iWay-Safety.com: Privacy News & Views

Ten Myths About Identity Fraud

Tue, 18 Mar 2008 23:30:05 GMT

Ten Myths About Identity Fraud FEBRUARY 12, 2008 | 5:38 PM By Tim Wilson According to new studies of the ID fraud space, some reports offer data that debunks many of the current myths about identity theft. 1. There is a higher incidence of ID fraud today than in past years - The trend is downward, not upward. 2. There are more victims of identity theft and fraud today than there have ever been before - Some estimates are that the number is down, not up, from the year before. 3. Identity fraudsters are stealing record amounts of money from their victims - the cost of identity fraud and theft underwent its most precipitous drop last year. 4. Most identity theft and fraud occurs online - criminals are moving to places where the pickings are easier: telephone and mail fraud due in part to better web defenses. 5. Online attackers are the greatest perpetrators of identity fraud and theft. identity theft is often committed by someone you know, rather than a stranger - a surprising 17 percent. 6. Large security breaches are the most dangerous to users – Apparently criminals can only exploit so many identities regardless of the size of the “haul”. 7. Identity thieves distribute their booty widely, selling or publishing it wherever they can - no evidence found that fraudsters who misuse breach data were selling the data broadly or distributing it over the Internet. 8. Valid credit cards are an identity thief's primary target - There are many other ways to use personal data that can be just as dangerous to the consumer, researchers say. 9. Fraudsters steal as much personal data as they can, storing it up until they are ready to use it - in most cases, online fraudsters don't store up stolen ID information, but cycle through it quickly. 10. The incidence of identity fraud is pretty much the same from state to state - Consumers in California, Delaware, Idaho, Illinois, and West Virginia have experienced a higher rate of identity fraud and theft.

How to help avoid browser hijacking

Mon, 30 Jan 2006 18:44:23 GMT

Micorsoft Security At Home: "Browser hijacking" is a common type of online attack in which hackers take control of your computer's Internet browser and change how and what it displays when you're surfing the Web. [Included are: info for determining whether your browser has been hijacked; more importantly, preventing hijacks; and what you can do to restore a browser that's been hijacked. Once again the same basic steps apply: use your common sense about downloading executable code from "strangers"; keep your operating system up to date especially with security fixes, your MANDATORY protective / detective tools (anti mal/spy/ad ware) as well - same thing for your browser of course.]

Search Engines Providing Maps That Are Far Too Detailed?

Mon, 23 Jan 2006 02:21:34 GMT

Some of the biggest names on the Internet, including Amazon.com, Microsoft and Google are providing evolving local search and mapping services, where the photographic images are typically rendered as search results. Some of the images are so detailed you can tell whether a neighbor's hedge was recently trimmed or whether the car parked in front of a favorite local eatery might belong to a friend. Now that searchable databases of detailed pictures covering wide swaths of urban areas are readily available to the public, some privacy advocates are worried about the risks of such picture perfect exposure to vulnerable citizens such as women in domestic violence shelters. [This is another "log on the technology/anti-privacy fire." While Privacy - the formal/legal entitlement - is receiving increasing attention, privacy - the informal/social expectation - has been eroding for decades. However, as noted in the article, no more information is available - perhaps less - than can be gotten by walking in your neighborhood. What's different as with camera phones, digitized photos, etc. is the minimal cost to record, store, preserve and distribute this "private" information.]

Protecting Personal Data in Your Word 2003 Documents

Mon, 15 Aug 2005 14:06:01 GMT

By default, Microsoft Office Word 2003 documents contain hidden data. One measure you can take when sharing documents with others is to remove the information you don't want others to see. This article presents various ways that information is stored in a document and how to remove that information.

How to Blog Safely (About Work or Anything Else)

Sun, 15 May 2005 18:17:42 GMT

Anyone can eventually find your blog if your real identity is tied to it in some way. And there may be consequences. [Here are] a few simple precautions to help you maintain control of your personal privacy so that you can express yourself without facing unjust retaliation. [A combination of social and technological techniques, and legal considerations.]

MasterCard Shuts Down 1,400 Phishing Sites

Sat, 14 May 2005 02:59:18 GMT

MasterCard International Inc. said Tuesday that it has shut down nearly 1,400 phishing sites and more than 750 sites suspected of selling illegal credit-card information since launching an ID-theft-prevention program in June (2004). The program also has led to the discovery and protection of more than 35,000 MasterCard account numbers that were in jeopardy of being compromised.

PGP launches a radical overhaul of its PGP desktop security suite

Sat, 14 May 2005 02:56:54 GMT

PGP Corporation has launched a radical overhaul of its PGP desktop security suite aimed at making its products more comprehensive and easier to use. PGP Desktop 9.0, released Monday 9 May, features "automatic operation so email, instant messaging (IM), whole disk, and file encryption are secure without user interaction or training", the blurb boasts.

PGP Whole Disk encryption means an entire laptop, including USB drives and backups, can be secured at one fell swoop against previous approaches where users have used the software to set up a virtual, encrypted disk on their PC. Existing product features - such as PGP Virtual Disk encryption, PGP Zip (file compression), and PGP Shred (permanent file deletion) - have been retained.

Microsoft To Offer PC Health Service Called OneCare

Sat, 14 May 2005 02:21:46 GMT

Microsoft is launching a PC "health service" that promises to deliver automated protection, maintenance and machine tune-ups in a single package. Windows OneCare initially is being distributed to company employees as part of a testing and development process before public beta availability later this year. The subscription service will be continually updated in an effort to address safety issues such as worms, viruses and spyware.

Micorosoft also is focused on broader PC health issues, including: the protection of digital photos, music, financial data and software, as well as system performance. Windows OneCare will provide updated antivirus, antispyware and two-way firewall protection. The package offers periodic disk cleanup, hard-drive defragmentation and file repair. Automated file backup also is offered, along with the option to back up all files on the system or only those that have changed since the last time the action was performed.

Phishers Dodge Content Filtering

Sat, 14 May 2005 02:05:17 GMT

According to Netcraft, some fraudsters are replacing text content on their phony sites with similar-looking images, "making it much more difficult for automated systems to detect the presence of keywords such as 'PayPal' and 'credit card.'"

In an online alert, Netcraft illustrated how a phisher could simply embed text within an image to hide it from filters. The text would still be readable by a possible victim, but not by a computer.

Amazon.com knows, predicts shopping habits

Tue, 19 Apr 2005 15:15:35 GMT

Amazon.com knows things about you that you may not know yourself. Though plenty of companies have detailed systems for tracking customer habits, critics and boosters alike say Amazon is the trailblazer, having collected information longer and used it more proactively. It even received a patent recently on technology aimed at tracking information about the people for whom its customers buy gifts.

Some privacy advocates believe Amazon is getting dangerously close to becoming Big Brother with your credit card number. "They are constantly finding new ways to exploit personal information," said Chris Hoofnagle of the Electronic Privacy Information Center, an Amazon nemesis since 2000 after the company changed its privacy policy to allow sharing of personal information with companies it buys or partners with. More recently, the Seattle-based virtual retailer has launched a Web search engine, called A9, that can remember everything you've ever searched for — and the site reserves the right to share that information with its retailing arm. Amazon also funds a Web site called 43 Things. It seeks to link people with similar goals, such as getting out of debt.

Dating background checks up for debate

Tue, 19 Apr 2005 14:05:34 GMT

Some lawmakers say that as online dating becomes more popular, users need better protection from predators. Twenty-six million people visited dating sites in January, according to the Internet research firm Nielsen/NetRatings. The Senate is considering legislation that would require an Internet dating company serving Michigan residents to disclose on its Web site whether it has conducted criminal background checks on users, based solely on the names provided. A provider also would have to disclose the limitations of background checks and urge members to adhere to safe dating practices. The legislation is backed by True.com, the only online dating service that performs criminal screening. Similar legislation has been proposed in five other states: California, Ohio, Virginia, Florida and Texas.

Critics — including most online sites — say any feeling of security would be deceptive because there is no way to ensure people give their real names. [Further] ... the measure blatantly favors True.com and argue that the free market should drive demand for background checks, not the government. [Good grief! How did we date (safely) before the Internet came along?]

Prying eyes are everywhere

Tue, 19 Apr 2005 13:29:25 GMT

Husbands and wives, moms and dads, even neighbors and friends increasingly are succumbing to the temptation to snoop, thanks to a growing array of inexpensive, easily accessible high-tech sleuthing tools once available only to professional investigators. And a growing amount of free personal information is so easy to find online that many Internet regulars don't think of it as spying. Plug a name into Google and you have an instant background check. Spying is so common that thousands of Web sites and dozens of retailers across the country now sell surveillance tools, and business has never been better, says Jason Woodside of the International Spy Shop in San Francisco.

BUT ... A Florida state appeals court judge, for example, ruled in February that spy software that a wife had installed on her husband's computer was illegal. Other cases in the headlines involve a Colorado Springs man who was arrested in February after he was accused of planting a GPS device in his wife's car to track her. And after a privacy outcry, an elementary school in Sutter, Calif., abandoned a plan that gave children mandatory radio-frequency ID badges so the school would know where they were at all times. [It seems inevitable that we eventually "turn the gun on ourselves".]

Online Dating Sites Quarrel Over Background Checks

Mon, 07 Mar 2005 00:51:31 GMT

True.com has taken on the rest of the online dating industry in pushing state legislators to require matchmaking sites to conduct criminal background checks on members or post a warning that no such screening has been done.

Five Tips for Using a Public PC

Thu, 03 Mar 2005 01:09:50 GMT

Five Tips for Using a Public PC With spying software, a criminal can grab your passwords and usernames. Ultimately, you could lose your money or have your identity stolen. That should tell you enough to be wary of public PC terminals.

Beware Of Getting Personal With Telecom Companies

Sat, 11 Dec 2004 09:32:00 GMT

In a semiannual study of 27 of the largest telecom companies, the Boston-based Customer Respect Group found 85 percent of the largest telecommunications companies share personal data provided by Web site visitors without first asking permission. The companies that did not share data with internal marketing departments, affiliates, subsidiaries, or business partners included AT&T, Nextel Communications Inc., Sprint Corp., and Verizon Wireless.

Government Uses Color Laser Printer Technology to Track Documents

Wed, 24 Nov 2004 02:06:55 GMT

Next time you make a printout from your color laser printer, shine an LED flashlight beam on it and examine it closely with a magnifying glass. You might be able to see the small, scattered yellow dots printer there that could be used to trace the document back to you. According to experts, several printer companies quietly encode the serial number and the manufacturing code of their color laser printers and color copiers on every document those machines produce. Governments, including the United States, already use the hidden markings to track counterfeiters. One way to determine if your color laser is applying this tracking process is to shine a blue LED light--say, from a keychain laser flashlight--on your page and use a magnifier.

Court documents not fit for Web?

Wed, 24 Nov 2004 01:53:59 GMT

Court records are presenting a tricky challenge for open-government types and privacy advocates. In most parts of the country, people can drive to a courthouse to view all types of records. But should those same records -- which include medical histories, divorce records, arrests -- be online in the age of omniscient search engines and identity thieves?

Many Counties Put Social Security Numbers Online

Sat, 13 Nov 2004 12:39:07 GMT

Offices in about a quarter of U.S. counties post Social Security numbers on their Web sites, according to a study conducted by the Government Accountability Office, the investigative arm of Congress. Relatively few federal and state offices post Social Security numbers online, according to the GAO.

User Education Is A Flawed Strategy For Protecting Computer Users From Internet Scams

Fri, 29 Oct 2004 18:56:23 GMT

One of the "Internet's foremost experts in Web usability" (according to Business Week) and the man who ranks number six on ZDNet's "The Web's Ten Most Influential People" calls for a change in policy to thwart Internet scams, saying, "User education is not the answer to security problems." Jakob Nielsen says a strategy relying on user education puts the burden on the wrong shoulders. The only real solution, according to Nielsen, is to make security a built-in feature of all computing elements.

Home PCs not protected

Wed, 27 Oct 2004 23:45:34 GMT

In findings, from a detailed survey of 329 consumers that included inspections of each of their home computers, released Monday by America Online and the National Cyber Security Alliance (NCSA), a picture emerges of consumers increasingly using their home PCs for sensitive, online transactions without adequately protecting themselves from cybercrime.

While 77% of the survey respondents believed they were safe from online threats, two-thirds lacked current anti-virus software and did not use any firewall protection. More than half said they did not understand the difference between the two. Yet 84% stored personal data on their home PCs, and 72% routinely used the Internet for sensitive transactions, such as banking and medical data exchanges.

How Parents Can Be IM Watchdogs

Sat, 23 Oct 2004 13:45:33 GMT

Some 41 percent of all Internet users use IM to communicate in real time, according to comScore Media Metrix, a research group that measures Internet demographics. Among users ages 12 to 17, the proportion is even bigger: 55 percent. Conscientious parents are careful about whom their children associate with, but many of the tried and true methods of monitoring behavior are ineffective when it comes to the Internet. But there are tools that allow parents to monitor and restrict children's use of instant messaging services. Controls range from blocking access to limiting your child's contacts, or even controlling what can be typed in an instant message window. The best protection strategy depends on the type of IM system your children use.

Children's Private Records Posted Online In Florida

Fri, 22 Oct 2004 23:45:45 GMT

Officials of Florida's child-welfare agency acknowledged that confidential records for nearly 4,000 abused and neglected children were available on the Internet until this week. The files were accessible on the Web site of Kids Central, a privately run children's agency, and included names of children, as well as details such as birth dates, Social Security numbers, photographs, case histories and even directions to foster homes.

Data Miner Free From U.S. Law

Thu, 21 Oct 2004 22:33:58 GMT

It began as one of the Bush administration's most ambitious homeland security efforts, a passenger screening program designed to use commercial records, terrorist watch lists and computer software to assess millions of travelers and target those who might pose a threat. The system has cost almost $100 million. But it has not been turned on because it sparked protests from lawmakers and civil liberties advocates, who said it intruded too deeply into the lives of ordinary Americans. The Bush administration put off testing until after the election.

Now the choreographer of that program, a former intelligence official named Ben H. Bell III, is taking his ideas to a private company offshore, where he and his colleagues plan to use some of the same concepts, technology and contractors to assess people for risk, outside the reach of U.S. regulators, according to documents and interviews.

Watch Out For Security Freeware Gotchas

Thu, 21 Oct 2004 22:21:07 GMT

Security freeware is pretty popular. The price is right and everyone needs more security. What's the catch? But just because software is free doesn't exempt it from the requirements of paid software. Folks who write security tools should practice secure coding. Authors of security freeware should be accessible and accountable for the product they provide; in security-speak, the software should have readily identifiable, non-repudiable origins. Folks who make security software available should have competent, security-savvy staff to support and maintain it.

So if you are considering security freeware, remember the five Ws. Who wrote the software? Can you identify and trust the developer? What does the software do? When should you use security freeware? Why are you choosing freeware over commercial ware? Where do you intend to use security freeware?

Online attack puts 1.4 million records at risk

Thu, 21 Oct 2004 19:58:21 GMT

An August intrusion into a social researcher's computer may mean that more than a million Californians need to call the credit bureaus.

On Tuesday, the California Department of Social Services warned the providers and recipients of the state's In Home Support Services (IHSS) that their names, addresses, telephone numbers, Social Security numbers and dates of birth may be circulating the Internet. IHSS allows individuals to get paid for providing in-home care to senior citizens. The warning comes after an unknown attacker slipped in through a security hole in a social researcher's unsecured computer at the University of California, Berkeley, on Aug. 1, perhaps making off with 1.4 million database records containing personal information. The researcher noticed the trespass on Aug. 30 and the university notified the state in mid-September.

SANS "Ouch" newsletter for "unsophisticated end users"

Tue, 19 Oct 2004 16:22:32 GMT

A new free SANS newsletter has gotten rave reviews from unsophisticated end users - they really appreciate the plain non-technical writing and the cool examples. It's called OUCH! More than 500 security awareness professionals from around the US and the world helped them get it right. If you want to redistribute it to your users, that' allowed. The newsletter includes a pointer to a great phishing quiz for anyone who thinks he or she can spot a phishing email. To subscribe go to the newsletter page at the SANS portal and choose it.

Martha Reeves Says EBay May Cause Identity Theft

Tue, 19 Oct 2004 01:56:06 GMT

Martha Reeves, former lead singer of Martha Reeves & the Vandellas, says eBay left her open to identity theft by posting a contract on its Web site that showed her Social Security number and signature.

Google Launches Desktop Search (Beta)

Fri, 15 Oct 2004 23:57:39 GMT

It appears that every geek’s favorite search engine has won the race as the Mountain View, California company unveiled Google Desktop Search (GDS) on Thursday morning. The main feature of GDS is the ability of the user to search all files and folders of their computers hard drive, in addition to the Internet when running search strings through Google. The application itself is very small - only about 400k - and according to Google, after installation, GDS will run in the background indexing your hard drive on a continuous basis.

Privacy advocates have expressed some serious concerns about GDS. The biggest questions concerning the security of computer administrator files and folders on a Windows XP machine, and the ability to search other users' personal e-mail in a search queue. To help alleviate fears, Google engineers made it clear that no information contained on indexed hard drives is ever sent back to Mountain View, although they did acknowledge that the program will "ping" Google's servers on a daily basis in an effort to monitor the health of the program and determine how users are utilizing the features in GDS. You can download GDS here.

Excerpt from Google Desktop Search Terms and Conditions: Consent to Collect Non-Personal Information
Google Desktop Search may collect certain non-personally identifiable information that resides on your computer, including, without limitation, the number of searches you do and the time it takes to see your results. Unless you choose to opt out, either during installation or at any time after installation, non-personal information collected will be sent to Google. This information will be used by Google only for purposes of operating and improving future versions of Google Desktop Search and will not be disclosed to any third party or used for any purpose other than as described in this agreement. To learn more, please read the Privacy Policy located at desktop.google.com/privacypolicy.html.

[The excerpt from the "T&C's" implies that you can opt out from the collection of "non-personal information". I'm going to install it myself and see if my firewall can do the same thing. UPDATE: more information - see Google's Desktop Search is valuable, yet creepy , excerpt below. Yet the author states that, according to a "consensus of internet security and privacy experts", GDS will not generate controversy. Note: This version is Beta status and Google has been known to run beta programs for months or years. ]

Desktop Search does three things in particular that could compromise your privacy when someone else uses your computer:

First, the software keeps a copy of all your AOL Instant Messenger conversations. AIM, for many users, is like talking over the water cooler at work -- you say things you don't want preserved for posterity. Until now, AIM conversations with your buddies disappeared from your computer the moment you closed the discussion window. Desktop Search, however, makes a copy of AIM conversations and keeps them forever.

Second, the software keeps its own copy of all your Outlook and Outlook Express e-mail messages -- even after you delete them from within Outlook or Outlook Express. A confidential company memo, in other words, will still pop up during Google searches after you've emptied the Deleted Items folder in Outlook.

Third, the software keeps a copy of every Web page you visit and lists those pages in search results with the date and time of your visit. This even includes Web pages that are supposed to be secure from prying eyes, such as those run by online banking sites.

That means if someone else uses your PC and enters the word "bank" or "brokerage" in Desktop Search, they could uncover your confidential financial information. There are controls within Desktop Search to block each of these three search features, but it's not immediately obvious how to find them and many users will never bother to learn.

Privacy Advocates Post Map Of New York Surveillance Cameras

Thu, 14 Oct 2004 00:25:56 GMT

Tad Hirsch, a research assistant at MIT's Media Lab, has adapted a desktop version of the iSee Project for use in handheld devices using Java programming language. Walkers can roam Manhattan armed with information that will allow them to steer clear of cameras if they wish - though escaping the cameras' unblinking gaze may not be easy. Privacy advocates have added hundreds of cameras to the Manhattan map using a Web-based interface, www.appliedautonomy.com/isee, developed by the Institute of Applied Autonomy, an activist organization concerned about surveillance.

Court strikes down Patriot Act provision

Fri, 01 Oct 2004 12:27:38 GMT

A federal judge on Wednesday struck down a key provision of a law that is the centerpiece of the Bush administration's legal war on terrorism, ruling that the FBI cannot require Internet service providers to turn over subscriber information and keep quiet about it forever without giving the providers a chance to fight the government in court.

The MailFrontier Phishing IQ Test

Mon, 13 Sep 2004 02:18:00 GMT

Mailfrontier has put together 10 suspected fraud emails from their collection of millions-all of them real and all of them actually received by real people. [I got 9 of 10 correct - my paranoia had me calling a legitimate email a fraud. Advice on: use your common sense! advice off:]

Users Sidestep Required Logins For Content Sites

Fri, 10 Sep 2004 22:40:08 GMT

Readers fed up with entering personal information in exchange for accessing Web site content can circumvent the process using BugMeNot.com to generate login names and passwords for sites requiring registration

US website offers Caller ID falsification service

Mon, 06 Sep 2004 02:27:12 GMT

Overdue debtors beware: You may not be able to rely on Caller ID to screen out those annoying bill collectors much longer. A California entrepreneur has a plan to bring the hacker technique of Caller ID spoofing to the business world, beginning with collection agencies and private investigators.

Slated for launch this week, Star38.com would offer subscribers a simple Web interface to a Caller ID spoofing system that lets them appear to be calling from any number they choose.

Dell wants to teach Web surfers a security lesson

Sun, 22 Aug 2004 17:09:50 GMT

Dell has unveiled a plan to educate its customers on how to protect their computers from an onslaught of spyware, adware and viruses. The computer maker has set up a new PC Security site to help customers identify online security threats and ways to handle them. The Web site also features antivirus and antispyware products as well as links to partner sites. Dell also said it would work with a consumer education group, the Internet Education Foundation, to help its customers. For customers who find it difficult to help themselves, troubleshooting will be available for $39 per incident.

Dell will also begin touching on security in its advertising. Its August sales catalog, for example, will include a four-page insert with information on updating Windows, antivirus and antispyware software as well as keeping data backed up, Rodrigue said. The catalogs reach tens of thousands of customers in the United States via U.S. mail, Dell representatives said. Later in the year, Dell plans to begin installing antispam, spyware protection and pop-up-blocking software on its PCs, Rodrigue added. In some respects, Dell is catching up to others, such as Hewlett-Packard. HP has been shipping Intermute's protection suite, which features applications designed to prevent spam, pop-up ads and spyware, on its PCs.

VOIP hacks gut Caller I.D.

Sun, 22 Aug 2004 17:02:22 GMT

Hackers have discovered that the handy feature that tells you who's calling before you answer the phone is easily manipulated through weaknesses in Voice over IP (VoIP) programs and networks. They can make their phone calls appear to be from any number they want, and even pierce the veil of Caller I.D. blocking to unmask an anonymous phoner's unlisted number.

Google queries provide stolen credit cards

Sun, 22 Aug 2004 15:22:20 GMT

Simple queries using the Google search engine can turn up a handful of sites that have posted credit card information to the Web, CNET News.com learned on Tuesday. The lists of financial information include hundreds of card holders' names, addresses and phone numbers as well as their credit card data. Much of the credit card data that appears in the lists found by Google may no longer be valid, but News.com called several people listed and verified that the credit card numbers were authentic.

Web sites offering "phishing" kits for download

Sun, 22 Aug 2004 14:48:41 GMT

Some Web sites are now offering surfers the chance to download free "phishing kits" containing all the graphics, Web code and text required to construct the kind of bogus Web sites used in Internet phishing scams. Security firm Sophos warned that many of the kits also contain spamming software that enables potential fraudsters to send out thousands of phishing e-mails with direct links to their do-it-yourself fraud sites.

Moveon.org subscribers exposed

Sun, 22 Aug 2004 14:43:29 GMT

Subscribers to MoveOn.org's mailing lists may have found their interest in the anti-Bush political site a matter of public record. A Web page misconfiguration left dozens of the liberal political group's subscriber pages easily searchable through simple Google queries.

Computer Security for the Home and Small Office

Fri, 20 Aug 2004 16:16:16 GMT

[A review by Andrew Murphy of the book "Computer Security for the Home and Small Office" by Thomas Greene, The Register's security guru. What may be more interesting are the comments and give and take that follow. For example, how do you characterize an "average" computer user and do they or do they not "care" about "security?"]

Wiretapping the Web

Fri, 20 Aug 2004 12:57:20 GMT

A literal reading of electronic eavesdropping laws—coupled with a new FCC proposal—may make it easier for Washington to watch you online.

Protect your privacy: 10 simple steps

Fri, 20 Aug 2004 12:32:36 GMT

Find out how to keep your identity safe in a world of Dumpster divers, shoulder surfers and skimmers. Also: What to do if identity theft happens to you, and how to stop the spam.

Don't Fear Internet Anonymity Tools

Fri, 20 Aug 2004 01:25:53 GMT

... it's getting increasingly difficult to remain anonymous on the Internet. Users can try to work around the system in certain ways, such as fake registrations and refusal of cookies, but, in the end, it's a losing game. After all, your ISP has your entire Internet surfing record right at its fingertips, and even if you trust the ISP, it takes only a subpoena for the government or an organization such as the Recording Industry Association of America to get at your information. That's why it's important to so many of us to find tools that can provide true anonymity while using the Internet.

Drivers let Big Brother in to get a break?

Thu, 19 Aug 2004 20:01:59 GMT

In two new tests, car owners will be able to let insurance companies monitor their driving via new technology in exchange for lower rates. The technology will track some combination of when, where, how far and how fast they drive, giving insurers a way to reward low-risk driving. [Still in the experimental stage. However, the notion that the data collected will determine "safe" driving, as opposed to "orthodox" or "regulation-compliant" driving, is mistaken. Also how will an insurance company justify a difference in premiums for drivers allowing this technology versus those that have no accidents and choose not to allow it?]

WholeSecurity releases a program to help companies combat "phishing"

Mon, 16 Aug 2004 23:59:13 GMT

WholeSecurity, an Internet security firm in Austin, Texas, has released a program to help companies combat a growing form of online fraud known as "phishing." Its program, called Web Caller-ID, is already in use at eBay. The online auctioneer has incorporated the technology into its Internet toolbar with a feature called Account Guard.

The program analyzes Web addresses for clues that might lead to fraudulent sites. The program also checks whether the domain name was registered recently or its operator is using a free Web hosting service.

Other companies that offer antiphishing products include EarthLink, Webroot Software and PostX. Microsoft and Yahoo are also working on such programs.

Social Networking May Be The Next Social Disease

Tue, 03 Aug 2004 02:12:40 GMT

Strom surveys considers the real social and business networking value of increasingly popular online social networks. As these networks gain wide usage, they pose significant security risks and erode traditional lines between work and play.

Avoiding Social Engineering and Phishing Attacks

Thu, 29 Jul 2004 01:38:36 GMT

Do not give sensitive information to anyone unless you are sure that they are indeed who they claim to be and that they should have access to the information.

5 tips for spurning spyware and browser hijackers

Fri, 16 Jul 2004 13:36:49 GMT

Is your Web browser behaving strangely? Maybe some other search program appears when you try to do a search on Google or MSN® Search. Or, even though you've reset your home page, some other site displays. If this is happening to you, you may have inadvertently downloaded spyware.

HSRemove: A removal tool for Home Search Assistant

Fri, 16 Jul 2004 13:12:21 GMT

This hijack has spread rapidly and is not removable by any of the known tools including Hijack This!, Ad-Aware, Spybot, CSWhredder and so on. This tool may somve your problem. Symptoms include an odd home page similar to res://.dll/index.html#37049 and popup ads as well as certain words on websites linking to their search engine. http://www.majorgeeks.com/download4286.html

Trojan targets user's financial information

Thu, 01 Jul 2004 02:12:54 GMT

Trojan targets user's financial information. Security researchers warned Tuesday of a new security threat making the Net rounds: A file that appears to spread through pop-up ads and capture personal data. [InfoWorld: Security]

Interception of E-Mail Raises Questions

Thu, 01 Jul 2004 02:01:52 GMT

Interception of E-Mail Raises Questions (AP). AP - In an online eavesdropping case with potentially profound implications, a federal appeals court ruled it was acceptable for a company that offered e-mail service to surreptitiously track its subscribers' messages. [Yahoo! News - Technology]