The Cocoon Blog
The Internet as it should be: private, secure and virus free

by Brian J. Fox, Co-founder & CTO, Cocoon

On International Data Privacy Day it’s appropriate to ask ourselves, are we too connected? I used to own just my laptop and my cell phone, and that was good enough. Now, I’ve got a plethora of devices, and every one of them is connected to the Internet. I’ve got Facebook on my TV and phone, I’ve got Google Voice on my laptop and tablet, I have photo stream and GPS on my camera and my iPod. I even have Internet radio on my desktop and in my car.

As these new devices allow us to become ever more connected to the world, the opportunity for access to personal information is also increased. 

The demand for (and availability of) all these devices has made Internet privacy and security one of the most pressing issues facing us this year. While several bills have been introduced to address the issue – Do Not Track Kids and Do Not Track, for instance – this is baseline legislation that cannot keep up with the technologies that allow for more and more sophisticated tracking. It is the private sector that is coming up with the solutions that allow consumers to control how much information they share and how to keep their devices and networks secure.

I don’t think we need to choose between the convenience of these devices and privacy…consumers just need to know about the tools such as Cocoon now available in the marketplace that can keep their data secure and their personal information private.

Mikko Hypponen, Chief Research Officer of F-Secure is a leading global cybercrime expert. In this video Mikko briefly discusses three types of online attack:

1. Cybercriminals
2. Hacktivists
3. Governments

The Electronic Frontier Foundation (EFF) is also gathering information on what printers may be revealing and exploring privacy implications of this technology.

“In a purported effort to identify counterfeiters the US government has succeeded in persuading some color laser printer manufacturers to encode each page with identifying information. That means that without your knowledge or consent an act you assume is private could become public. A communication tool you’re using in everyday life could become a tool for government surveillance. And what’s worse there are no laws to prevent abuse.”  -EFF

 

At Cocoon, we appreciate and support all efforts against SOPA. Thousands of Cocoon’s users rely on the Cocoon Service to contend with some of the most brutal dictatorships on Earth to exercise their freedom of speech. We encourage everyone to speak out against SOPA to protect free speech and privacy online. Below are links you can forward to friends with educational info as well as opportunities to send messages to Congress.

More info about SOPA/PIPA and how you can help stop the bills:

• Learn more about SOPA – watch this video
• Change your profile picture to protest SOPA
• Write to Congress to kill these bills

Avast recently reported that some child game sites have become the latest target of hackers. If the child is playing games on a shared family computer – malware can affect all family members who login to the family computer. If the child has their own computer, it should be checked on a regular basis (by an adult) for potential cybercriminal activities. All computers in the household should have regular updates of antivirus and other security software.

In recent years online games have become a modus for hackers. Hackers can make that big purple dragon that flies to Taragath Land look like an exciting adventure to a five year old. Remember, children often do not stop and think before clicking on a malicious link. It is very important that parents monitor a child’s online activities to protect them from unsavory areas of the web.

Avast says the most visited site affected – cutearcade.com – had generated more than 12,600 infection reports from its protection software as of last week. –BBC News

Cocoon offers protection from malware and drive-by-downloads. Once logged into Cocoon, no information touches your hard drive because it is all stored on our servers. The hackers can’t get to you or your children. It is currently available as a Firefox plug-in, but will soon arrive with a few more flavors (Internet Explorer and IOS).

The Cocoon Team!

 

If you received a new MAC computer or Apple gear for Christmas, you could be targeted in the latest malware campaign. The phishing campaign was noted at the Mac Security Blog:

 

“A vast phishing attack has broken out, beginning on or around Christmas day, with e-mails being sent with the subject “Apple update your Billing Information.” These well-crafted e-mails could fool many new Apple users, especially those who may have found an iPhone, iPod or iMac under their Christmas tree, and set up accounts with the iTunes Store or the Mac App Store for the first time. The messages claim to come from “appleid@id.apple.com.”

You can easily check the validity of the link in your email by hovering your cursor over the URL. The real deal will go to a subdomain on Apple.com and not to a numerical address such as http://107.27.3x.1.

The Cocoon Team!

Our free web-service is doing some very cool stuff…

You can now be totally safe on open WiFi networks, you will no longer be tracked by every website you go to, AND you don’t have to worry about getting viruses online no matter where you browse.

And you get unlimited email addresses for anything you have to sign up for. That means that you can put an end to spam just by throwing away your inbox.

It’s gotten some great reviews: 

Lifehacker: “Cocoon wraps up all those privacy features into one simple add-on”

CNET: “Cocoon looks like a serious contender for one of the best add-ons of the year”

–The Cocoon Team

The idea behind using Third-party link-shortening services is to make sharing long links shorter and easier.  Short links can take you to both good sites and bad sites and are often used in social networking to trick you into visiting a malicious site.

For example: http://www.schneier.com/blog/archives/2011/12/tagging_people.html?utm_source=twitterfeed&utm_medium=twitter becomes http://t.co/hU3zPZnZ when using a link-shortening service.

Kevin Haley, Director, Symantec Security Technology and Response revealed in Symantec’s 2011 Internet Security Threat Report that:

Shortened URLS are great for staying within the character restrictions of a social networking post.  But, they also allow a bad guy to hide the URL of a malicious web site.  This trick is working and bad guys are rushing to use it.  65% of the malicious URLs posted on social networks were shortened URLs.

bit.ly,goo.gl, is.gd, ow.ly,  Su.pr and Tinyurl,are a few of the third-party shortening services that cybercriminals utilize to direct unsuspecting users to infected websites. The bad guys are very aware that you don’t know where you are going once you click on a shortened links and this is obviously to their advantage.

 You can one-up the bad guys by using a site such as Unmask  Parasites.  A quick copy and paste of the shortened link into the check box at their site will reveal where the link will take you and also let you know if the site is suspicious. Though Unmask Parasites is still in beta, it is a very good tool to add to your Internet safety kit.

Airports, restaurants, coffee shops, businesses, dentists, libraries and even public parks offer public access to Wi-Fi for free. Surfing unsecured hotspots can open your data pipeline to some very unsavory characters.  Whether you use it for convenience or because there is no other Internet connection available — the bad guys still have all kinds of tools to gather and steal information from you.

In a recent Cyber-scary contest that we featured in mid November one of our entrants realized that the hotel that they stayed at in Las Vegas did not even have a public Wi-Fi connection available! But her husband was able to easily connect to a rogue Wi-Fi hotspot to enter his credit card information:

“Haven’t been on vacation in 20 years…… We get to our hotel in Vegas. First thing my husband does is, to try to go online, to check his work email. He gets a wireless signal called Luxorhotel_guest. Clicks on it, and enters in our credit card information. We then find out that the LUXOR only offers wired internet service! GREAT!”

At Virtual World Computing, we offer free cloud-based “Cocoon” security software that automatically encrypts unsecured Wi-Fi communications. While logged into Cocoon, all your online activities beccome routed through our “secure tunnel” to a safe server that blocks the bad guys from getting to your data. You won’t have to spend your time worrying about online banking or stolen credit card information, because we keep the bad guys away.

Cocoon Features:

• Creates a virtual firewall that keeps the bad guys away from your computer.
• Provides antivirus protection; Cocoon will alert you and stop harmful or malicious files from downloading to your computer.
• Protects your personal information and activity by preventing cookie tracking.
• Prevents malware and drive-by downloads.
• Gives you the option to remotely store history and bookmarks in the cloud.
• Encrypts all your data.
• Shields your personal identity and protects your privacy.
• Provides ad hoc email addresses via mailslots that stops spam in its tracks

Internet threats are huge today. Every time you turn your head it appears that somebody is getting hacked or compromised in some way.

At Virtual World Computing (VWC) we believe that everyone has the right to online privacy and web security. We also believe in sharing vital information with the online community in hopes that our contributions will enhance and assist people in making better Internet security and privacy choices.

It is in this spirit that we’ve selected ten of our best blog posts from 2011 to re-share with the Internet community – Enjoy!

The Top 10 Cocoon Blog Posts From 2011

1. [Video] Why Should Your Privacy Be Important To YOU 

In today’s online world, privacy is not a right that exists; it is an option that you must exercise on your own. Many people believe that they have to give up their privacy to be online and Cocoon wants to change this fallacy.

2. Cocoon’s 2011 List of the Top 10 Internet Privacy Threats

Privacy has become a red-hot issue in 2011. As more privacy organizations, advocates and researchers discover and disclose to the general public what social networks, governments, corporations, data miners/aggregators, advertisers and law enforcement collect;  public awareness of the impact of our digital footprints and  invasive online tracking tactics become exposed.

3.  Protecting Children Online

Whether it is identity theft, online tracking, or profiling, the Internet can be an open door to a child’s personal information. A Wall Street Journal investigation into online privacy last year found that popular children’s websites install more tracking technologies on personal computers than do the top websites aimed at adults.

4.  New Free Software Makes Wi-Fi Safe for Travelers

Free hotspots have become famously easy pickings for hackers setting up fake free Wi-Fi hotspots that look like the real thing (aka an “Evil Twin”). When an unsuspecting user logs on, what they are connecting to isn’t a real hotspot – it’s the hacker’s laptop. Once that happens, the hacker can use free software from the Internet (such as Firesheep, WiFi Pineapple and WiFi Robin) to hijack much of the information sent to and from the victim’s laptop).

5. Facebook and their 90 day tracking cookies…

According to Byron Acohido from USA Today, Facebook has been able to create a running log of visits that each of its 800 million members has visited in the previous 90 days. Once you are logged into Facebook, the site inserts a both a browser cookie and a session cookie into your web browser.

6. Consumer Privacy Should Trump Google’s Profits

Once again, the norm for big business is to place the onus on individuals to opt-out of being tracked and allowing our information to be inventoried. This is routinely done as ad networks sell personal user profiles to advertisers, but this is a new twist. Google is now using your Wi-Fi signal to help them sell location-based advertising.

7. Nine simple steps that you can take to better secure a public Wi-Fi connection

A hacker could easily create a fake Wi-Fi hot spot that looks legitimate. If you connect to the hackers Wi-Fi you will be directly linked to the hacker’s computer.

8. How to protect yourself on social networks

 

Malicious people are drawn to social networks due to easy access and the amount of personal data available to them. The more information that you place on these sites along with weak privacy settings has the potential to allow targeted social engineering attacks.

9. Does your Internet have malware?

It is obvious that relying on one solution alone to detect all Internet threats is not enough. The digital landscape has changed and the concept of adopting a layered security approach is a good idea. Cocoon, a Firefox plug-in is an awesome addition to add to your Internet toolkit.

10.  Recap on Cocoon Features

Cocoon was created out of the belief that everyone should have access to the Web, have a right to online privacy, and that the act of browsing the Web should not expose your computer to malicious code.

Our business is to protect your privacy and security – if we don’t do that we don’t have a business – so we take Internet security and privacy seriously.

 

Whether it is identity theft, online tracking, or profiling, the Internet can be an open door to a child’s personal information. A Wall Street Journalinvestigation into online privacy last year found that popular children’s websites install more tracking technologies on personal computers than do the top websites aimed at adults.

According to recent research by Consumer Reports,one million children were harassed, threatened, or subjected to other forms of cyberbullying on Facebook in the past year — and that’s just one social media site. Furthermore, the Federal Trade Commission (FTC) says 8 percent of the ID theft complaints in 2010 involved children.

Society has an obligation to protect our children and online safety for children should be a priority. We need a three-pronged approach to address this issue: policy changes; industry self-regulation; and more parental tools, monitoring and education.

Current legislation being considered includes proposed amendments to the Children’s Online Privacy Protection Act (COPPA) by the FTC.  COPPA has not been seriously updated since 1998 — only four years after the first browser was introduced to the marketplace. (That was back when you still needed an antenna on your car for your “car phone” to work.) In May, the Do Not Track Kidsbill (H.R. 1895) was introduced by Rep. Edward J. Markey (D-Mass.) and Rep. Joe Barton (R-Texas); it proposes barring websites outright from using kids’ data to target ads to them until they are 17.  Debates continue about the appropriate age cut-off and exactly how this legislation would be enforced.

A recent New York Times editorial, “A Push for Online Privacy,” stated that “Despite bipartisan concern about potential abuses, Congress has not acted to protect consumer privacy, and there is little chance legislation will pass anytime soon.”

Okay, well if we cannot count on policies to protect our children online anytime soon, how about self-regulation?

The desire to know who, what and where people are at any given point is driven by advertising revenue. The more companies know about a consumer, the more they can target advertising to their buying habits. Until their revenue model changes, what incentive do these companies have to self-regulate? Unless, of course, there is legislation in place, and you see the circular argument.

So it is up to the parents, and as a parent, I can say we are falling short.  The same Consumer Reports research found that 7.5 million American children under the age of 13 were using Facebook, more than 5 million were 10 and under, and their accounts were largely unsupervised by their parents (although Facebook’s policy is not to allow children under 13 to use its site).

So we can wait for politicians to step up to build a regulatory framework to protect our children’s online privacy and hope that the online industry will check its own greed, or we can take control of protecting our kids today by monitoring our their online use, educating them about online safety, and using the tools available to protect them from being tracked.

Follow Vernon Irvin, President & COO of Virtual World Computing on Twitter: www.twitter.com/GetCocoon