Have you ever gone to a supermarket for groceries, and on the groceries shelf you see several bunches of vegetables- all green, leafy and quite inviting. You are hungry, so the thought of a hearty meal excites you. Your mouth waters at the prospect and, reveling in the image of the coming bliss, you reach out for a bunch of kales only to find out it’s actually last month’s anaemic spinach wrapped up in gaudy kale-coloured plastic wrap?
This, among others, is one of but many tiny annoyances we encounter on a regular basis when we browse the web. They may seem trivial, but they sometimes pose a risk to our privacy and safety, both online and offline. So how do we deal with such problems when we come across them? Here are some scenarios and a few tips that may help:
-
A House with Many Rooms
A website is like a house. When a person builds a website, they have to name it so other people can find it easily. This name is called a domain name. When a domain name is bought, the website owner may choose to add some links on top of the domain name that lead to different products, services and systems that can be accessed on the same site. This is like adding doors to your building that lead to different rooms that may or may not be connected to the main door.
Legitimate websites are therefore easily identifiable because a domain name has two main parts that identify the name and type of website for example facebook.com. facebook is the name while .com is the identifier that lets people know that is a website set up to make money. A subdomain for facebook.com would thus look like this: nyangau.facebook.com.
A person with malicious intent would therefore copy facebook.com’s homepage and because they know you wouldn’t understand, create a subdomain on their website and call it facebook.com.pungulu.pangala.manyanya.com and load the homepage they copied there. After, they would package it in a nice-looking way for example as an advertisement for slimming pills with a MASSIVE 60% DISCOUNT if you Like their Facebook Page RIGHT NOW! before the offer ends. You click on it, and you are prompted on the Facebook-looking ‘home page’ to log in and, just like that, someone has your email and password for Facebook or worse, phone number. The site logs in for you into facebook.com and because the process happens in mere milliseconds, you are none the wiser. This is called a PHISHING attack. Get it?
-
James Bond
Processor technology has come a long way. Where once a single processor could cover an area spanning several buildings, now all that is needed is a few grams of sand to make it, with vast improvements in power and efficiency. One of the many ways that have been used to improve this efficiency is something I call informed guesswork –remember the story of the greedy hyena that tried to follow two paths on its way to a party and split itself into two? The CPU tries to do something like that.
This is a very successful method but is prone to mischief because a rogue program can read data it is not supposed to. This is the set of vulnerabilities they call Spectre and Meltdown, and any person (all of us, probably) who uses websites and applications that run Javascript is prone to such attacks. These affect most major CPUs including Intel, some AMD and ARM CPUs and possibly ALL Android Smartphones barring Pixel and other smartphones which receive regular updates with patches for this problem.
Protection starts with installing the latest OS updates and ditching old smartphones but we can’t do that now, can we? Make sure to only install applications and updates from Google Play Store to be safe – for now.
-
Popups and Toolbars
Sometimes while looking for something on the internet, we bump into sites that ask us to install some toolbars or add-ons or even programs that claim to have the marvellous ability to “heal your system, remove viruses and boost your performance” rather much like Doctor Bakari from Tanga, Tanzania. DO NOT DO THIS. Much like their famed counterparts from East Africa and beyond, the promoters of this software often have malicious intentions and will purport to do one thing while actually doing something else, for example reading your browser history, cookies and possibly even access your usernames and passwords while you browse.
This is a common technique used to capture data from people who want to download things like YouTube videos and keep themselves safe from viruses online. To keep yourself from sending things you didn’t intend to or conning your peers, do what our parents told us when we were younger: do not take sweets from strangers.
That’s all for now!
To test your internet speed, check out https://www.speedcheck.org/.
Discover more from Techish Kenya
Subscribe to get the latest posts sent to your email.