Secure IT Foundation

Posts Tagged ‘adult

Update 15/02/2011

Microsoft release a patch to fix this issue as part this month’s Patch Tuesday MS 11-006. If you use the Enable FixIt then you must use the Disable FixIt before you can successfully install MS 11-006 patch.

07/01/2011

Microsoft has recently confirmed a new security problem with the way XP and Vista versions of Windows handle image files. An image file can be altered to cause Windows to run code on your computer and allow a virus of trojan to infect your computer. All you need to do is visit a webpage with one of these malicious image files or receive an email containing one, no user interaction is required. There is no way of knowing if an image has been altered to affect Windows either. It is not just a case of a ‘picture containing the image of X person’ causes the problem, any image can be altered to include the malicious code.

Currently there is no patch available or planned for this month’s STOM. There is a simple FixIt made available for free from Microsoft, and we recommend that all XP and Vista Windows users run the Enable file. While the risk of an infection is extremely low to none at the moment, a similar problem discovered a few years ago was exploited for years, mostly in the adult end of the Internet.

Once a full patch is finally released we will update this information, as that is always the better long term solution than a temporary FixIt – See above!

SecurityBrad

One of the most popular questions we get asked, is how do I surf porn without my kids seeing what I have done? Goes along with, Which browser should I use from Firefox, Internet Explorer, Safari, Chrome or Opera? How do I cover my tracks from the family, friends, work colleagues, Police? What do I do if I think I saw child porn accidentally?

Although controversial with some theologies and moral compasses, here in the Netherlands it is considered a healthy sexual outlet to view adult material. A short walk around the Red Light district gives tourists an insight into this country’s views. Low teenage pregnancy rates, from educating children about sexual and personal health while still young enough for it to help, seems to be the benefit compared to the UK. Children are exposed to adult material from TV, the Internet and the sex industry at an earlier age, so through desensitisation, sex is taken as just another part of human life and no big deal is made about it. The Secure IT Foundation does not take a moral standpoint on adult material, we are interested from the security point of view. Just like sex, if you are going to do it, then do it safely!

The best advice we give is treat your adult surfing and day to day web surfing as separate activities, especially if you have children in the home or you share a computer. You may not want your children to know you like viewing material featuring teenagers not much older than them, or fantasise about being the opposite sex. Our secure approach to adult material is given below:

First the Don’ts!

  • Never use your home computer to view adult material directly
  • Never store adult material on your home computer
  • Never bookmark / add to favouritesĀ  / save web links to adult material on your home computer
  • Never give out your real personal information, family information, credit card details or other financial information
  • Never use Internet Explorer, even with InPrivate mode, as you will still be vulnerable from installing malware
  • Never use Firefox’s private mode as bookmarks may still be visible to other users
  • Never surf adult material in work, unless you are being paid to do it!

Now the Do’s

  • Use a Linux live CD – you boot your computer from the Linux live CD e.g. Ubuntu or Knoppix, not your hard drive. It uses your computer’s memory to run and unless you enable it, will not save any information to your hard drive. Once you shutdown your computer, your browsing session is cleared as the computer memory is lost when you shut down.
  • Use Firefox as your browser, mostly standard on Linux these days.
  • Use an online bookmark service e.g. www.bookmarksonline.org to save your adult favourite websites for Firefox – register for it, using a new web based email account created purely for this service.
  • Store files using an online file storage service like DropBox and use an encrypted TrueCrypt volume to keep it private.
  • Take care, if you like specialist material as the Internet is widely monitored. If you think you have visited an illegal site or seen illegal material then you should report it to the IWF in the UK, Meldpunt Kinderporno op de Internet in the Netherlands, or see the InHope site for your country. You should do this before you shutdown your current session, as even if you shutdown your IP address will lead back to your home, and you could have law enforcement seizing your computer. They will not find any illegal material directly by looking at your computer, provided that you used a Linux live CD, but your family, friends or work will know you have been arrested. Remember that a one off accidental visit to illegal material that gets reported will be treated very differently to a person who repeats the visit, emails the link, stores the images or videos or pays for a specialist service using their own credit card.

Be safe, have fun but keep it legal and away from children…

SB

The world is full of bad guys trying to take your money. They come after you using the Internet, with luring adverts for big pay out lotteries with odds too good to be true. They may send you an email offering you a share in stolen bounty from a civil war if you act as their banker. It may be a person calling you on the phone telling you that you have a won a prize or holiday. It doesn’t matter how they try and get to you, it is all a SCAM.

In the real world, when did you last get given money out of the blue by a total stranger with no strings attached? NEVER unless you are a beggar!

Technology just makes it easy for people you cannot see face to face, to con you from your money. The security ostrich is bad with security due to ignorance, but if you get taken in by your greed on the Internet / email / phone then you need professional help… not for your computer security, but you – for your addictive personality for gambling.

How to spot a fraud or scam:

  • Someone tells you that you have won a contest / lottery / holiday that you did not enter
  • Someone offers you a chance to claim a prize / opportunity to take part in new scheme / free holiday / free widget
  • Someone asks you for your bank details or credit card number while doing the above
  • Someone says there is a time limit or other factor making you need to take urgent action while doing the above
  • It sounds too good to be true

Simple rule is, if you wanted a service then you will get it yourself. Just say NO to strangers selling / givingĀ  / offering you items on the phone, at your front door, via adverts on the Internet, or by email. Just hang up, delete the email or use ad blocking software. If it involves your money then the default response should be NO. The more money bad guys make from scams, the longer that it will continue. You just keep it going for longer, so stop it.

But XYZ Lotto is real, it is not a scam, it says so on their glossy website?

Some scams are clever. They give the appearance of legitimacy that on first glance makes them look kosher. The underlying lotto may even be real and genuine but used as a cover by the bad guys. Glossy websites, lots of famous sounding companies involved, government approved etc. The classic example is a well advertised lotto based in Lichtenstein. You may receive a call saying you can win or have won money in this lotto. You check the website, google for them and find the first few entries say it is not a scam, see it is government approved. All sounds too good to be true. The catch is in the small print or the way you are contacted.

  • Is it the genuine lotto that called you, do you really know?
  • Is there a man in the middle using your credit card details and playing for you?
  • Does the small printĀ  / rules allow you to legally take part in the lotto?
  • Is it legal to enter a foreign lotto from your country?
  • Who decides if you are eligible or not if you were to win a large amount?
  • What fees would be taken if you were to win /will the fees exceed the winnings!
  • Can you appeal in the courts in the country if it all went terribly wrong?

Next time you you are presented a fantastic opportunity on the phone, by email, by social networking, by ads on the Internet or by people you know who have already been conned, think about it. If you were approached in the street by a hoody in a shell suit would you give them your bank or credit card details? So why do it when technology is involved!

SB



  • None
  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]

Categories