Advantages of Mobile Broadband

• You have broadband no matter where you are (or nearly). As long as you can get mobile coverage then you can also get Mobile Broadband coverage. The better the signal – the faster and more responsive your broadband will be
• You don’t need a landline. Say ‘No’ to the still ridiculous notion that you need to pay a monthly fee for the line rental to Eircom – just to get broadband
• You can share it with friends/colleagues. Just unplug the USB dongle and connect it to your friends/colleagues laptop/PC
• You don’t need a laptop! That’s right – you can use it with your home PC if you just want basic internet and don’t want the hassle of wired broadband. Good for SMEs who may need the power of desktop PCs but may not always have access to a landline
• It’s almost as fast as basic wired broadband. Depending on your coverage you can get up to 3-5Mbs, which is just as fast as some of the starter broadband packages that require a landline
• You can manage the costs by using a non-contract plan and tailor the cost of having broadband to a plan you can afford.

Which Plan for me?

A better question is: “How much data will I be using per month?”

If you’re using it for email and web surfing only choose the lower end plans (1-5GB). It’s more than you need.

If you will be working with media (images/video) as well as the above or often work with large documents (excel/word/pdf) consider a medium plan (5-10Gb)

If you have the luxury of not having to worry about the cost, or will be downloading large volumes of data (cd images, streaming audio/video) then you should really consider a heavy-usage plan. Maybe even consider switching to fixed-line broadband depending on your needs.

Comparing the plans available:

( Prices in the above comparison are correct as of Aug 5th 2010 – always check back with the operator for the most up-to-date prices)

Recommendation

Start with a low-usage plan. Unless you really use the internet for a lot of audio/video data there’s no real need to get a plan greater than 5Gb per month.

What’s most important is that it works where you need it most – so be sure to check the coverage maps before you choose

It all started so well.

They had the audience: Facebook had that demographic that just seemed to span everyone from those old enough to push keys on a keyboard to the insomniac old age pensioners looking to liven up their bleak later years in life.

They had the features: What started to most people as a way to either vent publicly or just share media online evolved into a complete social experience, one that we often felt (and still do) obliged to keep up to date constantly, lest we miss out on the next big thing. You could tag pictures, see pictures of yourself taken by others, comment on status, vent about your work, share your likes and dislikes with others – and more.

They added value: What started out as just indicating hobbies, grew into fan-clubs and groups you could participate into. They added the logic to the server backend that detected trends such as large numbers of people registering the same interests and then auto-creating groups with those names into which you could participate and contribute

Sidenote: You can try this for yourself – with the help of a few friends create a completely impossible hobby/interest and just watch as Facebook auto-creates a new ‘Group’ for that hobby/interest, although advertising an interest in “making hamburgers from dead people” might not be the smartest thing you ever did.

They had the niche: Often overlooked is one of the real reasons behind Facebook’s success – the curiosity of the average person. By nature – we’re just curious (or nosey as some prefer) – we love to know and see things we shouldn’t. Sure – Facebook had all these awsome features and a fast growing user-base but under all those numbers what was really at play were that more and more people were tapping into that quiet thrill of discovering things that kept us at the top of the gossip ladder.

And then they went too far…

It started with expanding the level of information exposed to your ‘Friends’ that was published in neat little News Feeds presented to each user on login.

You no longer had to check each of your ‘Friends’ mini-profiles to see what they were up to – it was presented to you on a plate on login. You could downrank (or even ignore) ‘News’ from individual ‘Friends’ if it wasn’t interesting enough – and lets face it – everyone has/had at least one ‘Friend’ who seemed to exist solely on Facebook 24/7.

We know what you want…

Facebook then took things one step further and with several updates iterated over the course of 3-4 months the control over what information from your own profile that was being published became less and less accessible. Sure – you could still reconfigure your privacy settings – if you could understand the differences between the different levels.

New accounts created had the more public ‘default’ privacy settings, new features added came with their own ‘default’ privacy settings too so that it became such an ordeal to keep a private profile that most just ignored the issue.

Facebook were laughing all the way to the bank all the while; their numbers were ever increasing, the service was becoming more popular and the amount of information being shared boggles the mind – the large portion of which Facebook was entitled to share with ‘limited 3rd parties’ (aka Advertising & Marketing companies)

Private. Really?

It was only a matter of time before someone started leveraging all of that lovely public information to show the true potential of having such a wealth of private information publicly available.

The API used to query the Facebook repository provided more and more features and the smart few took advantage of that information.

Are you a parent worried about your teenage daughter’s antics when she goes out at night? – Why not check if she’s ever posted if she lost her virginity – or better still – why not check if someone else claims to have been the other participant?

Want to know if your child has claimed that they cheated on a test?

All courtesy of Facebook. Read more about it here: http://youropenbook.org/about.html (The original GitHub repo is no longer available but is referenced here: http://wiki.twit.tv/wiki/TWiT_248/Transcript)

O’ Mother Where Art Thou?

One of the interesting trends of late is the recent drop in Facebook users due to their parents signing up. What’s the fun in updating your status to say “lost my virginity last night!” if you arrive home to find your parents waiting for you with a lecture on the risks of unprotected sex.

Word of Advice

My advice to those who do use Facebook is simply to be aware that it’s information you are posting on the internet, whether you think it private or not – someone is logging that information. Think of Facebook like your diary that you leave in the library – What you put in there is entirely up to you but anyone can read it if they find it

So where now?

After Facebook’s recent debacle with privacy settings the more tech savvy of folks are starting to look for an alternative. Diaspora spawned, attempting to be a more privacy conscious social network (http://www.joindiaspora.com/index.html) and there’s rumors-abound about Google’s new social network called Google-Me.

Food for thought: What’s the point of social networking though if nobody shares any information…?

Obfuscate: the concealment of intended meaning in communication, making communication confusing, intentionally ambiguous, and more difficult to interpret.

Or to us normal people: Hide, and in this context: Hiding Data I really can’t stress enough how important this is. For any web-based service that allows the storage or presentation of information that could be misused – that web-service should be obfuscating it’s data.

Common Mistake

The single most common mistake is that those creating the presentation and access layer (eg. The Web Developers) for that data often don’t understand what that data represents – to the web-developer it’s just information, in a table, in rows and columns that needs to be queried, filtered and presented

When there’s a lot of information to be processed there is almost always a unique identifier that’s used to filter all that information down to only a single result – ideally the result that corresponds to that unique user/item/profile.

The mistake made is that often that unique identifier is used as the primary key for data access and manipulation – without it being obfuscated!

eg.

• Your Phone Number
• Your Mobile Number
• Your Car License Plate

Surely this information isn’t important though?

Think about the potential once it’s possible to gather enough of this data. What if someone was able to collect all the license plates for the cars in ireland? What if someone was able to collect all the mobile (cell) numbers for everyone in the country?

One word: Marketing

Or as it’s know to most of us: Spam

..and that’s just the best case…

Surely important information is protected?

It’s all down to context, or for want of a better description meta-data. If you don’t have the meta-data to process that information then there’s not much you can do with it.

And without the context for that information there’s no awareness that that data needs to be protected or obfuscated somehow.

It can’t be that easy – can it?

No?

• Lets take a very well known car manufacturer – ABC. (1 click)
• Lets have a look at their Used Cars (1 click)
• Want the chassis number of that car? No problem (1 click)
• What the chassis number of every used car in the UK from ABC? (one line command at a linux prompt)

We’ve contacted ABC cars to let them know about this and it will be interesting to see what they say…

I’d like you to meet Adobe Flash. Innocent, helpful, flexible, runs-on-every-browser Flash. Just don’t say we didn’t warn you when Kevin, the quiet youtube-a-holic in your office causes everyone’s PC to crash when he watches his favourite video…

The A-Team Garage

Ok – so maybe I’m exaggerating a little to get the message across but lets think about this a little more – if I Ted, chief virus and spybot creator at Dodge Ltd wanted to create something and maximize the damage and distribution what would I need? Let’s use the A-Team example and try to imagine what ridiculous garage we can lock our creation into – that it just happens to have everything it will need to come out all guns blazing;

1. I would need people to unknowingly download my creation
2. I would like you to help me spread the virus
3. I would want to be able to propagate it to PCs behind firewalls so that my zombie network will grow
4. I would not have to worry about what OS you are running (or what version of windows maybe)
5. I would like to have my creation auto-update to the latest version whenever it can.

Now – lets say 4-5yrs ago I would have maybe made my creation use some exploit in Internet Explorer as it was the the most used browser in play. Notice I said most-used there. Sure lots of people might prefer Firefox over Internet Explorer – but out-of-the-box installs purchased by Average Joe will start with Internet Explorer on them and in most cases that’s what people stay with – they go with what they are familiar with.

With other browsers out there now the field is wider; IE8, IE7, IE6, Firefox, Chrome, Safari and Opera. What do they all have in common? Flash.

Wanted: License To Kill

I create a nice flash based game/video that has an average playtime of 2-3mins. That’s about long enough to prevent someone loosing interest and just the right length for a quick office interlude when you sit down at your desk with a nice fresh cup of coffee. I make it cute and easy to use, maybe even fun. I add some additional code so that while you are watching/playing my creation it’s downloading all it needs to do it’s dirty work.

Now that we have our creation built and we know what horror it will wreak on hapless PCs lets review our helper criteria we looked at above;

1. I would need people to unknowingly download my creation
   CHECK: You have no idea what the Flash app you’re loading will do before it loads – chances are it has already fully loaded by the time you see anything on your screen. I’m ready to play with – all I need is for you – the user to grant me my License To Kill by clicking ‘Play’
2. I would like you to help me spread the virus
   CHECK: My creation is cute and fun and popular. It’s on the 10-ten-things-to-do-while-having-a-coffee-at-your-desk list. You keep sending it to all your friends and colleagues telling them how much fun it is so that they too can experience the joy of Frankenflash.
3. I would want to be able to propagate it to PCs behind firewalls so that my zombie network will grow
   CHECK: Flash isn’t usually blocked by most firewall/proxies, unless the site is restricted (eg. No YouTube at work thank-you). You’re lovely browser, with all it’s security updates, running it’s man-of-steel version of Windows is about to download Kryptonite v1.0
4. I would not have to worry about what OS you are running (or what version of windows maybe)
   POSSIBLE CHECK: Ok so Linux and MacOS folks are maybe safer here than others but if I’m clever enough I can create something that will ignore the OS on the victim’s PC and just hose the network. How about a flash game that in the background keeps downloading http://www.company-i-dont-like.com in the background. If I can’t murder other PCs I’ll at least try to murder the network.
5. I would like to have my creation auto-update to the latest version whenever it can.
   CHECK: My game/video is popular, so pupular in fact that you bookmark it. It’s a handy game of Solitaire that you play for 5-10 mins when you want some much needed down-time after that TPS report. Every time you visit me to play I serve you the latest version of my creation.

Self Preservation

The easiest way to protect yourself from these types of attacks is not to automatically have Flash load. I’m not saying avoid Flash – I use it every day myself – just allow Flash content from the sites and people that you trust. It’s not a guarantee but it’s an easy way to prevent this type of attack.

Myself – I’m a Firefox user and although other browsers are just as good what I like about Firefox is the ubiquity of it’s AddOns. Meet FlashBlock (https://addons.mozilla.org/en-US/firefox/addon/433) – A simple AddOn that prevents flash on website from loading automatically so that you can choose whether or not to have it load – or only load the parts you want. There’s also a setting so that you can always-allow Flash from a certain site so that it doesn’t become a pain if you visit a flash-heavy site often that you trust.

There’s also the added benefit that today a large portion of Ads on internet sites are Flash-based and by having FlashBlock installed you are spared having 10 different Ads on the page trying to get your attention.

Want to know more?

Although what we’ve talked about above is probably over-simplified, there are currently several known vulnerabilities in Flash today, some of which have already been used in the field. If you’re interested in finding out more the two links below I found are a good place to begin the trail

http://arstechnica.com/security/news/2009/07/flash-security-vulnerability-exploited-in-pdfs.ars

http://www.theregister.co.uk/2007/12/21/flash_vulnerability_menace/

If you would like to talk to someone here at iPing about your Internet Security just drop us a LINE and we would be delighted to help.

You can call it the Internet, Intranet, WiFi, Broadband, Dialup – whatever you wish – is essence though you are connecting your PC to a network of some sort – and chances are these days that you’re not the only person connected to it. The more ‘social’ you make your network to other people the more likely you’ll have visitors – and chances are they’re not the kind you’d welcome…

The Goal

The ideal is to allow your PC all the access to the network that it needs but to restrict the access that the network has back to your PC. In this way you can prevent many of the common attacks on the network that people expose themselves to without even realising it.

Average Joe

Lets take a look at Average Joe (AJ), sitting at home on his PC, connecting to the internet via his lovely brand spanking new Wireless Router and highlight some of the common pitfalls that you can avoid with some very basic changes.

Correcting Common Pitfalls

Remote Administration:

On nearly all Wireless/Broadband Routers today there is an option to allow you to manage this remotely. Unless you really need to fiddle with your home/business network while you’re not in the building there’s no reason to have this enabled.

Disable Remote Management

Secure Your WiFi Better

Secure Your WiFi:

This is a subjective one. Do you want to share your internet connection with anyone in the area? If the answer is ‘No’ then you need to make sure that you configure your Wireless Network properly. First and foremost this means choosing an encryption mode and setting a token/password. If you’re wireless router supports it choose WPA-2 or WPA and try to choose a token/password that someone standing outside your house couldn’t guess.

If you’re a little lost on the whole WEP/WPA/WPA-2 thing and want more info you can check out http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access and this article on the NeoWin forums.

Don’t open common Ports:

If for some reason you do need to open ports on your Router to the internet to allow you to connect then choose ports that only you (and your colleagues) know rather than opt for the default port for the protocol.

Default Ports: SSH (22), HTTP (80), HTTPS (443), FTP (21), MS Windows Remote Desktop (3389)

You can then use the options on your Router to remap the ports back to the actual ports that need to be connected to inside your network;

Exposed Port (7421) -> Internal Port (22)

By using a port number that’s not the default you make it less likely that someone will be able to determine what service you have behind that port as well as prevent a lot of the zombie-type bots out there ont he internet from just trying to brute-force attack your server/PC

Enable your Firewall:

There’s a Firewall built into all versions of MS Windows from XP onwards (XP, VIsta, Win7) and there’s no excuse for not using it. It’s one of the simplest ways to protect your PC on the network. If you don’t like the Firewall built into MS Windows there’s lots of alternatives – but for me – it does the job, doesn’t complicate setup and is SFOS (Significant Female Other Safe)

Enable the Firewall - Step 1

Enable the Firewall - Step 2

Enable the Firewall - Step 3

Disable File & Print Sharing:

Unless you need to share files from your own PC this option should be disabled. In the case of AJ above there’s no need to have File & Print Sharing enabled as he’s going to be the only person on his home network.

Disable File & Print Sharing - Step 1

Disable File & Print Sharing - Step 2

The advantage here is that it’s simple to switch on and off so that you can enable it only when you need to.
There’s many more ways you can prevent your PC from attacks on the network – I’ve only highlighted a few simple ones that you can make, which shouldn’t affect your day-to-day use of the PC and yet can protect you from many of the common ways in which less scrupulous people try to monitor, control or just plain trash your computer.

If you’re concerned about the security of your home or business network – feel free to give us a call here at iPing and we can help you secure and manage your network better.