Tag Archive for Web 2.0

| November 24, 2011
5 comments

How-secure-is-my-password Tells You

The former DownloadSquad points out howsecureismypassword.net. How secure is my password is basically like a full-screen version of one of those password-strength meters websites sometimes use. But instead of showing you a bar going from “weak” to “strong”, it shows you an estimation of how long your password would take to crack. That’s a much more visceral way to understand why your password is strong.

How secure is my password

rb-

How secure is my password helps make password best practices meaningful.

For example, when I entered “Detroit”, it came back with “your password is one of the 1090 most common passwords. It could be cracked almost instantly.  “D3troit!” would take 57 days, and “!D3tro1tM!” would take 928 years to crack.

Password best practices include using:

8 or more characters , that is not a dictionary word, which includes capital letters, digits, and a symbol or two.

Related articles
Category: Security | Tags: , , , , ,
| October 18, 2011
One comment

Staff End Runs Security

Social networkingWhen I in my remote Bach Seat, contemplating sharing tech services, I am constantly facing the consumerization of IT. The iPads have made an official beachhead and Skype has made it inside the perimeter. So I should not feel alone according to recent reports from Trend Micro and Cisco (CSCO).

Facebook Help Net Security reports that despite more workplaces regulating social networking site access, employees bypass security roadblocks to engage in social networking. The research by Trend Micro says that employees are finding ways around security roadblocks, making social networking a way of office-life around the world. Trend Micro’s 2010 corporate end-user survey, found that globally, social networking at the workplace steadily rose from 19 percent in 2008 to 24 percent in 2010.

The survey also found that laptop users are much more likely than desktop users to visit social networking sites. Globally, social networking usage via laptops went up by 8 percent from 2008 to 2010. In the U.S., it increased by 10 percent In 2010, 29 percent of laptop users versus 18 percent of desktop users surveyed said they frequented these sites at work.

MalwareThe survey also found that laptop users who can connect to the Internet outside of company network are more likely to share confidential information via instant messenger, Web mail and social media applications than those who are always connected to a company’s network.

A 2010 Cisco survey, which looked at the security impact of personal gadgets and social networking in the workplace, found that employees are consistently (Cisco’s words) finding ways around security policies. 68 percent of those surveyed by Cisco said that employees use unsupported social networking applications.  Heavy use of unsupported collaboration, P2P and cloud applications were also reported. More than half said social networking is one of their organization’s three greatest security risks. More than a third reported that their company lost data or experienced a breach because of employees using unsupported devices.

rb-

So why is Facebook such a problem for enterprises? For one, it is a huge time waster.  Datacenter Knowledge reports that Facebook users spend a total of more than 16 billion minutes on social networking site Facebook per day. Facebook VP of Technical Operations Jonathan Heiliger stated that 3 billion photos are uploaded to Facebook each month and users view more than 1 million photos every second during a presentation at the Velocity 2010 conference

The more popular the social network, the more effective social networks become as malware distribution platforms. KOOBFACE, the “largest Web 2.0 botnet,” controls and commands compromised machines globally. This demonstrates the scale of the threat, and emphasizes the need to educate users and implement strong policies.

Trend Micro says that trying to just prevent users accessing social networks from work could potentially increase the risk to an organization as users look for ways around computer security possibly increasing the chance of exposure to security threats. The lesson, in Cisco’s view, is that you better find the technologies–and resources–to support personal devices and applications because they will be used regardless. “The best strategic approach is to focus less on restricting usage and more on effective solutions to ensure highly secure, responsible use,” said Fred Kost, Cisco’s director of security solutions.

Call me old-school but  it seems that employees have always learned to work within reasonable company boundaries. Another option for those organizations that need web 2.0 in the organization should tale a look at Palo Alto Networks who have developed a firewall that can block the wasteful parts of social media and leave some parts of the web 2.0 app accessible.

Consumer technologies evolve faster than the IT department budget, and it could be a constant game of catch-up trying to accommodate the latest rogue gadgets and widgets. Ultimately, rogue IT use is not so much a failure of technology, but a failure of policy and policy enforcement.

Related articles
Category: Security, Social Networking | Tags: , , , , , ,
| August 2, 2011
2 comments

Jay Leno Most Dangerous Celebrity in Cyberspace

MalwareThere are many late nights when I sit in the Bach Seat after a long day of coordinating shared technical services and need some silliness. Jay Leno was my late-night source of silliness until BitDefender told me he is the Most Dangerous Celebrity in Cyberspace.

Jay LenoAccording to an analysis of 25 million spam messages by the Bucharest, Romania based anti-malware firm, comedian and TV host Jay Leno is the most dangerous Hollywood celebrity in cyberspace. BitDefender found Mr. Leno mentioned in the subject line of 38,000 spam messages most of which focused around medicine and the purchasing of pills but come with enticing subjects such as ‘Jay Leno found taking drugs.’

“Cyber criminals follow the latest trends just as consumers do and they use these and the names of popular celebrities in their campaigns in order to lure people to websites that are full of malicious software (malware),” said Catalin Cosoi, Head of the BitDefender Online Threats Lab.

AfBitDefenderter Mr. Leno, the article at InfosSec Island says that cyber criminals next most often used Madonna and Cameron Diaz to spread spam. (I wrote Cameron Diaz’s reign and the McAfee “Most Dangerous Celebrity on the Web” here). The rest of the top 10 personalities used by spammers include:

Other notables on the list are:

Notable for their absence from the list are:

rb-

The use of celebrities to promote malware and spam is deeply rooted in social networking and Web 2.0. In 2009, Barracuda Networks identified a ‘Twitter crimewave’ on Twitter after popular celebrities joined the service to tweet to fans. Criminals followed the celebrities to the new service sensing a new population of easy-to-fool users, using a range of techniques including impersonation and simple link spamming to draw people to malware-infested websites. Facebook still has a major problem with celebrity abuse.

This may seem trivial because most firms have set up gateways to filter these spam-mails from hapless users in boxes. However, there are enough users that ignore the warnings and open spam-mails to make spamming on a vast scale worthwhile to the spammers.

What do you think?

Who is your favorite late nigt host?

View Results

Loading ... Loading ...
Related articles
Category: Malware, Security | Tags: , , , , , , , , , , ,
| May 14, 2011
Comments Off

YouTube Founders Acquire Delicious from Yahoo!

Social NetworkingIn one of the most search engine friendly articles, ITnewsLink reports that on April 27th, YouTube founders Chad Hurley and Steve Chen announced they have acquired the Delicious technology from Yahoo! (YHOO). They plan to continue the service that users have come to know and love and make the site even easier and more fun to save, share and discover the web’s “tastiest” content.

deDeliciousProviding a seamless transition for users is incredibly important. Yahoo! will continue to manage Delicious over the next couple months as users are able to sign up for new accounts. After the transition period is complete, users’ information will be moved over to the new service.

“As we have said, part of our product strategy involves shifting our investment with off-strategy products to put better focus on our core strengths and fund new innovation, says staff on Yahoo! blog. We believe this is the right move for the service, our users and our shareholders. Chad Hurley and Steve Chen are building an exciting new company and we look forward to watching the Delicious service continue to develop!”

Related articles
Category: Social Networking | Tags: , , , , ,
| May 25, 2009
Comments Off

Twitter Security

twitter_logo

Updated 07-11-2009 Messagelabs has reported an explosion in SPAM messages that include short URL’s. In an article at CNET, Matt Sergeant, a senior antispam technologist at MessageLabs said, “Usually when we see a spike of this nature it tends to indicate that a spammer has found some method of automating the creation of these short URLs.”

The whole world can now follow me on Twitter. I signed up a couple of weeks  and have been beta testing it on myself on a disposable gmail account. What bothers me the most about twitter is its use of  TinyURL‘s. One of the first rules in web-based self-defense is know where you are going and tiny URL‘s totally remove that option. No wonder phishing scams are popular on the service.

According to Wikipedia TinyURL is a web service that provides short aliases for redirection of long URLs. Kevin Gilbertson, a web developer, launched the service in January 2002 so that he would be able to link directly to newsgroup postings which frequently had long and cumbersome addresses.

I have how installed the FireFox AddOn LongURL Mobile Expander by Sean Murphy. The blurb on the FireFox AddOn page says LongURL Mobile Expander uses the LongURL.org web services to let you know where shortened links *really* go. In a Firefox window, the actual URL is displayed while you hover the cursor over the tinyURL so that you can be sure you want to go to www viruii com / infectme

Related articles
Category: Networking, Security | Tags: , , , , ,
 

Switch to our mobile site