(Keeping this anonymous because I'm worried my security's compromised and don't want to make it worse.) So for about the past six weeks, the log-in process on the Bank of America site has been behaving strangely for me. When I go to the BOA site I see my online userID in the normal way and click on it. That then takes me to the sitekey confirmation page where --weirdly-- my password is now showing up in plaintext on the login page, above the sitekey image. The first time this happened it was displaying my then-current password, which I immediately logged in with and changed. Since then, every time I go to log in I see the old password in plaintext, above the sitekey. When I enter either my then-current or my actually-current password it's rejected and I need to go through the reset process before I can successfully log in. I'm not freaking out, because there's no strange activity in my accounts. But still, it's unnerving. So..... what might be going on here, and what should I do about it? [more inside]
I'm going to be stocking a small bookcase with 5 to 10 books, and placing it in a room inside a college. I need a way to prevent the books from being stolen. Options seem surprisingly limited. Any help? [more inside]
At work, I can digitally sign and encrypt emails using digital certificates on my ID (and a card reader attached to my laptop). It integrates decently with Outlook and Acrobat. It's 2014. What are my PKI options for personal use? [more inside]
I flew home through a major US airport a couple of days ago. I'd just put my carry-on stuff on the conveyor and lined up with several others for the dreaded bodyscanner when the TSA agent waved four of us around the machine and over to pick up our stuff. I was delighted not to have to go through the scanner, but I've never seen anyone just waved on through before. How often do they let people bypass the scan? [more inside]
I am still using Office 2003 for personal use. It meets my limited needs perfectly well, and I want to avoid learning curves and costs associated with alternatives if at all possible. I understand that Microsoft will no longer be issuing security patches for it soon, so there are potential risks in continuing to use it, but how serious are those risks given my actual pattern of use? And can they be easily mitigated by avoiding various features or behavior? [more inside]
My boss has asked me to help him find some introduction-level resources to understand modern IT industry fundamentals (cloud computing, modern storage technologies, security, system architecture, etc.) from a management standpoint. I have a good handle on the technical side, but I'm not sure where to look for the basics. What resources would be a good introduction? Web sites are most helpful, free or paywalled okay.
If one wanted to be paranoid about protecting access to critical accounts (bank accounts and the like) what are some steps that you can take short of building your own machine and never using it for any transactions at all other than those to the secure sites? I have used lAstpass and 1 Password for years but frankly all of the recent revelations of security breaches and key loggers and the like make me wonder if I should consider other options for critical accounts (wondering out loud: is it not likely that the password app manufacturers were not NSA's first targets?) Some accounts do not allow two step authentication.
Why do I suddenly have 4 requests to share a Google Drive folder with people whom I don't know? [more inside]
In light of revelations that some folks can look at me over the internet through my webcam without me knowing, I would like to have a solution to this problem. I was thinking that taping over the webcam would work well, but it might also look tacky, and might also add a residue to my computer that I would not like. Is there a kind of tape that would look good on a unibody macbook pro? How would I make that tape look good? What sort of tape would be suggested for its no residue, opaque characteristics? Is there a better solution than tape, like a well-thought out kickstarter project or something of that nature? Please help me with my paranoid bougie computer problem.
I'm interested in getting a few residential security cameras installed to cover our yard and car areas. Requirements are: ~40 feet night vision, decent motion detection, networked recording to central PC/DVR unit (either over WiFi or PoE power), no batteries, weatherproof, not easily stolen. There are plenty of cameras with good tech specs, but many of them look like warp engines. I imagine putting up giant cameras will not only piss off the neighbors, but serve as a giant ROB ME I HAVE STUFF sign. What exterior cameras are not only good but inconspicuous? [more inside]
My girlfriend and I have just gone under contract on a home in Atlanta, Georgia. It's in a safe neighborhood, ITP (Briarlake area) but plan on having a security system installed ASAP. [more inside]
Is there a book or a research article (or high quality speculation) to be found, which would ponder how frequent bombarding with "surveillance is a good thing" comments (appearing in media and made by some kind of authority) and "yet another security flaw appeared in a mobile application, in a web service or in a department of a company" news (which would happen to some high profile and well known company) affects kids and youngsters? I mean their mind is still shaping, so it would be interesting to know in advance, what kind of adults will they become? Naturally the mind of an individual is shaping throughout the whole lifetime, but it could be said that there are lots of people, who aren't or will not be very good at getting rid of their "old programming".
About ten years ago I signed up for gmail very early during beta when people were selling invites for up to 3 and 4 figures and lucked out on a very early, short email address. (See profile.) And it's not cool. Not only do I get a lot of spam but I get a lot of misdirected email. I've seen receipts, bank statements, tax returns, boobies, dozens or hundreds of pictures of different families, newborns, weddings, new cars, old cars, flight reservations, money wire recepits. And this isn't good, and I wonder about my liability, and I wonder about these known brands or services that don't include a button for "This is not my account or data." or any email validation step at all. [more inside]
I'm trying to help a relative who's in a full panic about computer security, brought on both by the alarmist mainstream reporting about the gotofail bug and by some coincidental hardware issues with her OS X machine. My reassurance isn't going to cut it this time -- is there somewhere online where she can read, in lay terms, that although the bug was severe in theory / in its implications, there's very little evidence of real-world exploits? [more inside]
My mother still gets her bank statements by paper mail. Her latest one failed to be delivered for 2 weeks now, and she verified the bank mailed it, so we assume it was delivered by the mail carrier to the wrong address, or dropped, or something. Nothing has happened yet, but it seems best to guard against the worst-case scenario, namely that someone else now has her home address, bank address, all account numbers (including retirement accounts), possibly other identifying information, and has the willingness to exploit it. What are the prudent steps we should take? [more inside]
How do I secure some files that need to be shared and be editable with several employees and also be able to immediately remove access to any version of those files from a particular person? [more inside]
I tried to install linux on a win8 laptop and failed although I tried everything to disable UEFI and security boot options in Bios. So I think there is no solution to install Linux on certain win8 Laptops. But someone told me of course I can install Linux on any win8 laptops by using virtualbox. So I'm wondering why can it be done? How exactly is virtualbox/virtual machine works for this issue? can anybody explain this to me in a easy to understand way? Thanks very much.
A couple of years ago I was flying across Canada and got randomly selected for an extended search of my bags and everything swabbed. They swabbed my cellphone, camera equipment, and bags. After a few minutes they told me the swab came up positive. I'm not sure what for. [more inside]
I've only worked in a small business (15-20 employees) since I got out of school, and I've handled the technological necessities since I started because nobody else could. I've handled things on an as-needed basis: troubleshooting problems, setting up new computers, maintaining an iron grip on software installations, setting up the network and administering simple network devices, etc. However, I'm completely self-taught, and I have no idea if my hacked-together system looks anything like a properly-implemented corporate IT system. So I want to know what one looks like. Specifically, I'd like to know if there are any resources I can check out on my own that paint the picture of what I should be trying to achieve. NOTE: I'm NOT averse to hiring an outside IT firm or consultant to help with specification and implementation. However, I don't want to be at the mercy of a firm's "knowledge" and my own ignorance; you can waste a lot of money that way, regardless of scenario. [more inside]
How can I set up Facebook from scratch with minimal spam/leakage into other accounts and minimal leakage from/to people I don't know? [more inside]
I'm currently living in a small apartment with two bedrooms and one roommate. My roommate has exhibited some odd behavior in the past, but in the last week things have gotten weird. Help me negotiate this situation. Details inside. [more inside]
I am looking for ways to browse securely over the internet, while not giving any data to corporations (including my ISP) that is unwarranted and also preventing malware (like the CryptoLocker ransomware epidemic in late 2012). [more inside]
I work in a 6-story office building. Outside of normal hours, you can get on the elevator in an upper floor, but it won't let you out in the lobby (requires keycard). You can take the stairs down all the floors to the lobby. I have been told that this is a building requirement that cannot be changed. But I'm perplexed by the logic. If I'm already on an upper floor, I am in a more-secure area than the lobby. Shouldn't I be able to access the lobby freely? Especially since I can access the lobby freely from the stairs.
I need to find a bank with absolutely amazing online security. Two-factor authentication is a good place to start. Bonus points for stability and good interest rates. [more inside]
After my PO Box was broken into, I have been searching for a USPS location that has security cameras aimed at the boxes (NOT the space where the employees work), and after speaking to 5 post offices and even chatting with the local postal inspector, I'm beginning to doubt that this even exists. [more inside]
Are terms and conditions, disclosed after sale, legitimate? What if the associated item is a gift? [more inside]
I'm developing a website where people try to be click number X (sort of like radio call-in contests) to win a prize, and am looking for advice on ways to make it harder for someone to cheat. [more inside]
Car was broken into last night, and again I wondered why I can't seem to find a small HD camera and DVR combo that can be hidden in my car. [more inside]
After an internet outage (now resolved) Comcast customer service recommended that we update our 8 year old cable modem (Thompson DCM-425) to a new wireless router/modem combo. I'm trying to figure out if this will really be an upgrade or more of a "well the wireless would be faster, if it were still working" sort of situation? [more inside]
My "throw-away" password is in the list of those compromised by the Adobe hack. It's a common dictionary word that I use for sites that I really don't care about security on: things that I don't even understand why they should be password protected, "test-driving" sites or products where I don't intend to keep using them, and an old email account that was for a blog that I haven't updated in about four years. (And I don't use the account any more). I'm pretty unconcerned about it being compromised. Is there any reason I should worry? And if I do want to change it, is there any way to find out what all the sites are that I have used it on in the past? [more inside]
So, I was one of many people to have my adobe account information leaked. Though I know I shouldn't, I use that same password on lots of different accounts. I've changed them on the important ones, but how do people possibly keep the dozens of passwords for every different website straight? [more inside]
Hive mind inquiry: does anyone have experience or advice they can give for the purchase of a waterproof, fireproof safe, big enough to store a few folders of documents? [more inside]
I know there are a variety of options out there, but I'm having a hard time sifting through the information myself. [more inside]
A couple of days ago I clicked a legit-looking result from a Google search and got to a page of hackery-looking type saying that my system now belonged to somebody else. I backed away fast, but tried it again out of curiosity and the same thing happened. I didn't cap the screen and now I can't find the page, but can somebody hijack my computer (Mac running Safari this week for some reason) just because I clicked a link? This might be a laughable question, but since this has never happened to me before I don't know how seriously to take it!
I am a first time city apartment dweller, and don't have a clue on how/when to use my door buzzer. What is okay, what isn't, and yes, I am over thinking this, but it is bugging the hell out of me because I am already overstressed. [more inside]
I live on the first floor in an apartment building in a very heavily trafficked and busy urban neighborhood. It's not a terribly dangerous place, but it definitely has its illicit activity going on - it's a college town. You don't see a lot of bars on the windows or anything. At some point yesterday, somebody broke into my apartment by forcing a window open, and they weren't in my apartment long. They didn't really ransack the place, it was almost hard to tell someone had been there. I am frankly puzzled by how very little they took and what they did take as it wasn't very valuable. They did rifle through my filing cabinet and they did steal my laptop which they will need a password to use, but if they are able to get past that, they will have access to all of my online accounts and my financial information (which I have already locked down). I'm trying to work out a checklist for everything I need to do now, and I have one complicating factor about ID. [more inside]
How can I deal with a ticked off strata president who is threatening to hold me personally liable for any floods to my suite? [more inside]
Our house got broken into, but the thieve(s) stole slightly strange objects. Why? [more inside]
I live in a rent-controlled apartment in San Francisco, and have been enduring some landlord harassment of various types. (I'm paying a fortune, but rents are so high right now that even what I pay is well below market.) For my peace of mind, I'd like to install some sort of reasonably priced device to ensure that no one's entering my apartment when I'm not there. A huge bonus would be collecting evidence if it does happen. [more inside]
I am about to buy some bluetooth speakers to be used in conjunction with a Windows computer and Itunes. I have heard vague rumblings to the effect that bluetooth has security issues that regular wifi devices do not. Ordinarily, I would buy wifi speakers but the few I can find are awfully damned pricey. Would I be putting myself at risk of compromising my computer's security if I set up a pair or two of bluetooth speakers in my apartment? In general, are there any bluetooth security issues I should be aware of, as a new user of this technology? Many thanks for your time.
I was burgled again this week. Sigh. I need help asking my landlord for specific safety interventions. [more inside]
My old, dormant Twitter account recently started sending out direct messages to everyone on my list with spammy stuff. This happened within the last hour, and I just deactivated the account. The password for the Twitter account is different than the password for the email account that I set it up with. The password on the Twitter account hadn't been changed, and no tweets were sent from it (only DMs). Is this likely a third party app jacking the Twitter account (and therefore isolated) or should I be concerned about the establishing email account as well? I ask because this is my primary gmail account.
I've been tasked with figuring out what firms charge to perform IT Security tests, penetration tests, etc, for commercial clients? What kind of metrics do they base their charges on? Is there a standard rate for this kind of work? Alternately, do you have any tips for getting this kind of info from the companies that do this kind of stuff? [more inside]
Do you have an awesome system that works well? I am looking for advice, experience and any general wisdom as I look to find a replacement entry and video security system for a multi-unit condo building. [more inside]
We rented a house in Skokie, and the landlord used an office-supply-store-pre-printed lease form for the city. It included a copy of the Chicago RLTO as part of the form. Understanding that YANML, does this incorporate the requirements of the RLTO into the terms of the lease? If so, he'd be required to submit receipts meet deadlines for the return of the deposit. Or is he only bound by State Law (which for a single-family home, seems to require bupkus). He only returned half of our security deposit. Is it worth fighting for the other half ($600)? If I accept and deposit the $600 he sent, am I hurting my chances of getting the rest? [more inside]
Can you recommend a source for tiny, personalized, permanent adhesive labels I can use to I.D. my gadgets 'n' doodads 'n' stuff? [more inside]
Microsoft Security Essentials Missing From System Tray. [more inside]
I'm planning to install a simple CCTV system in my house and am looking for recommendations for an entry-level camera. [more inside]
We're going to Vegas in 3 weeks and I want to be able to spend my days walking around without having a purse always looped over my shoulder. My clothes don't have pockets. Fanny packs are the work of Satan. Is it a terrible idea to keep my often accessed stuff (cash, credit cards) in my bra and more important stuff (like health insurance card, driver's licence, etc) hidden in my panties? What should I do with my phone (that is also my camera)? [more inside]