CISPA: What Is It And Does It Affect Me?

CISPA  (pronounced “sis-puh”) also known as “The Cyber Intelligence” and “Sharing Act” may sound familiar, and that’s because it’s been the center of a huge debate on Internet freedoms and privacy in the past months. CISPA was first introduced to the house on November 30th, 2011 by republican Michigan house representative Mike Rogers. On April 26th, 2012 it passed the house (248-168). However, the senate vetoed it and thus it didn’t become a law. But, it saw the floor of the house once again when on February 12th 2013, Mike Rogers reintroduced it to the house. Following suit, it was put up for vote late last Thursday night, early Friday morning. As expected, it passed the house and now it is getting ready to be voted on in the senate.  Many are conflicted on this matter, on the good side it could be a big help to investigating cyber crimes and cyber attacks on companies from groups of malicious hackers. But with the good, there’s always the bad, and in this case very bad. Essentially, the main problem with CISPA is that it not only allows for the government to monitor Internet activity without permission or a warrant, it also allows for search and seizure without a warrant if you are under suspicion of cyber crimes without hard evidence. Many also will tell you that it plainly violates Internet privacy because provisions in this bill will allow for companies such as Facebook, Twitter, Google, and Yahoo to track and sell your information without your permission. Most also see this bill as the second attempt at increasing digital piracy laws after SOPA (stop online piracy act) and PIPA (protect intellectual property act) largely met vicious opposition from groups on the Internet such as Reddit, 4chan, and even communities on YouTube. If this bill is passed, internet privacy as we know it will change forever, unfortunately adversely.

TotalChoice Hosting takes our customers privacy very seriously. When CISPA was first introduced we were against it because of the blatant disregard for privacy. Not much has changed, we are still against CISPA and would like to spread awareness to our clients that this bill is on our doorstep and we, regular users of the internet, have a voice. Let’s stand together against CISPA and tell the US government that we value our privacy and do not want our information readily available to any individual, corporation or conglomerate. Our privacy cannot and will not be sold and TCH does not support any internet bill that will erode our internet freedom! Use the links below to be heard!

Links:

Share Button

WordPress Brute Force Attack

Hello TCH’ers,

I would like to inform everyone that a large distributed brute force attack against sites running WordPress is occurring throughout the entire internet. There are dozens of reports coming from various web hosts, both large and small, that a very large botnet with close to 90,000 servers is trying to log into random WordPress Dashboards by cycling through various usernames and passwords, otherwise known as a Brute Force attack.

Here’s What We Are Doing:

We have been battling this attack for the past 3 days and have had to block all requests to wp-login.php. We realize this may cause minor inconveniences for some clients, but we ensure you that we feel it is in the best interest of keeping your site and our servers safe. We also see that this is the current recommended solution throughout the internet for this issue.

Edit: April 12, 2013 – 5:10 PM (EST) – We have now enabled access to wp-login.php.

If you are currently having issues accessing your WordPress site, please submit a support ticket at our help desk so our technicians may investigate it further. You can access the help desk at http://support.totalchoicehosting.com

Here’s What You Can Do:

We would like to remind you how important it is to use strong passwords throughout all of your accounts. It is very important to change your password regularly to help protect yourself against these sort of attacks.

We also urge you to make sure you are using the latest and most updated stable scripts available. If you are using an older version of WordPress, Joomla, Drupal, etc., you should update immediately.

Limit Login Attempt: We recommend limiting login attempts to your WordPress Dashboard. There are various plugins that can help accomplish this. Here is an example of one: http://wordpress.org/extend/plugins/limit-login-attempts/

Install Google Authenticator: Thanks to a fellow TCH’er, we can recommend installing Google Authenticator. It enables a 2 part authentication process to add an extra layer of security to your blog.

Bad Behavior Plugin: Another TCH’er recommended looking into the Bad Behavior Plugin.

Thank you for your patience and understanding and remember, don’t hesitate to create a support ticket if you need help!

Edit: The attack is so widespread and well known that even magazines are covering it! http://www.pingzine.com/wordpress-admin-accounts-targeted-by-botnet-23840/

Share Button