Coming up, Your Phone contains your Driver’s License

/in /by

Gone are the days of the fat wallet bursting at the seems, since smartphones can now contain most anything that a wallet does—except the driver’s license. But don’t write that possibility off just yet.

5WForbes.com reports on a story from the Des Moines Register that the Iowa Department of Motor Vehicles is hot on the trail of getting driver’s licenses into smartphones: an app that would contain all the applicable data, a scannable bar code and a two-step verification which would include a biometric.

The technology isn’t quite with us, but we all know it will be here soon enough. And needless to say, the smart driver’s license will bring with it security concerns.

The Forbes article points out that a digital identity expert sees the glass half full. In other words, today’s security features are reliable enough to go ahead with confidence in developing the technology to get a driver’s license into a mobile phone. “I believe all the technologies to make this a high-security operation are already in play,” the expert states, “and just need to be orchestrated effectively.”

If anything, perhaps the driver’s license inside the smartphone will reduce the potential for fraud involving driver’s licenses.

Thus far, digital driver’s licenses are used at airports, and the feeling is that policies regarding the digital driver’s license are more important than figuring out a way to perfect the technology.

A good start for Iowa would be to get things rolling with the private sector, says the Forbes article, by letting it use digital licenses for minimal transactions such as age verification when purchasing liquor.

Let’s first see how these smaller-scale transactions go over, is the thinking, before diving head first into using cyber licenses for full-scale transactions such as “showing” it to the police officer who pulls you over for speeding, or using it for making a large purchase with a check.

Nevertheless, it’s not probable that cyber technology will replace all hardcopy/physical documents, especially since there will always be that segment of the population who insists on doing things “the old-fashioned way.” The power of paper.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

In with the New, out with the Old

/in /by

If you plan on getting a new smartphone, have you ever thought of what the next user of your old smartphone will find on it?

7WThis assumes you’ll be selling or donating it, of course. Are you SURE those risqué photos are totally gone, or that your diary entries have been wiped clean? Experiments have been conducted in which someone buys used smartphones for the sole purpose of seeing how much personal data was left behind by the previous owner. I’ve done one, it wasn’t pretty. We found data on half the devices we bought in the second hand market.

It’s unbelievable how much data was retrieved in these experiments, including addresses, e-mails, passwords and text messages. A factory reset is not a totally reliable way to wipe clean your smartphone, either, as shown by the fact that some Android phones, despite the factory reset, still contained the previous user’s data.

Before taking the first step in getting rid of your mobile phone, back up all of its data. This can be done with a flash drive or automated PC service. For Android and iOS, use Apple’s iCloud or Google’s Auto Backup.

Next, wipe your phone squeaky clean. No, not with a rag and bleach, but “wipe” means destroy all the data using a specific method. This is NOT done by hitting the delete button or even reformatting the hard drive. What you don’t see isn’t necessarily not there.

A reformatted hard drive can still contain your data. To wipe an Android or iOS, use Blancco Mobile. To wipe a Mac computer, use the OS X Disk Utility or WipeDrive. For Windows PC use Active KillDisk. If you use a factory reset for a smartphone, remove any SIM cards too.

What if you can’t wipe your device? If you don’t wish to give it to someone else, then literally destroy it. Don’t just toss it in the trash. Take out the hard drive and mutilate it with a hammer. If you do want to sell it or donate it (get the receipt if you do donate it for an IRS return), realize that your data will still be on it. You never know who will end up getting their hands on the device.

If the idea of hammering at the hard drive isn’t your cup of tea, then find out from the recycling company who conducts the downstream recycling. You don’t want your device—containing your data—getting into a foreign landfill. The recycling company should be part of R2, or “responsible recycling,” or be part of e-Stewards certification programs.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Should You Use Near-Field Communications?

/in /by

Have you ever wondered what kind of superpower you’d have? I’ve always wanted to send messages and ideas with my mind to others. My dream can sort of come true with near-field communications (NFC).

7DYou’ve might not have heard of NFC, but if you have a smartphone, there’s a good chance you’ve used it. If you have ever used Apple Pay or bumped your Galaxy smartphone with your buddy’s to send pictures, you have used NFC. By definition, NFC allows smartphones and similar devices to establish radio communication with each other by bringing them close together, usually no more than a few inches or centimeters. It’s an exciting technology that has a lot of promise, but there are a few concerns too. Let’s take a closer look at the pros and cons of NFC.

Pros

  • Convenient. In a busy digital world, people like transactions that are quick and easy. That is one of NFC’s greatest strengths. No more digging around a wallet or purse for a debit or credit card, all you need is your phone. The technology is intuitive—bring your phone close to the reader and a simple touch and bam! Transaction completed. Think about how much time that would save at coffee shops, grocery stores, etc.
  • Versatile. NFC can be used for many situations and in many different industries. In the future, NFC technology could allow you to use your phone to unlock your car, access public transportation, or launch applications depending on where you are (bedside table, work desk, etc.).
  • Safe. If your wallet is stolen, thieves immediately have access to your information. With a smartphone, your data can be protected by a password and/or PIN. But the biggest strength is that with NFC payment, retailers no longer have access to your credit card information.

Cons

  • Security. Although NFC technology is more secure than magnetic strip credit cards, there are still security concerns. As people use this technology to purchase items or access cars, there is more incentive for hackers to break into smartphones to steal financial and personal information.
  • Usability. NFC will only succeed if merchants and companies adopt it as the way of the mobile commerce future. Although the technology is consumer-friendly, it is expensive to purchase and install related equipment. And it still may take years before there are enough smartphone users for NFC to add enough value to merchants to implement.

NFC is a new and blossoming technology with lots of potential. Whether you decide to use it or not, there are always things you can do to keep your personal and financial information safe. For tips and ideas, check out Intel Security’s Facebook page and Twitter feed.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Removing Location data from Mobile Pics

/in , /by

Those cutesy photos in your phone of your puppy can reveal your location because the images leave footprints leading straight to your home. The trace data is called EXIF: exchangeable image file format. It may contain GPS coordinates of where you took the photos.

6WApple’s and Google’s smartphones ask owners if it’s okay to access their location. Click “okay,” and this means every photo you take gets tagged with GPS coordinates. Thieves look for this information, which remains with images that are uploaded to Flickr, Photobucket, etc. (Facebook strips EXIF.) Crooks or pervs can then use Google Maps to get your exact location.

Prevent Geotagging: Six Steps

  • For social media applications, turn off the location services.
  • For iPhone, go to Settings, Privacy, Location Services, and turn off the location services.
  • For Android, go to Settings, Location Services, and turn off the location services.
  • There are apps such as Pixelgarde that wipe geotags from existing online photos.
  • For computers, Windows can strip out the EXIF; just right click the image, click Properties, then in the “details” tab, hit the Remove Properties and Personal Information.
  • Mac users can use XnView, but this bulk-stripper works also for Windows.
  • Run Hotspot Shield which masks your IP address creating an incomplete profile of location data.

Many people don’t even know that photos store location information. You’re a walking map unless you take certain steps to protect your privacy. With those pictures you take with a smartphone camera, you also record all sorts of goodies like shutter speed, type of camera, date the image was taken, and of course…GPS coordinates. Here are the details for protecting your privacy:

Windows Phones

  • Select photos in Windows Explorer.
  • Right-click them, hit Properties.
  • Beneath the Details tab, click “Remove Properties and Personal Information.”
  • A window will pop up; hit Okay.
  • You’ll see a copy of each right-clicked photo in that same folder. The copied images are safe to upload.

Mac OS X

  • Use an app called SmallImage. Download the file.
  • Open the app; drag photos into its window.
  • Uncheck the box called “Recompress at quality.”
  • Click “Process,” and the copied photos will appear in the folder.
  • To replace the original photos rather than make duplicates, uncheck the “Add Suffix” box.

Linux

  • You’ll need a tool, EXIFTool. Install it on Ubuntu by running this command: sudo apt-get install libimage-exiftool-perl.
  • Next, to create clean copies of your photos, cd to their folder, then run: exiftool -all= *.jpg.
  • It will then generate copies of the photos

There exist a number of other programs for removing location data from your mobile phone, but the steps described here are among the easiest.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Dumb Thief: How to Locate a Stolen iPhone

/0 Comments/in , /by

With 20+ million iPhones on the market there is a good chance you have one. According to San Francisco police, the 31-year-old city resident rode a bicycle up to a woman and snatched an iPhone out of her hands, and then pedaled away.

Problem was, the woman was carrying the phone as part of a company’s demonstration of a real-time GPS tracking program. If the bandit would have taken a peek at the screen, he would have seen himself traveling across a map of San Francisco.

Using the tracking software enabled on the iPhone, the victim was able to tell a 9-1-1 operator the exact location of the thief as he peddled through San Francisco, which the operator then relayed to police. Ten minutes later, he was in police custody.

This is either the greatest ever publicity stunt or most likely the dumbest and unluckiest thief ever!

The iPhone has gone through numerous upgrades in both hardware and software and still holds its value. Even the iPhone 3G is still commanding $150-200 on eBay, while the 3GS is going for as much as $400 and the iPhone 4G is a whopping $800.00! .  That being said it is suggested to protect this hardware as you would a laptop.

Apple has a service called Find My iPhone that will allow iPhone owners to remotely locate their lost or stolen iPhones using the iPhone’s GPS. The service is available as part of Apple’s MobileMe online subscription service.

Find My iPhone will:
-Locate your iPhone or iPad on a map
-Display a message and optionally play a sound for two minutes at full volume even if your device is set to silent
-Remotely set a passcode lock on your device (or lock it using your existing passcode)
-Remotely wipe your device to permanently erase all of your personal data

The app will automatically sign you out after 15 minutes of inactivity or you can manually sign out at any time. You must first set up your MobileMe account and turn on Find My iPhone on each device you want to locate (installing the app is not required).

Robert Siciliano personal security expert to Home Security Source discussing iTunes Giftcard Scams on NBC Boston. Disclosures.