Updated Safe Gadget Security News – Security Alerts 2018

Featured

The following alerts have been updated to reflect new and important security protection schemes:

12/2018: Marriott – Starwood Hotels got hacked, leaking a ton of data. Change your credit card if you booked there.

10/4/2018: Bloomberg reports that China has infiltrated major tech companies by compromising servers from their Chinese factories.  Never trust your hardware!

8/24/2018: HP Inkjet printers with Fax capability have a Faxploit exploit where someone could fax you a special page and take over your entire network. Patch now.

6/11/2018: The FBI has asked users to reboot your wireless router in an effort to prevent infection from the VPNFilter malware.   You should do more than this, write down its settings, reset it to default settings, and updated it to the latest software.

Always update the software for your router to the latest version.  If no update has occurred in the last 6 months, BUY a new one!  Affected devices include: (Expanded List)

Asus Devices:

RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)

D-Link Devices:

Continue reading

Android Smartphone Security, How to securely use your Android Smartphone or Tablet

Last Updated: September 26, 2018

Google’s Android operating system powers many popular cellphones including the popular Samsung Galaxy S9. Most Android Smartphone users as well as most of the pubic at large do not think very much about security.

If your phone is not running the latest Android Monthly security patches, you are open to attack. A recent Wall Street Journal article showed that only 2.8% of Android devices have the latest security patches. Compare that to 79% of iPhones, due to Apple’s more uniform eco-system.

Most Up to Date Android Smartphones

This flagship phone runs the latest Android version and is patched regularly. Sold directly from Google or from a couple wireless carriers.

You can check this Google Support page that shows when updates will be available for Google devices and when devices stop getting updates.

Keep in mind that some companies claim to have all the latest security patches but may not.

Continue reading

Hacked Internet of Things Database – Gadgets, Cameras, Wireless Routers

Last Update: November 13, 2018

Internet of Things Scanner

Run this online scanner to see if any of your IOT devices are visible and need to be secured.

October 2017 Wi-Fi KRACK attack Warning

KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.  Virtually ALL Wi-Fi equipped devices need to be updated.  The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks.

Securing Internet of Things, Smart Home Devices

More and more gadgets for the home are connected to the Internet for additional functionality. Refrigerators to Thermostats to Door Locks, the list is never ending. Do not forget about security. You may have created an open door for hackers, become part of an evil Botnet, or illegal activity without your knoawledge.

A vulnerable webcam can give ANYONE on the Internet a view of your home. Secure these home gadgets as strongly as possible. Many can NEVER be updated, which means that you should discontinue their usage.

Wi-Fi Network Connection

Here are some general tips to secure your new IOT or smart home devices:

  1. Change the default password or credentials of the Device
  2. Update the device to the latest firmware available. If the company does not have a firmware update page on their website, we would return it. Do this again every couple months.
  3. Connect your IOT device such as a Dropcam or Nest Smoke Detector to your Guest Wi-Fi network whenever possible.  This network should be walled off from the normal network, preventing access to all your Computers.  Malicious devices could snoop on your network and quietly send information without your knowledge.
  4. If the Wireless routers guest network is not secure, it is even better to have 3 routers in a Y configuration. You can purchase an inexpensive router that hooks up to your Cable/DSL modem, then have 2 separate wireless routers connected to this device. Put all Internet of Things devices on one of the Y routers. Connect your computers, smartphones, tablets to the other router.
  5. Have the Guest network that IOT devices are on, use a different dns server
  6. Turn off uPNP on your router to prevent ports from being opened up to access IOT devices.
  7. Never poke a hole through your firewall for a device. It could then be accessed by anyone on the Internet! Use Shields Up! to look for open ports.
  8. Peer to Peer capabilities are hard to secure. Avoid devices with this.
  9. Cheaper IOT devices especially no name ones sold on Amazon or eBay should be avoided. Most of these are rarely built with security in mind and are never updated.  Stick to brand name, IE Netgear, Google, Ring, etc..

Continue reading

iPhone Security, How to securely use your iPhone

Last Updated: 5/18/2018

Apple iPhone 3GS

Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

Most iPhone users do not think very much about security. The iPhone is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPhone has grown in popularity, the smartphone has become more of a target by hackers and criminals. It is important that iPhone users immediately become more vigilant about smartphone security.  Our tutorial covers the iPhone through iPhone 7 Plus and iOS through iOS 11.

0. Obsolete Hardware

If you have an iPhone or iPad that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that iOS 10.3.3 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

1. iPhone Software Updates

Apple upgrades the iOS software for the iPhone from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPhones to a computer in order to update the smartphone’s software. Needless to say, this was inconvenient and led to many iPhones with obsolete software.

Always update to the latest iOS software available as soon as possible.

Continue reading

Secure Firefox Browsing

Last Updated: 1/1/2018

firefox browser

Firefox is one of the most popular web browser for Windows and other platforms. This makes it a large target for malware and cybercrime. We will focus on securing Firefox, and will significantly increase the browser’s security through add-ins and special hardening settings. We are avoiding earlier versions of Firefox and recommend users to upgrade to the latest version of Firefox. We also recommend running under Windows 7, 8 or 10, so if you are running under an older version of Windows, we recommend you to upgrade or buy a new computer. Older versions of Windows like Windows XP were not built with security in mind.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

We recommend booting from a Linux CD or USB key when performing mission critical applications such as online banking, online trading, or online shopping.

Firefox includes the following security oriented features:

  • Instant Web ID
  • Do not Track
  • Private Browsing
  • Clear Recent History
  • Customized Security Setting

The Golden rules of the Internet: Continue reading