Maybe you know someone you’d like to encourage to be more security-conscious. Or perhaps a friend or family member is already concerned about their own privacy. They’ve already got tin foil (albeit for the turkey, not to use as a hat), so what else should you get for them? We have a few suggestions.

1. RFID Wallet

Due to concerns over security, you can turn down the offer of contactless payment on debit and credit cards. Nonetheless, fewer people are using their PINs anymore.

Criminals can take payment from contactless cards. Indeed, warnings are occasionally issued on social media about thieves preying on users of packed trains and the subway. You can do something about it, however. Radio Frequency Identification (RFID) wallets block the wireless signals interacting between a card terminal and the card.

2. Nest Indoor Security Cam

Internet Protocol (IP) Cameras are all about peace of mind. They can be used for security reasons or as baby monitors. These are digital video recording devices that generally connect to your smartphone or device to offer 24/7 surveillance. Some allow you extra remote control and will further track smart home accessories

The Nest Cam Indoor security camera is designed to help you look after your home and family – even when you’re away. With 24/7 live streaming, a versatile magnetic stand, person alerts with Nest Aware and one app for all your Nest products, Nest Cam Indoor helps you keep an eye on what matters. From anywhere.

3. WALI Dummy CCTV

Not too sure whether your family member of friend will like a camera keeping score of proceedings all the time? Opt for a fake CCTV system instead!

Dummy cameras are a deterrent to your average criminal. They won’t be keen to have their mugshots taken. Even if some suspect they’re fake, they’ll have to risk getting up close to check it out for sure.

You can typically rely on WALI’s products, and this four-pack of dummy cameras is a substantial present that’s a surprisingly good price. They’ll certainly come in handy around most homes, and because they’ve got a flashing LED, they look real.

4. Litom Solar Lights

Solar lights are fantastic: not only are you utilizing the sun’s power but you’re also improving safety and security. They come in a vast array of variations, and are available everywhere, but for Christmas, we recommend a motion detector solar light.

These simply light up an area whenever something moves within its radius. Intruders are instantly spotlighted, and homeowners are alerted that there’s someone on their property. If whoever you’re buying for has a pond or swimming pool, lights are vital to make sure no one has an accident at night.

Litom’s a solid make. These are deceptively small considering the amount of light they give off. They’re cheap too, but if the recipient places them strategically at a doorway or garage, effective enough to deter would-be criminals.

5. Shredder

Everybody needs a shredder. No, more than that — everybody needs a cross-cut shredder. Cross-cut shredders cut pieces diagonally, rendering anything you put in virtually unreadable. In this age of hacking and ransomware, you shouldn’t underestimate the importance of a good old shredder. Because plenty of important things need cutting up.

Credit card slots are ideal, but some further chop up CDs — more infrequently used, of course, but this is a present to last! Typically, the finer a shredder will cut, the better. Also consider measurements: will this be used in a workplace environment or be kept at home, and how does this affect the size you’re considering?

6. VPN Router

This could be the priciest item on the list, so you’ll want to save it for someone especially dear to you, or as a family gift. But as ever, it depends on which model you go for.

It’ll also require a lot of research. Virtual private networks (VPN) afford a solid level of security by encrypting data sent between a computer and a website. Anyone who can intercept details sent on that connection cannot read it anyway. There are many VPN services available, including for free via the Opera browser

VPN routers give a whole household a high level of security. No need for individual installation on each device. Anything connecting to this router will use encryption. The receiver just needs to set it up and then everyone can browse the internet, hassle-free… in theory.

Shop around. Roqos is a dependable brand, and yet cheaper makes might also catch your eye. Shopping for routers should be a rare occurrence, so ask yourself whether it’s worth spending a bit more to achieve some longevity. And of course, are the recipients worth it?

Follow these five guidelines to keep your organization's data protected.

Consider that the average cost of a single data breach is $3.62 million. On top of this, data breach incidents reportedly cause 65% of individuals to lose trustin the organization experiencing it. This loss of customer trust may take years to recover, if it even can do that at all.

1. Understand what constitutes a data breach. A data breach is an incident in which sensitive, protected, or confidential personal data potentially has been viewed, stolen, or used by an individual unauthorized to do so. This can include sensitive information discussed in a doctor's office, viewed on someone's laptop screen, hacked from a computer, or perhaps left on the printer. It could involve thousands of records, or just one. Depending on the regulation, it could involve identifiers, such as a name or identification number. Or it could be images of individuals, in photos or videos. It also could be data revealing racial or ethnic origin, political opinions, religion, trade-union membership, genetic data, health information, personal preferences, and so on.

2. Be aware of your surroundings. Workers should be trained to always be aware of their surroundings. Employees frequently use mobile devices to access and share data, often in full view of others. There's increased risk of data exposure inside the office too. Open-office floor plans remove physical barriers that in the past helped shield computer screens. Those who work in public spaces and in heavy-traffic areas like emergency departments, public lobbies, government offices, and guest-service desks should know to look for suspicious behaviors, such as identifying a visitor who is pointing a smartphone toward a computer screen.

3. Deploy layers of protection to avoid breaches. Add layers of protection as part of a defense-in-depth security approach. This often involves perimeter technologies, such as firewalls, data encryption, and two-factor authentication. Using privacy filters can help protect sensitive data displayed on computer and device screens by blocking unauthorized side views. Other important protection measures include implementing clean-desk policies, using password-protected screensavers, and requiring that sensitive information be printed and stored in locked areas, and then finely shredded when disposed. Regular assessments can help identify vulnerabilities in these areas, as well as other gaps, such as poorly trained employees.

4. Collect only what you need. In the spirit of improving the buying experience, many organizations are collecting an increasing amount of personal information about their customers. They are asking for birthdays, ages of children, etc. Collecting this level of information requires organizations to be aware of privacy laws, such as the GDPR, that are very stringent in how personal information is used. As a best practice, organizations should proactively identify and collect only the personal information necessary for their intended purposes, for a period strictly necessary (minimization principle), and they should ensure that personal data will not be made accessible to an indefinite number of people.

5. Be ready to respond quickly. Have a documented breach response plan that details roles, responsibilities, and processes. Schedule regular training exercises to help ensure your organization's incident response and breach notification policies and plans will work. Conduct tests to see if employees know who to alert if their device is compromised or they become aware of a data breach. Make sure you have the forensics in place so you can quickly communicate what happened and what the company is going to do about it.

Together, these five tips can help safeguard data privacy, build customer trust, and protect your company's brand.

Keylogger found in HP Notebook models

Earlier this year, it was reported how the audio driver pre-installed on several Hewlett-Packard (HP) laptops contained a built-in keylogger code that recorded all of a user’s keystrokes and stored the information such as usernames and passwords, personal information in a human-readable file. In order to rectify this, HP then rolled out patches to remove the keylogger, which also deleted the log file containing the keystrokes.

Now, a security researcher named ‘ZwClose’ has claimed of discovering similar built-in keylogger issue in several HP laptops that allows hackers to record every keystroke of the user and steal sensitive data, including passwords, account information, and credit card details.

More than 460 HP Notebook models were reported to have been exposed for exploit to hackers due to the keylogger found present in the SynTP.sys file, which is a part of the Synaptics Touchpad driver that ships with some HP notebook models.

Even though the keylogger component is disabled by default, it could be enabled “by setting a registry value” by utilizing open source tools available for evading User Account Control (UAC).

Given below is the location of the registry key:

HKLM\Software\Synaptics\%ProductName%

HKLM\Software\Synaptics\%ProductName%\Default

HP was notified regarding the presence of keylogger component by the researcher last month, which was confirmed by the company who said that it was basically “a debug trace” that was left unintentionally and has now been removed.

In its advisory, HP called the keylogger as a potential, local loss of confidentiality. “A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

The company has released a Driver update to remove debugging code for all the affected HP Notebook models. Click here to see the entire list of affected HP laptops and their patches.

ZwClose also published a technical analysis of the SynTP.sys file and the keylogger code for security researchers and software developers.

Like in real life, your wallet must be secured. Bitcoin makes it possible to transfer value anywhere in a very easy way and it allows you to be in control of your money. Such great features also come with great security concerns. At the same time, Bitcoin can provide very high levels of security if used correctly. Always remember that it is your responsibility to adopt good practices in order to protect your money.

 Be careful with online services

You should be wary of any service designed to store your money online. Many exchanges and online wallets suffered from security breaches in the past and such services generally still do not provide enough insurance and security to be used to store money like a bank. Accordingly, you might want to use other types of Bitcoin wallets. Otherwise, you should choose such services very carefully. Additionally, using two-factor authentication is recommended.

Small amounts for everyday uses

A Bitcoin wallet is like a wallet with cash. If you wouldn't keep a thousand dollars in your pocket, you might want to have the same consideration for your Bitcoin wallet. In general, it is a good practice to keep only small amounts of bitcoins on your computer, mobile, or server for everyday uses and to keep the remaining part of your funds in a safer environment.

Backup your wallet

Stored in a safe place, a backup of your wallet can protect you against computer failures and many human mistakes. It can also allow you to recover your wallet after your mobile or computer was stolen if you keep your wallet encrypted.

Encrypt your wallet

Encrypting your wallet or your smartphone allows you to set a password for anyone trying to withdraw any funds. This helps protect against thieves, though it cannot protect against keylogging hardware or software.

Offline wallet for savings

An offline wallet, also known as cold storage, provides the highest level of security for savings. It involves storing a wallet in a secured place that is not connected to the network. When done properly, it can offer a very good protection against computer vulnerabilities. Using an offline wallet in conjunction with backups and encryption is also a good practice. Here is an overview of some approaches.

Using the latest version of your Bitcoin software allows you to receive important stability and security fixes. Updates can prevent problems of various severity, include new useful features and help keep your wallet safe. Installing updates for all other software on your computer or mobile is also important to keep your wallet environment safer.

Multi-signature to protect against theft

Bitcoin includes a multi-signature feature that allows a transaction to require multiple independent approvals to be spent. This can be used by an organization to give its members access to its treasury while only allowing a withdrawal if 3 of 5 members sign the transaction. Some web wallets also provide multi-signature wallets, allowing the user to keep control over their money while preventing a thief from stealing funds by compromising a single device or server.

Think about your testament

Your bitcoins can be lost forever if you don't have a backup plan for your peers and family. If the location of your wallets or your passwords are not known by anyone when you are gone, there is no hope that your funds will ever be recovered. Taking a bit of time on these matters can make a huge difference.

Ever wondered why websites that are mining in the background don’t mine for the immensely hot Bitcoin, but for Monero instead? We can explain that. As there are different types of cryptocurrencies, there are also different types of mining. After providing you with some background information about blockchain, and cryptocurrency, we’ll explain how the mining aspect of Bitcoin works. And how others differ.

Proof-of-Work mining

Cryptocurrency miners are in a race to solve a mathematical puzzle, and the first one to solve it (and get it approved by the nodes) gets the reward. This method of mining is called the Proof-of-Work method. But what exactly is this mathematical puzzle? And what does the Proof-of-Work method involve? To explain this, we need to show you which stages are involved in the mining process:

1. Verify if transactions are valid. Transactions contain the following information: source, amount, destination, and signature.
2. Bundle the valid transactions in a block.
3. Get the hash that was assigned to the previous block.
4. Solve the Proof-of-Work problem (see below for details).

The Proof-of-Work problem is as follows: the miners look for a SHA 256 hash that has to match a certain format (target value). The hash will be based on:

• The block number they are currently mining.
• The content of the block, which in Bitcoin is the set of valid transactions that were not in any of the former blocks.
• The hash of the previous block.
• The nonce, which is the variable part of the puzzle. The miners try different nonces to find one that results in a hash under the target value.

So, based on the information gathered and provided, the miners race against each other to try and find a nonce that results in a hash that matches the prescribed format. The target value is designed so that the estimated time for someone to mine a block successfully is around 10 minutes (at the moment).

If you look at BlockExplorer.com, for example, you will notice that every BlockHash is 256 hexadecimal digits long and starts with 18 zeroes. For example the BlockHash for Block #497542 equals 00000000000000000088cece59872a04457d0b613fe1d119d9467062e57987f1. At the time of writing, this is the target—the value of the hash has to be so low that the first 18 digits are zeroes. So, basically, miners have some fixed input and start trying different nonces (which must be an integer), and then calculate whether the resulting hash is under the target value.

How is Monero different?

Browser mining and other methods of using your system’s resources for other people’s gain is usually done using other cryptocurrencies besides Bitcoin, and Monero is the most common one. In essence, Monero mining is not all that different from Bitcoin. It also uses the Proof-of-Work method. Yet, Monero is a popular cryptocurrency to those that mine behind the scenes, and we’ll explain why.

Anonymity

The most notable difference between Bitcoin and Monero mining is anonymity. Where you will hear people say that Bitcoins are anonymous, you should realize that this is not by design. If you look at a site like BlockExplorer, you can search for every block, transaction, and address. So if you have sent or received Bitcoin to or from an address, you can look at every transaction ever made to and from that address.

Therefore we call Bitcoin “pseudononymous.” This means you may or may not know the name of that person, but you can track every payment to and from his address if you want. There are ways to obfuscate your traffic, but they are difficult, costly, and time-consuming.

Monero however, has always-on privacy features applied to its transactions. When someone sends you Monero, you can’t tell who sent it to you. And when you send Monero to someone else, the recipient won’t know it was you unless you tell them. And because you don’t know their wallet address and you can’t backtrack their transactions, you can’t find out how “rich” they are.

                                                                                      Transactions inside a Bitcoin block are an open book.

Mining

Monero mining does not depend on heavily specialized, application-specific integrated circuits (ASICs), but can be done with any CPU or GPU. Without ASICs, it is almost pointless for an ordinary computer to participate in the mining process for Bitcoin. The Monero mining algorithm does not favor ASICs, because it was designed to attract more “little” nodes rather than rely on a few farms and mining pools.

There are more differences that lend themselves to Monero’s popularity among behind-the-scenes miners, like the adaptable block size, which means your transactions do not have to wait until they fit into a later block. The Bitcoin main-stream blockchain has a 1 MB block cap, where Monero blocks do not have a size limit. So Bitcoin transactions will sometimes have to wait longer, especially when the transaction fees are low.

The advantages of Monero over Bitcoin for threat actors or website owners are mainly that:

• It’s untraceable.
• It can make faster transactions (especially when they are small).
• It can use “normal” computers effectively for mining

Links

For those of you looking for more information on the technical aspects of this subject, we recommend:

Bitcoin block hashing algorithm

The Blockchain Informer

Blockchain Info

How Bitcoin mining works

How does Monero privacy work