Easy Contact
253 Main Ave, Passaic NJ 07055Call 973-777-5656
info@advantagecomputers.com
Fax 973-777-5821
© 2024 ~ All Rights Reserved
Advantage Computer Solutions
Company
Services
Testimonials
Amazing!
Zack is amazing! I have gone to him with computer issues for the past few years now and he always finds a way to fix… Read more “Amazing!”
Professional, smart & sensitive
Cannot say enough good things about Zack Rahhal and his team. Professional, smart, sensitive to small biz budgets and a helluva good guy. Could not… Read more “Professional, smart & sensitive”
AMAZINGLY WONDERFUL STAFF
stars indeed. So reliable and helpful and kind and smart. We call Al and he is “on it” immediately and such a FABULOUS teacher, patient… Read more “AMAZINGLY WONDERFUL STAFF”
Whatever my need, unfailingly helpful
I’ve been a customer of the staff at Advantage for many years now. They have never let me down! Whatever my need, however big or… Read more “Whatever my need, unfailingly helpful”
Best Kept Secret
I’ve known the Advantage Team for years. They are the absolute best techs in the field, bar none. I couldn’t tell you how many tens… Read more “Best Kept Secret”
Excellent Experience
I had an excellent experience with Advantage. Aside from being extremely professional and pleasant generally, Zack was incredibly responsive and helpful, even before and after… Read more “Excellent Experience”
Simply The Best!
Simply The Best! Our company has been working with Advantage Computer Solutions for a few years, Zack and his Team are AWESOME! They are super… Read more “Simply The Best!”
Awesome
The engineering team at Advantage Computers is the best in the business. They are nothing short of technical… Read more “Awesome”
It’s like having a cousin in the business.
Al, Nasser and Zack have been keeping our operations going for over a decade, taking care of our regular upgrades and our emergency system problems.… Read more “It’s like having a cousin in the business.”
Exceptional People
In many cases, exceptional people do not receive recognition for their hard work and superior customer service. We do not want this to be one of those… Read more “Exceptional People”
Highly Recommended
I became a customer about 6-7 months and I can say nothing but great things about this business. Zack takes care of me. I am… Read more “Highly Recommended”
Life Savers
THANK GOD for this local computer repair business who saved me hundreds, my hard drive was messed up, i called the company with warranty they… Read more “Life Savers”
I don’t have enough words to express my appreciation
I don’t have enough words to express my appreciation for Nassar and Paul, and the other members of Advantage Computer Solutions. I live in Bergen… Read more “I don’t have enough words to express my appreciation”
Minuteman Press Newark
Advantage Computer Solutions is absolutely great. They show up, do what they say they are going to, complete the job without issues (my other computer… Read more “Minuteman Press Newark”
Knowledgeable, Reliable, Reasonable
Knowledgeable, Reliable, Reasonable Working with Advantage Computers since 1997 for both personal and business tech support has been a rewarding and enjoyable experience. Rewarding, in… Read more “Knowledgeable, Reliable, Reasonable”
Excellent service!
Excellent service! I am the administrator for a busy medical office which relies heavily on our computer system. We have used Advantage Computer Solutions for… Read more “Excellent service!”
Great Advice and Service
Advantage offers great advice and service I bought parts for my gaming pc online and they put it together in a day for a great… Read more “Great Advice and Service”
Great Service, Support and Sales
Our company has been using the services of Advantage Computers since 2006. It was important to find a reliable company to provide us with the technical… Read more “Great Service, Support and Sales”
Extremely Professional and Passionate
Our company has been working with Advantage since the 1990’s and have been a loyal client ever since. Advantage does not make it very difficult… Read more “Extremely Professional and Passionate”
Handles all our Office IT
Advantage Computer Solutions has handled all of our computer and IT needs for the past 2 years. The staff is always professional and the service… Read more “Handles all our Office IT”
Passaic Housing Authority
Since 1996 the Housing Authority of the City of Passaic has been a client of Advantage Computer Solutions. Our Agency has utilized their outstanding services… Read more “Passaic Housing Authority”
They made sure EVERYTHING was working
“When the computer I use to run my photography business started acting erratically and kept shutting down, I was in a panic. I depend on… Read more “They made sure EVERYTHING was working”
ESET Research Podcast: Finding the mythical BlackLotus bootkit
A story of how analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat
The post ESET Research Podcast: Finding the mythical BlackLotus bootkit appeared first on WeLiveSecurity
ESET Threat Report H1 2023
A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report H1 2023 appeared first on WeLiveSecurity
Emotet: sold or on vacation? – Week in security with Tony Anscombe
Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide
The post Emotet: sold or on vacation? – Week in security with Tony Anscombe appeared first on WeLiveSecurity
What’s up with Emotet?
A brief summary of what happened with Emotet since its comeback in November 2021
The post What’s up with Emotet? appeared first on WeLiveSecurity
Deepfaking it: What to know about deepfake‑driven sextortion schemes
Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns
The post Deepfaking it: What to know about deepfake‑driven sextortion schemes appeared first on WeLiveSecurity
Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs
Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents
The post Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs appeared first on WeLiveSecurity
The good, the bad and the ugly of AI – Week in security with Tony Anscombe
The growing use of synthetic media and difficulties in distinguishing between real and fake content raises a slew of legal and ethical questions
The post The good, the bad and the ugly of AI – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Gmail client-side encryption: A deep dive
Nicolas Lidzborski, Principal Engineer and Jaishankar Sundararaman, Sr. Director of Engineering, Google Workspace
In February, we expanded Google Workspace client-side encryption (CSE) capabilities to include Gmail and Calendar in addition to Drive, Docs, Slides, Sheets, and Meet.
CSE in Gmail was designed to provide commercial and public sector organizations an additional layer of confidentiality and data integrity protection beyond the existing encryption offered by default in Workspace. When CSE is enabled, email messages are protected using encryption keys that are fully under the customer’s control. The data is encrypted on the client device before it’s sent to Google servers that do not have access to the encryption keys, which means the data is indecipherable to us–we have no technical ability to access it. The entire process happens in the browser on the client device, without the need to install desktop applications or browser extensions, which means that users get the same intuitive productivity and collaboration experiences that they enjoy with Gmail today. Let’s take a deeper look into how it works.
How we built Client-side Encryption for Workspace
We invented and designed a new service called, Key Access Control List Service (KACLS), that is used across all essential Workspace applications. Then, we worked directly with customers and partners to make it secure, reliable, and simple to deploy. KACLS performs cryptographic operations with encryption keys after validating end-user authentication and authorization. It runs in a customer’s controlled environment and provides the key management API called by the CSE-enabled Workspace clients. We have multiple partners providing software implementations of the KACLS API that can be used by our customers.
At a high level, Workspace client code takes advantage of envelope encryption to encrypt and decrypt the user content on the client with a Data Encryption Key (DEK) and leverage the KACLS to encrypt and decrypt the DEK. In order to provide separation of duty, we use the customer’s OpenID Connect (OIDC) IdP to authenticate end-users and provide a JSON Web Token assertion with a claim identifying the user (3P_JWT). For every encryption/decryption request sent to KACLS, the application (e.g. Gmail) provides a JSON Web Token assertion with a claim authorizing the current end-user operation (G_JWT). KACLS validates these authentication and authorization tokens before returning, for example, a decrypted DEK to the user’s client device.
More details on KACLS are available in Google Workspace Encryption Whitepaper and CSE reference API.
How we built CSE into Gmail
Google Workspace Engineering teams have been hard at work over multiple years to deliver to our customers the ability to have their data protected with client-side encryption. This journey required us to work closely with customers and partners to provide a capability that was secure, easy to use, intuitive and easily deployable. It was also important for CSE to work seamlessly across the Workspace products: you can create a Meet CSE scheduled meeting in Calendar CSE and follow-up with Gmail CSE emails containing links to Drive CSE files.
Client-side encryption in Gmail was built with openness and interoperability in mind. The underlying technology being used is S/MIME, an open standard for sending encrypted messages over email. S/MIME is already supported in most enterprise email clients, so users are able to communicate securely, outside of their domain, regardless of what provider the recipient is using to read their mail, without forcing the recipients to log into a proprietary portal. S/MIME uses asymmetric encryption. The public key and the email of each user are included in the user’s S/MIME certificate. Similarly to TLS used for HTTPS, each certificate is digitally signed by a chain of certificate authorities up to a broadly trusted root certificate authority. The certificate acts as a virtual business card, enabling anyone getting it to encrypt emails for that user. The user’s private keys are kept secure under customer control and are used by users for decryption of incoming emails and digital signature of outgoing emails.
We decided to leverage the CSE paradigm used for Drive CSE and not keep the private key on the device, to keep them as safe as possible. Instead, we extended our KACLS API to support asymmetric encryption and signature operations. This enables our customers to centrally provision and enable S/MIME, on the KACLS, for all their users without having to deploy certificates individually to each user device.
CSE in Gmail uses the end-user’s client existing cryptographic functionalities (Web Crypto API for web browsers for instance) to perform local encryption operations and run client-side code to perform all S/MIME message generation.
Now let’s cover the detailed user flows:
When sending an email, the Gmail client generates a MIME message, encrypts the message with a random Data Encryption Key (DEK) then uses the recipients’ public keys to encrypt the DEK, calls KACLS (with the user authenticated by customer’s IdP and authorized by Google) to digitally sign content and finally sends the authenticated and encrypted S/MIME message, which contains both the encrypted email and the encrypted DEK, to Google servers for delivery to the recipients.
When receiving an email, Gmail will verify that the digital signature of the email is valid and matches the sender’s identity, which protects the email against tampering. Gmail will trust digital identities signed by Root CA PKI as well as custom domain configurations. The Gmail client will call KACLS (with the authentication and authorization JWT) to decrypt the email encryption key, then can decrypt the email and render it to the end-user.
How we protect the application
Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between its facilities for all services. Additionally, Gmail uses Transport Layer Security (TLS) by default for communication with other email service providers. CSE in Gmail, however, provides an additional layer of protection for sensitive content. The security of Gmail CSE is paramount to us, and we developed new additional mechanisms to ensure CSE content would be locked into a secure container. On the web, we have been leveraging iframe origin isolation, strict postMessage API, and Content Security Policy to protect the user’s sensitive data. Those security controls provide multiple layers of safety to ensure that CSE content stays isolated from the rest of the application. See this simplified diagram covering the isolation protecting CSE emails during composition or display.
What’s next for Client-side encryption and why it’s important
CSE in Gmail uses S/MIME to encrypt and digitally sign emails using public keys supplied by customers, which add an additional level of confidentiality and integrity to emails. This is done with extensive security controls to protect user data confidentiality, but also transparently integrated in Gmail UI to delight our users. However our work is not done, and we are actively partnering with Google Research to further develop client-side capabilities. You can see some of our progress in this field with our presentation at the RSA Security Conference last year where we provided insight into the challenges and the practical strategies to provide advanced capabilities, such as AI-driven phishing protection for CSE.
Employee monitoring: is ‘bossware’ right for your company?
While employee monitoring software may boost productivity, it may also be a potential privacy minefield and it can affect your relationship with your employees
The post Employee monitoring: is ‘bossware’ right for your company? appeared first on WeLiveSecurity
Avoid juice jacking and recharge your batteries safely this summer
Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware
The post Avoid juice jacking and recharge your batteries safely this summer appeared first on WeLiveSecurity