#SGGQA 033: Sinclair Media Creepy, Facebook Creepy, and April Fools on Easter – Monday Tech Chat!

Taking a quick look at an awesome Doctor Who VR TARDIS, asking some creepy questions about Facebook scraping your data, and the Orwellian present of Sinclair Media and local news. Happy day after Easter!



Download this week’s podcast – SGGQA 033

Stories this week:
TARDIS VR simulator! https://youtu.be/WaBLT_osVE8
Zuckerberg in 2006 talking about not selling user data https://twitter.com/Snowden/status/97…
Sinclair Media’s Orwellian mission statement to local news https://www.reddit.com/r/television/c…
Dr. Alison Grimes interview, smartphones and hearing loss https://somegadgetguy.com/2018/03/27/s…

Continue reading “#SGGQA 033: Sinclair Media Creepy, Facebook Creepy, and April Fools on Easter – Monday Tech Chat!”

Experian Hack Compromises T-Mobile Customer Data

T-Mobile LogoIn a letter to consumers, T-Mobile CEO John Legere disclosed that the vendor his company uses to process credit applications has been compromised.

The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing from September 1, 2013 through September 16, 2015. These records include information such as name, address and birthdate as well as encrypted fields with Social Security number and ID number (such as driver’s license or passport number), and additional information used in T-Mobile’s own credit assessment. Experian has determined that this encryption may have been compromised. We are working with Experian to take protective steps for all of these consumers as quickly as possible.

In responding to this attack, T-Mobile will be offering up two years of free credit monitoring and identity theft protection through ProtectMyID.com.

We don’t have confirmation on when this attack took place, or how quickly T-Mobile and Experian responded to the issue. Though the data stolen represents approximately two years of records, we can assume that the hackers have not had access for that length of time.

You can read Experian’s official press release here, and John Legere’s full letter to T-Mobile customers below.

Continue reading “Experian Hack Compromises T-Mobile Customer Data”

Guest Article: How to Keep Your Smartphone Secure When Using Public WiFi

wifi

Caroline Black from Secure Thoughts shares some tips on how you can better protect your mobile data using public networks.

Public WiFi can be an easy access point for hackers to obtain your personal information. Whether you’re on your tablet, laptop or smartphone, the risks remain the same: some creep could be around the corner or even at the next table spying on your online activities, lurking on your accounts and taking down your login and banking information. It’s likely that there are many personal details stored on your device, whether you know it or not.

Smartphones especially come with risks because you are always logged into one of your accounts (as required by the operating system). It’s also easy to forget to log out on the websites you visit and many users save their passwords for a simpler way to access the pages later on. Anyone who sneaks their way into your smartphone can easily find this information, whether they physically have your device or if they’re hacking into it through an unsecured network.

So how are you able to prevent this from occurring anyways? Avoiding public WiFi is not an option for many smartphone users, especially when they’re on the go. So instead of ditching the public WiFi, consider securing your device. Here’s how you can do just that:

Check Your Accounts

Besides keeping an eye on your account activity on a regular basis, you should avoid saving your passwords on your device. Sometimes your web browser will ask you if you’d like to save your passwords, though you could have also stored them in a memo on your phone. Whichever might be the case, you should never store your passwords on your smartphone. Continue reading “Guest Article: How to Keep Your Smartphone Secure When Using Public WiFi”

Twitch Encouraging Users to Change Passwords After “Unauthorized Activity” Detected

twitch logoNot a lot of info on this one just yet, as the story is just breaking, but if you use the game streaming service Twitch, you might want to switch out your password.

A very brief announcement on the Twitch Blog, describes some “unauthorized activity” was discovered, and as a safety precaution, they’ve disabled accounts and sync to Twitter  and Youtube. You can read the full press release below.

Continue reading “Twitch Encouraging Users to Change Passwords After “Unauthorized Activity” Detected”

PS4 User Account Hacked, Sony Refuses to Refund $600 in Fraudulent Charges

sony ps4I really want to jump into a pages-long, old-man tirade about what video gaming was like when I was a kid. When the “bits” of a console were single digit. When playing a game meant punching in a cartridge and pressing the power button. Where instead of waiting for updates to download, the worst “tech support” we’d need to perform was blowing out some dust from the tray. But I digress…

Redditor Kadjar posted yesterday about an infuriating aspect of modern day gaming, the fact that we don’t own our games in quite the same way we used to with cartridges and discs. Instead we have an account, and our games are attached to that account. Kadjar’s Playstation Network account was compromised, and he woke up to $600 in fraudulent charges and the discovery that his PS4 was no longer attached to his account. Someone else had all his stuff and racked up some huge bills.

Worse, upon discovering the hijack, and contacting Sony, he got some bad news. Sony would only reverse $150 of the charges. If he used his credit card company’s ability to dispute the charges, Sony would ban his account and wipe out any and all record of any game attached to his account, even those not in dispute and purchased legally. Continue reading “PS4 User Account Hacked, Sony Refuses to Refund $600 in Fraudulent Charges”

Android 5.1 Brings Better Device Protection for Lost or Stolen Phones and Tablets

Android Lollipop ForestTrying to steal a few headlines from Apple today, Google officially and publicly announced Android Lollipop 5.1.

Alongside bug fixes and performance improvements, Android 5.1 brings a much improved security with Device Protection. We’ve detailed Device Manager in the past, which can be used to locate a missing phone or wipe it clean in the event it’s stolen.

Device Protection now includes the ability to lock a device to your Google ID. Even after wiping and hard resetting a phone, Android will require you to enter in your Google account password before the phone can be used again. This follows recent state legislation in California and Minnesota mandating a “Kill Switch” on phones. The idea being a stolen phone will be far less valuable if it’s essentially a brick without the victim’s password. Continue reading “Android 5.1 Brings Better Device Protection for Lost or Stolen Phones and Tablets”

Sunday Fun: Fighting FUD One Comment at a Time…

It’s a fact that many people stop reading an article after they finish the headline. Makes it rather difficult to discuss nuance when some people trust the “knowledge” they glean from click bait or sensationalized headlines.

Case in point, last week a story started circulating about a new type of malware that can track you and the contents of your phone even when your phone is off. Sounds freaky right! RIGHT! OMG! NO!!!

Screenshot (6) cropWe were treated to a bunch of “falling sky” editorials, a number of people trotted out old talking points about Android and the security of “open” platforms, but few mentions of the actual exploit were made beyond a pithy “requires root access”.

Thankfully this is the internet where we can often turn to the comments for more info.

Screenshot (9) cropRekt.

Just a bummer though that many people stopped at the headline…

Lenovo Publishes SuperFish Removal Instructions with Removal Tool

superfish lenovo removalSuperFish has been an ugly security black mark for Lenovo. It’s often been a criticism in my reviews of their gear that they include too much “value added” software (bloat), and removing a lot of it will noticeably improve system performance.

SuperFish however was a piece of adware. If a Lenovo owner opted into the “service”, SuperFish would analyze images and searches to insert ads for similar products and to do cost comparisons. While that doesn’t sound terrible, behind the scenes SuperFish would install its own security certificates which allowed the service to intercept encrypted traffic.

It’s doubtful that Lenovo or SuperFish seriously wanted to peek in on your private and secured data, but such a gaping hole could easily have been exploited by another attacker.

Lenovo detailed that this adware package was only installed on consumer systems, not on Thinkpads and business systems. Today they’ve published details on removing the service, and they’ve released an app to aid in the removal.

Click here for more info on SuperFish and how to remove it.