It was brought to my attention a bit ago by a client that the iPad 2 with IOS 5 has a flaw that allows the last screen accessed before the Smart Cover lock was engaged.
This is obviously not good for those using the iPad for financial, medical or legal purposes.
The work around until this is fixed correctly is to lock the iPad while on the home screen or a screen which does not display anything of importance (Like “Please Stay Calm” or maybe “Angry Birds”).
A quick search turned up people talking about this on forums and a number of news articles such as this one from cnet.com.
There is mention of a security flaw with Siri that allows people to send text messages, emails and even make phone calls from a password-protected iPhone 4s lock screen.
What smartphone are you using and why?
Our office has moved to Androids, and in particular Samsung Epic 4G (original and the new Galaxy S II Touch) and absolutely love them.
I’d love you input….
WCSO Mobile App
My brother, Rick Hoyt, is employed by the Washington County Sheriff’s Office in Arkansas and he brought it to my attention that their department is the first in the nation to produce an iPhone app…
This thing is so cool that I loaded it on my iPad so I could see what was going on where I used to live!
It will allow you to check the Detention Center intake report, see the Most Wanted, a list of deadbeat dads/moms and more.
The company that made it is Mobile Patrol, LLC of Revolution Technologies, LLC from Rogers Arkansas and I imagine they are going to be swamped with calls from other law enforcement departments wanting their own apps such as this.
How cool is to to able to see the incarcerated individuals right on your phone? Not so cool if it is someone you know, and even less cool, if someone is seeing you there, but hey, none-the-less, it is good for some entertainment.
Click the graphic to check out the app on iTunes, or just click here. Now they just need to produce a twin app to work with Android.
T
rend Micro is offering a service called SafeSync which allows you to access and share your files anywhere, anytime.
For as little as $39.95 a month, you can store your data online, instantly and share it between multiple devices, including iPhones, iPads and Androids. You can even share with friends and family with complete permissions!
You can get more information directly from Trend Micro, and even try it out for free!
http://us.trendmicro.com/us/products/personal/safe-sync/
As your Upstate / Greenville, SC Trend Micro partner, we can offer this all of the Trend Micro product line, including installation, support and consultation. Call us at 864.990-4748 for more information or email info@homelandsecureit.com
Being in the computer service business, every day we are seeing more and more computers that have been compromised, whether they are Microsoft Windows, Apple Mac OS X, Linux, it doesn’t matter. Even iPhones and Androids are falling victim to various malware found as a result of blindly following links.
What can you do to help protect yourself, your computer and your private data? Use a little common sense and don’t just randomly click on every link you see.
Sometimes, a link can come to you through email, a Facebook message, or a wall post on Facebook, and it will appear to be from your best friend, or a trusted co-worker, but it was really sent from a malicious source.
Here’s an example of a link posted on Facebook recently:
Typical social engineering attempt to lure you to a bad site...
This is a typical “social engineering” attempt to get you to visit a malicious site.
It works like this: The mark will see the link on their best friend’s wall and because it looks appealing and came from Bob, it has to be good, so they click on it. The link loads a site that LOOKS like YouTube or some other video site. When they try to play the video, what happens next is sheer genius. They are told that a codec or other piece of software needs to be updated. Of course, they have gone this far, so they will almost always agree to install the software.
And THAT is where the magic takes place. Even if you are running anti-virus, many times, this malicious software is allowed to install because the A/V sees it as a “user initiated action” and simply gets out of the way and lets you perform the install. After all, you know what you are doing, right?
Now there is malicious software running which may do many things, from disabling the anti-virus, to loading key loggers that send every key typed on that computer to some site in Tracrapistan, or full access to the machine may be granted to a remote user, allowing them to use the exploited machine to send spam, distribute more bad software etc. Whatever takes place is surely not good. They are not defragging the hard drive and doing your taxes.
Then there’s email “Phishing”… Here’s what that looks like… Can you spot what is wrong?
There are a number of things wrong with the above email example… Most banks do not send you email warnings that you have been locked out of your account, and in my case, I don’t even have a Chase bank account…. But those are not the one tell-tale sign that will prove beyond a shadow of a doubt it is a phishing message or an attempt to coax you to a malicious website…
To see that, you need only hover over the link itself:
When you place your mouse over the link, without even clicking on it, your email client will generally display the actual link. This one points to http://ciamedia.be…. not even close to a Chase server. The perpetrator of this attempted phishing attempt didn’t even try. Sometimes they will register a domain that LOOKS like the source, such as http://www.chasesecuresite.com.
Again, if you are using current mainstream anti-virus software, such as Trend Micro Worry-Free Business Security or Trend Micro Titanium, every URL that you visit will be checked before allowing you to continue… Attempting to visit a malicious site will result in a dire warning displayed in your browser….
Above is the warning you will see in your browser upon visiting a fraudulent site if you are using Trend Micro Worry-Free Business Security …
Then you will also see this warning pop up from your task bar:
Obviously, relying solely on your anti-virus software is not the wisest thing in the world… Safely browsing the web requires some common sense.
BUT, reliable and up to date anti-virus gives you an advantage that your unprotected brethren do not have. Especially for you Apple Mac OS X owners.
If you are looking for quality anti-virus, anti-malware, anti-spam software for your business or personal computer, we highly recommend Trend Micro… We are a Trend Micro partner and would love the opportunity to offer their fantastic products to you, whether you need only one install for yourself, or 1000 seats for your company. We not only sell it, but we support it, along with full computer, server & network service / repair in Greenville & Upstate SC!
Please email info@homelandsecureit.com or call 864.990.4748 for more information.
Those of you who are using a notebook computer or mobile device such as an iPad, iPhone, Android or Android tablet and connecting to those public free wifi access hotspots may want to just ditch the WiFi after what I heard about today…
In spite of what I said about safe browsing from public wi-fi hotspots using a VPN a while back, it sounds like a “proof of concept” is about to be published which states that the mere action of connecting to a public WiFi hotspot, then establishing the VPN can potentially give away the VPN credentials. This could potentially happen whether it is an open (unsecured) access point, or a rogue (man-in-the-middle) AP.
If this is true, which we should know in a few weeks, then it sounds to me like ditching WiFi all together is not a bad idea if your data is valuable. 3g and 4g connectivity through your wireless provider may well be the best bet.
Obviously, this is not platform specific (Mac would be just as vulnerable as a Windows PC), and it is not a bug in the operating systems or VPN software.
I will be posting more information should it be proven to be a legitimate threat. Until then, stay safe….
Stranger lurks behind our office
I was reminded just how useful cameras can be after watching a segment on the news this morning where a young lady was using an inexpensive app on her iPhone that allowed her to check in on her dog by viewing the camera on her PC. She just happened to catch a burglar in the process! More on that HERE.
That story had a pretty happy ending. Through the use of the video captured, the police were able to apprehend the suspect, though I didn’t hear whether her iPod and chargers were recovered. If they have the right guy, thanks to a 5 dollar iPhone app, she helped get one more bad guy off the street.
Over the weekend here at our office, I received emails from our digital network video recorder (DVR / NVR) which alerted me to motion taking place around our building. Police cruisers driving behind the building are not uncommon, but the fella to the right who changed clothes, washed stuff off his boots and hands and left his clothing behind was pretty sketchy.
Thanks to the full motion recordings, we are able to offer law enforcement high quality photo stills and video, complete with time stamps, from several angles and cameras. (We have about 13 cameras around our office).
This type of protection is available for your home and office for an amazingly small investment. We have CCTV and network camera systems to fit every possible scenario and budget. From a single camera at your home, to 4, 8 or 16 at a small business, or even dozens of cameras with pan, tilt and zoom capability at your corporate office. We have cameras available that see in complete darkness, and even cameras that are so small you can’t see them (or may be disguised as a smoke detector, sprinkler head, exit sign, etc).
You can view the cameras in real-time from your iPhone, Android or even Blackberry smartphone, or any web browser, from anywhere in the world! You can be alerted when motion occurs in a particular area via an email. Recordings can be accessed days, weeks or even months after an event occurs.
For a free consultation about how security cameras can help protect your Greenville / Upstate SC property, loved ones, and even reduce your insurance costs, please call us at 864.990.4748 or email info@homelandsecureit.com.
Ever download an app for your phone and see all the access you are giving the thing? You wonder why a certain app would need access to your camera or your location, but you go ahead and install it anyway because you want the latest version of the program.
I’ve done it myself, installed some game, which states clearly that it will have access to totally unrelated areas of the phone, like the camera, or the GPS.
Well, an article in the Wall Street Journal the other day highlights how the information gathered by these apps is being used. It appears that this behavior is more rampant on the iPhone than on Androids, but the study is not as indepth as it could be for sure.
All I have to say is, whether you are using an Android or an iPhone, be careful out there. You don’t want your phone watching your every move…
Google Android
Homeland Secure IT is stuck in the past! That’s right, a high-tech business is using what most consider to be antiquated technology.
It isn’t because of the cost, it is because of the features. We are actually paying more per month for our cell phone plan than if we were using the latest devices and connectivity.
What we use and why we use it:
Our handheld devices are Blackberry Curve 8350i smart phones, on the Nextel / Sprint network, using iDEN with Direct connect and Blackberry Enterprise Server connectivity. As mentioned, this is an expensive data plan. And it is a slooooooooow connection. However, we use what we have because it provides:
- Instant communications with our techs via Direct Connect (a phone call takes so much longer, and we can DC multiple techs at once in an instant)
- Blackberry Enterprise Server (BES) provides us with INSTANT transfer of mail, contacts, calendars from our Microsoft Exchange Server. Mail generally moves in a matter of seconds, instead of minutes with ActiveSync Push
- The Blackberry Curve has a very fat-finger-friendly physical keyboard on it that allows rapid typing, without even looking at the display.
What we dislike about this:
- iDEN transfer speeds are horrible. Try browsing on one of these phones if you are not around a WiFi connection sometime.
- Cell calls are dropped CONSTANTLY and we are out of range constantly (Verizon phones have a signal, almost always when ours do not)
- People who call us while we are in a Direct Connect conversation get “Please hold while the subscriber you are trying to reach is located”
- If you try to direct connect someone while the phone is being used for email, you get “User busy in data”
- Many times the phone will never ring, but we will get a voice mail notification (presumably because we had no signal)
- This service is expensive in comparison with Verizon
That list is just off the top of my head, I’m sure I will think of a few more points after I hit submit.
What we would like:
- A major reduction in service interruption due to signal path. Verizon appears to be the best bet in regards to that.
- Instant mail transfer to allow our clients to send/receive email INSTANTLY with no delays, like we have with BES. Our customers are used to getting responses in a few seconds after sending their email, going from that to a delay of several minutes means that a conversation spread out over a half-dozen emails could take 10-15 minutes to complete due to the transport delays.
- A push-to-talk experience like Direct Connect, or something very similar. Of course, there are some push-to-talk Apps for the Android, but they are not “instant” in functionality, they actually appear to record your comment, then send it, and play it on the remote end. I am unaware of a Push-To-Talk Verizon Android phone, and obviously, iPhone does not offer it at all.
- An Android or iPhone rather than the old Blackberry, but with a good keyboard on it, not just a touch screen. Something we can run the latest and greatest apps on and feel a little more “with it”. The only Android phone offered for iDEN is the Motorola i1 which has Android v1.5 (lagging behind the rest of the world by far)
So here we are, stuck in the past, and feeling unhappy, but unable to make a move.
We could move to Verizon, get a modern Android phone like the Droid 2, with a keyboard, have great signal most everywhere we go, and give up Direct Connect as well as suffer with slower email, but make up for it with faster internet browsing.
We could move to the Motorola i1 Android device on Nextel, but still have slow internet, and an outdated Android…
We COULD go back to carrying two phones, one for feel-good experience, and one for Direct Connect and email.
If you have any comments, I would love to hear from you. Especially if you have used a “walkie talkie” or “push to talk” app on Android that gives a more “Direct Connect” like feel, closer to real-time communication.
Ecobee Smart Thermostat
Web Enabled Thermostats: A not-so-new technology is becoming mainstream due to the desire to save money and be “green”.
If you have been looking to purchase a new HVAC system for your home or business, you may have been given the option to include a thermostat that enables you to view statistics & make changes to the settings using a web browser or an app on your phone. The price ranges from a round $100.oo to as much as $500.oo at the time you purchase a new system, and you promised that it will pay for itself by allowing you to set schedules to reduce the costs of operating your system during times you are away from the home/business.
Some utility companies, such as UTX in Texas have plans you can sign up for that will enable you to get a FREE web enabled thermostat, and I believe you only pay around $75.oo for the installation. Ultra good deal in my opinion.
X-300 Web Enabled Thermostat
But what about those of us with older systems? Fortunately, the majority of web enabled thermostat manufacturers have designed their units with us in mind. Instead of targeting the new HVAC market, they have built devices that can be used with any system, whether it is a heat pump, or an oil fired unit, there is a model for you.
The benefits are as mentioned before… Ability to control your system from a web browser, ability to control your system from a phone with either a web browser or an app loaded on it for that thermostat. Some thermostats feature the ability to control other devices, such as lighting, and some have the ability to sense a contact closure. You can see a graph of system usage and override scheduled events, as well as easily SEE the schedules, rather than paging through one day at a time as you do on older programmable thermostats. Some units feature alerts, should your system not cool or heat properly, which would be perfect for those who have unattended / vacation properties.
X-300 Thermostat Control via iPhone App
What about security? Can someone “hack” my home? Sure! Anything that is accessible via the internet could potentially be exploited by attackers, however, these devices are currently low-profile making them an unlikely target. Most of the manufacturers claim security through encryption of the data stream.
Where do you get one of these? Online vendors have a large selection of web thermostats, and your HVAC vendor probably has their favorite. Some quality brands are Ecobee, Control By Web, Schlage / Trane, Proliphix, BAYweb, among others. Which model is right for you should be based upon exactly what features you require. For instance, some have a Wi-Fi option to eliminate the CAT-V cable run.
Can I really recoup my investment? That remains to be seen. I am sure a $150.oo unit could pay for itself in a year or more if you are replacing a non-programmable thermostat, but for some of the higher end products, I’m thinking that realistically you are looking at a couple years… Your mileage may vary.
If you have any question about these, please email info@homelandsecureit.com, call 864-990-4748×201 or respond here! If you have one, tell us what you like best about them.
