Barnes and Noble's wildly successful Nook Color, a hybrid tablet/e-reader that retails for just $250,"wrote Devindra Hardawar in VentureBeat.
"The fall is going to be very interesting. There's a reason Apple wants to get another iPad out there before the end of the year," TechCrunch's MG Siegler wrote on his personal blog.
Wednesday's Journal report also said Amazon will also release two updated versions of its Kindle e-reader in the third quarter of this year: a touch-screen device and an improved but cheaper adaptation of the current Kindle.
Get help with this and all the latest technology-
Call us today 1-800-905-4335
Or Visit us at GeeksOnCall.com
Brandon Griggs
(CNN) -- Amazon, the online retailer that ignited demand for electronic readers with its Kindle, might be entering the increasingly crowded tablet computer market.
Citing unnamed sources, The Wall Street Journal reported Wednesday that Amazon will introduce a color touchscreen tablet before October that will compete with Apple's popular iPad and other similar devices.
People familiar with the product told the Journal that it will have a 9-inch screen and run on Google's Android operating system. It won't have a camera, they said.
The device will go beyond the Kindle in allowing customers to play movies, music and other content -- books, too -- downloaded from Amazon.com, the Journal reported. Amazon reportedly isn't developing the product itself, unlike the Kindle, but instead will outsource production to an Asian manufacturer.
Amazon did not immediately return a request for comment.
Rumors about Amazon making a tablet have been swirling for almost a year. Some reports have said the Seattle-based company is partnering with South Korean manufacturer Samsung, which will build the device.
Amazon CEO Jeff Bezos hasn't exactly doused the speculation. Asked by consumer Reports in May about the possibility of Amazon launching a multipurpose tablet device, Bezos said to stay tuned.
Reaction was swift Wednesday afternoon in the blogosphere, which seemed to accept the Journal report as fact.
"The lack of a camera is disappointing, but it may be a sign that Amazon is positioning its tablet as more of a competitor to Barnes and Noble's wildly successful Nook Color, a hybrid tablet/e-reader that retails for just $250,"wrote Devindra Hardawar in VentureBeat.
"The fall is going to be very interesting. There's a reason Apple wants to get another iPad out there before the end of the year," TechCrunch's MG Siegler wrote on his personal blog.
Wednesday's Journal report also said Amazon will also release two updated versions of its Kindle e-reader in the third quarter of this year: a touch-screen device and an improved but cheaper adaptation of the current Kindle.
Get help with this and all the latest technology-
Call us today 1-800-905-4335
Or Visit us at GeeksOnCall.com
Wednesday, July 13, 2011
Going in Google+ Circles http://bit.ly/nGclef
Need training in more than social media? Our techs can help!
Visit GeeksOnCall.com
Need training in more than social media? Our techs can help!
Visit GeeksOnCall.com
Going in Google+ Circles
wsj.com - 7/13/2011
KATHERINE BOEHRET
Forget being friended on Facebook or followed on Twitter. What you really want now is to be Circled--or so Google hopes.
The company's latest social-networking effort, Google+, lets users organize people into Circles of friends so you can choose what you share with each group. It offers multi-person video chats and a feature called Sparks that encourages users to plug into news that interests them. It integrates with Picasa, Google's photo site.
Google+ is designed to compete with Facebook, but judging from my non-techie friends' reactions over the past two weeks, the initial setup can be confusing. Plus, many of them aren't eager to build another social network. This week, I'll take a step back to explain Google+, how it differs from Facebook and just what's with the Circles.
Testing, Testing
Like most of Google's products (think Gmail), the Google+ you now see isn't a finished version. Rather, it's being called a field trial, meaning it will be tweaked as more of us use it. A spokeswoman said a limited number of people were initially invited to sign up. You'll need a Google profile--not necessarily a Gmail account--to sign up. If you'd like to be alerted when Google+ is made public, go to plus.google.com. I was given 15 invitations a couple of weeks ago when Google+ launched so I could create a network of real friends to test it.
Features Made Obvious
Surprisingly, Google+ was designed with more attention to appearance and delightful animations than most other Google programs. It feels polished and slick. I found some of its features more obvious and easy to use than those in Facebook, where settings are buried in hard-to-find menus.
Then there are the Circles. These are visually obvious ways of sorting people you know into groups: One way to add a person to a Circle is by dragging his or her photo onto a labeled Circle (i.e. Best Buds or Tennis Team). The person's tiny, circular image rolls around the Circle and bumps up against a photo of someone else in the group. Removing someone from a Circle is as easy as dragging their photo out.
When sharing anything via Google+, users are prompted to choose which Circles they want to see this content. Only the person who created the Circle knows its name and the people in it. As far as other people know, they've simply been added to a Circle. As long as you have a Google profile, you can be added to someone else's Circle. But you can opt to remove your Google profile from search results, which may mean fewer people will add you to their Circles.
You are never asked for your approval to be added to someone else's Circle. The same goes for Facebook Groups, which are created by someone who adds you without your explicit permission. Both social networks would do better by asking rather than assuming users are interested in this group participation.
Selected sharing is also possible in Facebook Groups, which launched last fall. But the person who creates groups determines who's in them. The entire group sees the group's name and shared content.
The Sparks feature of Google+ encourages a person to choose things that "spark" an interest for them, whether that's tennis or "The Closer," and this automatically retrieves news about these subjects to one's Google+ page.
Sparks is another example of something that exists in a different capacity on Facebook. You can type anything into the Search box at the top of the Facebook site and find information about that thing and then opt to "Like" it, which adds information about it to your news feed. Many people don't know that searches for things other than people are possible in Facebook.
Hanging Out Online
Hangouts, or group video chats, can be initiated by anyone with a webcam, and these can be joined by anyone who knows about them. The Hangout is announced in one's Google+ stream so others can see it and join the chat. Up to 10 people can simultaneously participate in a Hangout, and these can't be made private. I started a Hangout but wasn't joined by any other Google+ users.
Privacy Options
Publicly shared content in Google+ can be seen by anyone, even people you've blocked, so I found it helpful to use a box labeled "View profile as..." on my profile page. Here, I could type the name of anyone else with a Google account to see what of mine was visible to that person. Or I could select "anyone on the web" to see how my Google+ page looked to people not in my Circles. I kept almost all of my information limited to my Circles.
If you receive an email notification that someone added you to a Circle in Google+, this means he or she can share with you--but you'll only see their shared content if you opt to do so and they'll only see what you opt to share publicly.
A stream in Google+ shows shared content including photos, videos and status updates. But if someone has recently commented on an old post, it will bubble to the top of the page like it's new. If you'd rather not see the continuous stream of comments made on a post, you can mute the post.
Mobile for Google+
Google+ also offers mobile features like Huddle, which supports group texting--much like BlackBerry Messenger--for up to 100 people at once on any device that uses SMS. Facebook currently doesn't have anything comparable to this. And Instant Upload lets people send any photo they capture from their Android device (running the 2.1 operating system or above) directly to Google+.
If you're suffering from Facebook withdrawal, a browser extension from Crossrider (http://j.mp/orEmrG) can be used to display your Facebook steam in Google+.
--Email katie.boehret@esj.com
Need training in more than social media? Our techs can help!
Visit GeeksOnCall.com
Or Call 1-800-905-4335
KATHERINE BOEHRET
Forget being friended on Facebook or followed on Twitter. What you really want now is to be Circled--or so Google hopes.
The company's latest social-networking effort, Google+, lets users organize people into Circles of friends so you can choose what you share with each group. It offers multi-person video chats and a feature called Sparks that encourages users to plug into news that interests them. It integrates with Picasa, Google's photo site.
Google+ is designed to compete with Facebook, but judging from my non-techie friends' reactions over the past two weeks, the initial setup can be confusing. Plus, many of them aren't eager to build another social network. This week, I'll take a step back to explain Google+, how it differs from Facebook and just what's with the Circles.
Testing, Testing
Like most of Google's products (think Gmail), the Google+ you now see isn't a finished version. Rather, it's being called a field trial, meaning it will be tweaked as more of us use it. A spokeswoman said a limited number of people were initially invited to sign up. You'll need a Google profile--not necessarily a Gmail account--to sign up. If you'd like to be alerted when Google+ is made public, go to plus.google.com. I was given 15 invitations a couple of weeks ago when Google+ launched so I could create a network of real friends to test it.
Features Made Obvious
Surprisingly, Google+ was designed with more attention to appearance and delightful animations than most other Google programs. It feels polished and slick. I found some of its features more obvious and easy to use than those in Facebook, where settings are buried in hard-to-find menus.
Then there are the Circles. These are visually obvious ways of sorting people you know into groups: One way to add a person to a Circle is by dragging his or her photo onto a labeled Circle (i.e. Best Buds or Tennis Team). The person's tiny, circular image rolls around the Circle and bumps up against a photo of someone else in the group. Removing someone from a Circle is as easy as dragging their photo out.
When sharing anything via Google+, users are prompted to choose which Circles they want to see this content. Only the person who created the Circle knows its name and the people in it. As far as other people know, they've simply been added to a Circle. As long as you have a Google profile, you can be added to someone else's Circle. But you can opt to remove your Google profile from search results, which may mean fewer people will add you to their Circles.
You are never asked for your approval to be added to someone else's Circle. The same goes for Facebook Groups, which are created by someone who adds you without your explicit permission. Both social networks would do better by asking rather than assuming users are interested in this group participation.
Selected sharing is also possible in Facebook Groups, which launched last fall. But the person who creates groups determines who's in them. The entire group sees the group's name and shared content.
The Sparks feature of Google+ encourages a person to choose things that "spark" an interest for them, whether that's tennis or "The Closer," and this automatically retrieves news about these subjects to one's Google+ page.
Sparks is another example of something that exists in a different capacity on Facebook. You can type anything into the Search box at the top of the Facebook site and find information about that thing and then opt to "Like" it, which adds information about it to your news feed. Many people don't know that searches for things other than people are possible in Facebook.
Hanging Out Online
Hangouts, or group video chats, can be initiated by anyone with a webcam, and these can be joined by anyone who knows about them. The Hangout is announced in one's Google+ stream so others can see it and join the chat. Up to 10 people can simultaneously participate in a Hangout, and these can't be made private. I started a Hangout but wasn't joined by any other Google+ users.
Privacy Options
Publicly shared content in Google+ can be seen by anyone, even people you've blocked, so I found it helpful to use a box labeled "View profile as..." on my profile page. Here, I could type the name of anyone else with a Google account to see what of mine was visible to that person. Or I could select "anyone on the web" to see how my Google+ page looked to people not in my Circles. I kept almost all of my information limited to my Circles.
If you receive an email notification that someone added you to a Circle in Google+, this means he or she can share with you--but you'll only see their shared content if you opt to do so and they'll only see what you opt to share publicly.
A stream in Google+ shows shared content including photos, videos and status updates. But if someone has recently commented on an old post, it will bubble to the top of the page like it's new. If you'd rather not see the continuous stream of comments made on a post, you can mute the post.
Mobile for Google+
Google+ also offers mobile features like Huddle, which supports group texting--much like BlackBerry Messenger--for up to 100 people at once on any device that uses SMS. Facebook currently doesn't have anything comparable to this. And Instant Upload lets people send any photo they capture from their Android device (running the 2.1 operating system or above) directly to Google+.
If you're suffering from Facebook withdrawal, a browser extension from Crossrider (http://j.mp/orEmrG) can be used to display your Facebook steam in Google+.
--Email katie.boehret@esj.com
Need training in more than social media? Our techs can help!
Visit GeeksOnCall.com
Or Call 1-800-905-4335
Tuesday, July 12, 2011
iPhone, iPad users: Watch out for malicious PDF files http://bit.ly/peAgEQ
Let our techs screen your devices today!
Visit GeeksOnCall.com
Let our techs screen your devices today!
Visit GeeksOnCall.com
iPhone, iPad users: Watch out for malicious PDF files
CNN.com - 7/11/2011
Amy Gahran
Although so far, Android devices pose the greatest risk of mobile malware, no mobile platform is immune to this problem -- not even Apple's iPhone, iPad and iPod Touch.
Recently, ReadWriteWeb reported that the German government issued a warning: Some versions of the Apple iOS mobile operating system are vulnerable to malicious code contained in PDF files.
This means that Apple mobile users who download PDF files currently risk letting cybercriminals access their confidential information, intercept phone conversations or take over other aspects of their device. There is no evidence yet that cybercriminals have done this, but it could happen easily.
Apple says it's working on a fix, but according to The Wall Street Journal, the company is not saying how long the vulnerability has existed, or when exactly this fix will arrive.
In the meantime, Apple mobile users should refrain from downloading and viewing PDF files on their devices.
This mobile security hole uses vulnerabilities in PDFs -- short for Portable Document Format, an open standard for digital documents -- that date back to 2007.
Gizmodo notes: "Does this scenario sound familiar? It should, as variants of this browser-based exploit have been around since 2007. In iPhone OS 1.1.1, it was a Tiff rendering vulnerability; and in iPhone OS 2.0, it was a PDF file that caused all the problems. This PDF hole reared its ugly head again in iOS 4. Each time, Apple patched the exploit and everyone calmed down."
MacNewsWorld reports that this iOS security hole was discovered by a team of hackers called Comex that also offers tools for "jailbreaking" iPhones. (This means undoing the locks that Apple has put in place to prevent its mobile users from downloading or installing software that doesn't come through iTunes or the App Store.)
Apparently, until Apple releases its fix, the only way to secure your iPhone, iPad or iPod Touch against this threat is to jailbreak it.
Gizmodo suggests first using Jailbreakme to jailbreak your device. This tool is delivered via a PDF file that actually uses the security exploit to install software that allows you to jailbreak your Apple device. Then, to close this exploit, download PDF Patch. After that, you can un-jailbreak your device if you like.
Of course, jailbreaking your Apple device can open mobile users to a wide array of additional security risks.
One main reason for Apple's famed "walled garden" is to protect mobile users from malicious or otherwise problematic software that can put their data or devices at risk. And, for the most part, the virtual absence of iOS malware (until now) demonstrates the value of this approach -- especially for less tech-savvy mobile users who aren't quick to spot mobile security threats.
The opinions expressed in this post are solely those of Amy Gahran.
Let our techs screen your devices today!
Visit GeeksOnCall.com
or Call 1-800-905-4335
Amy Gahran
Although so far, Android devices pose the greatest risk of mobile malware, no mobile platform is immune to this problem -- not even Apple's iPhone, iPad and iPod Touch.
Recently, ReadWriteWeb reported that the German government issued a warning: Some versions of the Apple iOS mobile operating system are vulnerable to malicious code contained in PDF files.
This means that Apple mobile users who download PDF files currently risk letting cybercriminals access their confidential information, intercept phone conversations or take over other aspects of their device. There is no evidence yet that cybercriminals have done this, but it could happen easily.
Apple says it's working on a fix, but according to The Wall Street Journal, the company is not saying how long the vulnerability has existed, or when exactly this fix will arrive.
In the meantime, Apple mobile users should refrain from downloading and viewing PDF files on their devices.
This mobile security hole uses vulnerabilities in PDFs -- short for Portable Document Format, an open standard for digital documents -- that date back to 2007.
Gizmodo notes: "Does this scenario sound familiar? It should, as variants of this browser-based exploit have been around since 2007. In iPhone OS 1.1.1, it was a Tiff rendering vulnerability; and in iPhone OS 2.0, it was a PDF file that caused all the problems. This PDF hole reared its ugly head again in iOS 4. Each time, Apple patched the exploit and everyone calmed down."
MacNewsWorld reports that this iOS security hole was discovered by a team of hackers called Comex that also offers tools for "jailbreaking" iPhones. (This means undoing the locks that Apple has put in place to prevent its mobile users from downloading or installing software that doesn't come through iTunes or the App Store.)
Apparently, until Apple releases its fix, the only way to secure your iPhone, iPad or iPod Touch against this threat is to jailbreak it.
Gizmodo suggests first using Jailbreakme to jailbreak your device. This tool is delivered via a PDF file that actually uses the security exploit to install software that allows you to jailbreak your Apple device. Then, to close this exploit, download PDF Patch. After that, you can un-jailbreak your device if you like.
Of course, jailbreaking your Apple device can open mobile users to a wide array of additional security risks.
One main reason for Apple's famed "walled garden" is to protect mobile users from malicious or otherwise problematic software that can put their data or devices at risk. And, for the most part, the virtual absence of iOS malware (until now) demonstrates the value of this approach -- especially for less tech-savvy mobile users who aren't quick to spot mobile security threats.
The opinions expressed in this post are solely those of Amy Gahran.
Let our techs screen your devices today!
Visit GeeksOnCall.com
or Call 1-800-905-4335
Monday, July 11, 2011
US official says pre-infected computer tech entering country https://bitly.com/
Ensure your computer is safe!
Visit geeksoncall.com
Ensure your computer is safe!
Visit geeksoncall.com
U.S. official says pre-infected computer tech entering country
msnbc.com - 7/8/2011
M. Alex Johnson
Confirming years of warnings from government and private security experts, a top Homeland Security official has acknowledged that computer hardware and software is already being imported to the United States preloaded with spyware and security-sabotaging components.
The remarks by Greg Schaffer, the Department of Homeland Security's acting deputy undersecretary for national protection and programs, came Thursday during a tense exchange at a hearing of the House Oversight and Government Reform Committee. The panel is considering an Obama administration proposal to tighten monitoring and controls on computer equipment imported for critical government and communications infrastructure.
Schaffer didn't say whether the equipment he was talking about included end-user consumer tech like retail laptops, DVDs and media players. If so, his comments, first reported Friday morning by Fast Company, would be the first time the United States has publicly confirmed that foreign consumer technology is arriving in the country already loaded with nasty bugs like key-logging software, botnet components and even software designed to defeat security programs installed on the same machine.
DHS did not respond to requests to clarify Schaffer's remarks.
Schaffer made the statement under questioning from Rep. Jason Chaffetz, R-Utah, who noted that "the issue of software infrastructure (and) hardware built overseas with items embedded in them already by the time they get to the United States ... poses, obviously, security and intellectual property risks."
"A, is this happening, Mr. Schaffer? And, B, what are we going to do to fight back against this?" he asked.
Schaffer began his answer by stating how important the issue is to President Barack Obama. But Chaffetz cut him off and, at Schaffer's request, broadly restated the question to extend it beyond government infrastructure:
"Are you aware of any component software (or) hardware coming to the United States of America that already have security risks embedded into those components?"
Schaffer paused for about 10 seconds before replying:
"I am aware that there have been instances where that has happened."
Ensure your computer is safe!
Visit geeksoncall.com
Or Call 1-800-905-4335
M. Alex Johnson
Confirming years of warnings from government and private security experts, a top Homeland Security official has acknowledged that computer hardware and software is already being imported to the United States preloaded with spyware and security-sabotaging components.
The remarks by Greg Schaffer, the Department of Homeland Security's acting deputy undersecretary for national protection and programs, came Thursday during a tense exchange at a hearing of the House Oversight and Government Reform Committee. The panel is considering an Obama administration proposal to tighten monitoring and controls on computer equipment imported for critical government and communications infrastructure.
Schaffer didn't say whether the equipment he was talking about included end-user consumer tech like retail laptops, DVDs and media players. If so, his comments, first reported Friday morning by Fast Company, would be the first time the United States has publicly confirmed that foreign consumer technology is arriving in the country already loaded with nasty bugs like key-logging software, botnet components and even software designed to defeat security programs installed on the same machine.
DHS did not respond to requests to clarify Schaffer's remarks.
Schaffer made the statement under questioning from Rep. Jason Chaffetz, R-Utah, who noted that "the issue of software infrastructure (and) hardware built overseas with items embedded in them already by the time they get to the United States ... poses, obviously, security and intellectual property risks."
"A, is this happening, Mr. Schaffer? And, B, what are we going to do to fight back against this?" he asked.
Schaffer began his answer by stating how important the issue is to President Barack Obama. But Chaffetz cut him off and, at Schaffer's request, broadly restated the question to extend it beyond government infrastructure:
"Are you aware of any component software (or) hardware coming to the United States of America that already have security risks embedded into those components?"
Schaffer paused for about 10 seconds before replying:
"I am aware that there have been instances where that has happened."
Ensure your computer is safe!
Visit geeksoncall.com
Or Call 1-800-905-4335
Friday, July 8, 2011
Apple Promises to Fix iPhone Security Problems http://bit.ly/r4MVJZ
Let our techs fix your technology problems.
Visit GeeksOnCall.com
Let our techs fix your technology problems.
Visit GeeksOnCall.com
Apple Promises to Fix iPhone Security Problems
foxnews.com - 7/7/2011
The Wall Street Journal
CUPERTINO, Calif. -- Apple said it was working to resolve a security flaw in its iPhones and other products that could allow criminals to access confidential information or intercept telephone conversations, following a warning by German authorities, The Wall Street Journal reported Thursday.
The security hole was present in several versions of Apple's iOS software on its iPhone, iPad and iPod Touch products, the German Federal Office for Information Security said Wednesday.
According to the agency, users are particularly vulnerable when they view Portable Document Format (PDF) files, which give cyber attackers a chance to infect the products with malicious software and gain administrative rights to the device.
Once infected, criminals could read confident information such as passwords, online-banking data, calendars, emails and other information, as well as intercept telephone conversations and the location of the user.
"Apple takes security very seriously, we're aware of this reported issue and developing a fix that will be available to customers in an upcoming software update," the company said in a statement.
An Apple spokeswoman did not say when the software update would be available, or whether Apple was aware of the security hole before Wednesday.
The German Federal Office for Information Security said it had not yet observed any attacks on Apple products, but warned that until the hole is closed, users should avoid opening PDFs from unknown sources and visit only trusted websites.
The agency found a similar security hole in Apple's software last year, which the firm quickly fixed
Let our technicians fix your other technology progblems today
Visit GeeksOnCall.com
or Cal 1-800-905-4335
The Wall Street Journal
CUPERTINO, Calif. -- Apple said it was working to resolve a security flaw in its iPhones and other products that could allow criminals to access confidential information or intercept telephone conversations, following a warning by German authorities, The Wall Street Journal reported Thursday.
The security hole was present in several versions of Apple's iOS software on its iPhone, iPad and iPod Touch products, the German Federal Office for Information Security said Wednesday.
According to the agency, users are particularly vulnerable when they view Portable Document Format (PDF) files, which give cyber attackers a chance to infect the products with malicious software and gain administrative rights to the device.
Once infected, criminals could read confident information such as passwords, online-banking data, calendars, emails and other information, as well as intercept telephone conversations and the location of the user.
"Apple takes security very seriously, we're aware of this reported issue and developing a fix that will be available to customers in an upcoming software update," the company said in a statement.
An Apple spokeswoman did not say when the software update would be available, or whether Apple was aware of the security hole before Wednesday.
The German Federal Office for Information Security said it had not yet observed any attacks on Apple products, but warned that until the hole is closed, users should avoid opening PDFs from unknown sources and visit only trusted websites.
The agency found a similar security hole in Apple's software last year, which the firm quickly fixed
Let our technicians fix your other technology progblems today
Visit GeeksOnCall.com
or Cal 1-800-905-4335
Thursday, July 7, 2011
Facebook adding Skype video calling http://bit.ly/mZ2fYS
Schedule a tech to install your webcam today!
GeeksOnCall.com or 1-800-905-4335
Schedule a tech to install your webcam today!
GeeksOnCall.com or 1-800-905-4335
Facebook adding Skype video calling
msnbc.msn.com - 7/6/2011
Suzanne Choney
Facebook said it's bringing Skype video calling to the social networking site, dubbing it "Facebook Calling." The feature is being rolled out over the next several weeks. Those who want to try it immediately can download it here.
CEO Mark Zuckerberg said Facebook now has more than 750 million users, and is "still growing quickly." Adding Skype, he said, brings the "best technology" for video chat to Facebook, which is probably "the biggest chat program online" in an era where people are not only connecting, but sharing information via many means.
Such sharing is what is going to dominate the future of the Internet, Zuckerberg said. Connecting with others -- "friending," for example -- was the mantra; now sharing information is, with Facebook's users sharing 4 billion things a day.
"The amount of information (users) share is about twice the amount of stuff they would have shared a year ago; and it will be twice as much a year from now; it's that kind of exponential growth." And social apps, or applications, like Skype, help make that possible.
"Video calling is the first example of what we think is a great social app," Zuckerberg said. "We’re going to see a lot more things like this over the next few years and months."
One-on-one calls is simple, Facebook says: If your friend is online, with "one quick click" on the call button, you can establish a call with that friend, a Facebook staffer said during the presentation Wednesday.
"Can you believe that your least technical friend can get online and connect with someone else? No separate accounts, no separate websites to go to; it's by far the easiest way to get connected by video."
Tony Bates, Skype CEO, said the company is averaging more than 300 million minutes of video a month, and 50 percent of its business is Internet traffic. Now, putting Skype into Facebook makes sense.
"There's no greater way to get to the Web than Facebook," he said.
Bates said he is not concerned about losing Skype customers who now use some of Skype's paid services to the social network's Skype program.
"We want to be as ubiquitous as possible," he said. "We made the strategic decision that the long-term partnership far outweighs the concern of users moving from Skype to Facebook."
And, he said, some of Skype's paid services will be advertised within the Facebook Skype program. Skype is in the process of being bought by Microsoft, which also owns a small percentage of Facebook. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
The video calling service will not be available via Facebook on mobile, Zuckerberg said, so its use needs to be computer-to-computer for now.
Asked about competitor Google, which last week launched its own social network, Google+, Zuckerberg seemed non-plussed (so to speak). Google+ also has video chat.
"The last five years have been about connecting people; the next five years are about building these apps (to do that)," he said. "What you're going to see are companies -- not just companies like Google" entering that arena.
"Every app is going to be social," he said. "Our job is to stay focused on building the best service for that; and if we don’t, someone else will."
Along those lines, Facebook also introduced two other changes:
Group Chat, "one of our most requeted features," now lets you chat with multiple people at once. "Now you can have conversations with more than one person on the fly for quick group discussion."
New "Chat" design lets you see a sidebar on the screen that shows the friends you message the most, whether those friends or on or offline. "Simply click on a friend to start chatting or send a message."
You can learn even more from Facebook's blog, posted Wednesday by Philip Su, an engineer on Facebook's video calling team.
Schedule a tech to install your webcam today!
Visit GeeksOnCall.com
or Call 1-800-905-4335
Suzanne Choney
Facebook said it's bringing Skype video calling to the social networking site, dubbing it "Facebook Calling." The feature is being rolled out over the next several weeks. Those who want to try it immediately can download it here.
CEO Mark Zuckerberg said Facebook now has more than 750 million users, and is "still growing quickly." Adding Skype, he said, brings the "best technology" for video chat to Facebook, which is probably "the biggest chat program online" in an era where people are not only connecting, but sharing information via many means.
Such sharing is what is going to dominate the future of the Internet, Zuckerberg said. Connecting with others -- "friending," for example -- was the mantra; now sharing information is, with Facebook's users sharing 4 billion things a day.
"The amount of information (users) share is about twice the amount of stuff they would have shared a year ago; and it will be twice as much a year from now; it's that kind of exponential growth." And social apps, or applications, like Skype, help make that possible.
"Video calling is the first example of what we think is a great social app," Zuckerberg said. "We’re going to see a lot more things like this over the next few years and months."
One-on-one calls is simple, Facebook says: If your friend is online, with "one quick click" on the call button, you can establish a call with that friend, a Facebook staffer said during the presentation Wednesday.
"Can you believe that your least technical friend can get online and connect with someone else? No separate accounts, no separate websites to go to; it's by far the easiest way to get connected by video."
Tony Bates, Skype CEO, said the company is averaging more than 300 million minutes of video a month, and 50 percent of its business is Internet traffic. Now, putting Skype into Facebook makes sense.
"There's no greater way to get to the Web than Facebook," he said.
Bates said he is not concerned about losing Skype customers who now use some of Skype's paid services to the social network's Skype program.
"We want to be as ubiquitous as possible," he said. "We made the strategic decision that the long-term partnership far outweighs the concern of users moving from Skype to Facebook."
And, he said, some of Skype's paid services will be advertised within the Facebook Skype program. Skype is in the process of being bought by Microsoft, which also owns a small percentage of Facebook. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
The video calling service will not be available via Facebook on mobile, Zuckerberg said, so its use needs to be computer-to-computer for now.
Asked about competitor Google, which last week launched its own social network, Google+, Zuckerberg seemed non-plussed (so to speak). Google+ also has video chat.
"The last five years have been about connecting people; the next five years are about building these apps (to do that)," he said. "What you're going to see are companies -- not just companies like Google" entering that arena.
"Every app is going to be social," he said. "Our job is to stay focused on building the best service for that; and if we don’t, someone else will."
Along those lines, Facebook also introduced two other changes:
Group Chat, "one of our most requeted features," now lets you chat with multiple people at once. "Now you can have conversations with more than one person on the fly for quick group discussion."
New "Chat" design lets you see a sidebar on the screen that shows the friends you message the most, whether those friends or on or offline. "Simply click on a friend to start chatting or send a message."
You can learn even more from Facebook's blog, posted Wednesday by Philip Su, an engineer on Facebook's video calling team.
Schedule a tech to install your webcam today!
Visit GeeksOnCall.com
or Call 1-800-905-4335
Wednesday, July 6, 2011
Tech Giants Defend Privacy Practices http://bit.ly/nvjdq2
Protect your privacy with the help of our techs. Visit GeeksOnCall.com
Protect your privacy with the help of our techs. Visit GeeksOnCall.com
Tech Giants Defend Privacy Practices
WSJ.com - 5/20/2011
AMY SCHATZ
WASHINGTON--Google Inc., Apple Inc. and Facebook Inc. defended their privacy practices Thursday to lawmakers considering how to update privacy laws to include more protections for Internet users.
At a Senate hearing on mobile privacy issues, lawmakers grilled technology executives on their policies and how they share consumer information with other companies. The hearing comes amid recent revelations that Apple's iPhone and Google's Android phones routinely collect information about the location of consumer cellphones. Apple has since limited the data it collects.
"I know you can shut off your location services but that doesn't do the trick because we want to use them," said Sen. John Kerry (D., Mass.), who recently introduced a privacy bill along with Sen. John McCain (R., Ariz.), which would establish consumer online privacy rights. "We still need a privacy standard. We still need basic rules of the road."
The Kerry-McCain legislation is among at least five new legislative proposals introduced so far this year by House and Senate lawmakers. The bills would update existing privacy laws and set new rules for broadband and mobile applications, such as creating requirements that companies allow consumers to decline online tracking.
Technology executives defended their practices, saying their companies have privacy policies and aren't responsible for the actions of software developers that may not have such policies and don't face rules on how they can collect or share consumer information.
"Trust is the foundation of the social web. People will stop using Facebook if they lose trust in our services," Facebook Chief Technology Officer Bret Taylor said.
Google Director of Public Policy Alan Davidson also talked about the need to retain consumer trust. At a similar Senate hearing last week, Mr. Davidson deferred on a question about whether the company would require apps developers to have clear privacy policies. Asked about that issue again, Mr. Davidson said the company hadn't made a decision on that yet but that "we think apps should have a clear understandable privacy policy."
Also at the hearing, the Federal Trade Commission said it is currently juggling several investigations involving privacy issues and mobile phones, including possible violations of children's privacy laws. David Vladeck, director of the FTC'S consumer protection bureau, said the investigations focus on possible violations of the Children's Online Privacy Protection Act, which restricts information that companies can collect on the online activity of children ages 13 and younger.
The FTC has brought 16 complaints against companies for violating the children's privacy rules over the past decade and collected more than $6 million in fines. Last week, the agency announced a $3 million settlement with Playdom Inc., an online gaming company that is now a unit of Walt Disney Co., for illegally collecting and disclosing personal information of hundreds of thousands of children without their parental consent.
On Wednesday, Senate Commerce Chairman Jay Rockefeller (D., W.Va.) sent letters to Apple, Google and the Association for Competitive Technology, a trade group for app developers and other technology companies opposed to e-commerce regulation, asking them to show that they are complying with federal children's privacy laws.
"I am concerned that some applications running on today's mobile platforms may be violating laws that are intended to protect children," Sen. Rockefeller said in the letters.
Protect your privacy with the help of our techs!
Visit GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
AMY SCHATZ
WASHINGTON--Google Inc., Apple Inc. and Facebook Inc. defended their privacy practices Thursday to lawmakers considering how to update privacy laws to include more protections for Internet users.
At a Senate hearing on mobile privacy issues, lawmakers grilled technology executives on their policies and how they share consumer information with other companies. The hearing comes amid recent revelations that Apple's iPhone and Google's Android phones routinely collect information about the location of consumer cellphones. Apple has since limited the data it collects.
"I know you can shut off your location services but that doesn't do the trick because we want to use them," said Sen. John Kerry (D., Mass.), who recently introduced a privacy bill along with Sen. John McCain (R., Ariz.), which would establish consumer online privacy rights. "We still need a privacy standard. We still need basic rules of the road."
The Kerry-McCain legislation is among at least five new legislative proposals introduced so far this year by House and Senate lawmakers. The bills would update existing privacy laws and set new rules for broadband and mobile applications, such as creating requirements that companies allow consumers to decline online tracking.
Technology executives defended their practices, saying their companies have privacy policies and aren't responsible for the actions of software developers that may not have such policies and don't face rules on how they can collect or share consumer information.
"Trust is the foundation of the social web. People will stop using Facebook if they lose trust in our services," Facebook Chief Technology Officer Bret Taylor said.
Google Director of Public Policy Alan Davidson also talked about the need to retain consumer trust. At a similar Senate hearing last week, Mr. Davidson deferred on a question about whether the company would require apps developers to have clear privacy policies. Asked about that issue again, Mr. Davidson said the company hadn't made a decision on that yet but that "we think apps should have a clear understandable privacy policy."
Also at the hearing, the Federal Trade Commission said it is currently juggling several investigations involving privacy issues and mobile phones, including possible violations of children's privacy laws. David Vladeck, director of the FTC'S consumer protection bureau, said the investigations focus on possible violations of the Children's Online Privacy Protection Act, which restricts information that companies can collect on the online activity of children ages 13 and younger.
The FTC has brought 16 complaints against companies for violating the children's privacy rules over the past decade and collected more than $6 million in fines. Last week, the agency announced a $3 million settlement with Playdom Inc., an online gaming company that is now a unit of Walt Disney Co., for illegally collecting and disclosing personal information of hundreds of thousands of children without their parental consent.
On Wednesday, Senate Commerce Chairman Jay Rockefeller (D., W.Va.) sent letters to Apple, Google and the Association for Competitive Technology, a trade group for app developers and other technology companies opposed to e-commerce regulation, asking them to show that they are complying with federal children's privacy laws.
"I am concerned that some applications running on today's mobile platforms may be violating laws that are intended to protect children," Sen. Rockefeller said in the letters.
Protect your privacy with the help of our techs!
Visit GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
Tuesday, July 5, 2011
Beware, some Google+ 'invites' are really spam http://bit.ly/m1ef3w
Protect your computer with the help of our techs- visit GeeksOnCall.com
Protect your computer with the help of our techs- visit GeeksOnCall.com
Beware, some Google+ 'invites' are really spam
CNN.com - 7/4/2011
Doug Gross
(CNN) -- OK, Google+, you're a bona fide Web sensation now. Which is to say, you've inspired your very own spam.
An e-mail claiming to be an invite to the search giant's much ballyhooed answer to Facebook was making the rounds on Monday. But, turns out, it's just one more way to buy illicit Viagra on the internet.
Google+ was unveiled last week, but so far invitations to try out the new social-networking service have mostly just been sent to bloggers, journalists and others in the technology world. Google opened a brief window last week for members to invite others, but is otherwise keeping Plus's doors locked for now.
The result (and raise your hand if you think this is an accident) has been lots of jealous folks reading other people talk about Google+ and wanting to get in on the action themselves.
"The spammers are no doubt hoping that the e-mail will be too hard to resist for many people eager to see Google's new social network," web security firm Sophos wrote on their Naked Security blog, "although just how many users will be tempted to buy drugs online is a mystery."
The e-mail looks like the ones sent when a friend adds you to a "circle" on Google+ before you've joined the site. But instead of leading to Google+, the links in the e-mail produce an apparent opportunity to buy Cialis, Viagra, Propecia and other pharmaceutical little helpers.
The links do not appaear to upload viruses or other malware.
The Google+ effort isn't the only careful-where-you-click issue Sophos is currently monitoring.
A new round of naughty-looking links are popping up on Facebook under titles like "[Video] This is what Happend to his Ex GirlFriend!" Clicking the often anatomically expressive link in your newsfeed leads to a page asking you to confirm that you're older than 18.
Click "yes" on this page and you've joined the party, sharing the same link in your news feed.
Sophos says that if you've clicked it, make sure to immediately remove the link from your feed, then check your profile to see if you've "liked" anything you don't actually like.
Sophos consultant Graham Cluley adds this sage advice:
"Can I respectfully suggest that if you keep falling for scams like this, you try and get your kicks elsewhere on the internet?" he wrote. "There's plenty of photos and videos of naked ladies out on the web which you can peruse at your leisure, without the risk of flooding the newsfeeds of your Facebook friends."
Protect your computer with the help of our techs- visit GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
Doug Gross
(CNN) -- OK, Google+, you're a bona fide Web sensation now. Which is to say, you've inspired your very own spam.
An e-mail claiming to be an invite to the search giant's much ballyhooed answer to Facebook was making the rounds on Monday. But, turns out, it's just one more way to buy illicit Viagra on the internet.
Google+ was unveiled last week, but so far invitations to try out the new social-networking service have mostly just been sent to bloggers, journalists and others in the technology world. Google opened a brief window last week for members to invite others, but is otherwise keeping Plus's doors locked for now.
The result (and raise your hand if you think this is an accident) has been lots of jealous folks reading other people talk about Google+ and wanting to get in on the action themselves.
"The spammers are no doubt hoping that the e-mail will be too hard to resist for many people eager to see Google's new social network," web security firm Sophos wrote on their Naked Security blog, "although just how many users will be tempted to buy drugs online is a mystery."
The e-mail looks like the ones sent when a friend adds you to a "circle" on Google+ before you've joined the site. But instead of leading to Google+, the links in the e-mail produce an apparent opportunity to buy Cialis, Viagra, Propecia and other pharmaceutical little helpers.
The links do not appaear to upload viruses or other malware.
The Google+ effort isn't the only careful-where-you-click issue Sophos is currently monitoring.
A new round of naughty-looking links are popping up on Facebook under titles like "[Video] This is what Happend to his Ex GirlFriend!" Clicking the often anatomically expressive link in your newsfeed leads to a page asking you to confirm that you're older than 18.
Click "yes" on this page and you've joined the party, sharing the same link in your news feed.
Sophos says that if you've clicked it, make sure to immediately remove the link from your feed, then check your profile to see if you've "liked" anything you don't actually like.
Sophos consultant Graham Cluley adds this sage advice:
"Can I respectfully suggest that if you keep falling for scams like this, you try and get your kicks elsewhere on the internet?" he wrote. "There's plenty of photos and videos of naked ladies out on the web which you can peruse at your leisure, without the risk of flooding the newsfeeds of your Facebook friends."
Protect your computer with the help of our techs- visit GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
Friday, July 1, 2011
Botnet Malware Infected 4.5 Million PCs http://bit.ly/mKaqMK
Ensure your Computer is safe!
Visit GeeksOnCall.com or Call 1-800(905)GEEK
Ensure your Computer is safe!
Visit GeeksOnCall.com or Call 1-800(905)GEEK
'Indestructible' Botnet Malware Infected 4.5 Million PCs
wsj.com - 7/1/2011
Ben Rooney
A virtually indestructible botnet malware has ensnared more than four million PCS globally in the first three months of 2011, according to Kaspersky Labs, which described it as the 'most sophisticated threat' to computer security today.
In a posting on their blog, the Moscow-based anti virus firm described the malware as 'the most sophisticated threat today'. It is a variant of a virus known as TDSS, which Kaspersky has numbered TDL-4.
TDSS uses a range of methods to evade signature, heuristic, and proactive detection, and uses encryption to facilitate communication between its bots and the botnet command and control center. TDSS also has a powerful rootkit component, which allows it to conceal the presence of any other types of malware in the system.
The post goes into great detail on the technical specifications of the sophisticated malware that communicates using encrypted messages and relays messages through proxy servers to protect the command and control servers.
Once infected, the target PC joins this ever-growing botnet. A botnet is a network of infected computers that can be used, without the owners knowledge, to flood spam messages or launch attacks on other computers. Botnets are controlled by command and control servers. In the past law enforcement agencies have targeted these servers, successfully taking control of the botnet away from the cybercriminals. In this case the virus authors have taken steps to protect their network.
The new protocol encryption algorithm for communications between the botnet control center and infected machines ensures that the botnet will run smoothly, while protecting infected computers from network traffic analysis, and blocking attempts of other cybercriminals to take control of the botnet.
The malware infects the master boot record, the part of the PC system that boots first before the operating system loads. By getting in so early in the computers cycle, the virus can exert control far more easily, making it easier for it to avoid detection and to disable counter-measures. It also takes steps to stop other viruses from attacking the same computer.
TDL-4 is a bootkit, which means that it infects the MBR in order to launch itself, thus ensuring that malicious code will run prior to operating system start. This is a classic method used by downloaders which ensures a longer malware lifecycle and makes it less visible to most security programs.
TDL nimbly hides both itself and the malicious programs that it downloads from antivirus products. To prevent other malicious programs not associated with TDL from attracting the attention of users of the infected machine, TDL-4 can now delete them. Not all of them, of course, just the most common.
Most of the more than 4.5 million victims, 28%, are in the U.S. but Kaspersky reports significant numbers in India (7%) and the U.K. (5%). France, Germany, Mexico and Canada all played host to about 3% of infections each.
Ensure your Computer is safe!
Get Help At GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
Ben Rooney
A virtually indestructible botnet malware has ensnared more than four million PCS globally in the first three months of 2011, according to Kaspersky Labs, which described it as the 'most sophisticated threat' to computer security today.
In a posting on their blog, the Moscow-based anti virus firm described the malware as 'the most sophisticated threat today'. It is a variant of a virus known as TDSS, which Kaspersky has numbered TDL-4.
TDSS uses a range of methods to evade signature, heuristic, and proactive detection, and uses encryption to facilitate communication between its bots and the botnet command and control center. TDSS also has a powerful rootkit component, which allows it to conceal the presence of any other types of malware in the system.
The post goes into great detail on the technical specifications of the sophisticated malware that communicates using encrypted messages and relays messages through proxy servers to protect the command and control servers.
Once infected, the target PC joins this ever-growing botnet. A botnet is a network of infected computers that can be used, without the owners knowledge, to flood spam messages or launch attacks on other computers. Botnets are controlled by command and control servers. In the past law enforcement agencies have targeted these servers, successfully taking control of the botnet away from the cybercriminals. In this case the virus authors have taken steps to protect their network.
The new protocol encryption algorithm for communications between the botnet control center and infected machines ensures that the botnet will run smoothly, while protecting infected computers from network traffic analysis, and blocking attempts of other cybercriminals to take control of the botnet.
The malware infects the master boot record, the part of the PC system that boots first before the operating system loads. By getting in so early in the computers cycle, the virus can exert control far more easily, making it easier for it to avoid detection and to disable counter-measures. It also takes steps to stop other viruses from attacking the same computer.
TDL-4 is a bootkit, which means that it infects the MBR in order to launch itself, thus ensuring that malicious code will run prior to operating system start. This is a classic method used by downloaders which ensures a longer malware lifecycle and makes it less visible to most security programs.
TDL nimbly hides both itself and the malicious programs that it downloads from antivirus products. To prevent other malicious programs not associated with TDL from attracting the attention of users of the infected machine, TDL-4 can now delete them. Not all of them, of course, just the most common.
Most of the more than 4.5 million victims, 28%, are in the U.S. but Kaspersky reports significant numbers in India (7%) and the U.K. (5%). France, Germany, Mexico and Canada all played host to about 3% of infections each.
Ensure your Computer is safe!
Get Help At GeeksOnCall.com
Or Call Toll Free
1-800-905-4335
Subscribe to:
Posts (Atom)
