Tag Archives: Technology

Posted on Author Atlantic Computer Services Categories Blog

Equifax Breach Victims Could Be Entitled To Settlement Claims

Equifax is one of the three credit reporting firms in the US that suffered a massive data breach in 2017 that exposed the personal and financial state of literally half the country (more than 150 million people). As a result, Equifax was ordered to pay a hefty $700 million fine to settle a series of Federal and State investigations. While the size of the fine sounds impressive, digging a bit deeper reveals it to be a bit underwhelming.

Only $425 million of that fine will go into a fund designed to actually reimburse impacted customers. However, Equifax will be allowed to earmark an unspecified portion of that to provide free credit monitoring services to anyone who was impacted by the breach.

Here’s the problem:  Free Credit Monitoring is actually a money-maker for Equifax because of the way the “free” service is offered.  It’s free for a year, and then automatically converts to a paid service.  Given that most people don’t pay close attention to that sort of thing, a significant percentage of customers will continue paying Equifax for their credit monitoring service, which essentially sees the company profiting from their own data breach.

In any case, impacted customers will be eligible for a small amount of money from Equifax if their data was compromised. The company is on the hook for paying some $300 million in fines and civil penalties across 50 states and to the Consumer Financial Protection Bureau.

On top of that, the company has been ordered to provide all American consumers, (whether they were impacted by the breach or not), six free credit reports each for the next seven years. This is in addition to the one free annual credit report they already get beginning in January 2020.

It’s a decent settlement, but it lets Equifax off the hook too easily. That is especially true given that they can turn one of the largest data breaches in American history into a profit center.  The CFPB could have and should have demanded more.

0
Posted on Author Atlantic Computer Services Categories Blog

Recent Popular Aged Face APP on Facebook Has Serious Privacy Issues

If you spend any time at all on social media, you’ve probably seen the latest craze:  People posting photos of themselves aged, so they look like they’re in their sixties, seventies, or even older than that. FaceApp, the program behind the face-aging magic has actually been available for a few years, but it has only recently gained the attention of the masses, suddenly and inexplicably going viral after enjoying a quiet existence early on.

Unfortunately, one feature of the app, paired with the company’s expansive terms of service could make a number of users uncomfortable.

Let’s start with the company’s terms of service, which reads, in part, as follows:

“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.  When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your Username, location or profile photo) will be visible to the public.”

That’s quite a mouthful but think for a moment about the scope and scale of the permission you’re giving to this app to use it.

Now pair that with the fact that when you tap a photograph in the app and instruct it to age you, it uploads a copy of your photo to servers located in Russia.  Also note that it doesn’t ask your permission to do this, or inform you of it, it just happens in the background.

According to a company spokesperson, the purpose of this functionality is to enhance and improve the speed of the image transformation in-app, relying in part on AI algorithms on the company’s servers.

It’s a (barely) plausible explanation but think about those two things taken together and ask yourself if you’re really 100% comfortable with giving that level of control to a company. Is it worth what you’re getting in return?  For a few chuckles of appreciation at your magically aged photograph?

Most people aren’t comfortable with that, but sadly, most people don’t read TOS agreements closely before agreeing to their terms.  If you’re one of the legions of recent fans of FaceApp, keep the details above in mind and discontinue using the application right away.

0
Posted on Author Atlantic Computer Services Categories Blog

Report States Bots Account For 20 Percent Of Web Traffic

How much of the web’s traffic would you estimate to be fake, if you had to guess?  The answer to that question might surprise you.  According to the 2019 Bad Bot Report published security firm Distil Networks, the answer is just over twenty percent.  20.4 percent to be precise.

More than one fifth of all traffic on the web is generated by bots.

As staggering as that figure is, it’s actually down slightly from last year. Distil Networks says not to read too much into the slight dip, reporting that 75 percent of the bot traffic is generated by what it calls APB’s, or Advanced Persistent Bots. APB’s are able to cycle through IP addresses randomly carrying out whatever instructions their creators have outfitted them with.  As these persistent bots become increasingly commonplace, we can expect their share of traffic to increase over time.

The report indicates, perhaps unsurprisingly, that the financial sector is on the receiving end of the majority of bot traffic.  A full 42 percent of the bots are aimed at that sector alone, with the majority of this traffic driven by credential stuffing style attacks aimed at hijacking user accounts for financial gain.

Other popular bot traffic destinations included:

  • Ticketing portals, where 39 percent of all traffic was bot-driven
  • Education sites, where 38 percent of all traffic was bot-driven
  • Government websites, where 30 percent was bot-driven

Also unsurprisingly, the bulk of bot traffic (53 percent) originated in the United States, although Russia and the Ukraine accounted for nearly half of all blocking requests from Distil customers.

According to Tiffany Olson Kleemann, Distil Networks’ CEO,

“Bot operators and bot defenders are playing an incessant game of cat and mouse, and techniques used today, such as mimicking mouse movements, are more human-like than ever before.”

The bottom line is simply this:  Bot traffic is bad for business.  It costs you time and money, and it potentially puts your systems and your proprietary data at risk.

0
Posted on Author Atlantic Computer Services Categories Blog

New Windows 10 Update May Cause Gaming Issues

If you’ve installed Microsoft’s March 1st update for Windows 10, version 180G, be aware that a growing percentage of users are reporting performance issues that impact graphics quality and mouse movement. Granted, the issues seem to have the biggest impact on games, with gamers who play games like Destiny 2 and Call of Duty 4. Of course, performance issues are likely to crop up in a variety of other applications as well.

Microsoft engineers are tracking various discussion forums and Reddit threads where the issue surrounding the KB4482887 update is the topic. They have concluded that the biggest performance impacts come from users who are playing older games (upwards of ten years old), but don’t seem to impact people who play newer games nearly as much, which is curious to say the least.

It’s not at all surprising that gamers are the first to report performance issues.  After all, gaming tends to demand quite a lot from a computer system’s resources in ways that mucking around in a spreadsheet simply doesn’t.  Then there’s the fact that gamers live and die based on in-game lag and latency, so even small blips are very noticeable.  Even so, there are several resource intensive Enterprise applications that may suffer similar performance issues.

For their part, Microsoft is on the case and is currently scrambling to provide a fix for the update. Although to this point, they haven’t provided users with a timeframe for when it might be released.

This latest incident follows on the heels of several months’ worth of problematic Windows 10 updates which have left the company with egg on their faces and prompted them to revisit the way they handle QA/QC prior to the release of an update.

Despite the fact that they’ve been working hard to improve their approach, it seems clear that they’re not quite where they need to be yet.  If you haven’t installed the KB4482887 update yet, and you make frequent use of resource-intensive programs, it may be worth holding off until Microsoft issues an update to the update.

0
Posted on Author Atlantic Computer Services Categories Blog

Nvidia Drivers Should Be Updated For Security Issues

If you use a Nvidia graphics card, be aware that the company has recently released their first security patch of 2019, bearing the ID # 4772.  It’s an important one in that it addresses eight security flaws that leave un-patched systems vulnerable to attack.

It should be noted that none of the flaws addressed in this patch are rated as critical, but all are rated as high.

The issues addressed in the patch run the gamut of protecting your system. This ranges from denial of service attacks, to remote code execution, and in six of the eight cases, an escalation of privileges.

This patch is applicable across a range of Nvidia’s most popular products, including their GeForce, Quadro, NVS and Tesla graphics cards. So if you use Nvidia graphics cards, then odds are good that this patch will be of benefit to you.

This brings us to the topic of how to apply the latest patch.  If your system is Windows based, then applying the latest patch via the Windows control panel should be the only action needed.  If you’re a Linux user, then the specific steps you’ll need to follow will vary from one build to the next. It and may involve a bit of manual work, navigating to the Nvidia control panel after the driver has been updated.

Also note that if you have Nvidia products on your system, you can download and install an app called the GeForce Experience, which will alert you when a new patch is available and guide you through its installation.

In any case, this patch is important enough to warrant a special mention, as the issues it protects against are fairly high profile.  Make sure your IT staff is aware so they can put this one high on the list of priorities.

0
1 7 8 9 10