Author Archives: Bob Fine

About Bob Fine

Engineer, Environmentalist, IT Architect, Publisher

A Banking View on Windows XP and the End of Support: See It, Block It

A Banking View on Windows XP and the End of Support: See It, Block It
By Christopher Budd

We are a couple of days away from a proverbial red letter day: the end of security support for Windows XP on April 8, 2014.

For the past few months, we’ve been talking about this impending event. We’ve talked about what people can expect in terms of the number of vulnerabilities they may see when Microsoft stops issuing security patches. And we’ve tried to make very clear that this is a situation that can affect everyone, not just those running Windows XP.


When we talk about the dangers that people on Windows XP pose to others, there’s probably no single industry that faces a greater set of risks by users being on Windows XP than banking and finance. More than any other industry, banking and finance face significant risks of fraud and loss due to its customers’ making the unwise decision to stay on Windows XP. As an industry facing extraordinary, unprecedented risks around Windows XP, banking and finance should consider equally extraordinary, unprecedented steps to protect themselves by alerting customers who are on Windows XP of the risks and encouraging them to upgrade. In some cases, especially as time goes on, the banking and finance sector should consider taking steps to block customers still on Windows XP from their services entirely.

The reason that banking and finance are at so much at risk by its users being on Windows XP is that unpatched vulnerabilities will be found and attacked on Windows XP. And as we’ve shown in our 2013 Threat Roundup, online banking malware is a huge problem. From 2012 to 2013, detections of online banking malware more than doubled from 500,000 worldwide in 2012 to more than 1 million in 2013. And the United States and Brazil alone accounted for 50%, or 500,000 detections, of online banking malware. Skyrocketing online banking malware combined with a coming slew of never-to-be-patched vulnerabilities means that online banking on Windows XP is going to become incredibly dangerous soon. And while that is a risk to the users of those Windows XP systems, in aggregate and in the end, it’s those users’ banks and financial institutions that face the greatest risks.

From a technological point of view, when users go to websites, it’s a relatively simple matter to detect the browser and operating system that’s accessing the site. Using that information to create an alert to make people aware of the risks of being on Windows XP and what they should do about it is an easy way to help spread the word. And a step like this will reinforce actions that Microsoft themselves are taking to alert users through alert messages. The broader the net is spread to pass the word about these risks the better.

But warnings may not be enough. People tune warnings out and ignore them. We shouldn’t fool ourselves into thinking that warnings alone will be sufficient. And as time goes on, this situation will become worse and worse. Banks and financial institutions should also start considering the drastic measure of actively blocking users on Windows XP from using their online services entirely.

This is clearly an extreme measure as it will cause lost business. But this step may be justified, especially if the risks of financial losses from Windows XP users exceed the risks of losses from losing those customers. It’s not desirable to turn customers away, but businesses do it all the time in service of their larger concerns. The coming situation with Windows XP and the risks those users pose to their banks and financial institutions is a good example of when these larger considerations pertain.

Of course, in addition to online alerts or blocks, further education campaigns make sense. Notifying customers of the risks and what they should do, through email and online campaigns, can further reinforce the message. Banks and financial institutions (and really anyone) should feel free to disseminate our flyer that outlines these risks.

Banking and finance aren’t the only sectors that are particularly at risk starting next week. But it is the sector that may face some of the greatest impact over time as its users continue to refuse to switch. We’re getting down to the wire and time is running out. Increasingly, those still on Windows XP represent those who most stubbornly refuse to take action. Increasingly, organizations who are themselves at risk by the non-actions of these recalcitrant users will have to themselves take actions that seek to spur those users into action. In short, we have to make it more painful for these users to do nothing than to take action. And so, a viable tactic in support of this goal around Windows XP is if you see it, block it.

Christopher Budd is a communications manager with Trend Micro. His focus is on communications around online security and privacy threats to help people understand in plain English the risks they face and what they can do about them. In addition, he focuses on managing crisis communications utilizing a framework and processes he helped put in place.

Making Social Media Secure

Making Social Media Secure
By Devin Redmond

As social media hacks continue to increase, the Internet buzz about how best to protect social accounts has also grown louder. As big brands like the Associated Press and others are hacked, loads of vendors and “experts” have started espousing processes and promoting technologies to secure social media accounts and prevent hacks. Yet there is no silver bullet: making your social media secure and protecting your brand requires a multitude of technologies and processes, some of which we’ll explore here.



Two-factor Authentication for Twitter

Last year, Twitter released two-factor authentication to increase user and account level security. Its two-factor technology requires the account password and a code sent to your phone.

Unfortunately, Twitter’s two-factor authentication isn’t scalable for accounts with more than one admin (i.e., any large brand) and doesn’t stop unauthorized tweets from applications. Additionally, if a user logs in with two-factor from a computer infected with malware, the hacker can pass tweets through the properly authenticated session.

So, although two-factor is a great way to prevent hackers from simply guessing your password, it’s not going to stop any of the more capable hackers, nor will it work on an active, brand owned account.

Physical Controls

To complement its two-factor authentication system, Twitter also issued a set of recommendations for social media marketers, including dedicating one computer just for Twitter publishing.

In reality, social media teams generally consist of multiple people across various departments and locations, so it’s not practical to only publish content from a single terminal, especially given the mobility of today’s employees and the need to interact with followers in real time – a key tenet of social media.

Physical controls do play an important role in social media security. Strong passwords, encryption, remote wipe, etc. are all important safeguards to ensure that unauthorized personnel don’t steal or gain access to trusted devices that have the capability (e.g., stored credentials) to access your social media accounts.

Content Moderation

Many organizations review and moderate content to block spam and offensive, abusive, and potentially regulated content. As social has become more and more ingrained as a means of communication within both everyday life and marketing strategy, content – both good and bad – has increased, and effective manual moderation has become essentially impossible.

Automated spam and malicious content removal tools are extraordinarily helpful technologies for combating the problem of content overload and removing inappropriate, offensive, or unwanted material from an account.  Although this doesn’t prevent the hack, it helps mitigate the impact and provides a quick remedy.

Profile Locking

Profile locks create a snapshot of your approved account profile – your correct logo, description, website, etc. – and regularly scan your profile for changes. If changes are made – by a hacker or a mistaken employee – profile locks will automatically alert you and can revert any subsequent posts and activity.

Publishing Tools

A common industry practice is to use publishing tools as a control mechanism for workflow and compliance. While these reduce the number of people with direct access to the account, they won’t actually catch or stop an account hack.

Publishing tools are a great way to make sure only authorized content gets distributed from authorized users. However, they only work if and when people use them correctly , and, more often than not, employees bypass them for convenience. Furthermore, there are cases where the credentials for publishing tools have been compromised and accounts were abused via the approved publisher.

So, although publishing apps are important and necessary, they have a very limited scope when it comes to security, and neither directly nor effectively stop hacks or other kinds of abuse of your social media accounts.

Application Controls

Do you know how many applications are authorized to publish to your accounts? Chances are there are quite a few, since you likely have multiple admins, each with their own authorized applications.

Social media application controls connect into your accounts to inventory and regulate which applications can access and publish on your behalf. Application controls, for example, can ensure that only a single application or explicitly approved set of publishing tools can push content to your social media accounts. In addition to helping you ensure compliant publishing, reduce blunders, and improve publishing ROI, they also ratchet down the attack surface to prevent attackers from bypassing your security controls, greatly reducing your risk profile.

Application controls aren’t the end all to social media security. If, for example, the only allowed publishing application is a web browser, then the browser itself is still a viable attack vector for hackers. But, if you combine your application controls with one or more of the aforementioned technologies/strategies, then your security increases exponentially.

Building a Secure Social Architecture

There is no perfect solution for securing your social media assets to effectively ward off hackers and prevent abuse. However, choosing a careful combination of technologies and strategies, such as the ones listed above, will give you the most effective defense against social media hacks and mistakes.

Devin Redmond is the CEO at Nexgate, a leading provider of social media security and compliance technology for enterprise brands.

Journalism Professor Analyzes Role of Political Cartoons, Social Media During Syrian Crisis

Journalism Professor Analyzes Role of Political Cartoons, Social Media During Syrian Crisis
By Mike Krings

Political cartoons aren’t just for newspapers any more. A University of Kansas professor and her students analyzed how political cartoons were presented on Facebook during the Syrian uprising, the themes they explored, reactions to them and what they can tell us about social media use in Syria.



When Syrians rose up against President Bashar al-Assad in 2011, the government began a severe crackdown against its people. Hyunjin Seo, assistant professor of journalism, and doctoral students Goran S. Ghafour and Ren-Whei Han archived and analyzed 164 political cartoons from the Comic4Syria Facebook page, a site devoted to posting cartoons from professional and amateur illustrators about the conflict and the suffering of the Syrian people. The researchers examined cartoons from July 24, 2012, when the page opened, until Nov. 23, 2013.Seo and her co-authors analyzed the images to understand more about the topics of the cartoons, the frames they used, characters depicted in them, how they depicted men, women and children and which types of images drew the most reaction from viewers.

Examining political cartoons from Syria in a digital age served several purposes, as social media has allowed more people to share political opinions freely. The medium is also undergoing transition from being the domain of newspapers, especially in countries such as Syria with significant media censorship.

“As the platform has become more democratic, I think there are a lot more studies that can be done about the role of political cartoons,” Seo said. “Their use in Syria was very interesting as the landscape of Syrian opposition is very complicated.”

The researchers analyzed the structure of the cartoons to determine common features. Of the 164 images studied, 81 percent featured Arabic only, while 11 percent featured English only and about 8 percent featured both Arabic and English. Nearly half, 47 percent, of the cartoons featured both male and female characters, 39 percent featured only male characters, and only 1.8 percent featured only female characters. The rest featured characters whose gender was unclear or did not feature human characters at all.

Of the cartoons featuring human characters, 60 percent featured only adults, while 28 percent featured adults and children, while 3.7 featured only children, and the remainder were characters whose age group was unclear.

Syrian cartoons averaged more than 243 “likes,” with the highest number of likes reaching 1,531. Comments made on the images averaged 11.77, ranging from zero to 110. The images were also shared frequently, including one that was shared 3,237 times.

The researchers examined frames used in the cartoons and identified six: freedom, oppression, international influence, hypocrisy, media influence and sectarianism. Oppression was by far the most common frame, at 52 percent, while freedom and international influence followed at 14 and 12 percent, respectively.

The president’s regime was by far the most common topic, featured in 89 percent of analyzed comics. Mental torture and physical torture were also common, featured in more than 50 percent of the cartoons as well.

The most common topics and frames did not necessarily draw the most viewer reaction.

“There were cartoons examining media effects and how they were distorting facts and supporting al-Assad’s propaganda,” Seo said. “Those were the cartoons that received the most likes.”

Cartoons with a hypocrisy or oppression frame followed media influence in most likes generated. Freedom and sectarianism received the fewest. Media-influence cartoons were also the most shared, followed by international influence and hypocrisy. Those patterns held true for cartoons that generated the most comments as well. Media influence was once again at the top.

In terms of cartoon topics, martyrdom was the most effective, generating more likes and comments than others such as mental torture, al-Assad’s regime and others. However, in terms of which topics were more likely to be shared, mental torture rated the highest, followed by martyrdom, international influence and the Syrian regime.

When examined by types of characters featured, those with political leaders of other countries received the most likes, comments and shares.

Seo and her co-authors will present their research in May at the International Communication Association Conference in Seattle. The research is part of an ongoing line of work in which Seo has analyzed the role social media can play in social change. She has studied social media use during the Arab Spring, Twitter images used in the Israeli-Palestinian conflict and Internet connectivity in the Middle East. She is beginning a new grant-funded study in which she’ll analyze the Facebook use of al-Assad and opposition forces during the ongoing uprising and civil war. She was also selected as an emerging scholar by the Association for Education in Journalism and Mass Communication in recognition of her work.

The analysis of Comic4Syria images not only adds to visual communication studies, it helps provide a deeper look at how Syrians viewed the uprising, especially important in a region of the world in which media censorship is common practice and crackdowns were common against both Syrian and foreign journalists.

“Social media has emerged as an important channel through which Syrian civilians document the Syrian revolution and people around the world get a glimpse of what was happening in Syria,” the authors wrote. “By analyzing political cartoons posted to the Comic4Syria Facebook page, this research helps provide a more nuanced understanding of digital media-facilitated communication practices in Syria.”

Mike Krings is a public affairs officer in the KU News Service.