How To

How bad is the smartphone-theft epidemic? San Francisco District Attorney George Gascon accuses phone companies of profiting from stolen phones, as Michael Scherer reported last month on Time's Swampland site. Gascon is one of several leading law-enforcement officials calling for carriers to be required to implement technology that permanently deactivates stolen phones. It is simply too easy for thieves to resell smartphones.

One year ago, the major cellphone services announced via the CTIA Wireless Association plans to create a database "designed to prevent GSM smartphones reported as stolen from being activated or provided service." The database was … Read more

In the OS X Security system preferences you can set the system to require a password when the system wakes from sleep or after the screensaver has been active for a period of time. However, you may run into a few cases in which entering your account password then does not work.

One cause can be if you have recently changed the name of your user account. For authentication, OS X will use either the short or long username, along with any aliases that you have associated with your account. However, if you have changed the long username for your … Read more

The risk that an Internet-connected computer is infected with malware will never be reducible to zero. It's just the nature of software that errors happen. Where there are software-design errors, there are people who will exploit those errors to their advantage.

The best PC users can hope for is to minimize the chances of an infection and to mitigate the damage a piece of malware can inflict -- whether it intends to steal a user's sensitive data or to commandeer the machine as part of a cyber attack on servers thousands of miles away.

Last week, Internet users … Read more

Recently, the General Services Administration sent an e-mail alert to users of its System for Award Management (SAM), reporting that a security vulnerability exposed the users' names, taxpayer identification numbers (TINs), marketing partner information numbers, and bank account information to "[r]egistered SAM users with entity administrator rights and delegated entity registration rights."

The notice warned that "[r]egistrants using their Social Security Numbers instead of a TIN for purposes of doing business with the federal government may be at greater risk for potential identity theft." Also provided was a link to a page on the agency's site … Read more

Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you.

The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The … Read more

Apple's XProtect system (aka File Quarantine) in OS X is a rudimentary anti-malware scanner that will perform a quick check on downloaded files to make sure they do not contain known malware, and will block any versions of Web plug-ins like Java and Flash that have known vulnerabilities.

XProtect runs in the background with no interaction with the user, which is convenient, but it does mean that when it gets updated, users may find themselves unexpectedly unable to access some Web content. Even though quickly updating plug-ins should get you around this inconvenience, it may be useful to know … Read more

Identity thieves are more active than ever. In 2012, the Federal Trade Commission received more than 2 million consumer complaints overall, and for the 13th consecutive year, identity theft was the most-common complaint category: 369,132 ID-theft reports were added to the FTC's Consumer Sentinel Network in the year, an increase of more than 30 percent from 2011.

Last week the FTC released its 2012 Consumer Sentinel Network Data Book (PDF). According to the report, the fastest-growing category of identity theft relates to government documents and benefits: complaints in this category increased 46 percent from calendar-year 2010. Credit-card fraud (… Read more

One of the safest and simplest computer-security measures available is also one of the least used. Two-factor authentication adds a layer of protection to the standard password method of online identification. The technique is easy, relatively quick, and free. So, what's the problem?

Critics are quick to point out the shortcomings of two-factor authentication: it usually requires a USB token, phone, or other device that's easy to lose; you sacrifice some privacy by having to disclose your telephone number to a third party; and it is subject to man-in-the-middle and other browser- and app-based attacks.

Still, for online … Read more

The end-user is at the mercy of the service creator when it comes to how secure their data will be online. Google, fortunately, offers extra opt-in features to help ensure than no one other than you will be able to log-in and access your information. One of these security measures is the two-step authentication process.

With two-step, the user decides if they want to enter a randomly generated code each time they log in from a specific place, or if they want to enter it only every 30 days. The benefit is that if you try to log in … Read more