Home  ❯❯  Internet

Internet

Hints suggestions and the like

Stop Data-Mining Part 1:

data

Hey All as Promised Here’s More on Win10 Data-Mining

There’s been a lot of shit splatter over W10’s privacy . Sooooo, here’s a few methods to have a relatively more private, safe experience, and to slow the data mining that occurs in Win10. The trade off is disabling some of W10’s so called features.
All settings and tweaks in this article can be easily Undone if you decide to later on.
(beats me why anyone would though)

You may be thinking Huh! how bad can I be being mined?
Well How about we take a peek and see ok? Let’s Open up the Command Prompt by launching CMD as an administrator, and then enter the following:


netstat /a 5

This will run all show all connections to your PC and refresh the list every 5 seconds. You can sit and watch this WITHOUT touching the keyboard for a few minutes and suddenly MORE connections will become active magically LOL. Better yet even more magic occurs if you use your mic or search your PC! A much better way to check this out is to, Open up the Command Prompt by launching CMD as an administrator, and then enter the following:


netstat /a 180>"%SystemDrive%\Users\%username%\Desktop\Results.txt"

This is the same command with some tweaks! It refreshes every 3 minutes instead of 5 seconds and also saves the data to a text file named Results on your desktop. Yes, much easier to review this way. So run this command go have a coffee come back. Ok welcome back. Now Close the Command Prompt window. Next find the Results file sitting on your desktop open and review it.
WOW Huh?
I’ll bet your feeling a bit?Seeing Stars
After seeing that maybe you wish to proceed or just want to read this article. Then let’s get busy.

Basic Fixes

Before / During Win10 Installation
Do not use Express Settings! Select Customize, and make sure EVERYTHING is turned off.
I strongly recommended that you use a Local Account not a Microsoft account.

After Installation
Well this is probally most of you huh? If you are trying to be invisible you’re on the wrong OS period! That said we can make it a PITA to get your info. (Oh PITA = Pain In The Ass). Ok here’s the basics.

Settings > Privacy
Disable everything under EVERY TAB and list item, unless there are some things you really need i do not know what or why, but it is your PC and info. Be sure to be very thorough checking every setting and every link making sure you scroll completely down each page!

Things to Note:

  1. While within the Privacy page, go to Feedback, select Never in the first box, and Basic in the second box. Settings > Update and Security > Advanced Options > Choose how updates are delivered, and turn the first switch off.
  2. Disable Cortana by clicking the Search bar/icon. Leaving this on you may as well not bother with any of this and go on your merry oblivious way. Some information mined by the app includes your contacts, calendar, location, internet history and favorites, speech, inking and typing, and much more. (also any Previously collected data from Cortana will not be deleted.)
  3. Disable web search in Search by going to Settings, and turning off Search online and include web results.
  4. Deleting personalization data from the Microsoft servers, To delete more of the data collected ny Cortana, such as Notebook, Reminders, Places, go to the Bing Settings’ page. Using the account you are using on your computer, click the Clear button for both Clear personal info and Other Cortana Data and Personalized Speech, Inking, and Typing. In both cases, confirm the deletion.
  5. Change the name of your PC by Right click on Start, select System in the menu, then click Rename This PC.

You may have noticed that microsoft is so brazen they name the file Autologger lol.
Telling us all Hey look we are collecting all your data! Rasberry

  1. Let’s Open up the Command Prompt by launching CMD as an administrator, and then enter the following:
  2. 
    sc delete DiagTrack
    sc delete dmwappushservice
    echo "" > C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
    

  3. Next Open up the Group Policy Editor by launching gpedit.msc as an administrator. Go through:
    Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds.
    Double click Telemetry, hit Disabled, then apply.
    NOTE: This supposedly only works in the Enterprise edition. (cough cough)
    We will get to a decent enough workaround a little later in part 2.
  4. A little side note for the know it alls….
    ALL VERSIONS OF WINDOWS 10 USES TELEMETRY
    There are 4 levels of telemetry in Win10.

    level 0: Security. (Enterprise, Education, and IoT Core editions, available to these versions)
    The claim is:
    A value of 0 (Security) will send minimal data to Microsoft to keep Windows secure.

    Level 1: Basic.
    Gathers a minimum set of data which is critical for understanding the device and identifying problems.

    Level 2: Enhanced.
    Gathers data about how you use Windows and its apps and helps Microsoft improve the user experience.

    Level 3: Full.
    Gathers all of the above information and any additional data that may be required to identify and to help fix problems.

    So all in all, EVERY version of Win10 uses telemetry and collects data!
    What is collected Microsoft deems appropriate NOT YOU!
    Regardless of your settings or supposedly being disabled through them!

  5. While still in the Group Policy Editor, go through
    Computer Configuration > Administrative Templates > Windows Components > OneDrive
    Double click Prevent the usage of OneDrive for file storage, hit Enabled, then apply.
  6. While still in the Group Policy Editor, go through
    Computer Configuration > Administrative Templates > Windows Components > Windows Defender
    Double click Turn Off Windows Defender, hit Enabled, then apply.
  7. Next Open up the Registry Editor by launching regedit as an administrator.
    Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection
    Select AllowTelemetry
    Change its value to 0, then apply.

To be continued with even more hairy protection methods in Stop Data-Mining Part 2:

Including Batch files (Bat) for you to create hosts redirect and firewall rules to stifle Microsoft more. Without system errors. And UN-Do files of each. With Extra bonus prizes of alternate applications for Win10 built-ins.

OH WAIT!…. A Last Second Add On Fix… Facebook On The News
The media PSA release from Facebook on how to disconnect your apps leaves out the fact that Win10 users are vulnerable.
Is this by accident or deliberate who knows? As usual they feed you a pile of – Crap
Some of you may want to disconnect from The Latest Facebook screw up.
Unlike Facebook as a whole even!
So here is a quick add on to Manage the linked accounts:
On the top right corner of your Microsoft profile page, you can see the social networking accounts linked to your Microsoft account, under Manage your accounts. Select Facebook or any other connection you want gone, bah-bye, adios then Click on
Remove this connection completely to remove the account from Microsoft.

That said I have used my allotted Bytes so I am outta here.
mongo

Published: March 26, 2018

More On Data-Mining

data-mining


Definition of data mining
: the practice of searching through large amounts of computerized data to find useful patterns or trends

Windows 10® here on referred to as Win10 is a registered Trade Mark of Microsoft Corporation™.

Basic Bullshit About Privacy And Information

Fucking GeniousI understand all the concerns about privacy and they’re valid for sure. But here is why Win10 is pretty high on the list of problems when its comes to privacy. Take a look at the NSA hacking treachery for example, or all the hacking being done to places like Kohl’s, Lowes, the IRS and many more. Recently personal information was stolen in a hack of a affiliate of Blue Cross / Blue Shield, also Home Depot accounts where compromised by hackers. Don’t get me wrong, shit loads of security breeches took place long before Win10. If anybody thinks that by using Win10 and using the privacy and security settings your privacy is safe, think again, Microsoft is the biggest culprit in data mining, besides others out there, like Russia, North Korea, China maybe even here in the USA. These days it seems the only way to truly protect your privacy/information is to live in a cave with no pc or other devices.

The Evil Empires Facts (Win10)

So lets get busy and see what Win10 is sucking out of your PC on a hourly (yes hourly) basis. Win10 Sends Your Data Over 6000 Times Every Day Even After Turning On/Off All Privacy Settings. Some think that disabling all of the privacy compromising and telemetry features on Win10 will stop Microsoft from tracking your activities.

But alas the fact is even with all telemetry features disabled, Win10 is phoning home more than you can imagine. Ever since the launch of Microsoft’s Win10, its suspected of spying on its users. So as promised I am focusing on Win10 privacy issues, including its controversial data mining features and privacy invasion features. Some thought the only solution to sorta patch these issues is to disable all the telemetry features or use an automated tool to do so.

Well what a bummer, all these efforts are wasted because Microsoft still tracks you, even after you tighten your Win10 privacy to the extreme (using their settings), many claims and analysis are splattered on the hell yeah they do and oh no lookie they don’t.

Traffic Analysis Reveals Extent of Win10 Spying

Curious to know the extent of Win10 spying, I set Linux on my laptop with a Windows 10 Pro® virtual machine as well as a Cisco router and other monitoring gadgets (Lol No not telling.) to monitor traffic. I disabled every single tracking and telemetry feature available. I left everything running for about 6 hrs to monitor attempted connections.

Get a load of this shit: Load Of Shit

Six hours later, I found the idle Win10 tried over 6000+ worth of connections to 90+ IP’s, of which 4000+ of these attempts were made to 50+ IP’s belonging to Microsoft over and over. Then leaving it run for 36 hours, Win10 expanded the connections list to 129 non-private IP’s. (which hackers can intercept this data) Adding in 3rd party software, same setup just added in DisableWinTracking tool. This did reduce it some to 2758 connections to 30 different IP’s. The interesting fact here is: This analysis was conducted on Windows 10 Pro® that has a higher level of user control, way more than Windows 10 Home Edition® used by the vast majority.

The Greatest Cost to Owning Win10

Based on this, to say that Win10 is sending your personal data to Microsoft’s servers would be sort of inaccurate. But, thousands of connection attempts in 6 hours just to check for updates or adjust the time ( according to Microsoft ), sounds more like Bullshit.

Microsoft says this about Win10 Spying concerns:Kiss It

We collect a limited amount of information to help us provide a secure and reliable experience. This includes data like an anonymous device ID, device type, and application crash data which Microsoft and our developer partners use to continuously improve application reliability. This doesn’t include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID.

While this research doesn’t provide the details of what Win10 is sending to the company even after disabling the telemetry features, you have to keep this in mind that Nothing comes for FREE. “Free” is just a relative term. So in reality maybe you are paying the greatest cost for owning Win10.

Here is a small live sample of data mining:

By checking the box below AIM will scan you for the easiest to obtain information on your computer. Tick I agree and the view data button will become active for you to press. It will open a new window with your Info. We DO NOT Save Your Info. This is for educational and your purposes Only!
I agree. Enable the button.

 

Now Here Is the real deal of what happens!

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins approx.) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

Telemetry is sent once per 5 minutes(Approx.), to:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

Searching for a movie, or song title starts a telemetry process that lists all your media files and sends it to:
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

When the webcam is first turned on, ~38mb of data gets transmitted immediately to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything said into a microphone is transmitted immediately to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

Am I Scaring You? Well Fuck Yeah, You Should Be Scared!

If all of this wasn’t bad enough, this behavior still occurs even if Cortana is fully disabled or uninstalled. The screwed up purpose of this function is to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in public or a wiretap on skype etc.(I know like holy shit batman!)

Even more screwed up, if Cortana is enabled, the voice is first transcribed to text, yes i said text, then sent to:
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

Now some of you are thinking… Well show me how to block all of these servers with the HOSTS file like you taught us in the parental controls post Mongo, it turns out this won’t work (well fuck me , right) Guess what? Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. But, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining the data collection in the background.(hard ass data mining huh) Other than an increase in errors, HOSTS blocking did not effect the volume, frequency, or rate of data being stored.

Ok What Needs To Be done? Smash It

But seriously that is up to you, but I will show you how to best secure your PC up from Microsoft among others in a later post.

Ok Be Calm, Now go sit, scratch your head and have a drink!
mongo

Published: February 17, 2018

Getting Rid Of Ads!

adverts

Sick of Ads on everything!


How do they find me?
How do they know what i was shopping for?
I will try to answer some of these questions here.

How Does It Work?

NAI (Network Advertising Initiative) companies help advertisers show relevant ads — matching these ads with broad interest categories or groups like male clothing shoppers 25-34 or car buyers in Illinois. NAI members distinguish between visitors to a site and users of an app, assigning them to broad interest category groups using information such as the types of websites visited or the demographics of people who use a certain app. For NAI members, IBA/CAA is not about you as an identifiable individual. Instead, NAI member companies make educated guesses about the preferences and interests of consumers like you.

How do I get placed in interest categories and groups?

The basic way you are placed into an interest category or group on a browser is based on your visits to websites. Let’s say an NAI member company partnered with a clothing retail website that you visit. That NAI member would assign an ID to your browser usually by storing a unique ID number in a text file or cookie on your browser. This is then matched to a “clothing shopper” category by pairing that ID number with interest categories/groups in an online database.
So your
Unique ID Number: 871749823
has the additional pairing of
Matched Categories Male, Age 25-34, clothing

Other information can be used to match you into a group, as well. For example, if you have previously purchased blue jeans and shirts from a website. That website would tell the NAI company to also match:
jean buyer and shirt buyer to your assigned ID.

On mobile apps, the process is similar but it uses a different set of technologies.
The mobile operating system you use, like Android or iOS, is likely to provide an identifier specifically for advertisers to use. This Mobile Advertising Identifier functions similarly to a cookie. It enables advertisers to identify your behavior across apps, without needing to use a more permanent phone or tablet identifier. Most of these identifiers include privacy options that allow users to reset the assigned identifier or to opt-out of Cross-App Advertising. To do Cross-App Advertising, the NAI member may work with an app so that it can send them information relevant to your preferences. For example, if you open an app to look for highly rated local pizza parlors, that app may tell the NAI member that a user with your device identifier may be interested in Pizza, and that the user is in Bumf#ck Iowa. This information may be used to show ads for more local pizza joints.

Mobile Device Identifier 3966239-23ZZ-944A-B3C4-8EYUBVBVFISBBS
and
Matched Categories Male, Age 25-34, Pizza, Bumf#Ck Iowa

How do they find me?

Do you ever see an ad that’s specific to the city you are in? NAI members may sometimes use your location to make sure they don’t serve ads for Bikinis in Alaska or for Winter Coats in Hawaii. So how do advertisers customize ads based on your city,region etc? They use your IP address, assigned to your computer or device on the Internet. You know what they are; they look like this: 192.168.208.240. Basically its your computers Social security number. assigned to you only and associated with general area that your located. Your ISP Internet service provide is based in your general area for starters. Like if you live in Maine your isp is Comcast and they are located in Biddeford Maine. There thats a general location. That is how NAI members sometimes use this information to show ads customized to your region.

Browsers and mobile devices now also include numerous technologies to identify your location, including GPS (Global Positioning System), WiFi triangulation, and iBeacons. These types of location tend to be more precise (like the phone you lost is at Dunkin Doughnuts on Belch St. Moronsville Wyoming) than a location derived from IP Addresses. NAI members are required to obtain Opt-In Consent from you if they want to store your precise location for ad purposes.

How do they know what i was shopping for?

Is there a pair of sneakers popping up as you surf the Internet?
A collar for your pup you’re seeing advertised on several different websites you’ve been browsing?
WTF? How does this happen?

Well the process is basically the same as getting categorized, as described above. Instead of a broad interest category, it is specific product like Blue Jeans or Lawn Tractor This is called Re-targeting. All of NAI’s crap on Interest-Based Advertising and Cross-App Advertising apply this practice. Let’s say you shop for a Zircon Encrusted Tweezers. The website you shopped tells the NAI member it works with to assign a ID they claim is (pseudonymous IE: fictitious) and associate that ID with that particular brand and style of Zircon Encrusted Tweezers. Now, that retailer will know to advertise the exact Zircon Encrusted Tweezers to you. This process does not require retailers to know anything about you as an individual, only someone using that browser wants Zircon Encrusted Tweezers. Advertisers place bids to reach thousands or millions of people that are interested in Zircon Encrusted Tweezers.

Ok Ok I know your not buying a Zircon Encrusted Tweezers, but you get my point of how this in my opinion ABUSE of cookie and GPS tech. is way out of hand. Most of the CLAIMS made by these companies is plain old BS. They think the rest of the world is full of morons and idiots that believe anything. (hence Obama..different topic) Our site AIM (angelinmaine.com) uses cookies. But we do not sell or track or store your info for monetary gains. When you check remember me or leave a menu setting a certain way. Our site sets a cookie only on your computer or device to remember what you typed in for you. They also delete automatically in 30days even if you don’t delete them.

Now how do i get these Bullsh!t ads out of my life?

Well hate to say it but you won’t, but…. we can sure crush a lot of them. So lets get busy. We will start off with basic ad killing before we get into heavy snooping like Microsoft does (more on that a little later) First Deleting your cookie every time you close your browser is a PITA (pain in the ass). You have to re enter user names over and over. So we go to the source and stop it that way.

Roll up your sleeves, folks. It’s time to start silencing those annoying ads and block the data mining.

How to opt out…

OK, here’s how to take control of some of this stuff. Nope, this is not really simple, although if you take a WTF approach it doesn’t take long to set everything to BE-GONE. If just prepairing to install Windows 10, you can kill off most of this by declining the Express settings then choosing the options yourself, refusing any request to let the OS or apps access your location and turning the Cortana search assistant off. If you already installed, well sh!t, you’ll need to do All of the following. Even if you were super-cautious (paranoid even) during setup, make sure to follow step 3.

  1. Go to Settings – Privacy: then go through all 19 Screens there, turn anything of concern off.
  2. The biggest, most universal settings are under General, while the other screens let you choose which apps can and can’t access your calendar, messages, camera, mic, etc. There may well be stuff you may want to leave on – for instance, If you want Windows Calendar app to access my calendar data (obv), You just don’t want it to sell that data when on because you don’t want to be bombarded with flower,chocolate, and diamond sale ads when it’s the Mrs. birthday. Also your Unique Advertising ID Number (explained above) is under the general tab Let apps use my advertising ID for experience across apps(turning this off will reset your ID)

  3. Depending on you, you may want Cortana’s head ripped off then goto Search settings and turn off everything there.
  4. Now you have just a basic file search now, as you killed off suggestions, Otherwise you would be locked into Bing and part of your processor is forever dedicated to listening for voice commands you will never use.

  5. This is crucial set both options to Off. The Personalized ads wherever I use my Microsoft account which is the root of all this, leaving this on Windows 10 becomes a server for targeted ads.
  6. If you set up Windows 10 with a Microsoft account, i know it nags the ever living sh!t out of you to do so with horsesh!t about synchronized files and settings and a OneDrive cloud account during installation, all that Bullsh!t means your OS is signed into that account at all times (think about that). Windows 10 itself is spy ware, not just the apps or pages that you’re signed into. But notice that after a little time go back to that page, the “Personalized ads in this browser” setting has miraculously turned back on again. This is exploiting sessions deliberately as an excuse to reset.

  7. Remove your Microsoft account and use a local account instead. Go to Settings – Accounts – Your Account
  8. This will slow the harvesting, you’ll lose some features like settings synchronization across your PCs and more nagging from stuff Windows Store and OneDrive tho. No biggy i think.

  9. Now goto the freaking source The NAI – Network Advertising Initiative and use the consumer OPT OUT page (which is widely publicized … yea sorta)
    Click the Manage My Browsers Opt Outs this will start the scan.
    Then Click Opt Out Of All and Submit Your Choices
    For Android Click The Learn About Mobile Devices Opt Out
    http://optout.networkadvertising.org/
    For An Android App GoTo DAA – Digital Advertising Alliance
    Another Of The 8 Agencies Involved

  10. http://youradchoices.com/control
  11. Note: The Other Agencies are:

  12. Get a pop-up blocker beyond the selective one built into your browser.
    Mongo Suggest: These Are Free btw.
    Stop Ad
    Available for Android,iOS,Windows
    AdBlock Plus
    Available for Android, Chrome, Firefox, Internet Explorer, Maxthon, Opera, Safari and Yandex

Multiple PCs with Windows 10?

Yep do this sh!t to all of those lovely machines, they do claim your Microsoft account OPT-OUT should be universal (ummm ok BS). None of this means fewer ads, but it stops so much information about you being gathered and sold, the ads you do see won’t be relevant to what algorithms have decided your interests are. Windows now has a full blown ulterior motive as you can gather. More or clearer options, may become available, depending on how many people get pissed off at Microsoft about this.

But wait, there’s more…
Oh F me C’mon.

Yup! Windows has way more data mining going on inside.
This is a but small example of the Microsoft and other data mining connections.
I will discuss this and give you the super paranoid edition ways of stopping it!
More on this sh!t soon!
Have Fun,
mongo

Published: January 16, 2018

Snoop Help

Snoop

Snooping is an art form. It is truly what the public calls “Hacking” in the raw.
So lets bring out a little Hacker in you.
This should not need to be said BUT……
Do not give your kids administrator accounts on the PC. User accounts are all they need and should have. This will give you control over what is viewed as well as installed, un-installed etc.
Ok I will hush. Now back to the snooping stuff lol.

First I suggest ImageCacheViewer. It’s free and a great way to snoop.
(Keep in mind your settings determine the size of the cache. If you have your cache set to clear on closing the browser you kill a snoop method.) Every time your browser loads a site, the images on the site are stored in the “cache” so they load faster on the next visit. Most cache folders contain at least a few weeks’ worth of images. The software looks for the cache files of EVERY browser installed on your computer and loads them into a list. Click on a address in the list to see the pictures they saw.



BUSTED !!! Someone viewed “Sally falls out of her bikini”! 65 times!
Find out more Here or download the software Here
Sweet now you have another tool to snoop.

Now let’s learn to block websites without buying silly software

On Windows
Right-click on Notepad and select Run as administrator.
This option will open Notepad using your administrator privileges.
If you don’t open Notepad in administrator mode, you won’t be able to edit the file.
click file/open and paste " C:\Windows\System32\drivers\etc\hosts " in the open dialog.
You should now see something like this in notepad.



Scroll down to the bottom of the “hosts” file. You’ll see two “localhost” lines of text here.
Click below the very last line of text.
Be careful not to delete anything that is already in the hosts file.
Type in 127.0.0.1 and press Tab then Type the address of the site you want to block.
For example, if you wanted to block Yahoo, you would type 127.0.0.1   yahoo.com.
Hit enter.
Add a new line with www prefix like this 127.0.0.1   www.yahoo.com.
(Computers are literal so yahoo.com is different than www.yahoo.com)
Be certain there are no spaces at the end of each new line or it will stop reading the file at the space.
When done Click file then save.
Voila! You just blocked that site from all browsers on the PC.
You can add as many sites as you want to block, one per line, using the same as before.
To unblock a site, simply open the hosts file again as above and delete the line you wish.

On Mac
Open Spotlight  . To do so, click the magnifying glass icon in the top-right side of your Mac’s screen.
Type terminal into Spotlight. This will prompt Terminal to appear at the top of the search results.
Double-click the Terminal icon.
Type the following code into Terminal:
sudo nano /etc/hosts
Edit the file as in windows above.

If you need or want anymore snooping help just give me a shout I will help if I can.
Hope this helps
Mongo

Published: July 18, 2017

Be a Parent (The Internet is not a babysitter)

Be A Parent

Straight talk about the internet and kids.
(It is a vicious/unsafe place for kids)

Internet predators are out there in droves. It’s ruff being a parent the Internet adding to the stress and worries.
Teaching kids to be safe and learning how yourself is a must nowadays. Remember the net is a place extremely easy to hide, cheat, steal and manipulate ANYONE leaps and bounds more than in the physical world! We set rules for our kids. The rules for the net are and always should be NON negotiable!

I Myself insist on meeting friends, boyfriends, and girlfriends in person. know where a kid is going, what they’re doing etc., Before they even leave the house. I ground or take away privileges for rule breaking. You may or may not enforce similar rules in your home, but as far as online “Strict” should be your middle name.

The Basics

Talk To Your Kids 
It’s important that your kid knows what your expectations and rules are, also that they are well versed in Internet safety, plus you should be prepared for problems and concerns.

Set Guidelines
Create a set of rules about when and how long they can use the computer. Be clear about what they can and cannot do online. Online is a privilege not a right so complete chores, homework, etc. first, basic rule #1. Things like instant messaging, chat rooms, blogs, and social networking sites (Instagram, Facebook), virtual worlds (Club Penguin, Webkinz). Strick consequences for breaking the rules is a must.

OMG Follow Through Dammit!
Stick with your rules. It’s true that kids need boundaries and, as much as they fight you on it, get a backbone they are KIDS. Do not let them “slide” with infractions. Be very strict. It may save their life.

Pay Attention
Putting your computer in the living room does ZERO if you’re not paying attention to what your kids are doing. Make a habit of pulling up a chair and talking to your kid about what they’re doing. You ask who/where when they go out of the house, this is no different.

Learn! Research!
If you ask your kid what they’re doing and you don’t understand the answer, it’s time to LEARN.(You don’t give monkeys a gun!) Visit the website in question, search more info about it. Maybe your “iffy” about it then it’s a “Off Limits Site”. You need to understand what your kids are doing when they’re online.
Research! If this seems like a lot of work…. IT IS. YOU have KIDS!!!

Join In When Possible (don’t invade)
This is being part of. (like a attentive normal parent). If your kid has an interest online such as Webkinz, Neopets, Facebook, etc., research it and ask them what they like about it.

Sign up for your own account and add your kid as a “friend.”
(This is BS advice i read somewhere. But guaranteed your kid wont go to that site anymore after they give you a “you don’t trust me” guilt trip speech) LMAO Sorry had to for the “whiners”, “excuse makers” etc.

Get Techie!
There is no shortage of Internet Safety tools available to help you control, track and/or limit what your kids can say and do online. Take the time to learn about Internet filters, firewalls, monitoring software, browsers for kids and other tools. While they are not a replacement for real parenting, they can help make your task easier.Also many of these can be defeated with a bit of knowledge.

Snoop!!!
Use your browser history, cache and cookies to find out what sites your kids have been up to. This is not to suggest that you should spy on your kid, it’s telling you to do so. Enter their names (including nicknames) into popular search engines to see if they have public profiles on social networking sites. Do the same with your address and phone number. You might be surprised by how much of your and their information is online!

Do Not Ignore Red Flags
A kid who is reluctant to talk to you about what they’re doing online or seems to be withdrawing from family and/or friends may have a problem. It can be easy to chalk up certain things to normal behavior, but that doesn’t mean you should ignore changes in your kid’s personality. Cyberbullying is just one of many “Net” issues that may cause your kid to withdraw.

Dam It Say “NO”
If your kid continually spends too much time online or ignores rules about what they can and cannot do, it is time to pull the plug literally. Although your kid will whine, they won’t die and can survive without it. Make sure you’re clear about why and how long they will hate you for the unplugging. They may have a homework project that requires access. Sit with them while they do it.Remember that they may be able to use computers at school, the library, and a friend’s house. also they can browse the web on their cell phone. So cut those cords if possible also.

Here’s a sample rule list and some tips on how to enforce your rules.

Basic Rules
1# 1 hour online per day. (adjust for school projects ONLY prior to access)
2# Chores, homework etc. done BEFORE any access allowed
3# Only sites approved by parents allowed.
4# No arguing or backtalk when told to get off the computer. Or whos turn it is etc.
5# Always Ask before you logon no exceptions.

Basic Consequences.
1# Access time shortened
2# No access to certain site. (block it)
3# No internet.
4# No computer period.
5# Take a hammer to the computer!! (LOL Use a junk one they will not think your kidding anymore!)

How to enforce rules/consequences

1# PAY ATTENTION
2# Be strict
3# Parental controls (timers/block sites etc.)
4# Bios Password (Cannot be bypassed by most kids)
5# My favorite… Unplug the modem/router. Take power supply’s from the computer(s).
(You and take them to work in your trunk if you need LOL)

For Non-Novice:
Most modems and routers allow you to block mac address for each machine connected. Use this method if your familiar.

Obviously, you should have safeguards in place, but a lot of kids are too smart for their own good. There isn’t much they can’t find a way around. Make sure your parental controls are setup and password protected.

In the near Future I will post an article’s of how to block websites WITHOUT software on your pc.
Also how to block websites using your modem/router. And snooping methods.

Hope this helps …
Mongo

Published: July 11, 2017

What? Phishing?

Phishing

Phishing attacks are more rampant than ever before, rising by more than 162% + over 4 years.
The cost worldwide is $4.5 billion every year and over half of internet users get one phishing E-mail per day minimum.
The best defense against phishing attacks is to block malicious E-mails before they reach you is using DMARC
(Domain-based Message Authentication Reporting and Conformance) standard.
Also users (business etc.) that offer E-mail data revealing attacks beyond DMARC (e.g., attacks that fake a brand using domains outside of the brand’s control).
Unfortunately, some phishing E-mails will always make it to the inbox.
And those messages are extremely effective 97% of people cannot
identify a sophisticated phishing E-mail.
That’s where this article comes in.

How to identify a phishing or spoofing E-mail. Share this freely with your friends and co-workers etc (maybe the boss will reward you ;P ).

Don’t trust the displayed name
A very common tactic among thives is to spoof (fake) the display name of an E-mail.
More than 760,000 E-mail threats targeting 40 of the world’s largest brands and found that nearly half of all E-mail threats spoofed the brand in the display name.
Here’s how it works: This asshole phisher wanted to spoof the brand “Bank Of America,” so the E-mail looked like this:

Below is a actual phish email I received.
Notice it’s not from bankofamerica.com but from “urgentaile.com”.
See the general non-personal greeting, then the spelling and grammar. LMAO Nice try moron!
(I forwarded it to abuse@bankofamerica.com so they can deal with the lame ass phisher.)



Since Bank Of America doesn’t own the domain “Urgentaile.com,” DMARC will not block this E-mail on Bank Of America’s behalf, even if Bank Of America has set their DMARC policy for bankofamerica.com to reject messages that fail to authenticate. This fraudulent E-mail, once delivered, appears legitimate because most user inboxes only show the display name. Don’t trust the display name. Check the E-mail address in the header from if looks suspicious, DO NOT open the E-mail.

Look but don’t click

Hover your mouse over any links embedded in the body of the E-mail. If the link address looks weird, DO NOT click on it.
If you want to test the link, open a new window and type in website address directly ratherthan clicking on the link from unsolicited E-mails.

Check for spelling mistakes

Brands are pretty serious about E-mail. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your E-mails carefully and report anything that seems suspicious.

Beware the greeting
Is the E-mail addressed to a vague “Valued Customer?” or “Your Account” If so, be careful legitimate businesses will mostly use a personal greeting with your first and last name.

DO NOT give up personal information
Legitimate banks and most other companies will never ask for personal credentials via E-mail. DO NOT EVER give them.

Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “Account Has Been Suspended” or “Unauthorized Login Attempt.”

Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phishing E-mail. Legitimate businesses ALWAYS provide contact details.

DO NOT click on attachments
Malicious attachments contain viruses and malware are a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. DO NOT open any E-mail attachments you weren’t expecting.

DO NOT trust the header from E-mail address
Phishers not only spoof brands in the display name, but also spoof brands in the header from E-mail address.
Return Path found that nearly 30% of more than 760,000 E-mail threats spoofed brands somewhere in the header from E-mail address with more than two thirds spoofing the brand in the E-mail domain alone.

DO NOT believe what you see
Phishers are extremely good at what they do. Just because an E-mail has convincing brand logos, language, and a seemingly valid E-mail address, does not mean that it’s legitimate.
Be skeptical when it comes to your E-mail messages if it looks even remotely suspicious, DO NOT open it.
Now for the what can you do part!

How and where to report phishing emails and texts.
Forward phishing emails to spam@uce.gov also to the organization impersonated in the email. Your report is more effective when you include the full email header, but most email programs hide this information. To include or possibly copy and paste the raw message in the forward. You can Go to Options, then General Preferences, scroll down to Messages, and select “Show All Headers” or right click on message title and select “View raw message”. These are two common methods. Find out your email servers if neither of these apply.
This is what typical spam titled “Enjoy 90 Days of Proactiv+ & FREE Shipping!” header looks like.

X-Apparently-To: me@yahoo.com; Wed, 19 Jun 2017 00:13:12 +0000
Return-Path: 
X-YahooFilteredBulk: 131.127.182.229
Received-SPF: pass (domain of cagcom.com designates 131.127.182.229 as permitted sender)
X-YMailISG: slxzLYUWLDvxrlNh9bEjUJwuD87aCVjWz1UgEy5wKJemEjhS
 rrS4TfHEPRuF2SiYg6vbTWHrswN8GxHCdahXfiCA.9LBmBVB21knvyz0EBr3
 uPkVrull45KLxUEgMVwxV8zhB0pp72L0A93UqVNiQiiv7dA7ApHqukdpOqE3
 gSaLA3gprbBAdMdb2ZI7aP662JyrxZ39Y5RSxzE9C1JYCwvNOTCry0XW6aA3
 m8rWhFpt0Fb7gz8hDjr4MuIO66LZkAtPCa2y2vDnwaYJRj_bD6qRq0bAXySi
 v9jY2MNn1VV3TNiFMLPwvI8_6F.L_cG1.2W.9iAaX.zxtzLEsky8AqF3BIxF
 777p32ABSLRZxypU.LcMtY717qSg_xRZYKve0c.Y7gAS1f7GR64AHIFMEbcU
 p_7JHr8ChMea7Mt5kRHBDg2c0NFeOzlxYyKRqsGkHl5xP3is2Rxcw.p6vKQm
 O7GgW_zHVAsEVpqfLKp4uId.diam6DOHGsrpMB6C87S0q_ehngqRxCOr9H8E
 GxIMrEG6qMqi730.45nzB07oZHfOf5t1LxCGPf39xmAS.gkoAEQt8o8X.PYi
 Z4ytyu_95pRhTlufY_p870mbQ3SjQVM2LQaTDLlArQBJlgPjnnxJ69vNviQv
 WxsutXjlEBK9Z6lI4S8kzWF1B5dJ3wFymtY0238wJ4RrLrFQ.iFVV6TS08KK
 0tzq.deKpleMVsBQBsLWRcrZNbSM_Yv2kmYNyeCscvS6CFPb27ZgE6IX7bXv
 lVMsgeKCiQ5MstM2gK7LPGru_vaqTqIF6P_DFNAaHX4I7hg4EyagzLMGCl4z
 rBIYQdOxvg4qpmK8zrbKokOTwSe6NlU76QOqcSWC8gVwzaElDKev5qMa2Ydf
 DCa9Qead0lqvpkMsZUDEVqUXrsyIpiEd8F.rM25o7r7xfBPEEpB7lySG_2ik
 bqJPHU_uB5HFe5DhA5a4QGv5A4ev4BmOjB7R00iEYXLhwfM87jmyiyEaHhkL
 4iHvDBJEwhcfa18jyQJ.gS9HhLBp7zgmMlgUnFFyG93sXCtuE5LujUuay_lg
 dwvS_.LRXC5ublnRDWjROf4ID.GEk5AOBcpFRIof4R8LfgIDYYwqefTClQCu
 bHeRxJbPwxzsmzGg7iU..rcNJT3.AIE0RZtfk33cQBWYWnQbiaUUFqDrylsJ
 0IP0VWGvg0bmmmJhx4I28DNjxsghSkF3eoeiJdxXbNARwAFHCaox2zTV940Z
 mm7kenEpz5LM1hDeFnXs8KYWqMv6TcbM8xqAv6tr9XOYj0JWai8fCOcKTWVs
 WPuth2Xg3UQ8gDaalXmOHQHxF5AlsQ--n
X-Originating-IP: [131.127.182.229]
Authentication-Results: mta1312.mail.gq1.yahoo.com  from=cagcom.com; domainkeys=pass (ok);
from=cagcom.com; dkim=pass (ok)
Received: from 127.0.0.1  (EHLO updates-182-229.cagcom.com) (131.127.182.229)
  by mta1312.mail.gq1.yahoo.com with SMTP; Wed, 19 Jul 2017 00:13:12 +0000
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=cagcom.com;
 h=Date:To:From:Reply-To:Subject:Message-ID:MIME-Version:Content-Type; 
i=explore@cagcom.com;
 bh=tc92wij1mQSFhJrbEe/J9S3rwmU= ;
 b=GsU1Q7nHDXDUCeJcv0tHOMKT6ieBGgyY2qCPFBG4ZjLURCE9xXS2d9GX8dRi3JIBBHllfAa19vSl
   s9U0SPGwGasVY9a/CvbEKHLOejEjL0T6m2aZ5u5XYTs0nQo04xRkgi+xvoXIYI3G3DpTyKQNe+hT
   zuvQuZOzTrL4hjYvLf8=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=cagcom.com;
 b=gU9LGbqx1dAc/MEz0gdd4u5kOjjzj//kFSIOertAiDD7VCvQn3dlfzK5ZPCNj+ulIgsXx34q7437
   MQHdveHJWij0R3pX3KpCOwwBKEemxO7TwtRkkxJj4phJoczjlrA06BcSgqB2rectvzm1X+U0ULjh
   jVXhN8RJVyH9kZzUxE0= ;
Date: Tue, 18 Jun 2017 23:42:46 +0000
Return-Path: bounce@cagcom.com
To: me@yahoo.com
From: Proactiv+ 
Reply-To: explore@cagcom.com
Subject: Enjoy 90 Days of Proactiv+ & FREE Shipping!
Message-ID: 
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_cd5cb8765bbd53816f1497f44d793a66"
Content-Length: 1329

--b1_cd5cb8765bbd53816f1497f44d793a66
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Enjoy 90 Days of Proactiv+ & FREE Shipping!

--b1_cd5cb8765bbd53816f1497f44d793a66
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE html>
<?xml encoding=3D"UTF-8"><!html><!head><!/head><!body>
<center>
<div style=3D"text-align: center;">
<div style=3D"border: 0px solid #eee; width: 600px; height: 881px; max-heig=ht: 803px; min-height: 803; margin: auto; overflow: hidden;"><img src=3D"ht=tp://cagcom.com/uploaded_images/1/1_face.jpg" usemap=3D"#face"><map name=3D="face"><area target=3D"" alt=3D"" title=3D"" href=3D"http://amaog.com/?nc2u==3DbtJ%2flSnfWXQNT379mLX6BT4tUhOhPMOu&s1=3D" coords=3D"7,3,574,664" sha=pe=3D"rect"><area target=3D"" alt=3D"" title=3D"" href=3D"http://amaog.com/=?nc2u=3DbtJ%2flSnfWXQNT379mLX6BT4tUhOhPMOu&s1=3D" coords=3D"323,704,462= ,728" shape=3D"rect">3D""</map><center>
<blockquote>Safe to view your Message.</blockquote>
</center>
<div style=3D"display: inline-block;"></div>
</div>
</div>
</center>
</body></html>

--b1_cd5cb8765bbd53816f1497f44d793a66--

 
File a report with the U.S. Federal Trade Commission at FTC.gov/complaint.
Visit Identitytheft.gov. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.

You can also report phishing email to reportphishing@apwg.org. The Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions and law enforcement agencies, which report here to fight phishing.

Hope this helps keep some of you safe!
mongo

Published: July 2, 2017