The Future of Technology

  Technology In The Future

 

        The future of technology is an interesting topic to many in the IT field. However my mom would think differently :-) Technology is growing at the blink of the eye, but what improvements need to be made to make technology more secure? In class I had  brought up the topic about how important it should be to make internet users less anonymous. Now to some this may seem confusing, considering how easy it is to commit identity fraud and steal passwords and such, but when I say users should be less anonymous I mean users shouldn't have the ability to change their IP addresses using anonymizers. The concept that I thought that could create safer internet use involves biometrics. Biometrics is the use of using some form of human characteristics to identify that person, giving them access. The characteristics could be iris scanning, fingerprint, voice, face recognition and more. How would this be implemented into internet use your wondering? Well, instead of gaining access by using passwords, Internet Service Providers could provide finger print biometric devices that will only grant access to users who scan their finger first. Upon being handed an IP address, the ISP also knows who would be committing criminal acts under that address. After thinking about this concept for my discussion in class, I was wondering if this has even been considered a concept for cyber security. The follow article discusses more into depth the concept ubiquity.acm.org/article.cfm.

 No More Passwords, Is it Possible?

        To sum up what a majority of what the class discussed as a whole would be that the future of technology needs to improve security. Developing a centralized site to report cyber crimes would be a good start for the future. Since there is so many different sites you have to report to, many people avoid the hassle. Second, passwords have proved that they are a weak security measure. They are to easy to hack and crack. Is having a strong password worth it anyways? Well since it is recommended to have different passwords for every credit card, e-mail, bank, social site etc. it is getting impossible to keep track of them anymore. Biometrics are starting to replace passwords and I strongly believe within the next ten if not five years will replace all passwords, security cards/keys. Biometrics can't be stolen, replicated or lost. New York Times writes an article describing the concerns with passwords and how they lack the defense required. http://www.nytimes.com/2008/08/10/technology/10digi.html?_r=0

 

 

Where Am I Going?

        Of those of you who view my blog, I'm not going anywhere. I have decided that this blog has helped me improve my cyber security skills. This fall semester will be my last semester at the college I'm attending before I transfer. Even though I have been accepted into many colleges, I have been contracted by an Ivy League school which asked for a portfolio and I think this would be perfect to add to it, and furthering it more after this course ends. I hope that I educated someone who has viewed my blog to protect themselves on the internet. A summary of this course and what I have talked about is how and what to not do on the internet. I have discussing and presented a video on how to do a system restore if you have ran into any malware you need to get rid of on your computer. I have posted many different criminals acts that take place on the internet and how to protect yourself on hotpots. I ended this section of my blog with discussing future concepts and what needs to take place to secure our future with technology. Thank you for taking your time to view my blog, I hope those of you who have found it useful continue to view. 

 



Protecting yourself on Wi-Fi

Are you just Handing your Password out?

     This module in my Principals of Computer Security course we have started to work on our team projects. This project is for an organizations called Educause and Cyberwatch. The goal of the National Cyberwatch center is to educate individuals more about cyber crimes and issues and also how to prevent these from arising. Please feel free to check out the website at http://www.cyberwatchcenter.org/index.php. Educause hosts numerous events and conferences each year. Educause is a non-profit organization set out with the goal to inform and educate people to make the use of technology safer. http://www.educause.edu/. Both webistes can give you information and  gain better insight into IT Security.

 

Cyber Security Project

      This contest is developed for students across the country to design projects that promote Computer Security awareness. My initial reaction was I was very interested in the idea of the project! After discussing with my partner different ideas for the project we decided on basing our project around Wi-Fi Security. Since my partner and I both liked the concept about Wi-Fi security, I will give you a little reasoning as  to why I thought it would be a good idea to talk about this subject. There is a commercial of a woman in a café buying a rather expensive watch (more than 800 hundred dollars) having her look around to seeming a bit nervous, however since her credit card company offers text notification alerts she proceeds with the transaction. Now this commercial was devolved to be a positive notion about fraud alert. Those of us in the IT field might feel a little differently -or maybe just me :-) - about the safety of this. With entering her credentials into her bank accounts website, anyone around her could have stolen those with using several different methods of intercepting this data. Hotspot wi-fi does NOT have the type of security many people may think it has, actually in most cases it does not have ANY security. Any transactions using person accounts  such as banks, credit cards, and even social media sites shouldn't be visited when using hotspots. Now you wonder why I am so concerned even though her credit card company offers fraud alerts? Her entering her information into this site can give hackers the opportunity to steal this information, sell it, or use it themselves to steal her identity, steal her money, or find other sites that don't provide fraud alerts, enter her same credentials (yes, many people use the same username and passwords) and there you have it, your life savings is washed away. Here is the video of where I developed the concept for the project...

Secure your Network and Future

 

What Security Protocol do You use? 

     I am going to start by talking about WEP, WPA, and WPA2. These are security protocols that were designed to protect wireless networks. WEP, which stands for Wired Equivalent Privacy. From the name of the protocols sounds like a very secure way to transfer data, however, there are many flaws using WEP. If the user of WEP is constantly do network activity, within seconds can the packet be captured that contains the security key to crack your password. Yes I said within seconds. WPA is a more secure protocol. This protocol uses pre-shared key and Temporal Key Integrity encryption. I will try to explain this for better understanding. WPA uses a different key for every packet that is sent. They share to same pre-shared keys (easy to understand) than each device changes the key. TKIP (Temporal Key Integrity Protocol) is stronger than WEP and used to replaced it without replacing hardware however it is not secure enough for very sensitive data. This is where WPA2 comes in. WPA2 uses a standard called Advanced Encryption Standard (AES for short) in addition to TKIP that adds more security but requires hardware upgrades. AES user a key length of 128, 192, and 256 bits. I will provide a diagram to show you the number of combinations it would take for a hacker to crack a code of this kind of strength. (Diagram provided by http://www.eetimes.com/document.asp?doc_id=1279619) Written out to visually see that is, bear with me here it's A LOT of zeros! 1,100,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 this is the possible number of combinations to crack a key of 256 bits. Feel free to let me know what that number is if any knows!!

The Properties of my Wireless Network

Since in my previous paragraph I explained WPA2 with the encryption type of AES, I don't have to do much convincing that I have strong security protection of my network. I advice you to check out what kind of security your network has. I will explain how to find your wireless properties.

• Click on start and go to your control panel.
• Under Network and Internet click on View Network Status and Tasks.
• Along the left hand side it will display Control Panel Home. Under that you should see Manage Wireless Networks; Proceed by clicking.
• Assuming that the first network on there is your home network, RIGHT click on your network and view properties. (Side note: the other networks listed are ones you have been connected to before, just stored.)

      I made the process Windows friendly by color coding. Your results should look similar to mine, depending on your security type and encryption type.



     

 

Plucking People Around Me

        Instead of choosing a retail business, I decided I would discuss an application I have on my phone. It may be a form of "war driving", however I used  with the intentions to show viewers of my blog how easy it is to see what kind of security protocols people use. Or in my case, you will notice one person does not have any protocol in use. I would have drove around with my laptop using a net stumbler program I have install, but unfortunately my laptop isn't so mobile these days. Long story short, the back light is out and it can only work being hooked up to an external device. Anyways, after driving the distance to school and back home from school the results are shocking the number of people who do not secure their networks. 20 miles round trip, within each interval of my Wi-Fi analyzing app. there was at least one network in distance that didn't use any security protocol. If you are to download this app. the results will look different because I did black out the network I am on and everyone's mac address and network name for privacy concerns.

        Here is a video link which was watched  in the course I'm taking about war driving. War driving is simply searching for wireless networks using a portable, internet capable device. In the video they describe how easy it is to view the networks. They explain the T.J.maxx attack and more. http://www.cbsnews.com/video/watch/?id=3538299n 

Peer 2 Peer File Sharing

        Finally, before I finish this post I would let to talk about peer to peer file sharing. If you use file sharing sites, you may think twice after reading this post. Peer-2-peer sites allow users to download and upload music, videos, software, documents, and such. In most cases, they are illegal. I say most cases because using it to upload documents and company videos for other employees is legal. But for the most part they are used to share music, movies, and software illegally. Didn't know what you were doing is illegal or thinking that it is ok because those industries are very wealthy think again. According to the Record industry association of America (https://www.riaa.com/physicalpiracy.php?content_selector=What-is-Online-Piracy), each year there is more than 70, 000 jobs and 2 billion dollars worth of lost wages due to peer-2-peer sites. Downloading and uploading songs is breaking the law with serious consequences. Since music and movies are copyrighted, it means you are taking property from the owner without that persons permission. Fines for this act can be up to 250,000 dollars and up to 5 years of prison time. Having a felony on your record can destroy aspects of your life, having problems getting a career, living situations, and loans. Please be respectful to the owners and save your future and pay the 1.25 for music on iTunes. https://www.apple.com/itunes/features/

How to stay happy and healthy on the Internet

 

The World Of Malicious Software

Worms, Trojan Horses, Viruses, and Bots are all considered to be malicious software. These types of codes are set out to do destructive damage, not limited to computer damage but also steal your identity. A virus, like human viruses are dependent on human interaction to spread it. Worms, although they do propagate, they can do so one their own. To further explain the meaning of this, viruses are codes that attach themselves to other programs. In order for this program to run, it needs to be executed. This is why in my previous blog I mentioned not to open any email attachments from unknown sources. This is what code writers thrive off of . By clicking on this executable file, you now unleashed the virus! Unlike worms and viruses, Trojan horses do not infect other files or self-replicate. To sum up what a bot is, it is a malicious (not all the time though) program that in other words, works on behalf of a person. It can gather information, launch denial of service attacks, send spam, and send this information to a central server.

Here are a few tips to help protect yourself.

• Always use and update anti-virus.
• NEVER open email from unknown sources.
• Use a firewall. This will help prevent viruses, worms, and hackers.
• Employ spam filtering tools, which help block soliciting emails.
• Practice safe web browsing habits.
• Avoid sites such as social networking, adult websites (porn) and peer-2-peer sites. These types of sites are breeding grounds for malicious activity.

However, if you find that a virus still made it's way onto your computer, there are numerous steps you can take to clean your computer.

1. System restore. I will explain this step into details in a video in a later section. With a system restore you can set your computer back to a time prior to being infected, which will rid you of your virus, however, it will delete everything after the time that was chosen.
2. Run a scan on the infected file. There are plenty of free anti-virus software out there which have adequate amount of protection. This will scan and remove viruses without having to delete important files.
3. If everything fails to remove a virus, you can clean install. Yes, it is a last resort, but it starts with a virus free state. This is completely deleting your hard drive.

Fake Anti-Virus Programs Beware

Ever heard of fake anti-virus programs? Well here is a new one if you haven't. These programs appear and act in the same manner, as if they are a legitimate anti-virus software. These programs are made to gain money from the innocent victim. These types from programs can have pop-ups warning that person they need to install more software to access something specific. it can lead them to believe that there is a virus with warning messages and even include videos to make the program look more real. Don't be fooled by these types of programs. Not only is your computer at risk, but so is your money when typing in your credit card information to obtain this type of scam. Here's a video to show how legitimate these programs can act.

Anti-Virus Protection I use is AVAST!

 

Out of curiosity as to why I use Avast!, I use it because first off it is a free anti-virus. I have used Avast! on every computer I have owned and have yet to find issues with it. However, I am very cautious when using the Internet. I decided to take a screenshot while I was updating the program. The reason for that updating is very important because the software updates new virus signatures, which is the identity of the malware. If you left your anti-virus software from beginning state, your susceptible of new viruses that are introduced on the Internet. Furthermore, don't worry though, there is an automatic update feature you should enable to be worry free. Here is a link to download Avast! free of charge. http://www.avast.com/en-us/index

 

 Video Tutorial on How to Do a System Restore

A very useful and easy to use tool. You will see in the video it takes me less than a minute to set it up. Than once your computer is recovering it should take less than an hour to recover back to a previous date.

 

     

Save the Fishing for fishermen, and Farming for farmers.

    

                          How The Fisherman Got Phished Himself

     One day Mr. Bass was swimming around, minding his business when a free, delicious dinner got waved in front of his face. Being a little skeptical, Mr. Bass swims closer and closer and possibly even a little nibble. Just as he decides it is safe and tastes good he gets ripped out of his home. That's when the trouble begins. In the meantime, after sitting down and enjoying a fish dinner, Mr. Smith was going through his e-mails and found one that announces YOU ONE THE LOTTO!!! Mr. Smith feels it sounds to good to be true, but it's a lot of money so he carelessly sends his personal information to claim his prize. One week later he found out his bank account is drained of his life savings and can't pay his mortgage so he has no roof over his head. It may be bad karma, but Mr.Smith had also been fooled by phishing. My little skit here may sound and look silly, but in 2012 there was an estimate of $1.5 billion (source: http://www.emc.com/collateral/fraud-report/online-rsa-fraud-report-012013.pdf) of global losses from phishing. Here are a few tips on how not to get hooked and I hope some stood out in my skit that were warning signs.

• Don't fall for it. If it sounds too good to be true, than it probably is.
• Notice the spelling of "won" is wrong, there are usually numerous spelling errors in scams.
• Don't EVER give out personal information to anyone requesting it in an e-mail. Banks, credit cards and such already have your personal information will never request it by e-mail. 
• Don't open e-mail attachments or click on hyperlinks from anyone you weren't expecting a message from. Malicious software is often hidden in these attachments. I couldn't stress this enough. I've studied for two years Computer Science and all of my professors will say the same. 

                                      Targets' Security Data Breach

I chose this video due to Targets' data breach being so recent and 40 million people felt the effects of it. I, myself, have not been a victim of any Internet or security breaches.

           
            No Good Can Come From Anything Rhyming With Phishing          

     Now that I have talked about phishing, which most people have heard of, I'm going to dive a little deeper talking a pharming, vishing, smishing, and spear phishing. To make this easy, pharming is a deceptive website. A good example of this would be www.rnacys.com and www.macys.com. One quick look at the first one and you might think it's a legitimate site. Look a little closer and it is spelled "r n a c y s". If you were to enter your credentials into this fake site, they now have your username and password. These sites can look idenitcal so beware. Vishing and smishing are similiar to phishing although vishing is a criminal act via phone to try and receive your personal information and smishing via text messaging. Spear phishing, again, the same as phishing but going after a particular good.

Infect my computer, I think not!

Now I felt this was needed to be shared this week considering I'm writing about how to avoid scams. I read about this in my book Cyber Crime Fighters, Tales From The Trenches by Felcia Donavan and Kristyn Bernier. 409 people willingly clicked on that ad that offers to give your computer a virus. This was just a test to see how many people would actually click on it, however, it didn't contain a virus. 

Don't worry, cyber security guard here to give you some tips!

There are numerous ways to safeguard yourself on the Internet. Be careful when giving out personal information. Just because a website looks legit or your "bank" requests information always check into this first. Banks will never request  users to input personal data through an email. Always remember, it is your personal information and you can decide who you want, and deny who you want to have this info. Be wary of who you chat with online. Just because you think they live a thousands miles away, does not mean this is actually true. I would like to put this on my blog for those of you who play online games. Just because you may think you can say and do as you want because the person your playing with is on a mic and not knowing your location does not mean that person can't find you. This is quoted from my textbook called Cyber Crime Fighters Tales from the Trenches by Felicia Donovan and Kristyn Bernier "In China, a Legend of Mir 3 player is spending the rest of his life behind bars for fatally stabbing another for the "theft" of a virtual sword." This may not be an everyday occurrence, but in reality it can happen. Here's some more tips to stay safe on the web in the following link. https://www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy

     After having to try and convince my customers that my company is safe to do business with (hypothetically speaking, a class project) I had come across many businesses that thoughtfully explain their ethical reasoning behind collecting data.  Cookies, everyone loves cookies, for dessert yes, but on your hard disk, not so much. The misconception with cookies is that it is a program that tracks your information that you do over the Internet. With this being false, cookies are just text files that store user information such as your ID number for that store. The web server of that site only stores cookies from that particular site, which can NOT be viewed by any other site.

To view more about cookies, click on the following link. It describes into depth the different ways web sites use cookies. How you can opt out of cookies being stored on your hard disk and why there is a bad reputation for cookies. http://computer.howstuffworks.com/cookie.htm.

      Onto a different topic, identity theft. Considering there are 23,000 victims per day, what are some ways to protect you and your family. Protect important documents, such as social security numbers, bank accounts, and billing information. Always monitor banking accounts and notify your bank immediately when a suspicious transaction appears. Make sure websites that you use credit card information or any personal information that the URL includes an "s" at the end of HTTP. This stands for Hypertext Transfer Protocol Secure. This encrypts data that is transmitted between server and client. I found a useful link with many more ways to prevent identity theft. Unfortunately this girl was a victim of identity theft, however, she was lucky to not have to deal with the damage for years following the incident.  http://studentmoneyskills.bankofamerica.com/article/view.asp?articleID=39

 





Don't deny me the job based on an opinion I might have!

     Digital citizenship can be defined as how to appropriately act when using the Internet. There are nine elements to consider when posting anything on the World Wide Web. I, however, will discuss three elements and show how they can either positively or negatively affect my life. Digital law, which is abiding by the law involving but not limited to  releasing destructive programs, illegally downloading software, movies, and/or music and hacking, with other possibly beyond these examples. A close friend of mine (sorry, keeping the name private) was illegally downloading movies. One day he went to go access his Internet and a warning from his Internet Service Provider and Universal Studios warned him that unless he signed a wavier and removed all pirated movies, there would be a 10,000 dollar fine and up to ten years in jail! To all the people who still download movies illegally (my friend has stopped due to this) it's not worth it.

     Digital Literacy is an extremely important concept to grasp for many employees, along with college and high school students. My diligence as a college student is provide research for many courses. Although, you can find just about every topic on the internet, it is my responsibility to assure that the information is correct by assessing it. With a majority of my courses also being online, I need to know the proper way of being able to use technology. Both of this issues could negatively affect my grades if I didn't have the knowledge of technology and searching strategies.
     Finally Digital Health and Wellness. Computers have not affected my life in a psychological manner, however, in a physical aspect I am 27 and at 24 I was diagnosed with carpal tunnel, nerve damage, and arthritis. Not only that,  I see a chiropractor at the minimum of twice a month for having locked vertebra in my neck due to my excessive computer usage. Unfortunately, I don't follow many guidelines to prevent computer related illnesses, for this has effected my life in a negative way. The following is a link which provides the remaining six digital citizenship elements.
http://www.digitalcitizenship.net/Nine_Elements.html

   Follow these guidelines when using a computer to save yourself pain now and in the long-run.
     Do you find it appropriate for employers to make hiring decisions based on your information on social media sites? I have to say that this is NOT an appropriate way to base a decision of whether to hire a person. People have free time after work and should be free to do as they please. For instances, I am pro-life, this topic wouldn't be brought up in a work setting and tends to be a touchy subject for many, but could it hinder me getting a job if the hiring manger is a strong advocate for pro-choice? I would like to hope not, but with employers plunging into decisions based on personalities outside of work, I keep my life to private communications. As should other people. Here's the webpage to look over for anyone wondering others views on the topic ... http://www.businessweek.com/debateroom/archives/2008/03/employers_get_outta_my_facebook.html
     Since this course is about computer security and this module we did some surfing of the web to find out digital footprints we left on the web, during my research I came across some shocking information that I would like to let viewers of my blog be aware of. Many smart phones and digital cameras have GPS systems on them. What individuals are not aware of is that taking pictures with the GPS setting turned on can store the metadata of the exact location; the latitude and longitude of where that picture is taken. This gives easy access to a perpetrator.  Here's a video of how to protect yourself from revealing your location on the web. Thanks for reading!

Reasoning behind me blogging, well...

This will be my second course that has required me to reflect on what has been learned in class. Prior to this course, I blogged for a health class I had taken; which had to have been one of my most successful courses. It was the first time one of my professors congratulated me for being the first person to received an overall hundred in a course, during all the years that professor had taught! Anyways, my reasoning behind blogging again is for the course Principles of Computer Security. Upon leaving my blog open to the public, I am hoping one day I will reflect on how to protect computers and someone will view my blog and better protect their own computer.
I would also like to clear up any confusion on the ingenious name I had chosen to be the title for my blog. Being that this is a Computer Security course, I felt it was only appropriate to quote Peter Norton, the founder of the major antivirus software, stating "computer viruses are urban legends" (Norton 1988).