PC Tips Tweaks and Maintenance

All ISP’s have the ability to not only track everywhere their users browse, but can determine all the programs they use to connect to the internet, each open port on every system, each file downloaded, everything broadcast from each user, including each email sent, if a system is broadcasting a virus etc.

This is a privacy issue, but also a security issue though, not in the ways that most people think. If these abilities are used responsibly they could help make the internet safer, cleaner and better for all users. If used irresponsibly, everyone is at risk. The possible uses and abuses are unlimited.

From simple bandwidth monitoring and management to detailed packet inspection: what is being done? What should and should not be done?

Starting with a more basic though still controversial area, there is a lot of talk about bandwidth management: mostly negative. Here are just a few recent articles on Bell’s throttling:

Bell irks ISPs with new throttling policy

Bell crimps P2P file-sharing during peak hours

ISP cries foul over traffic shaping

Should ISPs Be Able to Slow Down Heavy ‘Net Users?

This one is definitely worth reading for a historical and technical view point as well as the current issues and possible solutions:

Fixing the unfairness of TCP congestion control

The question really comes down to this: you pay to access the internet, should the ISP throttle your connection? Yes and No: they should be able to throttle bandwidth hogs allowing other users to continue to have a high speed connection. The most responsible way of handling this though, would be to sell different packages to people and charge them accordingly; only using throttling to enforce the package each user agreed to upon signing up. If you want a huge amount of bandwidth and the fastest connection possible without limitations on your downloads and uploads, you should be willing to pay a premium and get your own channel so your use does not affect other paying customers. This eliminates the need for bandwidth throttling, however, others would say it encourages file sharing/piracy. This is a completely different topic though and will not be discussed here.

In basic terminology: you should get what you pay for and you should be willing to pay more if you want more. ISP’s should only monitor bandwidth to determine the package each user should be on and then give the user the option to upgrade/downgrade if their use does not fit the package they purchased. If a user who passes their package quota decides not to upgrade, the ISP is protecting all users by limiting that account or charging for each overuse. Bandwidth monitoring and throttling is not a bad thing, it is a useful tool for ISP to protect the rights of all users. Each user signs an agreement when they connect. These agreements should include the right of the ISP to monitor bandwidth usage and throttle accounts if they are abused and to charge premiums for any overuse. This makes bandwidth monitoring and throttling a positive function.

The fact that an ISP can determine what browser, operating system, ftp and antivirus programs you use when you connect is a little more controversial, however most sites you browse to can do the same thing. If you are using an insecure outdated operating system or other program, this can be determined and you can be alerted. This is definitely a positive as it would keep your computer more secure, but it’s getting close to “big brother”. In the future, ISP’s may decide to block certain software as it is older, but what if your computer can’t handle the new software, or you cannot afford it, or a new computer? What if the decision is based on other things such as the almighty advertising dollar? Things are starting to look less positive…

Moving on to the ability of ISP’s to determine what your system is sending and receiving, and the responsibilities of ISP in this; how far should it go? Looking at this in a positive way, if an ISP determines a user’s computer is broadcasting a virus or being used as a “bot” in a “DOS” attack; they can and SHOULD block the access of that system until the owner has proven they cleaned it up. Looking at this in a negative way – anyone connected to the internet really has NO privacy at all due to this ability. Many people think email is private, but in reality, not only can an ISP read it, but anyone able to intercept it can read it. People need to think of emails as postcards: anyone who sees it can read it à UNLESS you use encryption. Logically, most employees will not bother to look, a job is more important than possibly finding something of value in the thousands of emails sent and received by an ISP’s users each day. Even if this ability is not used to snoop and pry at this time, it CAN be used that way. As programs and computers become more adept at collecting and sorting data, it is a very real possibility that all emails will be scanned for certain information. Different governments think this is their right to do. What if they give ISP’s the power to do it for them, or even force them to? Things are looking more negative, or are they? It depends on what they are looking for.

Now considering user downloads: should they be monitored at all? From the positive angle: yes, each download should be inspected for a virus and the ISPs server should have security in place to detect this and block the download from taking place. A warning popup for the user would also be a positive part of this function. Another positive: any time child porn is detected the info could be passed on to the authorities. This however is definitely going to have some complaints. Thinking about children: anything that protects a child is a good thing. What is necessary is the agreement a user signs with an ISP to include a waiver allowing the ISP to contact the authorities if it is determined that a user is sending or receiving child porn. The users’ privacy in all other matters should be maintained. It would be up to the police to then examine the actions of the suspect and determine if it is in fact the user or some infection that is doing this.

Looking at the ability to use “behavioral” tracking for advertising, such as the Phorm projects, this is definitely controversial to say the least. To class this as a negative is obvious, but how negative can this get? This sort of thing has been around since before the internet, but it is more “in your face” and more dangerous because of the internet.

The offline uses of “behavioral” tracking for advertising include the old direct mail, where if you bought something from one store/service they would then trade or sell your contact details to a related business. People would then get contacted by this other business trying to sell them something related to their previous purchase = Junk mail.

The same thing occurs online and people end up on spam lists. At its basic level “behavioral” tracking for advertising can be useful, but in most cases is an irritant.

When we compare the dangers of “behavioral” tracking for advertising on the internet, we see that even government agencies cannot track on the levels possible on the internet. This is one reason many governments are secretly pushing through laws that allow them to “monitor” the internet. This takes “behavioral” tracking for advertising to the extreme end of “big brother” - everything done on the internet can be inspected and if what you do not conform…?

Leaving government and conspiracies out of this, consider how “behavioral” tracking data can be used. Positive: you love to travel; you get more ads and specials and can compare the competition getting the best trip and best price. If you don’t drink you get no ads about alcohol, etc. Negative: you or a family member has an illness and you research it on the internet. This data could then be given or sold to insurance agencies resulting in your premiums increasing or even losing your policy. If you are having debt problems and look for debt consolidation information or a debt counselor, just think what would happen if the credit agencies get this information before you start to get things under control.

Where does this leave the ISP = I Spy and the issues of privacy, protection and security? Obviously the abilities are there, personal protections are limited, the abuses and uses are unlimited. Can ISP’s be trusted to create a balance? Can governments be trusted to create and enforce a balance? The obvious answer is No. Everyone must do what they can to protect themselves. Use anti-virus, anti-spyware, anti-malware, encryption and common sense. For protection against website tracking try a proxy service, for protection against both website and ISP tracking try a “tunneling” service. Protest any “behavioral” tracking, by canceling your account with your ISP if they start using it. Support privacy protection agencies and be sure everyone you know does the same. People have always had the power to affect changes, even more so now with the internet. There are no longer any borders that can stop communication. We can see the world and each other without governments or big corporations telling us their versions of everything. These groups only have power because of the ignorance they promote. They get power from regular people. It is time that all people recognize this and take back that power and demand these groups start to behave. Money talks; take yours to responsible companies who realize you are not just a cow to be milked, but a person who pays their salary and deserves privacy and respect.

This is one of those things you would like to think is only a possibility, but “they wouldn’t, they couldn’t really be doing that…”

Well it seems it has come out that 3 major ISP’s in Britain are dealing with a company that has been previously linked to spyware. Phorm is the old 121media company that brought out the PeopleOnPage toolbar. This bar would let you know who else was visiting the page that used the bar and give you the ability to chat with them. No big deal, except since they knew where you were, they started using that data to serve up target ads to you. This is flat out - harvesting your surfing habits and targeting you for ads.

If ISP’s are starting to ink deals with companies who can collect your browsing information and serve up ads to you: Your privacy is at RISK! This is not some simple doubleclick cookie either, it is full out interception and snatching of your information. See this story to read how they plan to “tap your internet connection”.

Before you think, well I am not in Britain, think a moment… If Britain is allowing this and it is coming out in the news, where else is this occurring that it is not reported? Consider the following:

Companies that do the reporting make the most money off of advertising.

The USA is THE advertising nation. The rest of the world generally follows the lead of the market.

If this is done for advertising, what else is it done for?

For more information on the Phorm harvesting, check out The Registers roundup on the “Phorm Files”.

Everyone needs security software to block viruses, spyware, adware etc, but how can you protect your privacy from your ISP? If your ISP practices this in any form or has any relation to companies that do this: it is time to find a new ISP! If enough people leave and state this reason, perhaps the ISP’s will stop this sort of thing.

Privacy should NOT be for sale…

Phorm related articles on BBC:

Phorm ‘illegal’ says policy group

Web creator rejects net tracking

Phorm: Your questions answered

The amount of discussion is growing; you need to keep informed and judge for yourself.

What is “Phishing”?

It is like fishing in the sense that criminals send out mass emails “bait” hoping someone bites. The bait is an e-mail out falsely claiming to be a legitimate organization like a bank, credit card company, online payment service, or any service, company or website they think people will trust in an attempt to trick people into giving private information that can be used for identity theft, theft from your bank, online account, etc. The e-mail will direct the unsuspecting person to visit a Web site where they are asked to update personal information, such as user names, passwords, credit card information, and bank account numbers, which the legitimate organization already has. This Web site, however, is spoofed and was set up only to steal information.

Link manipulation/spoofing

Most methods of phishing use some form of technical deception designed to make a link in an email (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of sub-domains are common tricks used by phishers. Another common trick is to make the anchor text for a link appear to be a valid URL when the link actually goes to the spoofed site.

Website forgery/spoofing

Some phishing scams use JavaScript to alter the address bar to make it seem legitimate. This is done by placing a picture of the legitimate company’s URL over the address bar, or by closing the original address bar and opening a new one containing the legitimate URL.

In another method of phishing that is quite popular, an attacker uses a trusted website’s own scripts against the victim. These types of attacks (cross-site scripting) are particularly nasty, because they direct the user to sign in at their bank or service’s own web page, where everything from the web address to the security certificates appears correct. This attack is very hard to spot as it is the link to the website is crafted to carry out the attack.

Damage caused by phishing - The damage ranges from loss of access to email and other online accounts to loss of money, investments, etc. Phishing is becoming more popular, because of the number of unsuspecting people who are easily tricked into divulging information to phishers. The collected information includes credit card numbers, social security numbers, and mothers’ maiden names. It is also possible that identity thieves can add more information to what they have gained through phishing simply by accessing public records. Once this information is acquired, the phishers may use a person’s details to create fake accounts in a victim’s name, ruin a victim’s credit, or even prevent victims from accessing their own accounts. As you can surmise the result can be a destroyed life. That is why it is extremely important everyone learns to recognize phishing and avoid being caught.

Recognizing Phishing and test your Phishing IQ

To help people learn more about phishing and to improve their ability to recognize it there are sites with information and tests you can take.

Microsoft: Recognize phishing scams and fraudulent e-mails

SonicWALL Phishing IQ Test

MailFrontier Phishing IQ Test

Netriplex Phishing Test

The best advice is to learn to recognize phishing and spoofing. Please check and use the sites above. The next best is to use a browser and email program that help you to recognize phishing and spoofing. Browsers and email programs are adding some protection. I recommend using Firefox for your browser and install an anti-phishing and anti-spoofing add-on. Once you have installed Firefox go to tools, add-ons, hit “get extensions” and search for the add-ons you want. Use Thunderbird for your email. Both are free and both are more secure than the Microsoft products. Get them here:

Mozilla Products

Forwarding Emails: Do Your Homework!

Every day I see email forwarded by someone trying to warn me of some new threat or with some “interesting news”. unfortunately most of these types of forwarded emails are false. In most cases it is harmless forwarding of emails with the only drawback being extra junk in your inbox and floating around the Internet.

In other cases, these emails themselves are a threat. Some emails will inform you of a “threat” and give you steps to take to “fix” your computer or “remove” the threat. Following the “advice” in these emails can cause problems in some cases.

Please do NOT forward these types of emails or follow the instructions in them without first doing your homework.

Do a search on the “information” you received. Below are a few good links to sites with information on hoaxes, myths and real threats.

There are many sites that will help you find the truth about the emails you get, I like these ones.

TruthOrFiction.com

The Truth or Fiction site lists emails and topics and gives you “Truth” or“Fiction” information from their research. It can be quite amusing to just browse some of the information they have.

This site is well organized so you can select topics or just do a simple search.

F-Secure

F-Secure is a European based international computer security company. The information and tools available are very useful for your security.

Hoax Alphabetical listing

Hoax Search

Most people will be sending regular jokes and tricks, but others will be sending a virus or other malware.

Be sure to upgrade your antivirus before you do anything else and remember to practice safe email habits.

- Do NOT open any emails from unknown senders.

- Never save or open an attachment from a suspicious email.
Specifically, never save or open any .ZIP, .SCR, .EXE, .BAT, .COM or even .JPG or .GIF files from such emails. These files can carry a dangerous payload and can be faked (the true nature and extension are hidden).