Take a look at the c’t issue 1/2025: The c’t security checklists 2025

Hello from Hanover

Advertisement

Crime never sleeps, especially not on the Internet. The attacks by online fraudsters are currently mostly fully automated. Bots don’t care whether they are attacking a gigantic company or a private individual who has neglected to secure their access with a second factor. “It won’t affect me” is a really bad excuse. Especially since fraudsters are constantly coming up with new scams and sometimes apply a lot of pressure to steal money from you or your loved ones: via SMS, email, social media or in messenger apps such as WhatsApp & Co. Therefore, always remain skeptical when it comes to unknown contacts and contact them through secure third-party channels relatives if someone claims to be the granddaughter, brother or long-lost cousin.

Fraudsters are particularly targeting access to banking accounts. Using sophisticated phishing attempts via email, attackers try to block the victim on a bank website that looks deceptively real and then access their login details when they try to log in. That’s why you should always use the second factor and check carefully whether you are currently releasing. You can also set up a second factor for many online accounts with Google, Microsoft & Co. You are even more resistant to phishing or leaks with authentication methods such as passkeys.

We have put together tips for security in the home office, created checklists for smartphones and show how you can protect your WiFi router from attacks. To ensure that our tips spread as widely as possible, we have compiled all of the full-length checklists in a free PDF booklet. You can find the link there in the article:

That too!

While we were talking about security: How secure is personal data on social networks like Facebook & Co.? Not quite so sure, as it turned out in 2019. A huge data leak on Facebook came to light, through which unknown automated profile data could be accessed, including the stored mobile phone numbers. Since these data sets began circulating on the dark web, many affected people have complained about SMS spam, phishing calls and other harassment.

In a recent ruling, the Federal Court of Justice determined that those affected by this scraping attack are entitled to non-material damages in accordance with Article 82 of the GDPR. The BGH suggests a “size of 100 euros”. In Germany, over six million Facebook users are said to be affected. Based on the ruling, the Federal Association of Consumer Organizations (vzbv) filed a class action lawsuit against Facebook parent company Meta Platforms Ltd. at the beginning of December. submitted. Those affected will soon be able to join this lawsuit. If you are unsure, you can check at haveibeenpwned to see whether your email addresses or mobile phone numbers can be found in the leaked Facebook data or in other leaks.

My personal highlights in the current c’t

In our SSD test we collect a wide range of types from fast to super fast. These include new products from Samsung and Raspberry Pi as well as finally more economical PCIe 5.0 technology.

On January 1, 2025, the last savings area codes (call by call) will be switched off. High connection prices for landline connections can also be avoided with cheap VoIP tariffs. We put together practical tips for configuring the Fritzbox and cheap offers for the landline network.

Notebooks with the ARM CPU Qualcomm Snapdragon X were the first with the Windows Copilot+ logo. First comes the AMD Ryzen AI 300, then Intel’s Core Ultra 200V. Now Apple is sending the MacBook Pro with M4 and Apple Intelligence into the race. We tested everyone.

If it’s stormy and raining outside, you can still cycle: at home, with a smart trainer and an app like Zwift, Rouvy or Systm. We sort through the offer because indoor training is only fun and perhaps even addictive if the app fits your personal abilities.

Academic writing is about dealing intensively with the chosen topic and practicing academic habits. Is it even allowed to use artificial intelligence to help? Our guide shows how AI-supported texting promotes learning success and which rules must be observed.

Podcasting is fun, but making chapter markers isn’t necessarily fun. Some production steps are not creative, but rather repetitive, fiddly and exhausting. We present eight AI-powered tools that can ease the burden on podcasters.

Experimental physicists do not always work in oversized laboratories, but many build their experiments themselves and use surprising tools: Raspi and PIC32 are the basis for control units, cardboard boxes and floor cork serve as cladding.

PS from the editorial team

Maybe you have already seen it, news on our heise online platform is now also available in English. Under the label “Europe’s Premier Tech News”, the portal has been offering English-language reports for several weeks that are automatically translated. We use DeepL Translate for this, whose translation quality is significantly better than, for example, Google Translate. But of course, we have to rework it a bit, because automated translation like this also makes mistakes.

We would like to use the campaign to expand our reach in English-speaking countries. And the offer is actually starting to bear fruit. We are now increasingly quoted and linked from English-language sources; That rarely happened before. For me personally, the big advantage is that I can now finally direct my English-speaking contacts directly to ticker reports (that’s what we call the news internally), without the annoying note “unfortunately it’s only in German, but Google will certainly help with the translation”.

Always in c’t:

(United Kingdom)