Firefox will block all trackers automatically
This week, Mozilla announced that its browser Firefox will start blocking all cross-site third-party trackers–the cookies hiding in the background that follow your clicks across the web, reporting your activity to advertisers as you move between websites. Including these settings, by default, is the best way to protect users from inadvertently giving third parties data about users’ behavior. Just as people tend not to read long privacy policies, they also shouldn’t be expected to change the settings to disable third-party trackers on every single site they visit. As Mozilla’s head of product strategy Nick Nguyen writes on the Mozilla blog, “In the physical world, users wouldn’t expect hundreds of vendors to follow them from store to store, spying on the products they look at or purchase.
Common Wireless Network Attacks and How to Avoid Them
Airports, coffee shops, restaurants, technically-challenged neighbors — free WiFi is everywhere, and it’s great. You can save data on your phone and take your work on the road without worrying about finding a connection. But these networks aren’t always safe. Some of them are specifically set up to harvest your data, and even networks you trust can be vulnerable.
You're using HTTPS, but what does it do?
Twitter is the latest major service to force users (albeit in an opt-in fashion) to use HTTPS to connect to the site. They join giants such as Google and Facebook in offering HTTPS as an option. Extra security sounds appealing — it's one of those things you'd rather have than not — but the term "HTTPS" often gets thrown around without a lot of explanation or context. As a former site administrator and someone who has given talks on HTTPS, I'll take a swing at explaining it in regular language below.
HTTPS
HTTPS ("HTTP over TLS",[1][2] "HTTP over SSL",[3] or "HTTP Secure"[4][5]) is a communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in and of itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL or TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications. The main motivation for HTTPS is to provide authentication of the visited website and prevent wiretapping and man-in-the-middle attacks. In its popular deployment on the internet, HTTPS provides authentication of the website and associated web server that one is communicating with, which protects against man-in-the-middle attacks. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems.
How to hide files in JPEG pictures
If you’re looking to hide files on your PC hard drive, you may have read about ways to encrypt folders or change the attributes on a file so that they cannot be accessed by prying eyes. However, a lot of times hiding files or folders in that way requires that you install some sort of software on your computer, which could then be spotted by someone else. I’ve actually written quite a few articles on how you can hide files and folders in Windows XP and Vista before, but here I’m going to show you a new way to hide files that is very counter-intuitive and therefore pretty safe! Using a simple trick in Windows, you can actually hide a file inside of the JPG picture file!
7 in 10 smartphone apps share your data with third-party services
Our mobile phones can reveal a lot about ourselves: where we live and work; who our family, friends and acquaintances are; how (and even what) we communicate with them; and our personal habits. With all the information stored on them, it isn’t surprising that mobile device users take steps to protect their privacy, like using PINs or passcodes to unlock their phones. The research that we and our colleagues are doing identifies and explores a significant threat that most people miss: More than 70 percent of smartphone apps are reporting personal data to third-party tracking companies like Google Analytics, the Facebook Graph API or Crashlytics. When people install a new Android or iOS app, it asks the user’s permission before accessing personal information.
Wireless Attacks and Penetration Testing (part 1 of 3)
The very idea of a wireless network introduces multiple venues for attack and penetration that are either much more difficult or completely impossible to execute with a standard, wired network. Wireless networks only know the boundaries of their own signal: streets, parks, nearby buildings, and cars all offer a virtual "port" into your wireless network. This is the first of a three part series on penetration testing for wireless networks.
HTTPS: It’s Way Past Time-A guest post from TJ Lamanna
Brace for impact. Well, maybe not impact, but phone calls and emails to be sure. Google announced that in July 2018 they will be flagging all non-HTTPS sites as insecure, which means your patrons are going to get a warning whenever they try to access your site. And for roughly 90% of public U.S. libraries, this is going to be the case.