Jump to content

Search the Community

Showing results for tags 'online'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 48 results

  1. NOTE: The preview image may belong to older versions. This tool includes 4 different activation methods. KMS Inject activation, Digital activation, KMS 2038 activation and Online KMS activation There is also a script for convert VOLUME verions from RETAIL version for Office 2016 and 2019 products. While this script is being created, abbodi1406’s (MDL) script is referenced. Thank him so much for being a source of inspiration and help. Some security programs will report infected files, that is false-positive due KMS emulating. Digital and Online KMS activations methods are requires internet connection. If use this tool remove any other KMS solutions and temporary turn off AV security protection. $OEM$ Activation About: 3 methods are (Inject, Digital and KMS38) also $OEM$ activation support. To preactivate the system during installation, copy $OEM$ folder to "sources" folder in the installation media (iso/usb). $OEM$ activation method also enable the KMS task scheduling system during installation. (digital and KMS2038 activation method except) Thanks @ShiningDog for the kms server addresses. It is the only KMS application that hosts all methods and receives the least warning by security programs... 😎 Download Links: (English interface) Site: https://mega.nz Sharecode: /#!tYY2EAKD!aBYy59F1O9CSYbx6qi96zEzMz2fjiL8CvvnexX4rv04 File : KMS-Digital-Online_Activation_Suite_v6.9_ENG.rar CRC-32 : e509d31d MD4 : 4db51e3c87c4167ed4158d9e6df149cf MD5 : 0ee405227750220c677f7fa9f0b84c36 SHA-1 : dfe8cdc35ac131c29194850d9c4e8ddede69a4c0 --------------------------------------------------------------------------------------------- (Turkish interface) Site: https://mega.nz Sharecode: /#!VdQiiajJ!78G7kSiG_EtXsHD91VwIqnjor7c4n5eq8l0mOq9RU6M File : KMS-Dijital-Online_Aktivasyon_Suite_v6.9_TUR.rar CRC-32 : 60fd3f93 MD4 : 56ef08133181f7fcfab99440f125b908 MD5 : 4d90e77f89e6c45ab920a5c8282f8b99 SHA-1 : 603f260195c518ec91e91ed812149d22b66d3465 RAR Pass: 2019 Note: Use WinRar v5x for extract # Special Thanks TNCTR Family Nsane Family abbodi1406 CODYQX4 Hotbird64 qewlpal s1ave77 cynecx qad Mouri_Naruto WindowsAddict angelkyo Virustotal results of the application exe and dll files (March 31, 2019): Virustotal results of dll files of KMSInject method x64 KMS.dll https://www.virustotal.com/gui/file/37bbe701c8ebf1f36ae09033b8ba07f8427783b01cb86c0cde14f400ec003579/detection x86 KMS.dll https://www.virustotal.com/gui/file/793f42048564c7b1a57cc38922acd6cd2d39c51974010bab910a682c8143b951/detection Virustotal results of exe and dll files of the Digital & KMS38 Activation method digi-ltsbc-kms38.exe https://www.virustotal.com/gui/file/528f35bba16c1f0113fa0825dd49fb47c03a7ee0e904a770ef3ad6e99fe8ac73/detection Rslc.dll https://www.virustotal.com/gui/file/4a9e46c4849097804e9b75f0f8295fc901db7c2dbad154dcf52265c065a1f034/detection Vslc.dll https://www.virustotal.com/gui/file/423a8fe7a20fa8029c442936a7097a7f4d1924b7a02b18de6362d47474cc1009/detection Changelog:
  2. Free backup software to store encrypted backups online. Duplicati is a simple-to-use software application designed to take a safety measure when it comes to personal and app files by backing them up to a secure location. It features basic and advanced features alike to please both user groups. Create, schedule and restore backups with personal documents, music, application settings, desktop files and others, save them locally or upload via FTP or an online storage service Features: Duplicati uses AES-256 encryption (or GNU Privacy Guard) to secure all data before it is uploaded. Duplicati uploads a full backup initially and stores smaller, incremental updates afterwards to save bandwidth and storage space. A scheduler keeps backups up-to-date automatically. Encrypted backup files are transferred to targets like FTP, Cloudfiles, WebDAV, SSH (SFTP), Amazon S3 and others. Duplicati allows backups of folders, document types like e.g. documents or images, or custom filter rules. Duplicati is available as application with an easy-to-use user interface and as command line tool. Duplicati can make proper backups of opened or locked files using the Volume Snapshot Service (VSS) under Windows or the Logical Volume Manager (LVM) under Linux. Many Backends Duplicati works with standard protocols like FTP, SSH, WebDAV as well as popular services like Microsoft OneDrive, Amazon Cloud Drive & S3, Google Drive, box.com, Mega, hubiC and many others. Many Features Backup files and folders with strong AES-256 encryption. Save space with incremental backups and data deduplication. Run backups on any machine through the web-based interface or via command line interface. Duplicati has a built-in scheduler and auto-updater. Free Software Duplicati is Free and Open Source. You can use Duplicati for free even for commercial purposes. Source code is licensed under LGPL. Duplicati runs under Windows, Linux, MacOS. It requires .NET 4.5 or Mono. Strong Encryption Duplicati uses strong AES-256 encryption to protect your privacy. You can also use GPG to encrypt your backup. Built for Online Duplicati was designed for online backups from scratch. It is not only data efficient but also handles network issues nicely. E.g. interrupted backups can be resumed and Duplicati tests the content of backups regularly. That way broken backups on corrupt storage systems can be detected before it’s too late. Web-based Interface Duplicati is configured by a web interface that runs in any browser (even mobile) and can be accessed - if you like - from anywhere. This also allows to run Duplicati on headless machines like a NAS (network attached storage). ----- Changelog: - Currently unavailable ----- Homepage: https://www.duplicati.com/ Download 2.0.4.5 Beta: https://github.com/duplicati/duplicati/releases/tag/v2.0.4.5-2.0.4.5_beta_2018-11-28 Download 2.0.4.8 Canary: https://github.com/duplicati/duplicati/releases/tag/v2.0.4.8-2.0.4.8_canary_2018-12-13
  3. Malware operators have collected login credentials for government portals in Italy, Saudi Arabia, Portugal, Bulgaria, Romania, more. A Russian cyber-security firm says it discovered login credentials for more than 40,000 accounts on government portals in more than 30 countries. The data includes usernames and cleartext passwords, and the company believes they might be up for sale on underground hacker forums. Alexandr Kalinin, head of Group-IB's Computer Emergency Response Team (CERT-GIB), says these account details have been collected over time by cyber-criminals with the help of off-the-shelve malware strains such as the Pony and AZORult infostealers, but also the Qbot (Qakbot) multi-purpose trojan. The crooks who deployed these malware strains collected vasts amounts of data from a large number of infected users. He believes that the people behind these operations might filter and group the government accounts into separate packages to advertise and sell online. Kalinin says Group-IB shared the cache of compromised accounts with the CERT teams of affected countries, so authorities could contact affected government agencies. According to Kalinin, more than half of the accounts, 52 percent, belong to Italian government officials, followed by Saudi Arabian government accounts (22 percent), and Portugal government accounts (five percent). The compromised accounts were from a wide array of government agencies. They varied from accounts on local government sites to state-level agencies and official government portals. Some of the most high-profile accounts which Group-IB spotted the hackers selling access to included official government portals for: Poland (gov.pl) Romania (gov.ro) Switzerland (admin.ch) Bulgaria (government.bg) But also the websites for state agencies like: Italian Ministry of Defense (difesa.it) Israel Defense Forces (idf.il) Ministry of Finance of Georgia (mof.ge) Norwegian Directorate of Immigration (udi.no) Ministry of Foreign Affairs of Romania Ministry of Foreign Affairs of Italy It is unclear if the hackers infected workstations of government employees, or if they infected the personal computers of government employees, and stole government login details from employees who logged into government work sites from home. Kalinin pointed out that the accounts could allow attackers access to both commercial or state secrets accessible through those accounts. Furthermore, the accounts could be used for other reconnaissance operations, or as an entry point inside a government agency's internal network from where hackers can execute other attacks, such as cross-site scripting or SQL injections. "The scale and simplicity of government employees' data compromise shows that users, due to their carelessness and lack of reliable cyber defense, fall victims to hackers," Kalinin told ZDNet. "Cybercrime has no borders and affects private and public companies and ordinary citizens." Group-IB's discovery comes after Agari spotted a group of online scammers using a custom list containing the details of over 50,000 executives at companies across the world. Agari said the scammers were using this list to send spear-phishing emails that were pushing a classic business email compromise (BEC) scam. Source
  4. Jime234

    online multiplayer games

    hello, Does anyone play pc games online ? I wanted your recommendations regarding online multiplayer TPS games PS: it would be great if the game is free and small size under 1gb Thanks I.A.
  5. Win 10 PRO Retail/VL & S Edition Digital Entitlement Activation Win 7 Pro Phone Activation Fresh Key Worth to try Win 10 Pro Digital Activat ( Added few new Online Activation Windows 7-8.1 MAK key for Win 10 Digital Activation 14 / 09 / 17) Code: http://textuploader.com Share: /djr9h
  6. The raids targeted people accused of posting threats, coercion and incitement to racism on social media, reports The New York Times. Germany is serious about cracking down on hate speech on social media. German police on Tuesday raided the homes of 36 people accused of hateful postings on social media, reported The New York Times. The posts reportedly included "threats, coercion and incitement to racism." The raids, performed by officers for Germany's Federal Criminal Police Office, mostly targeted people accused of political right-wing incitement but also included two people accused of left-wing extremism and one person accused of making threats based on a person's sexual orientation. The Federal Criminal Police Office and Germany's Federal Ministry of the Interior didn't immediately respond to requests for comment. "The still high incidence of punishable hate posting shows a need for police action," said Holger Münch, president of the Federal Criminal Police Office, according to the Times. "Our free society must not allow a climate of fear, threat, criminal violence and violence either on the street or on the internet." In April, Germany's cabinet approved strict new standards that would force social media sites like Facebook and Twitter to regulate fake news and hate speech. The draft law calls for sites to delete at least 70 percent of inappropriate and illegal posts within 24 hours of their postings. If they fail to comply, they could be fined as much as €50 million ($53 million). The draft law is now being debated by German officials. Article source
  7. Who can view my internet history? Last week, whilst most of us were busy watching the comings and goings at Trump Tower and Ed Balls on Strictly, Parliament quietly passed the Investigatory Powers Act 2016 (a.k.a. the Snoopers’ Charter). It’s been described as the most intrusive system of any democracy in history and a privacy disaster waiting to happen. The Act makes broad provisions to track what you do online. Amongst a raft of new surveillance and hacking powers, it introduces the concept of an internet connection record: a log of which internet services - such as websites and instant messaging apps - you have accessed. Your internet provider must keep these logs in bulk and hand them over to the government on request, whether you want them to or not. So long right to privacy, hello 1984. This is a truly appalling development, but all is not quite lost: there are still legal actions pending against the UK’s mass surveillance powers, and you can visit Don’t Spy on Us to find out more. In the meantime, read on to find out who exactly will be able to see what you’ve been up to online. Who can view my stuff? A list of who will have the power to access your internet connection records is set out in Schedule 4 of the Act. It’s longer than you might imagine: Metropolitan police force City of London police force Police forces maintained under section 2 of the Police Act 1996 Police Service of Scotland Police Service of Northern Ireland British Transport Police Ministry of Defence Police Royal Navy Police Royal Military Police Royal Air Force Police Security Service Secret Intelligence Service GCHQ Ministry of Defence Department of Health Home Office Ministry of Justice National Crime Agency HM Revenue & Customs Department for Transport Department for Work and Pensions NHS trusts and foundation trusts in England that provide ambulance services Common Services Agency for the Scottish Health Service Competition and Markets Authority Criminal Cases Review Commission Department for Communities in Northern Ireland Department for the Economy in Northern Ireland Department of Justice in Northern Ireland Financial Conduct Authority Fire and rescue authorities under the Fire and Rescue Services Act 2004 Food Standards Agency Food Standards Scotland Gambling Commission Gangmasters and Labour Abuse Authority Health and Safety Executive Independent Police Complaints Commissioner Information Commissioner NHS Business Services Authority Northern Ireland Ambulance Service Health and Social Care Trust Northern Ireland Fire and Rescue Service Board Northern Ireland Health and Social Care Regional Business Services Organisation Office of Communications Office of the Police Ombudsman for Northern Ireland Police Investigations and Review Commissioner Scottish Ambulance Service Board Scottish Criminal Cases Review Commission Serious Fraud Office Welsh Ambulance Services National Health Service Trust I always wondered what it would feel like to be suffocated by the sort of state intrusion that citizens are subjected to in places like China, Russia and Iran. I guess we’re all about to find out. Who else can view my stuff? Bulk surveillance of the population and dozens of public authorities with the power to access your internet connection records is a grim turn of events for a democracy like ours. Unfortunately, bulk collection and storage will also create an irresistible target for malicious actors, massively increasing the risk that your personal data will end up in the hands of: People able to hack / infiltrate your ISP People able to hack / infiltrate your Wi-Fi hotspot provider People able to hack / infiltrate your mobile network operator People able to hack / infiltrate a government department or agency People able to hack / infiltrate the government’s new multi-database request filter I’d wager that none of these people have your best interests at heart. Sadly, if the events of the past few years are anything to go by, it won’t take long for one or more of these organisations to suffer a security breach. Assuming, of course, that the powers that be manage not to just lose all of our personal data in the post. Article source
  8. Are you wondering when the latest blockbuster movies will leak online? Then Squawkr might be something for you. The new service allows people to maintain a watchlist of films and sends alerts when a high-quality scene release appears online. Unlike official distribution channels, pirate sites don’t have fixed calendar showing when a certain film will leak online. Instead, pirates and pirate watchers can be found regularly browsing their favorite websites, to see if something of interest appears. A cumbersome task, although it does have its charms. With Squawkr, however, movie fans now have the option to outsource this manual search labor. Instead, they just make a list of their most anticipated titles. Squawkr will then send an alert once a scene release becomes available. TorrentFreak reached out to Jakob, the developer of the site, who says that the simplicity of the platform is one of its main selling points. “I wanted to make Squawkr simple and easy to use, while being a powerful tool. It’s very intuitive. Just log in, start adding movies and get notified. That’s it,” Jacob says. The idea for Squawkr started about a year ago, when Jacob used to spend many hours searching for high-quality leaks, often without luck. “Torrent sites are flooded with Cam rips and WEB-DLs, which is fine for people who like to watch those. But for someone who enjoys true HD movies, it can be a bit of a pain to go through all the crap, just to find the needle in the haystack.” Since he couldn’t develop in PHP, Ajax and jQuery, the first six months were put into mastering the basic coding skills. Jakob then spent another half year improving the functionality and design. The result is what people see today, and it’s indeed quite intuitive. After logging in users can start adding movie titles, which is pretty much all there is to it. Adding a movie to the watchlist The site is focused on high-quality releases, mostly BluRay and DVD rips, and allows users to distinguish between 720p and 1080p quality. Other formats, such as WEB-DLs, could follow in the future if there is a high demand, but these will always be separate from the core experience. After a movie is added to the watchlist Squawkr regularly polls the PreDB database of scene releases. When a movie is available in the desired format, the service sends a notification via email. An email alert! What started as a relatively small coding challenge has now turned into something more serious. After receiving positive feedback and requests from early users in the Piracy and HTPC subreddits, Jakob started to add more features. PushBullet and Pushover notifications were introduced, for example, as well as a notifications archive where people can keep track of the alerts. Another advantage is that the site is free to use, and that’s not going to change anytime soon. That said, donations are always welcome. As for the legal side, Jakob is aware of the risks. He consulted a lawyer before going live with the service, who advised him to be cautious. However, since there are no links to any pirated files on the site, no real problems are expected in his home country of Denmark. Jakob prefers to focus on the positive instead. He hopes that a lot of people will appreciate his work. In a way, he is doling out gifts on a daily basis, which is a good fit for the festive season. “When you receive Squawkr notifications about your most anticipated movies from your watchlist, it’s like receiving a little present in your inbox. It’s fun,” he concludes. TorrentFreak
  9. An American satellite abandoned in 1967 suddenly came back online and began transmitting again for the first time in 50 years. Amateur astronomers first suspected that they’d found the satellite in 2013, but needed years to confirm that it was still occasionally transmitting. The satellite, dubbed LES1, was built by the Massachusetts Institute of Technology (MIT) and launched into space in 1965. A mistake in the satellite’s circuitry caused it to never leave its circular orbit, and it eventually stop transmitting in 1967. The satellite’s signal now fluctuates widely in strength, meaning that it’s likely only transmitting when its solar panels are in direct sunlight. Scientists expect that the satellite’s onboard batteries have disintegrated. This is not the first a NASA solar probe was lost and found again. In 1998, the Solar and Heliospheric Observatory lost contact with NASA but was eventually reacquired. NASA successfully rediscovered its Solar Terrestrial Relations Observatories (STEREO-B) probe after 22 months of searching in August, establishing contact with the $550 million probe for several hours. The STEREO-B probe was launched in 2006 to observe solar and space weather phenomena from deep space. The probe was lost in October 2014, but was only supposed to remain operational for two years. The spacecraft was set to pass directly behind the sun right before it was lost. NASA is unsure STEREO-B is still functioning well enough to be scientifically useful, but its sister spacecraft STEREO-A is functioning normally. The space agency will likely need to study STEREO-B with the Hubble Space Telescope to get it back in working order, which can’t happen until at least 2019 due to research schedules and orbital issues. Article source
  10. Advocates whitelists and other tools that 'genuinely help' security Kiwicon Google senior security engineer Darren Bilby has asked fellow hackers to expend less effort on tools like antivirus and intrusion detection to instead research more meaningful defences such as whitelisting applications. The incident responder from Google's Sydney office, who is charged with researching very advanced attacks including the 2009 Operation Aurora campaign, has decried many existing tools as ineffective "magic" that engineers are forced to install for the sake of compliance but at the expense of real security. "Please no more magic," Bilbly told the Kiwicon hacking conference in Wellington today. "We need to stop investing in those things we have shown do not work." "And sure you are going to have to spend some time on things like intrusion detection systems because that's what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help." Bilby wants security types to focus on tools like whitelisting, hardware security keys and dynamic access rights efforts like Google's Beyond Corp internal project. "Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'," Bilby said. The Google hacker also argued that networks are not a security defence because users are so easily able to use mobile networks to upload data to cloud services, bypassing all traditional defences. Advice on safe internet use is "horrible", he added. Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online. "We are giving people systems that are not safe for the internet and we are blaming the user," Bilby says. He illustrated his point by referring to the 314 remote code execution holes disclosed in Adobe Flash last year alone, saying the strategy to patch those holes is like a car yard which sells vehicles that catch on fire every other week. Article source
  11. Targeted online guessing represents a major threat to online security, according to new research. The paper found that this tactic exploits security shortfalls in many users, which, in this instance, is to use the same password – often containing personal information – across multiple accounts. The authors of the study, a collaboration between Lancaster University’s School of Computing and Communications and Fujian Normal Univeristy’s School of Mathematics and Computer Science, stated that this approach is an “underestimated threat”. “We have demonstrated that a large number of passwords can be guessed if personal information is known to the attacker.” “We have demonstrated that a large number of passwords can be guessed if personal information is known to the attacker,” noted Ding Wang, lead student author of the study. “Especially if they know passwords from other accounts owned by the potential victim.” Professor Ping Wang, the corresponding author of the paper, added that targeted online guessing is a “serious security concern”. This is especially true for two reasons, he went on to explain. One, there are large amounts of personally identifiable information easily accessible to cybercriminals. Two, cybercriminals are also able to get their hands on millions of leaked passwords, courtesy of data breaches past and present. “Our results should encourage people to vary the passwords they use on different websites much more substantially to make it harder for criminals to guess their passwords,” said Dr Jeff Yan, co-author of the paper. “This work should also help inform internet service providers looking to introduce more robust security measures to detect and resist online guessing.” One approach that is highly recommended is for the use of passphrases. Unlike passwords, these tend to be more complex and longer, yet just as memorable. Article source
  12. Fundamentally, people connect to Virtual Private Networks (VPNs) and proxies for two primary purposes: to conceal their internet activity and to gain access to geographically restricted online content. To some degree, VPNs and proxies fulfill both these needs. Yet they do so to different degrees and in different ways. A proxy is a second computer or server that acts as an intermediary between a computer or device (possibly yours) and the internet. For instance, if you wanted to access German content from Canada, you could do so by connecting to a German proxy. Websites would identify the proxy device by its German IP, and you’d likely be receiving local content. Yet proxies are subject to a number of limitations that VPN services are not. These restrictions can often lead to problems related to performance and security. So which is best for you? Let’s find out. Accessing Restricted Content As I stated above, proxies located in different locations of the world can provide the necessary tools for users to access foreign content, but not all of it. Proxies are limited by several different factors, the first being the type of proxy. HTTP Proxy Servers There are two main kinds of proxies. The first is called an HTTP Proxy Server. As you might have guessed, it deals specifically with protocols handled by HTTP and HTTPS. As a result, most websites can be fooled into believing that your IP address is that of the proxy. Other services, on the other hand, won’t be affected. You won’t be able to watch foreign Netflix or Hulu with an HTTP Proxy Server. On the other hand, this type of proxy is likely to be sufficient for basic browsing needs. Because speed isn’t as necessary for regular browsing, you’re unlikely to see a significant performance drop. Regrettably, some websites see through proxies’ tricks; intelligent use of Javascripting and Flash can be used to figure out where you’re actually connecting to the net from. SOCKS Proxy Servers The second type of proxy is known as a SOCKS Proxy Server. Unlike its HTTP counterpart, it does work with other types of connections (including things such as Netflix). Yet because most servers are public, performance is frequently limited and unreliable at best. Information is also not encrypted, which we’ll discuss in the next section. Virtual Private Networks VPNs are a different story. While they aren’t free like the proxies above (never trust a VPN you don’t pay for), they work for all kinds of internet traffic and they do so without majorly handicapping performance. These paid VPN services (look to Secure Thoughts for more information) offer support for their services and are likely your best option. Unlike proxy servers, VPN services usually have a multitude of different servers for subscribers to use. That means not having to search for a new proxy every time you want to see content from a different region of the world. Besides dealing with restricted content, security is another major issue that separates VPNs and proxies. Anonymity and Safety Proxies are by no means a bad thing. They help countless individuals reach the content they would have never had access to every day. Where they majorly run into trouble is on the front of security. Proxy servers are rarely (if ever) encrypted and they only really function as a point to bounce information from one point to another. In countries with government lockdown of the internet, a proxy does very little to circumvent censorship. Worse yet, companies looking to save money by restricting their users’ freedom are also unaffected by proxies, as many can simply bring up a log of user activity. As I mentioned earlier, some websites can also use clever tricks to identify your IP address even behind a proxy. VPNs are not completely clear of problems, but they do a much better job when it comes to handling the security of their users. A VPN service creates a direct channel between the subscriber and the service. In doing so, it encrypts all traffic (both coming and going) in a way that keeps both hackers and government away from your activities. Flash and Javascript tricks also have no effect on VPNs, so there’s no real risk of being discovered. The only area you need to be careful about is whether the VPN service keeps logs of their activities or not. The best VPN providers keep no logs of any kind. It might not seem like a critical detail, but understand what logs can be used for. Governments that are looking to oppress users or limit their rights can subpoena a company for its records. Even if the organization in question has no intention of hurting their customers, keeping logs can lead to some major future problems. Reliability and Pricing The last things to consider in the realm of VPNs and proxies fall into the categories of reliability and pricing. You will get exactly what you pay for when it comes to these services. Virtually all proxies are free. Very few require any form of payment from the user. They make up for this by cutting corners. In some cases, browser-based proxies secretly use their service as an ad delivery platform. On occasion, a proxy is set up to help other users out of good will, but that also means that the proxy isn’t likely to be as well-maintained. A simple lack of resources can mean very little goes into upkeep and infrastructure. As VPNs usually require some form of payment, they tend to be better maintained and have dedicated customer support teams. Multiple servers also afford companies the chance to spread bandwidth usage out for cases when too many users are connected at once (something that you won’t find with proxies). They’re simply more flexible with their service. Article source
  13. You’ve heard us talk extensively about the importance of moving the web to HTTPS – the encrypted version of the web’s HTTP protocol. Today, CDT is releasing a one-pager aimed toward website system administrators (and their bosses!) that describes the importance of HTTPS. The very short version of our argument is as follows: Without HTTPS, ISPs and governments can spy on what your users are doing; Using HTTPS prevents malicious actors from injecting malware into the traffic you serve; You already need HTTPS to do payments if you accept money; Without HTTPS, ISPs can strip out your ads/referrals and add their own; Without HTTPS, your website cannot utilize HTTP/2 for optimal performance; Without HTTPS, you can’t use the latest web features that require HTTPS (e.g., geolocation); and Without HTTPS, you can’t know if your users received important resources like your terms of service and privacy policy without modification. At CDT we’ve been looking into ways to motivate increased HTTPS adoption, which is now at well over half of all web requests. However, the amount of unencrypted HTTP is still massive, and there are a lot of large websites that do not use HTTPS. Enter Google’s transparency report, which recently added a section that tracks HTTPS adoption on the top 100 websites. It assesses sites in terms of three factors: do they support HTTPS, do they do so by default, and do they use modern cryptography. Many major sites like Facebook, Google, and Wikimedia have made the switch. One wrinkle emerges from Google’s report quite clearly: the two big industry sectors not doing so hot in terms of HTTPS are news sites and the adult entertainment industry. If you are a sysadmin at a top-100 adult site, allow us to help you navigate the switch to a more secure web for your users. To that end, we are excited to announce a partnership to increase HTTPS adoption for online adult entertainment. Over the coming months, CDT will work with the Free Speech Coalition (FSC) – the trade association for the adult entertainment industry – and other HTTPS evangelists to engage with adult website operators and make the case that we make here: HTTPS is the best of all worlds in terms of protecting traffic online and delivering the best experience for users. We plan to conduct a series of webinars and outreach events in partnership with FSC to reach their large network of members. If you are an adult website operator who has questions we can answer, please don’t hesitate to reach out to us or the folks at FSC. If you are a sysadmin at a top-100 adult site, allow us to help you navigate the switch to a more secure web for your users. As Google’s transparency report exposed, adult websites are moving slowly; large adult websites seem to overwhelmingly use plain HTTP, or serve ads over plain HTTP. The few adult websites in the top-100 that scored well in Google’s metrics were “cam” sites – websites that facilitate remote adult interactions via real-time video chat between two individuals. That seemed intuitive; all the other top-100 adult sites were focused on one-way broadcast of adult videos, images, etc., rather than two-way real-time communication, which could be exceedingly more sensitive than passive consumption of adult content. There is some good news for adult entertainment sites in terms of how difficult it might be to switch to HTTPS. Princeton researchers Steven Englehardt and Arvind Narayanan published research earlier this year that, in part, showed adult websites have many fewer trackers than news sites. One of the biggest factors in slow adoption by news sites of HTTPS was the complexity of their ad infrastructure and website analytics; they had to track down every single instance of an insecure page element being sent and work with their partners to correct that behavior. So, perhaps the adult industry won’t face the same barriers to HTTPS adoption that journalism has faced? A more secure Web is in all of our interests Even with the challenges, there has been some good movement from news sites recently: The Washington Post, Wired, ProPublica, TechCrunch, and Buzzfeed are great examples of news properties that have all moved to HTTPS (Zack Tollman at Wired has gone so far as to document the process and various snags they’ve run into during their move to HTTPS). A more secure Web is in all of our interests – and that includes every corner, from news sites to the more private parts. We look forward to working with diverse organizations, including the Free Speech Coalition, to increase HTTPS adoption and improve all of our security as we interact online. Article source
  14. The Internet may make many promises, but anonymity isn’t always one of them. Users, for example, who covet their privacy often turn to Tor and other similar services to keep their activities on the web from prying eyes, yet that hasn’t stopped the FBI and researchers from trying to uncloak people on that network. On the open Internet, users leave behind breadcrumbs as to their interests and locations on the sites they visit, data that is tracked by advertisers and other services interested in delivering targeted advertising in the browser. A team of academics from Princeton and Stanford universities has gone a step further and figured out how to reveal a user’s identity from links clicked on in their Twitter feed. The researchers built a desktop Google Chrome extension called Footprints as a proof of concept that combs a user’s browser history for links clicked on from Twitter. The extension sends all Twitter links from the last 30 days that are still in a user’s browsing history through the tool. The user is given the opportunity to review the links before sending them. The tool then returns, in less than a minute, a list of 15 possible Twitter profiles that are a likely match; the extension then deletes itself, the researchers said. “We were interested in how much information leak there is when browsing the Web,” said Sharad Goel, assistant professor at Stanford in the Department of Management Science and Engineering. Goel along with Stanford students Ansh Shukla, Jessica Su and Princeton professor Arvind Narayanan, developed Footprints. “We want to raise awareness and inform policy,” Goel said. “This is more of an academic demonstration. We’re not trying to make the tool available to other people, it’s mostly about raising awareness.” A tool like this would allow a business already tracking a user’s information to correlate it with Twitter traffic to make a best guess as to the user’s identity. It would do so, Goel said, by analyzing the anonymized browsing history and running a similarity match against Twitter traffic to rank the overlaps and arrive at a conclusion. In a post published to the Freedom to Tinker website, Su wrote that people’s social networks are distinct and made up of family, friends and colleagues, resulting in a distinctive set of links in one’s Twitter feed. “Given only the set of web pages an individual has visited, we determine which social media feeds are most similar to it, yielding a list of candidate users who likely generated that web browsing history,” Su wrote. “In this manner, we can tie a person’s real-world identity to the near complete set of links they have visited, including links that were never posted on any social media site. This method requires only that one click on the links appearing in their social media feeds, not that they post any content.” The researchers said there were two challenges to be worked out. First was their ability to quantify how similar a social media feed would be to web browsing history, which seems simple, but does not take into account users with an excessively large number of followers that could also include bots. Goel said those feeds were penalized in this exercise because of their size and the number of links they may contain could skew results. “We posit a stylized, probabilistic model of web browsing behavior, and then compute the likelihood a user with that social media feed generated the observed browsing history,” Su wrote. “It turns out that this method is approximately equivalent to scaling the fraction of history links that appear in the feed by the log of the feed size.” The demonstration uses Twitter feeds because they are for the most part public. The researchers heuristically narrowed the number of feeds to be searched and then applied their similarity measure to arrive at the final result, Su said. Goel said he expects the tool to remain available for the time being as they continue to collect data and refine the demo. A paper is expected to follow in the next few weeks, he said. Article source
  15. Comedians, Musicians and TV Hosts Rank Highly on the 10th Annual Most Dangerous Celebrities List NEWS HIGHLIGHTS Comedian and actress Amy Schumer ranked No. 1 on the McAfee Most Dangerous Celebrities™ 2016 study. Now in its 10th year, the study reveals which celebrities, musicians and TV hosts generate the most dangerous search results, potentially exposing consumers to malware. Celebrities in the top 10 include Justin Bieber, Carson Daly, Will Smith, Rihanna, Miley Cyrus, Selena Gomez and more. SANTA CLARA, Calif., Sept. 28, 2016 – Female comedian superstar Amy Schumer knocked electronic dance music (EDM) DJ Armin van Buuren off of the list to become the most dangerous celebrity to search for online, according to Intel Security. Now in its 10th year, the McAfee Most Dangerous Celebrities™ study, published by Intel Security, researched a broad list of well-known figures including actors, comedians, musicians, TV hosts, athletes and more. This research uncovers which celebrities generate the most dangerous search results that could expose fans to viruses and malware while searching for the latest information on today’s pop culture icons. Amy Schumer is considered to be one of the most popular female comedians who is also known for her work as a writer, actress and producer. Now Schumer can add “first female comedian to take the No.1 spot on the McAfee Most Dangerous Celebrities™ study” to her list of achievements. Justin Bieber came in hot on her heels at No. 2, followed by “Today” and “The Voice” host Carson Daly (No. 3). Schumer is also accompanied by comedian peers in the top 10 with Chris Hardwick (No. 7) and Daniel Tosh (No. 8). Former rapper turned Hollywood A-lister Will Smith is joined by chart-topping musicians such as Rihanna (No. 5), Miley Cyrus (No. 6), Selena Gomez (No. 9) and Kesha (No. 10), rounding out the top 10 list. Savvy cybercriminals continue to leverage consumers’ ongoing fascination with celebrity news – such as award and TV shows as well as movie premieres, album releases, celebrity breakups and more – to entice unsuspecting fans to visit sites loaded with malware that can steal passwords and personal information. The study conducted by Intel Security highlights the various ways hackers can take advantage of consumers’ interest around pop culture news, the risks of their online behavior and how to best protect themselves from potential threats. “Consumers today remain fascinated with celebrity culture and go online to find the latest pop culture news,” said Gary Davis, chief consumer security evangelist at Intel Security. “With this craving for real-time information, many search and click without considering potential security risks. Cybercriminals know this and take advantage of this behavior by attempting to lead them to unsafe sites loaded with malware. As a result, consumers need to understand what precautions to take to enable safe online experiences.” A Search for ‘Amy Schumer Torrent’ Results in a 33 Percent Chance of Connecting to a Malicious Website Amy Schumer topping the list highlights the trend of more people looking to “cut the cord” and move away from cable TV. Consumers are now, more than ever, streaming videos, TV shows and movies online. As file sharing and torrent use continues to grow in popularity, it’s no surprise that TV and movies are a target for cybercriminals seeking to create malicious files. The top 10 celebrities from this year’s study with the highest risk percentages include: Position Celebrity Percentage 1 Amy Schumer 16.11% 2 Justin Bieber 15.00% 3 Carson Daly 13.44% 4 Will Smith 13.44% 5 Rihanna 13.33% 6 Miley Cyrus 12.67% 7 Chris Hardwick 12.56% 8 Daniel Tosh 11.56% 9 Selena Gomez 11.11% 10 Kesha 11.11% Crowded with Comedians Kicking off her world tour this fall, comedian Amy Schumer tops the list as the Most Dangerous Celebrity – coming in at No. 1. Chris Hardwick (No. 7) of “Funcomfortable” fame and Daniel Tosh (No. 8 ) were also among the top 10, while Nikki Glaser (No. 15) and Kevin Hart (No. 25) made the top 25. Other funny females to make the list include: Grace Helbig (No. 26), Mindy Kaling (No. 30), Kristen Wiig (No. 52), Chelsea Handler (No. 54) and Ellen DeGeneres (No. 57). Musicians Top the Charts This year’s riskiest celebrities included some of the most sensational, chart-topping pop artists such as Justin Bieber (No. 2), Rihanna (No. 5), Miley Cyrus (No. 6), Selena Gomez (No. 9) and Kesha (10). Pop, rap, hip-hop and a bit of country were represented by Drake (No. 13), Katy Perry (No. 14), Jason Aldean (No. 16), Justin Timberlake (No. 17), Jennifer Lopez (No. 18), Lady Gaga (No. 19), Nicki Minaj (No. 20), Iggy Azalea (No. 27), Beyoncé (No. 28) and Usher (No. 29) as they rounded out the top 30. Late Night TV Shows “Today” show anchor and “The Voice” host Carson Daly is the third Most Dangerous Celebrity, while late night hosts Seth Meyers (No. 11) and Conan O’Brien (No. 12) cracked the top 15. Host James Corden, widely known for his popular “Carpool Karaoke,” landed at No. 23, followed by John Oliver at No. 24 and Jimmy Kimmel at No. 32 – previously No. 1 in 2014 and No. 26 in 2015. Bill Maher rounds out the list at No. 34. ‘The Voice’ Coaches Make the Cut Three of the four celebrity coaches on “The Voice” this season, along with the host, are all in the top 50. Miley Cyrus leads the pack (No. 6), followed by Adam Levine (No. 41) and Blake Shelton (No. 66), as well as his girlfriend and rotating coach Gwen Stefani (No. 49). Blake Shelton’s fellow country superstars Jason Aldean (No. 16) and Luke Bryan (No. 39) are not far behind. How to Search Safely Think before you click! Are you looking for the latest episode of Amy Schumer’s TV show, “Inside Amy Schumer”? Don’t click on that third-party link. Instead, get your content directly from the original source at comedycentral.com to ensure you aren’t clicking on anything that could be malicious. Use caution when searching for “torrent.” This term is by far the riskiest search term. Cybercriminals can use torrents to embed malware within authentic files making it difficult to determine if a file is safe. It’s best to avoid using torrents especially when there are so many legitimate streaming options available. Keep your personal information personal. Cybercriminals are always looking for ways to steal your personal information. If you receive a request to enter information like your credit card, email, home address or social media login don’t give it out thoughtlessly. Do your research and ensure it’s not a phishing or scam attempt that could lead to identity theft Browse safely using protection like McAfee® WebAdvisor software. WebAdvisor will help keep you safe from malicious websites by helping to identify potentially risky sites. A complimentary version of the software can be downloaded at mcafee.com/mcafeewebadvisor Use cross device protection. Consumers need to protect all facets of their digital lives regardless of where they are, what device they use or where they store their personal data. Use solutions that work across all your devices to deliver protection against threats, such as malware, hacking and phishing attacks. Find More Information: To learn more about the study, check out: Blog post from Gary Davis: No Joke! Amy Schumer Is #1 Among Most Dangerous Celebrities Twitter: Follow @IntelSecurity for live online safety updates and tips. Use hashtag #RiskyCeleb to discuss the Most Dangerous Celebrities of 2016 Web surfers can also visit the Intel Security Facebook page at facebook.com/intelsecurity and McAfee Security Advice Center for information on the latest consumer threats and tips for living safe online. If you do decide to search for information on a major event or celebrity in the news, make sure your entire household’s devices have protection, such as McAfee LiveSafe™ service, which helps protect most PCs, Macs and tablets and smartphones. It also includes malware detection software, McAfee® Mobile Security, to better protect your smartphone or tablet from many types of malware. Survey Methodology Intel Security conducted the study using McAfee® WebAdvisor site ratings to determine the number of risky sites generated by searches, on Google*, Bing* and Yahoo!*, that included a celebrity name and commonly searched terms (noted below) likely to yield malware. From that, an overall risk percentage was calculated for each celebrity. “Most dangerous” means that these celebrities are likely popular search subjects. McAfee SiteAdvisor technology helps protect users from malicious websites and browser exploits. SiteAdvisor technology tests and rates nearly every internet website it finds, and uses red, yellow and green icons to indicate the website’s risk level. Ratings are created by using patented advanced technology to conduct automated website tests and works with Internet Explorer*, Chrome* and Firefox*. Search terms included: “Celeb name + Torrent” “Celeb name + Free MP4” “Celeb name + HD download” The results indicated the percentage of risk of running into online threats – if a user clicked all the results generated by the terms. Fans clicking on sites deemed risky and downloading files including photos and videos from those sites may also be prone to downloading viruses and malware. » Download all images (ZIP, 802 KB) About Intel Security Intel Security, with its McAfee product line, is dedicated to making the digital world safer and more secure for everyone. Intel Security is a division of Intel Corporation. Learn more at www.intelsecurity.com. Article source
  16. Do you get creeped out when an ad eerily related to your recent Internet activity seems to follow you around the web? Do you ever wonder why you sometimes see a green lock with “https” in your address bar, and other times just plain “http”? EFF’s team of technologists and computer scientists can help. We engineer solutions to these problems of sneaky tracking, inconsistent encryption, and more. Our projects are released under free and open source licenses like the GNU General Public License or Creative Commons licenses, and we make them freely available to as many users as possible. Where users face threats to their free expression, privacy, and security online, EFF’s technology projects are there to defend them. Below we go over five of EFF’s many technology tools and projects. In different ways, they all function to increase your security on the Internet—with the implicit assertion that personal privacy is at the foundation of that security. Third-party tracking—that is, when advertisers and websites track your browsing activity across the web without your knowledge, control, or consent—is an alarmingly widespread practice in online advertising. Privacy Badger puts you back in control by spotting and then blocking third-party domains that seem to be tracking your browsing habits. Although Privacy Badger blocks many ads in practice, it is more a privacy tool than a strict ad blocker. Privacy Badger encourages advertisers to treat users respectfully and anonymously rather than the industry status quo of online tracking. It does this by unblocking content from domains which respect our Do Not Track policy, which states that the participating site will not retain any information about users who have expressed that they do not want to be tracked. Even if you use Privacy Badger and other privacy-protecting add-ons, you can still possibly be tracked through a technique called “browser fingerprinting”. Panopticlick investigates how unique each browser is—and shows users just how easy it is for third parties to uniquely identify their browsers. A combination of a user tool and a larger research project, Panopticlick analyzes information about the configuration and version information of your operating system, browser, plug-ins, and add-ons, and compares it to a growing anonymous database of other browser fingerprints. This generates a “uniqueness score,” giving you an idea of how easily identifiable you and your browser may be on the Internet. A collaboration between EFF and the Tor Project, HTTPS Everywhere is an extension for Firefox (both desktop and Android), Chrome, and Opera that makes your browser use HTTPS to encrypt its communication with websites to the greatest extent possible. Some websites offer inconsistent support for HTTPS, use unencrypted HTTP as a default, or link from secure HTTPS pages to unencrypted HTTP pages. HTTPS Everywhere fixes these problems by rewriting requests to these sites to HTTPS, automatically activating encryption and HTTPS protection that might otherwise slip through the cracks. Where HTTPS Everywhere gives users of all skill sets access to a web encrypted by default, Certbot offers all domain owners and website administrators a convenient way to move to HTTPS. Certbot is a client for the Let’s Encrypt certificate authority (CA) which is operated by the Internet Security Research Group. CAs play a crucial identification and verification role in the web encryption ecosystem—and Let’s Encrypt is one of the world’s largest, having issued certificates to over 5 million unique domains. Certbot deploys Let’s Encrypt certificates with easy-to-follow, interactive instructions based on your webserver and operating system. Surveillance Self-Defense (SSD) is EFF's guide to defending yourself and your friends from digital surveillance. In addition to tutorials for installing and using security-friendly software, SSD walks you through concepts like threat modeling, the importance of strong passwords, and protecting metadata. We put this all together with “playlists” for specific groups’ security needs and considerations, including LGBTQ youth, different professions (like academic researchers journalists, activists or protesters, and human rights defenders) and varied skill levels (from those new to security to online security veterans). How to get involved Choosing to use EFF’s technology tools is enough to make you part of the movement. Privacy Badger, for example, is an easy way to promote responsible advertising (that is, advertising that does not track users without their consent) as a viable model for free web content. For those with design, programming, and/or security skills, volunteering to dig into the code is an even more direct way to contribute to these projects. From improving design and usability to reporting and fixing bugs to finding and patching security issues, EFF is always looking for more people to participate in our thriving open source community. Even with invaluable volunteer help, keeping EFF’s tech projects running smoothly for the millions of users who rely on them requires serious development and maintenance from our team of technologists. We are committed to continuing to do this work—and to expanding it—in the future. Make a donation to support our technology projects work here. Article source
  17. Most of my friends and family live in Canada and I often get in touch with them so according to them the digital culture is booming like crazies in Canada these days. This lead me to do a random search about it since I'm a bit of a geek who goes after the depth of anything that catches my eye. So on a random search I came across these mind-boggling stats about internet scams in Canada and it wasn't too good for me cause not everyone of my friends and family is tech-savvy or intelligent enough to not fall victim to a scam or phishing attack. So it lead me looking for some things (tips) specifically for Canada as I'm not too sure what kind of scams are there. So far I have found this article about Canadian Internet Scams and Tips to Keep in Mind and scams via money transfer. Now need you guys in it! Cheers!
  18. Very few have write access enabled, though 800K servers available online without a password A recent brute-force scan of FTP servers available online via an IPv4 address revealed that 796,578 boxes can be accessed without the need of any credentials. The perpetrator of this scan is a security researcher that goes by the name of Minxomat, owner of a cyber-security firm that performs these types of scans on a regular basis, but usually in a much more targeted manner and for the purpose of detecting malicious traffic and its sources. Minxomat details the process on his blog, where he explains how he wrote a simple script and scanned all IPv4 addresses, attempting to connect via port 21 with the "anonymous" user and no password. The scan was carried out with a simple Linux VM In an email exchange with Softpedia, Minxomat detailed the reason. "I wanted to demonstrate how everyone, even on a low-power KVM instance, can perform a meaningful analysis of raw scandata," the researcher said. "That meant using no off-the-shelf scanning tools, but the simplest bash scripts imaginable. It worked surprisingly well for such a suboptimal approach, and that's why I wanted to share my findings and process," he also added. If you're curious, the researcher's rig was "a single KVM instance, running a single 2GHz vCore with 2GIB of RAM and 10GiB of HDD space. [...] The server was connected to a 250Mbps virtual switchport, but traffic never exceeded about 1MB/s." There are better approaches to scanning the entire Internet Minxomat, who in the past scanned for other types of open ports, such as MongoDB, CouchDB, and Redis, has scanned for open FTP ports in the past. "Today, commercially, we do mostly reverse-DNS crawling," he said. "This is a better approach for our application than the brute-force IP scan that I demonstrated in my [blog] post." His research shows how simple and how few resources a determined attacker would need to scan and compile a list of potential targets. List of exposed FTP servers available on GitHub Minxomat, who released the full list of IP addresses on GitHub, says that this is not such a big issue as you'd expect. "FTP servers that allow anonymous write access are quite rare," Minxomat told Softpedia. "Those are extreme cases though." Nevertheless, server owners should take no risks and use Minxomat research as an opportunity to secure their servers. Infosec experts have been constantly scanning the Internet for open server services and warning companies through their research. Article source
  19. Batu69

    Introducing TLS 1.3

    CloudFlare is turbocharging the encrypted internet The encrypted Internet is about to become a whole lot snappier. When it comes to browsing, we’ve been driving around in a beat-up car from the 90s for a while. Little does anyone know, we’re all about to trade in our station wagons for a smoking new sports car. The reason for this speed boost is TLS 1.3, a new encryption protocol that improves both speed and security for Internet users everywhere. As of today, TLS 1.3 is available to all CloudFlare customers. The Encrypted Internet Many of the major web properties you visit are encrypted, which is indicated by the padlock icon and the presence of “https” instead of “http” in the address bar. The “s” stands for secure. When you connect to an HTTPS site, the communication between you and the website is encrypted, which makes browsing the web dramatically more secure, protecting your communication from prying eyes and the injection of malicious code. HTTPS is not only used by websites, it also secures the majority of APIs and mobile application backends. The underlying technology that enables secure communication on the Internet is a protocol called Transport Layer Security (TLS). TLS is an evolution of Secure Sockets Layer (SSL), a protocol developed by Netscape in the 1990s. The Internet Engineering Task Force (IETF), a standards body, has been in charge of defining the protocol, which has gone through several iterations. The last version, TLS 1.2, was standardized in 2008 and is currently supported by the majority of browsers and HTTPS-enabled web services. TLS 1.2 can be secure when configured correctly, but its age has begun to show. In the last few years, several high-profile attacks have been published that revealed flaws in the protocol. Eight years is a long time in computer security, so the IETF have been working on a new version of the protocol, TLS 1.3, which should be finalized by the end of 2016. TLS 1.3 is a major overhaul and has two main advantages over previous versions: Enhanced security Improved speed Enhanced Security Most of the attacks on TLS from the last few years targeted vestigial pieces of the protocol left around from the 90s. TLS 1.2 is highly configurable, and vulnerable sites simply failed to disable the older features in hopes of being compatible with old browsers. TLS 1.3 embraces the “less is more” philosophy, removing support for older broken forms of cryptography. That means you can’t turn on the potentially vulnerable stuff, even if you try. The list of TLS 1.2 features that have been removed is extensive, and most of the exiled features have been associated with high profile attacks. These include: RSA key transport — Doesn’t provide forward secrecy CBC mode ciphers — Responsible for BEAST, and Lucky 13 RC4 stream cipher — Not secure for use in HTTPS SHA-1 hash function — Deprecated in favor of SHA-2 Arbitrary Diffie-Hellman groups — CVE-2016-0701 Export ciphers — Responsible for FREAK and LogJam CC 2.0 Generic Aqua Mechanical TLS 1.3 removes the “bad crypto smell” of these legacy features, making it less likely that attacks on previous versions of the protocol will affect TLS 1.3. This streamlining also makes TLS 1.3 much simpler to configure for server operators. A secondary side effect of the update is that the protocol can be made much faster, resulting in a better web browsing experience. Improved Speed Fast page load times are critical to the success of web services. Amazon famously found that every additional 100ms of page load time decreases sales by 1%. A major component of page load time is latency: the time it takes to send data between the browser and the web server. The impact of latency is especially noticeable for: a) users on mobile devices b) users that geographically far away from the server A message from Sydney to New York and back can take over 200ms, enough for humans to notice. Mobile browsing can also increase latency for a connection. Sending a message over a modern 4G mobile network routinely adds over 100ms of latency to requests. On 3G networks, which are still common in Europe, add over 200ms of additional latency. Even home WiFi connections and ISPs add dozens of milliseconds to requests. This additional latency can make mobile browsing feel slow. Unfortunately, encryption can make these slow connections seem slower. TLS 1.3 helps improve this situation. To send a message to an encrypted site, you must first establish shared cryptographic keys. This process is called a cryptographic handshake. It requires special messages to be sent back and forth between the browser and the website. The TLS handshake happens behind the scenes whenever you connect to an encrypted site with your browser. With TLS 1.2, two round-trips are needed to complete the handshake before the request can be sent. Accessing a site over a mobile network can add more than half a second to its load time. With TLS 1.3, the initial handshake is cut in half, requiring only one round-trip. That’s like going from a fast station wagon (0-60mph in 10 seconds) to a Tesla Model S (5 seconds). If the round-trip time for a connection is around 100ms, the speed boost from TLS 1.3 is enough to take sites that seem “sluggish” (over 300ms), and turn them into sites that load comfortably fast (under 300ms). The more efficient handshake is only possible because some of the legacy features present in TLS 1.2 were removed from the protocol. TLS 1.3 also has the additional advantage that for sites you’ve visited recently, you can send data on the first message to the server. This is called “zero round trip” mode (0-RTT) and will result in even faster load times. CloudFlare is planning to support TLS 1.3 0-RTT in the coming weeks. Live for all TLS 1.3 is huge step forward for web security and performance. It’s available to all CloudFlare customers, and enabled by default for all Free and Pro customers. You will find the toggle to enable/disable TLS 1.3 in the Crypto tab of the CloudFlare dashboard. The TLS 1.3 specification is still being polished, but the IETF is very close to settling on a final version of the protocol. Major browser vendors Firefox and Chrome have implemented preliminary versions of TLS 1.3 in their developer releases (Firefox Nightly and Chrome Canary), and we’re updating our implementation to match the current version in these browsers until the specification is final. Expect a faster, safer web browsing experience as more browsers enable TLS 1.3 by default in the coming months. How to enable TLS 1.3 in your browser Firefox Nightly Install and run Firefox nightly: https://nightly.mozilla.org/ Enter "about:config" in the address bar Set security.tls.version.max from 3 to 4 Restart the browser Chrome Canary Install and run Chrome Canary: https://www.google.com/chrome/browser/canary.html Enter "chrome://flags/" in the address bar Go to "Maximum TLS version enabled." and select "TLS 1.3" Restart the browser Article source
  20. Switching your DNS servers can improve web performance, enhance security and help you reach some sites you can’t normally access. It’s awkward to do this manually, but Change DNS Helper is a free tool which makes the process much easier. A straightforward interface displays everything you need to know in a single tab. Choose a target network adapter, your preferred DNS server, click "Change DNS" and you’re done. The initial DNS server list includes more than 20 options, including Google, OpenDNS, Comodo, Yandex, Norton. These are stored in an INI file and very easy to change. Here’s the basic format. [IPV4] US – Google Public DNS=8.8.8.8,8.8.4.4 US – Comodo Secure DNS=8.26.56.26,8.20.247.20 Just add your new DNS server and IP addresses in the form name=1.1.1.1,2.2.2.2 and it’ll appear in the list. Unusually, Change DNS Helper enables changing DNS servers for IPv4 and IPv6 connections separately. There are also some handy options to reset, save or back up your DNS settings. You’ll be briefly annoyed by features like a "Hide IP Address" button, which doesn’t hide your IP address itself, instead opening your web browser at the Hide My Ass site (gee, thanks). But once you know not to click it, this doesn’t really matter. There’s no shortage of similar tools around, but Change DNS Helper’s IPv4 and IPv6 support and it’s lengthy, editable default list of DNS servers help the program stand out. Give it a try. Change DNS Helper requires Windows XP or later. Article source Similar DNS changer tool.
  21. It seems as though the more we prosper the more privacy we sacrifice. Nowadays, your social networks know everything about you and the world doesn’t seem to care much about this intrusion. If your privacy is something you’re lenient with or if you belong to the group who think that the breach of privacy is something serious, or among the people who think protecting their privacy is a big deal, this article will help you understand just why you need to guard your confidentiality and also help you dispel a few myths about the thing that have probably been nagging your mind. Alarm: Your data is valuable stuff: People usually don’t think that their information is very important because after all, why would organizations buy the bio-data of an insignificant, common man? Well, that’s just the thing. If multinationals are willing to pay for your information, there has to be a very good reason for it. This doesn’t only mean your basic information but everything from your date of birth to your quirky little buying habits, it’s all important. Usually when someone asks for your information, they assure you that it’ll be taken ‘anonymously’ and treated as such too. Now while the gatherer may be anonymous, your information is inevitably traced right back to your individual self later on. This is the primary reason why big companies discourage consumers from opting out of behavioral marketing. Your information has real, tangible value and sells for a lot of money. For example, for Facebook, you are worth just short of 5 Dollars a year even if you don’t open your wallet for them once. This leads some people to believe that privacy is essentially nonexistent now but that’s not the case either. People are very concerned about the information they hand out. Even people who have already given out their private information are now very concerned about what is happening to it. They are gaining more awareness of their information day by day without wanting to black out all their information for free services. They just want to keep control over it and want to know what happens to it once it’s dished out. Who’s More Dangerous: The Government or Businesses? This question has been asked time and time again but there’s still no concrete answer to it. The Government: Usually it’s assumed that when you sign up for a Web site, your information is given to them and kept by them only. However, it’s not as simple as that. Truth is that even a simple FOIA request by the DEA and IRS are enough to get information about you from companies like Twitter and Facebook. It is a common belief that the information you give is simply filtered by the government to catch criminals. But that’s not the only truth again, the government needs only to send a request for information and the company gives out information about you, your friends, your family and common interests even if you have a clean rap sheet. Businesses: If you thought that the government was bad, get a load of this. The government has to provide some level of transparency in order to fulfill lawful requirements. Businesses aren’t bound as such; private companies are free from these bindings by the privacy act of 1974. Once you give them your information, there’s no telling how far it’ll go to be used. Some companies even reserve the right to sell your information while a state, in their terms of service that they will use your information for sharing with their strategic partners, which is essentially the same thing without the cash involved. One small comfort people have is in that the information they give isn’t personally identifiable. However, that too isn’t completely accurate. The fact is that not enough people ask themselves if the information they’re clicking ‘ok’ to is still their property later on or not. To put it simply, it isn’t. Once you click on that ‘I accept’ to the terms of service you didn’t read, you give away your information and it isn’t coming back even if you want to modify it later on. However, this game runs both sides of the board because you have every right to your information and can ask about how it’s being used. You have complete right to ask where your information is being kept and if it’s secure or not. This is such an issue that even the Whitehouse has been taking measures to ensure that the consumer gets SOME privacy. This has proved to be a good first step but it’s still just that: “The first step”. Even if you are perfectly comfortable about dishing your information, you must realize that others aren’t. This calls for consumer awareness. You have a right to privacy and even if not for yourself, you need to demand it for someone who needs it more than you. Demand your privacy. Read terms of services carefully and be responsible about the information you give and how it’s handled. Prevent Business Organizations from Intruding Your Online Privacy: We live in a world where privacy has become a rare commodity. With the rising popularity of social networks, it has become increasingly tricky to regulate your virtual presence and control the amount of information you share with others. As the virtual media has become really vast, it is difficult to ensure 100% privacy, but there are methods through which you can ensure maximum safety. The most important wax-on of internet security is to have the latest Antivirus and firewall to ensure none of the parasites in cyberspace chew up your computer system. The following points, will give the readers a better understanding of the dangers involved in giving away your personal information to a website without taking adequate precautions. For those who don’t know what safety measures are to be taken, this page is the right one to be on. Increase the Privacy of Your Internet Browser Your browser acts as a medium for you to access other websites. It is useful but that is how most of the viruses make way to your computer. This is why it is vital that you tweak your privacy settings on your browser first. Make sure all the websites that you access, are safe for browsing and do not require any information that is strictly confidential and sensitive such as credit card details, personal contact and/or location. Having taken care of these things you can now move on to the next step. Using search engines that won’t save any of your searches that will definitely control the amount cache that gets piled up and as a result slows down your computer. Put on some extensions Once you have made the necessary changes to the privacy of your internet browser, you also have the option of adding certain extensions that will further enhance your presence on the cyberspace. Use extensions that will sift spam advertisements. Secure your connection by just using HTTPS, which automatically encrypts your information for other websites. These days there are many password management extensions which ensure that the user changes their password often, create strong passwords and protects people from password theft. Moreover, users can also go for other extensions like Do-Not-Track-Me which prevent third-party agencies from tracking and accessing all the websites that have been visited on your computer. Download extensions to manage your cookies and try to keep your cache clean as much as possible. Once you have all these things out on your checklist to achieve internet security, your next step comes to protecting your social media presence. Make sure that you associate with people who are legitimate and trustworthy online and do not hand out personal information to any person that bumps into you in the virtual sphere. Tweak your Facebook and Twitter settings to protect your identity and personal data. Given the current circumstances where many whistleblowers have showed us all how vulnerable we are on the internet, these are only some of the measures you can take in order to protect yourself. Though it is not foolproof, but will definitely back you up wherever and whenever it can. An intro to Info Hackers and some precautions to consider: The aforementioned threats are of the higher level, there are still the regular hackers who tend to peak on important personals, like credit cards, and then exploit that information to satisfy personal motives. Issues with real stalkers have always been a threat but the preoccupation of internet has made the confidentiality problems much more superficial by exposing them to the virtual scythes. However, technology is not to be blamed for this matter but the sick people who collect and misuse information about individuals are the real culprits. This concern has led many to think about the ways to protect their personal information. If you are one of those, following are a few tips for you to secure your personal data efficiently: GPS and Wi-Fi: GPS and Wi-Fi can be considered doors to the data you want to protect. So an easy way is to shut those, specifically when unwanted strangers are not to be welcomed. GPS: Leaving the GPS enabled when it is not in use can easily broadcast locality to a number of people like app developers or cell phone providers. Carrying a smart device that has GPS empowered can reveal even more specific locality; it is a simple tactic to deactivate GPS when it is not being used. Wi-Fi: Wi-Fi can be used to access information on your device like phone numbers, pictures, browsing history hence it works exactly like the GPS. Installing power managing apps will disconnect Wi-Fi automatically when the screen goes dark and save you the trouble of doing it yourself again and again. Date of Birth and Telephone number: The way out from this security threat is to simply avoid disclosing accurate date of birth as it can be used for verification; same is the case with telephone numbers. It is vital to only provide these specifics correctly when they are to be used with credible organizations and not the random ones. Safety Check: One can never know who to trust, what the true identity of people is and whether the site you are surfing is safe or not. The best an individual can do is not to reveal any personal identifiable information on site that cannot be relied upon. Your name, email address, credit card number etc. are included in this category. Shop with Security: Firstly, it is significant to only shop at reputed stores, to dodge the shady ones that are there only to trap unaware shoppers. The next thing to consider is whether the trusted store you are shopping at regards security as the topmost priority; this can be confirmed by simply investigating into the kind of technology they use. All you have to do is ensure that the store has the following: “Https” before its web address; the “s” is actually the essence. Go carefully through the checkout page to see if it verifies that the page is secured by professional safety technology vendors and if it has the tiny lock padded symbol at the bottom right corner. The Phishing Snare: Phishing is one of the most common weapons hackers use. In fact, even you can create a phishing page after watching a couple of tutorials on YouTube. Basically, these pages act as a clone of real login pages and once people log into them, they indirectly send their login information to the hacker/creator of the site. They are generally sent via emails faking to be the original business organizations hence it is easy to identify them. Here again the “HTTPS” rule applies while another useful point to keep in mind is to always login to the original site instead of trusting the received hyperlinks. All in all, there will always be the bad guys hence precautions are to be always taken to guard ourselves. There are virtual laws too, which will be covered in another article; they are the last steps we take in case of rare and damaging intrusion. The information provided in this article is a general introduction to aware the readers about how the people they are exposed to. By simply practicing these safety measures, everyone can be sure not to make a silly mistake from their end. Article source
  22. There’s never been a better time to leave Tor. After a few weeks of unsuccessfully waiting for my views to mellow, I add my voice to the exodus. Three weeks ago, The Tor Project, Inc. published their Tor Social Contract. The contract was covered by the media, but the media focused on the policy not to backdoor software (as though that were surprising?), and regrettably, missed the real story carefully hidden in the first bullet: This bullet is a continuation of Tor’s new mission statement adopted in late 2015 which reads: Collectively, these two policy documents pivot The Tor Project, Inc. from an organization that was foremost about privacy technology to an organization that is foremost about human rights (HR) where privacy technology is the chosen means to the end. Naïve observers may see little difference, but this pivot has deep ramifications. In western liberal democracies (where Tor is overwhelmingly based, and by raw numbers, largely serves) human-rights advocacy has better optics than privacy. But the opposite is true in the regions that Tor aims to serve. Privacy empowers the individual. Empowering the individual naturally dovetails with human rights, so its plausible that greater human rights is a natural byproduct of privacy advocacy. However, Tor’s pivot from “Privacy Enthusiasts” to “Human Rights Watch for Nerds” substantially increases the risk of imprisonment to those operating a Tor relay or using the Tor Browser Bundle from less HR-friendly regions. For example, in Singapore (where I live), the government absolutely does not care for what they term “Western human rights” and views them, at best, as a handicap in maximizing GDP, and at worst, as cultural imperialism. But despite their dim view of human rights, Singaporean authorities top-to-bottom are fanatical about reducing corruption. Most importantly, Singapore’s love of anti-corruption exceeds its apprehension about human-rights-laden privacy enhancing technologies. Singapore’s attitude here is representative of the cultural terrain from China to Indonesia, which constitute >30% of the world population. Pigeonholing a generic technology like Tor into the human rights category makes it immensely harder to justify using Tor as part of generic (non-human-rights related) communications. For example, say you’re a sysadmin at a local business wishing to further secure its comms. You propose running a Tor node or using Tor internally. This was just something you could do (if perhaps a bit overzealous), but if asked you justifiably reply defense against corporate espionage matters. After Tor’s pivot, you now have to justify why the company is using software explicitly designed for banned HR activism — why is this worth drawing the government’s ire? Using Tor is now an additional mild liability for all non-HR users. In profound irony, Tor’s pivot especially hurts local users who would use Tor for human rights. Say you’re an Asian HR activist — choosing one, would you prefer: A poignant mission statement and social contract saying Tor, unsurprisingly, supports your noble cause. A larger local anonymity set by including non-HR users, faster performance via local relays, and greater plausible deniability, so that your mere use of Tor is less suspicious? To my surprise, Tor management believes (1) is more valuable than (2). Call me a bleeding-heart, but I believe privacy is so important that the efficacy of (2) takes priority over the emotional self-satisfaction of (1). Demonstrating how complete the transformation is within Tor, arguing this is deemed VERY SUSPICIOUS. And, I kid you not, that suspicion yields Tor management’s thumbs-up. As a born-and-bred American, I get the human-rights motivation — I really do. But the “Human Rights Watch for Nerds” branding gives decidedly-unfriendly-and-opportunistic-authorities full license to do as they please with Tor operators or anyone who uses Tor (regardless of whether the use is HR related!). Yet a large portion of Tor is so drunk on self-righteousness they can’t recognize they are piloting into their adversaries’ hands. Here’s a more familiar analogy illustrating the regional equivalent of what Tor has done. Imagine Tor canonized a new policy document stating: Thereafter, anytime an authority sees anything Tor, the enterprising officer has full-authority to proceed for investigating a drug-crime whereas before ze did not. I do not know how to make this more clear. During my undergraduate years (2002–2007), I admired Tor’s skillfull treading on the tightrope separating three groups who typically don’t get along: the military-industrial complex among its funders the anarcho-capitalist cypherpunks among its early operators the potpourri of activists among its most dedicated users I’m sure it was a difficult balance—but that balance was the secret sauce of Tor’s success, as Tor was perhaps the only thing these wildly divergent groups could agree on! Unfortunately, modern Tor has firmly rejected the first group, rebuffed the second, and filled the resulting vacuum with one of the worst aspects of the third — the purity politics and prioritizing of virtue signaling over mission efficacy. Tor’s branding pivot is misguided, damaging for global privacy, and ironically, harmful to Asian human rights. Anonymity requires not just company, it requires diverse company, yet Tor has increased the risk to all non-HR Tor users. This something Tor has brought upon itself, and they are knowingly throwing their most vulnerable users under the bus. After seven years of proud service to Tor including: founding Tor2web, Roster, and Toroken, as well as writing a Tor Tech Report and running several high-performance relays, I am resigning because: Given my residency in Southeast Asia (and already being on a first-name basis with the Singapore Police Force due to tor2web), Tor’s pivot creates nonnegligible risk for me personally. I do not trust an organization which prefers reaping modest public relations benefits within comparably cozy jurisdictions over the security of its neediest users risking imprisonment. Anyone want to set up an organization based on the efficacious promotion of privacy? Because Tor is no longer it. Addendum In discussing this post, one of my colleagues opined that, from a management perspective, the pivot towards human rights is actually great for fundraising in the West. With modern Tor Project placing getting off defense-industrial funding at top priority, new funding must come in. And if a byproduct of that new funding demands throwing the most vulnerable users under the bus…well, that’s just the price for them to pay. So, lets take a step back. The primary reason for Tor to distance from defense money is so it’s not perceived to be a puppet of the West. The optics will look better to casual observers, but dropping defense funding for building products and pivoting towards human rights grants will, ideologically speaking, surprisingly have the opposite effect. Article source
  23. I am now part of the problem. The advertising industry is wringing its hands and shaking its fist at the use and growth of ad-block technology, but I am not above temptation. I simply installed it. And much like the many million people who have done so already, I love it and probably won’t ever fully abandon it. So instead of excoriating people for using them, it’s time we reflect on how we got here, what its inevitability means for our future and whether this might even be a trend worth embracing. The most commonly cited statistic on ad blocking reports that roughly 200 million people worldwide installed ad blocking on their computers as of August 2015. That group is rapidly growing: Mary Meeker’s 2016 Internet Trends Report shows an upward accelerating trend in ad-block adoption across desktop and mobile worldwide. HubSpot’s Global Interruptive Ads Survey (Q4 2015 to Q1 2016) found 50 percent of respondents already had installed AdBlock, and more than 60 percent of adults 18-35 expect to by Q3 2016, with respondents 35+ not that far behind. PageFair and Adobe report a growth of almost 50 percent in the usage of ad blockers in the U.S. from Q2 2014-Q2 2015. The recent IAB report on ad blocking found 26 percent of desktop users block ads online. Cumulatively, these reports indicate that the number of individuals using ad blockers will have doubled many more times over within the coming year or two. And their impact is real. Ovum and The Wall Street Journal report that in 2015 alone, publishers lost $24 billion dollars in ad revenue because of ad blockers. Ad-block technology stops almost all ads a person might otherwise see. Search ads, banner ads, remarketing, pre-roll, YouTube ads, social posts and even some “native” ads are all covered. When loading a page, AdBlock looks at from where content is being called and uses that information to infer what is or is not an ad. On computers, AdBlock typically comes as a plugin to install in a browser. On mobile, it takes the form of browsers or browser settings that do the same. It’s easy and relatively tinker-proof. With one or two clicks, an ad-free internet is at the fingertips of anyone. In response, some websites now have AdBlock walls. Upon arrival, AdBlock users are requested to enable ads by putting the site on a whitelist. Users are often amenable; the Times reported that more than 40 percent of users agreed to whitelist the site when provided with a message about the need to pay for high-quality content. However, the bulk of internet publishers, along with the bulk of online ad inventory they represent, have not pursued similar measures: perhaps because they (rightly) assume that click-bait headlines and repurposed content aren’t reason enough to get users to turn off their ad blockers. Their objective is traffic, and lots of it. Meanwhile, premier content publishers are beginning to understand how much their core audience dislike their many ads and now even offer products that obviate the need for AdBlock in the first place. Publishers like the NYT and even YouTube now hawk ad-free supra-subscriptions for their most dedicated and ad-weary audience members. Fundamentally though, everyone understands that a world with no ads online is an untenable one. AdBlock Plus found that 75 percent of their users supported sites having ads, so long as they weren’t too many and weren’t aggressively disruptive. In response, AdBlock Plus developed the Acceptable Ads Manifesto, outlining a series of rules for ads on sites, most all of which follow common sense. If a site agrees to meet these standards, AdBlock Plus will not block their ads. Moreover, much like the Times’ experiment, the latest IAB/YouGov study on ad blocking in the U.K. finds half of all users willing to disable blockers in exchange for content. The IAB U.S. survey found that most users are blocking ads for specific reasons — reasons that can be addressed. People understand the value of ads in supporting content; it’s just that now they are demanding better accountability from the system. For publishers who sign on and are part of this advertising future, it means significantly fewer digital ads. It means higher premiums on banner ads, pre-roll ads and the like, and, quite possibly, an end to the cost savings previous models of digital advertising offered. It will mean that running a series of banner ads will not a campaign make. Challenged by the fact that the cheap replication of a print-style advertising model no longer is profitable, more publishers will have to look to more innovative ways to incorporate their commerce with their content. This is a position that the entire advertising industry needs to move to embrace. The honest truth is that the prevailing model of digital advertising, of ubiquitous cheap ads, is a broken one. The incentives in this model have encouraged the worst behavior: publishers squeezing more and more ads into a cluttered space and marketers pointing to these masses of impressions and clicks as the sign of a job well done. Ads that aren’t viewable, bot-generated clicks, phantom ads across the internet, video ads that aren’t seen or heard or both: These are all symptoms of a business model that rewards quantity over quality. Worse yet, the common model of digital attribution compounds the same tension. Standard practice attributes on-site success to the final ad clicked or final ad seen, rewarding mass amounts of bottom-of-the-funnel advertising. Whoever is responsible for that last ad takes full credit for that consumer’s decision to convert. Again, incentives in this model encourage the worst behavior: publishers flooding consumers with cheap ads to claim credit and marketers pointing to the cost-efficiencies of the same ads as the sign of a job well done. Successful marketing is nothing if not pragmatic. So long as this is the nature of success, it’s unsurprising that all parties pursue the same end game. Admittedly, some of this is beyond the industry’s control; unlike other mediums, there’s no body that can similarly regulate the nature of all digital ads and their quantities. So long as the model of digital advertising is about quantity, impression counts and video views, and so long as the medium of digital advertising involves barraging users with thousands upon thousands of ads per day, it is the correct and right strategy to get as many ads out as possible to get the most chances of success. When these are the rules, the winning strategy will be a simple numbers game. However, widespread adoption of ad-blocking technology upends this model and gives everyone a chance to slay digital advertising’s Ouroboros. Publishers either must have such high-quality content that users will agree to let them show their ads, or, if their content is not sufficiently compelling, have to abide by a model that puts a real cap on the number of ads they can deliver. Fail to do either, and none of the ads are seen. This immediately helps combat a number of the inventory issues digital advertising faces. Phantom ads and viewability are less likely to be concerns when the ad ecosystem supports a much smaller set of permissible ads. The better the publisher, the larger the premium offered by digital advertising for their content. And with fewer chances to show an ad, the quality of those ads must go up. Advertisers will need to develop higher-quality ads and will have the budget to support it given the cost of the medium. And consumers get higher-quality ads while also avoiding the barrage of bargain-quality banners they hate so much. This demands more of our industry, not the simple escalation of an arms race. Any advance in our technology to force ads upon users will be met with an equal development to block them. At this point it’s wholly Newtonian. Facebook’s recent announcement, followed by the immediate update to AdBlock Plus, is instructive. The sad truth is that Facebook’s own announcement acknowledged that the issue consumers had was not with all ads, but with how many currently live in our marketplace. Instead of language chastising consumers for their selfishness, instead of spurious accusations of secret profit behind ad-block technologies, the advertising industry needs to recognize that it has built no good will, that its failure to stop and active decision to escalate this problem is the direct cause of consumers’ actions. Far too often the incentives of digital advertising allow the industry to revert to a simple formula, and the consequence has been more ads, more often, to more irritated consumers. Yet we didn’t change course. People want services and people understand the importance of ad support. They just want better ads. Now people have a tool powerful enough to hold the industry accountable, and their voices are finally being heard. The shame is that for an industry that prides itself on understanding consumers, it has taken us this long to listen to them. Article source
  24. Batu69

    Reduce MP3 File Size Online

    MP3Smaller is a free service that allows you to reduce MP3 file size online, reduce size of the mp3 files, make mp3 smaller, reduce mp3 bitrate. Reduce size of MP3 files online, directly from your web browser. Useful service to fit more songs on your MP3 player by reducing the audio bit-rate. MP3Smaller Most of the times when you download an MP3 audio file from a website or from YouTube, the volume level is low or very low and you may need to boost the volume level in order to better listen the MP3 file via portable MP3 players. MP3 Louder can help you to do exactly this: you can accurately increase and boost the volume level of any MP3 file without losing the original audio quality. Increase MP3 Volume Online Increase Video Volume Online
  25. Is there anything porn can’t do? Other than ruining the sexual wellbeing of multiple generations, contributing to extreme warping of body images, and now somewhat commonly used as a disturbing revenge tactic against ex-partners, you mean? Well, it can even be used as a handy tool in the hackers’ array, and not just for the reasons you might think. Let’s take a look at where and why porn might a bigger vulnerability in your life than you think. Pornographic Database Ransom Most people closely guard their porn use. It isn’t something people regularly broadcast, and your viewing habits are certainly not something you’d want online in an easily itemized database. Perhaps that database would have columns listing the type of porn — teen, gay, MILF, etc. — and the number of times you’d watched a video of that nature. Regardless of how a tool of that ilk might provide an engaging user experience, there are genuine issues with a colossal database of this type. In the UK, authorities recently banned the creation and distribution of pornography containing a number of things, all seemingly focused on a male-centric view of pornography. However, if the authorities discover we have been enjoying one of these banned forms, we’ll get a reprimand. Do it again, and we might get a fine. There are many billions of individuals living under vastly more oppressive rule than we have in the UK. A person living in a country that wrongly penalizes homosexuality may watch some gay pornographic material. If their viewing habits were exposed, there is a potential that the individual could be sought out and punished, or worse. Not only do they live in fear of exposing their sexuality, they must closely guard any other indicators that might disclose their secret. Possibility? While there is a definite possibility that a hacker could in theory attack and liberate information linking pornographic search data to specific IP addresses, Cooper Quintin, staff technologist at the Electronic Frontier Foundation, believes something different would happen: “The far more likely scenario is just that a porn company gets hacked and credit-card data is stolen. If this were the case I think that an attacker would be more likely to sell the credit-card information than release it online ‘for the lulz'” “I think a bigger concern is data brokers using your IP address to correlate data about what porn sites you visit with tracking profiles that they already have, even when browsing in ‘incognito mode.'” Quintin’s final point brings us nicely onto ours. Not-So-Incognito These days, the majority of popular adult-content sites are largely malware free. There may be occasions where things slip through the net and we know that malvertising is an extremely popular threat delivery system in 2016. Even so, your chances of picking up something really bad on YouPorn or XVideos is slim. However, something else is afoot. Software engineer Bret Thomas believes Online Porn Could Be The Next Big Privacy Scandal. He leads his theory with a shocking premise: “If you are watching/viewing porn online in 2015, even in Incognito mode, you should expect that at some point your porn viewing history will be publicly released and attached to your name“ According to the Wall Street Journal, some 30 million Americans regularly watch porn. That’s quite a few. I’m sure those 30 million regular viewers do so using incognito mode to keep their search histories and consciences clear. We all love incognito mode, but even if your search and session history aren’t being stored locally for your family to find, they’re being stored elsewhere. The internet is a tangled-web of pervasive trackers and browser fingerprinting used to build individual user profiles. These profiles follow us around the web, and provide advertisers with personalized information designed to serve better suited ads that we might actually click. At the very least, advertisers hope we head to a site of our own accord. Thomas elaborates further on the technical considerations: Browser footprints: Web browsers leave an essentially unique footprint every time you visit a web page, even in incognito mode (and even without supercookies). This is well established; many web tools such as Panopticlick will confirm that you give a website lots of information about your computer every time you visit. Global identifiers: Linking your browser footprint on one website to your footprint on another website — or to a previous footprint on the same website — is straightforward. You should think of your browser footprint as a persistent global identifier, and this is particularly true if you don’t take any measures to hide your IP address (eg. a VPN). The EFF has an excellent technical overview of how this works. User tracking: Tracking web users is super valuable, so almost every traditional website that you visit saves enough data to link your user account to your browser fingerprint, either directly or via third parties. The Economist ran an overview of user tracking in September. (Though, interestingly, there is no mention of adult websites.) Hacking is ubiquitous: We hear about data breaches that involve tangible harm — Target, Anthem, TurboTax — but not the (likely great majority) of cases when hackers don’t want additional exposure. Or, paraphrasing the FBI director: There are two types of companies… those that know they’ve been hacked… and those that don’t know they’ve been hacked. Third Party Requests When you click on a link on a “regular” website, a number of things happen. The website you’re browsing receives the “first-party request” and hopefully delivers a webpage that you want to see. At the same time, you’re also sending third-party requests to the numerous advertising trackers linked to the site — think Google, Nielsen, Skimlinks etc. — so they can power their advertising with increasingly accurate links. Porn sites are no different. 88% of the top 500 porn sites have third-party trackers installed on them. Aside from the standard Google Analytics plugin that most sites use to understand their metrics and demographics, you still send requests to web-tracking company AddThis, and another industry specific company, Pornvertising. This is on top of the already accessible information you provide each site, such as your IP address, your location, your system hardware, which browser you’re using — even down to if your device is in hand, or sitting on a table. The porn advertisers might not advertise their latest line of novelty dildos too you, but they can build accurate and detailed advertising profiles that can be easily shared with other companies. Titillating Tantalizing Truth Pornhub released a statement to Motherboard’s Brian Merchant, refuting Thomas’s assertions, calling them “not only completely false, but also dangerously misleading.” They also pointed out the absurd notion that they would actually physically store each and every user search requests. Receiving well over 300 million individual search requests a day, Pornhub estimate “storing all of that would require 3,600 terabytes,” not to mention the incredible amount of time it would take to actually sort through a database of that size. “Pornhub’s raw server logs contain only the IP and the user agent for a very limited time, never a browser footprint” As well as this, porn sites don’t actually care to keep what you’re viewing. They want to keep you on their site for as long as possible. They also want you to keep coming back, again, and again. Agitating their users through overly invasive tracking and permanent search history maintenance isn’t going to appeal to their potential and current users. No, it is the advertising trackers that maintain the potentially devastatingly accurate picture of your browsing habits, through the good, bad, and repeated tub-girl viewings. Has It Always Been This Way? Pornographic sites have long been a primary source of potential computing issues. The September 1997 edition of The Atlantic reported on “an examination of the case brings to light some of the perils of our nascent electronic world — a world in which everything from “sites” to telephone calls to countries themselves is sometimes only virtual.” The then relatively common Moldovan internet porn scam was reaching out from the depths of the Balkans and installing Trojan horse viruses via an infected viewer application. Remember, this is 1997. Users attempting to look at pictures of scantily clad ladies were required to “update” the viewer application, which in turn, downloaded and executed an unseen Trojan. “In the case involving Moldova, while the downloaded program was providing access to the pornographic photos, a hidden regiment of subcommands was ransacking the user’s computer. First the program ordered the volume on the computer’s speakers turned off, to prevent the usual telephonic sounds a modem makes. Then it hung up the line to which the modem was connected and dialed a number in Moldova. That call was answered by a computer that reconnected the user to the adult site. The promised photos — or at least one of them — finally appeared on the screen. The viewer had no idea that while he was looking at pictures he was paying for a transatlantic phone call.” The internet you’re using is likely broadband. Depending on your age, you may have never actually used a dial-up modem; a truly glorious time to be alive. Internet users in countries without such advanced infrastructure can still be easily affected by scams like this. As those users are operating in countries without such an established Internet culture, knowledge of common scams and virus delivery methods can be understandably lacking. Lock Everything Down I end many articles questioning privacy, online tracking, and internet security with the words and suggestions you’re about to read. The internet isn’t free, in more than one sense. We are the commodity. And the internet has evolved to facilitate a model that allows us to access the majority of information without much of a charge. Unless you take the requisite steps to protect your data, to protect your privacy, to protect your internet security, your actions will be tracked. You should also consider where you head to access your adult content. The major sites are literally some of the biggest in the entire world. At the time of writing, XVideos was ranked #52 in the entire world; Pornhub is #61, meaning these sites command millions of users. Equally, there are many millions of porn sites that will be absolutely riddled with all kinds of malware and malicious trackers. It is easy to steer clear of the latter by using those popular sites. No one can dictate your favorite forms of pornography. But we can advise on the safer places to view it. You might just save yourself some extremely unwanted attention in years to come. Article source
×
×
  • Create New...