Security for Dummies

security tips and tricks

Gmail and expose…

It was not so long ago, April 1, 2004, when Google mail first appeared. In 2005 there were 5.4 mln subscribers and 51 mln in early 2007. Do you know how many Gmail accounts were registered up to date? Quite a lot…
Do you have a Gmail account? I believe you do. Everyone has it.
It is a great and convenient tool. It is absolutely free. It is so convenient and easy to use! It is superb! BUT… Free, like a cheese in the mouse trap.
What makes me so skeptic? Why do I have a strong sensation of discomfort? What is a problem there? The answer is out there, in your (and my) personal Gmail account…

Did you ever feel the eyes watching you from behind when you opened your inbox? No, not the Big Brother is watching you. The Big Brother is slow and ignorant, while the G-Brother is much smarter and faster. Big Brother watches criminals behind the fence, G-Brother watches you in the web. By the way the similarity is even more transparent here. We both enjoy it for free…

Let me be more specific. One simple test that you can run yourself will show it much better than all words can do. Just send an e-mail to your Gmail account, put some specific subject (e.g. “How to rob a bank” or “where to buy drugs”). You can leave the message empty. Then open it in the web browser.
You will immediately get the point when you look at the Google ads. They will be very specific. They will rely to the subject of the mail, but not only. Another test – leave the subject empty or neutral and attach some word document. When you look at the adds you will realize that your attachment wass scanned. You will be offered stuff related to the content of your document. These ads will be also relevant to your profile. Do you know how big your Google profile is? I assume that it is much larger than your Big Brother’s file. 
Yes, I know that this information is collected to help seller pushing me some goods that I am probably interested in. But I feel concerned that some company keeps it. Moreover, I remember the story about Israeli blogger.

That was a first precedent. More are coming.

July 12, 2008 Posted by | Big Brother, privacy | , , | Leave a comment

5 reasons to use PORTABLE password manager

There are much more than 5, but I will start with these main points:

  1. You are human… never mind, no one is perfect. 
  2. We live in modern world with its cons and pros 
  3. We live in the era of globalization, just admit it 
  4. We live in the era of internet, Do you understand what this means? 
  5. There are bad guys there in the web, beware

Do I have to explain? OK, let’s make it clearer.
1. You are human, aren’t you?
You may forget anything, – your keys, your eyeglasses, your documents and your wallet. You DO forget your passwords. And even if you do remember your password, you can mistype it. “To err is human”. If you type it wrong several times – your account is blocked, and you have to ask administrator to reset it. And how often are you required to change your password to your bank account, web access, corporate VPN, etc? You wish there were no passwords at all. Just open the webpage and you are in.

2. We live in 21st century, aren’t we?
We have MANY accounts. We are using computers. We are working hard in the web. Therefore we have LOTS of passwords to remember. But we are still humans after all. And we do forget. Do you want to bet that you cannot remember 5 strings in a row? Just give it a try. Please remember the following:

mLUafc$eMJm_

IR_^Z7R(F8zH

Bp}Ea4O7Xk*s

p#VnD4}B}Z^}

@Bu&KG}N0n[X

Yes, maybe YOU can remember these 5 passwords. Then you are a genius and maybe this reason will not urge you to use these products, but let us look to the next reason.

3. We live in the era of globalization.
You can find yourself tomorrow in Milano, drinking a tiny cup of strong espresso in the internet café on the Via Corsa Di Porta Romano and trying to type your password for your Gmail account, but… you cannot find necessary letters, symbols are in the wrong place and the whole keyboard is somehow different… What a mess! And the very next day you appear in Russian beautiful city of Snt. Petersburg and find out that the keyboard is Cyrillic. You wish you could enter your password automatically, just like that – open the webpage and you are in, but at the moment you even do not know how to switch a keyboard to Latin layout. Ha?!

4. We live in the era of the Internet.
We keep information there. We purchase goods and services. We look for a partner or a spouse. We watch movies, we listen to music. We… Everywhere we go there in the web we need to prove our identity (the same username/password). Someone can guess it. Someone can spy it. Someone can get access to our money, documents, entire life. We are exposed to risks! Oh, my god!

What is even more alarming –
5. There are bad guys in the web.
Do you know what identity theft is? Did you ever receive some message from your bank that was never sent? Did you ever get an e-mail, requiring resetting password to your account? These messages are called phishing. If you ever followed their instructions – you’ve lost something. You’ve lost money or information or something even more valuable, like identity. Identity is not virginity, you never enjoy loosing it!

Is there a way to be safe, portable, light-hearted? Is there a way to make it convenient? Is there some automatic, simple, user-friendly and clear solution, working in the background and doing hard work for me? Maybe there is some solution that is not using much recourses of computer working on any PC without installation? Maybe there is some solution that I can take with me wherever I go?
Yes! There is an ultimate, convenient and secure solution.  Use password manager. Use password manager that fills forms automatically and does not require from you any additional actions. Use password management system that is convenient and user-friendly. Use the one that keeps your private data in encrypted database. Use n-Pass! This is my personal advice.

You, whoever you are, wherever you are, whatever you do, you need:  

  • Password management 
  • You need it to be portable 
  • You need it to be secure  
  • You need it to be simple, convenient and automatic
  • You need it to be n-Pass!   

Forget your passwords!
Give away your Stick-It notes!
Delete your text files you used to keep your passwords in!
Start using n-Pass today.

You do not have one?Take your free 60 days trial of n-Pass now!

Get it from CNET Download.com!

July 3, 2008 Posted by | identity theft, passwords, privacy, Security | , | 13 Comments

Over 10000 laptops are lost every week in US airports

Yesterday article in PCWorld with reference to the Ponemon Institute The figure itself is amazing. But travelers’ attitude is more surprising.  About 77 percent of people surveyed said they had no hope of recovering a lost laptop. Therefore, they even did not claim the lost laptop. About 53 percent said that laptops contain confidential company information, with 65 percent taking no steps to protect the information.
What these figures say? 

  1. 53% of 637,000 = 337,610 laptops with confidential information lost each year
  2. 65% of 337,610 = 219,446 unprotected laptops with confidential information lost

According to the earlier survey of the same Ponemon Institute the average cost of compromised record in 2006 was $182. I can assume that nowadays it is much higher, about $250/record.

Assuming that each laptop has only 1 confidential record, direct annual damage is $54,861,625

Back to article:

Laptop theft is fairly prevalent in the U.S., said Mike Spinney, a spokesman for Ponemon Institute. In a study conducted by the institute, 76 percent of companies surveyed reported losing one or more laptops each year, of which 22 percent were due to theft or other criminal mischief.  Many people are ashamed of reporting lost laptops as they leave them where they shouldn’t be, Spinney said.

Let us compare above figures to the cost of simple measures for data protection:

  1. Encryption of disk – $45 per laptop with software solution or
  2. Encryption of disk – $115 per hardware key
  3. Dell Laptop tracking and recovery – 1st year free, including
  • Combat Theft – Absolute’s recovery team partners with law enforcement to track and recover your laptop 
  • Protect Data – Capability to delete valuable corporate data from the stolen system 
  • Track Your PCs – Manage software licenses, equipment leases, machine configurations and usage with remote monitoring capabilities.

What about your laptop?
Is it protected?
Do you keep confidential info on your hard disk?
Do you encrypt?

July 1, 2008 Posted by | Encryption, lost laptops, privacy, Security, Security Threats | , , | 1 Comment