Common Computer Security Mistakes

There’s no doubt that as our use of the internet grows then so do the risks. Computer based crimes such as identity theft are growing at a staggering rate, with huge criminal gangs all over the world expanding into this area.

Anyone is a potential victim however, there are some simple steps you can take to minimize the risk. This video shows you some of the very basic things you can do to help keep you safe.

If you want to go further, there are of course lots of other measures you can take, the use of VPNs or learn how Smart DNS works to hide your identity too.

The reality is that these very basic, simple steps hugely reduce your changes of becoming a victim. The reason being is that online criminals focus on the various easiest targets, simply by keeping your system up to date and never clicking on links in emails will make you much safer.

Is Smart DNS the VPN Killer?

I first came across Smart DNS about three years ago when it was relatively unknown, the concept was good to hide your real location by just masking specific parts of your connection and routing it through a specific server. The idea being that an intelligent DNS server could just hide your location without rerouting your entire connection. This had numerous benefits including price because only small portions of a connection where routed through a proxy there weren’t huge bandwidth charges to be paid.

Other benefits included speed, again due to your connection being mostly direct with the server you were trying to access. Also configuration was simpler, just change your DNS settings to point to a smart DNS server like this would then allow you to access different sites across a whole host of countries irrespective of your location. This means that suddenly you are not restricted to watching on computers but potentially on any internet device, without the need to support a UK IP proxy, just watch this video.

As you can see if you can access the network settings on a device then you can enable a Smart DNS server. Where as a VPN needs client software to enable it to work either proprietary or from within the devices operating system (such as Windows or linux). Suddenly devices like Roku’s, Smart phones and even Smart TVs can be Smart DNS enabled without a problem. The device itself is irrelevant, only the accessibility of it’s network settings – surely the VPN didn’t stand a chance?

Certainly the VPn is superior in as far as security is concerned simply because Smart DNS simply doesn’t supply any identity protection or encryption, however that’s largely by design to limit costs and improve simplicity. The ability to enable it on any device is also a huge advantage in a world where there are so many ways to access media online. So why hasn’t the Smart DNS application killed off proxies and VPNs?

Well there’s obviously the marketing aspect, the big players in the VPN market are all well established and companies like HMA have a huge internet footprint. Search online for queries on how to watch US netflix or BBC iPlayer then you’ll likely find yourself at a VPN solution provider somewhere on the web. However there is another problem in that Smart DNS is easier to block than a traditional VPN. Earlier this year Smart DNS stopped working on many devices – this article explains more – Broken Smart DNS for Netflix, and indeed explains a fix (albeit a rather technical one).

The problem was that although it’s relatively simple to change the DNS settings on most devices, it’s also very simple to code that an application or device must use a specific DNS server. What happened was anyone trying to access Netflix found that their DNS settings were ignored as the interface used public DNS servers like 8.8.8.8 from Google. This meant that the ‘location switching’ technology from the Smart DNS servers never got chance to work as the servers were ignored. The big media sites obviously started putting pressure on other companies as modifying basic DNS settings on all sorts of devices got harder and harder. The result was that for many people Smart DNS just stopped working for a couple of weeks until there seemed to be something of a pull back. It is surmised that the owners of these public DNS servers like Google were probably not impressed with this huge upsurge in requests for an effectively free service and the providers back tracked.

At the moment Smart DNS works relatively well on most platforms but this could change at any time, Netflix could easily block these through the code in their interface and most expect this to happen. Blocking a VPN is much more difficult though as it well configured service is almost impossible to detect, companies like Hulu have been trying for years. As such VPNs remain the ‘safe choice’ for watching things like BBC iPlayer abroad, as this – if Smart DNS is still working in a year or so then this might change.

Selecting a Fast, Secure VPN Provider

A few years ago, nobody outside the IT department knew what a VPN was and in reality that didn’t really matter.  A Virtual Private Network was of little use to most people and those who did use them, mainly for dialling back into a work email system or document store simply clicked a little button on their taskbar to connect to ‘something’.   Of course over the years this situation has changed completely and now a VPN is an essential internet tool for many people.

So Why is a Fast VPN Important?

Well for those travelling and using the internet, it’s pretty much a necessity unless you’re very careful.  The issue is of course the fact that communication over the internet is basically very secure, even the supposed secure web pages (SSL) can easily be intercepted by someone with the right knowledge.  If you travel the world and spend your time just watching Cat videos on Youtube of course that’s not a big issue.   However the moment you start accessing email, paying bills or logging on to home banking sites or Paypal the whole game changes.  Any time you transmit personal details or login credentials there’s a risk that they can be intercepted.  Although that risk exists on your home network or company, it significantly increases when you use a third party’s wifi connection.

Ask yourself how often you’ve used a Wifi connection in a pub, hotel or cafe to do some transactions like this?  Did you realise that the owner of that wifi access point could easily intercept and steal your logon credentials very easy.   The simple fact is  that you are trusting the owner and any administrators of that access point with all your browsing details.   Ultimately those credentials can be used to make money, your accounts can be accessed, money transferred, goods ordered in your name and a thousand other crimes committed without you knowing anything about it.  Even the owner of the access point might be unaware, if the technology is not locked down and configured correctly any one nearby could login as admin and do the same.

A VPN doesn’t protect you completely but it makes it much, much safer to transmit data over the internet.  Simply because it creates a secure, encrypted tunnel to protect your data while it’s being transmitted.   That means it’s virtually impossible to intercept your data and steal credentials without breaking the encryption (which is not going to happen if the encryption is military grade).

This of course assumes your using a secure VPN server configured correctly run by security trained administrators of course, otherwise it’s just yet another risk.  Here’s a quick video of the VPN I use – it’s called Best VPN USA and it demonstrates my favorite VPN service.

There are a few ‘serious’ VPN services but unfortunately many are just TV watching packages which have no real interest in the security or protecting your credentials. Even where the company is based does have an impact on how secure and confidential the VPN service will be. For instance in Europe there are very strict privacy laws, so not only must your communication be highly secure – the logs and data passing through the VPN are covered too.

In Europe, currently none of the transferred data (including which URLs are visited) must be recorded or stored. Which is good because otherwise your data can sit on a third party server that you have no control over. In Europe the only data that can be recorded is the amount of data that is transferred over the VPN, this can be stored for six months but no longer than 12 months. For example Identity Cloaker store this for only 6 months in order to comply with the laws and then delete it. These details are always under revision though.

None of the free VPN services will delete logs though and your data (and possibly logon credentials will sit on these servers until someone decides to get rid of them). The free VPN pay for the services by inserting ads into your browsing and simply don’t have either the staff or incentive to worry about security.

IP Changer Online – Switching your IP Address Over

It’s a tool that a few years ago, nobody had any use for – after all why would anyone want an IP changer online?  The reality is that the internet of a decade ago was a very different place, and although the internet has expanded over the last few years, so to has the filtering and restrictions that are placed upon it.   Most of us probably realise that internet access in places like Iran and Turkey are not quite as open as in most of the European and North American democracies.  However consider also that German internet surfers for example are blocked from lots of YouTube music sites due to ongoing copyright discussions, or the fact that nobody can watch the wonderful Hulu website from outside the USA.

Everything we do online is increasingly being controlled based on this unique address, before you rush off onto the command prompt or the control panel to modify your address don’t waste your time – it won’t work.  Unfortunately the local IP address that we can change is pretty much irrelevant and has zero impact on your internet experience.   This is because it’s not visible to anyone else anyway so can’t be used to determine your location.  In reality millions of us share identical local addresses – the range of 192.168.1.xx is extremely common being the general default for most network devices to assign to connected devices.

Using an IP Changer Online

So if you can’t change your actual address, how do people bypass these blocks all the time.  We’ve all seen the laptop streaming the BBC in Spanish airports, or watching a film on Hulu in a cafe in London – of course it’s possible.  Here’s a little demonstration of an online IP proxy changer in action –

So as you can see it’s perfectly possible to control your web browsing, not by changing your IP address but hiding the real one.   Which is why you need proxies, vpns and secure servers to act as an intermediary, to buffer your real location and identity from the websites that you visit.  If set up correctly and using very fast servers the process is almost seamless, the server receives your request and forwards it to the web site which replies based on the location of the server’s ip address not yours.   Expand this network to contain servers all across the world and theoretically you’ll never got blocked anywhere again.

It works well for 99% of websites out there, everything from Hulu to BBC can be access from anywhere using a well configured VPN server based in the relevant country.  There are as always exceptions though, some sites in the UK will block any IP ranges which are not from ISPs and data warehouses.   One big Canadian TV site online – CTV, requires you input your Cable account number before accessing so just hiding your location isn’t enough.  These solutions currently work extremely well, however we’ll have to see how the filtering and blocking technology adapts over the years to come.

Over the last few months of 2016, Netflix have developed a new system of blocking the use of online IP changers and VPNs. They are restricting access only to residential IP addresses, that is those assigned primarily to domestic connections from their Internet service providers. This has effectively blocked the vast majority of VPNs from being able to access Netflix. Fortunately some providers like Identity Cloaker have managed to incorporate these ‘residential IP addresses’ into their server infrastructure which means they are not blocked. Others will probably follow, however these IP addresses are in short supply and cost significantly more than commercial addresses so the costs may start to rise.

Further Reading on residential Ips.

Watching the Global News Live Over the Internet

One of the many wonderful things about the internet, is that it gives you the chance to really learn about what’s going on across the world.  Of course, in most democratic nations there are international stories and reports all the time, however these are always in the form of foreign reports and are often sporadic.  After all what’s a huge news story in North America may not even register in Europe and vice-versa, every time you watch a news story unfold on your domestic news service then you see but a single viewpoint.

Of course in some countries that’s better than others – many countries even supposedly democratic ones have a very biased and political news service.  It’s still a very important way of controlling information and political opinion, only the very strongest democracies have a very open news service.  Places like Russia and Turkey will pretend that there news reporting is completely impartial but there’s always Government pressure and control.  In my experience the European and US News services are generally pretty good although you have to be careful with which channel you’re watching there’s plenty of religious and political bias even in these countries.  In fact probably one of the most independent News services in the world is often accused of both ‘left wing’ and ‘right wing’ bias by viewers, although in my opinion it genuinely does try and stay away from any political leanings.

If you’re keen on watching the news from around the world, the BBC is certainly one that should be on your list – this video shows you how to watch the BBC News  live.

The reason that you can’t just watch the BBC from anywhere normally is because like most media services it’s restricted to the domestic market normally. This is presumably due to restrictions based on the license fee which everyone in the UK has to pay to own a TV set, which funds the BBC. However all commercial stations practice the same way with broadcasts only being allowed online for people in the home market. This is usually achieved by a process called geo-location which checks the location of your IP address when you access the site, so a UK IP address is needed for the BBC News and US one for Fox News and so on.

Which is why having some method of switching your IP address is so useful especially for those of us who like to watch the news and to be able to watch it reported from a different perspective. The program I use is called Identity Cloaker and it is the one used in the video above, it allows you to switch between proxies and is effectively a quick IP address changer. This means that from one console I have access to news channels from anywhere in the world, switching from European to North American or even Australian News stations with a simple click of the button.

Where Can I Find a Fast Free VPN – Hola perhaps?

It sounds a reasonable question at first – a fast free vpn, after all this is the internet and there’s always loads of free stuff around.  However there is a problem and if you think about it, then it’s quite obvious.  First of all a quick definition, VPN stands for a Virtual Private Network and although it has rather a wide meaning – basically in the context of this article it’s an encrypted tunnel between two computers across the internet.

One of those computers will be your PC, laptop or tablet – the other will be a specially configured server that manages that connection.  It’s commonly used for secure access, most companies use VPNs to allow remote workers access to their corporate network safely.   This is because it allows them to control access to outside computers and ensures that all data is protected and encrypted.   It’s important the VPN server is securely configured as it is used to relay all the data from a connection.  The speed, security and safety of a VPN is heavily dependent on the VPN server itself – in fact a badly configured server is actually worse than using nothing at all.

hola-botnet

However most individuals use VPNs on their personal computers for different reasons, most commonly to access popular media sites.  Most of the web’s best media sites like BBC iPlayer, Hulu, ITV, HBO and Netflix operate restrictions based on your location.  So to access the BBC online from outside the United Kingdom you’ll need to route your internet connection through a UK based VPN server.  The same principle applies for Hulu, US Netflix or HBO but here you must use a USA based VPN, for German TV a German proxy and so on – which is why so many people are desperate to find them.

So Where Can I find a Fast Free VPN Server

Well the simple answer is you can’t, simply because a fast VPN server costs an awful lot of money to run.  First they need dedicated support staff, high specification hardware and lots of fast bandwidth all of which is very expensive.  SO any ‘free VPN’ you do find will need to make money some way in order to meet these costs.

How do they make money?  Well traditionally most insert adverts into your browsing, which earn them money.  Some insert affiliate links too, typically to places like Amazon where they can earn commission if you click through and buy something.  However there are more sinister ways to make money too, and a perfect but disturbing example has come from Hola – a free VPN/proxy service with something like 45 million users.

What they have done is to basically use the connections of all ‘free’ users of their software in a private ‘botnet’.   Any user is essentially a node on their own private network, where internet traffic can be relayed through their internet connections.   These connections are resold on a private security network called Illuminati where users can pay to hide their real location.  Which effectively means Hola users could be relaying all sort of illegal activity through their home computers, which can be tracked back to them.

Using Hola is like installing a virus or malware on your own computer.  Not only are they stealing your bandwidth but you could very well be relaying all sorts of illegal traffic through your home PC.

There is no such thing as a Free VPN server and if you’re using Hola you should remove it now !!

Source: http://www.theninjaproxy.org/just-interesting/no-such-thing-as-a-free-vpn-the-hola-price/

UK TV Reference: http://uktv-online.com/ 

Search Engine Manipulation

One of the most annoying instances of where web sites customize your experience is when using the search engines.  Most of the time it works quite well – here’s the basic sequence :

  • The user loads up a search engine page
  • Search engine checks your IP address
  • Search engine looks up the physical location of that address
  • Search engine customizes your search results based on your location.

So in practical terms it means that when you type in ‘cheap carpets’ in your search engine, you don’t receive a selection of carpet shops from across the world.  Google (or other search engine) will assume that you want someone who sells carpets in your location – which is usually quite right.  The chances are that most similar searches would be looking for someone local to your current location.  You can skew the results of course, by modifying your search string – perhaps change to ‘cheap carpets Paris’ if you want to pick something up on a weekend away in the French capital but it does become some what of a guessing game.

There are times though when you wish you could turn off this personalization, times when it actually comes up with completely the wrong search results.   For instance if I was in a Spanish airport travelling home, and I tried to search for a taxi firm to transfer me home when I returned.  My ‘taxi’ searches would all focus on Spanish results simply because I was in Spain while searching, none of  the search engines are smart enough to  go one step further and assess my current situation properly.  Which is why we have to append other descriptive terms such as ‘UK’, ‘Manchester’ or ‘England’ to ensure we don’t receive Spanish based results.

This is of course a fairly simple situation to rectify, but it’s not always that straight forward.  Take my current situation, I want to take my family to the West Coast of USA next year and I’d been told there are lots of great local tour firms based in the USA that will take you around the sites.  However if I type in local tours West USA – all my results are focused on my current location – i.e the United Kingdom.

withoutamericanipaddress

Here’s what I get in my search, (click to enlarge) – as you can see all the results are UK companies offering tours of the West Coast of the USA.   Even though I’m looking for a service physically located in the USA, the search engine will give me results of companies who are based in the UK.

Do you see the problem ?  I can’t find those local companies specializing in US tours easily, all I get is big UK companies who probably buy in those trips and resell to people in the United Kingdom (presumably with a significant mark up in price too!).  I’ll have to play around with search terms and delve into the later pages of my search results to have any hope of finding a local US company who doesn’t have offices and websites in the United Kingdom

Simply speaking Google in this situation doesn’t deliver what I want, it delivers a simplified, commercial based set of results.   The only way I can modify this is by hiding my real location by using an online IP changer  and then redoing the search.  Here’s a quick video on how you can get an American IP address –

Using this program I am able to give myself an American IP address instead of a UK one. So lets repeat exactly the same search and see what results I get –
withusipaddress Here you can see that I get a completely different set of results to my previous search, all US based companies offering pretty much the same tours but often at much lower prices.

None of these web sites are US only, they are all happy to attract customers from all over the world – it’s just that mostly people can’t find them because of the way that the search engines personalise your search results. Unfortunately, to bypass these blocks you need to take control of your IP address, here’s another video called best VPN USA which demonstrates using a Virtual Private Network connection routed through the US to achieve the same results.

Turkish Implement Twitter Block

The Turkish block of Twitter this week, is such ill conceived madness that it sometimes is hard to comprehend that these guys are politicians who are supposed to understand people.  When they follow the example of dictators like Hosni Mubarak in Egypt and decide the best way to stop people saying bad things about you it to try and stop them talking completely – true genius.

It’s not even as if Turkey has the first idea about how to block access, they’ve been actively filtering the internet for years now and there still using the baby/first steps blocking  technique.  Look around certain places in Istanbul and Izmir for example and you’ll see posters of Erdogan with DNS server addresses pasted all over them.  That’s how the country is blocking the site by rerouting DNS requests, so by switching to another of the many millions of DNS servers available across the planet you can bypass the blocks.

In fact  there are many ways to completely sidestep these restrictions and when you’re Prime Minister has threatened to crush the social networking sites and demonstrate the power of the Turkish Republic, you really need to come up with something better than a very amateurish attempt like this.  In fact it’s looking like Twitter use in Turkey is rocketing after the ban has been implemented – circa 17,000 Tweets from Turkey every minute at time of writing.  I’m afraid it doesn’t make Erdogan look strong or powerful, more like clueless and inept.

Here’s one the many ways you can bypass the Turkish ban on Twitter –

The more the numbers spiral out of control, the more ineffective both the ban looks and also how powerless the leader who implemented it appears.  It also adds your name to the list of others who have attempted to do the same,  hugely successful leaders in places like Iran, Iraz, Egypt, Syria and North Korea.  Of course when we say leaders, the list is actually one of dictators, democratically elected people don’t generally try and repress free speech.  It is widely expected that the Prime Minister is intending to continue his tirade against these sites, so you may need a Facebook unblocker in Turkey as well soon.

The block will only really affect people who don’t use Twitter anyway, and have no real desire to use one of the workaround or use a Turkish Proxy.  Although human nature being what it is, probably many will suddenly sign on to see what they’re not supposed to see.  Many think this could be the beginning of the end for Erdogan, not only has he attempted to repress talk of corruption but he’s done it badly – making himself look completely impotent and powerless in the process.   He also is starting to look as guilty of hell with his rantings of moral outrage at the evil forces of erm Twitter and Facebook.  A great country, with fantastic friendly people for the moment stuck with a dodgy, shifty leader – they deserve better.  Especially  Berkin Elvan, the young boy killed by the Turkish security services firing on protesters, whilst he went to buy bread.

Bah Malware Attacks – This time it’s Cryptolocker

A few practical precautions can help minimise the possibilities of a CryptoLocker attack. What exactly are our top tips?

Don’t leave it linked to your own PC if you’re not backing up, if you are using an external hard drive. If you’re uncertain check with your own supplier.

— Create files within the Cloud and upload photographs to on-line accounts like Flickr or Picasa (although NSA and MI5 will copy all your stuff!)

— Change to your spam- and virus filtered email service. (It also doesn’t enable you to really send them).

— Do not go to on-line porn sites, which are generally the source of many malware downloads. When clicking on adverts; never open Twitter website links and attachments from those that you do not understand or trust take care. Heh but really this is the internet – go find porn, it’s fine 😉

– – Install the most recent versions of upgrade addons and the internet browsers including Java and Adobe Flash.

— Get reputable antivirus software and make certain you update it often.

— Act fast. Bear in mind it’s likely to take a little time for the encryption to occur, should you inadvertently download a dodgy attachment. Before all of your files are encrypted should you instantly download and run an antivirus programme, like the complimentary antivirus toolkit available from Sophos, it might destroy the CryptoLocker – nevertheless, you’ll forever lose affected files.

— Encrypt the files you specially need to stay private, including records including your passwords or private information, to prevent criminals from reading what is in them. Read this useful “Ask Jack” post to the Guardian technology site to discover more about encrypting your files.