How to: use your smartphone without leaving a trace

Cover up your digital footprints.

 

By David Nield of Popular Science

Every time you grab your phone to participate in a group chat, watch a YouTube video, or search the internet, you leave a digital trail of activity. This footprint can compromise your privacy the next time a friend borrows your device. It also puts your personal information at risk should your phone fall into really unscrupulous hands.

In this guide, we’ll explain how you can prevent your device from logging and storing data where other people can easily stumble across it. We will focus on cleaning up your phone’s local storage, as opposed to limiting the information that apps send to the cloud.

Go incognito

The web browser on your phone, like the one on your computer, offers a data-limiting incognito or private mode. When you open a session in this mode, the app will forget the pages you visit and the keywords you search as soon as you close the window.

However, private browsing doesn’t make you invisible. For instance, if you log into Facebook’s web portal in incognito mode, the social network will record your activity. Your internet service provider (ISP), will also see your browsing, and it may log your online behavior as well.

To hide your browsing from your ISP, you’ll need to rely on a Virtual Private Network (VPN) (more on that in this roundup of security gadgets and apps). But if you simply aim to clean up the record left on your phone’s local storage, then this mode tidies up after itself very effectively.

The process for using this mode will depend on the browser app you prefer. For example, to launch incognito mode with Chrome, tap the Menu button (three dots) on the top right of the page and choose New incognito tab. If you forget to browse incognito, you can still clear your saved data. Just hit Menu > Settings > Privacy > Clear browsing data.

ForiPhone users who rely on Safari, tap the Show pages icon (two squares) on the bottom right of the screen and choose Private. Now, when you tap the Plus button to open a new window, it will be an incognito one. To erase data collected outside of private mode, open the Settings app and select Safari > Clear History and Website Data.

Erase messages

Unless you use a chat app with self-destructing messages, it will keep records of your conversations. Of course, most people like to check back on their old communications, but you don’t need to preserve every moment of a years-long thread. You can delete these old conversations manually, or try a less time-consuming option: Automatically erase chat history after a set period of time has elapsed.

On iOS, open the Settings app, go to Messages > Keep Messages, and set messages to automatically disappear after 30 days. Within the app itself, you can manually erase conversations from the front screen: Swipe left on the thread and then tap the Delete button.

Unfortunately, not all chat apps offer this auto-expunge function. To leave no trace of conversations on your phone, you may have to turn to manual deletion. This may be time-consuming, but it isn’t difficult. For example, in Android’s default SMS app, Messages, you delete a conversation by long-pressing on it and then tapping the Trash icon on the top right of the screen.

Some apps make it easier to purge your entire history all at once. In the case of WhatsApp, open the app and head to Settings > Chats > Chat history > Delete all chats. Then make a note to regularly check back and re-erase your latest messages.

Another solution is to only send the aforementioned self-destructing messages. Apps with this option include Telegram Messenger, Facebook Messenger, and Snapchat. For more information, check out our guide to self-destructing message apps.

Limit app logging

Each of the apps on your phone will take a slightly different approach to logging your activities. Some of them let you avoid their gaze by using incognito mode, while others will stop tracking you if you ask.

For example, the Android version of YouTube (this is not yet available in the iOS version) just added an incognito mode, which doesn’t track the videos you watch. To activate this mode, open the app, tap your avatar on the top right of the screen, and pick Turn on Incognito.

On the other hand, Google Maps will track your location by default, which lets it accumulate a lot of data about your real-world movements. To stop it, head to the settings: Launch the app, tap the Menu button (three lines) on the top left of the screen, and hit Settings (on Android) or the cog icon (on iOS). Within the settings, select Personal content and turn off the location history feature.

There are millions of apps on the market, with no hard and fast rules about how to keep them from recording your behavior. But in general, a good first step is to check for the aforementioned settings—incognito mode and stopping tracking.

If you don’t find these options, you’ll have to clear your activity manually. This process will vary depending on your operating system.

In Android, open Settings > Apps & notifications, pick an app from the list, and hit Storage > Clear storage. This wipes all the data that the app has stored locally. Afterward, the app will behave as if you’ve installed it from scratch, so you’ll need to log in again, set up your preferences, and so on.

On iOS, you won’t find an identical option, but you can achieve the same effect by uninstalling and reinstalling an app. Open the Settings app, tap General > iPhone Storage, and select one of your apps. Then choose Delete App to wipe all of its data. Finally, re-install the program from the App Store.

It’s not very practical to do this for all of your apps every day. But you might choose to run a manual clean-up at set intervals (say once a month), before you go traveling, or whenever you want to make a fresh start.

Delete search history

Many mobile apps store data locally and in the cloud, so they can sync your information to other devices. That means, to clear search logs from your phone, you’ll have to wipe the records across multiple platforms.

For example, your Google account will store the history of searches you’ve run from your Android phone. To wipe these records, you actually have to access them from the web. Open your browser and head to your Google activity history page. Click the Menu button (three lines) on the top left, then Delete activity by. Set the time span and content type—to erase everything, those should be All time and Search, respectively—and click Delete. This will wipe your search history across all the Google-linked products you use, including Android and the Google search engine.

On iOS, you won’t find a comparable activity cleaner. However, you can prevent Spotlight from betraying your past searches by displaying them as suggestions. To turn off this feature, head to the Settings app, tap Siri & Search, and toggle off the Suggestions in Search switch. Now, when you lend your phone to your mother to look something up, she won’t see all your past search terms.

 

How do you cover your tracks on your smartphone? Share your workflow in the comments below!

Weekly Round Up 6/15/18

 

Um, anything more sophisticated than the Self-Check out lines in Walmart will be hard for the American Public to master, guys.
No more grocery checkout lines: Microsoft may rival Amazon with tech that cuts out the cashier

 

Well, if nothing else is working….
Using tech to stop phone-wielding drivers

 

We don’t hear enough good things about Tech these days….
6 ways tracking tech is changing the world for the better

Whatever happened to just going to camp and being a kid?
NDSU summer tech camp designed to encourage young girls to pursue a career in technology

My favorite story of the week…
Apple closing tech loophole police use to crack iPhones

Please God, No. Make it Stop.
Drone swarms are the new fireworks lighting up China’s skies

 

Trump will never be able to wrap his tiny, barely used brain around this….
The Guy Who Created Oculus Has Now Made Surveillance Tech That Acts As A Virtual Border Wall

Literally what they do best….
Apple Shuns the Tech Industry’s Apology Tour

Tales From the Orchard: Apple Just Made Safari the Good Privacy Browser

 

By Lily Hay Newman of Wired.com

APPLE ANNOUNCED A slew of new software features at its Worldwide Developers Conference on Monday, including an augmented reality upgrade and animojis that can stick out their tongues when you do. But the company’s latest desktop and mobile operating systems contain a more subtle, yet more radical, innovation. The newest version of Apple’s Safari browser will push back hard against the ad-tracking methods and device fingerprinting techniques that marketers and data brokers use to monitor web users as they browse. Starting with Facebook.

The next version of Safari will explicitly prompt you when a website tries to access your cookies or other data, and let you decide whether to allow it, a welcome step toward explicit choices about online tracking. Safari will also make a dent in defeating the so-called “fingerprinting” approach, in which marketers use publicly accessible information about devices—like the way they’re configured, the fonts they have installed, and the plug-ins they run—to assign them an individual, trackable ID. In macOS Mojave and iOS 12, Safari will scrub much of this data, exposing only generic configuration information and default fonts. The browser will also stop supporting legacy plugins. The idea is to make your Mac indistinguishable from millions of others, muting the fingerprinting effect.

“Data companies are clever and relentless,” Craig Federighi, Apple’s senior vice president of software engineering, said on Monday, explaining why Apple pushed to add these features. The company calls the set of tools “Intelligent Tracking Prevention 2.0,” and they feature WebKit changes, like eliminating a 24-hour grace period that gave trackers a day of cookie access.

The new version of Safari will also help improve password hygiene by offering to generate, autofill, and store strong passwords. It’s a well-intentioned approach, although one that can be problematic depending on how it’s deployed. The browser will now also audit password reuse to try to discourage people from using the same password for multiple services—a crucial way consumers can reduce their risk of being impacted by data breaches.

The antitracking features continue Apple’s assault on ad tech; last year’s Safari update prevented video and audio from autoplaying, and the then-nascent Intelligent Tracking Prevention Webkit tool worked to identify and block tracking cookies. This year’s updates, though, take things a step further by significantly expanding the tracking techniques Safari can block or warn users about.

Apple’s not the only company to toughen up its browser against privacy and security menaces. As with Chrome’s Do Not Track mechanism, Apple seems to have based some of the new Safari protections on research from Mozilla, which offers its own protections in the Firefox browser. In February, Chrome also started offering native ad-blocking measures to bring more comprehensive protections to users based on standards from the Coalition for Better Ads. There are also browser plugins like Ghostery, Privacy Badger, and Adblock Plus to help stymie various tracking techniques. But Apple’s efforts in Mojave and iOS 12 appear to be the most prominent and comprehensive yet.

Though the new privacy mechanisms will potentially hinder all sorts of tracking, Apple specifically called out Facebook’s massive ad network—which is known for employing an array of user tracking strategies, like its ubiquitous “Like” buttons. In one of the slides depicting an example of how Intelligent Tracking Prevention 2.0 will work, Apple’s Federighi showed a Safari page open to Facebook with a popup notification reading “Do you want to allow ‘facebook.com’ to use cookies and website data while browsing ‘blabbermouth.net’? This will allow ‘facebook.com’ to track your activity.”

Facebook did not immediately respond to a request from WIRED for comment, and the platform is certainly not the only large ad network incorporating these techniques. But it’s a prominent player that has received extensive criticism for letting a variety of user data tracking tools run rampant. The company’s chief information security officer Alex Stamos noted on Twitter that it doesn’t seem like the new Safari will block tracking pixels or Javascript components, which are notorious for being exploitable as trackers or by bad actors for malicious activity.
Stamos seemed more focused on blasting Apple’s attempt to single Facebook out, but it’s true that this generation of Intelligent Tracking Prevention will inevitably have limitations. It’s difficult to fully block online tracking methods without also eroding website usability, and different privacy initiatives have approached dealing with this conflict in different ways.

“The consent popups will be a big deal to people. It’s more visual so you know that they are attempting to track you versus it just happening in the background silently,” says Will Strafach, an iOS security researcher and the president of Sudo Security Group. “I guess the real test will be how well these measures work and how advertisers and trackers will react.”

Google and Firefox already offer plenty of solid ad-blocking and antitracking mechanisms, and offer a host of other features that may make them more desirable than Apple’s browser. But if privacy matters most to you, it might be time to give Safari a try.

What’s your preferred browser or method for protecting your privavy online? Sound off in the comments below!

WIT: Helen Dixon-New Privacy Rules Could Make This Woman One of Tech’s Most Important Regulators

With Europe’s sweeping new data privacy law, Ireland is in the middle of a standoff between regulators and tech companies.

By Adam Satariano of the NYTimes

DUBLIN — If Mark Zuckerberg doesn’t know who Helen Dixon is, he will soon.
From an unassuming townhouse in the Irish capital, Ms. Dixon, the country’s data protection commissioner, leads an agency that was once a bureaucratic backwater. Employees share offices and have few of the perks available in Facebook’s building nearby: The main free amenities here are water, coffee and tea.

Yet Ms. Dixon will soon gain vast new authority to investigate and fine Facebook, as well as an array of other technology giants with regional headquarters in Ireland. Amid increased concerns over online privacy, a sweeping new European privacy law could make her one of the world’s most consequential regulators.
She is eager to test her newfound power. But the question remains whether her tiny agency is able — or willing — to stand up to tech behemoths of Silicon Valley.

“There’s a wave coming toward us that we need to push back against,” Ms. Dixon, who spent the first 10 years of her career working for tech companies, said in an interview.

Europe’s new General Data Protection Regulation is seen by experts as the world’s most aggressive set of internet privacy rules. It is expected to come into force on May 25, and it will give more than 500 million people living in the European Union the right to keep companies from collecting personal data, or to have it deleted. Regulators like Ms. Dixon will be able to fine companies up to 4 percent of global revenue — equivalent to about $1.6 billion for Facebook.

The privacy law highlights broader skepticism of Silicon Valley in Europe, where regulators have punished companies for violating tax and antitrust laws, not doing enough to stop the spread of hate speech and misinformation online, and intrusively gobbling up data on consumers.

Ireland in particular is taking center stage in the wide-ranging battle. The country is the European headquarters for data-hungry companies including Airbnb, Apple, Facebook, Google, Twitter and Microsoft, which owns LinkedIn.

If companies do not comply with the law, Ms. Dixon said, “they will suffer consequences.”

But for all the tough talk, the reality is that her agency subsists on an annual budget of 7.5 million euros, equivalent to $9 million. That’s roughly as much revenue as the companies she oversees generate over all in 10 minutes. Facebook, which also owns WhatsApp and Instagram, has hundreds of people globally working on data protection regulation alone, including lawyers and privacy experts hired in Dublin.

The data protection office was once an afterthought. During an effort by the Irish government to move less-critical agencies out of Dublin, it was relocated in 2006 50 miles west to a town called Portarlington, population 8,368. Its power was so limited that it could not publicize investigations.

Ms. Dixon, whose father was an army officer and mother a schoolteacher, grew up in a small town in central Ireland before moving to Dublin for university. She worked for companies including the business software firm Citrix Systems before moving into government. She later received a postgraduate diploma in computer science.
Fittingly for her current position, Ms. Dixon guards her privacy. She will not share her age, other than saying she is in her “40s,” and she has become more careful with data since taking the job. She does not use Facebook or Instagram (though she does have a LinkedIn profile).

Since taking over in 2014, Ms. Dixon has successfully lobbied for more funding and got the headquarters put back in Dublin. A move to a bigger office is in the works. She has hired lawyers, investigators and engineers. The staff will total 140 this year, up from 30 when she joined, with plans to reach 200 in the next few years, if budget increases are approved.

But if data privacy is truly a priority globally, Ms. Dixon said, more resources are needed. Her office is actually among the better funded privacy agencies globally, but is still a minnow compared with, say, Ireland’s financial services regulator, which has a budget about 40 times greater.

“The question for governments is, how much enforcement do we want to do, how seriously do we want to take the risk to our fundamental rights and freedoms in this area?” said Ms. Dixon, carrying a bound copy of the new law. “We need the funding and resources commensurate with the level of importance. This office would suggest it should be far more highly resourced.”

Budgetary constraints are not new to regulators overseeing powerful industries. But privacy groups worry that without strong oversight, the European rules, years in the making, will do little to crimp the power of Silicon Valley.

There is evidence those concerns are well founded. In a Reuters survey of privacy regulators in 24 European Union countries, 17 said they did not have the needed funding or legal powers to enforce data protection regulation. Ireland did not participate in the survey.

Ms. Dixon must also contend with skepticism among privacy advocates, stemming largely from Ireland’s history of lax oversight of the technology industry.

Her predecessors are faulted for not taking earlier action against Facebook, even when complaints were filed years ago about data-mining practices similar to those eventually used by the political consulting firm Cambridge Analytica. The European Commission in 2016 also ordered Ireland to recoup about $15.6 billion in unpaid taxes from Apple. (The decision is being appealed.)

“The culture has to be changed,” said Max Schrems, a Austria-based lawyer and online privacy advocate who filed the earlier complaints against Facebook. “You can have the best law, but if nobody enforces it, then you’re not going to go anywhere.”

Advocates of the new law say it is already having a positive impact and that oversight is spread out. A new European Data Protection Board will help coordinate investigations and pool resources across European Union countries, giving regulators outside Ireland the ability to bring action. The data protection regulation also allows private groups to recruit consumers into class-action-style complaints — not as common in Europe as the United States — that could result in sizable damages against businesses.

A looming question, however, is how much people really care. Ms. Dixon cited Facebook’s most recent financial report, which showed growing user numbers, revenue and profit, despite the Cambridge Analytica scandal.

“We should be acting as data protection authorities in the name of data subjects, but you often as a regulator in this space have the feeling that you’re not mandated by the general public,” she said. “Either they don’t care or they actively oppose what we’re doing.”

Representatives from the technology industry have made regular visits to the converted 18th-century Georgian home used by Ms. Dixon’s team. Aware that a public backlash is putting pressure on regulators to rein in Silicon Valley, Facebook and others have been courting Ms. Dixon, putting forward their case that their data protection policies comply with the new European law.

“We’ve really leapt into explaining what we’ve done and the thinking that’s gone into that,” said Stephen Deadman, Facebook’s global deputy chief privacy officer. “I’ve got faith and confidence that the way Helen Dixon’s office will perform its function will be true to the spirit and requirements of G.D.P.R., rather than being blown around by whatever is happening in the media.”

Google and Twitter declined to comment.

Even with limited resources, Ms. Dixon is studying her adversaries.

When Mr. Zuckerberg testified before Congress last month, she stayed up late at home despite the time difference to watch as the Facebook chief executive answered questions.

Asked if she had a message for him and other tech executives, she said they should expect her to use her new powers “to the fullest.”

How to: reboot your router following urgent FBI warning about viruses.

Hundreds of thousands of Routers could be infected.

 

By Daniel Paez of Inverse.com

Even if your internet is running smooth and speedy, you still need to restart your router. On May 25, the Federal Bureau of Investigation issued a public service announcement to everyone with a router in their home or office warning that an unidentified group of cybercriminals may have mounted a large-scale attack on networked devices across the globe.

The FBI advised people to reboot their routers to “temporarily disrupt” the malware that could be infecting your device. The government agency also recommended you make sure your device is fully updated, secured using a strong password, and is encrypted.

Here’s a breakdown of what the FBI said happened and how you can reboot or reset your router, just in case your network was compromised.

 

In its warning, the FBI said that the agency didn’t yet know how or where the initial infections began, but the scope of that attack has grown significantly. Hundreds of thousands of home and office routers have been infected with malware known as VPNFilter.

“The actors used VPNFilter malware to target small office and home office routers,” stated the announcement. “The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.”

Cybersecurity firm Symantec recently published a list of devices that are known to be more vulnerable to this type of attack. It went on to say that most of the devices that are targeted are known to use default passwords or have not been updated to the latest version of its firmware.

If you’ve ever had problems connecting to the internet and have called tech support, the person on the other end of the line likely had you unplug your router. Rebooting — or power-cycling — your router gives it a fresh start and is generally one of the first steps recommended when troubleshooting your network device.

The FBI states power-cycling could interrupt VPNFilter, though Symantec states that this type of attack can persist even after a reboot. If you own one of the devices that are known to be susceptible to VPNFilter, you might want to reset your router to factory settings. This will require you to set up your WiFi all over again, but better safe than sorry.

 

How to Reset Your Router to Factory Settings

  • Rebooting: Unplug your router from its power outlet, don’t just turn it off. Wait about thirty seconds before plugging it back in. Finally, give the device a couple of minutes to turn back on.
  • Reset: You’ll find a small button on the back of your device that is labeled “Reset.” Holding this down will remove all customizations including passwords, usernames, and security keys, effectively wiping everything other than the latest version of firmware from the device. This will restore your router to its factory settings. From there you’ll need to follow your router’s set up instructions or call your internet service provider for assistance to get back online.

 

How do you feel about the FBI’s warning? Do you have tips on protecting your router and home network? Sound off in the comments below!

App of the Week: DuckDuckPro

A Year of DuckDuckGo – a review

 

By Tom Wood of designwithtom.com

I’ve been using DuckDuckGo as my default search engine instead of Google for about 12 months. This is why I could never go back.

1. Privacy

The main reason I switched over in the first place was a privacy concern. Spawned from a talk by the irrepressible Aral Balkan, the notion of corporatocracy was first lodged in my brain. Google weren’t just storing all my search history, but they were using it for all manner of things except for the one thing they assured me it was for; improving my searching.

With a Privacy Policy written in clear English, DuckDuckGo are all about you.

2. Quality of Search

Using Google you’re subject to what is known as the filter bubble. The filter bubble is where your search results are conditioned by the history of your previous searches. That means that different results are shown to different people. Not everyone who searches for Donald Trump (or guns) sees the same thing.

There is no filter bubble on DuckDuckGo. The ability to switch which local region you’re searching in gives you more options and ultimately, a truer search.

3. Design

Look at it. Look how clean it is! Don’t like how it looks, then head straight to part 4!

Lose the visual clutter of Google, and the mismatching styles and enter some gentle alignment and you get DuckDuckGo. Search for a topic like Airbnb and you’ll get a tidy summary (from Wikipedia of course) at the top of the page, and some genuinely related links to the right. All of this in your search results.

Search for an HTML snippet like <td>, and you’ll get an HTML table in correct syntax ready for you to copy and paste. Occasionally a StackOverflow answer will even appear up there!

4. Customization

So you don’t like how it looks and you prefer Google. Why?! Only joking.

You can change how DuckDuckGo both looks and behaves. You can change the default ProximaNova font to Helvetica Neue, or the colour to pink. You can change the way links open, or stop the favicons from displaying. You can truly cater it to your tastes.

5. Instant Search

You know how Google can give you the results to basic arithmetic, or tell you the weather without having to leave your search results? Well DuckDuckGo have been doing that for longer, and arguably, they do it better.

The weather is supplied by the wonderful and gorgeous Forecast.io (now renamed DarkSky), the clean strokes and bold lines are a breath of fresh air.

But perhaps the cleverest thing, is DuckDuckGo’s ability to play a song from within the search results. Try it. You can play a Soundcloud tune without ever having to leave your search results.

Oh, and if you search for “Stopwatch” you get (you guessed it) a working stopwatch.

6. !bangs

Bangs are the most useful part of DuckDuckGo. A bang is when you type an “!” followed by a letter, and then type your search query to instantly search on another site. Directly. Use wikipedia right from DuckDuckGo; “!w trainspotting”, or thousands of other sites.

You can use it to search Google if you need to, !g or !guk or even !maps. It’s such an intuitive way of searching. Visit DuckDuckGo for the full list (or submit your own)

It’ll work with !wikipedia, or !stackoverflow, !verge, and so on and so on (9,088 at the time of writing. Wow).

But the best part? DuckDuckGo does all of this anonymously, and if you don’t know why that’s a big deal (or if you don’t care) then I implore you to watch Aral’s talk below.

 

Download DuckDuckGo for iOS here
Download DuckDuckGo for Android here

 

Do you have a favorite browser you use for security? Tell us about it in the comments below!

Tips & Tricks: You’re Not Using a VPN? Bad Idea

A PCMag survey demonstrates that most people are aware of the privacy risks on the internet, but most aren’t doing anything about them.

By Max Eddy of PCMag.com

In the past few years, PCMag has seen VPN services go from being fringe security utilities to red-hot, must-have cyber accessory.

The popularity (and necessity) of the once-lowly VPN is certainly due to the ever-growing legal and technological challenges to individual privacy. Virtual private networks are a tool whose time has clearly come. That’s why it’s so surprising that a poll conducted by PCMag found that, despite understanding the threats to their privacy, the vast majority of respondents don’t use VPNs and never have.

Unsecured Traffic

 

Of the 1,000 people polled by PCMag between Feb. 7-9, 71 percent have never used a VPN.

That struck me for two reasons. First of all, the search volume we receive at PCMag for VPN-related articles is enormous. Second, many companies require the use of a corporate VPN when working remotely. That might explain why 15 percent had used a VPN in the past, but don’t currently log on.

Most people, I assumed, would have crossed paths with a VPN at some point. And yet, the vast majority of respondents not only do not currently use a VPN, they have never laid hands on one.

New (and Old) Threats to Privacy

What’s interesting about the recent interest in VPNs is that it hasn’t been tied to a single issue, but rather an avalanche of privacy and security concerns. An awful lot has happened in the last few years, the answer to which has often been “use a VPN.”
One of the first news items that seemed to spur VPN adoption was the decision by Congress to allow internet service providers (ISPs) to sell anonymized user data.

That’s reflected in our survey data, where 25 percent of respondents (correctly) identified ISPs as the biggest threat to their individual privacy.

In our survey, 24 percent of respondents also listed Facebook as a threat to their privacy. This was despite the fact that our survey was in the field back in February, before the Cambridge Analytica scandal raised nascent privacy concerns about the social network to a new level. I imagine that if we ran the same survey now, even more consumers would be concerned about Facebook, and rightly so.

Admittedly, a VPN won’t do much when it comes to the kind of surveillance carried out by Facebook, but it’s still spooky to learn that the company is even tracking users who don’t have Facebook accounts.

These issues haven’t been limited to the US. Russia and China have introduced new rules that make it much harder for VPNs to operate within those countries. Furthermore, Russia recently banned popular encrypted messaging app Telegram, reportedly driving more users to adopt VPNs.

Another threat reflected in the survey is the dangers in using public Wi-Fi networks. There’s no way to know that the network labeled “Starbucks_Wifi” is legit and not a network created for the express purpose of nabbing people’s personal information. Fortunately, 43 percent of respondents said the main reason they would use a VPN was to access public Wi-Fi.

And then there’s net neutrality. Many hoped that the ongoing fight to ensure that ISPs must treat all web traffic equally in terms of speed and accessibility would end with updated FCC rules during the Obama administration. Unfortunately, a new FCC chairman decided (incorrectly) that these rules were unnecessary and successfully dismantled them.

This is where our numbers seem a bit out of step with reality, as we found that 55 percent of respondents who agreed with the concept of net neutrality had never used a VPN. Although 46 percent said they supported it, 32 percent didn’t know what it was. That’s disappointing on its own.

Is Privacy Dead?

Also disheartening were the responses about voluntarily surrendering personal information.

A dismal 62 percent of respondents said they’d willingly hand over personal information for free Wi-Fi. Another 23 percent said they would hand over personal info for exclusive content on video streaming platforms, and 13 percent said they’d do it for exclusive content in video games.

A staggering 7 percent said they would surrender personal info for free adult content. I find this particularly mind blowing, as there is not (last I checked) a dearth of free porn on the internet.

That said, a key caveat of this particular set of questions was the phrase “willingly.” Too often, people aren’t aware of the information they’re giving up in exchange for a free mobile app or what companies can see when they share a post on Facebook. If we’re going to use our personal information as currency, it’s better that we make those transactions willingly.

You Should Definitely Use a VPN

In all my writing about VPNs, I’ve tried to stress their limitations. They won’t make you truly anonymous online (you need Tor for that), and there’s a risk anytime you use a for-profit company for security (you can roll your own VPN with Outline, but I digress).

Many of you have concerns about using VPNs in general, such as what kind of impact a VPN will have on internet speeds (37 percent), whether or not it will work with a particular online service (15 percent), and if it can be used to access Netflix (28 percent). Those are legitimate concerns, and ones that have only been partially solved by VPN companies.

But the last few years have shown that an economy based around gathering user data has real consequences. Between data breaches, foreign election influence, and the sheer volume of data being gathered by seemingly innocuous services, it’s never been more urgent to take control of our privacy online. A VPN won’t solve all those issues, but it’s a start and one that only 29 percent of you have so far used.

 

Do you use a VPN for your personal network? Sound off in the comments below!

Tales from the Orchard:Apple’s iOS 11.4 update with ‘USB Restricted Mode’ may defeat tools like GrayKey

The iOS 11.4 beta contains a new feature called USB Restricted Mode, designed to defeat physical data access by third parties — possibly with forensic firms like Grayshift and Cellebrite in mind.

 

“To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via Lightning connector to the device while unlocked — or enter your device passcode while connected — at least once a week,” reads Apple documentation highlighted by security firm ElcomSoft. The feature actually made an appearance in iOS 11.3 betas, but like AirPlay 2 was removed from the finished code.

The change blocks use of the Lightning port for anything but charging if a device is left untouched for seven days. An iPhone or iPad will even refuse to sync with computer running iTunes until iOS is unlocked with a passcode.

USB Restricted Mode may be intended to impose a seven-day window on when digital forensics specialists like Grayshift can break into a device, at least using any simple techniques. Those firms will often employ a “lockdown” record from a suspect’s computer to create a local backup of iPhone data, skipping passcode entry.

iOS 11 already has some restrictions on lockdown records, namely automatic expiration, and full-disk encryption that renders them useless if a device is rebooted. The 11.3 update shrank the life of iTunes pairing records to seven days.

ElcomSoft suggested that connecting a device to a paired accessory or computer could extend the Restricted Mode window, and centrally-managed hardware may already have that mode disabled.

“If the phone was seized while it was still powered on, and kept powered on in the meanwhile, than the chance of successfully connecting the phone to a computer for the purpose of making a local backup will depend on whether or not the expert has access to a non-expired lockdown file (pairing record),” ElcomSoft elaborated. “If, however, the phone is delivered in a powered-off state, and the passcode is not known, the chance of successful extraction is slim at best.”

The exact details of the hacking techniques used by Cellebrite and Grayshift’s GrayKey have been kept secret, so it’s possible they may still work after iOS 11.4 is released. The companies could however resort to more extreme methods to get at data, such as removing the flash memory from the devices, copying them, and using the copies to attack the password.

 

What do think of Apple’s move to thwart hackers and the FBI? Sound off in the comments below!

How to: Hide Files on Any Phone or Computer

 

 

 

By David Nield of Gizmodo

If you’ve got something you want to hide away, then you’ve got plenty of options on Android, iOS, Windows, and macOS—options that we’ll run through here. Even if the kids or a stranger should get access to your devices somehow, these files will stay hidden from view and locked away.

Before we get started, though, we should note that while the solutions below will provide a measure of privacy from a casual user who nabs your device, they aren’t all necessarily going to protect your files from a hacker or someone else with expertise.

 

Android

When it comes to files on mobile devices, those files are usually photos or videos—your other files are likely to be stored in the cloud, not on your device. To hide an image in Google Photos for Android, long-press on it then tap the menu button (three vertical dots) and pick Archive. The photo can still be dug out of the archive, but it does give your sensitive photos some level of protection from the casual browser.

If you’re on a Samsung phone, the default gallery app does a bit of a better job at keeping any photos or videos you want private kept safe. Select the photos and videos you want to hide, tap the menu button (three vertical dots), then pick Move to Secure Folder—enter the folder PIN, and the content gets moved over. No one else can get into that Secure Folder without the PIN.

For something a bit more comprehensive, try Keepsafe: It creates a PIN-protected digital vault on your phone for those photos and videos that you really don’t want other people coming across. Getting files into the vault is easy, or you can take your photos and videos from inside Keepsafe instead.

Also worthy of a mention is Vaulty, which works in a similar way but makes the process of getting photos and videos in and out of your digital locker even easier. Remember that if you’re using Google Photos as your gallery, you’ll still need to delete the originals, otherwise they’ll just get shown from the cloud (which the likes of Keepsafe and Vaulty don’t touch).

File Hide Expert covers any type of file and is very straightforward to use—it simply gives you access to the file and folder structure on your phone, lets you select the content you want hidden, and then hides it. The interface is rather rudimentary, but if you want something basic that works for any type of file, it’s a good option.

There is actually another trick you can use on Android using a file manager like ES File Explorer: Put an empty text file called .nomedia inside any folder with images you don’t want to show up in the default gallery app (though they’ll still appear in the file manager). In fact Android will ignore any folder that starts with a period. It’s a rather fiddly solution, but it might suit some of you.

IOS

The iOS file system is even more locked down than Android of course, so you’re unlikely to have files floating around that you don’t want people to see that aren’t photos or videos. There is the new Files app, that shows your iCloud Drive files (if you’ve got any), but there are no options for hiding files here.

You can however hide photos and videos from the iOS Photos app to keep them away from prying eyes that aren’t yours: Open the file in question, tap the Share button (bottom left), then choose Hide. That removes the photo or video from Moments, Years, and Collections, though someone could still browse to the Hidden album in the Albums section of the app, so it’s not all that secure.

We’ve already spoken about hiding photos and videos in Google Photos, and the process is the same for Google Photos for iOS. Tap and hold on one or more files, tap the menu button (three horizontal dots), and choose Archive. This hides the pictures or clips from the front screen of the app, though they can still be found from the Archive entry in the menu (and still show up in albums and search).

One other option is to put photos inside Notes (though this doesn’t work for videos). First you need to set up a password in the Notes section of the iOS Settings app, then you can open any note, tap the Share button (top right) and choose Lock Note. You’ll also need to remove the photo you’ve added from the main Photos app.

If you need to hide files from specific apps, your best bet is looking inside that app to see what options are available. Dropbox, for example, can be passcode protected from its internal settings screen: Tap Account then the cog icon, and choose Passcode Lock to prevent anyone from getting into your files.

We’ve come across a number of handy third-party options too, including Private Photos Calculator and Private Photo Vault, which protect your sensitive snaps and clips with a PIN code. You can capture photos and videos inside the apps, or import them from the Camera Roll, but if you take the latter option you also need to them delete the pictures from the iOS Photos app.

Windows

Windows has a file hiding tool built right into it, as you might already know: Right-click on any file or folder, choose Properties, then tick the box marked Hidden and click OK. That’s it—your chosen file or folder is no longer visible in File Explorer.

Unless the person who’s gained access to your computer is clever enough to display hidden files, that is. The setting can be toggled right from the View tab of the ribbon menu—the Hidden items entry on the right. You can set files and folders to be hidden from this menu too, via the Hide selected items button.

If you think that’s enough protection to foil any would-be lurkers—that they won’t know Windows well enough to display hidden files—then you’re already all set. On the other hand, if you want to take your hiding file techniques to the next level, you’ll need some help from a third-party app, and there are quite a few to pick from.

Of the ones we’ve tested, Wise Folder Hider Free impressed us the most with its ease-of-use and feature set. You can just drag and drop folders on top of the program interface, and they disappear from File Explorer as if by magic. A password is then required to get into the application. If you want encryption as well, you can upgrade to the Pro version for $19.95.

We were also impressed by My Lockbox, which is also available in free and Pro versions (the latter lets you protect an unlimited number of folders). Again, one password protects access to the program, and it’s perfect for just hiding a single folder away rather than a bunch of files or folders.

Another option is to wrap up all the files you want to hide away in a compressed archive, and then put a password on that archive that blocks unauthorized access. 7-Zip is one free tool that can do this for you, though someone else could still see and delete the archive unless you added one of the hiding options we mentioned above.

MacOS

When it comes to Mac computers, the cleanest and simplest native option is to use the Terminal app, which you can launch from Spotlight (Cmd+Space). Type “chflags hidden file-or-folder-path” then Enter to hide something, and “chflags nohidden file-or-folder-path” and Enter to bring it back. If you like you can type out the command then drag and drop a file or folder into the Terminal window before hitting Enter (just remember the path so you can bring it back).

Various third-party options will take care of the task for you as well. Hide Folders does exactly what it says on the tin, and you simply drag and drop in files and folders from Finder and then click the Hide button. Anyone who launches Hide Folders can see what you’ve hidden though, so you might want to add password protection, which is a $20 upgrade for the Pro version.

Secret Folder does almost exactly the same job, though the interface is a little cleaner and easier on the eyes. Again, you can simply drag and drop folders into the program window to hide them, then toggle the Invisible/Visible switch accordingly. The application costs $20, but a free trial is available.

Hider is a more comprehensive solution that’s again is priced at $20 and again lets you give the software a trial run for free. In addition to hiding selected files and folders, your data is also encrypted, and you’ve got some useful extras thrown in as well (like support for external hard drives). Files can be shown or hidden using simple toggle switches, with everything protected by a master password.

If it’s particular apps that you want to block, then Cisdem AppCrypt might fit the bill for you. You can specify apps (or websites) to password protect, so anyone who gains access to your Mac won’t be able to run programs containing information you don’t want seen. It costs $20 a year, with a free trial available.

Going back to photos, if all you want to do is hide images and video clips, you can use the same options (with the same caveats) as we talked about for iOS. From the Photos app, right-click on an image and choose Hide Photo. This removes it from the main photo stream, but considering the Hidden album is only a click away on the left-hand navigation pane, it’s not the most effective solution.

 

How do keep your private stuff private on your device(s)? Tell us in the comments below!

Weekly Round Up 4/13/18

 

 

Acting like an entitled douche bag didn’t help F*ckerberg’s case when he appeared in front of Congress this week, either.
Facebook is the least-trusted tech company by a country mile

This is some scary sh*t people…
I Downloaded the Information That Facebook Has on Me. Yikes.

Facebook is the front runner right now, but time will tell.
Apple, Google, Facebook, Amazon, Microsoft: Which Tech Giant Will Fall First?

Touche’
Here’s why tech companies abuse our data: because we let them

Maybe if they add more female leadership? Just a thought…
How to fix the big tech backlash? Build companies with purpose

Oracle gets it.
Tech Moves: Jenny Lam joins Oracle as design SVP; Starbucks engineering VP joins DefinedCrowd; and more

Here’s an idea…how about we celebrate these companies when they eliminate the pay gap altogether?
12 tech companies with the smallest pay gaps

I swear to God, if there is a way to milk money out of a fence post, these guys would probably do it.
Big tech companies think they can make a lot of money from the world’s unbanked

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: