The Cocoon Blog
The Internet as it should be: private, secure and virus free

Chester Wisniewski of Sophos Security reported yesterday that scammers are at it again. If you use the Mozilla Firefox browser, scammers detect your user-agent string and may present you with a fake Firefox security alert. The pop-up will state that it is scanning your system and that your system is affected by numerous virus attacks. It will then recommend that you click on the start protection button to erase all threats.  If you click on that button you will download the fake antivirus.

Chester sums it up well:

Taking advantage of detailed information about the person’s computer and software allows for a much more specific, believable social engineering attempt.

We are likely to continue to see these criminals targeting each operating system, browser and any other details that can be gleaned from HTTP requests sent from our devices. [Source]

When you visit any webpage, your browser sends the user-agent string to the web server that you are visiting. This string tells the hosting site what browser and version number you are using and also discloses information about your operating system and version. The user-agent string is supposed to be used by the web server to provide content that is specifically tailored to your browser. It is not supposed to be used to send you socially engineered pop-ups. You can view your browser user-agent string here.

The Cocoon plug-in for Firefox does not automatically download a file once you click on a button! Cocoon does provide a stop and think procedure in order to allow you to make the choice whether to download the file or not.

You can find out more about Cocoon at GetCocoon.com

Stop by and say hello on Twitter and Facebook too – The Cocoon Team!

Every day that you go on the Internet there is a chance that you could unknowingly come in contact with malware. Malware authors have become quite inventive over the past few years. Using Google image search hacks to spread malware was a very effective campaign that delivered fake anti-virus earlier this month. Social media scams have also gained in popularity and generally lead the innocent victim to sites that can lead to malware and trickery.

According to Microsoft “One in every 14 downloads is a piece of malware.”

The Wall Street Journal reports:

Traditional antivirus techniques have relied on identifying the piece of malware and blocking it, but that relies on the antivirus software identifying the code.

Hackers use a technique called “server side polymorphism” to generate different strains, which makes detection much harder. White-listing and black-listing will only cover a small percentage of downloads. The problem lies in the space between.

Antivirus companies have to consistently remain on the defensive when combating the ever-evolving complexity and sheer volume of malware on the Internet today. The cybercriminal industry operates under a premium business model that spends a great deal of money on research and development along with hiring professional coders to produce malware that is geared to escape real-time detection.

Geoff Webb of eSecurity Planet made a very keen observation yesterday about traditional approaches to stopping malware:

The fact is that traditional approaches to stopping malware, such as relying on signature-based anti-virus, no longer provide sufficient protection. It’s too easy for malware authors to write code that is able to avoid detection and operate successfully well below the anti-virus radar. Attackers can modify existing malware slightly, add new functionality where needed, and enhance their ability to avoid detection with little effort using readily available tools. [Source]

So what is the solution? It is obvious that relying on one solution alone to detect all Internet threats is not enough. The digital landscape has changed and the concept of adopting a layered security approach is a good idea. Cocoon, a Firefox plug-in is an awesome addition to add to your Internet toolkit. Once logged in, Cocoon acts as a filter between you and the Internet by taking Internet content and translating it into a virus-free format. During this process the Internet does not interact with your computer, instead it interacts with Cocoon servers so that malware does not touch your computer. Goodbye malware. Hello Cocoon!

The Internet as it should be: Private, Secure and Malware-Free.

You can find out more about Cocoon at GetCocoon.com

Stop by and say hello on Twitter and Facebook too – The Cocoon Team!

If you had your email address stolen during the Epsilon breach in March, you may have already experienced some form of email spam and hopefully not of the spear phishing variety.

Customers of as many as 50 firms, including JPMorgan Chase & Co., Kroger Co., TiVo Inc., Best Buy Co., Walgreen Co. and Capital One Financial Corp., found out over the weekend that their email addresses were exposed to hackers who had broken into the system of Epsilon Data Management, a Dallas company that provides online mail services to 2,500 companies. [Source]

It is situations such as this that you might want to reconsider who you share your email address with.  The Epsilon breach could have been much worse had the company carried your social security number and other Personally Identifiable Information (PII). We wrote more about Epsilon in an April blog post: Why Cocoon mailslots can be a good thing.

If you are tired of spam, have a healthy fear of phishing emails and want your newsletters and subscriptions handled in an organized and easy to use format, you are going to want to test drive Cocoon mailslots today.

Firgure 1

1- All Unread Messages – this feature gives you a total count of all unread messages from all mailslots.
2- Mailslots – these are your mailslots! If there are any unread messages, the count is listed to the right of each mailslot (shown in figure 2 below.)
3- Individual Mailslot Count - this shows the total count of all messages in each mail slot.
4- Mailslot Inbox - You can view all messages by clicking on All Messages (#1.)
5- Preview Pane - This is where you can read each individual message.

Creating new email addresses on-the-fly gives you the freedom to remain anonymous, with a right-click to delete or disable mailslots at anytime (see Figure 2 below) and have permanent disposable email addresses that can’t be tracked back to you. If you were using mailslots during the Epsilon data breach — you would simply delete the offending mailslot and never be bothered again.

Figure 2

Have you become overwhelmed with newsletters that are spread all over your inbox? With Cocoon mailslots managing newsletter subscriptions is simple. If you no longer wish to receive them, delete the mailslot and say goodbye to specific newsletters forever!

Stay tuned for Cocoon Mailslots – Part 2 next week.

For more information on Cocoon mailslots please visit our FAQ and view our videos on Mailslot Basics and How to Edit a Mailslot.

The Cocoon Team!

We have been hearing a lot of tech news lately about how malware can infect any computer (Mac’s included) because web-based attacks are in.  Yesterday, Steven J. Vaughan-Nichols wrote in a ZDNet blog post “In the meantime, no matter what operating system you run, and yes that includes Macs and Linux, you need to take anti-virus software and malicious Web sites seriously.”

On Tuesday Microsoft reported at their blog that “1 out of every 14 programs downloaded is later confirmed as malware.” Ed Bott also reported earlier this month (ZDNet) What a Mac malware attack looks like and it wasn’t pretty. From in-the-wild attacks on Macs using Google image search to deliver fake AV (MAC Defender) to web-based attacks that are not operating-system-specific, the world of Internet security is insecure and prone to myriad vulnerabilities.

In the old days when I worked at the University we layered. We never depended upon one setup to protect the whole. We always looked at every junction as a potential point of failure. Paranoia was the norm.

Today, there is a huge underground of cyber-criminal activity that is interested in making huge profits within a minimal timeline.  Data breaches are anticipated. We shop, we bank and we pay our bills online. In the back of our minds we may occasionally entertain “what if” scenarios. We don’t lose sleep over it and life goes on. That is, until the dark edge of the Internet affects us via a hacked bank account, a stolen identity or breached data.

The Yankton Daily Press sums it up quite well…

In a sense, cyberspace represents the most porous of borders in our world. Every person can be anywhere on this planet within seconds; conversely, anyone from anywhere can reach into your country, your town — even your life — if they have the know-how.

Before you go on the Internet you should be a good Internet buddy to all and make sure your software and operating system is up to date and patched. Also be sure to tweak your operating system and anti-virus software to automatically update.

Another great option for Internet security and privacy is our Firefox plug-in Cocoon. We offer a secure connection, spam protection, no online tracking, secure mailslots, no phishing, no malware and a host of other protective services. Check us out and let us know what you think!

Privacy + simplicity, minus complexity = the Internet as it should be.

Don’t be shy! Come visit us on Twitter and Facebook! –The Cocoon Team!

Our Facebook Fan Page is back and we have many people to thank! Graham Cluley from Sophos Security tweeted our blog post link regarding the take down of our Fan page for the second time. He also wrote about our situation at the Sophos blog. Steve, from The Tech Herald emailed Facebook for a comment and asked them a few questions. The Bull Dog Estate also stepped in to alert Facebook fans about our “missing page.”

We would like to thank the many people who worked behind the scenes to get the message out.  It is not an easy situation when a small business loses a fan page at Facebook. With no communication from Facebook and no clear method to get our fan page restored, we had to seek out security experts, tech journalists and use social media to plead our case.

With Gratitude,
The Cocoon Team!

This is bad news for a small business that is a start-up and has under 300 fans on Facebook. Why? We have to consistently “start all over again” to get the message out about our Internet security and privacy service!  As par for the course we did not receive any message from Facebook regarding the removal and disposal of our fan page.

The first time that this situation occurred we posted to our Tumblr blog and you can read about it here.  After doing some quick research on Google we decided that it would not be in our best interest to wait around for Facebook to respond to our request to return our Fan page. According to Google, Facebook has a very bad reputation when it comes to customer service. So we fired up a brand new fan page that we blogged about here.

There is a definite pattern to this madness. About twelve hours prior to fan page removal you begin to have problems logging into Facebook. You may also see a “sorry” message such as this:

Posting Facebook notes becomes daunting during this process. You think that the note is posted and then when you go back to review it, there is no new note or “draft” there. We generally use “informational-type” notes on how to get from point A to point B. Our most recent note was about how Facebook users could check their applications to see when they were last accessed and what permissions they gave these applications and how to remove certain permissions.

I would hate to think that facebook has been censoring our fan page(s). With such a serious lack of communication, we are at a loss as to what to think regarding the demise of two fan pages within one month! Our question to Facebook is — Why?

Update 9:30 am PST : Our Fan page is back, stay tuned for a new blog post!

Thank you to everyone who took the survey – your feedback was terrific and
we are thrilled by how many people went to the effort of responding in such
detail.

Here are the results!

Over 10% of respondents have been with us since the beginning of our beta period.

It was great to hear that over 85% of respondents would be disappointed if they could no longer use Cocoon.

80% of respondents use Cocoon regularly and 93% would recommend Cocoon to a friend!

We received some terrific suggestions about what our premium product should look like. While we continue to develop and improve our current product and features, our product development team will begin to shape what the premium product will become.

We also learned we need to do a better job of educating users about everything Cocoon has to offer and to communicate the changes that we’ve made. Some examples are:

• Last Pass plug-in does work with Cocoon. This was a problem when Lifehacker sent us too many users, but it was quickly remedied. If there are other plug-ins that don’t work with Cocoon, please let us know.
• Cocoon is compatible with all Anti Virus software available. Early this year Norton had an issue with not recognizing Cocoon (they have since updated their permissions.)
• Some people did not realize that Cocoon provides secure access (secure tunneling) to all sites on the web, even WiFi. It’s like making the whole web run on https!
• Cocoon supports Windows, Mac and Linux operating systems.
• The toolbar can be minimized to save screen real estate (there’s a cocoon icon in the bottom right-hand-side of the screen that lets you minimize it, with icons for mailslots and history too.) We have also added a new Cocoon menu in Firefox that gives you access to many Cocoon features.
• Our privacy policy was completely rewritten with the legalese removed to match our beliefs and polices in plain English. We are currently rewriting our Terms of Service for the same reason.

Some of our favorite comments that respondents submitted were:

My family is not the most tech savvy and by simply installing cocoon i can keep them safe and have no worries.

I think this tool is amazing and love having it. Mailslots is a great idea, I never knew how much I would love being able to create and manage email accounts.

Grow big and prosper!

It’s a great tool, I’ve already recommended Cocoon to over 20 friends

And our favorite premium feature suggestion was:

Make it send me toasted cheese, tomato and bacon sandwiches!

If you have more that you would like to tell us, please submit feedback within Cocoon or use our online contact form.  We’d love for you to follow us on Twitter or like us on Facebook – we are very friendly too!

According to Arnold Roosendaal, a Doctorial Candidate and Researcher at Tilburg Law School Facebook tracks and traces everyone. Roosendaal says it does not matter if you have a Facebook account or if you do not have a Facebook account, if you visit any site that has a “Like” button and have a Facebook account, you are being tracked by Facebook. If you visit any site that has “Facebook connect” and do not have a Facebook account, you are now being tracked by Facebook. You can download Roosendaal’s research paper here.

More on Roosendaal’s Research:

When a Facebook account is created the user is issued a cookie with a unique user ID. If this user were to use another computer to login to Facebook, a temporary cookie would be issued. Once the user logs in from this other device the temporary cookie would be replaced with a cookie that has the unique user ID. If the user were to login from a Smartphone, a public computer or a friends computer, there could be many devices associated with this unique user ID.

“Since data about the user are sent to Facebook regardless of whether the Like button is actually clicked upon, users are often not aware of this fact. Nevertheless, the cookie contains the unique user ID and therewith facilitates the information on browsing behavior to be connected to the account. Even though the user is not involved, Facebook can collect far more individual data then the data made available on the profile page only.”

Non-Facebook users do not have a cookie set or unique user ID when they visit a site that only has the “Like” button. But, if the non-Facebook user visits a site that has “Facebook connect” the application will issue a cookie to the non-Facebook user. From this moment onward, visits by the non-Facebook user to any site that feature a “Like” button “result in a request for the Like button from the Facebook server including the cookie.”

“Based on the cookie, the entire web behavior of an individual user can be followed. Every site that includes some kind of Facebook content will initiate an interaction with the Facebook servers, therewith disclosing information about the visited web site together with the cookie.”

At Cocoon we provide a simple solution for Facebook tracking.  You don’t need it. You don’t want it. We give you the option to block it!

Be sure to check out our Facebook note: Is there “Privacy Failure” in “Facebook Connect?

Stay tuned for Part Six (soon) of Get the W-Rap on Cocoon. If you don’t want to miss the latest news please subscribe to our RSS feed.