Would you know how to look for clues?

Notes Taken By: Theresa Payton, Fortalice, LLC. Content also covered on WBTV's segment, Protecting Your Cyberturf, featuring Kristen Miranda and Theresa Payton.  Segment airs Wednesday at 10 past 5pm.

 

It’s one for the record books of stupid wannabe thieves!  Two men robbed an Internet cafe at gunpoint and hopped on their motorcycles to get away.  The problem is, one of them had logged into their Facebook account at the same cafe before doing the robbery … and forgot to log out!  

It is an example of how crime doesn’t pay!  The police looked at their Facebook account, figured out their home address and took one of the suspects to jail.  It’s almost funny, isn’t it?  But WBTV’s cyber expert, Theresa Payton, asks if you were a victim or witness to a crime, would you think to check the digital devices around you for clues?  

Many people don’t realize that thieves are leaving digital clues all around us!
Some quick thinking on your part can make a huge difference.

1.  If your home has been broken into, check all your devices. Thieves have been known to check their email, Facebook, and other accounts at the actual crime scene.

2.  If a crime is in progress, only if you are safe, try sending a text with info or turn on your video camera to catch audio.

3.  Search the internet for clues about the perpetrator if you just witnessed a crime.

4.  If they leave evidence behind such as their personal phone or digital device, do not touch it - you might disturb evidence.  Take a picture of the screen or the device and turn that over to law enforcement.

WORD FOR THE WEEK:
Bitcoinica:  This is the actual bank and trading platform for bitcoins.  A bitcoin is a play on words - bit as in digital bit and coin - as in currency.  This is digital money traded online that is sometimes cashed in for real currency.  

WEB RESOURCES:
A Report from the Department of Justice:
https://www.ncjrs.gov/pdffiles1/nij/219941.pdf

FBI Digital Forensics Site:
http://www.fbi.gov/stats-services/publications/law-enforcement-bulletin/august-2011/digital-evidence

NC SBI Digital Evidence Guide:
http://www.crime-scene-investigator.net/Evidence-Guide_NC.pdf

Have You Read the New Facebook Privacy Rules…Again??

Notes taken by: Theresa Payton, Fortalice, LLC. Content also featured on WBTV's Protecting Your Cyberturf segment featuring Kristen Miranda and Theresa Payton.  Segment airs Wednesdays at ten past 5pm.

It feels like Groundhog day!  I think it wasn’t that long ago that Facebook updated their privacy settings and we encourage you to read them.  Well, after a review with the Irish privacy board, Facebook has completed another round of changes.  Are they good changes for us or Facebook?  That’s what you really want to know!

Well, it’s a little bit of both and a lot of people find the timing very interesting.  The Irish Privacy board did a review, Facebook has their IPO coming up, so what does all this mean?  Cyber expert, Theresa Payton, isn’t impressed.  In fact, she thinks we should all speak up about our privacy concerns to Facebook.    

Read the Privacy Statement:
1.  Caution:  There is a lot to read
2.  YOUR Data Storage:  No commitment as to how short or long they keep your data on file:  "as long as it is necessary to provide services."
3.  Your Data is Public:  Your cover photo and gender are considered PUBLIC information - it does not matter how tight your privacy settings are.  You can “hide” your gender in timeline but it will be passed to advertisers.  Great quote from the policy:  “If you’re uncomfortable with making your profile pictures or cover photos public, you can always delete them.”
4.  They know your location:  And they confirm what they grab whenever you connect to Facebook:  “We receive data from the computer, mobile phone or other device you use to access Facebook. This may include your IP address, location, the type of browser you use, or the pages you visit.”

WORD FOR THE WEEK:
NOTCOM malware.  This is a piece of malware that is downloading on Droid phones when they visit compromised sites.  Be careful!  It may end up prompting you to install a “security update” which could be a red flag.  When in doubt, contact your phone provider.

WEB RESOURCES:

Facebook Memo to Members from Erin Egan, Chief Privacy Officer, Policy:  
https://www.facebook.com/notes/facebook-and-privacy/enhancing-transparency-in-our-data-use-policy/356396711076884

Explanation of Changes:
http://www.facebook.com/note.php?note_id=10151726574510301

Cookies:
https://www.facebook.com/help/?page=176591669064814)

Data Use Policy:
http://www.facebook.com/about/privacy/

Facebook is accepting feedback until May 18, 2012.  You can submit comments by following these links.  Additional languages are available on the Facebook site:

• English (Comment here) (Explanation of changes) (Tracked changes)

• Espanol (Envia tus comentarios) (Explicacion de los cambios)

Protecting Your Internet Identity Book Signing! May 31, 2012

Protecting Your Internet Identity: Are You NAKED Online? authors,Theresa Payton and Ted Claypoole will be holding their official book launch party Thursday May 31, 2012 at 7pm in Charlotte NC!

Come out to pick up your copy of this fabulous book as well as join the authors for book signings and refreshments! Ted and Theresa will also be on hand to answer any questions you might have about internet safety and privacy.

The event will be held at Park Road Book store.

Stay safe and don’t let your identity run around naked online!

Event details:

5/31/12, 7pm

http://www.parkroadbooks.com/event/ted-claypoole-and-theresa-payton-protecting-your-internet-identity-are-you-naked-online 

Park Road Books:

Park Road Shopping Center at the intersection of Park Rd and Woodlawn Rd.

4139 Park Road

Charlotte, NC 28209

Tel: 704-525-9239

Beyond Good Virus Protection

Content also featured May 7, 2012 on North Carolina Military Business Center's blog: http://www.ncmbc.us/blog/. 

Many of you already have great virus protection in place, but that only catches about 1/3 of all the bad stuff out there.

Here are some tips we recommend beyond good virus protection:

The good news is, today's internet browsers can help you fight back the bad guys from infecting your computer.  Remember, no internet security solution is 100% secure.  You still need to be aware and alert when you click on links or give out information.

Your favorite web browser may be able to help you achieve safer surfing.

1.  Settings:  While instructions and features vary, go to your browser's security and privacy settings and tweak those to insure your privacy and safety.
2.  Stay up to date:  Make sure you download software updates for your browser.  When in doubt, download a new version from the company's legitimate web site to make sure you have the latest.
3.  Safe Sites:  Some browsers let you set up the browser so it alerts you when you are visiting a site that is known for suspicious traffic.  McAfee has a tool that you can add into your browser called the "SiteAdvisor" to help you as you surf the net.  You can find the tool at:   www.siteadvisor.com . 

SKYPE privacy flaw? What happened?

We talk to you every week about ways to protect your privacy but sometimes online services providers just don’t see to care.  We just learned that Skype has known about a security bug that shows your IP address, which can let someone track you and your account down to the city level.  How long have they known about it?  According to one group- 18 months!  

What we know so far is that with this hole, someone can see your information and pull the city, country, internet provider and IP address connected to you.  That’s just shy of your GPS coordinates and downright creepy!  Luckily, cyber expert, Theresa Payton, found out about this issue and she has some pointers for us.

WHAT WE KNOW:
1.  A research team from Inria in France and the Polytechnic Institute of New York University tested Skype in November 2010 and found they could track users down to the city they lived in for two weeks.  The reported it to Skype.
2.  They tested the same issue again and the hole was still wide open.
3.  The researchers masked a call to Skype users and hid it from call histories as if they were never there.  The account never had to answer the hidden call for the team to get a packet back of information
4.  The “hidden call” allowed the team to pull information back about the person they called

THE ISSUE:
1.  You can track a person down to within 700 yards based on an IP address
2.  Someone could use this to track you and your whereabouts
3.  For businesses that use this, someone can track your employees’ whereabouts
4.  An IP address is a handy piece to a cybercriminal’s puzzle if they want to hack into your computer or device

WHAT YOU CAN DO:
1.  Complain to Skype, via it’s new owner, Microsoft
2.  Use a Skype alternative such as  iChat or FaceTime, Google Voice and Video Chat, AOL chat and video, Yahoo chat and video, ooVoo, and VoxOx
3.  Keep in mind that these services will have glitches from time to time to track warnings for the product on their site as well as checking in at WBTV.com

WORD FOR THE WEEK:
BO.LT/  Bolt is a new site.  It’s currently invitation only!  Write to WBTV and everyone that responds will get an invitation from Theresa to Bolt.  It’s a new place for you to organize and share things that you like by “bolt”-ing them onto your special bolt page.  You can actually mark and save a page, and according to the site you can save them “forever”.


WEB RESOURCES:

Apple Products for Chat and Video:
http://www.apple.com/macosx/apps/all.html#ichat

Google Products for Chat and Video:
https://www.google.com/chat/video

ooVoo:
www.oovoo.com

VoxOx:
www.voxox.com

AOL Chat and Video:
www.aol.com/av/

Yahoo Chat and Video:
messenger.yahoo.com/

Making Sense of Data in the Cloud

 Notes taken by: Theresa Payton, Fortalice, LLC. Content also covered during WBTV's Protecting Your Cyberturf segment featuring Kristen Miranda and Theresa Payton.  These segments air at ten past five on Wednesdays.

It seems as if we have a scrapbook of our life trapped on our phones, tablets and computers.  Messages from loved ones, important projects, pictures, and videos.  Those moments are irreplaceable.   So, how do you keep a copy of your precious digital files?  


It used to be that we had to remember to do a back up to an external drive or flash drive...but what if you didn’t remember to back up those wedding photos that your friends took and BAM! Computer crashes?  Heartbreaking.  Well now, you almost don’t have to remember.  Cyber Expert, Theresa Payton is here to demystify storing your data on the cloud and offer you tips to keep your data safe and maintain your privacy!


There are several services that start off free and then you pay when you go over a certain amount.  They hope to get you hooked so you’ll use more.  


HOW THEY WORK:
1.  File types:  Check the terms for the service.  Make sure they can handle photos, videos, documents, songs, and other files that you might have
2.  Privacy settings:  Make sure you read the privacy agreement carefully to see if the reason why it is “free” or “low cost” is because they can scan the information you store so they can market to you
3.  Sharing:  Most allow you to log into your files just using a web browser.  Some of the services also let you password protect files, encrypt them, and share them with people based on the settings that you choose


CONSIDERATIONS:
1.  If some of these companies fold up or are bought, it is unclear what might happen to your data so make sure you read the user agreements carefully
2.  If you feel Google already follows you around too much, a product like Google Drive might not be a good choice for you.
3.  These services have had glitches in the past.  Dropbox, for example, had a software glitch last year that allowed people to log into any account without a password for roughly 4 hours before it was fixed


WORD OF THE WEEK:  BROGRAMMING  
A mashup of “bros” + “programming” it is used to describe high tech programmers.  Usually those in the mobile app or social media space creating cool and new technologies.  


WEB RESOURCES:
PC Magazine did a survey of 12 products and you can read their review here:  http://www.pcmag.com/article2/0,2817,2288745,00.asp


The good news is -- There are many services to choose from.  Here is just a short list to review so you can pick what is best for you based on storage options, privacy and security features, and budget.  


Apple Cloud:  http://www.apple.com/icloud/


Google Drive:   https://drive.google.com/start#home


Dropbox:  https://www.dropbox.com/


Microsoft SkyDrive:  https://skydrive.live.com


Jungle Disk:  https://www.jungledisk.com


Amazon Cloud Drive:  https://www.amazon.com/clouddrive/learnmore


Mozy:  http://mozy.com


Carbonite:  www.carbonite.com

WhenSecurity and Privacy Wrestle Who Is the Winner?

Taken from Huffington Post article by: Theresa Payton, Fortalice LLC. 

--Does CISPA win the security battle but lose the privacy war? 

There is a fight going on between security and privacy and it is your personal data and communications at stake.  Many of you might remember hearing about SOPA, PIPA, and ACTA.  You might vaguely remember that on January 18th of this year that websites, such as Google and Wikipedia, looked strange as the web protested these pieces of legislation.  When I talk with companies and individuals they are not sure why SOPA, PIPA, and ACTA are considered “good or bad” and most are not sure what CISPA is all about.  Only a handful knew that it hit the news this week that it is going to be voted on. 

A quick overview is essential to understanding why you need to make sure your voice is heard.    Regardless of whether or not you love the idea or do not like the idea at all, you need to weigh in.  It is an important part of the process to make sure we get the best chance and striking a balance between security and privacy.  

SOPA stands for The Stop Online Piracy Act (SOPA)and is a US bill that was introduced by U.S. Representative Lamar S. Smith (R-TX) to help fight against counterfeit goods and stealing intellectual property.  PIPA is an acronym of an acronoym.  Consider it the nickname for the PROTECT IP Act.  The PROTECT IP stands for Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act.  This was another law designed to help copyright holders to fight back against counterfeiting.  It was introduced  by Senator Patrick Leahy D-VT.  The support for these bills was mixed.  Companies such as Google, Wikipedia, and over 7000 other web sites either changed their site or went offline all day on January 18th to protest SOPA and PIPA. They felt the enforcement of SOPA and PIPA would be too ominous for the internet community.  Both pieces of legislation went on “hold” after the January 18th web protests.

ACTA is an international agreement.  It stands for the Anti-Counterfeiting Trade Agreement and it's goal was to establishing international standards for copyrights and intellectual property rights.  ACTA was signed late 2011 by the U.S. and 7 other countries and the European Union signed it in January.  ACTA has not been fully approved or ratified.  The general public across the globe is unhappy because they feel that ACTA was negotiated in secret and most of the bill or how it will be enforced is not fully known.  Just in the last few months, over 200 cities across Europe protested ACTA.

On the surface, the bills make sense.  Doesn't everyone want to protect against counterfeit goods and fight cybercrime?  The answer is yes, everyone wants the ability to fight crime better.  However, what a lot of companies did not like about the laws was they were holding the website accountable when users posted content that they should not meaning they would take the website offline if users violated copyright laws.  This would make it very challenging for companies like Hulu or YouTube to manage their content which is user-provided.

Now enters CISPA, which stands for the Cybersecurity Intelligence Sharing and Protection Act and was introduced November 2011 in the House.  The bill’s co sponsors are Rep. Mike Rodgers (R-Mich.) and Rep. Dutch Ruppersberger (D-Md.).  According to Mike Rodgers’ website, “H.R. 3523, the Cyber Intelligence Sharing and Protection Act, safeguards U.S. jobs by making it easier to identify and combat cyber threats, which steal over $200 billion in American intellectual property every year.”   The core goal of CISPA is to encourage better and more frequent information sharing.  As most of those in law enforcement and the security industry will tell you, the key to fighting cybercrime is to share the details.  Think of your neighborhood watch program.  By learning about other crimes in the neighborhood, how the criminals got away with their misdeeds, and other important details about the cases helps you be more aware and gives you advice on how to better protect your personal residence.  CISPA creates that same element of a neighborhood watch program.  Information sharing about cybercrimes by the victimized businesses in today’s environment has been an ongoing challenge.  Many businesses are reluctant to be public about being a victim.  Some businesses believe it could spook their customers and cost them future business.  Others think that by showing public weakness that it makes them a target for other attackers.  CISPA hopes to allay these concerns by providing businesses a level of anonymity in reporting.  It also has the backing of industry giants such as Microsoft, AT&T, Time Warner Cable and Facebook.  The Guardian reported last week that 112 members of Congress are supporting the bill. 

The bill begins with, “To provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes.”  So far so good, so where is the battle with privacy?  Privacy advocates and security experts want better information sharing.  The bill goes on to say, “IN GENERAL.—The Director of National Intelligence shall establish procedures to allow elements of the intelligence community to share cyber threat intelligence with private-sector entities and to encourage the sharing of such intelligence.” Read further and the language gets a little vague creating discomfort about how privacy will be protected.
 “CYBER THREAT INTELLIGENCE.—The term ‘cyber threat intelligence’ means information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from—‘‘(A) efforts to degrade, disrupt, or destroy such system or network; or ‘‘(B) theft or misappropriation of private or government information, intellectual property, or personally identifiable information.”  Privacy advocates are concerned with the vagueness found in this part and other subsequent parts of the bill.  It appears that in order to track down the “bad guys” all traffic might be monitored.  That means the innocent would be monitored in order to track down the path of the alleged and the guilty.  As organizations and individuals speak up about the monitoring and tracking, Rogers and Ruppersberger have made adjustments to the bill.  It’s not too late to have your voice heard.  Read the bill for yourself, it is brief compared to other bills. Then decide your point of view.  We would love to hear all opinions on this bill.  You can find the bill at the House of Representatives page under:  http://intelligence.house.gov/hr-3523-bill-and-amendments
 

Theresa is also the co-author of the new book “Protecting Your Internet Identity: Are You Naked Online?” available in bookstores, libraries, and online at Amazon, Barnes and Noble, Books A Million and Google Play.