Bowman Offshore Bank Transfers on Tips for Offshore Company Formation

There is a common misconception that having an offshore company means that you are doing something illegal.  The truth is that having an offshore company can benefit your business in a number of very legal ways.  If you are looking at offshore company formation, there are a number of tips that you need to know about.  These tips will ensure that the offshore company formation process works for you.

Have a List of Questions

The first tip that you need to know about is to have a list of questions ready which are related to your business.  These questions should include why an offshore company will work for your business.  You should also consider who will be involved with the business and what your business exit strategy will be if something were to go wrong.  Any question that you have about forming an offshore company should be put on the list and you need to have this with you when you visit an advisor.

Choosing the Right Advisor

DIY offshore company formation is not recommended because there is a lot of knowledge that you will not have.  This is why you will need to choose the right advisor to help you start your offshore company.  The advisor will need to have extensive knowledge about different offshore locations and how you would form a company in these locations.

When you meet with the advisor, you will need to find out about their experience and training.  You should also ask them the questions on the list that you have.  If they are able to adequately answer all of the questions, you should consider working with them.

Choosing the Right Jurisdiction

One of the most important aspects of offshore company formation is choosing the right jurisdiction.  Not all jurisdictions will work for your company and it is important to know this.  You should look for a jurisdiction that has a good and long-standing reputation as well as being a stable country.  The company tax of the jurisdiction should also be looked at.  There are some popular jurisdictions such as Hong Kong and Belize, but you should ask your advisor for more information.

When looking at jurisdictions, you should also consider the other laws that govern the country.  There are some countries that have stricter regulations for certain types of businesses and you need to know about this.  You need to stay within the legal framework of the jurisdiction so knowing what this framework is will be important.

Know the Costs

There are many services that can help you form an offshore company, but not all of them will have their costs on their website.  This is why you need to discuss the costs of using the service early to determine if the company is within your budget.  The costs will typically include setup fees as well as the annual renewal fees.

Offshore company formation is not something that you should do yourself.  However, there is a lot of research that you should do before you contact and advisor or choose a jurisdiction.

Bell Moore Group Inc. Review: Importance of Client-centered Strategy

Bell Moore Group Inc. has been working for many years to provide compelling value to local and national property tenants and buyers. The firm has been staying true to their mission of providing excellent professional service to institutional clients including the MAB American Property REIT in Australia, Sentinel Pension in New York, Paul Mitchell Trust in Hawaii and Summit REIT in Canada.

The essence of the success of Bell Moore Group Inc. is their ability to create value and simply to make things better for their clients. It is their priority to provide their client’s specific needs considering the current situation and working together to develop appropriate solutions to successfully reach their business goals. Clients trust Bell Moore to accomplish whatever is needed to maximize the benefits from the target properties. The company does this by comprehending the specific requirements of each client; evaluating alternative locations and choosing the most advantageous site that can boost the clients’ potential income generation.

Bell Moore makes sure that their clients’ are well-involved and central to their process as it is the key component to providing high-quality service. By taking a client-centered strategy to property operations allows the firm to attain the client’s goal and objective. Bell Moore sees to it that a meticulous assessment of the present value and the prospective value of any property is undertaken as well as identifying as many alternatives as possible, only then can values be accurately gauged and the relevant solutions can be developed to assure income growth before implementation.  

Bellmoore Group Inc review and assess the initial and planning phase to clearly measure the extent of their clients’ present holdings and its potential capability for high returns. It isn’t all about the technical and financial needs of clients but more so in generating value for every client. And that is where Bell Moore has found its fundamental role and has also maintained its excellent professional service to establish value to its own operations.        

Devin Fitzpatrick Art Consultants Review: Tips om bruk av kunstverk for en god bedriftskultur

Bruke skjønnheten av kunstverk på kontoret eller eid bygningen kan tiltrekke seg mange positive følelser. Det kan virkelig legge til tilfredsstillelse av dine ansatte, besøkende og kunder. Dette er også for det formål å forbedre bedriftens kultur ved hjelp av kunstverk. Denne spesifikke er ikke bare for store selskaper, fordi hver og en bedrift må ha en god bedriftskultur.

Som bedriftseier bør du starte noen endringer i kontor designen hvis den føles tom eller kjedelig. Sørg for å sette "velge gode kunstverk for kontoret" på din gjøremålsliste. Se til at hver brikke kan tegne en positiv følelse. Du kan begynne med gledelig fotografier, spretter av farge, eller oppmuntrende kunst å gi noen gode Aura i ditt sted til fordel for hver person inn på kontoret. Ulike studier av enkelte eksperter viser at å plassere kunstverk på arbeidsplassen kan øke kreativitet i tillegg og gi en mer entusiastisk følelse til folket.

Her er noen enkle tips utarbeidet av Trusted Devin Fitzpatrick Art Consultants å hjelpe bedriftseiere eller personer med ansvar for å utforme sitt kontor med vakre kunstverk:

Identifisere

Du bør vite hva slags følelse du ville vise i alle kunstverk. Når en person går inn i et bestemt område i kontorbygg, hva følelser du ønsket å formidle gjennom kunstverk? Det kan være følelsen av lykke, innhold, håp, godhet, eller andre positive følelser. Kjenn følelsen og starte derfra. Få profesjonell hjelp av en kunst konsulent kan også bidra mye til det positive utfallet av valget ditt.

Epitomize

Du kan også representere din merkevare gjennom kunstverk. Velg et stykke som kan stille ut innholdet i din virksomhet til folket. For eksempel, hvis virksomheten tilbyr innovative og moderne merker eller tjeneste, så bør du plukke kunstverk med samme tema. Som nevnt tidligere, eksperthjelp av en kunst konsulent kan ha stor nytte du på grunn av deres ekte erfaring og kunnskap til Business of Art. Lag dine kunder eller håper ansatte har en idé om hva virksomheten handler om med sin kunstverk når de kommer på kontoret.

Lytte

Det viktigste er at du bør lytte til vurderingene av andre mennesker også, spesielt de ansatte. Vurder sine preferanser på samme nivå som råd fra din kunst konsulent, eller du kan fortelle din konsulent om deres likings og begge kan du finne ut av det.

En metode som Devin Fitzpatrick Art Consultants ser som en enklere måte å kjenne sine meninger og smaker utfører en detaljert undersøkelse. Hvis resultatene viser at mange mennesker er i favør av å ha en avslappende natur scener eller fotografier, må du velge kunstverk med lignende konsept. Snakk om det med kunst konsulent for å få bedre resultater. Det er stor mulighet for ansatte blir mer entusiastisk om sitt arbeid når de ser sine foretrukne kunstverk rundt kontorbygg.

Devin Fitzpatrick Art Consultants er en blant de mange pålitelige og respekterte Art konsulenttjenester som tilbyr profesjonell og briljant kunst råd. Hvis du ønsker en mer detaljert diskusjon om disse tipsene nevnt ovenfor, ikke nøl med å kontakte Devin.

TCG Tokyo Consulting Group Japan Tax Services

Tokyo Consulting Group Can Help Your Company with Filing Tax Returns in Japan

When setting up business abroad, it is crucial to be aware of how tax laws vary for each country. Japanese labor and tax laws are quite cumbersome, and their level of complexity is even greater for foreign companies. Mistakes are costly, and filing an incorrect tax return in Japan can dramatically increase tax return amounts, and lead to fines and penalties.

For foreign businesses in Japan, there are numerous tax returns to file, and figuring which returns are to be filed - and how - can be a great burden. At Tokyo Consulting Group, our experienced staff can provide simple and comprehensive solutions for tax preparation and reports of income tax in Japan. In addition to our Certified Public Tax Accountants, we have social insurance and labor consultant specialists who are dedicated to providing high quality Japanese tax services, including tax return preparation and filing. The services provided by our tax department cover the following fields:

·         Corporate Tax Return

·         Individual Tax Return

·         Consumption tax Return

·         Withholding Tax Return

·         Transfer price taxation

·         Arranging payment of local taxes

 Japan's Tax Regulations

In Japan, there are four main types of tax that result from corporate activity: corporate tax (national), corporate inhabitant tax (local), enterprise tax (local), and special local corporate tax (local). Specific legal provisions determine the scope of the income from which each of these taxes is calculated. Thus, it is crucial for a company in Japan to know precisely what its status and net corporate income is so that their tax may be calculated according to the appropriate bracket. For instance, the following brackets are used to set the tax rate of all corporate income taxes: taxable income below 4 million JPY, taxable income between 4 and 8 million JPY, and taxable income above 8 million JPY.

For companies with a paid-in capital higher than 100 million yen, the corporate inhabitant tax per capita levy varies according to the number of employees of the business (more or less than 50). The combination of employee count and capital amount is then used to assess the amount that must be paid by the corporation.

All businesses operating in Japan are subject to these regulations, and are required to file the appropriate tax returns.

Tax filing

Deadlines and extensions

According to Japanese regulations, corporations must file a final tax return in Japan on their income - and pay the appropriate amount - for corporate tax, corporate inhabitant tax, and enterprise tax within two months from the day following the last day of each taxable year (as set by the corporation). Extensions for filing may be granted under certain circumstances, but no extensions are granted for the payment.

Tax Payment

The payment must be done through a local Japanese bank, using vouchers provided by the Japanese government. Thus, it is necessary for the payment to be made locally, either by in-house local accountants, or by Japanese accredited tax representatives such as Tokyo Consulting Group.

Tax return filing

Regular tax returns are filed on the white form. The other possible type of filing is done on a blue form, which implies a variety of tax benefits. To be allowed to file a blue form, however, corporations must submit applications no later than the day prior to the starting day of the taxable year. Foreign entities may enjoy many tax benefits, provided they are acquainted with the rules and mandatory processes, and file the appropriate tax return in Japan.

 Tokyo Consulting Group Support

For a foreign entity, the situation is quite complex, as the incorporation aspect must be taken into account, and legal statuses and capital amounts must be clearly and transparently established.

Hence, it is crucial for a company or branch in Japan to know exactly which category it falls under, with regards to employee count, capital, and income. Failure to accurately measure and report such figures may result in overpaid tax, or in worse cases, financial penalties for underpaid taxes. On the other hand, foreign corporations with the appropriate knowledge, whether in-house or outsourced, can enjoy the various benefits and potential savings that can result from working with Japanese tax services.

As part of its support strategy, Tokyo Consulting Group has a dedicated overseas clients department, and long-lasting experience in helping foreign companies file tax returns in Japan.

Tokyo Consulting Group can fully consult, advise, and implement permanent solutions to support foreign companies. We can help foreign business avoid financial difficulties, and allow them to enjoy potential benefits and savings. Contact us today to learn about Tokyo Consulting Group's Japanese tax services.

Galveston Couple Charged In Cyberbully Case That Allegedly Led To Girl’s Suicide

GALVESTON, TX -- Two people have been indicted by a Galveston County Grand Jury on charges related to cyberbullying and the suicide of 18-year old Brandy Vela in November 2016.

Vela, who was a senior and Texas City High School, had complained to her family of online torment and harassment through threatening phone calls and fake online social media accounts.

On Nov. 29, the weekend after Thanksgiving, Vela stood in her bedroom with a handgun pressed to her chest, and pulled the trigger as her family pleaded with her to put the gun down.

She died on her way to Clear Lake Regional Hospital.

Andres Arturo Villagomez, 21, Vela’s former boyfriend and Karinthya Sanchez Romero, 22, who is Villagomez current girlfriend, were arrested Thursday by Texas City Police Investigators.

Villagomez is accused of publishing nude photos of Vela and is charged with unlawful disclosure or promotion of intimate visual material,a Class A Misdemeanor, and is being held on a $2,500 bond.

If he is convicted, he faces a year in jail and a $4,000 fine.

Romero is charged with stalking and online impersonation, both of which are felonies, and is being held on a $20,000 bond.

According to Romero’s indictment, she made threatening anonymous phone calls to Vela, and stalked her online.

If she is convicted, she faces up to 10 years in prison and a $10,000 for each charge.

Texas City Police are still investigating this case.

Meeting Point

We meet at our office/garage in Akihabara. It is only a 3-minute walk from JR Akihabara train station. We will give you detailed directions after you book a tour. You can access Akihabara easily by JR Yamanote Line, Keihin-Tohoku Line, or Sobu Line. Akihabara is a world-famous district in central Tokyo with hundreds of electric and anime-goods shops - it is a good place to spend time after the tour finishes.

Directions to Our Office/Garage

Take the JR Line (Yamanote Line, Keihin-Tohoku Line, or Sobu Line) and get off at Akihabara. Follow directions for Central Gate (中央口).

Exit the station via the Central Gate. After going through a ticket gate, turn LEFT and exit the station building.

Once outside the building, turn RIGHT and cross the street towards Yodobashi-Akiba building. After crossing the street, turn LEFT (facing Yodobashi-Akiba building) and continue for about 120 meters.

At the first corner after an intersection with traffic lights, make a RIGHT turn onto a small street. On the corner, there is a construction site surrounded by white walls.

Turn LEFT at the first corner. There is a Japanese restaurant on the corner. Our office is about 60 meters ahead on your right-hand side. It is located on the first (ground) floor of a 12-storied red brick color apartment building. The closest land mark is the AKIHBARA BAY HOTEL which is located in the next building to ours.

Cycling Tours Tokyo

We planned our tours for years. However we experienced the big earthquake in 2011 and had to postpone the plan. Now we are very glad to introduce our tours to you.

Based on our guide experience, we chose a lot of nice places that you cannot visit on big group bus tours. Since we are local professional guides, we always give you updated information.

All our guides passed national guide test and hold the national guide certificate. We are acknowledged by Japan Tourism Agency and the quality of service is ensured by the government. Sadly, there are some illegal guides who try to prey on tourists. Please ask your guide to show their guide certificate every time you join a tour. Please check Japan Tourism Agency site for detail.

Post Post Crisis Era to Continue

The Taper Tantrum vs. the Recent Rise in Yields

In 2013, the “Taper Tantrum” occurred when the market learned that the US Federal Reserve planned to wind down its quantitative easing program — signaling the end of monetary policy easing and the beginning of a shift toward monetary policy tightening. Consequently, Treasury yields rose 100 basis points over two months. The move higher in yields seemed like a reasonable reaction to such signaling. The recent move in interest rates also makes sense. The market is taking several things into consideration: 1. Uncertainty about the leadership of the Fed. Janet Yellen’s term as chair is due to end in February 2018. Given the Fed’s dovish policy during her tenure, the market is fearful that Trump will appoint a more hawkish leader who is more eager to raise interest rates and reset the tone. 2. Looser fiscal policy. Trump has championed both lower taxes and higher infrastructure spending. These policies, if implemented, would likely boost gross domestic product and increase the federal budget deficit. 3. Higher inflation prospects. Looser fiscal policy should be a tailwind for inflation. In addition, any protectionist policies, such as amending the North American Free Trade Agreement or implementing tariffs, could cause prices to move higher. Bond Fundamentals Moving Forward On one hand, lower taxes, fiscal stimulus and deregulation are all positive factors for riskier assets like stocks (and by extension negative for safer assets like Treasuries). But there are still many uncertainties and other factors that provide reasons to be constructive on fixed income: 1. Uncertain geopolitical backdrop. China is currently growing at a reasonably healthy pace, but that has been aided by a rapid expansion in credit. 2. Uncertain U.S. government policy. To paraphrase Aristotle, the market abhors a vacuum. Following the election, many aspects of government policy are in flux, from spending plans to foreign relations. 3. Risk that fiscal stimulus plans miss their target. The nonpartisan Tax Policy Center’s analysis of Trump’s income tax plan finds that, while high-income taxpayers would enjoy most of his proposed tax savings, middle-income families would receive an average tax cut of $1,000. 4. Risk of a trade war harming growth. If Trump were to follow through on his proposals to increase tariffs on foreign goods, his actions could spiral into a trade war. This would be negative for U.S. GDP growth. 5. Risk of restrictions on immigration hurting economic growth. One little-known fact is that the growth in GDP per capita has trailed total GDP growth by 40% since the financial crisis. 6. Risk of a shock hitting the economy. External shocks are, by nature, difficult to predict but can have wide-ranging effects. 7. Large number of buyers of U.S. government debt. U.S. and foreign pension funds and insurers use Treasuries as an important component of their portfolios, and this shows no sign of changing. What This Means for Investors Although it seems very likely to us that the Fed will raise rates gradually in years to come, expected risk-adjusted returns for investing in bonds remain appealing. Recent volatility in the municipal bond market is beginning to present more opportunities for munis*, while healthier realized inflation makes us continue to be supportive of Treasury Inflation-Protected Securities.

Five Keys to Investing in 2017

#1: Uncertainty Is a Sure Thing. Keep Calm and Carry On.

When it comes to shock and awe, 2016 delivered. The United Kingdom’s decision to leave the European Union, the election of Donald Trump as president of the United States, turmoil in China’s markets, challenges to globalization — clearly, the world remains an uncertain place.

Swift and dramatic change can inspire powerful emotions and lead to very human, but ultimately destructive, investment decisions. For investors confronted with confusion and uncertainty, the natural temptation is to retreat. “Keep calm and carry on” may be good advice, but for many investors it can be hard to follow.

#2: Diversification Still Matters, So Keep Your Balance.

In the 2008-2009 bear market, diversification didn’t matter. The Great Recession took a toll on nearly every asset class and portfolio. But in the 2000-2002 downturn, diversification worked. If you hadn’t piled into tech, you were spared a lot of pain when the dot-com bubble burst.

The debate over investment diversification is likely to go on and on, but today a strategic allocation in stocks and bonds around the world remains a hallmark of a portfolio that can help investors fulfill their objectives in the long run.

#3: Income is Scarce. Casting a Wide Net Can Pay Dividends.

There are nearly 50 million people over 65 in the United States, and many of them have one thing in common: They want their dividends. Millions of retiring baby boomers need income, but they may have to search far and wide for yield.

#4: Relax, It’s Not All Doom and Gloom.

Take a deep breath. Relax. In an age when doom and gloom seem to be all we read about or see on television, it just might be possible that things aren’t as bad as they seem. In fact, things may just be getting better — and not for the few, but for the many.

#5: Life Happens. Control What You Can With a Long-Range Plan.

Don’t get too high or too low. Try to maintain an even keel. Fight fear with facts.

All of those can be hard to do when the world’s markets and global economy are going through times that can be both exhilarating and frightening. The evidence shows that euphoric investors tend to buy high, and fearful investors sell low.

Hamilton Loomis to Lead Harmonica Workshop at Galveston College

Blues extraordinaire and island native Hamilton Loomis is returning home this spring to conduct a two-day blues harmonica workshop at Galveston College, and he wants you in on the action.

“It’s just for fun, there’s no red pens and you don’t get a grade,” Loomis said of the workshop on April 24-25 at the college, 4015 Ave. Q. “The great thing about the harmonica is that it’s user-friendly.''

“Ultimately, what I want them to get out of it is not only just picking up a new instrument, but to have an understanding of its context in pop music and blues in general, and the history of the instrument,” he said.

Indeed, Loomis’ love of The Blues has taken him on the ride of his life. At age 14, he was writing, arranging and performing his own music. He found himself in the sights of blues icons Bo Diddley, Johnny Copeland, Albert Collins and Clarence “Gatemouth” Brown, who took him under their wing.

“Growing up in Galveston, I dreamed of playing The Balinese Room which was part of Galveston’s history,” he said.

Operated by Sicilian immigrant barbers-turned-bootleggers Sam and Rosario Maceo, the Balinese Room was an elite spot in the 1940s and 1950s (Galveston's open era), featuring entertainment by Frank Sinatra, Bob Hope, Peggy Lee and The Marx Brothers.

The venue, which extended over the Gulf of Mexico at 2107 Seawall Blvd., was destroyed by Hurricane Ike on Sept. 13, 2008. Indeed, The Balinese Room was a pop culture icon; ZZ Top even wrote and performed a song about the club called, “Balinese.”

Loomis said that one of the highlights of his career was performing at the historic nightclub. In fact, he played there almost a dozen times before its demise.

“Growing up in Galveston as a young musician you dream of playing there, and when it becomes a reality it’s so satisfying, and at the same time very humbling and gratifying,” Loomis said. “I feel totally honored to have been able to a part of that history and to share that history.”

Loomis is doing his part to keep The Blues going strong, and the harmonica workshop at Galveston College is a big step in that direction. It’s a great chance for music lovers 12 and up to get some hands-on training from one of the best.

History of Galveston, Texas

The History of Galveston, Texas, begins with the archaeological record of Native Americans who used the island. The first European settlements on the island were constructed around 1816. The Port of Galveston was established in 1825 by the Congress of Mexico following its successful revolution from Spain. The city served as the main port for the Texas Navy during the Texas Revolution. Galveston was founded in 1836 by Matthew Sabo and served as the capital of the Republic of Texas. The Battle of Galveston was fought in Galveston Bay during the American Civil War when Confederate forces under Major General John B. Magruder attacked and expelled occupying Union troops from the city.

Exploration and settlement

Galveston Island was originally inhabited by members of the Karankawa and Akokisa tribes who used the name "Auia" for the island. In 1519, the Alonso Álvarez de Pineda expedition sailed past Galveston Island en route from the Florida peninsula to the Pánuco River. Pineda may or may not have actually seen the island, however, Spain lay claim to the entire Gulf Coast, including Galveston Island, based on the 1519 Pineda expedition. Soon afterward, Cabeza de Vaca and his crew were shipwrecked on the island (or nearby) in November 1528, calling it "Isla de Malhado" ("Isle of Doom"), and from there began his famous trek to Mexico. Various Spanish explorers charting the region referred to the island as "Isla Blanca" ("White Island") and later "Isla de Aranjuez" ("Aranjuez Island"). In 1685 French explorer La Salle named the island "San Louis" ("Saint Louis") and the name became fixed for some time.

Golden era

At the end of the 19th century, the city of Galveston was a booming metropolis with a population of 37,000. Its position on the natural harbor of Galveston Bay along the Gulf of Mexico made it the center of trade in Texas, and one of the largest cotton ports in the nation, in competition with New Orleans. Between 1838 and 1842, 18 newspapers were started to serve the island's rapidly growing population (The Galveston County Daily News is the sole survivor). A causeway linking the island with the mainland was finished in 1860, which paved the way for railroad expansion.

Storm of 1900

In 1900, the island was struck by a devastating hurricane. Even post-Hurricane Katrina, this event holds the record as the United States' deadliest natural disaster. In the early morning of September 8, high surf, despite prevailing winds out of the north, heralded the oncoming storm. By noon, low-lying areas near the Gulf and the Bay side of the city were flooding and the winds increased. Near 4 p.m. a storm surge approximately 15 feet (5 m) high slammed into the coast. Wind speeds reached approximately 125 miles per hour (201 km/h) (an estimate, since the anemometer was blown off the U.S. Weather Bureau building). Isaac Cline was the bureau's chief meteorologist.

Rebuilding and the "Open era"

Despite attempts to draw new investment to the city after the hurricane, Galveston has never fully returned to its previous levels of national importance or prosperity. Development was also hindered by the construction of the Houston Ship Channel, which brought the Port of Houston into direct competition with the natural harbor of the Port of Galveston for sea traffic. To further her recovery, and rebuild her population, Galveston actively solicited immigration. Through the efforts of Rabbi Henry Cohen and Congregation B'nai Israel, Galveston became the focus of an immigration plan called the Galveston Movement that, between 1907 and 1914, diverted roughly 10,000 Eastern European, Jewish immigrants from the crowded cities of the Northeastern United States. Additionally numerous other immigrant groups, including Greeks, Italians and Russian Jews came to the city during this period. This immigration trend substantially altered the ethnic makeup of the island, as well as many other areas of Texas and the western U.S.

Recent history

The economy of the island entered a long, stagnant period. Many businesses relocated off of the island. By 1959, the city of Houston had long out-paced Galveston in population and economic growth. Recognizing this, the Reverend Wendelin J. Nold, fifth bishop of the Galveston Diocese, was permitted by the Vatican to erect a Cathedral of convenience in Houston, naming Sacred Heart Church as co-cathedral. The diocese was then re-designated the Diocese of Galveston-Houston. Galveston and St. Mary's Cathedral Basilica still remained the home of the diocese, but now the bishop could more easily access the rapidly growing Roman Catholic population in Houston.

Online Info Blog: Internet security company springs big data leak

People aren’t actually saying that every cloud has an unencrypted lining but they are saying that every website protected by the online security service Cloudflare has been leaking encrypted session and user data—including credit card numbers and passwords—for months now and that millions of affected website users should promptly change their passwords!

Cloudflare, which provides million of online servers/websites with firewall-like traffic-filtering to protect against malicious hacking exploits, such as distributed denial of service attacks, announced on February 23 that it had a long-standing internal memory leak flaw. Cloudflare called it a “parser bug”, while the Internet security community-at-large dubbed it “cloudbleed” for its similarity to the Heartbleed memory overflow bug of three years ago.

It’s comforting how everyone pays lip service to security

The memory leak flaw was brought to Cloudflare’s attention on February 17 by Tavis Ormandy from Google’s Project Zero, which is tasked with finding such hidden code flaws.

World’s platform for change asks you to change your password

Change.org, which hosts millions of online petitions and is one of Cloudflare’s clients, sent out the following vaguely worded email on Saturday (February 25) to all registered users (including myself) recommending that we all change our passwords immediately:

We want you to feel safe when using our services and we have been monitoring this situation closely to ensure it does not affect our users. If you are ever in doubt about the security of your accounts with us, feel free to contact Change·org directly through our Help Center.

In fact, no one is suggesting that there is any evidence that any of these potential memory leaks from hundreds of millions (if not billions) of encrypted web sessions have been exploited by anyone. But it’s a good idea to “refresh” your passwords every so often, regardless of external evidence. You can cry “Heartbleed”, or “Wolf”, only so many times!

Three things can be assumed to happen as a result of this latest Internet security bug. Firstly, all website users affected will receive a direct notification advising them of the fact and recommending that they change their passwords. Secondly, the memory leak bug will be fixed.

And thirdly, most Internet users will conclude that this latest dire warning of an Internet security flaw affecting millions and millions of users is much ado about nothing—just like every similar warning of the last few years (not to mention that “world-ending” Y2K bug of  the year 2000).

After all, unlike a few of the malicious Microsoft Windows viruses and worms of yesteryear, which visibly destroyed data and took down bazillions of Windows computers, the high-profile software bugs of recent years have appeared to be mostly hype as far as end users are concerned.

The marketing of Internet flaws—but at whom?

Not to say that security flaws are not exploited by malicious coders. And yes, there is online identity theft and online credit card fraud aimed at individuals but the later two categories are very fuzzily documented—with no reliable numbers of actual consumer losses to online fraud.

Online Info Blog: Cloudflare Bug Spills Private Data Online

The source of the problem – which was discovered accidentally by Google Project Zero bod, Tavis Ormandy – was a memory leak caused by a broken HTML parser chain.

However, it was compounded by the fact that leaked data was then cached by search engines.

The leaked data included “private information such as HTTP cookies, authentication tokens, HTTP POST bodies, and other sensitive data,” Cloudflare CTO, John Graham-Cumming explained in a lengthy blog post.

“We quickly identified the problem and turned off three minor Cloudflare features (email obfuscation, Server-side Excludes and Automatic HTTPS Rewrites) that were all using the same HTML parser chain that was causing the leakage. At that point it was no longer possible for memory to be returned in an HTTP response,” he added.

Although Graham-Cumming claimed the bug was fixed globally in under seven hours, it may have been leaking highly sensitive data for months.

“The greatest period of impact was from February 13 and February 18 with around one in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests),” he added.

In fact, given the extent of the info cached by search engines, Cloudflare clients will now be under pressure to inform their own customers of the extent of the privacy snafu.

“The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I've informed Cloudflare what I'm working on,” said Ormandy.

“I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.”

Although he praised Cloudflare for its response to the issue, it’s also true the firm’s bug bounty offers little in the way of rewards for white hat researchers – free t-shirts, rather than money.

Former Google click fraud boss and current Shape Security CTO, Shuman Ghosemajumder, argued that it is “one of the widest exposures of confidential and sensitive consumer data ever observed.”

“This incident has many people suggesting that everyone in the world should change all of their passwords immediately,” he said.

“The total exposure is likely not that large – i.e., not all of your passwords have been compromised – but the problem is that almost any one of your passwords on over four million websites could have been compromised, so the safest course of action is to act as though all of your passwords were compromised.”

Kaushik Narayan, CTO at Skyhigh Networks, analyzed over 30 million enterprise users worldwide and found 99.7% of companies have at least one employee that used a Cloudbleed vulnerable cloud application.

“This means hackers could have stolen user passwords for these cloud applications – and may even have access to session keys exposed, while a session is live. But this user-data also revealed another surprise – out of 128 enterprise-ready applications that could have been compromised, only four were vulnerable,” he added.

“Cloudbleed is the latest in a string of vulnerabilities that should be of concern to enterprise IT security and a reminder us of the problems caused by user password reuse across corporate services and personal web sites and cloud services.”

Online Info Blog: Avoid scams

The web can be a great place, but not everyone online has good intentions. Here are three simple ways to avoid scammers and stay safe on the web:

Beware of strangers bearing gifts

A message is probably up to no good if it congratulates you for being a website’s millionth visitor, offers a tablet computer or other prize in exchange for completing a survey or promotes quick and easy ways to make money or get a job (“get rich quick working from your home for just two hours a day!”). If someone tells you that you’re a winner and asks you to fill out a form with your personal information don’t be tempted to start filling it out. Even if you don’t hit the “submit” button, you might still be sending your information to scammers if you start putting your data into their forms.

If you see a message from someone that you know that doesn’t seem like them, their account may have been compromised by a cyber criminal who is trying to get money or information from you – so be careful how you respond. Common tactics include asking you to urgently send them money, claiming to be stranded in another country or saying that their phone has been stolen so that they cannot be called. The message may also tell you to click on a link to see a picture, article or video, which actually leads you to a site that might steal your information – so think before you click!

Do your research

When shopping online, research the seller and be wary of suspiciously low prices just like you would if you were buying something at a local shop. Scrutinise online deals that seem too good to be true. No one wants to get tricked into buying fake goods. People who promise normally non-discounted expensive products or services for free or at 90% off probably have malicious intent. If you use Gmail, you may see a warning across the top of your screen if you’re looking at an email that our system says might be a scam – if you see this warning, think twice before responding to that email.

Watch out for scams using the Google brand. Google does not run a lottery. We do not charge training fees for new employees – if you receive an email saying that you have been hired by Google but have to pay a training fee before you can start, it is a scam. Watch out for people claiming to sell cars using Google Wallet. Find out more about various scams using the Google brand.

When in doubt, play it safe

Do you just have a bad feeling about an ad or an offer? Trust your gut! Only click on ads or buy products from sites that are safe, reviewed and trusted.

Many online shopping platforms have trusted merchants/sellers programs. These sellers typically have a visible stamp of approval on their profiles. Make sure that the stamp or certificate is legitimate by reviewing the shopping platforms’ guidelines. If the platform doesn’t offer a similar program, take a look at the number of reviews and the quality of reviews on the seller.

Online Info Blog: The Austalian

BECOME A MEMBER TO GET ACCESS TO EVERY STORY Subscribe for Leading National & World News Plus, complimentary digital access to The Wall Street Journal.

Online Info Blog: BBB warns about Valentine’s Day scams

Flower Fails

Because of the amount of money that consumers are expected to spend this Valentine’s Day on flowers, consumers can be certain that scammers and unscrupulous businesses will also be looking to benefit. To ensure that a Valentine’s Day bouquet is delivered as planned, follow these scam savvy tips:

- Let the BBB guide purchases. Research trusted florists and gift shops, check out customer reviews, and look for scams at bbb.org.

- Pick up the phone or visit the shop. Even if ordering online, visit or chat with the brick-and-mortar shop prior to making a purchase. Discuss the arrangement you are looking for, inquire about guarantees and ask about delivery times. Don’t make a payment until the order is clearly outlined and always ask for a receipt.

- Watch for unsolicited calls and emails. This time of year, phishing scams spike for those looking to treat loved ones with flowers and gifts. Fake e-cards can carry viruses, and unsolicited emails claiming to require additional funds for gift delivery are common.

Beware of Cupid Cons

The Internet’s ability to connect people through social media and online dating has been a godsend for many single folks. But with that convenience come opportunities for scammers to prey on the love-struck.

This is a common narrative with many Valentine’s Day scams. An interesting stranger builds a fake relationship with an unsuspecting target through phone or video calls, texts and emails. Eventually, the scammer claims to be experiencing a financial hardship — or begs for funds to come visit the love-struck victim. After money is exchanged, the scammer cuts off contact. These types of scams are tricky because scammers know how to make people feel vulnerable and how to get them to do what they want.

How do you avoid a Cupid con? Looking out for the following red flags can help protect both your heart and wallet:

- Your new friend is a constant no-show. Traveling for business, house-sitting for an out-of-state friend, visiting family far away and other last-minute schedule changes are all common excuses scammers use to avoid meeting people face-to-face. An interested girl – or boyfriend would normally want to make time to get to know you better in person. So, if a new love interest is avoiding you, it’s time to get a little suspicious.

- Their social media profiles don’t match, are very new or are nonexistent. Contact information, pictures and background information the person shares with you should match what you see on their social media profiles. A shortage of online friends and contacts, stock photos and spelling/grammatical errors can be clues that you are being wooed by a scammer.

- They ask you for money. Asking for a loan from even the closest of friends can be uncomfortable (not to mention unwise), so why would a new love be boldly asking you for cash? From medical emergencies to claims of being robbed — a romantic scammer isn’t afraid to brazenly beg. Be particularly wary of anyone asking you to send funds via wire transfer or a gift card. And never give money or share banking information with someone that you have not met in person or don’t know very well.  

Security and Risk Online: Basic Precautions to Protect your Identity Online

Do you feel protected from hackers? Do you still think that until now, your online accounts or money hasn’t been hacked yet? Whether you know it or not, hackers have probably hacked your online accounts already. And maybe, your personal details are currently in the black market on sale and available for viewing.

While it may be pretty much difficult to completely protect yourself online, taking some basic precautions can make your identity less appealing target for cybercriminals.

Take note of the following simple ways to keep your identity safe when you’re online:

1. To check if your personal information has been already compromised, you can check it by using this site: hasmyidentitybeenstolen.com which is a legit site that lets you input your email to determine whether your details have been stolen or not and if it is already available for viewing in the black market.

2. Regularly monitor your online bills and statements for any suspicious transactions that you know for yourself you haven’t made. Checking account balances and financial transactions using a software application like Mint.com or CreditKarma.com are one of the best ways to help detect fraud and stop it before it gets out of control.

3. Make sure to boost the security of your Wi-Fi connection at home by resetting the factory password on your wireless router. When accessing public Wi-Fi, do not choose to bank online or login your social accounts because free, public Wi-Fi and hotspots are prone from cyberattacks.

4. For added security, ensure that your system is up-to-date. There’s a reason why your software is requiring for an update so don’t get annoyed with the constant notifications that keep on popping up on your computer or device. Downloading the latest version of your software will guarantee that you’ve got the most current security measure in place.

5. Be cautious of phishing scams, they will send legit looking emails claiming that they are from a reputable company and will ask for the confirmation of your personal and financial details. Do not fall for this kind of trick!