The controversial CISPA (Cyber Intelligence Sharing and Protection Act) proposal has passed committee review and is heading to the Senate for a vote, despite a clear warning from the Obama administration that it would VETO the proposed law. Unlike the equally controversial SOPA (Stop Online Piracy Act) backed by media companies and defeated through vigorous and coordinated protests from the technology industry, CISPA has divided the technology industry. Many large companies like IBM, AT&T, Oracle and Verizon backing it, while other, equally sizeable companies like Facebook, Microsoft, Google and dozens of activist organizations oppose the bill on the grounds that it doesn’t do enough to protect the privacy of US citizens.
What this means for you:
In case you are confused as to how CISPA might impact you or your business personally, here’s a summation of what the bill proposes: This law would allow telecommunication companies to share data with governmental agencies for the purposes of combatting terrorist or criminal activity, overriding any local laws that would prohibit such sharing. According to supporters, law-abiding citizens should have nothing to worry about, but opponents contend that on top of very weak protections for citizen privacy, there is nothing in the bill that would protect citizens from potential abuse by the various intelligence agencies who could amass an inconceivably comprehensive database from the information gained by CISPA. Regardless of which side of the privacy fight you stand on, it behooves you as a US citizen to be aware of where you stand on this issue, as well as encouraging everyone around you to participate as they can in helping our government come to terms with this problem.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
Kaspersky Labs just released their quarterly threat report for Q3 2012, and it’s dry reading for most folks not fascinated by IT security as I am. There are some notable trends that their research has surfaced, and I thought you might find some of these data points interesting:
- You are least likely to be infected by a fellow countryman in the nation of Denmark. (The US is in the lower first quartile, in case you were wondering.)
- Russia has overtaken the US as having the most websites hosting malware software.
- The most commonly found smartphone virus is designed to steal money from you by texting premium-rate numbers without you noticing.
- The most common way to get a virus infection is via drive-by infections, ie. visiting a dodgy website and getting infected when your browser loads pages that have embedded viruses.
- Of the top 10 most commonly found software vulnerabilities, 2 are found in Oracle software (Java), 5 from Adobe (Flash, Shockwave & Acrobat), 2 from Apple (Quicktime and iTunes), and 1 from Winamp.
- Over half of the detected malware infections came from Java vulnerabilities.
- For the first time in many years, Microsoft did not make the Top 10 list of vulnerabilities!
What this means for you:
Keep your software up to date. The java vulnerabilities have been patched, but many people ignore (or aren’t even aware) that Java needs to be kept up to date just like any other software installed on their machine. Keep your browser up to date, and if you have the choice, use the latest version of IE, or even better, Google’s Chrome browser. However, nothing will keep you safe if you don’t have proper malware protection installed, updated and ACTIVE. If you use an Android phone, see my previous article on the dangers of side-loading questionable apps. As of the moment, buying smartphone anti-virus software isn’t at the same state of “must-have” as computers, but we may be fast approaching that point. If you are careful about the apps you install on your phone, you don’t need it…yet.