Tuesday, September 9, 2014

Tips to Keep Your Kids Safe Online



Surrounded by computers, tablets, and smartphones, children in this day and age tend to be extremely tech-savvy. This is largely an advantage as our modern world is growing more technologically advanced.

This comes with many benefits, as kids can get an academic edge by accessing educational programs on a tablet or online. Likewise, by using a computer to learn about things they are interested in, or even just to play games and connect with friends, they become better equipped for the future. After all, technology is not going away, and most of us use it daily for school, work, socializing, and recreation.

However, modern parents know that the vast world of the internet can also be a seedy and dangerous place. Precautions are necessary to protect the privacy and safety of your children and family in general, so here are some tips to reduce internet related risks.

Set Limits and Be Involved

This varies depending on the age of your children, but limiting internet usage is usually a good idea. Whether its 30 minutes after school for games and chatting with friends, followed by a set homework-only computer usage time after dinner, you decide the rules for what and how long your kids use the internet for. Enable parental controls and content blockers to better prevent your children from accessing inappropriate materials.

Likewise, be involved. Know what sites your child visits and what their favorite games or activities are. For younger children, it may be good to check out sites they are interested in beforehand. Place computers in a centralized place to better monitor what is being accessed on it.

Use Antivirus and Security Software

All devices, especially if used by children, should have good security and antivirus protections in place. Kids are more likely to make accidental clicks or be tricked by disguised links. Keep your devices updated and enable firewalls to thwart viruses, Trojans, and other malware from stealing your family’s information if they are inadvertently downloaded.

Talk With and Teach Good Online Behavior

Reduce your child’s vulnerability to risks and tricks on the internet by educating them. Teach them about cybercrime, cyberbullying, viruses, spam, pop-ups and email/chat solicitations, as well as how to react in those situations. Teach them not to click on links or ads and what to do if they accidentally download or access questionable content.

Talk to them about who they are chatting with and remind them that friends they make online might not be who they say they are. Discuss why they should never agree to meet online friends in person or share their full name, address, phone number, or pictures of themselves. Things like having a strong password, logging out of their account, and protecting their online reputation are equally as important.

Kids (in all stages of their lives) are better protected if they learn good online behavior, how to guard themselves, and what the related consequences are. Don’t neglect teaching and talking with your children as this is a critical way to protect them and your family.

Friday, July 25, 2014

How to Secure Your Tablet



Designed to be halfway between a smartphone and laptop, tablets are often considered to have the best of both worlds. As functional as a laptop while still being compact and portable enough to carry around in a small bag or purse, for many individuals their tablets are their go-to device. This also makes tablets a tempting target for thieves and hackers. While most people know to secure their laptops and keep a careful hand on their smartphones, tablets can contain just as much vulnerable information.

From social media to banking, many individuals use their tablets for more than just playing Candy Crush. Wherever you happen to fall in that category, here are three more tips on how to better secure your tablet.

Download Carefully

In this day and age of prevalent technology, all of us at some point have been told to “Think before you click!” and other points of advice about keeping our devices safe. Nevertheless, accidentally downloading malicious files or apps is still very common. Even if you’re on a protected network, a more secure connection won’t be much help if you don’t exert caution when downloading.

Make sure that you only download from trusted sites, especially when it comes to tablet apps. Rather than risk malware from third-party sites, stick to reputable and official sources like the Google Play Store, iOS App Store, and the Amazon App Store. Also read the reviews and app permissions before downloading a new app. Many negative reviews or questionable permissions are often a good sign that something is wrong with the app or that it’s just not worth having in the first place.

Browse Selectively

If you must use a public Wi-Fi and don’t have a secured connection, be very selective when browsing through websites. Encrypted websites that have “https” addresses (instead of just ordinary “http” addresses) are more secure. As long as your provider encrypts the entirely of your email session, you are probably safe to check your emails without worrying that some stranger on the Wi-Fi is snooping on what you’re doing. However, avoid financially sensitive things like making online purchases or checking your bank account. Wait until you’re back on your secure home network or use a reliable VPN service while travelling.

Back Up Your Data and Use Security Apps

Simple to do yet so valuable, backing up your tablet data can be a lifesaver. Whether it gets lost, stolen, hacked, or just stops working, data backups are a basic step you can take to ensure that you don’t just lose everything. Some people prefer frequently backing up an external hard drive, saving their files to cloud storage services like Dropbox, investing in software that manually or automatically captures their data, or any combination of the above.

Another step is to consider is using security apps. These often provide features like virus protection, device location, and remote wipe functionality. There are many options as several apps that secure smartphones, like the Lookout Mobile Security app, also work for tablets.

Wednesday, July 2, 2014

4 Ways to Keep Safe on Social Media



Whether you are on the job hunt or just like staying in touch with family and friends, social media is a great tool for building and improving social networks. Especially for job seekers, a well maintained social profile can bolster their chances of hearing about employment opportunities and getting hired. Even international relationships can be fostered, as you can easily contact individuals on the other side of the world with a simple click.

This networking capability is truly impressive; however, the information rich world of social media also attracts less savory characters. Here are four more security precautions to keep in mind when using social media.

1. Have A Social Media Only Password

With so many high profile data breeches happening over the past few months, password security is a topic that’s been covered quite extensively on the news. Still, it’s important enough to merit repeating: If you’ve been in the habit of recycling or reusing passwords, now is the time to change. Your social media accounts should have a unique password of their own. Never use your social media password for other sites, especially sensitive and valuable accounts like for work or banking.

2. Stay On the Civil Side

One thing to remember is that while your social media profile is your own, the power of the internet means that anything you post, say, or tweet has the potential to instantaneously reach the general public. Avoid offensive language and try to stay civil as much as possible. Especially if you’re upset about something, cool down before you post something you regret.

While on the internet in general, a good rule of thumb is to be careful how you word and express your opinions. Since people can only see what you type and have very limited cues about your tone of voice or temperament, misunderstandings are just more likely to happen.

3. Beware of Online Scammers

It’s unfortunate, but even a slight sense of anonymity tends to bring out the worse in people. Since everyone “creates” themselves when making a social profile, online cyber-criminals may pose as a perfectly nice individual that wants to be your friend since they share similar hobbies, interests, or other connections to you. Then, once inside your social network, they might suddenly be in urgent need and ask for money, or offer fraudulent “opportunities” to you. Even sneakier, they might use your contacts to gain personal information that can then be used to steal your identity or trick your real friends and family.

Don’t be afraid of making friends online since most are really great people, but be careful as not everyone is who they appear to be.

4. Limit the Details You Share

While there’s nothing wrong with mentioning your pet’s name or reminiscing about your very first car, be tactful. You really don’t need to post every personal detail, as tempting and easy as social media sites make it to share. It never hurts to be cautious, as those seemingly innocuous details might give observant cyber-criminals the information they need to bypass things like bank security questions.

Monday, June 23, 2014

The NSA, Facial Recognition Technology and You


The month of June saw many concerns being raised over the National Security Agency, data collection, and privacy. From a report published by The New York Times on May 31, the NSA’s use of facial recognition technology has increased in recent years. This report by was based off of 2011 documents from Edward Snowden, the ex-agency contractor who made similar security revelations around this time last year.

Now, according to these documents, the NSA has broadened their focus on other identifiers during their data collections. More than just tracking written communications and oral communications like email and phone conversations, the NSA has been gathering fingerprints and facial images as well. Recognizing the “tremendous untapped potential” of private images included in online communications, the NSA appears to be turning towards facial recognition technology to “revolutionize the way that the N.S.A. finds intelligence targets around the world” as part of their efforts to monitor individuals such as suspected terrorists.

The NSA intercepts a staggering amount of images. According to the report, millions of images are collected from private communications such as email, text messages, social media, and video conferences each day. Of these, about 55,000 are “facial recognition quality images”. In addition, this secret image-gathering program by the NSA appears to have become more advanced and sophisticated from when it first began in 2010, with the ability to identify faces despite facial hair and hairstyle changes.

Detailed in the report, a NSA presentation of their image surveillance program showed an unidentified man in different settings and varied appearances (such as bearded and clean shaven), as well as more than two dozen data points about his known associates, passport or visa status, and other intelligence information. The documents were unclear about how many images or individuals have been involved in the NSA’s broad data collection efforts in this manner.

As a result, many Americans have expressed concerns about privacy, especially as facial recognition programs gain increased invasiveness as their algorithms continue to improve. When asked on June 3 at a Bloomberg government cybersecurity conference about whether this program collects images of U.S. citizens, NSA director Admiral Michael S. Rogers replied, “If we have to do anything involving a U.S. person, we have specific legal constraints we must comply with. We do not do this in some unilateral basis against U.S. citizens.”

Since images are categorized as communications, the NSA must get court approval in order to collect images on Americans, just like they would in order to wire-tap phone conversations or read emails. From this, it would appear that only images of individuals overseas or involved in on-going NSA investigations are being collected. In addition, Vanee M. Vines, the NSA spokeswoman, said that the agency “did not have access to photographs in state databases of driver’s licenses or to passport photos”. However, she declined to comment whether the NSA had access to the photos of foreign visa applicants found in the State Department database or if the NSA had collected facial images of Americans from social media sites like Facebook.

Monday, June 16, 2014

Alternative Lock Screen Security Options



With identity theft becoming more prevalent, people are beginning to realize the need to guard their personal data whether it’s on their computers, tablets, or phones. To prevent snoopers and protect the information in your smartphone, having a lock screen is definitely a good idea. For some however, the standard lock screen options (Face/Voice Unlock, Pattern, PIN, and Password) are just not enough.

Whether you enjoy customizing every aspect of your phone, want different security choices, or simply desire to add some functionality, consider these lock screen options.


Picture Password

Many smartphone users like the idea of swiping a pattern to unlock their device. However, two frequently mentioned drawbacks of the standard Pattern lock screen is the limited number of swiping options and how tell-tale smudges on the screen can give away your pattern.

With the Picture Password app, users set a chosen background image and unique gestures as their unlock pattern. By allowing you to draw a combination of points, circles, or lines on a specific part of the image, there is a substantially greater (and thus more secure) amount of unlock patterns. Since the swiping pattern is unique, shoulder-surfers also have a harder time picking out your pattern from ordinary smudges made by other smartphone actions.


Hidden Lock

This app features a lock screen that doesn’t look like a lock screen. Hidden Lock displays a snapshot of what your phone looked like before being turned off. Your smartphone will appear unlocked but can’t be used without pressing the invisible unlock button (the location of which you set somewhere secret on the screen). If someone picks up your smartphone and attempts to use it, Hidden Lock’s setup can fool them into thinking the phone isn’t working and deter them from prying further.


NiLS Notifications

While this is technically a widget and not a lock screen app, it’s great for those who want to see all their notifications without having to unlock their phone. NiLS Notifications supports all apps that create standard notifications, including emails, text messages, missed calls, and Facebook alerts. It is also quite customizable in terms of background, text color, opacity, and notification size.

Samsung devices are unable to use Pin or Pattern lock security with lock screen widgets; however, the app explains workarounds like the NiLS floating panel in its FAQ.


WidgetLocker

For those who love customization, WidgetLocker is a lock screen replacement app that really lets you individualize your lock screen. There are several built in styles as well as user themes to choose from. WidgetLocker also lets you customize the type of unlock feature you want to use, as well as block or allow certain widgets.

One of WidgetLocker’s most characteristic smartphone features includes allowing you to personalize the actions of sliders on the lock screen. This allows users to have useful slider functionality like Slide-to-Camera or Slide-to-Call a Contact. While currently $2.99 in the Google play store, WidgetLocker might be worth the price to those who want a wide range of lock screen customization.

What is your favorite Lock Screen that you use? Let me know in the comments!

Thursday, June 5, 2014

What You Need to Know About the eBay Data Breach

With Target’s security breach and the Heartbleed bug still fresh in many consumers’ minds, eBay, the online marketplace giant, revealed recently that its entire user database was compromised in a hacking attack. While some eBay users have received emails urging them to change their passwords, others only heard of the database breach from third party sources and not officially from eBay itself.

In comparison to Target’s breach, which involved up to 110 million customers’ personal details and 40 million credit card records, this attack on eBay is much larger. It is estimated that 233 million people’s personal data was stolen. Furthermore, it is clear that the cybercriminals intend to profit from the info they stole. On Sunday, May 23, the personal information of 715 individuals was advertised online for sale, all apparently from the eBay breach.

With this perspective, many are upset by eBay’s overall slow response, and with good reason. According to the official statement on eBay’s website, the database was hacked in late February and early March, nearly three months ago. This is made even more concerning by the fact that eBay only detected this security breach around the week of May 4
th, and finally broke the news to the public on May 21st.
As explained by eBay’s statement, this security and data breach was the result of cyberhackers gaining unauthorized access to eBay’s network by figuring out employee log-in credentials. The data that was compromised includes: eBay customers’ names, email addresses, physical addresses, phone numbers and birthdates. Hackers were also able to steal away encrypted passwords.

These passwords were only encrypted however, and not hashed and salted, which would have been more secure. While encryption might slow the hackers down, eBay’s lack of using a more protected format for storing passwords offers little comfort. After all, as the 2012 LinkedIn data breach already illustrated, 60% of stolen LinkedIn passwords (which were hashed) were cracked within 2 days of the theft. Thankfully, while eBay also owns PayPal, the online giant reported that the personal and financial information of PayPal users was not compromised in the attack, as that data is apparently stored on a separate secure network.

All eBay customers are encouraged to change their password immediately if they have not already. Any sites that share the same password, especially if they are sensitive like your online banking account, should also be updated. This is important as cybercriminals often attempt to break into other sites using your stolen info, such as email and eBay password. When updating your information, also be wary of phishing emails that attempt to look legitimate in order to steal more data. If you are unsure, go to the website directly to make changes.

For internet security in general, try to use unique passwords for each site. Avoid commonly guessed passwords that involve your name or birthdate, as those personal details are easily discovered (or in eBay’s case, have already been stolen). If you struggle remembering more than a few passwords, this may be a good time to begin using a password manager.



Wednesday, May 28, 2014

Protecting Your Privacy - A Basic Rundown of Smartphone Kill Switches



A lot of debate has arisen over smartphones and kill switches. This is predominately a response to the actions of several state senates, including Minnesota and California, which passed controversial bills in the beginning of May. While varying in specific details, these bills are intent on requiring cell phone manufacturers to include “kill switch” technology in all their smartphones.

First things first, what does kill switch technology do?
Also known as “bricking” a cell phone, these kill switch programs are intended to allow the owner to render a device useless and its data unobtainable in the case of theft or loss. Some newer smartphones already have this feature available, such as Apple’s iOS 7, where it is called Activation Lock. Samsung has similar lock and kill switch features. Apple also already has a Find My iPhone app accessible for all their phones, iPads, and Macs that helps owners track their devices and decide if it was truly stolen or just simply misplaced.

How big of an issue is smartphone theft?
While some feel that features like kill switches or tracking apps are already widely available for concerned owners, others feel that even more must be done.

There is certainly no doubt that smartphones are a tempting target to thieves. Depending on the brand and value of the device, thieves can net themselves hundreds of dollars on the black market, and that's before we get into the profits reaped from selling your data and identity. iPhones are usually the most profitable, and iPhone theft has become so common that it has been nicknamed by some as “apple picking”.

Most prevalent in metropolitan areas, it was estimated that last year in 2013 an estimated 3 million Americans were hit by smartphone robberies. In addition, according to the D.C. Police Department, 40 percent or more of reported robberies in every large city region, such as Washington D.C., San Francisco, and New York, involved the theft of smartphones.

More than physical endangerment, theft of smartphones can also lead to identity theft if the phone is unprotected or not password locked.

What is being done and what are the concerns?
Clearly smartphone theft is a major problem. In a way however, the bills passed by Minnesota and California’s senates are just making doubly sure that the payoff of stealing smartphones is greatly reduced. This is because the concept of widely implementing “kill switches” to make smartphones unsellable and thus less attractive to thieves has already been addressed.

On April 15th, most major cell phone companies announced their participation in CTIA’s “Smartphone Anti-Theft Voluntary Commitment”, pledging to have “baseline anti-theft tools” (basically kill switch technology) downloadable or pre-installed in all smartphones manufactured after July of 2015. Participating companies include Apple, HTC, Google (Android), Motorola, Samsung, AT&T, Verizon, Nokia, T-Mobile, Sprint, and other large organizations.


Don’t expect news stations to stop discussing the “kill switch” controversy however. Some are concerned that implementing this type of technology will in fact make smartphones less secure, citing possible danger from hackers using those same “kill codes” to steal sensitive data and maliciously disable smartphones that are still in the hands of their owners.