People who don’t want to pay for Netflix services can buy stolen log-in credentials on the black market for rock-bottom prices, Symantec reports.
The online security company said it found advertisements and software aimed at cheapskate streamers, though it didn’t mention the names of the shady sites and forums.
Netflix Logins For Sale. The ads, which show Netflix logins for sale for as little as a quarter each, proudly display guarantees of “freshly cracked” accounts. They also ask their “customers” not to spoil the fun by changing passwords or messing with payments, either of which would alert the paying user to the fact that their account has been breached.
It is, of course, illegal — these are stolen accounts, gathered through nefarious means like malware and phishing. But since Netflix takes a laissez-faire approach to sharing accounts, paying users could easily be watching shows at the same time as someone who bought their login for a quarter on the Dark Web.
Netflix CEO Reed Hastings has said in the past that he doesn’t consider password sharing a big problem, and as long as the user base keeps growing (the service just passed 65 million subscribers globally), this common practice is likely to stay that way
Sharing your Netflix log-in? Turns out you might not be the only one who lets a friend or family member log into your Netflix account. In fact, if you don’t, you’re in the minority, according to a poll of over 5,000 Netflix users conducted by Global Web Index.
Only 35 percent of users claimed to be the sole user of the account — 30 percent shared it with one other person, 16 percent with two people, and 19 percent shared it with three or more.
Netflix has plans that permit multiple streams to multiple screens at once, which means they’re fine with accounts being shared to a certain degree. Two spouses and a kid watching a movie shouldn’t require three accounts, of course — but spreading the login among four or five friends might be something the company would like to stop.
Could your account be on one of these lists? It’s hard to say, but one easy way to check is to look at your recently watched shows. If you see a lot you don’t recognize and don’t seem like your style (or that of anyone you share with), you might want to change your password. That simple action will immediately stop your account from being used by others without your permission.
The “Internet of Things” security is badly broken and getting worse. The Shodan search engine is only the latest reminder of why we need to fix IoT security.
Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams.
The feed includes images of marijuana plantations, back rooms of banks, infants and children in their homes, kitchens, living rooms, garages, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores. The cameras are vulnerable because they use the Real Time Streaming Protocol (RTSP, port 554) to share video but have no password authentication in place. Shodan crawls the Internet at random looking for IP addresses with open ports. If an open port lacks authentication and streams a video feed, the new script takes a snap and moves on.
While the privacy implications here are obvious, Shodan’s new image feed also highlights the dismal state of IoT security, and raises questions about what we are going to do to fix the problem.
Of course insecure webcams are not exactly a new thing. The last several years have seen report after report hammer home the point. In 2013, the FTC sanctioned webcam manufacturer TRENDnet for exposing “the private lives of hundreds of consumers to public viewing on the Internet.” Today it’s estimated that there are now millions of such insecure webcams connected and easily discoverable with Shodan. That number will only continue to grow.
So why are things getting worse and not better? Webcam manufacturers are in a race to gain market share. Consumers do not perceive value in security and privacy and have not shown a willingness to pay for such things. As a result, webcam manufacturers slash costs to maximize their profit, often on narrow margins. Many webcams now sell for as little as $20.
The problem: Consumers are saying we’re not supposed to know anything about this cybersecurity stuff and the manufacturers don’t want to lift a finger to help users because it costs them money.
If consumers were making an informed decision and that informed decision affected no one but themselves, perhaps we could let the matter rest. But neither of those conditions are true. Most consumers fail to appreciate the consequences of purchasing insecure IoT devices. Worse, such a quantity of insecure devices makes the Internet less secure for everyone. What botnet will use vulnerable webcams to launch DDoS attacks? What malware will use insecure webcams to infect smart homes? You may remember in November the story about a 2008-era malware – Conficker.B affects police body cams in 2015, it threatens not just the reliability of recorded police activity but also serves as a transmission vector to attack other devices.
The bigger picture here is not just personal privacy, but the security of IoT devices. As we expand that connectivity, when we get into systems that affect public safety and human life—medical devices, the automotive space, critical infrastructure—the consequences of failure are higher than something as shocking as a Shodan webcam peering into the baby’s crib.
FTC to the Rescue? When it comes to strong-arming manufacturers, government entities like the US Federal Trade Commission (FTC) may be able to help. Maneesha Mithal, associate director of the FTC’s division of privacy and identity protection, was quick to mention several examples where the organization went after at-fault companies. In recent years according to Mithal, the FTC has prosecuted more than 50 cases against companies that did not reasonably secure their networks, products, or services.
The FTC takes action against companies engaged in deceptive or unfair business practices, she explained. That includes IoT manufacturers who fail to take reasonable measures to secure their devices.
In addition to the enforcement action against TRENDnet, the FTC also issued security best practices for IoT manufacturers back in January 2015, urging them to build in security at the design phase rather than bolting it on as an afterthought. These practices could be a “defense-in-depth” strategy to mitigate risks, pushing security patches to connected devices for the duration of the product life cycle, and so on.
As consumers of IoT products it’s our responsibility to learn about the individual security and password settings for the devices we use and secure them to the best of our ability. Just don’t rely on the manufacturer to protect you – they probably won’t.
NORAD celebrates 60 years tracking Santa
The North American Aerospace Defense Command is celebrating the 60th Anniversary of tracking Santa’s yuletide journey! The NORAD Tracks Santa website, www.noradsanta.org, which launched on Dec 1, features Santa’s North Pole Village, which includes a holiday countdown, games, activities, and more. The website is available in eight languages: English, French, Spanish, German, Italian, Japanese, Portuguese, and Chinese.
Official NORAD Tracks Santa apps are also available in the Windows, Apple and Google Play stores, so parents and children can countdown the days until Santa’s launch on their smart phones and tablets! Tracking opportunities are also offered on Facebook, Twitter, YouTube, and Google+. Santa followers just need to type “@noradsanta” into each search engine to get started.
Also new this year, the website features the NORAD Headquarters in the North Pole Village, and highlights of the program over the past 60 years.
Starting at 12:01 a.m. MST (2:01 a.m. EST) on Dec. 24, website visitors can watch Santa make preparations for his flight. NORAD’s “Santa Cams” will stream videos on the website as Santa makes his way over various locations. Then, at 4 a.m. MST (6 a.m. EST), trackers worldwide can speak with a live phone operator to inquire as to Santa’s whereabouts by dialing the toll-free number 1-877-Hi-NORAD (1-877-446-6723) or by sending an email to firstname.lastname@example.org. Any time on Dec. 24, Windows Phone users can ask Cortana for Santa’s location, and OnStar subscribers can press the OnStar button in their vehicles to locate Santa.
It all started in 1955 when a local media advertisement directed children to call Santa direct – only the number was misprinted. Instead of reaching Santa, the phone rang through to the Crew Commander on duty at the Continental Air Defense Command Operations Center. Thus began the tradition, which NORAD carried on since it was created in 1958.
NORAD Tracks Santa is truly a global experience, delighting generations of families everywhere. This is due, in large part, to the efforts and services of numerous program contributors and volunteers.
Hobby drones. Unmanned Aerial Vehicles. Remote-controlled Copters.
Call them what you will, in many cases they’re becoming a nuisance. A minority of irresponsible users have been flying them too close to airplanes and helicopters, wandering into restricted military airspace, spying on neighbors; disrupting sporting events and even injuring people. It was only a matter of time before some trigger-happy vigilante shot one of the privacy invaders out of the sky.
Regulators and law enforcers are struggling to cope with the growth in their popularity, increasing the likelihood that heavy-handed legislation could stifle innovation in a sector that has great commercial potential for businesses large and small.
The Government Steps In: Drones in the US, and the people who fly them, must be registered in a government database beginning on December 21st. Any drones purchased from that date onwards must be logged before the first outdoor flight, the Federal Aviation Administration (FAA) has said.
Existing drone owners will have until February 19th, 2016 to register their drones, but a $5 fee will be waived to encourage registration within the first 30 days.
FAA spokesman Les Dorr said that it would seek to educate, rather than punish, those found to have not registered their drones. But he added: “For people who simply refuse to register, we do have enforcement tools available.” Those punishments could be civil penalties of up to $27,500, but in severe cases, criminal prosecutions could result in a $250,000 fine and a maximum of three years in prison.
The new rule affects drones weighing in at half a pound to 55lb. Users older than 13 must register themselves, but parents can register on behalf of younger children. Each drone will be given a unique identification number to be displayed on the device.
On Monday, December 14th, the FAA promised the process would be streamlined and user-friendly. “Make no mistake: unmanned aircraft enthusiasts are aviators and with that title comes a great deal of responsibility,” US transportation secretary Anthony Foxx said in a statement. “Registration gives us an opportunity to work with these users to operate their unmanned aircraft safely.
What will registering drones accomplish? Regulators had been under pressure to clamp down on what many people, particularly those in the emergency services, consider to be a growing menace – hobbyist drone users flying in unwanted places. Firefighters in California have reported that drones have disrupted efforts to contain wildfires.
Unfortunately, drone rules and registration will not prevent bad drone use. Many pundits are drawing comparisons to people who drive cars without a driver’s license or insurance: “You really can’t legislate against stupidity.” But other bodies, including the Association for Unmanned Vehicle Systems
www.AUVSI.org – The Association for Unmanned Vehicle Systems International, have backed the idea and taken an active role in consultations. The new regulations fall short of allowing emergency service personnel to forcibly disable drones by using electronic jamming equipment. Let’s see how long that lasts?
I’m always happy when one of my favorite FREE apps gets a major update. Even though I have built in navigation in my car, I always use and actually prefer Waze when I travel. I don’t worry about renting a car with a GPS to get around in an unfamiliar city or state – I simply plug in my iPhone, fire up Waze and type in my destination. Long gone are the detailed state highway maps and TripTik’s of my youth.
Waze, the navigation app that uses crowdsourced data to warn drivers about incidents on the road has just completed its biggest update since being acquired by Google over 2 years ago.
Yesterday, Waze launched a major update for its popular turn-by-turn navigation app. The entire user interface has been revamped for “higher visibility and clarity,” while still retaining the colorful, almost cartoonish appearance that has become its signature. It’s still bold and bright, but is noticeably less cluttered than before. Version 4.0 also adds a new ETA panel that puts traffic reports, alternate routes, and other useful options just one tap away.
Waze will also now give you a heads up about certain accidents before you even get in the car. The “smart calendar” feature will alert users when road incidents are likely to impact the day’s schedule, giving you the chance to leave earlier and minimize delays.
And last, Waze claims to have made significant improvements to battery consumption; the app will now use less of your phone’s charge to get you from place to place. Most people probably have their phones plugged in when driving around, so this is one change that may go unnoticed by many of Waze’s users.
And there are still a lot of Wazers out there, even after Google acquired the app and rolled almost all of its best functionality into Google Maps. Maybe it’s the social element of the app (sharing your ETA with friends, etc.) or the perception that Waze’s traffic alerts are more timely than those in Maps. Either way, it’s good to see a major update that’s a bit more substantial than simply adding yet another celebrity voice. Waze remains a free download, and the latest version is available on iOS now and will hit Android very soon.
Windows 10 is here and it’s faster, smoother and more user-friendly than any Windows operating system that has come before it. Windows 10 is everything Windows 8 should have been, addressing nearly all of the major problems users had with Microsoft’s previous operating system in one fell swoop.
But there’s something you should know: As you read this article from your newly upgraded PC, Windows 10 is also spying on nearly everything you do.
“It’s your own fault if you don’t know that Windows 10 is spying on you.” That’s what people always say when users fail to read through a company’s terms of service document, right?
Well, here is Microsoft’s 12,000-word service agreement. Some of it is probably in English. I’m pretty sure it says you can’t steal Windows or use Windows to send spam, and also that Microsoft reserves the right to take possession of your first-born child if it so chooses. And that’s only one of several documents you’ll have to read through.
Actually, here’s one excerpt from Microsoft’s privacy statement that everyone can understand:
Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
2.Protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone;
3.Operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or
4.Protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.
If that sentence sent shivers down your spine, don’t worry. As invasive as it is, Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy. Of course, users are opted in by default, which is more than a little disconcerting, but let’s focus on the solution.
First, you’ll want to open Settings and click on Privacy. There, you’ll find 13 different screens — yes, 13 — to go through, and you’ll want to disable anything that seems at all intrusive or worrisome. Most of the important settings can be found on the General tab, though other tabs are important as well. For example, you’ll definitely want to adjust what types of data each app on your system can access.
Next, users should consider dumping Cortana. Yes, the voice-driven assistant is easily one of the best new features in Windows 10, but it also plays fast and loose with your data. As a result, many users will find that the benefits do not outweigh the risks.
To complete the third task, you’ll have to venture outside the confines of your PC and hit the web. Perhaps this is a good opportunity to check out Microsoft’s nifty new Edge browser. In it, click on this link and set both “Personalized ads in this browser” and “Personalized ads wherever I use my Microsoft account” to off. This will disable Microsoft’s Google-style ad tracking features.
The last tip is one that most users will likely skip, as it is a bit excessive. Some users are removing their Microsoft account from Windows 10 completely and using a newly created local account instead. This way, Microsoft doesn’t grab hold of all your data to sync it across machines. To me, that’s a pretty good feature so I’ve opted to keep it.
Here’s another tool in the never ending battle against malware, drive-by and infected webpages – and this one is FREE
CISCO is currently in the process of buying OpenDNS to the tune of $635 million. That means very little to most people who probably haven’t even heard of OpenDNS until today. What’s important here is that even with that market valuation – YOU can still get this valuable service absolutely FREE!
OpenDNS is a company and service which extends the Domain Name System (DNS) by adding features such as phishing protection and optional content filtering to traditional recursive DNS services.
The OpenDNS Global Network processes an estimated 70 billion DNS queries daily from over 65 million active users across 160+ countries connected to the service through 24 data centers worldwide. Previously OpenDNS was an ad-supported service showing relevant ads when they show search results and a paid advertisement-free service. The free service has since evolved to no longer showing advertisements.
DNS services for personal/home use Back on May 13, 2007, OpenDNS launched a domain-blocking service to block web sites or non-Web servers visited based upon categories, allowing control over the type of sites that may be accessed. The categories can be overridden through individually managed blacklists and whitelists. In 2008, OpenDNS changed from a closed list of blocked domains to a community-driven list allowing subscribers to suggest sites for blocking; if enough subscribers (the number has not been disclosed) concur with the categorization of the site it is added to the appropriate category for blocking. As of 2014 there were over 60 categories. The basic FREE OpenDNS service does not require users to register, but using the customizable block feature requires registration.
Other free, built-in features include a phishing filter and a service called Phish Tank for users to submit and review suspected phishing sites.
The OpenDNS service consists of recursive nameserver addresses as part of their FamilyShield parental controls which block pornography, proxy servers, and phishing sites as well. The service works with any device connected to a single home network after the user makes a simple DNS change in their router. Instructions for making this change in all the popular routers and modem can be found on their support forums link below.
How does OpenDNS work?
- Instantly blocks access to adult websites No complicated configuration FamilyShield is pre-configured to block adult websites across your Internet connection. Just turn it on and go. The filter is always up-to-date, adding new sites 24/7.
- Flexible parental controls that protect every Internet-connected device in your home, instantly. When you set up FamilyShield on your router, every device in your home gets protected. That means everything: your kids’ Xbox, Playstation, Wii, DS, iPad, and even their iPhone.
- Built-in anti-fraud and phishing protection Take the guesswork out of identifying fraudulent sites. FamilyShield automatically blocks phishing and identity theft websites.
- Makes your Internet faster and more reliable Setting up FamilyShield frees you of frustrating, intermittent Internet outages and makes Web pages load faster, which makes your overall Internet connection faster.
Visit the following links for additional information:
The best tool for protecting your kids (or employees) from malware and porn: http://www.techrepublic.com/article/the-best-tool-for-protecting-your-kids-or-employees-from-malware-and-porn/
Getting Started Forums and FAQ’s https://support.opendns.com/home
After nine months of waiting, Windows 10 is almost here. Tuesday night at midnight, Microsoft will release the first full release of Windows 10, the biggest change in PC software in nearly three years. It’s kind of a big deal! We’ve been getting previews of Windows 10 since October, and the rollout of the actual software will happen in stages, but midnight will still be zero hour for answering a lot of the questions that have swirled around Windows 10 since it was first announced. How do you build a single OS for laptops, tablets, and smartphones? Tuesday night, we’ll find out.
First thing’s first: how do you get it? Microsoft is sending out Windows 10 in waves, starting with Windows Insiders and then moving through preorders gradually. The waves are designed to make the release more stable — issues that pop up in one wave can be fixed for the next one — but it means it could be days before you actually get the chance to download the new OS. The good news is that, unlike Windows 8, Windows 10 is designed to work as a straight upgrade, so as long as your computer meets the specs, you should be able to install it right away. Still, we definitely recommend doing a full system backup before you install. If you’ve got Windows 7 or Windows 8, you’ll be able to upgrade free any time in the next year. Otherwise, the official price is $119, although third party sellers like NewEgg are already offering cheaper versions for pre-order, scheduled to ship at the end of the month.
What will Windows 10 look like when it arrives? When Windows 10 does arrive you won’t have to wait days to find out. Many PC magazines and Tech Support forums are going to be putting the OS through its paces as soon as it becomes public, which means Microsoft fans will have a lot to piece through on Wednesday morning.
To start with, there’s a whole new interface to work through. Based on developer previews, Windows 10 seems to be a combination of the best features from 7 and 8, but it also comes with a lot of new ideas that have never been implemented at this scale. Cortana will be everywhere in Windows 10, available in the Start Menu and through voice commands. It’s also the first big stage for Microsoft’s new Edge browser, a fully revamped notification center, and for PC gamers, a deeper Xbox integration than we’ve ever seen before.
The biggest question of all: is Windows 10 ready for prime time? As recently as June, there were still some troubling and persistent upgrade bugs kicking around the developer preview. The Windows team had a lot of sleepless nights throughout June and July to ensure the quality is high across the vast amount of PCs out there. After Vista and Windows 8, there’s a lot of pressure to make sure this launch goes smoothly. Still, we won’t know for sure until Windows 10 goes live on Tuesday.
Finally – will the new Cortana outpace Siri? It seems like Cortana will definitely give Siri a run for the money. Obviously, you’ll need a microphone in order to communicate with Cortana – so if you want to join the voice revolution now would be a good time to pick one up…
Intel has released the world’s smallest Windows PC, a tiny thumb-drive-sized device that converts any television or monitor into a functional computer. Similar to the Google’s Chromecast or Amazon’s Fire Stick, the Intel Compute Stick can be plugged into an HDMI port. Though Intel says the Compute Stick can be used for streaming video, it can also do much more than that. The four-inch Compute Stick comes installed with Windows 8.1, 2 GB of RAM and 32 GB of storage. It connects to the Internet via Wi-Fi, and it has a microSD slot for additional storage if you need it. “It’s everything you love about your desktop computer in a device that fits in the palm of your hand,” says Intel.
Well … maybe not quite “everything”! Your desktop computer probably has a keyboard, a mouse, a lot more storage and RAM, and a much faster processor. But point taken, it is a full-fledged computer that’s the size of a pack of gum. That’s pretty neat. Intel suggests that the Compute Stick be used for “light productivity, social networking, Web browsing, and streaming media or games.” It also said small businesses might use it as an inexpensive computing solution. Microsoft has confirmed that this device will be eligible for a Windows 10 upgrade as well. Originally it was projected to sell for $149.00 but the market is looking like $169.00 right now via Amazon.com.
If you’re looking for a Windows 8 computer experience on your living room TV then the Intel Compute Stick just might be the answer. Just don’t plan on firing up memory and processor hungry 3-D games or animation programs. Get additional information from Intel: http://www.intel.com/content/www/us/en/compute-stick/intel-compute-stick.html CNET Video Review: http://www.cnet.com/products/intel-compute-stick/
The wearable technology category has opened the door to several interesting product ideas, one of which is a bracelet that turns your arm into a touchscreen.
Say what? It’s called the Cicret Bracelet (pronounced “Secret”) and it’s currently in development, though you won’t find it hanging out on any crowdfunding sites. Instead, the developers are seeking donations on their own in hopes of raising 700,000 euros (around 760,000 dollars at the current exchange rate) to finish the first prototype.
It’s an interesting design that makes use of a pico-projector and various proximity sensors, the latter of which pick up your gesture actions and commands. Just like a touchscreen, you can tap your forearm and perform touch functions, even when it’s wet (taking a bath, for instance).
Supposedly the device can do anything a phone or tablet can do Daily Mail reports. That includes things like read emails, hop around the web, play games, watch videos, make calls, and more. It’s being built to sync with an iPhone, though it can also function as a standalone device. When the project comes to fruition, it will cost around $475 and come in 16GB and 32GB models in choice of 10 colors.
Cicret.com: Check it out.