[Njtechdiv] iDevice safety, beware hacking
Mario Brusco
mrb620 at hotmail.com
Tue Dec 20 01:36:39 UTC 2016
just passing some info to inform those who use mobile devices. I think
the following would apply to any mobile device, not just iThings.
Rita Howells's iDevice Advice for December 19, 2016: beware Hacking
lurks in Wi-Fi, plugs and ports
If you rent a car, its onboard infoTainment system may offer to pair
with your iPhone and you might Not want to pushed the "yes" button. Such
convenient connections can be a trap for travelers, experts warn. The
Federal Trade Commission recently sounded the alarm on smartphones
interfacing with the onboard computers of rental cars, saying it could
expose your personal information to future renters, employees or even
hackers. There are other sources of danger for your data, including
those charging stations at the airport and, of course, those "free"
Internet hot spots in your hotel lobby."Smart systems installed in
vehicles provide a new way for hackers to steal information or install
dangerous software on your phone. A malicious application could
theoretically be installed that would automatically tamper with any
mobile devices that were connected to the vehicle. Cars are essentially
computers on wheels. Consider the Ford F-150, whose onboard computer
system has 150 million lines of code. That's more programming than a
Boeing 787, which has 7 million lines of code.
You may be prompted to 'trust this computer' when plugging in your
phone. It is best not to trust it.
What else shouldn't you trust? The "free" USB charging station at the
airport. Plug in your phone or tablet and an infected station can take
over your device via something called "juice jacking. Physical access to
your iPhone port can be one of the most high-value avenues to exploit
any weakness or vulnerability the device has. Charging stations are
nothing more than potential data-harvesting points. You should be wary
of "free" wireless networks at hotels and airports. There is significant
risk with using Wi-Fi at airports, hotels and cafes to access the
Internet. The risk is from poor authentication procedures and
unencrypted networks, which can expose your username and password to
hackers on the network. Do not use public Wi-Fi. Do not configure Wi-Fi
networks or Bluetooth to automatically connect to your device.
If your data have been compromised in any way while you've traveled,
this could be why, but you'll probably never know. There is something
all of these threats have in common. They're all "free. The infoTainment
system is part of the car. The recharging station is complimentary. And
the lobby Wi-Fi is almost always free.
How to practice safe connecting:
Use a virtual private network (VPN). A VPN creates a secure, encrypted
tunnel between your device and a server somewhere on the Internet. That
makes it nearly impossible for someone on the same network to eavesdrop
on your network traffic.
Tell your phone to say "no. Disable location services, Bluetooth and
Wi-Fi when possible. Also, think about the permissions associated with
third-party apps, which may have access to your microphone, camera and
contacts.
Use caution in cars. When renting a car, either manually enter the
address into the car's navigation system or use your own device, but
don't connect to the infotainment system.
Do not connect your phone through the USB outlet connection in a rental
car: Use the cigarette lighter, which only charges your device without
grabbing data.
Note, you could also use a charging device such as a portable power pack.
More information about the NJTechDiv
mailing list