Company Blog

It has been all over the news lately that corporations and even government computer systems have been broken into. While this is happening, sensitive data is being stolen and leaked onto the Internet or used to distribute company secrets. This is the nightmare of every head of network security in the world at this time as well as for home users and telecommuting workers all around the globe. When careful attention is paid to trends in the news and through specialty publications that focus solely on network security, there is a far better chance of keeping protocols up to date and avoiding any significant breaches. Within this article, the focus will be on Wireless LAN securityand the various pitfalls and methods currently in use that has proven to be reliable.

Closed Networks

Most networks will be a closed system of one flavor or another. It can be a home network where a user does personal banking or a telecommuting employee whose laptop is like the best friend and travelling companion. The most common example of a closed network is a home network or a small organization or company network. It is those that we will be focusing on in this article. When configuring this setup, the most effective point of security will be the access point itself. Through the access point, there is access to options that will govern how information is sent and received and at what level of encryption. There are a few options available to ensure this; some are more effective than others. There are some methods of network protection like WIPS that will require more physical hardware.

They are:

•     MAC address screening
•     Using a Wireless Intrusion Prevention System
•     Use of a Captive Portal
•     Use of a secure VPN

MAC Address Screening

The best option is to require MAC address screening and to disable ESSID broadcasting entirely. The combination of these two precautions makes the network connection itself difficult to detect by outsiders let alone to initiate information theft. This option does not require the purchase of additional hardware or software and is configurable through the router gateway itself. This is the most popular choice and will be the option that most people require without additional steps. There are those individuals and organizations whose networks require more security though and the following options are available to them. Most often these options below are used by those who conduct work from home or for those who telecommute and may be anywhere in the world.

Use of a Wireless Intrusion Prevention System

In a nutshell, a wireless intrusion prevention system (also known as WIPS) is simply a network device that scans the wireless signals for unauthorized access point and then begins the process of locking them down and sending a notification through an instant messaging (IM) system or a pop-up or page to the currently on duty network administrator. This is an additional piece of equipment and the cost can vary from couple hundred dollars to many thousands, depending on the size of your network. Most private residences and networks will not have this protection unless they tend to work from home and are in a high security IT-related field.

Use of a Captive Portal

This is a fairly common approach taken by small businesses who either offer wireless access for its customers only, or for those who sell wireless access by the hour, day, week etc, like hotels. A captive portal turns the web browser into an authentication site that all traffic is driven to before having access to the entire network in order to provide authentication through a guest password, receipt number or payment type and only when those forms of identification are met, will a user have access to the entire network. This security will most often be seen at hotels, coffee shops and other places where customers might spend a usable amount of time with their laptops while enjoying the location they are at. Many city parks now have such wireless access, in fact.

Use of a Secure VPN

The use of a virtual private network, or more commonly called a VPN, is found most often with telecommuting workers who need access to the company’s entire network and applications, but on a secure line. Think of a VPN as a secret passage way through the World Wide Web, which protects the user from eavesdroppers and those who would virtually pick your pockets by stealing bits of private and valuable data while the user exchanges information between your network and your personal mobile computer.

In the past, companies would spend lots of money to lease telecommunications lines in order to ensure that their network was shut off from the internet. With the resurgence of VPN (for it is decidedly much not new technology) companies have the option to cut costs significantly, take some of the weight off of their likely over-worked IT network administration team and offer their workers a bit more in the way of flexibility when it comes to the location in which they choose to work.

When all is said and done, network security is becoming one of the world’s hottest topics because of how fast technology is moving along. In some cases, it is developing faster than there are ways to be found to protect one’s self from the privacy shredding changes that are being made. From cell phones having tracking and GPS abilities that make your information available to the manufacturer to programs that track your usage under the guide of a “customer experience improvement” program, there is no dearth of new learning available for those who choose the career of network security professional. There is also much to learn for the small corporate and home users.

When choosing a method of wireless security for a closed wireless network, the options are out there. Making certain that the settings are correct and hardware is installed right should fall to a network security professional. This will ensure that slight mistakes do not make your network open to those who would relish the secrets that your network will share with its users. Once implemented, you can be rest assured that the information shared on the network will remain safe, and out of the hands of those who are no better off than they should be.

On our personal computers, we have AOL Instant Messenger, Yahoo Messenger, MSN Messenger, Skype and perhaps, if you are one of those users who has friends on all of those networks, a multi-messenger program, like Trillian or Pidgin.  On our phones, we have mobile versions of these, or we have proprietary messaging software such as Blackberry Messenger.

We live in a world where the ability to be connected to others instantly is so important that we are bombarded with ways to do so.

IRC: the program that helped the world communicate in real time

In 1988, an avid Bulletin Board Service (BBS) user was inspired to replace the chat function on the service called “MUT” or “MultiUser Talk” with something a bit more elegant.  From that moment of inspiration came IRC, for “Internet Relay Chat”.

During its early days, IRC was used primarily for group discussions held in real time.  Through the use of a client to reach the server, the user chooses a nickname to go by in the channel (chat room) that they choose to be in.  Most IRC servers do not require that you register an account, however most offer the option so that your nickname will not be taken by another user.

When a user connects to a server, they then choose a channel or a chat room in which they want to participate and from there go on to meet and speak with others from around the globe. Initially IRC was a plain-text only service, however as time went by and new client programs were created, this became more of a standard although not a hard and fast rule.

Common and historical uses for IRC:

    Common chat about topics with groups of people: Usually each channel will have a topic assigned to it by the person who created it.  It is generally considered rude to break away from the topic unless the room is designated as a hang out rather than a discussion room (don’t you wish some days on the Internet that rule was still respected?).

    File Sharing: Some of the first file sharing activities originated on IRC through its transfer protocol called DCC (Direct Client to Client) transfer.  Users would enter a room and through the use of automated “bots”, which allow users to set up profiles and list what files they had available for sharing, they would then send a private message (PM) to the user who had files which they desired and negotiated a transfer.

    Government uses: A little known fact is that in the early ‘90s both the US government and the Russian military had critical uses for IRC.  The United States used it during the Gulf War to securely and quickly send information about ongoing conflicts.  The Russian military the next year used it to report on their coup, otherwise silenced by a Russian media blackout.

IRC in today’s information superhighway

Other chat services have followed it throughout the years, but IRC has remained a favorite for the technologically astute because of the flexibility of the code used to communicate and share files across the net.   For example, IRC was one of the first protocols to be ready for the jump to IPv6.  Users are the base of the IRC experience, creating scripts and bots that host user profiles, play music in the channel, handle notes as if they were e-mail from user to user and even play games.

The channels became one of the first real examples of the Internet, becoming a world onto itself.  While not flashy and filled with bright colors like some chat programs now available, and certainly not offering web cam chats or voice chats, the atmosphere keeps bringing people back.  Even in this day of Flash everything and phones that do everything but read your mind (is there an app for that?), IRC still today pulls users back into its simple, elegant world.

Servers, Channels and Services

So, are you ready to go explore the world of IRC? Excellent! Allow me to give you a short guide to the spoken and unspoken rules of this ancient place:

    IRC is not anonymous. Do not expect that you are impervious to attack or information phishing while on IRC. While some servers do mask your hostname, not all of them do, and once the message leaves your keyboard and goes out into the open chat room … it’s there. Anyone can log it, save it, edit it, etc.

    Choose an intelligent handle or nickname. A nickname that states the interest that brought you to the server in the first place is always a good choice. For example, you join #Dalnet and enter a room named “Pastry as Art” which you gather from the title is a room about the art of creating pastry. Using the nickname of “Ladyfinger1972” would not be unheard of. You enjoy eating and/or making ladyfingers and the 1972 might be your birth year, or the year you graduated culinary school. On the other hand, use a nick name like “BigBadBear”, and you’ll start hearing the chuckles.

    Do not accept DCC’s from those who you do not know and trust! A DCC is a file transfer and can contain any number of viruses which would do bad things to your computer. You may start to notice at this point that some of these rules apply everywhere on the net.

    Be polite. Read the rules of the room if they are posted and generally behave in a way that shows that you have respect for others who are sharing the room with you. This is one rule that doesn’t apply so much on the rest of the Internet; maybe this is what brings people back.

    Last but certainly not least: do not send private messages without making sure that the recipient is OK with being PMed. They might be busy, or they might not want to talk to you at all. Don’t force yourself on others.

IRC was created to facilitate communication between people all over the world in order to share information about their hobbies and interests. While its command-line interface may be increasingly foreign to a world that’s even phasing out mice and keyboards for touch screens, it’s not hard to learn. There are many great servers out there, ranging from those aimed at teenagers and their interests, to adult dating sites and colleges who have rooms for their students to gather and converse about last night’s lecture. More than twenty years after its introduction there is still something for everyone! So, kick back, log in and have a nice cha

If it exists on the internet, chances are someone has made it easier for you to do the same thing yourself.  Social networking is increasingly included in this rule.  As it becomes a world onto itself, it’s becoming easier for individual users to create their own islands within it.

If you’re tired of FaceBook, Twitter, and all of the other sites that you can name as well as we can, you always have the option to just go it at yourself, and create your own place to share LOLcats pics and YouTube videos.  Like all such endeavors, it comes with its own caveats and warnings ahead of time that should be heeded.

Know why you’re doing it

Perhaps more than most other types of internet endeavors, you need to think clearly about exactly why you are doing this.  With so much of the world already taken by existing networks, you’re not going to get people running to your new one just because it exists.

If you want to have any reasonable hope that your network will go anywhere, it needs to be a place that services a type of community that isn’t well-served anywhere else.  Here are a few examples:

Business and artistic guilds and communities that need to maintain strong ties to one another.

    Social groups that are, if not marginalized, perhaps at least specialized enough that they could benefit from the special attention that someone who understands them can give.
    Religious groups that would benefit from the safety of an environment in which they know they wouldn’t be judged.

Know where you’re doing it

If you’ve gotten that far, then your next question is where you are going to setup shop.  Included in the question of “where” is “how”.  There are two main routes you can go here.

One way you can do this is to find some social networking software, load it onto your web hosting account, fire it up and handle the administrative back-end yourself.  There are a number of key advantages to this approach.  You will have every customization option at your fingertips, especially since many of the packages that you’ll find are open-source.  You’ll have full access to the network’s back-end at all times in case of a problem.  All of this means, though, that it could be a lot more work.  You may get some help from your web host if you run into technical difficulty, but don’t count on it.

The other method is to setup a network that is a part of larger social networking super-site.  There exist web sites where you can create your own social networking home from within their larger community.  The advantages of this approach are that their setup tends to be far easier, and you have the support of people who know how to run these specific networks backing you up.  The disadvantage is that you are also that their mercy.  If they decide they don’t like your topic for whatever reason you could be shut down on a moment’s notice.  You are also beholden to their tech support, which in some cases didn’t promise any impressive response times.

If you want it easy

All that said, here are a few places in which you can pursue the latter option and let someone else do the heavy lifting:

    Ning – Ning is by far the largest of these services that you will find.  Operating since 2005, its servers host more than 90,000 networks.  That size though comes with a price … literally.  Last year Ning removed all free social networks from their site.  Granted, their lowest level account is a mere $2.95 a month.  Still, they’re done a lot of other things to send the strong message that they are heavily focused on their bottom line, such as removing all adult sites and removing the search feature until user pressure forced them to reinstate it.
    SocialGO – A smaller network, but one with a rich list of features.
    WiserEarth – A good home for networks designed around a social issue.  Be sure to look at their terms of service: they are very specific about what kinds of groups do and don’t qualify.

If you want to do it yourself

If you are ready to be bold and dive into the nuts and bolts of setting this up yourself, here are some of the software packages most commonly suggested:

    Buddypress – This open-source WordPress plug in has a lot of fans.  It is free, easily customizable with addons and templates, and some hosts actually support one-click install for it.
    Kit Social Platform – Formerly known as “KickApps”, this is one of the more respected of the professional (meaning, not free) solutions.  It works off of your own domain, comes with an API and developers kit, and is available for a 14-day-trial from distributing company KIT digital.
    Elgg – Elgg has been around for a long time, and has been a popular choice for most of its existence.  It is described as being both full of features and simple to use.

I’ve set it up: now what do I do?

First, obviously, you need users.  Don’t measure yourself by FaceBook.  If you have 100 or so users, that’s a success.  Remember, unless you’re trying to run this as a business (not something we would advise given the competition), your goal is to support a community.  Every single person that you do this for is one more victory.

Once they are there, you simply need to help keep the community’s blood flowing.  One web site suggested that it was akin to a dinner party: you need to provide the space, the atmosphere, and then a few seeds of conversation.  From there, you step back and let it happen, nudging it from time to time when necessary.

It’s your baby: nurture it

That last part is mandatory: you have to keep an eye on it at all times.  The number of ways that it can devolve into something not worth most of its members’ time because of a few bad apples is countless.  Also keep a close ear out for what features you may want to add on to help boost the community’s discussion effectiveness.  Finally, make sure that you encourage users to write you about any technical problem they see, no matter how small.

Don’t be too intimidated.  This is work, but it’s work others have done, and you can too.  Even if all you make is a small home for a few people that need it, the reward

In this world today, it’s unbelievable sometimes how many things we take for granted. One of the ones that I think we should be most appreciative of is how readily-accessible music is. Among the many “When I was your age” lessons that’s already taking root is how just 20 years ago, you had to wait for songs on the small handful of radio stations available, or else buy an expensive CD or tape.

We’ve now gone so far to the opposite extreme that we can’t picture it being any other way. Almost every song ever recorded is now available somewhere. Sometimes you have to (*gasp*) pay $0.99 for it if it’s truly rare, assuming you want to listen to it legally, and listen to it now. Most of the times, you don’t. Usually, it takes not even a minute to find it and start playing it. If you find it on YouTube, it may even come with a wonderful little music video that someone took it upon themselves to make for free. Have I mentioned again that we’re spoiled?

Down by the stream

Knowing how many users are going to download music for free and needing a way to rope them back in, companies offering streaming music services are now common. The peace of mind of never having to worry about piracy charges combined with the ease of use many of these services offer, typically makes the slight annoyance of advertisements and occasional fees worth it for a lot of people. This, in turn, has resulted in a proliferation of streaming music web sites.

If you’ve never sat down and just let the web sing to you, then you could use a good pointer towards the best services. Here’s a quick summary of some of the most popular music streaming web sites out there:

1. Pandora | http://www.pandora.com/

One of the first music streaming sites is still one of the most popular. It is populated by 80 million users, who push it to a ranking of 346th most popular site on the web according to Alexa.

What makes Pandora so popular? Likely it is because of the site’s elegant design, ease of use, and intelligent style-matching algorithms. The user can create “stations” that are based around a set of like and dislike criteria. Pandora then attempts to play songs that match your criteria based on what other users listening to the same thing have listened to. You can also click on a song and it will tell you exactly why that song was listed.

Downside of the service is that while you can pause a song, you can’t rewind or repeat a song, or even repeat an artist. It’s sort of like a real-life DJ that way. It also implemented a limit of 40 hours of free streaming per month, before a near-revolt caused them to relent last month to a more reasonable 320 hours.

2. Grooveshark | http://grooveshark.com/

Grooveshark boasts no small following either, having passed the 35 million user mark in May of 2011. It is also a very loyal following: one online poll rated this as the most popular of all streaming music services.

The design could be part of the reason. Grooveshark gives you freer reign in creating the type of playlist you want, with a nicely done drag-and-drop interface. Grooveshark also lets you upload your own music to add to the communal library, which might be the largest of all sites with a massive 22 million songs (it’s a great place for mash up seekers). You can use a free account, or you can register an upgraded account, which you can use to remove ads and listen to Grooveshark on your phone.

3. Last.fm | http://www.last.fm/

Last.fm is the social networking hub of music streaming. Instead of just a simple page with a list of songs like on many streaming sites, the site is filled with options for listening and finding new music, artist and song information, and data about who else likes your favorite songs and artists. It also works with you to exchange information back and forth between local music listening applications like Winamp, and with other social media sites. All of this does give it a more corporate feel, but it compensates for this with a gigantic library of 12 million tracks.

4. Spotify | http://www.spotify.com/

As opposed to the above sites, Spotify runs as a stand-alone application instead of through your browser. It’s been a popular streaming service in Europe, but is now rapidly expanding.

Part of this is because of its partnership with FaceBook. You are shown in the main window which of your friends are online listening to music, and you can update your FaceBook feed with what you are currently listening to. Combined with its recent US launch (it was mostly confined to the UK before), this is one of the fastest rising choices.

5. Rdio | http://www.rdio.com/

Rdio is the choice for listeners who are interested in expanding their musical horizons. While, like a lot of the services, you can just use it as a personal DJ, its strength comes from the fact that it is heavily designed around using your friends’ lists to influence yours, combined with its extensive library of 9 million songs. It is also available for just about every smart phone platform, despite being one of the newest offerings. Do note that it is subscription-only, but it is ad-free.

6. MOG | http://mog.com/

MOG is one of the best choices for the person that is just listening for themselves. It lacks the social networking aspect of most of the other choices. Making up for that is the free 12 million song library, an easy-to-use interface, and the fact that the songs are streamed to you at 320 kbps. Mobile apps for MOG are available for both iOS and Android.

7. Slacker Radio | http://www.slacker.com/

Rounding out our list is one of the best overall packages around. Its best features are reserved for its paid service, though its free service does offer unlimited streaming. The interface is attractive and simple to navigate, and songs are available for immediate playing. The subscription accounts let you play entire albums on demand, and offer a host of customization options.

What’s next?

I suppose we should close that by pointing out that Google is getting into the game with “Music Beta by Google“. They just can’t leave anything alone, can they? By the way, Music Beta is currently only available in the United States. Stay tuned!

It’s been a hot topic in the news for years now.  Privacy on the Internet is something that users not only want but expect, even if they know they shouldn’t.  So much of our daily activity resides there.  From our entertainment and paying bills to shopping for gifts, clothing and bulk household items, Internet service has become a utility, not just a frivolous addition to your cable TV package.  With so much activity going on in the strange in-between world of the Internet, there was bound to develop an underground.  Much like in your day-to-day world where the world’s secret places thrive, there is an equivalent world on the Internet where anarchy is king and the rules are few.  One of the ways you can get to this place is called Tor.

In the Beginning:

Tor was once an acronym standing for “The Onion Router” which was a reference to how the program layered and encrypted the users on the network; it became its official name in early 2006.  Tor began as a project of the United States Naval Research Laboratory for reasons that to this day are shrouded in mystery.  When it came to be funded through the Electronic Frontiers Foundation (EFF), it ceased to be a military endeavor and took its first breaths as an independent project.  It is currently run by “The Tor Project”, an educational 501c3 devoting its time and services to developing a web browser designed to preserve anonymity on the Internet.

The gritty details

Let’s get a little more technical and see how this works.  Tor protects the user by taking the outgoing signal and bouncing it through various relays across the globe. In order to do this however, one must download and install a Tor browser package which is available on the Tor Projects homepage.  The browser itself is very pared down and as no-nonsense as it gets, allowing no scripts to come through that you do not by hand approve and no cookies to be saved so that your information remains private.

When you visit a website, it sends out the signal to the first relay and that relay encrypts it which sends it along to the next for further encryption, and so on.  By the time it reaches its destination, often hundreds of relays have been used to get there.  This still usually happens in a matter of seconds, making Tor browsing not that much slower than using your normal services.  The browser itself is set up to access a different type of web page called an “unindexed site” or a “hidden service”:  these are web sites that are invisible to everyday search engines.  They achieve this by using public encryption keys and 16 character hash tags followed by the pseudo-top level domain marker “.onion”.

Doesn’t make sense?  That’s the point: to most browsers, it’s not supposed to.  Normal web browsers cannot decrypt the information produced by a .onion service or page.  When a user starts the Tor/Onion browser and enters in a .onion domain address the information going forward to the first relay gets encrypted and sent forward to the next relay.  Because the next relay in the line cannot tell from where the incoming connection came, the user is effectively protected from any attempt at traffic analysis.   Even if someone could either decrypt one node or get some legal order to release the data, it’s one of dozens or hundreds of nodes.  In summary, the traffic is effectively impossible for anyone to trace, even the people who themselves take part in it.  There’s literally not a single person on the planet who could trace a request made through Tor.

Oooh, this is intriguing!  What can Tor be used to reach, then?

In a word: anything.  This is the Internet unchained, the picture that many of you probably had of it when you first heard of it.  This also includes all of your “normal” sites, though naturally browsing Sesame Street is not going to be the first idea that comes to mind.  What does come to mind is all of the stuff that you imagined must exist somewhere out there on the Internet, if only you knew how to find it.

It is at this point, then, that we have to issue more than just a typical warning, and state that there is no, we repeat, no endorsement of any activity through this article.  Truthfully, we know a lot of you will be naughty.  That’s the reality, and we can’t stop it, no matter how stupid it might make you.  But we can tell you that these things are underground for a reason.  You investigate any of this at your own risk, and that’s not a risk we want to see any of you take.  Are we all clear?

Tor in the News and the future of anonymous usage

The development of Tor is not an isolated phenomenon.  While it may have been a military project initially, it’s still true that there is a higher push for privacy on the Internet as time goes on.  Tor is a somewhat accidental response to it, but it’s nonetheless one that answers this call.

That being the case you would think that Tor would be in the headlines more.  It has instead attracted oddly little attention.  A branch of the collective Anonymous used it recently to infiltrate a child pornography web site.  It was the subject of governmental ire for giving access to a network that they couldn’t reach (ironic, no?).  It was also cited as a tool that was used by Egyptian rebels in their recent insurrection.  Despite these isolated incidents, though, this pathway to the electronic underground remains mostly as invisible as the sites that it accesses.

It’s hard to say what this all means.  One thing we can say is that the technology is solid.  One renowned security expert accessed a black market selling just about every manner of illegal goods, to try to find a security weak point anywhere whatsoever in the process.  Shockingly, he could find none.  Think for a moment about what that would mean if that were to remain the case and become more publicly known.

There’s really only about one thing we can say for certain regarding the future of Tor and its relationship to web security: it’s going to be mighty interesting.