Home News/Advice BlogInternet Security

WARNING - O2 and Tesco Mobile send your phone number to every site you visit using their mobile data network

25 January 2012
Posted in Internet Security

Lewis Peckover, who set up a little web tool that displays all the "HTTP header information" sent to sites by web browsers, highlighted yesterday that O2 include your mobile phone number whenever you visit a website whilst running over the 3G network.

Users of the social news site, Reddit.com, confirm this problem also happens with Tesco Mobile.

For O2 and Tesco customers browsing on a 3G connection, these headers also include their personal telephone number in an x-up-calling-line-id line. Enterprising website owners can easily keep a copy of the HTTP header information sent over by visiting browsers and tie it to IP addresses and logins, if applicable.

O2 commented on their Twitter feed:

@lewispeckover Hi Lewis. The mobile number in the HTML is linked to how the site determines that your browsing from a mobile device #O2Guru (https://twitter.com/#!/O2/status/161872584634408960)

But, this is nonsense. Browsers send a User-Agent line in the Headers that tells web servers what browser and operating system it's using, rather than having to divulge personal details such as the users mobile telephone number.Customers on an O2 or Tesco Mobile monthly contract might want to talk to a lawyer in regards to the validity of the contract now that it has been seen O2 are willy-nilly giving out these personal details to all websites you visit.

Reproduced courtesy of ConsiderIT

What will this mean to me, the user?

For the average user this could mean that your mobile telephone number is being collected and could be used for marketing and messaging without your consent. It would not take much for sites where you have to register to attach your mobile number to your login details and personal details, which could then be passed onto less-than-scrupulous data users for unlawful activities. The security issues that could arise from this will be difficult to determine for some time, but we would advise anyone to avoid using their mobile on these networks for internet browsing, and to seek an alternative.

Blackberry devices are not affected, since they use Blackberry's own proxy servers, which encrypt this header before sending it to site owners.

Further reading:

Hotmail Security and what to do if you have been hacked

21 July 2011
Posted in Internet Security

Hotmail hacking is rife and can cause you serious hassle, maybe even lose you some money. There are lots of horror stories out there, but some simple steps to ensure your security will alleviate most potential problems.

You happily spend time locking up your physical possessions, so please spare a moment or two to secure your online assets.

Some basic Hotmail Security tips:

Change your password regularly, and use something secure (your favourite football team is NOT secure, use something with a combination of letters and numbers, or even some symbols)
Run regular full scans using your Anti-Virus application, and maybe some extra checks as detailed in our notes below.
Do NOT access your Hotmail account from public WiFi Spots (Airports, Cafes, etc) as there are scanners capable of picking up signals and stealing information.
Do NOT log into your Hotmail account from a computer others have access to and tick the 'Stay Logged In' option - this will allow the person following you to gain instant access to your account.
Check your Hotmail Profile, and ensure nobody has set up an 'Alternative Email' in your settings without your knowledge, as this is a back-door Hotmail offer to you when setting your account up, and it is manipulated by hackers to retain access to your account.
Periodically, check your SENT Email Box, to ensure there are no emails going out that you are not aware of.

It is not rocket science to ensure you are more difficult to hack than the average Hotmail account, but it does require you to perform some basic security functions from time to time. The same basic tips apply to other online email accounts (Gmail, etc).

Some further reading regarding Hotmail Security and Hacking:

Additional Software to keep your PC clean from Malware:

It is not advisable to have more than one piece of Anti-Virus/Anti-Malware software running resident on your PC, but you can download any of the following FREE software and use it to run manual scans periodically, ensuring that you keep well ahead of the Malware fiends. Any which give you the option to buy software, ignore it, the free option will help well enough. Also, if there is an option to install either security toolbars, various browsers, or to 'start up when Windows starts', then untick these too.

Malwarebytes Free

SuperAntispyware Free

AVG Free (this is a full AV package, so only use it as an alternative to what you have or if you currently have nothing running)

Please feel free to share this article with colleagues and friends. We welcome any feedback and can offer support if needed.

Dumping Microsoft Internet Explorer for a different browser

17 January 2010
Posted in Internet Security

As reported by the BBC yesterday (Saturday 16th January 2010), the German government has warned web users to find an alternative browser to Internet Explorer (IE) to protect security. It closely followed Microsofts admission that IE had been the 'weak link' in recent attacks on Googles systems. Microsoft have obviously tried to defend their browser, but I think the German government have come out and said what almost everyone else was thinking - Internet Explorer should not be our browser of choice.

Internet Explorer is installed as a part of Microsoft Windows installations, and as such a large percentage of people use it without looking for alternatives. Below we have listed a few excellent alternatives, and all are free to download and use:

Firefox

Firefox is an excellent browser, lightning quick and packed full of useful features (tabbed browsing, built-in spell checker, private browsing, etc). It has numerous handy addons available and is our browser of choice at Comspec. Nowadays we use IE simply for testing websites, rather than as a serious option for browsing.

Chrome

Chrome is Google's entry into the browser sector. It is very quick, refreshingly minimalistic and seems to have no compatibility issues. A host of top-notch features (task manager, download manager, flexible tabs, etc) make this an excellent browser choice for anyone.

Opera

Opera is a peculiar little browser. It is very quick, but has been known to have some compatibility issues. It is a 'fun' browser, yet very practical. Some of its features are useful (thumbnail previews, voice interaction, etc) and as this browser develops, it will become another excellent choice for users. Our verdict on this one is to certainly try it out, but you'll probably find you revert back as the problems appear, even though you will like the look/feel of it.

Safari

Safari is the Apple (Mac) browser, only now its available for the Windows PC too. A lightweight browser, making it fast, but we'd tend to only recommend it to the semi-IT literate user, simply because it lacks a number of basic features (anti-phishing, parental controls, etc). A great browser in looks/useability, but just lagging at present in features.

Free Parental Control & Web Filtering Software

20 April 2009
Posted in Internet Security

Most family homes now have a PC with connection to the internet, and it is a constant source of worry for most parents when they think of what their child could be accessing or seeing online.

Free Parental Control Software

There are numerous pieces of software commercially available which allow some measure of protection, but we have found that most problems can be avoided using a free piece of software, such as Bluecoat K9 Web Protection.

K9 is not software for anti-virus, anti-spam, etc. Instead it deals directly with ‘Web Content’ and browsing, filtering the content available to your child. When you have it turned on, it prevents the computer user from viewing Web sites that contain unwanted content. It can block more than 55 different categories of content, including pornography, hate speech and sites that promote violence or permit gambling.

To get K9, simply go into your Internet Browser (Internet Explorer, Firefox, etc) and go to the site www.getk9.com. This is a website designed primarily for parents, and will provide a wealth of information. Read the information there, then click on ‘Get K9 Now’ to download and install.

The main features of K9 are:

Blocks up to 60 content categories (eg porn, gambling, etc)
Set time restrictions on when your child can access the internet
Block specific websites not covered in the software automatically
Audible feature (a barking noise) to alert parents that their child is trying to access or has stumbled across something inappropriate
Block sites with specific words in their url (website address)
View reports of all internet activity and administrative actions
Very simple to use interface

At present K9 does not provide controls for Instant Messaging or Peer-Peer, but these are planned for its upcoming new release. You do have to register with the site to get a license key for the software, but it is a little price to pay for this level of protection from a piece of free software.

Whilst we ask that parents consider the use of something like K9, we also strongly advise home users to have adequate Anti-Virus and Anti-Spyware protection enabled. There is no need to purchase a product for home use, as AVG have a free version (AVG Free 8.5) which will cover your needs. It updates and scans automatically, and has no renewal date like the commercial versions.

And now for the scary part, the following are some of the statistics (taken from BlueCoat’s site) regarding youths and the internet:

1 in 4 youths have unwanted exposure to inappropriate pictures each year
9 out of 10 kids, aged 8-16, have viewed pornography on the internet
1 in 5 children, aged 10-17, have received a sexual solicitation over the internet
74% of commercial pornography sites display free porn images on their home page

Protect your child today, for free, and give yourself peace of mind.

Internet Security Breach is tackled

09 July 2008
Posted in Internet Security

A report in today's BBC News Online suggests that we will all be getting a download for our operating systems to try to head off a major internet security breach, discovered by accident.

The breach would allow criminals to redirect internet users to fake websites, in an attempt to prise private information from them. The research into a 'fix' has been going on in private for about 6 months, since the flaw was discovered in the DNS (Domain Name system).

Whilst we thought this story news worthy, we do not want our users to panic. Microsoft and other computing giants (Cisco, Sun, etc) have been working on this, and will provide an automatic security update to stop any potential danger before it gets to us, the users.

What we would like to do, however, is to remind our users of the importance of performing regular Operating System updates. On Windows computers this is quite easy by going into the menu option 'Windows Update'. When you get to the update site, instead of choosing the usual 'Express Updates', choose 'Custom' every now and again, to ensure that all the updates you may want are downloaded. Any security patches, such as that mentioned above, will fall under 'Critical' and therefore 'Express' updates, so no need to worry on that score.

Have you checked to see if Automatic updates are turned on for your computer? If not, do so now. If you do not want the updates coming down automatically, visit the updates website, and manually download all of the security updates.

Removing NORTON from your PC

01 March 2008
Posted in Internet Security

I get the question posed to me on a regular basis.....

"I tried to uninstall Norton, but the normal Add/Remove Programs doesn't seem to work, what should I do?"

The answer is simple, the only true way to rid yourself of Norton is to download and run the Norton Removal Tool, supplied free online by Symantec themselves. Unfortunately NORTON is difficult to remove from your computer, and the normal uninstall or 'add/remove programs' doesn't remove it completely. This tool will remove it completely.

Download HERE

Ensure you know what version of Norton you have on your PC, and download the version of the tool which applies to you. It is quite a small download, but may take a little while to actually complete the removal task.