Geek Post Alert: Security Info for Consumers
In the last couple of weeks several things have come out that directly apply to consumers. So I thought I would point out a few of them for your awareness.
1) iPhone iOS Update: A couple of weeks ago Apple released an update for your iPhones. One of the fixes is the location tracking item I wrote about last month. The fix reducing the location information to the last 7 days (not indefinitely), it no longer automatically backs up the data to iTunes and it will delete the cache – all of it, if you turn off location services.
If you haven’t had a chance yet to update your phone, now is as good a time as any.
2) Fake Free Mac AntiVirus: The first fake free A/V for Mac has finally appeared. Mac Defender is fake and works to convince Mac owners to enter their credit card data. As always, please double-check internet purchases, just a simple Google search with epinions or reviews from reputable sources can make a huge difference. Another thing to look for from the Google search are dates on comments. If all the reviews or documents are recent that is a red flag. Buyer beware.
3) Aaron’s Rent to Own Spyware Lawsuit: On the buyer beware front an interesting story came out on a software product called PCRental Agent. The Byrd family, back East, has filed a lawsuit against Aaron’s after they completed a rent-to-own contract on a Dell laptop. Apparently the final payment was incorrectly applied and the Manager showed up at their home with a photo of the husband using the laptop taken remotely from the built-in webcam. After the police were called and an investigation launched, Aaron’s confirmed they install the software PCRental Agent which apparently allows remote webcam monitoring, screen shot capabilities, key logging and traffic interception. There are reports the software has been installed on Aaron’s Rental PC’s since 2007. WOW.
I am not even sure where to start here. As a company, I can certainly see the desire to ensure you can collect or recover assets should your renters default. Apparently the intent was to allow Aaron’s to lock the system from usage until a payment is made if customer falls behind.
From a consumer standpoint, it is terrifying. I do have to admit, I am paranoid enough, I won’t even buy a PC that the GeekSquad has nicely setup for me at Best Buy. Do I think they are installing things I don’t want? No, but I want to start from a fresh install screen and build up. I have also been known to delete all the vendor “add-ons” that HP, Dell and everyone else adds to a system. Trust no one.
What do you think the odds are that Aaron’s remotely uninstalls the software once the PC is paid off?
You know as well as I do, it doesn’t happen. If this is all true, they have spying capabilities on customers for the life of the device. Yikes!
Most security researchers thought shutters built onto webcams in laptops would become standard after the Lower Marion Township school district spying incident last year where school employees where spying on students from loaner laptop webcams. But it hasn’t happened yet.
What can you do?
A post-it note over your camera is a low-tech shutter. If you don’t really use a webcam, don’t buy a laptop with one. If you are not worried about this, at least stick something over your kids laptop, they may be more likely to download some remote control/spying software anyway.
If you are concerned about key-logging or tracking software, I would recommend speaking with a professional. The PC Rental agent software and most of this class, are designed to be invisible to the user and would be difficult for most folks to find and remove. If you don’t have an A/V or if you are like me and run several, install Microsoft Security Essentials, it is a free anti-virus for Windows with malware detection included. www.microsoft.com/securityessentials
4) Playstation Network Breach: Without going into the boring details, this was bad. Sony feels they have solved the problem. PSN users must change their passwords to the network and I would put a monitor on your credit cards/credit file if you are a PSN subscriber. I do believe they have learned a hard lesson here and worked to address the issues. They were certainly quick to pull the system back down a few days ago when they found a flaw in the password reset practices.
I could go on and on, and usually do but these topics are important and can be serious to you, your privacy and credit.
Information security doesn’t have to be hard, simple things, Google searches, credit monitoring and the mentioned post-it notes are simple. You don’t have to be a computer whiz or genius to protect yourself, just be aware.
We all want to feel safe in our home with our computer, but it is a door into our lives. How much and how often we open it is completely within our control.