2014 - Page 36 of 37

Find Missing Kids with SafetyLink

January 18, 2014/in safety tips /by Robert Siciliano

Find your lost car keys, smartphone and abducted child. Yes, you read that correctly: There’s now a device that can locate your missing child (or wandering elderly grandmother). And the device that can do this is TINY.

Imagine a device that can be used as a keychain and not only locate missing people, but your dog that’s run off. Sanjay Chadha did, and the result is SafetyLink, which uses wireless technology combined with smartphones and cloud sourcing to provide community protection.

Chadha is the co-founder and CEO of Safety Labs Inc., the developer of SafetyLink. Chadha came up with the idea as a result of the much publicized gang rape that had occurred in New Delhi. So disturbed by this crime, he awakened one morning at 4 a.m. and knew it was time to develop a mobile-based solution that could save people in danger.

Enter SafetyLink

The main targets of SafetyLink are children, women and senior citizens. Should a child become lost or abducted, for example, or a hiker take a serious fall, they simply press and hold the coin-sized button of the device. This will send an SOS.

The SOS will then be distributed by a cloud server, alerting individuals who are in the user’s network—who have proximity to the user. Emergency services (e.g., 9-1-1) will also be notified.

And guess what: SafetyLink has key features that prevent prank calls. The device includes GPS technology to locate the user (imagine a child in the car of an abductor, pressing the button—which can be worn as a pendant—the predator would never suspect a thing!

The SOS will make its way to the dashboard of a police cruiser in the vicinity. The police will be on the predator’s tail in no time.

SafetyLink can be used by “anybody and everybody,” says Chadha. It easily clips to a child’s jacket or backpack, Grandma’s fanny pack or your dog’s collar. It needs charging only once a year, due to Blue Tooth technology. And remember, it can also locate missing car keys and phones.

How does Safetylink alert?

A parent, for instance, determines the travel range of their child and sets this up via an online application. If the child wanders out of (or is taken out of) this travel range, the parent’s smartphone will beep.

The parent then registers the child’s SafetyLink with the cloud server: The police and community will be alerted to search for the missing person. Think of this as a wireless leash. It can be switched on and off; the travel range can be adjusted; and people can always be added to the network.

This new product sure sounds like a winner. However, its success depends on community participation. People are encouraged to download the free application. The device costs only $35.

Thus far, 220 have been pre-ordered from the U.S., Canada, Europe, India and Brazil.

Where can pre-orders be made?

Safetylink.org. The product will be officially on the market May 2014.

“Predictive Analytics”: Technologies that read your Mind

January 17, 2014/in Mobile Devices /by Robert Siciliano

There’s an app that can practically read your mind via your mobile device. The technology is called predictive analysis, and Google’s Now app is at the forefront. Other apps that utilize predictive analysis include Grokr and Osito: predicting the smartphone user’s next move.

How does this work?

Snippets of information are assembled via an algorithm, leading to a prediction of the user’s next behavior.

An example would be combining snippets of calendar entries with the user’s location data, e-mail information, social network postings and other like information.

The user is then presented with assistance that the app “thinks” is needed. The support-information is called a card. A card might, for example, remind the user about an event whose information was entered previously.

The app will then add directions to the event or show weather conditions at the location—even advise raingear.

Benefits

The Now app can “understand” context and filter out irrelevant information, making searchers easier than ever.
The Google search engine can now respond to more than just individual keywords and can seemingly grasp the meaning of a search query. This algorithm is called Hummingbird and impacts 90 percent of searches.

An example is that Google can compare items upon request or dig up facts about various things. For example, just type in the name of a famous landmark—once. If you seek trivia, you’ll get answers, but if you then seek directions, Google will know that you want directions to this landmark without you having to type in its name again.

Future locations of the user can be predicted (based on locations visited previously), not just the current location.
Recently, Google and Microsoft researchers came up with a software, Far Out, that can figure out a user’s routine via GPS tracking. This data is then assembled so that future locations of that user can be predicted.
The configuring can even adjust to correlate with the user’s changes in residence or workplace.

As advanced as all of this seems, this is only the start of a new wave of technology that can “think” for us—a big benefit to those whose lives are so hectic that they’ve become absent minded, and for those who simply enjoy the idea of having to do less mental work.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

6 Ways to Declutter Your Digital Life

January 17, 2014/in digital security /by Robert Siciliano

It’s the New Year so time for new starts and new resolutions. With a new year upon us, now is a good time to clean out the clutter. Clutter is overwhelming, messy and inefficient and it transcends in both our physical and digital lives.

Here are some tips to help clear the clutter out of your digital world.

1. Backup the Data on Your Devices
You are (hopefully) about to delete lots of stuff.

Back up everything you have onto an external drive – make sure this is your files, contacts, browser bookmarks, photos and any other important content you would want
Don’t forget to back up your smartphones and tablets as well
For extra de-cluttering, set up a secure cloud backup that runs 24/7

2. Organize your Computer

Organize files on your desktop and within desktop files, including consolidating several similar files into one file.

Delete duplicate files and ones that you do not need
Rename files so you can locate them easier in the future
Uninstall programs you never use

3. Clean Up Your Browser

Go through your bookmarks and delete the ones you don’t use
Clear out your cookies and browsing history
Disable or delete any add-ons or plug-ins that you are not using

4. Monitor Your Social Media Accounts

Cancel accounts on sites you don’t use—leaving your profile up can make you more vulnerable to cyber attacks
Go through your friends and/or follow lists and see if there’s anyone on there that you don’t want updates from any longer

5. Scrub Your Email Inbox

Move messages that you want to save into folders
Unsubscribe from mailings you never read or are no longer interested in

6. Scrutinize Your Smartphone/Tablet

Delete photos, music, texts or other items that you don’t use any longer
Remove apps that you don’t use any longer

Happy de-cluttering and Happy New Year!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Home Invasion results in Child Casualties

January 16, 2014/in burglary /by Robert Siciliano

Two young girls died after a man broke into their second-story Cleveland apartment and set it afire. This was after the man forced the 55-year-old babysitter (the children’s’ aunt) into a bathroom, where she remained—until she began smelling smoke. Then she fled to outside and later reported that the man had started the fire.

Ironically, in the week prior, the victims’ mother had been robbed at gunpoint. The man who broke in and the man who robbed the mother are still at large, and police aren’t sure if they’re not the same man.

Could this home invasion have been prevented? Possibly. Here are tips that will go a long way in preventing someone from breaking or forcing their way into your home:

Never speak to a stranger when all that separates you from that person is a screen door. Even worse is talking to a stranger when no screen is between the two of you. If possible, speak to them only through a locked door.
Instruct your children, or any kids in your house, never to respond to a doorbell ringing or knocking at any doors of the house. This includes even if you’re expecting someone, including pizza delivery. This also includes if you happen to be momentarily indisposed.
Get a burglar alarm system and keep it on, always. This means you’ll need to remember to turn it off when opening the door (or window). Kids in the house will also need to learn to turn it off or ask you to turn it off when they want to go out.
If you think that the previous suggestion is too difficult to manage, it’s important to realize that not all burglars (or rapists) knock or ring bells. Some will break in and you won’t know it till they’re inside your home pointing a gun at you.
A 24-hour camera surveillance system should be installed. The sight of a camera or the warning sign from the system’s company can be a strong deterrent to a break-in. Cameras should be aimed at all doors and entry points.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Mobile Phone Hacking: proactive and reactive Responses

January 14, 2014/in mobile phone security /by Robert Siciliano

Mallorie’s Android phone was acting odd, like it was possessed. The thing had a mind of its own, sending garbled texts and gambling. Ghost? Or hacked?

Mallorie locked down the phone when it was charging so it wouldn’t purchase poker chips. One day she forgot to lock it and it went on a shopping binge. Packages began appearing at her doorstep.

Obviously, someone had access to her credit card. But how? And what could poor Mallorie do to disable this thief?

Millions of mobile devices get infected. But police officers won’t bother with this. Mallorie cancelled her credit card and deleted the “possessed” apps. Then she crossed her fingers.

How do mobile phones get attacked?

A study showed that 86 percent of Android malware employs “repackaging.” Here’s how it’s done:

Download an application
Decompile it.
Add malware.
Recompile the app.
Submit it back into public circulation—after changing its name.
Someone else downloads this changed-name application, and the malicious payload infects their device.
A repackaging variation, “updating,” involves adding a code that will tag a malicious payload at a later date.

How can you tell your mobile has been infected?

It begins behaving oddly. Something is off—sometimes slightly, sometimes blatantly, such as the device is sending your address book to a foreign IP address. Hook your mobile to a WiFi and see where it sends information to.
Unfamiliar charges on the bill. Malware on a phone will produce unauthorized charges. The device is hooked to an accounting mechanism, making it a snap for thieves to send premium SMS text messages or make in-app purchases—which cost you money.

How can you protect your mobile?

Keep its software up to date: easy to do on iOS but difficult on Android.
Some phones cannot be updated; these phones have OS vulnerabilities within them, making them open to attack. Users end up downloading malware which uses this OS vulnerability to infect the device.

Android vs. iOS for security

iOS beats Android for security against malware.
Apple placed restrictions on application functionality (e.g., premium SMS messages can’t be sent), which is why Android isn’t as secure against malware as is iOS.
Another reason: Android’s app review process is not top-notch at screening out bad applications (but it’s improving).
Both Android and iOS allow your personal data to leak out to ad networks. This isn’t considered malicious since a user may wish this to occur.

Scope of Problem

The verdict isn’t quite out on this.
Some say the problem is limited just to third-party app sellers and this can be avoided by going to iOS’s or Google Play’s app store.
Others believe everybody has a compromised application on their mobile.
More research is warranted to define scope of problem.

Who should protect the user?

The app maker? The carrier? Or the operating system provider?
Nobody has taken this responsibility currently. It’s kind of like a “that’s not my problem you downloaded a malicious app that we didn’t write,” or, “You wanted it; I only delivered it—not my problem.”
The buck is passed because user protection is expensive.

Solutions?

It would be great if the app store could provide very in-depth screening for all the types of malicious actions that apps can perform.
The caveat: This isn’t in the platform provider’s best interest because they want their store to carry a lot of applications.
Stores want more and more apps, and better ones, and don’t want anything to slow that process down.
Data can be secured when you communicate via a wireless network with a VPN like Hotspot Shield VPN. All web transactions can be secured via https.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

IT Guys get duped Pretty Girl on Social Media

January 13, 2014/in social media privacy /by Robert Siciliano

Defenses of a U.S. government agency were duped by an experimental scam created by security experts.

The “scam” involved Emily Williams, a fictitious attractive woman with a credible online identity (including a real photo that was allowed by a real woman), posing as a new hire at the targeted agency.

Within 15 hours, the fake Emily had 55 LinkedIn connections and 60 for Facebook, with the targeted agency’s employees and contractors. Job offers came, along with offers from men at the agency to assist her with her new job.

Around Christmastime the security experts placed a link on Emily’s social media profiles linking to a Christmas card site they created.

Visitations to this site led to a chain of events culminating in the security team stealing highly sensitive information from the agency. Partner companies with the agency were also compromised.

The experimenters got what they sought within one week. The penetration scam was then done on credit card companies, banks and healthcare organizations with very similar results.

An authentic attacker could have easily compromised any of the partner companies, then attacked the agency through them, making the assault more difficult to detect.

Recap: The scam began from the ground up, inflating Emily’s social network till it enabled the attack team to suck in security personnel and executives. Most of the people who assisted Emily were men. A similar experiment using a fake male profile had no success.

Preventing getting suckered into Social Media Scams

For agencies and other organizations, social engineering awareness training is crucial, and must be done constantly, not the typical annually.
Suspicious behavior should always be questioned.
Suspicious behavior should be reported to the human relations department instead of shared on social networks.
Work devices should not be used for personal activities.
Access to various types of data should be protected with separate and strong passwords.
The network should be segmented to guard against scammers infiltrating a network segment simply because an employee with access to another segment was compromised.
Learn from this. Reverse engineer this same scenario in your own life or organization to see how this might happen to you.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Next Steps in Wearable Tech

January 12, 2014/in phone scams /by Robert Siciliano

Tech devices are rapidly evolving from those you carry around with you in a pocket to those you wear on an arm, and they seem to be getting smaller and smaller. We have the laptop as the progenitor, culminating in the smartphone and tablet.

And beyond: Google Glass, a computer you wear, freeing your hands, that can connect to the Internet via voice commands. The “smartwatch” is now in the works. Plus, there are little fitness gadgets you can wear that record vital data including number of steps taken in a day.

Inspiration for an Invention

Isabel Hoffman’s daughter, 14, became very sick after moving to America from Europe. Doctors couldn’t diagnose her.

Hoffman, an entrepreneur, then took her daughter to Dr. Neil Nathan, who diagnosed the teen with toxicity to the mold Aspergillus penicillium. A house mold test confirmed this. The Hoffmans moved, and the girl was put on a gluten free diet, since the toxicity causes gluten intolerance, and her health was restored.

Hoffman wondered how many other people suffer with unexplained ailments. So she, with a partner who’s a mathematician, created a handheld device: TellSpec.

Point it at or hold near an object, including food, and it transmits ingredient information to its smartphone app and displays the data.

Have celiac disease? Scan foods with TellSpec to see if they have gluten. Allergic to soy or simply want to avoid it? Hover the device, which is smaller than a mobile, near the food to get your readout on your smartphone.

TellSpec also supplies information about potential health issues with the ingredient. Sounds like “Star Trek,” but this device will be on the market August 2014.

How Wearable Technology will save Lives

Can identify substances in foods that can literally kill a person with an allergy, such as peanuts, or harm a person, such as gluten.
Can identify sugar content: valuable for diabetics.
Can identify toxins in water and walls.
Current wearable devices can track blood pressure, heart rate and other vitals: data that not only is helpful to fitness conscious people, but those with medical conditions.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Corporate BYOD puts Client Data at risk

January 12, 2014/in Data Security /by Robert Siciliano

When employees improperly use mobiles, they put their companies at risk for data breaches. This includes leaving lots of sensitive data on the devices—which can pave the way to leakage of data, plus other issues.

Mobile device use in workplaces is increasing—and so is its associated security risks. Current security measures are lagging behind the increased rate of mobile device use in the corporate realm.

One study not only showed that a lot of company information was left on handsets, but personal information as well was left on, putting employees at risk for personal compromises.

This small study demonstrates a clear need for improved guidelines and policies governing smartphone use and security of the devices. This becomes even more relevant as businesses turn more to cloud storage for data.

Non-approved software-as-a-service (SaaS) apps, used by employees, is widespread, according to a McAfee study. These apps are not approved by the company’s IT department. Employees can easily bypass the IT department by using the cloud. The study showed:

Over 80 percent of survey participants reported using unauthorized SaaS apps.
About 35 percent of SaaS apps used on the job are not approved.
About 15 percent of users have had a security problem using SaaS.

Employees may not realize that their chosen SaaS apps are poorly safeguarded. Such employees aren’t malicious; they’re just trying to be more efficient. Businesses need to find the right balance of protecting themselves yet allowing employees to use apps for increased productivity.

An ideal situation would be to monitor SaaS apps and apply policies that do not inhibit employees’ ability to be productive.

A recent Forbes article got my attention and the authors solutions make good business sense.

Six Solutions

1) XenMobile. This allows IT to secure and manage smartphones, data and apps, and establish policies based on smartphone ownership, location or status. Users can then more easily access the web, e-mail, corporate apps and documents with a single click on a mobile.

2) Airwatch. This mobile device system provides management of apps, content and e-mail, to oppose inadvertent mismanagement of smartphones by employees (e.g., storing documents in vulnerable locations).

Just enter username and password; Airwatch will wirelessly and automatically configure all the settings, apps, security policies and more based on the worker’s role in the company.

3) Mobile Iron. This system manages and secures apps, devices and content, ideal for businesses that support the BYOD program. Personal content can be separated from corporate content, protecting the employee’s private data.

4) Good Dynamics secure mobility platform. This is a BYOD program that keeps employees productive while zeroing in on security. Personal data is partitioned off from business data to protect programs like e-mail.

5) Samsung Knox. This system is for Android devices, managing with a multi-tiered security approach. One’s network will be protected from malware, hacking, viruses and non-approved access.

6) Protect your BYOD on wireless networks. Use VPN if you’re on a portable wireless device. Hotspot Shield VPN is free, though its paid version is more e expanded and faster. First launch Hotspot before you use your PC laptop, iPad or iPhone to connect to free public Wi-Fi services like at the airport or at a coffee shop or hotel.

Your entire web surfing session will then be protected. All of your connections will be secured. This will eliminate some of the aggravation for your company’s IT department.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

10 Tips to Keep Your Data Private Online

January 11, 2014/in Data Security /by Robert Siciliano

The Internet has become an essential tool for most of us and a part of our everyday lives. We rely on it to send/receive emails, post/share photos and messages on social networking sites, shop for clothes, search for information, etc. But how do all these online activities affect your privacy?

Your online privacy depends on your ability to control both the amount of personal information that you provide and who has access to that information. Unfortunately, some of us are too casual and careless with how we manage our personal information and activities online. This leaves us vulnerable to identity theft and invasion of our privacy, both from legitimate and illegitimate sources.

That’s because your personal information, including your email address, phone number and Social Security number and other personally identifiable information, is worth a lot of money. The bad guys will use it to steal from you and businesses want to know as much about you as possible so they can sell you more products and services or serve you ads that are highly relevant to your demographics and preferences.

So take these simple steps to protect your valuable personal information:

Be careful what you share and post online. Remember, don’t post or share anything that you wouldn’t want shared publically, even if you think you’re just sending it to one person.
Don’t freely give out personal information online any more than you would to a stranger on the street. Keep personal information (such as your hometown, birth date with year and phone number) off social networks.
Don’t send any sensitive information when connecting over public Wi-Fi (e.g. don’t do banking or shop online)
Use private browsing mode on your Internet browser or at least turn off your browser cookies.
Never reply to spam or unknown messages, whether by email, text, IM or social networking posts from people you don’t know—especially if it’s for an offer that sounds too good to be true.
Only friend or connect with people online you know in real life.
Make sure when you’re providing any personal information online that the site uses encryption (look for https:// in the URL) and check to see how they are using your personal data in their privacy policy.
Be aware of location services with your smartphone or tablet. Turn off the GPS on your mobile device’s camera and only allow
Routinely update your social media privacy settings to ensure your profile is appropriately protected and also make sure to change your passwords on your accounts at least 3x a year.
10. Make sure all your devices are protected with comprehensive security, like McAfee LiveSafe™ service that provides not only antivirus, anti-spyware, anti-phishing, anti-spam and a firewall, but also protects your data and identity on your PCs, Macs, smartphones and tablets.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Teens trash Million Dollar Mansion

January 10, 2014/in home security /by Robert Siciliano

If your home is full of valuables, why not add one more valuable: a home security system?

A mansion in La Habra Heights (California) was ransacked by 16 teenagers; they made off like bandits with over $1 million worth of property. It all began when some local teens noticed that the mansion was vacant (the homeowner was out of town). They announced a backyard party via Twitter.

The $7 million house was burglarized during the party. The teens made a party of the robbery, going as far as tweeting images of theft in progress.

Thank goodness 16 of these male and female crooks were taken into custody. Some of the stolen items have been recovered, including a stuffed snow leopard valued at $250,000, a suit of armor, statues, electronics and scuba gear. Looks like this glorious mansion did not have a security system, or if it did, it was not left on before the homeowner went out of town.

Had this home had a comprehensive security system (or at least any pre-existing one turned on), the teenagers would not have been able to gain entry without setting off ear-piercing alarms and activating a response from the local police department. The police would have been there within minutes.

In fact, a complete security system would have made it impossible for the kids to even remain outdoors and party. A complete security setup should include a deterrent to even walking onto the property, let alone hanging out on it.

However, the most elaborate security system won’t make your home look occupied. Adjuncts to an electronic security system can include:

A small device that generates flickering light, simulating a TV set on. Place these in several rooms whose windows are easily seen, and cruising teens or older thugs will think someone’s home.
Devices that turn lights on and off at timed intervals.
Leaving a TV or sound system on loud.
Having a trusted adult keep an eye on the house.
Hiring a trusted house sitter, preferably one with a dog that will bark when someone approaches the house.
The security company’s logo should be in plain site on main doors and on all ground level windows. The company’s sign should also be staked into the ground at several points where a burglar is likely to traverse.