High-end, High-tech Home Security

There’s really no limit to how much money can be spent on home security if you want to ensure the very best home security for your family and money isn’t a huge concern. Note that while some of these options are affordable, others are very expensive.

  • Keyless door locks: As you might expect, keyless door locks don’t need any keys to open. Some require a pin code to open, and others may work with wireless Bluetooth or can be controlled via the internet.
  • Remote-controlled home alarms: Remote-controlled alarms are almost a standard offering today. Remotely controlling an alarm system can be done online from any internet-connected device or via a keyfob within 200 feet of your home.
  • Robotic camera: Very expensive, but I WANT ONE! GroundBot™ is a robotic mobile platform that hosts cameras and sensors. GroundBot can be remote controlled by hand or programmed to navigate by GPS.
  • Remote monitoring: This involves real-time human remote monitoring of your property via sound and video 24 hours a day, all year long. (Gas stations employ systems like this.) If a robber comes in, the dispatcher would warn the robber over the speaker system that he is being filmed and law enforcement has been dispatched.
  • Bulletproof everything: If flying bullets are a concern, you can install bulletproof doors, bulletproof glass and steel plating in your walls.
  • Safe rooms: A safe room (or “panic room”) can protect you from natural disasters like a hurricane or tornado or man-made ones like bombs, and is effective against home invaders too. High-tech ones are equipped with such features as satellite phones, internet, food, water and even oxygen.
  • Sixteen- or 32-camera CCTV: An eight-camera system today can be had for under $500. Sixteen- or 32-camera digital video recorders are still a little expensive, but with a system of up to 32 cameras, there won’t be a spot outside or inside your property that won’t have an extra pair of eyes on it.

Home security is a must for everyone. Whether you drop big money or small change, the peace of mind you will receive is priceless.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

5 More Mobile Security Tips

A cybercriminal’s full time job is creating new crimes, and he or she will make full use of technology to hide their activities to fool you. And with mobile devices, this is no different.

The threat to our mobile devices is also high because our smartphones are always connected, they usually carry some personal data, and they are even equipped with small cameras, microphones, and positioning devices (just like the spies carried in old movies). And because there are more built-in devices options (like cameras and microphones) compared with computers, it makes the operating systems and apps more complex, increasing the way that cybercriminals can take advantage of any security holes.

But you can focus on doing some things that will help you be more secure when using your mobile devices. We provided five tips here and now here’s five more:

Be careful when “checking in” on social sites: Facebook, FourSquare and other geo-location programs are fun and sometimes you can score some deals for “checking in” at locations, but you also want to be cautious of letting people know where you are – especially if you’re away from home. And you also may want to consider disabling the GPS (global positioning system) on your smartphone or tablet so your photos don’t’ have latitude and longitude information embedded into them when you share them.

Don’t remember it-forget it: Don’t set user name and passwords to be remembered in your mobile browser or in apps and make sure you always log out of accounts when you access them. And like on your computer, make sure you use strong passwords and different passwords for each of your accounts.

Be careful what you share: Yes it’s fine to stay in touch with our friends and family via social networks, but be careful what you share. Even if your privacy settings are set to only let your friends see the information, it’s best to take the approach that once something is online, it lives forever. Think if you’re really ok with your grandmother or boss to see that update, picture or video.

Don’t text or email personal information: While this might seem pretty basic, we may find we need to share credit card numbers or personal details with another person. But this should be done via a secure site or app or use your mobile’s other function (the basic phone part). Emails and texts can be intercepted and then your information can fall into the wrong hands. Also remember that legitimate organizations like banks will not ask you to text personal details like that so if you see requests like that, it’s most likely scam.

Turn off your Bluetooth: If you’re not using this connection, it’s best to turn it off. Not only will this help save your battery life, but it prevents hackers from accessing your device through this technology. Many devices are preset to use default settings that allow other users to connect to your device, sometimes without your knowledge. In some cases, hackers can access a phone’s contacts, calendar, text messages, and more.

 

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Home Invader: ‘I Have Torn Apart Families and Ruined Lives’

Home invasions are the nastiest of all burglaries. They usually involve some type of force, and there is often a weapon involved. In this one particularly brutal and deadly home invasion, the perpetrator and his cohorts used a machete.

Back in 2010, the Boston Globe reported, “A woman hacked to death with a machete and knife in her home was alive for all 32 slash and stab wounds that split open her skull, sliced through bones and pierced organs, a medical examiner testified.”

Steven Spader, who created a gang called “Disciples of Destruction,” was 17 years old at the time of his murderous rampage. Spader’s gang broke into the woman’s New Hampshire home while she and her daughter slept.

Spader, who stated, “Through my impulsive actions, I have torn apart families and ruined lives,” was resentenced last month to life in prison plus 76 years. His resentencing was required due to a U.S. Supreme Court ruling that mandatory life sentences for those under the age of 18 at the time they killed amounts to cruel and unusual punishment. It’s amazing to me that any law would consider any punishment of any kind for this kid as cruel and unusual.

Superior Court Judge Gillian Abramson stated on the April court date, ‘‘The circumstances of these horrific crimes and the extent of the defendant’s planning and participating warrant the imposition of life without parole and maximum consecutive sentences.’’ Senior Assistant Attorney General Jeffery Strelzin stated that Spader is a ‘‘psychopath. It’s not a phase. It’s not something he’s going to grow out of; it’s who he is.’’

The chances of something this nasty even happening to you is slim. But there is a chance, so at least install a home security system and keep it turned on while you are at home.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Why it’s Critical to Protect Data on Digital Devices

When devices are lost or hacked and your data is exposed, not only is this a pain to deal with, but you could become a victim of identity theft. Not only do victims of identity theft suffer loss of time  but they also lose money that may not be able to be recovered . In McAfee’s recent study, they found on average that people have over $35,000 worth of digital assets stored on their digital devices, further demonstrating the need to protect your personal data on all of your digital devices.

Studies show that identity theft can take anywhere from one hour to 600 hours to rectify, and so dealing with multiple breaches can potentially add up to several wasted years of your life. Other studies have shown that as many as 25% of victims never fully restores his or her compromised identity. The victim has to deal with it for life. It’s just a constant administrative process that never goes away.

For some people, the consequences of identity theft include financial ruin, wrecked marriages, lost jobs or emotional distress. It can be like a recurring plague. Identity theft is not something you want to happen to you or anyone you love.

What are the most effective ways to protect the data on your devices?

Be careful what you store on your devices. Passwords, driver’s license numbers, credit cards, tax statements—all of these can be used to steal your identity.

Be vigilant about what you post online—Remember online is forever and also hackers use online properties to find out information about you and then use this information to try and lure you to giving them more information through phishing and other tactics.

Use strong passwords—this is often the first line of defense against hackers. Remembers passwords should be at least ten characters in length and ideally use a combination of upper and lower case letters, numbers and symbols and not spell any words or use things like pets’ names or birthdays.

Protect all your devices—PCs, Macs, tablets and smartphones with comprehensive security, likeMcAfee® LiveSafe that includes:

Basic security like antivirus, anti-spyware, anti-phishing, anti-spam and a firewall

Remote locate and lock software to track and lock your PCs, tablets and smartphones if they are lost or stolen.

Password management software to help you securely manage all your usernames/passwords and with one click securely login to any site from any of your devices.

Secure online storage for your most sensitive documents that is only accessible with your face and voice.

Our use of digital devices bring great flexibility and convenience that most of us have come to rely on. It’s up to us to also take steps to make sure we are protecting ourselves and our family, our data and identity.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

5 Mobile Security Tips

Cybercrime is one of the most lucrative illegal businesses of our time, and it shows no signs of slowing down. Over the last decade, cybercriminals have developed new and increasingly sophisticated ways of capitalizing on the explo­sion of Internet users, and they face little danger of being caught. Meanwhile, consumers are con­fronted with greater risks to their money and information each year.

The proliferation of mobile devices has provided a new opportunity for cybercriminals. With mobile shipments now outpacing PC shipments, there is now a large enough pool for the cybercriminals to start to leverage this base to make money.

Here are 5 quick tips to help you protect your mobile device and your data on the device.

Put a PIN on it – As a first basic step make sure you use a PIN code or password to lock your device and make sure it is set to auto-lock after a period of time.

Think before you click: Being on the go is convenient, but in our rush to respond, we don’t always take the time to look carefully at texts, email and social posts to make sure they are valid. Always be careful when clicking on links that you receive from anyone.

Don’t be app happy: Be careful what apps you download and where you download them from. Most malicious software for mobile devices is distributed through “bad” apps.

Be careful where you search: Double-check a website’s address and make sure that it appears legitimate by reviewing the URL or rather than doing a search for a site, type in the correct address in the URL bar to avoid running into any phony sites.

Secure your device:  Make sure all your mobile devices have comprehensive security software, likeMcAfee Mobile Security or McAfee LiveSafe (for all your devices) that protects you from threats, helps you avoid risky websites and malicious apps, and in the event of loss or theft, lets you remotely backup, lock and if necessary, wipe all the data from your mobile device.

 

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Do You Know What Your Kids Are Hiding?

Many of you as parents may think, “not much” when asked this question. But in reality, it’s probably a lot more than you think. So it should come as no surprise to anyone that McAfee’s 2013 study, Digital Deception: Exploring the Online Disconnect between Parents and Kidswhich examines the online habits and interests of tweens, teens, and young adults, finds there is a significant disconnect between what they do online and what their parents believe they do.

The phrase “liar liar, pants on fire” comes to mind when I hear this topic and the phrase applies to both parents and kids. Parents are lying to themselves if they think they know what their kids are doing online, since 80% said they would not know how to find out what their kids are doing online and 62% do not think that their kids can get into deep trouble online. As for our kids, let’s face it – kids sometimes lie. The study found that 69% of kids say that they know how to hide what they do online from their parents and disturbingly 44% of them cleared their browser history or used private browsing sessions to hide their activity from their parents.

While youth understand the Internet is dangerous, they still engage in risky (and sometimes illegal) behavior. Not only are they hiding this activity from their parents in a variety of ways, but almost half (46%) admit that they would change their behavior if they knew their parents were paying attention.

86% of youth believe that social sites are safe and are aware that sharing personal details online carry risk, yet kids admit to posting personal information such as their email addresses (50%) and phone numbers (32%)

48% have viewed content they know their parents would disapprove of

29% of teens and college aged youth have accessed pirated music or movies online

Adding to this problem is how clueless parents are regarding technology and their kids’ online lives. 54% of kids say their parents don’t have time to check up on the kids’ online behavior and 42% say their parents don’t care what the kids do online. And even worse, only 17% of parents believe that the online world is as dangerous as the offline world and almost 74% of parents just admit defeat and claim that they do not have the time or energy to keep up with their kids and simply hope for the best.

So how do you bridge this divide?
Parents, you must stay in-the-know. Since your kids have grown up in an online world, they may be more online savvy than you, but giving up isn’t an option. You must challenge yourselves to become familiar with the complexities of the online universe and stay educated on the various devices your kids are using to go online.

Here are some things you can do as parents to get more tech savvy:

Get device savvy: Whether you’re using a laptop, desktop, Mac, tablet, mobile, wired Internet, wireless, or software, learn it. No excuses. No more, “My kids know more than I do,” or “All I know how to do is push that button-thingy.” Take the time to learn enough about the devices your kids are using.

Get social: One of the best ways to get savvy is to get social. By using your devices to communicate with the people in your life, you inevitably learn the hardware and software. Keep in mind that “getting social” doesn’t entail exposing all your deepest, darkest secrets, or even telling the world you just ate a tuna sandwich, but it is a good way to learn a key method that your kids communicate.

Manage your/their online reputation: Whether you are socially active or not, whether you have a website or not, there are plenty of websites that know who you are, that are either discussing you or listing your information in some fashion. Google yourself and your kids to see what’s being said. Teaching your kids what is and is not appropriate online is a must these days. And as a good rule of thumb, you should teach your kids that things posted online stays there forever.

Get secure: There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets. Invest in comprehensive security solutions that include antivirus, but also protects your kids, identity and data for ALL your devices like McAfee LiveSafe.

Or you can be like me and tell your kids that once they turn 10 they will be locked in a box in my basement until they turn 30. Just kidding (maybe). But seriously, parents – it’s time to make this a priority, for you and your kids. For more information, click here or follow McAfee on Facebook and on Twitter at @McAfeeConsumer.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Gold Farming A Chinese Full Time Job

Gold farmers play massive multiplayer online games, not for fun, but to accumulate virtual currency, or “gold,” which can then be sold to other players, despite the fact that most game operators explicitly ban the exchange of in-game currency for cash. Gold farming is so lucrative, people in China and other developing nations can support themselves by working full-time operating gold farming rings.

About.com reports “most gold farmers are from developing countries such as China and Vietnam. According to World Bank estimates, there are currently over 100,000 people working as full-time gamers in China. They toil away for 12 or more hours a day in internet cafes, abandoned warehouses, and small offices, making about 25 cents an hour, or roughly $75 a month. There are quotas in place and work performances are heavily evaluated. The workforce is dominantly made up of migrant teenagers and young adults who come to the cities looking for work. These “virtual sweatshops” resemble the thousands of toy and appliance factories that have opened in China in the past several decades to take advantage of China’s abundance of cheap labor.”

Many leading MMOs are finding it increasingly necessary to deploy a layered defense to protect against gold farming, chargebacks and increasingly, account takeovers within gaming environments.  By leveraging the power of device reputation, which looks at the computer, smart phone or tablet connecting to the games, the gaming publisher can easily connect together players working together and shut down entire rings in one sweep.  In one case, a major gaming publisher saw the marvel of Oregon-based iovation’s fraud protection service and took action against 1,000 fraudulent accounts shortly after implementing the SaaS-based service.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures.

Your Strong Password Isn’t so Strong

Banks rely on usernames and passwords as a layer of protection and authentication to prevent criminals from accessing your accounts. However researchers now show that your password—even though it may be a relatively “strong” one, might not be strong enough.

When you create a password and provide it to a website, that site is supposed to then convert them to “hashes” as Ars Technica explains “Instead, they work only with these so-called one-way hashes, which are incapable of being mathematically converted back into the letters, numbers, and symbols originally chosen by the user. In the event of a security breach that exposes the password data, an attacker still must painstakingly guess the plaintext for each hash—for instance, they must guess that “5f4dcc3b5aa765d61d8327deb882cf99” is the MD5 hashes for “password”.

But Ars did an experiment with some newbie technologist all the way up to expert hackers to see what they could do to crack the hash.

“The characteristics that made “momof3g8kids” and “Oscar+emmy2″ easy to remember are precisely the things that allowed them to be cracked. Their basic components—”mom,” “kids,” “oscar,” “emmy,” and numbers—are a core part of even basic password-cracking lists. The increasing power of hardware and specialized software makes it trivial for crackers to combine these ingredients in literally billions of slightly different permutations. Unless the user takes great care, passwords that are easy to remember are sitting ducks in the hands of crackers.”

How to get hacked

Dictionary attacks: Avoid consecutive keyboard combinations— such as qwerty or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like “John the Ripper” or similar programs.

Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favorite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.”

Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.

Protect yourself:

  1. Make sure you use different passwords for each of your accounts.
  2. Be sure no one watches when you enter your password.
  3. Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password.
  4. Use comprehensive security software and keep it up to date to avoid keyloggers (keystroke loggers) and other malware.
  5. Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords.
  6. Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.
  7. Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself.
  8. Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year.
  9. Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier.

10. Strong passwords are easy to remember but hard to guess. Iam:)2b29! — This has 10 characters and says “I am happy to be 29!” I wish.

11. Use the keyboard as a palette to create shapes. %tgbHU8*- Follow that on the keyboard. It’s a V. The letter V starting with any of the top keys. To change these periodically, you can slide them across the keyboard. Use W if you are feeling all crazy.

12. Have fun with known short codes or sentences or phrases. 2B-or-Not_2b? —This one says “To be or not to be?”

13. It’s okay to write down your passwords, just keep them away from your computer and mixed in with other numbers and letters so it’s not apparent that it’s a password.

14. You can also write a “tip sheet” which will give you a clue to remember your password, but doesn’t actually contain your password on it. For example, in the example above, your “tip sheet” might read “To be, or not to be?”

15. Check your password strength. If the site you are signing up for offers a password strength analyzer, pay attention to it and heed its advice.

While you must do your part to manage effective passwords, banks are working in the background to add additional layers of security to protect you. For example, financial institutions are incorporating complex device identification, which looks at numerous characteristics of the online transaction including the device you are using to connect. iovation, an Oregon-based security firm, goes a step further offering Device Reputation, which builds on complex device identification with real-time risk assessments. iovation knows the reputations of over 1.3 billion devices in iovation’s device reputation knowledge base. By knowing a devices reputation, banks can better determine whether a particular device is trustworthy before a transaction has been approved.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures.

Classifieds Ripe For Rental Fraud

I once listed a property for rent on Craigslist that scammers ended up relisting for a third of my asking price. People would pull into my driveway and knock on my door while the listing was active and even after the listing I posted had expired too.

Business Insider reports, “Since lenders have tightened their requirements for getting a mortgage—which is making it harder to buy a home—the rental market is hot right now. Turns out, so is the online identity theft market, which is why it’s no surprise that identity thieves are attacking people who are looking to rent.”

Here’s how the scam often works. The scammer copies and pastes the ad and poses as the homeowner, who is conveniently away traveling on business overseas. In order to generate traffic, the scammer lists the ad for much less than is being asked. When people respond to the ad, the scammer tells them they can rent it out—all they have to do is forward him the first month’s rent via a money wire overseas. Some people will want to drive by to get a look without actually going in, and that’s enough for them to send the money.

The way I thwarted this crime under my watch was to continually scan Craigslist for keywords related to my ad to see if it was being posted by a scammer. When I discovered a fraudulent post, I emailed abuse@craigslist.com with the link. Craigslist was very responsive and took the posts down. The scammer was equally diligent, however: I had to do this almost 20 times during the period I was renting out the apartment.

How can you protect yourself from scams like this, or other scams that take advantage of online classified ads?

  • Use common sense, be smart and pay attention. If you do that, you won’t fall for these types of cons.
  • Be very careful who you contact and who contacts you. You never know who the person is or what his or her motivation may be.
  • Whenever possible, deal locally. People who cannot meet you in your town are more likely to be scammers. And even when you do meet in person, you still should be wary.
  • Never engage in online transactions involving credit cards, cashier’s checks, money orders, personal checks, Western Union, MoneyGram, cash or anything that requires you to send money to a stranger in response to money he or she has sent you. This is known as an advance fee scam.
  • Be smart. Don’t disclose your financial information, including account or Social Security number, for any reason. Look out! Scammers will say anything in order to get this information.

Many classified sites stop fraudulent ads from being published in the first place by incorporating device-based intelligence that helps them assess risk upfront. Fraud prevention technology offered by iovation Inc. not only helps these sites identify repeat offenders coming in under multiple fake identities, but also detects when scammers are attempting to place multiple fraudulent ads using a variety of computers, tablets and smartphones to do so. This greatly helps rid these sites of undesirables and protects their valued members.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures.

6 Tips for Apartment Security

According to the National Crime Prevention Council, apartments have an 85 percent greater chance of being burglarized than a single-family homeowner or rental property.

6tips

Apartment security should be a priority for landlords to provide for tenants, but it’s really up to you, the tenant, to ensure your security. When hunting for a security-minded apartment complex, consider the following:

  1. Home security systems: Today’s systems are wireless and portable. You don’t need to own a house or have a contractor install it. Ask if you have permission to install an in-apartment home security system with motion detectors. This should not be negotiable. Wireless home security systems are non-invasive and inexpensive.
  2. Peephole: Require a peephole on your door.
  3. Door security: If the doors are glass-paned opposed to solid-core doors, then your potential landlord isn’t concerned about your security. Doors should have a knob lock and a deadbolt, and the doorjamb and hinges should be reinforced. Search door reinforcement online to see what your options are.
  4. Surveillance cameras: Having one to 16 cameras with signage lets the bad guy know he’s being watched. Most camera systems can be remotely accessed with your mobile phone or tablet.
  5. High-wattage sodium lighting: You cameras will work better with good lighting. Exterior lighting on the perimeter lets the bad guy know he can’t hide. (Bonus: Cockroaches hate light too.)
  6. Parking lot security fencing: Perimeter fencing six feet high is a great deterrent.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.