Sandra@F-Secure

Follow me on:

latest posts from Sandra@F-Secure

Connected

Protecting yourself on the internet used to be a lot simpler -- mostly because you weren't always on the internet. Now we can be online from when we wake up until when we go to sleep. We seamlessly shift from chatting to shopping to banking -- rarely sticking to one device or platform for too long. Most of us aren't just a Mac or PC or an Android anymore -- we're all of the above. “I, and I think most people, have a cross-platform household – I use several different devices with different operating systems on a daily basis," F-Secure security advisor Sean Sullivan explains. The old paradigm of just protecting your PC or your phone can leave your devices exposed to threats. And even the best security software in the world won't protect your public Wi-Fi connection from being snooped on, possibly exposing your most private details, including passwords. That's why we've launched F-Secure total security and privacy, which combines F-Secure SAFE and F-Secure Freedome. F-Secure SAFE is a multi-device internet security suite that protects all your devices. Freedome is a VPN offers a simple way to encrypt your communications over public Wi-Fi and change your virtual location to access geo-blocked sites and services while blocking malicious websites and online tracking. You can still purchase F-Secure SAFE and Freedome separately. And there have been recent improvements to both, including: Silent upgrades that ensure SAFE is automatically updated Parental controls now available on all supported SAFE platforms Ability to create Freedome Wi-Fi hotspots with Android devices while VPN is turned on "Buying separate products to protect iOS, Windows, Macs and whatever else isn’t just expensive, but it means you have to get used to different pieces of software designed to do the same thing," Sean explains. F-Secure total security and privacy is now available for a free trial here. If you're a current SAFE customer, you can't upgrade to total security and privacy but you should receive a discount offer for Freedome. "Bundling protective measures into packages to run on different devices is more economical and more user friendly, both of which are good for security.” Cheers, Sandra [Image by Hans Kylberg | Flickr]  

September 27, 2016
webcam

If you don't want to read the manual for the new Wi-Fi-connected device you just installed in your home, do yourself a favor and at least check how to change the default password. A new report finds that more than 100,000 devices in the United Kingdom alone could be possibly be accessed by peeping strangers. How is this possible? "Two words," explains F-Secure security advisor Sean Sullivan. "Default settings." Most consumers don't seem to imagine that their baby monitor, web cam of Wi-Fi router might be targeted by a hacker. "That’s called security through obscurity and it just does not work," Sean explains. "There are 'deep-web' search engines --such as Shodan -- that routinely scan for devices on the Internet. And just about anybody can find interesting things there that shouldn’t be publicly accessible but are." Often all online intruders need to do is type in the password that the manufacture sent the device out with. "You need to change the webcam’s password to something complex and unique," he says. "Don’t worry about having to type it all the time, you’ll probably only need to configure the associated mobile app once. And then the app will remember the password for you." This one simple step will greatly reduce your risk of having your devices hacked. Still many of us won't do it. The time to get rid of this terrible habit of leaving default passwords untouched is now, before our homes become so overrun by Wi-Fi-connected devices that hackers begin to devote serious resources to this sort of intrusion and possibly find some convenient way to monetize it. So don't let your fear of not being able to remember the passwords for all these devices become the weak link in your security. "Once you’ve set your secure password, store it someplace safe for future use," Sean says. He suggests a using a password safe like F-Secure KEY or a piece of paper in a secure location in your home. Just don't store it anywhere in sight of a webcam that still is using its default password. [Image by DAVID BURILLO | Flickr]

September 22, 2016
search

Two of the top five sites on the internet are search engines, which makes a lot sense. We depend on them to find everything from the news to toothpaste to a place to eat dinner. According to internetlivestats.com, Google processes over 3.5 billion searches worldwide every day. Its rival Bing is rising to become the second largest search engine, accounting for 33% of all search queries performed. Now here’s the interesting part. Given these billions and billions of queries, can you be sure that all these search results 'harmless'? When you are clicking on a link Google, Bing or Yahoo! gives you, how do you know you are about to visit a site that is safe? You can't That's why you take simple precautions to make sure you don’t unintentionally visit malicious sites. The most convenient way to stay safe while using search engines is by using a free website safety rating service, such as F-Secure Search. F-Secure Search pre-screens the search results returned by a search engine and gives each result a safety rating. Harmful sites that try to violate your privacy or harm your device are clearly marked, so you know which sites are safe and which to avoid, even before you click on a link! Adult content is automatically blocked from search results, so you have peace of mind when your children are using F-Secure Search. Also, all communication between you and F-Secure is encrypted, so there’s no room for snooping. To help you keep both your personal details and your PC protected from malicious sites, simply go to search.f-secure.com and start using it today. You can also use F-Secure Search as the default search engine in your browser. And while we're you're thinking about surfing safely, take a minute to make sure your browsers are up-to-date. With a safe browser and safe results, you'll be surfing safer than ever.

September 12, 2016
Back to School devices

When it comes to technology, students are more connected than ever. But there also seems to be a serious disconnect between what kids and parents think about teens online activity. A recent survey of online teens conducted for the Cybersecurity Alliance found that 6 of 10 students had created social media accounts without their parents knowledge. But only 28 percent of parents suspected their offspring had secret accounts. This suggests a lot of parents are just plain oblivious of their kids' online sneakiness. And other findings are equally troubling. While two-thirds of parents expected their kids would report any online incident that made them uncomfortable, only one-third of students said they would report such incidents. And just under half of the teens said they'd seek their parents help for problems online compared to the 65 percent of moms and dads who expected their teens to share their online problems with them "most" or "all the time." This confusion between what teens and parents think about online conduct suggests that parents need to be more proactive in preparing their kids for the challenges of having access to the world through devices that fit in our pockets. One strategy is to establish a history of discussing technology with you by racking as many positive interactions related to online life before your kids are faced with a crisis. The better they feel about talking to you about tech, the better chances they'll reach out to you when they're facing a real crisis. What's a better excuse to talk technology than when you're send your kid back to school? Here are few topics of discussion to consider before the first class begins. Parental controls If you're worried about the content your younger kids can see as they use the family PC, you can manage that through parental controls feature. This gives you a chance to explain that you want to protect them from inappropriate sites and strangers so you can feel confident about them having fun the web. But parental control doesn't just have to be a negative. The power to control your kids' time online, means you can also set up online reward time -- such as an hour or two when homework is done. Apps Downloading an app to your mobile device could mean you're inviting strangers to access your phone. Some apps may demand access to your kid’s camera, microphone, contacts and photos. Use the Application Privacy feature to go through your apps together to see what kind of permissions are being accessed. Reviewing privacy settings of social networking sites also provides a chance for your kids to ask questions or express concerns. Privacy There are several apps your kids can use to make sure a mobile device's data stays private, even if it gets lost. You can use Android's locate, lock and wipe feature to help find a misplaced device or to delete all personal data in a worst case scenario. Make sure your kids know that connecting over "free Wi-Fi" can expose your data and possibly even your passwords to strangers. Avoid that by connecting via mobile networks or by using a VPN app. Also make sure that they lock their devices using an unguessable code. Security hygiene Some parents need basic security reminders as badly as kids do, whether they're just getting online or heading to university. So remind yourself and your kids to use strong unique passwords for all their most important accounts. Your passwords shouldn't use any words from the dictionary or anything someone could guess by looking at your social media. Remind them that "free" online is almost always a bad sign. Don't click on links and attachments in emails that you weren't expecting. And remind your kids that anything they post online, even on sites that promise to delete things after twenty-four hours, could be seen by anyone -- even your parents. An open and honest conversation reduces chances that a uncomfortable situation online will become a crisis. So before your kids go back to school, start talking about how important it is to you that they connect safely, especially when you're not watching them.  

August 30, 2016
iCloud Hack
groupmeeting

When news broke that Facebook was at least temporarily using users physical location to suggest real world connections, a strategy that has been employed by the NSA, the backlash was sharp.  It wasn't difficult to imagine scenarios when identities could be inadvertently and uncomfortably revealed through group therapy, 12-step meetings or secretive political movements. The world's most popular social network quickly said it would not continue what it called a small-scale test nor roll the feature on a wider scale in the future. But Facebook is still using your location data for other purposes, Fusion's Kashmir Hill reports: We do know that Facebook is using smartphone location for other things, such as tracking which stores you go to and geotargeting you with ads, but the social network now says it’s not using smartphone location to identify people you’ve been physically proximate to. Hill notes that using location to match users up, thus acting as a tool to reveal the identity of nearby strangers, might violate Facebook's agreement with the Federal Trade Commission . So you should expect that your location -- like everything you do on Facebook -- is being used to turn you into a better product for its advertisers. That's the cost of using a "free" site but you can limit your exposure a bit by turning off location services for Facebook on your phone. Here's very simple instructions for turning off location services on your Facebook and Facebook Messenger apps on your Android of iOS device. Do you mind if Facebook uses your location to suggest new friends? Let us know in the comments. [Image by Lwp Kommunikáció | Flickr]

June 30, 2016
Juhannus

In Finland, there is this thing called juhannus. A few years ago, our former colleague Hetta described it like this: Well, Midsummer – or juhannus – as it is called in Finnish, is one of the most important public holidays in our calendar. It is celebrated, as you probably guessed, close to the dates of the Summer Solstice, when day is at its longest in the northern hemisphere. Finland being so far up north, the sun doesn’t set on juhannus at all. Considering that in the winter we get the never ending night, it’s no surprise we celebrate the sun not setting. So what do Finns do to celebrate juhannus? I already told you we flock to our summer cottages, but what then? We decorate the cottage with birch branches to celebrate the summer, we stock up on new potatoes which are just now in season and strawberries as well. We fire up the barbecue and eat grilled sausages to our hearts content. We burn bonfires that rival with the unsetting sun. And we get drunk. If that isn't vivid enough, this video may help: [protected-iframe id="f18649f0b62adf8eb1ec638fa5066050-10874323-9129869" info="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2Fsuomifinland100%2Fvideos%2F1278272918868972%2F&show_text=0&width=560" width="560" height="315" frameborder="0" style="border: none; overflow: hidden;" scrolling="no"] And because the celebration is just so... celebratory, it's easy to lose your phone. So here are a few ways to prepare yourself for a party that lasts all night. 1. Don't use 5683 as your passcode. That spells love and it's also one of the first passcodes anyone trying to crack into your phone will try. So use something much more creative -- and use a 6-digit code if you can on your iPhone. You can also encrypt your Android. 2. Write down your IMEI number. If you lose your phone, you're going to need this so make sure you have it written down somewhere safe. 3. Back your content up. This makes your life a lot easier if your party goes too well and it's pretty simple on any iOS device. Just make sure you're using a strong, unique password for your iCloud account. Unfortunately on an Android phone, you'll have to use a third-party app. 4. Maybe just leave it home. Enjoy being with your friends and assume that they'll get the pictures you need to refresh your memory. And while you're out you can give your phone a quick internal "clean" with our free Boost app. [Image by Janne Hellsten | Flickr]

June 22, 2016
glitternailpolish

All the software security in the world won't protect your laptop if someone swipes it, compromises it with malware and then returns it to you without you ever noticing. So if you must travel with your laptop in places you don't feel 100 percent secure, you should consider traveling with glitter nail polish. Yes, it must be glitter nail polish. Here's why. A few years back, two security researchers presented a tactic to combat what's known as "An Evil Maid attack" that's more effective than simply applying a tamper-proof sticker on your laptop, since those stickers aren't as "tamper-proof" as you might imagine. "The idea is to create a seal that is impossible to copy," Wired's John Borland writes. "Glitter nail polish, once applied, has what effectively is a random pattern. Once painted over screws or onto stickers placed over ports, it is difficult to replicate once broken." Then you take a picture before you leave your machine and another when you return. It would be ideal if you don't take any other pictures while you're out so you can easily do a side-by-side comparison. It's a technique the researchers borrowed from astronomers who study the night sky. Of course, this isn't a fail-safe system that keeps hackers out. It lets you know if they've been in, so you don't exacerbate the breach by continuing to use the PC. "And a few bits of advice from a seasoned glitter polish user: Make sure to let it dry before you take the photo, or the glitter could move if it’s disturbed and upset your carefully documented pattern," Motherboard's Victoria Turk writes. "I’d also advise against painting it directly onto your devices as it’s sticky stuff and difficult to remove (and I wouldn’t want to get nail polish remover—effectively paint stripper—too near any expensive parts). Painting the glitter onto a sticker (that you can't cleanly peal back and replace) might be a good solution." Opsec -- or operational security -- is both an art and science. It's almost impossible to do perfectly, but if you're protecting high value data and need to be abroad this technique may come in handy.

June 9, 2016