How Mobile Apps Lead To Data Theft

September 19th, 2014

Mobile apps concept

Most computer users have embraced their need for effective security tools, like firewalls and antivirus programs. Mobile device users have yet to fully understand the risks associated with their devices, however. This becomes a serious problem when those unescured devices are connected to businesses’ networks and gaining access to valuable data. As Teri Robinson reports for SC Magazine, the insecurity often stems from apps.

IT Research firm Gartner reports that three-quarters of mobile apps will fail to meet basic security standards. This isn’t a problem that’s likely to go away soon, either, as Gartner estimates that apps won’t begin to improve until 2016 at the earliest.

Businesses are continuing to embrace the use of third-party commercial apps and mobile computing. There are a number of benefits of doing so, but there are also inherent risks. Currently, most security tools available focus on on-premises access, rather than individuals accessing data remotely. As one CEO put it, “they are built to solve yesterday’s problems”.

In the case of apps, security is rarely the primary focus. Testing is likely done before the app hits the market, but it’s usually for usability and functionality.

In attacks exploiting insecure apps, companies’ servers are vulnerable, which allows for the loss of data that’s either critical to operations, or critical to customers.

Better testing and more intelligent security tools are needed to adequately protect servers from the uses employees have already put into action. In this case, the cart has come before the horse with mobile devices being used to access more data than they’re currently secured for.

At Geek Rescue, we have the capabilities necessary to handle any of your organization’s IT needs, including improving security. Give us a call at 918-392-0745.

For your other business solutions needs, visit our parent company JD Young.

Five Setting To Change In iOS 8 For Privacy

September 18th, 2014

Smartphone with mobile security

Now that iOS 8 is available to be downloaded on older devices, and with the iPhone 6 set to be released tomorrow, it’s time to identify the risks involved with the new operating system. Any new OS comes with some default settings that need to be changed to maximize the security and privacy of your device. At ZDNet, Zack Whittaker helps locate the settings that users should change immediately after adding iOS 8 to their phones and tablets.

  • Location tracking in apps

You may have noticed that a number of apps request access to track your location even when it doesn’t seem to make any sense for them to do so. Even worse is that these apps often try to continue tracking your location when they’re not in use. In iOS 8, you’ll be prompted with a pop-up notification informing you that an app wants to track your location “even when you are not using the app”. In most cases, you’ll want to tap “Don’t Allow” when confronted with this pop-up. If you find out later that the app really does need your location, you can always change this selection in the app settings.

  • Apps uploading data

Another problematic characteristic of apps is their insistence that you give them access to your personal data like your contacts, email, photos and calendar. Social networking apps might use these to help you find friends who are also using the app. But others don’t have any real functionality tied to this data. Instead, the app simply uploads this information to their servers, which means this data is in another location where it can be stolen and used against you. To stop this, go to the ‘Settings’ menu and select ‘Privacy’. Then, you can go and select which apps have access to certain data on your device.

  • Find My iPhone

If you lose your phone, this feature is your best hope for finding it. This feature also allows you to lock or remotely erase your phone in the event of theft and your phone will send its location to Apple’s servers just before it powers down. To enable it, again head to the ‘Settings’ menu, then ‘iCloud’ and select ‘Find my iPhone’.

  • Expiration of iMessages

iOS 8 introduces the option to send voice and video messages through iMessage. Unfortunately, messages of any kind sent with iMessage are available to anyone with access to your device. That means if you keep messages saved forever, anyone could go back and read, listen or watch them. To prevent that, enable the option to have messages expire after a specified amount of time. Head to ‘Settings’, ‘Messages’ then ‘Keep Messages’ to see your options.

  • Ad tracking

Most users don’t want advertisers to be able to track their location and data, but they can do just that through the Safari web browser if the right settings aren’t changed. While you aren’t likely to stop the practice altogether, you can limit the data collected by going to the ‘Settings’ menu, then ‘Privacy’ and ‘Advertising’. Enable ‘Limit Ad Tracking’ and use the ‘Reset Advertising Identifier’ option.

These are the settings most users will want to change immediately once they’ve either downloaded iOS 8 or purchased their new iPhone 6. These changes don’t make your device completely secure, but they do help.

If any of your devices are in need of a fix, bring them to Geek Rescue or call us at 918-369-4335.

For business solutions needs, visit our parent company JD Young.

Four Reasons To Wait To Upgrade To iOS 8

September 17th, 2014

Apple iPhone

Apple’s latest mobile operating system, iOS 8, is set to be made available today, just ahead of the release of the iPhone 6. The new OS is compatible all the way back to the iPhone 4S, although installing it on older devices is bound to come with some issues. Before you upgrade your device to iOS 8, however, Zack Whittaker of ZDNet suggested a few reasons why waiting is a better option.

  • App Compatibility

Apple makes new operating systems available to developers well ahead of their official release. This way, apps can be tested and made compatible for users when they decide to upgrade their device. However, not every app on your phone or tablet is likely to work with iOS 8 immediately. You can bet that Facebook, Twitter and other well-known, widely distributed apps will be compatible and may even have some additional features. However, other apps may either not be getting an update, or may be stuck in the Apple queue, waiting for the updated version to be approved so it can make it’s way to the App Store.

  • No Jailbreaks

Many users take the opportunity to “jailbreak” their devices, which voids the warranty but allows them additional functionality and compatibility. It usually takes a few weeks for a new version of iOS to get hacked and a new jailbreak to be made available, however. And so far, there hasn’t been much news at all about jailbreaks for iOS 8. So, if you rely on your device to be jailbroken, updating to iOS 8 is not a wise choice.

  • Initial Bugs

As with any large scale update, there will be bugs for early adopters. These will likely be fairly minor, but could lead to some major annoyances. If you don’t have a good reason to upgrade your device, and it’s working well currently, then waiting a few weeks to adopt iOS 8 could save you from these issues as Apple will patch and update to fix the bugs as they’re reported.

  • No Downgrading

Before upgrading any device, it’s wise to create a back-up of all of your files, just in case the upgrade wipes out anything you wanted to keep. Even with back-ups, once you’ve upgraded to iOS 8, downgrading back to iOS 7 is not easy. In fact, Apple doesn’t support the most common ways of downgrading a device and it takes unofficial apps and software. So, the choice to upgrade isn’t one to be taken lightly.

Despite these potential problems, iOS 8 has its advantages over previous versions of Apple’s operating systems. However, it isn’t worth rushing into.

If you need help with your iPhone, iPad or any other device, come by Geek Rescue or call us at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

The iPhone 6 Does Not Feature A Sapphire Glass Screen. Why Not?

September 15th, 2014

Smartphone with screen shattering

Apple has officially introduced the iPhone 6 to the public, which means the months of speculation about the specifications of the new device are over. Now, questions about why Apple chose to include certain details can take over. One of the first questions many had after the iPhone 6’s release was about the decision to use ion-strengthened glass screens instead of sapphire glass. Apple signed a contract with the manufacturer of sapphire glass, GT Advanced Technologies, in November of 2013, which fueled theories that the glass would take over as the material for iPhone screens. As Jason Hahn reports for Digital Trends, there are a few reasons why that didn’t occur for the iPhone 6.

The first obstacle for sapphire glass was the short deadline before the iPhone 6’s release. A 10-month period wasn’t enough time to produce, test and perfect a new smartphone screen.

It appears that, at least at some point, the plan was to include sapphire glass on the iPhone 6, but the screens were unable to pass drop tests. Not only could the sapphire glass not withstand standard drop tests, it also came at a premium price. Those two factors made an alternative to sapphire glass a necessity for the iPhone 6.

Apple isn’t ready to move on from sapphire glass yet though. It will be featured on the Apple Watch, which has the tech world buzzing. Oddly, it’s rumored that the Apple Watch Sport will instead feature the same ion-strengthened glass as the iPhone 6.

While the latest iPhone will likely be an improvement over previous models in terms of durability, it’s still far from unbreakable. Many critics hoped the inclusion of sapphire glass would finally end the days of cracked screens, but that will have to wait for now. The wait for the new iPhone 6 will be over September 19th.

If you have a cracked screen, other broken hardware or are just having trouble with your iPhone, bring it to Geek Rescue or call us at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

Millions Of Google Accounts At Risk After Passwords Stolen

September 10th, 2014

Stolen password concept

Despite the inherent dangers, many users continue to use the same password over and over again for all of their online accounts. Doing so makes it significantly easier to break into those accounts and, when one account is compromised, it greatly increases the risk to other accounts as well. That issue is the reason that a recent theft of Gmail addresses and passwords could potentially lead to millions of compromised accounts. As Lucian Constantin reports for PC World, 5-million email addresses and accompanying passwords were dumped in plain text on an online forum, recently.

The Gmail addresses all have a corresponding password with them, but that password isn’t necessarily the password to the user’s Google account. Instead, it’s suspected that rather than hacking Google to steal this information, cyber criminals have hacked other sites over the span of months or even years to compile this list. By hacking other sites that require an email address to register, the criminals were able to compile a list of Gmail accounts with a possible password that that user has used in the past.

So, for those users who re-use passwords, an unknown number of people could now know both their Gmail address and the password they need to log into it. Thanks to Google’s all-inclusive nature of accounts, compromising an individual Gmail account could also mean compromising their Google+ page, YouTube account, Google Drive and any other Google service being used.

It’s unconfirmed how many of the 5-million addresses and passwords are valid, but it’s estimated that at least 60-percent could be used successfully. That means that about 3-million Gmail users have their log-in credentials available online in plain text. Even if you don’t re-use passwords, this still seems like an ideal time to change not only your Gmail password, but also your password to other important online accounts as well.

At Geek Rescue, we have the expertise to enhance security at home or at the office and on any type of internet-ready device. If you have questions or concerns regarding the security of your devices, call us at 918-369-4335.

For other business solutions, visit our parent company JD Young.

Google Is Offering To Replace Broken Nexus 5 Smartphones For Free

September 5th, 2014

Google building

Breaking your smartphone is a terrible experience. That’s especially true when your phone is fairly new. For some lucky Nexus 5 owners, a broken phone can be easily replaced at no cost. As Robert Sorokanich reports for Gizmodo, Google is offering to replace any broken Nexus 5 handsets for free, regardless of how the device was broken.

Google is calling this offer a “special exception” that’s only available to US customers. There’s been no word on why Google is willing to replace broken smartphones and they’ve actually been pretty quiet about the offer.

There are a couple of qualifiers to the deal. First, users must have bought their Nexus 5 through the Google Play Store. Those who have broken their device can then call Google to order a refurbished but otherwise new smartphone. Your credit card will be charged the full price for the replacement phone, but will be refunded once Google has received your broken phone.

The number to call is (855) 836- 3987.

Motorola and HTC have also offered free phone replacement deals in the past. Often, it’s a way to clear out back inventory for older devices. The Nexus 5 is in no way old, but it has been on the market for nearly a year, which means Google is likely trying to clear room for the next model.

If you qualify, this is an excellent opportunity to avoid having to either use a broken smartphone, or pay full price for a new one.

If you have a broken smartphone that doesn’t qualify for a free replacement, Geek Rescue is here to help. Call us at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

Four Tips For Keeping Your Mobile Device Safe

September 2nd, 2014

Smartphone with padlock

It’s no secret that mobile devices, like smartphones and tablets, are becoming an increasingly attractive target for cyber attacks. Threats associated with mobile devices have increased exponentially over the past two years and will likely continue to increase as more users store more information on their phones and tablets and use them to access more. That’s why it’s more important than ever to know how to keep your devices safe and protected. A post at Spyware News details a few helpful tips for preventing malware infection and keeping your mobile devices safe from attacks.

  • Texts from unknown numbers

Most smartphone users have received a text from a number they don’t have saved in their contacts. When these messages are from a friend whose number has recently changed, they’re perfectly harmless. However, when these messages contain links to websites, or inform you about services you don’t remember ordering, it’s a sign of a problem. The last thing you should do is click on the links provided or reply to these messages. If the message claims to be from a legitimate business, like your cell phone provider, you should contact them directly to find out about the message.

  • Update your operating system

Updates for mobile operating systems come out fairly often. The reason for that is because of security flaws that are found and exploited by attackers. When you don’t update in a timely manner, you’re leaving a gaping hole in your phone or tablet’s security, which attackers already know how to exploit. It’s always a good idea to back-up your device before updating the OS, but be sure it doesn’t take you too long to implement the updates.

  • Beware of apps

The apps you choose to install on your device are often the gateway for malware. Some apps are actually malicious programs, but others simply don’t have adequate security in the case of an attempted attack. If you’ve installed apps from outside the official app store for your device, there’s a better than average chance that you’ve opened yourself up to infection. Even official apps have been known to contain issues, however. So, you’ll want to update them regularly too and be sure you’re aware of the permissions each app is granted.

  • Wi-Fi

It’s common for users to leave their Wi-Fi capabilities turned on at all times. This way, their device connects automatically to available networks. It’s convenient, but it isn’t always safe. If your device is set to connect to any network within range, it could be automatically connecting to unsafe networks without you even knowing it. That could potentially allow others on the network to monitor your activity and gain access to your personal information. When you’re away from trusted Wi-Fi networks, it’s a good idea to turn off that capability.

Keeping information stored and accessed by your mobile device safe isn’t as easy as it once was, but with a few intelligent practices, you’ll be able to stay protected.

If any of your devices have been attacked or infected by malware, or you’d like to implement better security, call Geek Rescue at 918-369-4335.

For your business solutions needs, visit our parent company JD Young.

iPhone 5 Battery Issues Prompt Action From Apple

August 26th, 2014

Apple iPhone

The iPhone 5 was released in September of 2012 and only enjoyed a one-year reign as Apple’s flagship smartphone before being replaced by the iPhone 5S. Still, the iPhone 5 is remains widely used, but it’s not without its faults. Most notably, an issue with the battery that results in charges lasting a shorter and shorter amount of time. At CNet, Shara Tibken reports that Apple is offering free replacement batteries to users with one of these troublesome devices.

Apple maintains that only “a small percentage of iPhone 5 devices may suddenly experience shorter battery life”, but the problem is evidently large enough to warrant a recall. The one exception is that only devices purchased between the iPhone 5’s release in 2012 and January of 2013 are eligible for a free battery replacement. Those users experiencing similar problems with devices purchased outside of this window are on their own.

To find out if your phone is eligible, put your serial number into this page Apple has created specifically for this issue.

If you’ve already paid to replace a defective battery on an eligible device, Apple advises you contact them about refunding the price of the replacement. However, if you’re planning to take advantage of this offer, any damage that impairs the replacement of the battery, which includes a cracked screen, will have to be repaired first.

This isn’t the first issue with the iPhone 5 that’s necessitated a free replacement from Apple directly. In May, Sleep/Wake buttons were recalled when users reported problems. Eligible customers in that case were also treated to a free fix.

The iPhone 5S and Macbook laptops have also been the subject of free fixes for problems that crop up long after the device’s release.

If you’re having problems with any of your devices that aren’t eligible for a free fix from the manufacturer, call Geek Rescue at 918-369-4335.

And for your business solutions needs, visit our parent company JD Young.

Study Reveals The Risk Involved With Chrome Extensions

August 21st, 2014

Risk knob turned towards high

Google’s Chrome browser includes a number of useful features itself, but it also offers the opportunity to add features and capabilities through extensions. There are thousands of options for extensions offering a variety of functionality. Not all of these extensions are trustworthy, however. At Tech World, Jeremy Kirk reports that about 10-percent of Chrome extensions examined by security researchers were deemed either malicious or suspicious.

Researchers began looking closely at extensions due to concerns that they are the next attacking point for cybercriminals because of the potentially valuable information available through compromised web browsers. After examining 48-thousand extensions, researchers found 130 that were outright malicious and another 4712 suspicious extensions.

The flagged extensions were capable of various misdeeds, including affiliate fraud, credential theft, advertising fraud and social network abuse.

Much like malicious apps, extensions are granted permissions that give them a great deal of power. Malicious extensions have been observed intercepting web requests from the browser and injecting JavaScript into web pages. Researchers hope that the results of this study help to make clear that extensions need to be more limited.

If you’ve installed a malicious extension, you also won’t know about it right away. The extensions are designed to stay dormant until you visit a specific type of website. Even then, a typical user may not notice any malicious or suspicious behavior.

Google has already reacted to these findings and is attempting to make it harder for unofficial extensions, like those found outside of their Web Store, to be installed. It’s likely more changes will be implemented soon so that Google can exert even more control over extensions.

While some of the flagged extensions weren’t harmful to users, they still displayed activity that was suspicious in nature, like changing ads on a site. Some of these extensions have been downloaded millions of times.

If you’ve installed any extensions from outside of Google’s Web Store, your safest option is to uninstall it immediately. If you feel your computer has been compromised and may still be infected by malware, call Geek Rescue at 918-369-4335.

For your business solution needs, visit our parent company JD Young.

Bank Of American Email Scam Spreading Dangerous Malware

August 18th, 2014

No Spam sign

Cryptowall is the latest ransomware malware to be claiming victims. Much like CryptoLocker, Cryptowall encrypts the files on a victim’s computer and demands a payment to decrypt those files. This malware is usually spread as an attachment on spam emails. A post at Spyware News details the Bank of America email scam that’s currently spreading Cryptowall.

If you’re not a Bank of America customer, it’s easy to ignore messages claiming to be from the bank about your account. Those that do have active accounts find the messages more believable, however.

Users are reporting seeing emails claiming to be from Bank of America with an attachment. The emails are from “Andrea.Talbot@bofa.com” and advises the user to open the attachment because it contains information about their account. The email contains an office phone number and cell number with an 817 area code and even includes a standard confidentiality notice at the bottom. The email appears to be legitimate except for the fact that no bank, much less on the size of Bank of America, would send confidential account information to customers this way.

The attached file is named “AccountsDocument.zip” but those that download it quickly discover that it’s malware. Specifically, it’s the Cryptowall virus that encrypts files.

For the time being, be extra cautious about opening any emails from Bank of America and don’t download any attachments. If you have questions about an email, always contact the institution named in the email directly, rather than downloading attachments or following links provided.

Unfortunately, if you’ve become infected by Cryptowall, or a similar virus, there’s often no easy way around it. If you’ve recently backed-up your system, you can restore the encrypted files after the malware has been removed. Otherwise, you may not be able to recover the encrypted files.

If your device is infected with malware of any kind, call Geek Rescue for help at 918-369-4335.

For business solutions needs, visit our parent company JD Young.