KRACK

A devastating flaw in Wi-Fi’s WPA security protocol makes it possible for attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK, the issue affects the Wi-Fi protocol itself—not specific products or implementations—and works against all modern protected Wi-Fi networks. Which means that if your device uses Wi-Fi, KRACK likely impacts it.

Read on for what you need to know about the KRACK Wi-Fi vulnerability, from how it works to how to best protect yourself against it.

 

How does KRACK break Wi-Fi security?

KRACK (short for Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wi-Fi security encryption can be broken.

 

What devices are affected by KRACK?

If your device uses Wi-Fi, it’s likely vulnerable to the KRACK Wi-Fi security flaw to some degree, though some get it worse than others.

 

What happens when Wi-Fi security is broken?

For starters, the attacker can eavesdrop on all traffic you send over the network. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.

 

How to protect yourself from KRACK’s Wi-Fi flaw

Keep your devices up to date! Given the potential reach of KRACK, expect new patches to come quickly from major hardware and operating system vendors. Microsoft says a security patch is already incoming for Windows PCs.

Until those updates appear, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.

If you need to use a public Wi-Fi hotspot—even one that’s password protected—stick to websites that use HTTPS encryption. Secure websites are still secure even with Wi-Fi security broken. The URLs of encrypted websites will start with “HTTPS,” while unsecured websites are prefaced by “HTTP.”

And again, keep your security software up to date to protect against potential code injected malware.

Device and router Wi-Fi security FAQ

 

Is my phone at risk?

KRACK is a different sort of attack than previous exploits, in that it doesn’t go after devices, it goes after the information you use them to send. So while the data stored on your phone is safe from hacking, whenever you use it to send a credit card number, password, email, or message over Wi-Fi, that data could be stolen.

 

So my router is vulnerable?

That’s closer, but still not totally accurate. It’s not the device that’s at risk, it’s the information, so the sites you visit that aren’t HTTPS are most vulnerable.

 

Oh, so I should change my Wi-Fi password then?

Well, you can, but it’s not going to stop the likelihood of attack. The exploit targets information that should have been encrypted by your router, so the attacker doesn’t need to crack your password to implement it. In fact, it has no bearing on the attack whatsoever.

 

So all devices are at risk?

Now you’re getting it. However, while any device that sends and receives data over Wi-Fi is at risk, the researchers who uncovered the attack said Android devices were more at risk than other mobile phones.

 

Great, I have an Android phone. But I’m running Nougat so I’m safe, right?

Unfortunately, no. Newer phones running Android 6.0 or later are actually more at risk since there is an existing vulnerability in the code that compounds the issue and makes it easier to “intercept and manipulate traffic.”

 

So is my iPhone safe?

Safer than Android, but still not entirely safe.

 

What about my Mac?

The researchers who found the bug initially had a harder time cracking macOS, but subsequent attacks were easier to implement.

 

And Windows PCs too?

Yup, same deal, but Microsoft said in a statement that it has a security update to address this issue is incoming.

 

I run Linux. I’m impenetrable to attack, right?

Not quite. Researchers actually found that Linux machines were the most vulnerable desktop devices, with a similar bug to the one found in the Android code.

 

So should I turn off Wi-Fi?

That’s probably not a viable option for most people, but if you’re completely panic-stricken, then the only way to be completely safe is to avoid using Wi-Fi until you know your router has been patched.

 

OK, I’m not doing that. What else can I do?

Right now, all you can do is wait. Google has already confirmed that it is aware of the issue and will be distributing a patch, and Apple and Microsoft will presumably do the same, as well as Linux purveyors. So keep checking for updates and install them when they arrive.

 

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Advertisements

The Best Location For Your Home Router To Get The Best WiFi Signal

Your Wi-Fi signal strength begins to drop the farther away from the router you are. If your router is in the front of your house and your bedroom is in the back, you may be accustomed to slow internet speeds. The severity of the slow-down depends on quite a few things: your home’s construction, your router’s location, what router you are using, your internet provider, etc. Regardless of the other issues, where you put your router really can make a big difference.

Keep it central

Location, location, location! Location is key. Try to find the most central place in your home for your router. It is worth buying some longer cables and running the wire to the most central location that you can in your home.

Consider even mounting the router on a wall or in a corner by the ceiling if you have two floors (radio waves generally spread out and towards the ground, not up). Think about putting your router on the second floor if you have one.

Router antennas broadcast in all directions, so if you place your router next to a wall adjacent to your neighbor’s apartment, they’re getting that slice of your signal.

Avoid impenetrable obstructions

Radio waves certainly travel through walls, but the thicker the wall, the weaker the signal will be on the other side. If your home is fortified with brick or concrete walls, the signal is going to be absorbed by the wall and lose significant strength when traveling through it. Same goes for water, like a big fish tank, which can cause a lot of resistance for your signal. Metal and mirrors are also your enemy because those materials actually reflect radio waves, so putting the router behind a TV or in a bathroom is ill advised.

Avoid the kitchen

When it comes to battling any potential buffering of your Wi-Fi signal, the microwave is not your friend. Microwaves and WiFi routers operate using the same frequency. Additionally, metal objects will absorb a signal, and with a metal fridge, stove, and other kitchen appliances. It’s best to just keep the router out of the kitchen.

Play with the antenna

All the magic happens with the antenna. It’s the part of the router that’s broadcasting and receiving your WiFi connection. Antennas usually can move side to side or sometimes pivot full-circle in their socket. Play around with directing the antennas to increase the signal strength.

Last tip: ALWAYS password protect your WiFi.

For more information, or for assistance with your WiFi, contact TeCHS! We are fast, affordable, and friendly. Serving all of Ventura County.

(800) 669-2022 | http://www.ezdigitallife.com

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Ransomware

 

As you may have heard, a new and major ransomware attack was unleashed worldwide back in May of this year (2017), named WANNACRY. This one infected at least 75,000 computers in 99 countries in a very short amount of time. The ransomware locked computers and networks using file encryption software, and demanded payment by Bitcoin (a non-traceable crypto-currency) to release the data.

 

These types of attacks typically enter a computer through a “phishing email” and then spreads to other machines on the same network by exploiting vulnerabilities, including vulnerabilities in the computer’s operating system (although Microsoft did discover the vulnerability and released a patch, many computer users do not regularly update their operating systems and may have missed the critical repair).

 

What can you do to prevent ransomware on your own computer?

Here are a few tips:

  • Don’t click on links from unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, DELETE IT! Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
  • Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
  • Use strong authentication, requiring more than a username and password to access accounts, especially critical networks, to prevent access through stolen or hacked credentials.
  • Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
  • Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.

 

For more information, or for a complete system checkup, contact TeCHS!

We are fast, affordable, and friendly. Serving all of Ventura County.

(800) 669-2022 | http://www.ezdigitallife.com

 

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Safeguarding Yourself From Scams – Don’t become a victim! Part 2: What You Can Do To Safeguard Your Information

Safeguarding Yourself From Scams – Don’t become a victim!

Part 2: What You Can Do To Safeguard Your Information

Online Security Protection Internet Safety Guard Lock Concept

1.) Don’t share your passwords, credit card numbers, social security numbers or any other pertinent information with anyone.

2.) Don’t write your passwords down anywhere someone could stumble upon them. It’s best if you don’t keep written records of your passwords, but with the amount of passwords people need now, it’s getting a bit more complicated to keep track of them all without writing them down.

3.) Keep your computer’s spyware and antivirus software up to date and scan your computer regularly.

4.) Make sure you have firewalls up and running at all times. Whether it’s the built-in Windows firewall, your router’s firewall or a 3rd party firewall software; or all of them in combination if you really want to make sure they are working.

5.) Always be wary of emails asking for your personal or financial information. Don’t click on links or open emails that seem suspicious to you at all. Even one simple click can open your computer up to a criminal – installing malicious software and stealing your information. Never click on links in emails or links on web sites that you don’t know or don’t trust. If you get an email from “your bank” saying you need to log into your account right away for any reason, but you aren’t sure the email is actually coming from your bank then don’t click on any links in that email. Open a new internet browser, type in the URL yourself and then log in to your account and make sure everything is as it should be. If a link doesn’t feel right, don’t click it.

6.) Keep an eye on your assets and your credit and check on everything on a regular basis. Make sure to report any odd or suspicious activity immediately. Switch over to paperless billing and statements. Pretty much everyone now-a-days offers paperless statements… banks, credit cards, house-hold billing companies. Having them all delivered to your email inbox instead of your physical address saves paper, postage and also eliminates the possibility of someone stealing your mail.

7.) Never write your full account numbers on your checks when you pay your bills, especially when paying credit card bills, just write in the last four digits of your account number.

8.) Always shred documents you do not need, don’t just throw them in the trash. Criminals do sift through your trash looking for pertinent documents.

9.) Don’t broadcast that you are leaving town, or that you are out of town, on social networking sites. That is sort of like putting up a flashing neon sign over your house that says “no one is home and no one will be home for a while, so come on in and take what you want.” Wait until you return home from your trip to talk about it.

 

If Your ID Is Stolen:
Immediately file a fraud alert on your credit report by calling Equifax (888-766-0008), TransUnion (800-680-7289) or Experian (888-397-3742). After you have filed your report, call the issuers of any credit cards that may have been affected.

 

Basically the gist of everything I’ve written is: be careful with the personal information that you give out.
We all do a lot of shopping online which means we are all typing our credit card numbers into lots of different company websites. Make sure the company you purchase from is reputable. If something seems too good to be true, it is. There is nothing free in life. Massive discounts on normally very expensive items from shady online stores are more often than not going to cost you a lot more than you think.

 

A Few Tips For Kids:

staying_safe_online_large

 

Do you need any assistance? Want a professional to check your computer security? Contact TeCHS today!

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter YouTUBE

Safeguarding Yourself From Scams – Don’t become a victim! Part 1: Common Techniques

Safeguarding Yourself From Scams – Don’t become a victim! Part 1: Common Techniques

scam-alert1
1.) Phishing : Phishing e-mails mimicking online businesses or banks in an attempt to fool people into freely giving out confidential personal and financial information. URL Obfuscation is the part of the phishing scam that really plays on human error and our brain’s ability to “fill in the gaps” automatically by sending a victim to a fraudulent web site address that looks almost exactly like a real address (i.e. http://www.pay-pal.com versus http://www.paypal.com).

2.) Pharming : Pharming is another form of phishing that “poisons” a person’s computer’s DNS cache and redirects visitors from a real web site to a bogus mirror site. Every web site has its own internet address and the Domain Name System (DNS) translates the IP address into the host name. A DNS cache poisoning changes the entries in the computer so when the legitimate site is typed in, the victim is sent to a fraudulent web page instead.

3.) Trojan Horse : Trojan Horses are malicious software files that infiltrate your PC by hiding in seemingly innocuous files. Some Trojans, called “keystroke loggers,” record every one of a person’s keystrokes and send that information back to the attacker.

4.) Trojan : Zombie Computers and Man-In-The-Middle Attacks are part Trojan and the malicious software that is installed on the victim’s computer allows that person’s PC to be controlled remotely by their attacker without their knowledge. The Man-In-The-Middle attack is frequently partnered with an “Evil Twin” which is a fake wireless internet hot spot connection that looks almost like a legitimate service. When the victim attempts to connect, the criminal launches a transaction to get the victim’s credit card information in the form of a standard pay-for-access deal to use the wireless internet.

5.) Cashier’s Check Scams : There are numerous ways to use cashier’s checks in scams. Here are a few of the most common –

Money mule: you receive payments, and you’re supposed to deposit the payments to your account and forward the money to somebody else. Often advertised as a work-at-home check processing job, these schemes are often problematic. In some cases, you’re laundering money for criminals. In other cases, the first few payments are fine, but eventually you’ll get a fake check (after they’ve gained your trust) and you’ll lose money.

Foreign wealth scams: somebody you don’t know reaches out to you and asks for your help transferring a large sum of money out of a corrupt nation. In exchange, you can keep a tiny fraction of the transfer, which is more than you make in a year. Of course, you’ll have to send money to somebody to complete the transfer (which will never arrive).

Inheritance and lottery scams: you’re about to receive a lot of money, but you’ll need to pay a small amount for taxes or legal fees to “release” the funds. It’s a small price to pay for the riches that are headed your way. Of course, they’ll never materialize.

Property rental scam: somebody is moving to your area for a new job. They’d like to pay the first and last month of rent (and security deposit) with a cashier’s check before they ever see the property. The day after you deposit the check, they say there was an issue with the job – they’re not coming, so they don’t need the rental. You can keep the security deposit, but they’d like for you to return some of the rent. After you send the refund, you’ll find that the check was a fake.

Part 2 (JULY) will go over a few tips to protect yourself.

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter YouTUBE

How Smart Is Your Car?

There’s something to be said about classic cars – they may be gas guzzlers but at least they are safe from hackers! Hackers and motor vehicles? What the heck am I talking about?

I’m talking about the problems with the gradual shift over to wireless car networks. I have written articles in the past on the future of our roadways – connecting every car in a virtual net that, in theory, will safely guide us to our destinations. New cars today come equipped with systems like OnStar that wirelessly connects your vehicle to their network… and by “connects your vehicle” I mean everything… they know where the vehicle is at all times and can even shut the car down – all with a click of a button.

cartoon-car

So with all of that in mind… what will happen when someone has the ability to hack into your motor vehicle while you are sitting in the driver’s seat?

Under the hood of today’s fancy new cars are no longer just simple mechanical devices, there are now small but powerful computers in there too. These computer systems are all linked together to control and coordinate vehicle functions. While all of the advances have increased the efficiency of the new vehicles and the safety of its passengers, it has also created quite a few potential risks.

Every car is now federally mandated to have an on-board diagnostics port which provides direct access to all of the vehicle’s internal networks. User-added after-market upgrades create even more potential attack points (audio devices, Bluetooth devices, other wireless devices) since they also attach directly to the vehicle’s internal network and communicate with other networks totally unsecured.

An independent study was done a couple of years ago by a large group of curious people where it was proven that it wasn’t all that difficult to hack into and take over someone’s motor vehicle. Remotely someone can honk the horn, pop the trunk, turn on the windshield wipers and display messages on the dashboard along with activating loud sounds through the stereo system. Someone can lock a single brake and can even disable your entire braking system which would not reengage no matter how hard you stepped on the pedal.

What are your thoughts on smart cars?

What features would you like to see put in?

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Third-Party Chargers Are Not Worth The Price

Third-party chargers for your smartphones and tablets seem like a good idea… but the majority of them are simply not safe.

dont-buy-shady-cheap-chargers-unless-you-want-your-iphone-to-explode

The knock-off chargers are usually not insulated well enough to protect against electric shocks and most are not actually compliant with electrical safety standards. Using these cheap chargers can harm you (electric shock) and can start fires if they spark. Always be on the lookout for tell-tale signs of counterfeiting such as mistakes in brand names or logos, and check plugs for safety marks. Our suggestion = pay the larger price tag and make sure your chargers are originals from the manufacturer of your devices.

cell-phone-exploded2

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

2017 | Happy New Year!

We hope that 2017 brings you and your family joy, prosperity, love, and peace.

Champagne

Fireworks

HappyNewYear

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page  Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

3D Modeling from Microsoft

Microsoft is bringing 3D to the masses through a modernized version of its Paint application (Paint 3D) for Windows 10 that will be available in the Windows 10 Creators Update. Anyone who would like to start creating and sharing in Paint 3D can do so by joining the Windows Insider Program — available for PC and Phone — the company said. Of course, this is an entry-level product without all of the bells and whistles (or power) of the established 3D modeling software on the market… but small programs of this nature are a great way to learn the basics of 3D modeling.

I cant wait to see more and more programs like this as 3D printers become more and more affordable for every home.

What are your thoughts?

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page  Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

  • TeCHS FB Page

  • Get Our Newsletter

    Want awesome tech tips & tricks sent directly to your inbox? Get our newsletter!

    Simply click the link below to signup.

    NEWSLETTER SIGNUP

  • Recent Posts

  • TeCHS on Twitter

  • Calendar

    December 2017
    M T W T F S S
    « Nov    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Archives

  • TeCHS Logo Ball
  • Pages

  • Connect with Your TeCHS

    Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

  • Enter your email address to follow this blog and receive notifications of new posts by email.

  • Follow ezdigitallife | TeCHS on WordPress.com
%d bloggers like this: