free good or bad

Free – good or bad?

It’s always nice to get something for free. Or is it? There are really some free lunches on the net. But what appears to be free can have a hidden price, which often is paid by other means than money.

Internet did for a long time lack payment models and everything on the net was truly free. This was fine on a net that was an academic tool and playground for enthusiasts. Our Internet of today is totally different, and to a large extent business driven. But the culture of getting stuff for free on the net is deeply rooted. People are used to free stuff, or are hesitant to use payment on the net in fear of fraud. This has created a lot of new business models based on free products and services. Either genuinely free or with a hidden compensation. One of the important skills for today’s cybercitizens is to recognize these business models and understand the hidden risks and compensations. Read on to learn how.

Before you take the bait you should always ask yourself: Why is this thing offered for free? That’s the key questions as the vendor’s motives dictate if the product or service is safe to use. First look for info about who made the product and why. Then try to place it in one of the categories below. Now it will be a lot easier to make an educated guess about how safe it is.

Ad-financed

A very common way to provide free products or services. Ads are showed to you and the vendor gets money from the advertisers. Be careful with ad-ware your children are using. You have no control over the ads and some content may be unsuitable. Otherwise these are mostly legit if you don’t find the ads too annoying.

User profiling

“If you don’t pay for the product, then you ARE the product.” This is taking ad-ware to the next level. Big data companies like Facebook and Google offer their services for free, but create extensive profiles over their users and utilize them for marketing purposes. This is a privacy problem as you have no control over what data they collect and how it is (mis)used. Intelligence agencies are on top of that also eager to tap into your data. If Facebook knows something about you, then NSA knows too. The problem here is that it is very hard to know what price you really pay for the “free” service. You should consider if the privacy risk is worth taking for the value you get in return.

Hobby and ideological

Many create programs and web services for fun. Giving it away and seeing that people really use it is part of the joy. Some may also have ideological motives, like fighting corporate dominance, guarding peoples’ privacy or defeating net espionage. Products in this category are genuinely free and there’s no hidden compensation. The Firefox browser is an excellent example. The Linux operating system is another.

This “business model” is safe for the customer, but the products and services may not always be the safest choice technically. Providing safe software is a tough task and requires constant maintenance. Hobbyists are not always professional enough for this. In this category you will find a wide range of products with technical security ranging from excellent to very poor. It’s also futile to expect good support services in this category, unless the product has a well-working user forum that provides peer-support.

Donation financed, “begware”

This is a variant of the previous class. Some providers of free software ask for donations openly. This is like a product with a voluntary payment. A lot of people will use the product for free, but some will contribute a couple of bucks to cover the vendor’s expenses. Wikipedia is a good example. BTW, have you ever donated to them? I have and I think it’s very well spent money. The value I get in return is far greater.

Taxpayers’ money

Some free services are provided with tax-payers’ money. These are typically OK to use. Quality might vary tough, as the public sector often lacks the culture of customer service and competitiveness.

Upselling or service fees

Many vendors provide a basic product or service for free, and more functionality or capacity for a price. This is a nice way to let customers try it out and decide later if they need the paid version. Sometimes the product is entirely free and the business model is based on selling support services for it. There’s nothing wrong with this business model and the products are usually OK if the vendor is trustworthy.

Bundles

Getting something for “free” when buying something else is a common marketing trick. It’s not really a free product, the pricing scheme is just set up to hide its true cost. A common example is receiving a “free” mobile phone or 4G-dongle when signing up for a 2-year subscription. Hardware prices are declining and many people have a misconception that these bundled items are worth more than they really are.

Pirated content

Some content is offered to you free of charge and with no strings attached, but the distributor lacks the right to distribute it. Distributing stuff without permission is illegal practically everywhere, but your status as receiver is not as clear. Whether it is a crime to download the stuff depends on your country’s legislation. Also remember that the common peer-to-peer sharing networks, like BitTorrent, both download and share at once. It’s also common to distribute malware masqueraded as pirated software. The safest way is to look for the content’s original vendor or distribution point, and download it from there. Then you will learn if it really is free, and lose the malware as an extra bonus.

Scams and malware

Malware and scams are often masqueraded as free offerings. Be extremely careful if you are tempted to sign up for anything that sends you “free” information as text messages. Your mobile phone number is a payment method and scammers can charge you for bogus messages sent to your mobile. It can be next to impossible to get them cleaned off the bill. What you think is a handy utility program may also turn out to be malicious software. If you can’t figure out why the tool is free, the real reason may be to plant malware in your computer or mobile device.

Let’s finish with a checklist for people considering using a free service or product:

  1. Find out who made it. Check if the vendor declares openly why the product is free.
  2. Check if the vendor offers paid alternatives to the free version and how they differ.
  3. Try to figure out what category the free offering belongs to.
  4. Is the vendor trustworthy? You shouldn’t use software from untrusted sources even if it’s free.
  5. Finally consider if the free offering really is what you want. Sometimes it’s a great alternative to expensive products, sometimes you pay a high hidden price just to save a couple of bucks. And sometimes the free alternatives just aren’t up to the task and you would be better off with a professionally made product. Consider if it really is smart to save a couple of dollars and insert potentially unreliable code in the system with all your irreplaceable content?
  6. If you still are uncertain, search for user opinions on the net. The true free gems, like Firefox and Linux, have huge user bases and you can find a lot of info about them. Be careful if you have problems finding independent opinions about a free product you consider.

Safe surfing,
Micke

More posts from this topic

brain floppy, scanning engines, malware scanning

5 Ways We Stop Cyber Attacks In Their Tracks

See that floppy disc? That's how F-Secure Labs used to get malware to analyze. Nowadays, of course, it's much different, Andy Patel from the Labs explained in a recent post, "What's The Deal with Scanning Engines?" In just a few hundred words, Andy lays out what makes modern protection so different from the anti-virus that you remember from the 80s, 90s or even the early 00s. And it's not just that floppy disks the Labs once analyzed have been replaced by almost any sort of digital input, down to a piece of memory or a network stream. The whole post is worth checking out if you're interested in how relentless modern internet security must be to keep up with the panoply of online threats we face. But here's a quick look at five of the key components of endpoint protection that work in tandem to stop attacks in their tracks, as described by Andy: Scanning engines. Today’s detections are really just complex computer programs, designed to perform intricate sample analysis directly on the client. Modern detections are designed to catch thousands, or even hundreds of thousands of samples. URL blocking. Preventing a user from being exposed to a site hosting an exploit kit or other malicious content negates the need for any further protection measures. We do this largely via URL and IP reputation cloud queries. Spam blocking and email filtering also happen here. Exploit detection. If a user does manage to visit a site hosting an exploit kit, and that user is running vulnerable software, any attempt to exploit that vulnerable software will be blocked by our behavioral monitoring engine. Network and on-access scanning. If a user receives a malicious file via email or download, it will be scanned on the network or when it is written to disk. If the file is found to be malicious, it will be removed from the user’s system. Behavioral blocking. Assuming no file-based detection existed for the object, the user may then go on to open or execute the document, script, or program. At this point, malicious behavior will be blocked by our behavioral engine and again, the file will be removed. The fact is, a majority of malware delivery mechanisms are easily blocked behaviorally. In most cases, when we find new threats, we also discover that we had, in the distant past, already added logic addressing the mechanisms it uses.If you're interested in knowing more about behavioral engines, check out this post in which Andy makes then easy to understand by comparing the technology to securing an office building. So you must be wondering, does this all work? Is it enough? Well, our experts and our computers are always learning. But in all the tests this year run by independent analysts AV-Comparatives, we’ve blocked 100% of the real-world threats thrown at us. Cheers, Jason  

May 24, 2016
BY 
online_anonymity

Anonymity is not Just for Criminals – 3 legit Reasons to Hide your Tracks Online

  In 1853 a strange new invention appeared in the English cityscape, and caused a small wave of moral outrage among Victorians. This perceived threat to social order was not a new drug, political movement or saucy romance novel, but the seemingly harmless letter box. One reason was the shocking development of women now being able to post letters without consent from their husbands or fathers, and the other one was that sending anonymous letters would now be even easier. Maybe Victorians weren’t very thick-skinned, and were worried about unsigned letters calling people zounderkites and rantallions skyrocketing. Who knows?   History now tells us that these attempts to control this early form of long-distance communication were ridiculous. And yet, a modern version of this debate is happening even today: there are those who want to make encrypted, anonymous communication available for everyone, and those who wish to restrict it. No new technology comes without drawbacks, and encryption is no exception. However, just as with the Victorian letter box, the pros greatly outweigh the cons.   But why do people want to be anonymous online? Those who oppose encryption and other methods which advance online anonymity often throw around the tired argument “If you don’t have anything to hide, you have no need to be anonymous”. Not only does this statement show an astounding lack of perspective, it is also blatantly false. According to CBS there is a rising increase in desire for online anonymity, and there are many perfectly valid and legitimate reason to cover your tracks online. A lot of us just don’t feel comfortable with their Internet Service Provider, employer or even government having access to their surfing information. We all have a right to privacy, but technology is increasing the size of our digital footprint to the point when we can never know who is monitoring what we do online. Legislation, like the aptly nicknamed Snoopers Charter have the potential to give governments and ISP’s blanket rights to monitor web traffic of normal users in the name of security. This means the responsibility to protect our individual privacy rests increasingly in our own hands, and VPN services like our own Freedome go a long way in making that happen.   For many people, it’s about control. We share aspects of our lives and personality on social media and other websites, but the choice of what we share should be ours to make. This control is taken away by advertisers and tracking companies, who collect information about us from different websites and piece them together to form elaborate dossiers which contain way more information about us than most would be comfortable sharing, like your medical information or what kind of porn you watch. For many, part of being anonymous online is blocking this kind of intrusive tracking, and it’s hard to find fault in that.   The most serious group of people wanting anonymity are those for whom it is not so much a matter of principle but a matter of life and death. We are talking about activists, journalists and opposition supporters who operate under oppressive regimes or in places where criminals seek out and silence those who speak against them. It’s easy for those who support intrusive privacy legislation to forget that the governments who enact them will invariably have ulterior motives to “catching terrorists” or “protecting national security”: they give governments the power to control what we say.  Open and free communication is the greatest tool the masses have to keep those in power accountable for their actions, and there is nothing open or free about the kind of mass surveillance which is happening more and more, legally and otherwise.   What are your reasons to be anonymous online? This is not a black & white subject, and we’d be glad to hear your thoughts via the Freedome twitter channel @FreedomeVPN.

May 21, 2016
BY 
Sports Cartoon

3 Easy Steps to Stream your Favorite Sports Events, Wherever you are

It’s going to be a busy month for sports lovers from all corners of the world. Hockey fans are currently being treated to both the NHL playoffs and the IIHF world cup, and the coming month will see things like the Champions League final, the US Masters, the NBA playoffs, and to top it all off, the European Championships in football. This presents a problem for many of us. Particularly during the summer, we travel a lot and just might be unable to find a TV screen showing our favorite events. So does this mean we have to miss Kevin Durant sink yet another 3-pointer or be content with next-day highlights of the CL final between Real and Atletico? Thankfully not! The internet allows us to stream games online and watch your favorite matches anywhere, whether at home or under a beach umbrella. Unfortunately, your excitement can often be hindered by messages like “Sorry, this content is unavailable in your country.” This is known as geo-blocking, where the services check your IP address (the unique address of your device) and only allow access if it is located in a specific country. The obvious solution then is to change your IP address to a country where you can access the service. And the easiest and quickest way to do this is with a VPN. How Freedome VPN works The way VPNs work is very simple. Instead of connecting to the internet directly, a VPN first directs your traffic into a secure and private tunnel. The rest of the web won’t see where your traffic enters the tunnel, making your real location and IP address hidden. A VPN like Freedome also lets you choose where the other end of that tunnel is, and THIS determines where any website will think you are. Pretending to be virtually in another country is that simple! How to use Freedome VPN to stream sports Follow these simple instructions to watch your favorite sports live everywhere! Download and install Freedome VPN In the Freedome app, tap the location at the bottom of the screen, and choose your home country where the stream you want to see is available Navigate to the website of the streaming service or search for a legal live stream of the sports event online If on a mobile device, remember to turn “location” off, as some websites use this as an additional method of pinpointing your location It’s as simple as that! More about Freedome VPN Freedome is a hybrid VPN, available for both mobile and desktop platforms. In addition to letting users access content restricted to other countries, it protects your anonymity from websites you visit, and prevents even your internet service provider from snooping on your online activities. There are even a few features lacking in other VPN products, such as automatic blocking of intrusive tracking by advertisers, and protection from malicious websites. Get Freedome from our website to enjoy unrestricted access to the internet while protecting your privacy on the side!

May 16, 2016
BY