KRACK

A devastating flaw in Wi-Fi’s WPA security protocol makes it possible for attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK, the issue affects the Wi-Fi protocol itself—not specific products or implementations—and works against all modern protected Wi-Fi networks. Which means that if your device uses Wi-Fi, KRACK likely impacts it.

Read on for what you need to know about the KRACK Wi-Fi vulnerability, from how it works to how to best protect yourself against it.

 

How does KRACK break Wi-Fi security?

KRACK (short for Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wi-Fi security encryption can be broken.

 

What devices are affected by KRACK?

If your device uses Wi-Fi, it’s likely vulnerable to the KRACK Wi-Fi security flaw to some degree, though some get it worse than others.

 

What happens when Wi-Fi security is broken?

For starters, the attacker can eavesdrop on all traffic you send over the network. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.

 

How to protect yourself from KRACK’s Wi-Fi flaw

Keep your devices up to date! Given the potential reach of KRACK, expect new patches to come quickly from major hardware and operating system vendors. Microsoft says a security patch is already incoming for Windows PCs.

Until those updates appear, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.

If you need to use a public Wi-Fi hotspot—even one that’s password protected—stick to websites that use HTTPS encryption. Secure websites are still secure even with Wi-Fi security broken. The URLs of encrypted websites will start with “HTTPS,” while unsecured websites are prefaced by “HTTP.”

And again, keep your security software up to date to protect against potential code injected malware.

Device and router Wi-Fi security FAQ

 

Is my phone at risk?

KRACK is a different sort of attack than previous exploits, in that it doesn’t go after devices, it goes after the information you use them to send. So while the data stored on your phone is safe from hacking, whenever you use it to send a credit card number, password, email, or message over Wi-Fi, that data could be stolen.

 

So my router is vulnerable?

That’s closer, but still not totally accurate. It’s not the device that’s at risk, it’s the information, so the sites you visit that aren’t HTTPS are most vulnerable.

 

Oh, so I should change my Wi-Fi password then?

Well, you can, but it’s not going to stop the likelihood of attack. The exploit targets information that should have been encrypted by your router, so the attacker doesn’t need to crack your password to implement it. In fact, it has no bearing on the attack whatsoever.

 

So all devices are at risk?

Now you’re getting it. However, while any device that sends and receives data over Wi-Fi is at risk, the researchers who uncovered the attack said Android devices were more at risk than other mobile phones.

 

Great, I have an Android phone. But I’m running Nougat so I’m safe, right?

Unfortunately, no. Newer phones running Android 6.0 or later are actually more at risk since there is an existing vulnerability in the code that compounds the issue and makes it easier to “intercept and manipulate traffic.”

 

So is my iPhone safe?

Safer than Android, but still not entirely safe.

 

What about my Mac?

The researchers who found the bug initially had a harder time cracking macOS, but subsequent attacks were easier to implement.

 

And Windows PCs too?

Yup, same deal, but Microsoft said in a statement that it has a security update to address this issue is incoming.

 

I run Linux. I’m impenetrable to attack, right?

Not quite. Researchers actually found that Linux machines were the most vulnerable desktop devices, with a similar bug to the one found in the Android code.

 

So should I turn off Wi-Fi?

That’s probably not a viable option for most people, but if you’re completely panic-stricken, then the only way to be completely safe is to avoid using Wi-Fi until you know your router has been patched.

 

OK, I’m not doing that. What else can I do?

Right now, all you can do is wait. Google has already confirmed that it is aware of the issue and will be distributing a patch, and Apple and Microsoft will presumably do the same, as well as Linux purveyors. So keep checking for updates and install them when they arrive.

 

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Advertisements

2017 | Happy Veterans Day!

veterans-day

Thank you for your service.

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Ransomware

 

As you may have heard, a new and major ransomware attack was unleashed worldwide back in May of this year (2017), named WANNACRY. This one infected at least 75,000 computers in 99 countries in a very short amount of time. The ransomware locked computers and networks using file encryption software, and demanded payment by Bitcoin (a non-traceable crypto-currency) to release the data.

 

These types of attacks typically enter a computer through a “phishing email” and then spreads to other machines on the same network by exploiting vulnerabilities, including vulnerabilities in the computer’s operating system (although Microsoft did discover the vulnerability and released a patch, many computer users do not regularly update their operating systems and may have missed the critical repair).

 

What can you do to prevent ransomware on your own computer?

Here are a few tips:

  • Don’t click on links from unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, DELETE IT! Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
  • Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
  • Use strong authentication, requiring more than a username and password to access accounts, especially critical networks, to prevent access through stolen or hacked credentials.
  • Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
  • Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.

 

For more information, or for a complete system checkup, contact TeCHS!

We are fast, affordable, and friendly. Serving all of Ventura County.

(800) 669-2022 | http://www.ezdigitallife.com

 

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Safeguarding Yourself From Scams – Don’t become a victim! Part 2: What You Can Do To Safeguard Your Information

Safeguarding Yourself From Scams – Don’t become a victim!

Part 2: What You Can Do To Safeguard Your Information

Online Security Protection Internet Safety Guard Lock Concept

1.) Don’t share your passwords, credit card numbers, social security numbers or any other pertinent information with anyone.

2.) Don’t write your passwords down anywhere someone could stumble upon them. It’s best if you don’t keep written records of your passwords, but with the amount of passwords people need now, it’s getting a bit more complicated to keep track of them all without writing them down.

3.) Keep your computer’s spyware and antivirus software up to date and scan your computer regularly.

4.) Make sure you have firewalls up and running at all times. Whether it’s the built-in Windows firewall, your router’s firewall or a 3rd party firewall software; or all of them in combination if you really want to make sure they are working.

5.) Always be wary of emails asking for your personal or financial information. Don’t click on links or open emails that seem suspicious to you at all. Even one simple click can open your computer up to a criminal – installing malicious software and stealing your information. Never click on links in emails or links on web sites that you don’t know or don’t trust. If you get an email from “your bank” saying you need to log into your account right away for any reason, but you aren’t sure the email is actually coming from your bank then don’t click on any links in that email. Open a new internet browser, type in the URL yourself and then log in to your account and make sure everything is as it should be. If a link doesn’t feel right, don’t click it.

6.) Keep an eye on your assets and your credit and check on everything on a regular basis. Make sure to report any odd or suspicious activity immediately. Switch over to paperless billing and statements. Pretty much everyone now-a-days offers paperless statements… banks, credit cards, house-hold billing companies. Having them all delivered to your email inbox instead of your physical address saves paper, postage and also eliminates the possibility of someone stealing your mail.

7.) Never write your full account numbers on your checks when you pay your bills, especially when paying credit card bills, just write in the last four digits of your account number.

8.) Always shred documents you do not need, don’t just throw them in the trash. Criminals do sift through your trash looking for pertinent documents.

9.) Don’t broadcast that you are leaving town, or that you are out of town, on social networking sites. That is sort of like putting up a flashing neon sign over your house that says “no one is home and no one will be home for a while, so come on in and take what you want.” Wait until you return home from your trip to talk about it.

 

If Your ID Is Stolen:
Immediately file a fraud alert on your credit report by calling Equifax (888-766-0008), TransUnion (800-680-7289) or Experian (888-397-3742). After you have filed your report, call the issuers of any credit cards that may have been affected.

 

Basically the gist of everything I’ve written is: be careful with the personal information that you give out.
We all do a lot of shopping online which means we are all typing our credit card numbers into lots of different company websites. Make sure the company you purchase from is reputable. If something seems too good to be true, it is. There is nothing free in life. Massive discounts on normally very expensive items from shady online stores are more often than not going to cost you a lot more than you think.

 

A Few Tips For Kids:

staying_safe_online_large

 

Do you need any assistance? Want a professional to check your computer security? Contact TeCHS today!

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter YouTUBE

2017 | Happy Father’s Day!

happyfathersday

My Handprints
My dirty little hand print
I’ve left on every wall
And on the drawers and table tops
I’ve really marked them all.
But here is one that won’t rub off,
I’m giving it to you…
Do you know why??
Well, I’m so thankful
to have a father like you.
– Anonymous

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Safeguarding Yourself From Scams – Don’t become a victim! Part 1: Common Techniques

Safeguarding Yourself From Scams – Don’t become a victim! Part 1: Common Techniques

scam-alert1
1.) Phishing : Phishing e-mails mimicking online businesses or banks in an attempt to fool people into freely giving out confidential personal and financial information. URL Obfuscation is the part of the phishing scam that really plays on human error and our brain’s ability to “fill in the gaps” automatically by sending a victim to a fraudulent web site address that looks almost exactly like a real address (i.e. http://www.pay-pal.com versus http://www.paypal.com).

2.) Pharming : Pharming is another form of phishing that “poisons” a person’s computer’s DNS cache and redirects visitors from a real web site to a bogus mirror site. Every web site has its own internet address and the Domain Name System (DNS) translates the IP address into the host name. A DNS cache poisoning changes the entries in the computer so when the legitimate site is typed in, the victim is sent to a fraudulent web page instead.

3.) Trojan Horse : Trojan Horses are malicious software files that infiltrate your PC by hiding in seemingly innocuous files. Some Trojans, called “keystroke loggers,” record every one of a person’s keystrokes and send that information back to the attacker.

4.) Trojan : Zombie Computers and Man-In-The-Middle Attacks are part Trojan and the malicious software that is installed on the victim’s computer allows that person’s PC to be controlled remotely by their attacker without their knowledge. The Man-In-The-Middle attack is frequently partnered with an “Evil Twin” which is a fake wireless internet hot spot connection that looks almost like a legitimate service. When the victim attempts to connect, the criminal launches a transaction to get the victim’s credit card information in the form of a standard pay-for-access deal to use the wireless internet.

5.) Cashier’s Check Scams : There are numerous ways to use cashier’s checks in scams. Here are a few of the most common –

Money mule: you receive payments, and you’re supposed to deposit the payments to your account and forward the money to somebody else. Often advertised as a work-at-home check processing job, these schemes are often problematic. In some cases, you’re laundering money for criminals. In other cases, the first few payments are fine, but eventually you’ll get a fake check (after they’ve gained your trust) and you’ll lose money.

Foreign wealth scams: somebody you don’t know reaches out to you and asks for your help transferring a large sum of money out of a corrupt nation. In exchange, you can keep a tiny fraction of the transfer, which is more than you make in a year. Of course, you’ll have to send money to somebody to complete the transfer (which will never arrive).

Inheritance and lottery scams: you’re about to receive a lot of money, but you’ll need to pay a small amount for taxes or legal fees to “release” the funds. It’s a small price to pay for the riches that are headed your way. Of course, they’ll never materialize.

Property rental scam: somebody is moving to your area for a new job. They’d like to pay the first and last month of rent (and security deposit) with a cashier’s check before they ever see the property. The day after you deposit the check, they say there was an issue with the job – they’re not coming, so they don’t need the rental. You can keep the security deposit, but they’d like for you to return some of the rent. After you send the refund, you’ll find that the check was a fake.

Part 2 (JULY) will go over a few tips to protect yourself.

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter YouTUBE

Third-Party Chargers Are Not Worth The Price

Third-party chargers for your smartphones and tablets seem like a good idea… but the majority of them are simply not safe.

dont-buy-shady-cheap-chargers-unless-you-want-your-iphone-to-explode

The knock-off chargers are usually not insulated well enough to protect against electric shocks and most are not actually compliant with electrical safety standards. Using these cheap chargers can harm you (electric shock) and can start fires if they spark. Always be on the lookout for tell-tale signs of counterfeiting such as mistakes in brand names or logos, and check plugs for safety marks. Our suggestion = pay the larger price tag and make sure your chargers are originals from the manufacturer of your devices.

cell-phone-exploded2

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

Want your CD or DVD collection made digital?

Want your CD or DVD collection made digital?
Want to have your movies / music on your tablet or cellphone?

Contact TeCHS today!

dvds

 

We will take your physical DVDs or CDs and make them into digital files so that you can take them with you wherever you go! No quantity is too small or too large – we am happy to do 1 or 1,000!

We output all DVDs as MP4 files and all CDs as MP3 or WMA files.

PRICE:

  • DVDs = $1.00 each
  • CDs = $0.50 each
  • +Plus the cost of a storage device (USB drive or external hard drive) if you do not have one.

 

Please note:

  1. We are not selling any movie or CD file that you do not supply a pre-purchased hard copy for.
  2. We do not have a library of movies or music to sell.
  3. We do not keep client movies or music after conversion.
  4. The time required to convert your library will depend on how many items you would like done. We can supply an estimated completion date once we know how many items you would like converted.
  5. The same goes for the external storage needed to get the digital files home to you. The more DVDs/CDs you would like converted = bigger storage we will need to transfer the files to. If you would like to purchase a storage device just for this project – simply let us know how many items you will be transferring and we can give you a good idea of how much storage you will need.
  6. If you do not have a storage device and do not wish to purchase one on your own, we can purchase one on your behalf and add it to your bill.

 

Please contact us with any questions!

We are located in Ventura and serve all of Ventura County.
Have a great day.

 

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

3D Modeling from Microsoft

Microsoft is bringing 3D to the masses through a modernized version of its Paint application (Paint 3D) for Windows 10 that will be available in the Windows 10 Creators Update. Anyone who would like to start creating and sharing in Paint 3D can do so by joining the Windows Insider Program — available for PC and Phone — the company said. Of course, this is an entry-level product without all of the bells and whistles (or power) of the established 3D modeling software on the market… but small programs of this nature are a great way to learn the basics of 3D modeling.

I cant wait to see more and more programs like this as 3D printers become more and more affordable for every home.

What are your thoughts?

~Your TeCHS

~~**~~**~~

Photobucket

Your Digital Life Simplified!

www.ezDigitalLife.com | (800) 669-2022

Facebook Page  Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

  • TeCHS FB Page

  • Get Our Newsletter

    Want awesome tech tips & tricks sent directly to your inbox? Get our newsletter!

    Simply click the link below to signup.

    NEWSLETTER SIGNUP

  • Recent Posts

  • TeCHS on Twitter

  • Calendar

    December 2017
    M T W T F S S
    « Nov    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Archives

  • TeCHS Logo Ball
  • Pages

  • Connect with Your TeCHS

    Facebook Page Google+ LinkedIN Pinterest Twitter TeCHS Blog YouTUBE

  • Enter your email address to follow this blog and receive notifications of new posts by email.

  • Follow ezdigitallife | TeCHS on WordPress.com
%d bloggers like this: