apple mouse

Apple’s Yosemite Update Exposes User’s Privacy Settings: How to Fix

Sometimes first-round launches of software reveal vulnerabilities not taken into account during the development process. If you have a Mac device and have upgraded to OS X Yosemite, you might be at risk of your IP address being exposed. As Data Privacy Day nears on January 28th, many of you are looking for a way to secure your information and protect yourselves, and education about cyber crimes and your options are at the forefront of this cyber war.

While the Yosemite bug does not have an official fix performed by apple developers yet, we uncovered an alternative for the Yosemite vulnerability, and we’ve brought it to you for peace of mind.

The Yosemite vulnerability is caused by a new Spotlight bug that targets the user’s privacy settings, reportedly by a backdoor in Apple Mail specifically designed for spammers, advertisers and phishers. As you know, Spotlight was the search mechanism introduced into Apple’s software, starting with the iPad 2 Retina Display and the applicable Mac product at the time. Using it allows the user to search for anything on the device, it’s software, it’s settings or online depending on the search topic.

However, Spotlight was discovered to not only search for useful items on the device; it also emits the users privacy setting information current installed operating system and devouges the user’s browsing activity. Under the new spotlight update, the user has the option to check a box that will block third party content, however, the bug continues the connection even after the user has checked the option.

Without fixing the issue, advertisers and spammers who use the “tracking pixels” technique to communicate email addresses and system information to servers, will have access to the user’s private information in settings.

Who does this affect?

The bug does not compromise every Apple user; only a specific niche of Apple users. If you have an Apple product such as an iPad, a Mac or an iPod, and you take advantage of the spotlight feature to search for items on your device, and you also use Apple Mail products, then you are at risk for having your confidential information exposed to third-party advertisers. There is no security check from the server or the device to prevent unsolicited emails or advertisements from these sources.

Here’s how to fix the bug.

Apple Mail users can bypass the bug by removing “Mail” and all it’s services from their Spotlight Search. By entering “System Preferences” and then opening “Spotlight”, you can eliminate Mail services from the search function by un-checking the “Mail and Messages” checkbox.

If you’d rather avoid the issue entirely, you can migrate to other apps including Dropbox Mailbox, Google Sparrow or Mindscene Mail Pilot.

These are the only two current ways to protect yourself from the Apple vulnerability. Currently, you cannot use Apple Mail and Spotlight together without being affected by this bug.

Government and Companies sharing your Info

HOMELAND SECURITY SEALWith the recent bout of internet hacking, the Obama administration announced they had been working on a cyber security plan act that would revamp the personal security laws and legislation and launch them into the 21st-century. Arguably, the biggest issue regarding the continued fight for online security has been the reliance on outdated laws that were created before the Internet existed or any of these cyber threats were even thought of. The process of changing legislation is a complicated one, as it involves changing the foundation of a country that relies so heavily on its cemented constitution.

Now that the country as a whole, has come to an understanding that the times we live in are much different than that of when the Constitution was written; it is evident that some of these laws must be changed and others created in order to keep the United States safe from overseas cyber attacks, and keep the people of the United States safe from online hacking. However, the new plan does not sit well with most.

Currently, legislators who have viewed the plan praise the administration for striving to solve the cyber threat, but vote in favor of reevaluating the plan and suggested needs further review. Their concerns come from a section of the plan that proposed sending all of user information over to government agencies and institutions such as the national security agency ( NSA), a government entity that has caused much controversy over the unconstitutional spying of US citizens and gathering of their online activity information.

Format of the proposed plan:

The proposed plan is a rather ingenious one for two reasons. It can either serve to strategically protect US citizens from cyber attacks as intended, or it can strategically entice companies to take part In a massive gathering of user information in exchange for lesser liabilities. We’ll explain, the plan proposes to offer companies with online interactions with users and customers, the opportunity to join forces with the Homeland Security Department’s National Cybersecurity and Communications Integration Center, and voluntarily share computer data information with the national security departments and within each other.

The plan is projected in such a way that suggests that if more parties have access to the same information they may be able to uncover plots and hacking attempts before they even happen. In exchange for divulging this information, companies who have had prior complaints placed against him by users regarding privacy issues and the collection of their data, will receive a supplemented liability package from the government. This package will inevitably protect these companies from being sued by users for security breaches.

What information will be shared?

The president stated that the information that will be shared must fit the “cyber threat indicator” criteria. The coded language will also be designed to decipher in determine what information actually fits into the cyber threat indicator before proceeding further.

According to the administration, these indicators are essentially data that suggests “malicious reconnaissance” (information being gathered by other parties from the servers for malicious reasons) and technical vulnerabilities. The information will include the following according to a senior administration official:

  • IP address information
  • Technical data
  • User time-stamps
  • User routing information

After the information is gathered the only information that will be shared with other companies and the government agency will be that of individual data that is reasonably believed to be part of a cyber threat.

However, the plan goes on to explain that although the program will be between private entities and Homeland Security Department’s National Cybersecurity and Communications Integration Center, after the information is divulged to the NCCIC, they will be sharing the information in real-time with The Pentagon and NSA.

Critics of the plan or calling this an elaborate loop for the NSA to legally gather the information it has been gathering to begin with. Those who are not avid supporters of the NSA feel that they will not support the plan until a restructuring of NSA occurs, which was intended to happen last November during a senate meeting, however, the plan fell two votes short of its intention.

The major issues that most congressmen and senators have regarding the plan or the fact that the plan does not have any concise and clear determination on how the information is going to be shared and how it will land on the desk of national security surveillance agencies. The goal of national security surveillance reformation is to limit the amount of information the government can access from Internet users. However this plan would place every bit of information on their laps.

Regarding law enforcement itself, the plan restricts much activity the designated law enforcement officers can implement on to any cyber crimes discovered. The plan would criminalize large spider web servers that are used to introduce viruses and malware onto computers, and criminalize the sale of stolen financial data. The law-enforcement agencies involved in the plan will only have access to information regarding pursuable cyber crimes.

However, the administration did state that they planned on enforcing the RICO Act on multiple users of theses spider networks that are used to introduce viruses or cause websites to crash. Under this technicality, by nabbing one they can charge all involved or connected, a system that has only really been used with racketeering and organized crime cases.

There may be many angered if this act if it passes, and if that is the case, they do have options. Investing in IP security, VPN re-routing services, and Proxy settings can limit the affect this bill will have on internet users. Our Hide My IP software can protect your IP address, limit the access programs and sites have to you physical ISP IP address and block intrusions to your personal information.

vpn

What’s the Main Difference between VPN and Proxy?

Internet security is a basic right we are all entitled to. But how can we proceed with a safer, more effective way of surfing? VPN services and proxy settings are good defenses to have on your side against hacking, IP vulnerabilities and your sensitive information from being stolen. But these processes aren’t always easy to understand, so let’s make it bit easier to understand.

What is the difference between VPN and Proxy?

Both of these settings and services offer the same thing, only slightly different. If you’re just looking for a way to reroute your internet traffic or change your IP address, either will work; however, if you’re in need for a full protection service, then VPN is the way to go.

Basically, Proxy refers to a virtual web filter, which is applied to the web browser you are using (Chrome, Safari, Firefox, Internet Explorer). While surfing the web via a proxy server, these settings protect your IP address, and the server’s location, speed, and security is all applied to your server as well. However, these benefits only work with the browser using the proxy settings.

A VPN (Virtual Private Network) works differently. While using a VPN service, it will encrypt all of your internet traffic while taking the place your current Internet Service Provider. All of your traffic will now be routed through the VPN instead of your ISP, and the VPN will protect your browser traffic, protect you from any programs on your computer utilizing the internet connection and all applications.

Overall, the main differences between the two are that proxy settings are completely dependent on the browser using them and will not work with web pages that run on non-browser tech. VPN services will be compatible with all internet based services. Through the VPN usage, the applications and program with access to the ISP is severely limited, as all activity is routed through the VPN; creating a more secure connection.

Why should I change my IP address if I have no serious things to hide?

While we’ve all heard of internet crime, sensitive information being stolen and your activity being tracked, not many individuals  realize that these actions can very easily be taken against them as well, or feel that they may not be an interesting enough target for attackers. However, there are a many reasons to change or hide your IP address aside from cyber-attacks.

#1- The main reason for IP diversion remains the ability to surf the web, interact with people, and securely go about racking activity without the fear of being monitored by the government, third party advertisers and criminals.

#2- Bypassing conservative censorship based on geographical location is another reason to change your IP address. Some governments and institutions may actively restrict certain activities, sites and content from users.

#3- If you’ve ever incurred a ban on a website or forum which restricted you via your ISP address, you can avoid the ban by using a proxy or VPN setting.

#4 Finally, another common reason to change your address IP address also refers to bans, but for chat rooms.

Proxy and VPN services can protect you from cyber attacks and monitoring, in different ways. You may use either to protect yourself, but to do so you must understand their differences and your options. We hope we’ve been able to clear that up for those of you who may be a bit confused by such similar protection options.

 

preview

5 of the Most High Profile Internet Security Breaches

If you think internet security breaches are experiences only unprepared families have, take a look at this list of high profile internet security breaches that left even the most prepared and secured companies and government entities vulnerable. The year 2014 was witness to a plethora of advanced security threat developments, and there will only be more to come as the years progress; a startling revelation to avid internet users that investing in IP protection is a smart choice.

#5. The Russian Spy Team

In November we witnessed a new elite group of hackers with a mission to steal government and political information; only this time, it was not Anonymous or Edward Snowden. It was a Russian group intent on harvesting political information from Western European and Eastern states; including that of security institutions, that were a part of the European Union and Nato.

The group developed advance coding designed to develop over a long period of time. Eventually, after discovering that the working hours of the group corresponded to local St. Petersburg and Moscow time zones and that all the stolen information was particularly of interest to Russia; it was declared that a Russian group of IT all-stars were employed by the Russian government, finally closing the mystery.

#4. The Chinese Conspiracy

In terms of governmental hackings, no other government body was as busy as China in 2014. Chinese cyber-crime did not just occur overseas; in May of 2014, five men were charged by the United States Department of Justice for hacking military secrets and delivering them to Chinese companies.

All five “military hackers” were indicted for economic espionage. While this was the first time that one country charged another with this type of crime, it has pushed the boundaries of US and Chinese relations considerably, especially proceeding the the high profile case of former NSA contractor, Edward Snowden, who also delivered valuable information to the Chinese.

#3. Sony Pictured VS North Korea

We here in the United States are used to movie production companies having the freedom to create films about virtually anything. However, in 2014, Sony’s “The Interview” sparked a serious threat by North Korea, whose dictator viewed the movie as a deliberate threat to his life, as it was about a plot to kill him.

North Korean computer hackers, hacked Sony Pictures and stole social security numbers from the actors and employees associated with the movie.

#2. Apple Photo Breach

The company behind products such as the iPad and Mac computers, renowned for being significantly more secure than PC products, also found themselves in a predicament as Apple’s iCloud was compromised. Hundreds of photos were stolen from famous actors, singers, and others in the limelight and posted to online public sites.

Shortly after, Chinese iCloud users were also hacked and their activity monitored. Acts like this have brought IP protection services to the forefront, giving people a new view of how to protect their sensitive information.

#1 Edward Snowden VS USA

Arguably the biggest security threat was not against regular citizens, but the government itself, “on behalf of the people” as Snowden indicated. According to to the former NSA contractor, Snowden claimed to be stealing information from the government in an attempt to deliver it to the people, as he discovered that NSA and US institutions were spying and monitoring the activities of it’s people.

Snowden was able to leak much of the information before fleeing to foreign embassies seeking asylum in Ecuador, Bolivia and Russia. He was eventually offered asylum in Russia but was trapped in an airport surrounded by a ring of international land, where he could be apprehended.

If governmental agencies and large secure companies can be compromised, so can the average person; more of an incentive to protect yourself with IP security and careful internet surfing. Internet security gives a whole new meaning to investing in peace of mind.

Data Privacy

Data Privacy Day: Explore your Security Resources

As the generations progress, more holidays and days of recognition appear on the calendar based on what’s important in the particular era; as children of the 21st century, our current main priority is internet security. And for that we now have an international day of recognition as well.

Data Privacy Day is just around the corner on January 28th, and its main purpose is to ensure we internet users and surfers understand our resource options, how to utilize them, and keep ourselves from becoming the next identity theft victim or worse; being hacked by the government or giving Facebook everything it needs to sell your data to pesky advertisers. But enough about that; here’s what you need to know about Data Privacy Day and your options.

Is this a Real Holiday?

The answer is yes; this is a legitimate holiday, set into recognition by StaySafeOnline.org with the goal of giving the people back their freedom from internet intrusions. This awareness day was spearheaded back in 2008 and originally was only recognized by Canada and the United States; but since has grown into an international movement for the respect of data privacy.

What is Data Privacy and does it Really Apply to Me?

Basically, data privacy is your own personal burglar alarm, which you arm using various methods to keep crooks, nosy entities, and internet giants from selling your information to third parties; and yes, it definitely applies to you.

We used to think of internet security as something only banks and large corporations, with online websites, needed to keep people from hacking them or something hackers needed to avoid being traced. But now we know that’s total nonsense and it shows in the astounding amount of information third party entities have access to regarding our everyday activity and usage online.

If your browser is set to its default settings, then everything you do online is tracked by someone. Let’s reiterate the word “everything”.

How can I tell if my activity is being tracked?

There are several ways, but lets take this universal one and flow with it. If you are a social body, you probably have a Facebook account as part of your social network connection, in line with Twitter, Google Plus, and LinkedIn. Take a gander at the right side of your screen while you are using Facebook. Notice how the majority of those ads you often never notice, are of things you’ve searched for in the past few days?

This is because Facebook uses the cookies gathered on your browser to optimize their ads on your personal page, these are sold to third party entities. In other words, it knows when you are searching for appliances, books, events, and what you are watching (yes, everything you are watching, down to the genre).

I was amazed when I first noticed Sears was advertising a washing machine I was searching for online, the very next day on Facebook. I don’t know about you, but I don’t want everyone to know what I’m doing online 24/7 and trying to shove their products down my throat every chance they get. I mean, you may not even need a washing machine and were just researching something about energy efficiency. Whatever the case, they know what you did last night.

Facebook is not the only company that does this. Every company who uses Google Adsense, and every browser also tracks your usage to sell to advertisers and third parties; Google Chrome, Safari, Firefox, and Internet Explorer.

What can I do to Hide my VPN, IP Address, or Browser Activity?

This is what Data Privacy Day is all about, educating the public, and we are here to help. To start, you can turn off your cookie settings in your browser under “Privacy Settings”. This will eliminate the collection of cookies from your browser on other sites.

Also remember most browsers have an “Incognito” or “Private Browsing” option. You can use this to avoid tracking history on your browser. This will open a new window with restricted history tracking, so you can do whatever you want and everyone else is none-the-wiser.

For more invasive protection, invest in an IP protection server, system, software, or plugin. Our IP blocker can protect users from having their IP address identified by websites and hackers. Remember that your IP address is your personal online identification; think of it as your online social security number, based off of your internet service and router. Every router implements the service IP address to the device with which you are surfing the web, so once a hacker gets a hold of it, they can access important data across all of your devices and systems associated with that internet service account.