IT News, Solutions and Support

Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: Opinion

Hack Brief: There’s a New iPhone Text Message Attack

Hack Brief: There’s a New iPhone Text Message Attack

It turns out pranksters can crash an iPhone merely by texting it the exact right string of English and Arabic characters.

The post Hack Brief: There’s a New iPhone Text Message Attack appeared first on WIRED.

Hack Brief: There’s a New iPhone Text Message Attack

Hack Brief: There’s a New iPhone Text Message Attack

It turns out pranksters can crash an iPhone merely by texting it the exact right string of English and Arabic characters.

The post Hack Brief: There’s a New iPhone Text Message Attack appeared first on WIRED.

Obama’s Former Privacy Director Decries America’s Data Security

Obama’s Former Privacy Director Decries America’s Data Security

President Obama stands in the well of the House, demanding Congress take action on privacy and cybersecurity. Nothing happens. It has become an annual Washington ritual. One we witnessed again last night. The state of our union’s data is insecure. In 2009, President Obama announced the creation of a White House cybersecurity office as part […]

The post Obama’s Former Privacy Director Decries America’s Data Security appeared first on WIRED.

Email Spoofing: Explained (and How to Protect Yourself)

Jason P. Stadtlander Headshot, Huffington Post

Recently a co-worker asked me “Why do people even bother to spoof my email address?”

First, for those of you joining me that have no idea what the term spoofing means – let us examine that.

Spoofing is defined as:

/spo͞of/
verb
1. imitate (something) while exaggerating its characteristic features for comic effect.
2. hoax or trick (someone).

Origin: late 19th century English comedian Arthur Roberts.

In the context of computers, to spoof one’s email address means that the sender is acting as if the email is coming from someone it is not.

How someone (or something) sends an email made to look like it comes from somewhere or somewhere it does not, is a little more technical to explain. So, if you don’t like tech talk, then skip to the next section “Why is my email address being spoofed?”

How are they spoofing me?

Spoofing email addresses is rather easy. All a person needs to spoof an email address is an SMTP (Simple Mail Transfer Protocol) server (a server that can send email) and the appropriate email software. Most website hosting services will even provide an SMTP server in their hosting package. It is also possible to send email from your own computer if you load an SMTP server on it, however most ISPs will block port 25 (which is required to send out email).

Many of the available free SMTP servers will allow you to show a different “from” address than the actual registered domain that the email is transmitting from. However, to the recipient of said message, they will see that it actually came from the address you specified.

Now, there are special checks in place (and more being put into place) to prevent exactly this problem. One is called SPF or “Sender Policy Framework” which was developed by Meng Weng Wong in 2003. Basically, each time an email is sent, the receiving server compares the IP of the origin with the IP listed in the SPF record with the appropriate domain.

EXAMPLE 1: So, for example, let’s say someone tried to spoof Bill Gates (billgates@microsoft.com):
They would send an email on his behalf > the recipient server would then talk back to microsoft.com and say “Hey, I have an email that is coming from 123.123.123.123 stating that it was sent from billgates@microsoft.com.” > microsoft.com would then tell the recipient server, “No, sorry, it should be coming from 111.111.111.111.” and the message would never get delivered.

Why is my email address being spoofed?

Two basic reasons people (and machines) spoof:

1. Malicious: To cause useless internet traffic – ultimately hoping to bog down servers or bring them to a halt.

2. Because you were unlucky enough to have clicked the wrong thing at the wrong time.

Continue reading Email Spoofing: Explained on Huffington Post The Blog

Email Spoofing: Explained (and How to Protect Yourself) | Jason P. Stadtlander

It Doesn’t Really Matter if ISIS Sympathizers Hacked Central Command’s Twitter

It Doesn’t Really Matter if ISIS Sympathizers Hacked Central Command’s Twitter

For 40 minutes today, followers of the most feared terrorist organization in the world had free reign over a computer network of the US military. That is the story that many will take away from the hack of CENTCOM Twitter and YouTube accounts. And that story will be hyperbole.

The post It Doesn’t Really Matter if ISIS Sympathizers Hacked Central Command’s Twitter appeared first on WIRED.