Personal and Small Business Security, Class 1 Notes

Agenda

•       Cover Syllabus (in general, will try to mix up theory and practice more than suggested in the syllabus; will skip around)

•       Workgroups:  (Pretest)

–      What are the security threats that you should consider in assessing your security risk (eg, password strength)? 

–      What are the benefits of cybercrime to the criminals (eg, manage your browser search results for their benefit)?

–      Rank:  $ and “pain to fix to you”

•       Course Objectives

•       Some Quotes

•       Magnitude of Problem

•       Course References

•       Using the Blog

Course Objectives

•       Familiarity with

–      Vocabulary of IoT Security as both cybersecurity and personal security

–      IoT Ecosystem

–      Threats

–      The Darknet business model and tools

–      Your best practices (and risks of ignoring them)

•       Using the internet to answer your questions

•       Each person develops your personal security plan based on the risks you are accept; that is, you make an educated choice regarding risk of, for example, using the same password across multiple web sites

•       Each person develops a plan to periodically reassess your security plan

Some Quotes

•        “99.9% of exploits are possible because organizations don't address basic security hygiene? The fact is that a lot of households industries focus on the wrong things, often using security strategies that are fundamentally flawed and ultimately do not provide the right sort of protection they need. (Global Risk Community).” 

•       As originally written, this quote pertains to web sites you use.  What it says is that most web sites have security issues because management chooses to ignore or downplay them.

•       “Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

(March 7, 2017)

Magnitude of Problem

•       $1.2 Billion loss on Ransomware in 1 year (Vimeo.com)

•       Worldwide loss

–      2007:  $13 Billion (computereconomics.com)

–      2015:  $400 Billion (expandedramblings.com)

–      2015:  increase in cyber security incidents, 2014 to 2015:  38% (expandedramblings.com)

–      Top means of cyber attack, 2016:  phishing and malware (top for 8 consecutive years) (expandedramblings.com)  But! Doesn’t include cyberattacks from inside the network (through kids, USB drives, smart devices) and doesn’t include Botnets insertions

–      Is NSA or the Govt spying on you? Embedded on your device, etc (Vault 7)

–      “While the exact cost of these attacks has not been revealed, DDoS attacks in general are estimated to cost businesses an average of $22,000 per minute, with the cost ranging as high as over $100,000 per minute.  With the average DDoS attack lasting six hours, the financial impact can be enormous.” (Sonicwall)

–      DDoS is growing exponentially because IoT is a prime target for bots

•       Security Issues with Smartphones are ramping up- not really measured yet!

–      Screen overlays steal login data

–      Ad fraud malware on rise, with under-the-radar attempts to gain root access

–      Many more apps available “in the wild” outside the Play Store.  These are not safe and install malware that replicates and replicates

Course References

•       The Ask Leo! Guide to Staying Safe on the Internet

•       Google search essentials

•       Guide to Google Tools

•       https://leetlinktips.blogspot.com  (demo:  how to use the blog)

Examples of “Things”

•       Cloudpets http://www.cloudpets.com:  0.82 million users’ voice messages to their children

•       Security and child monitor cameras

•       Alexa and other “personal assistants”

•       Health monitoring and immediate reaction equipment (heart, diabetes, sleep disorders)

•       Trash can monitors that check on whether a household is recycling (!) or check on when a trash receptacle is full.

•       Dash:  Amazon tool that reads bar codes in order for users to easily order; includes voice recorder (ala Alexa)

•       Connected egg tray:  monitors number of eggs left

•       iCPooch:  device that provides direct real time and recorded communication to your pets (so they won’t feel lonely while you are gone)

•       Fitness devices, including for dogs!

•       Secure pet door monitor:  pet door opens only for those pets wearing an ID and tracks use

•       Refrigerator monitor:  Alarms to your mobile device if there is refrigerator problem

•       GoPro camera

•       Next generation Google Glasses:  Safety glasses that monitor your environment, provide instructions and safety warnings as you do tasks; eg, home repairs to refinery blowout containment

•       Window shades

•       Your smart TV

•       Your smart phones

•       Vehicle control systems

Tools and References for IoT Security

•       References available through this site

•       Google search (using safety extensions)

•       Have you been hacked:  web sites that check your id

–      https://haveibeenpwned.com/

–      http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

•       Very Technical, Authoritative

–      NIST IoT Security Framework and Initiatives

–      SANS Organization

–      Bleepingcomputer.com:  Use if you have a security problem or even some other problem.  (Techie)

•       Not so Techie

–      Kim Komando https://www.komando.com/

Lastpass

•       Password manager, owned by “Log me in!” https://www.lastpass.com/how-it-works

Homework

•       Either print out or download the pdf and read Part 1 of “Staying Safe on the Internet”

•       If you have a computer or laptop, install Lastpass on it

Vocabulary of IT Security

As background for the security course I am teaching, I am going to be building a vocabulary of terms related to IT security.   Below is my first draft of that vocabulary.  I will continue to update this blog entry with new terms and words as the course proceeds.

Antivirus Software

Most Internet users are well aware of these programs since nearly every computer sold today provides at least short – term access to this type of software. In a nutshell, these programs protect your computer from Internet viruses or codes that can quickly disable your computer (or an entire network). When functioning properly with all necessary updates, this software will constantly monitor your computer to prevent viruses from “infecting” it; (Global Risk Community)

Attacks

People stage intentional active and passive attacks while trying to bypass computer security controls. During an active attack, the perpetrator tries to alter a system’s data, resources or operations. However, a passive attack simply involves trying to access and use a computer system’s information –without trying to alter its resources, operations or data; (Global Risk Community)

Back Door

Sometimes used interchangeably with the term “trap door,” a software or hardware designer makes ones of these to allow herself (or privileged others) to circumvent computer security; (Global Risk Community)

Blended Threats

Hackers or cyber terrorists who approach computer networks using blended threats are trying to maximize the damage they can inflict by using different traits of both viruses and worms. For example, an attacker might try to send out an e-mail virus with a Trojan horse embedded in an HTML file. Past examples of blended threats include both Bugbear and CodeRed; (Global Risk Community)

Bots

A person attacks your computer with a bot – or remote control agent – by bypassing your firewall and antivirus software. Once installed on your computer, a bot becomes part of a bot network (botnet) that the hacker or bot owner/bot herder can then manipulate at will. Bots can install various types of spyware (or malicious logic) on your computer, allowing the bot owner to take it over whenever it’s connected to the Internet. Some people use the term “zombie” interchangeably with the term “bot;” (Global Risk Community)

Cloud

All aspects of the internet- servers outside your direct control.

Cybersecurity

“The activity or process, ability or capability, or state whereby information and communication systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation;” (Global Risk Community)

Denial of Service (DoS)

A malicious bombarding of a server with such a large number of requests for service that the server is can not respond to any request for service.

Distributed Denial of Service (DDoS)

A DoS attack arising from many concurrent attackers

Encryption

“The process of translating plaintext into ciphertext.” Unencrypted data is called plaintext while encrypted data is referred to as ciphertext. The two main types of encryption are referred to as asymmetric and symmetric

  

Firewall

“A capability to limit network traffic between networks and/or information systems.” In other words, it’s “A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized;”

Gateway

A “logical” bridge between two computer networks; often a physical link with wires involved.

Hacker.

An unauthorized user who seeks to maliciously disrupt, surreptitiously use, or

http: 

a standard communication protocol used on the internet.  Messages are sent as plain ext (even if formatted in fancy ways; the formatting is reconstructed at the receiving end using “tags” that defining the semantics and format of the message.  (You might see <{some tag name}> in messages you receive.)

https: 

communication between your browser and the web site are “secure.”  It doesn’t mean that the communication is stored secure at either end. Web browsers such as Internet Explorer, Firefox and Chrome also visually display a padlock icon in the address bar

https SSL Certificate

Generally, https works by encrypting the message.  To unencrypt the message, two keys (random numbers) are needed.  One is the public key, which is sent with the message, and one is the private key, which is maintained on the receiving end of the transaction.  The sender gets the public key to send back to the receiver by getting the public key from the receiver.  This is called the https certificate.

Internet

A constantly growing number of computer users regularly communicate with each other via this worldwide global network. In fact, there were 3.5 billion Internet users as of the beginning of 2016; (Global Risk Community)

Intranet

“A network based on TCP/ICP protocols (an internet) belonging to an organization, usually a corporation, accessible only to the organization’s members, employees, or others with authorization.” A special firewall is designed to protect an intranet website from those unauthorized to use it; (Global Risk Community)

Intrusion Detection System

Classify traffic based on patterns on a network or in a devices based what would be observed in malicious activity.

A Keylogger

This type of harmful or malicious program is used to infiltrate your computer to record information about all of your computer keyboard activities, including all Internet browsing activities, e-mail usage and instant messaging communications; (Global Risk Community)

Malicious Code

This refers to any type of software that’s installed in your computer (system) and can perform unauthorized activities. Malware is a similar term that refers to malicious software created to damage, disrupt or even possibly destroy a computer (system) with viruses, Trojan horses and other harmful programs; (Global Risk Community)

Malware

See Malicious Code

Network Forensics

Tests and techniques used to detect cybercrimes and potential exposure to cybercrime on a network. This can take three forms depending on the timing:  (1) Activities that occur before a cybercrime begins; (2) Activities that occur when a cybercrime is occurring; (3) Activities that occur after a cybercrime has been detected.  Tools and techniques include:

• Penetration Testing
Verify/troubleshoot questionable transactions
• Analyze overall network performance
• Identify low-performing segments
• Verify VOIP or video traffic problems
• Operation of Intrusion Detection Systems

Penetration Test

A controlled attempt, know to the owners of the devices, to access and control devices

Phishing

These Internet scam programs often contact unsuspecting people via e-mail, urging them to visit fake websites designed to look like those run by well-known banks or other financial institutions. Perpetrators then try to obtain private information by telling users it’s time to update their account passwords or usernames. If unwitting people comply, all types of fraud, including identity theft, may result; (Global Risk Community)

Rootkit

tbd

Spyware

This type of software is installed on a network of computers without the owner’s knowledge. Its main purpose is to gather personal/group information and communicate it to an unknown third party. Spyware can monitor your activities and even pick up critical information like credit card numbers, usernames and passwords; (Global Risk Community)

Trojan Horse

This type of harmful computer program can be easily installed on your computer while you’re downloading unknown programs or files off the Internet (or simply opening up unfamiliar email attachments). A Trojan horse will nearly always damage your computer in some way; (Global Risk Community)

Virus

A computer virus is harmful “software” that attaches itself to other programs in order to impair or destroy a computer’s ability to function normally; (Global Risk Community)

VOIP

Acronym for "Voice Over IP," which means using the internet for transmitting your land line phone communication.

White Hat

A security role assigned the job of testing the security of a system or organization, or publish the results of generalized testing, revealing vulnerabilities.

Worm

This is an independent program that replicates (reproduces) from machine to machine across network connections, often clogging networks and information systems as it spreads. (Global Risk Community)

Zero Day Attack

Are You Being Spied On by Your ISP?

IMHO, Leo Notenboom is up there amongst the best tech writers in the IT education industry.  Beyond just clearly communicating the technical stuff, his writing style is as close to Strunk and White (google them) as I've seen.  

I could just point to this article by a link, but I am teaching a security course this term, so I want to make this particular article readily available to my students.  So, with appropriate citation, here is a really great article on overall security of your stuff on the internet.  Especially read the VPN information.  

Note that he really doesn't mention that your VPNed data really isn't secure unless the VPN server is the "end point" of your communication.  For example, for work you might communicate via VPN.  The object of your communication is a server in your company and it is the end point for your VPN.  So your message is encrypted all the way to the end point and it is up to your company to preserve your security.  If you are using a public VPN and your target end point is not the VPN server, then your message can end up unencrypted when it leaves the VPN.  Better use a completely private server, either set up by you (that's fun) or one of the many companies that have popped up to provide end-to-end security.  Note that, normally Google Drive and iCloud would fit the bill, except they are big companies that could have generic filters set up around the encryption step.  I really don't think us run-of-the-mill users have to worry about that.  So use, for example,Google Drive or sign up for Google GSuite for an even more secure environment ($5/mo or about $50/yr).   (Be sure you've encrypted your own computer, which is both a source and repository for your documents.  Use Window's free BitLocker or Apple free Filevault to do this.  Your smart devices should also be encrypted with their bundled encryption software.)

View Online: https://newsletter.askleo.com/current-newsletter/

Newsletter FAQ & administration

How Do I Protect Myself from My ISP?

(skip)

I know you'll think I'm nuts, but I'm absolutely convinced my ISP is snooping on what I do and reporting it to the government. I know you said my ISP can see everything

, but … how do I stop them?

This is a composite question crafted from the many variations on the theme that, over the years, keep coming from time to time.

While I don't actually think people are nuts, I do think that 99% of the time, they are mistaken, misled, or misinformed.

The 1%, however, can be all too real for some people.

Your ISP really doesn't care

For at least 99% of internet users: your ISP doesn't care what you do, where you go, or what you use their connection for. You and I just aren't that interesting. No one is watching you. No one is monitoring your online behavior. No one is updating your "permanent record" with your digital exploits.

If you look carefully at the terms of service you probably agreed to when you established your internet connectivity, you'll probably see there are a couple of things your ISP does care about – the most blatant being excessive use for whatever account type you have. So, in that sense, they might be keeping loose track of how many bytes you upload or download over some period of time. If you exceed some threshold, they might tap you on the shoulder and ask you to slow down, or pay more, or in the worse case, find a different ISP. Or they might just slow your connection.

But chances are they're not looking at what you're doing – just keeping an eye on how much.

Your ISP may also respond to complaints about your usage, some of which we'll see next, but it's not something they proactively look for. They have better things to do with their time and resources.

When your ISP does care

There are some things an ISP might choose to care about – either on their own, in response to complaints, or at the request of others.

• Large media companies might ask your ISP to track large downloads to identify people downloading copyrighted material.
• If they suspect you are involved in some kind of criminal activity, law enforcement agencies might ask – or even require – your ISP to track your activity.
• Overly oppressive governments might require ISPs to monitor the actions of their citizens more actively.

Of course, your employer can certainly monitor your usage of the connections they provide for a variety of reasons, as can public or private institutions like libraries, internet cafés, or others.

Perhaps more realistically, since anyone who provides your connection to the internet is your ISP, your landlord

, the hotel's IT "department"

, or the stranger in the corner at a coffee shop with Wi-Fi

 could all just be nosy, for whatever reason.

Then what?

Option 1: Choose a different ISP

The first, knee-jerk reaction is that if you don't trust your ISP, find another ISP.

In some cases, that's simply not practical. In areas that have a monopoly provider, you might only have one choice.

Switching may also not be practical. Often, when there are alternate providers, the cost, performance, or service differential is high. You might find yourself an ISP you can trust, only to find their offerings come with significantly slower speeds or reliability.

Switching may also not be cost effective. Only you can determine the relative priority of the threat versus the potential of increased costs incurred by choosing a different provider.

In a home or business environment, the options typically boil down to cable, telephone/DSL, or wireless. You'll need to take into account the different cost/performance/service tradeoffs of each.

Of course, all this assumes you can find service from an ISP that you would trust any more than the one you currently have. If you can, and they meet your needs, this option can be the simplest in the long run.

Option 2: Use a VPN

The classic solution for protecting yourself over an untrusted connection of any sort is to use a VPN, or Virtual Private Network.

When using a VPN, your device creates an encrypted connection to that VPN's servers, and all of your internet traffic is routed through that connection. All your ISP sees is that you've connected to a remote server using an encrypted protocol; it cannot see what actually transpires over that connection.

This makes a VPN a perfect solution for travelers who regularly use otherwise untrusted connections, such as those in airports, hotels, and coffee shops.

It also means a VPN is a potential solution for any untrusted connection, even if that untrusted connection is your home internet, as provided by your ISP.

VPNs are not without issues, however.

The cost of a VPN

Using a VPN typically involves two types of costs: monetary and performance – and these two costs are often at odds.

There are free VPN services out there, but they often have poor performance. Spending money to purchase a VPN subscription typically means you'll get better service and speeds.

This ends up becoming important because when using a VPN, you're adding an additional layer of complexity to everything being communicated over your internet connection. The data itself is "wrapped" in a layer of encryption, and it's all routed through extra servers run by the VPN. While slower speeds are perhaps tolerable periodically while traveling, if you're constantly using a VPN at home, you probably want it to impact your experience as little as possible.

The privacy of a VPN

One thing many people overlook is that when using a VPN, in a very real sense that VPN becomes your ISP. While the ISP can no longer see everything you do, the VPN service can. All of your internet activity is routed through their servers.

Therefore, it's important to select a VPN provider you trust – presumably more than you trust your ISP.

What your ISP can still see

There's one important thing your ISP can most definitely see that there's simply no practical way around: your ISP can see that you're using a VPN. In fact, they can probably see which VPN service you're using.

Indeed, some governments have gone so far as to outlaw VPN connections, or to block as many VPN providers as they can keep track of, to prevent you from bypassing their mandated monitoring.

Option 3: Don't use your ISP

This is the most cumbersome and perhaps even impractical option. In a way, it's really the same as option #1, but with more legwork.

If you can't get an alternate ISP for your location, and using a VPN isn't an appropriate approach for you, then the only real solution is to go elsewhere. By that, I mean when you want to use the internet, take a laptop to a location with an ISP you can trust.

What that might be, I can't tell you. It could be the coffee shop or library down the street – but then you'd probably want that VPN. It could be a friend's house, or your place of work – again, as long as their ISPs are more trustworthy to you.

But if you can't "fix" or bypass the internet connection at home, and you can't trust it, then you shouldn't use it… at least not for anything you consider sensitive.

Postscript: I'm soaking in it

I trust my ISP. I trust that my ISP cares little about me, as long as I pay my bills and cause them no problems. As a result, while I have a subscription to a VPN service (TunnelBear

), I don't regularly use it at home.

I decided to try it out while researching and writing this article, so I enabled the VPN here on my desktop at home. I confirmed (via my own "what's my IP address

" page) that my IP address had changed, and that I was indeed connecting to the internet from a different location – New York, it would appear, as opposed to my ISP's normal point of presence here in Washington State.

Everything kept working, albeit ever so slightly more slowly. My web browsing continued; my remote server connections disconnected when the change was made, but quickly reconnected and continued to work; Dropbox, OneDrive, and Google Drive1 all reconnected and kept on synchronizing.

Running everything through a VPN is possible, but as I said, it's unlikely you actually need to; and which one to trust is also going to be a function of your specific situation as well.

Related Links & Comments: How Do I Protect Myself from My ISP?

https://askleo.com/26881

NEW (ACTUALLY OLD) Phone scam for Windows fix

You know the phone scam where a person with an accent calls and says you have a problem with Windows?  Well, they have a new ID on your phone:  "Private Caller"  As usual, they want to log into your computer.  The tool they use is remote control software from supremocontrol.com.  This is located in Milano, Italy.  Once they get you to install the linkage software, much like Teamviewer, then they ask you to give them the ID and password generated by the software.  If things don't really go right, then they ask you to run "eventviewer."  This is a real Windows maintenance application that will show all the activities of windows.  It will ALWAYS have some errors in it.  They say that your computer has a critical problem and that they will fix it for some amount.  I never got that far but the usual fee is $299.   I talked to them for 30 minutes and... well, they were from Timbukto CONNECTICUT.  Ha.  I said I was from there and never heard of such a town.  I said, Oh, you are from Africal (FYI, in case you haven't been there, Timbukto is in Mali, west Africa.)  They insisted they were from CT.  I commented on their excellent CT accent (NOT).

I had followed their instructions and they were really having trouble getting the supremocontrol software to work, even though I gave them my control information.  I said my thumb was hurting because it was stuck in the computer as a thumb drive.  They didn't understand.  Anyway, I wasted 30 minutes of their time having fun with them.  BTW. I won't give away any secrets, but they were trapped in a special operating system arrangement I have that completely boxes up anything they do and then throws anything they do away at the end.  I get a log of all their activities.  They were tied in a knot.

Don't try this yourself.  Leave it to a pro.  HA.  I'll report them to the appropriate authorities.

Miscellaneous notes on Charter Experience So Far

Here's a report on my experience with Charter:

• Installation took about 35 minutes for everything.  I had prepared by deciding where I wanted the above ground line to run.  I have extensive terracing on my "cliff-side" property, so I am going to run the line through some pvc and also above ground, attached to some of the terracing structures to avoid cutting the line.  
• I kept my DirecTV DVR.  I ran that into another HDMI input on my Receiver and we can finish all the TV shows we had recorded by switching the receiver over to that input.  Then I will return the DVR.
• The phone is very clear and works fine; better than the ATT land line.
• I have an elaborate internal network of multiple Access Points and wifi extenders.  I had to reprogram one access point because I was using a fairly high end router that really wasn't made to be just and Access Point.  Otherwise, out with the AT&T 7550 and I switched another current generation router I had to be the main router and internal IP address provider.  (It had been configured as an Access Point.)  But I didn't have to mess with the Wifi on any of the devices other than... I made everything WPA2 only, so that the wifi could run at its highest capable speed rather than limited by the WPA restriction.  That didn't impact any of my devices, since they were all WPA2.  
• My internet service is 65 Mbps down and a tenth of that up.  Better than advertised.
• The Charter DVR can record two programs.  The interface for programming is so 90s.  A real leap down from what was available from DirecTV.  
• The DVR can be programmed from the Spectrum web site.  (Charter is rebranding itself... probably because Charter service gave Charter such a bad name for itself.)  However, I couldn't get it to work.  After searching for real person help on the web site, I finally found that help by googling for it.  I used a Chat session and found that the programs and programming side of the Spectrum web site had been down for several days, was still down, and there was no ETR.  Good old Charter! 
• For those of you with real-time on demand streaming know, there is a UGH! associated with this capability.  Charter is big into supplying thousands of on-demand programs, including series.  The shows are good, and the picture quality is exceptional.  But you HAVE TO WATCH THE WHOLE DARN THING, INCLUDING COMMERCIALS.  You can't pause- at least I haven't found a way on Charter.  (On Amazon Prime directly from my SmartTV and on my computer I can pause.)

Google Search Tutorial

I don't know of anyone that uses the full power of Google search, which can be used on your device or on the internet.  That's because there are a significant number of commands and syntax aides that you don't know about.  So, here is a reference for you: http://www.stephanspencer.com/google_searcher.pdf  http://www.stephanspencer.com/google_searcher.pdf

And, here is a Cheat Sheet Page:  https://zapier.com/blog/advanced-google-search-tricks/#infographic

For a more comprehensive reference:  http://www.googleguide.com/ http://www.googleguide.com/

Also, once you have some search skills, you can get all youtube tutorials about a subject, and their is a lot out there.

When Changing Providers and Not Using the Previous Provider Modem-Router

Suppose you switch from a DSL provider to a cable provider.  What do you do with the DSL Modem/Router?  Usually you should toss that device.  But remember:  RESET THE DEVICE.  Use a paperclip to push the reset button on the device.  You should do this while it is on.  You should keep pushing until all the lights go out and the power light flashes.

If you don't do that, then you are leaving personal information, like your previous provider user id and password to their internet server, plus all your home network information.

A new way to combat Windows Support and IRS Scam Phone Calls and Ransomware

I bet many of you have received ransomware that pops up while you are browsing and says your computer has a problem and you have to call a number to get it fixed.  It appears to be legitimate because the pop up includes something about Windows Support.

Or maybe you get a "cold" phonecall that does about the same thing:  Microsoft had detected that your computer has a problem and needs to be fixed right away.

I won't go into the details but point you to this article:  http://www.zdnet.com/article/programmer-declares-war-on-windows-support-scammers/?loc=newsletter_featured_related_listing&ftag=TRE17cfd61&bhid=22449904719690284461257671316617

The article describes a "new" way to combat these calls:  a service that calls the number of the scammer and floods the scammer with robo calls until the scammer can no longer operate.  If you go to the services page, linked in the above article, it describes how to use the service.  There is a charge.

Android-iPhone-iPad-AnyPad Security Essentials

Although, in the following, I am going to use Android and the example, you can plug in your own personal smartphone operating system and the information will be about the same.

Before reading this, see this overview.

• Disable app downloads from unknown sources.  (Settings.Security.  Under "Device Administration" is a slider:  "Unknown sources.  Allow installation of apps from unknown sources.") The easiest way to get infected with malware on an Android phone or tablet is to start installing apps from outside the official Google Play app store. 
• Upgrade to the latest version of operating system that works with your phone.  Identified security issues will have been resolved and the latest security features implemented.
• Encrypt your device.  The current operating systems have built-in encryption.  For Android, the settings are in Setting.Security, Encryption section.  There are two options:
1. Encrypt phone.  I don't see a way to change this setting, so your on-board information is encrypted.
2. Encrypt SD Card.  This has a slider.  You will get a message to OK that gives some warnings:  only future files will be encrypted and various descriptions that say that you won't be able to read the files if you want to read your SD card on another device.  With my Droid, this hardly seems like a problem because I can't remove my SD card.    
• Download an anti-malware app.   Now that Android malware and viruses are a widely-recognised part of the smartphone world, there are many solutions to combat them. Most of the big antivirus (AV) companies have their own Android anti-malware apps, including Kaspersky, AVG, Avast and Norton. Recommended free Android AV apps include Lookout (where there is also a premium version available) and TrustGo.  Example ratings web page:  http://www.techradar.com/news/top-10-best-antivirus-apps-for-android-in-2017
• Do not connect to unsecured, unknown Wi-Fi networks. An unsecured Wi-FI network can seem like free internet, but  there is obvious danger.  Imposter Wi-Fi networks can be used to stage a ‘middleman’ attack, where any inputted data can be intercepted by a third party – including passwords and personal details, such as credit card numbers.
• Install a firewall for use in unsecured Wi-Fi situations.  Even if you know the wifi network you are using, you should have a firewall to provide both inbound and outbound protection.  Most firewalls work as an unlocked app, which is the typical situation for most of us.  A few require the phone to be unlocked.  (When a phone is unlocked, all software and files on the phone are accessible; a locked phone has a security layer that does not allow users to gain access to system software and files.)  Here is a review of some android firewall apps:  https://www.techjunkie.com/best-firewall-apps-android/   I use Comodo Firewall on my laptops, so I prefer using Comodo Android on my smartphone.  It has a complete suite of features. including private SMS.  If you are using a Security Suite, check your Suite to see if it has a firewall and check its settings. 
• Install a remote wipe/lock app. If an Android device is lost or stolen, it is sensible to have a way to wipe or lock it. There are apps available from Google Play that will do just that, reacting to either a command from a web interface or via text. Popular remote wipe and lock apps include Cerberus and Avast Mobile Security.  Most of the security suites offer this feature.
• Be aware of SMS threats.  SMS threats are partly responsible for the surge in Android malware. The Obad threat, which was brought to light earlier this year, can send premium rate SMS texts, install other malicious apps and execute other code. If there is mysterious activity on a phone bill, check it is not down to this type of attack.  Several security suites protect your SMS messages.
• Use the Chrome browser for browsing.  (or optionally Opera) Since Android 4.1 was introduced, phones and tablets have come with the stock Android browser as well as Chrome installed as standard. Chrome is marginally more secure than the stock version, having been subject to fewer publicised insecurities in recent months. It is also likely that Chrome for Android is better supported.  As a benefit of Chrome, if you sign into Chrome itself then the Chrome environment on your phone will be the same as the Chrome environment on all your other devices.  Having identical bookmarks on all environments is particularly convenient.
• Use your lock screen.  Anyone with a concern about Android security should put some lock screen protection on their phone. Virtually all Androids come with optional security measures pre-installed, accessed in the security submenu of settings.  The latest Androids have a fingerprint reader.  This is very convenient.
• Install a Password Manager, like Lastpass, that runs on all your platforms.  
• Stolen phone? Many Apps, including ones installed by your cellphone provider, can locate a lost phone on a map, even if the phone is off.  It works by logging on to the app-related web site.  The site will show either where the phone is on a map or show where it was the last time it was on.  You can wipe your phone.  Some apps will take a selfie to catch the thief.  
• Install a Router Control App, such as Netgear Genie:  Video
• Be Aware of Fake "infection" and/or "running out of memory" messages.  These seem to be very common and are associated with legitimate web sites; ie, they show up on the bottom of your phone screen.  For more information, google search "fake iphone android infection lost memory infections".  An example result is:  https://www.onlinethreatalerts.com/article/2014/3/13/your-android-has-been-infected-with-a-virus-tap-ok-to-remove-now-spam-message/

Miscellaneous Security Tips

I picked this up from somewhere, probably an email someone sent me. Sorry that I can't attribute it.  Has anyone got a solution to the long term parking issue?  You can't carry the stuff with you on vacation.

1.  Some people left their car in the long-term parking at San Jose while away, and someone broke into the car.  Using the information on the car's registration in the glove compartment, they drove the car to the people's home in Pebble Beach and robbed it.  So I guess if we are going to leave the car in long-term parking, we should NOT leave the registration/insurance cards in it, nor your remote garage door opener.

2.  GPS and how thieves can gain entry to a push button car, then go rob your house.  Someone had their car broken into while they were at a football game.  Their car was parked on the green which was adjacent to the football stadium and specially allotted to football fans.

Things stolen from the car included a garage door remote control, some money and a GPS which had been prominently mounted on the dashboard.  (I guess this is a dated note.  Now this info is perhaps in the car's navigation system, which can be hacked.  See http://www.autonews.com/article/20161207/RETAIL04/161209877/mystery-device-helps-thieves-steal-cars-with-push-button-ignitions)  When the victims got home, they found that their house had been ransacked and just about everything worth anything had been stolen.  The thieves had used the GPS to guide them to the house.  They then used the garage remote control to open the garage door and gain entry to the house.  The thieves knew the owners were at the football game, they knew what time the game was scheduled to finish and so they knew how much time they had to clean out the house.  It would appear that they had brought a truck to empty  the house of its contents.  Something to consider if you have a GPS - don't put your home address in it...  Put a nearby address (like a store or gas station) so you can still find your way home if you need to, but no one else would know where you live if your GPS were stolen.

3.  CELL PHONES.  I never thought of this... This lady has now changed her habit of how she lists her names on her cell phone after her handbag was stolen.  Her handbag, which contained her cell phone, credit card, wallet, etc., was stolen.  20 minutes later when she called her hubby, from a pay phone telling him what had happened, hubby says 'I received your text asking about our Pin number and I replied a little while ago.'  When they rushed down to the bank, the bank staff told them all the money was already withdrawn.  The thief had actually used the stolen cell phone to text 'hubby' in the contact list and got hold of the pin number.  Within 20 minutes he had withdrawn all the money from their bank account.

Some thoughts:

 a.  Do not disclose the relationship between you and the people in your contact list.  Avoid using names like Home, Honey, Hubby, Sweetheart, Dad, Mom, etc.

b.  Also, when you're being texted by friends or family to meet them somewhere, be sure to call back to confirm that the message came from them.  If you don't reach them, be very careful about going places to meet 'family and  friends' who text you.

4.  Purse in the grocery cart  scam... A lady went; grocery-shopping at a local mall and left her purse sitting in the children's seat of the cart while she reached something off a shelf...wait till you read the WHOLE story!   Her wallet was stolen, and she reported it to the store personnel.  After returning home, she received a phone call from the Mall Security to say that they had her wallet and that although there was no money in it, it did still hold her personal papers.  She immediately went to pick up her wallet, only to be told by Mall Security that they had  not called her.  By the time she returned home again, her house had been broken into and burglarized.  The thieves knew that by calling and saying they were Mall Security, they could lure her out of her house long enough for them to burglarize it.

Guide to Router Specifications

As the Charter cable rollout continues in our communities, many residents will need to replace their DSL routers with a new router. You can rent a router supplied by Charter or buy your own. Elsewhere in this blog I've suggested that, overall, it is probably more cost effective as well as providing a better internet experience if you buy your own router. When you do so, you will be hit with a nomenclature for naming the router number that is confusing. There will usually be something like a model number, but elsewhere on the package or web page there will be another "model number." Let me call this other model number "Shorthand Spec." You will see that is what it is.

Here is an example:  Linksys AC1750 Dual-Band Smart Wireless Router with MU-MIMO, Works with Amazon Alexa (Max Stream EA7300).  The AC1750 is the Shorthand Spec, and not the model number.  The EA7300 is the model number.  

I'm hoping that the following tables and discussion will help demystify the Shorthand Spec.

What Does a Shorthand Spec Beginning with "N" Mean?

This first table is about those Shorthand specs that begin with "N". It turns out that this spec indicates the speed of the 1 or more signals provided by the router. This table is from the Netgear site, so some of the Netgear real model numbers are shown in the last row of the table.

Nxxx Specification	N150	N300	N600	N750	N900
WiFi Speed (Mbps)	150	300	300 + 300	300 + 450	450 + 450
Frequency	2.4GHz	2.4GHz	2.4 and 5GHz	2.4 and 5GHz	2.4 and 5 GHz
Product Examples	WNR1000	WNR2000 WNR3500L	WNDR3400 WNDR3700 WNDR3800	WNDR4000 WNDR4300	WNDR4500

For Netgear router comparison, see the Wireless Router Comparison Chart.

Some FAQs:

Does a higher Nxxx number imply farther range?

No. The different speeds (150/300/450/600) are achieved with different channel widths, 20/40/60/80 MHz respectively.
Larger channel widths do not result in higher range, just faster speeds at close range. Transmission power or Range is not related to the channel width.


What is the difference between "Up to 54Mbps", "Up to 145Mbps", and "Up to 300 Mbps" wireless modes?

"Up to 54Mbps" supports the 802.11g and 802.11b standards.
"Up to 145Mbps" and "Up to 300Mbps" modes support the 802.11N specification and use 20MHz and 40MHz bandwidths, respectively.
"Up to 300Mbps = 40Mhz" will provide the maximum performance in most cases.
"Up to 145Mbps = 20MHz" may work better in areas with more interference from other access points.
"Up to 450Mbps" = 60Mhz, "Up to 600Mbps" = 80Mhz.

What does a router with a name starting with "AC" mean?

The short, but not satisfying, answer is: "It is the sum of the maximum speed of the dual band of a router. Ugh! A table with various real values helps:

Type	2.4 GHz band[c] (Mbit/s)	config [all 40 MHz]	5 GHz band (Mbit/s)	config [all 80 MHz]
AC600	150	1 stream @ MCS 7	433	1 stream @ MCS 9
AC750	300	2 streams @ MCS 7	433	1 stream @ MCS 9
AC1200	300	2 streams @ MCS 7	867	2 streams @ MCS 9
AC1300	400	2 streams @ MCS 9	867	2 streams @ MCS 9
AC1300[9]	-	-	1,300	3 streams @ MCS 9
AC1450	450	3 streams @ MCS 7	975	3 streams @ MCS 7
AC1600	300	2 streams @ MCS 7	1,300	3 streams @ MCS 9
AC1750	450	3 streams @ MCS 7	1,300	3 streams @ MCS 9
AC1900	600[d]	3 streams @ MCS 9	1,300	3 streams @ MCS 9
AC2200	450	3 streams @ MCS 7	1,733	4 streams @ MCS 9
AC2350	600[d]	4 streams @ MCS 7	1,733	4 streams @ MCS 9
AC2600	800	4 streams @ MCS 9	1,733	4 streams @ MCS 9
AC3000	450	3 streams @ MCS 7	1,300 + 1,300	3 streams @ MCS 9 x 2
AC3150	1000[e]	4 streams @ 1024-QAM	2,167	4 streams @ 1024-QAM
AC3200	600[d]	3 streams @ MCS 9	1,300 + 1,300[f]	3 streams @ MCS 9 x 2
AC5000	600[d]	4 streams @ MCS 7	2,167 + 2,167	4 streams @ 1024-QAM x 2
AC5300[12]	1000[e]	4 streams @ 1024-QAM	2,167 + 2,167	4 streams @ 1024-QAM x 2

Oh dear, more acronyms. MC, QAM? Let's skip defining these for now. You can just look at the Mbits/s columns.  One thing that might jump out at you:  the 5GHz band values are a lot higher than the 2.4GHz values.  Two rules of thumb:  Higher frequencies can carry more data (faster speeds) but Lower frequencies have a longer range and are less impacted by obstacles.  I think everyone has experienced this difference when listening to AM vs FM, FM being the higher frequency.

Here are some useful comments from an internet post. Unfortunately, I lost the actual page this came from, so I can't give credit where credit is due:

AC1900 = 600 on 2.4GHz, 1300 on 5Ghz (rather ridiculous claim, as very few devices can achieve above 300Mbps on 802.11n, see note at end)

AC2400 = 600 on 2.4GHz, 1733 on 5Ghz. They round up.

AC 3200/5300 triband routers use a dedicated 5GHz radio only for 802.11ac, a 5Ghz radio for a/n/ac, and a 2.4Ghz radio for b/g/n. Add up the max theoretical speed of 802.11n, 600Mbps +1300Mbps on each 5Ghz radio for 802.11ac for AC3200. AC5300 is 1000Mbps 802.11n on the 2.4Ghz radio, and 2166Mbps on each 5Ghz radio. (Again, the 1000mbps claim for n is absurd)

When looking for performance in a wireless AC router, look for the number of spatial streams it can support - typically spoken of in terms like "2x2 MIMO, 3x3 MU-MIMO, etc." The best you will likely see is 4x4 MU-MIMO. Keep in mind the client devices must also support this, and the geometry of antennae means you're not going to see beyond 2x2 wireless AC in a phone.

Key takeaway is that "AC3200" marketing does not mean that a typical single device can achieve this speed. A single device could only achieve this speed if it also used three radios and used some form of load balancing.

Note on 300Mbps+ 802.11n: These schemes use very high modulation schemes and 3x3 or 4x4 MIMO which are optional extensions to the 802.11n standard (read: almost no clients will support them). Most devices can only achieve 150Mbps per stream and support 1 or 2 streams. You cannot fit more than 2 2.4Ghz antennae in a phone to my knowledge due to the geometry of the antennae (must be a certain size and space apart, related to the wavelength of 2.4GHz signal) All this equipment is essentially nonsensical, and users seeking higher speeds should look to 802.11ac instead.