Don’t steal my information

It’s important to take the precautions to protect you and your products from information theft these days, because it’s getting easier and easier for people to share digital products.  Information theft is a type of computer security risk and it’s defined as stealing an individual’s personal or confidential information.  When this is stolen this can cause as much damage, or possibly more then hardware or software theft.

Business or home users are both at risk of information theft. One example is a malicious individual stealing credit cards so they can make unauthorized purchases on another person’s account. If information is transmitted over a network then it has a very high chance for malicious users to intercept the information. Every computer in the path of your data can see what you send, and they can also see what you send.  A lot of companies try to stop information from being stolen by applying some user identification and authentication controls. These constraints are best for protecting computers along a company’s premise. However, to protect information on the Internet and on networks, companies use a handful of encryption methods.

Encryption refers to the process of converting data into an unreadable form. One type of encryption software is Obfuscated code which is a programming language that is extremely hard to read. Encrypted data is like any other data because you can send it through a lot of options, but to read it you must decrypt or decipher it into a more readable form. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as ciphertext.  To encrypt information, the programmer converts the plaintext into ciphertext using some type of encryption key. An encryption key is the programmed formula that the person who receives the data uses to decrypt the ciphertext.

There are a variety of encryption or algorithm methods. However, with an encryption key formula, you will be using more then one of these techniques.  Some business use available software, while others develop their own. When an individual send information online such as through an email for example, they will never know who might intercept it, or to whom it could possibly be forwarded to.  That’s why it’s not such a good idea to send confidential information online. However, an individual can help protect themselves by encrypting the information, or signing it digitally. Some very popular email encryption software is known as Pretty Good Piracy (PGP) and Centurion Soft Secure Protection.

Pretty Good Piracy is known as freeware, which means that individuals can use it for their personal needs but not for commercial purposes. You can download this for no cost. A digital signature is a type of encrypted code that a individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be.  The code will most likely consist of the user name and a hash of usually part of the message. A hash is a type of mathematical formula that generates content from a specific message, so it is different from a message. The recipient will have to generate a new hash from the received message and compares it from the one with the digital signature to make sure that they match appropriately. The main purpose behind using digital signatures is to make sure that it’s not a deceiver participating in the transaction. So, digital signatures help narrow down e-mail scams. A digital signature can also make sure that contents of a message have not been changed. A lot of web browsers use encryption that is regarded as 40 bit encryption, and this is a very low level. A variety of browsers also offer 128 bit encryption which has a higher level of protection because the encryption key is longer.  Some important places that require extremely hire security like banks, and online retailers needs at least 128-bit encryption. A website that successfully uses encryption methods to secure information is known as a secure site.  A secure site uses digital certificate with security protocol.  The two most popular security protocols are secure sockets layer, and secure HTTP.

A digital certificate is a notice that verifies that a user or a website is for real or not a scam. A lot of ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates.  There are several of websites that offer a digital certificate. Some popular ones are Verisign http://www.verisign.com/, Godaddy www.godaddy.com, Digicert http://www.digicert.com/, and Thawte http://www.thawte.com/.

The digital certificate will usually contain information such as the username and the serial number of the certificate. By the way, the information in the digital certificate is also encrypted. Next, the Secure Sockets Layer (SSL) provides encryption of every detail that passes between a server and a client.  SSL also requires the client to have a digital certificate, so the web browser can communicate securely with the client.  The web pages that use SSL will usually begin with https as opposed to http. SSL is available in 40 and 128-bit encryption. Secured HTTP (S-HTTP) allows individuals to choose encryption for data that pass through a client and a server.  When using S-HTTP, the client and the server must have a digital certificate.  This makes S-HTTP more difficult to use then SSL, but on the other hand, it is more secured. Companies that have to use verify a client such as online banking companies use S-HTTP.

Also, mobile users can also access computer networks through a virtual private network. When mobile users successfully logon to a main office using some type of standard Internet connection, a virtual private network (VPN) allows the mobile user to secure the connection.  VPNs encrypt data as it passes from a notebook computer or any other mobile device so it won’t be intercepted.  Regardless of your security method, I will highly recommend using the most powerful safeguard which is a backup. It prevents data loss from several of sources such as system failure for one.  A backup is simply a backup of a file, program, or desk that can be used in place of the original if its loss, destroyed, or corrupted.  If the files are destroyed, then you can replace them by restoring it, which copies the backed up files into their original position in the computer.

 

 

Advertisements

Lower the costs of your software, loose the pirates stealing it.

The entertainment industry disagrees with the studies saying that the more legitimate content there is available, at a reasonable price, the less likely people are to pirate.

AFACT (Australia’s Federation Against Copyright Theft) claimed that people won’t stop to illegally download copyrighted content even if they have local, legal access to the same content. The movie industry group claimed that piracy was inevitable and therefore the country needed to change the law to discourage it. The suggestions were that people may be drawn to piracy if films or TV shows screened later in the country than in the US. A good example to prove this was popular TV series Game of Thrones, which was heavily pirated in Australia.

The matter is that the consumers no longer want to wait for the show to air a week after the United States, and the anti-piracy outfit believed it unreasonable that pirates were unwilling to wait. It was claimed that there were legitimate services, and discussions around further availability; however, content pirates would be still engaged in unauthorized downloading as it’s free.

One of the unreleased researches commissioned by the Intellectual Property Awareness Foundation (IPAF) revealed that 86% of persistent infringers and 74% of casual infringers pirated because of cost. Over 75% of them knew about legitimate downloading services.

It seems that the cost of legal content is the main issue in places with low salaries where the cost of the product isn’t adjusted. Meanwhile, IPAF supports AFACT and the federation’s American sponsor, the MPAA, on its board of members among other copyright owners. That’s the people consistently overstating the cost of piracy to business.

Anti-piracy outfit argued that the legislation hadn’t kept up with the rapid cycle of technological change. Although a lot of people might agree with that, the argument of the entertainment industry that governments should lock up people on the flimsiest of evidence without making any changes to its business model is bogus as well.

However, the studios are recommended to release popular programs worldwide at the same time instead of releasing them in different places. If this is impossible, the industry should accept that the content will be pirated. In addition, instead of releasing material at a single price it needs to look at regional pricing and manage it with language dubbing.

Anti-Sharing Law will be Rejected

The Office of Management and Budget published an email saying that if the new anti-piracy law known as CISPA reaches the president’s desk in its nowadays form, his senior advisors will recommend him to veto the bill.

The email says that the proposed bill should address critical infrastructure vulnerabilities without having to sacrifice the human rights of the citizens, particularly when the country is facing challenges to economic well-being and national security. Although the Administration of the President wants to engage with the Congress to enact cybersecurity law to tackle these critical issues, if CISPA were presented to the President, his senior advisors would recommend that he veto it.

There are many reasons why the office opposes the suggested legislation, like the bill “significantly departing from long-standing efforts to treat the web as civilian sphere”. In response, the creators of the legislation explained that the recent revisions take into account each criticism levelled by the Administration, especially those about privacy and civil liberties of people.

The legislation is set for a vote before the House of Representatives. Meanwhile, the EFF pointed out that Rep. Rogers is convinced that the CISPA is an information “sharing” law. Although this may sound innocent, the truth is that the bill itself is a surveillance bill as well. Indeed, its provisions allow private companies to monitor network traffic and stored information (like private e-mails) with no oversight or legal accountability.

Moreover, the legislation creates expansive legal immunity, making outfits and the government largely unaccountable to users. So, the law will grant surveillance power to private entities, bypassing the existing rights to sue under other laws. This means that if CISPA passes, the organizations will lose their legal right to protect your privacy, like federal or state privacy laws keeping them from sharing sensitive personal data.

An amendment was proposed to file lawsuits against the federal government if it violates some restrictions on the use of the obtained information, bit in practice it’s meaningless. In fact, it only allows a lawsuit if brought within 2 years of the date of the violation and exempts all information received by the government from the Freedom of Information Act.