Please Use a VPN on Public WiFi

Standard

I’m sure you’ve heard the term VPN, which stands for Virtual Private Network.  Most people are familiar with it in the context of connecting remotely to their work network.  For those that aren’t familiar with a VPN, here’s a word picture I often paint to describe what a VPN does.

VPNThink of a four lane highway as the public Internet.  All the cars traveling on this highway are equivalent to each person’s Internet traffic.  As one car passes another, you can look at or in the car and possible see some of what’s there.  This is akin to unencrypted traffic traveling across the Internet, it can be seen and watched by others.  This is why sending sensitive information across the Internet is not safe, as it may be seen by those it’s not intended for.  When you use a VPN, your Internet traffic is sent across an encrypted connection.  Think of an encrypted connection as being like those pictures you see in Car and Driver Magazine when they publish “spy” reports on the next model year of vehicles.  The vehicles are typically wrapped to conceal what they actually look like and the windows may be tinted so darkly that you can’t see inside.  This is like encrypted traffic on the Internet.  You know it’s there, but you can’t tell what it is.  When you establish a VPN, it’s even better.  It’s like putting a tunnel over one of the four lanes on the highway.  The “public” traffic is happily driving along three of the lanes, able to see one another and get where they are going.  The traffic that is being sent across the VPN is being sent in the new tunnel that has taken over one of the lanes.  You know there is traffic there, but you can’t see it or access it.  It can only be seen at it’s starting and ending points.  It’s the safest way to send data, especially sensitive data.

When you connect to a wireless hotspot in a public location like a town square, a restaurant, hotel, etc., you are connecting to a very “public” network.  You should never log in to your bank or other sensitive site over a public wireless network.  Unless you are using a VPN.  If you use a VPN when connecting to these public networks, then you can safely connect to secure sites and protect your traffic from being seen by others.  I have used a VPN for years, for this very reason.

There are many excellent VPN’s on the market, but I am very excited that a company I trust a lot, Webroot, has a VPN specifically designed for WiFi.  Webroot has been an innovator in the cybersecurity space for years.  Their anti-virus/anti-malware tool, Webroot SecureAnywhere is a leader.  They have now added Webroot WiFi Security.  If you already have an anti-virus/anti-malware solution that you are happy with, you can add any VPN easily.  If you are looking for a better anti-virus/anti-malware solution and a VPN, there is a great bundle of both available as well.

I encourage you to check out Webroot’s WiFiSecurity.  Whether you decide to use that solution or another VPN, just pick one and stick with it.  You’ll be glad you did and a whole lot safer as well.

Keep a Clean Machine #CyberAware

Standard

keep-a-clean-machine-v3

Keep all software on internet-connected
devices – including personal computers, smartphones and tablets – current to reduce risk of infection from ransomware and malware.

 

 

  • Keep your mobile phone and apps up to date: Your mobile devices are just as vulnerable as your PC or laptop. Having the most up-to-date security software, web browser, operating system and apps is the best defense against viruses, malware and other online threats.
  • Delete when done: Many of us download apps for specific purposes, such as planning a vacation, and no longer need them afterwards, or we may have previously downloaded apps that are no longer useful or interesting to us. It’s a good security practice to delete all apps you no longer use.

Personal information is like money. Value it. Protect it. #CyberAware

Standard

Information about you, such aspersonal-info-v2 purchase history or location, has value – just like money.  Be thoughtful about who gets that information and how it is collected by apps, websites and all connected devices.

Your devices make it easy to connect to the world around you, but they can also pack a lot of info about you and your friends and family, such as your contacts, photos, videos, location and health and financial data. Follow these tips to manage your privacy in an always-on world.

  • Secure your devices: Use strong passwords, passcodes or face/touch ID features to lock your devices. These security measures can help protect your information if your devices are lost or stolen and keep prying eyes out.  Also consider a privacy screen, especially on your mobile devices, to keep prying eyes from seeing what you see.
  • Think before you app: Information about you, such as the games you like to play, your contacts list, where you shop and your location, has value – just like money. Be thoughtful about who gets that information and how it’s collected through apps.  Don’t play social media games that ask you for information about you, like what your first car was, the name of your first pet and other uniquely personal information.  Bad actors use this to build a profile about you so they can steal your identity.
  • Now you see me, now you don’t: Some stores and other locations look for devices with WiFi or Bluetooth turned on to track your movements while you are within range. Disable WiFi and Bluetooth when not in use.  There’s no need to tell everyone around you that your phone hotspot is available.  It’s just an invitation for a hacker to come after you.
  • Get savvy about WiFi hotspots: Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your mobile device while you are connected. Limit what you do on public WiFi, and avoid logging in to key accounts like email and financial services on these networks. Consider using a virtual private network (VPN) or a personal/mobile hotspot if you need a more secure connection on the go.  THis applies when you’re on the bus, plane or train as well.  Even though those networks only connect those who are there with you, there still could be a nefarious actor nearby who would be happy to snoop on what you are doing.

Be #CyberAware!

Testing Today at 2:18 PM – Wireless Emergency Alert (WEA) System.

Standard

IPAWSPlease be aware and spread the word that beginning at 2:18 PM today, Wednesday, October 3rd and lasting for approximately 30 minutes, the federal government will test the Wireless Emergency Alert (WEA) system for the first time.  This test was originally planned for last month, but delayed due to Hurricane Florence.

While this has been politicized as President Trump wanting to be able to text every cell phone in the nation, this is merely an extension of the Emergency Alert System (EAS) that we are all familiar with.  That distinct tone and screen you hear and see on radio when the Emergency Alert System is tested is being extended to devices that can receive text messages from the cellular networks.  This is part of the Integrated Public Alert and Warning System (IPAWS).  You may download a fact sheet about this test here.

The following are the details about today’s test:

The National EAS and WEA test will be held on the backup date of October 3, 2018, beginning at 2:18 p.m. EDT.

The Federal Emergency Management Agency (FEMA), in coordination with the Federal Communications Commission (FCC), will conduct a nationwide test of the Wireless Emergency Alerts (WEA) and Emergency Alert System (EAS) on the backup date of October 3, 2018 due to ongoing response efforts to Hurricane Florence. The WEA portion of the test commences at 2:18 p.m. EDT, and the EAS portion follows at 2:20 p.m. EDT. The test will assess the operational readiness of the infrastructure for distribution of a national message and determine whether improvements are needed.

The WEA test message will be sent to cell phones that are connected to wireless providers participating in WEA. This is the fourth EAS nationwide test and the first national WEA test. Previous EAS national tests were conducted in November 2011, September 2016,  and September 2017 in collaboration with the FCC, broadcasters, and emergency management officials in recognition of FEMA’s National Preparedness Month.

Cell towers will broadcast the WEA test for approximately 30 minutes beginning at 2:18 p.m. EDT. During this time, WEA compatible cell phones that are switched on, within range of an active cell tower, and whose wireless provider participates in WEA should be capable of receiving the test message. Some cell phones will not receive the test message, and cell phones should only receive the message once. The WEA test message will have a header that reads “Presidential Alert” and text that says:

“THIS IS A TEST of the National Wireless Emergency Alert System. No action is needed.”

The WEA system is used to warn the public about dangerous weather, missing children, and other critical situations through alerts on cell phones. The national test will use the same special tone and vibration as with all WEA messages (i.e. Tornado Warning, AMBER Alert). Users cannot opt out of receiving the WEA test.

The EAS is a national public warning system that provides the President with the communications capability to address the nation during a national emergency. The test is made available to EAS participants (i.e., radio and television broadcasters, cable systems, satellite radio and television providers, and wireline video providers) and is scheduled to last approximately one minute. The test message will be similar to regular monthly EAS test messages with which the public is familiar. The EAS message will include a reference to the WEA test:

“THIS IS A TEST of the National Emergency Alert System. This system was developed by broadcast and cable operators in voluntary cooperation with the Federal Emergency Management Agency, the Federal Communications Commission, and local authorities to keep you informed in the event of an emergency. If this had been an actual emergency an official message would have followed the tone alert you heard at the start of this message. A similar wireless emergency alert test message has been sent to all cell phones nationwide. Some cell phones will receive the message; others will not. No action is required.”

The test was originally planned for September 20, 2018 but has been postponed until October 3, 2018 due to ongoing response efforts to Hurricane Florence.

Surviving a Crippled Smartphone

Standard

While on vacation this week, my iPhone X developed a perplexing and crippling fix-iphone-x-unresponsive-screen-498x800problem.  My wife and I were walking down the beach, taking pictures from time to time with my phone.  I had it in the back pocket of my swimsuit and I was not wet, nor was the phone.  I would take it out of my pocket, tap the camera widget on the lock screen, take a picture and put it back.

One time doing this, the widget was greyed out, as if the camera didn’t exist.  At the same time, I noticed that the touchscreen was completely unresponsive.  I was unable to unlock the phone using Face ID, nor was I able to tap in the passcode to manually unlock it.  Not thinking much more that the phone was acting up, I used the camera app on my Apple Watch to take pictures of things we wanted to capture as we walked.  Sure enough, that worked and the photo’s uploaded to iCloud as I could see them on my iPad and PC.

But the touchscreen would not work.  Multiple soft resets would not resolve the issue.  I was unable to hard reset the phone as I could not connect to iTunes on my PC because I was not able to acknowledge the prompts on the screen.  The iPhone X was unresponsive, except it was working.  I just couldn’t control it at all.

The next morning, I went to local Verizon store, hoping they would be able to hard reset it and perhaps bring it back to full functionality.  Unfortunately, they could not and my only option was a warranty replacement.  If I had been close to an Apple Store, I would have been able to go there and get it replaced the same day.  Unfortuantely, I was not and was heading home the next day, so opted to have Verizon overnight me the warranty replacement.

Fortunately, becuase I have an Apple Watch and an iPad, I was able to limp along while I waited for a new phone to be overnighted to me under warranty.  I could take calls and send and receive texts on either device.  Takeing calls on the Apple Watch is still a little humorous and definitely gets interesting looks, but it works.  I was also lucky, because the iPhone still paired to my car and I was able to operate it using the steering wheel controls to make and take calls on the drive home, to meet my new iPhone, which is now easily up and running thanks to iCloud backup restoring nearly all of my apps and settings.

About the only thing I was not able to do was receive pictures and videos via text on the Apple Watch.  When those would come in, it would tell me I needed to view the message on my iPhone.  That wasn’t happening, so I had to wait to get back to my iPad on WiFi, but all in all, for a pretty crippling event, I was able to stay in touch and functional and was back to full operation in under two days.  Not bad.

It’s Internet Safety Month #CyberAware

Standard

Happy June!  Did you know that June is Internet Safety Month?  Well now you do.

The National Cyber Security Alliance, NCSA, has declared June Internet Safety Month and this year, the focus is on mobility.  I recommend reading the NCSA press release “Stay #CyberAware on Mobile Devices during Internet Safety Month and All Year Round” for a wealth of informational resources.

This years theme centers around kids getting out of school and families taking summer trips.  It’s all about mobility and your online presence.  Major topic areas cover “Be Smart About Socializing”, “Stay in the Game Safely”, “Getting Ready to Go”, and “While on the Go.”  There are also links to virtual events that you may be interested in participating in.

Enjoy the month of June and the entire summer.  And do so safely.

NCSA

It’s a Hands Free World, Almost…

Standard

UPDATE: I originally wrote this post yesterday, but had to share a few things from my ride home after having posted this.  While in traffic just south of Providence, RI, I snapped a quick picture of the very clear signage that is displayed on the highway about the new law.  Yes, I was stopped in traffic at the time.

RIDOT

What I found so ironic was the driver in front of.  A professional looking guy in a dress shirt who was continually looking down at his phone while in this traffic.  When cars would begin to move, he would leave a large gap, so he could keep looking at his phone and when he finally looked up, he would speed ahead until he had to stop or slow down again.  Repeat, over and over and over.  Any wonder why these laws are necessary?  He almost caused a rear ender at least twice and then zipped across two lanes to make his exit that he almost missed.  Unreal.

Even more unreal was the woman just south of Boston.  Again, bumper to bumper keep-calm-baby-on-board-1traffic.  This lady had a sticker on her rear window that read, “Keep Calm, Baby on Board.”  That’s nice, expect she was on her phone texting the entire time we were in traffic.  She had her phone in her hand, about level with her steering wheel.  I wish I was kidding.  Her window was down and were it not for my wife’s voice in my head imploring me not to do it, for fear of freaking her out, I would have rolled down my window and yelled to her that she was being incredibly foolish.  So yes, we clearly need these laws and we need them enforced.

Below is the original post:

Hands-free-law

I am working in our Rhode Island office today and while driving in this morning, the highway signs were all aglow announcing the implementation of Rhode Island’s new hands free law, which goes into effect tomorrow, June 1, 2018.

One of the things I like about the Rhode Island law is that if you are cited for a violation, you may receive a waiver of the $100 fine if you show proof of purchase for a hands free device.  This only applies to your first citation, but I like that it encourages you to comply by incenting you to do the right thing.

I also like the fact that car manufacturers are embedding ever improving technology in their vehicles so that you can truly be hands free while you drive.  I recently purchased a new car and I can be 100% hands free thanks to various technologies, including Siri Eyes Free, which allows me to send text messages or call people without ever taking my eyes off the road.

My home state of New Hampshire, has had a pretty strict hands free law on the books for several years now.  Obviously, the intent of these laws is to prevent distracted driving from drivers making calls, using apps and texting while driving.  Unfortunately, even with these laws in place, I still see a lot of people holding their phones and using them while driving.

You know what I’m talking about.  You see the cars just sitting at a green light, because they were stopped and picked up their phone to text or check social media, etc. and then the light turns green and they are staring at their phone instead of the road and the traffic light they are at.  Or, you see a car drifting between lanes on the highway, often you will see the driver looking at their phone.

As of tomorrow, 16 states, D.C., Puerto Rico, Guam and the U.S. Virgin Islands prohibit all drivers from using hand-held cell phones while driving.  When it comes to text messaging, 47 states, D.C., Puerto Rico, Guam and the U.S. Virgin Islands ban text messaging for all drivers.  These are referred to as primary laws, meaning you can be pulled over and issued a ticket just for this.  It does not have to be in conjunction with another reason for being stopped by the police.

I wish it were all 50 states and territories and a complete ban, not just texting, but at least we are getting closer.  According to the Governors Highway Safety Association, only Montana has no laws regarding cell phone use or texting.  The GHSA has a great overview of laws, state by state, which you may review at this link.  Just click the + sign next to any state to see the specifics.

Yes! We did it! But there’s more to be done.

Standard

Yes!I am thrilled to report that U.S. Senate has voted to overturn the FCC repeal of net neutrality rules.  Thank you to everyone who read my posts and took action to make your voice hear.  While this is a great victory, sadly it only gets us to first base, using a baseball analogy.  To get to second base, the measure will now go to the U.S. House, where it faces more opposition.  Three Republican Senators voted based on the desire of their constituents to protect net neutrality.  Thank you Senators Collins, Murkowski and Kennedy for representing your voters over your party.  It’s sad more Senators did not do the same, but that is the state of hostile politics in our nation today.

Now we need to flood the House, especially the Repulican Representatives, to encourage them to vote in support of the repeal.  Only then will the measure move to the President’s desk for signature.  That’s the rounding of third base we need to ensure net neutrality does not go away on June 11.  That’s the home run we need, so if you have a Republican representative, please contact them, repeatedly, and remind them 86% of American’s support overturning this repeal.  The will of the people is clear and is has nothing to do with any political party.  It has to do with what is right for this country, our citizens and our economy.

Thank you for what you’ve done to date.  Please keep the pressure on!  The voice of the people is able to be heard.  Today’s vote proves it.

Go to www.battleforthenet.com to contact your Representative about the upcoming vote in the House.

Cell Phone Spying is Here

Standard

As if we didn’t have enough privacy worries, confirmation came this week that cell phone spying is actively taking place in the United States and specifically in Washington, DC.

Now this should really not come as a huge surprise, but the ease with which it can beStingRayII done is a cause for concern.  In DC, the Department of Homeland Security has confirmed that it has identified several “StingRay” devices in the city.  These are devices that trick mobile phones into connecting to them instead of a legitimate cell tower.  In so doing, they are able to intercept voice conversations and text messaging.  Some experts suggest malware could also be installed onto connected devices, without the user knowing.  These immitation cell towers are also able to track the location of a given device, making them an excellent tracking tool.  What’s more is that these devices are not physically large.  We are not talking about a fake cell tower that rises high into the skyline.  Some say they can be as small as a cell phone, or like a moderately sized piece of audio equipment.  There is even some thought that they are able to be deployed in low flying aircraft to not only lock on to a mobile device but to follow it almost without limit.

These devices are known to be in use by some police departments and the intelligence services.  This partly explains a battle between the FCC and the wireless carriers around who is responsible for securing the wireless networks from these types of threats.  Fully securing the wireless infrastucture could prevent police and intelligence services from carrying on surveillance that may be critical to national and local security.

This will not be an easy issue to address.  If you’ve been thinking that your cell phone is immune to being intercepted, think again.  It will be interesting to see how this plays out.

OK Waze!

Standard

As you may know, I’m a big fan of Waze.  I use it every day and use it instead of my OKWazevehicles built in navigation as it’s more up to date and reliable, not to mention offers a wealth of additional features that I value.

Recently, the Google team updated Waze to respond to voice commands.  If you go into “Settings” and then click on “Sound & voice” and then “Talk to Waze” and enable “Say “OK Waze”” you can speak to Waze in a completely hands free experience.

When this was first released, it was flawed.  When your smartphone is connected to your in-car Bluetooth and this feature is enabled, the first time you say “OK Waze,” Waze took over your in-car audio system.  Once you issued that verbal command, your in-car microphone remained engaged so that you were no longer able to use any of your in-car entertainment options.  This was not good.

I’m pleased to see that Waze has released an update so that this no longer takes place.  Waze now uses the smartphone microphone to listen for your “OK Waze” command and then allows you to speak to Waze through your in-car Bluetooth, as if you are on a phone call.  Once you are done, control is passed back to your in-car entertainment system and Waze returns to listening via your smartphone microphone.  This is perfect!

Here is how this works.  I’m driving with Waze up on my smartphone and the radio on.  I see a car stopped on the side of the road.  I say “OK Waze” and the radio goes silent and Waze goes into listening mode.  I say “Report vehicle stopped on shoulder” and Waze repeats my request and asks me to approve.  I say “yes” and Waze notes my report on the map at the point I first said “OK Waze.”  This contrasts with no less than 5 taps on the screen to accomplish the same thing, which is not at all safe and a violation of many states hands free laws.

To be fair, there is also a setting you can enable so that when you tap with three fingers on the screen Waze would listen for voice commands.  However, not having to touch or look at the smartphone at all is the best and safest method.

Well done Waze!  Keep up the innovation with a constant focus on user safety.