Is It the End of the Internet As We Know It?

Is It the End of the Internet As We Know It? 

On the cusp of 2018, the REM song, “It’s the End of the World as We Know It,” comes to mind.

The world is not ending, but the world as we know it sure is, especially the world of the Internet. How so?

FCC Ends Net Neutrality
The Federal Communications Commission voted in early December to repeal Obama-era net neutrality rules, which required Internet service providers to offer equal access to all web content, without charging consumers for higher-quality delivery or giving preferential treatment to certain websites.

Online Caste System?
Doing away with net neutrality rules provides opportunity for Internet providers to charge for bandwidth use based on content accessed. Translation, the more you can afford to pay, the more bandwidth and therefore more resources that will available to you. So the wealthier among us may well enjoy the full flavor of the Internet’s offerings, and the wealthiest companies will be able to cater to those tastes. 

As for the rest of us, “Let them eat cake,” Marie Antoinette famously exclaimed. 


This is alarmist, I admit. Time will tell. But you can bet rights activists, hackers, and the younger generation won’t take these controls on open Internet access lying down.    

Dying a Slow Death
From a larger vantage point one could argue, as Farhad Manjoo of the New York Times has, that net neutrality won’t change the Internet much, because it’s already been dying a slow death. Per Manjoo, “American Internet companies — Amazon, Apple, Facebook, Google and Microsoft — “control much of the online infrastructure, from app stores to operating systems to cloud storage to nearly all of the online ad business.”

You Can Take Action
If you are concerned about keeping the Internet open and equally accessible by all, please consider contacting your congressional representatives, Tulsi Gabbard and Mazie Hirono. As of the date this article was written, Senator Ed Markey of Massachusetts introduced a Congressional Review Act resolution to undo the FCC’s repeal of net neutrality rules.

Giving is Good
Also if you’re feeling generous - in the spirit of the season - please consider donating to organizations which fight for an open Internet: Mozilla and the Electronic Frontier Foundation. 

https://donate.mozilla.org/en-US/

https://supporters.eff.org/donate/

As this is a security and privacy blog, I will note one privacy concern going forward could be that Internet consumers will be cajoled to give up more personal information in order to get better Internet bandwidth deals. 

Happy New Year!
Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

The Troubles with Kasperksy

The Troubles with Kaspersky

Some of my clients have expressed concern about using Kaspersky software due to news reports depicting Kaspersky in a bad light.

I believe to this day Kaspersky's software products offer good security against hacking and malware.

However, there is some concern about Kaspersky's collusion with the Russian government and being overly intrusive on customers' computers.

If you're interested in moving away from Kaspersky or need to install better security software to replace what you have now, here are some options.

Other options

If you’re willing to pay for security software, I’m currently recommending ESET. (Disclosure: I’m a reseller for their products.) As for free software, I’d recommend BitDefender for Mac and Avira for Windows. The free Malwarebytes is decent too; their paid version even better.

Note: Be careful about installing too many security software products. I’d recommend no more than two, because more than that can cause conflicts and bugger up your computer.

First line of security is you! 

The frontline of security is actually you, the user. So educate yourself on best practices for keeping safe online.

Here’s a good site to check out on that topic, whether you’re a senior or not: https://safeandsecureonline.org/seniors

Happy Thanksgiving!

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Are You Over Exposed?

Are You Over Exposed? 

I'm not referring to what you do or don't wear in public. Here I'm talking about what personal data you expose online. 

Take stock of your exposure
How many email accounts do you have? How many social networking accounts? How many media outlets do you subscribe to? These are things to take stock of. 

Your risk of getting hacked

The more software services you have running on your computer (programs you have installed) that connect to the Internet, and the more accounts you have with various online entities, the greater your risk of getting hacked or exploited. 

Why is this? Because it’s a numbers game – sooner or later one of the services you run or access will be hacked. Depending on what information you gave them, you may become a target on hacked data black market. 

How to reduce your exposure?

My suggestions are as follows:

1. Give careful thought to whom you give your email and contact info. Imagine what would happen if they got hacked. What data would the hacker have of yours? 

2. Uninstall any software on your computer you no longer use. Software programs are reaching more than ever out to servers for updates and other communication. These programs can be a beachhead into your computer if compromised.

3. Close online accounts of any sort that you no longer use. If you have an old email that you might occasionally need to reference, then at least suspend the service so no new mail comes in.

4. Use a strong spam filter for your email, and unsubscribe to any services you no longer use that show up on your spam list. (You can label anything that comes in as spam and sort it out when convenient.)

5. Use a unique password for EVERY SINGLE ONLINE ACCOUNT. If you share passwords between accounts and one account gets hacked, the bad guys and gals will try that password on any other accounts linked to you that they can locate. (You may like to read my July blog post about passwords.)

6. Pay attention to news reports related to any accounts you have—email, banking, social networking, etc.—and act promptly if their system has been compromised. Usually the most critical action to take is changing your password. Then start monitoring the account for unusual activity. 

One last note: Parents, be nosy about what your kids are doing on their devices, and teach them about safety and security. They rely on us for such things in the offline world; we should help protect them online as well.   


Thanks for reading!

Sam

Free Software. Too Good to Be True?

Free Software. Too Good to Be True?

You get what you pay for. We all know that expression - implying the less you pay, the lower the quality and vice versa. This is not always true of course, because sometimes the best things in life are free. (How's that for getting away with two clichés in one paragraph!)

Zero dollar payout
So what are some good things you can get for free? Well, plenty of decent software is free. There are plenty of reputable free security programs like Avast and Malwarebytes, and tune-up programs like CCleaner. The basic version of these is free - yes, zero monetary cost to you. The upgraded version with more features does however require a purchase.

The price: Pop-ups 
If you don't mind the somewhat annoying pop-up messages the free versions include I think you'll find many of these programs do the basic job well. (The pop-ups are prompts to upgrade to the paid version of the software, which in some cases, like Malwarebytes, is worth the investment.)

Try before you buy
Aside from the price, one benefit of free versions is the chance to try them out - you can see how you like their features and what effect they have on your computer's performance. Also, if you suspect an infection on your computer, you can run one free malware scanner after another to check for and remove any nasties. Many times that's all I use when cleaning up my clients' computers. It takes some know-how when deciding what actions to take, but the software is gratis.  

Be careful what you download
There is one caveat to mention: Some of the free programs that show up in web searches are actually scams. So be very careful what you download and install. I or other techs will be happy to advise you (for free) on which programs are likely safe. You can also check sites like download.com and bleepingcomputer.com for suggestions and reviews. 

Open source options
In addition to the free versions of commercial software there are many free open source programs available for download. (The ones mentioned above, like Avast, are not open source; they are produced by for-profit corporations hoping you will upgrade to the paid versions.) Open source means the source code (the programming used to create the program) is not proprietary - so anyone can inspect it, copy it, modify it, and make a new program from that source code, whether for personal or commercial use. 

Community spirit
What I like about open source is there is a community feel to it. Ideally, when people use the open source program they provide feedback to the developer, who in turn improves the program. These programs are often hobbies, experiments, or projects for computer geeks. The developers often accept donations, which I give to the ones whose programs I have benefited from. The downside is sometimes the quality is not at the level of paid programmers. 

Open source samples
Here are some examples of open source software you might want to try, available from sourceforge.net

• Apache OpenOffice - use instead of MS Office if you don't already have MS Office
• Darik's Boot and Nuke - use to make a bootable disc so you can erase an old computer's hard drive before you send to e-waste or donate
• Angry IP Scanner - scan your network to learn all the devices connected. It reveals if anyone is on your home or office network who shouldn't be!
• Brave Browser - browse safer and faster by blocking ads and trackers. Brave blocks harmful advertising, tracking pixels and cookies, and redirects sites to HTTPS.
• VLC media player - this is a renowned media player that works with most multimedia files and DVDs, audio CDs, VCDs, and various streaming protocols.

So in a nutshell there are numerous useful free software programs available online, some commercially produced, some open source. Like eating tasty fresh fish, enjoy the meat but watch out for the bones. 

Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Best Practices for Passwords

Best Practices for Passwords

One of the distractions these days to smoothly using computing devices and online resources is the dung heap of passwords one accumulates. Yeah, we all know the stench.

Password management
Some of my clients have made their lives easier by using a password manager, like lastpass.com, which I recommend. Others keep their passwords in a notes type of program which is viewable to anyone if the device is accessed locally or by online hack. This is NOT safe! Still others resort to old school means - writing credentials on paper and keeping that handy, or unfortunately sometimes, misplacing the paper.

This is one area of your life where you have to give latitude to the OCD part of yourself. You can’t be too careful with password storage. 

Make them Unique
Whatever system you use - and I strongly recommend something that’s secure against theft or loss – is to make sure each password is unique. Why? Because if a hacker gains access to an account by cracking and revealing a password, she/he will attempt that same password on any other accounts you own that can be discovered. We don’t have the same key to our car, home, and office – the same prudent approach should apply to software keys.

NIST Guidelines
Where to begin when creating passwords? The National Institute of Standards and Technology (NIST) recently published guidelines that alleviate some of the difficulties. Here’s what they recommend based on research:

• Minimum length of eight characters; maximum length of 64 characters
• No need to create complexity with numbers and characters like $*&
• No need to periodically change passwords (although some online systems may still require this)
• Avoid common words, found in the dictionary
• Avoid anything associated with you as an individual - like maiden names, birth dates, children’s names, etc.

Strong Passphrases
Here are some examples of strong passphrases I generated with an Android app called Diceware Password Generator: “Graveness shallot relative tassel untried”. Yes, all those words together are the passphrase including the spaces. To break this would require 164 days of effort from a sophisticated hacker, like the NSA. A simpler passphrase created by this app is “banister extinct evict rejoin”. It would take 30 minutes to crack this one.  

Dumbledore
Yes, these passphrases are complex. However, if you create one that you can memorize, then you can use it for a password manager like Lastpass as your master password. Thereafter follow NIST guidelines above for your online accounts - in my opinion, using long unusual words like Dumbledore or Beatlemania, or combos of words and spaces like Queen of Hearts or Stairway to Heaven.

Be creative!
Of course, some websites will require you to use their system of password lengths and combos of upper-case letter and special characters; but for everything else, get creative, break free, and have some fun with the drudgery of passwords! And again, keep them unique to each system.


Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Get Your Guard Up! We're in the Data Surveillance Age

Get Your Guard Up! We're in the Data Surveillance Age

Remember back in the day when we were worried about Big Brother government's intrusiveness into our personal affairs? Well nothing's changed. We know this, thanks in part to Edward Snowden's heroic disclosures. It's just been made much easier to tap us because of our online lifestyles.   

In my opinion, though, as for spying and privacy violations, the average citizen has more to worry from the private sector. (Unless of course you're Muslim, affiliated with one of our enemies du jour, or cross swords with government policies.) 

Your browsing habits are now for sale
Case in point: If you've been following the news, President Trump signed a bill in April that permits ISPs (Internet service providers), like Oceanic Time Warner and Hawaiian Telcom, to sell your browsing habits to marketers. This is akin to your phone service provider listening to your phone conversations, then selling those transcriptions to telemarketers. 

Here are some tips to protect your privacy in this age of exploitation and plunder of personal data.

Use a VPN
If you don't want ISPs or others (like governments or hackers) to examine the details of your Internet usage, you can surf anonymously by using a VPN (Virtual Private Network) service. Of course, you have to trust the VPN provider. Here's one site that recently reviewed VPN services: https://goo.gl/jVqcrB. (I'm currently test-driving a VPN service called NordVPN.) 
Here 10 reasons to hide your IP with a VPN: https://goo.gl/n39uE9

Use HTTPS Everywhere
This browser extension is provided freely by the Electronic Frontier Foundation. When installed, it forces encrypted connections to https (encrypted) websites you visit, and when fully enabled, will block all unencrypted requests. You can read about this tool and get it here: https://www.eff.org/https-everywhere

Disable Third-party cookies
Be aware cookies are little pieces of data sent by a website and stored in your browser. Third-party cookies are cookies placed in your browser by a website other than the one you're visiting. This occurs when you visit a website and their advertiser(s) set a cookie, which allows that advertiser to track your visits to other websites. Here's a link explaining how to block third-party cookies. https://goo.gl/PnAXt3 

Read provider privacy and data use policies
Do this for any service you use, including Google, Facebook, travel booking services, your ISP, etc. They all BADLY want to know as much about you as possible so they and/or their partners can get you to open your wallet and spend, spend, spend! As an example, here's what Google does with their users' data: https://goo.gl/LPEHv2

Of course whatever measures we take to shield our privacy will be met with countermeasures. There's too much money at stake to expect otherwise. So if data privacy is important to you, you've got to stay current with protection measures.  

Wishing you an inconspicuous day in cyberspace!

Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Boost Your Email Security or Suffer

Boost Your Email Security or Suffer

For years now the electronic mail system of the Internet (email) has been a victim of annoying advertising spam and virus attacks. 

The latest threats to email include hacking to take control of the account, spam with links that when clicked infect a computer with ransomware, and tracking/spying on email usage by email providers and their affiliates.   

Below are some suggestions for boosting email security. Remember though, networking and the Internet were not designed from the ground up to be a secure communication system, nor was email. Whenever you send something via email it can be compromised somewhere along the communication chain. 

• Use separate accounts for business and personal use. In my opinion, it's generally more likely a personal email account will be compromised. You don't want your business contacts exposed by a hack. 
• Ditch Yahoo email. Use Gmail instead. True, there are privacy concerns with Gmail. But I believe Google does a much better job at security than Yahoo. Just read the recent news on the hacks of Yahoo's system and their failure to take action and disclose. 
• Use 2-step verification. This requires that someone trying to access your email from a device you haven't previously used/approved will need to enter a code sent by text to your phone to gain access. 
• Use unique, complex passwords for each account, and make sure passwords are not used for any other online accounts. 
• Don't send anything confidential by email. As mentioned earlier, email isn't inherently secure. So don't email account numbers, passwords, social security numbers, etc. If you must share this stuff via email, find a means to encrypt the data, such as zipping an attachment with the 7-zip program and using a password/encryption. This is not perfect security, but raises the bar. 
• Set your spam scanner on aggressive and check the spam folder often for valid email. You can white-list the wrongly labeled "spam" email so the filter won't screen it out next time. 
• Use Antivirus software to scan all email if you use a program like Outlook, Thunderbird, Windows Mail, etc. 
• If your email is hacked, changed your password immediately and monitor the account for oddities. If the hacker sent email from you to your contacts, immediately notify your contacts about the hack - tell them to be careful about suspicious content, including asking them to click links.

Bottom line, whenever you check your email, pretend you're walking in a strange city at night. Keep your guard up! Criminals and miscreants are trying every trick in the book to get to you via email. 

Wishing you a safe day in cyberspace!

Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Beware of Click and Tap Fever

Beware of Click and Tap Fever

Living much of our lives on digital devices has programmed us to be adept clickers of the mouse or tappers of the finger. Kids especially do this at lightning speed!

But we have become so adept that we're clicking and tapping way too fast, too reflexively. It would behoove us to be more deliberate, especially when selecting weblinks.

Weblinks from Hell
Selecting weblinks without thinking can get us into big trouble, as one click or tap can cause a computer infection, or worse yet, a completely hijacked machine. (This is more common on Windows computers than on Macs or mobile devices – at least for now!)

So, best practice is to NOT open emails, links, or attachments from strangers, or even people you know if something seems suspicious about the email. When in doubt, delete.  If the message is important enough, the person will call, or you can call them.

Careful on Facebook
This applies also on social media sites like Facebook, where clicking a link in a poisoned advertisement can lead to infection.

Don't get Phished!
Phishing is big business in the cybercrime world. Phishing (a twist on the word fishing) is all about trying to hook computer users by clicking/tapping links to infect a computer, scam with a product or service, or hack a computer in various other ways.

The US government created a campaign to promote more careful web use. It’s called Stop.Think.Connect. I recommend you check out their site. (Yes, this link is safe)

https://www.dhs.gov/stopthinkconnect

Training is key
If you’re an employer, you can print out material from the site or show a video clip to your staff. Education is key to reduce risk of getting hacked.

I give cybersecurity presentations to businesses and community groups. You can contact me to schedule on Hawaii Island.

Last, I’m recommending Malwarebytes Anti-malware 3.0, the paid version, to my clients these days. Training and knowledge is primary, second is good security software. 

Here's the site: https://www.malwarebytes.com

After you buy and install it, close all programs on your computer and run a full scan, including your external drives. 

Wishing you a safe day in cyberspace!

Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Tech Magic Comes with a Price

Tech Magic Comes with a Price

So, did Santa give you the new Internet-connected gadget you hoped for at Christmas? Remember, as they say in fairy tales, all magic comes with a price!

The magic in modern times is technology. One of the prices in the cyber realm is the security vs. pleasure trade off.

This shows up when we get or buy a new gadget like a web cam for home "security", then hear on the news they're getting hacked left and right due to poor protections built in by the manufacturers.

Assume the worst!

Assume the worst when you set up a new device! Check with one of your techie friends about it. Or do a web search, inquiring about security and privacy concerns.

There are ways to fix some of the known security holes in vulnerable web devices, such as updating software/firmware, changing default settings, and turning off any unwanted features.

Amazon Echo Dot - can be too convenient

Like web cams, the Echo Dot is a cool web toy. If you haven't experienced it yet, you can check it out on YouTube. One downside is it can be set for easy ordering from amazon.com. Hence there are many stories of kids ordering stuff without their parents' permission. Ouch$!

Keep a close eye on your devices and users

If you want to be security-minded and keep control of your devices - lest they control or jeopardize your bank account or worse - make a list of the devices you have and who has access to them. Keep the devices updated, and set desired controls (such as parental controls). If you're unsure about the vulnerability of any device, unplug it from the Internet until you research it or get some help from a techie.

Trust sparingly

It can be a painful lesson to "trust the company" who made it to have your security and privacy interests at heart. In my opinion, most don't. They want a fast turnaround on their investment.

Web cams (yes, I'm picking on them again) are notoriously unsafe in this regard. I recently unplugged security cameras for one of my clients due to the uptick in remote hacking of such systems. We can still see the cameras in operation and record video to a hard drive, but we have the system unplugged from the web.

Unplug to be safe

Along these lines, a good rule of thumb when leaving your home for travel is to unplug all your equipment, including your Internet modem/router. This is a good practice due to electrical surges from stormy weather, but also ensures no one can access or hack any of your devices while you're away.

And if you ever suspect a device has been hacked, turn it off immediately and get tech support from someone local or the vendor. Be sure to go directly to the vendor's website - don't just “google” for help on that device. There are plenty of scammers who prey on people searching online for tech support.

Wishing you a safe new year in cyberspace!

Thanks for reading.

Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send.