IT'S BEEN LONG TIME SINCE I HAD VIRUS PROBLEM WITH MY DEVICE
BUT PEOPLE JUST PUT IT TOGETHER ,THIS ARTICLE IS 90 % TRUE.
ME PERSONALLY USING ANDROID BUT THIS OS IS OPEN SOURCE AND I DON'T THINK GOOGLE FORGOT ABOUT SECURITY TOOLS . IF I'M GOING TO BE A VICTIM OF DATA THEFT DEFENSIVELY I'LL CHANGE TO DIFFERENT OS.
http://techpp.com/2011/07/04/why-security-threats-to-smartphone-users-are-on-the-rise/
*** Why Security Threats to Smartphone Users are on the Rise
Guest Post by Fergal Glynn.
It’s in the news more and more. The number of viruses, malware, and a number of other ‘virtual illnesses‘ affecting smartphones has already caused billions of dollars in damage. In fact, a recent study by Juniper Networks estimates malware attacks on Android have increased by 400%. But why the sudden interest? They’re a better target, and here’s why:
Smartphones hold more information
Today, phones are a portable hub for all the information in our lives, including business and personal. This means, with one hit, a hacker could potential gain all of your personal and financial information, in addition to gaining the information they need to penetrate a business infrastructure. With that, they simply need to set up a spear phishing attack, and the hackers can access full range of sites, accounts, and systems.
Free Internet is not so Free
Is your favorite free WiFi spot is really free? Or, is it a fake network set up by someone with less than honorable intentions? Because many smartphones automatically connect to open networks (and save them for future use!), it makes them a prime target. Once someone malicious has gained access to your smartphone, they can gather all of your account details, passwords, personal information, financial details, and other informational gems you send through your phone.
No Security Software
Just like a car thief looking for unlocked doors and keys in the ignition, hackers will prey on the easiest targets they can find. Most of the time, this means smartphones. And why not? They often connect to open WiFi networks and usually don’t have any sort of security software installed. Therefore, once attackers gain access, there’s nothing stopping them.
Users Aren’t Aware of the Risks
Because many people who own smartphones think they’re immune to attacks, hackers can ‘live’ in a phone for months or even years without being detected. Imagine the sheer amount of information you share during the year. With that kind of information, banks, business sites, email accounts, personal identities, and all sorts of networks would be at risk. To make matters worse, any attempts by the attackers to gain additional information would be even harder to detect because they would be better able to disguise their phishing attempts.
More Opportunities For Attacks
Smartphones use the Web, SMS, email, voice, apps, and many other methods to communicate with other people and devices. This leaves them wide open to a number of different attacks and gives a determined hacker more options than he’d have with a regular computer. In fact, experts believe it’s even possible for hackers to use the device’s microphone to record voice communications and scan them for calls containing useful information such as those made to a bank or credit card company.
Real Life Threats
Because of their portability, smartphones are much easier to steal than laptops or other communication devices. To make matters worse, many users don’t lock or secure their phones, and even fewer use location services. This means, once a thief gets his hands on a phone, they can access everything, and the user can’t even wipe the phone clean to minimize the damage.
The best way to protect against mobile attacks is to be aware and prepared. To start, install security software, use secure connections, invest in locate and remote wipe services, use strong passwords, and minimize the amount of information you store or use on your smartphone. After all, the more ‘doors’ you close to attackers, the less likely you are to become their victim.
****
OUR DEVICES DOESN'T HAVE THAT MUCH SECURITY THAT WE NEED . AND ALMOST ALL APP THAT YOU INSTALLS IT'S READING YOUR PHONE CALL IDENTITIES EVEN YOU CAN'T BE SO SPECIFIC WITH EACH APPS THAT YOU INSTALL AND CHECK'EM ALL , IS THERE ANYWAY TO AVOID SUCH DISASTER?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
The term "privacy" means many things in different contexts. Different people, cultures, and nations have a wide variety of expectations about how much privacy a person is entitled to or what constitutes an invasion of privacy. Information or data privacy refers to the evolving relationship between technology and the legal right to, or public expectation of, privacy in the collection and sharing of data about one's self. Privacy concerns exist wherever uniquely identifiable data relating to a person or persons are collected and stored, in digital form or otherwise. In some cases these concerns refer to how data is collected, stored, and associated. In other cases the issue is who is given access to information. Other issues include whether an individual has any ownership rights to data about them, and/or the right to view, verify, and challenge that information.
This post does not intend to address the many definitions of privacy or the many technical means of protecting and invading one's privacy. There are already many posts addressing this aspect and brief search can turn up lots of answers for you.
This post is only intended to help the least technically savvy among us in maintaining some small amount of data security and privacy without getting very technical about things. It was derived from many diverse sources on basic privacy.
Note that I do NOT have a DONATE button anywhere.
I am not looking for donations.
If you feel that you should donate something, by all means,
send it to your favorite XDA developer and/or XDA itself!
And don't be shy about the
button for the many posters who were of help to you!
Recently, a friend handed me his phone and asked me to take a picture. “What’s the password?” I asked. “I don’t have one,” he said. I think I must have had a puzzled look on my face as, I suppose, I tend to grimace when someone I know tells me they’re choosing not to take one of the very simplest steps for privacy protection, allowing anyone to look through their phone with the greatest of ease, to see whichever messages, photos, and sensitive apps they please.
So, this post is for you, big guy with no password on your Galaxy/iPhone/Nexus/whatever, and for you, girl who stays signed into GMail on your boyfriend’s computer, and for you, person walking down the street having a loud conversation on your mobile phone about your recent doctor’s visit of that odd ailment you have. These are the really, really simple things you could be doing to keep casual intruders from invading your privacy.
1 Password protect your phone! It is one of the simplest things you can do to most devices (smartphones, tablets, etc.) with the least amount of effort. Many people tell me it is “annoying” to take the two seconds to type in a password each time before using the phone. Gimme a break, everyone!. Choosing not to password protect these devices is the digital equivalent of leaving your home or car unlocked. If you’re lucky, no one will take advantage of you. Or maybe the contents will be ravaged and your favorite speakers and/or secrets stolen. If you’re not paranoid enough, spend some time reading entries in Reddit, where many Internet users go to discuss issues of the heart. A good percentage of the entries start, “I know I shouldn't have, but I peeked at my gf’s phone and read her text messages, and…” Oh, and before you pick a password like "123456" or "password" do yourself a big favor and visit the Worst passwords of all time web page! No laughing allowed!
2 Turn on 2-step authentication in GMail (that is, if you use GMail, of course). The biggest conclusion you can derive from the epic hack of Wired’s Mat Honan is that it probably wouldn't have happened if he’d turned on “2-step verification” in GMail. This simple little step turns your device into a security fob — in order for your GMail account to be accessed from a new device, a person (you?) needs a code that’s sent to your phone. This means that even if someone gets your password somehow, they won’t be able to use it to sign into your account from a strange computer. (How it works - video) Google says that millions of people use this tool, and that “thousands more enroll each day.” Be one of those people! Yes, it can be annoying if your phone battery dies or if you’re traveling. Of course, you can temporarily turn it off when you’re going to be abroad or phone-less. Alternately, you can leave it permanently turned off, and increase your risk of getting epically hacked. Which do you like better?
3 Put a Google Alert on your name! This is an incredibly easy way to stay on top of what’s being said about you online. It takes less than a minute to do. Go here: http://www.google.com/alerts; anyone can do it easily. Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your queries. Enter your name, and variations of your name, with quotation marks around it. Boom. You’re done. Now, that wasn't too tough, was it? I didn't think so. :-]
4 Sign out of your Facebook / Twitter / GMail / etc. account! Do it each time you are done with your emailing, social networking, tweeting, and other forms of general time-wasting. Not only will this reduce the amount of tracking of you as you surf the Web, this also prevents someone who later sits down at your computer from loading one of these up and getting snoopy. This becomes much more important when you’re using someone else’s or a public computer. Yes, people actually forget to do this, with terrible outcomes. Incidentally, if you have the Chrome browser on your PC and you use “incognito” (Ctrl Shift N) or Internet Explorer and you use “InPrivate” (Ctrl Shift P) you will automatically be logged out when you close the window, and no cookies or passwords will be stored. Pretty cool, right?
5 Don’t give out your email address, phone number, or zip code when asked. Hey, if some scary (or weird) looking dude in a bar asked for your phone number, you'd say no, wouldn't you? But when the person asking is a uniform-wearing employee at a local store, many people hand over their digits without hesitation. Stores often use this info to help profile you and your purchase. Yes, you can say no. If you feel badly about it, just pretend the employee is that scary looking dude!
6 Change Your Facebook settings to “Friends Only.” I really thought that by now, with the many Facebook privacy stories which have been published, everyone would have their accounts locked down and boarded up like a cheap Florida house before a hurricane. Not so. There are still lots and lots of people on Facebook who are as exposed on the internet as Katy Perry at that water park. Go to your Facebook privacy settings and make sure the “default privacy” setting isn't set to "public"! If it’s set to “Custom” make sure you know and understand any “Networks” you’re sharing with.
7 Use unique passwords for every site you go to. This sounds really difficult but - surprise - it is quite simple! Password managers come in many sizes and flavors these days. They will generate complex passwords and remember them for you. Protect yourself against phishing scams, online fraud, and malware. Many of these apps have versions you can use on your computer as well as on your tablet and phone. Some are free and some cost money. Your choice. Here, let me show you how simple it is to find a bunch of them: http://bit.ly/V4xehO! As I said, there are many - the one I use is this one here.
8 Clear your browser history and cookies on a regular basis. Do you remember the last time you did that? If you just shrugged, consider changing your browser settings so it is automatically cleared every session. Go to the “privacy” setting in your Browser’s “Options.” Tell it to “never remember your history.” This will reduce the amount you’re tracked online. Consider one of the several browser add-ons, like TACO, to further reduce tracking of your online behavior.
9 Read the posted privacy policy. Boring, isn't it? Every web site has one and likely for a good reason. Have you ever seen the XDA Privacy Policy? Yup, that's just what I thought!
In conclusion, here's one from the Wall Street Journal's Law Blog.
As I said, this is not a technical article but it may make you think if it does the job right.
Sixth Circuit: No Expectation of Privacy in Cell Phone GPS Data
Drug dealers, beware. Your pay-as-you-go phones probably have GPS. And, according to a federal appeals court in Cincinnati, police can track the signal they emit without a warrant.
The U.S. Court of Appeals for the Sixth Circuit ruled that the Drug Enforcement Administration committed no Fourth Amendment violation in using a drug runner’s cellphone data to track his whereabouts. The DEA obtained a court order to track Melvin Skinner’s phone, after finding his number in the course of an investigation of a large-scale drug trafficking operation.
The DEA didn’t know much about Mr. Skinner or what he looked like. They knew him as Big Foot, the drug mule, and they suspected he was communicating with the leader of the trafficking operation via a secret phone that had been registered under a false name. Agents used the GPS data from his throw-away phone to track him, and he was arrested in 2006 at a rest stop near Abilene, Texas, with a motorhome filled with more than 1,100 pounds of marijuana.
Mr. Skinner was convicted of drug trafficking and conspiracy to commit money laundering. On appeal, he argued that the data emitted from his cell phone couldn’t be used because the DEA failed to obtain a warrant for it, in violation of the Fourth Amendment.
The question in the case was whether Mr. Skinner had a reasonable expectation of privacy in the data his phone emitted. It’s a question that several courts are wrestling with. Federal law enforcement authorities, as in this case, say that investigators don’t need search warrants to gather such information.
Justice Department lawyers argued in a court brief that “a suspect’s presence in a publicly observable place is not information subject to Fourth Amendment protection.”
Judge John M. Rogers, writing for the majority, agreed:
There is no Fourth Amendment violation because Skinner did not have a reasonable expectation of privacy in the data given off by his voluntarily procured pay-as-you-go cell phone. If a tool used to transport contraband gives off a signal that can be tracked for location, certainly the police can track the signal. The law cannot be that a criminal is entitled to rely on the expected untrackability of his tools. Otherwise, dogs could not be used to track a fugitive if the fugitive did not know that the dog hounds had his scent. A getaway car could not be identified and followed based on the license plate number if the driver reasonably thought he had gotten away unseen. The recent nature of cell phone location technology does not change this. If it did, then technology would help criminals but not the police.
He was joined by Judge Eric L. Clay. Judge Bernice B. Donald, who concurred but disagreed with the majority’s Fourth Amendment reasoning, said the DEA couldn’t have figured out the identity of Mr. Skinner, the make and model of his vehicle or the route he would be driving without the GPS data from his phone.
“It is not accurate…to say that police in this case acquired only information that they could have otherwise seen with the naked eye,” she wrote. “While it is true that visual observation of Skinner was possible by any member of the public, the public would first have to know that it was Skinner they ought to observe.”
A lawyer for Mr. Skinner didn’t immediately respond to a request for comment.
Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]
[GUIDE] Some incredibly simple things to protect YOUR PRIVACY - Part 2
Cameras on smart phones, getting better with each generation of new devices, allow people to take pictures or videos on the go and transmit these images by e-mail or post them to the Web. With phone in hand, unexpected sightings of celebrities can be snared with a flick of the wrist (turning the celled into the 'snaparazzi'), as can chance encounters with pretty girls or gorgeous sunsets. Their impact can be great for both good and evil.
Not too long ago two men lit themselves on fire in protest. But only one of them is credited with starting a revolution.
The difference between the two? Mobile phones recorded Mohamed Bouazizi, a Tunisian fruit vendor, as he set himself ablaze in despair over his economic plight. Those videos kicked off the wave of 2011 Arab Spring demonstrations.
Abdesslem Trimech, the other man, fell into relative obscurity. (Source: The Mobile Wave: How Mobile Intelligence Will Change Everything by Michael Saylor)
Back in 2005, a retail fraud investigator for one of the larger chain stores said that while he was still unable to capture a usable image of a credit card from even the then newer camera phones, he has been able to grab readable images of all account and routing info from the personal checks customers have produced at the checkout. Check writers, he says, have a tendency to "lay out" their check books on the writing counter at the registers and keep them stationary enough to obtain a clear image of all the personal information printed on the check. He has also tested this theory with camera-equipped palm tops and has found that with the adjustable resolution he has been able to get a pretty clear picture, with zoom, from a reasonable distance away (3-5 feet). So at this point in time, as phone cameras get better and better, your credit card might still be secure but your personal check might not be.
So, what personal information does your mobile phone reveal about you? Do you know? Do you care?
It seems that many people are slowly becoming more aware of the pitfalls and the mobile-privacy concerns.
According to reports, 54% of cell phone users in the U.S. have decided not to install an app once they discovered how much of their personal information it would access. (The amount of sensitive info an app can access typically is indicated by the "permissions" the app requests, listed on its information page.)
Also, nearly one-third of mobile app users report uninstalling an app from their phone because they learned it was collecting personal information they didn't wish to share.
We need to first be aware and also be willing to actively take steps in order to protect our own privacy. Children of all ages need to be carefully taught as well.
Okay, but what about students? Do students have an expectation of privacy on their cell phones while at school?
The short answer to this in the U.S. is a qualified yes. Whether educators have the authority to search the contents of student cell phones depends on a lot of factors. The key issue in this is the standard of reasonableness. According to New Jersey v. T.L.O (1985) students are protected by the Fourth Amendment to the U.S. Constitution which protects citizens against unreasonable searches and seizures. In T.L.O., the Supreme Court goes on to say that the standard that law enforcement officers must reach to conduct a search (probable cause that a crime has been committed), is not required of educators. In general, the standard applied to school officials is whether the search is “justified at its inception and reasonable in scope.” (See When can educators search student cell phones)
What information should children be taught NEVER to reveal?
The suggestions depend on their age. Common 'wisdom' suggests the following:
Elementary School Kids should NEVER share (their own or another’s):
Age
Full Name
Address
Phone Number
Name of School
Password Information
Images (with possible exception depending on parental involvement)
Middle School Kids should NEVER share (their own or another’s):
Age
Full Name
Address
Phone Number
Name of School
Password Information (even to friends)
Most Images (At this age, kids get into social networking and will be sharing images via cell phones and digital cameras. Parents should focus on limiting the images their children share online)
High School Kids should NEVER share (their own or another’s):
Address
Phone Number
Password Information (even to friends)
Offensive or Sexually Suggestive Images or Messages
If you managed to get this far there must have been something that concerned you.
Congratulations! Learning more about privacy is the first step.
Here's one more little trick you might try since you spent all the time getting here. :highfive:
Want to have an unlisted phone but would not like to have to pay monthly for it? Ask your phone company to replace your last name with another name - your grandmother’s maiden name or something that you never use. This will cost a few dollars, but works very well. Many phone companies will do this for you. No monthly fees for having your number unlisted and as soon as you hear someone calling you Mr. {your grandmother’s maiden name}, you can either block the number or request to be put on the company’s Do Not Call List or <fill in the blank of your choice>. Note that Caller ID takes its information from the phone book, so you will be identified as Mr. {your grandmother’s maiden name} on Caller ID units of people you call unless you turn this feature off.
Another helpful addition to the listing (available in some areas) is: "(data line)", meaning that the phone number is connected to a fax or computer and not to a live person. Check with your local company if this option is available.
Some time ago, in a concerted effort, multiple ACLU affiliates filed a total of 381 Freedom of Information Act (FoIA) requests in 32 states, asking local law enforcement agencies to disclose how they are using mobile phone location data.
The FoIA request in North Carolina struck gold: a copy of an official Department of Justice flyer, dated August 2010 that explains exactly what data is retained by Verizon Wireless, T-Mobile, AT&T, Sprint, and Sprint division Nextel. There's an enhanced copy on the ACLU website.
The eye-openers:
All of the mobile phone companies keep details about the location of cell towers used by every phone, for a year or longer.
All of the mobile phone companies keep records about voice calls and text messages received and sent for a year or longer. Verizon stores the contents of every text message for three to five days. (The others don't keep the text.)
IP session information -- tying your phone to an IP address -- is kept for a year by Verizon and 60 days on Sprint and Nextel.
IP destination information -- which IP addresses you connected to -- is stored for 90 days at Verizon and 60 days on Sprint and Nextel.
The ACLU is gathering information on what steps local police have to go through in order to acquire that stored data: warrants, formal requests, emergencies, possibly even informal procedures. They're also trying to figure out how law enforcement agencies share the data and how long it is retained.
There doesn't appear to be any sort of uniform nationwide policy or widespread judicial precedent.
The ACLU is also looking at law enforcement requests to "identify all of the cell phones at a particular location" and "systems whereby law enforcement agents are notified whenever a cell phone comes within a specific geographic area."
If you have been concerned about privacy and location data being leaked sporadically on your iOS or Android or Windows Phone device it seems you have been looking at very, very small potatoes!
Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]
[ Another place holder ]
[GUIDE] Some Incredibly Simple Things To Protect Your Privacy!
If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip
If you find a particular post is helpful, please click on the Thanks button
If you are using XDA App or Tapatalk, long press on the post and select :good: Thanks
Thanks ny_limited - I just did all these!
Cheers
Tom
Szczepanik said:
If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip
If you find a particular post is helpful, please click on the Thanks button
If you are using XDA App or Tapatalk, long press on the post and select :good: Thanks
Thanks ny_limited - I just did all these!
Cheers
Tom
Click to expand...
Click to collapse
Appreciate the kind works, Tom, but.. This thread is for the non-technical ones among us. I suspect you are more technical than I am thus you hardly qualify to be here.
Thanks for the tips.
For extra protection, there's quite a few security apps on the market that will lock whatever information sensitive apps you want locked, usually with the same security options that your phone offers i.e. Password, PIN, pattern etc.
Just search "app lock" in the play store, for those interested.
--> dominating your screen from my t-mobile gs3, powered by: FreeGS3 R7 "Resurrection"
Complacency is one thing that most if not all internet/mobile/computing user have. I always advocate "Do not remember my password" while browsing from any form of medium to my friends. You never know when you will get compromised. Just leave your computer for a moment, your friend with malicious intent can extract all your private information with a simple and obtainable usb trick..
Even the thing most personal to me, my mobile phone, has no sites on "Log me in always" checked.
I hope websites would leave the box unchecked, as sites I visit always encourage user to have that option enabled. E.g. Ebay, Facebook..
Post # 2 has been updated just in case you need more reading material.
ny_limited said:
Post # 2 has been updated just in case you need more reading material.
Click to expand...
Click to collapse
like 1 better :good:
coohdeh said:
like 1 better :good:
Click to expand...
Click to collapse
Agreed. I guess I really didn't need the 3rd placeholder after all.
---
Spes in virtute est. (via XDA app)
This article is just over a year old but still makes good reading if you haven't seen it yet.
Few people would willingly carry around a device that tracks their movements, records their conversations, and keeps tabs on all the people they talk to. But, according to documents recently released by the American Civil Liberties Union, cell phone companies are doing all of that -- and may be passing the information on to law enforcement agencies.
"Retention Periods of Major Cellular Service Providers," an August 2010 document produced by the Department of Justice, outlines the types of information collected by various cell phone companies, as well as the amount of time that they retain it. On some levels, this is reassuring: Verizon (VZ) is the only company that holds on to text message content, and they erase it after 3-5 days. However, text message details -- the information about who you text with -- is retained for a minimum of a year, with some companies keeping it for up to seven years. In other words, that little back-and-forth you had with Bernie Madoff back in 2007 will be on the books until 2014.
Complete article is here
Click to expand...
Click to collapse
The privacy buck stops with the user
Yes, those terms of service are annoying. They're usually too complicated and too long, and users who want a certain mobile app will be inclined to click 'next' without actually reading the fine print, even if they're worried about what rights they're signing away. Still, "cellphone users need to take responsibility for their own data," maintains Steve Durbin, global VP of the Information Security Forum.
Click to expand...
Click to collapse
Cellphone and smartphone users have a love-hate relationship with mobile apps. While they love the functionality and enhanced user experience they bring to the table, clearly many hate the perceived privacy intrusions, suggests a newly released report from the Pew Internet & American Life Project.
More than half -- 54 percent -- of app users surveyed decided against installing a cellphone app when they discovered how much personal information they would need to share in order to use it. Thirty percent uninstalled an app that was already on their cellphone because they learned it was collecting personal information that they didn't wish to share.
Many cellphone users take additional steps to protect the personal data on their mobile devices, including backing up photos, contacts and other files -- tasks performed by 41 percent of those surveyed. Some 32 percent have cleared the browsing or search histories on their phone, and 19 percent have turned off the location-tracking feature due to privacy concerns.
Finally, 12 percent of cell owners say that another person has accessed their phone's contents in a way that made them feel that their privacy had been invaded.
The complete article was written by Erika Morphy and published in the E-Commerce Times in September.
i just know that you can monitor the keywords via google alerts
some useful information here. Thanks a lot!
More cell phone privacy notes
Police Searches of Cell Phones
You may have a legitimate expectation of privacy of the information stored in your cell phone, and so a search warrant may be needed before a police officer can look at your phone's data. However, an officer has the authority to search a cell phone when the search is "incident to an arrest." The search is deemed similar to an officer that searches a closed container on or near a person that he's arresting.
Traditional search warrant exceptions apply to the search of cell phones. Where the accessing of memory is a valid search incident to arrest, the court need not decide whether exigent circumstances also justify the officer's retrieval of the numbers from your cell phone. Police officers are not limited to search only for weapons or instruments of escape on the person being arrested. Rather, they may also, without any additional justification, look for evidence of the arrestee's crime on his person in order to preserve it for use at trial.
Illegally Intercepted Communications
Most people would think that public broadcasting of an illegally intercepted cell phone conversation would be illegal. Well, the US Supreme Court has found that (U.S.) the First Amendment allows an illegally intercepted cell phone conversation to be shared with others when the conversation involves matters of significant public interest. The lesson here is to be careful because technology has increased the chances that your cell phone conversations are being recorded and could be made public or used against you.
Cell Phone GPS Tracking
Although there are many advantages to cell phone GPS tracking, there are also privacy concerns. As most people carry their cell phone with them at all times, the ability is in place to track the exact movements of all individuals. Cell phone GPS could prove useful in saving lives during emergencies.
For these reasons the (U.S.) Federal Communications Commission (FCC) requires wireless network providers to give the cell phone GPS tracking location information for 911 calls that have been made from cell phones. This is known as E911. The law on E911 is fairly explicit. It allows carriers to provide tracking location information to third parties for E911 emergency calls only, however not under any other circumstances whatsoever without the consent of the cell phone owner. Recent court hearings have disallowed the requests of law enforcement agencies to obtain cell phone GPS tracking information from the cell phone companies for suspects in criminal investigations.
The complete article was written and published on Lawyers.com.
Instagram says it now has the right to sell your photos
Instagram said today that it has the perpetual right to sell users' photographs without payment or notification, a dramatic policy shift that quickly sparked a public outcry.
The new intellectual property policy, which takes effect on January 16, comes three months after Facebook completed its acquisition of the popular photo-sharing site. Unless Instagram users delete their accounts before the January deadline, they cannot opt out.
Under the new policy, Facebook claims the perpetual right to license all public Instagram photos to companies or any other organization, including for advertising purposes, which would effectively transform the Web site into the world's largest stock photo agency. One irked Twitter user quipped that "Instagram is now the new iStockPhoto, except they won't have to pay you anything to use your images."
"It's asking people to agree to unspecified future commercial use of their photos," says Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation. "That makes it challenging for someone to give informed consent to that deal."
The complete article is written by Declan McCullagh and published in c|net.
Thanks to FameWolf for the link!
Horrible Autoplay Video Ads Are Coming to Facebook
Facebook will unveil a new video ad product that will auto-play commercials upon arrival, executives told AdWeek's Jason del Ray. This most annoying addition, which will allow advertisers a chance to slap unsolicited videos all over the Facebook news feed, is expected to launch by April 2013, the sources say. And, to reiterate, yes, these will be the same variant of videos that pollute the ESPN.com homepage — the ones that start without you asking them to.
Facebook, which has been trying just about every kind of new ad it can this year, has not yet decided if these commercials will automatically play with or without sound. But in either case, you can bet they'll be a pain — and you can expect plenty of frustrated users. On the desktop version of Facebook, the vids will expand "out of the news feed into webpage real estate in both the left and right columns -- or rails -- of the screen," explains del Ray. Meaning: they will be everywhere. Also, for people who use a million tabs on older computers, imagine a ton of video playing over and over: slow-load city. Add a little audio in the mix and we can already see the confused masses looking for that one tab with the unwanted sound coming out of it. Oh, yeah, this is a really great idea, Facebook. As if you weren't full of those this week already.
The complete article is written by Rebecca Greenfield, published in The Atlatic Wire
ny_limited said:
Instagram said today that it has the perpetual right to sell users' photographs without payment or notification, a dramatic policy shift that quickly sparked a public outcry.
The new intellectual property policy, which takes effect on January 16, comes three months after Facebook completed its acquisition of the popular photo-sharing site. Unless Instagram users delete their accounts before the January deadline, they cannot opt out.
Under the new policy, Facebook claims the perpetual right to license all public Instagram photos to companies or any other organization, including for advertising purposes, which would effectively transform the Web site into the world's largest stock photo agency. One irked Twitter user quipped that "Instagram is now the new iStockPhoto, except they won't have to pay you anything to use your images."
"It's asking people to agree to unspecified future commercial use of their photos," says Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation. "That makes it challenging for someone to give informed consent to that deal."
The complete article is written by Declan McCullagh and published in c|net.
Thanks to FameWolf for the link!
Click to expand...
Click to collapse
Instagram has backed off the language in its new privacy and terms of service policies that set off a significant firestorm online. Instagram cofounder Kevin Systrom posted on the company’s blog under the title “Thank you, and we’re listening”. Whether you believe him or not you can read more about it at Forbes.
Happy New Year, everyone!
Enjoy the festivities!
Will see you all next year!
New 2013 CA laws affect online privacy, homeowners, schools
From protecting your online privacy to party buses, there are 750 new California (USA) laws taking effect in 2013.
The complete KABC-TV (Los Angeles) article of January 1, 2013 can be found here.
[USA] New laws keep employers out of worker social media accounts
Employers in Illinois and California cannot ask for usernames and passwords to the personal social media accounts of employees and job seekers under laws that took effect on Jan. 1.
Illinois Gov. Patrick Quinn in August signed legislation amending the State's 'Right to Privacy in the Workplace Act.'
California Gov. Jerry Brown signed legislation adding the prohibitions to the State's Labor Code in September.
The two states join Maryland, Michigan, New Jersey and Delaware in implementing such privacy laws.
Full ComputerWorld article: http://bit.ly/118L2tM
Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....
You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards
Magissia said:
You forgot to tell the data is not encrypted by the VPN between it's server and the website's server, you are only moving a problem from place A to place B. It may be better for you if this is what you are looking for but it doesn't add that much security.
How a VPN works : Your device data is encrypted FIRST, it leaves your device and goes to the VPN's server, it is DECRYPTED, and then it is relayed to the server you were trying to contact. Your data is less traceable but you're not anonymous, the VPN provider knows who you are and your DNS provider may still know what you are looking at if you the device leak DNS requests.
Your guide is missing details, anonymity and security is not easy and trying to simplify it too much you lost important parts users should not forget.
Regards
Click to expand...
Click to collapse
Misleading? I think you need to re-read the post. Here let me help you:
"A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection."
"Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data."
"Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada."
So you're going to argue the fact that a VPN wouldn't be affective in a cafe scenario like the example I've given in the post?
Any additional information is appreciated, but please don't come in here saying that it's misleading....
THE FACT IS...YOU'RE BETTER OFF WITH A VPN, than WITHOUT ONE. PERIOD.
It's about trust, the VPN server can do the middle man attack itself or one could do it somewhere between the VPN's server and the final destination.
Of course you're better with a VPN most of the time, but it's important to clearly state it's not captain america's shield neither. It's important to clearly tell at all cost that the data is encrypted only between you and the VPN's server.
Best regards.
The only way to ensure you are safe from MITM is to use end to end encryption, like SSL/TLS (https). Even if the MITM is using sslstrip, you'll be able to tell by the security popup in your browser when it asks you to trust the connection (which you shouldn't...)
VPN is useful for protecting you from someone sniffing the airwaves on an open network or for accessing services behind a firewalled network. (Like SMB/Windows File Sharing).
Like Magissa said, it isn't captain America's shield, and don't be fooled by a false sense of security. You have to trust the VPN provider, and it would be pretty easy for one to sniff your traffic or read logs...
iunlock said:
Greetings all and Happy Holidays.
Per some fellow XDA users request and also to compliment the great thread "[TUTO] How To Secure Your Phone," by: unclefab, I figured this would help...a thread on VPN.
I am also shocked to not see anything in the security forum about VPN! I did a search and NOTHING.
What is a VPN?
(Virtual Private Network)
A simple search on the web will give you the nitty gritty stuff on what a VPN is, but I'll just lay it out very simply.
A VPN takes your data connection and encrypts it so it protects your data from not only your ISP seeing your traffic, but also from middle man attacks. Say if you were at a cafe connected to their open (unsecured) public WiFi and you did some shopping online, which involved you entering in your credit card number, name, address, etc... Well, it doesn't take much for someone to intercept your sensitive data passing through the cafe's unsecured WiFi connection.
How it works:
Encrypts your Computer's/Phone's data ---> Connects it to your VPN's server (Exit Server) ---> Then it reaches the end destination (website). (Safe Passage)
ie...
Safely passes your Internet Data, through a ---> [TUNNEL] ---> ...that is encrypted so that all your data is not only anonymous, but also protected.
There are may VPN's service providers out there, however, they are not all created equal. I've spent a lot of time researching VPN's and have went to great lengths to find the best of the best. The criteria of what I was looking for is as follows:
Offshore Company. Something outside of the US.
Liked and approved by even the extreme private/security activists.
Reliability and Speed! Some VPN's can be very slow only allowing you to achieve 30-50% of your internet speed at best.
A wide choice of servers.
Able to pay anonymously.
A VPN THAT WORKS ON OUR ANDROID DEVICES!
Some VPN companies have their own Android VPN client, which makes things a breeze. Just launch, connect and violla....all your traffic is now safely tunneled.
For the companies that do not have their own Android VPN client, you'll have to use the app: OpenVPN, which can be a hit or a miss for those on KK 4.4. Let me explain...
When I was on my Note 3 on 4.3, OpenVPN worked flawlessly and my speeds were darn near 100% of my regular LTE speeds even connected to a VPN! Well, once KK 4.4 came around, it completely ruined everything in terms of being able to stay connected. KK 4.4 is and was a nightmare for OpenVPN users. Upgrading from 4.3 to 4.4 was the biggest mistake I have ever made in my Android world. Bottom line, KK 4.4 sucks.
The good news is, there are a few VPN companies that work flawlessly on KK 4.4. I'm using one at the moment and it stays connected just fine with awesome speeds!
Why you should use a VPN:
Well think about. You can go the whole nine yards in securing your phone, which is awesome, but then you'd still be tunneling all that traffic "unencrypted," over the internet .... this is counter-intuitive in every way that you look at it. It's like ordering a BIG MAC Extra value meal and getting a diet coke. I mean really? What's the point? Diet? No matter how you see it, you're going to get fat if you keep eating it and thinking a diet coke is going to take edge off of you getting fat. Sorry, it doesn't work that way....
Imagine a semi-trucks driving down the highway with some completely exposed and some locked and covered. Well you'll obviously be able to see the exposed cargo on all the trucks that are not contained yes? Whereas the ones that are covered and locked, you'd have no clue what's in there. This is how a VPN works....it covers your data/traffic so that no one can see or know what is inside of that container during transit...ie...it provides a safe passage of your data over the internet to the end destination.
Now a VPN will protect your data from point A to the end destination (website.) That website will only be able to see your "exit server," and not your ISP or your location, but of course your data.
Ex: You're in New York connected to the internet using a VPN ----> The VPN server you're connected to is in Texas ---> The website you're visiting is located and hosted in Canada.
In that example, your "encrypted" data/traffic is being routed through Texas and then to Canada where the website is hosted/located. Make sense?
Because you're connecting to a VPN server, this is why you have to know which ones to use so that you can trust your data routing through their servers. Not all VPN companies are created equal!
If you're interested to know which VPN's are best in general and for our Android devices, PM me and I'll share with you my research. I don't want to advertise anything on here to be in compliance with the forum rules.
I hope this helps!
To be continued....
Click to expand...
Click to collapse
which is the best VPN to use?
I've installed OpenVPN for Android and it works fine.
[VPN (Virtual Private Network) and why you should use it if you're serious ab...
TheMoroccan said:
which is the best VPN to use?
Click to expand...
Click to collapse
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one that is less likely to corporate with your local law enforcement.
Agreed. Out of country, away from your government's reach... There are some offshore server farms in countries with lax laws... Those are usually tax havens also. Research
snapper.fishes said:
There's no concrete answer to that question. Your best bet is to use a VPN provider that's based outside of your country, preferably one with a less likely to corporate with your local law enforcement.
Click to expand...
Click to collapse
Thanks bro for the info.