Major Study Settles the Debate Between Apps vs. Websites

When it comes to your most-used solution, is the mobile application a more secure choice in terms of user privacy, or does the website offer superior protection against leaked information? Researchers from Northeastern University sought to answer this question in a recent study comparing the app versions of programs against their web-based counterpart on Android and iOS devices.

Selecting a group of 50 of the most popular free services online with equal functionality in both the app and the website, the researchers compared the data leakage of information that could be used to identify a user from either platform. Being sure to sample from a variety of industry categories--including business, news, shopping, music, and even weather--the team would log in as if they were a regular user before tracking how their information is shared by the site to advertisers and data analytics companies.

So, between mobile apps and web-based services, which leaks more of a user’s information? According to research team member and assistant professor David Choffnes, that depends.

Choffnes stated that the team expected applications would leak more information by their more direct access to it. While their findings do support that hypothesis somewhat, the margin was much closer than they expected. In 40 percent of their tested cases, the website version of a service or function would share a greater variety of information with outside parties than the apps would.

The type of information shared also varied based on the platform a user chose. Websites, for example, would share the user’s name and location, while apps were far more likely to share a device’s unique ID number. Together, the app and website could collect a fairly comprehensive profile on the user, much to the surprise of the research team.

While there are legitimate reasons for these services to share out their information, the research team is concerned that the users are unaware of where their personal information is going, as many believe that their information is being held solely by the service they provide it to. However, the team hopes to spread awareness of credential and information sharing, and has even provided an online report of what information is leaked by particular apps, as well as an online tool to determine which method of accessing a service, the app or the web page, is the more secure option.

Information is an incredibly valuable and sensitive asset to a business, so it is best to know just where your information is going. 

Tip of the Week: Quirky Productivity Advice From 4 of History's Most Successful People

It’s important that your workflow allows you to get the most success out of your workday, yet this is often easier said than done. Everyone has different routines and practices that might work for them, and no one else. If you’re looking for ways to improve your own productivity processes, why not consider these four famous individuals with unorthodox practices?

A Crescendo of Productivity: Ludwig van Beethoven
Every office has folks who rely on the coffee machine to jumpstart their workday, but did you know that one of the world’s most famous composers was also highly-indulgent in the caffeinated beverage? History shows that Beethoven required his morning cup of coffee to consist of exactly 60 beans. That being said, you can expect a cup of coffee like that to have just the kind of kick needed to get tons of work done in a short period of time.

Of course, we’re all well aware of the negative effects that caffeine has on the human body, and this extreme productivity measure eventually leads to an extreme crash. It’s thought that this overindulgence eventually led to Beethoven’s declined health. In general, using drugs like caffeine to enhance your productivity may not be the best idea, but a cup of coffee or an energy drink might be just what you need to get through a big project.

The Birthday Suit: Benjamin Franklin
As uncomfortable as it might be to mention, America’s founding father Benjamin Franklin was a major proponent of nudity. He would spend the first hour of his morning reading and writing in the comfort of his own skin. While it might be humorous to imagine the founding father naked at his desk, compiling notes that would eventually become the Declaration of Independance, it’s interesting to note how much precious time and energy the average clothes-wearer wastes getting dressed each morning. Granted, whether or not this produces any noticeable increase in early-morning productivity is up for debate.

To take this a step further, you can emulate this success in spirit by planning out your morning routine in order to dodge the hassles associated with tough decisions. Lay out your outfit the night before, and leave notes to determine which tasks should have priority.

The Case of the Missing Desk: Agatha Christie
Unbeknownst to some, mystery novelist Agatha Christie never owned a desk. Christie wrote some of her most famous stories before computers became the user-friendly commodities that we’re all so used to, going as far as using a pen and paper or borrowing typewriters, often keeping notes and manuscripts stored in some kind of carriable case. A deskless workflow might sound difficult, but thanks to modern technology like mobile devices and cloud computing, it’s more possible than ever before.

To accommodate the modern Agatha Christies in your own office, give them the opportunity to flourish without being tethered to their desks. Mobile technologies like cloud computing and mobile devices have made this easier than ever, so you can let your employees work on their own terms.

Terrifying Display of Discipline: Stephen King
The famous horror author Stephen King once said, “Amateurs sit and wait for inspiration, the rest of us just get up and go to work.” It’s a well-known fact that Stephen King is a writing workhorse, compiling 2,000 words every single day. It’s not just King, either; countless other writers assign themselves daily word counts in order to reach their goals. This commitment is one of the major reasons that King is able to consistently churn out quality manuscripts.

What does 2,000 words look like in your line of work? Is it responding to 25 emails a day, reading a book every week, or making daily sales calls? Whatever you define as success, take this disciplined approach and roll with it. Take small steps to chip away at a larger goal.

Would any of these productivity tips help you get through the day? Share your thoughts, and your own tactics, in the comments below.

4 Reasons Why Businesses Love Office 365

Decision makers for small and medium-sized businesses certainly have a tough job. Each choice they make on the behalf of the business has repercussions, which could potentially influence the rest of the company, for better or for worse. Therefore, we’d like to take some of the pressure off of the decision makers with a recommendation: if you haven’t done so, consider utilizing Office 365 for your business’s various needs.

Available as a subscription-based Software-as-a-Service, Office 365 for Business can provide many features and benefits that the SMB owner/decision maker will find intriguing, to say the least.

Cloud Capabilities
One of the great computing innovations of our time is the concept of cloud services, allowing for convenient collaboration and connection. As long as you are able to connect to the Internet, you can use the included mail client, access and collaborate on company projects and files, from any device.

Collaboration Benefits
Featuring a project management tool called Planner, Office can help keep your company’s employees organized and on the same page. And on the topic of staying on the same page, users are able to collaborate in real-time on documents, and are capable of making and seeing edits that other users are making without the need to refresh the page.

Cost Efficiency
Office 365 will ultimately save your business money, namely by reducing your maintenance costs. By keeping employee accounts in the cloud, Microsoft assumes the responsibility for maintaining and updating them--without any additional costs to your business.

Capacity to Grow
One of the biggest concerns with any solution is its scalability--if a business were to grow, how easy would it be for its solution to grow right along with it? Office 365 answers that question with a single word: very. As your company expands and--by necessity--requires more from its 365 solution, you can very easily incorporate the additional services, features, and storage you need into your existing contract for an increase in price.

With the full capabilities of Microsoft Office available just about anywhere at anytime, Office 365 is a clear candidate for a solid software solution for your business. 

Was the NSA Hacked By Enemies Abroad, or Was It an Inside Job?

Not long ago, a group referring to itself as the Shadow Brokers distributed hacking tools utilized by the United States National Security Agency (NSA), on various publically-accessible websites. While the motives of the Shadow Brokers are a story for another time, an investigation seems to have locked in on a particular theory of how the Shadow Brokers came into possession of the tools in the first place.

Hypotheses were initially varied as to how the tools were taken from the NSA at all. Some surmised that the leak must have been the work of another agency insider following the lead of the controversial Edward Snowden. Some suspected that Russia, deemed responsible by D.C. lawmakers, had hacked into the NSA headquarters located in Fort Meade.

However, the FBI has begun to focus their efforts on an entirely different source, one that--while certainly less openly malicious than a foreign attack or insider leak--still shows the dangers that human error can present to cyber security.

Based on information provided by the NSA, investigators are looking into reports that an individual associated with the agency, either as an employee or a contractor, had left the tools on a remote computer during an operation approximately three years ago. These tools would allow their users to exploit systems from Fortinet Inc. and Cisco Systems.

Patches have since been released to help protect these systems from the now-public tools. Investigators, however, are not ruling out the possibility that the tools were left exposed on purpose, or that others within the NSA made similar mistakes that ultimately resulted in the Shadow Brokers obtaining them.

To their credit (assuming that it was an honest mistake), the unnamed individual reported their mistake shortly afterwards, according to the NSA--which, it must be mentioned, did not inform the companies of the risk to their systems. Rather, having sought out foreign use of the tools with no results, the NSA saw no need to inform the software manufacturers.

Regardless of blame for the release of these tools into the public domain, the unnamed former NSA representative who left the tools on the remote computer proves that critical data should never leave the safety measures to be found on-premises and taken into the world without considerable measures put in place to ensure its security.

Tip of the Week: How to Customize Your Windows 10 Notifications

Windows 10 has been issued updates that provide users with brand new ways to receive notifications. While you can go through Android and iOS’s Cortana app, there’s a better way to manage your notifications. We’ll walk you through the process of customizing your Windows 10 notifications.

On the Lock Screen
One of the more controversial uses of notifications in Windows 10 is on the lock screen. While this is great for times when you don’t want to log into your device, it can be considered a privacy concern. If you’d like to remove all notifications from the lock screen, go through Settings > System > Notifications & actions > Notifications. Then, turn off the switch for Show notifications on the lock screen. If you want to hide certain notifications from appearing on the lock screen, go through System > Notifications & actions > Get notifications from these senders. Now select the app that you want to change and turn it On under the Keep notifications private on the lock screenoption.

Set Priority Notifications
If you receive notifications from several sources, it’s clear that not every single one of them is a priority. Thankfully, Windows 10 makes it easy to set certain apps to varying priority levels. You can set them to either Normal, High, or Top priority in order to layer them into groups based on importance. Go to Settings > System > Notifications & actions > Get notifications from these senders, and select the app that you want to configure. Under Priority of notifications in the action center, assign it a priority level.

You can also choose how many of an app’s notifications will appear in the Action Center at any one time. The default is three, but you can extend this number all the way to 20. Change this setting by going to Number of notificationsvisible in Action Center.

Change the Sounds of Your Notifications
To further customize your notifications, you can remove or change their sounds. All you have to do is go through Settings > System > Notifications & actions > Get notifications from these senders > Your Chosen App > Play a sound when a notification arrives. Right-click the Start button and select the Control Panel. Select sound and you’ll open up a menu. In Program Events, scroll down to Notification and select it. Underneath the Sounds dropdown you can change the sound that plays when you receive a notification. If you’d rather not have sounds play for your notifications, just select None.

Turn Off Notifications
If you aren’t keen on notifications in the first place, you can turn them all off at once. If you don’t mind them, you can limit how many apps are allowed to send you notifications. Go through Settings > System > Notifications & actions > Notifications > Get notifications from apps and other senders. Select the apps from which you want to receive notifications under Get notifications from these senders.

4 Not-So-Dark Truths About the Dark Web

Throughout your journey through the business world, you may have heard rumors, hushed whispers of a deep, dark world beneath the surface of the Internet. Well, it’s real, and it’s known as a hotbed of corruption, where hackers can sell stolen credentials and personal records. However, contrary to popular belief, the Dark Web isn’t as mysterious as it’s made out to be.

Here are four things that you (probably) didn’t know about the Dark Web.

Anyone Can Access the Dark Web
You would think that it would be difficult to access the Dark Web, but in all actuality, it’s quite easy. You only have to download a couple pieces of software. Why would you want to access it, though? Surprisingly enough, the Dark Web is teeming with legitimate purpose. Some web companies have a big presence on it, while others--typically journalists and others who deal with sensitive information--share knowledge across it. One of the biggest reasons, though, is a business’s IT department checking for sensitive data that has been stolen from them.

This goes without saying, but if you really want to access the Dark Web, you’ll need to do everything in your power to secure and back up any mission-critical data that you might have. You’ll be heading into some sketchy territory.

Nobody Knows Who You Are
If anything has been made clear over the past few years, there’s nothing anonymous about using the Internet. Even on the Dark Web, anonymity is an enigma. It’s true that encrypted sites that utilize the domain “.onion” can only be accessed by those who are using the Tor web browser, but by doing some digging, you can unmask just about anyone on the Dark Web. Supposedly, the FBI has malware that can track IP activity, but that’s not information we’re exactly privy to.

TechRepublic explains how Tor masks the identity of users while on the Dark Web: “Tor works by creating a secure connection between the user's web browser and a network of machines, then tossing the originating IP address through several disparate relay points within the network. In theory, these "onion layers" mask the browser's point of origination.”

The lesson: even with Tor and SSL, nobody is safe and secure on the Dark Web.

The Dark Web Is Bigger Than You Think
Even without the Dark Web’s biggest market, Silk Road, the deep dark Internet still has plenty of marketplaces that have sprung up in its absence. Illegal eCommerce is still a major concern, especially because user interfaces have become more streamlined to the point where basically anyone can purchase stolen financial credentials or personally identifiable information. Additionally, in the wake of this surge of illegal online activity, many reputable vendors have introduced services that can help users identify if their credentials have been stolen and put up for sale on the Dark Web. Some even offer security services and threat mitigation for those who do want to navigate the Dark Web, for whatever reason.

The Dark Web Isn’t All Illegal, or Disturbing, or Both
Believe it or not, the Dark Web is filled with more than just illegal content and sketchy marketplaces. Surprisingly enough, the Dark Web has quite a few features that can be found on the surface web. Facebook’s Dark Web site is quite popular, sporting over 1 million visitors every month. There’s also a search engine called Not Evil that’s similar to Google, and Deep Web Radio, that works like any music streaming service. There’s even OnionWallet, a bitcoin wallet service where we suspect you would need to go in order to convert real-world dollars into cryptocurrency.

Of course, the danger of using the Dark Web cannot be underestimated. It might be accessible for users, but that doesn’t mean that you should allow them to go there. The Dark Web is, by far, too dangerous for the average office worker to navigate. A content management system can keep your employees from visiting dangerous websites that could either land themselves or your business into hot water. But, we think the thing you have to worry about the most is the loss of productivity that comes with it. 

New ATM Hack Can Steal $50,000 in 15 Minutes!

You might recall getting a notice from your bank that you’ve been issued a new debit and credit card, one with a chip built into it for enhanced security. There are ATMs out there created specifically for use with these chips, but the same technology created to protect user credentials is now being used to steal them for fraudulent withdrawals.

Weston Hecker, a senior security consultant at the cybersecurity firm Rapid7, spoke at the Black Hat conference in Las Vegas, and demonstrated the technique. It can reportedly steal up to $50,000 out of a single ATM in under 15 minutes. While there had been problems with ATMs running older operating systems, like Windows XP, this is an entirely different problem. The reasoning: these ATMs are brand spanking new, and designed to take advantage of the latest chip-security technology. So, you can understand why there’s such a cause for concern in this case.

The exploit requires a $2,000 kit to install, but compared to the potential gains, this is a small price to pay. Hackers can alter an ATM by adding a device to the terminal. Specifically, it’s placed in between the ATM user’s card chip, and the roof of the area where the card is inserted. This data is then read--including the PIN--and transferred to the criminal, who could be hundreds of miles away. The hacker can download this data to their smartphone and use the card details to withdraw money from any ATM system.

Once this has happened, the hacker can order the machine to constantly withdraw funds to steal an exorbitant sum. Granted, they have to do this near an unattended machine, or one which is remote enough that nobody would notice (or care) that someone was messing with it, but the point stands that the hacker can steal huge amounts of money with relatively little effort.

There are some drawbacks to this method, though. For one, a hacker probably won’t be able to use the spoofed credentials for a very long time; at least, not until the user has caught on to their scheme and thwarted it by contacting their bank. Second of all, the hacker needs to find a way to bypass the security cameras that are inevitably located within each and every ATM they’ll encounter, and that’s not mentioning all of the other security cameras in the area that are monitoring the ATM.

Still, despite the challenges, hackers could have a field day with this vulnerability. Rapid7 has fully disclosed the details of the vulnerability to the manufacturers, but hasn’t made the details public, out of fear that the details could put more people at risk. The idea is to give the manufacturers time to resolve the issue, before hackers find a way around these fixes.

In general, it’s a good practice to always monitor your bank accounts, and to report any suspicious behavior to your bank. Additionally, it’s important that you never hand over your banking credentials to anyone for any reason--particularly a sketchy email from your “bank” asking you to confirm your credentials. These are known as phishing scams, and they try to use your trusting nature against you.

Additionally, never input credentials into unsecured websites. Any websites that you need to use your credit card credentials on should have encryption protocol in place to hide your information from hackers. You need to be very deliberate about avoiding websites that look like they may be trying to steal your data.