Removing Location data from Mobile Pics

Those cutesy photos in your phone of your puppy can reveal your location because the images leave footprints leading straight to your home. The trace data is called EXIF: exchangeable image file format. It may contain GPS coordinates of where you took the photos.

6WApple’s and Google’s smartphones ask owners if it’s okay to access their location. Click “okay,” and this means every photo you take gets tagged with GPS coordinates. Thieves look for this information, which remains with images that are uploaded to Flickr, Photobucket, etc. (Facebook strips EXIF.) Crooks or pervs can then use Google Maps to get your exact location.

Prevent Geotagging: Six Steps

  • For social media applications, turn off the location services.
  • For iPhone, go to Settings, Privacy, Location Services, and turn off the location services.
  • For Android, go to Settings, Location Services, and turn off the location services.
  • There are apps such as Pixelgarde that wipe geotags from existing online photos.
  • For computers, Windows can strip out the EXIF; just right click the image, click Properties, then in the “details” tab, hit the Remove Properties and Personal Information.
  • Mac users can use XnView, but this bulk-stripper works also for Windows.
  • Run Hotspot Shield which masks your IP address creating an incomplete profile of location data.

Many people don’t even know that photos store location information. You’re a walking map unless you take certain steps to protect your privacy. With those pictures you take with a smartphone camera, you also record all sorts of goodies like shutter speed, type of camera, date the image was taken, and of course…GPS coordinates. Here are the details for protecting your privacy:

Windows Phones

  • Select photos in Windows Explorer.
  • Right-click them, hit Properties.
  • Beneath the Details tab, click “Remove Properties and Personal Information.”
  • A window will pop up; hit Okay.
  • You’ll see a copy of each right-clicked photo in that same folder. The copied images are safe to upload.

Mac OS X

  • Use an app called SmallImage. Download the file.
  • Open the app; drag photos into its window.
  • Uncheck the box called “Recompress at quality.”
  • Click “Process,” and the copied photos will appear in the folder.
  • To replace the original photos rather than make duplicates, uncheck the “Add Suffix” box.

Linux

  • You’ll need a tool, EXIFTool. Install it on Ubuntu by running this command: sudo apt-get install libimage-exiftool-perl.
  • Next, to create clean copies of your photos, cd to their folder, then run: exiftool -all= *.jpg.
  • It will then generate copies of the photos

There exist a number of other programs for removing location data from your mobile phone, but the steps described here are among the easiest.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

United Airlines Passport Scanning Mobile App: is it safe?

https://safr.me/webinar/  | Robert Siciliano is the #1 Security Expert in the United States with over 25 years of experience! He is here to help you become more aware of the risks and strategies to help protect yourself, your family, your business, and your entire life. Robert brings identity theft, personal security, fraud prevention and cyber security to light so that criminals can no longer hide in the dark. You need to be smarter than criminals yesterday so that they don’t take advantage of you today! If you would like to learn more about Security Awareness, then sign up for Robert’s latest webinar!

_______

How much easier international travel is for United Airlines fliers: They can now use their iOS or Android device to scan their passports.

PP

If a customer checks in with United’s mobile application for international flights, they can access the passport-scanning feature. One can check in within 24 hours of departure. Fliers will get an option to confirm their stored passport data or to scan their passport.

If a customer chooses the scan, the app will use the smartphone’s camera to capture passport information. United says this is “similar to a mobile banking deposit.” The flier can retrieve the boarding pass after the passport scan is verified.

United says that their passport scanning feature is very time-saving and gives fliers more control.

Since it’s launch, Ive been asked by multiple outlets in regards to its security and the safety of this application, as it pertains to possible data breaches. The company who created the apps backbone is “Jumio” and by all accounts, they seem top notch.

It’s important consumers never blindly download or use any application without doing some due diligence. This is what I found;

Jumio states: “Jumio is PCI Level 1 compliant and regularly conducts security audits, vulnerability scans and penetration tests to ensure compliance with security best practices and standards. To demonstrate PCI compliance a yearly on-site validation assessment by a QSA is carried out. Jumio carries the security controls established to achieve PCI compliance over to PII data which is of comparable sensitivity and has extended the scope of such controls to cover and protect all systems used to transmit/process/store PII data. Doing so, provides Jumio with a coherent and independently tested set of security policies/processes/controls and enables Jumio’s customers to gain confidence that their data – be it credit card or PII – is handled in a secure manner throughout its lifetime.”

This is great. Now let’s hope my airline, Delta, signs on too!

And again, know what you’re getting into with any app because the Wall Street Journal ran a report in 2010 warning people of app developers’ missing transparency. And yes, we’ve come a long way in 4 years but 101 popular applications for iPhone and Android were examined. It turned out that 56 actually transmitted the mobile device’s unique ID to other companies. This was done without the user’s consent or even awareness.

Forty-seven of the apps transmitted the device’s location. Five of the applications sent gender, age and other personal data to outsiders.

This shows how intent that online-tracking companies are at collecting private information on people. Kind of makes you think of that song, “Every Breath You Take,” by the Police, especially the part that goes, “I’ll be watching you.”

Trackers know what apps the user is downloading, how often they’re used and for how long, the whole works. And there’s been no meaningful action taken to curb this. It’s all about money. (Isn’t everything?)

The more “they” know about the user, the more targeted ads will come the user’s way. If they know you love shoes, ads about shoes will pop up. However, all this “transmitted” personal information can also be used for ID theft and other criminal purposes.

Solution:

Be aware. Don’t just blindly downloads and use an application. Do your research, read the terms and conditions and/or terms of service.

The user must weigh the risks and benefits when downloading the next application. In addition, download only from a reputable app store—after you’ve read user reviews and the app’s privacy policy regarding how much personal information it will get into and share.

Other tips include avoiding conducting smartphone transactions over unsecured Wi-Fi connections and keeping the software current in your smartphone: keeping up to date on its operating system, security software and browser.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

This Earth Day, “Clean” Your Device Before You Recycle It

One man’s trash is another man’s new identity?Yes, because that “junk mail” you toss in the garbage contains valuable data about yourself. A crook bent on identity theft can potentially have a field day with your discarded pre-approved credit card applications, bank statements, etc. Using a paper shredder before throwing out letters and documents such as these will help protect you and your family.

http://www.dreamstime.com/royalty-free-stock-image-keyboard-recycle-button-green-white-icon-image35645776You should take this same vigilant approach when recycling your devices, whether that be your computer,external hard drive, mobile phone or tablet. This ensures no matter where your recycled device ends up, you can feel secure knowing it contains zero data about  you—and a factory reset will not necessarily achieve this.

Here’s how to “clean” the data on your mobile device:

  1. Do a factory reset. Every mobile phone contains software to do this.
    1. To reset Android: Menu > Settings > Privacy > Factory Data Reset.
    2. To reset Blackberry: Options > Security Options > General Settings > Menu > Wipe Handheld.
    3. To reset iPhone: Settings > General > Reset > Reset All Settings.
    4. For other phones, you can find out how to reset by doing an online search using the appropriate keywords, including the model number.
  2. Get rid of data that is on external media, like SIM or SD cards. Your best bet is to cut them in half.
  3. You can use a mobile security product, like McAfee® Mobile Security, to wipe your mobile clean of all its apps and data.

How to “clean” the data on your computer:Before you get rid of your computer, you must make sure that it’s impossible to recover the data on the hard drive. Simply putting things in the trash can and deleting them is not enough. If someone is skilled enough, they can almost always retrieve data left over on a hard drive. It’s your choice on how tough you make it for your computer’s new owner to do that.So don’t rely on these tasks.

Use a utility designed for wiping or erasing. This tool will overwrite everything with binary 1’s and 0’s. In fact, these tools meet government security standards and will overwrite each sector in your hard drive multiple times.McAfee Shredder, in which is included with McAfee LiveSafe™ service, is one of these tools. It will permanently wipe everything off your PC to protect your privacy.

This Earth Day, join the movement and demonstrate support for environmental protection. Just make sure to protect yourself first!

7 Safety tips on the Mobile Internet

It’s time to know all the ways you can make sure you’re safe when in mobile space to prevent identity theft.
1W

  1. It’s 10 pm; do know where the malware is? Malware is stealthy and hides in places you least expect, like search engines, tech-related sites, entertainment sites and web ads. Malware can even be waiting for you when you download what seems to be an innocent app for your favorite game. In fact, gaming and gambling sites are common targets, as are search engines—and these threats aren’t going to disappear too soon. Install antivirus especially on Android phones.
  2. Beware of peeping toms. That is, someone peering over your shoulder to catch you typing in a password. Mobile devices don’t mask passwords with those big dots like a laptop or desktop will. That snooping thief is hoping to get a glimpse of your password. Consider sitting against a wall when using your mobile in public. Cover your device with your other hand when entering PINs
  3. Click with discretion. The mobile webscape is replete with juicy-looking items to click: promotions, ads, weblinks…and it’s pretty much impossible to tell the legit ones from the fraudulent ones. Even the URL can’t indicate this. Scam offers can look legit and trick you into clicks. Don’t let the menagerie of all that stuff to click on overwhelm you. Don’t visit anyplace you’re not sure of.
  4. Don’t get reeled in by phishing e-mails. What should you do if you get an e-mail from eBay or something like that, requesting you click a link to update your credit card information because suspension of your account is imminent? Don’t open. Delete.
  5. Credit card companies, the IRS, banks, etc., will never contact you via e-mail and request your private information. Other scams take the form of announcements you’ve won money, your password has been compromised, or some other emotional message. Make a habit of never even opening these.
  6. Stay with app stores. The mobile webscape is cluttered with enticing offers of free downloads. A minority are fraudulent and it’s impossible to tell which are which. Never download from mobile-only sites or those crammed with ads. Download only from app stores you trust.
  7. No “Jailbreaking or “rooting”. These terms refer to installing software that will break down the walled gardens of your iPhone or Android. Once you do this you oprn the devices up to malware.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Mobile Phone Hacking: proactive and reactive Responses

Mallorie’s Android phone was acting odd, like it was possessed. The thing had a mind of its own, sending garbled texts and gambling. Ghost? Or hacked?

6WMallorie locked down the phone when it was charging so it wouldn’t purchase poker chips. One day she forgot to lock it and it went on a shopping binge. Packages began appearing at her doorstep.

Obviously, someone had access to her credit card. But how? And what could poor Mallorie do to disable this thief?

Millions of mobile devices get infected. But police officers won’t bother with this. Mallorie cancelled her credit card and deleted the “possessed” apps. Then she crossed her fingers.

How do mobile phones get attacked?

A study showed that 86 percent of Android malware employs “repackaging.” Here’s how it’s done:

  • Download an application
  • Decompile it.
  • Add malware.
  • Recompile the app.
  • Submit it back into public circulation—after changing its name.
  • Someone else downloads this changed-name application, and the malicious payload infects their device.
  • A repackaging variation, “updating,” involves adding a code that will tag a malicious payload at a later date.


How can you tell your mobile has been infected?

  • It begins behaving oddly. Something is off—sometimes slightly, sometimes blatantly, such as the device is sending your address book to a foreign IP address. Hook your mobile to a WiFi and see where it sends information to.
  • Unfamiliar charges on the bill. Malware on a phone will produce unauthorized charges. The device is hooked to an accounting mechanism, making it a snap for thieves to send premium SMS text messages or make in-app purchases—which cost you money.

How can you protect your mobile?

  • Keep its software up to date: easy to do on iOS but difficult on Android.
  • Some phones cannot be updated; these phones have OS vulnerabilities within them, making them open to attack. Users end up downloading malware which uses this OS vulnerability to infect the device.

Android vs. iOS for security

  • iOS beats Android for security against malware.
  • Apple placed restrictions on application functionality (e.g., premium SMS messages can’t be sent), which is why Android isn’t as secure against malware as is iOS.
  • Another reason: Android’s app review process is not top-notch at screening out bad applications (but it’s improving).
  • Both Android and iOS allow your personal data to leak out to ad networks. This isn’t considered malicious since a user may wish this to occur.

Scope of Problem

  • The verdict isn’t quite out on this.
  • Some say the problem is limited just to third-party app sellers and this can be avoided by going to iOS’s or Google Play’s app store.
  • Others believe everybody has a compromised application on their mobile.
  • More research is warranted to define scope of problem.

Who should protect the user?

  • The app maker? The carrier? Or the operating system provider?
  • Nobody has taken this responsibility currently. It’s kind of like a “that’s not my problem you downloaded a malicious app that we didn’t write,” or, “You wanted it; I only delivered it—not my problem.”
  • The buck is passed because user protection is expensive.

Solutions?

  • It would be great if the app store could provide very in-depth screening for all the types of malicious actions that apps can perform.
  • The caveat: This isn’t in the platform provider’s best interest because they want their store to carry a lot of applications.
  • Stores want more and more apps, and better ones, and don’t want anything to slow that process down.
  • Data can be secured when you communicate via a wireless network with a VPN like Hotspot Shield VPN. All web transactions can be secured via https.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Isis Mobile Wallet goes live

Isis Mobile Wallet allows you to make purchases with your phone—a technology that just went live. Just wave your Isis-compatible smartphone at select cash registers to buy soda or taxi service, via Isis’s near-field communication technology. (iPhone compatibility with NFC will come later on.)

1C

Incentives

Customers of Isis Mobile Wallet can use My Coke Rewards and Isis to get three free beverages at designated vending machines.

Another incentive comes from Jamba Juice: that of giving away one million free smoothies to Isis customers.

The third incentive: Make a purchase via an American Express Serve account through Isis Mobile Wallet, and you’ll be eligible for a 20 percent discount (going up to $200).

An enhanced SIM card is necessary to run Isis. You’ll also need to download the app from Google Play, or, you can sign up at any retail store that’s run by these three carriers mentioned above.

Free Smoothies

One million smoothies will be given away for free, courtesy of a business partnership between Isis and Jamba Juice.

All you need do to get the smoothie is make a purchase with your smartphone using the Isis Mobile Wallet.

Why give away a million free smoothies? It’s a promotion to encourage consumers to make mobile payments. This technology is possible by equipping point-of-sale terminals (cash machines) with near-field communication that will read the smartphone as it’s waved at the sensor.

This technology has passed trials with flying colors, and Jamba Juice will implement NFC-enabled terminals in stores nationwide. The goal is to get the idea of mobile payment more universally accepted by consumers.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

5 Ways To Protect Your Mobile From Prying Eyes

Do you know how to keep your phone from the prying eyes of exes, strangers, cops, other officials and even your own spouse? Here are tips to keep your mobile safe and secure.

5W#1 Common Sense

When it comes to the police, cooperate; this will lessen the chance of mobile confiscation. Though you aren’t required to talk to the police without an attorney present, and don’t need to fork over your passcode or give up your phone just because they ask for it, don’t be a pest, either. In general, police need a warrant to search your phone.

#2 Lock down your Phone

Encrypting important data is crucial for those who want to keep prying eyes—be they the police, a vindictive ex or a nosy coworker—from gaining access to their mobile device. The method of encrypting varies from one mobile device to the next, but here are some guidelines:

  • Android and iOS phones come with native data protection for encrypting. Take advantage of this. Remember, other models also offer encryption features, and the user needs to learn how to access these features.
  • Lock your SIM card so nobody can access the SIM without a known PIN.
  • Don’t always use the same phone; switch them up.
  • Protect any videos or photos you’ve taken with the mobile by saving them, then sharing them immediately to provide a backup.

#3 Store in a Cloud

Cloud storage enables you to store your data (videos, pictures, files, etc.) in a virtual storehouse which can be purchased or leased through a hosting company.

To store photos or videos, enable Camera Uploads on DropBox (Android, iOS). You can do the same with Google Drive. Each mobile device has a different way of shunting your valuable data to a cloud for cyber storage.

For Facebook enthusiasts, cloud storage can also be done via your mobile’s Facebook app.

iOS users can use AutoSnap to upload any image that’s taken with it to Facebook, DropBox, Twitter and Instagram. Just link the app with any social accounts that you have.

#4 Live broadcasting Yourself

  • Livestreaming puts anything you record on your phone onto the Internet; here, the phone acts as an inputting tool rather than a storage tool.
  • Justin.Tv (iOS, Android) is the leading livestream app, and the service is free.
  • UStream (iOS, Android). This livestreaming app focuses more on quality than on easy access. The service offers many broadcasting options.
  • Veetle (iOS, Android). This company is smaller than Justin.Tv and UStream, but has an advantage: free, easy integration with social media, plus some other perks.

#5 Use a VPN

When surfing the web on your local computer, mobile or tablet on a free, unprotected public network in a hotel, airport or coffee shop, your data is vulnerable to “sniffers.”

That’s where a Virtual Private Network (VPN) comes in to protect your data between your laptop, iPad, iPhone or Android and an internet gateway. This kind of VPN creates an impenetrable tunnel to prevent snoopers, hackers and ISPs from viewing your web-browsing activities, instant messages, downloads, credit card information or anything else you send over the network.

Hotspot Shield VPN is a great option that protects your entire web surfing session, securing your connection at both your home Internet network and public internet networks (both wired and wireless). Hotspot Shield’s free proxy protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads, etc.) are secured through HTTPS—the protected internet protocol.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

NFC app on androids facilitates automation

Near field communications (NFC) is the exchange of information between two devices via wireless signal. For example, a wireless signal emitting from your cell phone can act as a credit card when making a purchase. In the case of a mobile wallet application, those devices would be a mobile phone and a point-of-sale device at a checkout counter.

And NFC does so much more on Androids. A program called Trigger, which is available in Google Play, allows you to create customized automation tasks for numerous everyday things we do.

Bored of putting your phone on silent every time you get into the office? Tired of turning off Bluetooth to conserve battery every time juice gets low? This app interacts with your surroundings to configure settings on your phone automatically. Combine triggers and actions to create tasks, then activate the tasks that you create with conditions that you set!

Here are examples of what you can do:

In your car: Use Bluetooth as a trigger to open GPS and launch your favorite music app.

On your nightstand: Program an NFC tag to set your ringer to vibrate, dim your display and set an alarm.

In your home: Configure mobile data to turn off when your phone detects your own WiFi signal.

The current triggers are as follows:

  • NFC
  • Bluetooth
  • WiFi
  • Battery level
  • Location
  • Time triggers

And here are a few examples of the actions that you can perform:

  • Change WiFi, Bluetooth, mobile hotspot, airplane mode, auto-sync, GPS (root users) and mobile data settings.
  • Change your volume or notification tones.
  • Change your display brightness, timeout, auto-rotation or notification light settings.
  • Check in on social media like Foursquare or Google Places.
  • Send messages using Twitter, SMS, email or Glympse.
  • Start or stop applications (root required for stopping applications), dock modes, open URLs, speak text or navigate to an address.
  • Set alarms or create calendar events.

There’s even more, but suffice to say this app allows you to easily program your device to do the actions you manually do regularly.

So go ahead and create your own combinations to automate your life. The only limit is what you can come up with!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Kids and Smartphones: How Old?

How old is old enough for a kid to have a smartphone? Right out of the gate, I’m saying 16, and I know there’ll be some backlash from that. Some will say it all depends on the kid; others will argue there’s no right answer. Here’s why children under the age of 16 should not have a mobile phone:

5W

Driving age: Somewhere along the line, someone said 16 is a good age to allow kids to drive. I think a car in anyone’s hands can be used as a weapon, and 16 is the earliest age that weapon should be handed over. A mobile is no different. In the wrong hands, a mobile can be deadly.

Bullying: We have seen way too many kids suffer from awful bullying as a result of other kids using mobile phones. The fact is, there is no emotion felt when bullying someone virtually—meaning the perpetrator can say anything and not see the harm he is bringing to the victim. At least at 16, kids have developed a better sense of empathy and a little more self-confidence.

Pornography: Anything and everything one can imagine in photo and video is available online—more than anyone under the age of 20 can handle and definitely more than a 15-year-old can process. There just way too much information for their young minds to consume.

Fraud: Kids say and post way too much information about their lives that can put themselves and families at risk. They give out emails, phone numbers, home addresses, financial information…you name it.

Personal security: Kids are being targeted by adults online. I recently did a segment on Fox in which a 25-year-old man posing as an 18-year old connected with 13- and 14-year old-girls. Let’s just say it didn’t end well. Oh, and that reminds me: the minimum age for social media should be 16, too.

What about keeping in touch? Get them a feature phone and no texting. Sorry. I’m a dad. You can feel bad for my kids. I didn’t have a smartphone at 15; they’ll be fine.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Why mobile security is a must

Smartphone use continues to increase. More than one third of Americans have dropped landlines and only use mobiles. It is very possible that within the next 10 years, the landline will be obsolete and we will all be wireless.

And when there’s a major transition in technology, the newness of it all creates a perfect storm for scammers to attack the new systems. Hackers are creating scams and viruses that are designed to spy on and collect our data the same way it’s done on a PC. (Keep in mind that what makes smartphones smart is the fact they are nothing less than small computers with the same power and reach as desktops or laptops. The only difference is they fit in your pocket.)

It is as essential to protect your mobile as it is to protect your PC. You need to make sure you protect yourself, as our mobile devices are our most personal of personal computers. Here are some things you should do to protect yourself:

  • Use a PIN code and set it to lock your device after one minute.
  • Download apps only from reputable app stores, and review the app permissions to make sure the app isn’t sharing more information than you’d prefer.
  • Don’t store sensitive information on your phone, like user names and passwords, and log out of apps that provide access to personal information.
  • If you use online banking and shopping sites, always log out and de-select any options to keep you logged in or your password saved.
  • Don’t access critical websites sites when using free WiFi connections unless you are using a virtual private network (VPN) application.
  • Review your mobile carrier accounts and app store accounts to check for any suspicious charges. If you do see charges you have not made, contact your service provider and credit card provider immediately.
  • Never respond to text, email or voicemail messages with personal information like credit card numbers or passwords.
  • Never click on a link in an email, text, social networking site or message from someone you do not know (or, in some cases, someone who poses as someone you know).

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.