Tag Archive for: safe

Learn “How to keep your computer (and you) safe at meeting Monday

/in


The next Orion program will take place at 7 p.m. Monday at the City Room (A-111) of the Coffey/McNally Building, Roane State Community College, Oak Ridge Campus. The program is open to the public. James A. Rome will speak on, “How to keep your computer (and you) safe.”

James "Jim" Rome

James “Jim” Rome

Rome received all his degrees from Massachusetts Institute of Technology (MIT) (and came to Oak Ridge in 1971, according to a news release. Personal computers were just starting to be available, and he teamed with George Kelley to write a scientific graphics program (GraphiC). He worked in Oak Ridge National Laboratory’s Fusion Energy Division, specializing in configuration design and following charged particle orbits in fusion devices. After about 20 years he switched to the Computer Science and Mathematics Division, where he studied air traffic and compartmented mode (multi-level secure) workstations. He was in charge of ORNL computer security for the National Science Foundation’s TeraGrid, a Gbps network, connecting supercomputers and facilities at many universities. He also created a public key infrastructure to allow secure, encrypted logins and access to online Lab Notebooks.

Currently retired, he is president of the Oak Ridge Civic Music Association, and runs websites for Oak Ridge Civic Music Association, Friends of ORNL, Keep Anderson County Beautiful, and his own site at https://jamesrome.net/blogs. He has a fully-loaded Mac Studio, a Linux computer, a Windows computer, and a Windows laptop. He is agnostic about which is the best platform. Computer security is a passion.

A description of the talk follows.

Computer crime is a multi-trillion dollar “business” and it is important that you not be its victim. Unfortunately, this takes eternal vigilance and updating. “It is working, so leave well enough alone” does not work in these perilous times. Software must be updated weekly. Once a cell phone or computer no longer gets security patches, it must be replaced. Phishing and identity theft are the worst attack vectors. Even sophisticated users can fall into a trap. Social media prevent you from having full control. My Facebook and Twitter accounts direct people to my personal Web site. There really…

Source…

‘Treat it like China’: How U.S. officials stay safe, and have fun, at the world’s biggest hacking conference

/in


When you spend three days with 30,000 people who love cracking code, you’re always just one errant click away from sheep-dom. In fact, fending off the maze of Wi-Fi sniffers, hardware hackers and social engineers at DEF CON is a little like going toe-to-toe with elite, state-backed cyber spies, according to one senior State Department official.

“Almost treat it like going to China,” said the official, granted anonymity to offer frank and colorful advice to a DEF CON first-timer. “Really treat it like going to a technologically sophisticated peer competitor.”

At this year’s conference, which wraps up Sunday, the Wall of Sheep was located in a dimly lit auditorium off the main conference floor. It included, for the first time ever, a live feed with the location of individuals who were leaking data. As of Friday afternoon, there were at least 2,000 sheep at DEF CON, per the floor-to-ceiling projection. Their personal information was, mercifully, partly blacked out for privacy reasons.

Since the first-ever convention in 1993, DEF CON has brought some of the world’s most talented computer security wizards into the Las Vegas desert to scour software, hardware and networking equipment in search of vulnerabilities.

Operating under the principle that the best way to secure computer code is to expose it, attendees have demonstrated some truly jaw-dropping research over the last three decades. They’ve taken over the controls of cars, tricked ATMs to spew out cash and sent insulin pumps into overdrive, to name a few memorable hacks.

Feats like that have turned the convention into an increasingly common pit stop for top U.S. government officials, dozens of whom are in attendance this year. DHS Secretary Alejandro Mayorkas, CISA Director Jen Easterly and Acting National Cyber Director Kemba Walden are all in Las Vegas for DEF CON and Black Hat, its more corporate-friendly counterpart.

But the convention didn’t earn its reputation as “the world’s most hostile network” just because of what happens on the main stage.

“There is a criminal ecosystem out there,” said Marc Rogers, the conference’s head of security. “You probably don’t want to access your…

Source…

You Should Enable Gmail’s New ‘Enhanced Safe Browsing’

/in


Image for article titled You Should Enable Gmail's New 'Enhanced Safe Browsing'

Photo: RAY-BON (Shutterstock)

Google’s had an Enhanced Safe Browsing feature in Chrome since 2019—a set of privacy features to help protect against phishing and malware attacks. Basically, if a link doesn’t seem quite right, Google will warn you about it. Recently, they finally brought the feature directly into Gmail.

Here’s how Enhanced Safe Browsing mode works

Enhanced Safe Browsing checks the links and attachments in your Gmail account with its own database of known scam links, where a website pretends to be real to steal your personal information (also known as phishing). Google has a massive database of such bad actors, and it’s updated every 30 minutes. Once the feature is enabled, Gmail will scan incoming emails and attachment downloads against that database and warn you if something looks suspicious.

How to enable Enhanced Safe Browsing on Gmail

If you’re already logged in to your Google account, simply open this link in a new tab and enable the Enhanced Safe Browsing feature from there. Alternatively, you can open your Google Account page and go to Security > Manage Enhanced Safe Browsing.

When you enable this feature in your Google account, it will be enabled across other Google products as well, like Chrome. And in Chrome, this feature extends to Chrome extensions and file downloads.

The downsides of using Enhanced Safe Browsing

The only big downside to using Enhanced Safe Browsing is the sheer amount of personal data that Google will be able to access. It’ll be able to check all the links that come through your Gmail account, and if you use Chrome, that includes links clicked, files downloaded, and extensions installed.

Of course, Google says this data is used only to improve your data security when you’re logged in, and after a short time, the data is fully anonymized. But anonymizing data isn’t perfect—it can still be linked to social media profiles, as one Princeton study illustrates.

If you’re okay with that potential risk, go ahead and enable the feature. It might also be worth recommending to others in your life too, if you think they’re the type of user particularly susceptible to things like phishing scams and malware attacks.

[ZDNET, CNET]

Source…

Airports can be safe and less chaotic when dealing with security threats

/in


You are comfortably seated at Gate A11 waiting for your flight to board, coffee in hand, when the loudspeaker announces that your terminal must be evacuated due to a security issue. At that point, thousands of people scurry to the exit, where they gather outside the terminal until the Transportation Security Administration determines what happened, why it happened, and eventually, that the security threat has been resolved before allowing people to re-enter the terminal.

The cause of such events is varied. It may be that a person entered the sterile side of the terminal unscreened, such as through a fire door. It could be a bag that was not appropriately screened, as what happened at San Diego International in August 2022. It could be a bomb threat, which occurred at San Francisco International in July 2022. It could be something as benign as an unattended bag, which led to a terminal evacuation at JFK International in July 2022. It could also be a technical error, such as what happened recently at DFW International Airport.

U.S. airports are not alone. On June 29, a passenger entered the sterile side of the airport via a fire door at Gatwick Airport, outside London. This required all passengers to be evacuated, including some who had already boarded their plane for departure, creating what was described as “chaos” in managing the rescreening process.

When any type of event occurs that compromises airport security, the ripple effect creates an endless stream of turmoil. It could impact light rail public transportation, which brings passengers to and from the airport and may need to be halted while the security breach is resolved. It impacts airport concessions, particularly food outlets, which must also evacuate, leaving food items unattended that will need to be discarded upon their return.

Perspective

Opinion

Get smart opinions on the topics North Texans care about.

It obviously impacts the airlines, which must reschedule and re-accommodate the thousands of passengers on the flights that are delayed or canceled.

However, the biggest threat may be to the thousands of people who must gather outside the airport terminal, waiting for the security breach to be resolved. This often takes hours,…

Source…