Google Chrome Categories - Safegadget.com

How to: Anonymous Browsing, Internet Privacy

SafeGadget — Sat, 01 Feb 2020 08:00:44 +0000

Last Updated: 2/20/2022

Check out our Facebook Settings How To Privacy Page

Why should I be concerned about Internet privacy?

Do you like online ads following you around from site to site?
Can you discuss your health problems online without fear of losing insurance?
Do you worry about publishing private information that could lead to stalking, surveillance, or identity theft?
Does your work place monitor your Facebook or Twitter? Could you be fired over a post?
Do you live in a country where you could be arrested or tortured based on what you post online?
Did you know that third-parties collect information the government is not allowed to collect? The government has purchased this information too.
Companies such as FinFisher are selling hacking software to countries and corporations to break into people’s computers and monitor them.
Visit the EFF’s Panopticlick site to see what you are telling the world right now, before using the tools below.
Tactical Technology Collective has tips for journalists and activists on how to increase their privacy.

60% of people polled by the WSJ.com were tremendously worried about the loss of online privacy.

The Internet appears to facilitate privacy and anonymity, but in recent years has been a battleground that pits advertisers on one side and users on the other. It has become increasingly difficult to maintain privacy on the Internet because money has gotten into the game. As online advertising has grown, companies have sprouted up, attempting to optimize Internet advertising performance by combining advertising with profiling. While individual users may not be known by name, they have become ghost profiles that are increasingly matched up with appropriate advertising. If you have found Internet ads following you from site to site, you have been profiled and are seeing the results. In this article, we will examine many methods to enhance our Internet privacy and perform operations anonymously.

One of the main goals of Internet privacy is to make that people have the ability to make informed decisions about how they act online. Users should be told ahead of time how their personal information is used and shared.

The Real Cost of Free Content

While many users assume that most content sites are free, there is a hidden price being paid, the users private information. Most online advertising companies are tracking web browsing activity across many websites in order to build profiles of users. They cross-reference and trade information to generate revenue and better target online advertising and promotions.

Hide your phone number

Once a cybercriminal gets your phone number, they can wreak all sorts of havoc including SIM Swap your phone and take over many accounts. Hide your number or at least used a VoIP number such as Google Voice. Do not allow Google Voice to forwards Texts/Calls to your main number.

Google
- Remove your phone number from myaccount.google.com – Personal information
Microsoft
- Remove your phone number from account.live.com
Facebook
- Select Settings under the drop-down arrow at the top right. First, click on Mobile in the right-side menu, and remove your phone number
Twitter
- Click your avatar, go to Settings and Privacy, and navigate to Mobile on the right hand menu. Remove your number and use an authenticator app

Android

Turn off your advertising ID. This is attached to all you apps, search history, purchases, recent locations and much more.

Settings > Privacy > Ads > Delete Advertising ID

Older Android versions may have Opt Out of Ads Personalization

Chrome

Turn off 3rd party cookie tracking on both Chrome for computers and Chrome App

Settings > Security & Privacy > Block third-party cookies

Privacy Oriented Browser

brave is a browser from a mozilla co-founder, which is focused on privacy.

Internet Browser Cookies

In the past, users have been able to delete their Internet browsers’ cookies and thereby foiling efforts to track the user. Here are instructions for clearing the browser cache in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Below is how to set browsers to not accept third-party cookies. These cookies are typically generated by tracking and advertising companies when you visit a website. Occasionally this technique will cause a website to malfunction, particularly if it uses a third-party to handle tasks like commenting.

To optimize third-party cookie privacy settings in Firefox do the following:

Select Options… from the Tools menu
Select Privacy tab
Select Use custom settings for history
Uncheck Accept third-party cookies
Optionally select Keep until: I close Firefox – This will delete cookies after every browser session, which you may not want to happen.

To optimize third-party cookie privacy settings in Internet Explorer 9 do the following:

Select Internet Options from the Tools menu
Select Privacy tab
Check Never allow websites to request your physical location under Location
Select Advanced
Check Override automatic cookie handling
Check Block under Third-party Cookies
Press OK

CCleaner is useful Windows utility to clear out unnecessary files including temporary files, and cookie files.

Identity Finder helps you remove personally identifiable information from your computer’s files. They have a free Windows and Mac version.

While this technique is still somewhat helpful, the advertisers have gotten smarter and utilize other tracking techniques. Consult our guides to Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox for information.

IRS Tax Filing IP PIN

An IRS IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of their Social Security number on fraudulent federal income tax returns.

In 2019, they expanded the states that support this protection.

HTML5 and Privacy

HTML5 represents the latest standard for web design that significantly increases the flexibility and interactiveness of websites. Along with these impressive new features, comes a major privacy issue. HTML5 local storage allows data to be stored in your browser. It can potentially be used to track your movements and regenerate any cookies that you delete. New methods of blocking need to be created to block this intrusive technology.

Google Chrome and Firefox clear HTML5 local storage whenever you clear your cookies. Safari clears this when you select: Preferences -> Privacy tab -> Cookies and other website data -> Remove All Website Data

You can set Firefox to warn you whenever a website is attempting to use HTML5 local storage by selecting: Options -> Advanced -> Network -> Tell me when a website attempts to store data for offline use.

Flash Cookies

Adobe Flash also generates cookies that have been used for tracking and are difficult to remove. Adobe has a special page that requires Flash, in which you can delete your Flash cookies. Also visit this Flash configuration page to prevent 3rd parties from storing Flash content on your PC. You can install a Flash blocker to prevent these cookies from being installed on your system. Flush for the Mac, removes Flash cookies.

Adjusting Google Privacy Settings

In 2018 Google Created this Activity Tracking page to enhance privacy.

To clear Google’s “web history” which includes a log of all your searches, follow the instructions on this page.

To see and revoke access to your Google account by third-party sites, follow the instructions on this page. Also turn on Do Not Track.

To get a copy of everything Google has stored about you, visit Google Takeout. Additional Google services not covered by Takeout are located at Data Liberation.org. To delete the information, you must visit each Google service and delete your data manually.

Privacy App

Jumbo Privacy iOS App helps set Google, Facebook, Ad settings that we have mentioned

Adjusting Facebook Privacy Settings

Our article on Facebook security covers how to adjust Facebook’s privacy settings. Keep in mind that privacy settings only prevent others from seeing your profile. Advertisers and Facebook still have access to your private profile.

AVG Privacyfix.com helps you manage your Facebook privacy settings by showing you which ones need to be fixed.

Logging Off for Privacy

Intentionally logging off a site helps preserve your online privacy. If you were on Amazon, Facebook, or Google, we recommend you log off the site and not click away to a different site. This will help prevent ads from following you.

Fact: When a someone has more information about us, we are more likely to trust them. If your personal details leaked in a company’s data breach, criminals could use that information to craft emails that look more credible.

Minimize your personal information on Facebook, Twitter, Instagram, etc. Also cleanse or set to Private your Amazon wishlists and eBay bidding history.

Anonymous Browsing

Most modern Internet browsers have options to perform anonymous browsing. You can utilize this function to help hide your identity. Here are instructions for anonymous browsing in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Optional third party browser plug-ins are also available to help enhance Internet privacy.

Adblock Plus is a plug in to block ads. Firefox – Chrome
ChromeBlock is a plugin to help increase privacy. Chrome
Cookie Master is a Firefox plug-in to manage cookies
Disconnect.me is a plugin to help increase privacy. Firefox – Chrome – Safari
Do Not Track Plus is a Firefox plugin to help increase privacy.
Ghostery is a free plug-in to view and block what trackers and advertisers a website uses. Available for most web browsers
NoScript is an extension for both Firefox and Chrome which prevents scripting from automatically running
PrivacySuite is a plugin to help increase privacy. Firefox – Internet Explorer (Soon)
Trackmenot is a Firefox plug in to prevent tracking. Chrome version

Opting Out of Online Ad Personalization – Do Not Track

Advertising companies that are members of the Network Advertising Initiative (NAI) and other self-regulatory efforts allow users to opt out of personalizing ads that are shown. Here are instructions for opting out of online ad personalization in Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox.

The Network Advertising Initiative also has a page that allows you to opt out of online ad personalization from a variety of member advertising companies.

Other Opt-out pages:

AOL
Apple iAds
Mastercard
SelectOut – Optout of almost 200 trackers
Self-Regulatory Program for Online Behavioral Advertising
Yahoo

Using Linux for Internet Privacy

Linux can be utilized to enhance our Internet privacy. We can set up a bootable Linux USB key or CD, which allows us to start up our computer into a totally clean operating system, devoid of cookies and the like. Use one that has a write lock physical switch. Consult our article Creating a Bootable Linux USB Key or CD for more information.

Using a VPN for Internet Privacy

A VPN or Virtual Private Network allows you to tunnel your Internet traffic through a third party provider, making your traffic appear to come from a different location. While this option is more complex to implement, when combined with the suggestions listed above, a VPN connection forms a very powerful tool to protect your privacy. Consult our article How to Use Wireless Networks or WiFi Safely in Public for more information. Make sure you select one that is located outside the USA and which does not logging.

Email Snooping

Yahoo was exposed in 2016 to having scan all its customer’s emails looking at incoming email streams for a digital signature associated with a known terror organization.

The ultimate way to prevent email snopping is by running your own email server. This has a cost and can result in your emails not going through.

Credit Card Privacy

Privacy.com creates secure virtual credit card numbers, hiding your real card.

Secure Instant Messaging

Privacy relates to how easy it is to ease drop into a messaging client. Can the government listen in? Is it encrypted?

The EFF has a great Secure Messaging Scorecard page.
Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

Silent Circle
Redphone
OSTel
Chat Secure
Signal (Formerly Textsecure)

Anonymous Registration

It is annoying registering for forums and many content sites where your real information is not necessary. When asked for personal information, we suggest you enter bogus information if you wish to remain anonymous. Create an email address that is tied to this information and save this information as a profile within password management utilities.

MySudo helps you create temporary emails address and phone numbers. Free Trial. You can also this by create multiple gmail and google voice accounts.

Removing Yourself from Online Databases

There are several large databases that contain personal information that is culled from telephone books, court records, and other third parties. You can opt out of their data by visiting the following links.

A paid service DeleteMe helps automate this for $129/year

Identity Theft Protection

If you are a Comcast subscriber, you are eligible for free Identity Guard (discontinued). Consult your ISP to see if they have any free identity theft programs.

Social Security Account Setup

While we are on the subject of protecting you from identity theft. If you have not already setup your Social Security Account, you should set one up before a thieve makes one before you.

Or better yet, block Electronic access to your Social Security Record.

TV Privacy

If you have a Smart TV, it may be watching or listening to you. In March 2017 a Wikileaks CIA leak indicated that they are listening in on those with Samsung TVs.

Turn off any Smart TV Functions on your TV
Use an external Roku or AppleTV box instead
Use a power strip and turn off the TV’s power that way

Opting out of TV data

Many TV content suppliers log your viewing habits and sell them to other companies. Opt-Out of this madness! Cable and satellite television networks have their own opt-out for anonymous-viewer information.

DirectTV – Contact the company by phone, email, or mail to opt-out.
TiVo
Optimum.net – They removed their opt-out page.
Comcast
AT&T
Vizio – Vizio TVs spied on what people were viewing, causing the FTC to sue them. The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education, and home ownership.

Turn off iPhone Diagnostic Log Sending

To turn off sending of diagnostics data to Apple do the following:

Open Settings
Select General
Select About
Select Diagnostics & Usage
Click on Don’t Send

Color Laser Printer & Color Copier Privacy Issues

The Electronic Frontier Foundation (EFF) discovered that most color copiers and color laser printers have been adding invisible tracking codes to every single printed page they produce. The government asked printer makers to do this in an effort to prevent counterfeiting. The dots help track what type of printer and its serial number as well as when the document was printed.

This relativity little known tactic can undermine anonymity for political, religious, or any other reason. Users need to understand this and tell printer manufacturers that they do not like this hidden invasion of privacy. For more information, take a look at this webpage and support their efforts.

If you are purchasing a new color laser printer, try to purchase one that does not print these invisible codes.

Kindle eBook Privacy issues

Reading in the new age via eReaders such as the Kindle expose users to additional privacy issues. Previously, with physical books, it was difficult for bookstores and publishers to know whether you had really finished a book, highlighted specific passages in the book, or what book you purchased next.

With eReaders such as the Kindle your privacy has gone out the door. Kindle users have to agree to allow Amazon to store information on the device and Amazon’s servers including where you left off in the book, notes, highlights, bookmarks, and more. With all of this information, the Electronic Frontier Foundation (EFF) is pushing for legislation to prevent eBook sellers from reveling people’s reading habits without a court’s approval.

If you are concerned about your privacy, you may want to steer clear of eReaders or utilize an eReader that does not any have Internet connectivity. Find one that allows eBooks to be downloaded to a computer and manually added to your eReader.

More Resources

privacy tools.io – Lists many resources that can help you reclaim your privacy

With some leg work, we can significantly improve the privacy of our online activities.

Facebook Privacy Settings to Limit Sharing

SafeGadget — Wed, 02 Jan 2019 17:30:31 +0000

Last Updated: 10/18/2018

Note: Facebook has committed to making these settings easier to find, so there may be some variance in what we depict below.

A September 2018 security hole in Facebook allowed 50 Million accounts to be accessed by hackers. Check to see if you were affected.

Facebook reached a new low in March 2018. A massive data compromise was exposed that allowed Cambridge Analytica to obtain extensive psychographic information about 50 million Facebook users in 2014. This data was probably used to manipulate the 2016 Presidential elections.

Let’s be honest, in exchange for using this FREE service, you upload text, pictures, videos for Facebook to learn more about you. They then use this personal information to sell ads and more. There is no free lunch. Facebook is a money making machine, not your friend.

Short of deleting Facebook and Facebook messenger, This is how you can adjust your Facebook Privacy Settings to protect yourself.

Two Factor Authentication

In September 2018 it became know that Facebook uses your second factor authentication for advertising purposes! Do not use your phone number or another email address, instead use the option of employing Google Authenticator.

Important: You need to make change at both Facebook.com AND inside the Facebook App

Adjust Facebook.com Website Settings

Remove any friends you do not really know. They can send you scams or other information with out being filtered.

Click Edit in the Apps, Websites and Plugins box.

Also set Old Versions of Facebook for Mobile to Only me

Click Disable Platform

This will prevent Facebook from sharing your data with other apps and websites. You also cannot use your Facebook login to login to other sites any more.

If you want to still allow using Platform but want to lock down what is shared, instead of Disable Platform, select Edit under Apps Other Use.

We recommend Unchecking EVERY box and hitting Save

Adjust Facebook Ad Settings

Click on Ads in the lower left area of the Facebook Settings Page

For Advertisers you’ve interacted with – Click the triangle in the right side, to show the settings. Click on every company to disable this.

For Your Information – Click the triangle in the right side, to show the settings. Turn off everything. Also click the Your categories tab and turn off EVERYTHING. Pretty scary?

For Your Ad Settings – Click the triangle in the right side, to show the settings. Turn off everything.

For Hide Ad topics – Click the triangle in the right side, to show the settings. Set all of them to Permanently

Facebook Privacy Settings and Tools

Visit the Facebook Privacy Page to lock down its settings.

Adjust the settings so it looks like our screen. This was the best we could do. Make sure you have a bogus phone number in Facebook. Do not allow search engines outside of Facebook to link to your profile.

Change your birthday so it is a day earlier

Click the Use Activity Log link and remove yourself from any posts you have been tagged in.

Turn off Face Recognition

Visit the Face Recognition Settings and turn it to No

Adjust Timeline and Tagging Settings

Visit the Timeline and Tagging Settings and adjust it to the following:

Remove Facebook Likes

Click Timeline on your personal Facebook Page

Click More in the middle area and select Likes

Remove the Likes for as many items as possible! Delete TV Shows, Books, Events, Questions, Reviews and Movies from the list

Facebook Mobile App Privacy Lockdown

The above settings affect the Facebook App, but there are additional settings that need to be set in the App.

Prevent Facebook from using your Location

Facebook’s App can use your location even when you are not running it.

To disable it in iOS:

Settings – Privacy – Location Services -Facebook – Never or While Using App

To disable it in Android:

Settings – Apps – Facebook – Permissions – Location – Off

Remove Uploaded Contacts from Facebook

Click here to visit the page to remove uploaded contacts in Facebook.

Prevent Facebook from continuously uploading new contacts from your phone.

Turn off Upload contacts if you use the Facebook App, it is located at:

3 lines in lower right corner of Faceebok App, Settings, Account settings, General, Upload contacts
Facebook has a page to help you prevent syncing of contacts to Messenger. Details on the issue with Facebook looking at all your calls

Adjust who can see your posts from New Feed or Profile

Select 3 lines in lower right corner of Facebook App, Settings, Account settings, General, Privacy, Check a Few Important Settings

Select Friends or Only me

On the next screen for Posts, also select Friends or Only me

The next screen will then be Profile

Lock Down your Profile

Select the appropriate level of lockdown for each item. Only me would be most secure.

The Next screen would be Apps

Remove Unnecessary Apps

Click the X next to apps you no longer need.

Timeline and Tagging

Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Timeline and Tagging

Adjust Time line and Tagging to: Only me for all settings

Change the 2 Review settings to: On

Limit Facebook Location Data

Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Location

Do not allow Facebook to save your location, do not share location with Nearby Friends, Do not Find Wi-Fi

Adjust Public Posts

Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Public Posts

Adjust these settings to something less than Public

Interests

Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Ad Preferences

Remove all the Interests by clicking on each one and selecting Remove Interest. Other settings should have been set at Facebook.com with the instructions above.

Facebook Messenger

Facebook keeps all your messenger messages.. FOREVER. Scary isn’t that?

Here is how you delete Facebook messenger messages, conversations and photos.

Items We are still working on cleaning:

Check-Ins
Removing Apps

Do you feel more secure now?

How to: Safe Online Shopping

SafeGadget — Tue, 01 Jan 2019 08:00:32 +0000

Last Update: 1/22/2020

Online shopping has been gaining market share every year. Security breaches make headlines almost daily. With more and more shoppers going online, consumers are worried more than ever about keeping their online shopping safe and secure. In this article, we will help you shop more securely.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

1. Configure your wireless router for optimal security. Consult our article How to set up a secure wireless router for details. For maximum security, do your online shopping when connected by a hardwired connection such as Ethernet.

2. Ensure that your operating system is set up securely. Consult our computer security guides for Windows and Macintosh. For maximum security, you could start off a Linux boot CD or USB key.

Burning Linux Live CD to a write only media such as a CD/DVD or a USB drive with Write protect switch, helps prevent any changes to a virgin Linux distribution. Keep in mind that no bookmarks, password managers, etc would be accessible.

The CD versions do take many minutes to boot up and ask you if you want to try Linux, so the USB route is definitely preferred.

3. Secure your Internet browser. Consult our security guides to Internet Explorer, Firefox, and Google Chrome.

4. Make sure you are shopping at a reputable online store that has a good reputation. Gone are the days when you could score a stellar deal on a iPad from a no-name vendor. Online shops need to buy and sell in volume to produce low prices. Check vendor review sites like Google Product Search, BBB online, or Reseller ratings for feedback.

5. Type the URL for the shop directly in the address bar, do not rely on a link from email. This helps prevent phishing scans. Make sure you are accessing the online store’s website using a secure connection, look for https:// in the browser’s address bar and a padlock icon in the browser. A broken key, broken padlock, or any open lock indicates it is not secure. If you want to ensure security, see if the online store takes orders over the phone.

6. When creating an account at the online store, we recommend you use a unique password as it is far safer in case the store gets hacked. You would not want hackers to get a password that worked on other websites. Consult our How to create, store and use secure passwords article for suggestions. Using Paypal, Apple Pay, or Google Pay also solves the unique password problem.

7. Pay for your purchase with a credit card and not a debit card or check. This gives you the best purchase protection, under Federal law your liability is limited to $50.

Some credit cards allow you to create single use, virtual, or disposable credit card numbers. Try to use these unique credit card numbers whenever possible. Check your credit card issuer’s website to see if they offer this feature.

If possible, do not allow the online store to save your credit card number.

Remove your credit card and use prepaid gift cards on Facebook, iTunes, Playstation Network, and Xbox Live.

8. Another method to avoid transmitting your credit card number is by using Google pay or PayPal access. These checkout systems store your credit card number and prevent the number from being seen by the online store. Additionally when paying with PayPal, select the option that causes payment to come from your credit card, not from your bank account. This gives you more recourse in case of problems.

9. If you are using PayPal or buying from eBay, consider purchasing their PayPal Security Key that adds an additional log on step. You need to hit the button on the security key and type in the security code it displays before you can log into eBay or PayPal.

These keys are more secure than using Text or SMS to send a one time code. Criminals can divert SMS messages and calls, to another device (either by social engineering a customer service person at the phone company, or via more advanced attacks like SS7 hacks).

Two factor authentication systems using SMS text messages are not secure, due to hijacking of mobile phone accounts and the weak SS7 routing system. Even Reddit got hacked this way. We suggest only using two factor when you can use a physical token or a time based authenticator like Google’s. Send text messages to a VoIP number such as Google Voice instead.

A new paper in 2020 from Princeton researchers shows how easy it is to pull off a SIM Swap against AT&T, Verizon, T-Mobile and others.

10. Sign up for alerts from your credit card vendor by email or text message. This will allow you to respond to any credit card fraud rapidly. Also carefully check each month’s credit card statement for erroneous or fraudulent charges. Consider checking your outstanding charges every couple of weeks via the credit card company’s website.

11. When shopping on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

12. Explicitly logout of a website after you are finished. Do not just close the browser. This helps terminate your session officially.

13. Print out the confirmation screen of your order to ensure you do not get overcharged.

Things Not To Do

1. Do not shop when using public wifi hot spots or when using a shared computer in a cyber cafe. Many of these locations provide little to no security and are prone to snooping or malware. This warning also includes smartphones and tablets connected to public wireless internet.

Do you perform all the above? Do you have other security tips?

Android Smartphone Security, How to securely use your Android Smartphone or Tablet

SafeGadget — Tue, 01 Jan 2019 08:00:12 +0000

Last Updated: June 18, 2019

Google’s Android operating system powers many popular cellphones including the popular Samsung Galaxy S10. Most Android Smartphone users as well as most of the pubic at large do not think very much about security.

If your phone is not running the latest Android Monthly security patches or is Android 6 or older, you are open to attack. A recent Wall Street Journal article showed that only 2.8% of Android devices have the latest security patches. Compare that to 79% of iPhones, due to Apple’s more uniform eco-system.

As of February 2019 only Android 7 to 9 receive security updates now)

Most Up to Date Android Smartphones

Google Pixel 3

This flagship phone runs the latest Android version and is patched regularly. Sold directly from Google or from a couple wireless carriers.

You can check this Google Support page that shows when updates will be available for Google devices and when devices stop getting updates.

Keep in mind that some companies claim to have all the latest security patches but may not.

We will cover some techniques to enhance your Android phone security.

Obsolete Hardware

Most hardware vendors like Samsung stop issuing updates after 3 years of release. Need a good reason to upgrade to a new phone? This is it. Incapacitate then recycle your old phone to prevent reuse.

Samsung has a page that lists which devices are still getting updates, as does Google.

Samsung SmartSwitch helps you update phones on Windows or Mac.

If you have an Phone or Tablet that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that Android Patch in July 2017 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

Google Play Protect

Be sure your device is running Google Play Protect. It scans for Malware and bad apps. This was release in July 2017 and runs on Google Play Services 11 or higher. This is a unification of Android security systems like Verify Apps, browser protection, and anti-theft measures.

You need to test your Android Device for Vulnerabilities

Here are the major security holes that you need to test your phone against. If your phone fails any of these, get it updated or buy a new phone.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page! Update your Android software to Patch Level February 2019 or later, right away. If your phone no longer gets updates, please consider buying a new one.

QuadRooter – Learn more about this issue. August 2016

DroidJack Remote spying – Learn more about this issue. August 2015

Stagefright MMS Flaw- Learn more about this issue. August 2015

Shellshock – Learn more about this issue. September 2014

Why is Android more susceptible to attack?

Older Smartphones with unpatched old versions of Android
Many phones never being given latest updates
Bigger audience to attack due to market share
Chipset vendors fixes slow to reach public
Multiple App stores
Apps are not thoroughly vetted
Bloatware, trialware from handset makers
Malware introduced in production chain

The Android Smartphone is part of Android’s open ecosystem, making viruses and malware more possible than closed platforms like the iPhone. As the Android Smartphone has grown in popularity, the smartphone has become more of a target by hackers and criminals. The DroidDream and Plankton Android malware infected over 250,000 phones before anyone discovered their malware. Google removed over 58 malicious apps from this single malware. A recent survey has shown that only 30% of Android Smartphone users installed security software on their phones. Malware can grab private data or use the phone to communicate externally.
Carrier IQ is a controversial piece of software that can show you what certain Android phones and spyware can do if the carriers allow it.

It is important that Android Smartphone users immediately become more vigilant about smartphone security. Our tutorial covers the Android Smartphones running most versions of the Android operating system.

Android Vulnerabilities.org gives a snapshot of how many devices are insecure.

The NSA and Android

Did you know that the NSA has been programming for Android and has inserted its code into the operating system? This has been happening since 2011 and has been focused on adding code to prevent hackers and marketers from accessing personal data on your Android device. Devices including the Samsung Galaxy S4 and HTC One have NSA code embedded, but not enabled by default. Apple does not accept code from government agencies. Android is open source, so programmers can more easily scrutinize every line of code that is in it. Hopefully the NSA will not add monitoring code in the future.

1. Android Smartphone Software Updates

Google upgrades the Android software for the Android Smartphone all the time. Montly Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Yes, updates take a while to install, but you do need to do it right away. Contact your smartphone vendor for the latest Android software update to your handset.

Some handset makers take their time to release Android updates. Beware. This is the MAIN reason why millions of Android phones go unpatched. Buy a phone that use plain Android and can take updates directly from Google, like the Google Nexus or Pixel line.

90 percent of Android devices two years or older have an operating system that’s vulnerable.

Replacing an Android Phone due to Lack of Updates

If you have an Android Smartphone that does not get the latest Android updates, we highly recommend you REPLACE the smartphone with a new one that does. Unfortunately you will need to switch phones every 2-3 years to keep up to date. Recycle the phone, do not give it away.

This Google support page shows you the status of Google Nexus Software updates and security updates.

These Nexus phones, tablets are have no guaranteed security updates after October 2017!

Nexus 10
Nexus 9
Nexus 7
Nexus 6
Nexus 5
Nexus 4

If you Root your Android Smartphone, you need to be extra careful with regards to security as updates are much more difficult for you. Be careful where you obtain your Android Apps as malware is much more prevalent. Rooting also exposes your device’s internal hardware to software much more so than normal. This is the equivalent of running your PC as Administrator.

2. Android Smartphone App Security

Apple’s App Store reviews all submissions before adding them, but Google does not thoroughly review Apps added to their store. Google does run a security scanner on apps to ensure that they do not include known malware. There have been several occasions where Apps containing malware have entered the Google play formerly known as Android Market.

Neither App Store technique is full proof, users need to be careful when installing apps.

Apps are prone to security vulnerabilities that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. To update applications do the following:

Tap the Notification menu at the top and drag it downwards. If there are App updates available, they will be shown
Tap on App updates to bring you to Google play formerly known as Android Market
Tap the App to be updated
Repeat the process for all Apps

Google has the ability to remotely remove malicious apps from your Android Smartphone. This is NOT true if you buy from 3rd party App store.

When installing new Apps, we suggest you install well known Apps from Google play formerly known as Android Market or Amazon App Store with positive reviews, and avoid brand new Apps from unfamiliar companies, and unofficial 3rd party App stores like mmoovv.com or samsunggalaxy-s.ru.This becomes a problem when the official App Market is blocked, such is the case in China.

It is fairly easy to repackage free Apps into a clone of the App. Repackaged Apps that also include Malware or Spyware have been encountered on 3rd party Android Markets. Free pirated versions of paid Apps are also found on 3rd party sites. Download only from the official App Market and give new Apps time to build trust and to allow others to help test the App for malware and security risks.

Users also need to be aware that scareware where apps are displaying advertisements for battery saving apps have been tied to malware. If the user taps on the ad, your phone’s browser launches and proceeds to download the apps file. These apps could endanger your privacy by stealing your address book, or cause money to be withdrawn from your accounts via costly phone calls or SMS messages.

3. Suggested Android Smartphone Settings for Security

Below are several suggestions for Android Smartphone settings to increase security on the smartphone. If you use swipe patterns to unlock the phone, make sure you clean your Android devices’ screen regularly otherwise people can see how your pattern looks. Doing repeated circular or square patterns helps foil thieves.

Enable Passcode

Open Settings
Select Security
Select Screen Lock
Select Password
Enter a Passcode – Do not select an obvious passcode like 1234a or 1111a

Google automatically encrypts its Nexus smartphones, but other companies are not required to do this. As of 2016, less than 10% of Android phones had encryption enabled. 80% of iPhones had encryption turned on. Android 6 Marshmallow requires encryption to be enabled by default.

Encrypt your Android Smartphone and require a PIN or password to decrypt it every time you power it on. It takes an hour or longer to initially encrypt your Smartphone. Older Android phones many operate slower when encryption is enabled. Launching apps might take a second or two longer. Turning on encyption requires a full battery or the phone connected to a charger.

Open Settings
Select Security
Select Encrypt phone
Click Encrypt phone

Lock SIM card makes your phone require a PIN before becoming enabled.

Open Settings
Select Security
Select Set up SIM card lock
Select Lock SIM card

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

Open Settings
Select Wireless and Networks
Uncheck Bluetooth

Backing up your Android Smartphone regularly is an important task. If you have a rooted Android Smartphone use the ROM Manager and Titanium Backup root. Regular Android Smartphones need to pay for backup Apps like MyBackup Pro. There are free Apps to backup individual areas like SMS, images, or Applications.

4. Android Smartphone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers. Most major email providers automatically activate SSL if you let Android setup your email account.

If you are setting up a new email account, make sure that you have enabled SSL or TLS in the Security type field for both the incoming and the outgoing mail server.

To check an existing Mail Account for secure SSL access, do the following:

Open Email application
If Combined Inbox is shown, Select a mail account by tapping Accounts then Select the email account. Otherwise, hit Menu then Account Settings
Check Incoming settings and Outgoing settings
Examine the Security Type field
Verify that it is not set to None

If it is set to None, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

OpenKeychain – public key encryption for emails and files, to make sure your emails are only read by who you sent them to and others can send you messages only you can read.

5. Find a Lost Android Smartphone, Erase a Lost Android Smartphone

Andrdoid 5.1 and higher includes a Device Protection feature. This is required on all phones manufactured after June 30, 2015 and sold in California. You can set it up in the Lock screen settings. It requires you be signed into your Google account.

Find My Device is a helpful feature made by Google, so you can locate, ring, or wipe your device remotely.

If you are running an older version of Android, you need a 3rd party app to handle finding a lost phone. Here are some options:

Android Lost – Locate, wipe, lock, take pictures, and much more
Prey – Open source, cross-platform, lost phone or tablet protection
Wheres My Droid – Find your lost phone, password protection, notification of changed SIM card. Paid Pro version includes remote phone erasing

When you lose your device utilize the lost device App you installed. If you cannot access the device, make sure you contact your Wireless carrier so they can disable the device. If you recover your Smartphone, make sure you change all passwords.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your Android Smartphone is lost and password protected, people could still contact you.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the Wi-Fi network is secure, we would recommend against connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The Android Smartphone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the Android Smartphone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the Android Smartphone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The Android Smartphone is very good at transparently switching from a cellular data network to a Wi-Fi wireless network. You can turn off Wi-Fi auto connect by the following:

Open Settings app
Choose Wireless & Networks
Select Wi-Fi Settings
Uncheck auto connect

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your Android Smartphone’s traffic through a secure server. There are many paid services that sell VPN access.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Android “Browser”

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection i.e – https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Android Smartphone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account. From there, you can use Google Docs to open Word Processing, Spreadsheets, etc. No need to endanger your own computer.

9. Android Smartphone Free Antivirus and Internet Security Software

Android Smartphone anti virus software is available and highly recommended because of the open Android Market for Apps. Be aware that fake anti-malware Apps have appeared, so stick to brand name antivirus Apps.

Antivirus Free – free antivirus App for Android

AVG Antivirus – free mobile security and antivirus App for Android

DR. Web Anti-virus Light – free antivirus App for Android

Lookout – free mobile security and antivirus App for Android

Norton Mobile Security – free mobile security and antivirus App for Android

Webroot Secure Anywhere Mobile – Free Mobile Phone and Tablet security antivirus protection.

Android Smartphone security Apps

Orbot: Tor on Android – Enhance your privacy, break through firewalls and communicate more safely.

10. Android Market Password and Payment Option

You can delete the payment information in your Google account after making a purchase. You must have a payment method in order to make purchases or make refunds. If you are very cautious, remove payment information when you do not anticipate App purchases.

11. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

12. NFC – Near Field Communication

NFC has been touted as using your phone as a contact-less credit card. It is being hyped up by smartphone manufacturers as well as credit card firms. This technology opens up a new way of hacking your credit card info. TURN IT OFF and avoid it. This recent Defcon presentation shows how a security researching skimmed a NFC credit card and used it.

To disable NFC on the Samsung Galaxy S III and other phones:

Tap Apps
Choose Settings
Scroll down the screen and tap More Settings
Uncheck the NFC box
Close the Settings app

13. Avoid Huawei and ZTE Android Smartphones

These Chinese companies are drawing a lot of attention. Congress suggests people avoid their products due to possible suspicious equipment behavior.

We have covered many ways to improve your Android Smartphone security. Utilizing our tips will help significantly improve the already good security of the Android Smartphone.

14. Stagefright MMS Messaging Bug

August 2015. A specially crafted MMS message can cause your phone to be taken over. Many old phone may never get updated to fix this.

If you’re using Google Hangouts as your default SMS client, disable automatic downloading of media files sent via MMS:

Settings – SMS – Auto Retrieve MMS uncheck

Here’s how to protect your phone from the if you are using Google Messenger (the default SMS client for Android Version 5.0+):

Messenger – Settings – Advanced – Auto Retrieve OFF

Here’s how to protect your phone from the if you are using Messages (the default SMS client for Samsung Galaxy S6):

Messages – More – Settings – More Settings – Multimedia messages – Auto Retrieve OFF

15. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Chat Secure. Older Stingrays only support 2G, not 3G/4G included with the Hailstorm upgrade, so turning off 2G will help here.

Disable 2G On Android prior to 5.0 – Stops Stingray
1) Pull up the phone dialer and dial *#*#4636#*#* (that spells INFO)
2) This brings you to the Testing screen where can select “Device information”.
3) Scroll down a little and it should say “WCDMA Preferred” or similiar.
4) Change it to WCDMA Only.

It will now stay on 3G/4G/4GLTE and avoid the old school GSM 2G Data towers, keeping you safe from older Stingrays.

Note: Google removed this option on Lollipop 5.0.

You can detect a Stingray by running the apps SnoopSnith or Android IMSI-Catcher Detector.

16. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

17. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

FTC has details
Do not use your cell phone number in the first place!
Use two factor authentication that uses a physical key or Google Authenticator App, not Text
AT&T – Enable an account passcode
Sprint – Customers setup a PIN when first signing up
T-Mobile – Enable a customer care password
Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Conclusion

Android is a sophisticated operating system. Because of the nature of its diverse eco-system, users unfortunately need to be proactive to keep their device secure and up to date.

Do you have any Android Security Tips?

How to use Wi-Fi securely in Hotels, Airports, and Beyond

SafeGadget — Sun, 10 Jun 2018 08:00:15 +0000

Last Update: June 18, 2019

While SafeGadget has several tutorials geared towards using Wi-Fi securely, we still realize that this is a major problem area. On our recent trip, we encountered insecure Wi-Fi at several airports, hotels, and restaurants. This tutorial is designed to help all users utilize Wi-Fi safely and securely.

Free Wi-Fi is available in many locations, from airports, hotels, local café, Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. Anytime you login to a free Wi-Fi hotspot that does not require a password, assume that a hacker can ease drop and see all information that is being sent and received.

Some Wi-Fi hotspots from vendors like AT&T and Comcast require you to log in with your username and password before you can get access. You need to understand that this is just access restriction and will not create a secure wireless connection.

This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
Xfinity has a Wi-Fi hot spot locator
There are several free apps that help you find Wi-Fi (Free Wi-Fi Finder on iPhones and WiFi Finder for Android)

Secure web browsing using HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:

Click Start Button
Type Network and Sharing Center into Start menu’s Search Box
Select Network and Sharing Center from the results
Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.

Connecting to a Public Wi-Fi Network

When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.

Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections. The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Here are some free VPN options:

CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
Proxify – This web-based service helps you surf the web anonymously and securely. Proxify is limited to web access only. The free service has ads and does not support all file formats.
Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
Hide My Ass – A free service that includes a free Web Proxy, Facebook Proxy and more. Read the disclaimers.
proXPN – Free version is bandwidth throttled and does not allow you to select a country.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Most users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Signing Up for a Paid VPN Server

Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.

PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
Security. Use public wireless hotspots securely and prevent others from stealing your identity.
Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
Length of Contract – The longer period you commit to, the lower the price.
Countries – Different VPN providers have servers in different countries.
Encryption Strength – The stronger the encryption, the higher the price.
VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
Logging – Make sure your VPN provider is not logging your Internet activities.
Speed – Some lower cost providers overload their servers and Internet connections, slowing access.

Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers.

When You are Finished Using a Public Wi-Fi Hotspot

When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wi-Fi securely in Hotels, Airports, and Beyond article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

How to use Wireless Networks or Wi-Fi securely in Public

SafeGadget — Thu, 08 Feb 2018 08:00:26 +0000

Last Update: June 18, 2019

Free Wi-Fi is available in many locations, from your local café or Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
There are several free apps that help you find Wi-Fi – search the app stores for Wi-Fi

Secure your computer, web browser, Internet connection

Secure web browsing using HTTPS

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Click Start Button
Type Network and Sharing Center into Start menu’s Search Box
Select Network and Sharing Center from the results
Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

Connecting to a Public Wi-Fi Network

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some unforseen problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Some VPN services log your activity or many be required to do so by where they are located. They may claim no logging but the fine print indicates otherwise. We recommend not using the Free services.

Here are some free VPN options:

CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
proXPN – Free version is bandwidth throttled and does not allow you to select a country.
Tor – Is not really a VPN but it will shield your traffic.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Many users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Setting Up Your Own VPN Server

There are several options for setting up your own VPN server. Most of them require advanced user knowledge of PCs and/or Linux. While this option requires a lot of user intervention and computer hardware, the resultant VPN can be very feature-rich and is essentially free.

Algo VPN – Easy to use scripts to setup a VPN on DigitalOcean (most user friendly), Amazon EC2, Google Compute Engine, and Microsoft Azure.
Asus Wireless router – Several Asus routers have VPN servers built in.
Adito – This VPN server is written in Java and requires a Linux installation on your machine. Adito is very feature-rich.
OpenVPN ALS – This VPN server is a descendant of Adito and also requires Linux.
Logmein Hamachi – This zero-configuration freeware VPN tool allows users to easily connect to computers behind network routers. Users can use this software to access their home computers from a Public wireless network or any other location. Hamachi helps to make it appear that you are actually located on your home network, so you have full access to resources such as your printer, music server, files, and other computers. Both Clients must have Hamachi installed on their computers and join the same group for Hamachi to work. Many people use this software to play network games. This software is partly controlled by the company that makes LogMeIn remote control software. It works on Macs and PCs. Lifehacker has a tutorial on how to use Hamachi.

Signing Up for a Paid VPN Server

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
Security. Use public wireless hotspots securely and prevent others from stealing your identity.
Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
Payment – Bitcoin support helps improve your privacy
Length of Contract – The longer period you commit to, the lower the price.
Countries – Different VPN providers have servers in different countries.
Encryption Strength – The stronger the encryption, the higher the price.
VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
Logging – Make sure your VPN provider is not logging your Internet activities. You cannot really take their word for it though.
Speed – Some lower cost providers overload their servers and Internet connections, slowing access.
Location – Pick someone outside the US and UK, if you really want to be private.
Blocking – Avoid picking a large VPN provider that may have access blocked to certain large websites.
DNS and IPv6 leaks – Avoid VPNs that have problems with this.

One of the biggest problems, especially with the well known VPN providers, is websites blocking them.

With PrivateInternetAccess, we found we could not visit certain websites, including Target.com and BestBuy.com! Make sure you have a limited time trial to test the service.

privacy tools.io has a list of VPN providers with minimal logging some of the lower cost ones are:

NordVPN – Panama – $48 a year
Cryptostorm.is – Iceland – $52 a year
We have used AirVPN and find it ok, but their Mac Client is buggy.

We have tried some that are based outside the US and the connection speeds were very slow, even with their US nodes.

VPN Discovery

VPN Hunter is a service that scans a specific domain name looking for VPN servers and then classifying them by the manufacturer and possible security holes.

SSH Tunneling For Security

Power users could setup a SOCKS Proxy over SSH tunnel to increase security even more when using a Public wireless network. This basically sends all web traffic through an encrypted SSH connection to another computer that you have set up elsewhere. Web browsers need to be configured to use a proxy server, so using a VPN server is a lot easier and allows all types of Internet traffic to flow through it.

Advanced Security Tools to prevent man in the middle attacks

Many people have their smartphones and laptops set to automatically log into wireless networks such as their home’s and free Wi-Fi hotspots like McDonald’s, Starbucks, or attwifi. Your device will keep looking for these names and automatically join you to their network. Hackers could set up wireless hotspots with exactly the same name to lure your device to join their network automatically. They would then start capturing all your traffic while sending it across the Internet. We suggest you manually join wireless networks and disable automatic joining.

To prevent man in the middle attacks, where a hacker is pretending to be a wireless access point and capturing all your information, you need to install special software to prevent ARP cache poisoning attacks like this software utility.

When You are Finished Using a Public Wi-Fi Hotspot

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wireless Networks or Wi-Fi securely in Public article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Secure Google Chrome Browsing

SafeGadget — Mon, 01 Jan 2018 08:00:02 +0000

Last Update: 10/3/2018

Google Chrome is one of the most popular web browser for Windows, Mac, and Linux. This makes it a large target for malware and cybercrime. We will focus on securing Google Chrome, and will significantly increase the browser’s security through add-ins and special hardening settings. We also recommend running under Windows 10 or Windows 7, so if you are running under an older version of Windows, we recommend you to upgrade or buy a new computer. Older versions of Windows like Windows XP were not built with security in mind.

The #1 Tip for Chrome Security

Keep it updated. Google fixes bugs quickly and updates an internal Flash plug regularly. When you start Chrome, you should select from the Chrome menu – Settings – About – If it shows a newer version, download it and relaunch before doing ANY browsing.

Why Chrome?

Chrome is a much newer browser than Firefox or Internet Explorer. It is not saddled with all the baggage of IE, where a change needs to be regression tested with many parts of Windows. Firefox has been around for a while and is also slowed down with lots of historical code.

A recent security test from Accuvant Labs found Chrome more secure, primarily due to its Sandbox technology.

Secure your computer, web browser, Internet connection

We recommend booting from a Linux CD or USB key when performing mission critical applications such as online banking, online trading, or online shopping.

Google Chrome includes the following security oriented features:

Safe Browsing
Sandboxing
Auto-updates
Built in PDF viewer
Built in Adobe Flash – Kept up to date by Chrome

The Golden rules of the Internet:

Do not trust anyone
If it is too good to be true, it probably is
Don’t install software from anonymous sources
Don’t automatically hit “yes” to any pop-up
If it looks suspicious, run

Before you make any changes to your system, always back it up.

Google Chrome Add-ons

Software that enhances Google Chrome can become targets of malware, adding new entry points into your computer. It is mandatory that you keep any third-party add-ons up to date, so allow Google Chrome to update plugins when necessary. Consider removing an add-on if it is rarely used, as you will also be increasing the security of Google Chrome through its removal.

Plugins are also one of the biggest sources of malware, so only install plugins from trusted developers.

Adobe Flash is built in to Chrome. A pdf viewer is also built in. We recommend Disabling it
- Type the following where you would normally type a URL:
  chrome://plugins
- Locate the Flash Player in the list of plug-ins. You may see more than one Flash Player listed.
- Select Disable for each Flash Player listed
Java – This language allows many cross platform programs to run in the browser, but is another huge target of malware. We recommend removing it unless you really need it for a particular application. This page checks if Java is installed. At a minimum disable Java in the browser by going into the Java Control Panel – Security Tab – Uncheck Enable Java content in the browser
Quicktime – Is installed when older version of iTunes was installed in your system. Remove it, as it is not being updated any more.
Silverlight – Is disable by default on newer version of Chrome. We recommend removing it from your system unless you really need it.
- Type the following where you would normally type a URL:
  chrome://plugins
- Locate the Silverlight in the list of plug-ins.
- Select Disable for each one listed

Hardening Google Chrome’s Settings

Google Chrome can be secured even more with several key changes to the browser’s settings. We have selected all the Critical settings for Google Chrome.

1. Prevent Google Chrome from saving passwords

Google Chrome can save passwords for different websites. We recommend that you do not use this feature because it is not as secure or flexible as using a password management program.

Launch Google Chrome
Click on the Dashes Icon on the far right
Select Options
Select Personal Stuff on the left hand column
Make sure Never save password is checked
Click Manage Saved Passwords
Click and remove all saved passwords

2. Mark Valuable Data Inaccessible to Google Chrome

Download chml.exe and run it to change the permissions on your valuable files and folders on your system as unreadable to Google Chrome. (Better yet, use Truecrypt and keep the volume unmounted!)
For example if your sensitive data is stored in the folder C:\Sensitive_Data – You would do:

Press Start menu
Go to All Programs
Go to Accessories
Right-Click on Command Prompt
Select Run as Administrator
Type “chml C:\Sensitive_Data -i:m -nr -nx -nw“
Press Enter to Execute the Command
Type Exit to end the Command Prompt

3. Allow Google Chrome to update itself

Google Chrome automatically tries to update itself, which is a good thing, but if it asks whether it is ok to restart the browser to use the new version, be sure to say yes right away.

4. Google Chrome secure website warnings

Google Chrome displays warning icons when you visit a website that has possibly dangerous information on it. Look for the following icons right next to the https:// in the browser.

The site uses SSL, but Google Chrome has detected insecure content on the page. Be careful if you’re entering sensitive information on this page. Insecure content can provide a loophole for someone to change the look of the page.

The site uses SSL, but Google Chrome has detected either high-risk insecure content on the page or problems with the site’s certificate. Don’t enter sensitive information on this page. Invalid certificate or other serious https issues could indicate that someone is attempting to tamper with your connection to the site.

5. Sandbox Google Chrome plugins

Google Chrome has an option to for plugins to be run in a safe sandbox. Make the following change to enable this feature. Note: Files and folders marked with the everyone permission, will only be accessible.

Press Start menu
Right click on Google Chrome
Select Properties
Add the following text to the Target field, right after “chrome.exe ” –safe-plugins. Make sure there is a space after .exe.
Click OK

6. Prevent Chrome from using a GPU

There have been several bugs related to using a Graphics processor or GPU. They are supported in the latest Chrome. This hardware level access can spell trouble. Disable GPU support to prevent this possible problem by adding the following when launching Chrome:

--disable-accelerated-compositing

7. Enable Server Certificate Revocation Checking

Note: This was removed in later versions of Chrome

Most browsers do not have a setting enabled by default to check Security certificates to see if they have been revoked. It is important to do this, otherwise you could be access a sign with a stolen certificate and it appears to work fine.

Click on the Dashes Icon on the far right
Select Settings
Select Show advanced Settings.. at the bottom
Scroll down to HTTPS/SSL and Check Check for server certificate revocation

8. Check for Compromised Digital Certificates

The NSA has a PDF that describes a way to help Windows defend against Compromised Certificates.

You can also run the RCC program to check for untrusted root certificates.

Helpful Google Chrome Add-ins

Docs PDF/PowerPoint Viewer – Automatically previews pdfs, powerpoint presentations, and other documents in Google Docs Viewer. No need to download pdf files to your computer and potentially have a bug in Acrobat cause a security problem.

WOT – Know Which Websites to Trust – Shows you which websites are trustworthy based on millions of users’ experiences.

ScriptNo – A ‘NoScript-like’ extension for a safer and faster Chrome. Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. By default, new websites that you visit will be loaded without scripting, maximizing safety. You can easily allow safe websites to allow scripting.

KB SSL Enforcer – Automatic security, browse encrypted using HTTPS secure connections whenever possible, automatically.

Flashblock – Blocks Flash so it won’t get in your way

Adblock Plus – Block those pesky banner ads.

Qualys BrowserCheck – Performs a security scan on your browser and its plug-ins (Windows)

uBlock Origin – Filter out ads, trackers, and other sites.

Helpful Internet Security Add-ins

Phising Toolbars – Google Chrome can warn you if it detects that the site you’re trying to visit is suspected of phishing or containing malware. If you would like to install a supplemental toolbar add-in, see our Free Internet Security Software article. BitDefender TrafficLight works with Google Chrome to secure your browsing.

Internet Security Software – Supplemental internet security software including Anti-Virus and Anti-Spyware software is a necessity when surfing on the Internet. See our Free Internet Security Software article for links to various free software utilities.

Password Managers – It is critical that you generate, store, and use secure passwords on the Internet. See our How to Create, Store, and Use Secure Passwords article for details on several password management programs.

Sandboxie – Creates a sandbox or safe environment in which programs execute. This sandbox is a isolated space which prevents programs like Google Chrome from making permanent changes to other programs and data in your computer. Free for 30-days, then 29 euros.

Other Google Chrome Security Enhancements

Google Public DNS – A high performance domain name server (DNS) replacement for your ISP’s DNS. Protects against Spoofing attacks and DoS and amplification attacks. Be sure to write down your existing DNS settings before changing them.

Norton ConnectSafe for Home – Similar to Google DNS, but includes options to filter porn or be family friendly.

Dyn Internet Guide – Free Web content filtering.

Microsoft Virtual Machine – Designed for web developers to test compatibility with different versions of Internet Explorer, these Virtual Machines for Microsoft’s Virtual PC allow you to run a Virtual computer on your desktop with Internet Explorer and Firefox pre-installed. You can manually install Google Chrome. If you mess up the Virtual computer, you can just delete it and start fresh from a new image. Keep in mind some malware is capable of detecting virtual machines and acting innocent until you move into your main system.
If you use VMware Player, you can add the following line to your .vmx file so that it writes all changes to a temporary file, which will be deleted when you power off the virtual machine.:ide0:0.mode = “independent-nonpersistent”

Dell KACE – has a free secure browser based on a virtualized and contained Firefox Browser with Adobe Reader and Flash plug-ins. You can manually install Google Chrome.

Secure Web Browsing with HTTPS

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

By applying special Google Chrome settings and adding add-ons, we can significantly increase the security of our Windows notebook and desktop PCs.

This concludes our How to Secure a Windows based personal computer article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

How to: Safe and Secure E-mail

SafeGadget — Sat, 25 Feb 2017 08:00:22 +0000

Last Update: 8/26/2017

Every computer user uses e-mail. Security breaches make headlines almost daily. With more and more people going online, consumers are worried more than ever about keeping their e-mail safe and secure.

E-mail is the major way most malware is transmitted across the Internet. E-mail is the largest attack vector against large companies, as it is far more difficult to physically infiltrate a company. In this article, we will help you use e-mail more securely.

A recent experiment of 150,000 test emails sent by Verizon Enterprise Solutions found that 23% of recipients opened the email, 11% click on the attachment. One person clicking on the attachment would have infected the organization. The human is the weakest link.

Secure your computer, web browser, Internet connection

The Golden rules of the Internet:

Do not trust anyone
If it is too good to be true, it probably is
Don’t install software from anonymous sources
Don’t automatically hit “yes” to any pop-up
If it looks suspicious, run

Secure Your Router

1. Configure your wireless router for optimal security. Consult our article How to set up a secure wireless router for details. For maximum security, access your e-mail when connected by a hardwired connection such as Ethernet.

Update and Secure Operating System

2. Ensure that your operating system is set up securely. Consult our computer security guides for Windows and Macintosh. For maximum security, you could start off a Linux boot CD or USB key.

Secure Internet Browsers

3. Secure your Internet browser. Consult our security guides to Internet Explorer, Firefox, and Google Chrome.

Pick a Good Email Provider

4. Most people already have an e-mail address that they are connected to. If you are considering a new e-mail address, consider examining how sophisticated the provider is. Infrastructure and state-of-the-art spam filtering are not inexpensive. We recommend users consider e-mail addresses from providers like Lavabit, Google and Hushmail. These companies are committed to staying on the leading edge, and are accessible anywhere. ISP based e-mail is convenient, but locks you in to the ISP. The same argument applies to school or company based e-mail addresses.You can always access these e-mail account via POP access in Gmail. This will allow your email account to utilize Gmail’s excellent spam filters.

Look for e-mail providers that have good spam filters and allow you to control attachments and HTML within e-mail messages.

Make Sure Email is using HTTPS

5. Make sure you are accessing the e-mail provider’s website using a secure connection, look for https:// in the browser’s address bar and a padlock icon in the browser. A broken key, broken padlock, or any open lock indicates it is not secure.

Use Unique Passwords

6. When creating an account at the e-mail provider’s website, we recommend you use a unique password as it is far safer in case the store gets hacked. You would not want hackers to get a password that worked on other websites. Consult our How to create, store and use secure passwords article for suggestions.

Create Multiple Email Accounts

7. We recommend creating multiple email accounts for different purposes, in order to maximize online safety. Having multiple email accounts linking to different accounts online. One example would be to have one email account for forums, one for banking, and one for shopping. Do not have all your emergency recovery email address be the same. This way if one email account gets compromised, the others are safe.

Use Two Factor Authentication if Available

8. Some e-mail providers support two factor authentication which requires users log in with both a password and a phrase generated on a smartphone, smartcard, or printed on a piece of paper. Gmail is a leading e-mail provider that supports this 2-factor authentication. Yahoo mail added 2-factor support at the end of 2011. A hacker who had your password could not log on without a second means of authentication. This is especially good for people that travel out of the country.

Two factor authentication system using SMS text messages is not secure, due to hijacking of mobile phone accounts and the weak SS7 routing system. We suggest only using two factor when you can use a physical token or a time based authenticator like Google’s.

Use 3G/4G connection instead of Public WiFi when checking Email

9. When accessing e-mail on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

Don’t open suspicious links and/or attachments

10. To avoid falling victim to e-mail phishing, never click a link or open an attachment from an e-mail. This is especially true for online banks and online brokerages. Manually type the URL into your browser.

Spear Phishing is utilizing realistic looking e-mails with personalized information, possibly emanating from a known person to steal your login password, run a attachment that contains malware, or force you to visit a web page containing malware.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account. From there, you can use Google Docs to open Word Processing, Spreadsheets, etc. No need to endanger your own computer.

Minimize your personal information on Facebook, Twitter, Instagram, etc. Also cleanse or set to Private your Amazon wishlists and eBay bidding history.

Fight SPAM

11. Spam unfortunately, remains a unfortunate element in e-mail. Leading e-mail providers are pretty good at fighting spam, but no one is perfect. Unintended consequences include good mail ending up in a spam folder. Be very careful when accessing the spam folder as many a penetration has been enabled when workers accidentally click on links within spam folder e-mails that look legitimate.

Don’t Display HTML

12. For maximum security set your e-mail provider’s configuration to not display HTML when displaying e-mail. A less secure setting is to allow HTML but not to display images. This additional security tactic helps prevent rogue pages from being displayed within e-mail. (Windows Live Hotmail does not allow you to control this.)

We suggest these settings for Gmail:

Select Mail Settings from the Gear Icon in the upper right corner
In the General Tab, next to External Content: Select Ask before displaying external content

Use SSL to access Mail Servers

13. It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobileMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To enable SSL with Yahoo Mail (not enabled by default) follow these steps:

Login to your Yahoo Mail account
Click the Gear icon on the upper-right corner
Select “Mail Options“
Click General on the Left, Under Mail Options
Check the Box next to “Turn on SSL“
Click Save at the top of the screen.

14. If you have applications other than your web browser accessing your E-mail IE. A desktop mail client suck as Windows Live Mail, Outlook, or Mail.app, make sure you enable SSL secure connections within each application. Here is a tutorial on using Gmail with Windows Live Mail.

Be careful of Short URLs

15. Do not click on shortened URLs, expand them first using a site like URL Expander or run them through a service like Virustotal.

Report Phishing

16. If you encounter phishing emails you can forward them to:

reportphishing@antiphishing.org
spam@uce.gov
Internet Crime Complaint Center
Anti-Phishing Working Group
Stay Safe Online has spam reporting information on the top 10 ISPs

Check to see if any Email addresses have been compromised

17. There are databases of email addresses that have been compromised. If you are listed, immediately change all your passwords connected to that email account.

haveibeenpwned.com

18. Someday phishing will hopefully fade in volume. DMARC.org which stands for “Domain-based Message Authentication, Reporting & Conformance” may help reduce the volume of problematic emails.

Encrypt the contents of Email

19. Email uses an insecure SMTP protocol to send data between servers. All the data sent is unencrypted. This factor has nothing to do with using SSL to connect your email provider. You need to use tools like PGP (pretty good privacy) to encrypt the contents of your emails to ensure privacy. Never send a password in email.

Email Attachment

Next to clicking a link in an email, clicking an attachment is the second most dangerous way to get infected.

Block attachments in your email client.

Gmail automatically blocks:

.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH

We recommend you supplement this by blocking these file types that are not used very often any more. Select Create a new filter from Filters and Blocked Addresss

Things Not To Do

1. Do not access your e-mail from public wifi hot spots unprotected or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

2. Always log out web-based e-mail account, do not simply close the browser.

3. Do not have a single email address where everything goes. If everything is linked together, you entire security chain can get compromised with one break in.

Welcome to Safegadget.com

SafeGadget — Mon, 15 Jun 2015 08:02:31 +0000

Welcome to Safegadget.com, the one-stop website for securing your computer and gadgets. Don’t wait until you have become a victim of malware. While it is impossible to prevent all attacks, it is important that we all secure our systems so we aren’t easily hacked. This is akin to wearing a seat belt to prevent an accident.

We feature many different security tutorials.

Learn how to secure your PC, find free anti-virus software, and find Windows security software
Secure your Mac and find free Mac security software
Use Linux for secure online banking, online trading, and online shopping
Secure your wireless network (Wi-Fi)
Learn how to create, store and use secure passwords

Harden the Security of your Browser

Boost the Security of your Smartphones and Tablets

Learn how to perform the following Safely and Securely

How to Safely use Twitter

SafeGadget — Mon, 09 Jun 2014 08:00:50 +0000

Last update 1/9/2015

Twitter is becoming more popular everyday. With millions of people to be targeted, Twitter is definitely a battleground for security and privacy. This website has become a worldwide hit and consequently has become a target for those intent on spamming, spreading worms, and stealing private information. In this article, we will cover many techniques to allow you to safely use Twitter.

Secure your computer, web browser, Internet connection

It is important that you follow the tips above to ensure your computer is secure. There have been Twitter Spam Attacks caused when malware infects a computer and gives control of the user’s Twitter account to a spammer. The spammer then posts messages on Twitter offering everything from Free items to pictures of celebrities, all appearing to be posted by the infected user. If one of your friends clicks on the offer, they instantly get infected, repeating the cycle of malware propagation.

Access the Real Twitter

Always make sure you are at a real Twitter log in page when you access their site. Do not count on Twitter links in email or on web pages to access the real Twitter website.

Think before Clicking on Links

There have been several viruses that have hit Twitter users, many of which have caused links to malware on Twitter. It is important that you exercise care before clicking on any links. Twitter has added a automatic link screening service, but this service could be bypassed. Be especially cautious in clicking links from direct messages.

Shortened links that do not fully disclose the destination site should be expanded before being clicked. You can expand short links with a browser plugin such as Linkpeelr for Chrome or visit a site like URL Expander or unshorten.it Virustotal.com checks shortened url’s for malware. Consult our How to Secure Your Internet Browser article for details. Internet Explorer 9 – Mozilla Firefox – Google Chrome

Enable Two Factor Authentication

Enable Two Factor Authentication so a login will require you to check your smartphone for a pin code. This only takes a minute and would have prevented many Twitter hacks.

Secure Twitter Browsing

As with the rest of the web, browsing a website using a secure connection is always preferable. You can set Twitter to automatically use secure HTTPS browsing by doing the following:

Click your Twitter Account name on the upper right hand corner
Select Settings
Check Always use HTTPS
Click Save

Sharing Sensitive Information

The following information is sensitive and may not be desired to be shared with others. Thieves can use this information as well those trying to piece together your identity or those attempting to hack your passwords. Think twice before including any of this information in your Tweets.

Who your friends are
Vacations or times away from home
Real birthday, at least no year
Mother’s maiden name
Pets names
Children’s names
Address
Phone numbers
Schools attended
Religious views
Political views
Tweet Location
Changing Passwords
Moving
Switching Servers

Consider having separate work and personal Twitter accounts. Be sure not to Tweet anything that could offend your employer.

Twitter Passwords and Access

It is important to follow our standard password suggestions. Consult our article on How to create, store, and use secure passwords.

Removing Unnecessary Twitter Applications

Twitter stores access credentials for 3rd-party applications. This allows them to send Tweets. You should review the list of applications allowed access to your account and remove unnecessary applications.

Click your Twitter Account name on the upper right hand corner
Select Settings
Click on Applications tab
Click Revoke Access on unnecessary applications

We have covered many areas in which you can increase the security and privacy of your Twitter usage. We suggest you implement as many of the suggestions as quickly as possible to maximize your safety on Twitter.

Scan your Twitter feed for Spam

Use a site like TwitBlock to look for spammy followers and bots.