Tag Archives: Tony Anscombe

10 Tips to stay safe online this summer vacation

I recently got back from a family holiday in Yellowstone where there was no Internet connection at all. For me it was a blissful digital detox but my son didn’t take so kindly to it. He would jump onto any public network that appeared, regardless of its security, in an attempt to get himself back online where he could game and chat with his friends.

It got me thinking that, from start to finish, there were a lot of things during a summer vacation that could lead to some risky online behavior.

With that in mind, I’ve put together my 10 tips to help you and your family stay safe while booking, travelling and enjoying your vacation.

 

Summer Travel Tips

 
 

Read more

For full details on all the above tips and more, check out my simple fact sheet.

Parents failing to educate children on Internet dangers

LONDON, 3 JULY, 2015 – In today’s ever-connected world, online dangers can present themselves around every virtual corner. As the third annual Child Internet Safety Summit commences, AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, has released new research revealing the extent of children’s exposure to inappropriate content online, and the conflicting views and concerns of their parents.

The findings reveal that more than a third (35%) of UK children have encountered dangers online while at home – a figure that rises to 40% among tech-savvy ‘tweens’.

Despite this reality, a quarter (24%) of all parents have no plans to educate their children about online risks – and this is particularly the case for those with older children, rising to one in four (39%) parents with 10-12 year olds, and two thirds (62%) of parents with 13-16 year olds.

When asked why, two in five (44%) parents believe their child is sensible enough to know what to avoid online, 22% think it will just be too awkward to discuss, and one in seven (14%) simply don’t think it’s necessary.

These startling findings highlight the growing need to educate both children and parents about the threats that lurk online.

 

Tony Anscombe, Senior Security Evangelist at AVG Technologies, explains: “No matter how tech-savvy today’s children are, nor how ‘technophobic’ their parents think they are, it’s important not to forget that they are still just kids. As with any other life lessons, children look to parents for guidance; and in turn, it is their responsibility to teach them good from bad.

The findings of this research prove exactly that. By assuming children know best, simply because they have grown up around technology, parents are opening up their children to online dangers – and a significant amount are falling victim to them in some form. It’s only through parents educating themselves and their children about these dangers that we’ll start to reduce the number of children exposed to inappropriate content online.”

The study also sheds light on where parents see their child’s digital habits being influenced. The vast majority (88%) say school friends and teachers play the biggest combined role, while over a quarter (26%) say friends from outside of school are also key influencers.

With 40% of parents most concerned for their child’s online safety when they are away from home, these findings highlight how they could be overlooking the online dangers within the home. While parents are rightly conscious of letting their children surf the web outside of the family environment, the findings suggest they may be too quick to shift the blame, for children encountering dangers online, onto these outside influencers, rather than shoulder it themselves.

 

Julia Bradbury, TV presenter and mother of three, comments: “As a parent, I’m increasingly conscious of keeping my children safe from all the risks they face – whether it’s crossing the road or playing with apps on my phone. Admittedly, it’s a lot easier to see the damage from a scrape on the knee, but – as the Internet plays a bigger role in their lives – we need to understand that virtual bumps and bruises can be just as painful.

All three of my children will be growing up around technology – they simply won’t know anything different – so it’s my job, as a mother, to make sure they know right from wrong (on-and-offline), so they can make the most of their connected world. Having those ‘awkward’ conversations is often part of parenting, and if they protect your child in the long run, then it’s something worth blushing for!”

Activity at the Child Internet Safety Summit 2015 is part of AVG Technologies’ SmartUser mission – a growing movement based on the belief that everyone on the Internet is responsible for making it a better place. The objective is to make the next two billion users of the mobile Internet Smart Users, through education, to help them make informed choices about their own security and privacy — all from the first moment they start using a connected device. The SmartUser initiative works on the basis that if you would teach a child how to safely cross the road, there is a similar duty to teach them how to responsibly use the Internet, as well.

– ENDS –

 

About the Research / Methodology:

AVG commissioned an online survey, interviewing 2,200 UK adult parents (aged 18-65) with one or more children aged 4-16 years old. The market research company, Vanson Bourne, carried out the fieldwork between 4th-12th June 2015 using their propriety panels.

What is the right age to learn about online safety?

When our kids are just about knee high to a grasshopper we start the process of teaching them things to keep them safe, whether it’s that the cooker is hot or that crossing the road could be dangerous.

The process of crossing the road starts at a young age, we hold their hands and stand near the edge of the sidewalk and talk to them about looking both ways and listening, then under our guidance we walk them across the road. As time progresses we ask them to do the looking and listening, we do it too and then we cross the road on their instruction but with us close by having checked that its safe to do so.

The final stage of this is their first outing to the shop, whether for candy or a newspaper we send them off on the big adventure of being grown up enough to step out on their own.

I often get asked at what age should we be talking to our kids about internet safety, my answer is simple, as soon as you let them start using it. Their experience online should be similar to the way we teach them to cross the road, first we do things with them and then with time and experience they step out to do things on their own.

Our recent survey of 2200 parents in the UK shows that 40% of parents with children aged 4-6 have not yet educated their children on the possible dangers and a quarter of them have no plans to give any guidance to their kids. I am certain that if I asked the same question about crossing the road the percentage would be much lower.

More than 40% believed that their kids are sensible enough not to need it, does this mean that parents don’t know the challenges themselves or that they just feel uncomfortable in having what can be an awkward conversation.

The Internet offers our kids a learning and communication experience that we only thought possible in science fiction movies when we were kids, flat screens, voice activation, video on demand and an endless supply of data and information to keep our lives enriched with content.

With the world very much at their finger tips our kids need our wisdom, maturity and knowledge to guide them in accessing the wealth of information and entertainment available to them. As with anything in life there are risks, but they become very minimized if we are equipped to deal with them.

We’re all guilty of checking our devices too often

For over four years now, we have been researching the use of technology by families, specifically how our kids use technology to learn and communicate. Our latest research looks at how much time we, the adults, and our kids spend using devices and the effects that this has on family life.

Are adults checking their devices too often? The simple answer is yes. Both kids and adults are in agreement with this as 54% of children say this and 52% of adults. At the same time, both kids and adults agree that it’s the kids that spend more time on their devices, 46% and 49%.

It would appear that the parent’s have some bad habits too, nearly one in four admit they answer their phone during meal times and one in three while watching TV with their kids. This makes our kids feel unimportant, at least that what 32% said in our survey.

Digital Diaries Infographic

Technology is changing our world, whether interactive education, TV on demand or communicating with our friends and family. Its important though that we distinguish between family time and device time and give each other the time and attention that we deserve.

In my family, we have ‘the basket’.  The basket lives in the kitchen and during meal times and at 9pm all our devices are relegated to the basket. This means for those precious moments of our day that we sit opposite each other; we communicate with out distractions and swap our news.

The challenge is clear that we, as the parents, need to set the example to our kids that the devices are super useful, engaging and give us great pleasure, but we need to show them that there is a time to put them down and spend quality time with each other.

Amusingly, I am writing this blog sitting in an RV in Yellowstone National Park, where there is no phone signal, yet both my son and wife are sitting playing a game on their phones competing to see who can get the highest score. It’s a great example of the addictiveness. As soon as I finish writing they will have them confiscated! Tomorrow we’ll go hiking and have a device free day.

I challenge you to set the example and get a phone basket!

Kids Competing with Mobile Phones for Parents’ Attention

AMSTERDAM – June 24, 2015 – Mobile phones are gaining an increasing share in the battle for parental attention, with a third of children, surveyed for a recent study, saying their parents spent equal or less time with them, than on their devices. The research, conducted by AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, examined children’s perceptions of their parents’ mobile device use, and uncovered some worrying trends.

Hinting at ongoing digital intrusion upon family life, over 50 percent of the children questioned, felt that their parents checked their devices too often (54 percent); and their biggest grievance, when given a list of possible, bad device habits, was that their parents allowed themselves to be distracted by their device during conversations (36 percent) – something that made a third of the complainants feel unimportant (32 percent).

When asked about their device use, half of all parents agreed that it was too frequent (52 percent), and many also worried about how this looked to the younger generation. Almost a third (28 percent) felt that they didn’t set a good example for their children with their device use.

“With our kids picking up mobile devices at an increasingly younger age, it is really important that we set good habits within the home, early on,” said Tony Anscombe, Senior Security Evangelist at AVG Technologies. “Children take their cues from us for everything else, so it is only natural that they should do the same with device use. It can be hard to step away from your device at home; but with a quarter of parents telling us that they wished their child used their device less (25 percent), they need to lead by example and consider how their behavior might be making their child feel.”

In a country by country comparison, Brazilian parents topped the survey for device use, with 87 percent of children stating their parents used mobile devices too much. More worryingly, 59 percent of Brazilian parents admitted to using the phone while driving – interestingly, 56 percent of children in Brazil also said they would confiscate a parent’s device, if they could.

Digital Diaries Infographic

 

Methodology:

AVG commissioned an online survey, interviewing parents and their children, between the ages of 8-13, to identify perceptions and realities of parental device use in the following markets: Australia, Brazil, Canada, Czech Republic, France, Germany, New Zealand, the United Kingdom and the United States. A total of 6,117 completed the survey during June 2015. The market research company, Research Now, carried out the fieldwork using their proprietary panels.

Personal data is becoming a primary target at every level

I recently published a blog about the data breach at the Office of Personal Management (OPM) and the Interior Department which is being blamed on China.

In the last week, there have been a number of experts giving more detail on the depth of the stolen data. The concern is about Standard Form 86 which is used to collect data on potential federal employees applying for positions in National Security.

As you can imagine, this form probes into areas of someone’s background, family and friends that not even those close to the person may know. There are 127 pages of the form and the collection of information includes citizenship, passport, residence schools, military service, employment, financial records, alcohol and drug use, criminal records, psychological and emotional health, groups that may have been associated with, foreign travel, associates including relatives and friends.

The data is extremely valuable to any foreign government or intelligence agency, knowing your enemy in this much detail is a definite advantage. Some observers are suggesting that the data may even be used to blackmail people.  While there is of course this possibility, I doubt anyone who successfully got a position in the NSA would be susceptible to blackmail…

However, there is the risk of an unsuccessful applicant being blackmailed with the data on their Standard Form 86. Naturally, this is bad news for them and they need protection as they are not in positions of national security.

Any breach that affects the people responsible for our security is extremely serious and there needs be a robust plan to assist current and past employees, and even those who simply filled out the form.

Personal data is becoming the primary target for many cyber criminals, foreign powers and governments and the holders of the data need to take precautions to secure it. We are all potential victims of data theft and it’s our responsibility to understand the dangers of handing over our data.

While in this case there is no alternative for national security employees, in many of the data breach cases recently there are ways that we can limit our exposure by sharing less.

US blames China for massive data breach

The OPM is responsible for human resources for the federal government which means they are the collectors and holders of personal data on all federal employees.

Law enforcement sources close to the breach stated that a “foreign entity or government”  possibly Chinese was believed to be behind the attack, according to an article published in The Guardian.

It should be noted that the Chinese government stated that it was ‘not responsible’ and this conclusion was ‘counterproductive’.

The OPM carries out background checks on employees and holds data dating back to 1985. A successful attacker could gain access to records of past and present employees, with data that could even refer to retired employees and what they are doing now.

Regardless of whether you believe the continual finger pointing by one government at another, there are real people that are effected and protecting them and their identity should be the priority.

Alarmingly, an official said to Reuters that “Access to data from OPM’s computers, such as birth dates, Social Security numbers and bank information, could help hackers test potential passwords to other sites, including those with information about weapons systems”.

 

How to stay safe

While those of us who do not work for the government won’t have been affected by this breach, what can we do to protect ourselves identity theft?

  • Ensure your online accounts are not using the email address and a password that could be guessed from personal information, if you are then change the password.
  • Keep a close watch on your credit reports. This will help you identify if someone is using your identity to take a line of credit in your name. Most credit scoring agencies allow you to run a report for free at least once.
  • Spammers may send emails that look like they are coming from valid sources. Make sure to carefully scrutinize these emails – don’t click on links that look suspicious – and if in doubt contact the sending organization directly to ensure it’s an official communication.
  • Avoid using the same email address or identity across multiple online accounts. For example, have a primarily email address used for recovery of forgotten passwords and account information. Have a secondary email address for offline and online retail transactions. Have a third for financial accounts and sensitive information.
  • Avoid Cold Calls: If you don’t know the person calling then do not hand over payment or personal details. If in doubt, hang up and call the organization directly to establish you are talking to legitimate operators.
  • Set privacy Settings: Lock down access to your personal data on social media sites, these are commonly used by cybercriminals to socially engineer passwords. Try AVG PrivacyFix, it’s a great tool that will assist you with this.
  • Destroy documents: Make sure you shred documents before disposing of them as they can contain a lot of personal information.
  • Check statements and correspondence: Receipts for transactions that you don’t recognize could show up in your mail.
  • Use strong passwords and two factor authentication: See my previous blog post on this, complex passwords can be remembered simply!
  • Check that sites are secure: When you are sending personal data online, check that the site is secure – there should be a padlock in the address or status bar or the address should have a ‘https’ at the start. The ‘s’ stands for secure.
  • Updated security software: Always have updated antivirus software as it will block access to many phishing sites that will ask you for your personal data.

 

Also consider enlisting an identity monitoring service, commercial companies that have been breached often offer this reactively to the victims. Understanding where or if your identity is being abused in real time will give you the ability to manage issues as they happen.

A $1,600 fine for children spending too much time online?

Taiwan have legislated on ‘screen time’ for children under 18, making it illegal for them to use electronic devices for excessive periods of time. The fine for breaching this law is around $1,600, which I am sure you will agree would be a little painful on the family finances.

While most of us can appreciate the idea of this law, I am sure like me you read it and realize this is a non-enforceable and probably not practical.

Think about the devices that our young people use, smartphones, tablets, laptops, games consoles, MP3 players, TV’s and more… The list is seemingly endless and many of them are used for very different purposes.

Does revising on a laptop ahead of exams at school break this law? One could argue that a fine on excessive “gaming” could be justified but this law doesn’t go nearly far enough on the details. Computers and connected devices are used for so much more than wasting time and they can have real constructive educational merit.

I don’t think any government can or should legislate on something that is difficult to enforce and should be the decision of a responsible parent or guardian.

It is important that we balance the screen or connected time of our children with offline activities like swimming, cycling or other pastimes. Interestingly, when writing this I considered where reading belonged. Is it screen time or non-screen time? I remember my childhood and being told to go and read rather than watching TV, of course with today’s e-readers, it maybe just be additional screen time.

The other consideration here is that we, as an older generation, look on screen time as different, or even negative. Our children are growing up with screen time just being a regular part of life. Their perception of screen time, and tech in general will be very different to ours. Our own Digital Diaries research pointed at this several years ago when we saw that children were learning digital skills before life skills.

I wonder how many adults would admit to spending too much time attached to screens and are setting a bad example to their children? After all, they follow our lead…

You can follow me on Twitter @TonyatAVG

 

 

No such thing as a free lunch, but there is ‘free coffee’ at Starbucks

Have you added up your spending on Starbucks coffee lately?  If like me you grab a coffee five days a week at $3.65 then you have an annual bill of just under $1000. When I saw that a hacker had found a way to get unlimited free coffee it caught my interest, especially see that there have been a number of Starbucks related issues over the last 12 months.

Egor Homakov’s hack is more a logic mistake or bug than a hack, you can read his blog on how he did it in detail here. He started by purchasing three gift cards with a value of $5, the type anyone can purchase over the register.

Registering the cards online at starbucks.com then allows you to move money between cards and top them up as necessary. Homakov then started sending requests to move the cash between the cards using 2 different browsers at the same time. Doing this, he managed to break the logic and transfer the same $5 from card A to card B twice confusing the Starbucks system and gaining $5 in the process, thus making himself an extra $5.

This was possible thanks to what is known as a Race Condition in the way the transaction is processed.  It takes place in two steps, the request and the acknowledgement.

In theory, this exploit could be run indefinitely to generate an unlimited amount of funds on a gift card.

Homakov did not do this though, after gaining the extra cash he tested the cards in a store purchasing coffee and a sandwich at a total of $16.70, proving he had more than he started with but limiting the loss to Starbucks to just $1.70.

Receipt

Image courtesy of sakurity.com

As a responsible security expert he contacted Starbucks through their support system on March 23 and did not receive a response until April 29, and the bug has now been closed.

There seems to be a pattern of hacks and bugs at Starbucks, just a few weeks ago there was another issue with gift cards and the transfer of funds linked to bank account, see the analysis here. And last year there was an issue that passwords on the Starbucks app for iOS were being held in clear text, this one had a similar experience with Starbucks taking time to answer the disclosure from the expert, see the article here.

Starbucks mentioned the word ‘fraud’ when talking with Homakov rather than understanding that a responsible expert may have just saved them millions of pounds and saying thank you.

Personally I think he should be rewarded with at least a years free coffee, at $1000 it would seem a small price to pay.

You can follow me on Twitter @TonyatAVG