The application of 3rd party certification

Friday, June 20, 2008

iPhone OS is the operating system developed by Apple Inc. for the iPhone and iPod touch. Like Mac OS X, from which it was derived, it uses the Darwin foundation. iPhone OS has three abstraction layers: a Core Services layer, a Media layer, and a Cocoa Touch layer. The operating system takes less than half a gigabyte (GB) of the devices' total memory storage.At the 2007 Apple Worldwide Developers Conference Apple announced that the iPhone and iPod touch will support third-party "applications" via the Safari web browser, referred to as web applications. The applications can be created using web technologies such as AJAX. Many third party iPhone web applications are now available.

Currently, the iPhone and iPod touch cannot officially install full programs from anyone but Apple. However, many third party native applications are now available, despite this complete lack of support by Apple. Such native applications face the possibility of being broken by any iPhone OS update, though Apple has stated it will not design software updates specifically to break native applications (other than applications that perform SIM unlocking). These are available through the installer application, which is installed on the iPhone after major methods of jailbreaking. Some well known members of the 3rd party app community have switched over to the official SDK.

Since iPhone OS has been closed down the device from UMD (or UMPC), I can conclude that the Apple iPhone is not just a smartphone. It is a very high-end feature phone. As feature phones have increased functionality, input mechanisms, and outputs (displays and speakers), some feature phones have been very smartphone-like.

How to safeguard your personal and financial data?

Online security can be treated as a “necessity” for those who own a computer. Now I am going to share with you about the safeguards on your data.

The simplest method to protect your data from stealing your information by the hackers or crackers is to install anti-virus software and must keep updating it daily. The significant threats to computer-based information consist of viruses and trojans, spyware or adware, and computer failures. If you do not own the anti-virus software, you are ruining your computer’s life. The newer programs, for instance, Norton Anti-Virus will download updates automatically. Eventhough you have anti-virus software, you also required to update it and get the edition that enables automatic updates and scans those incoming mails or items in your computer if you use the old version anti-virus software.

Besides, you can also set up the firewall for your computer. If you do not set up a firewall, it is vulnerable to those hackers. The firewall can be used to filter the inherently dangerous services and to expose the protected network to fewer risks. For instance, a firewall could block the dangerous services such as Network File System from entering the protected subnet.

Additionally, you must back up your file or data daily. Without data back up, you will be running the risk of losing your data. Mostly you save your important assets of your business or your family data in the computer. You can back up your data in CD-RW, tape, drives or even portable hard drives. If any incident such as theft, fire, flood etc happens, you will still be protected as your data has been safeguarded.

Furthermore, if you share information with another user by using a public computer such
as in a library, school computer lab or Internet café, you have to remember to close the window browser. This is to prevent other users to read your personal information and mail. Avoid from using passwords that are easy for someone to guess. Your passwords you created must be strong and keep them well protected, so that the malicious users could not steal you information.

Likewise, keep an eye on anyone who seems interested in your transactions when you using an ATM. When inserting your PIN number, you should use your free hand to shield the keypad to prevent others to peep it. Bankers can also add on fingerprint scanning on ATM machine.


I strongly advice everyone to cooperate with each other to prevent the disclosure of our own or consumer personal and financial data. Hope that everyone can concern about computer security by viewing my post to follow the steps of safeguards on data.

Reference:
1. http://www.aroundhawaii.com/lifestyle/computers/2004-05_take_a_few_steps_to_safeguard_your_pc_and_data.html

The threats of online security: How safe is your data?

Thursday, June 19, 2008

Nowadays, Internet attacks are increasing in number and complexity. When Internet users browse any websites which contain the damaging threats, the regarding threats would attack or destroy their computers. The damaging threats such as viruses, spyware, adware, scumware, hacker attacks, identity theft and fraud are common occurrence.

Trojan horse refers to one of the most serious threats to the computer security. A Trojan horse is a program in which malicious or harmful code is contained inside harmless programming that it can ruin the file allocation table on the hard disk or even stop the computer’s normal functions. Furthermore, Trojan horse not only attacks your computer once you trapped by it, but may also attack other people’s computer unknowingly. Therefore, everyone must be aware of this type of virus because Trojan horse can be spread to hurt other people easily when you are infected.

Besides, spyware is another virus that attack user’s computer. A large number of problems that have arisen are such as pop-up ads that multiply uncontrollably, system slowdowns of freezes and mysteriously redirect us to the websites we have never heard of. Adware is similar to spyware, which is software that installed on the computer to show advertisements. Adware can also slow down user’s pc and even increase the instability of user’s system because many adware applications are not well-programmed.

Internet fraud has a broad meaning in covering Internet transaction that involves falsified information. The common Internet fraud are such as fake IDs, diplomas, and recommendation
letters sold as credentials and others. Some Internet fraud schemes also involve identity theft-wrongful obtaining and using of someone’s personal data in some way that involves fraud or deception, typically for economic gain. For example, in 2001, the entire municipality of Largo, Florida lost their emails for more than a week because an unknown company has compromised its identity. Then the company hacked into the city’s email relay system to steal the identity of the Largo.com. Because of the e-mail spam from Largo.com addresses the net, all incoming and outgoing messages were blacklisted from the city.

Another internet fraud is done through the use of stolen credit card information.

The crackers who probably are the companies’ employees can easily obtain the huge quantities of credit card information from the companies’ databases. They deal with the companies’ customers in selling those credit cards information to them. This has led to criminal cases occurrence. Besides, the use of credit cards for making online purchase or payment can be unsecured. The so-called secure transactions are actually not fully secure since the information need to be decoded into plain text to process it.


Therefore, we have to safeguard our data carefully and properly. If we don’t do so, the more and more online threats will be continuously occurred in our life.

References:
1.
http://www.bsagovernment.com/downloads/MajorOnlineThreats.pdf
2.
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html

A review on a post on Internet Security from My E-Commerce blog


After viewing the blog, I feel so curious to know more about mobile Malware. It has a rapidly growth of mobile Malware recently, the primary reasons which are as below:
· The price of phone continues to drop and vendor involved in production.

· Virus writer is allowed to gain a deep understanding of the operating system.

· Mobile phone users tend to save a great deal of private data into their devices, so there is a potential financial gain from identity theft or misappropriation of credit card information.

· Windows Mobile and Win32 are very similar, so it is easy for Win32 malware author to transition to mobile malware.

There are many ways to prevent of mobile Malware except of those in the article.
· The best way to prevent mobile from Malware attacks is to install anti-virus and anti-Malware tools. Such as, a combination of both PC-based anti-virus software and mobile anti-virus software, it is the most effective solution to prevent infection than products that only detect or clean viruses.


· Off the WI-FI and Bluetooth when in outdoors, because these
function are easier to exploit for sending malicious code or viruses.

· Make a frequent back up of data stored on mobile services, as contact lists are vitally important, then if the mobile device had been infected, so we can recover the default setting to clean the system.

· Don’t save the business data or any confidential files or photo in mobile device as possible. This is a profit motive to drive those Malware writers to create mobile viruses.

· If the phone is auto-connected to General Packet Radio Service(GPRS), it might be infected with a virus that send data to others. If discover this problem, disconnect the device immediately and install anti- virus software to remove Malware.


related to article :

http://ecommerze.blogspot.com/search/label/internet%20security http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_malware7a_en.pdf

Phishing: Examples and its prevention methods.

Phishing is the new 21st century crime. It is the practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or others organisations, with the intent of luring the recipient into revealing sensitive information such as usernames, passwords, account number, ATM pins or credit card details.

Examples:

Charlotte's Bank of America example
PayPal example
eBay example

Tagged.com example

Prevention methods

Following are some good practices to follow in order to avoid being a victim of phishing.
1. Always be wary of any email requesting personal information. Don't reply to
any suspicious looking emails or click on any links that you are not sure. You
can never be too cautious.

2. Always ensure that you are on a secure connection to a web server when
submitting personal information across the internet. Seeing an https://
appear in the URL instead of http:// and also seeing a picture of a locked
padlock in the lower right-hand corner of the browser window, not the
page itself.

3. Do not use your personal email address on online forms or any public forum
such as such as newsgroups and mailing lists. Doing so may cause you be
flooded with spam.

4. Avoid emails with urgent requests for financial, account, or email
information. Such as emails that ask for usernames and passwords, credit
card numbers, or other personal information.

5. Use antivirus and firewall software and keep them up to date using their
update features. Anti-virus software can detect and delete virus files
before they can attack a computer and firewall can protect computer from
being hacked into. Software can be use are such as AVG Antivirus, Avast
Home Edition, Sygate Personal firewall and Kerio Personal firewall.

6. Install Spyware removal software such as
AdAware. Spyware are files that
can be installed on your computer, even if you don't want them, without your
knowing. They allow companies to monitor your internet browsing patterns.

7. Never buy anything from a company that sends you spam. Don't even visit
their sites or ask for more information.

8. Make sure to carefully review your bank statements to check for
unauthorized transactions. Many credit card companies have identity
protection features that will reimburse you for charges made by an
attacker, so long as they are promptly identified.