Privacy Blog

I must confess that until now I used, as anti-virus solution such free products as Avira AntiVir or Comodo Antivirus. Of course I knew that in comparison to commercial versions they are not so reliable, especially when it comes to 0-Day Viruses, but I was also of the opinion that the prices for the most popular security solutions are too high. But because the number of viruses and Trojans, especially in recent years is growing exponentially, I decided to purchase a commercial security solution.

hard choice:
This segment of the market is not really new, and the number of software developers with the appropriate security solutions, is not small. But because not only the price but especially the performance played a major role for me, I limited my search to 3 major software developers. As possible candidates were only Eset, Kaspersky and checkpoint.
Checkpoint is primarily known through the ZoneAlarm firewall. Checkpoint uses the Kaspersky engine as anti-virus protection. In practice this works worse than the own product of Kaspersky - Kaspersky Antivirus. My friend was able to feel it on his own. His computer was infected with a Trojan horse. He had Zone Alarm Security Suite installed, but could not remove the Trojan from his system. After the installation of Kaspersky antivirus the problem was solved.
The solution of Eset Security (Nod antivirus + firewall) is very good and fast. Eset also offers a discount for students. Interesting … I thought. But, when I compared the prices of Kaspersky Internet Security 2009 and Eset Security Solution, I came to the conclusion that it is sensible to buy the software of Kaspersky. It is so that a 3 PC license of Kaspersky Internet Security 2009 costs about 43 Euro at Amazon and if you have 2 friends, who also interested in a license, you can share costs among you and your friends. The result price will be 14.40 € per year for the first year. The renewal of the license costs cheaper, namely € 32. It is only € 10.70 per year. This price was OK for me and my friends.

There is the case of the screaming injustice happened recently for a joung man in the U.S., who published a short video on YouTube, where he was dancing to one of the copyright protected music title. The music was played in the background and was hardly to heard. Nevertheless, he got promptly a warning from the music industry. I believe that such behavior approach on the edge of the nonsense borders. Especially because the music was very quietly, and very short. The video was only 30 seconds long.
Fortunately the parents of the boy were not scared and decided to fight back. They were able to defend their rights and are ready to sue the music industry. As the mother of the boy says, she has really nothing to lose and she is supported by Electronic Frontier Foundation (EFF).
We can only hope that the courts take a wise decision to ensure the security of citizens from exploitation by profit sue-industry.
I believe that the music industry did not undertand that the sue of its own customers is a very bad idea. If you forward the own customers into prisons, you will have always falling sales, because you will lose you customers.

“Online shop for fraudsters” is a very interesting article about modern development of Internet crime, published today in the Spiegel.
The article is about that the cyber crime is already at industrial level. According to Spiegel, there are online shops, where potential fraudsters have a possibility to buy the stolen data for quite symbolic sum. Some vendors offer some kind of warriantee, so if the data are not up to date any more, they would replace it.
Apart from the theft of data in the Internet is often practiced so-called skimming. When skimming the fraudsters steal the data of bank customers by using special devices that manipulate ATMs. Those deviced will be attached to an ATM. It is a specific machine card reader that is hard to detect. These devices allow a fraudster to read and copy all cards in the ATMs. The pure copy (clone) an EC is not enough for the bank card fraudsters. He must also get the PIN. This will be done often with the help of a hidden video camera.
In most cases, the stolen money will be refunded by the bank, but not always. Especially you get to feel the problem when your EC-card information is stolen and then somebody steals your money.
This issue is highly topical. I therefore would like to point out how important it is to protect private data. Be it on the Internet or in private life.

When I read this message, I could not imagine that it is possible that a commercial organization like Microsoft, make backdoors in its own software, and offers programs to crack the system. They claim that the spy software is only for the government investigators, but I am 100% sure that at the time of no more than a few months, this software will be going into the wrong hands. The P2P-Software, as well as relevant underground sites will distribute it for free to everyone. And I currently see no way how to resolve the problem, unless you encrypt the entire of your disk with TrueCrypt.
Incidentally, I tried the tool already on my hard drive. I encrypted completely. I choose, as recommended a password that is longer then 20 characters, with special characters, small and large letters and numbers. Of course I don’t saved the password and created the rescue disk only as an image. It makes no sense to keep such things because of security reasons. Not that I have some special to hide, I’m just a technology freak and that’s why I do this.
Well, after a few days I forgot my password …
Actually, I thought, I have no other choice but to format the hard disk and forget about my photos (most important thing I save on the disk). I decided to wait some time with the formatting, a decision correct, because after a few weeks, I remembered my password. I noticed me a crib, so I can not forget the password, but I forgot the order of large and small letters in it.
Yesterday, when I read the above message, I thought to encrypt the hard disk of my notebook. This time I decided to wait and backup my data, before I beginn with the encryption.
The other possibility to avoid this security problem is more radically. We should switch to Linux. This decision is for some people even more difficult to take because the skills are simply not there and it is still often happens that we need specific software. This applies as for companies, as well as for individual users. WINE The project makes great progress already, but it will be very difficult for the developers, to make the project always up to date. As an example, I cantake the Photoshop. I have a student license for Photoshop CS3 acquired WINE supports only the previous version of Photoshop - CS2. The individual plug-ins that I have with Photoshop using, I can simply forget.
The final is - Microsoft made a real problem, both for customers, as well as for their own image. There is now any perfect solution for this security problem at this time.

Yesterday I read some interesting story about Russian hackers that developed a Trojan horse for attacking consumers of German banks. This software modifies the source code of bank site in browser so that if the consumer tries to make a transaction, he receives an error. The error message tells that the TAN that consumer just entered is not valid and he must try again.

After that the transaction will be executed without any problems. But the first TAN that was “not valid” will be transferred to criminal.

This “security leak” was already closed, but I thought that it’s the right time to change my online banking with TAN-method into mTAN. I entered my mobile phone number and approved it. Than I had 2 possibilities, I could print the order and send it via fax, or I could call a special number and approve my order at this way. I don’t have any fax, that’s why I decided to call the number. At telephone I was prompted to enter my bank account number and PIN and after that I was informed that I could not be validated and the once way that I can activate mTan is to print the order and send it via post.

Is it accident? I hope that the hackers are not able (yet) to trick a service number of the banks :))

I think that “security” is one of the most important themes in the internet. That’s why I permanent try to refresh and make my knowledge better. I use different sources such as HowTo’s, tutorials and more serious sources like books. The last book that I bought for this reason is “Hacking Exposed. Network Security Secrets and Solutions”

This book is really good. If you seeking knowledge, how to protect your system, this book is for you.

RFID (Radio Frequency Identification) is a technology for detection and location of objects via radio communication.

In the past this technology was used by military for detection and recognizing of own and enemy troops.

Now it will be used not only by army. Modern retail security systems in the super marks and other shops are based on the RFID technology.

The criticism of RFID grows parallel with the increasing of RFID expansion on the civil market.

The data protection specialists warn that consumer in future will not be able to control the data transfer of RFID.

There is a danger that RFID will be transformed in some kind of “tracking cookie” in real world.

I think that it is impossible to stop this transformation, because of great interest of the big companies on it. But I think that in future we will able to buy special devices that will be able to detect and destroy RFID chips.

I often hear from some people that antivirus software is not needed if you have some experience with web. They say, they worked in internet without any antivirus software and their computers were clean.

I can say only that those statements are very dangerous. An antivirus software is a “must have” feature for all of us.

I remember the time, when my computer was infected with a virus at the first time. The name of the virus was “Kaczor”. It blocked my system completely. I solved this problem with Help of Dr.Web antivirus CD very quickly.

The aim of the modern viruses is not the destroying of the data. The most of badware is programmed to get access to your system and steal personal data, such as passwords for online banking, eBay and PayPal accounts or to configure your computer for using it for internet attacks (DoS) in “bot network”.

That’s why it is not recommended, not to use the antivirus software.

The best of antivirus programs that I know is NOD, Norton Antivirus and Kaspersky. I use Kaspersky, because it detects 98% of all viruses and Trojan horses.

Most of the routers that will be sold nowadays have hardware based firewalls. These firewalls offer a basic security for home users, but often they have only a few configuration options, because of “usability” problems.

That’s why it is sometimes needed to install a software firewall. The software firewalls offer many configuration options, most of them are able to monitor system activities and software components. They can monitor single programs and their components and detect the changes in behaviour and code of them.

The best software firewalls that I know are Zone Alarm Pro and Outpost Firewall Pro.

Cookie is a small text file, which will be created by a web server and saved on client during visiting a web site.

For example a cookie will be created if you log in, in some board. It is needed, to identify you as user on this board. That’s why, a cookie is very useful.

But the tracking-cookies are not only not useful, but potentially unsafe too. Those cookies will be oft used to collect private information about user behaviour in the internet.

There are many methods to protect yourself from this kind of spyware. You can disable the accepting of cookies in the browser. But if you do it, you will be not able to log in into several web sites.

The other thing that you can do is to install some anti spyware tools that will protect your computer from stealing of the data. The most of anty spyware tools can detect “bad” cookies and delete it. Some of them are able to do this “on the fly”.

Some of the best tools are Lavasoft Ad-Aware and Spybot Search & Destroy. These programs work very well and are free.