Internet Security, Identity Theft, Recent IT Trend, EV, SSL Digital Certificate Technology

WiFi Internet Security

2011-09-19T03:44:00.000-07:00

It is common now, you can access wifi from anywhere. But you should be aware that when you access internet over a unsecured network, you connections may be visible to others. In most cases, when you go to shopping malls, outlets, cinema theatres free wifi network would be available, are you sure that you are over a secured network? The answer is "No". So it is better not to access any confidential information, online banking, funds transfers, etc over an insecure network. Use those unsecured network just for browsing purpose.

Also when you use Wifi internet from home, better have a proper, strong authenthic password to it, so that other people who search for miscelleous network doesn't get control over your network. Other than this always use a Internet Security Software, which has got a Firewall - which can allow only trusted network to access your PC. Hope this helps! Try installing the free best firewall from comodo - www.comodo.com or install the internet security software developed by K7 Computing - The K7 Total Security - www.k7computing.com

Internet Explorer 9.0 - Has it come out well?

2011-05-29T22:22:00.000-07:00

I was prompted for the Internet Explorer 9.0 Version in my Lenovo Laptop. I installed the updates, IE 9 was good. But later I realized that there is some changes happened in the system settings.

1. The Wi-Fi was not getting connected. My laptop kept on showing the error "First Switch on the Wireless device" - Though it is switched On, it was still not working. (Which was working properly before I installed IE 9?)

2. There is a pdf extractor after installing IE 9, it shows "Document format not supported, contact the administrator" - I kept using this daily, and it working fine before IE 9.

These were the 2 errors that I have found in my Laptop, I don’t know how many errors is still going to happen. I confirmed this must be because of IE 9, because this happened in one of my other colleagues PC, once he gave the system restore and was back to the old version of Internet Explorer, all the above errors went off.

Is there any other option, which we can do to fix the above problems, having IE 9 itself?

Can you trust the privacy policy provided in Websites?

2011-03-17T23:33:00.000-07:00

Recently, this question came into my mind, when I happen to receive certain survey mailers, and if I fill in the survey, I would be receiving a gift. But I had a doubt whether to participate in the survey or not. Then I made up my mind and participated in the survey, after reading the privacy policy which mentioned "Your details, such as name, email address, phone number, address or date of birth etc etc won't be shared with any third party." And then I just accepted the terms and conditions keeping in mind why does it require for a survey to get all my personal details, still I proceeded with the survey filling in my details as required.

After a few days I received 4 or 5 calls from different locations and phone number stating I have filled in a coupon in super market and have won a gift. To get the gift I need to come to particular location and attend a presentation. When I enquired, they said its regarding a MLM Business. Later I realized my information was shared / sold to some third party companies, who are trying to market their products.

This is no big surprise to me, because I know well that leading mobile companies, sell our data for a good cost/value to the marketing agencies and companies, who frequently use to call and SMS (Text Message) us in a regular basis to sell some product or service. In countries like india, though we opt out for a DND / DNC (Do Not Disturb / Do Not Call) we receive even more calls as the rules are strictly not followed, or before we opted itself or either the data is already with third parties. That goes one side, but on the other hand, they online survey mailers and website, they too have started getting our data from us for their business and for the growth of other business ;)

Between, you can trust some corporate companies, who ask for subscribing to newsletters if you unsubscribe and even you can provide confidential details if you are purchasing a product or opting for service. They tend to use these details only to remind you if the service/product is going to expire or update you some special offer if required. But this also if you wish they will provide, if you don’t they won’t. So your data is in safe hands. If you happen to register with some miscellaneous website, probably your data is No-More Safe. THINK & ACT.

After making this analysis, probably I will have to change my mobile number - so that I don't get irritated / frustrated with dump calls. :)

Don't forget to look in to this link - a guy frustrated with kotak mahindra bank marketing call, has shared the real experience.

Top Ten Protection Tips for Identity Theft

2011-01-13T07:16:00.000-08:00

Identity theft has been substantially increasing day-by-day. It’s a MUST to know how to protection ourselves from identity theft, so that we don’t fall prey to identity thieves.

1. Protection from Phishing: DO NOT click on links which you receive via unsolicited emails

2. DO NOT share your bank a/c or loan a/c details to third persons.

3. DO NOT provide your confidential details to known or unknown people over phone

4. DO NOT carry your Social Security card in your wallet (if you are robbed, thieves might misuse them)

5. DO NOT share your personal / confidential details such as bank login and password over chat / instant messengers.

6. Monitor your credit report regularly. We offer reliable Credit Monitoring in Topeka, KS

7. Install an Computer Security Software and keep it updated

8. DO NOT visit untrusted websites and download any exes or software’s. (Hackers may add a script to monitor your computer)

9. Always check if the net banking site you visit starts with https (https states whether the site is secure or not)

10. Learn more about identity theft and get self educated as well as educate your known ones

Internet Environment - Energy Consumption - Is it Hurting?

2010-12-23T22:52:00.000-08:00

Infographic by WordStream

2009 Identity Theft Statistics Country-wise

2010-10-28T23:10:00.000-07:00

Home Security In Houston

[Via: CreditRepair.org ]

Un-Trusted Downloads May Crash Your PC

2010-09-16T23:57:00.000-07:00

Cyber criminals may get into your PC via unsafe downloads online. So beware about such kind of downloads and ensure you are safe. Here is the full security awareness article for your reference, Just visit http://www.buzzle.com/articles/beware-about-hot-downloads-online.html

New Computer Security Forum Launched!

2010-08-31T01:35:00.000-07:00

Recently Hermesmyth, an India based Online Marketing Services company has launched an new computer security forum “SafeScribble”. SafeScribble Computer Security Forum aims at discussing and solving computer virus related problems and, suggesting the best antivirus software for computer users.

SafeScribble PC Security Forum now invites antivirus technology experts to join the discussion and help grow the community by contributing security related articles and helping the forum users of their pc related questions. Also SafeScribble invites individuals and business users to share their virus related problems by registering in the discussion board for free and make use of it.

To register for free, please visit http://www.safescribble.com/

Web Server Security

2010-08-09T02:20:00.000-07:00

Operating Systems still continue to be vulnerable to attacks if the security patches are not installed periodically, which gives way to malwares and massive internet worms. Sometime ago, the internet worm conficker, which is also known as downadup was creating big chaos over the internet, which lead to huge losses to the corporate and website owners. Meanwhile there was also number of buffer overflow attacks reported during the year 2009. It’s quite common that all the web servers do have vulnerability, but its good the website owner need to safeguard their valuable digital assets by periodically updating the security patches and by running quality server security software products, which would prevent from the web server being vulnerable i.e. accessible to the hackers.

Below are a few one-liner precautionary steps that will help you in securing your Web server.
1. Install the Security Patches whenever available
2. Check the client side of the website by running a Malware Scan to ensure the users are safe
3. Disable the unnecessary scripting languages in your web servers, as hacker may target them
4. Subscribe and Keep monitoring the security vendor's security alerts
5. Most importantly use a tough Alpha-numeric-Symbol based password
6. Check for vulnerabilities by running a vulnerability analyser to check your web server security holes
7. Set up permissions at different levels so that no one can access as an administrator, expect the person intended for.
8. DON'T test any new or unknown scripts in your main web server, because some untrusted scripts may inject a malware in your server

Also, now Google provides a free tool called "SkipFish" - a web application security reconnaissance tool, which can run a security audit to your website. Here is the link for your convenience http://code.google.com/p/skipfish/

Still wondering how the attack takes place, here is a pictorial representation of Top Cyber Security Risks by Sans.org http://www.sans.org/top-cyber-security-risks/tutorial.php

Top Identity Theft Methods

2010-06-08T21:01:00.000-07:00

According to the FTC, over the past 5 years over 27.3 million people have had their identity stolen. That's a scary number, made more concerning by the fact that most people don't even realize their identity has been "borrowed" until after the damage is done. At this very minute, someone could be merrily opening credit card accounts and applying for mortgages under your name. It's important to take steps to actively protect your identity. The first step is to be aware of the various methods thieves have of obtaining your personal information. Some of them are predictable, while others are more surprising. The list below is a great starting point.

Getting your credit card information during an in-person transaction: This usually happens at a retail location where you're using your credit card to make a payment. Thieves can see and memorize your credit card info (or just write it down) and then turn around and use it to make their own purchases. They have even been known to resort to taking pictures of your card with a long range camera lens!
Stealing your mail: Make sure your mailbox has a sturdy lock, and that you keep a close watch on your mail trends. Haven't gotten any mail for a while? A thief may have submitted a change of address on your behalf to have your billing statements mailed to an address they control. They can then apply for credit card offers that you receive and obtain credit cards in your name.
Stolen wallets or purses: If your wallet or purse has been taken or "lost," immediately cancel all the credit cards. This is also a good time to put a credit freeze on your credit records at all 3 credit bureaus and start looking into identity theft protection services.
Dumpster diving: You'd be surprised how much personal information people throw in the trash. It's easy for thieves to acquire this information and use it for their own means. Make sure you shred all your documents and take the proper precautions.
Eavesdropping on phone conversations: People are usually pretty lax about what they'll say on the phone. With the advent of mobile phones, it's very easy for a thief to overhear you divulging personal information to a friend. Always be aware of what you're saying and who might be around you.
Phishing: This is a common email scam where you receive an email from a company of authority, such as your bank, PayPal or eBay. The email will ask you to provide personal information (like a password) by responding to the email or going to a link in the email, or even by calling them. Do not ever respond to these emails! No legitimate company will ever ask you for personal information via email.
Computer viruses: Hackers can create viruses that will invade your computer, acquire personal information, and send that information back to the hacker. Always have a current version of internet security software installed on your computer and make sure you keep it up to date.
Intercepting data from insecure sites or networks: If you're accessing your bank account or shopping online, make sure the site is encrypted. Look for a "https://" at the front of the URL. This indicates the site utilizes SSL encryption to keep your online transactions safe.
Pretexting or Social Engineering: This occurs when a thief uses false pretenses to get your personal information. One popular scheme is to call you, pretending to be your bank, utility company or other institution that might have access to your personal information. They will then ask for you to provide or confirm some piece of personal information. If someone calls you, don't give this information to them. Instead, look up the number of the company (if it's a bank or credit company, usually the number will be on the back of your card), and call them directly.

Some of the schemes mentioned above are fairly easy to protect against, others are more challenging. It's a good idea to stay on top of your credit records, as suspicious changes or updates to your credit history can indicate potential identity theft. The easiest way to do this is by signing up for an identity theft protection These services will usually monitor your credit history and actively stay on top of any leaks or use of your personal information.

Internet Landmines - what can a click do?

2010-02-23T02:11:00.000-08:00

It is unbelievable how much harm a single click can do. Yet many people flirt around innocently with the internet, unaware of the dangers that are out there. In a lot of ways internet is like an area filled with landmines and any step of yours can be lethal.

Time is premium for most people these days and most of us assume and neglect some critical aspects of internet browsing. In a recent survey, it was concluded that more than 90% of internet users click “OK” or “YES” without reading the content. When installing software, most people in their haste to install their product, click “Next” without reading what they are signing up for, this becomes a habit beyond a point. This is exploited by some of the hackers.

Just a small wonder- have you ever read the term and conditions while signing up for mail account or while installing software? Answer it yourself :)

Many types of software are designed to send back information to the server computer on a regular basis. This information can vary between internet user patters to system resource usage patterns. Even many popular security software products send such information, which is later populated to develop a better product. But sometimes other malicious software might send out vital information such as your credit card information, SSN, or even bank account number and some other important documents which may be stored in your PC for your personal use.
In spite of advancement in the online security technology, there are many sites that pose various levels of threat to the computers. If you have a proper security system installed in your computer, you will be warned. But many people take this lightly, but without your knowledge your security is compromised.

This happens, mostly in case of firewall software’s – when there is a some network trying to access your computer, most of them don’t even have look at what message is being shown in the pop-up and just click “Allow” – sometimes a traffic which needs a “Deny” would be allowed.

Since most of the world, other than Europe and North America, is only recently getting acquainted with the internet. There are many unaware users on the internet. It is not difficult to get the hang once you have been browsing for a while, but initially people trust most of websites what they see, as most of them for a fact lack experience and are unaware about the online security threats.

So here is a little important information that computer users can follow.

• Read and Think before you click “Yes” or “I Agree”

• See if the website has got a “Privacy Policy”

• Always trust sites which are verified by Third Party i.e. having SSL certificate.

• Be careful about phishing attacks through email – You many receive a email claiming it to be from bank, but actually sent by a hacker.

• Always have a look at the link address once before clicking on items. If the link address does not match with the parent site, it is better to avoid such a link.

• Never click on suspicious links.

• Read the security alerts/ pop-ups, before you proceed to click “Access” “Yes” or “Deny”.

• Do not provide your personal information over chat to unknown persons.

• Do not share your passwords

• Have a Virus Scanning Software.

Day-to-Day activities that increase risk of ID theft

2010-02-10T18:52:00.000-08:00

Everyday activities like using their phone, browsing the web and shopping can increase their risk of becoming victims of identity theft.

Steven Domenikos, CEO of IdentityTruth shares his list of 8 everyday activities that increase an individual’s risk for ID theft – I thought you may be interested in sharing these with your readers?

Phone Home: Smart phones are more popular than ever. In the rush to grab a piece of the pie, phone vendors and carriers will perhaps sacrifice security for market share. While Apple vets all iPhone apps, some others - notably Android Market - do not. Fake banking apps have been discovered on Android Market and have been subsequently removed – but not before they were downloaded and used by an unnamed number of victims.

Apple, of course, is vulnerable as well. With the lion’s share of the Smart Phone market, the successful release of a rogue application, even if only for a few days, would result in a huge payoff for the perpetrators. A May 2009 survey conducted by Trend Micro revealed that 1 in 5 Smart Phone users admitted to having been the targets of phishing scams.

Staying Connected: It seems that everyone has at least one profile on a social networking site - and many people have more than one. Besides the spam friend requests that are received, presumably in an effort to get past the spam email filters, there are the add-on helper applications that pose just as much a danger as the rogue smart phone apps referenced above.

The data contained on these sites when combined with information contained on school re-union sites, resume and job-search sites and other public information could be used to build personal profiles, and enable identity thieves to steal your whole persona.

Check that URL: In October 2009, ICANN approved the user of non-western characters in web addresses. Beginning in mid-2010, one will begin to see addresses in Arabic, Greek, Hindi, Japanese, Korean, Cyrillic and others. With certain foreign characters looking like western characters, it is easy to see that the scam artists will use these to impersonate valid sites. Surely the security software will eventually catch up. But in the meantime, users will need to beware.

It’s in the mail: When you receive applications for “preapproved credit cards in the mail” be sure that you open and shred the enclosed materials before throwing them away. According to the US Department of Justice: Criminals may retrieve those applications to try and activate the cards for their use without your knowledge. Also, if your mail is delivered to a place where others have ready access to it, criminals may simply intercept and redirect your mail to another location.

Longer Log-ins: A recent report from Imperva shows the most commonly used passwords, including “123456” and “iloveyou”. Having such an easy-to-guess password – and worse, using it for multiple websites/services – makes you easier to target. Choose complex passwords that include both letters and numbers, never use the same password for more than one website, and change your passwords frequently – at least every 3 months.

To reply?: If you get an email from any institution - be it your bank, your credit card company or the IRS asking that you reply with sensitive personal information do not respond under any circumstances. These phishing emails are still used by identity thieves preying on people that are too trusting, or too rushed to think twice.

Trash that: Dumpster Diving is not an Olympic sport – it is a practice by which criminals comb through trash looking for personal financial information – cancelled checks, bank statements, credit card statements and more. Be sure to shred any and all documents containing any personal information before throwing them away.

Shop till you drop: Double check all receipts from stores and ATMS – they may contain account information that identity thieves can use. Also, try to avoid kiosk ATMs - those freestanding units often do not have cameras and are statistically more likely to be infected by skimmers (electronic devices that allow thieves to record account and PIN numbers).

Always check if there is a SSL Certificate (https://) present in the website while you do Online Shopping. Not only in a shopping site, but also check if the page is secure in case you provide your confidential and personal details.

Webhost Hacking

2010-02-02T03:19:00.000-08:00

Recently one of my collegues website was hacked and there were some arabic content with English talking ill about the world. Finally we found that the site's hosting account was hacked and have complained it to the webhost provider.

What makes hacking easier for hackers?

Hacking is caused by weak user account login and password. It always recommended to use some strong passwords. Avoid using passwords like your name, date of birth, your computer name, pet name etc. The other reason for a webhosting account to be hacked is caused by the party website script that is vulnerable and having a security hole. For example, if you download a free website template from a insecure website and upload it to your webserver without knowing that hacker has placed some spyware in it. A hacker can exploit your textbox or web-form by injecting SQL into your database, or even by injecting HTML code into your web files. Another entrance for hackers is through FTP login, once the hacker gains access, they will be able to change your web files in any means.

So it is very very important to secure your own hosting account as well your ftp login. Make sure your password is 8 Character long and having combination of alphanumeric, Numbers, and symbol. safeguard your own login information. Finally, make sure your website script is updated with the latest version of script released. These are the best way to protect your website from being attacked again.

There are so many securities stuff availble by the webhosting provider, you can purchase them and form a additional layer of security to your web hosting account.

Make sure you buy a website and WebHosting Account from a genuine provider, who can always be by your side to support at the earliest.

Internet security - must know for PC users

2010-01-27T00:57:00.000-08:00

Everyone has a PC today, but they also get attacked by computer viruses all the time. Though PC penetration has been on the raise, the percentage of internet security conscious users has reduced.

Here are a few tips for readers to understand the DOs and DONTs on the internet

DOs

The foremost thing to do when you are an internet user is to install an internet security product. The product should essentially contain a working firewall system and a database of virus information to help protect your computer from any latest security threats.

The second thing is to educate yourself, on the levels of safety of various sites. Though it might seem that most site seem credible, with a days it should be easy for anyone to get a hang of which sites are safe and which ones are not.

Beware of what you download. Most of the viruses in the internet spread through downloads. Having said that one of the major activities on the internet is to download relevant data from the internet. Make sure you run a virus scan to ensure that the downloaded item is virus free.

Learn more about the internet security and how vulnerable your computer is. Learn to change the settings of your system to ensure that there is no possibility of an attack.

DONTs

Do not use your credit card or back account number is an unauthorized site. Many cases are reported along these lines when members have given their security details on the internet which was misused.

There are many viruses that spared through emails. When opening an email always beware of a threat. Do not open executable files when sent through email from an unknown sender.

Always carry financial transactions, only through secure websites. These sites have been verified by a third party to ensure the cash transfer process is secure. The site will begin with https:// if it is a SSL secured website.

Don’t leave your system logged in, which can be misused by other users. It is advisable to "Lock Before You Walk" from your Computer.

2010 Security Suites: The Best and Worst

2009-12-22T21:05:00.000-08:00

We've reviewed nearly a dozen 2010 security suites—find out which will keep you safe and which to avoid.

The 2010 "model year" for security suites got started early, with a couple of products already out in June. Panda Internet Security 2010 made a decent showing, but eScan Internet Security Suite for Home Users Version 10 isn't ready to provide serious competition for any of the better-known contenders in the U.S. market. Much the same is true of K7 TotalSecurity Version 10.0: It's popular in Japan, but doesn't live up to the standards set by other major products here—at least it didn't bog down my test systems. Through the summer the suites kept rolling in, keeping me busy with all-out evaluations. Read More....

Direct Source Link: http://www.pcmag.com/article2/0,2817,2351871,00.asp

Online Safety | Antivirus Software | Internet Security Software | Security Tips

2009-12-14T02:26:00.000-08:00

Antivirus Software and Safe Online Behaviour - 2010 Outlook
— There has been lots and lots of computer users who became victims of viruses, spyware, worm, and trojan attacks in 2009. Also to point out there are security sites itself has been hacked, computer viruses has been floating around over the internet and many other known and unkwown events that happened. How is going to be the future? What steps are to be taken to protect from such internet security threats? are the points here to be discussed.

"Porn" Games on Rise

2009-12-11T01:03:00.000-08:00

It was before a year or two most of the children were so much crazy or even can say addicted to games like Moto Racer, PS2 and many more. But today children are still have got lot of choices in choosing a game from wide variety. Whereas in the recent times, there has been many porn games which has been floating around the internet as well as sold in the way side Shoppe, and markets. These games are designed by some individuals and are sold in the internet worldwide.

You may ask what’s wrong with wwf, hunting and other explicit games. The problem according to psychologists’ any fighter games will make a child to become violent. At least the fighter games can be set apart, but what about the porn games. Recently there is game which is popularly played by children in and above the age of 13. That’s none other than a porn game. The games goes like this “A girl would be standing alone in the railway station, the player who plays the game should rape the girl and have pleasure” Doesn’t sound bad. These kind of games should not be entertained says government and NGO’s. Latest news on socio-economic, technology keeps pounding about such kind of illegal games and the consequences one has to face for designing those.

Psychologists’ say that “If children about 13 Years and above play this as game, tomorrow, in real life if they get a chance to see a girl alone in some place, the intention would be not to impress but vice-versa as played in the game. Also a student who plays this game, tomorrow if gets married; his mind doesn’t look for love or affection, but for forceful indulgence or other way round. Love is something that should come from heart and mind, and in no way can’t be acquired forcefully”

So it’s our responsibility as a human being to stop all such illegal activities. In fact the world is still exists because of the true love and affection among people. When the true love and affection expires then the world is no more.

Airtel Support - My Worst Experience

2009-10-08T19:36:00.000-07:00

Let it be a security software support center or a broadband support center, if the support system is working good, then the customers are happy. Responses are one important thing that is liked by all, Just wonder how frustrated I am, if I had shot an email to Airtel Broadband support and till that I haven't got an reply. Below is the story that happened. I would have been happy if the support people has responded me on time, stating that "Sorry, there is no feasibility in your area" - if they had said this I would have gone for an alternate. Instead see how much I would have been frustrated after so much patience. Honestly once, I really was happy with the Airtel support, but now...... you will know from the below mail that I sent to airtel.

___________

from Yuvaraj Rajendran

to Care TamilNadu ,bb.support@airtel.in
date Sep 1, 2009 2:30 PM

subject : High Priority - Regarding Telephone / Broadband line shifting

Dear Support,
I have been calling the Airtel Support "121" and "044-42110198" from Last Monday ie. 24th August 2009 to Till Date i.e. 1st September 2009, regarding, shifting of my telephone line from Velachery to Alandur. I am really NOT HAPPY with the support provided by airtel for the all these days. Just wonder I called from the date specified above to till date, to hear finally that I don't have feasibility in my area. The below are the responses I got from Airtel Customer Support and Airtel Escalation Department.

Monday: I called and said, that I need to shift my Airtel telephone/broadband line from Velchery to Alandur, as I am shifting my home on Wednesday. And customer support executive told me, that the information has been recorded and I would receive a call tomorrow i.e. Tuesday.

Tuesday: As I did not receive any call till noon, I gave an call to Airtel Customer Support, and asked regarding my status. They asked me to call after sometime, so they will check and let me know the status. Later gain I called them, and they said they feasibility for my area is there and again I was told that Airtel Staff would be contacting me soon.

Wednesday: Again the same thing happened, I did not receive the call, and again I gave an call, and put the request regarding the issue, and I was told, definitely I would receive an call, but I did not.

Thursday: As I did not receive the call, I again called the Airtel Tech/customer support, and I was told, that I would receive the connection itself by friday, and I reconfirmed, about my feasibility, and I was told yes, and shifting would be done on the requested date ie. on friday before 5.30 PM, before that I would be getting a call.

Friday: I was waiting, waiting till noon, and again , I gave a call, and was told by one support executive, that I need to clear my outstanding, but the support executive who called me is also not clear about it. And I asked, why I was not told all these days, and then I asked, anyways I am going to shift my line, so I will make the bill payment on the specified date. I was told yes for this. And the issue was Escalated to the Escalation department, and I was assured that I would be given the connection.

Saturday: On Saturday, I was waiting for the connection, but I did not receive any call, and again I called to remind them about the linke shifting, and I was assured by the Airtel Support Manager, that definitely on Monday, I would receive the connection on Monday ie. 31st August 2009. (I was bit happy, that I would be receiving the connection on monday).

Sunday: I called my friend, who works in airtel, and said regarding this, and he said, he would help me on monday if not done.

Monday: I was waiting for the confirmation call on Monday, till noon, and I gave an call, regarding this, and one customer support executive picked my call, before I can tell anything, not even listening to me, she said "Thank You for Calling Airtel Support Center, Have a nice day" and disconnected the phone. Again I called up, and I was told by some other support guy, who assured me, We would provide the connection in the specified time, and I would receive a call in 30 Minutes.

You know something, I was happy the moment I was told like this, (Just a small wonder, I have took an OFF for my office this day, for the purpose, that I am going to get a connection), but my happiness did not last long. I was given a called by the airtel care center, and an other guy told me, I need to clear my outstanding balance of Rs.653, and in the next 30 minutes, I went to all the way from Alandur to T.Nagar, to pay the outstanding balance and I paid Rs.700. I did pay the bil andl I was waiting for the connection on Tuesday.

Tuesday: Really Really got Frustrated, I called the customer support thrice, and all the 3 times, I was in hold for a long time, and finally reached a support engineer, and asked to transfer me to escalation department. And I was put on hold for a long time, and the line got cut, before I could speak to someone. Again I called, I was put on hold for such a long time, and was finally, the escalation department manager( I don't know if it is the real designation of the person) has told the customer support executive to say, that there is no network connectivity in my area.

I was so fed up and shouted at the executive, I felt pity on the executive, what can she do for the fault of the Team Leads or Managers, who give wrong information.

I know its a longmail, still wonder, last tuesday I was told, I have got the feasibility, and now I was told there is no network feasibility. (Is this a tactic to get the unpaid bill amount from me, before I relocate?) Kindly do have check at my bill payments, never I have made a late payment. Is this the way you people handle the customer? ITS LIKE CHEATING ME AFTER GIVING ME THE ASSURANCE. If I was told this early, atleast I would have gone for some other service provider. Because of this, I lost my patience, my companies salary for 2 days, mine and my brothers work got affected and lot of unwanted tensions.

If I was told early, I would have made some alternate arrangement. I wanted this to be notified to the concerned person/top executives. Else, the top executives won't be aware about these kind of issues.

Anyways, a small wonder, If I am not going to be a airtel customer, it not going to be a huge loss, but if there are thousands of people, who face the problems as I do, then what?

Kindly try to resolve this issue, before I could blog it. (I am an online marketing consultant, wonder what I will do without internet). Atleast let my existing line be there, so that I can work for a week, till I get the new line either from you or other service provider. SURELY I WILL PAY MY BILL IF THAT ALL YOU WANT.

Thanks,

Yuvaraj
www.hermesmyth.com
www.crapcorner.com
http://yuvi-internetsecurity.blogspot.com

_______________

I don't know if reaches the top people in airtel, but still inspite I told I would post what happened in my blog, there were no responses. some 2 to 3 weeks I just called to know, if my connection was disconnected from my old place.

Best Antivirus Program for PC Protection - How to Buy It? | Market & Techie News Channel

2009-09-21T22:02:00.001-07:00

Best Antivirus Program for PC Protection - How to Buy It? | Market & Techie News Channel

Shared via AddThis

How to Know if You Can Trust a Site With Your Personal Info

2009-08-26T23:33:00.000-07:00

Yes, the web has provided us with the ultimate convenience in shopping, banking, and practically anything else you can think of. But when it comes to such personal data such as credit card information or your social security number, what sites can you really trust? With the increasing numbers of identity theft and fraud, scammers are having a field day with innocent consumers. It’s no surprise, since any criminal can start a free web page (URL: http://www.freeservers.com/Free-Web-Page.html ) and attempt to pass it off as secure and authentic to unknowing viewers. That’s why you should think twice before entering such precious info because the circumstances can be disastrous.

First, minimize security problems by sharing info on sites you know and trust, or ones that have been recommended by confident friends and family. You simply can’t tell by the looks of the website if it is reliable or trustworthy. Try to stick with well-known and reputable companies. Also be cautious of merchants who don’t list any other contact information. You can check outside agencies such as the Better Business Bureau to see what complaints the online merchant could have. After you think you have found a site that is trustworthy, find out if the web page is secured. When a web page is secured, it provides an encrypted transfer of info from your computer to the website, and the info cannot be read while it’s being sent. A secure site possesses an SSL certificate. Here’s how to tell if the page is secure.

Look for Https
Check out the URL or web page address, usually in the top of your web browser. Most addresses begin with “http” but secure connections display “https” instead. The “https” should not only be on pages where you enter your credit card info on shopping sites but also on pages where you type in usernames and passwords, such as your bank website or website where you go to check your email.

Examine the “Lock”
While on a secure page, your web browser should display an icon that looks like a padlock on the lower left or lower right corner, depending on your browser. Hover over it with your mouse or click it to verify the security information. Beware that some sites will try to trick you by simply replicating a padlock on the bottom of their webpage, making you think that what you are looking at is indeed your browser. Just remember to be familiar with your browser so you can spot fake locks.

Check the Properties
You can check if a page has an SSL certificate by going through your browser’s Properties menu. In the properties menu, select the Certificates option and see if an SSL certificate is present.

These are the main features to check to see whether a site is secured. For pages displaying a VeriSign SSL certificate symbol, use VeriSign’s “Verify Before you Buy Search Box” on their official website to make sure the seal is valid or if it’s being used with authorization. You simply copy and paste the site’s URL from your web browser and click “verify.” You can even download a “Verify Before You Buy” widget for your browser to make it even easier.

Worried about PC Security - Buy Antivirus Software Now!

How to change Time Format from 24 hours to 12 Hours Format in Windows Vista?

2009-06-04T03:20:00.000-07:00

To change the Time Format in Vista from 24 hour to 12 hour follow the below instructions:

1)Go to START > Settings> Control Panel> Regional and Language Options

2)Under Formats Tab> Click "Customize this format..."

3)A new Window will open > click on the "Time" tab

4)Under Time Format, Choose "tt hh:mm:ss", then click Apply.

If you need to change an 12 hour format to 24 hour format just do the above procedure, and choose "TT HH:MM:SS" and click apply. Thats it... you can now have the time format that you look for. Soon you can see more technology tips in my blog.

Computer Security Tips

2009-04-21T01:21:00.000-07:00

12 Tips to Make your PC Healthy
— Here's a dozen of tips that makes your PC healthy, if you follow it. Nowadays day-to-day there are lot new security issues that affects the computers performance. So there are certain security measures that needs to followed to make our PC Healthy

PC Protection for Layman

2009-04-16T06:05:00.000-07:00

Protecting a PC, Is that really easy?
— A computer without proper security is exposed to lot of risks, how to combat those and prevent your computer from such kind of potential new threats that increase day-by-day being a layman

New Conficker Threat and April 1st 2009 - A Prank or Real?

2009-04-01T02:57:00.000-07:00

The Conficker.A and Conficker.C seems to have infected around 10 Million PC’s globally. But recently this Conficker worm has turned the attention of so many security software companies, being their websites and their network would be affected on 1st of April. Being it a Joke or Serious issue, I personally feel that it’s always good if we are secure to protect our computer from such kind of infections using a good Antivirus Software or Internet Security Software Tools. Coming back to Conficker – the Microsoft has given a severe alert level for this Conficker.C and Conficker.D Worm, which is expected to be live on the malware servers on April 1st. Click to know more about Worm:Win32/Conficker.C and Worm:Win32/Conficker.D from Microsoft Official Website. Anyways, if Conficker is going infect PC’s on April 1st or December 1st, it’s our responsibility to keep our PC secure, with updated security patches released by our OS providers to prevent / protect our computers from any worm or other unwanted malwares.

Though its gonna be a real infection or if its not going to be an infection on April 1st, still we can have our security patches updated, to safeguard our computers from any kind of dreadful infections.

Anyways if you are presently infected with Conficker worm, just download Conficker Remover tool to disinfect/remove it. If you feel that your antivirus software is unable to clean any Worms, Trojans, virus or any malware, you can always search for some specific worm removal tools for free in the web.

Protecting Your Digital Identity - A Interview in Paltalk

2009-03-24T22:30:00.000-07:00

Hottest Web Security Products

2009-03-05T21:23:00.000-08:00

Just came across this link while googling, and thought should surely share it with you. Here is the 12 Hot Web Security Products for Midmarket.

Cracking a Software Key – What’s the risk possessed?

2009-03-04T01:26:00.000-08:00

Many people they don’t want to pay for computer protection. Hence they start downloading the cracked version of software which we term as “pirated software” or “illegal software”. The people, who use such cracked software, think that both paid and cracked version is going to have the same features. So instead of spending they try to generate a duplicate key and crack the software and use it. But wonder how long is this cracked software going to work?

What’s the risk of using a pirated version of software?

In pirated or cracked software version though the features and the GUI everything remains same, you won’t have any automatic updates or regular bug fixes. Anyways illegal is illegal always. For example, the most popularly downloaded antivirus software, though it can be cracked, it would be useful only for that day. The reason is because there are thousands of viruses that are generated day by day all over the world. So the antivirus companies they research, find the new virus, find a signature, write a program to disable it from action etc and upload it to their antivirus software, which goes as automatic updates to the people who genuinely purchased the software. Whereas the people who installed the software using a duplicate cracked key, the automatic updates doesn’t work out. So the end user who uses the illegal software, doesn’t get the periodic updates, and is transparent and vulnerable to lot of security threats and attacks.

Moreover, in case a person who downloads a cracked version of software and installs it in his computer, sometimes if that results in a system crash, who would be providing the support? If he/she goes and asks the software company, the company will sue against him/her for using a pirated version of their software. The most possessed risk is that if you visit any crack download sites, you will see porn pictures to attract you, which may or may not be carrying some kind of viruses, which will enter the system while installing the cracked version of software.

So it is always good to buy software spending few bucks or instead go for some free wares, which is genuine. Because most of the freeware softwares may have adware installed in their software, which gives you regular pop-up and spy’s your computer.

A Recap – Why not to use Cracked Software:

1.) It’s Against the Law – i.e. its infringement of Copy Rights.
2.) You don’t get Automatic Updates
3.) Chances of getting malwares
4.) Finally its Doesn’t provide enough security to the Computer

“Using Cracked Software in a Computer is like using a broken shield in a War”

To fight the anti-Social elements you go for Fitness Courses and Self Defense Courses, to fight your computer enemies you need to install a real Internet Security software.

Will update you more on my Internet Security Blog.

Nigerian Scam / Spam mail leads to suicide

2009-02-23T21:08:00.000-08:00

In a breakthrough, Many of the email users receive a mail stating that you have “Won a Lottery of $5000000 and you can claim it now”. Thinking this to be a genuine one, many people reply the mail with their name, address and bank details. But when you reply those mails, they again shoot you a mail stating that you need to first pay the taxes or consignment amount or so on and claim your Money. But people only realize it later when they lose money that it’s a fraud email. These types of mail we term as “Online Lottery Scam, Nigerian Scam – being the mails claims to be sent from Nigeria.” There are some people who have lost lot of money believing such kind of spam mails and even committed suicide.

If you see the cause of suicide, there are spam mails such as “Nirosha Silva”, who even come via chat and speak stating they have lot of assets, and to transfer it they need money, and to make people believe they even call via phone and speak. Once they receive the money, they easily see for the next person to cheat again. So please try to understand what is spam and lets prevent and protect ourselves and others educating about such kind of fraud mails.

If you get such kind of mails claiming that you have won a lottery or stating that they need your help in transferring their assets from one country to another, or shooting (UK Requirement Microsoft) chained mails i.e. telling you if you forward this mail to one person you will get this many cents or dollars, kindly don’t believe them and lose your money. Always try to ignore such kind of mails, and also tell your friends, family and relations not to believe such kind of fraudulent emails.

The Screenshot provided is a recent spam email – which we shouldn’t believe. Click the image to have enlarged view.

Hacking Alert! Hackers Target Databases –Hack using SQL injection

2009-02-11T05:22:00.000-08:00

It has been a week ago, a Romanian has hacked the website of the antivirus software producer using SQL injection to steal the data. Many wonder what kind of databases are being handled by security companies, but there are databases that are really worth which include customer emails, software activation keys, personal details of the customers and other related information, which are being stored in the database server. Then wonder, how much confidential databases should a company which involve financial trasactions would handle. So if the server has got minor vulnerability also, the hacker can easily enter in to the server, by manipulating a URL, and passing certain SQL commands – which is termed as SQL injection. So it is always good for top level companies to use high-end database backup software, and have a regular system check to patch the security holes in the computer. Though the companies understand the importance of computer security and server security, due to high work upload, they sometime fail to update their security patches, which leads to such kind of hacking attacks.

This is an instance that happened, and has alerted the big players in the market, who deal with huge volumes of databases. Now most of them knew that hackers not only target the banking or consumer databases but also target whatever databases are available from pin to plane, which a hacker can monetize it.

Simple Steps to Prevent Computer Freezing

2009-02-11T04:56:00.000-08:00

Computer Freezes commonly occurs due to some hidden problems in the computer. Computer usually freezes unexpectedly, due to some services that are running in the system. Here are few simple steps that can avoid unnecessary computer freezes.

1. Uninstall unwanted programs – which may eat up lot of spaces from your computer
2. Disable certain programs in the Start-up, which you don’t use frequently but are important
3. Delete the cookies frequently from your computer cache
4. Remove all unwanted information from the system registry
5. Scan your computer regularly to keep it against viruses, worms and malwares
6. Keep your hard-disc bit free – which makes your system to perform faster, when some processes are opened
7. Be sure you have hardware components in the computer, that fit the capacity – and see that your computer is not overloaded
8. Always use a PC Security Software – to protect your computer from malicious program (malware).

Other than this, externally when you visit some website where you do financial transactions make sure, if the website is secured with SSL certificate.

Don’t handle technical jobs – Unless you are sure, you can do it in the right way.

List of Antivirus Software Vendors, PC Internet Security Companies

2009-02-05T22:36:00.000-08:00

This is a full list of anti-virus, internet security software vendor companies, ranging from start-up to large companies. If anything is missed, you can contact me, with the company name to make a addition.

AhnLab, Inc. - AhnLab V3 Internet Security, AhnLab SpyZero 2007
Aladdin Knowledge Systems - eSafe Web Threat Analyzer
Authentium, Inc. – Command Antivirus for Windows
Avast- antivirus software with spyware protection
Avira – Avira Antivir , Avira Premium Security suite
Bit Defender – Antivirus 2009, Internet Security 2009, Total Security 2009
Comodo Group – Free Comodo Firewall Pro, Antivirus, Internet security
Computer Associates International, Inc. - CA Anti-Virus Plus CA Anti-Spyware 2009
Doctor Web, Ltd.- Dr.Web Desktop Security Suite
Eset – Nod32 Antivirus Software
FRISK Software International - F-Prot Antivirus for Windows, Linux, Exchange
F-Secure Corporation – F-Secure Antivirus, Virus Protection and Computer Security
G-Data – Internet Security 2009, G Data Antivirus 2009, G Data TotalCare 2009
GFI Software Ltd - GFI MailSecurity, WebMonitor for ISA Server, Endpoint Security
Grisoft – AVG Anti-virus, AVG Internet Security
HAURI Inc. - ViRobot Desktop, ViRobot ISMS
K7 Computing – K7 TotalSecurity, K7 AntiVirus
Kaspersky Lab - Kaspersky Anti-virus 2009 Software with Anti-spyware
McAfee, Inc. – Mcafee Antivirus Software and Intrusion Prevention Solutions
Microsoft Corporation - Windows Live OneCare
MicroWorld Technologies, Inc. - eScan AntiVirus (AV), eScan Internet Security Suite (ISS), MailScan
Norman - Norman AntiVirus & Spyware, Norman Security Suite
Panda Security Software – Panda Internet Security, Panda Global Protection
Proland Software- Protector Plus Antivirus Software
Quick Heal Technologies – Quick Heal Antivirus, Quick Heal Total Security 2009
Rudra Technologies – Rudra Virus Detection
SafeScribble PC Security Solutions – SS Virus Removal Tool, SS Virus Detection, SS On-Demand Virus Scanner
Sophos – Sophos Enterprise Security & Control,
Sybari Software, Inc. - (Microsoft Subsidiary) - Windows Scan Engine
Symantec - Norton Antivirus, Norton Internet Security, Norton 360
Trend Micro, Inc. - PC-Cillin, Internet Security 2009

*Some the Computer Security Companies listed are just start-up.

SafeScribble - An Upcoming Free Computer Security & Free Online Games Company

2009-01-29T20:51:00.000-08:00

Thats really great to hear from my friends, that they have started a New Free Desktop Security Software Company, which I thought should share this good news / information with you. Also as a first phase, one of my friend who is a flash games expert has uploaded a free online flash game till their free internet security software products get ready. Hopefully the first product would be released in about 6 - 8 Months time. And right now this free game is hosted at zapak.com by my friend, and now it can be played in safescribble website too :). I enjoyed the game and you?

You know why the name safescribble? - The answer said is "We scribble the programming code, to protect your PC". Isn't it great. Also our guys are looking at some people who has an aim to design a worthy software to give it to computer users for free. If you would like to contribute your hardwork, software then mail them at info@safescribble.com. (Honestly we don't want your money but your support).

Enjoy your free online flash game, just by clicking the link - http://www.safescribble.com/free_games/BAATMAN_V8.swf

Your scribbles are also welcome ;)

Computer Worm – Downadup, Kido or Conficker infects millions of system, Here’s the Solution for you...

2009-01-23T22:29:00.000-08:00

A computer worm Kido also known as downup, Downadup and even Conficker, has been exploiting millions of systems. This vulnerability affects Microsoft Windows Server Services. The major impact was on Windows 2000, Windows XP, Windows Vista, Windows 2003, Windows Server 2008 operating systems. This small piece of malware has created an bigger infection globally infect 9+ millions of computers. This worm enters into the system via internet, or even via removable drives which is already been infected. This worm also arrives via email attachments. So it’s always good to scan your email messages and also run a periodic scan to your computer to kill such kind of viruses and worms.

Coming back to the title this Downadup worm once start infecting the system drops multiple files and registry entries including its own entries. This also makes entries in possibly vulnerable i.e. have security holes and gets in to malicious components in the system. AS it makes registry entries it automatically starts running in every system start-up. You many ask question what does this infection cause? The answer is it does use its own SMTP i.e. Simple Mail Transfer Protocol, which is used to send emails. This worm once infects the system, and the user uses the system to send an email, it sends an attachment along with the mail which contains this worm to infect the recipient PC too. The main target of this worm is the windows operation system and its address book.

The real sign is that though the companies which have got strict security policies and procedure followed in their organisations fail to update the security patches. So such companies which has failed to update its security patches in its server – the worm uses the hole, we term as vulnerability and gets in to the system to infect the server. Being an organisation, it is connected to multiple computers and each user may send emails to other companies which they do business with. If the receiver of the mail has got a proper security patch he is saved, else his network also would be infected.

The some top antivirus companies such as Kaspersky, Trend Micro, K7 Computing Internet Security Solutions and many more has come with their solution to protect the infected system and kill the worm in your system if infected. If you would like to download a free tool to remove the worm from your infected system, Click “Downadup, Kido, Conficker Remover Free Tool” for free download.

Also update your computer with the latest security patches, so that you and your system can be protected from such kind of internet threats. Download your Microsoft Security Patch from http://www.microsoft.com/security/portal/Entry.aspx to protect your Computer from Downadup/Conficker.

All About Security and eCommerce - A New Blog by K7

2009-01-12T00:41:00.000-08:00

Just wanted to share with you that we have launched our Company's new website and also have started a blog which discusses on the general Ecommerce, and Internet Security Stuff - You can visit - http://blog.k7computing.com/ . We expect your valuable feeback.

Buy Internet Security Software Now!

Best Top Security Softwares needed to protect your Computer

2008-12-26T22:43:00.000-08:00

Being the Computer Technology Generation, Protecting your Computer is like - you being protected with a powerful shield. Quarantining a Virus, intruder, phisher, malware is like killing your enemies. So wonder how much you need to take care of your computer’s health i.e. your health. What security softwares do I need to install in my computer to shield my PC, has been the question running in most of minds who have lot of confidential information as well as consumers who have felt prey to unethical hackers and viruses. Here are some of the important softwares that you need to install in your computer to protect yourself.

Firewall – An Intrusion Prevention System – which protects your computer from unauthorized access / intruders

Anti-virus – Virus Detection, Prevention and Removal Tool, which also protects your from worms, Trojans, Keyloggers and so on.

Anti-Malware – Protects your computer from malicious attacks

Anti-Spam – Protects your mailbox from unwanted or illegal mails

Anti-Spyware – Protects your computer from illegal spy’s which transmits your computer information to third parties

Adware Blocker - Blocks ads that come while you surf the internet

Privacy Control – Safeguards your personal information

Parental Control – You can restrict access for certain illegal, porn websites and care your children by showing them the right website (Right Path)

The above all is available as a Internet Security Suite. Other than this it is also good to have some other software which would function as a weapon and defence border security for your computer.

Back Up – A Storage and data recovery tool, in case you lose your data, it can be restored from the back-up software

Vulnerability Scanning – Its good have a periodic vulnerability scan so that you can assure that you system is completely protected from vulnerabilities

And it’s also good you step carefully while you visit websites which involves financial transaction. So when you attend banking or shopping site, check if the site begins with https:// instead of http:// and also has a golden pad lock (a lock like image) in the browser. If you click the pad lock it will say whether the site you enter is secure. So if the site is secure and fulfils the criteria then you can proceed with your transaction, so that we are alert that we won’t fall prey to the enemies i.e. Phishers.Apart from this there are so many security softwares available in the market, but the above all is considered to be the most important security softwares that will protect and shield your computer from attacks.

Pirated Versions of Operating System and its security threats

2008-12-24T11:47:00.000-08:00

Many of the people worldwide use to download the cracked version of Operating Systems and install and use them at free of cost, without know what are the consequences of using such illegal pirated versions of software’s. Most of the people who want to upgrade a system, they just go online and search if there are any pirated versions of Windows or Pirated version of Linux operating system is available in the web. Though some of the Linux based stuff is available open source, its good they use it. But whereas people now stopped spending to buy the OS and start installing a pirated version, but using fake registration/activation keys.

Is that anyone is aware about what are the consequences they ought to face if they install such kind of fake soft wares. The answer would be “NO”. Let the software manufactures filing a case/suit be on one side, are you aware that you computer is vulnerable for multiple attacks. Whatever latest operating system is being released, it will have some advanced features which will mainly have security features, with automatic updates if the product is purchased. So if a person goes and downloads a pirated version of the software, then they are missing the software developers’ periodic update. The updates are done, while the developers come across some key holes, through which your computer may be vulnerable, in order to close that key hole and save you from such security threats and vulnerabilities , the developers give automatics updates periodically so that your computer is not vulnerable. Without understanding the real fact of purchasing the software, most of the people, they just feel proud downloading a pirated version of software, and even share it with their friends’ network.

Though there are some enterprises which are being sued for using such kind of pirated version of software’s, still individuals, home users and small businesses have pirated version of the software in their system as the person or service providers, just to earn, installs the fake version of the software making a statement – “Let me know if there is any problem, we will fix it” and simply goes off with his payment. But still there are genuine service providers, who priorly purchase the licenses and provide quality services to their customers. So let’s choose the right service provider herein and also meantime let’s spend some dollars to buy the software, and at least try to make good the recession with our minor contribution.

Greetings! Merry Christmas (X-Mas) and a Very Happy New Year 2009 - Yuvi

2008-12-24T01:04:00.000-08:00

Make sure you are Safe and Secure during this Festive Season. Wishing you whole heartedly for a Precious New Year.

The Top 10 Worst Predictions – On the growth of Technology

2008-12-10T21:59:00.000-08:00

In this technology world certain things cannot be predicted. Though predicted it may result adverse. Here is an extract from Indian Express – which itself has extracted from “The Daily Telegraph”. Though my blog mainly deals with internet security and related stuff, In the morning once I opened the news paper, I was really interested to share this with you. Here is the top 10 worst predictions made by experts below.

1. The iPod will never take off – Sir Alan Sugar in 2005.

2. No need for a computer in the home – Ken Olsen, founder of Digital Equipment Corp in 1977.

3. “Nuclear-powered vacuum cleaners will probably be a reality within ten years” - Alex Lewyt, president of the Lewyt Corp Vaccum company.

4. TV won’t last because people would, “soon get tired of staring at a plywood box every night” – Darryl Zanuck in 1946.

5. In 1933, after the First Flight on the Boeing 247, a plane that could hold ten people, a proud being engineer reportedly said , “there will never be a bigger plane built”.

6. “we stand on the threshold of rocket mail” – US postmaster general Arthur Summerfield in 1959.

7. Nobody would ever need more than 640 kb of memory on their personal computer – Bill Gates in 1981, allegedly.

8. “The Americans have need of the telephone, but we do not. We have plenty of messenger boys” – Sir William Preece, Chief Engineer at the post office in 1878.

9. “Spam will be solved” – Bill Gates, 2004.

10. “X-rays will prove to be a hoax” – Lord Kelvin, President of the Royal Society, in 1883.

Source: The Daily Telegraph

Virus Removal Tool | Anti Virus and Internet Security Blog Explained

2008-12-05T23:12:00.000-08:00

Just wanted to share a blog post written by my colleague about the internet security virus removal tool. Click this link to learn more http://antivirus-internetsecurity.blogspot.com/ about Anti Virus and Internet Security Blog.

Most Possible Internet Security Threats for 2009

2008-12-04T22:58:00.000-08:00

Computer security threats have been increasing along with the technology growth, and high usage of World Wide Web. Though there are Internet Security Software’s including firewall, antivirus, spyware remover, adware blocker, anti-phishing tools or any other computer security products, still there is a risk if the software is not up-to-date. As there is increase in new threats such as viruses, Trojans and worms which infects a PC fast, before the software providers can get a signature to neutralize it. Once the signature is updated, and the software has got an option of automatic updates, then our computer is safe, as the security threat can be neutralized or even quarantined to make the computer safe and secure from further infections. So it has become an utmost importance for the computer user to be aware and secure while surfing the internet.

The other reason why there is increase in the online theft & easy injection of malware into the computer is because of the increased usage of fake pirated version of software in PC system. If a person uses a pirated version of software, then the risk of virus affecting the system is high, due to lack of periodic updates. So it is always to good spend some $10 to buy a real version of software, instead of losing $100 using a pirated version of software. Coming to the predictions for 2009 the Internet security threats and Vulnerabilities may include

Increase in Phishing attacks (Stealing the Identity online) Also see types of phishing.

Increase in Pharming attacks (Hacking done by redirecting the website traffic to a genuine website to a bogus website)

Increase in Instant Messenger Attacks (The online culprits use to send worm or Trojan, which sends automated messages to the people in address book, when the user is online/offline, and when the receiver opens the instant message, and click the link specified in the message, it will again go the recipients present in their address, like a chain)

Increase in Email Spam (Phishers and Hackers try sending out spam – fake messages attached with some virus, spyware, Keyloggers or Trojan trying to make computer users to fall prey them)

Increase in online pop-up ads (Some companies give free software, along with adware, which notifies the company of what the user is typing or searching in the internet, who inturn send pop-up messages, and promotional materials to the computer user which may make him/her disgusting and who need to be ad aware from such adware’s)

Increase in vulnerability attacks (This may be in any of above said forms. Sometimes the Operation system is vulnerable to attacks, if there is no proper protection)

Increase in other such crimes via online internet gaming, pornography etc.

The above said is the possible internet security threats based on the present scenario. In simple, the present threats will increase in future, pertaining to the development in technology.

Event: Anti-Virus Researchers International Conference

2008-11-26T03:24:00.000-08:00

One of the largest Asia-Pacific conference to discuss regarding anti virus and anti malware technologies, is going to be held in New Delhi, India, between 10th and 12th of December 2008. The experts from top antivirus software development companies would be presenting papers related to the future of anti virus, malware protection etc. Moreover the huge internet security software giant’s including F-Secure, K7 Computing, Symantec, Trend Micro, Norman, AVG, Kaspersky would be participating in AVAR 2008.

Some the topics to be presented will include

New Malware, New Environment, New Testing Standards by David M Perry (USA), Global Director of Education, Trend Micro.

Exploiting Anti-virtualization Techniques to Prevent Running of Malware by Andrew Lee, Chief Technology Officer (CTO) of K7 Computing (India).

Propagation of Malware Through Compromised Websites: Attack Trends and Countermeasures by S.S. Sarma (India), Scientist ‘D’, CERT-In.

Anti Malware Testing Standards Organization (AMTSO): The Status Right Now by Righard J. Zwienenberg (The Netherlands), Chief Research Officer, Norman. President, AMTSO

Cyber Terrorism by Swanand Dattaram Shinde (India), Software Engineer, Quick Heal Technologies.

To know more about the Association of Anvi-Virus Asia Researchers International conference & sponsors visit: http://www.aavar.org/avar2008/sponsors.htm

Future Trends in Internet Security

2008-11-24T00:18:00.000-08:00

Internet is one of tremendous achievement in the recent history since the computer age started. In the beginning, when the internet was structured the commercials were not allowed. But later internet became one of the backbones for industries, shopping, banking sector and for other commercials, which resulted in high business and at the same time paved way for cyber crimes. Though in earlier days the rates of cyber crimes were less, now the advancement in computer software technology has substantially increased the online crimes causing serious cyber security threats. Now internet network is one of the most importantly considered infrastructures for commercials globally, if this is not secured properly, not only ecommerce is at risk but also the life of humans can also be at stake. That means the future is at risk without security.

Drawbacks of Unsecure Internet
An Unsecure internet is like a human without dress. So if internet is not secured then any one can trespass to connect to your computer over internet and steal your information. So internet security has become a greater challenge for both personal and commercial use. If a computer connected to internet is not secured, then it is vulnerable to multiple attacks which include packet sniffing, phishing, TCP / IP hijacking & Spoofing, redirecting the router and other such kind of active attacks. So a proper and secure infrastructure can alone prevent such kind of active attacks.

How to secure the internet from Vulnerability?
By analysing the past and present trends in the internet security, the experts have come with a new scenario about the future of internet security. The scenario when overlooked would be simple to read but it’s difficult to implement, unless and until, we people (internet users) are aware about it. The future IT trend will give the solutions that provide additional layer of security to the computer and internet. The recent IT trend is focused mostly on the future security measures which may include

1.) Website Security – Secure Sockets Layer, Web Internet Protocol (IP) Security

2.) Web Application Security - Web penetration testing, Denial of Service attack, Web Server Firewall, Protection for programming languages used in websites e.g. java, html etc used for designing the website.

3.) Desktop Security – Internet security suite, Firewall, Antivirus, Anti Spyware, Anti – Malware, Adware protection, Vulnerability Analyzer, Security based PC Utilities, Anti Spam including PGP / Smime e-mail

4.) Infrastructure Development for Enterprises – Biometric Authentication, Smart cards, Access Control

5.) Implementation of ISO (International Organization for Standardization) Model in Organisations

6.) Wi-fi or Wireless Security

Technically speaking, there are lot of confusions of what layer of security is required, or which kind of certificate is appropriate for PKI – Public key infrastructure, those suites globally and so on. Also the security measures that needs to be considered for extranets and intranets, which leads to a question of authentication level. So when a proper analysis is being made for security verticals including wire-less communications will provide a solution with key advantages. So for the base of website security the encryption and decryption level needs to be suggested by cryptographic experts. When it comes to computer security, it’s the effective desktop security solution that needs to prevent / protect an unauthorized access. This is because if the computer is vulnerable only there would be an unauthorized access, so if a comprehensive internet security suite is being installed in the computer, it works as a guard to the computer, prevent such vulnerable attacks and more over defending and shielding the computer from malicious attacks.

Though the government and internet councils has been trying to regulate the law of encrypted internet still it’s a very difficult task for them, due to lack of awareness. So once the awareness is being created, then we can assure that the future is secure. From present to future these changes will happen gradually from tiny to complex security. If any organisation wants to monopolize their security applications, then we are not getting the better security solution. The reason is more the competition is; better the product would be. So let’s welcome competition.

- Yuvaraj

Hermesmyth

Your Marketing Partner
http://www.hermesmyth.com

Top 10 Reasons to have an Internet Security Suite

2008-11-05T06:25:00.000-08:00

There might be thousands of reasons to use internet, but I would like to tell the top 10 reasons, to why you should have an internet security suite installed in your computer.

1. To safeguard yourself from hackers and phishers
2. To protect your identity and confidential information
3. To stop viruses, Trojans, Keyloggers, spyware and other malicious program running in your computer
4. To manage and prevent buffer overflow attacks
5. Parental and Privacy control
6. To stop unauthorized intruder accessing your computer
7. To avoid unwanted system crashes happening due to changes in the systems security settings
8. To prevent yourself from unwanted network, web-access and email traffic
9. Web Content-Filtering
10. For you to have COMPLETE PEACE OF :)
- Yuvaraj
www.k7computing.com

Types of Phishing Methods, How to report Phishing attacks?

2008-11-03T23:31:00.000-08:00

Before we start proceeding with the types of phishing, let’s understand what is phishing? Phishing is a kind of online fraud or theft committed in disguise over the internet. The interesting thing here is phishing websites are live just for an average of 6 hours, though the latest trends report that an average time a phishing website online is around 3.8 days, with one or two updates. Within this time line lakhs of internet users fall prey to the phishers. You may ask me, is there a way to stop falling prey to the phishers completely. My answer would be a big “NO”, because most of them are not aware about what are phishing attacks, and the approach of the phishers. Once people, I mean the Internet Users are aware about the phishing technology used, then on an average of 75% of cyber users can be safe.

I see most of the people can live without a girl friend, but not without a internet says one of my blogger friend in his Everything about security blog under the topic Internet Security – The Purpose Internet Security Market Computer Security.So let me explain certain methods a phisher or an online thief uses.

Types of Phishing attacks

There are different methods of phishing; a phisher counterfeits to steal an identity and confidential information. The phishing methods include

Deceptive Phishing – is a method in which the phisher creates an email messaging stating that account is expiring or suspended and some other reason, with a URL, which intends to be looking like the original website. But if clicked the site will be redirected to a fake URL. For instance, if a original site is http://www.example.com/, the site will take you to www.fake.example.xxxxx.com/jfj387e3fd or so. So if the user gives the information, he would be falling prey to phisher.

Also see how the a phisher shoots email and website claiming to be from Axis Bank formerly UTI Bank here - http://yuvi-internetsecurity.blogspot.com/2007/03/uti-bank-be-alert-and-be-safe-from.html

Malware Phishing – refers to malicious software based phishing attack. The phisher creates some malicious software in form of exe and injects it into a user’s PC over the internet. So malware, gathers all the necessary information and sends it to the third party, i.e. the phisher.
Trojans and Worms Based phishing, mostly commonly enters in to the user’s PC via email or some other unwanted website, when the users downloads an email attachment or so invisibly and collects the confidential information from the user’s computer and transmits it to the phisher.

Spyware and Keyloggers are also kind of malwares, which monitors the systems activities and note the keyboard impressions and send it to the phishers. The phishers will use this key typed data and recognizes the password to hack a computer.

Online Session Hijackers monitors the users activities, and targets the sign-up, sign in times, once the session is started, the virus or worms make an unauthorized transaction without the user’s knowledge. The User would be realizing that additional funds have been transferred to some other unknown account, only when he sees the transaction receipt or statement.

DNS Phishing Method is a method where the host file is being poisoned with some other bogus fake address. A fake website is created like the same original website, and when the users believes it to be a real website and enters his confidential information he/she falls prey to the phisher. This is also known as Pharming, as a fake website is being created and managed by a phisher to steal user’s identity.

Faulty Website Phishing – A phisher registers with a website address similar to the one already available in the website. For example – my original website would be http://www.ezencrypt.com/ whereas a fake website would be created in the name http://www.ezncrpyt.com/ ,which ad user won’t be able to identify it, as the name is similar. Also sometimes, when the URL is being added in the favourites in browser would be changed with the faulty website, and the phisher would be easily able to gain access as the user believes that it is from the favourites, and a true website he added to the favourite folder.

Content Injection Phishing is a method where the phishers gains access to a legitimate website and changes the content of the page, with his fake content to redirect the website visitor to his fake website, to gather their information steal their identity.

Man-in-the-Middle attacks – is a kind of phishing attacks, where a phishers plays the role of an intermediate between two users to complete an transaction, and once the any of the users go offline, they will secretly collect all the information and sell or use it for stealing financial information. This kind of phisher are difficult to identify as the transactions would be completed success but later only realised that some confidential information has reached to a third party and used when the users system is inactive.

There are also phishers who creates website more attractive, stating that they can purchase things at attractive discounts using their credit cards and so. When the user gets attracted to the phishers discount offer and purchases, the credit card would be charged, but they won’t get the material or the product ordered, and finally realize that there is not physical address existing for that website.

How is a phishing attack reported?

If you find or feel that seems to be phishing website you can report it to APWG (Anti-Phishing Working Group). The life of a phishing website is minimal because, if suspected, the criminals would be caught red-handed easily. So they make it live for few hours, shoot an bulk emails, see how many people fall prey to their attack, gather the information, steal their identities , financials, and anything that is possible and make the website inactive. The mail would be shot to thousands and lakhs of internet users, out of which a few might report it and the site shut down process and tracking the criminals would be taking place. Say for example if an phishers creates a fake website for online banking or online shopping site, and shoots out a bulk email, they customer may report it to the concern organisation, bank or shopping site domain holder. So the domain holder will report it to the local Computer Emergency Response Team, who will in turn check out and report to the cyber crime authorities, and the cyber crime police authority will check from where the website is hosted, and asks the concern ISP to stop or de-activate the IP, and see who has did such kind of fake website and nap the thief. Because of getting caught the phishers make the site active only for few hours.

Also we have been updating the virus news and vulnerability news in www.k7computing.com under the topic virus and risks, thought you would be interested in knowing the lastest security threats news. :)

Also know more about adware, spyware, virus, rootkits, trojans, firewalls at http://yuvi-internetsecurity.blogspot.com/2008/10/adware-spyware-firewall-antivirus.html

Endpoint Security PC Protection – Anti Virus, Anti-Spyware, Firewall –Intrusion Prevention, Anti Malware Software Program

2008-11-02T22:40:00.000-08:00

What is End-Point Security?

End-Point Security is the measures that are being taken to access the risks at endpoints and protect them. In simple words, endpoint security is the security implementation methods concerned to prevent and protect the network, which include the Enterprise firewall systems, client antivirus with anti malware software program, spyware detection and removal tools to prevent intrusions (Access Control) and delete i.e. quarantine the unwanted programs such as viruses, worms, Trojans, malware, spyware, adware and other hacking tools trying to get unauthorised access to the computer. An effective Endpoint Security system monitors the risks, takes the necessary security measures and also has a reporting system to provide the results of the security measures taken by the end-point security system (Firewall, Antivirus, or internet security suite) through log files, which would be used by the management and administration, to make more effective build.

What is the benefit of using an Endpoint Security System?
The security threats and vulnerabilities are always in an increasing rate day-to-day. So it has become essential to protect the WAN (Wide Area Network) and LAN (Local Area Network) Endpoints. So an Effective Endpoint Security if implemented maintains a safe productivity level and helps the businesses to improve their business results by preventing losses that occur due to vulnerability and security incidents happening over the computer network.

What are the current security threats and vulnerabilities?
New types of internet security threats are emerging on a regular basis, which makes our computer vulnerable to hacker attacks. The vulnerabilities include buffer overflow attacks, key-loggers (Key Stroke Loggers), spam emails, email worms, zombies, Trojan horses, DDOS Zombies host, spyware, adware’s, malware and so on. Also nowadays many of these types of vulnerabilities and threats are being injected into the computer, when a user downloads a free software, or gaming, or porn websites, and even via unsecure emails, which causes disruptions to the endpoints. Since most of the business transactions are being transmitted over the network, the endpoints have now become the primary target to phishers and hackers. So the enterprises needs to confront for the endpoint security systems to secure the core business related materials and confidential information. Click to view the current internet security threats and vulnerabilities.

Endpoint Security System – What does it consist of?
An Endpoint security System tools include Client Antivirus, Firewall – Host intrusion prevention system, Anti-Spam with Email Scanners, Anti-Spyware removal tool, adware blocker tools, root-kit prevention, anti-Keyloggers programs, endpoint vulnerability assessment tools, patch management remediation programs, client remote access (IPSec VPN , SSL VPN ie. Secure Sockets Layers Virtual Private Network), Regulatory Compliance, Endpoint management and policy enforcement, host detection and compliance, endpoint policy development and communications, Reporting and logging security threats and vulnerabilities, and action taken to prevent them.

Also read http://yuvi-internetsecurity.blogspot.com/2008/10/adware-spyware-firewall-antivirus.html

Cyber Criminals and Internet Security

2008-10-25T03:48:00.000-07:00

Today internet has become one of the most essential parts of the human life. Any small or big information that needs to be known is got in a fraction of seconds over the internet. Why Internet? – Because internet is a vast source of data and information. So let it be a shopping, banking, education, games, email or anything else, people just login to their computers, connect to the internet and source the information by just logging in to their online accounts. Just a small wonder, the prefix “www” we type in the address bar itself says “world Wide Web”, which says World Wide Information resource. So to safe guard the vast information resource, cyber security had been made the essential part of the internet, by the internet security industry.

Internet security industry as a whole compromises of internet security tool & applications, software and hardware development, new government rules and regulations, website security, network security and all the other things that is related to the internet. There are so many internet users prone to cyber attacks and become victims of identity theft. That is because people are not aware about the cyber criminals, waiting around in the internet to capture their data. So there is a need to educate the people about Information Security, and the enterprises, banking industry, Shopping portals, email service providers and all who have an online source have started alerting their customers, and their website visitors stating what needs to be checked while logging in to their accounts and so on.

How do cyber criminals act?

Cyber criminals pose to be “Phishers” or “Hackers”, who try to intrude into your network to gather all your personal and confidential details, for the sole benefit to acquire financial related information. To capture your data, cyber criminals, try to run spy bots- in a user’s computer by combing some spyware programs along with some freely available software. Once the user downloads and installs the software, the spyware also gets installed without the user’s knowledge and starts capturing all the information in the user’s computer and transmits the information to the third parties who we term as Cyber Criminals. So with the information the cyber criminals receive over the network, are used illegally to access the account of an unknown person, and take the necessary data, finance etc and elope. Finally the person who lost his money recognises that his identity is stolen. Not only the cyber criminals uses spywares, spy bots but also adware, viruses, worms, Trojans, Rootkits, key loggers and so many possible ways to hack a computer over the internet.

How to shield your computer from Cyber Criminals?

As the identity theft has increased today, the internet security software and hardware providers have been bringing many advancement to erode the activities of cyber criminals by providing latest internet security suite which include Anti-virus, firewall, antispyware, adware removal tools, parental control, backup, privacy control and many more computer security tools to shield a computer. Not only that many web services security companies along with webhosting companies provide measures for securing a website, and to prove its identity, and more over with antivirus solutions to protect the user’s computer, while uploading the relevant files to make a website live. Also many internet security forums, and consumer security forums, corporate, banks, educational institutions and all other people who are engaged to do business online has started creating the awareness to the consumers / customers, so that they won’t fall prey the phishers or hackers.

As a part of internet security awareness program, being a part of K7 Computing, I would like you to suggest K7 Computing Total Security, an internet security Suite, for you to have an enhanced and advanced protection for your computer.

Adware, Spyware, Firewall, Antivirus, System Monitor, Privacy, Parental Control Software – A Glossary

2008-10-22T23:37:00.000-07:00

Adware
A form of advertising that is being integrated in most of the free software’s. They are usually commercial banner ads or popup advertisements, which slows down the system process. Adware gets installed without the user’s knowledge, when the user downloads certain free software for his own purpose.

Adware Remover
Adware Remover or Ad-ware removal tools are kind of internet security tools which prevents and protects a user from adware’s getting installed without his/her knowledge, while downloading free software’s over the internet. An Adware removal tool is also known as Adware Blockers.

Spyware
Spyware is a form of software that gathers the computer activity and information secretly and transits to third parties when a user surfs the Internet. Spyware gets downloaded and installed automatically without the user’s knowledge.

Anti-Spyware
Anti Spyware or Spyware Removers is software that is developed to detect and remove spying software being installed in a computer. Notably most of the spyware removal tools are developed in a way that it not only eliminates spy bots but also malwares, key loggers, root kits, browser hijackers, worms, Trojan horses, and other potential computer viruses.

Malware
Malware is termed as Malicious Software. Any software that is designed to disrupt a network, in the form of viruses, worms, Trojans, or any other illegal programs is termed as Malware.

Key Loggers
Keyloggers are programs that are being installed invisibly in a user’s computer without his /her knowledge to record the entire keyboard / keystroke activity, and pass it on to third parties, online thieves such as phisher or hackers.

Root Kits
Rootkits are small programs designed to steal passwords, and other confidential information from a computer, without the users’ knowledge. These Rootkits captures the user’s personal and confidential information and transfers it to hackers.

Firewall
Firewall is also known as hacker intrusion prevention system or access control software. A firewall monitors the system traffic and alerts the user when there is some suspicious network that tries to gain access to the computer. There are two types of firewall – Hardware Firewall & Software Firewall.

Anti-Virus
Antivirus is a software program, which scans, detects, and prevents a computer from potential virus attacks. Nowadays most of the Antivirus software comes not only with Virus protection tools, but also with adware protection and spyware prevention tools.

System Monitor
System monitor are application that are being installed in a computer, to monitor the entire performance and activity of a computer, and alerts the user when any miscellaneous application is trying to change the computer’s security settings.

Privacy Control
Privacy control provides security for the users by providing him/her a security space to store all his personal / confidential details such as passwords, social security numbers and so on, which can be accessed only by the specified user.

Parental Control
Parental Control is a feature mostly used by parents, to block certain illegal, porn, gambling and other insecure websites, while their children surf over the internet. Nowadays privacy control and parental control features comes along with any internet security suite software’s.

Greetings! Happy Diwali Wishes! Have a Safe & Secure Diwali

2008-10-21T22:02:00.000-07:00

The festive season has begun in India, now it’s the festival of lights – Diwali. People have started getting so many diwali greetings and product discount offers over email. Keep in mind this is the time for business and purchases, and also a hacking ground for phishers. When you receive an email stating, that you have won a lottery or get heavy discounts and you are interested to purchase, see if the website is secured with SSL (Secure Sockets Layer) certificate. And also I wish you need to have an updated trusted version of desktop security products like anti-virus, firewall, anti-spam and so on. Because if a phisher tries to send a fake email or email with virus, Trojans, it would be quarantined or blocked by the help of internet security desktop products installed in your computer.

And people who wish to do physical shopping be aware that there might be pick-pockets/ thieves in crowded areas, who steal your wallet. If you have got debit cards, credit cards in your wallet and you wallet gets stolen, be sure you call the concerned back customer care to block your card. And also don’t reveal your password or the three digit secret pin behind your credit card to any one, because that may lead to misuse of your card.(Might be a person who sees the card number and hears the pin, then he may use it in online shopping portals easily). Have a Safe and Secure Shopping and enjoy your festive season.

Wishing you all a Very Happy, Safe and Secure Diwali (Deepavali) :)

Parental Control, Privacy Control Software – Is that really necessary?

2008-10-18T04:33:00.000-07:00

The answer for parental control is YES! Nowadays most of children in the age of 3 itself start using the computers, for game or fun. Recently I visited one of my friends house, and was surprised to see that his 6 year old son, came from the school, and asked “Dad, Is the computer ready?” and my friend replied “Yes”. And his son threw the bag, went had his biscuits and sat in front of the computer, switched on, and asked “Where are the games?” As my friend replied, as the computer crashed, all those gaming software being installed were lost. The little boy without hesitating, said ok, and just opened the IE (Internet Explorer) browser, typed http://www.google.com/ in the address bar, and was searching, free games. Within a fraction of minutes, he just went into a website and downloaded the software, installed and started playing the games. Here is how the problem starts, the kid he knew only to download the software, whereas he is not aware of the prevailing internet security threats or any other thing. So the parents should set an access control to the websites they enter. So the access control software we term as Parental Control.

Parental control or privacy control is an essential feature because, the parents can set some rules stating that the children can access only specified sites and block access to pornography etc. Most of t he children they come to the gaming sites to play some online games, the thing is suddenly a window pops up with porn picture or so, and even asking to download a new game, which may consist of some viruses or Trojans in it. So the children unknowing as an entertainment download them with an interest to play a new game. So parents need to concerned about their child’s online security, have some restrictions. Also it’s a responsibility of a parent to have an internet security suite which has privacy / parental control feature in it, and also the suite will have virus removal tool, with firewall – to stop unauthorized traffic entering your network.

There are a few internet security software companies like K7computing, providing advanced level of parental control in its Total Security – internet security suite. K7 Total Internet Security Suite has a privacy / parental control with features, where you can allow and block websites and also allows the user to set a timer, from when to when the internet can be accessed. This is very useful for parents, who have children spending time in the online internet games for long hours. The parents can set the time to grant / restrict access to the internet to their children between two specified time. Say for example, Grant internet access between 1 PM to 3 PM only, so after 3 PM, the internet will get disconnected. This is an advanced feature in K7 Total Security.
Also it is good to advise the children not to download anything without their (parents) knowledge so the computer won’t be affected by any miscellaneous operations. Also I wish you read an general instruction about mobile security ,which we need to be aware of being a mobile phone user.

Measures for safe and Secure internet and computers

2008-10-14T02:37:00.000-07:00

The world is now connected to the internet, and almost 65% of the world population has started using internet as the mode for communication, banking, shopping and so on. In olden days all the official and personal data are being hand written or type-written in papers. So if an thief wanted to steal the data he needs to come, break the door and steal some confidential data and use it. So there were security guards and burglar alarm being placed to prevent, protect and safeguard from theives. But now the paper age has gone and computer age has boomed with recent technology developments. Since the invention of internet in 1957, when the soviet union started sputnik 1 its first satellite to beat the United States space, the internet age started. The invention of the internet made an easy choice for the theives, who we term as hackers (Online theives) steal the data from computers using the internet gateway. So to safeguard against data theft, we need to prevent and protect our computer from such kind of phishing and pharming attacks. I wish you can download your free trial version of Total Internet Security Suite, to check how it works and safeguards your computer.

So what is the security measures that needs to be taken to prevent identity theft?

As said earlier, in olden days we used security guards to protect an theif entering our office, likewise we need to have an protection software i.e. access – control software to be installed in the computer to prevent an hacker entering our system/network. So proactively an Desktop Firewall software needs to be installed which functions as a hacker intrusion prevention system. The firewall alerts the user whenever some one is trying to access our computer. So its our choice to allow, deny or block access to our computer network.

If at all, an thief enters in our office in disguise, showing an fake identity to the security guards, and once the security guards, knew that a thief has entered the office showing a fake identity, they will need to get alert and start detecting and prosecute the theif, and leaving him behind the bars. So comparitively if a user unknowingly allows, an application to enter into the system, and comes to know there is some changes happening in the computer automatically without the user‘s knowledge, the user needs to get alert on the issue. As the hackers, phishers try to get into the system writing some mailcious Software program ie. Malware or by using spyware, virus, trojans, worms etc to fetch the confidential data from the users computer on the backend. So inorder to detect and quarantine an unwanted program from our computer, an anti-virus software needs to be installed. An anti-virus software functions as a detection and virus removal software. Also some antivirus software comes with a Spam control option, where it would actively stop you from receiving spam mails, by blocking them.

Like having the burglar alarm, security guards and cops to safeguard your premises, its always good to have internet security suite as a computer security program, to prevent unethical hackers, known and unknown potential viruses and so on to have a safe and secure internet access in our computer. To prevent and protect is always better then cure. So its a good thing to have a computer security software, which acts as a protection, prevention, detection and cure tool. The recent IT trends has been giving so many technologies such as wireless internet access, laptops and so on, which is misused by the phishers causing serious internet security breaches. Though the internet threats are increasing day-by-day, as a user we need to be aware about internet security threats and protect ourselves from getting into the prey for phishing and pharming attacks.

Yuvaraj : K7computing.com

Recent Internet Security Threats and Predictions for 2009

2008-07-23T03:45:00.000-07:00

Like the growth and latest developments in the technology, the worldwide internet security threat activities are also on increase. Since the day the Internet emerged to till date, the users are vulnerable to attacks by one way or the other. Though there are advanced internet security software technologies growing on the parallel side to crush or kill those internet security threats, till the spammer and the phishers are not ready to give up and continue with the phishing attacks, network-attacks & spamming by giving out malicious i.e. malfunctioning codes. Likely this sounds as a “Chase and Run” of the internet security software providers, the phishers and the spammers.

To point out, most of the internet security threats including the recent threats for 2008 is due to the malicious activity. The malicious attack or activity not only include malware attack activity but also includes phishing, pharming attack, zombie, virus, spam, malicious code, command and control over server activities and so on. The question is why these (PC’s / Computer) systems are prone to such kind of attacks? The answer is pretty simple, because they are vulnerable i.e. Susceptible to attack. So the solution bought to overcome this kind of Vulnerability is the Intrusion Prevention System, IDS in short. The IDS is nothing but the Access Control Software namely a Firewall, which prevents an intruder from entering into your system using spam bots or any other means.

The most recent on-going internet security threat attacks, where consumers use to fall prey are the data breaches which lead to identity theft. This identity theft is done when the Web browser or the plug-in or the Web application is vulnerable. Also nowadays hackers use site specific and do cross site scripting to acquire the confidential information of a user. This kind of cross scripting is done mostly for the banking sector. To resolve this kind of website or web browser vulnerabilities, the SSL (Secure Sockets Layer) certificates are being implemented to have a secure session where the website address beings with Https:// instead of Http://. Later the EV SSL Technology i.e Extended Validation SSL certificates have been initiated by a internet security software development company, known as Comodo, which formed the CAB Forum i.e. Certification Authorities and Browsers Forum to provide High Assurance stringent validation certificates. After such a hard time defense against the Zero-day attacks, patch development vulnerability, phishing attacks, pharming attacks and malicious code attacks till date of 2008, now security professionals and analysts have started working out for the internet security threat predictions for the year 2009.

As far as the prediction made, there would be more and more internet security threats would be similar to the recent threats along with the form of virus, worms, and spam bot-infections etc. And most of the attacks would be made by the phishers sector wise which involves huge financial transactions and mostly using the cross site scripting. Also Phishers have begun targeting the top countries and host companies which may result in severe attacks in future. So unless and until the user, let them be a consumer, bank, institution, or a corporate know about the vulnerabilities prevailing, the attacks can’t be prevented. So consumers need to be educated on the security measures and the authentication models before they become the victims of identity theft or network attack. To be on the safer side corporate’s also need to prevent themselves and protect their consumers to have a good business.

Written by - R.Yuvaraj
www.ezencrypt.com
www.jobsntech.com

Internet Security Principles in Banking Technology & Recent Phishing Method

2008-05-27T00:18:00.000-07:00

Recent IT trends has given special focus on the internet banking security principles inorder to prevent consumers falling prey to the phishers while banking online or involved in any such financial transactions. Recently the banks has been providing their customers with certain Online Banking Security Guidelines while opening an general banking account or Online banking account as a measure of creating online banking security awareness among their consumers.

It is evident from the most recent phishing attacks worldwide that online banking constitutes different risks for which the banks have to take some countermeasures to safeguard their consumers from such kind of internet security threats. The banks also need to be ready to identify the treat and defeat them as well as if there is any such incident that happens in spite of such kind of internet attacks (eg.hacking) the bank should be ready to respond to it immediately by either disruption of banking services, before the hacker can use or materialize that information which the hacker hacked from the online banking user (i.e. Consumer / Banking Customer).

Deceptive phishing has been the recent online banking threat, where a mail is being to sent to your inbox, claiming that its from the bank (which the user holds an account with), and states due to some reason like up gradation or some change you need to sign in to your account using an website, which is being linked to the hacker’s server. Once the user without verifying the security credentials logs in to the account, all the information including the transaction password would be re-directed to the phishing server, and the the hacker uses the information and steals the money from your banking account. For example, recently I received many emails to my inbox claiming to be from Axis Bank but they are not, asking me to upgrade the account. Some time back I got an mail from UTI Bank – Now Axis Bank, regarding the same, which means the phishers are updating all the logos, etc on a regular basis to make us fall in their cage. But we ought to check out the security credentials such as pad lock, the website address in the address bar, if via email, whether it is really from the bank or so on. Also read about the fraudulent email which I received sometime back from UTI Bank – Now Axis Bank, and again I received similar kind of email from Axis bank with the updated name. Here’s the link for you – UTI now Axis Bank Fraudulent Email.

Also I wish you would be interested in getting some free software download as a measure internet security & Personal Computer Security visit www.ezencrypt.com and also buy your SSL certificate now at cheap costs here.

Enterprise Information Security and its Standards | ISO and CMM Cerfications | VPN and Enterprise Security Softwares

2008-02-29T03:46:00.000-08:00

Enterprises today are experiencing a pressure to comply with information security and practice safety standards such as ISO (International Organization for Standardization) to reduce the potential liability in the event of serious security issues– let it be Physical Security or Online Internet Security. Also see Past, Present and Future of Internet Security. So inorder to maintain the information security in the organizational standards, the enterprises has to follow certain rules and regulations given by the International Organizational Standards to ensure that the information security requirements have compliance with statutory regulations of the Company.

Those include so many security measures that needs to the covered by the organization, which is given by leading security control sectors which establishes certain guidelines and general principles for initiating, implementing, maintaining, and improving information security management and the objective outlined which provide general guidance that is commonly accepted goals in an Enterprise’s information security management such as Enterprise Security policy which include information security; asset management; human resources security; physical and environmental security; communications and operations management; access control; information security incident management; compliance and much more.

When it comes to Technical / Online Internet Security, it should compliance with regulations and standards of the enterprise. In an Enterprise the systems are more vulnerable to number of threats to which some of the preventions tools and software needs to be implemented to protect intruders entering in your system. This kind of information security is achieved by implementing a suitable set of controls, which include policies, processes, procedures, organizational structures, software and hardware functions. Such kind technical security controls can be executed by the workstations, servers, enterprise security software tools, routers, switches, firewalls, and other systems that comprise our IT networks and the Internet that enable you to automate your security policies that grant you access and privileges of identification and authentication, logging and auditing to provide high level’s of security regulations and standards.

Also some of the security measures which you implement in transferring the information, Website Security using SSL (Secure Sockets Layer), EV SSL, VPN’s (Virtual Private Network), Firewall, Anti-Virus and common sense of understanding the SPAM, Palm Security and other security tools will help your organization to grow into a SECURE successful Enterprise or Organization. Also visit http://www.ezencrypt.com/

Download your Linux based Comodo Trustix Enterprise Security Product for free at http://firewall.trustix.com/small/ and also learn more about Enterprise Level Internet Security at http://kriskarthik.blogspot.com/

UK Requirement – Bill Gates is Sharing His Fortune eMail - SPAM Emails

2008-02-11T00:02:00.000-08:00

I have made my previous posting regarding the spam stating nirosha silva , it has been since long time the mail has been in circulation. Still the next SPAM email states its being from Microsoft, with the subject UK requirement which states that “Bill Gates is sharing his fortune” But this is again an SPAM / Fradulent email where many of the people using the internet, forward this kind of mails to their friend and relative, thinking that they would be earning more. But they realize finally that its an mail from a fradulent email. Here’s the mail which I received again from some of my friends. So inorder to educate about these kinds of SPAM emails I have made his post again. Here’s the mail I received stating that For every person that you forward this e-mail to, Microsoft will pay you $245.00. I got this mail some 3 years ago, and still I am receiving it from my friends till now once in 3-4 months or so, which is still in circulation.

From: Originated from someone (email address not available)

CC: sent to so many people (inculding me)

Subject: UK Requirement

Dear Friends,

Please do not take this for a junk letter. Bill Gates is sharing his fortune. If you ignore this you will repent later. Microsoft and AOL are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and AOL are running an e-mail beta test.

When you forward this e-mail to friends, Microsoft can and will track it (if you are a Microsoft Windows user) for a two week time period.

For every person that you forward this e-mail to, Microsoft will pay you $245.00, for every person that you sent it to that forwards it on, Microsoft will pay you $243.00 and for every third person that receives it, you will be paid $241.00. Within two week! s, Microsoft will contact you for your address and then send you a cheque.

For your information:

There are billions and billions of people who use Microsoft service worldwide, then why does Bill Gates wanted to share his fortune. Also a small wonder if Microsoft is going to give $245 to the person who sends the mail, will the company exist if the mail is being forwarded to all the Microsoft users? :) J

So don’t get fooled by these kinds of fake emails, Microsoft would be no way responsible if are being cheated by these kings of fraudulent emails.

I would like you to visit my “Try to understand what is SPAM” posting, to have a clear understanding on what a spam mail is and how it needs to be elimated. Also if you are a victim, just post my link in your email, and send this to friends to educate them about the kinds of SPAMS. I wish you to go through my entire blog to understand about Internet Security and the latest technology to encounter the frauds who steal your identity - which we term as Identity Theft or Phishing attacks. Be Safe and Secure Online – Happy Browsing!

To prevent from virus attacks in your computer, install an Antivirus software and if you are frequent internet user try to download internet security suite

Latest Technology News & Developments in Comodo

2008-01-24T07:19:00.000-08:00

Comodo NewsWire ( http://comodonewswire.blogspot.com/ ) was started to let Consumers / Customers to know about he latest happenings in Comodo. Visit http://forums.comodo.com/ to know about the products which are being developed and is going to be Developed as per the Comodo Security Experts and the views/suggestion of our Valuable Customers/Consumers. Here is an small brief about Comodo.

Comodo, through its group of Internet security companies, is a leading Certification Authority and global provider of Identity and Trust Assurance services on the Internet. Comodo secures and authenticates online transactions and communications for over 2,000,000 businesses and consumers.

With a global presence Comodo offers businesses and consumers third-generation solutions for intelligent security and authentication technologies that create trust online. Comodo's technological expertise includes PKI digital certification, Code signing certification, integrated authentication infrastructure services, Web Content authentication, Secure messaging solutions, PCI compliancy scanning, SSL digital certificates including our flagship InstantSSL brand, HackerGuardian, Banking solutions including Two Factor Authentication, and digital e-commerce services.

For additional information on Comodo - Creating Trust Online™ visit http://www.comodo.com/

Palm Security – Biometric Authentication for your PC – Personal Computer – by Fujitsu Laboratories Ltd.

2008-01-08T23:31:00.000-08:00

Fujitsu Laboratories Ltd. Has developed a highly precise biometric authentication. It has the technology that can verify as person’s identity by recognizing the pattern of blood veins in the person’s palm. This new of Biometric authentication PC Security technology is more useful in the securing your PC. The use of this technology would enable convenient biometric authentication for a wide range of applications, such as safe guarding important information through log in verification for the access to sales, technical or personal data.

How this New Method of Biometric Authentication Technology does helps in PC Security?

This new 2008 technology, in which it has incorporated a prototype computer mouse, identifies an individual by the unique pattern of veins in the palm. Palm vein patterns are advantageous for this purpose because they are unique from one person to the next and expect for the size, they do not change as the individual grows. The authentication process works as follows.

The palm is first illuminated by an infrared light. The veins just beneath the skin of the palm then emit a black reflection, giving a picture of the veins of the palm.

Using a proprietary Fujitsu algorithm, the pattern is then extracted from this picture and is checked against patterns stored in the system if there is a match the person’s identity is confirmed. This biometric authentication will surely help computer users securing them from identity theft. Also some measures have been taken to build this technology into wall-plates or mobile readers for other applications – Which were previously used by having stored the thump impression. Now it would be the palm security for 2008. Biometric security is both easy to use and hard to defeat, so its no surprise that finger scanners are popping up on notebooks as well as PC peripherals. But once you have swiped them anyone can use the computer. Now around 700 people were experimented with this new technology. Fujitsu has not yet begun selling the Palm Secure PC login kit. Also keep in mind that the Palm Secure works only on Windows XP and Vista. If you want to have managed multi-user biometric authentication across the enterprise’s PC’s, you need the authentication server edition.

Continuing with the PC Security, you also need to have the Desktop Security and Internet Email security products as well. The job would be to be more safe and Secure from the world of phishing or virus attacks.

JobsNtech - Jobs & Technology - IT Security - Wishes Very Happy and a Prosperous New Year 2008

2008-01-08T22:35:00.000-08:00

Wishing You All a Very Happy and a Prosperous New Year 2008

We hope you had a great Christmas and New Year Holiday and now back to Business. The IT Field has been booming in Chennai, India and So many IT, ITES, BPO companies has been set up here, with the headquarters in US, UK , Australia and other foreign countries. So inorder to have a secure access of the server and secure transmission of files, VPN’s are more important. And also being doing international business which includes secure and safe banking, secure financial transactions need to be carried on for online shopping too. Hence there is need for the Internet Security, to know more about the internet security measures have a look at the entire blog. And also if you are looking out for a change or wanted to pursue a career in an IT / ITES or Non-IT sector in the blooming hot IT hub Chennai, India - post your profile to JobsNtech i.e. Jobs & Technology HR Management Consultancy Services, who are currently in the look out for clients and candidatures.

Is your System affected with Virus, Trojans, and Worms? Here’s the security solution

2007-12-05T22:48:00.000-08:00

Is that your system is affected by any deadly Virus, Trojans, Worms or Rootkits and you are unable to open or run any applications, here’s a few easy help guide to remove those.Also consider the Future of Internet Security.

Steps to follow to disinfect/ cure the Virus, Trojans, Worms or Rootkits in your system. So understand where you need to consider the Internet Security.

If you already have installed an Anti-virus in your System do the following -

1.) Go to My Computer> C: (C Drive), Select C Drive and Right Click > Select Scan for Viruses [ Also do scan for the D: Drive too]

2.) If the your Anti-Virus detects any virus and is unable to delete it, and you feel that the entire system is infected with that virus, you got to clean it from the Registry or you got to recover your system, follow the instructions to securely recover the data without any harm to your computer.

System Restoring:

Step 1: Start > Program Files > Accessories > System Tools > System Restore

Step 2: A window will appear. Select the date, in which your system was performing good.

Step 3: Click “OK” and Restart.

If this also not works, you got to clean your system by using the Registry. Also see that what the Operations are running in your system during the Startup.

Checking the Operations/Tasks Currently running in your system.

Do Follow: Start > Run (Type “msconfig” without Quotes> Click “OK”

You will see a Window with the following System Menu: General SYSTEM.INI WIN.INI BOOT.INI Services Startup

Click Services and Startup and check if any unwanted application is running in your system. If an unwanted application is running in your system, remove* that application, if you feel that it is surely an unwanted program or you can also click Ctrl+Alt+Delete in your keyboard, go to task manager and then processes and remove the unwanted application.

To Enter in to System Registry

Click Start>Run (type “Regedit” without Quotes) and Then go to the Virus infected application. You will see an application, that the virus would have made an entry in it, and select and delete it.

Also you can open Registry like this.

1. Start Registry Editor (Regedit.exe).
2. Locate the following key in the registry: HKEY_CURRENT_USER\Control Panel\Desktop

Mostly when you go to regedit, be sure you check the Windows and System32 as mostly the virus mostly infects them.

If you don’t have choice to open any of Regedit or application or msconfig, there is no option, then you got to Format you C: Drive, using a boot up disk. Make sure, you take Back of all the data’s, to the D: Drive after scanning for viruses.

Once you finish the formatting, First thing, consider your system security and have an good updated Anti-virus System, Updated Firewall, Antispam and other Spy wares to prevent future Virus, Trojans, Worms or Root kits attacks.

Help us provide you a better Internet Security filling up this Internet Security Feedback Form. Also learn about Website Encryption here - www.ezencrypt.com

Be careful when you SMS... General Mobile SMS Security - Mobile Security

2007-12-05T21:46:00.000-08:00

This is regarding the General Security, We got to know in General about the Mobile Security as well as our Security - to be Safe from the Credit Card and Debit Card Theifs. Here's goes the security issue story that happened to be real - Just an story for the General Security And Identity Theft Challenges.

Be careful when you SMS...

A True Story:

This lady has changed her habit on the hand phone after her handbag was stolen. Her handbag which contained her mobile, credit card, purse etc. was stolen. Twenty minutes later when she called her hubby, telling him what had happened, her hubby says 'I've just received your SMS asking about our Pin number and I've replied a little while ago.'

When they rushed down to the bank, the bank staff told them all the money was already withdrawn. The pickpocket had actually used the stolen hand phone to sms 'hubby' in the contact list and got hold of the pin number. Within 20 minutes he had withdrawn all the money from the bank account.

Moral of the lesson:

Do not disclose the relationship between you and the person in your contact list. Avoid using names like Home, Honey, Hubby, Sweetheart, Dad, Mum etc...... and very importantly, when sensitive info is being asked thru SMS, CONFIRM by calling back.

PLEASE PASS THIS ON TO YOUR LOVED ONES AND FRIENDS

Comodo Firewall Pro Version 3.0 Released - Microsoft Vista™ Compatible Free Firewall

2007-11-27T07:53:00.000-08:00

The most expected Comodo Firewall Pro Version 3.0 has been released. The Free Comodo Firewall does an very good job from a prevent than at a detection perspective. The Free Comodo Firewall pro supports both the XP and Vista (32 & 64 bit) versions and is now ready for download. There are so many major updates made in this free firewall, that it has got multiplex architecture which include the features of Anti-Virus, Anti-spyware, Anti-Malware, Rootkit, Trojan and so on.

The advancement in this free version of Comodo Firewall has been a welcoming one worldwide. To know more about this advanced version of Comodo Firewall Pro – Visit http://www.personalfirewall.comodo.com

Email Encryption and Data Encryption – The Current Security Trend

2007-11-01T08:25:00.000-07:00

Not only the IT companies but also the other sectors related to IT uses less security IT systems. For the past few months there have been new threats on the internet so the levels of the security obviously need to be increased. About 99% of the internet users use email as one of the potent business tools as well as personal tool, this is of course a vulnerable system for attack. Visit www.ezencrypt.com.

Securing the email must be the top to-do list of any corporate security expert in an organization. If the organization uses the emails for transferring more important and high confidential matter via email then there is an need for secure email gateway or encrypted email. Not only secure email systems but also other internet security desktop products such as anti-spam, anti-malware, anti-virus or firewall should be installed to have an highly secure environment over the internet.

Many corporations use an email gateway that encrypts messages as they leave the corporate perimeter. The problem with this approach is that it leaves internal mail completely unprotected and vulnerable to data theft, packet sniffing and malicious insiders. Though some of the organizations are comfortable using the VPN’s (Virtual Private Network), still if the organization is big, they need to provide an higher level of email security to save all the important and unimportant information sending/receiving out via their network, in a way that they are not vulnerable to malicious attacks.

Inorder to provide an suitable email encryption option, the point is to install an email security technology that would encrypt all the message/email that are sent from a client to any other client. If such email encryption technology is implemented, then there won’t be much insecure email traffic. The latest technology has been providing high end security tools and software, which is being integrated in the email system, which has made the email system management more easier and secure. So if any organisation that handles sensitive data or shooting out confidential email then email encryption is a must.

The email client encryption solutions are now extensible and are sufficient enough to take part in the enterprise encryption strategy with easy and flexible deployment. Now its almost high time, that all the organizations which use or do business via internet are vulnerable to attacks from hackers, so it’s a must that there should some standardized measures and polices that needs to be implemented, to have an secure internet and secure email system.

Incase a business or organization does an business via Internet in their own website also needs to have SSL security or Extended SSL encryption, Email certificates, etc and also should educate the consumers in doing an secure eCommerce business, inorder to prove their business identity and assurance by proving them that they are doing secure shopping.

Also take a minute to answer this survey inorder to provide you with more secure environment over the internet – Internet security Form

Download your free secure email encryption certificate here and buy you Website SSL Encryption Certificates here at www.ezencrypt.com

Internet Security Feedback Form | Questionaire

2007-10-28T22:32:00.000-07:00

This posting I decided to know your valuable feedbacks which would help us in building an effective best free software security solution for all your needs.

Solid protection is that the software should have many useful security features, with effective funtioning. As per economics "There is nothing Permanent expect Changes" - This rule fits to the software visibly.

The fact is that when a software is being created and released the consumers feel that it would have been better if this software has got this(additional - which they expect to be in) feature too.

So the demand for the features keeps on increasing whenever an software is released. And the better overall performance is when the software satisfies the present internet security threats.
Though the Basic features with a combination of few advance features are given by the security software developers for the present scenario, still the security tools you need may lack some few features, when you come across some new threats.
Also its not only with the desktop security products but also with the registry scanning, scanning of websites, or website security etc consumers always look out for the up-to-date technology.

And whats Next? I think with your past experiences over the internet would help to give your valuable suggestions in getting an more quality software online for free.

For that developers have to think what would be the next. Not only the developers of the software also you - the person who is going to use the software. So I thought that it would be good if I am able to get the feedback from you itself, so that we would be able to build an very good security suite that may be up-to-date with all your expections.
Also go through my entire blog and check out some of my writings, security tools, free security softwares etc.
A few post of mine would help your think about what are the software avaliable for free? About the future of internet security, Desktop Security Tools for free and so on.
Just visit my entire blog posting so you would be able to understand what the past and present scenario is! and few good extracted articles which might help you in think about the future of internet security too.

I hope you would help me in building a very good security suite filling up the Internet Security Questionaire.

This form would help me in getting your opinions to our software developers and for you in getting the best software. :)

Name:
Email Address:
What is your Website?
What are the Security Softwares have you got installed in your PC?	Firewall AntiVirus AntiSpyware Anti-phishing Tool Bar Others None
How much are you ready to spend to buy an Internet Security Suite?	<$25 $26 - $50 >$50 Depending on the Security Suite
What kind of free Internet Security suite do you require and with what features?

create form

Advance Christmas Wishes! – The Shopping season has begun, is that your online shopping is Safe?

2007-10-26T02:17:00.000-07:00

The Christmas season has begun and you have planned to buy so many gifts for you, your children, friends and relatives. Beautiful & Attractive wordings on the internet, for welcoming you for the online shopping stating welcome to our online shop, buy christmas presents and christmas gifts here!, Christmas cards, Clip Art, Gift Paks, crafts, decorations, Xmas recipes, shopping, christmas songs CD's & DVD's, stories, traditions and more. Buy one get one free and so many direct & online shopping ads and much more, but are you going to shop safe online?

Here are a few tips I wish would help you out getting your shopping genuine and healthy.

As the festival season has begun, the fraudsters and intruders are ready to break your happiness by just shooting a simple email to your inbox. The Spammers are creating so much attractive content that states, they are real one. But how do you know that the mail in your inbox is a genuine one and you are not spammed. If any links are specified in the email for buying something and its asks for your personal or credit card details check if that site has got a golden yellow pad lock, and the website begins with https://

See that you system has got a Firewall or Antivirus software, because the Spammers or Fraudsters may attach some virus or Trojans to their mail attachments. And also have a firewall so that no unknown person can access your system

Don’t buy online anything, unless you believe that its an secure website. And also try to install an anti-phishing toolbar which might help you in identifying the secure website.

Always check out whether the site is secure or not, by seeing the pad lock and its information (SSL Certificates). See if the website address matches the information provided in the pad lock information.

You can try to have the some of the following software’s for free which might help you in safe online shopping. Also ready my posts about anti-phishing toolbar, what is Spam?, Secure Banking Transactions, the expanded internet security SSL technology and also what’s the Future of internet Security to be safe in coming up online shopping sessions and so on.

So make your Christmas wonderful with secure shopping. The secure online shopping will make your money worth with good spending. So many online shops have implemented the secure internet strategy to welcome and help the consumers in secure online shopping and have safe internet sessions while they do online shopping.

Happy Christmas and a Very Happy (Online) Shopping! Lets this Christmas be unforgetful with your new gifts and cards.

Please fill out this form to help you serve better: Internet Security Feedback Form

SSL Encryption and its Methodologies | Encryption Systems | Symmetric Key | Public-key encryption | Authentication | Digital signatures | IT Security

2007-09-20T04:54:00.000-07:00

I have been receiving mails for quite a long time asking how does encryption work i.e. the Public Key and Private Key work. So I was wondering how to explain them with examples. So I got a very good simple stuff from the web, which is really very good content. Here’s the extract for you. Though this is pretty big content, its worth reading. Also visit www.ezencrypt.com

What is SSL Encryption and why is it required?

SSL Encryption or Https is a technique used to safeguard private information which is sent via Internet. To prove the site's legitimacy, the SSL encryption uses a PKI (Public Key Infrastructure) - public/private key, to encrypt IDs, documents, or messages to securely transmit the information in the World Wide Web. In order to show that our transmission is encrypted, most browsers will display a small icon that would look like a pad “lock” or a key and the URL begins with "https" instead of "http”. SSL Encryption or https from a digital certification authority will help a secure site with confidential information on web.

Encryption Systems

Computer encryption is based on the science of cryptography, which has been used throughout history. Before the digital age, the biggest users of cryptography were governments, particularly for military purposes. The existence of coded messages has been verified as far back as the Roman Empire. But most forms of cryptography in use these days rely on computers, simply because a human-based code is too easy for a computer to crack.

Most computer encryption systems belong in one of two categories:

Symmetric-key encryption
Public-key encryption

Symmetric Key

In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer. Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one. Symmetric-key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information. The code provides the key to decoding the message. Think of it like this: You create a coded message to send to a friend in which each letter is substituted with the letter that is two down from it in the alphabet. So "A" becomes "C," and "B" becomes "D". You have already told a trusted friend that the code is "Shift by 2". Your friend gets the message and decodes it. Anyone else who sees the message will see only nonsense

Public Key

Public-key encryption uses a combination of a private key and a public key. The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key, provided by the originating computer, and its own private key. A very popular public-key encryption utility is called Pretty Good Privacy (PGP), which allows you to encrypt almost anything.

To implement public-key encryption on a large scale, such as a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is basically a bit of information that says that the Web server is trusted by an independent source known as a certificate authority. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other.

The Process of Symmetric and Public Key in action.

For example in case of an email - The sending computer encrypts the document with a symmetric key, then encrypts the symmetric key with the public key of the receiving computer. The receiving computer uses its private key to decode the symmetric key. It then uses the symmetric key to decode the document.

Public Key: SSL

A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window.

Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetry. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

Hashing AlgorithmsThe key in public-key encryption is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. Essentially, the hash value is a summary of the original value. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here's a simple example:

You can see how hard it would be to determine that the value 1,525,381 came from the multiplication of 10,667 and 143. But if you knew that the multiplier was 143, then it would be very easy to calculate the value 10,667. Public-key encryption is actually much more complex than this example, but that is the basic idea.

Public keys generally use complex algorithms and very large hash values for encrypting, including 40-bit or even 128-bit numbers. A 128-bit number has a possible 2128 or 3,402,823,669,209,384,634,633,746,074,300,000,000,000, 000,000,000,000,000,000,000,000,000 different combinations! This would be like trying to find one particular grain of sand in the Sahara Desert.

Authentication

As stated earlier, encryption is the process of taking all of the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Another process, authentication, is used to verify that the information comes from a trusted source. Basically, if information is "authentic," you know who created it and you know that it has not been altered in any way since that person created it. These two processes, encryption and authentication, work hand-in-hand to create a secure environment.

There are several ways to authenticate a person or information on a computer:

Password - The use of a user name and password provides the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or the password does not match, then you are not allowed further access.

Pass cards - These cards can range from a simple card with a magnetic strip, similar to a credit card, to sophisticated smart cards that have an embedded computer chip.

Digital signatures - A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file) is authentic. The Digital Signature Standard (DSS) is based on a type of public-key encryption method that uses the Digital Signature Algorithm (DSA). DSS is the format for digital signatures that has been endorsed by the U.S. government. The DSA algorithm consists of a private key, known only by the originator of the document (the signer), and a public key. The public key has four parts, which you can learn more about at this page. If anything at all is changed in the document after the digital signature is attached to it, it changes the value that the digital signature compares to, rendering the signature invalid.

Recently, more sophisticated forms of authentication have begun to show up on home and office computer systems. Most of these new systems use some form of biometrics for authentication. Biometrics uses biological information to verify identity. Biometric authentication methods include:

Fingerprint scan
Retina scan
Face scan
Voice identification

Checking for Corruption

Another secure-computing need is to ensure that the data has not been corrupted during transmission or encryption. There are a couple of popular ways to do this:

Checksum - Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication because an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let's say the checksum of a packet is 1 byte long. A byte is made up of 8 bits, and each bit can be in one of two states, leading to a total of 256 (28 ) possible combinations. Since the first combination equals zero, a byte can have a maximum value of 255.

If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value.

If the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256.

Let's look at a checksum example

· 1,151 / 256 = 4.496 (round to 4)
· 4 x 256 = 1,024
· 1,151 - 1,024 = 127

Cyclic Redundancy Check (CRC) - CRCs are similar in concept to checksums, but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good for preventing random errors in transmission but provide little protection from an intentional attack on your data. Symmetric- and public-key encryption techniques are much more secure.

All of these various processes combine to provide you with the tools you need to ensure that the information you send or receive over the Internet is secure. In fact, sending information over a computer network is often much more secure than sending it any other way. Phones, especially cordless phones, are susceptible to eavesdropping, particularly by unscrupulous people with radio scanners. Traditional mail and other physical mediums often pass through numerous hands on the way to their destination, increasing the possibility of corruption. Understanding encryption, and simply making sure that any sensitive information you send over the Internet is secure (remember the "https" and padlock symbol), can provide you with greater peace of mind.

A part of the material is extracted from the following
Source: http://computer.howstuffworks.com/encryption.htm

Please fill out this form to help you serve better: Internet Security Feedback Form

Its all about | Virtual Private Network (VPN) | SSL VPN | SSL VPN Vs. VPN | Internet Protocol Security

2007-08-01T23:37:00.000-07:00

Virtual Private Network (VPN) - A Brief

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, like the Internet, to provide remote access between two or more offices/individual users with secure access to their organizational network. In simple there are millions and millions of internet users all over the world, so while an person is traferring the data, it may be leaked out to others by some unsecure means. So inorder to share the information between two individuals alone, private network would be built, which gives access only to the 2 or a group defined users out of those millions and millions of unknown users. VPN - Virtual Private Network is nothing but building a tunnel, in a big mountain. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by a particular organization. The goal of a VPN is to provide access and security to the organizations at a lower cost, also with an additional level of security which involves encrypting not only the data, but also the originating and receiving network/IP addresses.

SSL VPN

An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser as in we use the SSL certificates. These SSL VPN's help in securing organisational or individuals database or information, which they want to share between themselves. The SSL VPN can be a good choice for Government databases, schools, companies which manage huge databases, libraries and other public information which needs to be transmitted online via internet, but where trust would be an issue, though easy access and low cost is also important. Such kind of applications include Web-based e-mail, online forms, business directories, government directories, educational institutions database, file sharing, remote backup, remote desktop support, Remote system management, consumer-level e-commerce, Solid banking databases etc.

(An extract for better understanding) SSL is a protocol for managing the security of message transmission on the Internet. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. It employs the public-and-private key encryption system from RSA. As TLS (Transport Layer Security), a refinement of SSL, replaces the earlier protocol, an SSL VPN is sometimes referred to as a TLS VPN.

What is the difference between SSL VPN & VPN?

This has been a question for a long time. Many people keep asking what is the difference between SSL VPN and VPN, is that SSL VPN more secure than an IP Security VPN? and so on. In Simple terms, SSL VPN (secure sockets Layer VPN) uses private keys to encrypt data over an SSL connection. Which are used in conjunction with Internet browsers for clientless remotes, Where You can see HTTPS instead of the HTTP in the browser if that website/login is a secured one.And whereas VPN IPSEC is an Internet Protocol Security the Tunnel and Transport mode, where Transport mode only encrypts the data portion of the packet and Tunnel mode encrypts the whole packet. So that its not in the cluthes of all the internet users, though secure.

I would like to recommend you to visit http://forums.comodo.com/, where you can discuss security related topics, softwares and much more . Also learn about The Future of Internet Security, Free Email Certificates, Bank Fraud Alerts and more.

Please fill out this form to help you serve better: Internet Security Feedback Form

Comodo's Email Certificates are Vista and Firefox Compatible

2007-07-31T04:16:00.000-07:00

New compatibility with Vista and Firefox makes Email certificates available to many new users and remains free of charge. These Email certificates allow users to encrypt and digitally sign Email and attachments, keeping them secure and confidential. Encryption ensures that only the intended recipient(s) have access to the material and verify the sender's identity. The message and any attachments can not be tampered with during the transmission of the Email.

Other Competing software providers charge as much as $20 for Email certificates, but Comodo, in its commitment to ensuring the availability of online security solutions to everyone, continues to offer Email certificates for free. These certificates are fully trusted by 99% of Email clients.

Click to download a free Secure Email certificate.

*Free for personal use

The Future of Computer Security

2007-07-05T23:06:00.000-07:00

Article by Comodo's President & CEO - Melih Abdulhayoglu

Source: http://forums.comodo.com/

The Future of Computer Security

People keep asking me:

Is AV dead? Is HIPS the ultimate solution? Are we going to need to have chips surgically implanted in our…”

Okay, let’s not degenerate this in the first fifty words. I’d like to start with some facts about the state of software security for PCs.

1. The world does not protect itself against Zero Day attacks. The majority thinks it does, but reality begs to differ.
2. People buy AV products because they don’t know any better. Ignorance is bliss, but not in security. Security checks have been bumped up since 9/11 – enough said.
3. People are lazy, myself leading that pack. We want things done, but we don’t want to lift a finger. It’s 2007, so we shouldn’t have to!

Let me expand on these points.

1. The world does not protect itself against Zero Day attacks.
Our primary protection is the use of software products called AV (antivirus). These products essentially create a signature for the malware, which functions much like a mug shot does for a criminal, but only after the crime has been committed. In PCland, AV can never be used as protection against Zero Day attacks because the virus signature (a.k.a. the mug shot) has not been created yet; hence, no protection. In an ideal, if not idiotic, world, virii authors would be kind enough to submit their malware to AV vendors, wait for them to create signatures and update their AV users, and then release their malware to the public so that we could catch zero day attacks. We can expect that about as much as we can expect the criminal to go to the police and say “hey, I’m going to commit a crime”, and the police to prevent the crime. My point: we just don’t protect ourselves against Zero Day attacks.

2. People buy AV products because they don’t know any better.
People buy a lot of AV, so it must be the best protection available, right? Wrong. This is not a good argument. People buy a lot of cigarettes, too. This is not to discredit AV; it does what it was designed to do, but it just isn’t enough by itself. Fraudsters and their toys are a force to be reckoned with, and AV alone isn’t up to the fight.

3. People are lazy.Look around you:
we built washing machines because we got tired of hauling our laundry and the washboard to the river and back. We built dishwashers so husbands wouldn’t have to wash dishes (and spot on, I say!). From cars to nappies, humans demand easy-to-use, painless solutions that give us more time for ourselves and deliver the desired outcome with minimal effort. We want the same from our internet security. We can clap our hands and turn on a lamp, so we should be able to “plug and protect” our PCs just as easily.

The future, from my point of view.
Our houses have doors, burglar alarms and insurance. Well, most do, at least. If you don’t have a door, a burglar can walk in and steal your PC; thus, the door prevents the burglar from entering.

But Melih, doors can be kicked in!

Yes, they can, so continuing to get stronger doors isn’t much of a solution. This is why we should never rely on just one layer of security. The door to the house isn’t enough, so we install a burglar alarm. If he can get in, at least we can detect him – prevention plus detection, two layers. Let’s say he cuts your electric wires or manages to turn off the burglar alarm in another way (They make it look so easy on TV, don’t they?). He walks away with not only your computer, but your priceless stamp collection, too. This is why we have insurance, to recover the value of stolen items. Thus, insurance is the cure, the third layer in our layered approach. Stacking up these layers, in order, to protect the PCs in our homes, we have:

1. A door for prevention
2. A burglar alarm for detection, and
3. Insurance for the cure.

I thought you were going to tell us how to secure our PCs, not our homes, Melih!

I just did. The layered approach can be just as easily applied to our PCs. We use AV as our main source of defense, but is AV prevention? No, it’s detection, the veritable burglar alarm for a PC, but it must have the malware signature – the burglar’s mug shot – or it won’t sound the alarm. A new burglar, however, has a free pass, and no alarm goes off. This, my friends, is the infamous Zero Day attack, which our AV allows to happen. Now relax, AV devotees. I’m not saying AV is crap; I’m just pointing out its weaknesses, so calm down. With AV, our PC “house” has a burglar alarm but no door. Ridiculous, right? But that’s how it is! Some of us employ Firewalls too, but that’s also a form of detection, with a little prevention thrown in, if it’s a decent Firewall that doesn’t leak. If a firewall does leak, it lets the burglar (malware) take something out of the house or, in firewallspeak, make a call to the Internet with your sensitive information. A good firewall sounds an alarm in the form of a popup when this happens, and a really good firewall gives you advice on what to do next. You need both the AV and the firewall to detect someone coming in and things going out. So now our PC house has a decent burglar alarm (detection), but no door. Yikes!

Dude, where’s my door?
This is where we are challenged and need to change the model altogether. We are backwards when it comes to our default settings, but we can overcome this. Today, it’s fair to say that PCs are running with the “default: allow” function, which means they are allowing everything to run and hoping to catch the bad stuff before it executes. It’s more of a swinging gate than a door, and can’t really provide the prevention we seek.

So we should run with the “deny all” function and only allow the good stuff, right?

Bingo. With the “default: allow” in place, we operate on a system of “blacklisting”, blocking only the things that we know ahead of time are destructive. By reversing that and only granting entry to those names on the “whitelist”, we save ourselves the hassle of trying to figure out who’s good and who’s bad. If you aren’t on the list, you’re not coming in, period. Thus, we have a door, it’s solid, and it’s locked.

But Melih, who wants to deal with all the popups asking us if we trust ‘this or that’?Frankly, no one, but why are we making the assumption that the whitelist database will be limited? It is feasible to create a very cogent whitelist security layer which will be virtually noise-free for the average user, and that is exactly what we are doing.

The days of going to bed without locking the front door are long past. PC security is, or should be, just as important as the security of our homes and personal belongings. We deserve to live our lives without the constant worry of burglary and vandalism, and only a layered approach will give us that peace of mind in regard to our computers.

Melih’s prediction: prevention will become the first line of defense!

thank you

Melih

Please fill out this form to help you serve better: Internet Security Feedback Form

Origination of Names of Great Companies.........(Just for a Change)

2007-06-27T04:38:00.000-07:00

Comodo –Well, it started with what we have in common with the Komodo dragon. It's the largest dragon in the species, the most powerful and adaptable. Then the K was changed as C to show our powerful commitment to commerce, communications, even, .com. We're back to the internet.

I was wondering what would have made some famous companies select their name…………. Got a forwarded mail like this........

Mercedes: This was actually financier's daughter's name.

Adobe: This came from the name of the river Adobe Creek that ran behind the house of founder John Warnock.

Apple Computers: It was the favourite fruit of founder Steve Jobbs.He was three months late for filing a name for the business, and he threatened to call his company Apple Computers if the other colleagues didn't suggest a better name by 5 0'clock. CISCO: It is not an acronym as popuraily believed.Its short for San Francisco.

Compaq: This name was formed by using COMp, for computer and PAQ to denote a small integral object.

Corel: The name was derived from the founder's name Dr. Michael Cowpland. It stands for COwpland Research Laboratory.

Google: The name started as a joke boasting about the amount of information the search-engine would be able to search. It was originally named 'Googol', a word for the number represented by 1 followed by 100 zeros. After founders - Stanford graduate students Sergey Brin and Larry Page presented their project to an angel investor; they received a cheque made out to 'Google'.

Hotmail: Founder Jack Smith got the idea of accessing e-mail via the web from a computer anywhere in the world. When Sabeer Bhatia came up with the business plan for the mail service, he tried all kinds of names ending in 'mail' and finally settled for hotmail as it included the letters "html" - the programming language used to write web pages. It was initially referred to as HoTMaiL with selective uppercasing.

HP: Bill Hewlett and Dave Packard tossed a coin to decide whether the company they founded would be called Hewlett-Packard or Packard-Hewlett.

Intel: Bob Noyce and Gordon Moore wanted to name their new company 'Moore Noyce' but that was already trademarked by a hotel chain so they had to settle for an acronym of INTegrated ELectronics.

Lotus (Notes) : Mitch Kapor got the name for his company from 'The Lotus Position' or 'Padmasana'. Kapor used to be a teacher of ranscendental Meditation of Maharishi Mahesh Yogi.

Microsoft: Coined by Bill Gates to represent the company that was devoted to MICROcomputer SOFTware. Originally christened Micro-Soft, the '-' was removed later on. Motorola: Founder Paul Galvin came up with this name when his company started manufacturing radios for cars. The popular radio company at the time was called Victrola.

ORACLE: Larry Ellison and Bob Oats were working on a consulting project for the CIA (Central Intelligence Agency). The code name for the project was called Oracle (the CIA saw this as the system to give answers to all questions or something such). The project was designed to help use the newly written SQL code by IBM. The project eventually was terminated but Larry and Bob decided to finish what they started and bring it to the world. They kept the name Oracle and created the RDBMS engine. Later they kept the same name for the company. Do you know why they named this project 'Oracle'? ORACLE :One Real A**hole Called Larry Ellison

Sony: It originated from the Latin word 'sonus' meaning sound, and 'sonny' a slang used by Americans to refer to a bright youngster.

SUN: Founded by 4 Stanford University buddies, SUN is the acronym for Stanford University Network. Andreas Bechtolsheim built a microcomputer; Vinod Khosla recruited him and Scott McNealy to manufacture computers based on it, and Bill Joy to develop a UNIX-based OS for the computer.

Apache: It got its name because its founders got started by applying patches to code written for NCSA's httpd daemon. The result was 'A PAtCHy'server -- thus, the name Apache Jakarta (project from Apache): A project constituted by SUN and Apache to create a web server handling servlets and JSPs. Jakarta was name of the conference room at SUN where most of the meetings between SUN and Apache took place.

Tomcat: The servlet part of the Jakarta project. Tomcat was the code name for the JSDK 2.1 project inside SUN.

C: Dennis Ritchie improved on the B programming language and called it 'New B'.He later called it C. Earlier B was created by Ken Thompson as a revision of the Bon programming language (named after his wife Bonnie).

C++: Bjarne Stroustrup called his new language 'C with Classes' and then 'new C'. Because of which the original C began to be called 'old C' which was considered insulting to the C community. At this time Rick Mascittisuggested the name C++ as a successor to C.

GNU: A species of African antelope. Founder of the GNU project Richard Stallman liked the name because of the humor associated with its pronunciation and was also influenced by the children's song 'The Gnu Song' which is a song sung by a gnu. Also it fitted into the recursive acronym culture with 'GNU's Not Unix'.

Java: Originally called Oak by creator James Gosling, from the tree that stood outside his window, the programming team had to look for a substitute as there was no other language with the same name. Java was selected from a list of suggestions. It came from the name of the coffee that the programmers drank.

LG: Combination of two popular Korean brands Lucky and Goldstar.

Linux: Linus Torvalds originally used the Minix OS on his system which he replaced by his OS. Hence the working name was Linux (Linus' Minix). He thought the name to be too egotistical and planned to name it Freax(free + freak + x).His friend Ari Lemmke encouraged Linus to upload it to a network so it could be easily downloaded. Ari gave Linus a directory called linux on his FTP server, as he did not like the name Freax.(Linus' parents named himafter two-time Nobel Prize winner Linus Pauling) .

Mozilla: When Marc Andreesen, founder of Netscape, created a browser to replace Mosaic (also developed by him), it was named Mozilla (Mosaic-Killer, Godzilla).The marketing guys didn't like the name however and it was re-christened Netscape Navigator.

Red Hat: Company founder Marc Ewing was given the Cornell lacrosse team cap (with red and white stripes) while at college by his grandfather. He lost it and had to search for it desperately. The manual of the beta version of Red Hat Linux had an appeal to readers to return his Red Hat if found by anyone!

SAP: "Systems, Applications, Products in Data Processing", formed by 4 ex-IBM employees who used to work in the 'Systems/Applications/Projects' group of IBM. SCO (UNIX): >From Santa Cruz Operation. The company's office was in Santa Cruz.

UNIX: When Bell Labs pulled out of MULTICS (MULTiplexed Information and Computing System), which was originally a joint Bell/GE/MIT project, Ken Thompson and Dennis Ritchie of Bell Labs wrote a simpler version of the OS.They needed the OS to run the game Space War which was compiled under MULTICS.It was called UNICS - UNIplexed operating and Computing System by Brian Kernighan. It was later shortened to UNIX.

Xerox: The inventor, Chestor Carlson, named his product trying to say `dry' (as it was dry copying, markedly different from the then prevailing wet copying).The Greek root `xer' means dry.

Yahoo!: The word was invented by Jonathan Swift and used in his book 'Gulliver's Travels'. It represents a person who is repulsive in appearance and action and is barely human. Yahoo! founders Jerry Yang and David Filo selected the name because they considered themselves yahoos.

EV SSL Certificates - Authentication for Sole proprietor and Small Businesses

2007-06-14T03:13:00.000-07:00

CA/B Forum Ratifies Extended Validation (EV) SSL Certificate Guidelines to Provide Improved Online Authentication to More Businesses For Safer Online Transactions.Comodo instrumental in enabling all verifiable businesses - including sole proprietorships - to better authenticate their identities for improved customer trust and profitability

EV SSL certificates to sole proprietorships in light of the recent ratification of the EV SSL Guidelines by the CA/Browser Forum. This first ratification, two years in the making, is a milestone in the accessibility of authentication solutions for a wider range of businesses.
EV, until now, was not available to sole proprietorships and non-corporations, as the validation process only extended to corporations registered with government agencies. This put the sole proprietors at a disadvantage, as they did not have the budgets to create consumer trust through extensive brand building programs involving advertising or running "brick and mortar" retail outlets. Comodo, initiator of the CA/Brower Forum, was one of the key advocates for the extension of EV to sole proprietors, recognizing the greater level of trust they would get from EV certificates.

Background information on EV

EV SSL builds on the trust that the marketplace has in traditional SSL protection by adding an additional layer which enables the address bar in the browser to turn green, delivering visual authentication of a site's identity. Site visitors are increasingly demanding this level of identity authentication and are apt to abandon sites that do not provide it. Since EV protects users from doing business with sites that are not authentic, these EV-protected sites can be more trusted offering greater potential conversions rates, revenue and lifetime customer value.
Because of the stringent EV validation process, verifiable businesses will be able to obtain EV, while fraudsters will find it more difficult. Only a Certification Authority can issue EV SSL certificate, and before doing so, must:

1.) Verify the legal, physical and operational existence of the entity
2.) Verify that the identity of the entity matches official records
3.) Verify that the entity has the exclusive right to use the domain specified in the EV certificate, and
4.) Verify that the entity has properly authorized the issuance of the EV certificate

The standards also include rigorous auditing criteria which Certification Authorities must meet to ensure their compliance and be allowed to issue EV certificates.

For more information, visit http://www.instantssl.com/.

Source: http://www.comodo.com/

This new initiative will increase the Business/Sale of proprietorships and Small Business. Avail your EV SSL from Comodo - The Initiators of Trust to non-corporations.

To avail EV SSL contact sales (at) comodo (dot) com or yuvarajr (at) comodo (dot) com

Future of IT Security | Web Security

2007-05-29T02:57:00.000-07:00

Believe it or not, today’s security products are the features of tomorrow.

In the future from now on there would be a dramatic change primarily in the area of technologies and applications that use Internet, productively in all aspects of the business and life everyday. In order to have a Secure Technology Generation (STG) it’s a must to shape the future of the WWW net.

In relation to the growing Consumer Issues over the internet such as Phishing, Privacy Disclosures, Identity Fraud etc,Online Financial & Merchant businesses and Services really Require Stronger Authentication Methods more than that of Simple PINs and Passwords to have an increased e-Commerce Security Environment.

Information Technology practices are upgraded and improved, still the attackers, phishers and business requirements keep raising the bar and are in the look out for new technologies every second due to the increased security threat. This is because not only the e-Commerce is in danger but also the business doer. As they want to protect themselves from these kinds of threats the security practitioners are having scheduled for so many proactive levels, predicting the future threats.

When it comes to security of Internet, the experts who analyze the online business themselves have got so many questions, such as

1.) What kind of the Security measure is globally suitable?

2.) Will the Secure Sockets Layer (SSL) certificate be standard security in future or an upgrade of some online security appliances is needed?

3.) Will the SSL & PKI alone would solve the authentication requirements?

4.) Would the firewall be made transparent?

5.) And what level is the Vulnerability going to be in the future?

And so on………. While there is not going to be significant increase in the level of threat for the corporatism, still there is going to be threat to the external element of the enterprise, which is going affect the corporate. As discussed already “Today’s Security Products are Features of Tomorrow”, nowadays firewall comes with antivirus, anti-spyware detection tools. Also the upgrade in the SSL to EV (Extended Validation) SSL shows the increased trend in technology and security. No sooner in 2010, Internet Security Package is going to have all the threat fighters, such as EV SSL, Hacker Prevention Tool – Vulnerability Scanner, Firewalls, Antivirus, Anti-Spy ware, Anti-Malware, Site monitors plus the other secure tools which would be found based on the present and future threat.

Let’s Hope for a Better Future………. : -)

I wish you would go through this blog to know more about Internet security and Online marketing http://trenchwars.wordpress.com/

Please fill out this form to help you serve better: Internet Security Feedback Form

UTI Bank – Be alert and be safe from online fraud

2007-03-12T02:49:00.000-07:00

Recently got an email to my yahoo account from a phisher who meant that the mail is from UTI bank stating that the SSL certificate has been upgraded, and it requested for us to sign in for the UTI Banks Secure Internet Banking, providing an link.

When I clicked the link it went to some other site, which is exactly designed like the UTI Banks website. No SSL certificate found in that site.

So be alert that these kind of mails may be we get from the phishers. By chance if you happen to give your details, it would be stored in the phishers / hacker’s system, and its easy for the phishers / hacker’s to log in to your account and get the money. So make sure not to provide your contact details until you are sure that the email is from the UTI Bank and is a genuine one and also HAS GOT A PADLOCK ICON in the browser, which meets the criteria as well including the https:// in the link. Also UTI Bank account holders please do check if the link points out exactly to http://www.utibank.com/ and then got the banking session from there. Its up to us, whether to get fooled or not.

What Users Do On The Internet - Why Internet Security Needed?

2006-12-28T01:42:00.000-08:00

Increased No. of Users + Increased Internet Security = Increased Sales/Business.

Source : http://www.internetworldstats.com/top20.htm (Click Image to Enlarge)

Hope now you will understand why Internet Security is Important - Here's the Statistics for........ Click on the Image to Enlarge

Source: http://www.stanford.edu/group/siqss/Press_Release/Chart9.gif

EV SSL Certificates – The Real Security Measure For The Upcoming Generation

2006-12-26T21:52:00.000-08:00

Its since the phishing/scams were more, the internet security experts and giants like Comodo and VeriSign has been working to get some more extended security to the online shoppers. With the efforts made, the EV SSL certificate is now in market to safeguard you during an online shopping / banking session.

You might have known from my previous reading whats an SSL certificate is? And would be wondering what is this EV SSL certificate - right? Here's an literature for you on the New EV SSL.

EV SSL Certificate is Extended Validation Secure Socket Layer Certificate. The name itself explains that it is more than an ordinary validation with extended technology. Security experts point out that there EV SSL's are the the next generation SSL certificate which work with advanced high security Web browsers to clearly identify a web site you visit is secure and has got a reliable business identity.

The simple difference between an SSL Certificate and an EV SSL Certificate is that a site which has got a SSL will show only the padlock as an icon of trust, whereas EV SSL turns the browsers address bar green to show the identity of the website along with the padlock. However if an website shows only the padlock it is secure but if the web site does not have an EV SSL certificate then the address bar doesn't turn green.
This new standard Extended validation SSL certificates are issued after confirming the authenticity of the authority who request the certificate, domain name ownership, verifying the business identity with government or third party business registries, and other methods/ guidelines specified CA Browser Forum to assure the legal and physical existence of the business.

The below links to the Press Releases would explain more about the EV SSL Certificates, its verification process and when its gonna to be market - And one of the releases points out “Comodo believes it could be done within two months; VeriSign worries it could take longer and is reluctant to wait.”

Click Topic ---> New 'web safe' approvals may elude small biz

Click Topic ---> Verification requires extensive checking

SSL (Secure Socket Layer) Certificates - Process, Benefits and its Working

2006-11-23T22:50:00.000-08:00

What is SSL?

Secure Sockets Layer protocol is a method of passing sensitive/personal information, such as credit card details, login details over the Internet. All these type of communication over the internet must be encrypted i.e. secured to prevent from hacking/identity theft. An SSL URL is preceded by https:// instead of http://.

How to create an SSL Secured website?

To be able to create a Secure SSL connection a web server requires an SSL Certificate. When you choose to install and activate an SSL certificate on your web server you need register with any of the Certification Authority (CA), where you would be prompted to complete a number of questions about the identity of your website and your company. After you fulfill the requirement of the CA’s, they would validate your business and the CA would proceed to issue you an SSL Certificate. After the validation process, your web server creates two cryptographic keys - a Private Key and a Public Key.

The word Public Key itself states that it does not need to be secret and is placed into a Certificate Signing Request (CSR) - a data file also contains your details. You would then submit the CSR. During the SSL Certificate application process, the Certification Authority (CA) will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL in your web server. Your web server will match your issued SSL Certificate to your Private Key. After this process your web server would be able to establish an encrypted link / secure connection between the website and your customer's web browser.

What are the benefits of SSL?

Secure Sockets Layer or SSL for short provides the following benefits:

Authentication of the server
Whenever an customer i.e. an end user connects to an SSL enabled site, the Server sends its unique Digital certificate which is approved and signed from a universally trusted source (E.g. Comodo, Verisign or any other CA). This guarantees an end user / customer that it is being communicating with the right server.

Communication privacy
SSL uses public key as well as private key encryption technologies to provide an encrypted/secure channel. This secure channel ensures an end user / customer that all communication between the user’s browser and the Web server remains encrypted and secure so if any one intercepting the communication will only see collapsed text which would make no sense.

Which websites would require SSL?

SSL is essential when sensitive data is sent over the Internet, like and credit card info or a site which carries on with confidential and financial transactions. Such a online shopping portals, bank sites and other sites which requires to be encrypted to create trust between the user and the web server. It’s actually most secure to use SSL on all pages. But, that can slow your site down considerably. If you can’t use SSL on every page, here’s an important precaution to take.

Internet Security – Past, Present & Future

2006-10-16T04:56:00.000-07:00

The Internet is one of the most significant achievement in the recent history.In early 1950's the idea of creating this new technology appeared. Later the implementations begin at 1960's and 1970's practically. And then at the beginning of 1980's they found and recognized the global connector Internet and it began to be spread all over the globe at the same time as well where the Internet was structured to have more than 4.3 billion potential networks. Later in 1990's the introduction of World Wide Web (WWW) began to have its common place all over the world. Now its 2K's and people though they use internet for various purposes, internet thevies have put their hands here. So its now the time to have better internet security to save the ecommerce business which is in danger. This is because the Internet without and proper security infrastructure is vulnerable to several attacks like hacking, packet sniffing, monitoring, TCP/IP hijacking, IP spoofing; and other routing infrastructure attacks. These problems exist due to the fact that Internet packets are not encrypted. Several governments across the world, however, have been trying very hard to regulate encryption on the Internet, to secure the web and the internet users being it a ecommerce merchant or an customer.

The experts aiming at internet security have been researching on some factors like, would there be a standard solution to safeguard the internet , Would the firewall, anti-virus and any other desktop security products would help to protect the PC from unwanted intruders, what type of SSL (Secure Socket layer) certificate and public key infrastructure would be appropriate to have a secure use of Internet. Would these be advantageous but to what extent and so many questions have araised for the factor of Internet security. Some of the new technologies implemented were the Smart Cards, Web Push Technology, Secure Padlock etc. This has been function well though with some drawbacks, as these technologies need some advancement in the area of storage and recognition.

The future challenges in the internet security area has got more computational intensive and also requires substantial processing power, which would possibly require to build secure intranet, Extranets, virtual networks and other internet security related applications. And if the internet security is kept in proper vigil with empowered technologies to safeguard the WWW, then the expectations of the ecommerce business would really flourish.

Please fill out this form to help you serve better: Internet Security Feedback Form

Internet and Ecommerce Security for Merchants and Customers

2006-09-06T07:51:00.000-07:00

eCommerce is the conducting of business with goods and services over the Internet. Electronic commerce or e-commerce consists of the buying, selling, marketing, and servicing of products or services over computer i.e. Internet networks with the transfer of funds, through digital communications. These type of online business in using information technology industry might see it as an electronic business application aimed at commercial transactions where Electronic data Interchange or Electronic File transfer are carried out via internet. Also the supplier the customer/consumer would be transmitting inquiries, orders, invoices, payments etc. directly through their computer systems. So while these type of ecommerce transactions takes place then there is an need for internet security. In an ecommerce transaction the merchant should provide more customer security to bring more business and retain them.
The merchant / business person is always responsible for security of the Internet-connected PC where their customer details are handled. The minimum would be a Virus protection, a firewall and a commercial secure back-up where confidential information are stored.

Here are some the basic principles that needs to be a must for Customer Security.

1.) Privacy : Personal Details / Information should be kept confidential from unauthorized parties.

2.) Integrity: The information / Message which is provided should not be altered or tampered with any.

3.) Authentication: Here lies the Trust, the sender and recipient must prove their identities to each other to bring comfidence to the user & merchant.

4.) Proof of identity or Non-repudiation: An proof is needed that the message / information transmitted is indeed received by the merchant/ Customer.

The above specified principles can be done via encryption where credit cards are taken online and processed later,or credit cards are taken online and processed in real time. Its the merchant's responsibility to check the security and safety of transactions of the hosting company's webserver.

Are you safe and secure online?

2006-08-08T03:22:00.000-07:00

Today, Internet growth has exploded into a latest sheer. Most of the people around the globe use the internet now for many different purposes such as a huge wave of communication through electronic mail, file transfer, transaction applications, Online Banking, Online business and much more. Thus internet appears to be more convinient and useful for the users , there are also so many technical issues surrounding the vast network of World Wide Web. One such technical issue which needs to be taken care is the Internet Security. As the usage of internet grows and grows, there are number of people who try to exploit them on web in a bad manner, unless the user is aware of how to protect themselves online.

There are sevaral hacking threats and attempts on the Internet via e-mail, Web and Instant Messaging (IM), where hackers use some malicious code - such as viruses, worms, and Trojan horses to steal personal information like passords, credit card number etc and even delete some information from an unprotected computer. A firewall can help protect your computers against these kinds of security threats and attacks. An recent study estimates that spam comprises 60 % or more of the world's e-mail traffic. So as a real human being we should pick some of the best internet security software to safeguard and secure ourselves online.

There are en-number of internet security softwares that safeguards from Internet attacks, vulnerabilities, malicious code etc. The future trends shows that a online business without proper internet security solutions would cause more damage to a company's reputation and assets as not of being a trusted source. Several security firms such as Verisign, Comodo, Go Daddy Inc etc have helped introducing solutions such as internet security softwares, SSL – Secure Sockets Layer for web etc to carry secure online transactions.

To provide the computer/internet security the users need to effectively secure their PC now and in the future by installing some PC Desktop security softwares like Firewall, Anti-virus, Anti-Spam etc. Also online business people should install an digital certificate to ensure trust online to their customers, which my bring more business to them. Some of the leading software solutions provider such as Comodo, ZoneAlarm provide PC security softwares for free of cost just to Create Trust Online. So our part is to identify the best solution which suits our needs and have them installed to ensure that our PC is safe and secure from hackers and phishers.
Internet has not only made the world even smaller and brought people closer but also have paved way for the rapid growth in e-commerce activities. So recommended good internet security practices will help reduce the exposure to attacks and would certainly mitigate the impact of cross-domain vulnerabilities as well. And well the interest in internet security practices will assure a successful outcome in the center stage when globally accepted.

Article Written by - R.Yuvaraj

Wanna report phishing..........Here's the clue

2006-07-25T00:26:00.000-07:00

Many people though they identify a mail as a fradulent one's, they just skip as such and proceed with their work. Some reasons for this is that they don't want to spend time on reporting or they are not aware of where to report a phishing attack. Major percent of people all over the world is not aware of where to report a fradulent email or site. Here's some of anti-phishing group who fight against phishing. Ah! now you may report phishing, spam and privacy related problems in any of the group below.

1.) Anti-Phishing Working Group - http://www.antiphishing.org/

2.) Federal Trade Commission - http://www.consumer.gov/idtheft/

3.) United States CERT - http://www.us-cert.gov/nav/report_phishing.html and more.

Lets start fighting against phishing togeather and save our people from being cheated.

Try to understand what is Spam?

2006-07-18T03:54:00.000-07:00

Many people including some people working in an Internet security products company is unable to identify the SPAM emails. Protect yourself and your computer from known and unknown virus attacks using a best internet security software, website and email encryption.

I got this spam email forwarded to me from one of my friends who himself is working for a software company. The mail goes like this.

Subject:FW.[SPAM] I am writing this behalf of my loving husband

Dear Reader,

I am writing this behalf of my loving husband.

Everything was fine, me, my husband and our two children. We had ahappy family. My husband was an Engineer in a big company. He comes homeearly and helps me with the house chores and plays with the children.

Our dreams was shattered in front of our eyes last week. It was adrunk lorry driver, came on the wrong side and hit us and went.

It killed my little baby girl and left my husband paralyed. My husbandis still in the hospital. His brain is damaged and he needs a operation. Ineed 5 lahks to save his life. I collected about 3 lahks from my friends andfamily. I need another 2 lahks.

I don't want to lose him. He was such a wonderful husband & father. Hestill doesn't know we lost our little girl. I am looking after my son now.Without my husband I won't be able to takecare of him.

Please help me save my husband the one person I dearly love. I alreadylost my daughter and I don't want to lose my husband as well. Please helpus.

Thank you very much for your love & support. May God bless you.

Yours Truly,
Nirosha Silva

(I know you don't like to forward mails. I am really sorry to botheryou. If you have a heart and like to help a family, please forward thismail. Every mail you forward will add 5cents to AOL and they will deposit itto my bank account. Which will help me save my husband.)

Points to be noted here.

1.) In the subject the Mail Server itself shows that its a SPAM
2.) The Content
3.) IT states "Every mail you forward will add 5cents to AOL", Here note that there is no Track Back url.
4.) If any service provider wants to pay for this kind of activities they might get a small space for donation in their website.

Note: If you are going to make a donation online, see if that the website is a legitimate one. Also you might have noted and experienced as well that you would get money if you forward this mail to 100 people etc and so on. So inorder to do this the SPAMMERS they use the reputed companies name like Microsoft Corporation, AOL and so on. Also sometimes it comes with some attachments which might be a virus file.

Though there are Spam Blockers installed in the system, people anyway manage to get thest kinds of email and forward it to their friends in their contact list.

So it is in the hands of us, not to encourage these kinds of emails.

Buy your Internet Security, Antivirus Software now @ best available price from K7 Computing

Comodo Free Softwares - Direct Links

2006-07-12T23:16:00.000-07:00

Hey its me (Yuvaraj). Here is the direct links downloads for our free comodo Softwares.
Download these Free softwares and Make your PC Secure.

Verification Engine : http://www.vengine.com

Comodo Personal Firewall : http://www.personalfirewall.comodo.com

Comodo AntiVirus : http://www.antivirus.comodo.com/

Comodo AntiSpam : http://www.comodoantispam.com/

Comodo BackUp : http://www.backup.comodo.com/

Comodo i-Vault (Password Manager) : http://www.comodogroup.com/products/i-vault/licence.html

Free SSL : www.instantssl.com

Comodo TrustFax : http://www.trustfax.com/

We Create Trust Online. The Links would well explain the features of the softwares.

Please fill out this form to help you serve better: Internet Security Feedback Form

Where must we consider Internet Security?

2006-07-03T00:18:00.000-07:00

The practice of protecting, preventing the PC from hackers and preserving private information and resources on the world wide web is termed to be internet security, Web Security, Website Security or Control Internet Access. Not only this but also there are few steps which needs to done to protect our PC too!

To secure our private inforamtion and PC some of the following features needs to be fulfilled. These might be like the below.

Routers - improves the security of a home LAN

Firewalls - Filters some bad website / content that create defense in depth.

Viruses, worms and trojan horses - Hackers are people who are in some unreputable companies writing programs like viruses, worms, trojan horses and spyware. These programs are all unwanted softwares that would be developed in a way that it install automatically in our computer through deception.

Browser choice - The one which should be consider while surfing on internet is the browser. Hackers prime target for phishing is by these kinds of browsers. So a secure browser or a software that secures your browser needs to be installed.

And some of the others where security needs to be considered is like Spyware, adware etc.

Comodo Free Email Certificate - Digitally sign your emails

2006-06-21T00:29:00.000-07:00

Now the phishers target via email with known ids, so we need definitely have a secure email. Now we provide free email certificate for personal use to encrypt emails and attachments.

What does this do?

Free Secure Email Certificates allow you to encrypt and digitally sign email and attachments keeping them secure and confidential. Encrypt your emails to ensure that the message and attachments may only be read by the intended recipients. you can Digitally Sign your emails to prove that the message and attachments really came from you and not some spammers, Also Digitally Sign your emails to ensure that the message and attachments cannot be tampered with en route via the Internet without the recipient being alerted to the tampering. As no there are en number of spammers this email certificates would be more helpful. To know more about this visit
http://www.comodogroup.com/products/certificate_services/email_certificate.html

Oh! Worried about carrying on online financial transactions! Don't worry Vengine is here for you!

2006-06-14T22:56:00.000-07:00

Vengine performs as a Anti-Phishing and Identity Assurance tool, Content verification, Online Fraud Detection and as well as Site Verification tool. This tool can be downloaded free from http://www.vengine.com

VerificationEngine - the multi-browser anti-phishing and identity assurance tool for Microsoft Windows offers an extremely simple and innovative user friendly interface to differentiate legitimate web sites from fraudulent ones.

With Vengine, You (Consumers) can verify the legitimacy of any sites say banking, shopping or any other related sites where financial transactions are involved. This tool is really meant for establishing trust, authenticate identities and ensure trusted online transactions which automatically distinguishes between true & fake sites by just a roll over of the mouse on the company logo or content which you needs verification.

You can install vengine and forget about that, Whenever you open any bank related or non-bank related sites like yahoo it would be verified automatically when your mouse points out to their logo.

Also this tool is of so much interest and importance for consumer who does online transactions. Each and every time you don't have to open your padlock for verification, this tool will automatically verify your padlock symbol too!.

To know more, click on to http://www.vengine.com/products/features.html

Daily interesting facts about Information Technology & Computer are occuring.........But still what's the Negative Fact

2006-05-29T21:36:00.000-07:00

Daily interesting facts about Information Technology & Computer are occuring.........

There is always an positive impact on Technology, But to make us unhappy with the growing range of technology,software, hardware, a negative impact is caused by hackers/crackers/Phishers, who always aim money to be their target.

Do the phishers get what they target?

My answer is YES. Here the answer is YES because most of the internet users they don't know how to secure their personal information. They are always faked by the phishers/hackers and its too late for them to realize that they have been cheated/Scammed.

But nowadays there are SSL, trust logos and other security certification services implemented by the online business personalities to save the consumer from being hacked. There are also various measures taken by the internet security software companies, news people, bloggers and others to create awareness among the consumers. The only way to have a safe internet is by means of the proper internet security measures. Once a consumer is aware of the internet security measures, they should discuss/explain their friends and relatives about how to do online business securely. Thus making them alert from being phished.

So with a total effort INTERNET USE CAN BE MADE SAFE FOREVER

Please fill out this form to help you serve better: Internet Security Feedback Form

Are you surfing securely online?

2006-05-02T02:31:00.000-07:00

Nowadays most of the phishers target to get or login to your personal details, and you may get some spam mails in your mailicious server, so it is good to prevent your secret information by downloading some security softwares. The AntiSpam softwares, Password managers, Firewall,Antivirus and more to have your web secure .The firewall software are constructed to prevent unwanted intrusions from the Internet into your Personal computer.

Oh! you may think that "if I download these softwares, it will slow down my system" But my answer is most probably not, if you choose to download a software from a secure software developer. If cost is the issue just go for free software, but before downloading look into it whether there are all features you expect that should be and must be. To be secure from the internet hackers get your internet security softwares get them and install and make them active. Then see your PC Soldiers will earn a victory.

Personal Firewall, AntiSpam, AntiVirus For Lifetime Free

2006-04-21T04:59:00.000-07:00

Oh! Great

"Comodo", giving Personal Firewall free for lifetime.

It is pretty easy to use with multiple features. Download that from http://www.personalfirewall.comodo.com

Comodo not only offers personal firewall for free but also some more solutions like antispam, antivirus and more. I think the era of free software has come.

This works good with Windows.

Wanna know about Comodo. :)

Comodo’s solutions include integrated Web hosting management solutions, infrastructure services, digital e-commerce services, digital certification, identity assurance, customer privacy and vulnerability management solutions.

Thanks, Comments welcomed.