Check out our Facebook Settings How To Privacy Page

Why should I be concerned about Internet privacy?

• Do you like online ads following you around from site to site?
• Can you discuss your health problems online without fear of losing insurance?
• Do you worry about publishing private information that could lead to stalking, surveillance, or identity theft?
• Does your work place monitor your Facebook or Twitter? Could you be fired over a post?
• Do you live in a country where you could be arrested or tortured based on what you post online?
• Did you know that third-parties collect information the government is not allowed to collect? The government has purchased this information too.
• Companies such as FinFisher are selling hacking software to countries and corporations to break into people’s computers and monitor them.
• Visit the EFF’s Panopticlick site to see what you are telling the world right now, before using the tools below.
• Tactical Technology Collective has tips for journalists and activists on how to increase their privacy.

60% of people polled by the WSJ.com were tremendously worried about the loss of online privacy.

The Internet appears to facilitate privacy and anonymity, but in recent years has been a battleground that pits advertisers on one side and users on the other. It has become increasingly difficult to maintain privacy on the Internet because money has gotten into the game. As online advertising has grown, companies have sprouted up, attempting to optimize Internet advertising performance by combining advertising with profiling. While individual users may not be known by name, they have become ghost profiles that are increasingly matched up with appropriate advertising. If you have found Internet ads following you from site to site, you have been profiled and are seeing the results. In this article, we will examine many methods to enhance our Internet privacy and perform operations anonymously.

One of the main goals of Internet privacy is to make that people have the ability to make informed decisions about how they act online. Users should be told ahead of time how their personal information is used and shared.

The Real Cost of Free Content

While many users assume that most content sites are free, there is a hidden price being paid, the users private information. Most online advertising companies are tracking web browsing activity across many websites in order to build profiles of users. They cross-reference and trade information to generate revenue and better target online advertising and promotions.

Hide your phone number

Once a cybercriminal gets your phone number, they can wreak all sorts of havoc including SIM Swap your phone and take over many accounts.  Hide your number or at least used a VoIP number such as Google Voice. Do not allow Google Voice to forwards Texts/Calls to your main number.

• Google
  • Remove your phone number from myaccount.google.com – Personal information
• Microsoft
  • Remove your phone number from account.live.com
• Facebook
  • Select Settings under the drop-down arrow at the top right. First, click on Mobile in the right-side menu, and remove your phone number
• Twitter
  • Click your avatar, go to Settings and Privacy, and navigate to Mobile on the right hand menu. Remove your number and use an authenticator app

Android

Turn off your advertising ID.  This is attached to all you apps, search history, purchases, recent locations and much more.

• Settings > Privacy > Ads > Delete Advertising ID

Older Android versions may have Opt Out of Ads Personalization

Chrome

Turn off 3rd party cookie tracking on both Chrome for computers and Chrome App

Settings > Security & Privacy > Block third-party cookies

Privacy Oriented Browser

brave is a browser from a mozilla co-founder, which is focused on privacy.

Internet Browser Cookies

In the past, users have been able to delete their Internet browsers’ cookies and thereby foiling efforts to track the user. Here are instructions for clearing the browser cache in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Below is how to set browsers to not accept third-party cookies. These cookies are typically generated by tracking and advertising companies when you visit a website. Occasionally this technique will cause a website to malfunction, particularly if it uses a third-party to handle tasks like commenting.

To optimize third-party cookie privacy settings in Firefox do the following:

• Select Options… from the Tools menu
• Select Privacy tab
• Select Use custom settings for history
• Uncheck Accept third-party cookies
• Optionally select Keep until: I close Firefox – This will delete cookies after every browser session, which you may not want to happen.

To optimize third-party cookie privacy settings in Internet Explorer 9 do the following:

• Select Internet Options from the Tools menu
• Select Privacy tab
• Check Never allow websites to request your physical location under Location
• Select Advanced
• Check Override automatic cookie handling
  
• Check Block under Third-party Cookies
• Press OK

CCleaner is useful Windows utility to clear out unnecessary files including temporary files, and cookie files.

Identity Finder helps you remove personally identifiable information from your computer’s files. They have a free Windows and Mac version.

While this technique is still somewhat helpful, the advertisers have gotten smarter and utilize other tracking techniques. Consult our guides to Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox for information.

IRS Tax Filing IP PIN

An IRS IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of their Social Security number on fraudulent federal income tax returns.

In 2019, they expanded the states that support this protection.

HTML5 and Privacy

HTML5 represents the latest standard for web design that significantly increases the flexibility and interactiveness of websites. Along with these impressive new features, comes a major privacy issue. HTML5 local storage allows data to be stored in your browser. It can potentially be used to track your movements and regenerate any cookies that you delete. New methods of blocking need to be created to block this intrusive technology.

Google Chrome and Firefox clear HTML5 local storage whenever you clear your cookies. Safari clears this when you select: Preferences -> Privacy tab -> Cookies and other website data -> Remove All Website Data

You can set Firefox to warn you whenever a website is attempting to use HTML5 local storage by selecting: Options -> Advanced -> Network -> Tell me when a website attempts to store data for offline use.

Flash Cookies

Adobe Flash also generates cookies that have been used for tracking and are difficult to remove. Adobe has a special page that requires Flash, in which you can delete your Flash cookies. Also visit this Flash configuration page to prevent 3rd parties from storing Flash content on your PC. You can install a Flash blocker to prevent these cookies from being installed on your system. Flush for the Mac, removes Flash cookies.

Adjusting Google Privacy Settings

In 2018 Google Created this Activity Tracking page to enhance privacy.

To clear Google’s “web history” which includes a log of all your searches, follow the instructions on this page.

To see and revoke access to your Google account by third-party sites, follow the instructions on this page. Also turn on Do Not Track.

To get a copy of everything Google has stored about you, visit Google Takeout. Additional Google services not covered by Takeout are located at Data Liberation.org. To delete the information, you must visit each Google service and delete your data manually.

Privacy App

Jumbo Privacy iOS App helps set Google, Facebook, Ad settings that we have mentioned

Adjusting Facebook Privacy Settings

Our article on Facebook security covers how to adjust Facebook’s privacy settings. Keep in mind that privacy settings only prevent others from seeing your profile. Advertisers and Facebook still have access to your private profile.

AVG Privacyfix.com helps you manage your Facebook privacy settings by showing you which ones need to be fixed.

Logging Off for Privacy

Intentionally logging off a site helps preserve your online privacy. If you were on Amazon, Facebook, or Google, we recommend you log off the site and not click away to a different site. This will help prevent ads from following you.

Fact: When a someone has more information about us, we are more likely to trust them. If your personal details leaked in a company’s data breach, criminals could use that information to craft emails that look more credible.

Minimize your personal information on Facebook, Twitter, Instagram, etc. Also cleanse or set to Private your Amazon wishlists and eBay bidding history.

 Anonymous Browsing

Most modern Internet browsers have options to perform anonymous browsing. You can utilize this function to help hide your identity. Here are instructions for anonymous browsing in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Optional third party browser plug-ins are also available to help enhance Internet privacy.

• Adblock Plus is a plug in to block ads. Firefox – Chrome
• ChromeBlock is a plugin to help increase privacy. Chrome
• Cookie Master is a Firefox plug-in to manage cookies
• Disconnect.me is a plugin to help increase privacy. Firefox – Chrome – Safari
• Do Not Track Plus is a Firefox plugin to help increase privacy.
• Ghostery is a free plug-in to view and block what trackers and advertisers a website uses. Available for most web browsers
• NoScript is an extension for both Firefox and Chrome which prevents scripting from automatically running
• PrivacySuite is a plugin to help increase privacy. Firefox – Internet Explorer (Soon)
• Trackmenot is a Firefox plug in to prevent tracking. Chrome version

Opting Out of Online Ad Personalization – Do Not Track

Advertising companies that are members of the Network Advertising Initiative (NAI) and other self-regulatory efforts allow users to opt out of personalizing ads that are shown. Here are instructions for opting out of online ad personalization in Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox.

The Network Advertising Initiative also has a page that allows you to opt out of online ad personalization from a variety of member advertising companies.

Other Opt-out pages:

• AOL
• Apple iAds
• Mastercard
• SelectOut – Optout of almost 200 trackers
• Self-Regulatory Program for Online Behavioral Advertising
• Yahoo

Using Linux for Internet Privacy

Linux can be utilized to enhance our Internet privacy. We can set up a bootable Linux USB key or CD, which allows us to start up our computer into a totally clean operating system, devoid of cookies and the like. Use one that has a write lock physical switch. Consult our article Creating a Bootable Linux USB Key or CD for more information.

Using a VPN for Internet Privacy

A VPN or Virtual Private Network allows you to tunnel your Internet traffic through a third party provider, making your traffic appear to come from a different location. While this option is more complex to implement, when combined with the suggestions listed above, a VPN connection forms a very powerful tool to protect your privacy. Consult our article How to Use Wireless Networks or WiFi Safely in Public for more information. Make sure you select one that is located outside the USA and which does not logging.

Email Snooping

Yahoo was exposed in 2016 to having scan all its customer’s emails looking at incoming email streams for a digital signature associated with a known terror organization.

The ultimate way to prevent email snopping is by running your own email server.  This has a cost and can result in your emails not going through.

Credit Card Privacy

Privacy.com creates secure virtual credit card numbers, hiding your real card.

Secure Instant Messaging

Privacy relates to how easy it is to ease drop into a messaging client.  Can the government listen in?  Is it encrypted?

The EFF has a great Secure Messaging Scorecard page.
Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

Silent Circle
Redphone
OSTel
Chat Secure
Signal (Formerly Textsecure)

Anonymous Registration

It is annoying registering for forums and many content sites where your real information is not necessary. When asked for personal information, we suggest you enter bogus information if you wish to remain anonymous. Create an email address that is tied to this information and save this information as a profile within password management utilities.

MySudo helps you create temporary emails address and phone numbers. Free Trial.  You can also this by create multiple gmail and google voice accounts.

Removing Yourself from Online Databases

There are several large databases that contain personal information that is culled from telephone books, court records, and other third parties. You can opt out of their data by visiting the following links.

• BeenVerified
• Family Tree Now
• Intelius
• PeekYou
• PeopleSmart
• Pipl
• Spokeo
• Whitepages
• ZabaSearch

A paid service DeleteMe helps automate this for $129/year

Identity Theft Protection

If you are a Comcast subscriber, you are eligible for free Identity Guard (discontinued). Consult your ISP to see if they have any free identity theft programs.

Social Security Account Setup

While we are on the subject of protecting you from identity theft.  If you have not already setup your Social Security Account, you should set one up before a thieve makes one before you.

Or better yet, block Electronic access to your Social Security Record.

TV Privacy

If you have a Smart TV, it may be watching or listening to you.  In March 2017 a Wikileaks CIA leak indicated that they are listening in on those with Samsung TVs.

• Turn off any Smart TV Functions on your TV
• Use an external Roku or AppleTV box instead
• Use a power strip and turn off the TV’s power that way

Opting out of TV data

Many TV content suppliers log your viewing habits and sell them to other companies.  Opt-Out of this madness! Cable and satellite television networks have their own opt-out for anonymous-viewer information.

• DirectTV – Contact the company by phone, email, or mail to opt-out.
• TiVo
• Optimum.net – They removed their opt-out page.
• Comcast
• AT&T
• Vizio – Vizio TVs spied on what people were viewing, causing the FTC to sue them.  The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education, and home ownership.

Turn off iPhone Diagnostic Log Sending

To turn off sending of diagnostics data to Apple do the following:

• Open Settings
  
• Select General
• Select About
• Select Diagnostics & Usage
• Click on Don’t Send

Color Laser Printer & Color Copier Privacy Issues

The Electronic Frontier Foundation (EFF) discovered that most color copiers and color laser printers have been adding invisible tracking codes to every single printed page they produce. The government asked printer makers to do this in an effort to prevent counterfeiting. The dots help track what type of printer and its serial number as well as when the document was printed.

This relativity little known tactic can undermine anonymity for political, religious, or any other reason. Users need to understand this and tell printer manufacturers that they do not like this hidden invasion of privacy. For more information, take a look at this webpage and support their efforts.

If you are purchasing a new color laser printer, try to purchase one that does not print these invisible codes.

Kindle eBook Privacy issues

Reading in the new age via eReaders such as the Kindle expose users to additional privacy issues. Previously, with physical books, it was difficult for bookstores and publishers to know whether you had really finished a book, highlighted specific passages in the book, or what book you purchased next.

With eReaders such as the Kindle your privacy has gone out the door. Kindle users have to agree to allow Amazon to store information on the device and Amazon’s servers including where you left off in the book, notes, highlights, bookmarks, and more. With all of this information, the Electronic Frontier Foundation (EFF) is pushing for legislation to prevent eBook sellers from reveling people’s reading habits without a court’s approval.

If you are concerned about your privacy, you may want to steer clear of eReaders or utilize an eReader that does not any have Internet connectivity. Find one that allows eBooks to be downloaded to a computer and manually added to your eReader.

More Resources

privacy tools.io – Lists many resources that can help you reclaim your privacy

With some leg work, we can significantly improve the privacy of our online activities.

Note: Facebook has committed to making these settings easier to find, so there may be some variance in what we depict below.

A September 2018 security hole in Facebook allowed 50 Million accounts to be accessed by hackers.  Check to see if you were affected.

Facebook reached a new low in March 2018. A massive data compromise was exposed that allowed Cambridge Analytica to obtain extensive psychographic information about 50 million Facebook users in 2014. This data was probably used to manipulate the 2016 Presidential elections.

Let’s be honest, in exchange for using this FREE service, you upload text, pictures, videos for Facebook to learn more about you. They then use this personal information to sell ads and more.  There is no free lunch. Facebook is a money making machine, not your friend.

Short of deleting Facebook and Facebook messenger, This is how you can adjust your Facebook Privacy Settings to protect yourself.

Two Factor Authentication

In September 2018 it became know that Facebook uses your second factor authentication for advertising purposes!  Do not use your phone number or another email address, instead use the option of employing Google Authenticator.

Important: You need to make change at both Facebook.com AND inside the Facebook App

Adjust Facebook.com Website Settings

Remove any friends you do not really know.  They can send you scams or other information with out being filtered.

Login to Facebook, Open the  App Settings Page

Click Edit in the Apps, Websites and Plugins box.

Also set Old Versions of Facebook for Mobile to Only me

Click Disable Platform

This will prevent Facebook from sharing your data with other apps and websites. You also cannot use your Facebook login to login to other sites any more.

If you want to still allow using Platform but want to lock down what is shared, instead of Disable Platform, select Edit under Apps Other Use.

We recommend Unchecking EVERY box and hitting Save

Adjust Facebook Ad Settings

Click on Ads in the lower left area of the Facebook Settings Page

For Advertisers you’ve interacted with – Click the triangle in the right side, to show the settings. Click on every company to disable this.

For Your Information – Click the triangle in the right side, to show the settings. Turn off everything. Also click the Your categories tab and turn off EVERYTHING. Pretty scary?

For Your Ad Settings – Click the triangle in the right side, to show the settings. Turn off everything.

For Hide Ad topics – Click the triangle in the right side, to show the settings. Set all of them to Permanently

.

Facebook Privacy Settings and Tools

Visit the Facebook Privacy Page to lock down its settings.

Adjust the settings so it looks like our screen. This was the best we could do. Make sure you have a bogus phone number in Facebook. Do not allow search engines outside of Facebook to link to your profile.

Change your birthday so it is a day earlier

Click the Use Activity Log link and remove yourself from any posts you have been tagged in.

Turn off Face Recognition

Visit the Face Recognition Settings and turn it to No

Adjust Timeline and Tagging Settings

Visit the Timeline and Tagging Settings and adjust it to the following:

Remove Facebook Likes

Click Timeline on your personal Facebook Page

Click More in the middle area and select Likes

Remove the Likes for as many items as possible! Delete TV Shows, Books, Events, Questions, Reviews and Movies from the list

Facebook Mobile App Privacy Lockdown

The above settings affect the Facebook App, but there are additional settings that need to be set in the App.

Prevent Facebook from using your Location

Facebook’s App can use your location even when you are not running it.

To disable it in iOS:

•  Settings – Privacy – Location Services -Facebook –  Never or While Using App

To disable it in Android:

• Settings – Apps – Facebook – Permissions – Location – Off

Remove Uploaded Contacts from Facebook

Click here to visit the  page to remove uploaded contacts in Facebook.

Prevent Facebook from continuously uploading new contacts from your phone.

Turn off Upload contacts if you use the Facebook App, it is located at:

• 3 lines in lower right corner of Faceebok App, Settings, Account settings, General, Upload contacts
• Facebook has a page to help you prevent syncing of contacts to Messenger. Details on the issue with Facebook looking at all your calls

Adjust who can see your posts from New Feed or Profile

• Select 3 lines in lower right corner of Facebook App, Settings, Account settings, General, Privacy, Check a Few Important Settings

Select Friends or Only me

On the next screen for Posts, also select Friends or Only me

The next screen will then be Profile

Lock Down your Profile

Select the appropriate level of lockdown for each item. Only me would be most secure.

The Next screen would be Apps

Remove Unnecessary Apps

Click the X next to apps you no longer need.

Timeline and Tagging

• Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Timeline and Tagging

Adjust Time line and Tagging to: Only me for all settings

Change the 2 Review settings to: On

Limit Facebook Location Data

• Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Location

Do not allow Facebook to save your location, do not share location with Nearby Friends, Do not Find Wi-Fi

Adjust Public Posts

• Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Public Posts

Adjust these settings to something less than Public

Interests

• Select 3 lines in lower right corner of Facebook App, Settings, Account settings, Ad Preferences

Remove all the Interests by clicking on each one and selecting Remove Interest.  Other settings should have been set at Facebook.com with the instructions above.

Facebook Messenger

Facebook keeps all your messenger messages.. FOREVER.  Scary isn’t that?

Here is how you delete Facebook messenger messages, conversations and photos.

Items We are still working on cleaning:

• Check-Ins
• Removing Apps

Do you feel more secure now?

While SafeGadget has several tutorials geared towards using Wi-Fi securely, we still realize that this is a major problem area. On our recent trip, we encountered insecure Wi-Fi at several airports, hotels, and restaurants. This tutorial is designed to help all users utilize Wi-Fi safely and securely.

Free Wi-Fi is available in many locations, from airports, hotels, local café, Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. Anytime you login to a free Wi-Fi hotspot that does not require a password, assume that a hacker can ease drop and see all information that is being sent and received.

Some Wi-Fi hotspots from vendors like AT&T and Comcast require you to log in with your username and password before you can get access. You need to understand that this is just access restriction and will not create a secure wireless connection.

This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

• Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
• Xfinity has a Wi-Fi hot spot locator
• There are several free apps that help you find Wi-Fi (Free Wi-Fi Finder on iPhones and WiFi Finder for Android)

Secure web browsing using HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:

• Click Start Button
• Type Network and Sharing Center into Start menu’s Search Box
• Select Network and Sharing Center from the results
• Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.

Connecting to a Public Wi-Fi Network

When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.

Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections. The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Here are some free VPN options:

• CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
• Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
• Proxify – This web-based service helps you surf the web anonymously and securely. Proxify is limited to web access only. The free service has ads and does not support all file formats.
• Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
• Hide My Ass – A free service that includes a free Web Proxy, Facebook Proxy and more. Read the disclaimers.
• proXPN – Free version is bandwidth throttled and does not allow you to select a country.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Most users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Signing Up for a Paid VPN Server

Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.

PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

• Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
• Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
• Security. Use public wireless hotspots securely and prevent others from stealing your identity.
• Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
• Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

• Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
• Length of Contract – The longer period you commit to, the lower the price.
• Countries – Different VPN providers have servers in different countries.
• Encryption Strength – The stronger the encryption, the higher the price.
• VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
• Logging – Make sure your VPN provider is not logging your Internet activities.
• Speed – Some lower cost providers overload their servers and Internet connections, slowing access.

Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers.

When You are Finished Using a Public Wi-Fi Hotspot

When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wi-Fi securely in Hotels, Airports, and Beyond article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Free Wi-Fi is available in many locations, from your local café or Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

• Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
• There are several free apps that help you find Wi-Fi – search the app stores for Wi-Fi

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

Secure web browsing using HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:

• Click Start Button
• Type Network and Sharing Center into Start menu’s Search Box
• Select Network and Sharing Center from the results
• Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.

Connecting to a Public Wi-Fi Network

When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.

Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers or your ISP from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections.

The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some unforseen problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Some VPN services log your activity or many be required to do so by where they are located.  They may claim no logging but the fine print indicates otherwise. We recommend not using the Free services.

Here are some free VPN options:

• CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
• Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
• Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
• proXPN – Free version is bandwidth throttled and does not allow you to select a country.
• Tor – Is not really a VPN but it will shield your traffic.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Many users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Setting Up Your Own VPN Server

There are several options for setting up your own VPN server. Most of them require advanced user knowledge of PCs and/or Linux. While this option requires a lot of user intervention and computer hardware, the resultant VPN can be very feature-rich and is essentially free.

• Algo VPN – Easy to use scripts to setup a VPN on DigitalOcean (most user friendly), Amazon EC2, Google Compute Engine, and Microsoft Azure.
• Asus Wireless router – Several Asus routers have VPN servers built in.
• Adito – This VPN server is written in Java and requires a Linux installation on your machine. Adito is very feature-rich.
• OpenVPN ALS – This VPN server is a descendant of Adito and also requires Linux.
• Logmein Hamachi – This zero-configuration freeware VPN tool allows users to easily connect to computers behind network routers. Users can use this software to access their home computers from a Public wireless network or any other location. Hamachi helps to make it appear that you are actually located on your home network, so you have full access to resources such as your printer, music server, files, and other computers. Both Clients must have Hamachi installed on their computers and join the same group for Hamachi to work. Many people use this software to play network games. This software is partly controlled by the company that makes LogMeIn remote control software. It works on Macs and PCs. Lifehacker has a tutorial on how to use Hamachi.

Signing Up for a Paid VPN Server

Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.

PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

• Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
• Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
• Security. Use public wireless hotspots securely and prevent others from stealing your identity.
• Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
• Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

• Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
• Payment – Bitcoin support helps improve your privacy
• Length of Contract – The longer period you commit to, the lower the price.
• Countries – Different VPN providers have servers in different countries.
• Encryption Strength – The stronger the encryption, the higher the price.
• VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
• Logging – Make sure your VPN provider is not logging your Internet activities. You cannot really take their word for it though.
• Speed – Some lower cost providers overload their servers and Internet connections, slowing access.
• Location – Pick someone outside the US and UK, if you really want to be private.
• Blocking – Avoid picking a large VPN provider that may have access blocked to certain large websites.
• DNS and IPv6 leaks – Avoid VPNs that have problems with this.

One of the biggest problems, especially with the well known VPN providers, is websites blocking them.

With PrivateInternetAccess, we found we could not visit certain websites, including Target.com and BestBuy.com!  Make sure you have a limited time trial to test the service.

Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers is almost useless as there is so much affiliate spam that finding honest reviews is hard.

privacy tools.io has a list of VPN providers with minimal logging some of the lower cost ones are:

• NordVPN – Panama – $48 a year
• Cryptostorm.is – Iceland – $52 a year
• We have used AirVPN and find it ok, but their Mac Client is buggy.

We have tried some that are based outside the US and the connection speeds were very slow, even with their US nodes.

VPN Discovery

VPN Hunter is a service that scans a specific domain name looking for VPN servers and then classifying them by the manufacturer and possible security holes.

SSH Tunneling For Security

Power users could setup a SOCKS Proxy over SSH tunnel to increase security even more when using a Public wireless network. This basically sends all web traffic through an encrypted SSH connection to another computer that you have set up elsewhere. Web browsers need to be configured to use a proxy server, so using a VPN server is a lot easier and allows all types of Internet traffic to flow through it.

Advanced Security Tools to prevent man in the middle attacks

Many people have their smartphones and laptops set to automatically log into wireless networks such as their home’s and free Wi-Fi hotspots like McDonald’s, Starbucks, or attwifi. Your device will keep looking for these names and automatically join you to their network. Hackers could set up wireless hotspots with exactly the same name to lure your device to join their network automatically. They would then start capturing all your traffic while sending it across the Internet. We suggest you manually join wireless networks and disable automatic joining.

To prevent man in the middle attacks, where a hacker is pretending to be a wireless access point and capturing all your information, you need to install special software to prevent ARP cache poisoning attacks like this software utility.

When You are Finished Using a Public Wi-Fi Hotspot

When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wireless Networks or Wi-Fi securely in Public article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

Most iPhone users do not think very much about security. The iPhone is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPhone has grown in popularity, the smartphone has become more of a target by hackers and criminals. It is important that iPhone users immediately become more vigilant about smartphone security.  Our tutorial covers the iPhone through iPhone 7 Plus and iOS through iOS 11.

0. Obsolete Hardware

If you have an iPhone or iPad that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that iOS 10.3.3 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

1. iPhone Software Updates

Apple upgrades the iOS software for the iPhone from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPhones to a computer in order to update the smartphone’s software. Needless to say, this was inconvenient and led to many iPhones with obsolete software.

Always update to the latest iOS software available as soon as possible.

If you Jailbreak your iPhone, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.

2. iPhone App Security

Apple’s App Store reviews all submissions before adding them. All iPhone apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. (This is not 100% foolproof)

Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 added the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPhone.

When installing new Apps, we suggest you install well known Apps with positive reviews, and avoid brand new Apps from unfamiliar companies.  Give new Apps time to build trust and to allow others to help test the App for malware and security risks.

3. Suggested iPhone Settings for Security

Below are several suggestions for iPhone settings to increase security on the smartphone. One in three robberies nationwide involve cell phones, with a ratio estimated as high as one in two within the San Francisco area. Users need to protect their smartphones to prevent a complete disaster.

Passcode

A passcode is required before you perform these tasks:

• Turn on or restart your device
• Slide to unlock your screen (you can change this)
• Update your software
• Erase your device

Enable Passcode, erase iPhone data after ten failed attempts. Starting with iOS 9 the default passcode length is 6 digits instead of 4.

• Open Settings
• Select Touch ID & Passcode Lock
• Select Turn Passcode On
• Enter a Passcode – Do not select an obvious passcode like 1234 or 1111
• Use the Touch ID Fingerprint sensor
• For older version of iOS:
• Turn Simple Passcode off
• Enter a passcode – Do not select an obvious passcode
• Turn Erase Data on – Erases all data after ten failed passcode attempts
• Turn Siri off – Prevents Siri access when locked
• Turn Passbook or Wallet off – Prevents Passbook or Wallet access when locked
• Turn Reply with Message off –  Prevents Reply with Message access when locked (iOS 6)

Data Encryption

Encryption prevents the data stored on your iPhone from being read, if you do not have the passcode. The passcode provides entropy for certain encryption keys. A 256-bit AES key is used to encrypt every new file created.

Starting with iOS 8, thankfully encryption is turned on by default. If you have an older version do the following:

Ensure Encryption is Turned On. After you enable a passcode in iOS version 4 or newer and you have an iPhone 3GS or newer, the phone can use hardware encryption to encrypt the data stored on the phone. Text messages, photos, emails, contacts, and call history were all encrypted.

• Open Settings
  
• Select General
• Select Passcode Lock

After the Setting up a Passcode, scroll down to the bottom of the Passcode Lock Screen and verify that the text “Data protection is enabled” is shown.

If this is the phrase is not shown, do the following:

• Connect your iPhone to your Computer
• Backup your iPhone in iTunes
• Restore your iPhone in iTunes
• Check the Passcode screen again for the phrase “Data protection is enabled“

iCloud Security

As of March 2016, iCloud, the Internet cloud syncing and storage service, current gives Apple the capability to unlock key data like backups, documents, contacts, and calendar information.  Someday this will change.

Apple encrypts your iCloud data in storage, but they encrypt it with their own key, not with your passcode key, which means that they are able to decrypt it to comply with government requests.

Turn iCloud OFF if you value security.

Safari Cookies

Prevent cookies from being accepted in Safari. Clear old cookies.

• Open Settings
• Select Privacy
• Select Safari
• Click Accept Cookies
• Check Never
• Click Clear cookies and data

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
• Select Bluetooth
• Set Bluetooth to Off

Backing up your iPhone regularly is an important task. With iOS 4, you need to connect your iPhone to your computer in order to perform back ups. With iOS 5, you can easily back up using iCloud. Enable iCloud by doing the following:

• Open Settings
  
• Select iCloud
  
• Select the items that you would like iCloud to back up

4. iPhone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobilMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To check a Mail Account for secure SSL access, do the following:

• Open Settings
  
• Select Mail, Contacts, Calendars
• Select a Mail Account
• Click on an Email Account
• Click on Account
• Verify Use SSL is set to On

If Use SSL is set to off, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

5. Find a Lost iPhone, Erase a Lost iPhone

Apple has an app that helps you find a lost iPhone by showing it on a map and optionally erase it or make the iPhone play a sound. This free service is a life saver and should be one of the first items installed. To enable Find My iPhone, follow these iOS 5 & 6 instructions.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your iPhone is lost and password protected, people could still contact you.

Make a Contact entry for yourself with a phone number other than your iPhone.You might also put in the Notes field – Reward for returning lost iPhone.

Set it as the default contact entry.  Settings – Mail, Contacts, Calendars – My Info – Choose your contact entry

This way, anyone can bring Siri and ask “Who owns this phone?” and see your contact info.

If you do lose your iPhone, watch out for phishing messages trying to get your iCloud Username and password.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the WiFi network is secure, we would recommend against  connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The iPhone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the iPhone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the iPhone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The iPhone is very good at transparently switching from a cellular data network to a WiFi wireless network.

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your iPhone’s traffic through a secure server. There are many paid services that sell VPN access.

iOS 8 includes an “Always-on VPN” feature, which eliminates the need for users to turn on VPN to enable protection when connecting to Wi-Fi networks. The iPhone’s MAC address now changes when it’s not connected to a Wi-Fi network, so it can’t be used to persistently track a device by passive observers of Wi-Fi traffic.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Safari

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Apple iPhone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

9. iPhone Anti Virus and Internet Security Software

iPhone anti virus software exists but due to the secure iOS design, cannot scan files automatically or run scheduled scans. Users have to manually tell an anti virus or Internet security App to scan files. Intego makes anti virus software VirusBarrier iOS App ($2.99) for the iPhone, iPad, and iPod Touch.

Kapersky Lab makes a free App called Threatpost that quickly displays articles from their security news website.

10. iTunes Password and Payment Option

It is important to select a strong password for iTunes. Read our article How to Create, Store, and Use Secure Passwords.

If a hacker obtained your iTunes password, they could drain your credit card with purchases. We recommend you remove all payment options after having created your iTunes account. iTunes only requires a payment option when creating a new account. We prefer to add iTunes money by purchasing a pre-paid iTunes gift cards.

11. Turn off Diagnostic Log Sending

Apple used to use Carrier IQ before iOS 5, so make sure you turn off this feature. To turn off sending of diagnostics data to Apple do the following:

• Open Settings
  
• Select General
• Select About
• Select Diagnostics & Usage
• Click on Don’t Send

12. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

13. Enable Two-Step Verification for Apple ID

Apple introduced two-step verification for Apple IDs.  You need 2 forms of proof to access your account.

We have covered many ways to improve your iPhone security. Utilizing our tips will help significantly improve the already good security of the Apple iPhone smartphone.

Do you have more iPhone security tips?

14. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Text Secure. Older Stingrays only support 2G, not 3G/4G, so turning off 2G will help here.

15. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

16. Setup Emergency Contact in Health App

The Health App was added way back in iOS 8, but few people have setup the Medical ID that emergency responders can use to contact your emergency contact. They can click Emergency from your lock screen and bring up your emergency Medical ID information.

In the Health App, setup a Medical ID.

Make sure it is set to be seen when your phone is locked.

Showing Text messages on your lock screen should not be allowed.

17. Enable Two Factor and Two Step authentication

Apple offers two-factor as well as two-step authentication. Enable it! If you enable it, make sure you keep the recovery code in a safe place.

18. Lock your SIM Card with a PIN code

This keeps your phone even more secure from theft.  It is a pain because you need to enter it every time you startup your phone.

19. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

• FTC has details
• Do not use your cell phone number in the first place!
• Use two factor authentication that uses a physical key or Google Authenticator App, not Text
• AT&T – Enable an account passcode
• Sprint – Customers setup a PIN when first signing up
• T-Mobile – Enable a customer care password
• Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Do you have any iPhone Security tips?

We feature many different security tutorials.

• Learn how to secure your PC, find free anti-virus software, and find Windows security software
• Secure your Mac and find free Mac security software
• Use Linux for secure online banking, online trading, and online shopping
• Secure your wireless network (Wi-Fi)
• Learn how to create, store and use secure passwords

Harden the Security of your Browser

• Chrome
• Internet Explorer 9
• Firefox

Boost the Security of your Smartphones and Tablets

• iPhone
• iPad
• Android Smartphone or Tablet

Learn how to perform the following Safely and Securely

• Online banking and online trading
• Online shopping
• E-mail

Twitter is becoming more popular everyday. With millions of people to be targeted, Twitter is definitely a battleground for security and privacy. This website has become a worldwide hit and consequently has become a target for those intent on spamming, spreading worms, and stealing private information. In this article, we will cover many techniques to allow you to safely use Twitter.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

It is important that you follow the tips above to ensure your computer is secure. There have been Twitter Spam Attacks caused when malware infects a computer and gives control of the user’s Twitter account to a spammer. The spammer then posts messages on Twitter offering everything from Free items to pictures of celebrities, all appearing to be posted by the infected user. If one of your friends clicks on the offer, they instantly get infected, repeating the cycle of malware propagation.

Access the Real Twitter

Always make sure you are at a real Twitter log in page when you access their site. Do not count on Twitter links in email or on web pages to access the real Twitter website.

Think before Clicking on Links

There have been several viruses that have hit Twitter users, many of which have caused links to malware on Twitter. It is important that you exercise care before clicking on any links. Twitter has added a automatic link screening service, but this service could be bypassed. Be especially cautious in clicking links from direct messages.

Shortened links that do not fully disclose the destination site should be expanded before being clicked. You can expand short links with a browser plugin such as Linkpeelr for Chrome or visit a site like URL Expander or unshorten.it Virustotal.com checks shortened url’s for malware. Consult our How to Secure Your Internet Browser article for details. Internet Explorer 9 – Mozilla Firefox – Google Chrome

Enable Two Factor Authentication

Enable Two Factor Authentication so a login will require you to check your smartphone for a pin code. This only takes a minute and would have prevented many Twitter hacks.

Secure Twitter Browsing

As with the rest of the web, browsing a website using a secure connection is always preferable. You can set Twitter to automatically use secure HTTPS browsing by doing the following:

1. Click your Twitter Account name on the upper right hand corner
2. Select Settings
3. Check Always use HTTPS
4. Click Save

Sharing Sensitive Information

The following information is sensitive and may not be desired to be shared with others. Thieves can use this information as well those trying to piece together your identity or those attempting to hack your passwords. Think twice before including any of this information in your Tweets.

• Who your friends are
• Vacations or times away from home
• Real birthday, at least no year
• Mother’s maiden name
• Pets names
• Children’s names
• Address
• Phone numbers
• Schools attended
• Religious views
• Political views
• Tweet Location
• Changing Passwords
• Moving
• Switching Servers

Consider having separate work and personal Twitter accounts. Be sure not to Tweet anything that could offend your employer.

Twitter Passwords and Access

It is important to follow our standard password suggestions. Consult our article on How to create, store, and use secure passwords.

Removing Unnecessary Twitter Applications

Twitter stores access credentials for 3rd-party applications. This allows them to send Tweets. You should review the list of applications allowed access to your account and remove unnecessary applications.

1. Click your Twitter Account name on the upper right hand corner
2. Select Settings
3. Click on Applications tab
4. Click Revoke Access on unnecessary applications

We have covered many areas in which you can increase the security and privacy of your Twitter usage. We suggest you implement as many of the suggestions as quickly as possible to maximize your safety on Twitter.

Scan your Twitter feed for Spam

Use a site like TwitBlock to look for spammy followers and bots.

In June 2013, Edward Snowden revealed to the world that the US Government was spying on Internet traffic and other communication networks. The Government’s PRISM program run by the highly secretive NSA conducted all this work in an effort to prevent terrorism and crime.

The NSA apparently has direct connections through major Internet service providers such AT&T, Comcast, Verizon to copy all traffic passing through and can save it to its huge multi-billion dollar data warehouse in Utah. This has been going on for years and thanks to organizations like the EFF, we have learned about these invasions of privacy. The Government has stated it is using this information mainly on foreigners, but is the FBI using this data domestically?

The UK’s GCHQ is apparently doing the same type of snooping and even sharing information with the NSA.

The Government can see all your Facebook posts, read your email, see who you have called, among other privacy invading tasks.

Other services that are being watched: AOL, Apple, Skype, Microsoft, Paltalk, Yahoo, Youtube.

Specific areas:

• Email
• Chat- Video
• voice
• Videos
• Photos
• Stored Data
• VOIP
• File transfers
• Video conferencing
• logins
• online social networking

This article covers how you can restore some of your privacy in an era of PRISM.

Internet Access

This is the most important connection to the Internet. The NSA has what is believed to be a splitter that makes a copy of all fiber optic traffic travelling from major ISPs. There are a finite number of providers in the U.S. and it is impossible to know if you are using one that has a hidden connection to the NSA.

The best way to hide your traffic is by using an encrypted VPN to connect to the Internet. A VPN lets you create a private tunnel between your computer and a VPN service provider’s server, which can be located outside the US. Some examples of VPN providers can be found on this Google search. Look for one that works with your operation system, does not do any logging, and which has connections to servers outside the US. You will pay an extra monthly fee and your speeds will be reduced.

You can read our article on VPNs for more details.

You can also surf using Tor, but the problem is that a Tor exit node could be run by the government or someone else who snoops on your information.

Encrypting is only so helpful as the NSA no doubt watches for patterns of communications between different people.  Switching your ISP every week might be necessary!

Search Engines

The major search engines are definitely a major target for the NSA. They want to know when someone looks up terrorist or bomb making material. You can have more privacy by utilizing a smaller lesser known search engine such as: Duck Duck Go  Unfortunately the results might not be as good as Google’s but you’re safer.

Instant Messaging

Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

• Silent Circle
• Redphone
• OSTel
• Chat Secure
• Signal (Formerly Textsecure)

Email

As we have mentioned in our secure email article, there is nothing secure about email. It is based on a protocol that sends data unencrypted. If you want more secure email, try a service like Hushmail. A conversation between Hushmail users is encrypted.

Alternately, you can use your current email provider and run software known PGP to encrypt your email. It is very cumbersome and requires the sender and recipient to use the software.

Social Networks

Facebook, Linkedin, and Twitter are simply big data mining operations that take your input and eliminate your privacy. There is no way to use them with privacy. You could post encrypted messages on there!

Cell Phone

Cell phone provider data is readily shipped off to the NSA. The only way to have some privacy is to buy prepaid phones and phone cards like those from Virgin Mobile or TracPhone. You would have to not call anyone other than those using prepaid phones and pay with cash, otherwise you would be tracked. These phones still use the major wireless networks like Sprint to transmit calls, so there is a log against them.

Of course, it is easy for the NSA to look for blocks of prepaid cell phone users calling only themselves!

You could also utilize a Smartphone App such as Viber, or other little known / international server based service, to place more secure calls between users. Again, you cannot call a regular landline or cell phone or else you would be discovered.

As you can see from the above, much needs to be done to help reduce your exposure the NSA’s data capture programs. With a little bit of work and some inconvenience, users can recapture some privacy.

Our sister site has launch, BuyVia!

The BuyVia iOS app and website bring together the strongest smart shopping arsenal available, making it easy to find the best products/deals possible across all of the devices people own – including smartphones, laptops/desktops and tablets – without tedious and time-consuming research.

BuyVia’s iPhone & Android (coming soon) app allow users to scan barcodes, compare prices, set up alerts, and more.

Most iPad users do not think very much about security. The iPad is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPad has grown in popularity, the tablet has become more of a target by hackers and criminals. It is important that iPad users immediately become more vigilant about tablet security. Our tutorial covers the iPad, and iPad 2.

1. iPad Software Updates

Apple upgrades the iOS software for the iPad from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPads to a computer in order to update the tablet’s software. Needless to say, this was inconvenient and led to many iPads with obsolete software.

iOS 5 allows updates to occur without the iPad being connected to a computer, allowing users to stay current far easier. We recommend all owners of the iPad and the iPad 2, upgrade to iOS 5 immediately. iOS 5 in fact includes many security fixes.

If you Jailbreak your iPad, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.

2. iPad App Security

Apple’s App Store reviews all submissions before adding them. All iPad apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 adds the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPad.

When installing new Apps, we suggest you install well known Apps with positive reviews, and avoid brand new Apps from unfamiliar companies. Give new Apps time to build trust and to allow others to help test the App for malware and security risks.

3. Suggested iPad Settings for Security

Below are several suggestions for iPad settings to increase security on the tablet.

Enable Passcode, erase iPad data after ten failed attempts

• Open Settings
  
• Select General
• Select Passcode Lock
• Select Turn Passcode On
• Enter a Passcode – Do not select an obvious passcode like 1234 or 1111
• Turn Simple Passcode off
• Enter a passcode – Do not select an obvious passcode
• Turn Erase Data on – Erases all data after ten failed passcode attempts

Ensure Encryption is Turned On. After you enable a passcode in iOS version 4 or newer on every iPad tablet, the tablet can use hardware encryption to encrypt the data stored on the tablet.

After the passcode is set, scroll down to the bottom of the screen and verify that the text “Data protection is enabled” is shown. If this is not shown, do the following:

• Connect your iPad to your Computer
• Backup your iPad in iTunes
• Restore your iPad in iTunes
• Check the Passcode screen for the “Data protection is enabled“

Prevent cookies from being accepted in Safari. Clear old cookies.

• Open Settings
  
• Select General
• Select Safari
• Click Accept Cookies
• Check Never
• Click Clear cookies and data

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
  
• Select General
• Select Bluetooth
• Set Bluetooth to Off

Backing up your iPad regularly is an important task. With iOS 4, you need to connect your iPad to your computer in order to perform back ups. With iOS 5, you can easily back up using iCloud. Enable iCloud by doing the following:

• Open Settings
  
• Select iCloud
  
• Select the items that you would like iCloud to back up

4. iPad Email Security

It is important that email accounts accessed from a tablet are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobilMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To check a Mail Account for secure SSL access, do the following:

• Open Settings
  
• Select Mail, Contacts, Calendars
• Select a Mail Account
• Click on Account
• Click on Advanced
• Verify Use SSL is set to On

If Use SSL is set to off, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

5. Find a Lost iPad, Erase a Lost iPad

Apple has an app that helps you find a lost iPad by showing it on a map and optionally erase it or make the iPad play a sound. This free service is a life saver and should be one of the first items installed. To enable Find My iPhone, follow these iOS 4 instructions or iOS 5 instructions.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your iPad is lost and password protected, people could still contact you.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the WiFi network is secure, we would recommend against connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The iPad can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the iPad will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the iPad will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The iPad is very good at transparently switching from a cellular data network to a WiFi wireless network.

When accessing the Internet on a tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your iPad’s traffic through a secure server. There are many paid services that sell VPN access.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Safari

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie – https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Apple iPad. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

9. iPad Anti Virus and Internet Security Software

iPad anti virus software exists but due to the secure iOS design, cannot scan files automatically or run scheduled scans. Users have to manually tell an anti virus or Internet security App to scan files. Intego makes anti virus software VirusBarrier iOS App ($2.99) for the iPhone, iPad, and iPod Touch.

Kapersky Lab makes a free App called Threatpost that quickly displays articles from their security news website.

10. iTunes Password and Payment Option

It is important to select a strong password for iTunes. Read our article How to Create, Store, and Use Secure Passwords.

If a hacker obtained your iTunes password, they could drain your credit card with purchases. We recommend you remove all payment options after having created your iTunes account. iTunes only requires a payment option when creating a new account. We prefer to add iTunes money by purchasing a pre-paid iTunes gift cards.

11. Enable Two-Step Verification for Apple ID

Apple introduced two-step verification for Apple IDs.  You need 2 forms of proof to access your account.

We have covered many ways to improve your iPad security. Utilizing our tips will help significantly improve the already good security of the Apple iPad tablet.