About Us

My photo
MousePad Networking is dedicated to providing service to home and small business users. Specializing in PC hardware, Microsoft Windows Operating Systems, virus and spyware removal, and small networks, we are focused on providing quality service at reasonable prices. We offer PC setup and repair, Microsoft Windows Operating Systems installation and maintenance, and home & small office network setup & consulting.

Sunday, April 22, 2012

FCC's Ruling that Google's WiFi Snooping is Legal Sets Horrible Precedent

Paltry fine on Google for monitoring WiFi nets will only encourage snoopers.

By John P. Mello Jr. (PC World)
Anyone looking for assurance that the privacy of their home wireless networks would be protected from snoopers by government regulators won't find it in the Federal Communication Commission's recent action against Google.
The FCC fined Google $25,000 for impeding the agency's investigation into reports that Google snooped on WiFi networks as its vehicles gathered information for its maps service.
Although the FCC didn't peek at the info Google gathered from the private wireless nets, regulators in other nations conducting similar investigations have. They found Google had captured e-mail messages, instant messages, chat sessions, romantic exchanges between lovers, Web addresses that could be used to determine a person's sexual orientation and data that could be linked to specific addresses.
Google "Good Faith" Effort
When Google's activity was uncovered in 2010, the company was profusely apologetic in public. But when the time came to find out "the rest of the story" about the data slurping affair, Google entered bunker mode, blocking the FCC's efforts to obtain the information it felt it needed to complete its investigation.`
"We worked in good faith to answer the FCC's questions throughout the inquiry, and we're pleased that they have concluded that we complied with the law" was Google's official line on the FCC's action, which appears to be prompted by frustration at Google's "good faith" during the investigation.
Indeed, Google appears to be confusing "good faith" with doing the minimum under the law to make the FCC go away so Google can continue its business as usual.
It's not "good faith" to refuse to turn over e-mail relevant to an investigation. And the excuse for doing so--it would be burdensome and time consuming--is an insult and totally disingenuous coming from a company that is the King of Search.
We wonder if Google would be so high-handed about such a request from one of its corporate clients who stored its email in Google's cloud and needed such an e-mail search done to comply with a court order for electronic evidence?
It's not "good faith" to drag your heels when a regulator asks for documents it needs for its investigation and force it to get a subpoena to obtain the documents.
And it's not "good faith" to unilaterally determine it would serve no useful purpose to identify those responsible for instigating an attack on privacy on a global scale.
For its recalcitrance during the FCC probe, Google was fined $25,000--less than petty cash for a company that in the first of this year alone had revenue of $2.89 billion. That outcome surely brought a smile to corporations engaging or planning to engage in slurping WiFi networks to obtain information for their gluttonous marketing demands.
It's also a reminder to anyone with a WiFi network to at least secure it with a password before they start using it.

Monday, April 9, 2012

Apple's security code of silence: A big problem

Security industry insiders have long known the Mac platform has its holes. The Flashback Trojan is the first in-the-wild issue that's confirmed this, and big-time. More will follow unless Apple steps up its game.

by Larry Dignan (CNET)
Apple has cultivated a myth about security on the Mac platform. The myth goes like this: Apple users don't need antivirus software. We're more secure than anything out there. Security worries are overblown.
In reality, Apple practiced security by obscurity with the Mac.
Those days may be ending in a hurry. Apple's relative silence about malware is going to have to end as the company finds itself managing a large ecosystem, noted ZDNet's Ed Bott. Delivering massive security updates during product launches and software rollouts just isn't going to cut it.
The Flashback virus has infected more than 600,000 Macs. These Mac users didn't fall prey to snazzy social engineering or any real work at all. Russian antivirus company Dr. Web noted that Flashback exploited a security hole in Java to silently attack Mac OS X systems. Flashback was discovered in September 2011 as a fake Adobe Flash Player and has morphed into attacking Java. Apple has been belatedly patching Java.

What's the problem here? Apple likes to pretend that its security is superior. The reality is that Apple hasn't had the market share to matter. That's quickly changing since the Mac platform is outgrowing PCs. Meanwhile, enterprises are adopting Macs too. As these Macs go corporate the honeypot looks a lot sweeter to hackers.
It's possible that Apple CEO Tim Cook will hit the security issue head on like he tackled the supply chain flap. In either case, Apple has to step up its security game. It can't a) thump its chest about security and invite hackers and b) pretend that there's nothing to worry about. As these attacks continue over time, Apple may have to have its big security "ah ha" moment just like Microsoft did.
Here's how Apple's silence on security contributes to the problem:
Apple doesn't allow Oracle to patch Java. The latest round of malware could have been avoided with faster patching. Since Apple likes to control its patching it is often behind. The window of exposure on the Mac platform is longer. The easy fix here is to let Oracle do the patching.
Apple has a rudimentary antivirus update utility that's updated with signatures only when there's a big enough threat. Apple knew about Flashback, which has been pointed out by security researchers, but didn't ship an update.
Apple users have no idea if they are infected and don't know how to search. Why would they know? Apple has told them there are no viruses on the Mac. This false sense of security is the primary reason Apple needs to start talking. Apple users are smug about security.
Anti-virus vendors can't provide protection to the Mac because users don't think they are needed.
Security industry insiders have known the Mac platform has its holes, but Flashback is the first in-the-wild issue that's confirmed and big. More will follow unless Apple becomes more proactive.