News

How to Remove Cookies

Computer Culture Admin - Thursday, November 16, 2017
Hacked
On a PC or mobile device cookies can compromise your privacy, and fill up your storage. If you’re concerned about what websites are leaving behind, and how advertisers are accessing that data, here are some instructions on how to clear cookies from the latest version of your favourite web browser.

So what are cookies?
Cookies are small text files written by a web browser that contain information about your interaction with one specific site. They include information such as what you put into a virtual shopping cart, your username for logging into the site (not the password), products you viewed during your last visit, and any other information that could be used to tailor the visit just for your needs.

Typically, cookies pose no threat to your computer. But many cookies can compromise your privacy. That’s because advertising companies are prone to embedding cookies with web advertisements, allowing them to easily track your browsing history, and tailor ads toward your individual habits across multiple sites.

Cookies don’t take up much space on your hard drive. In fact, they’re extremely small, and should only be a concern for mobile devices with small amounts of storage. For instance, even without clearing the cookies in Chrome on PC for many, many months, we’ve only accumulated around 4MB worth of cookies. That said, the amount of volume they use isn’t troublesome; it’s the privacy risks that are difficult to ignore.

Google Chrome
Google Chrome lets you easily delete cookies, control browsing data, and specify what sort of files Google Chrome should accept or block. Here’s how:

Access content settings: Click on the “Menu” tab in the upper-right corner, and select “Settings.” Once the new tab opens, scroll to the bottom of the page and click on “Advanced.” This will expand the “Settings” page to include additional options.

The first expanded window you should see is the “Privacy and security” panel. Next, click on “Content settings,” and then select “Cookies.”

You may also simply type “chrome://settings/content/cookies” into your address bar, and Chrome will take you to your intended destination.

Cookie juggling: On the “Cookies” panel, you will see three toggles: allow sites to save and read cookie data (recommended), keep local data only until you exit Chrome, and block third-party cookies. This third option means advertisements won’t be able to read cookie data provided by a parent website, preventing them from using that information across multiple sites.

Smashing cookies: Google also provides options to block specific sites from leaving cookies, to allow specific sites to leave cookies, and to clear cookies left behind by specific websites when exiting Chrome. If you want to delete it all, click on the “Remove All” button, and you will be cookie-free. You can delete cookies individually, too.

For Android, iOS: Access Chrome’s menu, go to “Settings,” and then find the “Privacy” tab under “Advanced” settings. From there, select “Clear Browsing Data” at the bottom, and check “Clear cookies and site data.” There are also options for clearing your browser history, and removing space-eating cached images and files.

Mozilla Firefox
Access custom settings: Click on the “Menu” three-lined icon in the top-right corner. In the drop-down menu, select “Options,” which will open a new “Preferences” tab. On this page, select “Privacy” listed on the menu to the left, and then head to the “History” section. Here you will need to choose “Use custom settings for history” in the drop-down menu located next to “Firefox will…”

Cookie juggling: With the advanced history settings enabled, you should see an option to toggle on/off “Accept cookies from sites.” To the right, Mozilla provides an “Exceptions” button where you can control the cookie flow. These include blocking or allowing cookies from specific sites, and allowing a cookie from a specific site for only one browsing session. This is done by inserting the address of the website.

Next, you have the ability to accept or deny third-party cookies, or accept third-party cookies from sites you already visited.

Smashing cookies: To manually delete cookies in Firefox, you’ll need to hit the “Show Cookies” button. A window appears with a search field for locating a specific cookie, and a list of all cookies stored on your device. You can hit the “Remove Selected” button to delete a highlighted cookie, or hit the “Remove All” button to delete all the cookies.

Firefox (iOS): Tap the New Tab button (top right, with the number in it). Now tap the cog button in the top left of the screen. Scroll down to “Clear private data.” On the next screen, make sure “Cookies” is selected, then tap “Clear Private Data.”
Trackbacks (0) | Permalink

Time Saving Android Tips

Computer Culture Admin - Thursday, November 16, 2017
Hacked 1. Snap between apps
Cut out delays in toggling between apps by putting Android's semi-secret fast-snap function to use. If your device runs Android 7.0 or higher, double-tap the Overview key — the square-shaped icon next to the Back and Home buttons — and you'll find yourself flipping between your two most recently used apps faster. It'll even work from your home screen for a zippy return to whatever process you had open last.

2. Slide into Quick Settings
Android's Quick Settings panel is a shortcut in and of itself — a single place with one-tap toggles to some of your device's most commonly used functions, from Bluetooth to the flashlight (and even more, if you know how to expand it).
To get a shortcut to this mecca: Just swipe down from the top of your screen with two fingers (any two — swiper's choice!). That'll skip past the standard notification panel and take you directly to the fully expanded Quick Settings section.

3. Open menus like a pro
Not many folks know it, but there's a faster way to open those three-dot overflow menus in a lot of apps.
Rather than tapping the icon to load the menu and then tapping the item you want, simply swipe downward on the icon and move your finger directly to your item of choice — without ever lifting your finger from the screen. The menu will appear as you swipe, and whatever item your finger is touching when you let go will be activated.

4. Stop disturbances without the fuss
Sometimes you need to silence your phone quickly and discreetly. Whenever that time comes, don't mess with on-screen menus and icons; just activate your phone's display, then press the device's volume-down key until the ringer volume goes all the way down.
That'll put your phone into vibrate-only mode, and you should feel a brief vibration to let you know you're there. If you want to take it a step further and go into Android's full do-not-disturb mode, in which nothing but an alarm will cause your phone to sound — assuming your phone is running 2015's Android 6.0 (Marshmallow) or higher — release the volume-down button and then press it one more time. (You'll see the confirmation of the mode change on your screen.)
Whenever you're ready to return to a normal state, simply activate your device's screen and press the volume-up button until the level lands wherever you like.

5. Refresh the web with ease
Say you're looking at a web page in Chrome. For one reason or another, you realize you need to refresh the page. What do you do?
Sure, you could open the Chrome menu and then select the refresh icon. Or you could skip a step and just swipe downward from anywhere on the page. You'll see a circular refresh symbol appear at the top of the screen as you swipe. Make sure you pull down until the arrow within the symbol turns blue, then let go. (Once you get used to the gesture, you'll find that a quick downward flick is all it really takes.)

6. Force a restart
No technology is foolproof. If your Android device ever isn't responding, press its power and volume-up buttons at the same time — even if the display is off — and hold them down together for 10 to 15 seconds. Unless something really disastrous is going on (or your battery's just dead), that'll force your phone to restart, regardless of what you were last doing.

7. Get to your camera in a flash
When a photogenic moment arises two seconds can be the difference between an unforgettable snapshot and an after-the-fact image. So don't futz around with unlocking your phone and looking for the on-screen camera icon; instead, just double-tap the device's power button to jump straight into shooting, whether your display is on or not.
That shortcut works on many popular Android phones, including Google's Pixel and Nexus devices, Samsung's most recent Galaxy gadgets (on pre-2017 models, use the physical Home button instead of the power button) and HTC's latest handsets. LG phones tend to shift the shortcut to the volume-down button, meanwhile, while Motorola phones use a double-twist motion to achieve the same effect.

8. Put notifications on notice
Next time you get an annoying notification, don't scream out in frustration. Press and hold the notification in question to hop over to some helpful advanced settings. They'll let you control exactly when and how that app is able to alert you.

9. Wake your screen with two taps
If you have a Pixel, a Galaxy S8 or Note 8 or a recent LG or HTC device, there's a decent chance your device supports a super-speedy way of waking the screen: Tap your finger on it twice. That's it! With the Samsung devices, you have to tap specifically on the always-on Home button at the bottom of the display; with the others, you can tap anywhere on the screen's surface.
(Note that on some of these devices, you may have to manually enable a "double-tap to wake" option before this'll work. Look in the Display section of your system settings to find it.)

10. Send a friendly rejection
When you get a phone call you can't or maybe just don't want to answer, look toward the bottom of the screen for a message icon or a "Send message" option.
Slide your finger up from that area, and you'll be presented with a list of ready-made rejection messages you can send to the caller while simultaneously declining his call.

11. End calls with ease
When you do talk on your phone, finding the on-screen button to end a call isn't always convenient. But Android actually has an easier way — if you know where to find it.
Open up the Accessibility section of your system settings, then activate the option labeled "Power button ends call." Now, when you're ready to say farewell, just tap your phone's power button and bask in your shortcut-aided efficiency.
Trackbacks (0) | Permalink

Passwords

Computer Culture Admin - Thursday, September 28, 2017
Hacked The man who wrote the book on password management has a confession to make: He blew it.

14 years ago Bill Burr advised creating complex and different passwords, now he says N3v$r M1^d!

Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.

Now he says the vast majority of the trusted tips and tricks we employ when crafting a custom password actually make us more vulnerable to hackers. In an interview with The Wall Street Bill Burr admitted that the document he authored on crafting strong passwords was misguided. “Much of what I did I now regret,” says Burr, who is 72 years old and now retired.

The problem wasn’t that Burr was advising people to make passwords that are inherently easy to crack, but that his advice steered everyday computer users toward lazy mistakes and easy-to-predict practices. Burr’s eight-page password document, titled “NIST Special Publication 800-63. Appendix A,” advised people to use irregular capitalization, special characters, and at least one numeral. That might result in a password like “P@ssW0rd123!” While that may make it seem secure on the surface (neglecting, of course, that “password” is a bad password), the issue is that most people tend to use the same exact techniques when crafting these digital combo locks. That results in strings of characters and numbers that hackers could easily predict and algorithms that specifically target those weaknesses.

Even worse, Burr suggested people should change passwords regularly, at least every 90 days. This advice, which was then adopted by academic institutions, government bodies, and large corporations, pushed users to make easy-to-crack passwords. Most people can probably point to a password they’ve created that was deemed strong simply because it had a special character like the “!” or “?” symbol and a numeric string like “123.” And when prompted to change a password, who hasn’t altered it only slightly to avoid the hassle of coming up with an all-new code?

A popular xkcd comic from cartoonist Randall Munroe, published back in August 2011, poked a hole in this common logic by pointing out how the password “Tr0ub4dor&3” could be cracked in about three days with standard techniques, due to its predictable capitalization, numeric substitutions, and special character use. The password “correct horse battery staple,” written as a single phrase, would take 550 years. (Security experts have confirmed Munroe’s math, according to the WSJ.) “Through 20 years of effort, we have correctly trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess,” Munroe wrote at the bottom.

In other words, the passwords you should be using are obscure, almost unexplainable phrases full of human randomness that make them easy to commit to memory and yet almost impossible for an automated system to make sense of. Of course, for those who use password managers like LastPass, you can generate cryptographically secure passwords on the fly. But it’s still important to have a hard-to-crack master password.

“In the end, it was probably too complicated for a lot of folks to understand very well, and the truth is, it was barking up the wrong tree,” Burr admits of his advice. The new NIST standards that were published in June, authored by technical advisor Paul Grassi, did away with much of Burr’s advice."

We ended up starting from scratch,” Grassi tells the WSJ. But Burr might be exaggerating the negative effects of his password advice, Grassi adds: “He wrote a security document that held up for 10 to 15 years. I only hope to be able to have a document hold up that long.” For the complete article click here
Trackbacks (0) | Permalink

Identifying Phishing Emails

Computer Culture Admin - Thursday, September 28, 2017
With the increasing use of phishing emails, we’d like to draw your attention to how to identify whether the email links you are being asked to click are legitimate. This is done by hovering your cursor / pointer over the link and revealing the domain or destination to where you will be sent. If you look at the final part of the domain before the forward slash (/) you can determine whether you think this link is from the organization referred to in the email. In the example below .cenotehopping makes little sense and indicates the link is not authentic. 

If there is a string of cryptic numbers or an .exe file do not click on the link. Ring the organisation who has sent you the email and verify that the email is legitimate.  As always it is better to be cautious than caught out.

Microsoft offers this information on recognising phishing email messages, links, or phone calls.
Trackbacks (0) | Permalink

Removable USB Drives are no longer a recommended solution.

Steve Hirst - Monday, March 20, 2017
USB Backup Drives For a considerable period, small external USB hard drives were a favoured means of backing up a company’s valuable data. This backup method ticked the boxes by ensuring the storage device was backed up to another destination and secondly that backup was taken offsite. It was a satisfactory solution provided there was at least 3 drives, they were rotated out daily and one of the set was always offsite in a secure location.

Unfortunately, over time the short comings of this type of backup have become painfully apparent.

The list of problems include:
USB Drives failing due to constant handling and transporting
Drive not changed due to designated person being on leave or off sick
Staff become forgetful or complacent and drive changes do not occur daily
Error reports generated by the backup software being ignored

One of the inherent problems with this backup system is that if the current backup and the source are at the same location and a disaster occurred later in the day the amount of work lost can be up to 2 days. In this scenario, the last backup is going to be at least 24 hours old and still onsite with the person who was responsible for taking it home that evening.

We know of a company where one of the backup drives had failed and they were down to only two in rotation. On the day of the February earthquake, the server was in the office, the first backup drive was plugged into the server ready for the end of day back up, and the second drive was in the manager’s briefcase ready to be taken off site that evening. When the quake struck everyone quickly evacuated the building leaving the server and all the backups in the building.  Fortunately, the company was able to get back into the building and rescue the backup. In doing so they avoided a disastrous data loss and learnt a very powerful lesson.

It is for all of the above reasons that Computer Culture no longer recommends this type of backup. With the value of company data and rapid growth of cybercrime, a robust backup system is now an essential part of an organisations IT. 

An offsite backup solution which is proactively managed and monitored has become the favoured solution of many of our customers. Please call us If you wish to make the move away from the rotated drive backup system.
Trackbacks (0) | Permalink

How to tell if email is fake, spoofed, or spam

Steve Hirst - Monday, March 20, 2017
Scam Email By now, you’ve heard about phishing – fraudulent emails that masquerade as communications from a legitimate source. These emails trick unsuspecting readers into giving up personal information or compromise their machines with spyware or viruses. Thankfully, email filtering and security has improved a great deal over the past few years. Unfortunately, no matter how effective the security, some phishing emails will always make it to the inbox – that’s where you come in. Here are some tips to help you identify a phishing or spoofing email.

Don’t trust the name
A favourite phishing tactic is to spoof the display name of an email. It’s easy to set the display name of an email to anything – you can do it yourself in Outlook or Gmail. Spoofing involves simply setting the display name or “from” field of outgoing messages to show a name or address other than the actual one from which the message is sent. When this simplistic method is used, you can tell where the mail originated by checking the mail header.

You can’t trust the header 
It’s not just the display name that can be spoofed, but also the email header. Emails are built on some very old technology (in internet terms): SMTP, or Simple Mail Transport Protocol. When you send an email, it goes to a SMTP server first, then the message is relayed from SMTP server to SMTP server across the internet. When the message arrives at its penultimate destination, the email is stored in the recipient’s (e.g. in their Office 365 Mailbox). Finally, the message is fetched by an email client so the recipient can read it. While this may seem complicated, the important thing to remember is that SMTP just passes along what it was given. Clever fraudsters can fool the SMTP server into sending along an email that isn’t legitimate.

While there are several, technical ways to figure out if this is the case, the simplest method is to see where the “reply to” section of the full header will lead you to. If it indicates that your reply would be redirected to an address that’s different from the sender’s address, then you have good cause to be suspicious.

Hover before you click
Clicking links in emails is inherently risky – you don’t know where a button, link or video will actually send you. But, if you hover your mouse over any links embedded in the body of the email, you can see the raw link. If it looks strange, don’t click it – there’s a good chance the email is fraudulent.

Remember the basics
If an email has spelling mistakes, requests personal information, or is written in threatening language, you should be suspicious. If you did not initiate contact with the sender, be wary and think where they could have found your contact details.

Trust your instincts
Given today’s e-mail infrastructure, there’s not much that can be done to prevent spoofing. Companies and organisations can tighten up their mail servers. This just makes it a little more difficult for criminals, not impossible.

Appearances can be deceiving. Just because an email has convincing logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be sceptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it. If something looks off, there's probably a good reason why. If you receive a message that seems suspicious, it's usually in your best interest to avoid acting on the message.

Source: Hewlett Packard Enterprise
Trackbacks (0) | Permalink

Privacy Awareness

Steve Hirst - Tuesday, February 21, 2017
Privacy

Every year on January 28th, the world celebrates Data Privacy Day. But keeping data safe and out of the wrong hands isn’t a once-a-year task. Today, keeping your data private is a daily task—one that involves an understanding of new data protection regulations and cyber security best practices. Here are nine predictions to help you understand what data privacy and security will look like in 2017.


  1. Privacy and security will clash. There will be a major clash between privacy and security, as advances are made on both fronts from various legislative actions. On the one hand, countries are working to expand their surveillance of data communications and streamline law enforcement access to computers and data. For example, Britain’s new Investigatory Powers Act (Snooper’s Charter) will require ISPs to keep logs of all websites visited by UK citizens for 12 months and which websites were visited but not the pages and not the full browsing history. It also allows police authorities and intelligence officers to see users’ Internet records as part of their targeted and filtered investigations without a warrant.
    On the other hand, data protection laws, such as the EU GDPR, which will go into effect on May 25, 2018, will restrict how businesses collect, store and use personal data and institute enforcement mechanisms to ensure businesses are reporting on data breaches in a timely manner to governing bodies. For example, businesses will be required to notify supervisory authorities of a data breach within 72 hours.

  2. Second-hand electronics will cause headaches for many businesses. The rise in second-hand electronics will become a data recovery nightmare for both businesses and end users. An independent analysis of used drives and mobile devices from online sites like Amazon, eBay, Gazelle and Craigslist have shown this to be true with large amounts of sensitive personal data and corporate data recovered, including customer lists, Salesforce records, spreadsheets with sales information, company emails, social security numbers, financial details, photos, videos and so much more. This calls into question certain ‘reliable’ methods many businesses and people are using to supposedly ‘delete’ data. But many of these methods (i.e. quick format, basic delete, factory reset) are not actually effective and leave a treasure trove of data exposed to hackers.

  3. Companies will leave data behind. Companies that go out of business – or shut down part of their operations/physical locations – need to add secure data removal into their ‘close down’ procedures. If they don’t, hackers could easily discover sensitive, confidential corporate data that’s been left behind in online backups, orphaned data stores, servers and virtual machines.

  4. The Internet of Things will expand. IoT will create a morass of personal and corporate data on millions of connected devices. The only way to ensure all that connected data doesn’t fall into the wrong hands is to create a system of processes and tools that make it easy to manage, protect and securely erase all data on-demand. The important piece here will be in providing proof that the connected data has been removed and cannot resurface at any given point in the future.

  5. Hackers will turn recent proof of concept exploits into attacks. This will allow them to mine poorly wiped virtual machines. Essentially, they’ll be able to steal credentials and other critical data. Organizations need to ensure they know where their data resides, especially when it comes to the cloud. Processes must be put in place to ensure that virtual machines are permanently and verifiably erased when they are no longer needed.

  6. Ransomware, spear phishing and direct attacks will be a triple threat. The triple scourge of ransomware, spear phishing against corporate treasury functions and direct attacks on central banks will continue to drive investments in new security technology. On the endpoint, new technologies that use machine learning are being deployed to catch malware without needing signatures. Learning and training systems are being deployed to reduce the number of successful spear phishing attacks. Central banks are, in turn, beefing up their own cybersecurity practices and requiring partners to do so too.

  7. Quantum computing research will continue. Nations will continue to make large investments in quantum computing research with the goal of being the first to engineer a major breakthrough. The winner in this new arms race will have a short-term edge (and leverage) in the world of technology. On the one hand, this will create a crisis for all cryptography since quantum computing is theorized to be extremely effective at breaking even the largest key. On the other hand, it will create an opportunity for post-quantum crypto start-ups. New methods of encryption will be proposed that are impervious to cracking with quantum computers.

  8. Denial of Service attacks will be broken. In 2017, all records for large distributed Denial of Service attacks will be broken. Every organisation that depends on connectivity for communicating with their customers or providing a service should have a plan in place for dealing with DDos attacks. This means redundant systems for computing, DNS and connectivity, and a recovery plan. Look for single points of failure because the attackers will find them.

  9. Where data is stored will matter more. The geographical preferences for where data is hosted will increase. For example, companies may want to host data in the UK or elsewhere. This will then require businesses to migrate data, which in turn, will trigger the need to permanently erase data from old locations. And this will need to be done on a large-scale basis for big companies – and will require specific processes to ensure the data migration project was done properly and that ‘old’ data was properly removed.
See the original article here.
Trackbacks (0) | Permalink

Bank Email Scam

Steve Hirst - Tuesday, February 21, 2017
Bank Scam Of the many methods, scammers seem to use the bank scam email approach on a frequent basis.

Always treat any communication from the bank with skepticism and keep in mind:


Your bank 
will NEVER ask you for your Internet banking password or your card PIN.
will NEVER ask you to download any software onto your computer
will NEVER ask you to grant the bank remote access to your computer

If you are not sure, ask for the caller’s details and call you bank to verify the caller

Never give out your personal or financial details
Don’t click on links in emails even if they seem legitimate
Always ensure there is a security symbol in your browser.

See some further information on this on ANZ's website here.

Trackbacks (0) | Permalink

Mobile Devices Etiquette

Steve Hirst - Friday, January 20, 2017
Phone Etiquette Many of us have become very dependent on our mobile phones and unfortunately along the way, a lot of us have developed some bad habits.
How often do you see someone crossing the road while texting or talking on their phones?
Walk through a busy mall and you are constantly dodging the same people, their heads down and not watching where they are going. If you sit down for a coffee, it almost seems as though every second person has their smart phone out. I always wonder if couples are texting each other across the table, rather than having to engage in conversation.
Attend a function and invariably several phones will start ringing in the middle of a presentation.
We all need to look at our own behaviour and dependence on the phone.

I recently received some good advice from my son.  He said we should treat our phone as if it was a handgun. In private you can take out and admire and play with it, but in public it should stay out of sight. The good thing about smart phones is you can turn off the sound or even more radical, sometimes you could turn the phone off completely.
Most of us are not that important that we need to be available every minute of the day. 
Trackbacks (0) | Permalink

Must Have Apps

Steve Hirst - Sunday, December 18, 2016
Phone Apps We all have our favourite phone apps and we have been featuring a number in our past newsletters. Some users just use their smart phones for making calls, texts, taking photos and the occasional visit to Facebook.
Here is a list of some of the apps that our staff use to get more out of their smart phones.



AA Smartfuel 
Air NZ
Bank App
CellarTracker
Dropbox
Evernote
Entertainment 
Facebook
Fly Buys
Google Drive
Here WeGo
iTunes
Kerbside Collection
LinkedIn
MetService
Netflix
Office Lens
OneDrive
OneNote
Shazam
Skype
Sky TV
SkyGo
Snap Send Solve
Spotify
SoundHound
Stocard
Stuff
Trade Me
TradeMe Property
Twitter
YouTube
Viber
Uber
Wunderlist
Trackbacks (0) | Permalink

1 2 3 Next

Back to Top