Is your private life private!!

 

 

Who’s looking at your pictures right now? If you’ve ever sold a used cellphone, it’s likely a complete stranger has sifted through your most intimate memories.

Recently Prague-based security firm Avast made news when they bought 20 used Android phones off eBay, then used basic recovery software to restore deleted files on them. In the process the analysts found more than 40,000 stored photos, out of which 1,500 were pictures of children. The Avast blog also states that they retrieved “More than 750 photos of women in various stages of undress” and “more than 250 selfies of what appear to be the previous owner’s manhood.”

In this age of smart phones and incessant social networking, where the lines between public and personal lives are blurred, we are unequivocally vulnerable. Ironically, at the same time, we have never been more careless with personal information.

Jaromir Horejsi, malware analyst at Avast Software says the experiment began when an employee accidently erased his phone’s memory, then found that he was able to resurrect all his files with a “little searching and an inexpensive purchase”. That made him wonder how many other people consider their data permanently gone, when it’s still retrievable by anyone who gets hold of your phone.

Horejsi says, “As the old saying goes, a picture is worth a thousand words. Now add private Facebook messages that include geo-location, Google searches for open job positions in a specific field, media files, and phone contacts. Put all of these pieces together to complete the puzzle and you have a clear picture of who the former smartphone owner was. Stalkers, enemies, and thieves can abuse personal data to stalk, blackmail and steal people’s identities.”

For a generation that’s grown up with technology, we know astonishingly little about how it works. “For years lots of bloggers, including me, have been screaming to people that their data is not safe. Especially with androids where factory reset simply deletes the top layer,” says Karthik Kamalakannan, a tech writer who also works on developing android, iOS and web applications for the future. Avast compares it to deleting the index of a book — so pointers are removed, but chapters remain. “It’s like sticking a clean paper over it,” says Karthik, adding “so information never gets erased. It just gets overwritten.”

While Avast’s experiment also uncovered 750 emails, 250 contact names and one completed loan application, the main reaction — from media and the public — was horror at the idea of explicit selfies going public. This, by the way, isn’t the first scare related to cell phone selfies. Over the past couple of years ‘revenge porn’ has been getting attention. This is sexually-explicit media — a majority of which are selfies — shared online along with personal information, without the consent of the pictured individual. (It’s typically uploaded by an ex- partner or hacker).

Fifteen years ago, this might have worried a niche group of people. Today, if you’re under 30 years of age, it’s about 50 per cent of the people you know in the same age bracket. A set of interviews done with college students and young professionals pegged the number higher, with many of the girls saying that at least eight out of 10 of their friends have taken intimate selfies to send to their boyfriends. One student said it’s become especially common with Snapchat. Some said they take at least one a day. (It seems more frequent with people in long-distance relationships.)

Despite the Avast story, all were still fairly casual about taking these pictures, with one respondent saying, “I think to a large extent, when you take pictures of yourself, a part of you knows there is a risk of someone else seeing it or making a copy of it.” The common solution seems to be a “chin and below” code.

All the people interviewed said they change their phone at least once a year — usually by exchanging it for a newer model. Old phones are sold after erasing the pictures, and a ‘factory reset’. Discussing how important it is to ensure your information is safe, Suresh Jumani who runs Chennai-based Mobile Zone store, cautions against simply looking for the cheapest deal, as in many big multi-brand outlets a large number of floating staff handle old phones. “We have seen people hand in phones without even logging out of Gmail, Whatsapp or Facebook,” he says, going on to discuss how his staff are instructed to do a proper master re-set, ensure the data is over-written and then reformat the phone before selling it to another customer.

Androids tend to be more problematic than iPhones which automatically overwrite data with a factory reset. As an additional precaution Jumani keeps a ledger listing names of the customers so they know who bought and sold each phone. “Chennai’s got the maximum churn rate,” says Jumani, “People change their phones once in eight months, on average, as opposed to Mumbai and Delhi where it’s once a year. The old phones are often bought by students, some of whom sell them again.” So in a lifetime a phone can have anything from one to 10 owners.

Robert Siciliano, an Identity Theft Expert with Hotspot Shield conducted an experiment similar to Avast’s in 2012 when he bought 30 mobile phones and laptops from Craigslist and recovered personal data from 15 devices. Discussing how the “public is blissfully unaware of the risks posed with their personal information leaking,” he says he’s also been guilty of selling old devices but will never do that again. If you’re selling your phones he suggests you “seek out software that promises to rid the device of any data beyond a factory reset.”

Or, do what he now does to make sure you’re absolutely safe. “Old phones should be destroyed. With a hammer.”

Most secure operating system !!

This article doesn't contain any facts or evidences, it solely depends on author's opinion.

With the over increasing usage of internet and privacy issues, the first thing that comes in our mind is 'security'. Is our operating system secure? Is our privacy maintained?  I have been using various operating systems from years.

The security of a given anything, even operating systems (OS), tends to be a difficult or even controversial issue to examine. The only, truly secure operating systems are those that lack contact to the outside world. As for any other OS, they'll inevitably have some sort of vulnerability or weakness that can be exploited. In fact, any networked OS can be exposed by careful abuse of its configuration—no exceptions. All the same, here are the top five most secure operating systems on the planet today.

1. OpenBSD: By default, this is the most secure general purpose operating system out there. The fact that it suffered only two remote attack vulnerabilities in the last decade serves as solid evidence of its stringent security and strict auditing policy. Moreover, OpenBSD lacks a large enough attack surface (care of running numerous web applications) for hackers to exploit.

2. Linux: Linux is another superior operating system. When customized, it can be set up to extremely secure. Linux has an impressive vulnerability patching policy.

3. Mac OS X: This Apple-made OS handles user permissions better, but it still contains an indecent number of vulnerabilities and remote exploits in its systems. That, coupled with Apple's slow response to many of its security issues, has landed this operating system at the bottom of this list.

4. Windows Server 2008: Say what you will about a Microsoft operating system's security; at the very least, they know how to improve and they've gone through the very worst security threats that the Internet can dish out. This iteration of Windows Server has improved backup and recovery, user account control, web server (IIS) role, and server role security configuration.

5. Windows Server 2000: This operating system is so secure that it took nearly a decade before Microsoft can come up with a better one. This OS for network servers, notebook computers, and corporate workstations continues to get monthly security patches even after nine years since its release.

The above list was as per technical specifications. But now according to surveys by Government officials, the results are somewhat different.

The Communications-Electronics Security Group (CESG), the group within the UK Government Communications Headquarters (GCHQ) that assesses operating systems and software for security issues, has found that while no end-user operating system is as secure as they'd like it to be, Ubuntu is the best of the lot. In late 2013, the CESG looked at the security of the most popular end-user operating systems for desktops, smart phones, and tablets. This included: Android 4.2, Android 4.2 on Samsung devices; iOS 6, Blackberry 10.1, Google's Chrome OS 26, Ubuntu 12.04, Windows 7 and 8; Windows 8 RT, and Windows Phone 8. These were judged for their security suitability for OFFICIAL level use according to the UK Government Security Classifications. This is the UK's government lowest security level.

Ubuntu however, scores the highest in a direct comparison. “Ubuntu 14.04 is Ubuntu's latest Long Term Support (LTS) version, and it's recommended for use by businesses. The CESG examined each operating system security on the following grounds:

● Virtual Private Network (VPN)
● Disk Encryption
● Authentication
● Secure Boot
● Platform Integrity and Application Sandboxing
● Application White listing
● Malicious Code Detection and Prevention
● Security Policy Enforcement
● External Interface Protection
● Device Update Policy
● Event Collection for Enterprise Analysis
● Incident Response

Ubuntu has three problem areas that kept it from a perfect score where others had more. Windows Phone 8 has the most "Significant Risk" items with two and Blackberry 10.1 Corporate has the most "Some Risk" areas with six. Where Ubuntu could stand improvement is in VPN, Disk Encryption and Secure Boot.

Technically Ubuntu's VPN is good enough, but it hasn't been shown to meet the security requirement by an independent third party. Canonical's current position, from Ubuntu 12.10 onwards, is "to adopt Grub2 as the default boot loader, with support for Secure Boot, but with an ability to turn off secure boot to modify the OS, if required. This gives users and enterprises the best compromise between security and ability to customize after sale." Problems aside, the simple truth is that if security is what you want most from desktop, smartphone, or tablet operating systems than Ubuntu is what you should be using.

True, security is always a moving target, but year-in and year out; Linux-based operating systems are more secure than their competition. As Windows XP's support clock ticks to its end of supported life, Ubuntu should be considered for your most security sensitive desktops. Its smartphone and tablet side, Ubuntu One, is still a work in progress. The most secure mobile operating system for now is Android on Samsung devices.

Linux-based systems get a lot of press in IT trade publications. A lot of that press relates to its security characteristics. In fact, some claim "Linux is the most secure operating system (OS) of them all." Such statements are, of course, unsupportable hyperbole; while many Linux distributions may outshine both MS Windows and Apple MacOS X by a significant margin, there's evidence to suggest that most Linux distributions are not up to the standards of FreeBSD, for instance -- let alone OpenBSD, with possibly the best security record of any general-purpose operating system.

That's even leaving out special-purpose OSes such as a number of RTOSes, IBM i, OpenVMS, and TrustedBSD. In the sense that many people tend to think first, foremost, and often only of Linux-based systems when they think of open source OSes (and even think of "Linux" as an OS without distinguishing between distributions), however, they have a point: all else being equal, a popular open source OS has definite security advantages over a popular closed source counterpart. Linux distributions are far from the only open source operating systems, though. Just for the sake of argument, insofar as Linux is emblematic of open source OSes, then, and that MS Windows is emblematic of closed source OSes, it may not be so unrealistic to say "Linux is the most secure OS of them all," where "them all" consists of only two choices -- but the world is not that simple.

"Linux" in the abstract, however -- as a stand-in for the average Linux distribution -- is simply not the most secure OS available by a more comprehensive view of OSes. There are, in fact, some Linux distributions that have been created for research purposes that are intentionally as poorly secured as possible in default configuration.

Furthermore, determining a "most secure" OS is not as straightforward as it might at first sound. One of the most common criteria used by people who don't really understand security, and by those who do understand it but want to manipulate those who don't with misdirection and massaged statistics, is vulnerability discovery rates. Those of us who know better are aware that there's a lot more to security than counting vulnerabilities. Other, more credible criteria, may involve factors such as:

·         code quality auditing

·         default security configuration

·         patch quality and response time

·         privilege separation architecture

and a whole lot more.

Even if we ignore any OS that won't, for instance, run a popular browser (such as Firefox), a popular email client (such as Thunderbird), and a popular office suite (such as OpenOffice.org) in a WIMP GUI on an Intel x86 architecture computer, the average Linux distribution doesn't beat every other option in all categories by any stretch. Ubuntu Linux, arguably the Linux distribution with the greatest mindshare, certainly doesn't.

Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on this aspect. Linux is often treated as a highly secure operating system. However, the reality is that Linux too has its own share of security flaws. But there is no need to worry. Read this to understand how Linux secures your system.
http://www.linuxuser.co.uk/features/security-in-linux

If you're one of those people inclined to say "Linux is the most secure operating system of all," you should probably rethink that. A much stronger case can be made for the security of some other OSes than the average Linux distribution. Even if it couldn't, the variability of Linux distributions in general, and the differing criteria for the security of an OS that may come into play in comparisons, make such a statement quixotic at best.

The long version of the answer to the question "Is Linux the most secure OS?" is that it depends on what OSes you're comparing, or whether you're comparing specific OSes at all (instead of something like "open source vs. closed source"), and for what purposes you mean to evaluate the security of an operating system. If you make claims like that, someone who knows better will have an easy way to discredit your argument. Be more specific, not only in your arguments, but in your thinking -- because it's too easy to form bad habits that may lead to making bad decisions about your own security, and because giving people inaccurate information about security like that can create real problems. If you mean that all else being equal popular open source OSes are more secure than popular closed source OSes, say so. If you mean that Ubuntu's default configuration is more secure than MS Windows Vista's, say so. Just saying "Linux is the most secure operating system of all," on the other hand, is imprecise and inaccurate.