[Njtechdiv] iDevice safety, beware hacking

[Mario Brusco]

just passing some info to inform those who use mobile devices. I think 
the following would apply to any mobile device, not just iThings.

Rita Howells's iDevice Advice for December 19, 2016:  beware Hacking 
lurks in Wi-Fi, plugs and ports

If you rent a car, its onboard infoTainment system may offer to pair 
with your iPhone and you might Not want to pushed the "yes" button. Such 
convenient connections can be a trap for travelers, experts warn. The 
Federal Trade Commission recently sounded the alarm on smartphones 
interfacing with the onboard computers of rental cars, saying it could 
expose your personal information to future renters, employees or even 
hackers. There are other sources of danger for your data, including 
those charging stations at the airport and, of course, those "free" 
Internet hot spots in your hotel lobby."Smart systems installed in 
vehicles provide a new way for hackers to steal information or install 
dangerous software on your phone. A malicious application could 
theoretically be installed that would automatically tamper with any 
mobile devices that were connected to the vehicle. Cars are essentially 
computers on wheels. Consider the Ford F-150, whose onboard computer 
system has 150 million lines of code. That's more programming than a 
Boeing 787, which has 7 million lines of code.
You may be prompted to 'trust this computer' when plugging in your 
phone. It is best not to trust it.

What else shouldn't you trust? The "free" USB charging station at the 
airport. Plug in your phone or tablet and an infected station can take 
over your device via something called "juice jacking. Physical access to 
your iPhone port can be one of the most high-value avenues to exploit 
any weakness or vulnerability the device has. Charging stations are 
nothing more than potential data-harvesting points. You should be wary 
of "free" wireless networks at hotels and airports. There is significant 
risk with using Wi-Fi at airports, hotels and cafes to access the 
Internet. The risk is from poor authentication procedures and 
unencrypted networks, which can expose your username and password to 
hackers on the network. Do not use public Wi-Fi. Do not configure Wi-Fi 
networks or Bluetooth to automatically connect to your device.
If your data have been compromised in any way while you've traveled, 
this could be why, but you'll probably never know. There is something 
all of these threats have in common. They're all "free. The infoTainment 
system is part of the car. The recharging station is complimentary. And 
the lobby Wi-Fi is almost always free.

How to practice safe connecting:

Use a virtual private network (VPN). A VPN creates a secure, encrypted 
tunnel between your device and a server somewhere on the Internet. That 
makes it nearly impossible for someone on the same network to eavesdrop 
on your network traffic.

Tell your phone to say "no. Disable location services, Bluetooth and 
Wi-Fi when possible. Also, think about the permissions associated with 
third-party apps, which may have access to your microphone, camera and 
contacts.

Use caution in cars. When renting a car, either manually enter the 
address into the car's navigation system or use your own device, but 
don't connect to the infotainment system.

Do not connect your phone through the USB outlet connection in a rental 
car:  Use the cigarette lighter, which only charges your device without 
grabbing data.

Note, you could also use a charging device such as a portable power pack.