Tag Archives: security

App of the Week – Companion

opengraph-iconRegardless of what neighborhood you live in walking alone at night can be dangerous. Let’s face it, no one is immune to crime.  That’s why Companion is the app of the week.

Its always agood idea, epecially for women, to be safe and aware when walking alone, day or nght.  Some people will stay on the phone with a friend or spouse when walking alone. Companion will notify a friend when you walk alone and continuosly update them as you make your journey. The app works by entering your destination and selecting some  of your phone contacts to be your Companion. Your contacts don’t have to have the app.  Your contacts can see a live map of your progress and recieve updates as you walk to your destination. The app can sense if you start running. It can estimate how long it takes to get from point A to B. If you don’t make it to your destination on time or have your headphones yanked out or your phone falls to the ground the app will check in on you to make sure everything is okay. You must respond in 15 seconds or the Companion app will alert your contacts.

The app can be used by college students on campus in areas that could be dangerous. By simply tapping the “I Feel Nervous” button Companion will pass this information on to the campus police department. Campus cops may not respond with sirens or flashing lights, but the information can help make the campus safer. 

If you do have an emergency calling 911 can be done with two taps in the app. The app will immediately connect you with a dispatcher and automatically send your info. 

The Companion app is built for one thing, safety.  Companion uses certain metrics to sense if  you’re in trouble and ask if you’re okay. If you don’t respond, it will automatically alert your chosen contacts. Your contacts don’t have to constatly monitor your position. The Companion is an added layer of security allowing you to stay in touch and be alert to your surrounding at all times. 

Companion is free and available for Apple and Android Devices.

Kill Your Adobe Flash Player!

adobe-flash-playerWhether you know it or not you are probably using Adobe Flash Player. Especially if you are using a Windows PC and it’s a problem. But first let’s get a little background on exactly what Adobe Flash Player is and why some want to see it killed.

Adobe Flash Player was the default software for playing videos, games and other animations on web pages. It became really big in 2005 when YouTube began using it. But like most technology it became obsolete. Now many websites and apps are using different and better software to do the same thing. Adobe however remains in use on millions of computers. 

So why kill Adobe Flash Player? Well first of all the thing that makes the software such a great tool is also thing that makes it a serious security issue.

Adobe Flash has the ability to directly access your computer’s memory. This leaves your computer completely open to  exploits.  An exploit is a software that commands a computer to perform a task or function. Cyber security expert Chase Cunningham of FireHost says, “Anytime a site is able to access your computer’s memory, it’s able to make changes on the local machine itself , your PC. That’s when you run into exploits.”

 To make this simple, somone can take over your computer and do as they please. That includes stealing data like user names and paswords or making your computer part of a bot.

For a long time Flash has been the vulnerability of choice for cybercriminals. Many governments, especially totalitarian regimes, used the flaws in Flash to spy on its advisaries.

But last week came the proverbial straw that broke the camels back. An Italian company knowns as Hacking Team had been using previously unknown flaws in Flash. The news came out after the company itself was hacked and over 400 gigabytes of data was stolen and later published online.  What goes around comes around since this company specialized in selling hacking software tools to pretty much anybody.

Security vulnerabilities in Flash are common. So common that this month alone Adobe issued security alerts and fixes for 38 vulnerabilities in Flash Player.

As a result Mozilla has blocked all automatic activations of Flash Player on its browser. Facebook security chief Alex Stamos publicly called for the death of Adobe Flash Player. Stamos tweeted: “It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day. Even if 18 months from now, one set date is the only way to disentangle the dependencies and upgrade the whole ecosystem at once.”

Will your computer work without Adobe Flash Player? Yes it will and you are probably not going to miss it. Yes, some sites will still have video content that will require Flash Player. You can set your flash player to only activate on demand. This feature is available on most browsers and you can find the instructions here.

Breaking It Down

Most African-Americans are going to ask, how does this affect me? The answer is simple; the Adobe Flash Player is a danger to your computer and data.  Whatever information you are trying to keep secure is probably wide open to a hacker if they want it. Once a hacker is inside your machine it’s likely you may never get rid of him. That is, if your ever discover he is there in the first place. Your user names and passwords to your bank account or other sensitive data can be stolen and used to rob you or steal your identity. Isn’t that enough? Your computer could become part of a botnet used to send milions of spam messages or spread viruses or malware. Another sick thing that could happen is that hackers could take over your webcam and watch you in your home. Its time to do something about that Adobe Flash Player. Here is where you can get all the patches to repair Adobe Flash Player. But you may want ot remove it completely.

Simda Botnet Taken Down

canstockphoto23093500You may think you are in control of your computer but are you? Have you ever heard the termin the background?” That is computer terminology meaning your computer is performing a task while you the operator are doing something else.

Most programs that run in the background are harmless and helpful. But your computer may be part of a botnet. A computer that is part of a botnet is known as a zombie.  Now the question for black people remains; what is your computer doing behind your back?

On April 9th, 2015 a joint effort of international law enforcement bodies and private security and technology companies came together to shut down one the largest botnets in history. The Simda botnet is believed to have infected more than 770,000 computers in more than 190 countries around the world including the US, Canada, Russia and United Kingdom.

Last week’s botnet takedown is just the latest international operation to shut down a botnet. Another separate takedown targeted Beebone, an extremely elusive botnet that provided a captive audience of PCs  that were infected with a backdoor. A backdoor is a method that a hacker uses to gain remote unauthorized access to a computer often remaining undetected. This backdoor provides access to criminals who were looking for an easy way to quickly install malware on large numbers of computers and impact huge numbers of people around the world.

The AACR keeps things simple. A botnet is a network of computers that are communicating with one another or a master computer and working together to perform a task. These computers are usually working together to launch denial of service attacks against a target computer or network.  This means that hundreds or thousands of computers that have become enslaved in a botnet are instructed to contact a particular website repeatedly causing the website, computer or network to become overwhelmed and stop working. It happens almost everyday and your computer could be part of the attack and you would never know.

Botnets are also designed to steal personal information including passwords, social security numbers, credit card details, email contacts, addresses and telephone numbers. This data may be used in crimes including identity theft, fraud, spamming, and malware distribution. Now suddenly the question becomes relevant to any black person who owns a computer; What is your computer doing behind your back?

The Simda botnet was known for distributing banking malware, installing backdoors on hundreds of thousands of machines across the world. One of them may have been yours.

To determine if your computer was part of the Simda botnet visit the Kaspersky Labs Simda Botnet Free Scanner.

Breaking It Down

The number of computers affected was put at over 770,000 machines. That number will surely get bigger as law enforcement continues their investigation. By some estimates the number could be as high as 2 million computers. And that is just this botnet. There could be thousands or hundreds of thousands of botnets big and small all over the Internet. You have to know if you are in control of your machine. Practice computer safety and security and use the tools like the Kaspersky scanner to make sure your machine is yours alone. 

Don’t play around with this. Your computer could literally be committing crimes whenever you turn it on. Hackers are clever and have done really sinister things like using other people’s computers to store information in hidden files. And the owner of the computer has no idea. It is very possible that you could be a victim of a hacker and not know it. Be suspicious and ask yourself; what is my computer doing behind my back?

 

 

 

 

Obama; Foreign Hackers Face Sanctions

Obama-cybersecurity-e1421228350182President Obama is weilding yet another sword in his fight against foreign hackers and cyber attacks. Using his presidential powers the president has issued an Executive Order authorizing the federal government to levy sanctions against suspected hackers.

The Executive Order authorizes the Secretary of Treasury to freeze assets of those who engage in “malicious cyber-enabled activity” anywhere in the world if that cyber activity endangers the national security, foreign policy or economic stability of America.

The Executive Order does not currently target anyone for cyber-related sanctions, but in a telephone conference administration officials said they felt it was important to have the framework in place.

President Obama acted after several high-profile cyber-attacks against Target, J.P. Morgan Chase and entertainment giant Sony. The Sony hack created worldwide headlines because it was believed to have been the work of North Korea. The nation was extremely angry after the movie studio released a comedic movie about the assassination of its leader.

The hacking of  Sony Entertainment led to the first U.S. government imposed sanctions related to a cyber attack. Prior to that event White House officials never had the authority to punish individuals based on the malicious cyber activity only the region or country responsible.

“What we’re trying to do is enable us to have a new way of both deterring [action] and imposing new costs against cyber actors wherever they may be,” said Michael Daniel, a special assistant to the President and cyber-security coordinator.

White House officials were clear to point out that the new sanctions are not meant to replace  existing weapons the Obama administration has in place to confront cyber threats. Instead this order is intended to “fill in the gaps.” The order authorizes government officials to target businesses that illegally use data, trade secrets or information stolen or obtained to gain an unfair edge, and individuals and companies that give or attempt to give serious hackers a financial boost.

But professional hackers are not yet convinced of President Obama’s and the government’s promise to protect security researchers. Known as  ‘White Hat’ hackers these professional hackers expressed their concern that “cyber” sanctions announced today by the US administration could punish those trying to protect the country. They’re also doubtful of the need to call it a “national emergency” as a result of digital attacks on the nation.

The White House simply has not gained the confidence of security professionals and human rights advocates. Security researchers are trying to expose vulnerabilities in the nation’s computer networks so they can be repaired or patched. These White Hat hackers could be punished as a result of the national emergency powers without due process.

To the contrary President Obama said the powers would not be used to “target the legitimate research community or professionals who help companies improve their cyber security. And unlike some other countries, we will never try to silence free expression online or curb Internet freedom.”

“This executive order is another salvo on President Obama’s war on hackers,” said Robert Graham of Errata Security. Graham has previously criticised the US government’s attempts to counter online crime. He claims the proposed cyber laws could be used against legitimate hackers attempting to secure the Internet.

“On one hand, it’s reasonable. Chinese hackers steal trade secrets, and this makes it easier to retaliate. The recent China attack against GitHub is an excellent example of something that deserves a response from the U.S. government,” he added.

“On the other hand, it allows the suspension of due process against hacking suspects. I write tools likemasscan’, which I know the Chinese use. This order enables the government to arbitrarily seize all my assets.

Graham labeled the Executive order as “broad and unneeded.” He went on to say, “The President already has the power to deal directly with the threat of Chinese hackers, and should do so.”

Breaking It Down

Black people should be very proud of President Obama. Not only is he the first black president but he is also the first president to have to deal with the issue of cyber security as a national security issue. Every president has a legacy and cyber security is quickly shaping up to be a big part of his. The fact that we, as a nation, are in deep, dangerous and unchartered cyber waters means that our leader must take action and he has. President Obama has taken action again and again to fight this cyber war. And the fact that he has used his executive power is simply an indicator of two things. First we must address this urgent issue now! Cyber espionage, both economic and military is rampant. Strong action is needed. The threat to the economy is extreme and yes we are vulnerable. Second, we are stuck with a new Republican controlled “do nothing” Congress. They are dragging their feet confirming a new attorney general and seem wary and afraid of doing anything to make a black man look like he’s acting in the best interest of the nation.

Home Internet Security; Have You Been Hacked?

ID-100310547Far too many African-Americans ignore their Internet security. When we do this we are gambling with our lives. Our financial life, our professional life, our identity, our children’s identity or the identity of our husbands or wives, are all endangered if we ignore basic cyber security.  Let’s look at it this way; do you drive without a seat belt? Then why would you use the Internet without being safety and security conscious?

One of the first things you should be aware of when using the Internet is if you are browsing safely and if your browser is secure. Regardless of the browser you use, be it Internet Explorer, Google Chrome, FireFox or Opera, you have to ask, is it secure.

The reality is that it’s hard to know which browser is the safest or most secure. Why? Because there is no set standard for browser security. That makes you responsible for setting up your browser and home network to be as secure as possible. But there is a little good news. Experts at Skybox Security have looked at all the browsers mentioned above and evaluated them based on exposed vulnerabilities, most published and patched vulnerabilities, and the shortest time between security patches.

Surprise! The winner is the browser you are probably not using; Opera.  Opera is pretty much an unknown browser.  It’s market share is around one percent so there’s probably not a lot of interest in finding Opera’s vulnerabilities.  Keep in mind hackers are looking for the greatest numbers to have the greatest impact when they attack. But Opera did have the least number of vulnerabilities.

Even if Opera has the fewest vulnerabilities we have to look at how often the other browsers find and fix their own vulnerabilities. In this category Chrome wins. Chrome finds flaws and issues updates every fifteen days compared to Opera’s every 48 days. Internet Explorer and Firefox update about once a month. But again there more to it than that. Keep in mind that all these browsers are vulnerable to what is known as Zero Day Exploits. That is a flaw that the hackers finds and attack with no warning to the browser makers. It happens all the time. As for Firefox; just last year Extremetech.com named it the least secure browser.

So finally let me answer your question. Which is the safest and most secure browser? My answer would have to be Chrome. AACR does not make product endorsement. But, when looking at the overall measures we have decided that having defenses that update regularly and frequently is the best way to go. We hope that answers your question. Read more about the Best Browsers of 2015 here.

Lets take the next step in your home Internet security. Is your home router secure? Or has it been hijacked? My guess is you really don’t know. I have always said, make damn sure you have solid password protections on all your devices including your home router. Ask yourself  “Is my password stupid?” If your home router is compromised then your life is compromised. Every Internet device in your house uses the router. Think about this, your cellphones connect to your router, all your computers, laptops, tablets, game consoles, television, telephone, printers, home security system, your thermostat and any other smart appliances you have in your home all go through your router. Think long and hard about that.

So how do you now if your router is hijacked? A company named F-Secure just launched their Router Checker tool. It’s a quick, simple and free way to determine whether or not your DNS is working the way it should. OK; so you’re asking what the heck is DNS. DNS stands for Domain Name Servers. This is the the Internet address book.  If your DNS is corrupted or poisoned then you could end up on some pretty dangerous websites and not even know it.

The best thing about the Router Checker Tool is that there’s no app to download and install. It’s a website that you visit with any modern, standards-compliant browser. Any of the browsers we have talked about, Internet Explorer, Firefox, Chrome, Safari, and Opera, will work. I would suggest you check your browser immediately and then bookmark the site and do the test regularly. You can also use the tool when you’re connecting to less trustworthy access points like the airport, a coffee shop, library, or anyplace offering free WiFi. Before you do anything in these places you should fire up F-Secure’s tool and find out what it thinks about your connection.

Now let me ask you another question. Have you been pwned? First a quick definition of the word is clearly needed. Pwned comes from video-game culture. It refers to someone who’s been beaten. Pwned accounts are email addresses and user accounts that have been compromised. A hacker may have illegally obtained the data from a vulnerable system. Perhaps a breached home router? Pay attention people!

Now if your pwned account is made public it becomes a pasted account. That means it has been pasted to public sites that share information while remaining anonymous. Such a site is Pastebin.com

Now there is a site you can use to discover if you have pwned or pasted. Have I Been Pwned?  is a website built by Troy Hunt author of web security courses for PluralsightIt’s simple and free to use. You just enter your email address or account name in a text search box and the site lets you know if it’s been pwned or pasted. Do it!

Paying attention to your digital life is as important as paying attention when you drive. The slightest lapse in focus could get you killed. You know that. It’s the very same with using the Internet. I suggest to black people that you pay attention to what can happen if you lose focus. The Internet may not kill you but if something goes wrong online you may want to kill yourself.

 

 

 

 

Online Holiday Shopping Series #1

It’s November and the holiday shopping season is upon us again. The African American Cyber Report is launching a weekly series focusing on online holiday shopping. Each week through New Year’s Day we will investigate a different facet of online shopping from safe and secure payments to the apps and websites that get you the best bargain. If we hear of a special sale or online event we will let you know about that as well.

African-Americans are a powerful consumer segment. According to a report from The Nielsen Company entitled The State of the African-American Consumer,” black buying power is nearly $1 trillion. How’s that for a U.S. consumer market segment? Black people are not only a significant market segment but they shop more than other groups, spend less money per trip and spend more time investigating the product before buying. Research indicates black people are smart, savvy shoppers.

Before we examine the choice of credit versus debit cards for shopping online we need to take a quick look at black people and their credit cards. According to a report from the NAACP and public policy research firm Demos entitled “The Challenge of Credit Card Debt for the African-American Middle Class,” approximately 42 % of black households are in debt. These families are borrowing simply to make ends meet and to pay for basic expenses, such as groceries, rent and utilities. Overall black people face greater credit restrictions and are more likely to be subject to harsh credit collection tactics. Many black people pay higher interest rates and fees for alternative financial services that includes pre-paid debit cards and check cashing services. So the picture shows that we have a powerful market presence but we also have problems managing and retaining credit. And I might add that it is not always someone else’s fault.

Credit vs. Debit for Online Shopping

Right off the bat the credit card wins hands down for shopping online. But lets not ignore the benefits of the debit card. Especially if you have a tight budget and need to restrict the spending of yourself or someone else.

Credit cards offer distinct advantages over debit cards.  And if you are holding a credit card now is the time to get real familiar with the protections that come with that card. Make sure you understand what security measures the card offers against fraudulent charges as well as the method for disputing purchases. There are going to be black people who order something from an online store only to discover that it is not what was advertised. As an African-American consumer make sure you know the dispute process . Study it before you hit those online sales. Its your money we’re talking about.

Carrying around a credit card from the right company offers some awesome benefits. These benefits can vary from one card issuer to another so it’s a good idea to study your account agreements for the details. Study that thing and make sure you know it. It can save you some headaches and provide some surprising benefits on everything from buying airline tickets to renting a car to getting a warranty extended. If you’re planning to travel over the holidays then you need to investigate the travel benefits of your credit card. Some credit cards offer travel services like getting a seat upgrade or discounts on luggage fees. Other benefits include rental car upgrades or insurance or hotel discounts and upgrades. Travel insurance is also available from some cards free of charge. Some cards offer help finding a doctor or lawyer. If you buy a product that has a warranty you can actually get that warranty extended for up to a year depending on the credit card. But keep in mind that these benefits are sometimes automatic and others you have to ask for. So studying your card agreement is extremely important. Didn’t I say that before?

The beauty of credit cards is that there is an extra layer between your real money and other people. A debit card or pre-paid card is the same as cash and that is where you find additional, and unnecessary risk. As soon as you make a purchase that money is out of your account.  Any problem with the purchase and its just you and the merchant. And that is a very weak negotiating position. The Better Business Bureau or your bank may be able to help but not much.

By using a credit card, you have a powerful company on your side. This makes disputing charges and getting satisfaction when having to return an item much easier. With a credit card the purchase in dispute is not yet paid for. The card issuer can refuse to honor the demand for payment and that leaves the merchant in a lurch. So that merchant is more likely to respond favorably to your demands. CreditDonkey.com, a credit card comparison website, offers a list of the best credit cards for shopping online.

For all you out of control spenders, credit cards are still better than debit cards. A frequent complaint about using credit cards as a primary form of payment is that the advantages are outweighed by disadvantages for many people. As I stated above many African-American consumers simply can’t handle credit cards without spending more than they can afford. And what happens? Higher interest rates, ruined credit scores, all that.

But overdraft protection on a debit card is even worse. Yes, you can over spend with a debit card. Over charging on your debit card results in multiple overdraft fees which are more than credit card interest rates and late payments. And unlike a credit card bill that arrives once a month your bank account takes the hit immediately. With a credit card, you can close your account and work out a payment plan, but with a debit card you don’t get that option.

Many pre-paid debit cards a very popular in the black community. But being popular is far different from being a good option. Many pre-paid debit cards, while intended to help the African-American community are often doing just the opposite. Pre-paid cards have been criticized for exploiting poor and dis-advantaged black people by charging higher, sometimes exorbitant fees. This is especially so when people make the mistake of thinking of the card as a credit card. But the pre-paid card is a huge and profitable market to the tune of about 500 million cards in circulation channeling billions of dollars in sales. You can find a list of the best and worst pre-paid cards here.

Another payment method you need to consider for your holiday shopping is the retail card. Be aware that these store cards can carry some pretty high interest rates. But at the same time you can take advantage of some pretty good deals by using the store credit card. Some stores will give you as much as 10% off your purchase if you apply for the card at the register. Using these cards does not carry a lot benefits at all. And they are dangerous to your credit report. For example when you fill out that card application it shows up on your credit report and if you close the account it stays on your credit report. But if you are looking for the best retail cards to shop with this holiday season you can find the top ten here.

So as you start hunting for those holiday bargains and eagerly wait for Black Friday or Cyber Monday be aware that there is a difference between a credit and a debit card. Make wise purchases and know what tools and weapons you have at your disposal when using that credit card as you shop this holiday season.

Now you know

Improve Your iPhone Security

Stolen cell phones are a big problem. Every year millions of cell and smartphones are stolen and most are never recovered. According to Business Insider 44% of smartphones were stolen simply because owners forgot them in public places like Starbucks. Fourteen percent were stolen from a car or house that was burglarized. Only 11% of victims had a smartphone stolen off their person. And the most common place a smartphone is stolen?  Restaurants 16% and nightclubs 11%. Only 5% are stolen as a result of street crime such as having it snatched from your hand while using public transportation.

Public theft of smartphones, especially iPhones has become a huge problem in places Like New York where 18% of all grand larcenies last year involved Apple products. As a result Democratic Rep. José E. Serrano has introduced a bill that would require all phones sold in the United States to feature a “kill switch” technology.  That technology allows consumers to wipe their data and shut down a phone completely when it’s reported stolen making it useless and of no re-sale value.

The state of Minnesota and California have already passed a law requiring all smart phones be equipped with a kill switch in case of theft. The law applies to smartphones made on or after July 1, 2015 and sold in California after that date.

According to Consumer Reports, more than 3 million smartphones were stolen in 2013 and the biggest cities had the most thefts.  Theft of smartphones rose by 26% in Los Angeles since 2011. Smartphone theft was up by 23% in San Francisco in 2013.

iPhones are extremely popular and the new iPhone 6 and 6 Plus are in heavy demand. If you own any iPhone you need to make sure its secure against theft. Even if you lose it you need to know the data is safe until you can locate it using an app such as Find My iPhone. So lets look at ways to secure your iPhone in case, just in case, something happens.

1) Get a real pass code. First things first; change that four digit access code on your phone to something more secure like a pass phrase. And not one anyone can guess. Mix those numbers, letters and characters up. Now another super security option that’s available to you is the “erase data” feature. This option will wipe everything from the iPhone’s memory after 10 failed pass code attempts. But remember this is permanent. Once the data is gone its gone…forever!  So if you forget your password often you might not want to use this option.

Here’s how you do it. Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Require passcode: immediately”; “Simple passcode: off”.

Settings1

2) Don’t let your lock screen dime you out. It really doesn’t matter if you have a powerful pass code if someone looking over your shoulder can see it.  Yeah, its nice and quick to glance at your screen to see what text messages, emails and other information that hits your phone. But these messages can also contain sensitive data like confirmation codes, private appointments, financial data or some other intimate communication. So keep that lock screen from broadcasting your business.

How? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section.

3) Use two step verification for iPhone and iCloud. Quick question; do you have pictures that you only want that special someone to see? Well as you know some celebrities have had those images compromised. Don’t let that happen to you. I strongly recommend you add this layer of security for your Apple ID and iCloud. You can set up two-step verification on one or more of your devices. Two step verification means you will receive a 4-digit verification code using either SMS or the Find My iPhone service. Using the second verification means any time you sign in to manage your Apple ID, iCloud, iTunes, iBooks, or App Store purchase from any device you’ll need to verify your identity by entering both your password and a 4-digit verification code.

How? Go to https://appleid.apple.com –> “Manage your Apple ID” –> “Password and Security” –> “Two-Step Verification”.

4) Siri talks too much. Even if your phone is locked she can talk and who knows what she might say and to whom.  You don’t have to shut her up completely. But securing your phone means preventing Siri from speaking from behind a locked screen. Siri will talk with anybody so you have to teach her not to talk to strangers.

How? Go to “Settings” –> “Passcode” (or “Touch ID and passcode”) –> “Allow access when locked” section –> “Siri: off” and “Settings” –> “General” –> “Siri” –> “Allow “Hey Siri”: off”.

5) Don’t automatically sync to the iCloud.  Keep in mind that Internet rule # 6 says nothing is ever deleted. And as some celebrities discovered this is very true. Those nude images, though deleted from their phone were floating blissfully in the cloud waiting to be stolen. Not just the pictures but all the data on your phone, contacts, messages, notes, documents, pretty much anything stored on your phone. Automatic back up to the cloud is set on default in iPhones and happens the minute you plug in the charger. So the smart thing to do is to not automatically sync if you have one or more Apple devices and don’t really need to sync them daily.

How? Go to “Settings” –> “iCloud”.

Settings2

You can turn off auto sync to the iCloud.

6) Stop automatically connecting to known WiFi networks. iPhones are set to connect automatically to known WiFi hotspots without your permission. While this may seem like a really cool feature because you don’t have to do anything to switch from mobile Internet to local WiFi. But wait! Cyber criminals set up their own fake wireless hotspots in coffee shops, restaurants and hotels all the time.  You might not even know your iPhone is connected to the malicious WiFi network. The cyber criminal can steal all of your data while you sip coffee and read the paper. So you need to be aware of this or turn off this option.

How? Go to “Settings” –> “Wi-Fi” –> “Ask to join networks: on”.

7) Start using VPN.  Virtual Private Networks is almost a requirement if you want extra security on your iPhone in different wireless networks, including unknown ones. Some VPN services are free but not all. But the few extra dollars spent here is fairly cheap for keeping your data protected.

How? Go to “Settings” –> “General” –> “VPN” –> “Add VPN Configuration…”. All the information you need from here will be provided by your VPN provider.

8) No more cookies. Cookies are small files that are deposited on your phone or device by all websites. These treats may record information about you, your computer,  your smartphone, and your preferences. They allow websites to keep you logged in or display targeted ads. Unfortunately they may be very helpful to cyber criminals since they can hold credentials and other sensitive data. Cookies can be very helpful  but turning off cookies might become a bother. But think of how much more secure your data will be. 

How?  For Safari: Go to “Settings” –> “Safari” –> “Privacy & Security” section –> “Do Not Track: on”, “Block Cookies: Always Block”; For third party browsers: see similar browser settings.

Settings3

9) AutoFill, another snitch.  If somebody steals your iPhone they may be able to log in as you on a number of sites. How? Because the AutoFill option will fill in the missing user name and password. Told you AutoFill was another snitch.  Switch it off! Yeah; its inconvenient but well worth the hassle.

How?  For Safari: Go to “Settings” –> “Safari” –> “General” section –> “Passwords & AutoFill”; For third party browsers: see similar browser settings.

10)  Apps; yet another snitch. If you really want ot be shocked take a minute to read the permissions on some of the apps you download.  These apps are collecting a mountain of data. Some game apps collect information such as your location, your contacts, your pictures, your phone service provider, etc? Why? What does this app need with all your data? Remember this is a game app?   You probably have Facebook or a Google app as well. These are some of the biggest information collectors. I am convinced that a lot of apps are designed to keep you busy while they spy on you. This tip may be extreme, but if you have followed all the other recommendations offered why not go ahead with this last one. Apple’s iOS 8 offers a significant number of features and data types that just about any app can access. You need to block this. Stop these app providers from knowing everything you do and everywhere you go.

How? Go to “Settings” –> “Privacy”. Turn off all location services. Keep them off until you want ot use an app that needs the service. Go through Privacy settings one by one and turn off everything you don’t need or apps that are using this feature that you want to stop. It takes some time but it will keep some of your data secure.

This article is more about protecting you and your personal information than what you paid for that smartphone. Any device can be replaced. Try to replace your credit or money in your bank account. Or try to explain to your credit card company why you should not have to pay for those charges on your credit card. Or worse try to convince your bank you are really you after your identity is stolen. You have enough information on your iPhone that, if lost, any of these things can happen to you. Don’t let it.

Now you know

 

MURDER! Apple Pay Kills the Credit Card!

Apple PayApple announced yesterday it was introducing a new mobile payment system. Known as Apple Pay the system will allow the consumer to make purchases by simply waving their iPhone in front of a POS receiver or just tapping the screen.

Apple Pay works with Apple’s Passbook app. The app allows users to digitally store coupons, tickets and merchant loyalty cards. iPhone users can use a stored credit card inside the app. Customers simply wave their phone in front of a terminal to pay.  The technology that delivers the payment is called near-field communication, or N.F.C., via a chip embedded in Apple’s new iPhones.

Technogeeks have been predicting this move for years and Apple seems to have made those predictions come true. Apple announced that it was working with big retailers like Target and restaurants like McDonald’s and the the big credit card companies. The result will be that consumers will be able to purchase a burger, a box of dryer sheets or a riding lawn mower with greater security. Consumers can use the system with the new Apple smartwatch or iPhone 6 to make the purchase.

Apple Pay gives Apple the competitive edge in mobile payments. Forrester Research, a technology analysis firm, expects the mobile payments market to reach $100 billion in the U.S over the next five years. But the question remains; will the consumer accept this new device to use on an everyday basis? And of course if they do will Apple be able to hold significant market share?

Apple’s innovation is slightly different from previous efforts at mobile payments. But Apple has to convince the consumer of the security of this new system. This includes ensuring the user that credit card information will not be stored on the iPhone or other devices or on Apple’s servers. Basically the consumer has to believe that the new system is safer than a credit card.  “We’re totally reliant on the exposed numbers and the outdated and vulnerable mag stripe,” said Timothy D. Cook, Apple’s chief executive at yesterday’s announcement event in Cupertino, Calif. “Which all of us know aren’t so secure.”

Tom Pageler, the chief information security officer at DocuSign, a company that manages digital transactions, agreed that Apple’s payment system appeared to be more secure than the current system. Pageler said another benefit of the N.F.C. technology is that payment companies could more easily identify a purchase made outside a customer’s usual location.

Apple Pay could create a revolutionary shift for the mobile payment systems. Companies like Google, Amazon and Microsoft  will be forced to play against Apple and agree to cut deals with retailers and credit card companies. This would make mobile payments more widespread.

Apple’s announcement was well timed. U.S. retailers are facing a near mandate that they migrate from the current magnetic strip cards to the more secure PIN and chip card by the end of next year. This PIN and Chip system has become the defacto standard in Europe and is much more secure than U.S. cards.  But American retailers have been reisistant to switching simply because they do not want to pay for the new system hardware and installation.   Apple’s new system, if it finds wide spread aceptance, could make the change much more appealing.

According to Cook Apple Pay would only be available on its new smartphones, the iPhone 6 and the larger iPhone 6 Plus, and the new Apple Watch that will reach the market in 2015.

Breaking It Down

Too many people fell for Apple’s “Me Too & Done It Again” show. Yeah, Apple has a new iPhone; so what? Yeah they have a new computer watch. Been there; done that. Among all the hoopla and fanfare Apple murdered the credit card in front of thousands of witnesses.

America has become the favorite patsy of the hacker community because our payment security systems are a joke. A bad, costly joke. Our retailers refused to do anything about it and the government failed us. The credit card is dead and thank you Apple.

The key to what Apple is doing is the fact that Target and the three major credit card companies are on board. That is all you need. These credit card companies and retailers realize that the legal system and legislators are under strain and that sooner or later the dam will break and the law and lawsuits will turn against them. This scares the hell out of them.

For retailers, like Target, the impact of the last data breach was unacceptable. Another breach could destroy them. They know a new payment system is desperately needed and Apple has delivered. Every major retailer in the country is meeting to discus this new payment system and wiping the sweat from their brows. Apple just turned the heat down.

Retailers were fighting the new PIN and Chip system but were being forced to adopt it. They understood the need but fought against the price. But Apple has jumped over any credit card design. The new mobile payment system will secure the purchase process from end to end and this is what the consumer and the retailer demands. It’s the revolution we have all been waiting for. We have suffered too many data breaches, credit card fraud and retail POS hacks to keep doing things the old way. It just became too much.

For black people we can feel, like most Americans, that relief is within site. We can stop feeling so nervous about using our credit or debit cards at stores. We will soon say goodbye to those sliding card POS systems and losing sleep afraid to wake up to a new data breach. Could those days be behind us? It seems so.

Americans should rejoice at the this new way of paying for things. Apple has a history and mandate to innovate and they have delivered again.  The credit card is dead and somewhere in heaven Steve Jobs is smiling.