Daily Archives: July 12, 2024

Advisories

tcpreplay-4.5.1-1.fc39

Read Time:2 Minute, 51 Second

FEDORA-2024-740d26aaf7

Packages in this update:

tcpreplay-4.5.1-1.fc39

Update description:

Announcing v4.5.1

This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do Tcpreplay maintenance in my spare time.

There are many bug fixes and new features. Most notable features:

AF_XDP socket support – if you have a newer Linux kernel, you will be able to transmit at line rates without having to install 3rd party kernel modules (e.g. netmap, PF_RING)
-w tcpreplay option – this overrides the -i option, and allows you to write to a PCAP file rather than an interface
–include and –exclude tcpreplay options – allows replay of a list of specific packet numbers to replay. This may slow things down, so consider using in combination with -w.
–fixhdrlen tcpreplay option – added to control action on packet length changes
-W tcpreplay option – suppress warnings when replaying
SLL2( Linux “cooked” capture encapsulation v2)
Haiku support

What’s Changed

Add support for LINUX_SLL2 by @btriller in #728
Feature #727 – Linux SLL v2 by @fklassen in #820
Bug #779 – honour overflow for all PPS values by @fklassen in #821
AF_XDP socket extension using libxdp api by @plangarbalint in #797
Feature #822 – AF_XDP socket extension by @fklassen in #823
Nanosec accurate packet processing by @plangarbalint in #796
Handle IPv6 fragment extension header by @ChuckCottrill in #832
Bug #837 – handle IPv6 fragment extension header by @fklassen in #838
Feature #796 – nanosecond packet processing by @fklassen in #836
configure.ac: unify search dirs for pcap and add lib32 by @shr-project in #819
Feature #839 – add pull request template by @fklassen in #840
ipv6 – add check for extension header length by @GabrielGanne in #842
Bug #827 PR #842 IPv6 extension header – staging by @fklassen in #859
add check for empty cidr by @GabrielGanne in #843
Bug #824 and PR #843: check for empty CIDR by @fklassen in #860
Add option to turn on/off fix packet header length by @ChuckCottrill in #846
Bug #703 #844 PR #846: optionally fix packet header length –fixhdrlen by @fklassen in #861
Bug 863: fix nansecond timestamp regression by @fklassen in #865
autotools – AC_HELP_STRING is obsolete in 2.70 by @GabrielGanne in #856
some Haiku support by @infrastation in #847
configure.ac: do not run conftest in case of cross compilation by @ChenQi1989 in #849
dlt_jnpr_ether_cleanup: check config before cleanup by @Marsman1996 in #851
Fix recursive tcpedit cleanup by @GabrielGanne in #855
Bug #813: back out PR #855 by @fklassen in #866
Bug #867 – run regfree() on close by @fklassen in #868
Bug #869 tcpprep memory leak include exclude by @fklassen in #870
Bug #811 – add check for invalid jnpr header length by @fklassen in #872
Bug #792 avoid assertion and other fixes by @fklassen in #873
Bug #844 tap: ignore TUNSETIFF EBUSY errors by @fklassen in #874
Bug #876 – add missing free_umem_and_xsk function by @fklassen in #877
Feature #878 – add -w / –suppress-warning option by @fklassen in #879
Bug #835 false unsupported dlt warnings on 802.3 (Ethernet I) and LLC by @fklassen in #880
Feature #884 include exclude options by @fklassen in #885
Feature #853 direct traffic to pcap by @fklassen in #871
Feature #853 restore missing -P command by @fklassen in #887
Bug #888: check for map == NULL in cidr.c by @fklassen in #889

Read More

Advisories

tcpreplay-4.5.1-1.fc40

Read Time:2 Minute, 51 Second

FEDORA-2024-ecd4cc8435

Packages in this update:

tcpreplay-4.5.1-1.fc40

Update description:

Announcing v4.5.1

This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do Tcpreplay maintenance in my spare time.

There are many bug fixes and new features. Most notable features:

AF_XDP socket support – if you have a newer Linux kernel, you will be able to transmit at line rates without having to install 3rd party kernel modules (e.g. netmap, PF_RING)
-w tcpreplay option – this overrides the -i option, and allows you to write to a PCAP file rather than an interface
–include and –exclude tcpreplay options – allows replay of a list of specific packet numbers to replay. This may slow things down, so consider using in combination with -w.
–fixhdrlen tcpreplay option – added to control action on packet length changes
-W tcpreplay option – suppress warnings when replaying
SLL2( Linux “cooked” capture encapsulation v2)
Haiku support

What’s Changed

Add support for LINUX_SLL2 by @btriller in #728
Feature #727 – Linux SLL v2 by @fklassen in #820
Bug #779 – honour overflow for all PPS values by @fklassen in #821
AF_XDP socket extension using libxdp api by @plangarbalint in #797
Feature #822 – AF_XDP socket extension by @fklassen in #823
Nanosec accurate packet processing by @plangarbalint in #796
Handle IPv6 fragment extension header by @ChuckCottrill in #832
Bug #837 – handle IPv6 fragment extension header by @fklassen in #838
Feature #796 – nanosecond packet processing by @fklassen in #836
configure.ac: unify search dirs for pcap and add lib32 by @shr-project in #819
Feature #839 – add pull request template by @fklassen in #840
ipv6 – add check for extension header length by @GabrielGanne in #842
Bug #827 PR #842 IPv6 extension header – staging by @fklassen in #859
add check for empty cidr by @GabrielGanne in #843
Bug #824 and PR #843: check for empty CIDR by @fklassen in #860
Add option to turn on/off fix packet header length by @ChuckCottrill in #846
Bug #703 #844 PR #846: optionally fix packet header length –fixhdrlen by @fklassen in #861
Bug 863: fix nansecond timestamp regression by @fklassen in #865
autotools – AC_HELP_STRING is obsolete in 2.70 by @GabrielGanne in #856
some Haiku support by @infrastation in #847
configure.ac: do not run conftest in case of cross compilation by @ChenQi1989 in #849
dlt_jnpr_ether_cleanup: check config before cleanup by @Marsman1996 in #851
Fix recursive tcpedit cleanup by @GabrielGanne in #855
Bug #813: back out PR #855 by @fklassen in #866
Bug #867 – run regfree() on close by @fklassen in #868
Bug #869 tcpprep memory leak include exclude by @fklassen in #870
Bug #811 – add check for invalid jnpr header length by @fklassen in #872
Bug #792 avoid assertion and other fixes by @fklassen in #873
Bug #844 tap: ignore TUNSETIFF EBUSY errors by @fklassen in #874
Bug #876 – add missing free_umem_and_xsk function by @fklassen in #877
Feature #878 – add -w / –suppress-warning option by @fklassen in #879
Bug #835 false unsupported dlt warnings on 802.3 (Ethernet I) and LLC by @fklassen in #880
Feature #884 include exclude options by @fklassen in #885
Feature #853 direct traffic to pcap by @fklassen in #871
Feature #853 restore missing -P command by @fklassen in #887
Bug #888: check for map == NULL in cidr.c by @fklassen in #889

Read More

Advisories

tcpreplay-4.5.1-1.el9

Read Time:2 Minute, 52 Second

FEDORA-EPEL-2024-e73c8ef908

Packages in this update:

tcpreplay-4.5.1-1.el9

Update description:

Announcing v4.5.1

This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do Tcpreplay maintenance in my spare time.

There are many bug fixes and new features. Most notable features:

AF_XDP socket support – if you have a newer Linux kernel, you will be able to transmit at line rates without having to install 3rd party kernel modules (e.g. netmap, PF_RING)
-w tcpreplay option – this overrides the -i option, and allows you to write to a PCAP file rather than an interface
–include and –exclude tcpreplay options – allows replay of a list of specific packet numbers to replay. This may slow things down, so consider using in combination with -w.
–fixhdrlen tcpreplay option – added to control action on packet length changes
-W tcpreplay option – suppress warnings when replaying
SLL2( Linux “cooked” capture encapsulation v2)
Haiku support

What’s Changed

Add support for LINUX_SLL2 by @btriller in #728
Feature #727 – Linux SLL v2 by @fklassen in #820
Bug #779 – honour overflow for all PPS values by @fklassen in #821
AF_XDP socket extension using libxdp api by @plangarbalint in #797
Feature #822 – AF_XDP socket extension by @fklassen in #823
Nanosec accurate packet processing by @plangarbalint in #796
Handle IPv6 fragment extension header by @ChuckCottrill in #832
Bug #837 – handle IPv6 fragment extension header by @fklassen in #838
Feature #796 – nanosecond packet processing by @fklassen in #836
configure.ac: unify search dirs for pcap and add lib32 by @shr-project in #819
Feature #839 – add pull request template by @fklassen in #840
ipv6 – add check for extension header length by @GabrielGanne in #842
Bug #827 PR #842 IPv6 extension header – staging by @fklassen in #859
add check for empty cidr by @GabrielGanne in #843
Bug #824 and PR #843: check for empty CIDR by @fklassen in #860
Add option to turn on/off fix packet header length by @ChuckCottrill in #846
Bug #703 #844 PR #846: optionally fix packet header length –fixhdrlen by @fklassen in #861
Bug 863: fix nansecond timestamp regression by @fklassen in #865
autotools – AC_HELP_STRING is obsolete in 2.70 by @GabrielGanne in #856
some Haiku support by @infrastation in #847
configure.ac: do not run conftest in case of cross compilation by @ChenQi1989 in #849
dlt_jnpr_ether_cleanup: check config before cleanup by @Marsman1996 in #851
Fix recursive tcpedit cleanup by @GabrielGanne in #855
Bug #813: back out PR #855 by @fklassen in #866
Bug #867 – run regfree() on close by @fklassen in #868
Bug #869 tcpprep memory leak include exclude by @fklassen in #870
Bug #811 – add check for invalid jnpr header length by @fklassen in #872
Bug #792 avoid assertion and other fixes by @fklassen in #873
Bug #844 tap: ignore TUNSETIFF EBUSY errors by @fklassen in #874
Bug #876 – add missing free_umem_and_xsk function by @fklassen in #877
Feature #878 – add -w / –suppress-warning option by @fklassen in #879
Bug #835 false unsupported dlt warnings on 802.3 (Ethernet I) and LLC by @fklassen in #880
Feature #884 include exclude options by @fklassen in #885
Feature #853 direct traffic to pcap by @fklassen in #871
Feature #853 restore missing -P command by @fklassen in #887
Bug #888: check for map == NULL in cidr.c by @fklassen in #889

Read More

News

Friday Squid Blogging: 1994 Lair of Squid Game

Read Time:35 Second

I didn’t know:

In 1994, Hewlett-Packard released a miracle machine: the HP 200LX pocket-size PC. In the depths of the device, among the MS-DOS productivity apps built into its fixed memory, there lurked a first-person maze game called Lair of Squid.

[…]

In Lair of Squid, you’re trapped in an underwater labyrinth, seeking a way out while avoiding squid roaming the corridors. A collision with any cephalopod results in death. To progress through each stage and ascend to the surface, you locate the exit and provide a hidden, scrambled code word. The password is initially displayed as asterisks, with letters revealed as you encounter them within the maze.

Blog moderation policy.

Read More

News

Hackers Steal Phone, SMS Records for Nearly All AT&T Customers

Read Time:4 Minute, 20 Second

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

In a regulatory filing with the U.S. Securities and Exchange Commission today, AT&T said cyber intruders accessed an AT&T workspace on a third-party cloud platform in April, downloading files containing customer call and text interactions between May 1 and October 31, 2022, as well as on January 2, 2023.

The company said the stolen data includes records of calls and texts for mobile providers that resell AT&T’s service, but that it does not include the content of calls or texts, Social Security numbers, dates of birth, or any other personally identifiable information.

However, the company said a subset of stolen records included information about the location of cellular communications towers closest to the subscriber, data that could be used to determine the approximate location of the customer device initiating or receiving those text messages or phone calls.

“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” AT&T allowed.

AT&T’s said it learned of the breach on April 19, but delayed disclosing it at the request of federal investigators. The company’s SEC disclosure says at least one individual has been detained by the authorities in connection with the breach.

In a written statement shared with KrebsOnSecurity, the FBI confirmed that it asked AT&T to delay notifying affected customers.

“Shortly after identifying a potential breach to customer data and before making its materiality decision, AT&T contacted the FBI to report the incident,” the FBI statement reads. “In assessing the nature of the breach, all parties discussed a potential delay to public reporting under Item 1.05(c) of the SEC Rule, due to potential risks to national security and/or public safety. AT&T, FBI, and DOJ worked collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T’s incident response work.”

Techcrunch quoted an AT&T spokesperson saying the customer data was stolen as a result of a still-unfolding data breach involving more than 160 customers of the cloud data provider Snowflake.

Earlier this year, malicious hackers figured out that many major companies have uploaded massive amounts of valuable and sensitive customer data to Snowflake servers, all the while protecting those Snowflake accounts with little more than a username and password.

Wired reported last month how the hackers behind the Snowflake data thefts purchased stolen Snowflake credentials from dark web services that sell access to usernames, passwords and authentication tokens that are siphoned by information-stealing malware. For its part, Snowflake says it now requires all new customers to use multi-factor authentication.

Other companies with millions of customer records stolen from Snowflake servers include Advance Auto Parts, Allstate, Anheuser-Busch, Los Angeles Unified, Mitsubishi, Neiman Marcus, Progressive, Pure Storage, Santander Bank, State Farm, and Ticketmaster.

Earlier this year, AT&T reset passwords for millions of customers after the company finally acknowledged a data breach from 2018 involving approximately 7.6 million current AT&T account holders and roughly 65.4 million former account holders.

Mark Burnett is an application security architect, consultant and author. Burnett said the only real use for the data stolen in the most recent AT&T breach is to know who is contacting whom and how many times.

“The most concerning thing to me about this AT&T breach of ALL customer call and text records is that this isn’t one of their main databases; it is metadata on who is contacting who,” Burnett wrote on Mastodon. “Which makes me wonder what would call logs without timestamps or names have been used for.”

It remains unclear why so many major corporations persist in the belief that it is somehow acceptable to store so much sensitive customer data with so few security protections. For example, Advance Auto Parts said the data exposed included full names, Social Security numbers, drivers licenses and government issued ID numbers on 2.3 million people who had applied to work at the company.

That may be because, apart from the class-action lawsuits that invariably ensue after these breaches, there is little holding companies accountable for sloppy security practices. AT&T told the SEC it does not believe this incident is likely to materially impact AT&T’s financial condition or results of operations. AT&T reported revenues of more than $30 billion in its most recent quarter.

Read More

Advisories

USN-6896-1: Linux kernel vulnerabilities

Read Time:4 Minute, 27 Second

It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6270)

It was discovered that the Atheros 802.11ac wireless driver did not
properly validate certain data structures, leading to a NULL pointer
dereference. An attacker could possibly use this to cause a denial of
service. (CVE-2023-7042)

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux
Kernel contained a race condition, leading to a NULL pointer dereference.
An attacker could possibly use this to cause a denial of service (system
crash). (CVE-2024-22099)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– x86 architecture;
– Block layer subsystem;
– Accessibility subsystem;
– ACPI drivers;
– Android drivers;
– Bluetooth drivers;
– Clock framework and drivers;
– Data acquisition framework and drivers;
– Cryptographic API;
– GPU drivers;
– HID subsystem;
– I2C subsystem;
– IRQ chip drivers;
– Multiple devices driver;
– Media drivers;
– VMware VMCI Driver;
– MMC subsystem;
– Network drivers;
– PCI subsystem;
– SCSI drivers;
– Freescale SoC drivers;
– SPI subsystem;
– Media staging drivers;
– TTY drivers;
– USB subsystem;
– VFIO drivers;
– Framebuffer layer;
– Xen hypervisor drivers;
– File systems infrastructure;
– BTRFS file system;
– Ext4 file system;
– FAT file system;
– NILFS2 file system;
– Diskquota system;
– SMB network file system;
– UBI file system;
– io_uring subsystem;
– BPF subsystem;
– Core kernel;
– Memory management;
– B.A.T.M.A.N. meshing protocol;
– Bluetooth subsystem;
– Networking core;
– HSR network protocol;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– Netfilter;
– NET/ROM layer;
– NFC subsystem;
– Open vSwitch;
– Packet sockets;
– RDS protocol;
– Network traffic control;
– Sun RPC protocol;
– Unix domain sockets;
– ALSA SH drivers;
– USB sound devices;
– KVM core;
(CVE-2024-35969, CVE-2024-35819, CVE-2024-26851, CVE-2024-26816,
CVE-2024-26643, CVE-2023-52656, CVE-2024-27020, CVE-2024-35821,
CVE-2024-35930, CVE-2024-35936, CVE-2024-27075, CVE-2024-26817,
CVE-2024-26984, CVE-2024-35895, CVE-2024-35853, CVE-2024-27043,
CVE-2024-35978, CVE-2024-35960, CVE-2024-26882, CVE-2024-35806,
CVE-2024-35830, CVE-2024-26852, CVE-2024-35915, CVE-2024-36006,
CVE-2024-35935, CVE-2024-26926, CVE-2024-35877, CVE-2024-27396,
CVE-2024-26654, CVE-2024-27077, CVE-2024-27078, CVE-2024-27000,
CVE-2024-35888, CVE-2024-27437, CVE-2024-26994, CVE-2024-26973,
CVE-2024-26687, CVE-2024-26955, CVE-2024-26898, CVE-2024-26859,
CVE-2023-52620, CVE-2024-35893, CVE-2024-26903, CVE-2024-26862,
CVE-2024-35950, CVE-2023-52644, CVE-2024-26969, CVE-2024-27028,
CVE-2024-35984, CVE-2024-36007, CVE-2024-35925, CVE-2024-36020,
CVE-2024-26956, CVE-2024-35789, CVE-2024-26878, CVE-2024-35855,
CVE-2024-35822, CVE-2023-52699, CVE-2024-27044, CVE-2024-27030,
CVE-2024-27065, CVE-2024-26993, CVE-2024-27395, CVE-2024-27013,
CVE-2024-35922, CVE-2024-26586, CVE-2024-36004, CVE-2024-35897,
CVE-2024-35807, CVE-2024-26901, CVE-2024-27076, CVE-2023-52880,
CVE-2022-48627, CVE-2024-26894, CVE-2023-52650, CVE-2024-27001,
CVE-2024-26863, CVE-2024-26651, CVE-2024-35886, CVE-2024-35982,
CVE-2024-26883, CVE-2024-26935, CVE-2024-27074, CVE-2024-35849,
CVE-2024-35955, CVE-2024-26965, CVE-2024-35898, CVE-2024-26855,
CVE-2024-35933, CVE-2024-35823, CVE-2024-35815, CVE-2024-26880,
CVE-2024-26874, CVE-2024-26642, CVE-2024-26937, CVE-2024-35854,
CVE-2024-35997, CVE-2024-27059, CVE-2024-26812, CVE-2024-26999,
CVE-2024-26923, CVE-2024-26934, CVE-2024-27024, CVE-2024-27419,
CVE-2024-35847, CVE-2024-26974, CVE-2024-26875, CVE-2024-35805,
CVE-2024-27008, CVE-2024-26889, CVE-2024-27053, CVE-2024-27388,
CVE-2024-26981, CVE-2024-26976, CVE-2024-35973, CVE-2024-35852,
CVE-2024-35809, CVE-2024-27004, CVE-2024-26884, CVE-2024-35899,
CVE-2024-26931, CVE-2024-35813, CVE-2024-26922, CVE-2024-26957,
CVE-2024-35944, CVE-2024-27038, CVE-2024-35910, CVE-2024-26925,
CVE-2024-26820, CVE-2024-26857, CVE-2024-26828, CVE-2024-35825,
CVE-2024-26813, CVE-2024-27046, CVE-2024-26810, CVE-2024-27436,
CVE-2024-27073, CVE-2024-35828, CVE-2024-35900, CVE-2024-26966)

Read More

News

Sharing Isn’t Always Caring: Tips to Help Protect Your Online Privacy

Read Time:6 Minute, 41 Second

When it comes to protecting your privacy, take a close look at your social media use—because sharing can quickly turn into oversharing.

The term “oversharing” carries several different definitions. Yet in our case here, oversharing means saying more than one should to more people than they should. Consider the audience you have across your social media profiles. Perhaps you have dozens, if not hundreds of friends and followers. All with various degrees of closeness and familiarity. Who among them can you absolutely trust with the information you share?

And you might be sharing more than you think. Posts have a way of saying more than one thing, like:

“This is the pool at the rental home I’m staying at this week. Amazing!” Which also tells everyone, “My home is empty for the next few days.”

“I can’t start my workday without a visit to my favorite coffee shop.” Which also says, “If you ever want to track me down in person, you can find me at this location practically any weekday morning.”

One can quickly point to other examples of oversharing. Unintentional oversharing at that.

A first-day-of-school picture can tell practical strangers which elementary school your children attend, say if the picture includes the school’s reader board in it. A snapshot of you joking around with a co-worker might reveal a glimpse of company information. Maybe because of what’s written on the whiteboard behind the two of you. And in one extreme example, there’s the case of an assault on a pop star. Her attacker tracked her down through her selfie, determining her location through the reflection in her eyes.

The list goes on.

That’s not to say “don’t post.” More accurately, it’s “consider what you’re posting and who gets to see it.” You have control over what you post, and to some degree, who gets to see those posts. That combination is key to your privacy—and the privacy of others too.

Three simple steps for protecting your privacy on social media

1) Be more selective with your settings: Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting—not to mention your relationships and likes. Taking a “friends only” approach to your social media profiles can help protect your privacy because that gives a possible scammer or stalker much less material to work with. Yet further, some platforms allow you to create sub-groups of friends and followers. With a quick review of your network, you can create a sub-group of your most trusted friends and restrict your posts to them as needed.

2) Say “no” to strangers bearing friend requests: Be critical of the invitations you receive. Out-and-out strangers might be more than just a stranger. They might be a fake account designed to gather information on users for purposes of fraud. There are plenty of fake accounts too. In fact, in Q1 of 2023 alone, Facebook took action on 426 million fake accounts. Reject such requests.

3) Consider what you post: Think about posting those vacation pictures after you get back so people don’t know you’re away when you’re away. Also, consider if your post pinpoints where you are or where you go regularly. Do you want people in your broader network to know that? Closely review the pics you take and see if there’s any revealing information in the background. If so, you can crop it out (think notes on a whiteboard, reflections in a window, or revealing location info). Further, ask anyone you want to include in their post for their permission. In all, consider their privacy too.

Further ways to make yourself more private online

While we’re on the topic, you can take a few other steps that can make you more private online. In addition to your social media usage, other steps can help keep more of your private and personal information with you—where it belongs:

Skip the online quizzes: Which superhero are you? “What’s your spooky Halloween name?” or “What’s your professional wrestler name?” You’ve probably seen quizzes like these crop up in your feed sometimes. Shadily, these quizzes might ask for the name of the street you grew up on, your birthdate, your favorite song, and maybe the name of a beloved first pet. Of course, these are pieces of personal information, sometimes the answer to commonly used security questions by banks and other financial institutions. (Like, what was the model of your first car?) With this info in hand, a hacker could attempt to gain access to your accounts. Needless to say, skip the quizzes.
Clean up your personal data trail: When was the last time you Googled yourself? The results might reveal all kinds of things, like your estimated income, the names and ages of your children, what you paid for your home, and, sometimes, your purchasing habits. Who’s collecting and posting this information about you? Online data brokers gather information from all manner of public records. Beyond that, they’ll also gather information from app developers, loyalty cards, and other companies that track your web browsing. Data brokers will sell this info to anyone. Advertisers, background checkers, telemarketers, and scammers too. Data brokers don’t discriminate. Yet you can clean up that information with a Personal Data Cleanup like ours. It scans some of the riskiest data broker sites for your personal info and helps manage the removal for you. ​
Spend time online more privately with a VPN: A VPN creates an encrypted “tunnel” that shields your activity from cybercriminals so what you do online remains anonymous.​ It helps make you anonymous to advertisers and other trackers too. By encrypting your web traffic requests, a VPN can hide your search habits and history from those who might use that info as part of building a profile of you—whether that’s for targeted ads or data collection that they might sell to brokers for profit. Comprehensive online protection software like ours includes one.

More privacy partly comes down to you

Granted, “social” is arguably the opposite of “private.” Using social media involves sharing, by its very definition. Yet any oversharing can lead to privacy issues.

Maybe you want close friends to know what’s going on, but what about that so-so acquaintance deep in your friends list? How well do you really know them? And to what extent do you want them to know exacting details about where you are, where your kids go to school, and so on? Those are questions you ultimately must answer, and ultimately have some control over depending on what you share on social media.

Also important to consider is this: if you post anything on the internet, consider it front-page news. Even with social media privacy settings in place, there’s no guarantee that someone won’t copy your posts or pics and pass them along to others.

The flipside to the topic of social media and privacy is the platform you’re using. It’s no secret that social media companies gather hosts of personal information about their users in exchange for free use of their platforms. Certainly, that’s a topic unto itself. We cover what social media companies know about you in this article here—along with a few steps that can help you limit what they know as well.

When it comes to your privacy and social media, it depends largely on how you use it. How you use various privacy and audience settings offers one way to manage it. The other is you and the information you put out there for others to see.

The post Sharing Isn’t Always Caring: Tips to Help Protect Your Online Privacy appeared first on McAfee Blog.

Read More