8/18/2024: iOS Devices can support DNS over HTTPS through this simple provision file addition.

8/1/2020: Netgear has major issues with many of its wireless routers.  Update now. Some will never be updated, if you have one of these obsolete routers, buy a new one.

7/23/2020: C-Data networking (Cdata, OptiLink, BLIY) equipment has multiple back doors. – The company says these are counterfeit versions.

1/22/2020: SIM Swap compromises using your smartphone to get text messages to authenticate with websites. Avoid using text messages to do rescue logins.  A new paper from Princeton researchers shows how easy it is to pull off a SIM Swap against AT&T, Verizon, T-Mobile and others.  Send text messages to a VoIP number such as Google Voice  instead. Do not allow Google Voice to forwards Texts/Calls to your main number.

1/20/2020: Virtually all Cablemodems have the Cable Haunt critical vulnerability. Call you cable operator an ask them to upate your cablemodem’s software now. You cannot do it on your own.

12/10/2019: Google Smart Lock is also a great way to generate second factor authentication but using your iPhone or Android phone and their app.

10/1/2019: iOS 13 has a handy feature to stop unwanted calls.  You can set the phone to send unknown callers straight to voicemail! (Those not in your contacts) – Settings – Phone – Silence Unknown Callers

5/12/2019: Thrangrycat Attacks Cisco Switches, Firewall and routers.  Update and patch now

3/19/2019: Windows 10 is loading more and more crap.  These scripts let you uninstall the junkware and reclaim privacy.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page!  Update your Android software right away.  If your phone no longer gets updates, please consider buying a new one.

1/2019: Marvell’s Wi-Fi chip is used in millions of devices.  Unfortunately, it has a major security flaw. Look for updates soon.  Devices that have no way to get updated are worrisome.

12/2018: Marriott – Starwood Hotels got hacked, leaking a ton of data. Change your credit card if you booked there.

10/4/2018: Bloomberg reports that China has infiltrated major tech companies by compromising servers from their Chinese factories.  Never trust your hardware!

8/24/2018: HP Inkjet printers with Fax capability have a Faxploit exploit where someone could fax you a special page and take over your entire network. Patch now.

6/11/2018: The FBI has asked users to reboot your wireless router in an effort to prevent infection from the VPNFilter malware.   You should do more than this, write down its settings, reset it to default settings, and updated it to the latest software.

Always update the software for your router to the latest version.  If no update has occurred in the last 6 months, BUY a new one!  Affected devices include: (Expanded List)

Asus Devices:

RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)

D-Link Devices:

DES-1210-08P (new)
DIR-300 (new)
DIR-300A (new)
DSR-250N (new)
DSR-500N (new)
DSR-1000 (new)
DSR-1000N (new)

Huawei Devices:

HG8245 (new)

Linksys Devices:

E1200
E2500
E3000 (new)
E3200 (new)
E4200 (new)
RV082 (new)
WRVS4400N

Mikrotik Devices:

CCR1009 (new)
CCR1016
CCR1036
CCR1072
CRS109 (new)
CRS112 (new)
CRS125 (new)
RB411 (new)
RB450 (new)
RB750 (new)
RB911 (new)
RB921 (new)
RB941 (new)
RB951 (new)
RB952 (new)
RB960 (new)
RB962 (new)
RB1100 (new)
RB1200 (new)
RB2011 (new)
RB3011 (new)
RB Groove (new)
RB Omnitik (new)
STX5 (new)

Netgear Devices:

DG834 (new)
DGN1000 (new)
DGN2200
DGN3500 (new)
FVS318N (new)
MBRN3000 (new)
R6400
R7000
R8000
WNR1000
WNR2000
WNR2200 (new)
WNR4000 (new)
WNDR3700 (new)
WNDR4000 (new)
WNDR4300 (new)
WNDR4300-TN (new)
UTM50 (new)

QNAP Devices:

TS251
TS439 Pro
Other QNAP NAS devices running QTS software

TP-Link Devices:

R600VPN
TL-WR741ND (new)
TL-WR841N (new)

Ubiquiti Devices:

NSM2 (new)
PBE M5 (new)

Upvel Devices:

Unknown Models* (new)

ZTE Devices:

ZXHN H108N (new)

4/24/2018: Windows Defender System Guard is now installed by the latest Windows 10 Updates. Make sure you are up to date.

3/21/2018: 1.1.1.1 is a free DNS Domain Name Service that helps hide the sites you goto. Cloudflare runs it and promises no logging.

3/15/2018: ID Thieves are using the IRS and filing fake tax returns. Remember that the IRS never calls or sends email to you.  They use old fashion US mail. Sign up for an IRS PIN if possible.

2/8/2018: Lenovo PCs with fingerprint readers need to be updated. Lenovo laptops with certain Broadcom Wi-Fi chips also need an update

1/12/2018: Laptops for Business use may have Intel AMT. You need to configure it or else your open to Intel AMT attacks.

1/5/2018: Meltdown and Spectre are 2 new processor chip bugs that affect most modern computers, smartphones, and tablets.  They will need software updates to mitigate this bad bug. More Details – Older system without updates are dangerous to continue to use. Time to buy new hardware.

11/21/2017: Quad9 is a free DNS Domain Name Service that helps prevent users from accessing malicious sites.  Run by IBM Security, Packet Clearing House (PCH) and The Global Cyber Alliance (GCA)

11/1/2017: Windows 10 controlled folder access anti-ransomeware is part of the Fall Creators Update.  It works well and should be used by all Windows 10 users.

10/16/2017: KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.  Virtually ALL Wi-Fi equipped devices need to be updated.  The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks. Using a VPN helps.

10/6/2017: Kaspersky has been implicated in stealing data from the NSA.  Uninstall any of their antivirus software right away.  It is now banned in the US government. Best Buy has stopped selling it.

9/8/2017: In September 2017, Equifax got hacked affecting 143 Million customers. (Almost everyone!) Equifax is offering complimentary identity theft protection. – Do more! Setup a Credit Freeze.

9/1/2017: Arris NVG589, NVG599 and possibly other modems, routers, gateways sold for AT&T’s U-verse service have a major security hole. If you have one, you need to update it as soon as possible to software newer than 9.2.2 or apply this fix.

5/12/2017: Wanna Cry ransomware is spreading fast.  It exploits a Microsoft bug that was patched in March 2017.  It is more infectious because it can spread throughout a local network.

WannaKiwi – Decrypts files WannaCryp ransomware. Do not reboot after getting infected.

A basic lesson in patching right away and stop running old Operating systems.  Microsoft took the unusual step to put out a Windows XP, 8 , Windows Server 2003 patch to help stop this. If you use any of these OS’s, upgrade to Windows 10 now.

4/12/2017: 2 easy ways to increase your security and not have to constantly update are:

• Uninstall Adobe Flash
• Uninstall Adobe Reader

4/4/2017: Google Project Zero has found a major flaw in a WiFi chip that is used on many Android and iPhones. Hackers can run malware on devices. Apple iOS 10.3.1 and newer fixes the bug. Android patches are rolling out soon. Make sure you update your device. Any phone that does not get security updates any more, should be recycled and replaced.

3/16/2017: Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

2/16/2017: Apricorn makes a secure USB flash drives that require a pin code to be entered before they function.  No software or drivers required, so it works with any operating system. Dust and water resistant durable aluminium housing

2/2/2017: Laser Printers are vulnerable to security issues. Popular printer models manufactured by Dell, Brother, Konica, Samsung, HP, and Lexmark are all affected.

2/1/2017: Netgear has updated firmware for many routers that fixes a major security hole.

1/30/2017: Security minded people use VPNs to secure their communications. Many Android VPN clients have privacy and security risks.  Be careful which you use.

12/12/2016: 26 different low cost Android devices on the MTK platform have Trojan horses built in.

12/8/2016: Keyless Car Entry: Security minded folks would never buy a car that has this feature. The National Insurance Crime Bureau has a post on how a Mystery Device is used to relay your key fob’s signal to steal cars.  It is best to wrap your key fob in foil or some RF blocking shield when you are away from the vehicle.

11/30/2016: Gooligan Malware has infected over 1million Android phones, most of which downloaded apps outside the official Google Play store.

11/15/2016: Some Cheap cell phones made in China have spyware that sends all your texts to China. This includes the $50 BLU R1 HD sold by amazon! Update the firmware of this device NOW.

10/2/2016: D-Link DWR-932B  and Quanta 4G LTE QDH routers have major security holes- Upgrade it to the latest firmware. Details

9/22/2016: Do you run a website? If so make sure you test it for security vulnerabilities. Tinfoil Security has a nice free 90 day trial.

9/21/2016: Yahoo finally admits to a biggest breach ever. It happened back in 2014 of 500 million accounts. Change your passwords, never enter ‘real’ information into security questions. Use a Yahoo Account Key instead of a password.

9/18/2016: The Rowhammer memory vulnerability is getting important everyday. See if your hardware is vulnerable using Memtest86.

7/29/2016: No More Ransom.org (Kaspersky Lab in collaboration with Europol, the Dutch National Police and Intel Security) has a new site to help vicitims.  It has a page with Decryption Tools. Beware of this company though.

7/12/2016: Kanguru makes a fast USB 3.0 flash drive with physical write protect switch and a digitally signed secure firmware to protect against Badusb.  One of the first to do this. Get item to put a Linux Live CD like Ubuntu on and keep it from getting modified by malware.

5/20/2016: ID Ransomware helps you figure out which ransomware you are effected by, so you can look for remedies other than paying. Bleeping Computer has a Support forum for Ransomware

• ESET has a decryptor for TeslaCrypt infections

2/24/2016: MouseJack is a new security vulnerability that allows a malware to be remotely downloaded onto a computer via a hijacked wireless mouse or keyboard connection. A hacker could remotely type in commands or move your mouse. Update the firmware on your wireless mouse/keyboard if possible, otherwise use a wired mouse – keyboard.

Logitech Update – Worked for us, but required several tries.

2/5/2016: Netgear Wireless routers do not automatically add passwords to hard drives that are plugged into them, leaving them accessible to anyone on the Internet. Make sure you change the default password. Hackers can use Shodan to find you quickly.

1/19/2016: The Wall Street Journal commissioned a security researcher to test 20 popular internet Wireless Routers. 10 had known security weaknesses. 4 had old firmware that when upgraded could contain undocumented security problems.  Keep your router’s software update and if it is older than 2 years, you should buy a new one. Most networking companies’ stop updating them after a year or two. How to setup a Secure Wireless Router was updated.

11/17/2015: Several tutorials have updated lists of secure instant messaging apps. Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

• Silent Circle
• Redphone
• OSTel
• Chat Secure
• Signal (Formerly Textsecure)

7/24/2015: First of its kind. 1.4 Million 2013-2015 model year Chrysler, Dodge, Jeep Vehicles are vulnerable to remote hacking that can cause the vehicle to be controlled remotely. Get the special USB drive and update your car now.

4/28/2014: A new Internet Explorer Vulnerability that has no patch, is being actively exploited by malware. US Computer Emergency Readiness Team suggests people stop using Internet Explorer. Windows XP users need to use an alternative browser like Chrome or Firefox.

If you have to run Internet Explorer, you should install the Enhanced Mitigation Experience Toolkit or unregister the VGX.dll as mention in Microsoft’s Security Bulletin

4/10/2014: Heartbleed Security Hole. Servers that use certain versions of OpenSSL software to create secure connections are vulnerable to a major bug. Lastpass has a page that can help you test websites for this bug. Flippie.io has one too.

4/7/2014: Users should change their passwords for the following sites due to the Heartbleed Internet Security Bug: fitbit.com, github.com, rememberthemilk.com, yahoo.com. Cnet has a nice list.

2/1/2014: If you own an Asus or Linksys E-series wireless router, make sure it has been updated to prevent the Moon worm. How to setup a Secure Wireless Router was updated.

While SafeGadget has several tutorials geared towards using Wi-Fi securely, we still realize that this is a major problem area. On our recent trip, we encountered insecure Wi-Fi at several airports, hotels, and restaurants. This tutorial is designed to help all users utilize Wi-Fi safely and securely.

Free Wi-Fi is available in many locations, from airports, hotels, local café, Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. Anytime you login to a free Wi-Fi hotspot that does not require a password, assume that a hacker can ease drop and see all information that is being sent and received.

Some Wi-Fi hotspots from vendors like AT&T and Comcast require you to log in with your username and password before you can get access. You need to understand that this is just access restriction and will not create a secure wireless connection.

This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

• Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
• Xfinity has a Wi-Fi hot spot locator
• There are several free apps that help you find Wi-Fi (Free Wi-Fi Finder on iPhones and WiFi Finder for Android)

Secure web browsing using HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:

• Click Start Button
• Type Network and Sharing Center into Start menu’s Search Box
• Select Network and Sharing Center from the results
• Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.

Connecting to a Public Wi-Fi Network

When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.

Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections. The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Here are some free VPN options:

• CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
• Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
• Proxify – This web-based service helps you surf the web anonymously and securely. Proxify is limited to web access only. The free service has ads and does not support all file formats.
• Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
• Hide My Ass – A free service that includes a free Web Proxy, Facebook Proxy and more. Read the disclaimers.
• proXPN – Free version is bandwidth throttled and does not allow you to select a country.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Most users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Signing Up for a Paid VPN Server

Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.

PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

• Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
• Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
• Security. Use public wireless hotspots securely and prevent others from stealing your identity.
• Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
• Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

• Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
• Length of Contract – The longer period you commit to, the lower the price.
• Countries – Different VPN providers have servers in different countries.
• Encryption Strength – The stronger the encryption, the higher the price.
• VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
• Logging – Make sure your VPN provider is not logging your Internet activities.
• Speed – Some lower cost providers overload their servers and Internet connections, slowing access.

Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers.

When You are Finished Using a Public Wi-Fi Hotspot

When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wi-Fi securely in Hotels, Airports, and Beyond article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Free Wi-Fi is available in many locations, from your local café or Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.

Many public wireless networks are completely unencrypted so that users can log on to them easily. This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.

Finding Free Wi-Fi

• Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
• There are several free apps that help you find Wi-Fi – search the app stores for Wi-Fi

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

Secure web browsing using HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

Disable File Sharing

Prevent sharing of any files or folders that are unnecessary. This should be obvious, but becomes a large problem if you are connected outside the home, to a public network. When you are on a public network, you do not want to share files, printers, or any computer resources. To turn off file sharing under Windows 7 do the following:

• Click Start Button
• Type Network and Sharing Center into Start menu’s Search Box
• Select Network and Sharing Center from the results
• Select Choose homegroup and sharing options then select Files and Printers to be unshared, if necessary.

If you are using a Macintosh, consult this article on how to turn off sharing.

Enable your firewall

A firewall prevents unauthorized users from accessing your computer. Windows 7 and Windows Vista have a built-in firewall that is enabled by default. If you are running on the Mac, consult this article on how to turn on your firewall.

Connecting to a Public Wi-Fi Network

When you are setting up a new network connection, Windows will prompt you to choose what type of network this is. The choices are Home Network, Office Network, or Public Network. A Home Network is the most open network because all computers on the network will be treated as friendly, allowing for easy sharing of folders and files, and also allowing the creation of a Home Group for all computers on the network.

Office Network is slightly more strict, but the Public Network is the most strict. Selecting Public Network will hide your computer on the network and disable file and print sharing. This is recommended if you are running a notebook and connect to external networks often. If the computer is only used at home and file or printer sharing is used, do not change the setting.

If you need more control when connecting to different networks, try the Window’s Utility NetSetMan. Macintosh users can try AirPort Location.

Setup a VPN or virtual private network

A virtual private network (VPN) is a secure, encrypted tunnel for your computer to communicate with the Internet. All traffic travels over this secure connection, preventing hackers or your ISP from eavesdropping. VPNs help secure Internet traffic that is not sent using SSL secure connections.

The tunnel starts on your computer, travels over the public wireless network, and connects you with either a VPN server in your home or one that you subscribe to. Your data travels over a secure, private network even though you may be accessing a public insecure network. There are several free VPN options as well as many companies selling VPN access.

Be aware that using a VPN to order products online may cause some unforseen problems. The VPN will make your IP address appear to be located wherever the VPN server is located, which could be in another state or even country. If you order an item and have it shipped to a location different from where your VPN server was located, some fraud detection systems might flag the order as being fraudulent.

Some VPN services log your activity or many be required to do so by where they are located.  They may claim no logging but the fine print indicates otherwise. We recommend not using the Free services.

Here are some free VPN options:

• CyberGhost VPN free – Installs software on your machine to access their free service. This service is usually overloaded during daytime hours and requires users to wait in a queue for free access. They also have paid accounts that do not require the wait. One downside of this service is that we found several sites which are not accessible through this VPN. PC only; no Mac version.
• Ultrasurf – This free VPN service was mainly designed to circumvent the firewall in China. This VPN only supports web traffic and not other internet traffic like FTP or VOIP. We found that this VPN service does not support certain websites, including WordPress administration pages. PC only; no Mac version.
• Hotspot Shield – A free service for Windows that is slow and filled with ads, spys on you, but works. Paid version eliminates ads. Warnings
• proXPN – Free version is bandwidth throttled and does not allow you to select a country.
• Tor – Is not really a VPN but it will shield your traffic.

All the free VPN services have limitations. If you can work within their limits, we suggest you utilize one. Many users require more robust VPN access and will have to either set up a VPN server on their home computer or sign up for a paid VPN service. Note that most VPNs and Proxy services will not tolerate illegal activities and will cooperate with authorities.

Some proxy servers intentionally strip HTTPS secure connections. Test your proxy at proxycheck.

Setting Up Your Own VPN Server

There are several options for setting up your own VPN server. Most of them require advanced user knowledge of PCs and/or Linux. While this option requires a lot of user intervention and computer hardware, the resultant VPN can be very feature-rich and is essentially free.

• Algo VPN – Easy to use scripts to setup a VPN on DigitalOcean (most user friendly), Amazon EC2, Google Compute Engine, and Microsoft Azure.
• Asus Wireless router – Several Asus routers have VPN servers built in.
• Adito – This VPN server is written in Java and requires a Linux installation on your machine. Adito is very feature-rich.
• OpenVPN ALS – This VPN server is a descendant of Adito and also requires Linux.
• Logmein Hamachi – This zero-configuration freeware VPN tool allows users to easily connect to computers behind network routers. Users can use this software to access their home computers from a Public wireless network or any other location. Hamachi helps to make it appear that you are actually located on your home network, so you have full access to resources such as your printer, music server, files, and other computers. Both Clients must have Hamachi installed on their computers and join the same group for Hamachi to work. Many people use this software to play network games. This software is partly controlled by the company that makes LogMeIn remote control software. It works on Macs and PCs. Lifehacker has a tutorial on how to use Hamachi.

Signing Up for a Paid VPN Server

Users who travel or are not satisfied by the options we listed above, should sign up for a paid VPN account. This type of VPN access gives the use maximum flexibility and compatibility with various applications.

PPTP protocol is built into Windows and is the VPN protocol of choice, but is easy to block. Open VPN requires a software download for installation. Open VPN will work in places where PPTP VPN is blocked, typically countries in the Middle East or China.

PPTP VPN typically offers less secure 128-bit encryption compared to OpenVPN based VPN servers who can offer up to 2048-bit encryption.

• Overcome geographic locks on website access. Hulu.com and Pandora.com are only accessible from within the United States. Users can purchase a VPN account from a service that makes you appear to be located in the U.S. even though you are abroad.
• Access the internet anonymously. Your IP address will be anonymous and cannot be tracked.
• Security. Use public wireless hotspots securely and prevent others from stealing your identity.
• Bypass firewalls. Access sites that are banned in your country. Log in to Facebook when you are in China.
• Skype discount. You can appear to be located in another country and make “local” calls within that country.

What to Look for in a VPN Provider

• Price – Obviously, the cheaper, the better, but the cheapest providers have a limited feature set and slow performance. Open VPN support cost more.
• Payment – Bitcoin support helps improve your privacy
• Length of Contract – The longer period you commit to, the lower the price.
• Countries – Different VPN providers have servers in different countries.
• Encryption Strength – The stronger the encryption, the higher the price.
• VPN Software Compatibility – Some VPN servers require special client software for higher security access like OpenVPN.
• Logging – Make sure your VPN provider is not logging your Internet activities. You cannot really take their word for it though.
• Speed – Some lower cost providers overload their servers and Internet connections, slowing access.
• Location – Pick someone outside the US and UK, if you really want to be private.
• Blocking – Avoid picking a large VPN provider that may have access blocked to certain large websites.
• DNS and IPv6 leaks – Avoid VPNs that have problems with this.

One of the biggest problems, especially with the well known VPN providers, is websites blocking them.

With PrivateInternetAccess, we found we could not visit certain websites, including Target.com and BestBuy.com!  Make sure you have a limited time trial to test the service.

Users should examine their needs and budget, and select a VPN provider that fulfills their requirements. It is wise to Google search the provider, looking for problems or disgruntled users before signing up. Google search for VPN providers is almost useless as there is so much affiliate spam that finding honest reviews is hard.

privacy tools.io has a list of VPN providers with minimal logging some of the lower cost ones are:

• NordVPN – Panama – $48 a year
• Cryptostorm.is – Iceland – $52 a year
• We have used AirVPN and find it ok, but their Mac Client is buggy.

We have tried some that are based outside the US and the connection speeds were very slow, even with their US nodes.

VPN Discovery

VPN Hunter is a service that scans a specific domain name looking for VPN servers and then classifying them by the manufacturer and possible security holes.

SSH Tunneling For Security

Power users could setup a SOCKS Proxy over SSH tunnel to increase security even more when using a Public wireless network. This basically sends all web traffic through an encrypted SSH connection to another computer that you have set up elsewhere. Web browsers need to be configured to use a proxy server, so using a VPN server is a lot easier and allows all types of Internet traffic to flow through it.

Advanced Security Tools to prevent man in the middle attacks

Many people have their smartphones and laptops set to automatically log into wireless networks such as their home’s and free Wi-Fi hotspots like McDonald’s, Starbucks, or attwifi. Your device will keep looking for these names and automatically join you to their network. Hackers could set up wireless hotspots with exactly the same name to lure your device to join their network automatically. They would then start capturing all your traffic while sending it across the Internet. We suggest you manually join wireless networks and disable automatic joining.

To prevent man in the middle attacks, where a hacker is pretending to be a wireless access point and capturing all your information, you need to install special software to prevent ARP cache poisoning attacks like this software utility.

When You are Finished Using a Public Wi-Fi Hotspot

When you have finished your online activities, it is important that you turn off your Wi-Fi connection to the public wireless network. Intentionally logging off will prevent any accidental data leakage. In Windows, you can simply right-click on the wireless signal bar icon in the task bar to disconnect from a wireless network.

With some attention to security, free public Wi-Fi can be a useful tool and a safe one.

This concludes our How to use Wireless Networks or Wi-Fi securely in Public article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

Most iPhone users do not think very much about security. The iPhone is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPhone has grown in popularity, the smartphone has become more of a target by hackers and criminals. It is important that iPhone users immediately become more vigilant about smartphone security.  Our tutorial covers the iPhone through iPhone 7 Plus and iOS through iOS 11.

0. Obsolete Hardware

If you have an iPhone or iPad that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that iOS 10.3.3 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

1. iPhone Software Updates

Apple upgrades the iOS software for the iPhone from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPhones to a computer in order to update the smartphone’s software. Needless to say, this was inconvenient and led to many iPhones with obsolete software.

Always update to the latest iOS software available as soon as possible.

If you Jailbreak your iPhone, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.

2. iPhone App Security

Apple’s App Store reviews all submissions before adding them. All iPhone apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. (This is not 100% foolproof)

Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 added the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPhone.

When installing new Apps, we suggest you install well known Apps with positive reviews, and avoid brand new Apps from unfamiliar companies.  Give new Apps time to build trust and to allow others to help test the App for malware and security risks.

3. Suggested iPhone Settings for Security

Below are several suggestions for iPhone settings to increase security on the smartphone. One in three robberies nationwide involve cell phones, with a ratio estimated as high as one in two within the San Francisco area. Users need to protect their smartphones to prevent a complete disaster.

Passcode

A passcode is required before you perform these tasks:

• Turn on or restart your device
• Slide to unlock your screen (you can change this)
• Update your software
• Erase your device

Enable Passcode, erase iPhone data after ten failed attempts. Starting with iOS 9 the default passcode length is 6 digits instead of 4.

• Open Settings
• Select Touch ID & Passcode Lock
• Select Turn Passcode On
• Enter a Passcode – Do not select an obvious passcode like 1234 or 1111
• Use the Touch ID Fingerprint sensor
• For older version of iOS:
• Turn Simple Passcode off
• Enter a passcode – Do not select an obvious passcode
• Turn Erase Data on – Erases all data after ten failed passcode attempts
• Turn Siri off – Prevents Siri access when locked
• Turn Passbook or Wallet off – Prevents Passbook or Wallet access when locked
• Turn Reply with Message off –  Prevents Reply with Message access when locked (iOS 6)

Data Encryption

Encryption prevents the data stored on your iPhone from being read, if you do not have the passcode. The passcode provides entropy for certain encryption keys. A 256-bit AES key is used to encrypt every new file created.

Starting with iOS 8, thankfully encryption is turned on by default. If you have an older version do the following:

Ensure Encryption is Turned On. After you enable a passcode in iOS version 4 or newer and you have an iPhone 3GS or newer, the phone can use hardware encryption to encrypt the data stored on the phone. Text messages, photos, emails, contacts, and call history were all encrypted.

• Open Settings
  
• Select General
• Select Passcode Lock

After the Setting up a Passcode, scroll down to the bottom of the Passcode Lock Screen and verify that the text “Data protection is enabled” is shown.

If this is the phrase is not shown, do the following:

• Connect your iPhone to your Computer
• Backup your iPhone in iTunes
• Restore your iPhone in iTunes
• Check the Passcode screen again for the phrase “Data protection is enabled“

iCloud Security

As of March 2016, iCloud, the Internet cloud syncing and storage service, current gives Apple the capability to unlock key data like backups, documents, contacts, and calendar information.  Someday this will change.

Apple encrypts your iCloud data in storage, but they encrypt it with their own key, not with your passcode key, which means that they are able to decrypt it to comply with government requests.

Turn iCloud OFF if you value security.

Safari Cookies

Prevent cookies from being accepted in Safari. Clear old cookies.

• Open Settings
• Select Privacy
• Select Safari
• Click Accept Cookies
• Check Never
• Click Clear cookies and data

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
• Select Bluetooth
• Set Bluetooth to Off

Backing up your iPhone regularly is an important task. With iOS 4, you need to connect your iPhone to your computer in order to perform back ups. With iOS 5, you can easily back up using iCloud. Enable iCloud by doing the following:

• Open Settings
  
• Select iCloud
  
• Select the items that you would like iCloud to back up

4. iPhone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobilMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To check a Mail Account for secure SSL access, do the following:

• Open Settings
  
• Select Mail, Contacts, Calendars
• Select a Mail Account
• Click on an Email Account
• Click on Account
• Verify Use SSL is set to On

If Use SSL is set to off, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

5. Find a Lost iPhone, Erase a Lost iPhone

Apple has an app that helps you find a lost iPhone by showing it on a map and optionally erase it or make the iPhone play a sound. This free service is a life saver and should be one of the first items installed. To enable Find My iPhone, follow these iOS 5 & 6 instructions.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your iPhone is lost and password protected, people could still contact you.

Make a Contact entry for yourself with a phone number other than your iPhone.You might also put in the Notes field – Reward for returning lost iPhone.

Set it as the default contact entry.  Settings – Mail, Contacts, Calendars – My Info – Choose your contact entry

This way, anyone can bring Siri and ask “Who owns this phone?” and see your contact info.

If you do lose your iPhone, watch out for phishing messages trying to get your iCloud Username and password.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the WiFi network is secure, we would recommend against  connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The iPhone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the iPhone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the iPhone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The iPhone is very good at transparently switching from a cellular data network to a WiFi wireless network.

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your iPhone’s traffic through a secure server. There are many paid services that sell VPN access.

iOS 8 includes an “Always-on VPN” feature, which eliminates the need for users to turn on VPN to enable protection when connecting to Wi-Fi networks. The iPhone’s MAC address now changes when it’s not connected to a Wi-Fi network, so it can’t be used to persistently track a device by passive observers of Wi-Fi traffic.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Safari

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Apple iPhone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

9. iPhone Anti Virus and Internet Security Software

iPhone anti virus software exists but due to the secure iOS design, cannot scan files automatically or run scheduled scans. Users have to manually tell an anti virus or Internet security App to scan files. Intego makes anti virus software VirusBarrier iOS App ($2.99) for the iPhone, iPad, and iPod Touch.

Kapersky Lab makes a free App called Threatpost that quickly displays articles from their security news website.

10. iTunes Password and Payment Option

It is important to select a strong password for iTunes. Read our article How to Create, Store, and Use Secure Passwords.

If a hacker obtained your iTunes password, they could drain your credit card with purchases. We recommend you remove all payment options after having created your iTunes account. iTunes only requires a payment option when creating a new account. We prefer to add iTunes money by purchasing a pre-paid iTunes gift cards.

11. Turn off Diagnostic Log Sending

Apple used to use Carrier IQ before iOS 5, so make sure you turn off this feature. To turn off sending of diagnostics data to Apple do the following:

• Open Settings
  
• Select General
• Select About
• Select Diagnostics & Usage
• Click on Don’t Send

12. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

13. Enable Two-Step Verification for Apple ID

Apple introduced two-step verification for Apple IDs.  You need 2 forms of proof to access your account.

We have covered many ways to improve your iPhone security. Utilizing our tips will help significantly improve the already good security of the Apple iPhone smartphone.

Do you have more iPhone security tips?

14. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Text Secure. Older Stingrays only support 2G, not 3G/4G, so turning off 2G will help here.

15. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

16. Setup Emergency Contact in Health App

The Health App was added way back in iOS 8, but few people have setup the Medical ID that emergency responders can use to contact your emergency contact. They can click Emergency from your lock screen and bring up your emergency Medical ID information.

In the Health App, setup a Medical ID.

Make sure it is set to be seen when your phone is locked.

Showing Text messages on your lock screen should not be allowed.

17. Enable Two Factor and Two Step authentication

Apple offers two-factor as well as two-step authentication. Enable it! If you enable it, make sure you keep the recovery code in a safe place.

18. Lock your SIM Card with a PIN code

This keeps your phone even more secure from theft.  It is a pain because you need to enter it every time you startup your phone.

19. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

• FTC has details
• Do not use your cell phone number in the first place!
• Use two factor authentication that uses a physical key or Google Authenticator App, not Text
• AT&T – Enable an account passcode
• Sprint – Customers setup a PIN when first signing up
• T-Mobile – Enable a customer care password
• Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Do you have any iPhone Security tips?

The International Travel Security Problem

Many of us travel internationally but few realize how important computer security can be when we visit other countries. People doing business in countries like China and Russia (or any other country for that matter) need to pay strict attention to their technology security protocols to prevent the real and growing threat of high tech espionage. There have been instances of people returning from abroad and having their laptops or smartphones compromised. A mobile device used internationally and later hooked up to the Company’s network provides an excellent infection vector. The folks intent on stealing information could be government or corporate based.

Learn how to use your iPhone or Android Smartphone in China

How to Protect Yourself When Traveling

Some people might find the following list a bit paranoid, but you never can be too safe. People that work for major corporations, government, or security firms need maximum protection from attackers. There are tools that can detect the location of a mobile device to within 100 feet and can target phones by the phone number, IMEI (International Mobile Equipment Identity) number and intercept all communications from the mobile device.

• Leave your cell phone and laptop at home
• Buy a phone and SIM card in the other country
• Beware of any SMS message especially if they have links
• Do not bring any sensitive data or passwords
• Use temporary or loaner cell phones and laptops which will be erased when you get home
• Make sure all gadgets are fully up to date and have security software enabled. The best encryption should be utilized
• Never let your electronics out of your site
• If your device gets inspected at the border, it should never be connected to the Company’s network again
• Turn off Bluetooth and Wi-Fi
• Avoid public Wi-Fi altogether
• Do not use a public phone charging cable, it could be capturing video while you charge
• Disable microphones and cameras
• During meetings, turn off your devices and remove their batteries. (Prevents possible recording)
• Use a VPN with heavy encryption to connect to the Internet
• Use Google Voice to create a “throw away” voice accounts
• Do not connect to your Company’s or government’s network while abroad
• Use coded language when discussing sensitive matters
• Cut and paste passwords to prevent keylogging
• Change any and all passwords you used on the trip, immediately
• Enable two factor authentication for services that support this; Facebook, Gmail, eBay, etc.
• Two factor authentication system using SMS text messages is not secure, due to the weak SS7 routing system. We suggest only using two factor when you can use a token or a time based authenticator like Googles.

Following the safeguards listed above will help prevent hack attacks against yourself and your Company. The measures may sound extreme, but the danger is real.

We feature many different security tutorials.

• Learn how to secure your PC, find free anti-virus software, and find Windows security software
• Secure your Mac and find free Mac security software
• Use Linux for secure online banking, online trading, and online shopping
• Secure your wireless network (Wi-Fi)
• Learn how to create, store and use secure passwords

Harden the Security of your Browser

• Chrome
• Internet Explorer 9
• Firefox

Boost the Security of your Smartphones and Tablets

• iPhone
• iPad
• Android Smartphone or Tablet

Learn how to perform the following Safely and Securely

• Online banking and online trading
• Online shopping
• E-mail

Our sister site has launch, BuyVia!

The BuyVia iOS app and website bring together the strongest smart shopping arsenal available, making it easy to find the best products/deals possible across all of the devices people own – including smartphones, laptops/desktops and tablets – without tedious and time-consuming research.

BuyVia’s iPhone & Android (coming soon) app allow users to scan barcodes, compare prices, set up alerts, and more.

Most iPad users do not think very much about security. The iPad is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPad has grown in popularity, the tablet has become more of a target by hackers and criminals. It is important that iPad users immediately become more vigilant about tablet security. Our tutorial covers the iPad, and iPad 2.

1. iPad Software Updates

Apple upgrades the iOS software for the iPad from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPads to a computer in order to update the tablet’s software. Needless to say, this was inconvenient and led to many iPads with obsolete software.

iOS 5 allows updates to occur without the iPad being connected to a computer, allowing users to stay current far easier. We recommend all owners of the iPad and the iPad 2, upgrade to iOS 5 immediately. iOS 5 in fact includes many security fixes.

If you Jailbreak your iPad, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.

2. iPad App Security

Apple’s App Store reviews all submissions before adding them. All iPad apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 adds the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPad.

When installing new Apps, we suggest you install well known Apps with positive reviews, and avoid brand new Apps from unfamiliar companies. Give new Apps time to build trust and to allow others to help test the App for malware and security risks.

3. Suggested iPad Settings for Security

Below are several suggestions for iPad settings to increase security on the tablet.

Enable Passcode, erase iPad data after ten failed attempts

• Open Settings
  
• Select General
• Select Passcode Lock
• Select Turn Passcode On
• Enter a Passcode – Do not select an obvious passcode like 1234 or 1111
• Turn Simple Passcode off
• Enter a passcode – Do not select an obvious passcode
• Turn Erase Data on – Erases all data after ten failed passcode attempts

Ensure Encryption is Turned On. After you enable a passcode in iOS version 4 or newer on every iPad tablet, the tablet can use hardware encryption to encrypt the data stored on the tablet.

After the passcode is set, scroll down to the bottom of the screen and verify that the text “Data protection is enabled” is shown. If this is not shown, do the following:

• Connect your iPad to your Computer
• Backup your iPad in iTunes
• Restore your iPad in iTunes
• Check the Passcode screen for the “Data protection is enabled“

Prevent cookies from being accepted in Safari. Clear old cookies.

• Open Settings
  
• Select General
• Select Safari
• Click Accept Cookies
• Check Never
• Click Clear cookies and data

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
  
• Select General
• Select Bluetooth
• Set Bluetooth to Off

Backing up your iPad regularly is an important task. With iOS 4, you need to connect your iPad to your computer in order to perform back ups. With iOS 5, you can easily back up using iCloud. Enable iCloud by doing the following:

• Open Settings
  
• Select iCloud
  
• Select the items that you would like iCloud to back up

4. iPad Email Security

It is important that email accounts accessed from a tablet are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobilMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To check a Mail Account for secure SSL access, do the following:

• Open Settings
  
• Select Mail, Contacts, Calendars
• Select a Mail Account
• Click on Account
• Click on Advanced
• Verify Use SSL is set to On

If Use SSL is set to off, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

5. Find a Lost iPad, Erase a Lost iPad

Apple has an app that helps you find a lost iPad by showing it on a map and optionally erase it or make the iPad play a sound. This free service is a life saver and should be one of the first items installed. To enable Find My iPhone, follow these iOS 4 instructions or iOS 5 instructions.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your iPad is lost and password protected, people could still contact you.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the WiFi network is secure, we would recommend against connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The iPad can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the iPad will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the iPad will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The iPad is very good at transparently switching from a cellular data network to a WiFi wireless network.

When accessing the Internet on a tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your iPad’s traffic through a secure server. There are many paid services that sell VPN access.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Safari

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie – https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Apple iPad. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

9. iPad Anti Virus and Internet Security Software

iPad anti virus software exists but due to the secure iOS design, cannot scan files automatically or run scheduled scans. Users have to manually tell an anti virus or Internet security App to scan files. Intego makes anti virus software VirusBarrier iOS App ($2.99) for the iPhone, iPad, and iPod Touch.

Kapersky Lab makes a free App called Threatpost that quickly displays articles from their security news website.

10. iTunes Password and Payment Option

It is important to select a strong password for iTunes. Read our article How to Create, Store, and Use Secure Passwords.

If a hacker obtained your iTunes password, they could drain your credit card with purchases. We recommend you remove all payment options after having created your iTunes account. iTunes only requires a payment option when creating a new account. We prefer to add iTunes money by purchasing a pre-paid iTunes gift cards.

11. Enable Two-Step Verification for Apple ID

Apple introduced two-step verification for Apple IDs.  You need 2 forms of proof to access your account.

We have covered many ways to improve your iPad security. Utilizing our tips will help significantly improve the already good security of the Apple iPad tablet.

The Internet is a scary place for kids and a constant worry for their parents. Inappropriate content, predators, and malware lurk around every corner. It is critical that we teach our kids how to use the Internet safely as well as equip our computers with necessary safeguards. First we will cover some foundational security information, then we will delve into tools and settings to help secure the Internet for kids.

Consumers Union found that households containing people under 18 had a larger propensity to being infected with malware. The following situations can easily occur:

• A child might post on Facebook that the family is going on vacation
• Children download apps without understanding the hazards or reading the reviews
• Younger kids may click on links within email, without thinking about the risks
• Not downloading copyrighted material needs to be taught to minors
• Popup warnings from security software are usually ignored

Educating Your Kids

The most important element in creating a safe place for your kids to use the Internet is Education. No piece of software or hardware can replace teaching your kids right from wrong, and candidly discussing all the bad topics that can be found on the Internet.

Some topics parents should cover:

• Do not reveal your passwords
• Use social networking safely
• Do not reveal too much personal information
• Beware of online fraud

We suggest you monitor your kids closely and place computers in a central location, not hidden away in their rooms. A family room or kitchen that is easily seen is a good bet.

Microsoft has a very useful article on teaching kids online security basics.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

Built-in Parental Controls

Many operating systems have parental controls already built in. There is no need to add additional software or hardware to enable them.

• Microsoft
• Macintosh OS X
• Apple iOS
• Android does not include parental controls

Apple’s iOS 5 or newer includes an option to shut off In-App Purchases. We suggest you enable this option to prevent kids from purchasing items within games.

Software Parental Controls

Parental control software helps filter inappropriate content from the Internet. This software interfaces with your browser and operating system to do the following:

• Block specific websites
• Filter inappropriate content
• Monitor Internet usage
• Manage Internet access

Most software products have long lists of sites that they block. These lists are constantly updated.

Internet Access Control for Kids using Software

Computers can be configured to block inappropriate websites utilizing several different techniques. Some involve customized browser software, while others strengthen the lower level plumbing in one’s computer.The following software packages include parental controls and content filtering.

K9 Web Protection – Free software to control browsing. No controls for email, instant messaging, games. Windows, iOS (iPhone, iPad), and Macintosh.

Norton Online Family – Free software to control browsing, instant messaging, limit computer use, monitor usage. Free version with limited functionality. Windows and Macintosh.

Windows Live Family Safety – Free parental control software for Windows 7 and Windows Vista. Get usage reports, choose websites, games, programs they can access. Control time periods when they can use the computer.

Most parents install this type of parental control software to help manage their kid’s Internet access.

Internet Access Control for Kids using Domain Name Filtering

The following free options allow you to set your Internet router to automatically block inappropriate content.

OpenDNS – has a free family service which incorporates parental controls to block inappropriate content.

Norton ConnectSafe for Home – Configures the domain name servers that your computer uses to special ones that include options to filter porn or to be family friendly.

Using Virtual Machines for Kids

A virtual machine is software that allows a computer and its operating system to run within your existing computer. The software emulates another computer, so you can set it up with a configuration that is more optimized for kids. Here are several free options for you to deploy virtual machines in an effort to create a safe environment for kids. The kids should do all their surfing within the virtual machine, so that your main computer will not polluted with their usage.

Microsoft Virtual Machine – Designed for web developers to test compatibility with different versions of Internet Explorer, these Virtual Machines for Microsoft’s Virtual PC allow you to run a Virtual computer on your desktop with Internet Explorer and Firefox pre-installed. You can manually install Google Chrome. If you mess up the Virtual computer, you can just delete it and start fresh from a new image. Keep in mind some malware is capable of detecting virtual machines and acting innocent until you move into your main system.
If you use VMware Player, you can add the following line to your .vmx file so that it writes all changes to a temporary file, which will be deleted when you power off the virtual machine.:ide0:0.mode = “independent-nonpersistent”

Dell KACE – has a free secure browser based on a virtualized and contained Firefox Browser with Adobe Reader and Flash plug-ins. You can manually install Google Chrome.

Creating an Account for Your Kids

It is wise to create a separate user account just for your kids. This will prevent them from altering or adding to your software, add-ons, bookmarks, etc. To create an additional account under Windows 7, do the following:

Setup a Standard user or non-administrative user account and allow your kids to use that instead. A non-administrative account or Standard user account can use most software and change system settings that do not affect other users on the same computer, nor can this user affect the security of the computer. Note: Some malware, has from time to time, found the ability to grant itself administrator privileges bypassing Internet Security. Running as a standard user still minimizes risk. There will be times when using the Standard user account is annoying, due to lack of sufficient privileges to complete certain tasks. In the end the security increase is worthwhile. To create a Standard user account follow these steps:

1. Click Start Button
2. Type Create Standard user account into Start menu’s Search Box
3. Select Create Standard user account from the results
   
4. Click on Standard user
5. Enter a new account name in the dialog
6. Click Create Account

Children’s Online Privacy Protection Act (COPPA) of 1998

Children’s Online Privacy Protection Act is intended to help parents by banning any child under the age of 13 from joining social media platforms such as Facebook or from setting up general purpose communications accounts such as email or Skype.

While this is a noble goal, in practice many parents help their kids circumvent this Act, by setting up accounts with these services anyway. Any kid under the age of 13 who has an email account is skirting this Act. 38% of children on Facebook are 12 and under per a recent poll by MinorMonitor.

Facebook Parental Control

Facebook is everywhere and is widely used by kids. Protect your kids on Facebook with our How to Safely use Facebook article as well as add on software.

MinorMonitor – Helps identify possible bullying, drug use, sexual references, and more.

Apple iOS – iPhone and iPad Internet Safety

Kids are seen using their parents’ iPhones and iPads all over the place. It is important that we take steps to control their access to these ever-more present devices. Starting with iOS 12, Apple has added extensive parental control features with the screen time feature. Here are some additional free apps to help you accomplish this:

Parental Control App (Kidslox) – Has app blocking, content filtering, and daily limits on screen time.

Android Parental Control Apps

Android has no built in parental controls outside of app store restrictions, so users need to install third party apps to fill this void.

Cloudacl Safe Browser – Cloud based content filtering browser.

Google Family Link – Set digital ground rules and monitor online activity.

There are many resources to help insure your kids are using the Internet safely. Parental control software is available, but in the end it is important to educate your children regarding safe Internet usage.