Tag: Cybersecurity

How to: use your smartphone without leaving a trace

Cover up your digital footprints.

 

By David Nield of Popular Science

Every time you grab your phone to participate in a group chat, watch a YouTube video, or search the internet, you leave a digital trail of activity. This footprint can compromise your privacy the next time a friend borrows your device. It also puts your personal information at risk should your phone fall into really unscrupulous hands.

In this guide, we’ll explain how you can prevent your device from logging and storing data where other people can easily stumble across it. We will focus on cleaning up your phone’s local storage, as opposed to limiting the information that apps send to the cloud.

Go incognito

The web browser on your phone, like the one on your computer, offers a data-limiting incognito or private mode. When you open a session in this mode, the app will forget the pages you visit and the keywords you search as soon as you close the window.

However, private browsing doesn’t make you invisible. For instance, if you log into Facebook’s web portal in incognito mode, the social network will record your activity. Your internet service provider (ISP), will also see your browsing, and it may log your online behavior as well.

To hide your browsing from your ISP, you’ll need to rely on a Virtual Private Network (VPN) (more on that in this roundup of security gadgets and apps). But if you simply aim to clean up the record left on your phone’s local storage, then this mode tidies up after itself very effectively.

The process for using this mode will depend on the browser app you prefer. For example, to launch incognito mode with Chrome, tap the Menu button (three dots) on the top right of the page and choose New incognito tab. If you forget to browse incognito, you can still clear your saved data. Just hit Menu > Settings > Privacy > Clear browsing data.

ForiPhone users who rely on Safari, tap the Show pages icon (two squares) on the bottom right of the screen and choose Private. Now, when you tap the Plus button to open a new window, it will be an incognito one. To erase data collected outside of private mode, open the Settings app and select Safari > Clear History and Website Data.

Erase messages

Unless you use a chat app with self-destructing messages, it will keep records of your conversations. Of course, most people like to check back on their old communications, but you don’t need to preserve every moment of a years-long thread. You can delete these old conversations manually, or try a less time-consuming option: Automatically erase chat history after a set period of time has elapsed.

On iOS, open the Settings app, go to Messages > Keep Messages, and set messages to automatically disappear after 30 days. Within the app itself, you can manually erase conversations from the front screen: Swipe left on the thread and then tap the Delete button.

Unfortunately, not all chat apps offer this auto-expunge function. To leave no trace of conversations on your phone, you may have to turn to manual deletion. This may be time-consuming, but it isn’t difficult. For example, in Android’s default SMS app, Messages, you delete a conversation by long-pressing on it and then tapping the Trash icon on the top right of the screen.

Some apps make it easier to purge your entire history all at once. In the case of WhatsApp, open the app and head to Settings > Chats > Chat history > Delete all chats. Then make a note to regularly check back and re-erase your latest messages.

Another solution is to only send the aforementioned self-destructing messages. Apps with this option include Telegram Messenger, Facebook Messenger, and Snapchat. For more information, check out our guide to self-destructing message apps.

Limit app logging

Each of the apps on your phone will take a slightly different approach to logging your activities. Some of them let you avoid their gaze by using incognito mode, while others will stop tracking you if you ask.

For example, the Android version of YouTube (this is not yet available in the iOS version) just added an incognito mode, which doesn’t track the videos you watch. To activate this mode, open the app, tap your avatar on the top right of the screen, and pick Turn on Incognito.

On the other hand, Google Maps will track your location by default, which lets it accumulate a lot of data about your real-world movements. To stop it, head to the settings: Launch the app, tap the Menu button (three lines) on the top left of the screen, and hit Settings (on Android) or the cog icon (on iOS). Within the settings, select Personal content and turn off the location history feature.

There are millions of apps on the market, with no hard and fast rules about how to keep them from recording your behavior. But in general, a good first step is to check for the aforementioned settings—incognito mode and stopping tracking.

If you don’t find these options, you’ll have to clear your activity manually. This process will vary depending on your operating system.

In Android, open Settings > Apps & notifications, pick an app from the list, and hit Storage > Clear storage. This wipes all the data that the app has stored locally. Afterward, the app will behave as if you’ve installed it from scratch, so you’ll need to log in again, set up your preferences, and so on.

On iOS, you won’t find an identical option, but you can achieve the same effect by uninstalling and reinstalling an app. Open the Settings app, tap General > iPhone Storage, and select one of your apps. Then choose Delete App to wipe all of its data. Finally, re-install the program from the App Store.

It’s not very practical to do this for all of your apps every day. But you might choose to run a manual clean-up at set intervals (say once a month), before you go traveling, or whenever you want to make a fresh start.

Delete search history

Many mobile apps store data locally and in the cloud, so they can sync your information to other devices. That means, to clear search logs from your phone, you’ll have to wipe the records across multiple platforms.

For example, your Google account will store the history of searches you’ve run from your Android phone. To wipe these records, you actually have to access them from the web. Open your browser and head to your Google activity history page. Click the Menu button (three lines) on the top left, then Delete activity by. Set the time span and content type—to erase everything, those should be All time and Search, respectively—and click Delete. This will wipe your search history across all the Google-linked products you use, including Android and the Google search engine.

On iOS, you won’t find a comparable activity cleaner. However, you can prevent Spotlight from betraying your past searches by displaying them as suggestions. To turn off this feature, head to the Settings app, tap Siri & Search, and toggle off the Suggestions in Search switch. Now, when you lend your phone to your mother to look something up, she won’t see all your past search terms.

 

How do you cover your tracks on your smartphone? Share your workflow in the comments below!

1

Weekly Round Up 6/15/18

 

Um, anything more sophisticated than the Self-Check out lines in Walmart will be hard for the American Public to master, guys.
No more grocery checkout lines: Microsoft may rival Amazon with tech that cuts out the cashier

 

Well, if nothing else is working….
Using tech to stop phone-wielding drivers

 

We don’t hear enough good things about Tech these days….
6 ways tracking tech is changing the world for the better

Whatever happened to just going to camp and being a kid?
NDSU summer tech camp designed to encourage young girls to pursue a career in technology

My favorite story of the week…
Apple closing tech loophole police use to crack iPhones

Please God, No. Make it Stop.
Drone swarms are the new fireworks lighting up China’s skies

 

Trump will never be able to wrap his tiny, barely used brain around this….
The Guy Who Created Oculus Has Now Made Surveillance Tech That Acts As A Virtual Border Wall

Literally what they do best….
Apple Shuns the Tech Industry’s Apology Tour

0

How to: reboot your router following urgent FBI warning about viruses.

Hundreds of thousands of Routers could be infected.

 

By Daniel Paez of Inverse.com

Even if your internet is running smooth and speedy, you still need to restart your router. On May 25, the Federal Bureau of Investigation issued a public service announcement to everyone with a router in their home or office warning that an unidentified group of cybercriminals may have mounted a large-scale attack on networked devices across the globe.

The FBI advised people to reboot their routers to “temporarily disrupt” the malware that could be infecting your device. The government agency also recommended you make sure your device is fully updated, secured using a strong password, and is encrypted.

Here’s a breakdown of what the FBI said happened and how you can reboot or reset your router, just in case your network was compromised.

 

In its warning, the FBI said that the agency didn’t yet know how or where the initial infections began, but the scope of that attack has grown significantly. Hundreds of thousands of home and office routers have been infected with malware known as VPNFilter.

“The actors used VPNFilter malware to target small office and home office routers,” stated the announcement. “The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.”

Cybersecurity firm Symantec recently published a list of devices that are known to be more vulnerable to this type of attack. It went on to say that most of the devices that are targeted are known to use default passwords or have not been updated to the latest version of its firmware.

If you’ve ever had problems connecting to the internet and have called tech support, the person on the other end of the line likely had you unplug your router. Rebooting — or power-cycling — your router gives it a fresh start and is generally one of the first steps recommended when troubleshooting your network device.

The FBI states power-cycling could interrupt VPNFilter, though Symantec states that this type of attack can persist even after a reboot. If you own one of the devices that are known to be susceptible to VPNFilter, you might want to reset your router to factory settings. This will require you to set up your WiFi all over again, but better safe than sorry.

 

How to Reset Your Router to Factory Settings

  • Rebooting: Unplug your router from its power outlet, don’t just turn it off. Wait about thirty seconds before plugging it back in. Finally, give the device a couple of minutes to turn back on.
  • Reset: You’ll find a small button on the back of your device that is labeled “Reset.” Holding this down will remove all customizations including passwords, usernames, and security keys, effectively wiping everything other than the latest version of firmware from the device. This will restore your router to its factory settings. From there you’ll need to follow your router’s set up instructions or call your internet service provider for assistance to get back online.

 

How do you feel about the FBI’s warning? Do you have tips on protecting your router and home network? Sound off in the comments below!

0

Tales from the Orchard: Apple addresses iOS source code leak, says it appears to be tied to three-year-old software.

 

 

 

By Brian Heater of The Verge

Earlier this week, iOS source code showed up on GitHub, raising concerns that hackers could find a way to comb the material for vulnerabilities. Apple has confirmed with TechCrunch that the code appears to be real, but adds that it’s tied to old software. 

The material is gone now, courtesy of a DMCA notice Apple sent to GitHub, but the occurrence was certainly notable, given the tight grip the company traditionally has on such material. So, if the code was, indeed, what it purported to be, has the damage already been done?

Motherboard, which was among the first to note the code labeled “iBoot,” reached out to author Jonathan Levin, who confirmed that the code certainly looks real and called it “a huge deal.” While the available code appears to be pretty small, it could certainly offer some unique insight into how Apple works its magic.

“Old source code from three years ago appears to have been leaked,” the company said in a statement provided to TechCrunch, “but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”

Much of the security concern is mitigated by the fact that it appears to be tied to iOS 9, a version of the operating system released three-and-a-half years ago. Apple’s almost certainly tweaked significant portions of the available code since then, and the company’s own numbers show that a large majority of users (93-percent) are running iOS 10 or later. But could the commonalities offer enough insight to pose a serious potential threat to iPhone users?

Security researcher Will Strafach told TechCrunch that the code is compelling for the information it gives hackers into the inner workings of the boot loader. He added that Apple’s probably not thrilled with the leak due to intellectual property concerns (see: the DMCA request referenced above), but this information ultimately won’t have much if any impact on iPhone owners.

“In terms of end users, this doesn’t really mean anything positive or negative,” Strafach said in an email. “Apple does not use security through obscurity, so this does not contain anything risky, just an easier to read format for the boot loader code. It’s all cryptographically signed on end user devices, there is no way to really use any of the contents here maliciously or otherwise.”

In other words, Apple’s multi-layered approach to keeping iOS secure involves a lot more safeguards than what you’d see in a leak like this, however it may have made its way to GitHub. Of course, as Strafach correctly points out, the company’s still probably not thrilled about the optics around having had this information in the wild — if only for a short while.

Do you think this code leak warrants concern? Sound off in the comments below!

0

Tales from the Orchard: FBI Hacker Says Apple Are ‘Jerks’ and ‘Evil Geniuses’ for Encrypting iPhones

An FBI forensic expert lambasted Apple for making iPhones hard to hack into.

 

By Lorenzo Franceschi-Bicchierai of Motherboard at Vice .com

 

Ever since Apple made encryption default on the iPhone, the FBI has been waging a war against encryption, complaining that cryptography so strong the company itself can’t break it makes it harder to catch criminals and terrorists.
On Wednesday, at the the International Conference on Cyber Security in Manhattan, FBI forensic expert Stephen Flatley lashed out at Apple, calling the company “jerks,” and “evil geniuses” for making his and his colleagues’ investigative work harder. For example, Flatley complained that Apple recently made password guesses slower, changing the hash iterations from 10,000 to 10,000,000.

That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack.

“Your crack time just went from two days to two months,” Flatley said.

“At what point is it just trying to one up things and at what point is it to thwart law enforcement?” he added. “Apple is pretty good at evil genius stuff.”

On the other hand, Flatley repeatedly praised the israeli company Cellebrite, which sells hacking devices and technologies to law enforcement agencies around the world. Flatley said that they are the ones who can counter Apple’s security technology.

“If you have another evil genius, Cellebrite,then maybe we can get into that front,” he said, facetiously coughing as he said “Cellebrite.”

Flatley’s statements come a day after FBI director Christopher Wray renewed former director James Comey’s rhetorical war against encryption, calling it an “urgent public safety issue.”

Cybersecurity experts and civil liberties organizations, meanwhile, have long made the case that iPhone encryption keeps the average consumer’s data safe from hackers and authoritarian surveillance, a net benefit for society.

1

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: