8/18/2024: iOS Devices can support DNS over HTTPS through this simple provision file addition.

8/1/2020: Netgear has major issues with many of its wireless routers.  Update now. Some will never be updated, if you have one of these obsolete routers, buy a new one.

7/23/2020: C-Data networking (Cdata, OptiLink, BLIY) equipment has multiple back doors. – The company says these are counterfeit versions.

1/22/2020: SIM Swap compromises using your smartphone to get text messages to authenticate with websites. Avoid using text messages to do rescue logins.  A new paper from Princeton researchers shows how easy it is to pull off a SIM Swap against AT&T, Verizon, T-Mobile and others.  Send text messages to a VoIP number such as Google Voice  instead. Do not allow Google Voice to forwards Texts/Calls to your main number.

1/20/2020: Virtually all Cablemodems have the Cable Haunt critical vulnerability. Call you cable operator an ask them to upate your cablemodem’s software now. You cannot do it on your own.

12/10/2019: Google Smart Lock is also a great way to generate second factor authentication but using your iPhone or Android phone and their app.

10/1/2019: iOS 13 has a handy feature to stop unwanted calls.  You can set the phone to send unknown callers straight to voicemail! (Those not in your contacts) – Settings – Phone – Silence Unknown Callers

5/12/2019: Thrangrycat Attacks Cisco Switches, Firewall and routers.  Update and patch now

3/19/2019: Windows 10 is loading more and more crap.  These scripts let you uninstall the junkware and reclaim privacy.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page!  Update your Android software right away.  If your phone no longer gets updates, please consider buying a new one.

1/2019: Marvell’s Wi-Fi chip is used in millions of devices.  Unfortunately, it has a major security flaw. Look for updates soon.  Devices that have no way to get updated are worrisome.

12/2018: Marriott – Starwood Hotels got hacked, leaking a ton of data. Change your credit card if you booked there.

10/4/2018: Bloomberg reports that China has infiltrated major tech companies by compromising servers from their Chinese factories.  Never trust your hardware!

8/24/2018: HP Inkjet printers with Fax capability have a Faxploit exploit where someone could fax you a special page and take over your entire network. Patch now.

6/11/2018: The FBI has asked users to reboot your wireless router in an effort to prevent infection from the VPNFilter malware.   You should do more than this, write down its settings, reset it to default settings, and updated it to the latest software.

Always update the software for your router to the latest version.  If no update has occurred in the last 6 months, BUY a new one!  Affected devices include: (Expanded List)

Asus Devices:

RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)

D-Link Devices:

DES-1210-08P (new)
DIR-300 (new)
DIR-300A (new)
DSR-250N (new)
DSR-500N (new)
DSR-1000 (new)
DSR-1000N (new)

Huawei Devices:

HG8245 (new)

Linksys Devices:

E1200
E2500
E3000 (new)
E3200 (new)
E4200 (new)
RV082 (new)
WRVS4400N

Mikrotik Devices:

CCR1009 (new)
CCR1016
CCR1036
CCR1072
CRS109 (new)
CRS112 (new)
CRS125 (new)
RB411 (new)
RB450 (new)
RB750 (new)
RB911 (new)
RB921 (new)
RB941 (new)
RB951 (new)
RB952 (new)
RB960 (new)
RB962 (new)
RB1100 (new)
RB1200 (new)
RB2011 (new)
RB3011 (new)
RB Groove (new)
RB Omnitik (new)
STX5 (new)

Netgear Devices:

DG834 (new)
DGN1000 (new)
DGN2200
DGN3500 (new)
FVS318N (new)
MBRN3000 (new)
R6400
R7000
R8000
WNR1000
WNR2000
WNR2200 (new)
WNR4000 (new)
WNDR3700 (new)
WNDR4000 (new)
WNDR4300 (new)
WNDR4300-TN (new)
UTM50 (new)

QNAP Devices:

TS251
TS439 Pro
Other QNAP NAS devices running QTS software

TP-Link Devices:

R600VPN
TL-WR741ND (new)
TL-WR841N (new)

Ubiquiti Devices:

NSM2 (new)
PBE M5 (new)

Upvel Devices:

Unknown Models* (new)

ZTE Devices:

ZXHN H108N (new)

4/24/2018: Windows Defender System Guard is now installed by the latest Windows 10 Updates. Make sure you are up to date.

3/21/2018: 1.1.1.1 is a free DNS Domain Name Service that helps hide the sites you goto. Cloudflare runs it and promises no logging.

3/15/2018: ID Thieves are using the IRS and filing fake tax returns. Remember that the IRS never calls or sends email to you.  They use old fashion US mail. Sign up for an IRS PIN if possible.

2/8/2018: Lenovo PCs with fingerprint readers need to be updated. Lenovo laptops with certain Broadcom Wi-Fi chips also need an update

1/12/2018: Laptops for Business use may have Intel AMT. You need to configure it or else your open to Intel AMT attacks.

1/5/2018: Meltdown and Spectre are 2 new processor chip bugs that affect most modern computers, smartphones, and tablets.  They will need software updates to mitigate this bad bug. More Details – Older system without updates are dangerous to continue to use. Time to buy new hardware.

11/21/2017: Quad9 is a free DNS Domain Name Service that helps prevent users from accessing malicious sites.  Run by IBM Security, Packet Clearing House (PCH) and The Global Cyber Alliance (GCA)

11/1/2017: Windows 10 controlled folder access anti-ransomeware is part of the Fall Creators Update.  It works well and should be used by all Windows 10 users.

10/16/2017: KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.  Virtually ALL Wi-Fi equipped devices need to be updated.  The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks. Using a VPN helps.

10/6/2017: Kaspersky has been implicated in stealing data from the NSA.  Uninstall any of their antivirus software right away.  It is now banned in the US government. Best Buy has stopped selling it.

9/8/2017: In September 2017, Equifax got hacked affecting 143 Million customers. (Almost everyone!) Equifax is offering complimentary identity theft protection. – Do more! Setup a Credit Freeze.

9/1/2017: Arris NVG589, NVG599 and possibly other modems, routers, gateways sold for AT&T’s U-verse service have a major security hole. If you have one, you need to update it as soon as possible to software newer than 9.2.2 or apply this fix.

5/12/2017: Wanna Cry ransomware is spreading fast.  It exploits a Microsoft bug that was patched in March 2017.  It is more infectious because it can spread throughout a local network.

WannaKiwi – Decrypts files WannaCryp ransomware. Do not reboot after getting infected.

A basic lesson in patching right away and stop running old Operating systems.  Microsoft took the unusual step to put out a Windows XP, 8 , Windows Server 2003 patch to help stop this. If you use any of these OS’s, upgrade to Windows 10 now.

4/12/2017: 2 easy ways to increase your security and not have to constantly update are:

• Uninstall Adobe Flash
• Uninstall Adobe Reader

4/4/2017: Google Project Zero has found a major flaw in a WiFi chip that is used on many Android and iPhones. Hackers can run malware on devices. Apple iOS 10.3.1 and newer fixes the bug. Android patches are rolling out soon. Make sure you update your device. Any phone that does not get security updates any more, should be recycled and replaced.

3/16/2017: Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

2/16/2017: Apricorn makes a secure USB flash drives that require a pin code to be entered before they function.  No software or drivers required, so it works with any operating system. Dust and water resistant durable aluminium housing

2/2/2017: Laser Printers are vulnerable to security issues. Popular printer models manufactured by Dell, Brother, Konica, Samsung, HP, and Lexmark are all affected.

2/1/2017: Netgear has updated firmware for many routers that fixes a major security hole.

1/30/2017: Security minded people use VPNs to secure their communications. Many Android VPN clients have privacy and security risks.  Be careful which you use.

12/12/2016: 26 different low cost Android devices on the MTK platform have Trojan horses built in.

12/8/2016: Keyless Car Entry: Security minded folks would never buy a car that has this feature. The National Insurance Crime Bureau has a post on how a Mystery Device is used to relay your key fob’s signal to steal cars.  It is best to wrap your key fob in foil or some RF blocking shield when you are away from the vehicle.

11/30/2016: Gooligan Malware has infected over 1million Android phones, most of which downloaded apps outside the official Google Play store.

11/15/2016: Some Cheap cell phones made in China have spyware that sends all your texts to China. This includes the $50 BLU R1 HD sold by amazon! Update the firmware of this device NOW.

10/2/2016: D-Link DWR-932B  and Quanta 4G LTE QDH routers have major security holes- Upgrade it to the latest firmware. Details

9/22/2016: Do you run a website? If so make sure you test it for security vulnerabilities. Tinfoil Security has a nice free 90 day trial.

9/21/2016: Yahoo finally admits to a biggest breach ever. It happened back in 2014 of 500 million accounts. Change your passwords, never enter ‘real’ information into security questions. Use a Yahoo Account Key instead of a password.

9/18/2016: The Rowhammer memory vulnerability is getting important everyday. See if your hardware is vulnerable using Memtest86.

7/29/2016: No More Ransom.org (Kaspersky Lab in collaboration with Europol, the Dutch National Police and Intel Security) has a new site to help vicitims.  It has a page with Decryption Tools. Beware of this company though.

7/12/2016: Kanguru makes a fast USB 3.0 flash drive with physical write protect switch and a digitally signed secure firmware to protect against Badusb.  One of the first to do this. Get item to put a Linux Live CD like Ubuntu on and keep it from getting modified by malware.

5/20/2016: ID Ransomware helps you figure out which ransomware you are effected by, so you can look for remedies other than paying. Bleeping Computer has a Support forum for Ransomware

• ESET has a decryptor for TeslaCrypt infections

2/24/2016: MouseJack is a new security vulnerability that allows a malware to be remotely downloaded onto a computer via a hijacked wireless mouse or keyboard connection. A hacker could remotely type in commands or move your mouse. Update the firmware on your wireless mouse/keyboard if possible, otherwise use a wired mouse – keyboard.

Logitech Update – Worked for us, but required several tries.

2/5/2016: Netgear Wireless routers do not automatically add passwords to hard drives that are plugged into them, leaving them accessible to anyone on the Internet. Make sure you change the default password. Hackers can use Shodan to find you quickly.

1/19/2016: The Wall Street Journal commissioned a security researcher to test 20 popular internet Wireless Routers. 10 had known security weaknesses. 4 had old firmware that when upgraded could contain undocumented security problems.  Keep your router’s software update and if it is older than 2 years, you should buy a new one. Most networking companies’ stop updating them after a year or two. How to setup a Secure Wireless Router was updated.

11/17/2015: Several tutorials have updated lists of secure instant messaging apps. Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

• Silent Circle
• Redphone
• OSTel
• Chat Secure
• Signal (Formerly Textsecure)

7/24/2015: First of its kind. 1.4 Million 2013-2015 model year Chrysler, Dodge, Jeep Vehicles are vulnerable to remote hacking that can cause the vehicle to be controlled remotely. Get the special USB drive and update your car now.

4/28/2014: A new Internet Explorer Vulnerability that has no patch, is being actively exploited by malware. US Computer Emergency Readiness Team suggests people stop using Internet Explorer. Windows XP users need to use an alternative browser like Chrome or Firefox.

If you have to run Internet Explorer, you should install the Enhanced Mitigation Experience Toolkit or unregister the VGX.dll as mention in Microsoft’s Security Bulletin

4/10/2014: Heartbleed Security Hole. Servers that use certain versions of OpenSSL software to create secure connections are vulnerable to a major bug. Lastpass has a page that can help you test websites for this bug. Flippie.io has one too.

4/7/2014: Users should change their passwords for the following sites due to the Heartbleed Internet Security Bug: fitbit.com, github.com, rememberthemilk.com, yahoo.com. Cnet has a nice list.

2/1/2014: If you own an Asus or Linksys E-series wireless router, make sure it has been updated to prevent the Moon worm. How to setup a Secure Wireless Router was updated.

Internet of Things Scanner

Run this online scanner to see if any of your IOT devices are visible and need to be secured.

October 2017 Wi-Fi KRACK attack Warning

KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.  Virtually ALL Wi-Fi equipped devices need to be updated.  The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks.

You should not be using any non-802.11ac devices any more, if at all possible; and you should make absolutely certain you’ve updated the firmware on all routers to the latest available version.

If that newest available firmware version is older than November 2017, it is without a doubt vulnerable to KRACK, and you’re going to need to discard and replace that device. If it’s older than, say, July 2018 it might or might not include KRACK mitigations, and you should go through all of that device’s firmware release notes since November 2017 to make certain.

Securing Internet of Things, Smart Home Devices

More and more gadgets for the home are connected to the Internet for additional functionality. Refrigerators to Thermostats to Door Locks, the list is never ending. Do not forget about security. You may have created an open door for hackers, become part of an evil Botnet, or illegal activity without your knoawledge.

A vulnerable webcam can give ANYONE on the Internet a view of your home. Secure these home gadgets as strongly as possible. Many can NEVER be updated, which means that you should discontinue their usage.

Wi-Fi Network Connection

Here are some general tips to secure your new IOT or smart home devices:

1. Change the default password or credentials of the Device
2. Update the device to the latest firmware available. If the company does not have a firmware update page on their website, we would return it. Do this again every couple months.
3. Connect your IOT device such as a Dropcam or Nest Smoke Detector to your Guest Wi-Fi network whenever possible.  This network should be walled off from the normal network, preventing access to all your Computers.  Malicious devices could snoop on your network and quietly send information without your knowledge.
4. If the Wireless routers guest network is not secure, it is even better to have 3 routers in a Y configuration. You can purchase an inexpensive router that hooks up to your Cable/DSL modem, then have 2 separate wireless routers connected to this device. Put all Internet of Things devices on one of the Y routers. Connect your computers, smartphones, tablets to the other router.
5. Have the Guest network that IOT devices are on, use a different dns server
6. Turn off uPNP on your router to prevent ports from being opened up to access IOT devices.
7. Never poke a hole through your firewall for a device. It could then be accessed by anyone on the Internet! Use Shields Up! to look for open ports.
8. Peer to Peer capabilities are hard to secure. Avoid devices with this.
9. Cheaper IOT devices especially no name ones sold on Amazon or eBay should be avoided. Most of these are rarely built with security in mind and are never updated.  Stick to brand name, IE Netgear, Google, Ring, etc..

Even the NSA is loving the rise of all these IOT devices to let them hack more easily. CCTV cameras were involved in a DDoS attacks, taking down small businesses who did not pay ransom.

Hacked Internet of Things Insecure Device List

Baby Monitors

Gynoii – Details

iBaby M3S, iBaby M6 – Details

Lens Peek-a-View – Details

Philips In.Sight B120/37 – Details

Summer Baby Zoom Wifi Monitor & Internet Viewing System – Details

TRENDnet WiFi Baby Cam TV-IP743SIC – Details

Home

AuYou Wi-Fi Smart Outlet Switch – Details

Ceomate Bluetooth Smart Doorlock – Details

Elecycle EL797 & EL797G Smart Padlock – Details

iBluock Padlock – Details

Garage doors with no rolling codes – Details

Kwikset – Smartkey locks – Details

Lagute Sciener Smart Doorlock v3.3.0 – Details

LIFX Smart LED Light Bulb – Details

Mesh Motion Bitlock Padlock v1.4.9 – Details

Okidokey Smart Doorlock v2.4 – Details

Plantraco Phantomlock v1.6 – Details

Poly Control Danalock Doorlock – Details

Quicklock Doorlock & Padlock – Details

Samsung Smart TVs 2015 – Details

TRANE Comfortlink XL850 – Details

Vians Bluetooth Smart Doorlock – Details

Kitchen Appliances

Smarter Wi-Fi iKettle – Details

Pacemakers

St. Jude Medical Cardiac Pacemakers – Details

Pets

Dog Training System – Details

Security

Yale Zigbee Doorlock – Details

Toys

Boosted, Revo, Yuneec Electric Skateboards – Details

Cayla Doll – Details – Banned in Germany ($26,000 fine!)

Cloud Pets – Details

Fredi Baby Monitor – Details

Hello Barbie – Details

iSPY Camera Tank – Details

Vtech Learning Lodge – Details

Webcams – IP Cameras – DVR

This category is a minefield.  Look how many people have their cameras made public on Insecam.com – Stick to a Dropcam or Ring Doorbell camera.

In September 2016 a massive number of IP Cameras and DVRs were hacked and used to DDOS or take off the Internet due to high traffic, websites. Each has a hard coded telnet username and password of root – xc3511 – XiongMai Technologies of Hangzhou, China, created many of these devices that are rebranded by others and sold. If you have one, updated it and change its password immediately.

We would never buy a no-name IP camera from amazon, you are just asking for it.

ACTi IP Camera – default login

ANKO Products DVR – default login

AVTECH IP Ccameras, NVR, DVR – Details

Axis IP Camera – default login – Watch video with no Passwords! – Update your camera

CCTV-DVR – Over 70 different Vendors – Details

D-Link DCS930L, DCS932L – Details

Dahua Security Cameras – default login– Must change default password and update firmware right away – Some have hardcoded backdoor ONVIF password of admin/admin. – Details – Includes:

DH-IPC-HDW23A0RN-ZS
DH-IPC-HDBW23A0RN-ZS
DH-IPC-HDBW13A0SN
DH-IPC-HDW13A0SN
DH-IPC-HFW13A0SN-W
DH-IPC-HDBW13A0SN
DH-IPC-HDW13A0SN
DH-IPC-HFW13A0SN-W
DHI-HCVR51A04HE-S3
DHI-HCVR51A08HE-S3
DHI-HCVR58A32S-S2

Dahua IP Camera – default login

Dahua IP Camera HDW4300C – default login

Dahua DVR – default login

Defeway – Watch video with no Passwords

Dreambox TV receiver- default login

Eminent EM6220 – Details

EV ZLX Two-way Speaker

Foscam – different brand names in Europe – Authenticate you with ‘admin’ without requiring password – Foscam C1 IP – Details

Guangzhou Juan Optical – default login

Netgear Arlo – Details

RaySharp DVRs – Details

Samsung IP Camera – Details

Shenzhen Anran Security Cameras – Details

Shenzhen Neo iDoorbell or NIP-22 – Details

Sony – IPELA Engine IP Cameras – Details

SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL, SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, and SNC-ER521C.

Toshiba Network Camera – Details

VideoIQ – Details

Vivotek IP Camera – Details

Security Researchers have found Security Holes

SmartThings – Details

Sony – Watch video with no Passwords!

TPLink- Watch video with no Passwords!

Universal Plug and Play UPnP – Always turn it off in your router! – Details

Vacron – Details

Wireless IP Camera (P2) Wificam – Details also known as:

Foscam C2 also known as: Chacon, Thomson, 7links, Netis, Turbox, Novodio, Ambientcam, Nexxt, Technaxx, Qcam, Ivue, Ebode, Sab, and Opticam.

3G+IPCam Other
3SVISION Other
3com CASA
3com Other
3xLogic Other
3xLogic Radio
4UCAM Other
4XEM Other
555 Other
7Links 3677
7Links 3677-675
7Links 3720-675
7Links 3720-919
7Links IP-Cam-in
7Links IP-Wi-Fi
7Links IPC-760HD
7Links IPC-770HD
7Links Incam
7Links Other
7Links PX-3615-675
7Links PX-3671-675
7Links PX-3720-675
7Links PX3309
7Links PX3615
7Links ipc-720
7Links px-3675
7Links px-3719-675
7Links px-3720-675
A4Tech Other
ABS Other
ADT RC8021W
AGUILERA AQUILERA
AJT AJT-019129-BBCEF
ALinking ALC
ALinking Other
ALinking dax
AMC Other
ANRAN ip180
APKLINK Other
AQUILA AV-IPE03
AQUILA AV-IPE04
AVACOM 5060
AVACOM 5980
AVACOM H5060W
AVACOM NEW
AVACOM Other
AVACOM h5060w
AVACOM h5080w
Acromedia IN-010
Acromedia Other
Advance Other
Advanced+home lc-1140
Aeoss J6358
Aetos 400w
Agasio A500W
Agasio A502W
Agasio A512
Agasio A533W
Agasio A602W
Agasio A603W
Agasio Other
AirLink Other
Airmobi HSC321
Airsight Other
Airsight X10
Airsight X34A
Airsight X36A
Airsight XC39A
Airsight XX34A
Airsight XX36A
Airsight XX40A
Airsight XX60A
Airsight x10
Airsight x10Airsight
Airsight xc36a
Airsight xc49a
Airsight xx39A
Airsight xx40a
Airsight xx49a
Airsight xx51A
Airsight xx51a
Airsight xx52a
Airsight xx59a
Airsight xx60a
Akai AK7400
Akai SP-T03WP
Alecto 150
Alecto Atheros
Alecto DVC-125IP
Alecto DVC-150-IP
Alecto DVC-1601
Alecto DVC-215IP
Alecto DVC-255-IP
Alecto dv150
Alecto dvc-150ip
Alfa 0002HD
Alfa Other
Allnet 2213
Allnet ALL2212
Allnet ALL2213
Amovision Other
Android+IP+cam IPwebcam
Anjiel ip-sd-sh13d
Apexis AH9063CW
Apexis APM-H803-WS
Apexis APM-H804-WS
Apexis APM-J011
Apexis APM-J011-Richard
Apexis APM-J011-WS
Apexis APM-J012
Apexis APM-J012-WS
Apexis APM-J0233
Apexis APM-J8015-WS
Apexis GENERIC
Apexis H
Apexis HD
Apexis J
Apexis Other
Apexis PIPCAM8
Apexis Pyle
Apexis XF-IP49
Apexis apexis
Apexis apm-
Apexis dealextreme
Aquila+Vizion Other
Area51 Other
ArmorView Other
Asagio A622W
Asagio Other
Asgari 720U
Asgari Other
Asgari PTG2
Asgari UIR-G2
Atheros ar9285
AvantGarde SUMPPLE
B-Qtech Other
B-Series B-1
BRAUN HD-560
BRAUN HD505
Beaulieu Other
Bionics Other
Bionics ROBOCAM
Bionics Robocam
Bionics T6892WP
Bionics t6892wp
Black+Label B2601
Bravolink Other
Breno Other
CDR+king APM-J011-WS
CDR+king Other
CDR+king SEC-015-C
CDR+king SEC-016-NE
CDR+king SEC-028-NE
CDR+king SEC-029-NE
CDR+king SEC-039-NE
CDR+king sec-016-ne
CDXX Other
CDXXcamera Any
CP+PLUS CP-EPK-HC10L1
CPTCAM Other
Camscam JWEV-372869-BCBAB
Casa Other
Cengiz Other
Chinavasion Gunnie
Chinavasion H30
Chinavasion IP611W
Chinavasion Other
Chinavasion ip609aw
Chinavasion ip611w
Cloud MV1
Cloud Other
CnM IP103
CnM Other
CnM sec-ip-cam
Compro NC150/420/500
Comtac CS2
Comtac CS9267
Conceptronic CIPCAM720PTIWL
Conceptronic cipcamptiwl
Cybernova Other
Cybernova WIP604
Cybernova WIP604MW
D-Link DCS-910
D-Link DCS-930L
D-Link L-series
D-Link Other
DB+Power 003arfu
DB+Power DBPOWER
DB+Power ERIK
DB+Power HC-WV06
DB+Power HD011P
DB+Power HD012P
DB+Power HD015P
DB+Power L-615W
DB+Power LA040
DB+Power Other
DB+Power Other2
DB+Power VA-033K
DB+Power VA0038K
DB+Power VA003K+
DB+Power VA0044_M
DB+Power VA033K
DB+Power VA033K+
DB+Power VA035K
DB+Power VA036K
DB+Power VA038
DB+Power VA038k
DB+Power VA039K
DB+Power VA039K-Test
DB+Power VA040
DB+Power VA390k
DB+Power b
DB+Power b-series
DB+Power extcams
DB+Power eye
DB+Power kiskFirstCam
DB+Power va033k
DB+Power va039k
DB+Power wifi
DBB IP607W
DEVICECLIENTQ CNB
DKSEG Other
DNT CamDoo
DVR DVR
DVS-IP-CAM Other
DVS-IP-CAM Outdoor/IR
Dagro DAGRO-003368-JLWYX
Dagro Other
Dericam H216W
Dericam H502W
Dericam M01W
Dericam M2/6/8
Dericam M502W
Dericam M601W
Dericam M801W
Dericam Other
Digix Other
Digoo BB-M2
Digoo MM==BB-M2
Digoo bb-m2
Dinon 8673
Dinon 8675
Dinon SEGEV-105
Dinon segev-103
Dome Other
Drilling+machines Other
E-Lock 1000
ENSIDIO IP102W
EOpen Open730
EST ES-IP602IW
EST IP743W
EST Other
EZCam EPK-EP10L1
EZCam EZCam
EZCam Other
EZCam PAN/TILT
EZCam Pan/Tilt
EasyCam EC-101HD
EasyCam EC-101HDSD
EasyCam EC-101SD
EasyCam EC-102
EasyCam Other
EasyN 187
EasyN 1BF
EasyN 720P
EasyN F
EasyN F-136
EasyN F-M136
EasyN F-M166
EasyN F-M181
EasyN F-M1b1
EasyN F-SERIES
EasyN F133
EasyN F2-611B
EasyN F3
EasyN F3-166
EasyN F3-176M
EasyN F3-M166
EasyN F3-SERIES
EasyN F3-Series
EasyN F3-m187
EasyN F3M187
EasyN FS-613A-M136
EasyN FS-613B
EasyN FS-613B-M166
EasyN FS-613B-MJPEG
EasyN FS613
EasyN F_M10R
EasyN H3-V10R
EasyN H6-M137h
EasyN M091
EasyN Other
EasyN est-007660-611b
EasyN est-007660333
EasyN f
EasyN f-Series
EasyN f138
EasyN f_series
EasyN fseries
EasyN kitch
EasyN s
EasySE F/B/N/I
EasySE H3
EasySE H3e
EasySE Other
Ebode IPV38W
Ebode IPV58
Ebode Other
Ego Other
Elro 901
Elro 903
Elro 903IP
Elro C7031P
Elro C703IP2
Elro C704-IP
Elro C704IP
Elro C704IP.2
Elro C704ip
Elro C803IP
Elro C903IP
Elro C903IP.2
Elro C904IP
Elro C904IP.2
Elro IP901
Elro Other
Eminent 6564
Eminent EM6220
Eminent EM6564
Eminent em6220
Esky C5900
Esky L
Esky Live
Esky c5900
Eura-Tech IC-03C3
EyeCam ICAM-608
EyeCam IP65IW
EyeCam Other
EyeCam STORAGEOPTIONS
EyeIPCam IP901W
EyeSight ES-IP607W
EyeSight ES-IP811W
EyeSight ES-IP909IW
EyeSight ES-IP935FW
EyeSight ES-IP935IW
EyeSight IP910IW
EyeSight IP915IW
EyeSight Other
EyeSight ip609IW
EyeSight ip909iw
EyeSight ip915iw
EyeSight mjpeg
EyeSpy247 Other
F-Series FSERIES
F-Series Ip
F-Series Other
F-Series ip
First+Concept Other
Focuscam F19821W
Foscam FI18904w
Foscam FI18905E
Foscam FI18905W
Foscam FI18906w
Foscam FI1890W
Foscam FI18910E
Foscam FI18910W
Foscam FI18910w
Foscam FI18916W
Foscam FI18918W
Foscam FI18919W
Foscam FI19810W
Foscam FI8094W
Foscam FI81904W
Foscam FI8601W
Foscam FI8602W
Foscam FI8606W
Foscam FI8610w
Foscam FI8903W
Foscam FI8903W_Elita
Foscam FI8904
Foscam FI8904W
Foscam FI8905E
Foscam FI8905W
Foscam FI8905w
Foscam FI8906w
Foscam FI8907W
Foscam FI8908W
Foscam FI8909W
Foscam FI890W
Foscam FI8910
Foscam FI8910E
Foscam FI8910W
Foscam FI8910W_DW
Foscam FI8910w
Foscam FI8916W
Foscam FI8918
Foscam FI89180w
Foscam FI8918E
Foscam FI8918W
Foscam FI8918w
Foscam FI8919W
Foscam FI9804W
Foscam FI9805E
Foscam FI9810
Foscam FI9810W
Foscam FI9818
Foscam FI9820w
Foscam FI9821W
Foscam FI9821w
Foscam FL8910
Foscam FS18908W
Foscam FS8910
Foscam Fi8910
Foscam Other
Foscam fI8989w
Foscam fi1890w
Foscam fl8910w
FoxCam PTZ2084-L
GIGA gb
GT+ROAD HS-006344-SPSLM
General Other
Generic All-in-one
Generic Billy
Generic DomeA-Outdoor
Generic IP
Generic Other
Gi-star+srl IP6031W
Gigaeye GB
GoAhead EC-101SD
GoAhead GoAheadWebs
GoAhead IPCAM1
GoAhead IPCAM2
GoAhead Other
GoAhead thedon
GoCam Other
Goclever EYE
Goclever EYE2
Gotake GTK-TH01B
H+264+network+DVR 720p
H+264+network+DVR Other
H.264 Other
H6837WI Other
HD+IPC Other
HD+IPC SV3C
HDIPCAM Other
Heden CAMH04IPWE
Heden CAMHED02IPW
Heden CAMHED04IP
Heden CAMHED04IPWN
Heden CAMHEDIPWP
Heden Other
Heden VisionCam
Heden visionCam
HiSilicon Other
Hikvision DS-2CD2132
Histream RTSP
HooToo F-SERIES
HooToo HOOTOO
HooToo HT-IP006
HooToo HT-IP006N
HooToo HT-IP009HDP
HooToo HT-IP206
HooToo HT-IP207F
HooToo HT-IP210HDP
HooToo HT-IP210P
HooToo HT-IP212
HooToo IP009HDP
HooToo Other
HooToo apm-h803-mpc
Hsmartlink Other
Hungtek WIFI
ICAMView Other
ICam I908W
ICam IP-1
ICam Other
ICam Other2
ICam dome
INISOFT-CAM Stan
INVID Other
IO+Data Other
IP66 Other
IPC IPC02
IPC Other
IPC S5030-TF
IPC S5030-m
IPC SRICAM
IPCC 3XPTZ
IPCC 7210W
IPCC IPCC-7210W
IPCC x01
IPTeles Other
IPUX ip-100
ISIT Other
IZOtech Other
IZTOUCH 0009
IZTOUCH A001
IZTOUCH IZ-009
IZTOUCH LTH-A8645-c15
IZTOUCH Other
IZTOUCH Other1
IZTOUCH ap001
IeGeek Other
IeGeek ukn
Inkovideo V-104
Iprobot3 Other
JRECam JM3866W
JWcam JWEV
JWcam Other
Jaycar 3834
Jaycar 720P
Jaycar Other
Jaycar QC-3831
Jaycar QC-3832
Jaycar QC-3834
Jaycar QC-3836
Jaycar QC-3839
Jaytech IP6021W
JhempCAM Back
JhempCAM Other
KaiKong 1601
KaiKong 1602w
KaiKong Other
KaiKong SIP
KaiKong SIP1602
KaiKong SIP1602W
KaiKong sip
KaiKong sip1602w
Kenton gjc02
Kinson C720PWIP
Klok Other
Knewmart KW01B
Knewmart KW02B
Kogan KAIPC01BLKA
Kogan KAIPCO1BLKA
Kogan Other
Kogan encoder
Kogan kaipc01blkb
Kompernass IUK
Koolertron Other
Koolertron PnP
Koolertron SP-SHEX21-SL
LC+security Other
LW lw-h264tf
LYD H1385H
Lager Other
Leadtek C351
LevelOne 1010/2010
Libor Other
LifeTech MyLifeTech
LifeTech Other
LifeTech dd
Lilly Other
Linq Other
Lloyds 1107
Loftek CXS
Loftek Nexus
Loftek Other
Loftek SPECTOR
Loftek Sendinel
Loftek Sentinel
LogiLink WC0030A
LogiLink wc0044
Logitech C920
MCL 610
MJPEG Other
Maginon 100
Maginon 10AC
Maginon 20C
Maginon IP-20c
Maginon IPC
Maginon IPC-1
Maginon IPC-10
Maginon IPC-100
Maginon IPC-100AC
Maginon IPC-10AC
Maginon IPC-2
Maginon IPC-20
Maginon IPC20C
Maginon IPC_1A
Maginon Other
Maginon SUPRA
Maginon Supra
Maginon ipc
Maginon ipc-1a
Maginon ipc100a
Maginon ipx
Maginon w2
Marmitek GM-8126
Maygion IP
Maygion OTHER2
Maygion Other
Maygion V3
Maygion black
Mediatech mt4050
Medisana SmartBabyMonitor
Merlin IP
Merlin Other
Merlin vstc
Messoa Other
Mingyoushi S6203Y-WR
Momentum 2002
Momentum MO-CAM
NEXCOM S-CAM
NIP NIP-004500-KMTLU
NIP NIP-075007-UPHTF
NIP NIP-11BGPW
NIP NIP-14
NTSE Other
Neewer Other
Neewer V-100
Neo+CoolCam NIP
Neo+CoolCam NIP-02(OAM)
Neo+CoolCam NIP-06
Neo+CoolCam NIP-066777-BWESL
Neo+CoolCam NIP-102428-DFBEF
Neo+CoolCam NIP-H20(OZX)
Neo+CoolCam OBJ-007260-LYLDU
Neo+CoolCam Other
Neo+CoolCam neo
Neo+CoolCam nip-11
Neo+CoolCam nip-20
Ness Other
NetView Other
Netcam Dual-HD
Netcam HSL-232245-CWXES
Netcam OUVIS
Netcam Other
Netware Other
Nexxt+Solution Xpy
Nixzen Other
NorthQ NQ-9006
Office+One CM-I11123BK
Office+One IP-900
Office+One IP-99
Office+One Other
Office+One SC-10IP
Office+One ip-900
Office+One ip900
Opexia OPCS
Optica+Video FI-8903W
Optica+Video FI-8918W
Optica+Video Other
Otto 4eye
Overmax CamSpot
Overmax Camspot
OwlCam CP-6M201W
P2p wificam
PCS Other
Panasonic BL-C131A
PeopleFu IPC-674
PeopleFu IPCAM1
PeopleFu IPCAM2
PeopleFu IPCAM3
PeopleFu IPCAM5
Pixpo 1Z074A2A0301627785
Pixpo PIX006428BFYZY
Pixpo PIX009491MLJYM
Pixpo PIX009495HURFE
Pixpo PIX010584DFACE
Plaisio IP
Planex Other
Planex PLANEX
Polariod P351S
Polaroid IP-100
Polaroid IP-101W
Polaroid IP-200B
Polaroid IP-201B
Polaroid IP-350
Polaroid IP-351S
Polaroid IP-360S
Polaroid IP-810W
Polaroid IP-810WZ
Polaroid Other
Polaroid POLIP101W
Polaroid POLIP201B
Polaroid POLIP201W
Polaroid POLIP351S
Polaroid POLIP35i5
PowerLead Caue
PowerLead PC012
ProveCam IP2521
Provision 717
Provision F-717
Provision F-737
Provision PT-737
Provision WP-711
Provision WP-717P
Pyle HD
Pyle HD22
Pyle HD46
Pyle Mine
Pyle PIPCAM15
Pyle Pipcam12
Pyle cam5
Pyle pipcam25
Pyle pipcam5
Q-nest QN-100S
Q-nest qn-100s
Queback 720p
ROCAM NC-400
ROCAM NC-500
ROCAM NC300
ROCAM NC300-1
ROHS IP
ROHS none
RTX 06R
RTX DVS
RTX IP-06R
RTX IP-26H
RTX Other
Rollei safetycam-10hd
SES Other
SKJM Other
SST SST-CNS-BUI18
SVB+International SIP-018262-RYERR
SafeHome 278042
SafeHome 616-W
SafeHome IP601W-hd
SafeHome Other
SafeHome VGA
SafeHome iprobot
Samsung Other
Santec-Video Other
Sarotech IPCAM-1000
Sarotech ip300
Scricam 004
Scricam 192.168.1.7
Scricam AP-004
Scricam AP-009
Scricam AP0006
Scricam AP006
Secam+CCTV IPCAM
Secam+CCTV Other
Seculink 10709
Seculink Other
Secur+Eye xxc5330
Seisa JK-H616WS
Senao PTZ-01H
Sequrecam Other
Sequrecam PNP-125
Sercomm Other
Shenwhen+Neo+Electronic+Co NC-541
Shenwhen+Neo+Electronic+Co Other
Shenwhen+Neo+Electronic+Co X-5000B
Shenzhen 720P
Shixin+China IP-129HW
Siepem IPC
Siepem S5001Y-BW
Siepem S6203y
Siepem S6211Y-WR
Simi+IP+Camera+Viewer Other
Sineoji Other
Sineoji PT-315V
Sineoji PT-3215P
Sineoji PT-325IP
Sinocam Other
Sky+Genious Genious
Skytronic IP
Skytronic IP99
Skytronic Other
Skytronic WiFi
Skytronic dome
SmartEye Other
SmartWares C723IP
SmartWares c724ip
SmartWares c923ip
SmartWares c924ip
Solwise SEC-1002W-IR
Spy+Cameras WF-100PCX
Spy+Cameras WF-110V
Sricam 0001
Sricam 004
Sricam A0009
Sricam A001
Sricam AP-001
Sricam AP-003
Sricam AP-004
Sricam AP-005
Sricam AP-006
Sricam AP-009
Sricam AP-012
Sricam AP-CAM
Sricam AP0009
Sricam AP002
Sricam AP995
Sricam Cam1
Sricam Front
Sricam Home
Sricam Other
Sricam SP005
Sricam SP012
Sricam SP013
Sricam SP015
Sricam SRICAM
Sricam SRICAM1
Sricam aj-c2wa-c118
Sricam ap
Sricam ap006
Sricam ap1
Sricam h.264
Sricam sp013
Sricctv A-0006
Sricctv A-009
Sricctv AJ-006
Sricctv AP-0001
Sricctv AP-0005
Sricctv AP-0009
Sricctv AP-001
Sricctv AP-002
Sricctv AP-003
Sricctv AP-004
Sricctv AP-004AF
Sricctv AP-005
Sricctv AP-006
Sricctv AP-007
Sricctv AP-008
Sricctv AP-009
Sricctv AP-011
Sricctv AP-014
Sricctv H-264
Sricctv Other
Sricctv P2P-BLACK
Sricctv P2P-Black
Sricctv SP-007
Sricctv SR-001
Sricctv SR-004
Star+Vedia 6836
Star+Vedia 7837-WIP
Star+Vedia C-7835WIP
Star+Vedia Other
Star+Vedia T-6836WTP
Star+Vedia T-7833WIP
Star+Vedia T-7837WIP
Star+Vedia T-7838WIP
StarCam C33-X4
StarCam EY4
StarCam F6836W
StarCam Other
StarCam c7837wip
Stipelectronics Other
Storage+Options HOMEGUARD
Storage+Options Other
Storage+Options SON-IPC1
Sumpple 610
Sumpple 610S
Sumpple 631
Sumpple 960P
Sumpple S601
Sumpple S610
Sumpple S631
Sumpple S651
Sumpple qd300
Sumpple s631
SunVision+US Other
Sunbio Other
Suneyes Other
Suneyes SP-T01EWP
Suneyes SP-T01WP
Suneyes SP-TM01EWP
Suneyes SP-TM01WP
Suneyes SP-tm05wp
Sunluxy H-264
Sunluxy HZCam
Sunluxy Other
Sunluxy PTZ
Sunluxy SL-701
Supra+Space IPC
Supra+Space IPC-1
Supra+Space IPC-100AC
Supra+Space IPC-10AC
Supra+Space Other11
Supra+Space ipc-20c
Sure-Eye Other
Surecom LN-400
Swann 005FTCD
Swann 440
Swann 440-IPC
Swann ADS-440
Swann ADS-440-PTZ
Swann ADS-CAMAX1
Swann Other
Swann SWADS-440-IPC
Swann SWADS-440IPC-AU
Sygonix 43176A
Sygonix 43558A
Szneo CAM0X
Szneo CoolCam
Szneo NIP
Szneo NIP-0
Szneo NIP-02
Szneo NIP-031
Szneo NIP-031H
Szneo NIP-06
Szneo NIP-12
Szneo NIP-2
Szneo NIP-20
Szneo NIP-210485-ABABC
Szneo NIP-26
Szneo NIP-X
Szneo NP-254095
Szneo Other
Szneo TFD
TAS-Tech Other
Technaxx tx-23
Techview GM8126
Techview QC-3638
Techview qc3839
Temvis Other
Tenda C50S
Tenda c30
Tenda c5+
Tenvis 0012
Tenvis 3815
Tenvis 3815-W
Tenvis 3815W
Tenvis 3815W.
Tenvis 3815W2013
Tenvis IP-319W
Tenvis IP-319w
Tenvis IP-391W
Tenvis IP-391WHD
Tenvis IP-602W
Tenvis IP602W
Tenvis IPROBOT
Tenvis JP-3815W
Tenvis JPT-3814WP2P
Tenvis JPT-3815
Tenvis JPT-3815-P2P
Tenvis JPT-3815W
Tenvis JPT-3815W+
Tenvis JPT-3815WP2P
Tenvis JPT-3815w
Tenvis JPT-3818
Tenvis MINI-319W
Tenvis Mini-319
Tenvis Other
Tenvis PT-7131W
Tenvis TH-661
Tenvis TR-3818
Tenvis TR-3828
Tenvis TR3815W
Tenvis TZ100
Tenvis TZ100/IPROBOT3
Tenvus JPG3815W
Threeboy IP-660
Topcam SL-30IPC01Z
Topcam SL-720IPC02Z
Topcam SL-910IW30
Topica+CCTV Other
Trivision NC-335PW-HD-10
Trust NW-7500
Turbo+X Endurance
Turbo+X IIPC-20
Uokoo 720P
VCatch Other
VCatch VC-MIC720HK
Valtronics IP
Valtronics Other
Vandesc IP900
Vantech Other
Vantech PTZ
Videosec+Security IPC-103
Videosec+Security IPP-105
Vimicro Other
Vitek+CCTV Other
Vstarcam 7823
Vstarcam C-7824WIP
Vstarcam C-7833WIP-X4
Vstarcam C-7833wip
Vstarcam C-7837WIP
Vstarcam C-7838WIP
Vstarcam C50S
Vstarcam C7816W
Vstarcam C7824WIP
Vstarcam C782WIP
Vstarcam C7842WIP
Vstarcam C93
Vstarcam C=7824WIP
Vstarcam Cam360
Vstarcam F-6836W
Vstarcam H-6837WI
Vstarcam H-6837WIP
Vstarcam H-6850
Vstarcam H-6850WIP
Vstarcam H-6850wip
Vstarcam ICAM-608
Vstarcam Other
Vstarcam T-6835WIP
Vstarcam T-6836WTP
Vstarcam T-6892wp
Vstarcam T-7815WIP
Vstarcam T-7833WIP
Vstarcam T-7833wip
Vstarcam T-7837WIP
Vstarcam T-7838WIP
Vstarcam T-7892WIP
Vstarcam T6836WTP
Vstarcam T7837WIP
Vstarcam c7815wip
Vstarcam c7833wip
Vstarcam c7850wip
Wanscam 00D6FB01980F
Wanscam 106B
Wanscam 118
Wanscam 541-W
Wanscam 543-W
Wanscam 790
Wanscam AJ-C0WA-198
Wanscam AJ-C0WA-B106
Wanscam AJ-C0WA-B116
Wanscam AJ-C0WA-B168
Wanscam AJ-C0WA-B1D8
Wanscam AJ-C0WA-C0D8
Wanscam AJ-C0WA-C116
Wanscam AJ-C0WA-C126
Wanscam AJ-C2WA-B118
Wanscam AJ-C2WA-C116
Wanscam AJ-C2WA-C118
Wanscam AJ-C2WA-C198
Wanscam AJ-COWA-B1D8
Wanscam AJ-COWA-C116
Wanscam AJ-COWA-C126
Wanscam AJ-COWA-C128
Wanscam AW00004J
Wanscam B1D8-1
Wanscam C-118
Wanscam C-126
Wanscam Colour
Wanscam FI-18904w
Wanscam FR-4020A2
Wanscam FR4020A2
Wanscam HD-100W
Wanscam HW-0021
Wanscam HW-0022
Wanscam HW-0022HD
Wanscam HW-0023
Wanscam HW-0024
Wanscam HW-0025
Wanscam HW-0026
Wanscam HW-0028
Wanscam HW-0033
Wanscam HW-0036
Wanscam HW-0038
Wanscam HW-0039
Wanscam HW-22
Wanscam HW0030
Wanscam IP
Wanscam JW-0001
Wanscam JW-0003
Wanscam JW-0004
Wanscam JW-0004m
Wanscam JW-0005
Wanscam JW-0006
Wanscam JW-0008
Wanscam JW-0009
Wanscam JW-0010
Wanscam JW-0011
Wanscam JW-0011l
Wanscam JW-0012
Wanscam JW-0018
Wanscam JW-004
Wanscam JW-009
Wanscam JW-CD
Wanscam JW000008
Wanscam JW0009
Wanscam JW001
Wanscam JW0012
Wanscam JW008
Wanscam JWEV
Wanscam JWEV-011777-NSRVV
Wanscam JWEV-011921-RXSXT
Wanscam JWEV-360171-BBEAC
Wanscam JWEV-380096-CECDB
Wanscam JWEV-PEPLOW
Wanscam NBC-543W
Wanscam NC-530
Wanscam NC-541
Wanscam NC-541/W
Wanscam NC-541W
Wanscam NC-541w
Wanscam NC-543W
Wanscam NCB-534W
Wanscam NCB-540W
Wanscam NCB-541W
Wanscam NCB-541WB
Wanscam NCB-543W
Wanscam NCBL-618W
Wanscam NCH-532MW
Wanscam NCL-610W
Wanscam NCL-612W
Wanscam NCL-616W
Wanscam NCL-S616W
Wanscam Other
Wanscam TG-002
Wanscam WJ-0004
Wanscam WX-617
Wanscam Works
Wanscam XHA-120903181
Wanscam XHA-4020a2
Wanscam __PTZ
Wanscam chiOthernese
Wanscam ip
Wanscam jw0005
Wanscam jw0010
Wansview 541
Wansview 625W
Wansview MCM-627
Wansview N540w
Wansview NCB-534W
Wansview NCB-541W
Wansview NCB-541w
Wansview NCB-543W
Wansview NCB541W
Wansview NCB545W
Wansview NCL-610W
Wansview NCL610D04
Wansview NCL614W
Wansview Other
Wansview dcs543w
Wansview nc543w
Wardmay+CCTV WDM-6702AL
Watch+bot+Camera resup
WebcamXP Other
WinBook Other
WinBook T-6835
WinBook T-6835WIP
WinBook T-7838
Winic NVT-530004
Wise+Group Other
X-Price Other
X10 39A
X10 AIRSIGHT
X10 AirSight
X10 Airsight
X10 Jake
X10 Other
X10 XC-38A
X10 XX-36A
X10 XX-39A
X10 XX-56A
X10 XX-59A
X10 XX-60
X10 XX-69A
X10 XX41Ahome
XVision Other
XXCamera 53100
XXCamera 5330-E
XXCamera Other
XXCamera XXC-000723-NJFJD
XXCamera XXC-092411-DCAFC
XXCamera XXC-50100-H
XXCamera XXC-50100-T
XXCamera XXC-5030-E
XXCamera XXC-53100-T
XXCamera XXC52130
Xin+Ling Other
Yawcam Other
Zilink Other
Zmodo CMI-11123BK
Zmodo IP-900
Zmodo Other
Zodiac+Security 909
Zodiac+Security Other
Zoneway NC638MW-P
ZyXEL Other
alexim Other
alexim cam22822
alias Other
all+in+one+ Other
all+in+one+ b1
all-in-one Other
allecto DVC-150IP
apc Other
asw-006 Other
boh l
bravo Other
bush+plus BU-300WF
ccam p2p
china 8904W
china HDIPCAM
china IPCAM
china Other
china PTZCAM
china np-02
ciana+exports antani
cina Other
coolead L
coolead L610WS
dax Other
denver IPC-320
denver IPO-320
e-landing 720p
eScam QF100
ebw Other
epexis PIPCAMHD82
epexis pipcam5
esecure nvp
geeya C602
geeya P2P
geeya c801
hdcam Other
homeguard 720P
homeguard Other
homeguard Wireless
homeguard wifi
iView ID002A
iView Other
insteon 75790
insteon 75790wh
insteon High
insteon Other
insteon Wireless
iuk 5A1
ivision hdwificam
iwitness bullet
jwt Other
jyacam JYA8010
kadymay KDM-6800
kadymay KDM6702
kadymay KMD-6800
kadymay Other
kang+xun xxc5030-t
kines Other
kiocong 1601
kiocong 1602
kiocong 1609
kiocong Other
kodak 201pl
koicong 1601
l+series CAM0758
l+series CAM0760
l+series Other
l+series V100
logan n8504hh
meyetech 095475-caeca
meyetech 188091-EFBAE
meyetech Other
meyetech WirelessCam
micasaverde VistaCamSD
pipcam HD17
pni 941w
pni IP451W
pni IP541W
pni IP941W
pni IP951W
pni Other
pnp IP
pnp Other
semac Other
skylink WC-300PS
storex D-10H

Printers

Brother printers including DCP-9020CDW, MFC-9340CDW, MFC-L2700DW, or MFC-J2510 – Details

HP All in One Printers with Fax capability – Details

HP PageWide, HP OfficeJet Pro printers – Details

Panasonic Printer – Details

Storage

Medion LifeCloud Nas  – Details

Netgear ReadyNAS – Details

Netgear Stora  – Details

Seagate Home  – Details

Western Digital My Cloud NAS devices – Details

Western Digital My Book – Details

Wireless Routers

Misfortune Cookie Vulnerability, 12 million router – Long list of routers from Asus to ZTE – Details

Arris NVG589, NVG599 and possibly other modems, routers, gateways sold for AT&T’s U-verse service have a major security hole. If you have one, you need to update it as soon as possible to software newer than 9.2.2 or apply this fix.

CData networking equipment (Cdata, OptiLink, BLIY)- Major backdoors and other issues – Details – The company says these are counterfeit versions.

Cisco RV110W, RV130W, RV215W – Details

Davolink dv2 200 router – Details

D-Link DWR-116, DIR-140L, DIR-640L, DWR-512, DWR-712, DWR-912, DWR-921, DWR-111 and other using similar firmware – Details

D-Link DIR-600l -905l – Details

D-Link DIR-600, DIR-300 – Details

Dlink DWR-932B – Details

Dlink 850L – Details

D-Link DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B – Details

Huawei HG532e – Details

Linksys Wireless Routers Jan 2017 – Details

Linksys E1500/E2500 – Details

Linksys E Series Routers 2018 – Details

MikroTik Routers – Details

Netgear DGN Series- Details

Netgear Routers – 2018 Details – 2020 Details

OpenWRT Firmware – Details

Pulse Secure VPN – Details – Passwords Leaked

Ruckus – Details

Sierra LS300, GX400, GX/ES440, GX/ES450, and
RV50 – Must change default password – Details

Tomato Alternative firmware – Details

TP Link – TL-WR841N – Details

Trendnet TEW-731BR router – Details

Ubiquiti – Details – Details

Zyxel NAS542, NAS540, NAS520, NAS326, NSA325 v2, NSA325, NSA320S, NSA320, NSA310S, NSA310, NSA221, NSA220+, NSA220, and NSA210. – Details – Older models will not be patched, must keep NAS behind firewall.  Some Zyxel firewalls also have vulnerability. Stop using ones that are not patched. – Details

These routers have uPNP on by default and should not:

ADB Broadband S.p.A,    HomeStation ADSL Router  
ADB Broadband,    ADB ADSL Router  
ADBB,    ADB ADSL Router  
ALSiTEC,    Broadcom ADSL Router  
ASB,    ADSL Router  
ASB,    ChinaNet EPON Router  
ASB,    ChinaTelecom E8C(EPON) Gateway  
Actiontec,    Actiontec GT784WN  
Actiontec,    Verizon ADSL Router  
BEC Technologies Inc.,    Broadcom ADSL Router  
Best IT World India Pvt. Ltd.,    150M Wireless-N ADSL2+ Router  
Best IT World India Pvt. Ltd.,    iB-WRA300N  
Billion Electric Co., Ltd.,    ADSL2+ Firewall Router  
Billion Electric Co., Ltd.,    BiPAC 7800NXL  
Billion,    BiPAC 7700N  
Billion,    BiPAC 7700N R2  
Binatone Telecommunication,    Broadcom LAN Router  
Broadcom,    ADSL Router  
Broadcom,    ADSL2+ 11n WiFi CPE  
Broadcom,    Broadcom  Router  
Broadcom,    Broadcom ADSL Router  
Broadcom,    D-Link DSL-2640B  
Broadcom,    D-link ADSL Router  
Broadcom,    DLink ADSL Router  
ClearAccess,    Broadcom ADSL Router  
Comtrend,    AR-5383n  
Comtrend,    Broadcom ADSL Router  
Comtrend,    Comtrend single-chip ADSL router  
D-Link Corporation.,    D-Link DSL-2640B  
D-Link Corporation.,    D-Link DSL-2641B  
D-Link Corporation.,    D-Link DSL-2740B  
D-Link Corporation.,    D-Link DSL-2750B  
D-Link Corporation.,    D-LinkDSL-2640B  
D-Link Corporation.,    D-LinkDSL-2641B  
D-Link Corporation.,    D-LinkDSL-2741B  
D-Link Corporation.,    DSL-2640B  
D-Link,    ADSL 4*FE 11n Router  
D-Link,    D-Link ADSL Router  
D-Link,    D-Link DSL-2640U  
D-Link,    D-Link DSL-2730B  
D-Link,    D-Link DSL-2730U  
D-Link,    D-Link DSL-2750B  
D-Link,    D-Link DSL-2750U  
D-Link,    D-Link DSL-6751  
D-Link,    D-Link DSL2750U  
D-Link,    D-Link Router  
D-Link,    D-link ADSL Router  
D-Link,    DVA-G3672B-LTT Networks ADSL Router  
DARE,    Dare router  
DLink,    D-Link DSL-2730B  
DLink,    D-Link VDSL Router  
DLink,    DLink ADSL Router  
DQ Technology, Inc.,    ADSL2+ 11n WiFi CPE  
DQ Technology, Inc.,    Broadcom ADSL Router  
DSL,    ADSL Router  
DareGlobal,    D-Link ADSL Router  
Digicom S.p.A.,    ADSL Wireless Modem/Router  
Digicom S.p.A.,    RAW300C-T03  
Dlink,    D-Link DSL-225  
Eltex,    Broadcom ADSL Router  
FiberHome,    Broadcom ADSL Router  
GWD,    ChinaTelecom E8C(EPON) Gateway  
Genew,    Broadcom ADSL Router  
INTEX,    W150D  
INTEX,    W300D  
INTEX,    Wireless N 150 ADSL2+ Modem Router  
INTEX,    Wireless N 300 ADSL2+ Modem Router  
ITI Ltd.,    ITI Ltd.ADSL2Plus Modem/Router  
Inteno,    Broadcom ADSL Router  
Intercross,    Broadcom ADSL Router  
IskraTEL,    Broadcom ADSL Router  
Kasda,    Broadcom ADSL Router  
Link-One,    Modem Roteador Wireless N ADSL2+ 150 Mbps  
Linksys,    Cisco X1000  
Linksys,    Cisco X3500  
NB,    DSL-2740B  
NetComm Wireless Limited,    NetComm ADSL2+ Wireless Router  
NetComm,    NetComm ADSL2+ Wireless Router  
NetComm,    NetComm WiFi Data and VoIP Gateway  
OPTICOM,    DSLink 279  
Opticom,    DSLink 485  
Orcon,    Genius  
QTECH,    QTECH  
Raisecom,    Broadcom ADSL Router  
Ramptel,    300Mbps ADSL Wireless-N Router  
Router,    ADSL2+ Router  
SCTY,    TYKH PON Router  
Star-Net,    Broadcom ADSL Router  
Starbridge Networks,    Broadcom ADSL Router  
TP-LINK Technologies Co., Ltd,    300Mbps Wireless N ADSL2+ Modem Router  
TP-LINK Technologies Co., Ltd,    300Mbps Wireless N USB ADSL2+ Modem Router  
TP-LINK,    TP-LINK Wireless ADSL2+ Modem Router  
TP-LINK,    TP-LINK Wireless ADSL2+ Router  
Technicolor,    CenturyLink TR-064 v4.0  
Tenda,    Tenda ADSL2+ WIFI MODEM  
Tenda,    Tenda ADSL2+ WIFI Router  
Tenda,    Tenda Gateway  
Tenda/Imex,    ADSL2+ WIFI-MODEM WITH 3G/4G USB PORT  
Tenda/Imex,    ADSL2+ WIFI-MODEM WITH EVO SUPPORT  
UTStarcom Inc.,    UTStarcom ADSL2+ Modem Router  
UTStarcom Inc.,    UTStarcom ADSL2+ Modem/Wireless Router  
UniqueNet Solutions,    WLAN N300 ADSL2+ Modem Router  
ZTE,    Broadcom ADSL Router  
ZTE,    ONU Router  
ZYXEL,    ZyXEL VDSL Router  
Zhone,    Broadcom ADSL Router  
Zhone,    Zhone Wireless Gateway  
Zoom,    Zoom Adsl Modem/Router  
ZyXEL,    CenturyLink UPnP v1.0  
ZyXEL,    P-660HN-51  
ZyXEL,    ZyXEL xDSL Router  
huaqin,    HGU210 v3 Router  
iBall Baton,    iBall Baton 150M Wireless-N ADSL2+ Router  
iiNet Limited,    BudiiLite  
iiNet,    BoB2  
iiNet,    BoBLite  

Chips used in many products

Realtek rtl81xx SDK with the miniigd daemon – Details

Motherboards

SuperMicro BMC – Details

General Internet of Things Security Tips

Securing Wearable Technology Fitness Devices

Fitness trackers like the Fitbit, Vivosmart, Jawbone Up, Apple Watch, etc connect via Bluetooth.  Some devices use a fixed Bluetooth MAC address, allow criminals or law enforcement to identify you, wherever you go.

More secure fitness trackers like the Apple Watch protect users against tracking by switching the devices address every 10 minutes.

Look for updates from your fitness device’s website to address this issue. Garmin has issued updates to fix this issue.

Federal Trade Commission Makes Asus Improve Router Security

In February 2016, the Federal Trade Commission settled charges with Asus, over critical security flaws in its routers that put the home networks of hundreds of thousands of consumers at risk.

Finally!, the government is forcing these manufacturers to fix wireless routers that can be come huge security holes. This precedent should cause Internet of Things makers to also fix issues, or be subject to lawsuits.

Conclusion

IOT devices are great, but introduce a new level of complexity and security holes for hackers to break in.

Do you worry about getting hacked through your gadgets?

Google’s Android operating system powers many popular cellphones including the popular Samsung Galaxy S10. Most Android Smartphone users as well as most of the pubic at large do not think very much about security.

If your phone is not running the latest Android Monthly security patches or is Android 6 or older, you are open to attack. A recent Wall Street Journal article showed that only 2.8% of Android devices have the latest security patches. Compare that to 79% of iPhones, due to Apple’s more uniform eco-system.

As of February 2019 only Android 7 to 9 receive security updates now)

Most Up to Date Android Smartphones

• Google Pixel 3

This flagship phone runs the latest Android version and is patched regularly. Sold directly from Google or from a couple wireless carriers.

You can check this Google Support page that shows when updates will be available for Google devices and when devices stop getting updates.

Keep in mind that some companies claim to have all the latest security patches but may not.

We will cover some techniques to enhance your Android phone security.

Obsolete Hardware

Most hardware vendors like Samsung stop issuing updates after 3 years of release.  Need a good reason to upgrade to a new phone?  This is it. Incapacitate then recycle your old phone to prevent reuse.

Samsung has a page that lists which devices are still getting updates, as does Google.

Samsung SmartSwitch helps you update phones on Windows or Mac.

If you have an Phone or Tablet that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that Android Patch in July 2017 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

Google Play Protect

• Be sure your device is running Google Play Protect.  It scans for Malware and bad apps. This was release in July 2017 and runs on Google Play Services 11 or higher. This is a unification of Android security systems like Verify Apps, browser protection, and anti-theft measures.

You need to test your Android Device for Vulnerabilities

Here are the major security holes that you need to test your phone against.  If your phone fails any of these, get it updated or buy a new phone.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page!  Update your Android software to Patch Level February 2019 or later, right away.  If your phone no longer gets updates, please consider buying a new one.

QuadRooter – Learn more about this issue. August 2016

DroidJack Remote spying – Learn more about this issue. August 2015

Stagefright MMS Flaw- Learn more about this issue. August 2015

Shellshock – Learn more about this issue. September 2014

Why is Android more susceptible to attack?

• Older Smartphones with unpatched old versions of Android
• Many phones never being given latest updates
• Bigger audience to attack due to market share
• Chipset vendors fixes slow to reach public
• Multiple App stores
• Apps are not thoroughly vetted
• Bloatware, trialware from handset makers
• Malware introduced in production chain

The Android Smartphone is part of Android’s open ecosystem, making viruses and malware more possible than closed platforms like the iPhone. As the Android Smartphone has grown in popularity, the smartphone has become more of a target by hackers and criminals. The DroidDream and Plankton Android malware infected over 250,000 phones before anyone discovered their malware. Google removed over 58 malicious apps from this single malware. A recent survey has shown that only 30% of Android Smartphone users installed security software on their phones. Malware can grab private data or use the phone to communicate externally.
Carrier IQ is a controversial piece of software that can show you what certain Android phones and spyware can do if the carriers allow it.

It is important that Android Smartphone users immediately become more vigilant about smartphone security. Our tutorial covers the Android Smartphones running most versions of the Android operating system.

Android Vulnerabilities.org gives a snapshot of how many devices are insecure.

The NSA and Android

Did you know that the NSA has been programming for Android and has inserted its code into the operating system? This has been happening since 2011 and has been focused on adding code to prevent hackers and marketers from accessing personal data on your Android device. Devices including the Samsung Galaxy S4 and HTC One have NSA code embedded, but not enabled by default. Apple does not accept code from government agencies. Android is open source, so programmers can more easily scrutinize every line of code that is in it. Hopefully the NSA will not add monitoring code in the future.

1. Android Smartphone Software Updates

Google upgrades the Android software for the Android Smartphone all the time. Montly Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Yes, updates take a while to install, but you do need to do it right away. Contact your smartphone vendor for the latest Android software update to your handset.

Some handset makers take their time to release Android updates.  Beware. This is the MAIN reason why millions of Android phones go unpatched.  Buy a phone that use plain Android and can take updates directly from Google, like the Google Nexus or Pixel line.

90 percent of Android devices two years or older have an operating system that’s vulnerable.

Replacing an Android Phone due to Lack of Updates

If you have an Android Smartphone that does not get the latest Android updates, we highly recommend you REPLACE the smartphone with a new one that does. Unfortunately you will need to switch phones every 2-3 years to keep up to date. Recycle the phone, do not give it away.

This Google support page  shows you the status of Google Nexus Software updates and security updates.

These Nexus phones, tablets are have no guaranteed security updates after October 2017!

• Nexus 10
• Nexus 9
• Nexus 7
• Nexus 6
• Nexus 5
• Nexus 4

If you Root your Android Smartphone, you need to be extra careful with regards to security as updates are much more difficult for you. Be careful where you obtain your Android Apps as malware is much more prevalent. Rooting also exposes your device’s internal hardware to software much more so than normal. This is the equivalent of running your PC as Administrator.

2. Android Smartphone App Security

Apple’s App Store reviews all submissions before adding them, but Google does not thoroughly review Apps added to their store. Google does run a security scanner on apps to ensure that they do not include known malware. There have been several occasions where Apps containing malware have entered the Google play formerly known as Android Market.

Neither App Store technique is full proof, users need to be careful when installing apps.

Apps are prone to security vulnerabilities that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. To update applications do the following:

• Tap the Notification menu at the top and drag it downwards. If there are App updates available, they will be shown
• Tap on App updates to bring you to Google play formerly known as Android Market
• Tap the App to be updated
• Repeat the process for all Apps

Google has the ability to remotely remove malicious apps from your Android Smartphone. This is NOT true if you buy from 3rd party App store.

When installing new Apps, we suggest you install well known Apps from Google play formerly known as Android Market or Amazon App Store with positive reviews, and avoid brand new Apps from unfamiliar companies, and unofficial 3rd party App stores like mmoovv.com or samsunggalaxy-s.ru.This becomes a problem when the official App Market is blocked, such is the case in China.

It is fairly easy to repackage free Apps into a clone of the App. Repackaged Apps that also include Malware or Spyware have been encountered on 3rd party Android Markets. Free pirated versions of paid Apps are also found on 3rd party sites. Download only from the official App Market and give new Apps time to build trust and to allow others to help test the App for malware and security risks.

Users also need to be aware that scareware where apps are displaying advertisements for battery saving apps have been tied to malware. If the user taps on the ad, your phone’s browser launches and proceeds to download the apps file. These apps could endanger your privacy by stealing your address book, or cause money to be withdrawn from your accounts via costly phone calls or SMS messages.

3. Suggested Android Smartphone Settings for Security

Below are several suggestions for Android Smartphone settings to increase security on the smartphone. If you use swipe patterns to unlock the phone, make sure you clean your Android devices’ screen regularly otherwise people can see how your pattern looks.  Doing repeated circular or square patterns helps foil thieves.

Enable Passcode

• Open Settings
  
• Select Security
• Select Screen Lock
• Select Password
• Enter a Passcode – Do not select an obvious passcode like 1234a or 1111a

Google automatically encrypts its Nexus smartphones, but other companies are not required to do this. As of 2016, less than 10% of Android phones had encryption enabled. 80% of iPhones had encryption turned on. Android 6 Marshmallow requires encryption to be enabled by default.

Encrypt your Android Smartphone and require a PIN or password to decrypt it every time you power it on. It takes an hour or longer to initially encrypt your Smartphone. Older Android phones many operate slower when encryption is enabled. Launching apps might take a second or two longer. Turning on encyption requires a full battery or the phone connected to a charger.

• Open Settings
  
• Select Security
• Select Encrypt phone
• Click Encrypt phone

Lock SIM card makes your phone require a PIN before becoming enabled.

• Open Settings
  
• Select Security
• Select Set up SIM card lock
  
• Select Lock SIM card

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
  
• Select Wireless and Networks
• Uncheck Bluetooth

Backing up your Android Smartphone regularly is an important task. If you have a rooted Android Smartphone use the ROM Manager and Titanium Backup root.  Regular Android Smartphones need to pay for backup Apps like MyBackup Pro. There are free Apps to backup individual areas like SMS, images, or Applications.

4. Android Smartphone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers. Most major email providers automatically activate SSL if you let Android setup your email account.

If you are setting up a new email account, make sure that you have enabled SSL or TLS in the Security type field for both the incoming and the outgoing mail server.

To check an existing Mail Account for secure SSL access, do the following:

• Open Email application
  
• If Combined Inbox is shown, Select a mail account by tapping Accounts then Select the email account. Otherwise, hit Menu then Account Settings
• Check Incoming settings and Outgoing settings
• Examine the Security Type field
• Verify that it is not set to None

If it is set to None, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

OpenKeychain – public key encryption for emails and files, to make sure your emails are only read by who you sent them to and others can send you messages only you can read.

5. Find a Lost Android Smartphone, Erase a Lost Android Smartphone

Andrdoid 5.1 and higher includes a Device Protection feature. This is required on all phones manufactured after June 30, 2015 and sold in California. You can set it up in the Lock screen settings. It requires you be signed into your Google account.

Find My Device is a helpful feature made by Google, so you can locate, ring, or wipe your device remotely.

If you are running an older version of Android, you need a 3rd party app to handle finding a lost phone. Here are some options:

• Android Lost – Locate, wipe, lock, take pictures, and much more
• Prey – Open source, cross-platform, lost phone or tablet protection
• Wheres My Droid – Find your lost phone, password protection, notification of changed SIM card. Paid Pro version includes remote phone erasing

When you lose your device utilize the lost device App you installed. If you cannot access the device, make sure you contact your Wireless carrier so they can disable the device. If you recover your Smartphone, make sure you change all passwords.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your Android Smartphone is lost and password protected, people could still contact you.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the Wi-Fi network is secure, we would recommend against connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The Android Smartphone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the Android Smartphone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the Android Smartphone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The Android Smartphone is very good at transparently switching from a cellular data network to a Wi-Fi wireless network. You can turn off Wi-Fi auto connect by the following:

• Open Settings app
• Choose Wireless & Networks
• Select Wi-Fi Settings
• Uncheck auto connect

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your Android Smartphone’s traffic through a secure server. There are many paid services that sell VPN access.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Android “Browser”

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection i.e – https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Android Smartphone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

9. Android Smartphone Free Antivirus and Internet Security Software

Android Smartphone anti virus software is available and highly recommended because of the open Android Market for Apps. Be aware that fake anti-malware Apps have appeared, so stick to brand name antivirus Apps.

Antivirus Free – free antivirus App for Android

AVG Antivirus – free mobile security and antivirus App for Android

DR. Web Anti-virus Light – free antivirus App for Android

Lookout – free mobile security and antivirus App for Android

Norton Mobile Security – free mobile security and antivirus App for Android

Webroot Secure Anywhere Mobile – Free Mobile Phone and Tablet security antivirus protection.

Android Smartphone security Apps

Orbot: Tor on Android – Enhance your privacy, break through firewalls and communicate more safely.

10. Android Market Password and Payment Option

You can delete the payment information in your Google account after making a purchase. You must have a payment method in order to make purchases or make refunds. If you are very cautious, remove payment information when you do not anticipate App purchases.

11. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

12. NFC – Near Field Communication

NFC has been touted as using your phone as a contact-less credit card.  It is being hyped up by smartphone manufacturers as well as credit card firms.  This technology opens up a new way of hacking your credit card info.  TURN IT OFF and avoid it.  This recent Defcon presentation shows how a security researching skimmed a NFC credit card and used it.

To disable NFC on the Samsung Galaxy S III and other phones:

1. Tap Apps
2. Choose Settings
3. Scroll down the screen and tap More Settings
4. Uncheck the NFC box
5. Close the Settings app

13. Avoid Huawei and ZTE Android Smartphones

These Chinese companies are drawing a lot of attention. Congress suggests people avoid their products due to possible suspicious equipment behavior.

We have covered many ways to improve your Android Smartphone security. Utilizing our tips will help significantly improve the already good security of the Android Smartphone.

14. Stagefright MMS Messaging Bug

August 2015. A specially crafted MMS message can cause your phone to be taken over. Many old phone may never get updated to fix this.

If you’re using Google Hangouts as your default SMS client, disable automatic downloading of media files sent via MMS:

Settings – SMS – Auto Retrieve MMS uncheck

Here’s how to protect your phone from the if you are using Google Messenger (the default SMS client for Android Version 5.0+):

Messenger – Settings – Advanced – Auto Retrieve OFF

Here’s how to protect your phone from the if you are using Messages (the default SMS client for Samsung Galaxy S6):

Messages – More – Settings – More Settings – Multimedia messages – Auto Retrieve OFF

15. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Chat Secure. Older Stingrays only support 2G, not 3G/4G included with the Hailstorm upgrade, so turning off 2G will help here.

Disable 2G On Android prior to 5.0 – Stops Stingray
1) Pull up the phone dialer and dial *#*#4636#*#* (that spells INFO)
2) This brings you to the Testing screen where can select “Device information”.
3) Scroll down a little and it should say “WCDMA Preferred” or similiar.
4) Change it to WCDMA Only.

It will now stay on 3G/4G/4GLTE and avoid the old school GSM 2G Data towers, keeping you safe from older Stingrays.

Note: Google removed this option on Lollipop 5.0.

You can detect a Stingray by running the apps SnoopSnith or Android IMSI-Catcher Detector.

16. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

17. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

• FTC has details
• Do not use your cell phone number in the first place!
• Use two factor authentication that uses a physical key or Google Authenticator App, not Text
• AT&T – Enable an account passcode
• Sprint – Customers setup a PIN when first signing up
• T-Mobile – Enable a customer care password
• Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Conclusion

Android is a sophisticated operating system. Because of the nature of its diverse eco-system, users unfortunately need to be proactive to keep their device secure and up to date.

Do you have any Android Security Tips?

Here are some resources for free internet security software from major vendors. Most of the software is free for home users, while businesses need to purchase a license. We divide the free software into different categories including internet security suites, antivirus, antispyware, and intrusion detection and prevention.

Internet Security Software Downside – Spying on You

Any internet security program needs to watch the sites you visit for malicious activity, this includes secure sites (https://)  To watch your secure browsing activity, security suites need to replace the security certificates with their own, performing a man in the middle (MITM) attack essentially.

Hopefully this snooping is all in the name of security, not in stealing your credit card, banking information, or identity. You can read more about Avast.

Kaspersky Anti-Virus is often free after rebate but no longer recommended.

1. ISP Provided Free Security Software

Subscribers to certain internet service providers get access to free commercial internet security software. There’s no need to pay a dime for top notch security software.

Century link – Free F-Secure suite.

Charter – Charter security suite.

Comcast – Norton Internet for Mac and PC.

Cox – Free McAfee internet security software.

Optimum – Free CA Internet Security Suite.

Road Runner – Free CA Internet Security Suite.

Verizon – Charges $5.99/mo for internet security software, select one of the free options below instead.

2. Free Internet Security Suite

There are very few Free internet security suites. Most users pick and choose programs from the various categories below to create their own free Internet security suite.

agnitum – Outpost Internet Security Suite is one of the few free suites.

comodo.com – Free Internet Security Suite

3. Free Antivirus  Download

Free PC Antivirus Download that both scans and repairs files. Automatic update virus signatures updating is a must, as is scheduled virus scans.

free.avg.com – AVG Free version.

avast.com – avas!! Free Antivirus includes Web reputation feedback.

avira.com – Avira Antivirus Personal – We like this one.

bitdefender.com – Bitdefender Free Edition – on demand scanner. not automatic, so we recommend only using this for single purpose scans, i.e. when you are trying to remove an infection.

clamwin.com Clamwin – Free & Open source

Microsoft Defender.

Panda Cloud Antivirus  – Free, lightweight.

pctools.com – PC Tools Free Antivirus

PC Magazine Best antivirus article.

Sophos – Free PC and Mac Antivirus

Virus removal tools:

AVG Rescue CD – Bootable CD

Hiren’s BootCD – Older antivirus versions

McAfee Labs Stinger

Sophos Anti-Rootkit

Beware of fake Antivirus Software especially those from popup Ads, spam advertisements, and bad Google search results. When in doubt use one of the links above. ‘Scareware‘ that performs fake antivirus scans and make you pay for phony fixes has exploded.

4. Free PC Firewall Software

PC Firewall Software is built into Windows 7 and Vista but power users may want more control, so consider installing one of the following.

comodo.com – Free Firewall & Anti-virus, plus proactive security

Glasswire – New modern firewall

pctools.com – PC Tools Firewall Plus

agnitum – Outpost Internet Security Suite is one of the few free suites.

5. Free Antispyware Software

These utilities are mainly useful when you have been infected with malware and need to ensure that you have remove all traces of it.

Ad-aware – Also one of the first antispyware apps. Free for personal home use.

ComboFix is free software that helps remove virulent malware.  It can be run from the Windows Recovery Console.

Emsisoft Anti-Malware – German antimalware

F-Secure has a free bootable Rescue CD that allows you to fix a computer that no longer starts up correctly.

Malwarebytes – Designed to clean out all types of malicious malware.

Spybot – One of the first anti-spyware apps that has faded in popularity.

SUPERAntiSpyware.com – Detect and remove Spyware, Adware and Remove Malware, Trojans, and more.

ThreatFire AntiVirus – Actively defends against new threats.

6. Free Anti-Phishing Toolbars

Most anti-virus or internet security software provides anti-phishing support built-in. If your security software does not include this feature, consider installing on of these toolbars.

Traffic Light – From bitdefender, unobtrusive web threat control

Netcraft Anti-Phishing Toolbar – Community based anti phishing toolbar.

7. Intrusion prevention and detection

Intrusion prevention and detection software is designed to watch network traffic and prevent attacks on your network. This software is typically targeted towards small to mid-sized businesses.

snort.org – Open source network intrusion prevention and detection system (IDS/IPS)

Syslog watcher – Syslog Watcher can collect, parse, store and analyze syslogs. Not really an intrusion prevention, however users can examine router and firewall logs looking for intrusions.

Kiwi Syslog Server – Receive and manage syslog messages from network devices.

8. Anti-Virus Review Sites that compare security software

Techradar.com – Reviews security software.

AV-comparatives.org – Independent comparatives of Anti-Virus software

PC Magazine – Online review site with security software reviews.

Virus Bulletin – Independent anti-virus software test lab

Virus total scanner – Scan files, you submit, online using multiple virus engines. This process is slow because you have to upload the files to their servers.
Jotti’s Malware Scan – Scan files, you submit, online using multiple virus engines
NoVirusThanks – Threat analysis APIs, tools to prevent virus

OPSWAT Metascan – Scan files, you submit, online using multiple virus engines

9. Malware Analyzers – Analyze the behavior of files you upload:

Anlyz

Any Run
Threatexpert
Norman
Comodo Instant Analysis

10. Misc Security Software

SuRun is very configurable implementation of Run as Administrator.

There are many free alternatives in Internet security software for the PC. Hopefully the lists of programs above satisfy your needs for internet security software.

Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

Most iPhone users do not think very much about security. The iPhone is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPhone has grown in popularity, the smartphone has become more of a target by hackers and criminals. It is important that iPhone users immediately become more vigilant about smartphone security.  Our tutorial covers the iPhone through iPhone 7 Plus and iOS through iOS 11.

0. Obsolete Hardware

If you have an iPhone or iPad that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that iOS 10.3.3 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

1. iPhone Software Updates

Apple upgrades the iOS software for the iPhone from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPhones to a computer in order to update the smartphone’s software. Needless to say, this was inconvenient and led to many iPhones with obsolete software.

Always update to the latest iOS software available as soon as possible.

If you Jailbreak your iPhone, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.

2. iPhone App Security

Apple’s App Store reviews all submissions before adding them. All iPhone apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. (This is not 100% foolproof)

Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 added the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPhone.

When installing new Apps, we suggest you install well known Apps with positive reviews, and avoid brand new Apps from unfamiliar companies.  Give new Apps time to build trust and to allow others to help test the App for malware and security risks.

3. Suggested iPhone Settings for Security

Below are several suggestions for iPhone settings to increase security on the smartphone. One in three robberies nationwide involve cell phones, with a ratio estimated as high as one in two within the San Francisco area. Users need to protect their smartphones to prevent a complete disaster.

Passcode

A passcode is required before you perform these tasks:

• Turn on or restart your device
• Slide to unlock your screen (you can change this)
• Update your software
• Erase your device

Enable Passcode, erase iPhone data after ten failed attempts. Starting with iOS 9 the default passcode length is 6 digits instead of 4.

• Open Settings
• Select Touch ID & Passcode Lock
• Select Turn Passcode On
• Enter a Passcode – Do not select an obvious passcode like 1234 or 1111
• Use the Touch ID Fingerprint sensor
• For older version of iOS:
• Turn Simple Passcode off
• Enter a passcode – Do not select an obvious passcode
• Turn Erase Data on – Erases all data after ten failed passcode attempts
• Turn Siri off – Prevents Siri access when locked
• Turn Passbook or Wallet off – Prevents Passbook or Wallet access when locked
• Turn Reply with Message off –  Prevents Reply with Message access when locked (iOS 6)

Data Encryption

Encryption prevents the data stored on your iPhone from being read, if you do not have the passcode. The passcode provides entropy for certain encryption keys. A 256-bit AES key is used to encrypt every new file created.

Starting with iOS 8, thankfully encryption is turned on by default. If you have an older version do the following:

Ensure Encryption is Turned On. After you enable a passcode in iOS version 4 or newer and you have an iPhone 3GS or newer, the phone can use hardware encryption to encrypt the data stored on the phone. Text messages, photos, emails, contacts, and call history were all encrypted.

• Open Settings
  
• Select General
• Select Passcode Lock

After the Setting up a Passcode, scroll down to the bottom of the Passcode Lock Screen and verify that the text “Data protection is enabled” is shown.

If this is the phrase is not shown, do the following:

• Connect your iPhone to your Computer
• Backup your iPhone in iTunes
• Restore your iPhone in iTunes
• Check the Passcode screen again for the phrase “Data protection is enabled“

iCloud Security

As of March 2016, iCloud, the Internet cloud syncing and storage service, current gives Apple the capability to unlock key data like backups, documents, contacts, and calendar information.  Someday this will change.

Apple encrypts your iCloud data in storage, but they encrypt it with their own key, not with your passcode key, which means that they are able to decrypt it to comply with government requests.

Turn iCloud OFF if you value security.

Safari Cookies

Prevent cookies from being accepted in Safari. Clear old cookies.

• Open Settings
• Select Privacy
• Select Safari
• Click Accept Cookies
• Check Never
• Click Clear cookies and data

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
• Select Bluetooth
• Set Bluetooth to Off

Backing up your iPhone regularly is an important task. With iOS 4, you need to connect your iPhone to your computer in order to perform back ups. With iOS 5, you can easily back up using iCloud. Enable iCloud by doing the following:

• Open Settings
  
• Select iCloud
  
• Select the items that you would like iCloud to back up

4. iPhone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobilMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To check a Mail Account for secure SSL access, do the following:

• Open Settings
  
• Select Mail, Contacts, Calendars
• Select a Mail Account
• Click on an Email Account
• Click on Account
• Verify Use SSL is set to On

If Use SSL is set to off, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

5. Find a Lost iPhone, Erase a Lost iPhone

Apple has an app that helps you find a lost iPhone by showing it on a map and optionally erase it or make the iPhone play a sound. This free service is a life saver and should be one of the first items installed. To enable Find My iPhone, follow these iOS 5 & 6 instructions.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your iPhone is lost and password protected, people could still contact you.

Make a Contact entry for yourself with a phone number other than your iPhone.You might also put in the Notes field – Reward for returning lost iPhone.

Set it as the default contact entry.  Settings – Mail, Contacts, Calendars – My Info – Choose your contact entry

This way, anyone can bring Siri and ask “Who owns this phone?” and see your contact info.

If you do lose your iPhone, watch out for phishing messages trying to get your iCloud Username and password.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the WiFi network is secure, we would recommend against  connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The iPhone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the iPhone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the iPhone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The iPhone is very good at transparently switching from a cellular data network to a WiFi wireless network.

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your iPhone’s traffic through a secure server. There are many paid services that sell VPN access.

iOS 8 includes an “Always-on VPN” feature, which eliminates the need for users to turn on VPN to enable protection when connecting to Wi-Fi networks. The iPhone’s MAC address now changes when it’s not connected to a Wi-Fi network, so it can’t be used to persistently track a device by passive observers of Wi-Fi traffic.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Safari

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Apple iPhone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

9. iPhone Anti Virus and Internet Security Software

iPhone anti virus software exists but due to the secure iOS design, cannot scan files automatically or run scheduled scans. Users have to manually tell an anti virus or Internet security App to scan files. Intego makes anti virus software VirusBarrier iOS App ($2.99) for the iPhone, iPad, and iPod Touch.

Kapersky Lab makes a free App called Threatpost that quickly displays articles from their security news website.

10. iTunes Password and Payment Option

It is important to select a strong password for iTunes. Read our article How to Create, Store, and Use Secure Passwords.

If a hacker obtained your iTunes password, they could drain your credit card with purchases. We recommend you remove all payment options after having created your iTunes account. iTunes only requires a payment option when creating a new account. We prefer to add iTunes money by purchasing a pre-paid iTunes gift cards.

11. Turn off Diagnostic Log Sending

Apple used to use Carrier IQ before iOS 5, so make sure you turn off this feature. To turn off sending of diagnostics data to Apple do the following:

• Open Settings
  
• Select General
• Select About
• Select Diagnostics & Usage
• Click on Don’t Send

12. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

13. Enable Two-Step Verification for Apple ID

Apple introduced two-step verification for Apple IDs.  You need 2 forms of proof to access your account.

We have covered many ways to improve your iPhone security. Utilizing our tips will help significantly improve the already good security of the Apple iPhone smartphone.

Do you have more iPhone security tips?

14. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Text Secure. Older Stingrays only support 2G, not 3G/4G, so turning off 2G will help here.

15. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

16. Setup Emergency Contact in Health App

The Health App was added way back in iOS 8, but few people have setup the Medical ID that emergency responders can use to contact your emergency contact. They can click Emergency from your lock screen and bring up your emergency Medical ID information.

In the Health App, setup a Medical ID.

Make sure it is set to be seen when your phone is locked.

Showing Text messages on your lock screen should not be allowed.

17. Enable Two Factor and Two Step authentication

Apple offers two-factor as well as two-step authentication. Enable it! If you enable it, make sure you keep the recovery code in a safe place.

18. Lock your SIM Card with a PIN code

This keeps your phone even more secure from theft.  It is a pain because you need to enter it every time you startup your phone.

19. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

• FTC has details
• Do not use your cell phone number in the first place!
• Use two factor authentication that uses a physical key or Google Authenticator App, not Text
• AT&T – Enable an account passcode
• Sprint – Customers setup a PIN when first signing up
• T-Mobile – Enable a customer care password
• Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Do you have any iPhone Security tips?

Firefox is one of the most popular web browser for Windows and other platforms. This makes it a large target for malware and cybercrime. We will focus on securing Firefox, and will significantly increase the browser’s security through add-ins and special hardening settings. We are avoiding earlier versions of Firefox and recommend users to upgrade to the latest version of Firefox. We also recommend running under Windows 7, 8 or 10, so if you are running under an older version of Windows, we recommend you to upgrade or buy a new computer. Older versions of Windows like Windows XP were not built with security in mind.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

We recommend booting from a Linux CD or USB key when performing mission critical applications such as online banking, online trading, or online shopping.

Firefox includes the following security oriented features:

• Instant Web ID
• Do not Track
• Private Browsing
• Clear Recent History
• Customized Security Setting

The Golden rules of the Internet:

• Do not trust anyone
• If it is too good to be true, it probably is
• Don’t install software from anonymous sources
• Don’t automatically hit “yes” to any pop-up
• If it looks suspicious, run

Before you make any changes to your system, always back it up.

Firefox Add-ons to UNINSTALL

Software that enhances Firefox can become targets of malware, adding new entry points into your computer. It is mandatory that you keep any third-party add-ons up to date, so allow Firefox to update plugins when necessary. Consider removing an add-on if it is rarely used, as you will also be increasing the security of Firefox through its removal.

Plugins are also one of the biggest sources of malware, so only install plugins from trusted developers.

• Adobe Reader or Adobe Acrobat – This is a major source of internet threats, so consider using an alternative PDF reader such as Foxit Reader, or PDF-XChange.
• Flash Player – This animation enhancement plug-in is widely used but full of security holes, leading to many updates. If you need Flash, you will have to update it constantly.
• Java – This language allows many cross platform programs to run in the browser, but is another huge target of malware. We recommend removing it unless you really need it for a particular application. This page checks if Java is installed. At a minimum disable Java in the browser by going into the Java Control Panel – Security Tab – Uncheck Enable Java content in the browser
• Quicktime – Is installed when older version of iTunes was installed in your system. Remove it, as it is not being updated any more.
• Silverlight – We recommend removing it from your system unless you really need it. This software is another possible time bomb waiting for exploitation.

Hardening Firefox’s Settings

Firefox can be secured even more with several key changes to the browser’s settings.  We have selected all the Critical settings for Firefox.

1. Prevent Firefox from saving passwords

Firefox can save passwords for different websites. We recommend that you do not use this feature because it is not as secure or flexible as using a password management program.

1. Launch Firefox
2. Click on the Tools Menu
3. Select Options
4. Select Security Tab
5. Make sure Remember password for sites and Use master password are not checked
6. Click Saved Passwords
7. Click Remove All to remove saved passwords

2. Mark Valuable Data Inaccessible to Firefox

Download chml.exe and run it to change the permissions on your valuable files and folders on your system as unreadable to Firefox. (Better yet, use Truecrypt and keep the volume unmounted!)
For example if your sensitive data is stored in the folder C:\Sensitive_Data – You would do:

1. Press Start menu
   
2. Go to All Programs
3. Go to Accessories
4. Right-Click on Command Prompt
5. Select Run as Administrator
6. Type “chml C:\Sensitive_Data -i:m -nr -nx -nw“
7. Press Enter to Execute the Command
8. Type Exit to end the Command Prompt

3. Allow Firefox to update itself

Firefox automatically tries to update itself, which is a good thing, but it asks whether it is ok to install a newer version. Be sure allow Firefox to update itself tot he latest version available, so that you have all the latest security fixes.

4. Prevent Firefox from using a GPU

There have been several bugs related to using a Graphics processor or GPU. They were first supported in Firefox 4. This hardware level access can spell trouble. Disable GPU support to prevent this possible problem.

Helpful Firefox Add-ins

NoScript – Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. By default, new websites that you visit will be loaded without scripting, maximizing safety. You can easily allow safe websites to allow scripting. Make Sure you go into the Options – Whitelist – And remove all sites from it, so you start from scratch without trusting anyone.

HTTPS Everywhere – Automatically makes Firefox try to use https secure connections whenever available.

Simple URL Extender – Replaces short URLs with the originals so you can see where links actually link to. Essential for Twitter.

URLs List – Shows the URLs of all the tabs of a webpage.

WOT – Know Which Websites to Trust – Shows you which websites are trustworthy based on millions of users’ experiences.

Adblock Plus – Block those pesky banner ads.

Qualys BrowserCheck – Performs a security scan on your browser and its plug-ins (Windows)

Cocoon – All-in-one plugin that tunnels your traffic through a SSL-encrypted proxy for privacy and security.

uBlock Origin – Filter out ads, trackers, and other sites.

Helpful Internet Security Add-ins

Phising Toolbars – Firefox already includes the SmartScreen Filter that detects dangerous websites and warns you. If you would like to install a supplemental toolbar add-in, see our Free Internet Security Software article. BitDefender TrafficLight works with Firefox to secure your browsing.

Internet Security Software – Supplemental internet security software including Anti-Virus and Anti-Spyware software is a necessity when surfing on the Internet. See our Free Internet Security Software article for links to various free software utilities.

Password Managers – It is critical that you generate, store, and use secure passwords on the Internet. See our How to Create, Store, and Use Secure Passwords article for details on several password management programs.

Sandboxie – Creates a sandbox or safe environment in which programs execute. This sandbox is a isolated space which prevents programs like Firefox from making permanent changes to other programs and data in your computer. Free for 30-days, then 29 euros.

Other Firefox Security Enhancements

Google Public DNS – A high performance domain name server (DNS) replacement for your ISP’s DNS. Protects against Spoofing attacks and DoS and amplification attacks. Be sure to write down your existing DNS settings before changing them.

Dyn Internet Guide – Free Web content filtering.

Microsoft Virtual Machine – Designed for web developers to test compatibility with different versions of Firefox, these Virtual Machines for Microsoft’s Virtual PC allow you to run a Virtual computer on your desktop with Internet Explorer and Firefox pre-installed. If you mess up the Virtual computer, you can just delete it and start fresh from a new image. Keep in mind some malware is capable of detecting virtual machines and acting innocent until you move into your main system.
If you use VMware Player, you can add the following line to your .vmx file so that it writes all changes to a temporary file, which will be deleted when you power off the virtual machine.:ide0:0.mode = “independent-nonpersistent”

Dell KACE – has a free secure browser based on a virtualized and contained Firefox Browser with Adobe Reader and Flash plug-ins.

Secure Web Browsing with HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

By applying special Firefox settings, we can significantly increase the security of our Windows notebook and desktop PCs.

This concludes our How to Secure a Windows based personal computer article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Optional Software from Microsoft and Other Third Party Developers is a crucial part of adding computer security to your Windows based PC. We recommend a minimal set of crucial network security software add-ons that we feel all users should install. Here are several extremely useful free security oriented software utilities from Microsoft, that are not bundled with the operating system. These programs add additional security for Windows and are free to download.

Before you make any changes to your system, always back it up.

Google Docs can replace Microsoft Word and Excel. Doing so helps prevent many of the security holes in Microsoft Office including Flash based bugs.

Windows Firewall Control customizes Windows 10’s built in firewall. You can control outbound traffic if you set it to Medium filtering or High.

Microsoft Security Essentials – For Windows 7. Free anti-virus software from Microsoft that is a no-brainer for everyone. Microsoft Security Essentials can also be used by small business on up to 10 PCs! It includes automatic updates and is easy to use. Newer versions of Windows include Windows Defender.

Microsoft Baseline Security Analyzer – Scans your system for security problems, missing or obsolete Windows components and patches. This is oriented towards small and medium sized businesses but can also be used by consumers. For Windows 7 and server operating systems.

Windows Defender Offline formerly known as Microsoft Standalone System Sweeper Tool – A bootable software tool that can find root kits and other hard to find malware (like rootkits) that normal anti-virus and anti-spyware software can’t. This creates a bootable CD/DVD or USB drive that needs to be booted from. Only run this tool when you believe you have been infected or every three months or so.

3rd parties have a similar Rescue Bootable CDs:

• AVG Rescue CD
• Avira Rescue System
• BitDefender Rescue CD
• Comodo Rescue Disk
• F-Secure Rescue CD
• Kaspersky Rescue Disk no longer recommended – Russian Government Ties
• Trend Micro Rescue Disk

Microsoft Log Parser – is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®. The results of your query can be custom-formatted in text based output, or they can be persisted to more specialty targets like SQL, SYSLOG, or a chart.

Top Security Suites

If you prefer to purchase Internet security suite, a recent PC World review listed the top 3 security suites as:

• G Data Internet Security
• Norton Internet Security
• Bitdefender Internet Security

Free and Useful third-party software tools

These are several critical tools that every user should have installed on their system to increase security. These tools are not made by Microsoft but are a critical part of any free security software suite.

Foxit Reader – PDF files are a widely used means of breaking into a computer. A 3rd party PDF-reading utility that has far fewer security holes than industry standard Adobe Reader. Malicious PDF files that are emailed, are one of the fastest growing infection vectors for malware. We recommend removing Adobe Reader or Adobe Acrobat Reader and using this instead.

PC Decrapifer – Quickly uninstalls unnecessary or trial software loaded by PC companies. This is a good program to run after you have purchased a brand new PC. No need to run this on an existing Windows PC.

Sumo – Scans your system for obsolete software. Older versions of software may possess security risks that must be fixed. If you find yourself updating a lot of software you do not use, uninstall the program. Older versions of software may no longer be updated, forcing users to pay for newer ones. Using old unsupported software may put you at a security risk. Secunia’s PSI was discontinued.

GlassWire is a free firewall and network monitor tool for Windows.

NoVirusThanks has several useful free PC utilities including SysHardener and OSArmor

Zone alarm Free – A free firewall program that has been in existence for many years. It adds many capabilities and easy to access filters, over the one built into Windows 7.

Truecrypt – Free open-source software that encrypts critical files, folders, or entire drives. Utilizes extremely secure encryption algorithms. Store your most sensitive data within Truecrypt encrypted containers. Consider encrypting your entire drive if you own a laptop.

Truecrypt’s founders have walked away from its project around 2014 and say “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”. Forked versions of Truecrypt are now available as is a security audit on the code itself.

Veracrypt is based on Truecrypt 7.1a and should be what you switch to.

Revo UnInstaller – Uninstaller utility, only for use when the regular uninstaller fails to function.

CCleaner – This utility goes way beyond Windows 7’s disk cleanup tool. It helps remove unnecessary files to free up disk space, and to securely erase free space and deleted files. No need to ever pay for a utility that claims to speed up your machine or clean your registry. Supports 32-bit or 64-bit. Also cleans up files from many popular third party applications.

Malwarebytes Anti-Malware – was free software that helps you remove malware, not defend against it. With version 3 they started charging. They also have a free Malwarebytes AdwCleaner.  Consider installing this program if you are unable to remove malware using the software utilities listed above. If Malwarebytes did not help to remove the infection, try SuperAntiSpyware Portable. Copy it to a CD or USB flashdrive, boot your computer into safe mode, then run the program. F-Secure has a free bootable Rescue CD that allows you to fix a computer that no longer starts up correctly.

NoBot – An anti-bot software scanner that does not need to be installed.

WinPatrol – Takes snapshots of your critical system files and resources. The program then alerts you to any changes that may occur due to malware or installing software.

Retina Network Community – Lets you test your server and hosting for security vulnerabilities.

Heimdal Security Software Free – Helps update software to prevent security holes.

By applying several free Windows security utilities, we can significantly increase the security of our Windows notebook and desktop PCs.

This concludes our Free Security How to: Computer Security and Computer Protection on a Windows computer article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure Wireless Network, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Google Chrome is one of the most popular web browser for Windows, Mac, and Linux. This makes it a large target for malware and cybercrime. We will focus on securing Google Chrome, and will significantly increase the browser’s security through add-ins and special hardening settings. We also recommend running under Windows 10 or Windows 7, so if you are running under an older version of Windows, we recommend you to upgrade or buy a new computer. Older versions of Windows like Windows XP were not built with security in mind.

The #1 Tip for Chrome Security

Keep it updated.  Google fixes bugs quickly and updates an internal Flash plug regularly. When you start Chrome, you should select from the Chrome menu – Settings – About – If it shows a newer version, download it and relaunch before doing ANY browsing.

Why Chrome?

Chrome is a much newer browser than Firefox or Internet Explorer.  It is not saddled with all the baggage of IE, where a change needs to be regression tested with many parts of Windows.  Firefox has been around for a while and is also slowed down with lots of historical code.

A recent security test from Accuvant Labs found Chrome more secure, primarily due to its Sandbox technology.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

We recommend booting from a Linux CD or USB key when performing mission critical applications such as online banking, online trading, or online shopping.

Google Chrome includes the following security oriented features:

• Safe Browsing
• Sandboxing
• Auto-updates
• Built in PDF viewer
• Built in Adobe Flash – Kept up to date by Chrome

The Golden rules of the Internet:

• Do not trust anyone
• If it is too good to be true, it probably is
• Don’t install software from anonymous sources
• Don’t automatically hit “yes” to any pop-up
• If it looks suspicious, run

Before you make any changes to your system, always back it up.

Google Chrome Add-ons

Software that enhances Google Chrome can become targets of malware, adding new entry points into your computer. It is mandatory that you keep any third-party add-ons up to date, so allow Google Chrome to update plugins when necessary. Consider removing an add-on if it is rarely used, as you will also be increasing the security of Google Chrome through its removal.

Plugins are also one of the biggest sources of malware, so only install plugins from trusted developers.

• Adobe Flash is built in to Chrome. A pdf viewer is also built in. We recommend Disabling it
  • Type the following where you would normally type a URL:
    chrome://plugins
  • Locate the Flash Player in the list of plug-ins. You may see more than one Flash Player listed.
  • Select Disable for each Flash Player listed
• Java – This language allows many cross platform programs to run in the browser, but is another huge target of malware. We recommend removing it unless you really need it for a particular application. This page checks if Java is installed. At a minimum disable Java in the browser by going into the Java Control Panel – Security Tab – Uncheck Enable Java content in the browser
• Quicktime – Is installed when older version of iTunes was installed in your system. Remove it, as it is not being updated any more.
• Silverlight – Is disable by default on newer version of Chrome.  We recommend removing it from your system unless you really need it.
  • Type the following where you would normally type a URL:
    chrome://plugins
  • Locate the Silverlight in the list of plug-ins.
  • Select Disable for each one listed

Hardening Google Chrome’s Settings

Google Chrome can be secured even more with several key changes to the browser’s settings. We have selected all the Critical settings for Google Chrome.

1. Prevent Google Chrome from saving passwords

Google Chrome can save passwords for different websites. We recommend that you do not use this feature because it is not as secure or flexible as using a password management program.

1. Launch Google Chrome
2. Click on the Dashes Icon on the far right
3. Select Options
4. Select Personal Stuff on the left hand column
5. Make sure Never save password is checked
6. Click Manage Saved Passwords
7. Click and remove all saved passwords

2. Mark Valuable Data Inaccessible to Google Chrome

Download chml.exe and run it to change the permissions on your valuable files and folders on your system as unreadable to Google Chrome. (Better yet, use Truecrypt and keep the volume unmounted!)
For example if your sensitive data is stored in the folder C:\Sensitive_Data – You would do:

1. Press Start menu
   
2. Go to All Programs
3. Go to Accessories
4. Right-Click on Command Prompt
5. Select Run as Administrator
6. Type “chml C:\Sensitive_Data -i:m -nr -nx -nw“
7. Press Enter to Execute the Command
8. Type Exit to end the Command Prompt

3. Allow Google Chrome to update itself

Google Chrome automatically tries to update itself, which is a good thing, but if it asks whether it is ok to restart the browser to use the new version, be sure to say yes right away.

4. Google Chrome secure website warnings

Google Chrome displays warning icons when you visit a website that has possibly dangerous information on it. Look for the following icons right next to the https:// in the browser.

The site uses SSL, but Google Chrome has detected insecure content on the page. Be careful if you’re entering sensitive information on this page. Insecure content can provide a loophole for someone to change the look of the page.

The site uses SSL, but Google Chrome has detected either high-risk insecure content on the page or problems with the site’s certificate. Don’t enter sensitive information on this page. Invalid certificate or other serious https issues could indicate that someone is attempting to tamper with your connection to the site.

5. Sandbox Google Chrome plugins

Google Chrome has an option to for plugins to be run in a safe sandbox. Make the following change to enable this feature. Note: Files and folders marked with the everyone permission, will only be accessible.

1. Press Start menu
   
2. Right click on Google Chrome
3. Select Properties
4. Add the following text to the Target field, right after “chrome.exe ” –safe-plugins. Make sure there is a space after .exe.
   
5. Click OK

6. Prevent Chrome from using a GPU

There have been several bugs related to using a Graphics processor or GPU. They are supported in the latest Chrome. This hardware level access can spell trouble. Disable GPU support to prevent this possible problem by adding the following when launching Chrome:

--disable-accelerated-compositing

7. Enable Server Certificate Revocation Checking

Note: This was removed in later versions of Chrome

Most browsers do not have a setting enabled by default to check Security certificates to see if they have been revoked. It is important to do this, otherwise you could be access a sign with a stolen certificate and it appears to work fine.

1. Click on the Dashes Icon on the far right
2. Select Settings
3. Select Show advanced Settings.. at the bottom
4. Scroll down to HTTPS/SSL and Check Check for server certificate revocation

8. Check for Compromised Digital Certificates

The NSA has a PDF that describes a way to help Windows defend against Compromised Certificates.

You can also run the RCC program to check for untrusted root certificates.

Helpful Google Chrome Add-ins

Docs PDF/PowerPoint Viewer – Automatically previews pdfs, powerpoint presentations, and other documents in Google Docs Viewer. No need to download pdf files to your computer and potentially have a bug in Acrobat cause a security problem.

WOT – Know Which Websites to Trust – Shows you which websites are trustworthy based on millions of users’ experiences.

ScriptNo – A ‘NoScript-like’ extension for a safer and faster Chrome. Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. By default, new websites that you visit will be loaded without scripting, maximizing safety. You can easily allow safe websites to allow scripting.

KB SSL Enforcer – Automatic security, browse encrypted using HTTPS secure connections whenever possible, automatically.

Flashblock – Blocks Flash so it won’t get in your way

Adblock Plus – Block those pesky banner ads.

Qualys BrowserCheck – Performs a security scan on your browser and its plug-ins (Windows)

uBlock Origin – Filter out ads, trackers, and other sites.

Helpful Internet Security Add-ins

Phising Toolbars – Google Chrome can warn you if it detects that the site you’re trying to visit is suspected of phishing or containing malware. If you would like to install a supplemental toolbar add-in, see our Free Internet Security Software article. BitDefender TrafficLight works with Google Chrome to secure your browsing.

Internet Security Software – Supplemental internet security software including Anti-Virus and Anti-Spyware software is a necessity when surfing on the Internet. See our Free Internet Security Software article for links to various free software utilities.

Password Managers – It is critical that you generate, store, and use secure passwords on the Internet. See our How to Create, Store, and Use Secure Passwords article for details on several password management programs.

Sandboxie – Creates a sandbox or safe environment in which programs execute. This sandbox is a isolated space which prevents programs like Google Chrome from making permanent changes to other programs and data in your computer. Free for 30-days, then 29 euros.

Other Google Chrome Security Enhancements

Google Public DNS – A high performance domain name server (DNS) replacement for your ISP’s DNS. Protects against Spoofing attacks and DoS and amplification attacks. Be sure to write down your existing DNS settings before changing them.

Norton ConnectSafe for Home – Similar to Google DNS, but includes options to filter porn or be family friendly.

Dyn Internet Guide – Free Web content filtering.

Microsoft Virtual Machine – Designed for web developers to test compatibility with different versions of Internet Explorer, these Virtual Machines for Microsoft’s Virtual PC allow you to run a Virtual computer on your desktop with Internet Explorer and Firefox pre-installed. You can manually install Google Chrome. If you mess up the Virtual computer, you can just delete it and start fresh from a new image. Keep in mind some malware is capable of detecting virtual machines and acting innocent until you move into your main system.
If you use VMware Player, you can add the following line to your .vmx file so that it writes all changes to a temporary file, which will be deleted when you power off the virtual machine.:ide0:0.mode = “independent-nonpersistent”

Dell KACE – has a free secure browser based on a virtualized and contained Firefox Browser with Adobe Reader and Flash plug-ins. You can manually install Google Chrome.

Secure Web Browsing with HTTPS

Normal website access using HTTP:// causes information to be sent and received in plain text. This type of connection is not secure; a hacker could capture all the information being transferred and steal your data. While this is not important when you are casually surfing, you do not want your email or online trading information to be captured by others.

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection ie –  https://www.google.com

HTTPS causes a secure connection to be made using SSL security. Certificates are digital documents that verify a site’s identity. They are sold by certificate authorities. If a certificate is not signed correctly, your browser will pop up a warning. Recently, a Dutch certificate authority got breached, causing forged certificates to be created. To workaround issues like this, Internet browsers are updated to remove the forged SSL certificates. It is crucial that you keep your browser up-to-date.

If you have applications other than your web browser accessing the Internet (FTP client, desktop mail client, etc.), make sure you enable SSL secure connections within each application.

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

By applying special Google Chrome settings and adding add-ons, we can significantly increase the security of our Windows notebook and desktop PCs.

This concludes our How to Secure a Windows based personal computer article. Other articles on Safegadget.com help you secure the other aspects of your personal computer, including How to Set up a Secure wireless Internet Router, and How to Secure Internet Explorer article, or How to Secure Firefox Article. Please see our other articles on security tips for your e-mail, iPad, online banking, online shopping, smart phones, and more.

Linux is a great operating system to supplement your existing environment. We suggest using it on a bootable piece of media to perform your more important online tasks, such as online trading and online banking.

How to use Linux for secure computing

1. Installing a Clean Linux OS with no modifications, program add-ons, etc, helps prevent keyloggers, spyware, and other malware from being installed. Burning Linux Live CD to a write only media such as a CD/DVD or a Kanguru USB drive with Write protect switch, helps prevent any changes to a virgin Linux distribution. Keep in mind that no bookmarks, password managers, etc would be accessible.

The CD versions do take many minutes to boot up and ask you if you want to try Linux, so the USB route is definitely preferred.

2. Ubuntu Linux is a user-friendly Linux distribution and a good bet for most Linux newbies and novices. Try it on USB drive or burn it to a CD, there is no need to install the operating system on to a hard disk. We recommend you use an LTS or long term support version of Ubuntu so that there is long term stability to your Linux choice. (10.04 LTS is a good choice) The other popular Linux distribution is known as Fedora, it is more data center, server-oriented. If you are reading this, Ubuntu is the way to go.

3. Unetbootin is a useful utility that creates a bootable live USB drive or flash drive from Linux distributions, such as Ubuntu, Fedora, etc. It even downloads the Linux distribution automatically.   This program run on Windows, Mac OS X, and Linux, but the resulting USB drives are bootable only on PCs.

4. Backtrack is a specialized Linux distribution for penetration testing. It is filled with useful tools to test the security of computers and networks. You can use Unetbootin to install it on a USB drive. Backtrack is designed for security experts, it is not easy to learn.

5. Tails is a preconfigured Linux distribution full of security essentials. It includes the Iceweasel browser, which utilizes the Tor network for anonomys browsing. HTTPS Everywhere, Adblock Plus, and NoScript are preloaded, to increase security and block ads.

6. If you cannot make a Linux Boot Disk, use a Chromebook.  It runs a custom version of Linux and does not run software, like Flash or Java. Login using guest and you will use the chromebook with no installed chrome web apps. After you log out, all traces of your activity are erased.

Use the Chromebook only for your banking, no email or web browsing!

Tor is only as secure as its exit nodes. If a hacker creates an exit node, they can ease-drop on all communications.

Claws email client with OpenPGP is included for secure email. LUKS is utilized for automatic file encryption.

Does this make you want to try Linux? Have you used a Live CD?

Every computer user uses e-mail. Security breaches make headlines almost daily. With more and more people going online, consumers are worried more than ever about keeping their e-mail safe and secure.

E-mail is the major way most malware is transmitted across the Internet. E-mail is the largest attack vector against large companies, as it is far more difficult to physically infiltrate a company. In this article, we will help you use e-mail more securely.

A recent experiment of 150,000 test emails sent by Verizon Enterprise Solutions found that 23% of recipients opened the email, 11% click on the attachment. One person clicking on the attachment would have infected the organization.  The human is the weakest link.

Secure your computer, web browser, Internet connection

Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

The Golden rules of the Internet:

• Do not trust anyone
• If it is too good to be true, it probably is
• Don’t install software from anonymous sources
• Don’t automatically hit “yes” to any pop-up
• If it looks suspicious, run

Secure Your Router

1. Configure your wireless router for optimal security. Consult our article How to set up a secure wireless router for details. For maximum security, access your e-mail when connected by a hardwired connection such as Ethernet.

Update and Secure Operating System

2. Ensure that your operating system is set up securely. Consult our computer security guides for Windows and Macintosh. For maximum security, you could start off a Linux boot CD or USB key.

Secure Internet Browsers

3. Secure your Internet browser. Consult our security guides to Internet Explorer, Firefox, and Google Chrome.

Pick a Good Email Provider

4. Most people already have an e-mail address that they are connected to. If you are considering a new e-mail address, consider examining how sophisticated the provider is. Infrastructure and state-of-the-art spam filtering are not inexpensive. We recommend users consider e-mail addresses from providers like Lavabit, Google and Hushmail. These companies are committed to staying on the leading edge, and are accessible anywhere. ISP based e-mail is convenient, but locks you in to the ISP. The same argument applies to school or company based e-mail addresses.You can always access these e-mail account via POP access in Gmail. This will allow your email account to utilize Gmail’s excellent spam filters.

Look for e-mail providers that have good spam filters and allow you to control attachments and HTML within e-mail messages.

Make Sure Email is using HTTPS

5. Make sure you are accessing the e-mail provider’s website using a secure connection, look for https:// in the browser’s address bar and a padlock icon in the browser. A broken key, broken padlock, or any open lock indicates it is not secure.

Use Unique Passwords

6. When creating an account at the e-mail provider’s website, we recommend you use a unique password as it is far safer in case the store gets hacked. You would not want hackers to get a password that worked on other websites. Consult our How to create, store and use secure passwords article for suggestions.

Create Multiple Email Accounts

7. We recommend creating multiple email accounts for different purposes, in order to maximize online safety. Having multiple email accounts linking to different accounts online. One example would be to have one email account for forums, one for banking, and one for shopping. Do not have all your emergency recovery email address be the same. This way if one email account gets compromised, the others are safe.

Use Two Factor Authentication if Available

8. Some e-mail providers support two factor authentication which requires users log in with both a password and a phrase generated on a smartphone, smartcard, or printed on a piece of paper. Gmail is a leading e-mail provider that supports this 2-factor authentication. Yahoo mail added 2-factor support at the end of 2011. A hacker who had your password could not log on without a second means of authentication. This is especially good for people that travel out of the country.

Two factor authentication system using SMS text messages is not secure, due to hijacking of mobile phone accounts and the weak SS7 routing system. We suggest only using two factor when you can use a physical token or a time based authenticator like Google’s.

Use 3G/4G connection instead of Public WiFi when checking Email

9. When accessing e-mail on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

Don’t open suspicious links and/or attachments

10. To avoid falling victim to e-mail phishing, never click a link or open an attachment from an e-mail. This is especially true for online banks and online brokerages. Manually type the URL into your browser.

Spear Phishing is utilizing realistic looking e-mails with personalized information, possibly emanating from a known person to steal your login password, run a attachment that contains malware, or force you to visit a web page containing malware.

Fact: When a someone has more information about us, we are more likely to trust them. If your personal details leaked in a company’s data breach, criminals could use that information to craft emails that look more credible.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

Minimize your personal information on Facebook, Twitter, Instagram, etc. Also cleanse or set to Private your Amazon wishlists and eBay bidding history.

Fight SPAM

11. Spam unfortunately, remains a unfortunate element in e-mail. Leading e-mail providers are pretty good at fighting spam, but no one is perfect. Unintended consequences include good mail ending up in a spam folder. Be very careful when accessing the spam folder as many a penetration has been enabled when workers accidentally click on links within spam folder e-mails that look legitimate.

Don’t Display HTML

12. For maximum security set your e-mail provider’s configuration to not display HTML when displaying e-mail. A less secure setting is to allow HTML but not to display images. This additional security tactic helps prevent rogue pages from being displayed within e-mail. (Windows Live Hotmail does not allow you to control this.)

We suggest these settings for Gmail:

• Select Mail Settings from the Gear Icon in the upper right corner
• In the General Tab, next to External Content: Select Ask before displaying external content

Use SSL to access Mail Servers

13. It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, MobileMe, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers.

To enable SSL with Yahoo Mail (not enabled by default) follow these steps:

• Login to your Yahoo Mail account
• Click the Gear icon on the upper-right corner
• Select “Mail Options“
• Click General on the Left, Under Mail Options
• Check the Box next to “Turn on SSL“
• Click Save at the top of the screen.

14. If you have applications other than your web browser accessing your E-mail IE. A desktop mail client suck as Windows Live Mail, Outlook, or Mail.app, make sure you enable SSL secure connections within each application. Here is a tutorial on using Gmail with Windows Live Mail.

Be careful of Short URLs

15. Do not click on shortened URLs, expand them first using a site like URL Expander or run them through a service like Virustotal.

Report Phishing

16. If you encounter phishing emails you can forward them to:

• reportphishing@antiphishing.org
• spam@uce.gov
• Internet Crime Complaint Center
• Anti-Phishing Working Group
• Stay Safe Online has spam reporting information on the top 10 ISPs

Check to see if any Email addresses have been compromised

17. There are databases of email addresses that have been compromised. If you are listed, immediately change all your passwords connected to that email account.

• haveibeenpwned.com

18. Someday phishing will hopefully fade in volume.  DMARC.org which stands for “Domain-based Message Authentication, Reporting & Conformance” may help reduce the volume of problematic emails.

Encrypt the contents of Email

19. Email uses an insecure SMTP protocol to send data between servers.  All the data sent is unencrypted.  This factor has nothing to do with using SSL to connect your email provider.  You need to use tools like PGP (pretty good privacy) to encrypt the contents of your emails to ensure privacy.  Never send a password in email.

Email Attachment

Next to clicking a link in an email, clicking an attachment is the second most dangerous way to get infected.

Block attachments in your email client.

Gmail automatically blocks:

.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH

We recommend you supplement this by blocking these file types that are not used very often any more. Select Create a new filter from Filters and Blocked Addresss

Things Not To Do

1. Do not access your e-mail from public wifi hot spots unprotected or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

2. Always log out web-based e-mail account, do not simply close the browser.

3. Do not have a single email address where everything goes.  If everything is linked together, you entire security chain can get compromised with one break in.