free good or bad

Free – good or bad?

It’s always nice to get something for free. Or is it? There are really some free lunches on the net. But what appears to be free can have a hidden price, which often is paid by other means than money.

Internet did for a long time lack payment models and everything on the net was truly free. This was fine on a net that was an academic tool and playground for enthusiasts. Our Internet of today is totally different, and to a large extent business driven. But the culture of getting stuff for free on the net is deeply rooted. People are used to free stuff, or are hesitant to use payment on the net in fear of fraud. This has created a lot of new business models based on free products and services. Either genuinely free or with a hidden compensation. One of the important skills for today’s cybercitizens is to recognize these business models and understand the hidden risks and compensations. Read on to learn how.

Before you take the bait you should always ask yourself: Why is this thing offered for free? That’s the key questions as the vendor’s motives dictate if the product or service is safe to use. First look for info about who made the product and why. Then try to place it in one of the categories below. Now it will be a lot easier to make an educated guess about how safe it is.

Ad-financed

A very common way to provide free products or services. Ads are showed to you and the vendor gets money from the advertisers. Be careful with ad-ware your children are using. You have no control over the ads and some content may be unsuitable. Otherwise these are mostly legit if you don’t find the ads too annoying.

User profiling

“If you don’t pay for the product, then you ARE the product.” This is taking ad-ware to the next level. Big data companies like Facebook and Google offer their services for free, but create extensive profiles over their users and utilize them for marketing purposes. This is a privacy problem as you have no control over what data they collect and how it is (mis)used. Intelligence agencies are on top of that also eager to tap into your data. If Facebook knows something about you, then NSA knows too. The problem here is that it is very hard to know what price you really pay for the “free” service. You should consider if the privacy risk is worth taking for the value you get in return.

Hobby and ideological

Many create programs and web services for fun. Giving it away and seeing that people really use it is part of the joy. Some may also have ideological motives, like fighting corporate dominance, guarding peoples’ privacy or defeating net espionage. Products in this category are genuinely free and there’s no hidden compensation. The Firefox browser is an excellent example. The Linux operating system is another.

This “business model” is safe for the customer, but the products and services may not always be the safest choice technically. Providing safe software is a tough task and requires constant maintenance. Hobbyists are not always professional enough for this. In this category you will find a wide range of products with technical security ranging from excellent to very poor. It’s also futile to expect good support services in this category, unless the product has a well-working user forum that provides peer-support.

Donation financed, “begware”

This is a variant of the previous class. Some providers of free software ask for donations openly. This is like a product with a voluntary payment. A lot of people will use the product for free, but some will contribute a couple of bucks to cover the vendor’s expenses. Wikipedia is a good example. BTW, have you ever donated to them? I have and I think it’s very well spent money. The value I get in return is far greater.

Taxpayers’ money

Some free services are provided with tax-payers’ money. These are typically OK to use. Quality might vary tough, as the public sector often lacks the culture of customer service and competitiveness.

Upselling or service fees

Many vendors provide a basic product or service for free, and more functionality or capacity for a price. This is a nice way to let customers try it out and decide later if they need the paid version. Sometimes the product is entirely free and the business model is based on selling support services for it. There’s nothing wrong with this business model and the products are usually OK if the vendor is trustworthy.

Bundles

Getting something for “free” when buying something else is a common marketing trick. It’s not really a free product, the pricing scheme is just set up to hide its true cost. A common example is receiving a “free” mobile phone or 4G-dongle when signing up for a 2-year subscription. Hardware prices are declining and many people have a misconception that these bundled items are worth more than they really are.

Pirated content

Some content is offered to you free of charge and with no strings attached, but the distributor lacks the right to distribute it. Distributing stuff without permission is illegal practically everywhere, but your status as receiver is not as clear. Whether it is a crime to download the stuff depends on your country’s legislation. Also remember that the common peer-to-peer sharing networks, like BitTorrent, both download and share at once. It’s also common to distribute malware masqueraded as pirated software. The safest way is to look for the content’s original vendor or distribution point, and download it from there. Then you will learn if it really is free, and lose the malware as an extra bonus.

Scams and malware

Malware and scams are often masqueraded as free offerings. Be extremely careful if you are tempted to sign up for anything that sends you “free” information as text messages. Your mobile phone number is a payment method and scammers can charge you for bogus messages sent to your mobile. It can be next to impossible to get them cleaned off the bill. What you think is a handy utility program may also turn out to be malicious software. If you can’t figure out why the tool is free, the real reason may be to plant malware in your computer or mobile device.

Let’s finish with a checklist for people considering using a free service or product:

  1. Find out who made it. Check if the vendor declares openly why the product is free.
  2. Check if the vendor offers paid alternatives to the free version and how they differ.
  3. Try to figure out what category the free offering belongs to.
  4. Is the vendor trustworthy? You shouldn’t use software from untrusted sources even if it’s free.
  5. Finally consider if the free offering really is what you want. Sometimes it’s a great alternative to expensive products, sometimes you pay a high hidden price just to save a couple of bucks. And sometimes the free alternatives just aren’t up to the task and you would be better off with a professionally made product. Consider if it really is smart to save a couple of dollars and insert potentially unreliable code in the system with all your irreplaceable content?
  6. If you still are uncertain, search for user opinions on the net. The true free gems, like Firefox and Linux, have huge user bases and you can find a lot of info about them. Be careful if you have problems finding independent opinions about a free product you consider.

Safe surfing,
Micke

More posts from this topic

15855489588_6c209780a9_b

How “the Cloud” Keeps you Safe

“The cloud” is a big thing nowadays. It’s not exactly a new concept, but tech companies are relying on it more and more. Many online services that people enjoy use the cloud to one extent or another, and this includes security software. Cloud computing offers unique security benefits, and F-Secure recently updated F-Secure SAFE to take better advantage of F-Secure’s Security Cloud. It combines cloud-based scanning with F-Secure’s award-winning device-based security technology, giving you a more comprehensive form of protection. Using the cloud to supplement device-based scanning provides immediate, up-to-date information about threats. Device-based scanning, which is the traditional way of identifying malware, examines files against a database saved on the device to determine whether or not a file is malicious. This is a backbone of online protection, so it’s a vital part of F-Secure SAFE. Cloud-based scanning enhances this functionality by checking files against malware information in both the local database found on devices, and a centralized database saved in the cloud. When a new threat is detected by anyone connected to the cloud, it is immediately identified and becomes "known" within the cloud. This ensures that new threats are identified quickly and everyone has immediate access to the information, eliminating the need to update the database on devices when a new threat is discovered. Plus, cloud-based scanning makes actual apps easier to run. This is particularly important on mobile devices, as heavy anti-virus solutions can drain the battery life and other resources of devices. F-Secure SAFE’s Android app has now been updated with an “Ultralight” anti-virus engine. It uses the cloud to take the workload from the devices, and is optimized to scan apps and files with a greater degree of efficiency. Relying on the cloud gives you more battery life, and keeps you safer. The latest F-Secure SAFE update also brings Network Checker to Windows PC users. Network Checker is a device-based version of F-Secure’s popular Router Checker tool. It checks the Internet configuration your computer uses to connect to the Internet. Checking your configuration, as opposed to just your device, helps protect you from attacks that target home network appliances like routers – a threat not detected by traditional anti-virus products. So the cloud is offering people much more than just extra storage space. You can click here to try F-Secure SAFE for a free 30-day trial if you’re interested in learning how F-Secure is using the cloud to help keep people safe. [Image by Perspecsys Photos | Flickr]

June 30, 2015
BY 
money, burnt, online, internet, scams

The 5 Internet scams your kid or mom is most likely to fall for

There wouldn't be billions people online every moment of every day if everyone was getting scammed all the time. Online security is, in many ways, better than ever, as are the sites designed to attract our attention. But exploits and the crooks that want to exploit us still exist, enjoying advanced malware-as-service models proven to steal our data, time and money. And with the awesome number of people online, scams only need to work a tiny percentage of the time to make the bad guys rich. We're sure you're savvy enough to avoid most trouble. But for everyone else you know, here are 5 common scams to look out for. 1. Ransomware. This scam, which F-Secure Labs has been tracking for over 5 years, prospers because it offers incredible returns -- to the scammer. "It estimated it would cost $5,900 (£3,860) to buy a ransomware kit that could return up to $90,000 in one month of operation," the BBC reports. It works like this. You suddenly get a message saying that your files are being held and you need to pay a ransom to release them. Sometimes the scam pretends to be from a police organization to make them extra scary: Anonymous cyber-currencies like bitcoin have made the scam even more appealing. "That's what really enabled the ransomware problem to explode," our Mikko Hypponen said. "Once the criminals were able to collect their ransom without getting caught, nothing was stopping them." They really do take your files and they generally will give them back. Ironically, their reputation matters since people will stop paying if they hear it won't work. Mikko recommends four ways to defend yourself from this -- and almost every scam: Always backup your important files. Ensure software is up-to-date. Be suspicious of message attachments and links in email. Always run updated comprehensive security software. He adds, "Don't pay money to these clowns unless you absolutely have to." 2. Technical support scams. "In a recent twist, scam artists are using the phone to try to break into your computer," reports the U.S. Federal Trade Commission. "They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need." Never give anyone who calls you unsolicited your private information or access to your computer. As a matter a fact, don't do that even if the call is solicited. If you feel the call may actually important, ask who they are calling from and then contact the organization directly. For more tips visit the FTC site. 3. Facebook freebies. Free iPad! Free vacation! Free gift card! If it's free, it's on Facebook and it comes from someone you do not know or trust directly, assume it's a scam. At best it's a waste of your time, at worst it could end up costing you money. Unfortunately, there are only two things you can do to avoid these scams. Don't follow people who share crap like this on Facebook and don't click on things that seem too good to be true. "There is no way a company can afford to give every Facebook user a $25.00, $50.00 or $100.00 gift card," Facecrooks, a site that monitors these scams, reminds you. "A little common sense here tells you that something is way off base." So be suspicious of everything on Facebook. Even friends asking for money. 4. Loan scams. Scammers are smart. They know that the more a person is in financial need, the more desperate she or he becomes. For this reason, loans of various kinds -- especially mortgages that are in foreclosure -- are often lures for a scam. Once they have your attention, they may use a variety of tactics to dupe you, the FTC explains. They may demand a fee to renegotiate your loans for lower payments or to do an "audit" of what you're paying. It may even go far enough that they'll ask you directly or trick you into signing over your house to ease the pressure from your creditors. There are many warning signs to look out for. Keep in mind that if you're ever in doubt, the best step is to back off and seek advice. You can also tell the person you're going to get a second opinion on this from a lawyer. If the person you're dealing with insists that you not or freaks out in any other way, it's a good sign you're being taken. 5. Money mule scams. These scams are a variation on the 419 scams where a foreign prince asks you to hold money for him. All you have to do is wire him some first. But in this case you may actually get the money and be used as a tool of organized crime. A money mule illegally transfers money for someone in exchange for some of the take. Many law-abiding people get drawn into this crime while searching for jobs or romance, which is why your should stick to legitimate sites if you're seeking either of those things. Greed and the lure lottery winnings and inheritances is also used as a lure for potential victims. Trust is the most important thing on the internet. Anyone who trusts you too quickly with offers of money or love is probably scamming you. Cheers, Sandra [Image by epSos .de | Flickr]

June 24, 2015