Loading...
 

View Articles

Online safety and privacy (explained to children)

Bernard Sfez - 25/01/2023 09:29

Father of 2 teenagers with their own smartphones, I am concerned about privacy issues and their online safety. Between this hyper-connectivity and the constant implementation of new technologies without any hindsight on an often "involuntary" public, it is essential to prepare and protect our children for the revolutions to come and to give them the tools and the necessary education. For example, children (and adults) need to understand that the information they share online can be used for malicious purposes, such as harassment or impersonating. It is therefore important that they learn to protect their privacy by not sharing personal information such as their full name, address or telephone number.

Explanations of these things are all complicated and boring and I had to use a simple language and make it fun or at least pleasant. While teaching them how to safely enjoy the internet and providing them with a good security posture against malicious attacks, I saw adults walking by, stopping, listening and asking questions too. Motivated by my satisfaction in helping others, I decided to organize myself a little and prepare a publishable version of my "dad's wisdom meeting" 😉. This is the first post, let's see where the wind will take us...

Using unique password is good for your health

Bernard Sfez - 13/07/2018 09:09

Online credential stealing this year alone affected millions of users.
On the dark web files containing password and email from Netflix, Last.FM, LinkedIn, MySpace, dating site Zoosk, adult website YouPorn, as well as popular games like Minecraft and Runescape have been found and several database leaking have been reported from websites such as LinkedIn, vk.com, and Tumblr.

May be it is time for you to learn and understand why unique and different password for your activities are important and can save you, your work and your family ?

I received a threatening email today on an old mailbox used to compartiment SPAM and "unsafe" registration on different website and application.
A simple combination used for hacking, games or porn forum I had to scan to test tools... something like 10 years ago. :-D

Scanning them back I see one that was closed a few month ago and I guess the database was sold or ended in the wrong hands.

Security and bug-fix updates: Tiki 17.1, Tiki 16.3, 15.5 and Tiki 12.12 released!

Bernard Sfez - 26/09/2017 11:02

The Tiki Community has released updates to all supported branches of the Tiki Wiki CMS Groupware project. These updates address several vulnerabilities found in Tiki, as well as bringing miscellaneous bug fixes.

Special thanks to:

for reporting and assisting in verifying fixes for the security issues!

All Tiki website administrators are strongly encouraged to upgrade their sites to the latest Tiki versions: Tiki 17.1, Tiki 16.3, Tiki 15.5 LTS, and Tiki 12.12 LTS.

Visit https://tiki.org/Download to get the latest version.

It is time to update your Tiki ! (Tiki 16.1, 15.3 and 12.10 released)

Bernard Sfez - 29/12/2016 07:57

A new breed of Tiki has been released a week ago and the Tiki Community urge every user to update as it solve critical security issues. LTS (Long Term Services) versions are concerned, 12.x and 15.x, as well as the under going development 16.x branch so you got no excuses. With so many improvement and a few regression and bug fixes it is in your best interest to upgrade as those version not only contain security fixes but hundreds of small improvement, enhancement and regressions fixes.

The process is pretty smooth and doesn’t require that much knowledge thanks to the Tiki Install/Update process and your data will be safer as well as your files. As usual do backup of your database and if you feel it is too complicate for you ask from the Tiki Community for help, contact me or check the Tiki consultant list to have it done.

Skype being heavily targeted this end of year

Bernard Sfez - 15/12/2016 14:29

Skype the popular text, voice and video communicator has being targeted several time on several platform since October 2016.
If you were on Windows and Android it is now several weeks you are urged to update your version of Skype. Since an old backdoor was also found (by Trustwave's SpiderLabs analysts) on Mac OSX version it seem that everyone should update skype, period.

Skype, acquired by Microsoft for $8.5 billions in 2011 was born in 2003 (only) but became rapidly a very commonly used application with 300 millions of users, around 20% of adult Internet users are Skype aficionados! With such penetration, simple breach or hack have a huge impact on the entire community. Not infected system are getting spammed and must defend themselves or be defended while all this have a cost and decrease Internet performances. The virus infection come with a slow wave propagation. While this may fool some of us (we are not affected at the same time) this give a good advantage for those who are away from the source and by the time the virus or hack affect the system that they are connected to or may received information from they should have updated or upgraded their own application.

Vulnérabilité sur des modules Drupal, la question de l’usage de plugins externes (de nouveau)

Bernard Sfez - 14/08/2016 17:34

Drupal demande à ses utilisateurs de corriger plusieurs dangereuses brèches de sécurité qui permettent aux hackers de prendre contrôle de sites via une exécution de code à distance. Ce système de gestion de contenu (Drupal) affiche quelque 15 millions de téléchargements, comparés au 140 millions revendiqués par Wordpress et au 30 millions par Joomla, est utilisé pour gérer les informations de très grosses organisations ou sociétés qui incluent 9% des 10,000 sites les plus populaires.

Si le noyau de Drupal n’est pas affecté et que cela ne concerne pas 100% des sites, cette préoccupation met de nouveau en avant les problèmes liés à l’utilisation des modules/plugins/add-ons externes proposés par une tierce partie (développeurs ou compagnies indépendantes) pour être ajouté au logiciel principal et qui peuvent causer de graves préjudices au projet lui-même, à vos utilisateurs, votre business... votre dur labeur. Il est critique, si vous utilisez Drupal que vous lisiez attentivement les conseils publiés le 13 juillet 2016 par Drupal pour vérifier si l’un des modules que vous utilisez n’est pas affecté par le problème en question.