Terms and Conditions
Please note that when accessing The F-Secure World Wide Web pages you agree to the following terms:
The contents of F-Secure World Wide Web pages are provided “as is” and “as available”. No warranty of any kind, either express or implied, is made in relation to the availability, accuracy, reliability or content of these pages. To the extent permitted by law, F-Secure shall not be liable for any direct, indirect, incidental or consequential damages arising out of the use of or inability to use these pages, even if F-Secure has been advised of the possibility of such damages.
Third Party Sites
This policy only addresses our activities from our servers. This web site contains links to web sites that are not under our control. We are not responsible for the content, commentary or applications of these web sites. We are providing these links only as a convenience and the inclusion of these links does not imply endorsement by us of the linked web site.
The contents of F-Secure World Wide Web pages are protected by international copyright laws © F-Secure 1994 – 2006. All rights reserved. Reproduction, transfer, distribution or storage of part, or all of the contents, including but not limited to pictures, design format, logo, audio clips, video clips and HTML coding, in any form without the prior written permission of F-Secure is prohibited. Any and all reproduction, total or partial, of the texts, illustrations, design format or logo by any means whatsoever, is illegal. Such reproduction requires the prior written consent of F-Secure. We protect our intellectual property rights to the full extent of the law. F-Secure” and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation.
All other trademarks mentioned in the F-Secure World Wide Web pages are the property of their respective holders. Nokia is a registered trademark and the Nokia OK logo is a trademark of Nokia Corporation. Nokia id-codes are a00014, a00015 and a00018. Symbian and all Symbian-based marks and logos are trade marks of Symbian Limited.
F-Secure is committed to ensuring the security of your information. To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, we have put in place appropriate physical, electronic, and managerial procedures to s afeguard and secure the information we collect online.
Any bulletin messages, suggestions, ideas, bulletin board postings or concepts that are submitted to F-Secure via this web site shall become, and remain the property of F-Secure. Furthermore, F-Secure is not responsible for the confidentiality of any information communicated to our web site. By communicating material to the F-Secure web site, you agree that F-Secure has the right to publish the material in products or publications for any purpose, including, but not limited to, advertising and promotional purposes. You agree not to take action against us in relation to material that you submit.
F-Secure reserves the right to modify the pages or deny access to them at any time. Amendments to this policy will be posted at this URL and will be effective when posted. Please visit us again for updates.
The following legal terms (“terms”) govern your right to use and access to F-Secure blog “Safe and Savvy” (“blog”) provided by F-Secure Corporation (“F-Secure”, “we”, “our”). By using or visiting the blog you have read these terms, understand them and agree to be legally bound by them. You also agree not to use the blog against these terms and specific instructions elsewhere in the blog. If you do not agree to all of these terms, or if you are below the age of twelve (12), you are not allowed to access, visit or participate in the community
Description and Purpose
F-Secure provides this blog as a service to its users and customers, to help them exchange ideas, tips, information, and techniques related to overall security related issues and to our services. This blog is here for the enjoyment and benefit of all members and accessible to all. The community of the blog, like any community, is most valuable when everyone obeys certain basic guidelines and rules for online behavior:
Posting and Prohibited Content
Use of the blog is at your own risk. Do not post any information, especially personal information such as addresses and phone numbers, that you do not wish to make public. Any information that you post to public sections of the blog can be obtained and used by others. You are responsible for any personal information you disclose to the blog. F-Secure or WordPress.com provided by Automattic Inc. (“Platform Provider”) is not responsible for third parties’ use of information posted on the blog and to the blog community. Users of the blog agree not to upload, post, or otherwise transmit any content that includes any of the following inappropriate content:
- Content that is: unlawful, libelous, harmful, vulgar, obscene, derogatory, pornographic, abusive, harassing, threatening, hateful, objectionable with respect to race, religion, creed, national origin or gender;
- Any private or personal information or content that is not your own or that you do not have rights to transmit, such as: address, phone number, personal email address, social security number and copyrighted content, trade secrets or securities
- Off-topic content not relevant to blog community purpose;
- Spam, such as advertising, promotion or solicitation, including chain letters, class action lawsuits, charitable appeals;
- Content or links to content that contains contaminating or destructive features that may damage someone else’s computer;
- Duplicate or excessively repeated submissions in one or more areas;
- Content designed to evade profanity or other filters;
- Hyperlinks to sites that violate the terms;
- Content used to impersonate another person;
- Content or behavior that violates any applicable laws;
- Content or behavior that interferes with the operation of the site or with another member’s ability to use the site;
- Evading site controls such as bans, or otherwise disregarding the directions of the site moderators or administrators
- Content that infringes copyrights or other intellectual property rights of third parties.
F-Secure may remove any information, in its sole discretion, including but not limited to personal data or data, material or content provided by any of the users, considered to violate the Terms or be inappropriate for the blog for any reason. F-Secure shall under this agreement have no obligation to monitor any of the material provided by you to F-Secure and/or to the blog community, but may do so at its discretion. F-Secure also retains the right to immediately revoke any and all of Your access rights in case Your breach of any of these Terms or suspected misuse of the blog.
To report violations, please contact the F-Secure blog team and include the blog-post/comment and the author-name in question: firstname.lastname@example.org
What You Need to Know About the Yahoo Hack
Reports that half a billion Yahoo accounts were hacked in 2014 "by a state-sponsored actor" were confirmed today by the tech giant. This hack of "names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions" is the largest in the company's history and one of the most consequential breaches of all time. Our security advisor Sean Sullivan told CNN what Yahoo users need to know right now: [youtube https://www.youtube.com/watch?v=kO-70yKF4bE] He also gave a longer interview to Data Breach Today about the wider implications of the hack. The most important takeaway from this attack is you should always use an extra layer of protection -- in this case Yahoo's two-factor authentication on all your accounts -- and never reuse any important password. Even though Yahoo's passwords stored your passwords with encryption, it's still possible for criminals to get access to them, especially if they are weak. A former Yahoo employee told Reuters that the answers to security questions were deliberately left unencrypted to help catch fake accounts more easily because fake accounts that used the same answers over and over. Sean always uses nonsense answers for so-called security questions so they aren't guessable by anyone who knows him or follows him on social media. He recommends you do the same. So what should you do now? Sean recommends you "walk, not run" to your Yahoo account to disable your security questions and change your password -- and change them on any other site where you've used them to something unique. Make sure you create non-human passwords -- not patterns like yahoo1985. Make them long and difficult to remember. If they're between 20 and 32 characters, they are nearly uncrackable, as our senior researcher Jarno Niemelä recommends. And to deal with all that complexity, use a password manager like our F-Secure KEY, which is free on one device. You can also store your nonsense answers to your security questions in there. Then turn on two-factor authentication, if you haven't already. If you're wondering who might have carried out such a massive attack, Sean does have a hypothesis. [Image by Christian Barmala | Flickr]
How to Create a Portable Hotspot on Android with VPN on
Many Android users (myself included) have long found it annoying that creating a working portable hotspot is not possible while using a VPN on the device that shares the connection. From the user interface to the lines of code that power the app behind it, a driving principle of designing Freedome has always been to make the kind of VPN that only makes your online experience better, without hindering it in any way. Tethering with VPN is now possible This is why we are extremely happy - both personally and for our users - to announce that our new Android release (out now on Google Play) makes it possible to have Freedome turned on while sharing your connection with other devices. We are also the first (as far as we know) major VPN provider to make this happen. Instructions on setting up a portable hotspot The new update automatically allows you to create a portable hotspot with Freedome VPN, so the instructions are fairly simple. Download Freedome VPN on your Android Turn on the portable hotspot feature from your Android settings Keeping it simple, as usual! A note on privacy It’s worth noting for the sake of your privacy that the tethered device’s traffic will NOT go through the VPN tunnel of the device sharing the connection. According to Freedome Product Development Director Harri Kiljander: “Android does not allow tethered devices access to the VPN tunnel. This is a deliberate choice forced by Android for security reasons. For instance, when using VPN to access your employer’s network, they might not want your friends and family there. Also a VPN tunnel shared with others wouldn’t really be a private network anymore” In other words, remember to use Freedome on laptops and any other devices you connect to your own hotspots with. If you have any questions, drop us a line on Twitter. Enjoy!
QUICK TIP: Change the Default Passwords on Your Webcams and Baby Monitors
If you don't want to read the manual for the new Wi-Fi-connected device you just installed in your home, do yourself a favor and at least check how to change the default password. A new report finds that more than 100,000 devices in the United Kingdom alone could be possibly be accessed by peeping strangers. How is this possible? "Two words," explains F-Secure security advisor Sean Sullivan. "Default settings." Most consumers don't seem to imagine that their baby monitor, web cam of Wi-Fi router might be targeted by a hacker. "That’s called security through obscurity and it just does not work," Sean explains. "There are 'deep-web' search engines --such as Shodan -- that routinely scan for devices on the Internet. And just about anybody can find interesting things there that shouldn’t be publicly accessible but are." Often all online intruders need to do is type in the password that the manufacture sent the device out with. "You need to change the webcam’s password to something complex and unique," he says. "Don’t worry about having to type it all the time, you’ll probably only need to configure the associated mobile app once. And then the app will remember the password for you." This one simple step will greatly reduce your risk of having your devices hacked. Still many of us won't do it. The time to get rid of this terrible habit of leaving default passwords untouched is now, before our homes become so overrun by Wi-Fi-connected devices that hackers begin to devote serious resources to this sort of intrusion and possibly find some convenient way to monetize it. So don't let your fear of not being able to remember the passwords for all these devices become the weak link in your security. "Once you’ve set your secure password, store it someplace safe for future use," Sean says. He suggests a using a password safe like F-Secure KEY or a piece of paper in a secure location in your home. Just don't store it anywhere in sight of a webcam that still is using its default password. [Image by DAVID BURILLO | Flickr]