Proposed City-Wide Wireless Networks Contain Security Concerns

August 4th, 2014

2 men with smartphones

An initiative in New York City would turn largely abandoned pay phones into WiFi stations to supply residents with free internet access. On the surface, this seems like a great deal, but there are inherent security risks connected to a free WiFi network. At Computer World, Evan Schuman discusses the potential dangers of a city-wide WiFi network and some dangers to be aware of for free WiFi in general.

The first aspect of such a network to be concerned about is who is providing it. Among the vendors that were invited to bid on New York’s proposed project were companies notorious for using and selling their users’ data, including Google. With no limitations in place, the vendor supplying these WiFi stations would be able to track users’ locations, what devices on the network are being used for and potentially even what is being transmitted over the network. All of this available data would likely be used or sold for advertising. But what happens if someone besides the vendor wants to steal this data?

In a city-wide WiFi network, users would never know who else was connected and positioned to steal anything transmitted over that network. For the same reasons that its dangerous to send important emails or make online payments in a coffee shop, it would be inadvisable to use a city-wide WiFi network for anything beyond casual web surfing. Even logging into social media sites could lead to attacks or hacks down the road.

Now think of these issues from a business viewpoint. Many employees are walking around with sensitive data on mobile devices. This company data becomes extremely vulnerable on an unprotected wireless network. This proposed network in New York, which other cities across the US are also considering, would be largely unprotected because it would be free to anyone, regardless of device or service provider.

There are options for security, even when connecting to a vulnerable network. Most notably, VPNs, or Virtual Private Networks can be used to keep other users from accessing your data. For Apple devices, the next operating system, iOS 8, is rumored to include security features to keep users safer on public WiFi. Still, there are plenty of concerns.

For help securing your own wireless network or device, or to recover from an attack, call Geek Rescue at 918-369-4335.

For business solution needs, visit our parent company JD Young.

Installing OS X Yosemite Beta On Your Mac

July 24th, 2014

Mac mouse, keyboard and monitor

OS X Yosemite, the latest operating system for Macs, is now available as a public beta version. We’ve gone over some of the most exciting features of Yosemite, but if you’re planning to experience the beta version before an official version is released, you need to know how best to install it. At LifeHacker, Thorin Klosowski walks you through the process. This way, you won’t be stuck with an inevitably buggy operating system. Instead, you’ll still have OS X Mavericks to fall back on.

The first step is downloading the beta operating system. If you signed up to participate, you should have instructions emailed to you. Then, you’re going to create a partition on your hard drive, which allows you to install a second operating system and boot directly into it.

  • Go to ‘Applications’ and select ‘Utilities’
  • Select your Hard Drive
  • Click the ‘Partition’ button
  • Click the ‘+’ icon
  • Choose how large the partition will be- It’s recommended you allocate between 10 and 30 GB for Yosemite.
  • Name the partition and click ‘Apply’
  • Launch the ‘Yosemite Installer’
  • At the ‘Choose a Disk’ prompt, select ‘Show All Disks’ and choose the partition you created. 

Now you’ve installed OS X Yosemite on your partition. There’s one more step to boot into it, however. When your system is starting, hold the ‘Option’ key and select the partition you want to boot to.

Once you’re finished with the beta version, you can go back and delete the partition you created, or you can keep it until the next version of Yosemite is released so you can test it before completely committing.

This is certainly not the only way to use OS X Yosemite without losing your existing operating system, but it is one method that works without additional services or much expertise needed.

If you need help with your Mac or other devices, let Geek Rescue be your tech support. Call us at 918-369-4335.

For your business solution needs, visit our parent company, JD Young.

 

 

Four New OS X Yosemite Features That Integrate With iOS 8

July 23rd, 2014

Macbook and iPad

The public beta version of Apple’s latest redesign of their OS X operating system is now available. OS X Yosemite includes a number of new features and a new look. Some of the best features aren’t available in this beta version, however. As Mario Aguilar reports for Gizmodo, many of the new operating system’s features will integrate with Apple’s new mobile operating system, iOS 8, which is not yet available. Here are some of those features to look forward to.

  • Handoff

Have you ever been looking at something on your smartphone, then wanted to look at the same thing on your desktop? This new feature of OS X Yosemite lets you do that seamlessly. It also works the other way to grab something on your phone that you were viewing on your desktop. So, say you pulled up a document on your Mac, then left to run an errand. You could grab that same document, or other task, on your phone.

  • Instant Hotspot

With this feature, you can share your iPhone’s internet connection with your Mac. This likely won’t be beneficial most of the time, but if your home internet goes down at a critical time, it’s nice to know your phone can be used temporarily to get your desktop back up and running.

  • Calls and SMS on Mac

Apple’s iMessage has already been available to Mac users, but now that capability has been expanded so you can take phone calls and text messages on your Mac. You’ll never have to wonder if you’ve missed a call while your phone is charging in another room.

  • iCloud Drive

The iCloud storage system has been the focus of much speculation, but Apple is finally turning it into what it should have been all along. Now, it will operate similar to Dropbox. Simply move files to iCloud and then you’re able to access them across all of your Apple devices.

The features listed are only the additional capabilities OS X Yosemite will feature once iOS 8 hits the market. The new Mac operating system also has a number of stand alone features that users should also find useful.

If you’re having problems with any of your Apple devices, come by Geek Rescue or call us at 918-369-4335.

For your business solution needs, visit our parent company, JD Young.

 

Apple Devices Being Hacked And Held For Ransom

May 27th, 2014

iPhone

Apple devices are extremely popular, which unfortunately makes them a target for theft. To combat this as much as possible, Apple includes features to help users find lost or stolen devices, but these features contain security vulnerabilities of their own. The latest reports, as noted by Loek Essers of TechWorld, center around the “Find My iPhone” feature and a form of ransomware.

When ‘Find My iPhone’ is enabled, users are able to track it to see its current location or lock the device and display a custom message. Users are reporting that their iCloud accounts are being hacked and ‘Find My iPhone’ enabled on their own devices, however. A message informing them that they’ve been hacked by “Oleg Pliss” is displayed and a $100 ransom is demanded.

Users have also reported that while they’re able to log-in to their Apple accounts, they’re unable to disable Lost mode and unlock the device on their own.

At least for some of the victimized users, the problem may stem from the eBay hacking from earlier this month. Some users admit they use the same passwords for their Apple account as they did for eBay.

For now, Apple has been silent on the issue and hasn’t officially suggested a way to unlock hacked devices. The only fix to be found so far is to restore the device to factory settings.

It’s not just iPhones that have been affected either. All Apple device have a similar feature to help find them when they’re lost or stolen and all are vulnerable to this same ransom tactic. So far, users in Australia, Great Britain and Canada have all reported being hacked, but no users from the US have had the same problem.

Before the problem spreads to the US, it’s a good idea to change your passwords, especially if you held an account at eBay that may have been compromised.

If any of your device are hacked, infected with malware, or break, bring them to Geek Rescue or call us at 918-369-4335.

Three Common Problems And Solutions For Apple’s iMessage

May 20th, 2014

iPhone messaging

If you’re an iPhone user, you’re likely familiar with iMessage, an alternative to SMS messaging between Apple users only. You’re also probably familiar with iMessage issues, which seem to be numerous. At Lifehacker, Thorin Klosowski has some advice for how to overcome some of the most common problems encountered by iMessage users.

  • Syncing Problems

If you have an iPhone, you may also have an iPad and Mac. Apple counted on this loyalty when they built in the ability to sync iMessage to different devices. Unfortunately, it’s not so easy to get syncing to work correctly. If you’re having trouble, the first thing to check is whether the phone number and email on iMessage matches on each device. On your iPhone, go to the Messages Settings menu and select ‘Send and Receive’. On your Mac, with Messages open, check the Preferences menu. Now match up the email address and phone number shown on each device. If they’re not the same, that’s your problem. If they are, try restarting both devices.

  • Loss Of Service

Losing service on your smartphone is frustrating but it becomes worse when it completely breaks iMessage, even once service is restored. Some users have experienced this when they’ve attempted to send a message with no service. The message gets caught in a loop and those users are then unable to send or receive with iMessage even when their phone is otherwise back to normal. Many of their sent messages are even marked ‘delivered’ but other users don’t receive them. Fortunately, the fix is fairly simple. Either delete the entire message thread containing the message sent without service by swiping left, or delete just the individual message.

  • Messages Won’t Send

Soemtimes it doesn’t take a loss of service for iMessage to break. There are times when users report being unable to send messages even when there’s been no problems with their network. The first step is to check if Apple has reported any problems on their end. The reality is that iMessage goes down from time to time. If there’s no reported downtime, try turning off iMessage then turning it back on. Then, enable the ‘Send as SMS’ option in the Messages Settings menu. If neither of these allow you to send messages, try resetting your network under the General Settings menu.

If you’re having problems with your Apple device that you can’t fix yourself, call Geek Rescue at 918-369-4335.

Internet Explorer Tops In Malware Blocking Test

April 3rd, 2014

Internet Explorer logo

Not all malware finds its way onto your computer in the same way. Some relies on tricking users into downloading malicious files disguised as something else. This is often referred to as socially engineered malware. The key to for protecting yourself is avoiding downloading it in the first place. As Antone Gonsalves reports at Network World, Internet Explorer users are at a distinct advantage in that sense.

NSS Labs recently tested the four most popular web browsers against common forms of socially engineered malware stemming from links found in an email, instant messages and other vehicles. Email attachments were excluded from this test. In those tests, IE was found to block 99.9-percent of malware.

The success of Microsoft’s browser is being attributed to a combination of “application reputation technology and URL filtering”. The next best browser, Google Chrome, was able to block only about 70-percent of malware. Mozilla Firefox and Apple Safari each failed to block more than 95-percent of the malware used in the test.

Application reputation technology is able to scan downloads for recognizable characteristics commonly found in malware. Chrome relies heavily on it to protect users, but Firefox and Safari use it at all.

In a previous test, Chrome performed better and blocked more than 83-percent of tested malware. Where IE relies more on URL filtering than application reputation, Chrome does the opposite. One potential reason for the drop in performance is a change in how strict the application reputation system is. Another possible reason is that attackers have been able to devise tactics that avoid detection.

While IE offers more initial security for this type of malware, your browser shouldn’t be your sole security tool. It’s advisable to have antivirus software and firewalls in place, working in tandem with your browser and other tools.

If your computer is infected with malware, or you’d like to explore better options for security, call Geek Rescue at 918-369-4335.

This Exploit Allows For iCloud Accounts To Be Deleted From Stolen iPhones

April 3rd, 2014

iPhone

The “Find My iPhone” feature is a valuable security tool and the last hope for users who have had their smartphone stolen or have lost it. Previously, reports surfaced pointing to vulnerabilities in Apple’s “Lost Mode”, which allows users of iPhones, iPods and Macs to lock their device remotely. As Ashley Feinberg reports for Gizmodo, a security flaw has also been found in “Find My iPhone”, which allows strangers to completely unlock a stolen device.

“Find My iPhone” allows users to log in to their iTunes account and find the location of their smartphone as long as the device is still turned on. Not only does this help users recover lost phones, but it also ensures that criminals can’t steal and sell iPhones. As long as the original user’s iCloud account information is still on the device, it can be tracked down.

Erasing the iCloud account requires an Apple ID password. While breaking that password is possible, it would usually require a minimum of a few hours to do so, which would provide the rightful owner plenty of time to find their missing device.

A video recently posted to YouTube, however, demonstrates how criminals can by-pass the need for a user’s Apple ID password and delete their iCloud account. Doing so doesn’t even require a great deal of technical expertise. All that’s needed is for the “Delete Account” button to be pressed at the same time as the “Find My iPhone” switch from the iCloud settings menu. That brings up the password prompt and the delete window at the same time, which freezes the device.

From there, after restarting the device, you’ll find that you’re able to delete the iCloud account without a password and have free reign.

While no fix for this issue exists yet, Apple has likely been working on one since this exploit was made public. Users who have a PIN in place to lock their iPhone are already partially protected from this bug. Even if their device is stolen, the PIN has to be broken before anyone would even have access to this exploit.

While Geek Rescue can’t find your missing smartphone, we do fix it when it breaks. For any issues with your device, call us at 918-369-4335.

Four New Additions With iOS 7.1

March 12th, 2014

iPhone and iPad

In September, Apple released iOS 7. Since then, users have been waiting for the next update that would fix bugs and introduce new features. There have been plenty of stories predicting what the update would contain, but no one could know for certain. This week, iOS 7.1 was officially released and in just a couple of days, adoption is already close to 10-percent for eligible devices. Eric Zeman of Information Week reports on the iOS update and what’s new for iPhone, iPad and iPod Touch users.

  • Major Bug Fix

Many users complained that their device reset unexpectedly after updating to iOS 7. This soft reset wouldn’t delete any apps or saved data, but would interrupt whatever activity the user was currently engaged in. One of the primary goals of the update to 7.1 was to fix this annoying bug. So far, users are reporting that the reset problem has been solved.

  • Siri Upgrades

Apple’s virtual personal assistant received an upgrade in iOS 7.1. While Siri will still actively listen for voice commands, there’s an added option of manually control when Siri needs to pay attention. Users can hold the Home button down while they give a command and release it when they finish directing Siri. There are also a number of new voice options for Siri in a variety of languages.

  • iTunes Radio

Apple is still excited about the possibilities of iTunes Radio and continues to roll out new features for it. In iOS 7.1, users are able to make purchases easier from their mobile devices. Previously, users can now purchase music directly from the “Now Playing” screen in iTunes Radio and even buy entire albums. Users are also able to subscribe to iTunes Match directly from their iPhone or iPad. The search function for iTunes Radio was also tweaked to make it easier for users to access it quickly.

  • CarPlay

Perhaps the most anticipated addition included in iOS 7.1 allows iPhone and iPad users to integrate their devices with their cars. Before you get too excited, know that cars that support CarPlay aren’t even on the market yet. Some upcoming 2015 models are expected to include that feature. In the meantime, Apple’s devices are already ready to go. Users with CarPlay will be able to use Siri, navigation, messaging and access their music.

As always, it’s recommended that you back-up your device before installing a significant update like this one. Downloading and installing iOS 7.1 reportedly takes about 10-minutes over a WiFi connection.

If your device has issues that an update won’t fix, bring it to Geek Rescue or call us at 918-369-4335.

Four Potential Security Flaws In Apple’s OS X

March 10th, 2014

Macs

Recently, Apple has been making headlines for the wrong reasons. Multiple security flaws have been reported that affect users of both iPhones and iPads and Macs. While in the past, a lower number of targeted attacks made Apple’s operating systems safer environments than Microsoft’s Windows these reports suggest that Apple doesn’t necessarily have a more secure operating system. At Network World, Bob Violino takes a closer look at OS X, the operating system used on Macs, to expose the potential security flaws within.

  • No Long-Term Support

How often an operating system is patched and updated often makes the difference in keeping attacks at bay. Unfortunately for Apple device users, support is usually only given to the current operating system and the previous version. This leaves a number of users with older machines in the lurch. Currently, users of OS X Snow Leopard from 2009 are already missing out on some updates and the critical security patches they are given access to come slowly. This is in contrast to Windows users who typically enjoy support for much longer. Windows is ending support for XP users this April after nearly 13 years.

  • No Security Guide

Many users aren’t certain about how to properly secure their computer. Even more advanced users may not be aware of points where they are most vulnerable. To help users protect themselves, security configuration guides from the manufacturer are extremely helpful. Unfortunately, no recent version of OS X has been provided with a configuration guide from Apple. This leaves users in the dark about proper security and leads to many believing they’re more secure than they actually are.

  • Slow To Update

As mentioned in the first section, updates are key in protecting users from attacks. Apple has been slow to update OS X, however, especially concerning its open source components. Slow updates mean that users could be vulnerable to a known exploit. Even if it doesn’t affect security, compatibility and other issues aren’t being fixed in a timely manner.

  • Easy To By-Pass Passwords

OS X includes a feature that’s designed to make working with your Mac more convenient. Any attached disk that includes an installed version of OS X can be used to boot the machine. Unfortunately, this allows someone to by-pass the password required to log-in on your machine by booting from an attached disk. This only comes into play if your laptop or computer are stolen, but it still a concern.

This isn’t a exhaustive list of potential security issues with OS X, but it illustrates that there’s additional security required for most users.

If you’re having problems with your Mac, bring it to Geek Rescue for a fix. If you’d like to explore security options to protect yourself from future attacks, call us at 918-369-4335.

The Vulnerability Of Apple’s ‘Lost Mode’

March 4th, 2014

Holding iPhone

Many iPhone, iPad and Mac users rely on the ‘Lost Mode’ feature to keep their device safe in the event that it’s misplaced or stolen and to be able to find it. ‘Lost Mode’ contains a security vulnerability, however, that a recent open-source hacking project is able to exploit to access the device and all of the data stored there. Paul Ducklin of Naked Security delves into the details.

‘Lost Mode’ is able to be activated by users of Apple devices when they log in to iCloud on another device. If your device is on, you can see approximately where it’s located. You can also tell the device to reboot, which will result in the device locking upon restart and requiring a four-digit code to access it. That code, also known as a “system lock PIN”, is chosen by the user when ‘Lost Mode’ is activated.

The idea is that if your device has been stolen or found by someone else, that person won’t be able to steal your information or even use or sell your device because of the lock. The recently released “iCloud Hacker” project demonstrates why the system lock isn’t as secure as it seems.

“iCloud Hacker” isn’t overly complicated in its attack. Since it knows that a 4-digit PIN is required, it simply tries every combination of numbers until it finds the right one. This would be possible for any human to perform also, but incredibly tedious. Apple devices don’t lock or shutdown after a certain number of failed log-in attempts, but after six failed attempts, a user must wait 5-minutes before trying again. This delay means that it could take weeks for a human to break into a device.

With “iCloud Hacker”, the human element is eliminated and codes are tirelessly inputted until one is successful. It also works around the 5-minute wait time by rebooting the device after six attempts.

Many are calling for Apple to improve security associated with ‘Lost Mode’, but there’s actually a fundamental security problem contained in any lost device. An intelligent criminal doesn’t even need to break the lock on your device. Instead, they only need to remove the hard drive and put it into another device. There, they can read and copy everything on it.

This prevents a criminal from using your device themselves or selling it to someone else, but your data and information is still very much at risk. Especially dangerous is the possibility that your hard drive is copied, returned to your device and your device is returned to you. With the lock still in place, many users will believe that their device and data are safe, when in actuality a criminal has all of their data.

Whether you’re using ‘Lost Mode’ or not, it’s important to encrypt your stored data. On your Mac, enable ‘Full Disk Encrpytion’ and you’ll add an extra layer of protection. There’ll be another password required to use your device and you’ll be given a 24-character recovery key in case you forget your password.

If you’d like to improve the security on any of your devices, or your device is in need of repairs, call Geek Rescue at 918-369-4335.