Big Brother is watching you and has been for a while

data capture nline

Big Brother is watching you

“‘Who controls the past’, ran the Party slogan, ‘controls the future: who controls the present controls the past.'” Part 1, Chapter 3, pg. 37

The above is all inspired by someone the other day putting up a quote about the fact they had read 1984 and couldn’t believe how bad things were back then. Which made me laugh.

George Orwell’s 1984 was a book I read at high school for my higher in English prep. I was into science fiction and that genre and this sort off ticked some of those boxes. Obviously, it was about the state watching everything that the populate did and the perceived freedom people had was really not freedom at all. Orwell based it on the communist state in 1948 and his publisher’s enforced that he change the title to 1984 to make it more sellable and not offend the communist state of Russia.

History lesson over now, I came across a comic photo of Cortana, Microsoft’s office help in Windows 10, based on their game character from their Halo franchise. She will listen to you and answer questions to help. Similar to the OK Google in Android Google NOW.

But what are these helps really doing?

In the comic photo I saw that someone was happy that Cortana was there and they could chat, until eventually they had to switch Cortana off as she was so intrusive the person’s privacy ceased to exist.

My title is that Big Brother, the state in Orwell’s book that spied on everyone, has been watching us for a long time is in fact very true. Since the Internet has been around we have been spied on and catalogued in our preferences and histories and then email allowed us to be spied on. Particularly when it went online and became web based. Our shopping habits are spied on by supermarkets and stores, again with loyalty cards, as we scan, they record. We get vouchers emailed and sent through the post that give us money of the things we buy each week and use. Isn’t it amazing how do they know?

Should we be worried and concerned?

I meet a lot of different people in my IT travels from training to techie talks with geeks like myself. They range from the extremists who are so paranoid that they don’t use a lot of the available tech and systems that are around just now, to the laid back who use everything and deal with the aftermath.

I must admit to being nearer the second type of person with some criteria on what I would and would not do. I do love the latest tech and am slightly addicted to where it is taking us.

I would suggest to you that you are kept on record on the World Wide Web at a host of locations from government bodies who use your ID and unique NI number to shops and web page stored info. (Cookies and their friends). So worrying would be a fruitless activity and probably not get you any real benefit. Paranoia is the other extreme I find and people go to amazing lengths to avoid their real data and identity getting out there. It will get out there and to be honest it already is out there, is the amazing and correct answer to that.

Precautions

Of course I am not saying forget everything and lay abandon to any security and common sense, now that would be absurd, and I do meet that category of person as well.

We really need to use the latter, common sense and be aware of what we are doing.

  • Not clicking on everything that pops up.
  • Not filling in every form of filed that is asked of us by companies.
  • Unticking boxes that want to store our info and sent us data all the time.
  • Have all updates on and installed.
  • Make sure we have the latest and up to date Anti-Virus and spyware/Malware kit on our machines.
  • AND above all use common sense.

What are your thoughts on this and what do you do? Are you paranoid or very open?

Great to hear your comments.

What do you use to browse the shops?

browser usageImagine the internet as a large series of shop windows from all over the globe. We all need a method of browsing through them, and finding and buying information or physical goods. So, what do you use as your internet browser?

For a long time, Microsoft had the market sewn up – as it built its browser, Internet Explorer, into the Windows OS – and so everyone used it without giving it much thought. If it works, then why change? Well, people did change – and they did it because they felt that IE wasn’t doing a good enough job of displaying the web to you, the customer, in an accurate and intuitive way. So various other browsers have been developed, and the majority run quite happily on the Windows platform.

I have tried various browsers over the years, mainly on my Windows based machines – and now more recently on my Android based devices – and find each browser to have its own set of positives and negatives. The picture above shows a rough breakdown of internet browsers in use at the moment, mainly for desktop machines running Windows.

So what do we look for?

So what do we look for in an Internet Browser? Are they all the same? Should we be bothered?

It is a personal decision, and you should use which ever one you feel most comfortable with, but be aware of the following areas: –

  • Rendering of web content. Some browsers display web content much faster than others, and for you the end user that saves time and frustration waiting for web pages to load.
  • Security features. Each browser claims a set of security features that allow for secure connections and more secure shopping etc. Check them out and make sure you are happy with what they are offering and how they are handling it.
  • Cookie handling. Browsers each handle cookies, which are small text based files that store some details of your path through the Internet. Most cookies are time saving and harmless, but some are Malware – and can cause popup windows etc. Check what settings each browser allows you to change to get the level of security that suit you and your business.
  • Some browsers allow you to save a list of your open tabs and create a snapshot of where you have been – this is then available when you leave your desktop machine and go mobile. Chrome for example lets me see the tabs I was looking at when I was seated at my desk – and this all leads to an easier work environment.
  • The look and feel. Again, this is a personal choice, some of it is down to the look and feel of the browser. You may find some are easier than others to use and navigate around. They all constantly update themselves, and so just as you think you have sussed the settings and where to find stuff they can change it all. But, hey, that’s computers and applications for you.

Why not let us know what browser you use, and why you use that one. Give us your experiences of browsers you have tried and why you moved on to others.

We look forward to reading your posts.

Hack in the box!

security laptopOn average 30,000 websites are hacked every day*, 200,000 new malicious programs/viruses are detected every day**.  Google recently reported that they detect 9,500 websites/day infected with malware used for drive-by download attacks, where the victim only has to browse the site to become infected, and 4,000 of these sites are legitimate company websites. Small business have been a target for cyber criminals for a few years now, because they are an easier target due to their lack of budget and expertise. Is your network as secure as it can be from hackers? Are you sure? Or are you helping cyber criminals distribute malicious programs to your customers, friends and family, even if you’re computers are just acting as a base of operations for attacking and infecting others.

* Sophos Labs Report ** Kaspersky Labs Report

It is estimated that cybercrime costs the world’s economy between $1 – 3 trillion per year.

Many businesses around the world have been struggling financially for a number of years, but sadly the underground hacking economy seems to be alive and well. In July of 2013, the FBI charged two Russians for hacking into US Financial Institutions that resulted in the theft of millions of dollars from more than 800,000 victim bank accounts. One of the hackers and several other undiscovered criminals, were also charged with the stealing and selling of at least 160 million credit and debit card numbers, resulting in losses of hundreds of millions of dollars. According to the indictment, these losses included $300 million in losses for just three of the corporate victims not to mention the immeasurable losses to the identity theft victims, due to the costs associated with stolen identities and fraudulent charges.

Underground Prices for Stolen Credentials and Hacker Services

Hacker Credentials and Services Details Price
*Visa and Master Card (US)   $4
American Express (US)   $7
Discover Card with (US)   $8
Visa and Master Card (UK, Aus & Can)   $7 -$8
American Express (UK, Aus & Can)   $12- $13
Discover Card (Aus & Can)   $12
Visa and Master Card (EU and Asia)   $15
Discover and American Express Card (EU and Asia)   $18
Credit Card with Track 1 and 2 Data (US) Track 1 and 2 Data is information which is contained in digital format on the magnetic stripe embedded in the backside of the credit card. Some payment cards store data in chips embedded on the front side. The magnetic stripe or chip holds information such as the Primary Account Number, Expiration Date, Card holder name, plus other sensitive data for authentication and authorization. $12
Credit Card with Track 1 and 2 Data (UK, Aus & Can)   $19-$20
Credit Card with Track 1 and 2 Data (EU, Asia)   $28
US Fullz Fullz is a dossier of credentials for an individual, which also include Personal Identifiable Information (PII), which can be used to commit identity theft and fraud. Fullz usually include: Full name, address, phone numbers, email addresses (with passwords), date of birth, SSN or Employee ID Number (EIN), one or more of: bank account information (account & routing numbers, account type), online banking credentials (varying degrees of completeness), or credit card information (including full track2 data and any associated PINs). $25
Fullz (UK, Australia, Canada, EU, Asia)   $30-$40
VBV(US) Verified by Visa works to confirm an online shopper’s identity in real time by requiring an additional password or other data to help ensure that no one but the cardholder can use their Visa card online. $10
VBV (UK, Aus, Can, EU, Asia)   $17-$25
DOB (US) Date of Birth $11
DOB(UK, Aus, Can, EU, Asia)   $15-$25
Bank Acct. with $70,000-$150,000 Bank account number and online credentials (username/password). Price depends on banking institution. $300 and less
Infected Computers 1,000 $20
Infected Computers 5,000 $90
Infected Computers 10,000 $160
Infected Computers 15,000 $250
Remote Access Trojan(RAT)   $50-$250
Add-On Services to RATs Includes set up of C2 Server, adding FUD to RAT, infecting victim $20-$50
Sweet Orange Exploit Kit Leasing Fees   $450 a week/$1800 a month
Hacking Website; stealing data Price depends on reputation of hacker $100-$300
DDoS Attacks Distributed Denial of Service (DDoS) Attacks– throwing so much traffic at a website, it takes it offline Per hour-$3-$5
Per Day-$90-$100
Per Week-$400-$600
Doxing When a hacker is hired to get all the information they can about a target victim, via social engineering and/or infecting them with an information-stealing trojan. $25-$100

*Note: All Credit Cards sold with CVV Codes

As always, there is no shortage of stolen credit cards, personal identities, known as Fullz, for sale. However, the hackers have come to realize that merely having a credit card number and corresponding CVV code is not always enough to meet the security protocols of some retailers. Hackers are also selling cardholders’ Date of Birth and other personal information. Having this additional information would allow a hacker to answer additional security questions or produce a fake identification, to go along with a duplicate credit card. VBV (Verified by Visa) data is also being sold.

It has been found that credit cards and personal identities for non-US residents continue to sell for more money than the credit cards and identities for US residents. An example of the pricing discovered for stolen credit cards, Track 1 and 2 Data of Credit Cards, Fullz, Date of Birth and VBVs for cardholders is listed in the table above.

Online Bank Accounts for Sale: Name Your Bank and Country Preference

Just as with stolen credit cards, there are hundreds of online banking credentials for sale. It has found that one can purchase the username and password for an online bank account with a balance between $70,000 and $150,000 for $300 and less, depending on which banking institution the account is located. Also one can specify the login information for an account within a specific bank and country.

Malware Infected Computers for Sale

There are thousands of compromised computers (bots) for sale by bot salesmen. The price per computer typically decreases when they are bought in bulk. The costs for infected computers (bots):

  • 1,000 bots = $20
  • 5,000 bots= $90
  • 10,000 bots = $160
  • 15,000 bots = $250

Infected computers in Asia tend to sell for less. It is thought that infected computers in Europe & U.S. are more valuable than those in Asia, because they have a faster and more reliable Internet connection.

Once scammers buy the malware-infected computers, they can do anything they want with the machines. They can harvest them for financial credentials, infect them with ransomware so as to extort money from their owners, or use them to form a spam botnet to send out malicious spam on behalf of other scammers. If you don’t think there is much money in the spam business think again. Research into one of the largest spam botnets, Cutwail, it is estimated that the Cutwail gang’s profit for providing spam services was approximately $1.7 million to $4.2 million over two years.

Malware and Exploit Kits for Sale

A variety of Remote Access Trojans (RATs) are for sale ranging from $50 to $250. Most of the RATs are sold with a program to make it Fully Undetectable (FUD) to anti-virus and anti-malware. However, there were some hackers who sold the FUD component for an additional $20. For those RAT buyers who want the seller to do all the work for them, eg: setting up the RAT’s Command and Control Server, configure the malware to be FUD and possibly infect the target, they could pay an additional $20 to $50.

Exploit Kits – One of the offerings the Sweet Orange Exploit Kit for lease charged between $450/week and $1800/month. Sweet Orange is certainly more expensive to lease than the once popular BlackHole Exploit kit. Before BlackHole’s supposed creator was arrested, the leasing rates for BlackHole were:

  • 3 months—$700
  • 6 months–$1,000
  • One year–$1,500

Hacker Services for Hire: DDoS Attacks, Hacking of Websites, Doxing

Hacking into a Website

The cost to hire a hacker to break into an organization’s website runs between $100 – $300. Generally the higher the fee, the more reputable the hacker. What is worth noting is that most hackers for hire will not hack into a government or military website.

Distributed Denial of Service (DDoS) Attacks

A DDoS is where 1000’s of computers, controlled by a RAT, are used to attack a website and bring it to a halt through sheer volume of traffic. Those customers wanting to purchase DDoS Attack Services could pay by the hour, day or week. Most hackers who provide the DDOS attacks guaranteed that the target website would be knocked offline.

The rates were as follows:

  • DDoS Attacks Per hour = $3-$5
  • DDoS Attacks Per Day = $90-$100
  • DDoS Attacks per Week = $400-600

Doxing

Doxing is when a hacker is hired to get all the information they can about a target victim. Their methods include searching public information sites, social media sites, as well as manipulating the victim via social engineering and infecting them with an information-stealing Trojan. There are a lot of Doxing services for sale on the hacker underground, A “Vouch” from customers is used to verify that the hacker providing the Doxing service is legitimate. Doxing services range from $25 to $100.

Name Brand Products, Get Them For Cheap

Another service being sold on the hacker underground is where hackers will sell popular products, below the retail price. The hackers will obtain a specified product for a buyer either by using a stolen credit card or by working a scam, where they contact the retailer’s customer service representative and pretend to have purchased the item from the vendor, and it was damaged. The customer service representative is convinced that the complaint is legitimate, and they send out a replacement to the scammer, who in turn sells the product below the retail price.

Summary

For the most part, it does not appear that the types of hacker services and stolen data for sell on the hacker underground have changed dramatically in the past several years. The only noticeable difference is the drop in price for online bank account credentials and the drop in price for Fullz or Personal Credentials. In 2011, hackers were selling US bank account credentials with balances of $7,000 for $300. Now, accounts with balances ranging from $70,000 to $150,000 go for $300 and less, depending on the banking institution where the account is located. In 2011, hackers were selling Fullz for anywhere from $40 to $60, depending on the victim’s country of residence. Fullz are now selling between $25 and only go up to $40, depending on the victim’s location. It is believed that the drop in prices further substantiates that there is an abundance of stolen bank account credentials and personal identities for sale. There is also no shortage of hackers willing to do just about anything, computer related, for money, and they are continually finding ways to monetize personal and business data.

Key Protective Security Steps

Companies should adopt a layered approach to security and consider implementing the following:

  • Firewalls around your network and Web applications
  • Intrusion Prevention Systems or Intrusion Detection Systems (IPS/IDS). These inspect inbound and outbound traffic for cyber threats and detect and/or block those threats
  • Host Intrusion Prevention Systems (IPS)
  • Advanced Malware Protection Solution
  • Vulnerability scanning
  • 24 hours a day x7 days a week x365 days a year log monitoring, and Web application and network scanning
  • Security Intelligence around the latest threats (people working on the latest threats in real-time, human intelligence)
  • Encrypted email
  • Educating your Employees on Computer Security. A key protective measure is to educate your employees to never click on links or attachments in emails, even if they know the sender. Employees should check with the sender prior to clicking on the email links or attachments. Client side attacks using email attachments and hyperlinks to malicious code on the web are the two major infection vectors.

The good news for SME’s is that there are some products out there that are open source and free that can cover a lot of the above. Configured correctly will help to protect the network from malicious hackers, at least make them want to bypass you and attack an easier target.

Individuals Should Implement the Following Security Steps

  • Computer users should use a computer dedicated only to doing their online banking and bill pay. That computer or virtualized desktop should not be used to send and receive emails or surf the web, since Web exploits and malicious email are two of the key malware infection vectors.
  • Avoid clicking on links or attachments within emails from untrusted sources. Even if you recognize the sender, you should confirm that the sender has sent the specific email to them before clicking on any links or attachments.
  • Reconcile your banking statements on a regular basis with online banking and/or credit card activity to identify potential anomalous transactions that may indicate account takeover.
  • Make sure your anti-virus is current and can protect against the latest exploits. Also, make sure that your anti-virus vendor has signatures for detecting the latest Trojans and that you have the most up- to-date anti-virus protections installed.
  • Do not use “trial versions” of anti-virus products as your source of protection. Trial versions of anti-virus products are good for testing products, but do not continue to use the trial version as your protection for your home or work PC. The danger is that the trial version does not receive any updates, so any new Trojan or virus that is introduced after the trial version was released will have total access to your PC.
  • Make sure you have your security protections in place. Patch management is key. It is critical that as soon as they become available you install updates for your applications and for your computer’s operating system.
  • Be cautious about installing software (especially software that is too good to be true – e.g., download accelerators, spyware removal tools), and be conscience about pop-ups from websites asking users to download/execute/or run otherwise privileged operations. Often this free software and these pop-ups have malware embedded.

Make sure your company is not an easy target for the cyber criminals by having a penetration test by a trained and experienced Certified Ethical Hacker.

Penetration testing is the process of evaluating both your physical and digital security systems and finding all areas that are insecure and that need attention. The main goal of penetration testing is not only to find security vulnerabilities, but to attempt to exploit them as well, which can decrease the chances of data loss or allowing unauthorised persons access to secured data. Common problems discovered by penetration testing include software bugs, design flaws and configuration errors. Once these have been identified, they need to be quickly repaired in order to ensure that safety isn’t compromised for longer than necessary. Testing is vital for any business, no matter how large or small, as data has become the most important currency available to organisations and hackers.

Penetration testing should be performed by an experienced tester from outside the organisation or the service provider whom has configured the solution, website, network, etc. It is all too easy to ignore or turn a blind eye to a known issue, or to have the attitude of ‘Nobody could possibly find that flaw!’ or ‘Who would want to hack us? We’re not interesting enough!’ As this involves the security of the business, no half-measures can be taken. Security breaches happen every minute of every day, and unless you have a dedicated team for penetration testing, it may be wise to consider outsourcing the procedure. Having an in-house team is ideal, but there are many businesses that find good reasons to outsource the testing and security of their information systems.

Thanks to our Guest blogger this month
Wynn Jones ECSA/LPT CEH CHFI CVE CCA MCSE
http://www.praetoriansecurity.co.uk

 

Is Virus Protection enough anymore?

virus protectionI thought I would burp a little about the recent news broadcasts detailing the attacks that have happened, as well as the ones that are about to hit in around two weeks’ time.

Let’s start with the one that already happened, the Heart bleed exploit. This affected web servers and took advantage of a flaw in a commonly used library to gather random chunks of working memory. Unfortunately these random chunks often contained people’s login details or other personal information. And so we all had to go and change our passwords for many of the web services we use, Google, Facebook, and Yahoo and so on. Wait, you haven’t done that yet? Well you better get in about it today and make it so!

The attack due in a few weeks’ time was announced on the news feeds last week, and you need to make sure that all your computers are up to date and virus protected within the next two weeks. You have been warned!

So what’s new?

Well, in actuality, nothing is new. We have been plagued with hackers, attacks, and viruses for as long as I have been in IT.  And there is even a possibly they were around before then, I am not as old as you think you know! We have long been advised to keep our computers up to date, to install virus checking software and ensure we have the latest virus definitions. Yet we still succumb to the viruses as they hit the web. Is it because we just get lazy and don’t maintain our computers? Has the computer age made us feel that the software should maintain itself? Why do we have to do anything manually?

I have repaired machines in the past, and have asked the user if they had anti-virus software. The answer was often yes, as it came with the computer. Brilliant I said have you updated it recently … a long pause … no, was the reply, doesn’t it do that itself? I then checked the machine to find that the software was on it when bought, but had never been launched and never registered. In fact, it had simply been taking up some hard drive space and doing not a lot else! Given this was roughly three or four years after purchase, I will not tell you the number of infections I found on that machine.

Which hat are they wearing?

These days you can attend college or university and do an Ethical Hacking course, and come out with a matching qualification. Now if you use this the right way (known as white hat hacking) you will become an asset to any company wanting to protect their systems. Of course, used the wrong way (black hat hacking), you can cause mayhem and leave damage in your wake.

Help me Ian; what do I need to do?

Put simply, you need to do what you have been told to do for as long as I can remember. That is: keep your computer up to date, and keep anti-virus software on it and up to date. If you are on a network, then make sure your firewalls and other barriers are up and running. Oh, and just to let you know, it could all be changing again as the mobile usage increases and the cloud becomes our storage … watch this space, but be protected.

Further info on some of this can be gained by reading our previous blog on Windows XP cover, and on Passwords security.

Take care and be safe…

Let us know your thoughts on this issue and how you are coping in the battle for safe working.

How Windows XP is gambling with your security

 

Windows Xp Cover

Microsoft has announced that support for Windows XP will finish by April 8th 2014. After this date all XP users will be prone to an increased risk of viruses and other hacker attacks. According to a survey conducted by Net Applications, nearly 40% of global desktops still use Windows XP, only slightly fewer than those using Windows 7, which has 45% market penetration.

Do you really need to worry about this?

It’s true that your XP machine won’t suddenly die on the 8th, but its days are still numbered. The problem is that you may not be able to continue using XP with the same confidence as just now where Microsoft automatically send out automatic software updates and security patches to all XP machines which ensures reliability and security. On the 8th April this year these automatic updates will CEASE.

After 8th April 2014, when (not if) the bad guys detect a security hole that lets them take over an XP machine without the owner’s knowledge, they may be able to monitor your activity, read your emails and pick up sensitive corporate and personal data (e.g. online banking security, personnel data etc.).

Plan ahead to avoid the disaster

If you’re using Windows XP and your PC is connected to the Internet; you need to make plans some time before security becomes an issue in April 2014. The solution will be to move onto a later version of

MS Windows (7 or 8), but not all computers currently running XP will perform adequately with these newer operating systems. Another consideration is purchasing new licences can be relatively expensive when compared with new PC & licence price.

You need to think about all the programs that you use and if they can run on the new operating system. Many organisations run applications that are not provided by Microsoft, such as accounting packages or engineering drawing and planning. These need to be checked for compliance with any proposed changes. What happens if it all goes wrong? Do you have a disaster recovery and business continuity plan that’s more substantial than simply backing up your data?

How to implement?

Whether you are moving one machine from Windows XP, or more, it’s worth developing action plan now. Below are some suggestions on items to consider:

  • Start with the obvious: check to see which desktops and laptops are still running Windows XP.
  • Rank your machines in two ways: importance and urgency. Systems that score highly in both measures need an action plan soon. Unusual or specialist software, or machines you run accounts on, for example, should get higher ratings: they may need special attention.
  • Complete backup of data including emails and any special program data that is not held within the documents area.
  • List the programs that you require setting up on the new computer.
  • Get hold of all the discs, licence keys, user names and passwords as appropriate.
  • Find all the drivers required for new operating system.
  • Plan time to migrate – it will probably take 3-4 hours per computer. Also note that there is no automatic way to migrate from Windows XP to Windows 7 or 8.
  • Plan which machines must go first if you have many machines to migrate.

Complex Situations

Complex situations will require detailed planning and testing prior to migration. It will pay dividends to seek the help of an experienced IT support company to ensure that you have a trouble free migration.

How many Windows XP machines have you got running and what is your action plan to deal with this? Give us your comments here.

Guest Blogger for this article was

David Shuster of Managed IT Experts
david@manageditexperts.co.uk
http://www.manageditexperts.co.uk

Who has the lion’s share?

touch screenWho has the lion’s share?

In this post I thought we could have a look at who has the lion’s share of the Operating system market. That’s not such an easy question anymore, as the idea of sitting at a desk and performing all your duties has changed drastically over the last few years.

 

The operating systems we use daily are now spread over the following device types:

  • Desktop Computers and laptops
  • Tablet computers
  • Smart Phones
  • Server machines

Gone are the days of the Microsoft Windows revolution, the massive change in how we used computers that made us all want one, and then get really frustrated with it as the technology kept changing. In the pursuit of progress, the Operating system was continually transformed into something else just as soon as we were just getting to grips with it. Our parent company, IT Turning Point, exists primarily to educate and inform. This keeps everyone using their systems and software correctly, and ensure they always work to their benefit.

Let’s look at the Desktop

 

Desktop operating system browsing statistics on Net Applications

Windows 7

47.53%

Windows XP

28.53%

Windows 8

10.68%

OS X

7.68%

Windows Vista

2.10%

Linux

1.48%

Desktop OS Market Share as of February 2014 according to Net Applications

 

Microsoft still has a massive share in the desktop market, primarily because of their prevalence in the business world and enterprise companies. They have the history of targeting this market successfully, and that past success really what made them who they are today. It is interesting to note the various incarnations of the Windows operating system still dominating the desktop marketplace.

When it comes to mobile, things are different indeed

Microsoft did not see the mobile market as their main thrust, and as such they left their entry into the arena a bit late. By the time they made their move, Apple had introduced us to the touch screen smart phone, and the mobile landscape had changed. Google entered the market with Android, its operating system for mobile devices, and the landscape changed once more. Let’s look at the picture for mobile devices as things stand:

Worldwide smartphone sales to end users by operating system in 2013

Android

79.0%

iOS

14.2%

Windows Phone

3.3%

BlackBerry

2.7%

Other

0.9%

Mobile OS Market Share as of 2nd quarter 2013 Gartner

Mobile operating system browsing statistics on Net Applications

iOS

52.96%

Android

36.14%

Java ME

4.44%

Symbian

3.50%

BlackBerry

1.42%

Kindle

0.93%

Windows Phone

0.45%

Other

0.16%

Mobile OS Market Share as of February 2014 Net Applications[1]

 

As you can see, the companies in the mobile arena are very different from those on the desktop, and it’s still evolving – these mobile devices also include tablet computers as well.

Android have swept the floor with their OS, a large amount of key hardware manufacturers signing up and skinning the core Android to make it their own. Layers such as HTC’s Sense and Samsung’s Touchwiz enable these devices to stand apart despite the same underlying core. Google have kept their hand in with Android devices running an unskinned version of Android – these devices are all part of Google’s Nexus range. See our recent posts for articles on these devices.

The current statistics vary drastically, but it is now being suggested that around 72% of Internet traffic is coming from mobile devices. A very interesting statistic, and again as we mentioned at the beginning, this changes the way we do computing in a big way.

The second table above shows the Operating systems we are browsing with in the mobile market, as you can see Windows is at the bottom and Microsoft are now desperately playing catch-up.

Conclusion

Microsoft have still got a lot to offer, and they still have the main desktop market sewn up for now. They have moved late for the mobile market however, and the writer has to wonder whether they will continue in this arena or pull back and concentrate on what they do best. Considering that we are moving more towards mobile working, and more tablet computers are being bought every day, that may not be a move they can afford if they wish to maintain their own future growth.

 

What OS do you use and what devices do you have? Let us know your thoughts.

Do I use Protection?

passwords

Password protection of course.

In this post, we are looking at passwords – and what people do or don’t do with them. It was inspired by a recent report online about the most common passwords of 2013. It scares me when I see what is being used. Strong passwords are one of those things we know we need, and should be using, but tend to put little to no effort into. Then we tend to be the first to shout ‘my details were taken’ when things go wrong.

So what are the rules then? Different camps will give you different instructions, and some will claim a password is strong when in fact it isn’t.

Let’s look at the most common methods:

  1. Use Different passwords everywhere.
    Why should we have to do this when it is so easy to use our pets name at every password prompt? Well it’s simple really. If someone guesses your pets name, and believe me they will, then they have access to every site you use. A study by an online company, called BitDefender, showed that 75% of people will use the same password for their email and Facebook. If that is then also your PayPal password, and it’s discovered, say goodbye to some funds and your friends.
  2. Remember the Underwear Meme
    Seemingly the saying goes like this: Passwords are like underwear. You should change them often, maybe not every day of course. Don’t share them. Don’t leave them out for others to see. (No Post Its). They should also be mysterious and a secret to others. So make them something that they can’t guess.
  3. Avoid Common Passwords
    If the word can be found in a dictionary, it is not a strong password. If you use numbers and letter as they appear on the keyboard, it’s not a strong password. Relatives names and pets names, NO. Even if you follow them with a number. Birthdays and anniversaries are just as bad sadly. Hackers will try all these things first. They actually run programs to check all these kinds of passwords, and for the love of all that’s techie, if you use “password” as your password, please just sign off the Internet right now. SplashData has been listing the 25 worst passwords for some years now, and “password” has always topped the list as the most common password. This year it was deposed by the long-time second worst password: “123456.” No, really!

So what are you tips I hear you cry!

Don’t cry, here is some advice.

Strong Password Solutions

How to Build Strength

To create a strong password, it is suggested you should use a string of text that mixes numbers, letters that are both lowercase and uppercase, and special characters. It should be eight characters, but preferably many more. A lot more. The characters should be random, and not include words, flow alphabetically, or be from your keyboard layout.

So how do you make such a password?

1) Spell a word backwards. (Example: Turn “New York” into “kroywen.”)

2) Use l33t speak: Substitute numbers for certain letters. (Example: Turn “kroywen” into “kr0yw3n.”)

3) Randomly throw in some capital letters. (Example: Turn “kr0yw3n” into “Kr0yw3n.”)

4) Don’t forget the special character. (Example: Turn “Kr0yw3n” into “Kr0yw3^.”)

You don’t have to go for the obvious and use “0” for “o,” or “@” for “a,” or “3” for “e,” either. As long as your replacement makes sense to you, that’s all that matters. A “^” for an “n” makes sense to me.

The suggested best form today seems to be creating a sentence and type it in, including spaces. It takes algorithms much longer to crack something like that than it does just for straight words – even if you have changed the letters for symbols and numbers. (Example: “I love yellow trousers”). This believe it or not is quite secure, and has the added advantage of being easier to remember. Of course, I could also swap numbers for letters and include symbols as well.

Well I hope you got the point and the Protection is definitely needed.

To finish, here is last year’s list of the 25 most commonly used passwords. I expect to hear the cries of despair as you recognise yours. It also shows their change in rank from the year before, and includes some newcomers for this year as well.

1. 123456 (Up 1)

2. password (Down 1)

3. 12345678 (Unchanged)

4. qwerty (Up 1)

5. abc123 (Down 1)

6. 123456789 (New)

7. 111111 ( Up 2)

8. 1234567 (Up 5)

9. iloveyou (Up 2)

10. adobe123 (New)

11. 123123 (Up 5)

12. admin (New)

13. 1234567890 (New)

14. letmein (Down 7)

15. photoshop (New)

16. 1234 (New)

17. monkey (Down 11)

18. shadow (Unchanged)

19. sunshine (Down 5)

20. 12345 (New)

21. password1 (up 4)

22. princess (New)

23. azerty (New)

24. trustno1 (Down12)

25. 000000 (New)

Let us know what you think, and how you cope with remembering all the various passwords you use.

Ho! Ho! Ho! The Christmas Gadget List……

Christmas gift list

Happy Christmas from us All

It’s that time of the year again when people are eying up their Christmas want lists and gadgets are almost likely to be up there near the very top for many of us.

From a new mobile to a tablet computer there are an array of gadgets that can keep us drooling and wanting the next best thing. So who are doing the most obvious pushing this Christmas Time? Who will Santa be wooed over by when he is choosing your and my presents this year.

Phones

The IPhone 5S is still high in the popularity stakes with its clean looks and fingerprint recognition. Will an Apple at Christmas be your thing. At around £549 to buy.
HTC One is the competitor and again sturdy design with HTC’s proven record of phone technology. Fabulous sound through two front facing speakers. Made from a solid piece of aluminium. At around £479 to buy.

Cameras

The cannon EOS 700d might be the present you are seeking from Father Christmas, get the professional shots you have always wanted. 18 Megapixel sensor and great build quality; this puppy will set you around £750 to buy.
Samsung have their NX300 out as well to compete and being Samsung the name is there as far as technology is concerned. It has a 20.3 Megapixel sensor and talks to all other Samsung devices. It will take around £600 out of your Christmas savings account.

Apple again

Apple MacBook Air is still popular, the 2013 edition. Only a small upgrade to previous versions but still maybe on your Christmas list if you are and avid Apple follower. Apple never does anything by half so this baby will cost you around £849 to buy.

TV’s

A large new TV, which would be a great Christmas present. Samsung again with their Samsung UE46F8000ST, 35mm thick with e tiny 5mm surround bezel has to be a great pick. Image quality is meant to be one of the best from an LED TV. And it includes all the gesture recognition that is coming in. Basically a computer on board containing Quad cores……This screen will steal around £1800 from your savings.
Panasonic have their TX-P60ZT65, which is rumoured to be the best HD TV out there with extremely fine picture detail. Smart with Internet options and also acts as a media streamer. However the elves will raid your bank account to the tune of around £3650.

To finish our Teaser list…..

How about a JL Built-in Wine Cooler, this small cabinet fits in the smallest of spaces in a kitchen and chills the wine, 7 bottles, and is very quiet with a noise count of only 36dB. Doesn’t frost up either it seem? This will cost your around £180, so not such a sting on those savings this time.

Well, have a great Christmas and a fabulous new year and let me know below what your gadget for Christmas would-be this year.

IT Tech Point

Why the Nexus range, and do phone users even care?

nexus 7 2013

New Nexus 7 2013

I am, as you probably know by this time, into all things tech (with some exceptions) and have been over the last few years been into the smart phone market. Now, when I rummage around and find one of my old Nokia phones, I really wonder how I managed to survive with it. The smart phone market has revolutionised our opinion of what a phone should do, and in fact the phone element of any device seems the part least spoken about.

I have tried a number of smart phones over the years, and have drawn my own conclusions as to which ones are doing what I need then to do, while potentially taking the whole smart phone market further. I am always looking at what we have now, and what we could have in a very short period of time.  Apple, as everyone now knows, got this whole snowball rolling and changed the perception of the mobile phone market. Then they launched the first successful tablet computer, not the first though, as Microsoft had tried the idea years earlier – but the market place was not ready for them back in the late 90’s, and they did not take off.

The Battle was on!

After the launch of the first iPhone, the battle for control of the smart phone market was now on.  Apple had stolen the early lead with the touch screen phone and tablet market, wrestling market share from Nokia and it’s aging Symbian system. Other phone manufacturers could only try and catch up, some with more success than others.

Today, Nokia mobile are no more – the technology now owned by Microsoft who are using it to drive the Windows platform forward. Motorola Mobile are now owned by Google, a purchase that solidified the patent armoury most corporations have these days. Blackberry did not react fast enough, at time of writing they company is currently facing being sold off to various bidders (including names like Lenovo) in various packages.

The challengers

After their initial domination of the market, Apple began to face a challenge; Google acquired a company called Android, Inc (who unsurprisingly produced the Android operating system) and then got various manufacturers to buy into using Android for smart phone device and tablets – with these manufacturers they formed the Open Handset Alliance in order to further Android sortware and corresponding hardware. It had suddenly stopped being a one horse race, and Apple now had serious competition for their smart phones and tablets.

Through development of Android, Google has continued to push the boundaries of what can be done, and more and more manufacturers have joined the OHA. Apple has stuck to their tactics of premium prices and quality build, backed by a locked down operating system that is partially customisable.  The story again, at time of writing, is that there are more Android devices switched on per day than Apple and all other phone operating systems combined.

In an attempt to aim for a premium phone experience, Google have created a range of devices branded Nexus. Hand chosen manufacturers have been asked to build these, and Google work closely with them on the software and hardware designs. The final products run a vanilla build of Android, and are pushed updates instantly as they are released.

This was partially in response to the problem Google encountered with other Android device manufacturers (such as HTC , Samsung etc.) would take the raw Android operating system, and then skin it with their own logos and interfaces in order to brand it as their device. While this allowed these manufacturers to make their phones unique from their competitors, it did mean the end user was at the mercy of the OEM for their Android updates, and many handsets are still several versions of Android behind, despite being less than a year old.

The Nexus Range

The latest incarnations of the Nexus range are the Nexus 5 phone (launched November 2013), and the Nexus 7 tablet (launched July 2013). There is also the Nexus 10 tablet (launched November 2012), but a new one is due to be launched imminently.

The benefits of a Nexus tablet or phone are the instant Android updates, and the fact that it all works with the hardware flawlessly. The devices all synchronise via the cloud, so data transfers seamlessly between them to allow mobile working at its best.

We test drove the Nexus 7 2012 version, and the Nexus 7 2013 version on this very blog – check them out and see what our thoughts and findings were.

So what do the public think?

Does any of this behind the scenes work affect what the public think about their next phone? I think for the majority it probably doesn’t, and it’s the next clever advert that may sell them their next phone. But for anyone who is, dare I say it, slightly geeky and interested in where their phone has come from – and, perhaps even more importantly, interested in where their phone might be going,  this info might just sway their opinion.

What is your take on mobile development and where it might be going?

Thanks to Graham Thomson for his input into this article.

Rumours Surface about Surface 2….

touch screenRumours are surfacing about Microsoft being about to launch their next generation of the Surface tablet computers. These remember are the computers that they have a huge stock of in warehouses that is costing them more in Rent for the storage space than it did to make the units.

They have scheduled a press event on the 23rd September in New York and are emailing out media invites, but are keeping very quiet about any other details….oh the intrigue.

The rumour mill of course has been running all the time and snippets have been released about the various new Surface units that might be emerging. For example, it is rumoured there will be a Surface 2 and a Surface Pro device. Also a refreshed version of the Surface RT device. Hardware is expected to be improved to the Tegra 4 CPU with 1080p screen and 4Gb of RAM. Improvements to the battery life have also been muted.

Of course Windows 8.1 is expected in October so all these devices are rumoured to be running this version.
But is it too, little too late for Microsoft. Or will they make the breakthrough they expect to make in this catch up race with IOS and Android devices?

What are your thoughts and do any of you have a Surface just now?
If you do let us know your thoughts on it?
If not, would you rush out and buy a new Microsoft Surface device?