Apple Tracks You More Than You Think

source: wired.com  |  image: pexels.com

CYBERSECURITY STARTUP CORELLIUM offered or sold its software to spyware and hacking-tool creators in multiple repressive countries, a WIRED investigation revealed this week. A previously unreported 507-page document, believed to have been prepared by Apple, details how Corellium offered a trial of its products to the controversial spyware firm NSO Group, to a cybersecurity company with ties to the UAE government, and to a firm in China that also has government links. In response, Corellium, which makes phone-virtualization software that can help find security bugs in iOS and Android, published a blog post detailing how it now vets potential customers.

As millions of people across the US celebrated Thanksgiving and attended parades, we looked at the US shortage of bomb-sniffing dogs. Experts say the pandemic has led to a drop in the supply of dogs in the country—85 to 90 percent of them come from overseas—and that the lack of trainer animals is fueling national security concerns.

Apple’s privacy policy for analytics services on its devices, which gather data about how you use its products, claims the information collected isn’t used to identify you. However, a new analysis of the tools, reported by Gizmodo, claims a permanent ID number within the service is “tied to your full name, phone number, birth date, email address and more.” This ID number is sent to Apple alongside the analytics data about how you use your device, researchers from the software company Mysk told the publication. 

The findings appear to contradict the company’s privacy promises. Apple did not answer Gizmodo’s questions on the report. In recent years, Apple has pushed a pro-privacy stance, using it as an advantage over competitors, and it has run ads saying the data on people’s iPhones stays on their devices. However, experts have increasingly questioned some of Apple’s practices. (At the same time, Apple has been growing its advertising business.) In separate research published earlier in November, Mysk researchers claimed that Apple collects detailed information on people using its products through its own apps, even when they turn tracking off.

You Really Need a Password Manager.

Here’s How to Get Started

source: cnet.com  |  image: pixabay.com

 

Using a password manager is easy, and it’s one of the best ways to stay secure online.

It may seem like more trouble than it’s worth, but you really need to create a unique password for each of your online accounts. Each password should ideally be at least eight characters in length and consist of capital and lowercase letters, numbers and symbols. (Yes, using “password123” for everything isn’t going to cut it.) It may be tempting, but using one easy-to-remember code across all of your accounts can jeopardize your online security — and you definitely don’t want to make yourself an easy target for cybercriminals. In fact, recent research by cybersecurity firm Hive Systems has suggested that a weak password can be cracked instantly by a hacker.

Password managers are vital tools that can help you stay safe online and be more digitally secure by simplifying the process of using strong passwords. And they’re easier to use than you may think. Even so, 4 out of 5 American adults don’t use a password manager, according to a study from Security.org. 

Here’s why you need a password manager and how to set one up.

What is a password manager, and why do I need one?

A password manager is an online service that stores your passwords as well as other data like credit card numbers, bank account information and identification documents in a secure, encrypted environment. It takes one of the biggest potential vulnerabilities — weak or recycled passwords — and does the hard work for you.

Continue reading “You Really Need a Password Manager. Here’s How to Get Started”

The 3 Worst Spots to Put a Home Security Camera

source: cnet.com (contributed by FAN, Steve Page)  |  image: pixabay.com

 

Don’t compromise your home security: Put your home security cameras in the right places.

Security cameras are one of the simplest ways to deter would-be burglars and protect your home. With the help of a few well-placed cameras, you can easily keep a remote eye on most of your home and property. And with more affordable options on the market and improvements in wireless technology, it’s now possible for just about anyone to set up a wired or wireless security camera system that fits your home’s needs and budget. 

But it’s also possible to set up a home camera security systemthe wrong way. The last thing that you want to do is place a camera in a spot where it is rendered ineffective and find out too late that its footage is useless. This guide will steer you away from camera placements to avoid and help you establish a more effective home security camera system. For more on home security, check out the best security camera deals and how to keep your security cameras from being hacked

Ineffective spots

You might be tempted to point cameras at the spots around your home that are difficult to see. There is an intuitive reason for this: If you can’t see a location from your windows or doors, it feels possible that someone might be lurking there. You might think these hidden areas are a burglar’s preferred place to break and enter. 

Continue reading “The 3 Worst Spots to Put a Home Security Camera”

Airline Travel Hacks To Avoid Holiday Excursion Headaches

source: technewsworld.com  |  image:pixabay.com

 

For those of you who haven’t traveled lately, things have changed over the last couple of years. For example, most airlines don’t take cash anymore, and an increasing number don’t accept credit cards.

Airlines are almost all short-staffed, and at this time of year, there are a lot of mechanical delays and weather events. Depending on the airport, the ability to rebook a flight at the gate may no longer exist. Spending the night in an airport is no fun, and neither is missing a flight because you didn’t make it through security in time.

This week, I’ll share some tips on how to survive traveling over the holidays. We’ll close with my product of the week: my favorite suitcase, which is like a rolling dresser.

Plan for Extend Connection Times

Over the past two months, most of the flights I’ve been on have had a mechanical or airline delay. Generally, the delays have been just short of an hour, suggesting you want at least one hour between connecting flights if you don’t want to be stranded.

If you are taking a cruise and you have to fly to the port of departure, you might want to fly the day before so that any delay doesn’t keep you from meeting the boat. We had first-class tickets on our last flight on United to meet up for a cruise. Still, we were delayed at the departing airport for 30 minutes, then again at the arrival airport (San Francisco) for 30 minutes, which had us arriving at the gate three minutes after they closed it. They wouldn’t let us on the plane, arguing that we should have run faster.

As a result, we lost our direct flight to Florida, lost our first-class seats, and had to route through Chicago, which got us there late at night rather than mid-day. Fortunately, our cruise was the next day, or we’d have missed our departure and had to try to catch the ship at the next port, a very expensive workaround.

The more critical it is that you get to your destination on time, the more extra time you should schedule for transport. You should plan to arrive the day before for a wedding, funeral, family event, business meeting, or tour with a firm start time instead of cutting it close. Otherwise, there’s a good chance you’ll miss that critical event.

Take Advantage of Airline Apps

Download the airline app before you leave, and if it has the option to pre-load a credit card, do it. On my last trip, a couple from Australia in front of me couldn’t buy drinks or food because United no longer takes cash or credit cards on the plane. Instead, they pull the card data from the app.

Continue reading “Airline Travel Hacks To Avoid Holiday Excursion Headaches”

Listy is a simple, free way to catalog your favorite stuff

source: fastcompany.com  |  image: pexels.com

 

You can list your favorite albums, books, movies, TV shows, video games, sites, apps, wines, beers or social posts.

 

This article is republished with permission from Wonder Tools, a newsletter that helps you discover the most useful sites and appsSubscribe here.

Listy is a free and simple app for making lists of your favorite things. It automatically includes related images, like book or album covers, and you can create shareable visual lists with the free app on Mac, iOS, or Android. It’s a handy way to quickly share recommendations with friends.

You can list your favorite albums, books, movies, TV shows, video games, sites, apps, wines, beers, or social posts. Your list shows up with the appropriate cover art: Any book, album, TV show, or movie you list will be paired with its representative image, just as whatever wines or beers you list will include images of their bottles.

MAKING LISTS IS SIMPLE

  • To make a list you first pick a category—like books, movies, video games. Then you add items one by one. Unlike many other apps, you don’t have to register or log in to start using it.
  • When you start typing the name of something, Listy searches a database to find it. That item, along with its image and other basic info, is added to your list.
  • You can sort lists by title, genre, rating, data added, or other info, depending on the category.
  • For films, the app automatically adds the movie’s release date, description, and fan score, drawn from the Movie Database, a free, community-built platform that’s now used by 400,000 developers and companies. It also notes where the movie is available to watch online.

EDIT AND SHARE YOUR LISTS

  • Once you’ve added items, you can edit your list to change its order or to delete or update items. You can also mark items as watched, read, played, or tasted.
  • You can share any of your lists as an image, making it easy to post lists to your social network of choice. You can also text or email a list as an image.
  • You can make as many lists as you’d like, each with as many items on it as you want.
  • Lists can be backed up to iCloud so they stay in sync between your iPhone, iPad, and Mac.

LIMITATIONS

  • You can export lists as images or in Listy’s own proprietary file format, but you can’t open or edit the app’s lists in other text apps.
  • You can’t send someone a link to a list. You have to attach the list as an image.
  • You can’t yet collaborate on a list with others, though that feature is in the works. The company has been careful about privacy: Its site uses no cookies.
  • You can use Listy for to-do lists or lists of ideas, but it’s not designed primarily for that. Better to use other simple free alternatives like Apple’s Reminders or Google Tasks, or dedicated to-do apps like Things.
  • Listy has a limited number of categories. If you want to make a list of your favorite snacks, animals, cartoon characters, or other categories the app hasn’t added yet, you’re out of luck, though new categories are added monthly.

ALTERNATIVES

 

 

Smishing vs. Phishing: Understanding the Differences

 

source: proofpoint.com  |  image: pexels.com

 
What have smishing offenders learned from their phishing email counterparts?

Email-based credential theft remains by far the most common threat we encounter in our data. But SMS-based phishing (commonly known as smishing and including SMS, MMS, RCS, and other mobile messaging types) is a fast-growing counterpart to email phishing. In December 2021, we published an article exploring the ubiquity of email-based phish kits. These toolkits make it straightforward for anyone to set up a phishing operation with little more than a laptop and a credit card. Since then, we’ve tracked their evolution as they gain new functions, including the ability to bypass multifactor authentication.

In this blog post we’re going to look at smishing vs. phishing and what smishing offenders have learned from their email counterparts, as well as some significant differences that remain between the two threats.

Setting the (crime) scene

A modern email phishing setup can be as simple as one person with a computer and access to common cloud-hosted services. But for a smishing operation, the picture is somewhat different. While software smishing kits are available to buy on the dark web, accessing and abusing mobile networks requires a little more investment.

Continue reading “Smishing vs. Phishing: Understanding the Differences”

 

5 Ways to Make Your Passwords Instantly More Secure

 

source: cnet.com  |  image: pexels.com

 

If you think your passwords are uncrackable, think again.

Despite years of warnings, experts say most people are still using weak passwords to protect even their most sensitive information. Many people are reusing those insecure passwords to protect multiple accounts, putting more of their data at risk should any of the accounts be compromised.

“It’s the total account takeover scenario,” said John Buzzard, lead fraud and security analyst at Javelin Strategy & Research, referring to a cybercriminal cracking one password and then using it to access other accounts. “Consumers lose control over their entire digital lives.”

World Password Day, which takes place on Thursday, is a good time to review your digital security. Sure, it’s a totally made-up celebration that Intel created in 2013. But it’s still a good reminder to take a close look at your logins and make sure they check the required security boxes.

Continue reading “5 Ways to Make Your Passwords Instantly More Secure”

Text scams surge as robocalls decline, report finds

source: usatoday.com  |  image: unsplash.com

 

You may have noticed receiving fewer robocalls over the past year, but a new report finds scammers are increasingly using a new way to reach consumers: text messages.

A report from the Consumer Watchdog office of the nonprofit U.S. PIRG is urging the Federal Communications Commission to pass new rules against robotexts, including requiring phone companies to block illegal text scams.

“Illegal robocalls and robotexts likely will never go away,” an excerpt from the report reads. “But they’ll continue to plague us as long as enforcement is lax, phone companies don’t try harder and enough consumers fall for scams to make it worthwhile for thieves.”

Spam texts have surged over the past year, jumping from 1 billion sent per month in July 2021, to more than 12 billion as of June, according to RoboKiller, a service specializing in blocking unwanted calls and texts.

Last year, acting FCC Chairwoman Jessica Rosenworcel proposed new rules requiring wireless carriers to block illegal texts.

In a statement released last October, the agency said complaints about unwanted text messages in 2020 more than doubled from the year before. 

“We’ve seen a rise in scammers trying to take advantage of our trust of text messages by sending bogus robotexts that try to trick consumers to share sensitive information or click on malicious links,” Rosenworcel said in last year’s statement.

The top scam texts of last year involved bogus delivery messages claiming to represent Amazon, the U.S. Postal Service or other companies. The messages say an order can’t be delivered or will arrive tomorrow, with a malicious link consumers click, the watchdog report said.

Others included fake messages from banks and texts related to the COVID-19 pandemic.

Meanwhile, the number of robocalls has declined over the past year, in part because of FCC rules requiring the use of technology to better identify robocalls and efforts by the agency and states to go after robocallers. 

 

Actively Exploited Microsoft Office Security Flaw Has No Patch But Here’s A Workaround

source: hothardware.com  |  image: microsoft.com

 

Malware and virus threats are practically commonplace, even a daily occurrence for some users these days. Unfortunately for many users in the Microsoft ecosystem, leveraging popular Office applications is a common security attack vector for many of the ne’er-do-wells of the Internet.

In that regard, Microsoft‘s Security Response Center has issued guidance to help add preventative layers to a newly discovered critical vulnerability or error (CVE). Specifically labeled CVE-2022-30190 by Microsoft, the vulnerability does not use the previous vulnerable attack vector of macros. In fact, macros as an attack vector for malware has been mostly patched out in many recent versions of Office applications anyway.
Continue reading “Actively Exploited Microsoft Office Security Flaw Has No Patch But Here’s A Workaround”

A designer and a NASA scientist team up to fight a $244 billion problem that’s hiding in plain sight

source: fastcompany.com  |  image: pixabay.com

 

The debut project from Brooklyn-based Betterlab takes aim at a condition that affects a third of people worldwide.

 

earsightedness doesn’t sound that scary, but more and more people around the world are suffering from its clinical name: myopia. Because of myopia, China can’t find enough pilots, while the world is losing $244 billion in productivity a year, and that’s just the beginning: By 2050, more than half the world’s population is projected to have myopia—and as many as 10% of that group will go blind from the condition.

The problem was once primarily genetic, but new cases are increasingly attributed to kids getting too much screen time and too little sunlight for the eyes to develop properly. And while research has found that preventing myopia isn’t much more complicated than spending enough time outside, a new pair of glasses developed by designer Todd Bracher and a former NASA scientist aims to fix myopia without forcing anyone to change their behavior, take drugs, or wear special prismatic lenses. They were a finalist in our recent World Changing Ideas awards.

Continue reading “A designer and a NASA Scientist Fight a $244 Billion Problem”