Technical Tips From A NYC IT Consultant

Per Gizmodo – Spyware on every Android (and possibly Blackberry and Nokia) phone out there…

If you have any decently modern Android phone, everything you do is being recorded by hidden software lurking inside…

Carrier IQ’s software is installed in your phone at the deepest level. You don’t know it’s there. You are never warned this is happening. You can’t opt-in and you certainly can’t opt-out.

The commercial spyware sits between the user and the applications in the phone so, no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.

This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.

Read more on Gizmodo –> Your Android Phone Is Secretly Recording Everything You Do.

I’ve written about ID theft before. Never thought I’d experience it, first hand. But I guess it’s bound to happen to everyone, the way they’re hacking nowadays. Found out yesterday, some wonderful slime ball walked into an Apple Store last week, used my SS# and driver’s license# to open a couple of AT&T Mobile Wireless lines, in my name. He also bought a couple of iPhones but paid in cash. I found out because I received a bill from AT&T for the two lines, along with two Welcome packets, thanking me for choosing AT&T.

I’ve never been an AT&T Wireless customer, nor have I ever been in an Apple Store [until today].

Based on the info that was used, I kinda got the feeling some financial institution I deal with had their servers hacked, and info stolen.

Another case for making it mandatory to have peoples personal info stored in an encrypted database:

The personal records of some 3.5 million Texans were inadvertently exposed after they were placed on a state computer server that was accessible to the public for about a year, state officials said on Monday.

State Comptroller Susan Combs said there is no indication that any of the information, which included names, mailing addresses, Social Security numbers, and possibly dates of birth and drivers license numbers, has been misused.

Read more at Huff Post…Texas Exposes Private Records: State Accidentally Releases 3.5 Million Personal Records.

By now, you may have heard of the security breach at mass email marketing company Epsilon, where the names and email addresses of thousands, if not millions, of people have been stolen. The current list of companies include:

• 1-800-Flowers
• AbeBooks
• Ameriprise Financial
• Barclays Bank
• Best Buy
• Brookstone
• Citibank
• Disney Destinations
• Hilton Worldwide
• JP Morgan Chase
• Kroger
• Lacoste
• Marriott International
• McKinsey Quarterly
• New York & Company
• Robert Half
• Target
• Tivo
• US Bank
• Verizon
• Walgreens

The warning emails are starting to role in. This one from Target:

When will it become Standard Operating Procedure, and an industry standard, if you are storing customer info, to store it in an encrypted database! It can’t be that difficult!! The money you are spending on the resulting PR, could probably have been used to secure the database.

I blame, not only Epsilon, but also the companies that dealt with Epsilon for not making it a requirement that the customer info be encrypted.

I have to say, if this is true, it’s pretty impressive in a Big Brother sort of way. Basically, China is monitoring your phone calls. If you say a naughty word like “protest”, your call will be dropped. From the New York Times:

If anyone wonders whether the Chinese government has tightened its grip on electronic communications since protests began engulfing the Arab world, Shakespeare may prove instructive.

A Beijing entrepreneur, discussing restaurant choices with his fiancée over their cellphones last week, quoted Queen Gertrude’s response to Hamlet: “The lady doth protest too much, methinks.” The second time he said the word “protest,” her phone cut off.

Read the full story @ NYTimes…China Tightens Censorship of Electronic Communications