Do You Know?

Link to Us: http://snipr.com/cyberlaw2

Good evening, everyone! I am sure when you surf the net, you would enter certain information and access to certain services but do you know any cyber law in Malaysia could protect you and your information?

Are you still remember in previous we were talking about online banking privacy issue because fraudsters could obtain your private data illegally through phishing or scam and cause lost or injury? There is an Act that could punish all these fraudsters or other Internet users unauthorized access to your information. On the other hand, if some unauthorized Internet users who edit the content from the computers violate the Act and they would be punished under this particular Act too.

Many Internet users do not know about the cyber law or act in Malaysia. All these law or act are protecting us everyday but do you know any of them? The history of cyber law in Malaysia is still 'young'. Our every first cyber law created on 1997. You want to know what is the law or act please stay tune at onlineprivacyzone dot blogspot dot com (www.onlineprivacyzone.blogspot.com).

Next, do you read Amy's previous post which is related to MCMC Act? Then do you know there are many guidelines under MCMC Act which are responsible for your communication privacy no matter you are using public wireless access or others. When you talk to other people, the important information that you type in deserve online privacy protection. It is very important to have a lawsuit to protect our online information and privacy.

Lastly, here is a question. "Do you know any of the cyber law or act?" Please reply at the comment field. We could discuss about the law together.



Reference:
The Law, Legislation, The Malaysian Communications and Multimedia Commission [Online]
Retrieved on 28th February 2010
URL: http://www.skmm.gov.my/the_law/legislation.asp

Introduction On Cyber Law of Malaysia

Link to us: http://snipr.com/cyberlaw1

Hello Readers! Do you know what MCMC Act is? MCMC Act is Malaysian Communications and Multimedia Commission Act 1998 which is effective from 1 November 1998. MCMC Act is taking responsible with the development of the communications and multimedia sector in Malaysia. They are cover on broadcasting, Internet, broadband, radio frequency management, numbering and electronic addressing. The mission of MCMC Act is to create a proper space for Internet users. They will take action when they receive public complaints, they need to investigate the problem and solve it.

So, as one of the Malaysian bloggers, we have the responsible to know what kind of information we should write and what kinds of information we are shouldn't write. We have to be alert when we are in blogging activities, there are two sections from MCMC Act we should take note, which is section 211 and section 233 of the MCMC Act. Section 211 of the MCMC Act is for do not allow personal attack content. For instance, owner of the application service or Internet users who using the application service obtained information that is threaten anyone will be accused under this section. On the other hand, section 233 of the MCMC Act is misuse network service such as an application service which obtained salacious information for business purpose.

As Internet users, we have to clearly know about what kind of information we are sharing with others on application service and we should work together to maintain a proper environment for every Internet users.

Reference:

1. LawEddie.com, The 2 Must Know MCMC Laws that Regulate the Contents in Your Blog or Website, by Eddie Law
Retrieved on 26th February 2010
URL:http://www.laweddie.com/wordpress/the-2-must-know-mcmc-laws-that-regulate-the-contents-in-your-blog-or-website/#more-827

Weekly Poll Analysis- What Is The Biggest Online Privacy Issue You Concern?

Link to us: http://snipr.com/5rdpoll



The chart above shows the results for the question posted on our weekly poll posted last week. The question of weekly poll posted last week is, "What is the biggest online privacy issue you concern?".

Out of the 13 votes, 6 votes(46%) goes to my credit/ bank account details is being stolen, 4 votes(31%) goes to someone is tracking me through online, 2 votes(15%) goes to my identity is being stolen and 1 votes (8%) goes to my photo is being stolen through social networking sites or blog.

Through this weekly poll result, we can conclude that most people are concerned on their bank account details being stolen and someone is tracking them through online. It is because the use of password does not provide strong protection against Internet fraud such as phishing. The problem with password is that when it has been compromised, the fraudsters can easily take control on online transactions. The password is no longer works as an security key because we cannot be sure who is behind the keyboard typing that password in. On the other hand, the problem of identity and photo of Internet users is being stolen through social networking sites is because anyone can obtain your details and used without your permission. This amazing technology allows us to share our photos with friends but Internet users must be realize that any pictures that you put on the Internet can being stolen by anybody and it could used for anything.

What is your opinion? What do you concerned when you are using Internet?

Podcast III: We Want to Stop Phishing (一起来阻止网络钓鱼)

Link to us:http://snipr.com/podcast3

Here is the third and the last Chinese podcast. It is related to one of our previous post which is 'Opps! I catch a 'phishing'- Give Safety to Online Privacy.' This final podcast is worked together with Cindy and it is quite casual. Hope it could give a guide for every Internet users to stop phishing together.





Title: 一起来阻止网络钓鱼
Duration: 2 minutes and 46 seconds (2:46)

Translation Script:

[00:01-00:08]
Amy: Previously, we talked about the ways on preventing phishing and now I am curious whether there are no ways to stop phishing completely?

[00:09-00:22]
Cindy: Nowadays, phishing is becoming more serious. We as the users of Internet we have to try our very best to avoid ourselves becomes phishing's victims. For the ways to stop phishing, yes there are but it requires a lot of support and cooperation from all the web users.

[00:23-00:35]
Amy: What is the way? Normally, phishing happens on fake E-mail and web sites. What we could do is only ignore all these phishing E-mails.

[00:36-00:44]
Cindy: Besides, ignore or delete those phishing E-mails, we could report these phishing web sites to stop them.

[00:45-00:47]
Amy: Report phishing? How?

[00:48-00:56]
Cindy: Actually, it is very easy. In E-mail functions, you can click on one of the actions which is 'report phishing or scam'.

[00:57-01:07]
Amy: Oh! I know now. Then, those E-mails company would realize these phishing web sites then block the web sites to be sent to E-mails users, right?

[01:08-01:14]
Cindy: Yes, just like Google E-mail allows users to report phishing.

[01:15-01:25]
Amy: I get it already. When you find out any phishing E-mail, you can click 'report phishing' to secure your personal data some more can avoid fraudsters obtain data.

[01:26-01:33]
Cindy: If E-mail company stops these harmful phishing E-mails then, many users do not have to worry much.

[01:34-01:45]
Amy: You have your point, but not all would report what? If someone did not affect by phishing then, he would not spend time to report and what benefits I would get if I report?

[01:46-02:07]
Cindy: Report phishing E-mails can reduce the phishing effect on us. The risk we contact phishing would decrease too. You might understand and alert the danger of phishing but other Internet users even new users might be trapped. Everyone has to try his best to stop phishing to gives protection for our and others' privacy.

[02:08-02:17]
Amy: Once stop more and more phishing web sites, we could build up a safer Internet to protect everyone's personal data and privacy.

[02:18-02:26]
Cindy: Yes! On the other hand, we could report all these phishing web sites to specialized organizations such as antiphishing.org.

[02:27-02:33]
Amy: Oh! After that, these organizations would increase awareness about phishing among us then, everyone would not be cheated.

[02:34-02:41]
Cindy: Really hope that all of us can report phishing together to give Internet users a more secure environment.

[02:42-02:46]
Amy:Ok! We stop and report phishing together.



Glossary

Phishing= 网络钓鱼
Internet= 互联网
Website users= 网民
Website URL= 网址
Function= 功能
Action= 行动
Report Phishing= 举报网络钓鱼
Scam= 网络骗局
Google= 谷歌

Podcast II: Avoid Phishing to Violate Your Privacy (预防网络钓鱼危害您的隐私）

Link to Us: http://snipr.com/podcast2

Welcome to Online Privacy Zone. Here is the second Chinese podcast. It tells how to avoid phishing violate your privacy. Thanks for your support.

Title: 预防网络钓鱼危害您的隐私

Duration: 2 minutes and 42 seconds (2:42)

Translation Script:

Hello everyone. Did you hear the previous podcast? Yes, the topic I am going to discuss is related to phishing too. First, I would like to briefly explain what is phishing. Phishing is a technique used by hackers or fraudsters to obtain victim's personal information which included credit card numbers, account password and others. Then, they hack into the victim's account such as online banking to cheat money. Usually, fraudsters obtain victim's personal information through E-mail and they control the attached link which is located inside the E-mail. Phishing is very dangerous, you have to be alert to identify the bait the fraudsters used easily which is the fake E-mail and the web site URL.

Since you have way to identify the phishing E-mail, obviously you would not be cheated or tricked. You also have to strengthen protection on your personal information. The effective way is set up proxy inside your web browsers. Web browser's proxy setting is similar to the firewall within your computer. They have the same function either proxy or firewall which is monitor your online activities and the usage. Moreover, they could filter the files whether do contain threats like spy ware or malware and other viruses before they transmit to your computer. Proxy could protect your computer by blocking these harmful viruses intrude your computer. Proxy could effectively stop phishing because it could identify and filter the harmful content of the web site and stop the suspicious web site link to be sent to you. If your browsers already set proxy, then proxy would not visit those blacklisted web site which included the exposed phishing web sites. Furthermore, when you use Internet, proxy would stop the unauthorized Internet users hack and interrupt your online activities especially while handling online transaction. These unauthorized Internet users who hack into your online activities are called 'hackers'. They could interfere your online transaction to get benefits. Firewall and proxy could stop suspicious files, harmful viruses to intrude your computer. Remember to set up the proxy inside your web browsers to protect your online privacy. Wish everyone surf Internet happily. I am Cindy, thanks for tune in Online Privacy Blog's podcast.

Glossary:

1. Podcast- 播客
2. Phishing- 网络钓鱼
3. Hackers- 骇客
4. Fraudsters- 网络行骗者
5. Attached link- 连接的网址
6. E-mail- 电子邮件
7. Web site URL- 网址
8. Proxy- 代理主机
9. Browser- 浏览器
10. Firewall- 防火墙
11. Spy ware- 间谍程序
12. Maleware- 恶意软件
13. Viruses- 病毒
14. Internet- 互联网

Podcast I: Phishing Threatens Your Online Privacy?

Link to us: http://snipr.com/podcas1





Translation Script

Hello everyone, today the topic that I am going to discuss is how phishing threatens your online privacy?

In this technology generation, Internet becomes dangerous and threatening. All of us need to be alert and against all the possible threats when we use Internet. Everyone also need to strengthen their Internet knowledge to protect themselves from become the victims of phishing.

So, I'm here to explain what phishing is.

Phishing is a technique that hackers, fraudsters request to obtain other people's personal information such as credit cards numbers, password.

Many Internet users received anonymous emails that state they have problem to log in to the system and request them to go to the provided link and insert their log in ID and password. The provided link could be fake and it controls by the hacker or fraudster at the other server. Once you enter your log in details, fraudster might obtain those information and hack into your account. If more serious, you might lose money!

Online users can protect your online information by checking a phishing email then you would not become a phishing victim. Please be reminded, bank will never ask you to confirm your account details by an emails. So, you also need to beware of other phishing emails which look like send by other possible companies that you trust. We conclude three ways to find out a phishing email.

Step 1: Check your name.
Your name will not appear in the emails. Usually fraudsters write" Dear Valued Customer" because the same email sends to many people. Therefore, it is not trustable.

Step 2: Check for the spelling mistake.
Phishing emails use the real logo and the name of the company but it is not authentic if you found spelling mistake in content or title of the email. That must be a phishing email.

Step 3: Look at the URL links attach in the emails.
If the emails ask you to click on the provided, never click it and you check the link whether is look different from the original web site URL. This anonymous link hosts by the fraudsters, it just looks like similar to the original web site URL if you are not aware of it.

If you have received phishing email, don't panic. Please don't reply and click on anything, because it is phishing scams! You could be safe from phishing and protect your online information easily.

Thank You.





Glossary

Internet = 互联网
Phishing = 网络钓鱼
Fraudster = 行骗者
URL (Universal Resource Locater) = 网址

Weekly Poll Analysis- What Would You Clear In Setting First Before You Quit Your Web Browser?

Link to us: http://snipr.com/4rdpoll



The pie chart above shows the result for the question posted on our weekly poll posted last week. The question of last week is, " What would you clear in setting first before you quit your web browser?

From the total of 9 voters, 5 voters (56%) seldom clear anything before they quit web browser, 3 voters (33%) will clear all at the same time which is web browser history, web browser cookie and web browser cache, while 1 voter (11%) has choose clear web browser history only.

From the result, we can know that the Internet users are not really concerned about online privacy issues. They do not know that if they do not clear up the "private data" on web browser can cause a serious consequence. The serious threats are anyone in the Internet can easily discover the websites that users have been visited before using web browser and users information might be easily access by others.

So, to protect users online privacy, users should take right action which is delete all the web history, web cache and web cookie on web browser regularly. Except that, for those who want to have more privacy protection can use special software to protecting privacy information.

Do you believe that do not clear up web history, web cookie and web cache in setting before quit web browser can bring you a serious consequence?

The Serious Threats of Proxy Cache.

Link to us:http://snipr.com/proxyca



New Media Musings website, online privacy in digital age, by New Media Musings [Online]
Retrieved 11 February 2010
URL: http://www.newmediamusings.com/2006/08/online_privacy_.html

Hey Readers, Happy Chinese New Year. I was here to continue last week topic which is web cache. Last week we have finished the topic of browser cache so this week we will discuss how proxy caches can threaten your online privacy?

First, proxy cache function as a computer system serves many internet users in the same time and proxy cache maintains as relay between client and server. Proxy cache can prevent attack from invalid private network by build up a firewall. The word of proxy means “to act on behalf of another” and proxy cache is same as what meaning of proxy which is acts on behalf of the user.

Second, proxy cache is a serious threat to Internet users due to poorly developed application code and session management can cause security problem arise. For instance, a cases study of a Internet users using the Google Doc for business usage but suddenly realize that in his Google Doc account list obtain a lot of documents are not belong with him which means his Google Doc has been intrude by another Internet users.

Except that, if users make inappropriate use of proxy cache for web application can cause a serious consequence. For instance, when user A seek behind a web proxy log in and log out in a web application and user B log in the website and log out but are you sure user B can completely logged out the web application? On the server side, the ‘logout’ page is control by user A and user B log in session will be invalid and he/ she cannot access the actual page without logging in again.

Lastly, Internet user should pay attention to web caching and proxy cache even it can improve users accessibility of website and reduce network traffic but we should be guard to against become one of the victims of web caching.

References:

Cyberstrategics, A New Security Breach in Google Docs Revealed, by Tim Bass [Online]
Retrieved 11 February 2010
URL: http://www.thecepblog.com/2008/09/15/a-new-security-breach-in-google-docs-revealed/

Slide share website, proxy caches and web application security, by Tim Bass [Online]
Retrieved 11 February 2010
URL: http://www.slideshare.net/TimBass/OWASPTAIPEIThailandTBass

The Truth Revealed: The Cookies In Cyber

Link to Us: http://snipr.com/revealed1

Happy Chinese New Year, everyone! Are you guys enjoy eating the Chinese New Year cookies? Now I am continue with my discussion on cookies, but not that cookies you guys eating. The cookies are the browser cookies or the cookies save inside your browser. If you want to know what are the cookies, you could refer to our old post 'Cookie? Biscuit?'. It tells what are the cookies in cyber world.

Let's start with something quite boring first - the history of browser cookies. Do not worry, it is just a brief history on cookies. Actually, the browser cookies are invented by Netscape Communication in 1994. Cookies also known as 'magic cookies' but nowadays, we keep it short therefore, we just call them 'cookies'.

Next, some arguments stated that browser cookies are harmless because they are just a text file without exceed 4kb and they are not virus or spy ware and they do not even store any viruses and spy wares. There are two types of cookies, one is session cookie which is temporary save inside your browser. When you turn off your computer, those session cookies are bye bye (disappear)! The other one is persistent cookie which can save until one month and even years. We do not care which type of cookies and their differences, they could be privacy risk to Internet users because cookies could be used to track an user's online shopping habits, browse the web sites habit and others.

Cookies are specialized to keep information for online shopping sites such as 'shopping basket', personalize web sites, and give information on how users use the web sites to the web owners or servers. They could be a big risk to online shoppers because when they shop through online, they do not have any privacy actually. It is all because the online shopping site's server could track their purchase habits and their browse habits. Would you feel comfortable when someone is tracking you when you do your shopping either online or outlet. Since cookies are invented to keep information on your shopping basket therefore, the web servers could retrieved the items you have saved inside the shopping basket. If other people hack into your browser cookies, they might know what you have purchased and even what sites you have visited. If you buy a lingerie to your girl friend, they might know too.

On the other hand, cookies can affect your online privacy especially to those online shoppers, their online shopping histories might be tracked but users could always protect them by disabling the browser cookies. This can be done inside the browser setting. Some users disable all the cookies from all the web sites, deny some of the cookies from certain web sites, or enable all the cookies but some web sites require cookies otherwise they would not perform well. Sometimes it is very hard to avoid browser cookies for certain web sites like Blogger (http://www.blogger.com) because it needs cookies to help you personalize or modify your blog. Believe or not? Cookies enables tracking and stalking through the Internet, through your browser.

References:

Primary Search

1. Grey Elmer, (2002). Critical Perspectives on the Internet, Rowman & Littlefield Publisher, Inc., United Kingdom.

2. Mark Ciampa (2009). Security + Guide to Network Security, Course Technology, Cengage Learning, Boston, USA.

Weekly Poll Analysis- Do You Read The Privacy Policies When You Sign Up For Certain Services?

Link to Us: http://snipr.com/uatya



The pie chart above shows that out of 14 voters, 7 voters (50%) choose just simply read through the privacy policies, 6 voters (43%) never read any information in the privacy policies and only one voter (7%)have finish read the privacy policies when register for certain services.

Through the poll result of this week, we can know that a lots of people are overlook and do not pay attention to online privacy policies when they register for certain website. They are assume that exist of privacy policy is means their data can keep as private and confidential. But they are not read through and understand the content of privacy policy. This can cause a serious consequence because some of the privacy policy is to inform the data of internet users would be default be public and not private.

In my opinion, reasons of people do not read privacy policies is because the information of given by the website is too confusing. Website can consider creating a simplifying privacy policy to focus on important issues and more users friendly.

What is your opinion? Do you think web application should come out a new simplifying privacy policy?

How Web Cache Threaten You and Your Online Privacy?

Link to Us: http://snipr.com/uaefo

Secure Business Infrastructure website, Network Security Auditing Solutions, by Secure Business Infrastructure website. [Online]

Retrieved 05 February 2010

URL: http://www.sbi-secureit.com/network-security-auditing-solution.htm

Web cache stores representation (it has been discussed in previous post). There are two types of web caches which are browser caches and proxy caches, they work differently in the client-server computers. So now, let's discussion how browser caches can threaten your online privacy?

First, browser caches is functioned to keep images, HTML pages, and files in your browsers temporary. Internet users always can check what types of file are being cached inside their web browsers by typing about:cache in the address text box.

Next, since browser caches store those representations temporary, you can always refresh the current page, back to previous page easily and faster without requesting response from the server again. Actually browser caches can be harmful only if you key in your private data and your computer contains viruses and spyware. It is all because when you key in your private data, browser cache would store every data you have enter. If other users, viruses, and spyware hack into your browsers and duplicate the cache files then, your private data would be dangerous. If you check your cache files inside your web browsers, you might think those cache files are some text that you could not understand but there are some specify applications that could read the content of the cache files. Therefore, hackers can read your private data by using that particular application.

Moreover, if you did not clear your web cache frequently, the chances to expose your data would be higher especially what are the web pages you have visited. Browser caches record the content which is the representation and also each representation's URL link and the pages' URL inside your browsers. When hackers intrude your computers and copy your browser cache, they might know what web sites you have visited, what images you have seen, what text you have inserted and many more. Maybe you would not care browser cache could threaten you or not but it can be a online privacy issues because others can know what sites you are visiting now and ease other people to track your Internet usage. You have no online privacy as you could be spied by the hackers if they steal your browser cache files. Hackers look through all your browser cache files and they know what you have visited even those censored web sites or web pages. Thus, be careful when you surf the net, browser cache files in your browsers could lead you zero online privacy.

Reference:

Caching Tutorial for Web Authors and Webmasters, Mnot.net [Online]

Retrieved on 6th January 2010

URL: http://www.mnot.net/cache_docs/#DEFINITION

Cookie? Biscuit?

Link to Us: http://snipr.com/wcookie

Remember the last two week's poll "What Is A Cookie"? Actually, not much blog visitors knows about the cookie or may be too much of visitors thought it is just a piece of sweet biscuit but obviously, since this blog is talking about online privacy, the cookie we talk at here is the web browser cookie. So, what is the cookie? Who "bake" the cookie?

In most of the computers, once they connect to the Internet, there are not only one cookie. It is a lot of cookies stored inside your computer if you surf the Internet frequently and visit different web sites. Basically, Cookies are those small file size text which contain the information such as identity, your name, your interests, users ID and others inside your computer. The servers "bake" the cookies and store inside your computer if your browsers did not disable the cookies. These cookies store inside your browsers therefore, the browsers send cookies to the web site's server and the server could identify you.

For example, blogger.com requires Javascript and cookies because it needs cookies to identify which user are you, your name and other log in information to let you do change of setting or make changes of posts. If your browser has disable the cookies, when you log in to blogger.com it would show message like this:

On the other hand, cookies can be harmless because they are text files with bits information only but some arguments said that cookies ease to track people. Let's analyze it briefly. Since cookies store your identity, it is possible cookies could reveal your information easily to third party then, you would no have online privacy? What are the truths? All these would be discussed on the next time.

Remember, web browser cookies are not those biscuits that we eat.

Reference:

What Is An Internet Cookie?, HowStuffWorks.com [Online]

Retrieved on 4th February 2010

URL: http://www.howstuffworks.com/question82.htm