TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      New Openview channels coming as platform turns profitable

      27 May 2022

      Wapa’s Paul Colmer on why Icasa should open up 6GHz for Wi-Fi

      27 May 2022

      How Broadcom’s blockbuster VMware deal happened

      27 May 2022

      The cost for South Africa to quit its coal habit: R4-trillion – study

      26 May 2022

      Apple is feeling the smartphone industry chill

      26 May 2022
    • World

      Musk sued by Twitter investors for stock ‘manipulation’

      27 May 2022

      Broadcom agrees to buy VMware for $61-billion

      26 May 2022

      Musk pledges more equity to fund Twitter deal

      26 May 2022

      Sony looks beyond the console to PC and mobile gaming

      26 May 2022

      Andreessen Horowitz raises world’s largest crypto fund

      26 May 2022
    • In-depth

      Bernie Fanaroff – the scientist who put African astronomy on the map

      23 May 2022

      Chip giant ASML places big bets on a tiny future

      20 May 2022

      Elon Musk is becoming like Henry Ford – and that’s not a good thing

      17 May 2022

      Stablecoins wend wobbly way into the unknown

      17 May 2022

      The standard model of particle physics may be broken

      11 May 2022
    • Podcasts

      Spectrum auction opens up big growth opportunities – Ruckus Networks

      26 May 2022

      Everything PC S01E03 – ‘The story of Intel – part 1’

      25 May 2022

      The rewarding and lucrative careers to be had in infosec

      23 May 2022

      Dean Broadley on why product design at Yoco is an evolving art

      18 May 2022

      Everything PC S01E02 – ‘AMD: Ryzen from the dead – part 2’

      17 May 2022
    • Opinion

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022

      Cash is still king … but not for much longer

      31 March 2022

      Icasa on the role of TV white spaces and dynamic spectrum access

      31 March 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»In-depth»How to secure yourself online

    How to secure yourself online

    In-depth By Editor25 September 2014
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    key-640

    After various celebrities’ accounts on Apple’s iCloud servers were hacked, the company has made a point of addressing these issues. It has made new claims for the security of iOS 8, the firm’s latest phone operating system, and for its cloud services. Similarly, Google announced the next version of its Android phone operating system will encrypt all data by default. But what sort of security do these measures provide?

    All phones and tablets provide a device lock that requires a passcode or swipe gesture to unlock. But many owners — up to 50% — either don’t use the feature, or use a trivial passcode such as 1234. Fingerprint readers, as introduced in the iPhone 5, are perhaps the way forward and through ease of use are likely to increase the number of users locking their phones.

    While a device lock provides some protection, it’s still possible that a hacker, or the authorities, could extract data given physical access to the device. Encryption, as offered by both Apple’s iOS and Google’s Android platforms, would defeat this (or make it extremely difficult) by requiring a passcode to decrypt the contents and make them readable.

    Android has offered this since 2011, while for Apple it was introduced with iOS 7 in September 2013 for mail and data in third-party apps. With iOS 8, this is extended to the phone’s messages, mail, calendar, contacts and photos. Additionally, Apple claims that it no longer stores a copy of the encryption key used, making it unable to respond to a warrant demanding access to the data, whether backed up in the cloud or on the device.

    In the UK, police will seize mobile phones after a car crash in order to see if drivers were texting and driving. This follows a pilot scheme in which police stations equipped with specialist readers are able to swiftly extract the entire contents of a phone. Whether this will be defeated by the encryption introduced by iOS and Android remains to be seen. Certainly the UK Regulation of Investigatory Powers Act empowers the authorities to compel a user to supply decryption keys or passcodes.

    Apple’s new payment system built around its near-field communication chip and protocol does not store or transmit credit card details. This makes it fairly secure, and should greatly reduce the number of skimming techniques that are possible with other card payments, as neither the card number nor the Pin code will be accessible during the payment process, stored as they are in a secure hardware chip in the phone.

    Cloud risk
    Most smartphones now back up data to the cloud and it was through this that hackers gained access to the images that were then leaked. There’s no evidence that Apple’s servers were hacked and compromised — unfortunately this privacy breach was made possible by poorly chosen passwords and a weak security questions system that allowed repeat guesses without raising the alarm.

    There are files containing millions of popular passwords available on the Internet and it’s likely hackers simply ran programs that tried various combinations until they succeeded — a “brute force” attack — together with answers to security questions guessed based on publicly known information. Apple has now firmed up its security procedure by introducing a maximum number of incorrect answers to security questions and notifying users when their online accounts are accessed.

    So, make sure the weak link in the security isn’t you. Choose a strong password — it isn’t hard. Don’t use an obvious passcode, and use a fingerprint scanner if fitted. Use Apple Find My Phone or Android’s Device Manager so a lost or stolen phone can be locked, traced or even remotely wiped.

    For iPhones, upgrade to iOS 8 or at the very least upgrade to iOS 5 or higher. For Android, look into encrypting the device’s contents and when installing a new app be aware of what it is asking access to — don’t blindly click on messages that say “Let this app have access to…” as malicious apps could wrestle data from your phone and send it out over the Internet. Some companies, including Facebook, have a terrible reputation when it comes to privacy, so be cautious of default settings.

    padlock-640

    Currently, the best way to secure online accounts is (together with a strong password) to turn on two-factor authentication — as offered by Apple, Google, Facebook and Twitter.

    You register a phone number, which the service will call or text with a Pin number. This will be required in addition to your password to gain access. This is set up per device. Trusted devices will work as they did, but someone else (or you) attempting to access your account from another device will need not only your password, but access to your phone to get the Pin number the service sends.

    Google goes further, allowing you to generate new, random passwords for each of its online services you use or each device, so that if someone compromises one password it won’t open any others.

    Although it’s a bit more of a hassle, try to have different passwords for different accounts as re-using passwords is as bad as having weak passwords. Use the tools available — Web browers save passwords and there are software tools such as password managers that can simplify the task — but make sure you know how they work.

    And even at the end of their lives, computers, phones and other devices need to be securely wiped to remove all traces of personal data (including the passwords and financial details we’ve been so keen to protect) before being given away or sold. Not doing so is little different than handing your keys to a burglar.The Conversation

    Blaming the companies for security failures is too easy. Consumers have to get wiser about locking their data away.

    • Barry Avery is associate professor in informatics and operations at Kingston University
    • This article was originally published on The Conversation
    Apple Google iCloud
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleCoke machines in SA to dispense free Wi-Fi
    Next Article MultiChoice moves on VOD rivals

    Related Posts

    Apple is feeling the smartphone industry chill

    26 May 2022

    Big Tech’s latest dive snuffs out hopes the worst is over

    25 May 2022

    iPhone 14 development schedule delayed by China lockdowns: report

    25 May 2022
    Add A Comment

    Comments are closed.

    Promoted

    Financial advisers: manage your commission and analyse revenue effortlessly

    27 May 2022

    BT, MTN Business form strategic alliance in Africa

    26 May 2022

    Think like a start-up: how to build a competitive digital enterprise

    26 May 2022
    Opinion

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    From spectrum to roads, why fixing SA’s problems is an uphill battle

    19 April 2022

    How AI is being deployed in the fight against cybercriminals

    8 April 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.