Last Update: January 30, 2018
October 2017 Wi-Fi KRACK attack Warning
KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. Virtually ALL Wi-Fi equipped devices need to be updated. The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks.
Securing Internet of Things, Smart Home Devices
More and more gadgets for the home are connected to the Internet for additional functionality. Refrigerators to Thermostats to Door Locks, the list is never ending. Do not forget about security. You may have created an open door for hackers, become part of an evil Botnet, or illegal activity without your knoawledge.
A vulnerable webcam can give ANYONE on the Internet a view of your home. Secure these home gadgets as strongly as possible. Many can NEVER be updated, which means that you should discontinue their usage.
Wi-Fi Network Connection
Here are some general tips to secure your new IOT or smart home devices:
- Change the default password or credentials of the Device
- Update the device to the latest firmware available. If the company does not have a firmware update page on their website, we would return it. Do this again every couple months.
- Connect your IOT device such as a Dropcam or Nest Smoke Detector to your Guest Wi-Fi network whenever possible. This network should be walled off from the normal network, preventing access to all your Computers. Malicious devices could snoop on your network and quietly send information without your knowledge.
- If the Wireless routers guest network is not secure, it is even better to have 3 routers in a Y configuration. You can purchase an inexpensive router that hooks up to your Cable/DSL modem, then have 2 separate wireless routers connected to this device. Put all Internet of Things devices on one of the Y routers. Connect your computers, smartphones, tablets to the other router.
- Have the Guest network that IOT devices are on, use a different dns server
- Turn off uPNP on your router to prevent ports from being opened up to access IOT devices.
- Never poke a hole through your firewall for a device. It could then be accessed by anyone on the Internet! Use Shields Up! to look for open ports.
- Peer to Peer capabilities are hard to secure. Avoid devices with this.
- Cheaper IOT devices especially no name ones sold on Amazon or eBay should be avoided. Most of these are rarely built with security in mind and are never updated. Stick to brand name, IE Netgear, Google, Ring, etc..
Continue reading “Hacked Internet of Things Database”
Last Update: April 9, 2017
Free Wi-Fi is available in many locations, from your local café or Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.
Many public wireless networks are completely unencrypted so that users can log on to them easily. This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.
Finding Free Wi-Fi
- Boingo has a Wi-Fi locator. The Starbucks and McDonald’s entries are free.
- jiwire has a Wi-Fi hot spot locator
- There are several free apps that help you find Wi-Fi (Free Wi-Fi Finder on iPhones and WiFi Finder for Android)
Secure your computer, web browser, Internet connection
Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.
Continue reading “How to use Wireless Networks or Wi-Fi securely in Public”
Last Updated: August 26, 2017
Google’s Android operating system powers many popular cellphones including the popular Samsung Galaxy S8. Most Android Smartphone users as well as most of the pubic at large do not think very much about security.
If your phone is not running the latest Android security patches, you are open to attack. A recent Wall Street Journal article showed that only 2.8% of Android devices have the latest security patches. Compare that to 79% of iPhones due to Apple’s uniform eco-system.
Google Play Protect
- Be sure your device is running Google Play Protect. It scans for Malware and bad apps. This was release in July 2017 and runs on Google Play Services 11 or higher. This is a unification of Android security systems like Verify Apps, browser protection, and anti-theft measures.
Most Up to Date Android phone
This flagship phone runs the latest Android version and is patched regularly. Sold directly from Google or from a couple carriers.
Continue reading “Android Smartphone Security, How to securely use your Android Smartphone or Tablet”
Security has become an ever more important part of using a personal computer. Increasingly, the daily headlines include news of companies and websites getting hacked. It is important to learn how to properly secure your wireless Internet as well as secure your personal computer.
This article focuses on how to secure your wireless network router so that you do not become part of the statistics. The wireless router typically includes a firewall that defines the perimeter of your network. Think of this as a fence, walling off your network from the Internet. Having a vulnerable wireless network allows criminals to possibly steal your data as well as Internet access. You could also become responsible for illegal downloading if your wireless Internet was compromised.
Government Spying via Compromised Wi-Fi Routers
WikiLeaks has confirmed that insecure wireless routers were hacked and users spied probably by the CIA. If you own a router on the list, update its software immediately or buy a new one.
Federal Trade Commission Makes Asus Improve Router Security
In February 2016, the Federal Trade Commission settled charges with Asus, over critical security flaws in its routers that put the home networks of hundreds of thousands of consumers at risk.
The proposed consent order will require ASUS to establish and maintain a comprehensive security program subject to independent audits for the next 20 years.
Continue reading “How to Setup a Secure Wireless Network Router”
Last Update: 10/10/2017
Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..
Most iPhone users do not think very much about security. The iPhone is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPhone has grown in popularity, the smartphone has become more of a target by hackers and criminals. It is important that iPhone users immediately become more vigilant about smartphone security. Our tutorial covers the iPhone through iPhone 7 Plus and iOS through iOS 11.
0. Obsolete Hardware
If you have an iPhone or iPad that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that iOS 10.3.3 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.
1. iPhone Software Updates
Apple upgrades the iOS software for the iPhone from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPhones to a computer in order to update the smartphone’s software. Needless to say, this was inconvenient and led to many iPhones with obsolete software.
Always update to the latest iOS software available as soon as possible.
Continue reading “iPhone Security, How to securely use your iPhone”
Welcome to Safegadget.com, the one-stop website for securing your computer and gadgets. Don’t wait until you have become a victim of malware. While it is impossible to prevent all attacks, it is important that we all secure our systems so we aren’t easily hacked. This is akin to wearing a seat belt to prevent an accident.
We feature many different security tutorials.
Harden the Security of your Browser
Boost the Security of your Smartphones and Tablets
Learn how to perform the following Safely and Securely
Continue reading “Welcome to Safegadget.com”
Last Update: August 13, 2017
While SafeGadget has several tutorials geared towards using Wi-Fi securely, we still realize that this is a major problem area. On our recent trip, we encountered insecure Wi-Fi at several airports, hotels, and restaurants. This tutorial is designed to help all users utilize Wi-Fi safely and securely.
Free Wi-Fi is available in many locations, from airports, hotels, local café, Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. If you are using a cybercafe’s shared computer, we would only use it to view information, not to even get your e-mail. Chance are high that it is compromised.
Many public wireless networks are completely unencrypted so that users can log on to them easily. Anytime you login to a free Wi-Fi hotspot that does not require a password, assume that a hacker can ease drop and see all information that is being sent and received.
Some Wi-Fi hotspots from vendors like AT&T and Comcast require you to log in with your username and password before you can get access. You need to understand that this is just access restriction and will not create a secure wireless connection.
This opens up a huge security hole as any hacker or sophisticated computer user could easily see all the sensitive data being transmitted. Passwords to online stores or email accounts can be easily captured by increasingly easy to use tools. In this article, we will help you access public wireless networks safely. Settings within your operating system may need to be optimized, additional software installed, and third party services may need to be subscribed to.
Finding Free Wi-Fi Continue reading “How to use Wi-Fi securely in Hotels, Airports, and Beyond”
Updated January 2014 to cover a new TCP 32764 Wireless router Vulnerability.
A major security hole known as WiFi Protected Setup (WPS Bug) PIN brute force vulnerability (US-CERT VU#723755) has been recently found in virtually all modern Wireless Routers used in the home, resulting in a vulnerability that allows hackers to extract your WPA wireless security password in a matter of hours. Wi-Fi Protected Setup (WPS) is a protocol that allows users to press a button on their Wireless Router and connect to their computers without typing in a long cryptic password. A hole in this protocol has been recently found and exploited, allowing hackers easy access to cracking most wireless networks.
Why is this a major security problem?
- Virtually all wireless routers have this problem
- Many wireless routers (Qwest Actiontec, etc) use the same unchangeable PIN 12345670, hackable in seconds
- WPS is turn on by default to get certified by Wi-Fi Alliance
- Wireless routers do not automatically update their software to get a fix
- The number of PIN codes to test is only 11,000 instead of 100 million
- Attack software is available
The biggest issue is that virtually all wireless routers sold in the last 4 of years are hackable. The manufacturers need to update their firmware for these devices in order to fix the security breach. Virtually all wireless routers do not automatically update their firmware. As of January 16th, 2012, no manufacturers have issued updates, leaving millions of wireless networks vulnerable. Adding insult to injury, options to disable Wi-Fi Protected Setup (WPS) have been found to not do anything.
Why is getting your wireless password bad?
There are many reasons why you do not want your wireless password hacked.
- Others could use your Internet Connection Freely
- Spam or other illegal activities could be sent
- Everything you do on your network could be captured and read
- Your online banking and trading would no longer be secure
Continue reading “Major Wireless Network Security Breach – Wi-Fi Protected Setup (WPS Bug) PIN Brute Force Vulnerability – Reaver”
Last updated: 11/7/2015
In June 2013, Edward Snowden revealed to the world that the US Government was spying on Internet traffic and other communication networks. The Government’s PRISM program run by the highly secretive NSA conducted all this work in an effort to prevent terrorism and crime.
The NSA apparently has direct connections through major Internet service providers such AT&T, Comcast, Verizon to copy all traffic passing through and can save it to its huge multi-billion dollar data warehouse in Utah. This has been going on for years and thanks to organizations like the EFF, we have learned about these invasions of privacy. The Government has stated it is using this information mainly on foreigners, but is the FBI using this data domestically?
The UK’s GCHQ is apparently doing the same type of snooping and even sharing information with the NSA.
The Government can see all your Facebook posts, read your email, see who you have called, among other privacy invading tasks.
Other services that are being watched: AOL, Apple, Skype, Microsoft, Paltalk, Yahoo, Youtube.
- Chat- Video
- Stored Data
- File transfers
- Video conferencing
- online social networking
Continue reading “NSA PRISM Program – How to Protect Your Privacy”
Most iPad users do not think very much about security. The iPad is part of Apple’s closed ecosystem, helping to prevent viruses and malware from wreaking havoc. As the iPad has grown in popularity, the tablet has become more of a target by hackers and criminals. It is important that iPad users immediately become more vigilant about tablet security. Our tutorial covers the iPad, and iPad 2.
1. iPad Software Updates
Apple upgrades the iOS software for the iPad from time to time. Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Before iOS 5 users needed to connect their iPads to a computer in order to update the tablet’s software. Needless to say, this was inconvenient and led to many iPads with obsolete software.
iOS 5 allows updates to occur without the iPad being connected to a computer, allowing users to stay current far easier. We recommend all owners of the iPad and the iPad 2, upgrade to iOS 5 immediately. iOS 5 in fact includes many security fixes.
If you Jailbreak your iPad, you need to be extra careful with regards to security as iOS updates are much more difficult for you. Be careful where you obtain your Jailbroken Apps as malware is much more prevalent.
2. iPad App Security
Apple’s App Store reviews all submissions before adding them. All iPad apps must be authenticated and signed which helps to ensure they haven’t been tampered with or altered. This helps prevent malicious apps from infecting the App Store. Apps are prone to security vulnerabilities, that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. Regularly use the App Store app and select Updates. iOS 7 adds the capability to auto update your apps. Be sure to use this function. Apple has the ability to remotely remove malicious apps from your iPad.
Continue reading “iPad Security, How to securely use your iPad”