Quick Bytes News – October 2105

Up to 30 minutes FREE consultation time.

Cafe Conundrums of the Online Flavour?

Welcome to the October version of Quick Byte News

Many of us like to take our mobile devices into public recreational spaces and as we are such busy bees these days we tend to fill every moment.

With the explosion of hand held and lap/table toys we have its so easy to connect to anywhere and exchange all kinds of data. Naturally many will seek to check their bank account, maybe to see if they can afford something they are minded to buy or do. It has become so easy!

Those of us in the I.T engine room tend to pick up on what others are doing which is why I flag up things that come my way which the public ought to know of, especially when this concerns their own banking or other security.

Today I have read this account from Threatpost, a long established online security site. This one flags up concerns about ‘cookies’ (non edible type) and how smart crooks might be able to use them to break into your online security and perhaps steal your data or money.

Previously cookies were fairly innocuous little text files which reported rather ordinary info on your browsing back to websites when you revisited them, mostly harmless and helpful stuff. (unless you have ‘drifted’ from the accepted norm, of course).

So what is this dire warning? You can read it all here.

But if your not minded to take it all in, the part that particularly caught my eyes is below.

“The researchers said the vulnerabilities are present in a number of heavily-trafficked sites—they identify Google and Bank of America by name—and added that a number of consequences could include privacy violations, account hijacking and financial loss.

“You are on a network which the attacker can control (such as at Starbucks or an open WiFi). The attacker temporarily hijacks your browser to insert cookies for a targeted site,” Weaver told Threatpost. “Now, sometime later when you visit the site (on a different network, under different circumstances), your browser presents the bad cookies to the site, and the site acts on the bad cookies in a site-dependent way. e.g, it could just simply track the user, or it could be a full XSS attack buried in the cookie itself.”

This  warning is probably a little ahead of the bad guys (‘n’ gals) for a little while so just for now I don’t think I will be giving up my out of home online habits, but do think it a good idea to be proactive in alerting people.

Your browser can be set to automatically delete cookies on exit of the programme, however this may impact some of the websites you regularly use. So its best to set aside some time for testing if deleting cookies affects those sites you need them active for, at a time when it isn’t a pressure on you to use the site(s). Its a judgement you need to make to balance the convenience with the risk.

Have you considered which browser is best yet?

Do check out the Privacy & Security assessments sections that are done by various online test houses in articles like this one.

These can be very useful in offering you a clear picture of browser features generally, although I suggest that you go directly to the manufacturers own website to download a browser you want. This is because many file distributor websites do earn revenues by adding advertising code to their ‘free downloads’. Otherwise you could end up with annoying new applications that annoy you with distracting ads!

Smartphones & Tablets

I read this week that up to 85% of smart enabled devices may be vulnerable simply because their operating systems are not updated, or applications with web access on them are not updated. The article is here. So if you use yours for anything financial, you know what to do.

Spybot Anti-Beacon for Windows 10 – for those of you affected by Windows 10!

“This is a small utility designed to block and stop the various tracking (aka telemetry) issues that come with Windows 10. Seeing the bunch of incomplete or broken scripts to disable tracking in Windows 10, and the tools that install adware or worse in exchange for their function, we wrapped disabling tracking up in a small tool that’s free and clean. Might or might not become part of the next Spybot, since it’s similar to immunization, but it’s needed now, and it’s still work in progress as more and more information evolves”.

Naturally I will be very happy to help with any tasks mentioned above for you, perhaps as part of a general clean up / service of your PC or laptop.

Please give me a call (or text) on 0757 900 1747, or email – pct@phonecoop.coop

Greg Dance

PC Techniques