Archives
Categories
Tag Archives: passwords
Flashback Trojan is a Warning to Mac Owners
It finally happened: for the first time, Macintosh computers have been attacked by a trojan virus in a big way. Few viruses have ever targeted them before, and for decades Apple owners were told simply not to worry, that viruses were a Microsoft problem. Now the owners of over a half-million Mac OS X computers share the pain – and some of the vulnerability – that Windows users have long been familiar with. The malware is called Flashback, and was discovered not long ago by Kaspersky Labs, a leading Moscow-based software security firm. Flashback can hijack a Mac without even an administrative password, due to its exploit of a flaw in Java. Though discovered last September, Oracle, the company that makes Java, patched the hole back in February, but that didn’t solve the problem. It turns out Apple ships its own version of Java, and their patches weren’t issued until early April. (Obviously, the company has a learning curve about prompt and effective security responses in front of them.) By now there are a lot of infected Macintoshes – not really all that many by Windows standards, but it can still spoil your day if you have one. The virus masquerades as an installer for Adobe’s Flash, and it can install itself. All you have to do is visit an infected website with an unprotected computer. As of the latest reports, the trojan has created a botnet – a network … Continue reading
IRS helps enable online tax fraud
Your friends at the Internal Revenue Service are eager to get everyone to do their federal taxes online. But in their efforts to make everything quick and easy, they’ve wound up helping Internet tax scammers, too. And it’s not a phishing scheme or involves hacking, but is based on filing false online returns and collecting the refund. So this tax season, the government is warning people of the dangers. Identity thieves are very busy – last year, the IRS identified nearly a million fraudulent returns to the tune of $6.5 billion. Over half of these were related to identify theft, which is three times the amount of just three years before. And those are just the ones caught before any refunds had been issued. The IRS can’t, or won’t, even estimate how much money they’ve actually sent to scammers. Tax fraud has become an epidemic especially in areas like South Florida, with some gangs replacing drug sales and robberies with online crimes committed with iPads. Gangs even hold work parties to teach each other and commit hundreds of crimes in a single session. So many local officials are complaining about the lack of governmental concern and effective action. Working the fraud, authorities claim, is quite simple, and there are even written tutorials for thieves. The criminals first acquire victims’ Social Security numbers and other personal information. Perhaps they buy the data from insiders with access to medical or financial records or … Continue reading
Beyond Passwords: Online Identity Standards
Virtually everyone’s been stuck one time or another trying to remember a online password and thought, “There has to be a better way.” A recent article in our newsletter talks about the problem and suggests tricks to make it a little easier to deal with. But although a lot of smart people have tried to figure out a safe, reliable, and more convenient system, nobody’s come up with one yet. Now, however, the US Government has decided to gently encourage efforts. In the spring of last year, the Obama Administration announced the National Strategy for Trusted Identities in Cyberspace, NSTIC. Like the National Broadband Plan, it’s not legislation or even regulation. Instead, NSTIC is a hopeful collection of idealistic principles and goals to promote development rather than a concrete plan with real funding and hard, measurable results. Nevertheless, many agencies and corporations are very interested. It’s easy to see why. Identity theft has become a major problem, costing millions each year, and passwords remain the weakest link in cybersecurity. Commerce might also be helped if you could buy books on Amazon with your Google account or download tax forms from iTunes. And public safety would benefit if your child could be automatically denied entrance to adult websites, or doctors could check in online to help provide medical services after a disaster. The dream is to build a safe method of sharing relevant sensitive information about users with online entities while … Continue reading