Apple fixes serious security vulnerablity
Apple users have always considered themselves “above the rest” because their systems have fewer viruses than their Windows counterparts, but virus free doesn’t mean secure.
It’s been less than a week since it was announced that a major problem was found with the way Apple devices handle a secure connections. In terms the average person can understand, when you connected to your bank, credit card company or anywhere you were seeing the ‘lock’ shown in your browser, the bad guys could eavesdrop on your online interactions without resistance. It was the worst kind of security flaw, and it has been present in all Apple devices for a year and a half!
Fortunately as of February 25, 2014, Apple has released updates for all their devices, and computers — update today!
Website Changes
As of Sept 1, 2013, our new website has gone live. We’ve been creating some great websites lately and it made us review our own site.
It’s been over 5 years since our last redesign, but thanks to the “Way Back Machine” we can review the changes to our site through the years.
Fun Fact: Before incorporating our company, we were called Reliable Programming
2004: http://web.archive.org/web/20040317103549/http://reliableprogramming.com/
2005: http://web.archive.org/web/20050207181100/http://ecompservices.net/
2005: http://web.archive.org/web/20051224175455/http://ecompservices.net/
2009: http://web.archive.org/web/20091228005927/http://ecompservices.net/
Microsoft to pull plug on Windows XP
A surprisingly large number of people are still using Windows XP; and why not? It’s proven to be a reliable operating system without the bloat of the newer Microsoft operating systems.
After April 8, 2014, Microsoft will no longer support Windows XP. So what does that mean to you?
As an unsupported version of Windows, it will no longer receive software updates from Windows Update. These include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software.
Windows XP will continue to run
Even if you have an unsupported version of Windows XP, it will continue to start and run as usual, however, businesses need to insure a level of security on their computer systems to avoid liability. Minimizing the number of systems running unsupported operating systems is helpful in achieving that.
For full details about the support policy, see the Microsoft Support Lifecycle Policy FAQ.
Cybercrime near you
Many of our customers have had calls from “Microsoft.” These people usually have a heavy East Indian accident. They will even call multiple times and give you an 800 number to call where they answer as Microsoft.
Microsoft will never initiate an unsolicited call to you.
The conversations usually start with these phrases:
- You have a virus which is sending information from your computer.
- Your PC showed signs of malware infection, and instructs you to open the Windows Event Manager, so that you could see numerous error messages. (Any error your computer has ever had will be shown in here)
- Your computer is not accepting any windows updates
After the above key phrases, you’ll hear, “Please allow our technicians to fix this” and they will direct you to a website with a link. Once you click on this link, they have complete control of your computer. At this point, in the background where you can’t see it, they will scan your computer for banking information, credit cards, passwords, or anything they can use for identity theft, while it appears that they are working on your computer to remove the virus.
Finally, they then open up a browser and instruct you to enter your personal information, including banking information and make a PayPal payment of $299. If you fail to do so, they will take control of your computer away from you and delete all of your documents and pictures while you watch helplessly. The scammer then looks for more ways to corrupt the system so you cannot contact anyone to fix your computer remotely.
What to do if you are called
1. Hang up and ignore repeated calls. It is not a legitimate call.
2. Don’t waste your time trying to get information where they are. They are outside the laws of this country.
3. Report any instance of this scam to the police, but they can’t do anything but keep a record of how many people are being scammed.
4. Finally, change any passwords that could have been compromised. Ensure that your firewall and antivirus are up to date and protecting your PC, and run a full virus scan with your antivirus software.
If you feel your system has been comprised, please call any local computer technician that you trust and have them check your system.
Norman Davie
President
Cell Service in Canada
While Canada pays the highest cell phone rates in the world, it also provides the worst service and soon we may have one less independent cell company for choice as TELUS attempts to buy Mobilicity.
Five years ago, the government created special rules in a wireless spectrum auction that was designed to create strong competitors to the dominant players in the $19-billion industry, TELUS, Rogers, and Bell. Unfortunately, the government does not appear to be willing to enforce the rules.
http://www.huffingtonpost.ca/lindsey-pinto/mobilicity-wind-public-mobile_b_3072365.html
There are two very active campaigns for change: DemandChoice.ca and CellPhoneHorrorStory.ca. If you haven’t already, take action now to fix our broken cell phone market, and help shape a digital future that’s innovative, and filled with choice.
ICBC exploits Facebook, LinkedIn, Blogger and MySpace
You’re a regular on Facebook and you regularly check your privacy settings to insure only your friends can see your activities; not so. ICBC has been getting court orders requiring the injured party to give the insurance company access to the injured party’s entire Facebook history.
Through this history they can look at your photos, status updates you post, where you’ve been, who you regularly contact, and even the private messages you’ve sent to people.
ICBC, their investigators and their defence lawyers regularly do web searches on claimants and if you have anything posted on the internet, ICBC will get that information.
The safest thing to do when involved in any insurance claim is to shut them down all your social media sites for the duration of your case. Setting your privacy controls to maximum provides you no protection.
If you must use these sites:
- avoid posting photographs of yourself.
- refrain from discussing how you are feeling.
- any details about your case.
- ask your friends to remove posted pictures of you.
Remember that nothing is truly private if it is online. Privacy does not exist on the internet.
Anti-Virus up in Flames
In a previous article I mentioned how anti-virus programs give you a false sense of security but the final nail in the coffin is the Flame virus — which has been undetected in the wild for over 2 years and found by accident. It is the most sophisticated malware to date, and evidence seems to point to cyber terrorism. Similar coding practices were found between Flame and the Stuxnet virus which was the virus used to sabotage Iran’s nuclear capabilities.It is by far the largest malware I’ve ever heard of; approximately 20 megabytes in size. How could something this large hide itself? It made itself appear to come from Microsoft by using a counterfeit security certificate.
What does it do?
- Keeps track of websites you visit
- Records audio
- Captures screen shots
- Stores keyboard activity
- Tracks mouse movements
- Monitors network traffic
- “Tapes” your Skype conversations
According to estimates by Kaspersky in May 2012, initially Flame had infected approximately 1,000 machines,with victims including governmental organizations, educational institutions and private individuals. At that time the countries most affected were Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt.
Should you get rid of your anti-virus program? Absolutely not! It’s like a bike helmet: It’s not going to protect you from getting hit by a car, but it will protect you from a smaller threat.
Sony provides data on 80 Million users
On April 26, 2011, Sony admitted that user account information had been compromised on its PlayStation and Qriocity online services. Included in the data loss direct debit records of certain customers in Austria, Germany, Netherlands and Spain. Sony believes the information that may have been taken from the direct debit records includes bank account number, customer name, account name and customer address.
Then on May 20, 2011, F-Secure Security Lab first discovered that a phishing site was hiding on the Sony Thailand homepage and stored on a Sony server. It seems the malicious site was posing as an Italian credit card company CartaSi to try to collect personal data from unsuspecting users.
Finally on May 24, 2011, Sony Ericsson Canada’s eShop, an online store for mobile phones and accessories, was also breached, exposing the personal details of thousands of users.
On the same day, another attack on So-Net, the Internet provider of Sony Japan, “alerted customers that an intruder broke into its system and stole virtual points from account holders worth $1,225.”
If you haven’t done so already, change your password.
Identify theft made easy
It’s becoming easier and easier for anyone with minimal computer knowledge to take over your identity on the web. I could go into the specifics but I want ‘normal’ people to understand the threat and solution to this problem.
Have you noticed on your address bar, that most websites start with http://
What this means is ANYONE has the potential to watch whatever you type or view from that website. With https:// the ‘s’ on the end means SECURE.
A special program called ‘Firesheep’ is designed to allow anyone to eavesdrop on an insecure connection and with it they can hack your account without ever knowing your password.
Sites have gotten the message and started using secure connections such as twitter, google, and youtube.
Recently Facebook has added security as an option to the website. To stay secure, I recommend you log into your Facebook account and turn ‘secure browsing’ on, as shown.
NOTE: This does not protect you from viruses, it only prevents people from eavesdropping on you.
So the next time you’re going to a website, look at the top of your web browser. If you don’t see https — realize that whatever site you’re signed into, someone could be pretending to be you.