It is Friday and I would like to end the week with some FYI.
Disclaimer: I am by no means pushing the Dark Web on my readers this post is purely intended to be FYI.
I am sure that most anyone that uses a computer has heard of the Dark Web….but how many really know what it is unless you are a massive computer nerd?
The dark web isn’t something you can just stumble upon, and that’s a good thing. Although it’s often used for transactions and conversations that need to remain anonymous, sites on the dark web can host illegal activity, phishing links, financial scams, and malware. There’s also little to no recourse to be had if you encounter any trouble there, because the dark web is a decentralized collection of websites hidden from search engines. In short, it’s not for the faint of heart, and it’s definitely not a viable alternative to the clear web.
Even in an era of increased online surveillance, the average person on the internet likely has too much to lose to bet on their safety for curiosity’s sake. Heck, I’m one of PCMag’s resident security experts, and I’m not playing around on the dark web just because I know how to. That’s why I’m not going to provide links or detailed instructions for accessing the internet’s shadier side. That said, what you choose to do with your time and devices is solely your business (for now). I will help you understand the risks you face when exploring the dark web and offer you some suggestions for safer browsing.
To understand what the dark web is, let’s examine the onion-like layers of the internet:
…
Within the deep web is the dark web. As I mentioned above, the dark web is a decentralized, non-indexed network of web pages, and the sites don’t use standard URLs. The dark web is home to some horrible stuff; think illegal porn and snuff films, along with illicit activity in the form of financial scams, personal data sales, and other anonymous and illegal transactions. There are marketplaces where people can sell stolen credit card numbers, conduct illegal drug transactions, and scam people out of their cash and crypto.
There’s legitimate activity on the dark web, too, as activists, journalists, and whistleblowers use dark web forums for anonymous communication. These forums look similar to those on the clear web, but the content discussed and shared by the anonymous chatters can evade censorship and surveillance on public sites. The problem is that getting to those forums may expose you to safety concerns like those listed above.
From time to time I try to find helpful information that I can pass on to my readers as an FYI post.
We all use the platform of Google at least some of the time…..and we all are worried about our on-line security and who is tracking us….and one of the worse violators of our privacy is Google.
An article I recently read could help with someone’s struggle…..if you are concerned read the article closely….it may help….
Where you lead, Google will follow. The company can log your searches, watch history, and activity across various services, and while that might sound handy for looking back at your browsing history or revisiting a previous trip, it feels a little Big Brother to me. As a result, I’ve changed a few settings on my Google account to keep that monitoring in check.
Google uses this data to give you “more personalized experiences,” which can include faster searches, but also “more helpful app and content recommendations.” That’s basically code for “we use your search, app, and map data to serve you ads.”
You can head to Google’s My Activity dashboard to view your data, but I use the Data & privacy section of my Google account dashboard to make changes, since it also gives me easy access to Personalized ads settings, for some extra privacy management. Even if you don’t change much, this is a great way to see what information Google has on you, and start fighting back.
If you use Google Search or any Google-owned apps, your activity will be tracked under the Web & App Activity section. From this screen, I use the drop-down menu and choose Turn off to immediately stop Google from tracking my activity. If you select Turn off and delete activity, it will disable the feature but also wipe all previously saved information from Google’s servers.
If you’d rather get rid a bunch of data from a specific Google service, you can also select that app (like Maps, Search, News, Play, etc.) from this menu. For example, I chose Google News, which then shows a timeline of all my activity with the service. I can then go through and click the X icon to remove something. Otherwise, use the drop-down menu in the top-right to delete a specific subset (or all) activity for the app.
The major story a few weeks ago was the War Department leak and the arrest of a National Guardsman for that leak.
Apparently the War Department is using its clout with the MSM to have the story slowly die and be replaced with nonsense like the Correspondents Party.
Many have asked just how could this part-time soldier have access to such sensitive info and how did he get a security clearance?
I am glad you asked.
Jack Teixeira, 21, had a top-secret security clearance which gave him access to sensitive and highly classified government documents. The case has prompted questions about the clearance process and the subsequent red flags that seem to have gone unnoticed after it was granted.
In 2018, a year before he joined the Massachusetts Air National Guard, Mr Teixeira was suspended from high school after being overheard making threats and discussing weapons.
The same year, he made an application for a firearms identification card which was denied over police concerns about his remarks.
Neither incident prevented him from passing the background checks needed to get security clearance for his job as an IT specialist in an intelligence unit.
In the US, security clearances are issued by a wide array of government agencies ranging from the CIA to the Department of Energy. The vast majority are issued by the defence department, according to ClearanceJobs.com, a job portal focused on government jobs that require clearances.
Most agencies have four main levels of security clearance: confidential, secret, top-secret, and “sensitive compartmented information”, which has been called “above top secret”, and can include material from intelligence sources.
The process of obtaining a security clearance begins with a suitability check to determine eligibility for the job, and applicants then have to fill in an exhaustive form. Standard Form 86, or SF86, includes personal data such as education and employment history, details of family and associates, and foreign travel and connections. It also asks about criminal history, military service, and financial issues.
Personally I think there are too many ‘security consultants’ with access to sensitive info….this will not stop the abuse and as long as there are more ‘consultants’ than military it will continue to be a problem.
This is one of those times when I try to be an FYI blogger.
Are you a user of Apple products?
If so then this news may well effect you and your devices…..
Apple disclosed serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices, the AP reports. Apple released two security reports about the issue on Wednesday, although they didn’t receive wide attention outside of tech publications. Apple’s explanation of the vulnerability means a hacker could get “full admin access” to the device. That would allow intruders to impersonate the device’s owner and subsequently run any software in their name, said Rachel Tobac, CEO of SocialProof Security.
Security experts have advised users to update affected devices—the iPhone6S and later models; several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running MacOS Monterey. The flaw also affects some iPod models. Apple did not say in the reports how, where or by whom the vulnerabilities were discovered. In all cases, it cited an anonymous researcher. Commercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time.
NSO Group has been blacklisted by the US Commerce Department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists. Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. The company has previously acknowledged similarly serious flaws and, in what Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had being exploited.
Please if you use Apple devices check into the meat of this announcement….better safe than sorry.
This concludes my Public Safety Announcement (PSA)…..I retrun you to my regular posts…..
Personally I think the Donald the Orange was a out of touch idiot…..I he does little to change my mind every time he opens his mouth he reinforces my thinking…..
His latest idiocy is about our dependence on computers for everything……
Former President Donald Trump suggested on Monday that the solution to cyberattacks is to stop using computers.
During an interview on Fox Business, host Stuart Varney asked Trump about how the United States should respond to cyberattacks like the one that recently shut down the Colonial Pipeline.
“The way you stop it is you go back to a much more old-fashioned form of accounting and things,” Trump said. “You know, I have a son who is so good with computers. He’s a young person and he can make these things sing and when you put everything on internet and on all of these machines — you never see a piece of paper — I really think that you have to go back to a different form of accounting, a different form of compiling information.”
While the sedition runs wild in this country there is still a pandemic killing Americans.
We all have been effected by the raging pandemic that just seems to get bigger and bolder as it rips through the nation. Some have been inconvenienced by social distancing or masking or food shortages, prices or TP shortages……but as this year, 2020, ends a thought popped into my head…..how has our privacy been compromised by all this pandemic stuff?
Fortunately for me someone else had the same thought and it saved me lots of endless reading….
I try to avoid sites and services that invade my privacy, collect my data, and track my actions. Then the pandemic came, and I threw most of that out the window. You probably did, too.
I gave away tons of personal data to get the things I needed. Food came from grocery and restaurant delivery services. Everything else — clothes, kitchen tools, a vanity ring light for Zoom calls, office furniture — came from online shopping platforms. I took an Uber instead of public transportation. Zoom became my primary means of communication with most of my coworkers, friends, and family. I attended virtual birthdays and funerals. Therapy was conducted over FaceTime. I downloaded my state’s digital contact tracing tool as soon as it was offered. I put a camera inside my apartment to keep an eye on things when I fled the city for several weeks.
Millions of Americans have had a similar pandemic experience. School went remote, work was done from home, happy hours went virtual. In just a few short months, people shifted their entire lives online, accelerating a trend that would have otherwise taken years and will endure after the pandemic ends — all while exposing more and more personal information to the barely regulated internet ecosystem. At the same time, attempts to enact federal legislation to protect digital privacy were derailed, first by the pandemic and then by increasing politicization over how the internet should be regulated.
I admit that in my younger days I was a huge Sax Rohmer fan and his arch villain Fu Manchu….I even have been watching an old TV show entitled the “The Adventures Of Dr. Fu Manchu” from 1956….one episode has the evil genius hacking into the NORAD-like defense system…..and I thought about it when I read about the latest hack in the news…..
An alarming development in the massive cyberattack on American government systems: Sources tell Politico that the agencies that maintain America’s nuclear weapons stockpile were compromised in the attack, which is strongly suspected to have been carried out by Russia. The sources say they have found evidence that hackers accessed the networks of the Energy Department and the National Nuclear Security Administration (NNSA). The worst damage was done at the Federal Energy Regulatory Commission (FERC), where there is evidence of “highly malicious activity,” the officials say. The hackers are believed to have accessed systems from March onwards by compromising a SolarWinds software patch. More:
Department says critical defense systems not hit. Energy Department spokeswoman Shaylyn Hynes confirmed that the department had been hit by the attack but denied parts of the Politico report. “At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration,” Hynes said in a statement. Hynes said that when vulnerable software was identified, “immediate action was taken to mitigate the risk.”
What Politico details: In addition to FERC, it reports the DOE and NNSA have uncovered evidence of hacking in the networks used by the Sandia and Los Alamos national labs and the Office of Secure Transportation at NNSA. Politico explains: “NNSA is responsible for managing the nation’s nuclear weapons, and while it gets the least attention, it takes up the vast majority of DOE’s budget.” Enriched uranium is moved by the Office of Secure Transportation, and the labs handle atomic research tied to both nuclear power and nuclear weapons.
“Grave threat” to critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) warned that the attack poses a “grave threat” to “critical infrastructure,” Deutsche Welle reports. The agency said the damage will be very difficult to undo. CISA didn’t specify what the critical infrastructure is, but the AP offers this: “Homeland Security, the agency’s parent department, defines such infrastructure as any ‘vital’ assets to the US or its economy, a broad category that could include power plants and financial institutions.”
Private sector was also hit. “It’s still early days, but we have already identified 40 victims—more than anyone else has stated so far—and believe that number should rise substantially,” Microsoft president Brad Smith tells the New York Times. “There are more nongovernmental victims than there are governmental victims, with a big focus on IT companies, especially in the security industry.” Microsoft says a “heat map” of the attack shows that 80% of victims are in the US, with others in countries including the UK, Mexico, and Spain—but none in Russia.
Biden speaks out. President-elect Joe Biden vowed Thursday that he would make dealing with the attack a top priority from the moment he takes office, the BBC reports. “We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.” President Trump has not commented publicly on the attacks.
“Worst hacking case in US history.” A government official speaking to the AP on condition of anonymity says the administration isn’t ready to publicly blame Russia for the cyberattack. “This is looking like it’s the worst hacking case in the history of America,” the official says. “They got into everything.” Experts believe the attackers focused on espionage, not sabotage, and were incredibly successful.
Romney: “Stunning” for White House not to respond. Republican Sen. Mitt Romney said Thursday that the silence and apparent lack of action from the White House was “inexcusable,” the Hill reports. “I think the White House needs to say something aggressive about what happened,” he said. “This is almost as if you had a Russian bomber flying undetected over the country, including over the nation’s capital, and not to respond in a setting like that is really stunning.”
This ‘hack’ is another attack that I am struggling with….it seems when we need a foe the Russian hacks are always available.
Fu Manchu was thwarted…..but looks like the Russians (allegedly) are more sophisticated….
I am waiting for the rest of the story…..and now I have it….
The Trump administration informed Congress of its plans to close the last two US consulates in Russia, leaving the US embassy in Moscow as the only US diplomatic mission in the country.
The State Department sent a letter to congressional leaders on December 10th that said the US is permanently closing its consulate in Vladivostok, and temporarily halting operations at the consulate in Yekaterinburg.
According to the letter, the US is shuttering the consulates due to caps set by Moscow on the number of diplomats allowed in the country. In 2017, Russian President Vladimir Putin set new limits on the number of US diplomatic employees in response to US sanctions.
The letter says the move is “in response to ongoing staffing challenges of the US Mission in Russia in the wake of the 2017 Russian-imposed personnel cap on the US Mission and resultant impasse with Russia over diplomatic visas.”
In December 2016, then-President Barack Obama expelled 35 Russian diplomats for Moscow’s alleged interference in the presidential election, which was never substantiated. Putin chose not to retaliate against Obama’s move.
The news comes at a sensitive time for US-Russia relations. Several US government agencies were targeted in a major cyberattack that many in the US are blaming on Russia, despite a lack of evidence to show Moscow was involved.
But the shuttering of the consulates does not appear to be connected to the cyberattack since the administration informed Congress a few days before the hack was reported.
(antiwar.com)
As to appear not be the gutless wonders they are…Congress is calling for retaliation…..Some senators are calling for retaliation against Russia. Senator Dick Durbin (D-IL) even likened it to a “virtual invasion.” (chest thumping only)
On a lighter note…..
If I peeked your interest in Fu Manchu….here are the 8 episodes from 1956…..(if interested I believe it was episode 3 or 4 that had the “hack”)
While your are finishing your shopping…..Be Well and Be Safe……
It is sad enough that 30 million people are unemployed and having to subsist on the unemployment benefits to make ends almost meet…….now there are those that are committing fraud over these benefits and NO it is not some persons in this country….Nigeria is the culprit.
If you thought the Nigerian prince scam was all there was….then think again……
The Secret Service has detected a large-scale foreign attack on the U.S. unemployment system that is processing record numbers of jobless claims amid the pandemic, according to The New York Times.
In a Secret Service memo obtained by the Times, the agency described the attack as a well-organized Nigerian fraud ring that could lead to “potential losses in the hundreds of millions of dollars.”
“We are actively running down every lead we are getting,” Roy Dotson, a special agent who specializes in financial fraud at the Secret Service, said in an interview with investigators obtained by the Times.
This virus problem only applies to those people working from home and employ a video conference as part of their job.
There are new “hackers” at work in these times of sheltering in place……
As the coronavirus pandemic rages on, people stuck at home have taken to using videoconferencing apps to hold work meetings and chat with family and friends. One such app that’s become ubiquitous: Zoom, founded by Cisco engineer Eric Yuan. But be careful before you log in for that virtual happy hour: The FBI is now warning users of the app that hackers are “hijacking” it, citing two recent incidents in Massachusetts. And the interruptions aren’t merely annoying disruptions: Brad Garrett, an ex-FBI agent, says that Zoom has also become a ripe target for cybercriminals, who often want to steal corporate proprietary data, as well as personal info on individuals. “As more schools and businesses work remotely, this creates an ideal environment for cyber thieves,” he tells ABC News. More on “Zoombombing” and other related issues from around the internet:
Recode details the “lax security” that’s led to Zoom’s current dilemma, including a workaround that allowed hackers to generate ID numbers to allow them to join meetings they weren’t invited to. “The fact that it is so easy for anyone to join and then disrupt a public Zoom meeting at all indicates that Zoom’s developers didn’t anticipate the ways those meetings could be disrupted in the first place—something that anyone who has used the internet before really should have foreseen,” the site notes.
Zoom hacking took an especially ugly turn at the University of Texas at Austin on Monday, where a group meeting hosted by an initiative that supports African American male students was taking place. The Austin American-Statesman notes that about halfway through the event, “unknown users” showed up and started yelling racial slurs, including the n-word. “Reprehensible,” Greg Fenves, the university’s president, said of the incident in a tweet.
At the University of Florida, another racist hack: WCJB reports that an online student government meeting on Tuesday was invaded by “racist messages, swastikas, pornography, and death threats,” per a tweet by university President Kent Fuchs. “COVID-19 and hate will be defeated,” Fuchs added, saying he has called for an investigation.
Alcoholics Anonymous hasn’t escaped the trolling, either. Per Business Insider, hackers are busting into group meetings and harassing members, hurling misogynistic and anti-Semitic slurs, as well as taking jabs at recovering alcoholics’ struggles. “Alcohol is soooo good,” one intruder recently proclaimed.
New York’s attorney general isn’t messing around when it comes to Zoom. The New York Times reports that Letitia James’ office sent a letter to the company Monday on its data privacy and security protocols, noting that there exists particular concern over vulnerabilities “that could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams.”
ho may be the biggest loser in this newfound obsession with Zoom and Houseparty, a similar video social network that’s taking off: Microsoft’s Skype, which the Verge notes is “missing out on this key mindshare moment.”
If you work from home and use a video conferencing beware of intruders…..I am fortunate all my calls are one on one and seldom use a multi person format……
Be calm……avoid crowds…..wash hands often……Be prepared….stay aware
Is there anyone that does not believe that we have a problem with cybersecurity?
God, I hope not….but in this world to stupid…we just might.
Our foreign policy is run out of the Department of State and the latest report is not glowing form their cybersecurity…..
The latest publication in a long line of reports drawing attention to the U.S. State Department’s failure to secure its information technology-dependent systems from cyberattacks reflects a general mismanagement of resources.
“Notwithstanding the expenditure of substantial resources by the Department,” reads a report State’s Office of the Inspector General released Wednesday, “the OIG continues to identify significant issues that put its information at risk.”
The report follows a Jan. 14 letter Sen. Mark Warner, D-Va., sent to Secretary of State Mike Pompeo asking what steps he’s taken to address the shortcomings detailed in previous IG reports. Warner put the letter in the context of a “long history of information breaches” at State and recent tensions with Iran.
But that is not a surprise for the SecState Pompeo is considered one of the worse we have ever had to hold the position…..
How does a man like this happen? In a strange way, Pompeo is like the entire 2016 election poured into a single human skin-suit. He combines all of the calculation and misplaced ambition of Hillary Clinton with the vulgarity and dishonesty of Donald Trump. If you took DNA samples from Clinton and Trump and sent them to the lab on Isla Nublar, Pompeo is what you’d get.
Except that in one crucial aspect, Pompeo is worse.
