Can crooks hack your home?

Don't leave the backdoor open to crooks

Did you watch “Can crooks hack your home?” Shown on ITV.

A real example of how hackers can break into your home network was demonstrated with a van parked outside a volunteer’s home in Morecombe, positioned close enough to get the home-owner’s Wi-Fi signal.

Home wifi targetted

Inside the van widely available scanning tools were used to find the Wi-Fi password, after 2 days the password was discovered. The discovered password was 8 upper case characters, although not the perfect password it was random and found reasonably quickly, my guess is that a more complex password consisting of 8 characters, upper and lower case, numbers and special characters could have also been discovered quickly, it is a few years since I did maths but I do know that by extending the password length from 8 to 10 will dramatically increase the time needed to determine the password.

internet of things

A hacker now has access to the home network through the Wi-Fi and can freely interrogate other “things” connected to the home network; including the router/firewall.

Mitigate the risk

Here are a few simple suggestions to mitigate the risk of this type of hack occurring.

  • Strong Passwords

    Deploy strong passwords with 10 random characters using upper and lower case, special characters and numbers.

  • Disable Remote Access

    Ensure remote access to the router/firewall is disabled and a strong password is set to access the router from your network.

  • Set Strong Wi-Fi Passwords

    Set your Wi-Fi passwords on the network to a strong password, many of use easy to remember passwords for this.

  • Use Guest Network

    If your router supports “Guest network” then activate this feature and connect your friends and guests to this network when they visit, “Guest network” provides no access to your home network, a simpler password for your guest network is then plausible.

Benefits

  • Your non-guest Wi-Fi network is protected with a strong password but your visitors do not need this access or password.
  • Your router/firewall and those connected “things” are now better secured.
  • If your home has critical “things” attached to the network and your router does not support “Guest network” it might be worth upgrading to a better router or attaching a compatible wireless access point.

+++ Remember to never sign-in to any wireless network without Wi-Fi security.

Dangerous Certificate on Dell laptops could intercept your encrypted data

Super Fish

Superfish or not, it’s not very pleasant knowing your encrypted data to and from the Internet might not be encrypted at all, due to a Dell faulty certificate residing on your laptop.

The certificate installs itself from the Dell Foundation Services software available from the Dell website. It’s interesting to note that it was last updated on the 24th November 2015 with minor bug fixes!

Dell fix

Here is a Dell PDF showing the procedure to remove the offending certificate.

As reported by Bank Info Security.

How to secure your Facebook account

Facebook accounts are so easy to hack, but are also easy to secure!

Your Facebook account default security settings rely solely on a strong password, this is not enough and your account is very vulnerable.

Your Facebook account set to default security is vulnerable because hackers who know your email address use the “Forgotten your password?” procedure. Using the “No longer have access to these?” option the hacker eventually gains access by using “Recover your account with help from friends”, of course the friends are fake accounts. The hacker through friends eventually gains access to your account, if you need to do this activity there’s loads of information by searching with your favourite search engine.

Here’s what to do!

1 In your Facebook account select the padlock and See More Settings

Securing Facebook

2 Select the Security tab on the left.

Facebook account security

3. Select Login Alerts and set as shown

Facebook Security settings

4. Select Login Approvals and request a text code to be returned to your mobile.

Facebook login approvals

5. Select App Passwords and generate app passwords if you have apps.

Facebook App passwords

6. Select Trusted Contacts and choose your contacts who will help recover your account if all is lost.

This prevent the Hacker’s fake friends we spoke about earlier.

What are trusted facebook contacts

7. Finally select the Privacy tab and set “Who can look me up” to Friends as shown.
This prevents your photo and full name being shown when someone clicks “Forgotten your password”.

This is not fool-proof, anyone on your same network can see your photo and name, I assume this is by your IP address, if this is the case then your IP address can be spoofed

Facebook privacy settings and tools

8. Your much more secure that at step one

9. Enjoy your Facebook!