The Computer Clarity Blog

Original Source

Summary

On Wednesday, May 4, 2011, at 9:30 a.m., the Subcommittee on Commerce, Manufacturing and Trade will hold a hearing entitled, “The Threat of Data Theft to American Consumers” in 2322 Rayburn House Office Building. Witnesses are by invitation only.

The purpose of this hearing is to examine risks related to data breaches, the state of ongoing investigations, current industry data security practices, and available technology.

Background

Since this issue of data breach became a common household term in 2005 when hackers gained access to 160,000 consumer records in the ChoicePoint data breach, American consumers have been inundated with reports of data breaches on a regular basis. According to the Privacy Rights Clearinghouse, over 2,500 data breaches implicating nearly 600 million records have been made public since 2005.1,2 In April 2011 alone, the Clearinghouse reports over 30 data breaches occurred at hospitals and medical provider offices; universities; insurance companies; airlines; technology companies; banks; and at the municipal, State, and Federal government levels. These breaches occurred via phishing, theft of computer or other devices, and hacking, impacting a minimum of 99 million records (a number of these breaches impacted an “unknown” number of records).

These records involve various pieces of information that can be used alone or in conjunction with other pieces of information to wreak havoc on a consumer’s financial well-being by using existing lines of credit or establishing new lines of credit, to gain unlawful access to bank accounts, to acquire jobs or government benefits for which they are otherwise not eligible, seek medical care, or use another’s identification in a law enforcement situation. Data breaches often involve unauthorized access to a person’s name, birth date, Social Security number, driver’s license number, credit account numbers, financial account numbers, usernames and passwords, or PIN numbers.

Whether the breach occurs inadvertently through the accidental release of information, in the offline world by loss of a laptop or stolen records, or online via hacking, the results can be disastrous for consumers. The FTC estimates nearly 9 million Americans fall victim to identity theft annually, costing both consumers and businesses tens of billions of dollars each year. While the Identity Theft Resource Center reports that both the cost to consumers has fallen as has the number of hours lost in resolving identity thefts, consumers still lose hundreds of dollars out of pocket and spend dozens of hours on cleanup efforts.

May 4, 2011

The Subcommittee on Commerce, Manufacturing, and Trade subcommittee scheduled hearing on Wednesday, May 4, 2011, at 9:30 a.m. in 2322 Rayburn House Office Building entitled, “The Threat of Data Theft to American Consumers.”

Background Memo

Watch the Archived Webcast

Opening Statements

Opening statement from Commerce, Manufacturing, and Trade Subcommittee Chairman Mary Bono Mack

Witness List

Panel One

David Vladeck
Director Bureau of Consumer Protection
Federal Trade Commission
Written Testimony (Truth in Testimony Form)

Pablo Martinez
Deputy Special Agent in Charge
Criminal Investigative Division, U.S. Secret Service
Written Testimony (Truth in Testimony Form)

Panel Two

Justin Brookman
Director Consumer Privacy Project
Center for Democracy and Technology
Written Testimony (Truth in Testimony Form)

Dr. Gene Spafford
Executive Director
Purdue University
Written Testimony (Truth in Testimony Form)

Online trading can be an easy, cost-effective way to manage investments. However, online investors are often targets of scams, so take precautions to ensure that you do not become a victim.

What is online trading?

Online trading allows you to conduct investment transactions over the internet. The accessibility of the internet makes it possible for you to research and invest in opportunities from any location at any time. It also reduces the amount of resources (time, effort, and money) you have to devote to managing these accounts and transactions.

What are the risks?

Recognizing the importance of safeguarding your money, legitimate brokerages take steps to ensure that their transactions are secure. However, online brokerages and the investors who use them are appealing targets for attackers. The amount of financial information in a brokerage’s database makes it valuable; this information can be traded or sold for personal profit. Also, because money is regularly transferred through these accounts, malicious activity may not be noticed immediately. To gain access to these databases, attackers may use Trojan horses or other types of malicious code.

Attackers may also attempt to collect financial information by targeting the current or potential investors directly. These attempts may take the form of social engineering or phishing attacks. With methods that include setting up fraudulent investment opportunities or redirecting users to malicious sites that appear to be legitimate, attackers try to convince you to provide them with financial information that they can then use or sell. If you have been victimized, both your money and your identity may be at risk.

How can you protect yourself?

* Research your investment opportunities - Take advantage of resources such as the U.S. Securities and Exchange Commission’s EDGAR database and your state’s securities commission (found through the North American Securities Administrators Association) to investigate companies.

* Be wary of online information – Anyone can publish information on the internet, so try to verify any online research through other methods before investing any money. Also be cautious of “hot” investment opportunities advertised online or in email.

* Check privacy policies – Before providing personal or financial information, check the website’s privacy policy. Make sure you understand how your information will be stored and used.

* Conduct transactions on devices you control – Avoid conducting transactions on public resources such as internet kiosks, computers in places like libraries, and other shared computers and devices. Other users may introduce security risks.

* Make sure that your transactions are encrypted – When information is sent over the internet, attackers may be able to intercept it. Encryption prevents the attackers from being able to view the information.

* Verify that the website is legitimate – Attackers may redirect you to a malicious website that looks identical to a legitimate one. They then convince you to submit your personal and financial information, which they use for their own gain. Check the website’s certificate to make sure it is legitimate.

* Monitor your investments – Regularly check your accounts for any unusual activity. Report unauthorized transactions immediately.

* Use strong passwords – Protect your computer, mobile devices, and accounts with passwords that cannot easily be guessed. Use different passwords for each account.

* Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. However, because attackers are continually writing new viruses, it is important to keep your virus definitions current.

* Use anti-spyware tools – Spyware is a common source of viruses, and attackers may use it to access information on your computer. You can minimize the number of infections by using a legitimate program that identifies and removes spyware.

* Keep software up to date – Install software updates so that attackers can’t take advantage of known problems or vulnerabilities. Enable automatic updates if the option is available.

* Evaluate your security settings – By adjusting the security settings in your browser, you may limit your risk of certain attacks.

By Jolie O’Dell,

(Mashable) – Google has just pulled 21 popular free apps from the Android Market. According to the company, the apps are malware aimed at getting root access to the user’s device, gathering a wide range of available data, and downloading more code to it without the user’s knowledge.

Although Google has swiftly removed the apps after being notified (by the ever-vigilant Android Police bloggers), the apps in question have already been downloaded by at least 50,000 Android users.

The apps are particularly insidious because they look just like knockoff versions of already popular apps. For example, there’s an app called simply “Chess.” The user would download what he’d assume to be a chess game, only to be presented with a very different sort of app.

These apps are all pirated versions of popular games and utilities — an expeditious solution for busy hackers. Once downloaded, the apps root the user’s device using a method like rageagainstthecage, then use an Android executable file (APK) to nab user and device data, such as your mobile provider and user ID. Finally, the app acts as a wide-open backdoor for your device to quietly download more malicious code.

Below is a complete list of the bad apps, all of which were made by an entity called Myournet. If you’ve downloaded one of these apps, it might be best to take your device to your carrier and exchange it for a new one, since you can’t be sure that your device and user information is truly secure. Considering how much we do on our phones — shopping and mobile banking included — it’s better to take precautions.

• Falling Down
• Super Guitar Solo
• Super History Eraser
• Photo Editor
• Super Ringtone Maker
• Super Sex Positions
• Hot Sexy Videos
• Chess
• 下坠滚球_Falldown
• Hilton Sex Sound
• Screaming Sexy Japanese Girls
• Falling Ball Dodge
• Scientific Calculator
• Dice Roller
• 躲避弹球
• Advanced Currency Converter
• APP Uninstaller
• 几何战机_PewPew
• Funny Paint
• Spider Man
• 蜘蛛侠

Remember, the Android Market is open, which can be great and unfortunate in different circumstances. Always read user reviews before you download; and if you have any doubts, play it safe.

© 2010 MASHABLE.com. All rights reserved.

Computer Clarity

GOOGLE UPDATE BELOW

Some Gmail users are reporting a major problem with Google’s email service–specifically, that all of their emails, labels, themes, folders, and other personalized settings have all been erased.

Several Gmail help forums were filled with users who had experienced this problem. Users reported that they were able to receive new messages, but that none of their previous email exchanges were appearing. Contacts appear to have been preserved and the issue only seems to be affecting a subset of Gmail users (“less than .29% of the Google Mail userbase,” according to Google).

“I have lost ALL on my emails/folders etc. from gmail. Why would this happen? How can I restore everything?” wrote user bkishan.

“I was on my eMail normal and when I refreshed all my account settings, eMail, labels, contacts etc has just disappeared. I was running at 80% capacity is that anything to do with it? Is there a way that one can restore all of that?” asked another.

LibertyLondonGirl wrote in a blog post, “It is clear from the Gmail forums and Twitter that hundreds if not thousands of people have had their Gmail accounts compromised. A firm believer in the concept of cloud computing, it never occurred to me that my Gmail account could one day disappear.”

Google is aware of the problem and updated their App Status dashboard to acknowledge the issue.

Google wrote at 3:09PM ET on February 27, “We’re investigating reports of an issue with Google Mail. We will provide more information shortly.”

At little over an hour later, the company added, “Our team is continuing to investigate this issue. We will provide an update by February 27, 2011 5:20:00 PM UTC-5 with more information about this problem. Thank you for your patience. This issue affects less than .29% of the Google Mail userbase.”

UPDATE: 3/1/2011 9:59AM ET:

Google has published a blog post addressing the issue, apologizing for it, and explaining what caused the disappearance of users’ messages.

Google explained,

So what caused this problem? We released a storage software update that introduced the unexpected bug, which caused 0.02% of Gmail users to temporarily lose access to their email. When we discovered the problem, we immediately stopped the deployment of the new software and reverted to the old version.

Google added, “The good news is that email was never lost and we’ve restored access for many of those affected. Though it may take longer than we originally expected, we’re making good progress and things should be back to normal for everyone soon.”

Some users affected by the bug were still unable to log in to their accounts on Tuesday morning and could not access emails, documents, Google Reader, or other tools. They were told by Google, “We are currently working on your account because an error occurred with your mail storage. Your account data and messages are safe. However, you won’t be able to log in until our team is finished. We can’t predict exactly how long this will take, but if you are still unable to access your account in 48 hours, please contact us [...]‘

Computer Clarity

Original Article

Facebook is about to ruffle some feathers. We’re hearing from one source that the social network is reaching out to game developers to inform them that it is making its own, official Facebook Credits currency mandatory. Our understanding is that it will be the exclusive currency as well.

Update: Facebook has confirmed that it is indeed making Facebook Credits mandatory for Games, with the rule going into effect on July 1 2011. Facebook says that Credits will be the exclusive way for users to get their ‘real money’ into a game, but developers are still allowed to keep their own in-game currencies (FarmBucks, FishPoints, whatever). For example, Zynga can charge you 90 Facebook Credits for 75 CityCash in CityVille.

However, there will be incentives for developers to sell goods in terms of Facebook Credits instead of their own proprietary currencies: items that are sold in terms of Credits can be promoted on Facebook’s Games dashboard, and will be eligible for more targeted ad programs.

Facebook’s Deborah Liu says that it has been testing Credits in a beta program with 150 developers across a range of games. The company acknowledges that some developers may not be pleased with the news, explaining this is why it is announcing the news five months in advance, so it can “have an open conversation with developers”. The rule only applies to Canvas games (games that use Facebook Connect aren’t affected), and while it’s games only at this part, Facebook says that it eventually would like to see all apps using Facebook Credits.

It’s a move that’s been a long time coming — there has been speculation that Facebook would do this for a year now, spurring plenty of angst in the developer community. But Facebook has taken things slowly.

Despite telling the community that it was still early for the Credits platform and that it was considering various options, Facebook also spent the last year working out deals with the biggest developers — like Zynga, Playdom, Playfish, and CrowdStar — to make sure they were on board with its Credits system. Now that the developers with serious leverage are taken care of, it’s time for everyone else to make the change.

Facebook’s argument is that Credits are good for users and developers alike. There’s a higher barrier to entry if a user has to pull out their wallet to buy a different currency every time they play a new game — using the same currency lowers this bar. It also means there’s less of a lock-in factor, and Facebook can do its part to educate and promote the use of Credits to get everyone used to paying real money for virtual goods.

Of course, Facebook gets something out of it: they take an industry-standard 30% cut whenever users purchase anything with Facebook Credits. That can add up to a lot of money — we’ve heard elsewhere that Zynga is paying Facebook around $30 million a month for its Credits tax.

This is about more than purple cows and gold coins, too — in the long run, Facebook has a strong incentive to maximize the number of users who are signed up for Credits. Right now the vast majority of Credits are spent on gaming, but it’s very likely that Facebook will eventually begin allowing third-party websites to offer a ‘Pay With Facebook’ option, and that may include everything from digital content to physical goods. The more credit cards Facebook has in its system, the more appealing this option will become, and the more publishers and retailers will be willing to pay that 30% fee.

Original Article

Computer Clarity | Making Computer Clear For You

Computer Clarity’s radio show discusses computer related topics in your language. We cover computer news, tips, tricks, and troubleshooting. The show will also cover information security, using technology to market your business and discussing economic ways current technology may work for you and your business.  We will be answering questions live on air.

Hot News Topics Discussed: Live Call-ins

• Obama’s Administration Plans to Create Internet ID.

• NSA’s $1.2 Billion Contract for Utah’s Cyber Security Data Center.

Weekly Computer Maintenance Check List

• Run anti virus updates and virus scan
• Remove unused or unwanted programs
• Remove any unnecessary start up programs
• Delete all the temp files
• Delete all temporary internet files
• Delete all the cookies
• Delete old history
• Run Windows check disk
• Run disk defragment
• Run registry cleaner
• Run all of the Windows updates
• Test all of the software

Computer Clarity Radio

January 16, 2011 Broadcast

STANFORD, Calif.–President Obama is planning to hand the U.S. Commerce Department authority over a forthcoming cybersecurity effort to create an Internet ID for Americans, a White House official said here today.

It’s “the absolute perfect spot in the U.S. government” to centralize efforts toward creating an “identity ecosystem” for the Internet, White House Cybersecurity Coordinator Howard Schmidt said.

That news, first reported by CNET, effectively pushes the department to the forefront of the issue, beating out other potential candidates, including the National Security Agency and the Department of Homeland Security. The move also is likely to please privacy and civil-liberties groups that have raised concerns in the past over the dual roles of police and intelligence agencies.

The announcement came at an event today at the Stanford Institute for Economic Policy Research, where U.S. Commerce Secretary Gary Locke and Schmidt spoke.

The Obama administration is currently drafting what it’s calling the National Strategy for Trusted Identities in Cyberspace, which Locke said will be released by the president in the next few months. (An early version was publicly released last summer.)

“We are not talking about a national ID card,” Locke said at the Stanford event. “We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.”

The Commerce Department will be setting up a national program office to work on this project, Locke said.

Details about the “trusted identity” project are remarkably scarce. Last year’s announcement referenced a possible forthcoming smart card or digital certificate that would prove that online users are who they say they are. These digital IDs would be offered to consumers by online vendors for financial transactions.

Schmidt stressed today that anonymity and pseudonymity will remain possible on the Internet. “I don’t have to get a credential, if I don’t want to,” he said. There’s no chance that “a centralized database will emerge,” and “we need the private sector to lead the implementation of this,” he said.

Jim Dempsey of the Center for Democracy and Technology, who spoke later at the event, said any Internet ID must be created by the private sector–and also voluntary and competitive.

“The government cannot create that identity infrastructure,” Dempsey said. “If it tried to, it wouldn’t be trusted.”

Inter-agency rivalries to claim authority over cybersecurity have existed ever since many responsibilities were centralized in the Department of Homeland Security as part of its creation nine years ago. Three years ago, proposals were circulating in Washington to transfer authority to the secretive NSA, which is part of the U.S. Defense Department.

In March 2009, Rod Beckström, director of Homeland Security’s National Cybersecurity Center, resigned through a letter that gave a rare public glimpse into the competition for budgetary dollars and cybersecurity authority. Beckstrom said at the time that the NSA “effectively controls DHS cyberefforts through detailees, technology insertions,” and has proposed moving some functions to the agency’s Fort Meade, Md., headquarters.

One of the NSA’s missions is, of course, information assurance. But its normally lustrous star in the political firmament has dimmed a bit due to Wikileaks-related revelations.

Bradley Manning, the U.S. Army private who is accused of liberating hundreds of thousands of confidential government documents from military networks and sending them to Wikileaks, apparently joked about the NSA’s incompetence in an online chat last spring.

“I even asked the NSA guy if he could find any suspicious activity coming out of local networks,” Manning reportedly said in a chat transcript provided by ex-hacker Adrian Lamo. “He shrugged and said, ‘It’s not a priority.’”

Original Article

Computer Clarity

1- STUXNET

STUXNET has been the hottest topic for this year because it’s an unusual Worm. It is the first time in the history that malware bypassed cyberspace to go directly to the physical environment. The virus not only damages the code and data, but it also destroys the actual machinery.

Reversing STUXNET allowed security professionals to discover 4 zero-days in Microsoft Windows operating system, and as a result proved that even the industrial systems which are usually isolated, not only from public networks but also on internal enterprise, are not 100% safe.

The worm’s driver certificates were signed with JMicron Technology and Realtek digital certificates, which lets it bypass HIPS security measures, so if the malware is executed it will not be prevented by HIPS as the signature of the driver is from authorized firms.

The carnival of vulnerabilities that were exploited by this malware is the following:

1.     Microsoft Security Bulletin MS10-046 – Critical

This first bulletin was issued to fix a vulnerability that allows local users or remote attackers to execute arbitrary code via a crafted .LNK or .PIF shortcut file, which is not properly handled during icon display in Windows Explorer.

2.     Microsoft Security Bulletin MS10-061

This is a remote code execution vulnerability in Windows Print Spooler service that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected Windows system. Files and printer sharing turned on are vulnerable to the attack.

3.     Microsoft Security Bulletin MS08-067

STUXNET is also capable of distributing itself over the network through shared folders. It scans network shares c$ and admin$ on the remote computers and installs a file (dropper) there with the name DEFRAG.TMP and schedules a task to be executed on the next day to exploit this vulnerability.

4.     Microsoft Security Bulletin MS10-073

This security bulletin solves three publicly disclosed privilege elevation (EoP) vulnerabilities in Windows kernel-mode drivers.

2- TDL4

TDL4 is the latest version of a rootkit originally known as TDSS or Tidserv, which first appeared back in 2008.  However, unlike its predecessors, TDL4 is able to bypass code signing protection in 64-bit versions of Windows Vista and 7.

By default these systems do not allow drivers that are not digitally signed to be loaded, but TDL4 manages to get around that by changing boot options before the operating system actually starts.

TDSS is one of the most complex and dangerous malicious programs categories in the world, and it continues to evolve.

3- Asprox

Asprox is a small botnet has been used for password stealing, spam, and phishing attacks. This botnet based attack is innovative, as it interfaces with Google’s search engine to locate vulnerable web pages.

When a weakness is found, Asprox injects an iFrame based redirectional link on the vulnerable website in order to spread Malware.

4- ZeuS 2.0

The ZEUS Botnet is still active in 2010. On July 14, 2010, security firm Trusteer filed a report which says that the credit cards of more than 15 unnamed US banks have been compromised. A recent outbreak is being called Kneber.

On 1 October 2010, the FBI announced it had discovered a major international cyber crime network which had used Zeus to hack into US computers and steal around $70m.

More than 90 suspected members of the ring were arrested in the US, and arrests were also made in UK and Ukraine.

5- Trojan Proxies

These Malware may turn a victim’s computer into a proxy server. This gives the attacker the opportunity to do everything from your computer, including the possibility of conducting credit card fraud and other illegal activities.

Usually a Trojan installs an email proxy that is used to send large amounts of unsolicited email, i.e. spam, over via an Internet connection. Recipients tracking the email back to its origin will discover the IP address of the infected system used for the proxy, thereby concealing the identity of the attacker.

It can also use the infected system to launch malicious attacks against other networks.

This is the list of 2010′s Top 5 most dangerous Malware. I would like to wish our readers, fans, followers and subscribers from around the globe a safe and a prosperous New Year may the year 2011 be full of joy and rewards.

Computer Clarity | Making Computers Clear For You

Have you ever tried to make a telephone call but couldn’t because all the telephone circuits were busy? This may happen on a major holiday and often happens on Mother’s Day. In fact, in the United States, telephone companies used to air commercials on television and radio that suggested you avoid peak calling times by making your calls early or late in the day.

The reason you couldn’t get through is because the telephone system is designed to handle a limited number of calls at a time. That limit was determined by weighing the cost of having all calls get through all the time with the amount of traffic the system receives. If the total number of calls is always high, it makes economic sense for the telephone company to provide more capacity to match that demand. However, if the number of calls is low compared to the holiday peaks, then the telephone company will build networks that accommodate only the lower off-peak number of callers and advise their customers to avoid peak calling times. It’s a basic matter of supply and demand.

Imagine that an intruder wanted to attack the telephone system and make the system unusable by telephone customers. How would they do this? One way would be to make call after call in an attempt to make all circuits busy. This type of attack is called a denial of service, or DoS, attack. In essence, the intruder has caused the telephone system to deny service to its customers. It is not likely that one caller working alone can tie up all telephone circuits. To do that would require making as many calls as possible from as many telephones as possible. This is called a distributed denial of service, or DDoS, attack.

Computer systems can also suffer DoS and DDoS attacks. For example, sending an extraordinary amount of electronic mail to someone could fill the computer disk where mail resides. This means that people who use the computer with the full disk cannot receive any new email until the situation changes. While this is an older style of DoS attack, it is still popular today.

In addition, intruders have turned their efforts toward denying people the services provided by networked computers. Examples of frequently attacked services are the World Wide Web, file sharing services and, more recently, the Domain Name Service. Because so many of our computers are connected through the Internet, attacking one of these services can have a significant impact on the whole Internet community. For example, by launching a DoS attack on a popular merchant during a high sales period, the intruder affects not only that merchant, but everyone who is then unable to buy their products.

To deny these services to prospective users of a computer service, intruders run specially written computer programs that send extraordinary volumes of Internet “calls” to one of the computers that provides that service, similar to the way that an intruder can tie up the telephone system.

When a computer answers such a call, most often there’s no one on the other end, so answering the call turned out to be a waste of time. Unfortunately, the attacked service cannot tell this in advance, so it has to answer all calls placed to it. Answering each call takes time, and there’s only so much time available. It’s the supply and demand issue all over again.

In addition, the volume of traffic may be so high that the networks connecting the attacking computers to the victim’s computer may also suffer from lower performance. Just like the telephone system and service computers, these networks cannot handle traffic beyond a certain limit. Users wanting services from computers on those networks are denied those services, too. Those networks are also considered victims of a DDoS attack.

How do intruders wage a DDoS attack against a victim’s computer?

First, they build a network of computers that will be used to produce the volume of traffic needed to deny services to computer users. We’ll call this an attack network.

To build this attack network, intruders look for computers that are poorly secured, such as those that have not been properly patched, or those with out-of-date or non-existent anti-virus software. When the intruders find such computers, they install new programs on the computers that they can remotely control to carry out the attack.

Intruders used to hand-select the computers that made up the attack network. These days, however, the process of building an attack network has been automated through self-propagating programs. These programs automatically find vulnerable computers, attack them, and then install the necessary programs. The process begins again as those newly compromised computers look for still other vulnerable computers. Once a DDoS program has been installed on a computer, that program identifies the computer as a member of the attack network. Because of this self-propagation, large attack networks can be built very quickly. A by-product of the network-building phase is yet another DDoS attack, because searching for other vulnerable computers creates significant traffic as well.

Once an attack network is built, the intruder is ready to attack the chosen victim or victims. Some information security experts believe that many attack networks currently exist and are dormant, passively waiting for the command to launch an attack against a victim’s computers. Others believe that once a victim has been identified, the attack network is built and the attack launched soon afterward.

To reduce their chances of being discovered, intruders distribute their attack across computers in different time zones, different legal jurisdictions, and with different systems administrators. Intruders also make the electronic traffic they create appear to be from a computer different from the one that actually created it. This is called IP spoofing, and it is a commonly used method to disguise where an attack is really coming from. If the source of the attack is unknown, it is difficult to stop it, giving intruders free reign with a high

What can be done about DDoS attacks?

There are no short-term solutions to eliminate DDoS attacks. Today’s best practices involve making computers and networks more resilient in the face of an attack. We call this survivability.

All systems have their limits. One way to make a system more survivable is to increase these limits; the more resources there are, the better the chances are that the system will survive an increased demand for use. To increase the telephone system’s limits, the telephone company adds more circuits. For a web service, the webmaster might increase the number of connections that a web service can accept; for example, a site could add more web servers. This spreads the increased load over more computers and helps to ensure that no one computer operates too near its limit. The higher the limits of all the potentially affected systems – the network and the computers on that network – the better the chances that network will survive a DDoS attack.

You can do your part to ensure that your computers are never part of a DDoS attack network by following security best practices:

Then, be alert to changes in your computer or network performance.

Computer Clarity | Making Computers Clear for you

Dec. 5th  Radio Talk Show

This Week’s Class will cover topics including:

1. The AVG Update – Crashing Computers Near You
2. WikiLeaks – The Fork on the Information Super Highway
3. FaceCrook – How the Badguys Use Facebook to Trap You
4. Answers to Your Technology and Computer Questions

Computer Clarity Radio | Clear Computer Conversation

Computer Clarity