Triona's Tech Tips

VeriSign iDefense has discovered a hacker selling 1.5 million hacked Facebook profiles for sale on the black market. The profiles are going for $25 for 1,000 profiles with under 10 contacts, and $45 for 1,000 profiles with more than 10 contacts.

Why sell profiles? As you can see from the pricing, it’s all about the contacts. Hacked profiles give criminals the ability to advertise to trusting users. If you get a message from a Facebook friend telling you to click a link, you are more likely to do so than if you get an anonymous spam message in your email. This is what we call spear phishing, targeted campaigns that appear to be from trusted sources. Buy profiles for cheap, trick people into clicking on malicious links or buying junk like rogue antivirus software, and voila! the criminals rake in the profits.

Hacked profiles can also be used to harvest your personal information to crack security questions for juicier targets like your bank accounts. Many people falsely consider Facebook a private environment and post all sorts of information about themselves, their families and their backgrounds. If you post a cute picture of your dog Rover and the security question for your bank is “What is your dog’s name?” you’ve just given away important information.

Likely there are more than 1.5 million Facebook profiles for sale out there. Also for sale are LinkedIn and Twitter accounts, email usernames and passwords, and la creme de la creme, bank accounts and passwords. Even your computer’s processing power can be bought and sold under your nose. It’s a whole underground economy taking advantage of you.

How can you protect yourself? Strong passwords that are unique on every system, good quality security software, and common sense before clicking links. I also encourage you to avoid posting personal information on places like Facebook, be careful of the friend requests you accept, and adjust your privacy settings to maximum. Even so, plenty of people who follow all the rules fall victim. The scams get trickier and more difficult to expose. It’s important to stay educated about computer security, which is why you should subscribe to my free Tech Tips newsletter to keep on top of the latest news.

So you’re shopping online and you start to check out. Seeing the HTTPS in your address bar, you enter your credit card number. But is that web site really secure?

Just because the site says HTTPS does not make it secure. It’s become easier for hackers to infiltrate HTTPS connections and forge digital certificates. Advanced techniques include hijacking your computer and redirecting you to a phony site that looks like the real deal, complete with HTTPS and digital certificate.

What about those icons that “guarantee” a secure web experience? Again, these can be forged, or may no longer be valid. Even a positive McAfee SiteAdvisor rating is not a one hundred percent guarantee of a valid site.

Visiting a bona fide secure web site can also result in a hijacked credit card, if your computer is infected with a keylogger virus that records everything you type.

Your best bet is to do business only with sites you know and trust, preferably those with a brick-and-mortar presence or a well-established online reputation. Be sure to type web addresses directly into your browser rather than clicking on links in email or search engine results, because these may be poisoned. Check your security protections regularly, and stay tuned to Tech Tips for the latest news.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Those of us who have used computers for a long time remember the days when floppy diskettes offered the best in computer data storage. Then we graduated to hard drives, CDs, DVDs, flash drives.. and now, network attached storage (NAS).

A NAS is a unit containing one or more hard drives with a network jack. The biggest advantage of a NAS is that it is much less expensive than a server. Instead of spending thousands of dollars for the hardware and software needed to run, say, Window Server, you can spend mere hundreds for one terabyte (that’s 1,024GB, or about 728,000 floppy disks!) of storage capacity. And the device is barely the size of a shoebox.

The key to NAS is its redundancy. NAS writes your data across multiple hard drives using a technology called RAID. The drives are hot-swap, meaning you can replace them while the unit is running. You can also add additional storage capacity simply by sliding in a new drive.

NAS is cross-platform. If you work with both PCs and Macs, you can connect both easily and conveniently to the NAS. You can set up file shares, users and groups on a NAS, just as you would on a server. Some come with built-in backup software. Configuration is done through a simple web interface.

NAS is a terrific server replacement for any small business or home office in need of centralized storage at low cost.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

The FCC recently lost an important ruling on net neutrality. The case concerned Comcast’s throttling of high-traffic users, primarily those using the BitTorrent service to transfer large files. The ruling is a setback for the FCC’s goal of preventing Internet service providers from filtering or blocking Internet traffic or prioritizing some kinds of data over others.

On the surface the case seems relatively benign. After all, why shouldn’t an Internet provider like Comcast be able to prevent users from taking up the bulk of its bandwidth, or offer some premium services at faster rates than others? But net neutrality is important for anyone who runs a small business or uses a home computer.

Imagine you run Mom-N-Pop Widgets, and your biggest competitor is Real Big Widget Company. Without net neutrality, Real Big could use its real big budget and influence to prioritize its data traffic over yours. Your web site might load more slowly than Real Big’s, or might not be available at all to some visitors.

Or, imagine you are a home user trying to get information about a cause that interests you — let’s say breast cancer. But what if drug manufacturers pay your Internet provider so their content is prioritized? You would receive skewed results favoring the drug manufacturers’ solutions over other, perhaps lesser known but valuable options. In other words, whoever has the money will be able to pay to be seen, while smaller entities may be unable to compete.

How about censorship? The incident with Google in China shows how governments or other entities may try to assert control over the Internet. Net neutrality is about freedom of speech as well as fairness in business practices.

Previously, the FCC described the “Four Freedoms” upon which Internet communications law should be based. These were described by FCC Chairman Julius Genachowski in a speech last year:

Network operators cannot prevent users from accessing the lawful Internet content, applications, and services of their choice, nor can they prohibit users from attaching non-harmful devices to the network.

Genachowski added two more principles:

The fifth principle is one of non-discrimination — stating that broadband providers cannot discriminate against particular Internet content or applications.

The sixth principle is a transparency principle — stating that providers of broadband Internet access must be transparent about their network management practices.

If you read the speech you’ll find examples of how these principles have been violated in the past. Without codified rules preventing such abuse, the Internet would quickly devolve into a world of haves and have-nots, and the kind of innovation that resulted in eBay, FaceBook and Netscape could be curtailed.

Naturally, some Internet providers have criticized the FCC’s proposal, claiming such rules are not needed. But, as Genachowski states:

This is not about government regulation of the Internet. It’s about fair rules of the road for companies that control access to the Internet. We will do as much as we need to do, and no more, to ensure that the Internet remains an unfettered platform for competition, creativity, and entrepreneurial activity.

As a small business owner and a consumer, I want the Internet open and available to anyone regardless of how much clout or money they might have. The Internet is vital to global communications and the future of humanity. Let’s not see it reduced to a fraction of its potential.