Key tips to keep your wireless network safe
Most people set up their routers using the provided quick install guides, and then forget about them for good. And we can’t blame them for that, newer routers are designed to make the entire installation process as painless as possible.
It is true that most routers need to be restarted every now and then, though. To be on the safe side, consultants at data-alliance.net recommend restarting your router on a weekly basis, because this will clean up your device’s memory, making it run faster, as well as help you get rid of router-based malware.
Unfortunately, many routers are left unpatched for years in a row, and this causes lots of security-related issues. There are two main types of threats: hackers and malware. Most hackers will use specialized tools - and many of them can be downloaded for free from the Internet - to scan a broad range of I.P. addresses on the web, looking for vulnerable devices.
If your router doesn’t have the most recent firmware patch applied, it may be vulnerable. And even if your router is properly patched, it may get infected due to a zero-day vulnerability, a software flaw that may be known to the router manufacturer, but hasn’t been patched yet.
There is an even darker side of the story: some manufacturers stop providing patches for their routers as soon as they aren’t profitable anymore, because they are only interested in promoting their new products. So, if your router can’t be patched, it may be time to purchase a new one. The problem is even more serious if the device is provided by your Internet service provider; very few ISPs have an active router patching policy.
But even brand new routers can be vulnerable, without the manufacturer knowing about it! A router is basically a small computer, which runs its tasks using a dedicated operating system. Often, modern routers have a faster CPU, more memory and an improved O.S. But this doesn’t mean that the entire operating system has been rewritten from scratch! The router O.S. will continue to use several of the existing software libraries (DLLs, etc.) and some of them may be vulnerable. And to save time and money, some of the manufacturers use publicly-available libraries, open source components that may have security flaws as well. So, there are many reasons why even a brand new router can get infected.
It goes without saying that cheaper routers are often more vulnerable; they utilize low-end components and lots of publicly available software libraries. Many of these $30 routers use customized versions of the Linux O.S. which haven’t been patched in years!
Still, the biggest problems are caused by people who aren’t tech savvy; truth be told, most of us fall into this category. Many people are happy to leave the default router settings as they are, and this will make their routers vulnerable. Hackers maintain up-to-date lists with the default router admin and Wi-Fi passwords; if you haven’t changed the default passwords, they’ve got two different vectors of attack, so they will quickly compromise your device.
To make things even worse, some routers use predefined passwords that are printed on a sticker that’s located on the back of the router; this means that your Wi-Fi password can be quickly discovered by any person who can get access to your device – even for a few seconds!
Once that your router is hacked or gets infected with malware, it can be utilized by cyber criminals for their nefarious purposes. Often, hackers will use infected devices to launch Distributed Denial of Service (DDoS) attacks, targeting large business and/or government servers. This way, the origin of their illicit activity will appear to be the infected router (your I.P. address).
Some cyber villains will also try to infect your router because they are interested in getting access to your data - mostly to your financial information. And once that they’ve gotten access to your device, hackers can utilize DNS redirections to steal the log-in details for your online banking account.
Sadly, cyber criminals have built dedicated sites and forums where they share common router vulnerabilities and software that makes it easy even for “script kiddies” to run devastating attacks over the web. Therefore, it makes a lot of sense to keep your router properly patched and update its passwords on a regular basis.
How to safeguard your online accounts
Did you know that an 8-character password, which was considered secure only a few years ago, can be broken by a supercomputer in only 2-3 minutes? It is true that very few people own a supercomputer, but most cyber villains can easily rent a computer farm, the equivalent of that expensive supercomputer, for pennies.
So, if you want to safeguard your online accounts, ensure that the passwords that you are using for each one of them have at least 12 characters. It is essential to use a different password for each account; cyber criminals have dedicated tools which can easily check if the password for your hacked email account is the same that you are using to access your online banking account, and so on.
You should stay away from commonly used passwords, of course. If you utilize something like "monkey123" to secure one of your accounts, you should change it right away. Cyber criminals use huge dictionaries that will surely include words like "monkey", "password", and so on, combining those words with numbers and testing millions of different combinations per second. So, even an apparently strong password such as "rabbit46cage" is not strong enough for today's computers.
To increase the security of your accounts, use passwords that combine a great variety of symbols; here's an example that is almost unbreakable: 0-$33_2sW@2$R2!. Yes, a password like this is very strong, but almost impossible to remember, so you may need to use a good password manager like 1Password or LastPass to store it. For complete peace of mind, change all your passwords every six months or so.
Don't forget to utilize the already available protection methods which are provided by the site that you are trying to access. Few people know that most popular cloud-based email services allow their users to utilize an SMS-based two-factor authentication (2FA) security mechanism. To activate it, log into your account, go to "settings", and then click the 2FA checkbox. You will have to input your phone number, and then you will receive a confirmation message. From now on, you will be sent an SMS which includes a one-time code that must be used in conjunction with the password anytime you want to access your account.
Be sure to close all the online accounts that aren't used anymore. Unused accounts will get hacked quite often, and hackers may be able to use them to get access to your other accounts. If something looks fishy (you see a tweet that you don't recognize in your timeline, for example) it is wise to check your recent account activity. Sometimes you will discover that a new application has gotten access to your account; if this is the case, revoke its access and change the account password as quickly as possible.
It is true that some mobile apps may need access to your Facebook account, for example; still, since many of these apps are often poorly coded, you should keep their number to a minimum if you value your privacy.
Install and use a good antivirus; without it, your devices will be in great danger. Very few people choose to install virus protection software on their mobile devices; they tend to believe that mobile operating systems are more secure, but you shouldn’t make the same mistake. It has been proven over and over that both Android and iOS are vulnerable.
Don't forget to keep the software that you are using updated. I am talking about the operating system, the installed applications, your smartphone's O.S., all the mobile apps, and so on. And since most software has auto-update capabilities these days, it shouldn't be that hard to keep all your programs up to date.
Sometimes it may not be your fault, though. Lots of accounts are broken into because the websites that store the information get hacked. Over 1,000,000,000 (yes, one billion!) login credentials leaked a while ago, and the only thing that can be done about it is to change the affected passwords as quickly as possible. To see if your accounts are affected, go to haveibeenpwned.com, and then input your email address into the "pwned?" field; you will get detailed information regarding all the breaches you were pwned in, including info about the compromised data.
As you can see, keeping your online accounts safe isn't an easy task. Still, if you apply the tips above, you shouldn't have any problems.
Beginner's guide to VPNs
Virtual Private Networks can seem complicated, but they are really easy to use. This guide will show you everything you need to know about VPNs, including their pros and cons.
For starters, VPN services can be free or paid. Allow me to make a bold statement here: free virtual private networks are useless, and may even harm your smartphone or computer. Just think about it for a second: an individual has set up a dedicated server just for you. Then, he has coded a VPN application just for you. He pays $100 per month (or so) to host his server, and he gives you access to his VPN service forever, for free. Why would a sane individual do that?
Often, the answer is very simple: the guy wants to get access to your personal data. People who connect to a VPN service think that their data is safer this way; that's why virtual private networks were invented in the first place, right? However, as soon as you connect to an online banking account, the VPN owner will get access to your log-in details as well. I'm not saying that this is the norm, but it makes a lot of sense to stay away from free VPNs.
But how do VPN services work in the first place? As you already know, the core component of the traffic encryption mechanism is a virtual private network server. Let's pretend that you are traveling to Europe and want to access your US-based Netflix account. And for some strange reason, Europeans don't have Netflix accounts (this isn't probably true, but bare with me). So, how will you be able to watch the latest episode in your favorite drama series? By using a VPN service, of course!
Through a dedicated software application, your computer will connect to the VPN server, which is located in the US, and will reroute the traffic to the target American site. You shouldn't use this method to access Netflix while you are away, of course, because it may be illegal to do so; I'm just using this example to show you the inner works of a VPN service.
By using a virtual private network, your I.P. address on the Internet can be anything you want! You can pretend that you are from China, France, or any other country you can think of, provided that the VPN service provider has servers in that particular country.
However, the biggest advantage is the fact that you can keep all your web activity private. This means that you could even use public Wi-Fi hotspots without fearing that your data will be intercepted – at least in theory. In a nutshell, VPNs will significantly diminish the risk of having your private information intercepted by third parties.
Still, as I have already mentioned in the beginning, you shouldn't trust your VPN operators fully, because they can snoop on your data as well. Maybe they aren't interested in getting access to your credit card info (and this is often true with paid virtual private network providers) but they may spy on you to see what sites you are accessing, and then sell the info to advertisers.
Not only that, but VPN service providers utilize a great array of data encryption mechanisms for their servers. Some of them even brag that they support PPTP, L2TP, SSTP, and so on, but most of these protocols are considered to be insecure by today's standards. So, be sure to choose a provider that runs his servers using OpenVPN, a data transmission protocol that is open sourced, so it doesn't include any nasty code, and is maintained by a responsible team of developers.
HTTP vs HTTPS: the battle for online security
HTTP, the acronym for Hyper Text Transfer Protocol, is the name of the encryption method that's utilized by Internet browsers to connect to the target servers. The extra "S" signals the secure, updated version of the protocol, which creates an encrypted data communication channel between your device and the website that you want to access. As you can probably tell, this is the best option for people who need to protect their online financial transactions, for example.
More and more websites utilize HTTPS these days; your browser's URL bar displays a padlock anytime you connect to a site using the secure version of the protocol. So, let's explore how does HTTPS work, and if it is able to prevent our data from falling into the wrong hands.
Websites utilize either the SSL (Secure Sockets Layer) or the TLS (Transport Layer Security) data encryption mechanisms. Both systems make use of an asymmetric Public Key Infrastructure (PKI) system, which works using a public key and a private key. The data that goes back between the server (the target website) and its client (your browser) is either encrypted using the public key and decrypted with the private key, or it’s encrypted using the private key and decrypted with the public key. I understand that the process may sound confusing, so here’s a detailed explanation.
The private key consists of a series of symbols that are generated by the web server. This key is not shared with anyone. On the other hand, the public key is supposed to be shared with all the clients that want to decrypt the information on the server.
Whenever the browser that is running on your device (the client) tries to connect to the server, the target website will send you the public key, which is embedded in an SSL certificate. There is an initial data exchange (a "handshake") which helps establish a secure data communication tunnel between the two digital entities.
While all the data that is sent back and forth using HTTP is unencrypted, the secure version of the protocol ensures that all the information that is exchanged between the client and the server can't be decoded even if an attacker manages to intercept the encrypted data.
So, you can see why websites that utilize the HTTPS protocol by making use of SSL certificates offer a huge advantage. They allow online store owners to keep their customers' credit card information safe, and this will boost their clients' trust. Most modern browsers display a "Secure" label in the URL bar anytime you access a website that makes use of the HTTPS protocol. But does this solve the data privacy problems for good?
The truth is that the "Secure" label can be a little misleading. People who are visiting "secure" sites can still be targets for hackers, because some of the content on the destination website may be infected with malware. Therefore, HTTPS-based sites will only stop villains who want to intercept the data while it is transiting the web, people who want to snoop on your confidential information using man-in-the-middle attacks.
However, HTTPS-based sites may be infected as well, and this means that your connection to them isn't that "secure". Don't get me wrong, HTTPS is necessary, but it's just a basic protection layer, because the content of the website that you are visiting may be dangerous. A cybercriminal may even set up a site that uses the secure version of the HTTP protocol to deliver infected software, for example, and your browser would label his/her website as being "secure".
Statistics show that over 80% of the websites in the entire world utilize the HTTPS protocol. It's a good move, and it makes hackers’ jobs much harder. Still, we shouldn't consider HTTPS to be a silver bullet, at least not yet.
Top 10 ways to increase smartphone battery life
It's quite sad, but most of us are used to charging our phones each and every night. I'm not talking about the lucky Galaxy Note 9 users, who can get their devices running for 2 and even 3 days in a row, of course. And yet, there are several things that you can do to double battery life on most phones. Here are the most effective tips.
1. Reduce screen brightness. It's not a secret that your phone's screen can use a lot of energy. And since most manufacturers tend to release smartphones that incorporate larger and larger screens, battery life can only get poorer. Fortunately, you can enable your phone's auto-brightness feature to significantly reduce power consumption. Then, turn the screen brightness down to the lowest acceptable value.
2. If your phone utilizes an OLED screen (and most modern phones use one) switch to a dark mode user interface. Organic Light Emitting Diodes consist of individual light sources which can be turned on or off for each pixel. This means that the screen won't use any energy if all the LEDs are extinguished. As you can imagine, phone manufacturers are aware of this feature, and have taken advantage of it by creating those "always on" displays, which utilize a dark background and only a few less lit pixels. This way, the energy that's utilized by the screen is almost zero. You can apply the same idea and save a lot of power by activating the dark mode for your phone's user interface, as well as for all the applications that support it.
3. Having a small screen timeout value will help as well. Most phones have a default value of 1-2 minutes, but you can get more juice out of your device's battery by setting the timeout value to 10-20 seconds.
4. Turn off Wi-Fi if you aren't using it. There are applications such as Tasker which can do that for you automatically. Wireless radio chips are serious battery drainers, so ensure to keep them off when your phone uses mobile data.
5. Disable your phone's GPS. It can be tremendously useful while you are traveling, but it will kill your battery really fast.
6. Stop the applications that run in the background at all times. As you already know, some of them really need to be loaded at startup, but most apps (games, for example) don't need this permission, so turn it off.
7. Get rid of the apps that you aren't using anymore. By doing this you will free some memory and storage space, and this move has the potential to increase battery life as well. Keep an eye on the social media apps, which want to connect to their makers' servers regularly, and thus waste precious battery juice.
8. Be sure to turn off all the notifications that don't interest you. Your battery loses some energy anytime you hear a sound or see a blinking light.
9. Enable your phone's power saving mode. Some manufacturers provide crazy battery saving settings, which set the screen brightness to 5%, and so on. Settings like these are crazy indeed, but they may work fine for you, so be sure to check them out.
10. Kill your phone's vibrating motor! Use a classic ringtone, which draws much less power, because it only needs to move a tiny membrane, instead of rotating a considerable weight (for such a tiny phone).
These are some of the best tips that can be applied by any person who is interested in boosting battery life. And the best part is that you can test them all in less than an hour, so why not do it today?