Just How Much Personal Info Are You Giving Away?

It’s pretty well known that many websites make an effort to track you online.  Even when your not on their site!  But, just how much tracking is going on?

We decided to do a “quick and dirty” look at a few popular websites to see just how many different trackers are deployed.  And, it’s not pretty.  In fact, it’s pretty ugly.

1. Drudgereport.com is by far the worst offender with at least 37 different cookies, trackers, advertising preference systems, etc. looking at you.
2. The Kansas City Star’s website, KansasCity.com has 13 peeking at what your doing.
3. KCTV5.com weighs in with 16. 
4. The popular humerous headline site Fark.com is a heavyweight with 19 different trackers.
5. And last, but not least, on our list is the popular fact checking site Snopes.com.  Which is using 28 different tools to see what your doing online.

Now, what happens when you block most (if not all) of these different little logical spy devices?  When tested on a 1.5Mbs DSL connection (fast enough to get results, slow enough to calculate differentials) we got some significant results.  Here’s what we did:

• Blocked all advertising trackers.
• Left open all trackers that serve a useful purpose (live support, security checking, etc.).
• Loaded a predetermined set of websites and a Firefox Macro Script that would load each page in succession.  After one page fully loads, it loaded the next.

We cleared the system Cache between each test run (and we did 10 runs of the tests).

Well, go figure!  You can surf much faster with all that “spying into what your doing stuff” turned off!  Significantly faster (tests ranged from 10-14% faster).  And, we wern’t leaking all kinds of personal data, surfing history, etc. out to other people we just think have no business tracking us.

Want to protect your personal and business information?  Give us a call or email.  We can not only block out the “bad actors” that are tracking you and your employees every online move, it’ll get you a little bit more out of your existing Internet connection speed too.

How To Stop Annoying Interactive “Creepy” Ads

Have you noticed that when you search for something on Ebay, Amazon, Google, that the advertising on pages seem to know what you’ve been looking for?  For Example, look up “LED 3051 Strips” on Google and suddenly ads for lighting fixtures, Ebay auctions, LED suppliers and the like now appear on every page you look at.  It’s call “contextural advertising”.  Web sites are setting “cookies” in your browser that their advertising networks look at when you surf a page and then display advertising for the things you’ve looked for most recently.

Sometimes it’s okay.  You can find things that your looking for via an ad.  Sometimes it’s just creepy.  Don’t believe me?  Then google for “Hot Crossed Buns” and see what happens to the ads that are presented to you.  Yeah, creepy.  But, you can put a stop to sites that you don’t want tracking you (like Facebook) by using the Opt Out from Online Behavioral Advertising site.  A self-regulation effort that is honored by Ebay, Facebook, etc.  It’s not perfect.  But, it really helps.  Here’s how it works (from the page itself, which is located at http://www.aboutads.info/choices

• Find out which participating companies have currently enabled customized ads for your browser;
• See all the participating companies on this site and learn more about their advertising and privacy practices;
• Check whether you’ve already opted out from participating companies;
• Opt out of browser-enabled interest-based advertising by some or all participating companies, using opt-out cookies to store your preferences in your browser; or
• Use the “Choose All Companies” feature to opt out from all currently participating companies in one step. GO

Need even more powerful blocking?  Call, email, or simply CLICK HERE and OPENRSM can take care of it for your business.

OPENRSM Advises Changing AppleID Passwords Immediately

It seems to be Apple’s turn in the data wars between “fast buck” artists and real companies.

Apple iPhones/Pads are locking up all over Australia and the UK and being held for ransom by a scammer that has managed to gain control of the devices.  Apple has yet to comment but incidents in the US can’t be far behind.  The “Find My iPhone” service seems to be the only link between the users whose iPhones and iPads are being “held hostage” by the scammers.

From an article in  The Telegraph: “Currently there is only speculation about how the attacks have been carried out. Apple has not yet responded officially,”… “With the possibility that this attack is linked to your ‘Apple ID’, affected users are advised to change your Apple ID password as soon as possible.”

And, so you should.

OPENRSM Advises All To Change Ebay and PayPal Passwords Immediatly

Last nite, an official PayPal blogpost contained nothing but a title…  “eBay, Inc. to Ask All eBay users to Change Passwords.”.  Which was quickly taken down only after being tweeted and posted to Facebook many times.  Later, Ebay reported on it’s own official blog that their corporate network security had been breached…  In late February and early March.

What to do?  Log on to your EBay account and change your password!  And do the same with your PayPal accounts (as PayPal is owned by EBay and data is shared between the two (i.e. sharing the same corporate network).

You can view the offical Ebay blogpost at: https://blog.ebay.com/ebay-inc-ask-ebay-users-change-passwords/

Kickstarter Hacked – Takes Three Days to Tell Anyone

The popular crowd source finance site Kickstarter was hacked!  In an email received today, Kickstarter CEO Yancey

Strickler stated “On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data.”

Now, think about this for a second.  First, Kickstarter knew this past Wednesday that they had been hacked, and, only now are telling customers about it.  That’s three days that the hackers had to use the data they stole.  Second, Kickstarter had no idea they had been hacked.  They were told by “law enforcement officials” that they had been hacked.  I’ll bet their security people are having nightmares about theforthcoming pink slips about now.

But Wait!  There’s More!

Again, from the email Kickstarter sent to customers, “As a precaution, we have reset your Facebook login credentials to secure your account. No further action is necessary on your part.“.  Well, I do have to give it to Kickstarter for closing the hole (speculation here, but it looks like it’s in their FB Connect systems or related code).  But, it might not be a bad idea to change your Facebook account password about now.

Good News!  It Wasn’t A Total Loss!

Kickstarter also said that. “No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.”.   I am happy that Kickstarter didn’t lose my credit card data.  But I think I’m changing my PIN anyway, and check the account a couple times a day for a while.  And my Kickstarter account is more than likely going to be totally reset as well.

What’s The Lesson?

The simple lesson is that nobody is safe.  Kickstarter is a good company, with a popular online product, and good people working for them.  And if they can get hacked, so can you.  What’s the Lesson?  Keep your security updated.  Make sure your anti-virus is backed up with an anti-malware system in addition to remote cloud backups.  Don’t go surfing strange sites.  And change your passwords on a regular basis.

Need help getting all that done?  Click on our Contact link (above) and let us know.

Guarding Against Cyberattacks on Your Business

In every business there is always the “Oh Crap”! moment when a PC get’s infected with something.  And some more often than others.  What to do?

Well, using a quality set of firewall/filters/anti-virus is part of the solution.  And more than likely the only parts of the solution you’ve heard about.  But, there’s a whole other area of expertise afoot.  Who, Where, and What….  in RealTime.  There are tools that enable individual networ

ks to monitor such things (really expensive tools) but sometimes it’s better to back up and get the 50,000ft overview.  That’s where Realtime Threat Monitoring comes into play.

We use several realtime tools like this (and they’re so private I’m not even allowed to put up a pic of them).  But there is a public realtime threat monitor out there that will give you the high level overview of what’s being targeted, by who, and where they are that has been released by Deutche Telkom (T-Mobile for my US customers).  If you click on the picture of the tool in action it will pop up a window and you can see what’s happening in the world of cyber threats in realtime from monitoring stations spanning the globe.

And you’ll see why you don’t want your own tool, and will want to just have OPENRSM “handle it” when it comes to cyber security.

AT&T Usage Billing and Refuses To Say How It’s Computed

It seems that AT&T is playing games with it’s new “Usage Billing” forumlas.  And it’s not pretty.

We spotted this article on Slashdot today.  One that our customers that utilize AT&T services should be very concerned with.  You see, AT&T is now billing for how much data you consume.  Which, on it’s face, sounds reasonable.  But in reality it has no basis in reality.  Slashdot user STOX‘ received his first AT&T bill that included usage billing and being a “high tech” guy, he went to check it out.  So, he measured exactly how much data (transmit and receive) he used with a reputable tool that looked at his router’s statistics to tell him the true numbers.  Comparing it to what AT&T was claiming he used there was a very large disparity.  A 20-30% disparity. 

So, he called AT&T and was informed that the way that AT&T computes data usage was “Proprietary”.  Which is a not so subtle way of telling us that they just plug in whatever number they want, tell us that we’ve used a certain amount of data, and bill for it.  With no way to tell if the billing is in error, accurate, or totally bogus.

Businesses and individuals  that utilize AT&T need to be very conscious about how they are being billed for data rate services.  If the ability to double check what your being billed for is hidden, how would you ever be able to know if your being billed accurately, fairly, honestly?

It takes both technical experience and a deep understanding of what just is and is not allowed to properly interpret telcom billing.  If your on AT&T it’s time to get ahold of OPENRSM to do a thorough review of the services you receive, and how your being billed for them so that you can know just what your getting and what the true costs are.

Windows8 – Now With In App Advertising!

Yes, you heard me right.  And HotHardware.com is reporting it, and Microsoft is confirming it.  Windows8 paid applications contain advertising.  Right now ads f

Windows8 Metro (i.e. no Start Button) Interface

or Coca Cola, Ford, and Samsung have signed up (among others) that will  show up in applications (like Finaance, Weather, News, etc.).

With a “normal” operating system and applications (that you pay for) you wouldn’t expect to have ads.  Free apps, sure.  Paid apps, no way.

And there are no notices or warnings, opt-in/out boxes, etc.  The ads are there and you can’t remove them.

I wonder how many people would pay for a Windows8 App that kills the onboard advertising?  It seems that Microsoft may have either created something to raise the ire of every business customer, or, created an opportunity for a clever programmer to join the millionaire ranks.

If You Are Using Sophos Anti-Virus You Need To Call

It has come to our attention that there are serious flaws that have been identified in Sophos Anti-Virus by security researchers at Google.

OPENRSM has never used, nor provided, Sophos Anti-Virus.  And it seems that our own internal evaluation to not provide or support Sophos has been sustained (for additional reasons) by Google.

You can read the 30 page report by Google HERE:

You can read more about the findings that Sophos is insecure HERE.

And you can always call 816-200-2220, or email [email protected] and OPENRSM will help you with your IT questions.

Why Your PCs are Infected

Ever wonder why there seems to always be a PC that’s slow, infected, issuing pop-ups, redirecting your Google searches, etc?

It’s because they’re infected!  “But we have anti-virus installed on all our machines” is the usual self-denial cycle that sets in.  Usually followed with “why can’t you keep this from happening?  Your the expert here?”.  Which is a valid question.  And now, what we’ve been telling our customers for years has been documented.

“Zero Day” exploits in Windows, Applications, etc. go for MONTHS WITHOUT THE SECURITY PEOPLE KNOWING IT!

An article in Forbes (click  HERE) tells the tale.  The people who publish software are often unaware of their own security weaknesses for months on end.  Ten months is the average.  This means that your anti-virus/malware software won’t even know about the threat from a “Zero Day” exploit when you click that dubious link that causes your system to become infected.

Or, as the article in Forbes put it…  “…the value of the benevolent hackers who find and report bugs in software before they’re exploited. Without someone to dig them up and demand they be fixed, those hackable flaws are far more common, and remain secret far longer, than anyone may have realized.”

Which is exactly why you have PCs in your business that get “infected” with malware, adware, etc.  And it’s exactly why every business needs to have a company like OPENRSM taking care of your critical business network and systems.  Having people that understand the cold hard realities of protecting networks and pc’s and more importantly, being able to get rid of malware and viruses without your anti-virus protection even knowing that something is wrong.