Sunday, September 30, 2007

Show #49 - 09.30.2007



[Download Show #49 as MP3]

News
  • Apple Warns that Unlocked iPhones Void Warranty and could "Brick" with next update
    • Last week Apple released an official announcement stating that running the unlock software on your iPhone voids the warranty
    • They also stated that running any third-party applications voids the iPhone warranty
    • During this announcement, they announced that an iPhone that has been unlocked can possibly be rendered useless with the next iPhone update (the one that is going to give the Wireless iTunes Store).
  • [Koby] Mac OSX OpenOffice Slated for September 2008
    • This will be an actual port over the Aqua look.
    • This version will fully run on OSX without having to install any extra software (other than Java)
    • This is a great step in cross-platform applications, and great news for OpenOffice
  • Google Backs Private Moo n Landing
  • Amazon Begins Selling DRM-Free Mp3 Files
    • DRM-Free tracks are "compatible with any media player"
    • They work in iTunes and Windows Media Player
    • Tracks are $0.89 to $0.99
    • Albums range from $4.99 to $12.99 depending on the number of tracks and such.
    • Launching with an impressive 2 millions songs, this could be a nice answer to iTunes. Since iTunes is currently beating Amazon in online music sales, Amazon needed something like this to help bridge that gap back up.

Software / Hardware / Power Web Picks
  • Phishing
    • What is Phishing
      • Phishing is sending a user to a website that looks like a website they visit all the time with the hopes that they will log in with their normal username and password.
      • Phishing usually starts in emails. You might get an email that looks like it is from a website like eBay or PayPal. They will usually tell you that they need you to login because "there is the possibility that you could lose your account" or "you just won an auction" that you do not remember bidding on. There is a link that takes you to a website that LOOKS like the one in question.
    • Anti-Phishing Tools
      • In Browser
        • Mozilla Firefox
          • Firefox 2.0+ has anti-phishing features builtin
            • Tools\Options Menu
            • Click the Security icon
            • Check the box for "Tell me if the website I'm visiting is a suspected forgery"
            • You have the option of checking against a predefined list or sending every page to Google for verification
              • There is some privacy concerns with the Google option
              • If you turn the Google option on, be sure to read the user agreement carefully.
        • Internet Explorer
          • Internet Explorer 6 has no anti-phishing options, you will need to use an addon tool bar (we'll get to that in a second)
          • Internet Explorer 7 has anti-phishing features.
            • Tools
            • Phishing Filter
            • Turn On/Off Automatic Website Checking
            • There is also the ability to check pages on a per page basis if you decide to turn the feature off
      • Toolbars
Security & Privacy
  • Continued from Last Week
    • Distracting from Systematic Thinking
    • Momentum of Compliance
    • The Desire to Help
  • Identity Theft
    • How Identity Theft Happens:
      • Stealing mail or rummaging through rubbish (dumpster diving)
      • Stealing payment or identification cards or the information on them (pickpocketing, "drive-by" scanning of RF-enabled cards/tags)
      • Eavesdropping on public transactions to obtain personal data (shoulder surfing)
      • Stealing personal information in computer databases (Trojan horses, hacking)
      • Infiltration of organizations that store large amounts of personal information
      • Impersonating a trusted organization in an electronic communication (phishing)
      • Obtaining castings of fingers for falsifying fingerprint identification.
      • browsing social network (MySpace, Facebook, Bebo etc) sites, online for personal details that have been posted by users
      • Simply researching about the victim in government registers, at the internet, Google, and so on.
    • Protect Yourself Against Identity Theft:
      Identity Theft Resource Center
Penny Pinchers
  • Equifax Credit Alert free for PayPal - This is the thing we were talking about on the show that will monitor your credit, tell you when a blance has gone up, a new account has opened, or that credit has been applied for under your name.
  • Equifax
    • Credit Watch Gold with 3-in-1 Monitoring ($12.95)
      • Up To $20,000 Identity Insurance
      • Unlimited Reports
      • Monitoring of all 3 reports, but you can SEE one
    • Credit Watch Gold ($9.95)
      • Up To $20,000 Identity Insurance
      • Unlimited Reports
    • Credit Watch Silver ($4.95)
      • $2,500 Insurance
      • One Credit Report
      • Discounts on Future
    • Score Watch
      • Daily score
    • Score Power
      • Interactive Score Simulator
      • Tips to understand score
  • Experian's CreditExpert.com ($11.95
    • Experiean Credit Services
    • 1 of the big 3
    • Like the PayPal Equifax option
    • A free Experiean credit report as often as you like
    • Discount on full credit report (shows credit score with all 3 major companies, and any stuff you need to know about)
  • TransUnion ($14.95)
    • Tri-Merge $29.95
  • ASK YOUR LAST LENDER FOR A FREE COPY!
How Much Identity Theft:
US$56.6 billion in 2006. The average fraud per person rose from $5,249 in 2003 to $6,383 in 2006

  • Only 15% of victims find out about the theft through proactive action taken by a business
  • The average time spent by victims resolving the problem is about 40 hours
  • 73% of respondents indicated the crime involved the thief acquiring a credit card
  • The emotional impact is similar to that of victims of violent crimes

In a widely publicized account, Michelle Brown, a victim of identity fraud, testified before a U.S. Senate Committee Hearing on Identity Theft. Ms. Brown testified that: "over a year and a half from January 1998 through July 1999, one individual impersonated me to procure over $50,000 in goods and services. Not only did she damage my credit, but she escalated her crimes to a level that I never truly expected: she engaged in drug trafficking. The crime resulted in my erroneous arrest record, a warrant out for my arrest, and eventually, a prison record when she was booked under my name as an inmate in the Chicago Federal Prison."

Gamer's Corner
  • Don't give away private information, even in games. Social engineering can happen there too!
Social Engineering
  • Distracting from Systematic Thinking
    • Ever had a bad day... We all have! (Problems at home perhaps?)
    • Someone taking advantage of that to gain, for instance, an employee badge.
    • Heuristic vs systematic
    • Time pressure, strong emotion, or distraction
    • Requestor claim vs. sensitivity
  • The Desire to Help
    • People want to help others
    • Ask someone for help with one thing while taking advantage of another, in a physical sense, asking the security guard where the bathroom is, then using that to get past security.
  • Momentum of Compliance
    • Once you have started to help someone, it is hard to stop stop.
    • Columbo played by Peter Falk always walked away fromt he suspect after questioning huim, Columbo (and the audience knew) that the suspect was lowering their defences as he walked away, he'd quickly turn around and ask that one last question... You were already pretending to comply, now you actually do!
  • Week After Next (Oct 7th)
    • Attribution
    • Liking
    • Fear
    • Reactance
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)