15% of Kids are Sexting…WAKE UP PARENTS!

What do you get when you give tech-savvy kids cell phones and have hormones that are out of control?  Something else for parents to worry about.

About 15 percent of American teenagers have received nude or semi-nude photos of their peers on their cell phones in a practice called "sexting," according to a new Pew Internet and American Life survey http://www.pewinternet.org/Reports/2009/Teens-and-Sexting.aspx. 

The nationally representative phone and written survey of 800 teens (ages 12 to 17, actually) also found that 4 percent of teens are sext message senders.

Please parents…don’t be naive about this.  My son has received 3 separate sext messages from girls he barely knows and from girls he knew well.  Each girl was trying to get his “attention”, feeling like this was a way for them to be “liked” by him.

Girls are just as likely as boys to sext, and older teens and teens who pay for their own cell phone are most likely of all to engage in the naughty cell phone practice, the survey found. 

Relationship currency

Teens in the survey said sext messages have become a form of "relationship currency" among their generation, Amanda Lenhart, Pew Senior Research specialist and author of the report, said in a statement. 

"These images are shared as a part of or instead of sexual activity, or as a way of starting or maintaining a relationship with a significant other," she added.

"And they are also passed along to friends for their entertainment value, as a joke or for fun."

For some teens, sexting has become a part of the American dating ritual. Gone are the days of sending flowers to your crush. Instead, some guys sext naked pictures of themselves or their "private parts" to girls. "It happens about 10 times a month," one high school girl wrote.

The survey also confirmed some of parents' worse fears about sexting. Another high school girl wrote: "Sometimes people will get into fights with their exes, and so they will send the nudes as blackmail ..." 

In addition, some teens admitted to feeling pressured to send sexually explicit photos of themselves. 

Attitudes to sexting varied amongst the teens themselves. Some viewed it as a safer alternative to real life sex, while others worried about the legality of the practice and the potential for public release of the images. 

Solutions?

So what is a parent to do? Marilyn Maxwell, a pediatrician at Saint Louis University who was not involved in the study, said the key thing is for parents to talk to their children.

"Sometimes parents are afraid to tell their kids what they want from them because they feel hypocritical because of the things they did as a young person," said Maxwell, who is a contributing author of the book "Questions Kids Ask about Sex: Honest Answers for Every Age." 

Maxwell's advice: Get over it. "You have to get over feeling hypocritical because you want the best for your child," she said. 

Parents should also establish ground rules before giving their child a cell phone. "Parents need to let their kids know up front that they have the right to read their text messages, emails, and other electronic communications if they suspect something is wrong," Maxwell said. 

In my house…my wife and I have “Surprise Phone Audits”, where, without warning, we ask for their phone and review all texts and pictures.  Our rule also includes…if we see ANY evidence of “deleted” texts (you’ll see gaps in the timelines of a text thread), then they loose their phone for a week.

-SuperDale

WARNING: Acrobat Reader Exploit…TURN OFF JAVASCRIPT NOW!

Malicious hackers are exploiting a zero-day (unpatched) vulnerability in Adobe’s ever-present PDF Reader/Acrobat software to hijack data from compromised computers.

According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions.  It is being exploited in the wild.

The company has activated its security response process but declined to offer any more details until an investigation is complete.

Unfortunately, the company did not provide any mitigation guidance for customers.

The folks at ShadowServer describe the situation as “very bad.”

We did not discover this vulnerability but have received multiple reports of this issue and have examined multiple different copies of malicious PDFs that exploit this issue. This is legit and is very bad.

Here’s what we know so far:

We can tell you that this exploit is in the wild and is actively being used by attackers and has been in the wild since at least December 11, 2009. However, the number of attacks are limited and most likely targeted in nature. Expect the exploit to become more wide spread in the next few weeks and unfortunately potentially become fully public within the same timeframe. We are fully aware of all the details related to the exploit but do not plan to publish them for a few reasons:

1. There currently is no patch or update available that completely protects against this exploit.
2. There is little to no detection of these malicious PDF files from most of the major Antivirus vendors.

With that said we can tell you that this vulnerability is actually in a JavaScript function within Adobe Acrobat [Reader] itself. Furthermore the vulnerable JavaScript is obfuscated inside a zlib stream making universal detection and intrusion detection signatures much more difficult.

In the interim, Adobe PDF Reader/Acrobat users are urged to immediately disable JavaScript:

Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

Or, better yet, use an alternative PDF Reader software program.

How to Setup and Configure OpenDNS

I’ve written about using OpenDNS in past post (and other blogs), but I’ve never really sat down and given step by steps on how and why to configure this free service.

First I’ll start with the “why”…WARNING…A little “GEEK” info coming at you:

When you type an address like www.yahoo.com in your browser address bar, the computer doesn’t know where yahoo.com points to and it will therefore ask the DNS server.

The job of a DNS server is to translate this human-readable web address (like www.yahoo.com) into a computer-readable number also known as an IP address (209.131.36.158). Once your computer knows the IP location of a web domain name, it opens the website in your browser.

DNS is such an integral part of our Internet life working behind the scenes every time we connect to a website. In most situations, our Internet Service Provider specifies the DNS Server address that we key into the browser network settings or the router.

Unfortunately, this can prove to be the weakest link in protecting our families.

The honest bottom line is that there's no way to absolutely, positively block porn, or anything else for that matter. You can make it more difficult, and maybe that's enough, but for every approach we might consider taking there will be ways to circumvent it.

So with that out of the way, let's block some porn...

You Are The ISP

The approach is actually quite simple: when a computer connects to your network at boot time, it asks your router for an IP address. Along with that IP address the router also provides the IP addresses that should be used for DNS lookups (the lookups that translate human readable "google.com" into what your computer really uses to connect: 74.125.19.104.).

OpenDNS

1. You’ll need to go to www.opendns.com 
2. Write Down “Your IP:” in upper right, and click “Create Account”.
3. Select your DNS Source (normally the Router option).
4. Choose your Router Brand…if you don’t see your router brand, select the “general router instructions” link.
5. Follow the instructions for configuring your router.
6. After you Finish the configuration settings, you’ll be directed to your “Dashboard”.  You’ll be promoted to enter your IP address (remember the number you wrote down on step 1?). If you have a dynamic IP (one that rotates every couple of days), then use the “client-side software” and follow the configuration wizard.

The Dashboard is you MAIN interface with OpenDNS.  From here you can customize which filters you want to use, custom error messages and look at the websites that are being blocked as well as the most popular site requested.

You can use the pre-built settings (High, Moderate, Low, Minimal or Custom).  I personally use custom so I can block all social networking, but I can put in an exception for Facebook.com

(Note: fbcdn.net is part of www.facebook.com)

With these settings any computer/device that connects to the internet through this router would use OpenDNS's service.

So what happens if your IP address changes?

This is a very common scenario for consumer internet connections, and is called "dynamic IP addressing". One day your internet connection might be on one IP address, and another day it might change. This is totally normal, and is controlled by your ISP.

You can update your IP address with OpenDNS manually, of course. However, OpenDNS does make available a small program which will automatically update OpenDNS's record of your IP address when it changes. You only need to install it on one machine - yours. Once OpenDNS understands that the internet IP address has changed for your account, its features are applied to all computers accessing sites through that connection.

With a little “tweaking” you can even add your own error messages.

I like my kids to know that they’re being monitored…just like the corporate world, when users know someone’s monitoring, web traffic to inappropriate sites drops dramatically. ;-)

One final caveat: what we've been talking about is web access. OpenDNS doesn't filter incoming email, so any porn spam you might be getting will continue, but the links to those site should be blocked. You'll need to investigate spam filtering solutions for that, and those are likely not things you'll be able to implement without impacting the computers involved.

I’m OUT!

-SuperDale

Facebook Users…Still giving out too much personal info.

I came across an article about how bad ID theft on Facebook is getting….yeah…..it’s worse.  Please read this article and WATCH the video!  Then educate your family and friends.

"According to Sophos, Facebook users are getting sloppier with their personal info, not better. Revisiting a 2007 survey in which a plastic frog got 87 hits out of 200 friend requests, this time a rubber duck and a cat got 87 out of 200 friend requests, plus a bonus 8 friends who decided to trust them anyway. The research also suggests that older Facebook users are sloppier than the young, being keener to build their list of friends. (The older users had more than 4x the friends each, on average, than the young.)"

http://www.sophos.com/blogs/duck/g/2009/12/06/facebook-id-probe-2009/

-SuperDale

Great Googly-Moogly

So Google just released “Public-DNS” (it’s still in beta). Configuring your DNS to point to Google should give you faster access. If you know DNS and you think about what Google does…their DNS cache/database is got to be huge…which should make things faster/more secure.

http://code.google.com/speed/public-dns/

Give it a try!

I’m OUT!

-SuperDale