Thursday, August 6, 2009

Twitter DDoS Cyberattack Aug 6th

So Twitter shows its vulnerability again. What do you have linked to Twitter? A main email account? Your real-life name? What about Facebook?  I'm not concerned about privacy there because none of my real info is shared.  Sure they can track my entry and exit pages, look at my link to a blog, but I've already done my homework and there's nothing that can be used against me. How about you? 

Earlier this year Twitter corporate was hacked (in my blog archive a few days ago I mentioned this). The convenience of Twitter, all the applications, access by phone, ability to attach it to other accounts is part of what makes it vulnerable. Often attacks are harmless pranks, however sometimes hackers are testing just how unprotected a site is.  While Twitter isn't a pay service and your credit card info isn't on their corporate servers or the website itself, your name is, your email is, and that's not good.

Twitter goes down by DDoS cyberattack

Thursday, August 6, 2009

Twitter users were unable to access the Twitter homepage on Thursday, which the company said was due to an ongoing distributed denial-of-service (DDoS) cyberattack.
TechCrunch reported that Twitter was inaccessible as of approximately 9 a.m. eastern time. By 11 a.m. eastern on Thursday, the company posted on the Twitter status blog: "We are defending against a denial-of-service attack and will update status again shortly."
Media outlets on Thursday also reported that popular social networks LiveJournal and Facebook were suffering outages.
A DDoS or DoS is a type of cyberattack used by hackers to overwhelm a website or server with traffic to slow down or force a website offline. DDoS attacks often use botnets of compromised PCs to submit repeated requests to a targeted website.
Recently, DDoS attacks have been reported against the online media site Gawker, the file-sharing site The Pirate Bay and the messageboard 4chan.org.
A series of DDoS attacks beginning the weekend of July 4 hit government websites in the U.S. and South Korea.
More than 160,000 infected PCs were used in those attacks to disrupt service from sensitive sites including those of the White House, the Secret Service and the New York Stock Exchange.
ADNFCR-1765-ID-19300667-ADNFCR
The above cited from: MXlogic.com 

______________
Notice they mentioned compromised PC's. What does that mean? Same as my friend's dilemma. A backdoor program used an open port from her computer for malicious activity. How did this happen to her? Not using proper WIFI locking, allowing her kids to download software and games, not having a Zone Alarm and proper spyware detector.  Sometimes even those programs aren't enough, but you have to be vigilant. 

Privacy isn't free, you have to work hard to keep it. Next blog I'll list what minimum anti-spyware and locks you should have on all your computers.  If you're downloading things or using a Bit Torrent service, you should really consider having a separate computer dedicated to only that activity. Once your downloads are done, that dedicated computer is offline. If you're doing file sharing and need to be a "seed" download location for sharing bit torrents, then do not network the dedicated computer with your work or home computers. As for Twitter? It's harmless for social fun, just be aware that any info you share, real name, real location etc. is not private and not really removable from a cache online either, even if deleted. Facebook? I wouldn't touch it with a ten foot pole. There's no reason for me to be available for contact or to be found through my list of friends. To be honest, all of my real friends are people I can reach or email on my own. 

Bands and those needing exposure, it's a double edged sword. Remember the 4 P's Pay Price in Privacy for Publicity.  If you don't need your name private, that's fine, but watch your credit and debit cards, ATF bank drafts okay? And don't list your home address anywhere. 

Number one reason why sites or companies are either hacked or compromised? You got it, financial gain. Do you have too much info out there? Make a note to start changing things.

Wednesday, August 5, 2009

20 Important Privacy Tips if your kids are online

Can your kids ruin all the hard work you've done to maintain your privacy?

Face it, kids are going to download fun stuff, you can’t get around that. Don’t make the mistake my client did and have all computers in the home networked. Her business was on the same system as her kid’s computer and she suffered ID theft, complete with backdoor ports that were having her always-on cable connection acting as a server. Here are some key points for privacy when kids are online:

  1. Have ONE cheap computer separate from your network that is ONLY used for downloading things. When you or the kids are done downloading, you disconnect from the internet
  2. Your work computer should be separate from your kid’s computer. Don’t let them use yours for any reason. Password protect your files and don’t lose the password!
  3. Have the main internet cable in your room or office that can be locked
  4. Disconnect it when you’re not home if you don’t want the kids online
  5. WIFI – do not leave this open! Assign only specific computers access and use a password that no one can guess
  6. Photos online: Don’t do it unless YOU are hosting the page yourself. My advice is if you want to make a photo gallery, get a program that will make a Flash gallery so photos are harder to steal. (Case in point: woman finds pics of her toddler son being used as a child in adoption scam ring on Craigslist!)
  7. Also think about making a password protected site that friends and family can access. No more Picassa, Twitpic, Flikr, Photobucket
  8. If you have photos out there, name them as a bunch of jumbled numbers and letters so they don’t come up in searches under your name
  9. Use a no right click code on your webpages. While people can still steal or screen capture photos, it makes it frustrating for a novice
  10. Don’t let your kids post photos that aren’t blurred or cropped to hide address, license plate, vehicles and photos of home or other family.
  11. There are codes on most networking sites that will hide your age and location. It’s best if kids use these.
  12. Kids should pick a pseudo name and use it instead of their real name. Even so, make sure their real-life friends don't post your child's real name such as in comments on My Space
  13. When signing up for websites or services, kids should use a free AOL or Yahoo account (Yahoo is more secure)
  14. Phone numbers and info: Kids don’t always have common sense, they should never post their real names or any personally identifiable info online.
  15. If your child ever had their info filed in a public court record such as divorce or support filings, check online to make sure his/her SSN is blacked out on the scans. If not, contact the courthouse immediately to file and have this removed
  16. Schools are generally pretty good about not revealing info, but if you’re really in need of a high level of privacy, I know many parents who opted to home school.
  17. Instruct kids/teens not to tell others where they live unless it is a trusted friend. Have kids memorize a street that's a good distance from yours if asked where they live (do you really need your trees covered in toilet paper or deal with high school pranks?)
  18. Have kids use disposable email addresses for sign ups (Mailinator, My Trash Mail)
  19. Teach kids not to enter ANY info into a form or link that comes via email. Scammers use similar names or fake URL with a look-a-like page to trick kids into inputting sensitive info
  20. College kids: tell them NOT to post their college schedule publicly. Info should be shared via private email only, not via the mail on My Space or public sites

There’s a lot more, but these are important key points for you to consider. A little info is all an ID thief needs. Also keep in mind that not all predators are men. Increasingly adult women are stalking children. Bored women sitting at home have found it amusing to toy with teen girls by pretending to be a boy that likes them, or in one case, the adult woman, for no reason, posted a teen's racy pics on escort ads complete with the girl's home address which she found on a paid online people search! If a predator seeks out your child and gets obsessed, it’s all too easy for them to show up at your front door. I’m sick of all the stupid useless articles that tell a story and give vague remedies. You’ll get advice from us that’s been proven and tested. Stories we share actually did happen to clients and they've given us permission to share in order to help you. The Privacy Club will expound on the subjects with affordable books and printable forms for all your needs. Bookmark us or follow.

Tuesday, August 4, 2009

Celebrity Privacy - The High Price of Fame

The issue of celebrity

privacy goes back at least to the nineteenth-century growth of newspapers, but came to dominate discourse on privacy at the end of the twentieth century and beginning of the new millennium. In the United Kingdom, the death of Diana, Princess of Wales, in 1997 was regarded by many as due in part to media intrusion, enabled by the use of new surveillance equipment, and also due in part to press refusal to observe conventions on personal privacy for public figures.

In the United States, President Bill Clinton's impeachment in 1999 for having denied on oath improper sexual relationships became unavoidable when DNA analysis was carried out on his semen. Responding to the constitutional crisis that then arose, Thomas Nagel, professor of philosophy and law at New York University, made a plea for the protection of presidential privacy. In what he called "the disastrous erosion of the precious but fragile conventions of personal privacy in the United States over the last ten or twenty years," Nagel lamented that "American society has lost its grip on a fundamental value, one which cannot be enforced by law alone but without which civilization would not survive.… The division of the self protects the limited public space from unmanageable encroachment and the unruly inner life from excessive inhibition.… The growth of tolerance does not make the collapse of privacy significantly less damaging" (London Review of Books, 4 February 1999, p. 3–6). The support given to the president throughout the unsuccessful impeachment hearings in the spring of 1999 suggests that despite his admissions of wrongdoing, the U.S. electorate sympathized with Clinton's plea that even presidents have private lives.

A transatlantic case that came to trial under English law was the claim for damages by the film stars Catherine Zeta-Jones and Michael Douglas against Hello! magazine in 2003. The prosecution claimed that their right to privacy had been breached by the magazine's unauthorized publication of photographs from their wedding. Both sides claimed a vindication of sorts when Zeta-Jones and Douglas were granted the relatively small sum of £14,600 (US$23,360), including £3,750 each for emotional hurt, in compensation for what the judge ruled was a breach of confidence, since the couple had granted publication rights to another publisher. The judge rejected the couple's complaint about invasion of privacy since there was no privacy law in England. Commenting on the verdict, many British newspapers described the issue as one of control rather than privacy, thus illustrating nicely the gap between popular understanding and academic research on privacy.

Cited from:

http://science.jrank.org/pages/10853/Privacy-CELEBRITY-PRIVACY.html

Twitter Internal Accounts were Hacked!

As I typed the last entry I forgot to add this link: Website publishes hacked Twitter information.
Now if Twitter is not careful with their own internal corporate privacy, then trust me, they could give a damn about the user's info. Thank you Twitter for screwing up in an epic way and proving my point.

Like I said, please don't get careless with your personal information. Stay safe.

Tracking Applications - Twitter and others

Tracking is the norm for SEO web marketing specialists, businesses. Of course you want to track trends, keywords etc. What about social networking sites like Twitter. Let's take for instance a funny one, Tweetdouche (pardon the name, it isn't my fault) It's a silly app that tracks everyone on Twitter who has been called the "D" word.

Ok, haha, so it's funny. What else are people tracking? Twitter is not secure by any means, and there's no way to be totally safe online even if you lock your tweets. You're being tracked online wherever you go. Yes you can use services like Anonymizer which are very good, but still you can be traced. Even if you did nothing wrong, your name, email, location and statistics are logged and saved somewhere. Even if you clean out cookies in your computer, there's still a file on you. I can tell what page you came in from and where you exited to. If you for instance, go to one site and then exit it and leave for a porn site, bingo, you'll soon find lots more Viagra and naked chicks in your spam box. If you click on any of those emails, you've done the spammer a favor - you've just validated your email as a good one to sell on the spam market.

On Twitter, if you dare even jokingly type in the word "porn", you'll be inundated by the bot applications which are written and set to scan Twitter keywords constantly. Type in the word boner or sex? Hello - you now have followers who are really bots trying to lure you to naked pictures where more spyware resides. Even if you erase a post, it's still cached out there in cyberspace.

Biggest mistakes that lead to Tracking Applications getting too close for comfort?
  • Using a real name
  • Using an email you use to pay bills or do business and personal things with
  • Giving too much info about where you live, landmarks nearby, posting your email address
  • Your kids just trying to be friendly and posting too much info
  • Photos of you and your kids (think Michael Jackson was crazy for covering his kid's faces? Nope, he was being a protective parent, like him or not)
  • Taking Twitter quizzes and anything that says "sign in with your Twitter account"
  • TwitPic - did you pay attention and check the box that says DON'T post on public timeline? Do you really need all the world knowing your personal business?
  • Photo no-no's - License plates. Did you remember to blur any license plates before posting a pic? Addresses, landmarks?
  • Signing up for Twitter, My Space, Facebook with your main email
  • Taking surveys

As you can see there are many ways you can be tracked. Want to see just a teeny bit about what sites can tell about you? CLICK HERE to see right now. Trust me, they see and track a lot more than the basics.

IP addresses are tracked, though they don't trace directly to your home. They serve a general "area" that can extend for miles. Once you've put in your email address however, the apps have your general area, plus access to your email. Ever wonder how spam will put familiar names in the from or subject lines? One of my emails is a made up name, the ending is "adek" Suddenly spam arrives addressed to Mr. or Mrs. Adek, and even has the frigging audacity to include an attachment saying "Photos from Adek reunion". Are people so stupid that they'll open the attacment? Yep, someone did once, and now the scammers are milking it for all it's worth. There's a fool born every minute and I'm often shocked at what my clients innocently get themselves into.

My Twitter Test
My test for Twitter tracking apps and ads: Got a virgin Yahoo account. Kept it for months, no spam except the usual petty garbage you always get with Yahoo. The second I signed up for a Twitter account with it, I'm inundated with spam and all of it is relevant to things I've talked about or mentioned on Twitter. I do not use this account on anything but Twitter. Coincidence? The tracking of that email will dead end with Twitter since I use it exclusively for that. They will not be able to trace what else I sign up for with that account and make a profile on me? Getting it now?

While SEO people study marketing trends, I've been forced to study spamming trends. Next post will be exclusively about anti-spyware programs and how to keep your kids' browsing and downloading from harming computers in your household.

This post was timely since I just got done counseling a client yesterday who had ID theft via a so-called friendly application that got into his computer through social and dating sites. It
was running backdoor applications through ports thus using his computer as a server. He has a cable connection that's always on, so bingo, this is just what the hackers were looking for.

Social networking is fun, Twitter is fun, but, like I tell my clients; remember the old saying: "An ounce of prevention is worth a pound of cure"

If you enjoy this, subscribe or follow us on Twitter @ThePrivacyClub
New website should be up this week as well.

Sunday, August 2, 2009

Privacy and how to keep it - Tips and Tricks

This is a preliminary blog that needs to be updated. Content will cover all the nasty little tricks the corporate world and even the government use that jeopardize your privacy, safety and security. ID theft is rampant and by popular request, I've finally decided it's time to write a blog about it.

Currently I have several books in the works, and also working the kinks out of my website and publishing company. Understandably this is a lot of work to take on, which is why I was reluctant to start a blog at all. After consideration and interest from social networking sites like Twitter, I feel I have useful info to share with all of you, tempered with a bit of humor and sarcasm as always.

What's my IP?