Wednesday, October 17, 2012 - 14:59

Did you know that if you are an iPhone, iPad, or iPod Touch user and have upgraded to iOS 6, your device is tracking you?  With iOS 6, Apple introduced a new tracking technology called IFA, or Identifier for Advertisers.  According to CSO Online:

 
 
"Apple's iOS6 will track pretty much every detail of your online activities -- what websites you visit, where you go to eat, what apps you download, where you shop and what you look to buy, what movies or TV shows you stream, what kind of social and professional networking you do, where you're going when you ask for directions, and more."
 
 
What's more, is that the "feature" is enabled by default and must be disabled by the user in order to opt out of the tracking.  To do so, navigate to Settings -> General -> About ->Advertising (bottom of the list) and turn Limit Ad Tracking to ON.  However, even if you do turn it on, the phone may still be performing limited tracking of your online habits:
 
 
"Our guess based on what we have seen is that [IFA] are not completely off. It is possible that your search and browsing habits are still tracked, but that that IFA no longer tracks the purchase or download like it did before," he wrote. "We are sure that there are people out there working on ways to exploit IFA and get more than it was intended to offer ... after all the mobile market is now a major space for advertising."
 
 

 

 

 

Monday, October 15, 2012 - 09:34

Can you tell the difference between a scam site that is attempting to get your personal information versus the real site?  Head over to OpenDNS's Phishing Quiz and see how you do.  This is an excellent test to help you understand how to tell real websites from the scam sites: http://www.opendns.com/phishing-quiz/

 

The quiz can help you improve your immunity to phishing, and you should remember that phishing and malware scams could take the form of:

 

  • Electronic greeting cards
  • Requests for charitable contributions
  • Order confirmations for orders you haven’t placed
  • Credit card applications
  • Online shopping advertisements

 

All of which are emails you are likely to see as the holidays get underway. Please stop and think about the source before opening an attachment or clicking on a link, especially if the email is unexpected.

 

Successful scammers may use your credit card information to buy themselves something nice, but they are likely to use compromised Duke credentials to send spam from Duke mail systems, or steal Duke data.

 

Duke uses challenge questions to verify your identity via phone if your NetID account becomes compromised. To be entered to win an iPad 3or Nexus tablet, go set or update your challenge questions at: http://oit.duke.edu/selfservice. Everyone who completes our quiz, changes their NetID password, and sets or updates their challenge questions will be entered to win!

Monday, October 8, 2012 - 08:58

How am I supposed to keep up with all of my passwords?

You know that you’re supposed to have a unique and strong password for every account you log into, but you don’t do it because that’s just too hard to remember! Basic safety and security is worth a little extra effort, though – you probably wash your hands to avoid getting sick during cold and flu season, right?

 

Maybe you have long passwords with a variety of characters, but you write them down in order to keep track of them. Unfortunately, these common places make it very easy for unsavory types to find your password and use it to access your computer, email, online accounts, etc.:

 

• Under the keyboard
• Under the phone
• Under the mouse pad
• On the monitor
• In the top drawer
• Under the desk

 

There are several password management tools that can make it easier for you, and many of them will generate a strong password for you, too.

 

1Password (https://agilebits.com/onepassword), Keepass (http://keepass.info/), and LastPass (https://lastpass.com) are all good options. You can try them out and see how they match up with your personal work style.

 

To be entered into the University IT Security Office’s contest to win an iPad 3 or Nexus tablet, go to http://oit.duke.edu/selfservice and change your NetID password. Everyone who completes our quiz, changes their NetID password, and completes one other task (to be announced soon), will be entered to win!

Pages