Tag Archives: Privacy

AVG

Tinder introduce verified profiles

Leave a comment

Many of us are already familiar with the little “check mark” found on social networks that signifies that an account is legitimate. Most often seen with celebrities or famous sports personalities, it’s a simple way of letting everyone know that the account holder is the person they claim to be.

Now, mobile dating app Tinder has followed suit by introducing verified accounts to their service and we’ll no doubt see blue check marks next to Lindsay Lohan and Katy Perry who are apparently fans of the app.

Tinder Verified Profiles

 

Here are three quick tips to help you have fun and avoid scandal while dating online.

Use throwaway accounts: Some dating apps require an email or a Facebook account to log in. If you want to use one of these sites, it may be smart to create a new account just for dating. That way you can close them down easily if you need to.

Use secure messaging in app: Don’t rush to move to off-app communications (email, phone, etc). Take your time and communicate through the app, there are measures in place to help you stay private and get support when you need it.

Be wary of fake accounts: Just like we’ve said in this article, online dating services can have a lot of fake dating profiles, known as Catfish scams. You can help protect yourself and your data by not giving out any personal details unless you are sure you’re talking to a real person.

Be careful what you share: Remember that anything you upload to an app will likely become their property, so don’t be surprised if you log in to find your picture on the homepage as “hot date of the week” or even used in promotional material! Make sure you’re happy for anything you share to be seen publicly.

If you want to meet, tell someone where you’re going: Common sense rules that you shouldn’t rush out to meet someone you don’t know in the middle of the night. Meet in a public place during the day and make sure someone knows you’re going and check in from time to time to let them know everything is ok.

AVG

10 Tips to stay safe online this summer vacation

Leave a comment

I recently got back from a family holiday in Yellowstone where there was no Internet connection at all. For me it was a blissful digital detox but my son didn’t take so kindly to it. He would jump onto any public network that appeared, regardless of its security, in an attempt to get himself back online where he could game and chat with his friends.

It got me thinking that, from start to finish, there were a lot of things during a summer vacation that could lead to some risky online behavior.

With that in mind, I’ve put together my 10 tips to help you and your family stay safe while booking, travelling and enjoying your vacation.

 

Summer Travel Tips

 
 

Read more

For full details on all the above tips and more, check out my simple fact sheet.

Security

FBI Director to Silicon Valley: ‘Try Harder’ to Find ‘Going Dark’ Solution

Leave a comment

FBI director James Comey and Deputy Attorney General Sally Yates testified before a Senate committee on how encryption is hampering law enforcement and national security efforts.

Security

Hacking Team Flash Zero Day Weaponized in Exploit Kits

Leave a comment

Three exploit kits–Angler, Nuclear Pack and Neutrino–have already weaponized the Adobe Flash Player zero day found among the data stolen from Hacking Team.

AVG

One-Time passwords: What you need to know

Leave a comment

Most of us have dozens of online accounts, each of which should have its own unique password. Remember them all can be a bit of a headache, which is why some people have turned to password managers.

However, events in the last few months have shown that not all password managers are entirely secure, leaving people at odds when it comes to securing their online lives.

One trend that has been steadily gaining momentum is that of the one-time password. Forget having to remember your login for each account and instead have a strong, unique password sent directly to you whenever you need to log in.

When you want access to your account, a link is sent to you via email, SMS or in app and that can be used to log in. No password required.

Yahoo! Become one of the first household names introduce one time passwords a few months ago and you can see my colleague Tony Anscombe’s views on their implementation on his blog.

More recently, blogging site Medium has just rolled out the feature. They believe that one-time passwords are stronger than traditional means of authentication as they explain on their blog:

It sounds counterintuitive, but this is actually more secure than a password-based system. On most services, if someone guesses or cracks your password, they gain access to your account until you change your password, which might not be for a long time. You might never know that they have access. With this email-only system:

  • You’re automatically notified when someone tries to sign in.
  • The sign in link expires after a short amount of time.
  • The sign in link can only be used once.

 

Medium

 

Are there any downsides?

One-time passwords do a great job to help avoid many of the common issues with real passwords such as:

  • Weak passwords
  • Reusing passwords across multiple sites
  • Writing passwords down
  • No warning when someone else has access to your password/account

 

There is some room for vulnerability in the current system.

Encryption – Emailing a link that can provide unlimited account access, should of course be done in an encrypted fashion. However, this isn’t always possible and transmitting it in plain-text over email or SMS could be a major security vulnerability.

Degrades security – A potential downfall for one-time passwords, especially with Mediums implementation, is that any one-time password account is only as secure as your authentication email account.

For example, it would be useless to manage every one of your online accounts with a one-time password, but only secure your email with a weak password (as many people do). Remember, your email password should be the strongest of all your passwords as it can hold the key to the rest of them. One-time passwords make this even more pertinent.

Forwarding – Obviously it is unlikely, but with the current implementations, anyone with the link would be able to access the account. If you forwarded an email by mistake or pasted the link in the wrong place, then this could leave you vulnerable.

Some verification that the link is being clicked within the correct email account would be an added bonus so that the link would be a big bonus.

 

Alternatives

So while it is up to you whether or not you want to secure your online accounts with one-time passwords, if you are looking to improve the security of your online accounts I can recommend deploying Two-Factor Authentication.

Two-Factor Authentication is perhaps the simplest way to prevent unauthorised access to your online accounts and is very low risk. For more information on Two-Factor Authentication, check out the video below:

Video

What Is Two Factor Authentication

Security

Hacking Team Plans to Continue Operations

Leave a comment

UPDATE–It has been absolutely brutal week for Hacking Team. All of the company’s documents, internal communications, emails with customers, and invoices have been published, including its dealings with oppressive regimes and customers in sanctioned countries. But even with all that, company officials said they have no plans to cease operations, even as they’re asking customers […]