Category Archives: News

What’s Happening?

Heartburn over Heartbleed

The online world is buzzing with concern over the latest big security scare – the Heartbleed bug. The problem is in a piece of critical, and widely used, encryption software called OpenSSL. The bug allows an attacker to sift through the short-term memory of a server (the RAM, not its disk or database files). Software bugs and their attendant security problems are nothing new, but this one is creating a bigger stir than usual for a few reasons: OpenSSL is the software used for SSL security on the web. Estimates are that about 2/3s of all secure sites use OpenSSL. The bug has been around, undisclosed, for a long time. It was introduced in late 2011, so many systems have been vulnerable for over 2 years. Attackers who exploit the bug leave no trace. Web site owners can’t know for sure whether their site was compromised. The Good News Happily, the bug is not complex, and the maintainers of OpenSSL published a patched version quickly.  It’s straight-forward for system administrators to determine if they are vulnerable, and the patch was safe to apply quickly and didn’t cause other compatibility problems.  Now, 48 hours after the disclosure, much of the web has been patched. What Does it Mean to Me? Sadly, you cannot know if any of the sites you visit were compromised.  The error is only in server software, so you do not need to update software on your computer. … Continue reading

Posted in News | Leave a comment

Important Updates for Web-Publishers

If you own or run a website, there are a few new wrinkles you should know about. In the first place, the powers that be at ICANN who run the World Wide Web’s all-important Domain Name System have instituted a new hoop for domain owners to jump through. Since January 1 of this year, all new domains, any that get transferred or have any owner or contact information changed, must have the domain owner’s email address verified – or else. The domain’s administrative contact will be sent an email from the registrar with an activation link to be clicked or ICANN will disable the domain. If the message is not replied to within 15 days, the site will not be usable at at all until fixed – not even including email. This whole procedure violates just about every safety tip SWCP has issued to users to help everyone stay safe online. So Southwest Cyberport will do all we can to track the process, make it easy, prevent shutdowns, and keep it secure. We apologize in advance for any inconvenience. It can be expected that bad guys will try to take full advantage of this situation. Remember that no legitimate message will ever ask for your username or password. If you have any doubts, please call or email Tech Support. But whatever you do, please don’t ignore it. Note that this validation message will be sent only to that email address … Continue reading

Posted in News, Resources, Tips and Tricks | Tagged , , , , , | Leave a comment

Start 2014 Safe with a Security Checkup

New Year’s annual reboot provides an excellent opportunity to review your overall security situation online. Though many people faced with recent revelations of government and corporate tracking and surveillance may despair of doing anything at all, Internet security is more vital than ever – as every one of the Target customers caught in this year’s massive holiday hack would surely agree. Security v. Privacy It may well be impossible to block surveillance and still conduct business and social activities normally online. But it is possible to survive online with a relative degree of safety. However, these days, security and privacy are not the same. Some steps you could take to enhance one could actually be counter-productive for the other. For instance, many people, concerned with the fact that email is as private as a postcard, urge encryption. Yet at this point, it is by no means certain which (if any) means of encryption really are secure, and evidence suggests that it may simply raise suspicions from the authorities, who are said to store encrypted communications indefinitely, “just in case.” It’s not just government surveillance either. The big tech corporations such as Google, Facebook, Yahoo, Amazon, and Microsoft, while supplying information to the feds, are skimming vast amounts of data from their customers for their own commercial purposes. Since much of this is done through cookies – those little files they put on your computer – which are also necessary to … Continue reading

Posted in News, Security | Leave a comment