Apple Mac OS Security Risk

Standard

OSXRiskApple has acknowledged a flaw in the latest version of the Mac operating system, OSX, also known as High Sierra..  Simply put, if you did not set a “root” password when you setup your Mac, your computer may be vulnerable to hacker being able to take advantage of root account to perform malicious activity.

Apple has released a patch as of this morning and it is recommended that all users who have updated to the latest version of OSX apply this patch right away.  Here is the link to Apple’s article on this issue:

https://support.apple.com/en-us/HT208315

If you are a Mac user, please apply this fix ASAP.

 

Net Neutrality is Better than Not

Standard

There are a lot of voices being heard with regard to Net Neutrality.  On December 14th, the FCC will vote on whether to rescind standing Net Neutrality regulations.

Many are in favor of removing the regulations, many more are not.  I’m in the “not” camp.  I’ve posted about this before.  For sure, there are valid arguments on both sides of the issue.  For me, the negatives of repealing Net Neutrality far outweigh the positives some people are in favor of.

I’ve met and heard two FCC Commissioners speak over the last several years.  Current FCC Chairman Ajit Pai and current FCC Commissioner Jessica Rosenworcel.  I respect them both, but agree with Commissioner Rosenworcel over Chairman Pai.

Commissioner Rosenworcel recently wrote the following op-ed in the LA Times.  It’s well worth a read and should clarify the issue for you, if you are not sure what this vote is about.

Op-Ed: I’m on the FCC.  Please stop us from killing net neutrality

If you agree that Net Neutrality should not be repealed, and I hope that you do, please consider signing one or more of the following petitions to let the FCC know how you feel:

White House Petition – Do Not Repeal Net Neutralityprotectinternet

Petition to the FCC: Stand Up for Net Neutrality

Leave Net Neutrality Alone: Common Cause

Change.org: Save Net Neutrality

 

Shop Safely This Holiday Season

Standard

The following was published in today’s edition of Foster’s and Seacoast Sunday.

So Thanksgiving has come and gone, as has Small Business Saturday. Tomorrow is Cyber Monday. The deals keep coming and the enticement to shop online and retail is at its height for the year. So how do you ensure you shop safely? Here are a few recommendations, not just for the holiday season, but throughout the year.

Img_Head_SafeShopping

When shopping retail, your largest risk is at checkout. Whether you are writing a check, using a debit or credit card, it’s important to know your risks and the technologies available to mitigate them. Checks are tough. Some people swear by them, others avoid them at all cost. I can’t remember the last time I wrote a check. Frank Abignale, the FBI security expert of “Catch Me If You Can” movie fame, never writes a check. He believes checks are the easiest transaction to forge and he would know. If you haven’t seen the movie about his story, you may want to watch it. His words carry the weight of experience and some hard lessons learned.

When it comes to debit and credit cards, Abignale recommends never using a debit card as it has direct access to your bank account. Instead, he advocates for using a credit card and paying it off every month. Now there’s the trick, paying it off every month. For many, this is easier said than done, but his point is well taken. Credit cards have consumer protections that safeguard you against fraudulent charges. Debit cards do not. Once the money is pulled from your bank account, it’s very difficult, if not impossible to recover.

Whichever type of card you use, be sure you use the chip feature and don’t swipe the card. Magnetic readers are easy to hack or replace with what’s called a skimmer. A skimmer reads the cards magnetic stripe, sends the payment information to a hacker while still passing the transaction through to the point of sale terminal where you swiped your card. It’s one of the most common forms of debit and credit card theft out there.

Several consumer advocacy and law enforcement agencies have warned of point of sale terminal hacking this holiday season. If a store you shop at has been hacked, even if their credit card machine itself has not been compromised, a hacker may still be able to grab your payment information. Chip technology safeguards against this by using on-chip encryption for your payment card data and each transaction done with the card. If a retailer is not accepting chip, tell them you have to shop elsewhere. There’s no reason not to and their credit card processors are charging them a higher fee for not using the chip.

Where you can, I also recommend using Apple Pay, Samsung Pay

 

 

 

, PayPal and similar payment services. Especially if all you have is a debit card, linking that card to these services will insert a layer of encryption and security to your transactions that the debit card alone cannot. These are more secure ways to pay and will help protect you, online and offline.

When shopping online, there is ample technology available to safeguard you. Be sure you take advantage of it. First and foremost, be sure you are only shopping at websites that have https and not just http. The “s” indicates the site is secured with secure socket layer encryption, or SSL. If a site is not SSL, everything you enter in to your browser is clearly available to anyone who may be intercepting your Internet traffic as it travels from your web browser to the site.

I also recommend not clicking on the millions of ads and links you receive in your email. Sophisticated hackers will impersonate legitimate companies and offers, in an effort to get you to click their link, which would bring you to a fake site, setup to steal your identity and payment data. Instead, just enter the site address in your browser and get to the site this way. Once on the site, search for the deal you are looking for. Chances are, if it’s a legitimate offer, you will be able to find it right from the website’s homepage.

A few other considerations for shopping safely online include using a VPN and privacy mode in your web browser. A Virtual Private Network connection to servers on the Internet masks your online activity for prying eyes. If you connect securely to a company network for work, chances are you may be doing so via a VPN. The same principal holds true for a VPN for Internet access. Think of the Internet as a four lane highway and think of a VPN as a tunnel that gets placed over one of the lanes and that is the lane you travel in. No one can see where you are going and where you enter and exit the highway. This is what a VPN does for your Internet use. Don’t use a free VPN as you get what you pay for. No one is so altruistic that they put this technology out there for free. They are capturing something of value from you. Instead, subscribe to a reputable VPN service if you decide to go this route. It’s well worth the modest cost.

Finally, consider using privacy mode in your web browser. All browsers have this and it does a decent job of masking your online activity, avoiding ad trackers and cookies, technologies that make you wonder how that ad showed up in your browser for something you were thinking of shopping for. When you want to be sure what you do online remains private, privacy mode is the way to go.

I hope I haven’t scared you away from shopping this holiday season. That is not my intent. Instead, I hope I have given you some good ideas to protect your identity and your bank account this holiday season and throughout the year. Happy shopping!

It’s Small Business Saturday

Standard

sbs.png

Hopefully you survived Black Friday.  Now here we are, Small Business Saturday.  I hope you’ll be heading out to support your local small businesses today and throughout the holiday season, along with all year long.

As someone who has spent their career primarily around small businesses, I’m proud to support Small Business Saturday.  Our family is heading out to do our part.  Enjoy the day!

Happy Thanksgiving! Shop Safely This Season

Standard

It’s here.  The Black Friday deals have already kicked off and the Turkey coma is still in full swing.  Most retailers opened their doors at 6 PM Thanksgiving Day to kick off their Black Friday deal.  Small Business Saturday and Cyber Monday are right around the corner.  The next four days are the most active shopping days of the year.  Unfortunately, they are also prime targets for cyber criminals, so be sure you stay safe this holiday shopping season.

I’m sure you have been inundated with Black Friday and Cyber Monday emails offering all sorts of deals.  While most will be legitimate, you have the stay on the lookout for those that are not.  My recommendation is not to click through on any links in these emails.  Instead, open your web browser and type in the address yourself and go directly to the web site and search for the deal.  You don’t want to fall prey to a hacker who impersonates a known seller and tricks you into visiting a fake site that looks like the real thing.

safely_onlineOne Small Business Saturday, take note if the retailer you visit makes you use your chip, instead of swiping your credit card.  The chip system has been in place long enough now, that there is no excuse for anyone to not require you use the chip.  The chip is more secure as your credit card information and every transaction are encrypted and significantly harder to hack than when you swipe.  If you see a retailer who still makes you swipe, you should not think twice about telling them you are not comfortable with their security and may have to shop elsewhere if they don’t implement chip technology.  There are several warning circulating from consumer advocacy groups to law enforcement, warning about vulnerabilities to point of sale terminals that are not using chip technology.  Don’t let a lazy retailer put your safety at risk.

Also don’t forget about Apple Pay, Samsung Pay and similar payment methods that you can securely use with your smartphone.  Using these payment methods will always be more secure than using your card, so when available, use them.

On Cyber Monday, just like Black Friday, go right to the site and don’t click through on ads you see on other web sites or links in email offers that you receive.  While it may be a bit less convenient to type in the site URL and then navigate the site to find the deal you are looking for, it’s a simple and effective step to help protect your online shopping activity.

Once you’ve made your purchase, be mindful of the many shipping confirmation messages you may receive and be mindful of what you have experienced in the past compared to what you may receive in your email inbox now.  Fake shipping confirmation messages are a favorite of hackers to trick you in to entering some personal information in to a fake online form or tricking you to open an attachment which may then infect your computer without you knowing it.  Once infected, a hacker could capture everything from access to your bank to passwords to all of your online accounts.  Again my recommendation is to go directly to the web site where you made your purchase and look up your order and check the shipping information from there.

Another good practice for online shopping is to use a service like PayPal, Visa Checkout or other secure online payment service.  This adds a layer of protection to your shopping to protect your payment information, which is the crown jewel of what most hackers want to steal.  As always, keep a close watch on your credit card and bank statements.  Picking up an unauthorized charge is always a sure way to know a hacker has stolen your identity or payment information.  If your bank or credit card company offers it, setup alerts for any charge or withdrawal, so you get real-time awareness to what may be happening with your accounts.

Enjoy the holiday shopping season and Happy Thanksgiving!  I’m thankful for you subscribing to my blog for updates.

black-friday.jpg

Net Neutrality at Serious Risk, Please Take Action

Standard

NetNeutrality.jpg

You may have heard that the FCC is planning to dramatically roll back regulations that have ensured Net Neutrality.  What is Net Neutrality?  It basically ensures that you can reach any web site on the Internet without restriction, be it outright blocking or decreased speed to the point that it could become too frustrating to use the site in question.

What a very real example?  Do you use Google for searches?  Do you have FiOS from Verizon?  Here is a very real scenario.  Verizon recently purchased Yahoo, a competing search engine and free email service to Google and Gmail.  Now let’s imagine that you have Verizon FiOS for your broadband Internet access.  Up until now, under the Net Neutrality regulations, Verizon or any Internet Service Provider, like Comcast, Time Warner, Metrocast, Cox, etc., are required to allow you to browse where ever you wish and use what ever apps and services you want online.  Under the proposed roll back, Verizon could block you from getting to Google’s sites, apps and services, unless you upgrade to a more expensive plan that would allow it.  Or they could simply throttle the speed at which you could get to Google, making it difficult, if not impossible to use.

Each year, I travel to Washington, DC as part of the annual CompTIA DC Fly-In.  Each year, we have various guest speakers and I’ve had the pleasure of meeting and hearing from a few of the FCC Commissioners.  One of those is the current Chairperson, Ajit Pai.  The first time I heard him speak, I was impressed with him, but I am thoroughly dismayed by his move to roll back Net Neutrality.  It serves only one purpose, to restrict equal access online, earn the ISP’s more income and pander to special interests.

To be fair, Chairman Pai has made some reasonable arguments for why some of these regulations may not be what is needed to ensure equal access, but I still find more flaw with his proposal that reasonable examples to support a roll back.

I encourage you to contact the FCC and your elected members of Congress to express your opposition to the roll back plans.  The FCC is voting on December 14 and if enough voices are heard, we have the ability to help affect the outcome of that vote.

If you value an unrestricted Internet, you want to take action.  Here is a link to one web site that makes it easy to do so.

https://www.battleforthenet.com/

T Minus 2 to Black Friday: Today’s Recommendation

Standard

If you are thinking of cutting the cord, your options have never been so plentiful.  From Smart TV’s to streaming media devices, it may actually be possible to cut the cord this year.

One of my favorite streaming devices is the Amazon Fire TV.  It’s a small HDMI dongleFireTV that plugs in to the HDMI port on your TV.  Amazon sells three versions, the Fire TV Stick at $39.99 is the smallest and portable.  The current version does not yet support 4K video, but still delivers impressive quality, at 1080p, on any TV.  The Fire TV is $69.99 and does support 4K and HDR video.  There is also a bundle that includes an HD antenna to pick up local digital broadcast networks.

If you are an Amazon Prime member, you have access to an incredible library of content and apps to really make the Fire TV and impressive media device.  Each version also includes the Alexa enabled voice remote, which lets you search and control playback with your voice.

With live TV services like Hulu Plus with Live TV and YouTube TV, you now have access to more services than ever.  Most concerns with cutting the cord are around access to local broadcast networks, including syndicated sports broadcasts.  Amazon Fire TV and many of the other streaming services now have options to satisfy just about every viewing desire you may have.

If your cable bill is really starting to bother you, this may be the year to explore cutting the cord once and for all.  Even if you are not yet ready to cut the cord, these devices make a great gift that will allow the recipient to explore the world of entertainment beyond what the cable company delivers.