Computer Internet Security, Privacy and Safety

We spoke earlier of defense against spies. Then we looked at private email. We looked at Endpoint Security. Just for fun, we look at Bitcoin theft. Today we return to cookies and the threats therefrom.

Contact Us
Cyber Security Services
What Every Business Should Know
Basic Computer Security
Children's Privacy Policy
Alerts, Warnings And Update Archives
Archives 2
Security Advertising

Apple Computer Security

Are Apple computers more secure? No. "I'm convinced that OS X security is lacking," said Patrick Wardle, from security firm Synack. "It's trivial to write new OS X malware that can bypass everything. If I can do it, nation states and adversaries can and probably are doing it."

In a separate instance, over 225000 Apple accounts got hijacked through malware on IPhones.

Ashley Madison Hacked

Ashley Madison is a risqué website for people that want to cheat on their spouse. Last month files started being leaked. This month another 20 gigs of user information was published.

The company released an updated statement:
Last month we were made aware of an attack to our systems. We immediately launched a full investigation utilizing independent forensic experts and other security professionals to assist with determining the origin, nature, and scope of this attack. Our investigation is still ongoing and we are simultaneously cooperating fully with law enforcement investigations, including by the Royal Canadian Mounted Police, the Ontario Provincial Police, the Toronto Police Services and the U.S. Federal Bureau of Investigation.

Chrysler Jeep Hacked

The BBC reports:

Several car infotainment systems are vulnerable to a hack attack that could potentially put lives at risk, a leading security company has said.

NCC Group said the exploit could be used to seize control of a vehicle's brakes and other critical systems.

The Manchester-based company told the BBC it had found a way to carry out the attacks by sending data via digital audio broadcasting (DAB) radio signals.

U.S. Office of Personnel Management Hacked

WASHINGTON, DC - The OPM (Office of Personnel Management) was hacked. In a statement, OPM said:

The U.S. Office of Personnel Management (OPM) recently became aware of a cybersecurity incident affecting its systems and data that may have compromised the personal information of current and former Federal employees.

Within the last year, OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks. As a result, in April 2015, OPM became aware of the incident affecting its information technology (IT) systems and data that predated the adoption of these security controls.

Since the incident was identified, OPM has partnered with the U.S. Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation to determine the impact to Federal personnel. And OPM immediately implemented additional security measures to protect the sensitive information it manages.

IRS Website Hacked

The IRS announced that criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS' "Get Transcript" application. This data included Social Security information, date of birth and street address.

FBI Warning: Beware of Passengers Hacking Jets

The FBI issued a warning about passengers using in-flight wifi to hack into the plane's systems.

"Although the media claims remain theoretical and unproven, the media publicity associated with these statements may encourage actors to use the described intrusion methods," the alert notes. "Attempting to gain unauthorized access to the onboard networks of a commercial aircraft violates federal law."

  • Report any suspicious activity involving travelers connecting unknown cables or wires to the IFE system or unusual parts of the airplane seat.
  • Report any evidence of suspicious behavior following a flight, such as
    IFE systems that show evidence of tampering or the forced removal of
    covers to network connection ports.
  • Report any evidence of suspicious behavior concerning aviation wireless signals, including social media messages with threatening references to Onboard Network Systems, ADS-B, ACARS, and Air Traffic Control networks.
  • Review network logs from aircraft to ensure any suspicious activity, such as network scanning or intrusion attempts, is captured for further analysis.

Wikipedia Fraud

Wikipedia has reported several cases of government employees and police officers that have made fraudulent changes to Wikipedia pages.

In 2014, Russia was caught changing an entry about the downing of a passenger jet from "shot down by terrorists" to "shot down by Ukrainian soldiers."

Also in 2014, a Wikipedia "transparency bot" caught a computer in a U.S. House of Representatives office anonymously updating Donald Rumsfeld's Wikipedia bio by adding that he is an "alien lizard."

In 2015, the New York Police Department's computer network at 1 Police Plaza headquarters was used to alter Wikipedia pages containing details of police brutality - "Garner raised both his arms in the air" was changed to "Garner flailed his arms about as he spoke."

The "Twitter Bots" have proven effective for tracking government edits to Wikipedia for transparency.

Wikipedia Sues the NSA

Wikimedia, the non-profit organization that runs Wikipedia has filed a lawsuit against the NSA over mass surveillance. In a press release, Wikimedia stated:

The Wikimedia Foundation is filing suit against the National Security Agency (NSA) and the Department of Justice (DOJ) of the United States [1]. The lawsuit challenges the NSA's mass surveillance program, and specifically its large-scale search and seizure of internet communications - frequently referred to as "upstream" surveillance. Our aim in filing this suit is to end this mass surveillance program in order to protect the rights of our users around the world. We are joined by eight other organizations [2] and represented by the American Civil Liberties Union (ACLU). The full complaint can be found here.

"We're filing suit today on behalf of our readers and editors everywhere," said Jimmy Wales, founder of Wikipedia. "Surveillance erodes the original promise of the internet: an open space for collaboration and experimentation, and a place free from fear."

Privacy is the bedrock of individual freedom. It is a universal right that sustains the freedoms of expression and association. These principles enable inquiry, dialogue, and creation and are central to Wikimedia's vision of empowering everyone to share in the sum of all human knowledge. When they are endangered, our mission is threatened. If people look over their shoulders before searching, pause before contributing to controversial articles, or refrain from sharing verifiable but unpopular information, Wikimedia and the world are poorer for it.

When the 2013 public disclosures about the NSA's activities revealed the vast scope of their programs, the Wikimedia community was rightfully alarmed. In 2014, the Wikimedia Foundation began conversations with the ACLU about the possibility of filing suit against the NSA and other defendants on behalf of the Foundation, its staff, and its users.

Our case today challenges the NSA's use of upstream surveillance conducted under the authority of the 2008 Foreign Intelligence Surveillance Act Amendments Act (FAA). Upstream surveillance taps the internet's "backbone" to capture communications with "non-U.S. persons." The FAA authorizes the collection of these communications if they fall into the broad category of "foreign intelligence information" that includes nearly any information that could be construed as relating to national security or foreign affairs. The program casts a vast net, and as a result, captures communications that are not connected to any "target," or may be entirely domestic. This includes communications by our users and staff.

Lenovo Superfish

The Lenovo computer company has admitted to shipping new computers with malware/spyware/adware known as Superfish.

Anthem Healthcare Hacked

Data of 80 million customers accessed and may include names, health ID or social security numbers, birthdate, address, phone number, email address, employment info, etc.

The Membrane Domain

© The Philadelphia Spirit Experiment Publishing Company
These graphics, images, text copy, sights or sounds may not be used without expressed written consent.

Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to