Net Safety PH

Cloud has been the buzz for several couple of years now. Cloud server, distributed networking, automatic redundancy, and all the other stuff promoted with the adoption of "Cloud." But there really is no cloud. To us, it's just a marketing lingo. The underlying technologies used to implement "cloud" has been there for a long time, they are system administrator and network engineer domain technologies. To us, the cloud is just another rack of servers managed by someone else. To us, it's just somebody else's computer.

Just the other day, we posted Attack Example - Phishing - SMS Based - Smishing and yesterday someone in Cagayan de Oro using facebook alerted people of a Scam Modus Operandi (M.O.) Do we think it's a scam? Yes it is.

Many of us don't know the standards used in implementing the complex communication technologies that enables us today. Many of us do not know or even care about encryption or its use. We may not even know about the groups or companies that fight or go against governments to ensure that people have their right to privacy. Some will say that what you don't know can't hurt you but that is more often false. Just because you don't know gravity exists doesn't make gravity harmless. Just because you don't know fire burns mean you won't be burnt. Just because you don't know that effects of a hacking vulnerability doesn't mean you won't be hacked or be affected by it.

What exactly is Phishing? It smells fishy, sounds like fishing, and it is exactly fishing. Knowing how social Filipinos are, almost everyone doesn't like being late in knowing who's an item in the office or who likes who, or what successful neighbors are doing to be successful. And so, we non-chalantly fish for information about it. That is exactly the core function of Phishing. It is to gather Personally Identifiable Information (PII) or information which can be used to identify individuals.

The only thing constant in this world is change and common sense is actually not common.

Last March 21, 2017 - Turkish Crime Family on twitter issued a warning that 200 Million iCloud accounts will be factory reset on April 7, 2017 . By 4:02am of March 22, it reported on twitter that the number of accounts has grown to 627M. They are currently improving their infrastructure to be able to effectively cause the maximum damage it can do. The amount of 75,000 USD was initially reported to be the price for them to back-off or cancel their attack but has since refuted those reports.

Let's say that one day you needed to hire a househelp. You go through the process of having that person apply for legal documentation and clearances. The person dutifully submits them in due time and come interview period, the person passed the rigorous entry process you setup. You offered and actually agreed in contract the roles the person have to do for a compensation. Then what? Do you give the person all the keys to the doors in your house?

What exactly is Flash and why do I need to uninstall it? Flash has in the past years provided a lot of visual treat that wasn't entirely possible with other web tools or technology. For web developers back then using Flash also meant that they are at the top of their game. Unfortunately, as its use and adoption became very common, it also meant that it's a very good attack surface for malicious software or malware. Indeed it was and still is since it also became web page's video player of choice. It became so because it was a commonly installed plugin in most computers and the competing technologies weren't able to match its ubiquity or "common-ness."

Does Associations, Certifications, or Organizations in general add value to our self, work, or advocacy? The answer is never simple.

Did you know that there is a worldwide association focused on inspiring a safe and secure cyber world?

Did you know that there is a worldwide organization or agency working across relevant sectors towards the betterment of information and communication technologies?

ClickJacking and Spoofing Attack Example - Trusted User Interface attack. It used to be that the most common operating system and browser being targeted for this kind of attack is Windows and IE. The underlying reason was that Windows has more users and Internet Explorer was basically File Explorer having a different user interface. Today, the attack surface is wider and much more complicated to notice. The screenshot posted here is a combination of a User Interface (UI) spoofing from a ClickJack.

You may be wondering if we are keeping abreast with the issues about Internet Safety or not. We want to assure you that we are. Please stay tuned as we are reading as much as we can to be able to do a write-up about it. - xxx -

If you followed our blog, you already know how to utilize and ensure your Facebook data is not collected by third-party (apps) systems. If not, do read Securing Your Data in Facebook - SocMed Privacy Best Practices - Part 1 to make sure you are getting the most out of Facebook's privacy tools and understand the underlying motivation for the settings, practice, and habit. Practice or habit which needs to be applied all through your Social Media (SocMed) accounts. As a quick recap, here's the summary and link to the how-to:

To the truly paranoid, the only way to protect your data against being siphoned or collected by anyone is not to have your data posted online at all. Unfortunately, it feels and looks impossible in this day and age. People have an unfounded fear of missing out on what is going on online. As such, the next best thing we can do is be constantly made aware of best practices for each social media (SocMed) platform on how to minimize possible data collection from parties you do not want to have anything to do with. Data analysis on the other hand is impossible for the specific platform you are on. Why? because most platforms explicitly indicated in their Terms of Use that they can and will do so, once you sign up and use their platform. That said, let's tackle Facebook and the next best thing everyone can do while they are using it.

There are many myths surrounding Internet Safety and we'll be talking about them as a series of articles to dispel it. All in hopes to help bring in better internet usage habits for every Filipino. First an overview and later on, a separate article for each of the myths.

Do you ever wonder what Social Media (SocMed) companies get out of letting you use functionality of a system that is continually being worked-on and improved upon by employing paid professionals? Do you want to know the answer? If the service is free and is not selling you any product, then their product is most likely you or your data. Yes, it's that simple. We encourage you to take some time to review Facebook's Terms of Service in the screenshot on the right and on their page - https://www.facebook.com/terms.php

This post is part of the Privacy Tools series that we will have on this network. And this post's focus will be about the Chrome Web Browser. What allows us to have Privacy Tools in Chrome is what it calls Browser Extensions. What exactly is an extension?

This post is part of the Privacy Tools series that we will have on this network. And this post's focus will be about the Firefox Web Browser. What allows us to have Privacy Tools in Firefox is what it calls Browser Add-ons. What exactly is an add-on?

There are many Threats to Internet Safety for Filipinos and our government have long started passing laws that would enable us to counter the effects, prevent it from happening, and be made aware of its consequence. Let's start by understanding the official and legal definitions of these threats. Among them are: Cyberbullying, Online Scam, Online Libel, Identity Theft, and Photo & Video Voyeurism

There is more than enough resource and personal experience why most of us whose work revolves around having internet access can conclude that the internet is not safe. Why then is there a need for a separate Internet Safety advocacy network specifically tailored to the Philippine market? Well, the answer is both simple and complicated.