by ·Comments Off on Protect Your Data from Data Wiping Worm

In the last few days there has been reports of a worm designed to wipe out your data.  CNET reports that this worm has already targetted US and South Korean web sites.  The worm travels through emails which has an attachment.  The email is basically a trojan with a payload designed to erase files on your computer–including the master boot record.  When installed on your computer, the malicious load with will basically render your computer inoperable on the next boot.

Don’t wait until this happens to you.  Take action; backup your precious files (documents, pictures, videos).  You have several options.

If you don’t have too many files to back up (i.e. less than 2GB), a free account at mozy.com would do the job.  They provide 2GB of free online backup storage space; however, for unlimited space it is only $4.95 per month!  However, if you are cheap like me, you can try to convince others to to sign up for their free 2GB as well, and you’ll get an additional 250MB of storage space for every referral!

There are other online backup solutions like elephantdrive.com and carbonite.com; however, these don’t provide an initial free online storage space.

The other approach is to simply buy a flash drive or an external high capacity USB drive.  There are many out there.  I’ve seen flash drive with capacities as high as 32GB, but I’m sure there are higher capacity units out there now.  You can buy external USB drives now with over 1TB of storage space for less than $200.  As a matter of fact, I recently purchased one at Best Buy.  Over two weeks ago, I completed a full backup of my drives containing years of accumulated documents and pictures.

I know that if by some chance my drive crashes or I am infected by one of this worm, I’ll have my backup to fall back on.

So don’t wait too long before backing up your data.  Get that peace of mind that you have something to fall back to should the worst happen to your hard drive.



Mozy Remote Backup. Free.Automatic.Secure.

by ·Comments Off on How to encrypt your Internet traffic

Encryption: key to secured data transmission

Encryption: key to secured data transmission

Not many people realize that the traffic they generate on the Internet as they check e-mail, upload files, chat, and so on are out in the clear. This means that if someone tapped into the network (wired or wireless) where your traffic is flowing, that someone would be able to capture the information flowing through that network, and possibly interpret or maybe even change the account or various confidential information that may be in that flow. One way to keep those Internet peeping toms from seeing your confidential information is by using some form of encryption technology. There are three general scenarios where encryption technology is crucial. The first is the encryption technology you must ensure is used when accessing confidential information online. The second scenario is when you are sending confidential information to someone or some organization. The third is when you are using wireless technology to access your network or someone else’s in the process of connecting to the Internet.

When accessing confidential information online, you must make sure that the site you are connecting to uses TLS/SSL (Transport Layer Security, the successor to SSL–Secure Socket Layer). You can tell this in three ways:

1) The URL for the sites starts with https://

2) There is an indication in your browser that your connection is secure—typically symbolized by a padlock icon (in Internet Explorer 8, it can be found to the right side of the address field)

3) Your browser indicates that it trusts the site you are visiting (in Internet Explorer 8, the address field background turns green)

For example, when you access your bank online, you will see that their URL begins with “https://”, and that there is a padlock symbol somewhere on the bottom or top of your Internet browser. When you’re browser is using TLS/SSL to communicate with a web server on the Internet, you are doing two things by convention—ensuring that the site you are visiting is who they say they are through the use of an SSL certificate which is certified by a trusted authority (for example Verisign) , and the data you are transmitting are encrypted and thus protected from eavesdropping exposure.

What if you need to send something to someone—like a file or an email containing very confidential information (e.g. a set of social security numbers tied to their corresponding owners’ identity)? If trust and confidentiality are important attributes needed in your communication, then there is a product called PGP Desktop that you and your receiver can use. PGP stands for Pretty Good Privacy. The way it works is as follows:

1) Each user creates two kinds of crypto keys—one key is the secret key, the other the public key

2) The public key can be used to encrypt data. The data can then be decrypted using its corresponding secret key.

3) Say that user A and B have each created their PGP key pairs. User A wants to transmit data to B, and he wants only B to be able to read A’s message. They would first need to exchange public keys. User A would then use B’s public key to encrypt his data before transmitting it. When B receives the message, he can use his secret key to decrypt the message. No one else can decrypt A’s message because B is the only one that has the corresponding secret key to decrypt the message.

The use of PGP in the above example is just one of the many ways people can use the pair of crypto keys to encrypt their Internet traffic. By the way, the existence of PKI (Public Key Infrastructure) facilitates the exchange and certification of public keys.

The third and final scenario where you can encrypt your Internet traffic is WI-FI technology use. If you are using some form of wireless technology, you need to make sure you encrypt your wireless network lest you invite your neighbors to see everything you do on the Internet. Currently, the best form of encryption one should use for your home wireless access point is WPA2. WPA stands for Wi-Fi Protected Access. It is more secure that the previous WEP (wired equivalent privacy) or the WPA standard. By using WPA2, you are ensuring that your neighbors cannot see your private Internet traffic.

Remember, Internet traffic is generally not secure. To help keep your confidential data secured when it has to traverse it, you will need to put into effect the habit of only using web sites that support TLS/SSL. And if you need to transmit data to someone, you can use PGP. Lastly, make sure to use WPA2 encryption for your wireless access point to keep your neighbors from seeing your wireless traffic.

by ·Comments Off on How to spot Internet phishing scams

In order to properly spot an Internet phishing scam, you need to know what it is.  When someone or some organization is phishing, they are attempting to obtain confidential information under false pretenses with the objective of stealing credit card numbers, passwords, or other personal or financial data.  With this in mind, spotting an Internet scam may be extremely difficult for a novice Internet user like grandma, grandpa, or anyone who isn’t familiar with the Internet or someone who doesn’t know what may or may not be legitimate online.

When you finish reading this article, you will:

  • Know how to spot and avoid phishing scams 100% of the time
  • Know what to do with phishing attempts against you
  • Know what to do should someone you know become a victim

Pay close attention to every word of this article; it may save you and others a lot of headache later.

Phishing scams is nothing new.  If you use Google Trends, you will see that the term “phishing” and “phishing scams” can be found in news articles ever since Google started tracking them in late 2003, early 2004.  You will also notice that the search trend for the term “phishing” took off in the second quarter of 2004.  The search for the phrase “phishing scam” only took off in the first quarter of 2005.  At the time of this writing, June 2009, there continue to be several news articles regarding the rise of phishing scams.  Here are some recent ones just to give you a feel:

  • Phishing Scams can Wipe Out your Bank Account (19 Jun 2009) – The lure of money can convince some people down on their luck to send in their bank account information in hopes to get free money.
  • Internet Job Scams (19 Jun 2009) – Job postings online lure job seekers into providing confidential information online
  • Phishing Disguised as Virus Warning(15 Jun 2009) – Users are University of Arkansas being scammed of their account information through an e-mail warning users of a virus
  • E-mail Account Phishing Scam hits Penn State (08 Jun 2009) – Penn State users being scammed through an e-mail that purports to come from the Penn State helpdesk; e-mail requests users to divulge their account name and password.

It may seem that one has to have some degree of computer and Internet literacy to spot a phishing scam.  Fortunately, that isn’t the case.  It is extremely easy to spot these scams; all you need to remember are two simple rules.

These two rules will help ensure you have a 100% hit on your ability to spot any phishing scams.

  • If it is too good to be true, it probably is.
  • Any unsolicited communication (e-mail, text, social networking message, or any other forms of communication) requesting for confidential information or asking you to click a link to sign in is an attempt at phishing.

You can apply these rules against the examples below and see how easy it is to spot a scam:

  • You receive an e-mail stating that there is some inheritance that is to be released to you; however, they need to receive your name, address, phone/fax, age, and occupation in order to release the funds to you.
  • You receive an e-mail from Mrs. Aaisha Ali Abaul who is dying and who happens to have inherited millions of dollars.  She would like to give you her millions as her last good deed; of course you will need to provide her your bank account information in order to transfer the millions
  • Bank of America sends you an e-mail stating that you need to verify your account information.  A login link is provided for your convenience.
  • PayPal sends you and email stating that your account has been breached.  They ask you to login in order to correct the problem, and they conveniently give you a link to help you do this.
Now that we know how to spot phishing scams, dealing with their disposition is very straight-forward and easy.  Simply, if they are in your e-mail box or message inbox, simply delete them.  If you cannot delete them, simply ignore them.  By all means, do not respond to any of these communications as it lets the “scammers” know you are a live one.
At this point in the article, you should never become a phishing scam victim; but what if a relative or close friend becomes one?  It is never to late to learn, so have them read this article as well and learn.  Then have them read the article at the Federal Trade Commission web site on Defend: Recover from Identity Theft. This site provides a wealth of information on what to do.
If you don’t remember anything else from this article, just remember this:  “If it’s an unsolicited communication, it is very likely a phishing scam in one form or another.”

by ·Comments Off on Get a desktop on the Internet with eyeOS!

I’ve been stumbling around more often these days.  Last night I stumbled upon eyeOS, my first ever contact with something using cloud computing system.

EyeOS is an Internet cloud computing operating system, where your computer is accessible anywhere so long as you have Internet access.  It’s user interface is much like a computer desktop.  You’ll find items on your desktop as you’ve left them when you logged out.  EyeOS has various applications–single user applications, group applications, and file sharing capabilities.

You can host your own eyeOS server, but if you don’t have one, you can sign up at http://www.eyeos.info.  When you get there, you get a login prompt.

login prompt for eyeOS

login prompt for eyeOS

Since you don’t have an account yet, click the new user link.  The login prompt expands to show more fields.  Fill it in as requested and click Create Account.

Create a new account

Create a new account

Once you’ve created a new account, you will be asked to pick a new theme as shown below.

Pick a theme

Pick a theme

Select a theme and you will be asked to login with your new account.  Login, and you will be taken to your desktop.  Since I chose the new theme, my desktop looks like this:

Your new eyeOS desktop

Your new eyeOS desktop

It looks like your typical computer desktop, and it has the following key areas:

  • Menu or tool bar
  • Desktop items
  • Floating menu

I will cover each an everyone of these areas in a more indepth review of eyeOS.

This Internet application is interesting, and has lots of potential applications.

Subsribe to my site so that you can receive the latest news or review on this topic.

by ·Comments Off on Blue Coat K9 Web Protection

I’ve been using the BlueCoat K9 Web Protection product for some time now.  It’s purpose is to help keep you or your kids from going to inappropriate web sites.  The degree of inapropiateness you disallow is dictated by how you configure the filter and what site categories you allow.

Note that if you have kids, this is a perfect companion for your home computer.  The product is free; all you have to do is register to get your free license key.  Download the  product here: