The power of what you CAN do. Flattening the curve, together

 

 

Credits: illustration by Toqa Liza

 

At MyIP we believe in the power of small acts of kindness done consistently. We believe in global solidarity and global support. That is why we are writing to let you know how we can enable you to stay safe offline and online.

We remain fully operational so that you can remain home.

During these moments of social anxiety and economic uncertainty, we remain fully operational, while taking all necessary precautions to ensure the health of our employees and the same level of performance of our service.

 

 

Credits: illustration by Toqa Liza

 

This is how we are handling the situation

Even if we can’t be closer physically, we remain connected.

We enabled all our employees to work remotely while keeping the same working hours in place.

If you need support on all things MyIP.io or want to say hi, feel free to reach out to us via live chat, email, phone or by leaving a ticket inside your member’s profile.

MyIP.io is a cloud-based company and can easily adapt to fulfill orders and requirements from anywhere on the globe.

You are safe with us.
The storm will pass, but the decisions we take now might change or greatly impact our future.

 

Credits: illustration by Toqa Liza

 

At MyIP.io, we take data security very seriously. That’s why we want you to be in charge of your online footprint and not compromise while in distress.

Our VPN service is geared with military-grade encryption so that your personal information doesn’t “fly” to unknown servers where it can be stored indefinitely. We operate by a strict “no logs” policy (read it here).

Encryption of our service.

Keep in mind that we offer static IPs, on all dedicated plans and tier 1 peering.

Our VPNs support all the latest security protocols including SSTP, PPTP, IPSec, L2TP, SSTP and 128bit  – AES, OpenVPN cipher.

When using our service you can easily switch between protocols, although we recommend you stick with the defaults.

Credits: illustration by Toqa Liza

 

 

 

The power of what you can control. Stay safe. Stay home.

Whether you’re using our service to work from home, access personalized content overseas or unblock geo-restrictions, rest assured you can count on us.  We will be providing you with great connectivity, no disruption of our service and round the clock technical support, as usual.

 

 

Guiding your way to recovery

On our road to global recovery, we advise you get your information from official sources, only. We recommend that you refer to sites such as World Health Organization’s  or CDC  and avoid all non-essential contact during this time, contributing to flattening the curve. Together, we can do this!
In the end, it is not the world that’s getting increasingly complicated, but it is only us that are becoming more aware. And to that, we say: “alright, alright, alright!”

 

New Year Off To A Rough Start. What Microsoft Data Breach Tells Us About 2020

Credits: The Washington Post / Tech Privacy Series 2019, by Matt Chinworth

 

Heightened tensions between the U.S. and Iran only three days into the year, bush fires of catastrophic proportions in Australia, and a novel coronavirus spreading fast in China and 2020 seems like is off to a rough start.

Is the world becoming an increasingly complicated place or are we simply becoming more aware?

 

History would disagree with the premise. 2020 seems like a walk in the park compared to 1945 of the nuclear bombing of Hiroshima and Nagasaki or 1941, the deadliest year of the Holocaust, when 6 million Jews died at the hands of Nazis. And if we continue to go back by the same principle, naturally, matters only worsen, like in 1914 when World War I begins or 1492 when Columbus reaches what is now America setting in motion a vicious process of enslavement and destruction causing the near-decimation of the indigenous, native population.

I could go as far as mentioning the plague or even the asteroid that stroke the dinosaurs, but I feel like we’re getting a little bit ahead of ourselves. And perhaps the mere comparison is just as unsettling and ultimately defeats the purpose of my premise, and I digress.

From the pragmatic to the existential, to the obscure, 2020 debuts with significant challenges, from Burkina Faso to Venezuela to Australia.

Maybe not as critical as all of the above, but certainly troubling is Microsoft’s 250 million customer service and support records that were breached due to server misconfigurations, leading to a rough start of the year in Silicone Valley, as well. 

Microsoft Data Breach – What happened?

 

Credits: Security@Me, behance.com

 

More than 250 million Microsoft customer service and support records were exposed for two full days. The data consisted of 14 years of customer and support records, dating back to 2005, mainly logs containing personally identifiable information such as email and IP addresses, payment information, locations, claims, cases, resolutions, and remarks. While payment information was redacted, everything else was in plain text form, so anyone with an internet connection could have accessed the data. 

A team of security researchers first discovered the data breach at Comparitech, who spotted 5 Elasticsearch servers where Microsoft stored the data set. Shortly after, they notified Microsoft, which secured the data, conducted an investigation in the next two days, and issued an apology. 

According to Microsoft, there were no signs of malicious use, assuring users that most personally identifiable information was scrapped before it was stored. For the rest of the information that was entered in non-standard formats, some of the data may have survived automatic scrubbing remaining as plaintext. On all these accounts, Microsoft claims everyone affected by the latter, was personally notified. 

What caused the data breach?

Upon investigation, Microsoft admitted to having misconfigured rules following a change in the database network security group. The company says they will be auditing policies and implement new tools to redact stored sensitive information and a new system to better monitor misconfigurations. 

What does the incident tell us about 2020?

After the 250 million records data breach, happening end of December, Microsoft experienced more security issues as 2020 started. An emergency security update was pushed after the NSA found a glitch in Microsoft’s cryptographic system. 

According to Chris DeRamus (Co-Founder of DivvyCloud), misconfigurations tell us a lot about the current state of affairs in 2020 network security: 

“Misconfiguring a cloud server can have massive consequences, especially when the server contains hundreds of millions of customers’ records. Aside from this incident with Microsoft, we have seen misconfigured Elasticsearch servers become an increasingly common culprit that recently caused data leaks at companies including Rubrik, Voipo, Gearbest, Meditab, and Dow Jones.

[…] What sticks out about this incident is the fact that in early November 2019, Microsoft announced that it will honor CCPA throughout the U.S., and it was the first company to extend GDPR rights to customers around the world. This shows that even a forward-thinking company like Microsoft, who is unrelentingly dedicated to protecting their customers, can suffer a data breach due to misconfigurations. If they can be affected, anyone can.”

He then goes on by saying that being compliant does not necessarily imply being secure in 2020, primarily for cloud and multi-cloud environments, as cloud by nature is made to accommodate frequent changes. Continuous automated cloud security strategy to detect and remediate misconfiguration needs to be in place, in real-time.

In 2020 data is the currency and sometimes even a political weapon to be reckoned with. In other words, data is today an informational, political and economic asset capable of traveling the speed of light in a vacuum( able to operate at 99.7% the speed of light according to researchers at the University of Southampton in England, source: Extreme Tech).

The digital world is now creating tangible value from big data so expect internet privacy to take an even more prominent route in the future. (Ain’t no going back)

Nowadays, security must come in layers, not only in the corporate environment but on a personal level also.

The number one thing you need to get in line with is being more security-aware. Having a VPN connection, for starters. It’s really simple to use and just like that poof! your data travels through an encrypted tunnel, safe from prying eyes and encrypted all the while.

It won’t save you from server misconfigurations, but it will make you less vulnerable while online.

Fact is, not only in Silicon Valley but across the continents, 2020 seems like a challenging time to be alive. Provided we survive the climate change, nuclear race and everything else in between, technology can either save or endanger us, leading to simplification, complication or both. And maybe, this is just the way things should go. In order to simplify, we must first face all possible complications, readjust, re-adapt and ultimately learn. In the meantime, reminding ourselves that trouble doesn’t operate on the Gregorian calendar is probably the most accurate image we should keep in mind about 2020.

The right to be forgotten

Five years ago, the EU ordered a privacy ruling enabling internet users to have certain information about them removed from search results. In other words, specific information relating to a person, entity or a company can be delisted internet across, depending on a set of specific criteria.

Naturally, the entity most impacted by the legislation was Google, the all-encompasing, larger than life search engine. Virtually anyone can request delisting of an URL that contains information, in their name by submitting a form where they state the reason for the delisting that is later analyzed for approval.

Credits: Google G-NEO remix by Katt Phatt™

What is the right to be forgotten?

The right to be forgotten or otherwise colloquially known as “search delisting” is basically a right to privacy “whereby individuals can request that search engines such as Google, Bing, and Yahoo delist URLs from across the Internet that contain “inaccurate, inadequate, irrelevant, or excessive” information surfaced by queries containing the name of the requester [7]. Critically, the ruling requires that search engine operators make the determination for whether an individual’s right to privacy outweighs the public’s right to access lawful information when delisting URLs.” (as stated by Google, read the whole document here)

Search delisting by the numbers

5 years after, more than 3 million delisting requests have been made since the law first came into effect on May 2014.
The scope of the ruling however, is still a question for debate about how search engines discern and resolve these requests, sometimes standing between a rock and a hard place, between the right to privacy and censorship.

First of all, the data set includes all requests filed with Google Search from May 30, 2014 to May 31, 2019.

Who wants to exercise the right to be forgotten more?

Out of the total requesting entities, no less than 84.3% are private individuals.

As far as hostnames go, half are social networks and forums, while the other half include directory sites that aggregate contact details and personal content from other sites such as Profile Engine.

What does it all mean?

Our Google Activity Should Be Nobody’s Business. Literally. And the EU directive is a good step in the right direction, as far as it does not border on the illegal or censorship. Beyond the matter at hand, there are businesses taking place in the search bar and far beyond, not only pay per click systems but extensive data collection of all your Google activity, is at the basis of high profiling well.. you, with a big emphasis on your shopping preferences or political affiliation.

Taking a privacy stance when it comes to using the internet is the new “drink responsibly”, so prior to feeling entitled to a private life while online, let’s just start with a clear mind in recognizing how much of what we put out there is actually in our power, slash hands, slash keyboards.

And yet another important amendment before you go, let’s also rise above the inclination of brand association, of trying to find a scape goat. Meaning that regardless if it’s Facebook, Google or big telecom names like say Verizon or Comcast, whichever the brand hype media is taking a stand towards, let’s just admit that privacy breaches and privacy concerns are virtually everywhere. High and low.

So, with realistic expectations of what the online environment means today from two main perspectives as informational medium and marketing tool, we can manage to reach a clearer understanding of what to do in order to preserve privacy, while enjoying all of the perks the online world brings to the table.

For enhanced privacy, people are also turning to VPNs to reclaim or preserve online freedom and privacy and we strongly advise that you do the same.

No longer an exotic tool,VPNs are now entering the mainstream and given the context it’s easy to understand why.
Simply put, when you’re using aVPN, all your data travels through a tunnel encrypted from end to end. In other words, not even your ISP will be able make sense of your data, since you’ll have all your online data happen elsewhere, not going through your ISP servers and encrypted all the while.