Archive for September, 2013

‘More private’ social networks

Privacy-minded people don’t have to give up social networking. Plenty of options exist for friends, families, and even couples who want to communicate privately. If you feel that Facebook and Twitter are too public, you may want to take a look at private social networks. The following social networks are designed for close-knit groups who really want to connect with each other–not social butterflies who want to broadcast their lives across the Internet.

* Couple: A Formerly known as Pair, Couple is the ultimate private social network–a smartphone-based network designed expressly for couples. In fact, you can only have one friend on Couple: your significant other. Couple features a timeline that’s a bit like a souped-up text message exchange–you and your partner can add photos, reminders, important dates, drawings, and videos, along with regular text messages.

* Family Wall: If you’re looking for a slightly larger social network, FamilyWall helps you keep track of your entire family. At this private, Facebook-like social network for families, you can add dates and events, photos, videos, contacts, messages, and even Foursquare-style check-ins. You can also add “Family landmarks” such as schools, doctors, and fitness centers.

* 23snaps: Instead of posting photos of your children on Facebook or Instagram, try posting them to 23snaps, a smartphone-based social network that lets you create a unique, private online photostream. 23snaps lets you add photos, videos, and status updates to a special photostream of your child (you can add a stream for each child) and then share those photos with your friends and family. Another option is to co-manage a 23snaps account with your partner, so you can both add photos of your kids.

* Path: Perhaps the best-known private social network is Path. This smartphone-based social network limits your friends list to 150–the maximum number of friends a human being can realistically keep track of, according to studies. By virtue of being small, Path is one of the more private social networks you can join. But you’ll have to choose your friends wisely. Path may not also be as private as it once was. Users this week complained that a 2-month-old feature of the Path app that lets you invite contacts to join the network is actually spamming their address books with mass texts. Path says the texts are the result of user error.

* Nextdoor: If you want to restrict your social network communication to people you know in real life, the neighborhood social network Nextdoor might be right for you. Nextdoor requires all members to verify their address (the service sends you a physical postcard with a code on it) before allowing them to join their neighborhood’s group. As a result of this structure, the only people you can talk to on Nextdoor are those who live within shouting distance of your house.

Finally – there is the DIY approach. You can set up a shared folder with your family, and perhaps another with friends using one of the Cloud services like Dropbox, Skydrive, or the new peer-to-peer Bittorrent sync ( Anything you put there will be synced with only those you care about.

Beware of Fake ‘Like’ and ‘Dislike’ buttons on web pages

Some of the newest tactics being used by cybercriminals are the insertion of fake Facebook “like” buttons on compromised web pages. These buttons can look identical to real ones but install malware.

Also, don’t be too quick to click on links claiming to “Enable Dislike Button” on Facebook, as a fast-spreading scam has caused problems for social networking users recently.

Messages claiming to offer the opposite to a like button have been appearing on many Facebook users’ walls:

Like the “Preventing Spam / Verify my account” scam which went before it, the scammers have managed to waltz past Facebook’s security to replace the standard “Share” option with a link labelled “Enable Dislike Button”.

The fact that the “Enable Dislike Button” link does not appear in the main part of the message, but lower down alongside “Link” and “Comment”, is likely to fool some users into believing that it is genuine.

Clicking on the link, however, will not only forward the fake message about the so-called “Fakebook Dislike button” to all of your online friends by posting it to your profile, but also run obfuscated Javascript on your computer.

Research: 80% of dangerous websites are actually legitimate sites

One of the most striking statistics to emerge from recently completed research by SophosLabs is that 80% of dangerous websites are actually legitimate sites that have been compromised by criminal hackers.

This makes it clear that it is no longer possible to easily avoid malware attacks on the web. If you visit a fixed number of sites regularly, using trusted bookmarks, and don’t stray from your “short list.” then you will be far safer than if you follow links from one page to another just surfing aimlessly.

Another piece of research sponsored by Cisco (the 2013 Annual Security Report), further reveals that the highest concentration of online “risky” sites does not come from previously thought to be “high risk” sites such as pornography, overseas pharmaceutical, religious oriented content or gambling sites, but from everyday sites such as shopping and search. This was found to be the case because a not previously recognised source of threats revealed by the report is that sites that generate revenue through online advertisements are near the top of the list of those that deliver malicious content.

This is logical because if you are thinking like a criminal hacker, you want to have the opportunity to infect the most sites and therefore visitors to those sites. Since so many sites “survive” through advertising revenue, served up through advertising networks they participate in, then as a hacker, you will try to infect the ad networks so that the ads they serve also deliver your malicious payload as well.

Now that you know this, you can see why you could pre-determine how safe a site might be to visit based on the following criteria:

1.) How popular is the site?

Facebook is one of the most visited sites on the web and as a consequence attracts malware programmers and scammers like no other. More popular, more risk, less popular, less risk – all other things being equal.

2) Does the site accept third party advertisements?

For example, Amazon is less risky to visit because it does not display advertising from third party ad networks. Your favorite blogs probably serve up ads from one or more ad networks, on the other hand.

3.) Does the site directly control its content?

For example, your banking site is very safe because it is there for one purpose and doesn’t display content (or ads) from others. Search engines (Google, Bing, etc.), on the other hand, index pages and images from others that could be poisoned – although they take extraordinary efforts to avoid this. Sites like Facebook, Pinterest, and Twitter present content provided by others and can easily include links to malicious code.

4.) Is the site run by a large company?

Large companies can afford the IT staff required to keep the site “clean” of malware, whereas your mom and pop store or restaurant probably just doesn’t have the budget (and certainly not the in-house expertise) to perform the maintenance required to keep a website secure.

There are other criteria, to be sure, but the ones mentioned above should be obvious to anyone.

 Page 2 of 2 « 1  2