Archives For Tech

A couple of years ago, Julia got an email from a friend asking why she had emailed out a link to apparent spam. By the time a few more email replies from friends trickled in, Julia had figured out she was the victim of an email hack. After the initial wave of panic, she quickly changed her password on the account which, thankfully, she still had access to.

As it turns out, the hacker’s IP address came from Beijing, China. They had only used Julia’s account to send spam and did not appear to access any of her emails. Had they read her email, they would have had access to years worth of personal information, including credit card numbers, photos of our kids, private conversations–you name it. It was scary stuff and a reality check for us.

Photo Credit: mafate69 via Compfight cc

Photo Credit: mafate69 via Compfight cc

Since that hack on Julia’s account, I’ve seen posts on Facebook from friends who have had a similar experiences. Many of them marvel at why they were selected for an attack and how on earth the criminals guessed their password.

If this has happened to you, don’t beat yourself up, but you should know it is often the result of people being lax with their online security. You know not to leave your house key under the door mat because it’s the first place a criminal will look. Online security is the same way. It’s likely that criminals know the game better than you, and if you make it easy for them to exploit you, they will.

With that said, let me share three simple points to help you shore up your online security, lest you be the victim of a hack that exposes some of your most personal data to hackers with nefarious intent.

What Should You Do If You Are Hacked?

If you realize you’ve been hacked, step one is to log in to your account immediately and change your password. This will lock out anyone who had access using the hacked password.

Once you do that, it’s a debatable question of etiquette as to whether you email everyone again to let them know and/or apologize for the hack. My thought is to not bother with the second email. It should be obvious to most people that you were hacked and did not intent to send a link to such an incredible weight loss product/cheap v1agra/R0lex watch. People should know to avoid clicking on spammy links by now.

How Did The Hack Happen?

I don’t know what the actual percentage is, but according to my own sarcastic opinion, 99.99% of the time these account get hacked, it is due to one simple reason.

You are using the same username and password combination elsewhere on the web–quite possibly everywhere on the web.

This is how hackers were able to access Julia’s email account.

Look, I know you feel like you’ll never remember which whacky password went to which website, but you just have to stop using the same one for everything. It’s the digital version of the key under the door mat. Criminals are out there hoping you will do this. In fact, they depend on it.

Photo Credit: Christophe Verdier via Compfight cc

Photo Credit: Christophe Verdier via Compfight cc

Here’s how these hacks happen. Much like houses, some websites are more secure than others. Email providers like Gmail, for example, are locked up like Fort Knox. Other sites like that photo printing website where you made your Christmas cards or that free music service you listen to are less secure. Hackers can exploit weaknesses on these smaller sites to get them to cough up username and password combinations. And it’s not really all that hard for them to do, either.

Once they have those stolen username and password combos, they can try them on a myriad of larger, more secure sites like Gmail, Yahoo, Facebook, Amazon, etc. If you’ve used the same username/password combo all over the Internet, you’ve made it highly likely that these hackers will be successful accessing your secure accounts with the same username/password combos stolen from less secure sites.

How Can You Keep Your Accounts Secure?

If you use these four tips when creating a password, you will go a long way to keeping yourself safe online.

Have a unique password for every online account.

This single step will prevent the vast majority of hacks, but this alone is not enough. Your password also has to be robust, even complicated. I know it’s hard to remember random passwords, and that leads us to the next tip.

Use a phrase you can remember.

Think of a phrase like “the hills are alive with the sound of music,” abbreviate it, then use that as a starting point for your new password. Now you have “thaawtsom.” Make the phrase you use relevant to the website you are on so that it’s easier to remember. So this phrase about music might be the password phrase for Pandora or iTunes, for example.

Make passwords complicated.

Passwords should never be shorter than 8 characters, and longer passwords are even better. The more complicated they are, the more difficult they’ll be to crack.

Now, let’s take the phrase we used earlier and mix in a few upper and lowercase letters, like this tHaawtSoM. Now substitute a few letters with numbers: tH44wtS0M. Then add in at least one special character, like this: ¡tH44wtS0M! and now you have a password that is less random but very secure.

Photo Credit: Danny Nicholson via Compfight cc

Photo Credit: Danny Nicholson via Compfight cc

If all else fails, iCloud keychain is a new feature for Mac users in Mavericks and iOS7 that will suggest very complicated, random passwords for sites you visit. You only have to remember your iCloud password and Safari will remember the rest. It’s pretty handy and works well for me. LastPass and 1Password are similar paid alternatives that have been around even longer.

Never use obvious passwords.

If you are using passwords like “password” or “123456″ you are asking for trouble. You may be interested to see if your password is on the list of the 25 worst.

Don’t Gamble with Your Digital Security

You know not to leave the house without locking your doors, but many people take their security far less seriously. Ironically, a hack can do much more damage than a house break in. So do what you can to stay safe out there. Change your passwords today if you know they are not secure! The web is only going to be as safe as you make it.

Earlier this week, I wrote a post about the dangers of buying your kids iPads, iPhones, iPod Touches, and other Internet-connected devices. The main takeaway from that post was simple: unless you have a plan to aggressively monitor what people and content your kids and teens have access to on that device, then it’s probably going to be more of a liability for your child than anything else.

I wanted to create a follow up post to help parents understand how they can control access to content on devices they already own.

So What’s A Parent To Do?

When I was growing up, the ultimate cool-but-forbidden thing was to have a TV in your bedroom. My parents never allowed that for the simple reason that they didn’t want me to watch networks like MTV while I was alone. Instead, they preferred to monitor the content I put into my head.

Now, iDevices allow access to content that makes the MTV of the 80′s and 90′s look like the Disney Channel. Why would you leave your kid alone with an iDevice? Simple. You shouldn’t. But what if your child or teen already has an iPad, iPhone, or iPod Touch. What should you do? Here are a few tips.

Photo Credit: flickingerbrad via Compfight cc

Photo Credit: flickingerbrad via Compfight cc

Use the Built-In Parental Controls.

Go to Settings > General > Restrictions > Enable Restrictions. You’ll be asked to enter a passcode. Be smart and make it one that your child doesn’t know and cannot guess. Then, go through and lock down Safari. This will remove Safari from the device.

As an alternative to Safari, download and install Mobicip. You can read an older review I wrote for Mobicip here, but it’s what is known as a “safe browser.” It doesn’t prohibit all nefarious content, but it helps. It also won’t provide the same deeply integrated experience as Safari because Apple doesn’t allow users to choose their own default browser, but the experience is tolerable and worth the modest inconvenience.

Adjust for Allowed Content.

While you’re enabling Parental Controls, on the same screen, you can restrict the type of content that can be downloaded from iTunes and the App Store by adjusting the allowed ratings. Don’t forget to adjust Siri and turn off “explicit language.” It may also be a good idea to turn off “web search content,” lest Siri is told to fetch unsavory things.

Adjust Location Services.

You may also want to tweak location services. Apps are able (with your permission) to report the device’s geographic location. In some instances, this information is generalized to the nearest city or town. But in other instances, the phone can report your exact geographic location with accuracy down to within a few feet.

For example, did you know that photos taken from your iPhone are set by default to contain location information? It’s called geotagging, and that geotagged data travels embedded in the original photo wherever the photo is sent.

This picture I took in my office contains GPS metadata that is accurate, even down to the side of the house where my office is.

This picture I took in my office contains GPS metadata that is accurate, even down to the side of the house where my office is.

So as a real-world example, let’s say your child takes a photo and sends it to a friend or to a blog. As long as the original file is not altered, all the original metadata, including the GPS coordinates of where the photo was taken will travel along with the photo. Anyone can then view the metadata file embedded using a reader like this one to view all the info about that photo. If the GPS coordinates are included in that photo, it is possible to find out not only where your child lives, but the area of the house where the photo was taken.

Yes, it’s very creepy. By the way, your iPhone works the same way. So think about that the next time you snap that bedroom mirror selfie.

To be fair, many social media sites resize and resave the image, and the metadata, including the location, is stripped out. But original photos that are emailed or sent via SMS still contain that data.

Use OpenDNS On Your Home Router.

I don’t want to make this post too technical, so I will explain DNS (Domain Name Service) as simply as I can and to the best of my own understanding. In the early days of the telephone, a user had to first dial the operator and ask to be connected to the person they wanted to talk to. The operator’s job was to connect the call. DNS works similarly.

Photo Credit: MarkGregory007 via Compfight cc

DNS works kind of like an old school telephone operator. Photo Credit: MarkGregory007 via Compfight cc

To use another analogy, DNS is also like a taxi driver. You get in the taxi and say to the driver, “Take me to the airport, please.” It’s the driver’s job to translate that information to a physical address and take you there.

Simply put, DNS is kind of like that operator or taxi driver because DNS servers take the website name input from a user (like “haydenwreyford.com”) and then connect that user to the server address where that particular website lives.

By default, your internet service provider (Comcast, Charter, UVerse, etc) has DNS servers that connect you to websites. OpenDNS is a 3rd party service that provides their own DNS service as part of their FamilyShield parental controls. The community of users provide feedback on objectionable sites, which are then added to the black list.

As a result, Open DNS is able to block pornography, proxy servers, phishing sites and some malware. Essentially, its taxi drivers are smart enough to refuse to take you to certain places if the place is known to be shady. You can also whitelist and blacklist sites for your own account to further customize what content OpenDNS allows you to access.

OpenDNS offers premium features, but basic site blocking is free. You can sign up for it here. If you tell your home router to use OpenDNS servers, then any device connected to your home network will have the same filtering applied–even laptops and desktops, and even computers of guests. If it’s connected to your home router, it will be filtered. OpenDNS has a handy walk thru for adding filtering to your router or computer. Again, I strongly recommend doing it at the router level for the most protection.

NOTE: If you have a device with a data plan, like a 3G iPad or an iPhone, if it’s not connected to wifi, OpenDNS can’t filter those devices. Unfortunately, AT&T (my service provider) won’t allow users to select 3rd party DNS servers. So this is one way for kids to get around your protected home network. They can just turn wifi off and fall back to mobile data to browse unfiltered. This is where filtering apps like Mobicip come in handy and can pick up the slack.

Add Access Controls on Your Router.

In addition to setting up OpenDNS on your router, nearly all routers have access controls that allow you to set time-based limits for certain devices. So if your kid has a wifi iPad, but you only want him to use it between the hours of 5pm-8pm on weekdays and 10am-9pm on weekends, you can do that. Just set up your router to recognize that unique device ID and only allow access between the hours you set. This is a highly under-used feature.

You’ve heard it said that “nothing good happens after midnight.” If you believe that, then you can shut your entire home network down after midnight, if you want. So learn to use your router like a filtering tool.

Be A Parent.

Being a parent means making tough calls. It often means your kid won’t like your decision. Be their parent, not their friend. Supervise them. Be proactive. Get involved. Monitor them. If you wouldn’t let them run with scissors, then don’t buy them an iDevice that they can use away from your supervision.

Photo Credit: Joe Shlabotnik via Compfight cc

Photo Credit: Joe Shlabotnik via Compfight cc

I want to help parents to understand what these advanced devices are capable of. Many parents just simply don’t know. Your job now is to take this information and make the best call possible for your child and your family. And to that end, I hope this was helpful.

Was this information helpful to you? Please leave a comment below and be sure to repost and share!

As the Christmas season kicks off with Black Friday this week, parents are busy making gift plans for the kids. At the top of wish lists everywhere are internet-connected smartphones, tablets, laptops, and music players. Most parents are very well-intentioned when it comes to deciding what to give their kids for Christmas, but many never consider the inherent risks of the Internet and the responsibility that comes with giving a child an Internet-connected device.

When parents hand a child an Internet-connected device, they give them access to the Internet and everything on it. Most parents understand that kids should be monitored when watching TV, but many fail to exercise that same caution with iPads, iPhones, and iPod Touch devices. Many parents never check the devices to monitor a child’s activity, and some even allow kids to have private, unsupervised time with these devices.

My heart here is to simply inform non-tech savvy parents of the risks of giving an Internet-connected device to any child or teen–regardless of how well-behaved they are. So, let me just state my two main points up front:

  1. Any time you give your kid or teen an Internet-connected device, you should have a plan in place to monitor everything they do on it.
  2. For many of you, buying these gifts for your kids is simply a bad idea.

So just how easy is it for your child to have access to objectionable content online?

It’s Easy To Find In Their Browser

private browsing

Private browsing leaves your internet tracks virtually untraceable.

Traditionally, parents could monitor what sites have been visited on a computer or device by checking the browser history. But a few years ago, a browser feature called “private browsing” emerged. When enabled, private browsing allows a browser to “forget” its website history and anything else that would leave a trace behind. Now this feature is now standard on modern web browsers, including Safari for iOS.

If your child wants to erase his Internet tracks behind him, it is very easy to do, and you’ll be none the wiser.

Private browsing is easier to enable in iOS7.

Private browsing is easier to enable in iOS7.

It’s Easy to Find Inside “Innocent” Apps

It’s hard to imagine that kids would create their own porn or nude and compromising photos to share with each other, but that’s exactly what “sexting” is. Now, there’s even an app for it.

Screenshots from Snapchat.

Screenshots from Snapchat.

Snapchat is intended to look like just another photo app, but it’s become enormously popular as a tool for sexting because it allows the sender to send a message, photo, or video and specify an amount of time the recipient can view the message before the message deletes itself. When used to send inappropriate content, it’s kind of like a digital peep show.

But what many teens don’t realize is that anyone can take a screenshot of that photo by pressing the Home and sleep/wake button on their iDevice simultaneously. Now, that content that was intended to be ephemeral has been captured permanently and can be shared like any other photo. Snapchat created an in-app warning to inform a sender if the receiving party takes a screenshot of the chat, but by then, it’s too late.

How popular is Snapchat? According to TechCrunch, it’s about as popular for sharing images as Instagram and Facebook, combined. Instagram sees about 50 million photos uploaded per day, while Facebook sees about 350 million. Snapchat sees a whopping 400 million photos uploaded per day, and it’s still growing. Recently, there have even been rumors of new funding and even a $3 billion acquisition by Facebook. You can Google more info about Snapchat and sexting than you care to read.

Just a few things you may not want your child exposed to.

Just a few things you may not want your child exposed to.

It’s worth noting that Apple has basic parental controls built into iOS that allow you to prevent downloads of apps with certain ratings. But keep in mind that even if your child never downloads an app like Snapchat, they can still receive unwanted content on their device involuntarily if it is sent from contacts by other means.

Even if your child is a well-intentioned Snapchat user, the app is designed to hide the user’s digital footprints. So the app intends to inhibit a parent’s ability to monitor their kids’ conversations. And what mixes better than kids and a lack of accountability?

It’s Easy To Find On Social Networks

Objectionable content abounds on popular social networks like Twitter and Vine. Twitter and Vine both allow obscene content and have no controls whatsoever for foul and inappropriate language. Even though the iOS Twitter app is rated for ages 4 and up, your child can find inappropriate and even pornographic content on Twitter with a simple search.

It’s also worth noting that while hardcore pornography is not allowed on YouTube, inappropriate content is plentiful. It may not be porn, but you won’t want your kid to see Miley Cyrus’ latest videos. And that’s just one example. Beyond sexual content, YouTube has plenty of violent content, including videos of death. And outside of sex, violence, and other objectionable content, YouTube is full of sophomoric foolishness like soda bottle bombs and cinnamon challenges that are just unwise for parents to allow unmonitored access to.

Beware of the seemingly innocuous social networks and video sites. When in doubt, it’s better to know what your child is doing online than to be clueless about it.

It’s Easy to Find In Built-In Browsers

You probably use them all the time without realizing it, but many apps have their own built-in browsers. If you click a link in Twitter, Facebook, and many other apps for iOS, the app will launch its built-in browser to view the link. Because these browsers don’t have the features of traditional browsers, there’s no way to view the browsing history in them, thereby making them just as untraceable as private browsing.

So What’s A Parent To Do?

I’ve also posted a few tips parents can employ to help keep the Internet on a leash, but the reality is that there is no sure-fire way to prevent your kids from being foolish on the Internet except one: to be an educated, active, watchful parent. It’s up to you to take an active, even aggressive role in the digital lives of the children living in your house.

Your responsibility as a parent in a digital age is a big one. Don’t be fooled by those (including your own kids) who would have you believe that your involvement is snooping or an invasion of privacy. Those are lies. You love your kids. Knowing where they go and who they are with is vital to your role of being an effective parent. This is even more true in the digital world, where the places they go and the people they are with can be much less clear and, thereby, far more precarious.

Was this post helpful? Please consider sharing it with others by clicking the share buttons below or by posting it to your social media feeds. You may also subscribe using the sign up widget at the top of the column to the right.