Teens and Screens: What Parents Need to Know About Teenagers’ Mobile Habits

Summer is officially here and that means the malls, theaters, streets, and parks of America will soon be teaming with hordes of teens, their faces lit by the electric blue hue of smartphones and mobile devices. Yes, there will be tweets, Facebook posts, SnapChats and Instagrams too. Most of this social media deluge will be harmless, but some of it won’t be—especially when it comes to teenagers’ online and offline safety. With this in mind, McAfee set about to learn what was “hip,” and “keen,” what was “square,” and “lame-o,” in the relationship between tweens, teenagers, their screens, and their parents.

McAfee’s Teens and the Screen study analyzed the social media and technology habits of 1,502 U.S. young men and women ages 10-to-18. While the results revealed a more positive relationship overall between teenagers and their parents when it comes to digital habits, there were still some disconnects and deceit. For example, 54% of teenagers actually trust their parents with their personal device passwords, yet 36% of the respondents admitted to using a friend’s device, and 14% went as far as creating a duplicate or fake account to avoid parental scrutiny.

Aside from a penchant for hiding things from their parents, the results also revealed a turbulent picture of what teens and tweens actually do on their devices. Unsurprisingly, social media proved the most popular for teens and more than 50% used mobile apps like SnapChat and Instagram daily—but not without consequences. 49% of teenagers admitted to posting something on a social network that they later regretted. Another 52% said they’ve gotten into a fight because of a post on a social media network. Thankfully, only 4% of those fights turned physical. Less fortunate, however, is the fact that 9% of those surveyed have at one point feared for their safety because of what transpired over a social network. That’s 9% more than there should ever be, as cyberbullying has become all too prevalent among youth today.

TeensandtheScreen_Tip_Converse

Aside from social networking gone wrong, 52% of teens admittedly do not turn off their location/global positioning system (GPS) services across apps. Users of Foursquare and Instagram were the main culprits, putting their privacy in jeopardy when they check in or post photos while on the go—especially in tandem with sharing personal information like home addresses and phone numbers online.

But don’t fret: more often than not, teenagers today are aware of online dangers. 77% of respondents said they believe that what they post online can never be deleted (an accurate philosophy to have), and 95% said they think that what they do online can affect their identity in real life. Additionally, 61% said they have enabled privacy settings on their social networking profiles to protect both their location and content.

So what can parents do to improve their children’s mobile habits? It all starts with open communication about the dangers they can encounter as a result of unsafe sharing habits. While you won’t be able to protect them all of the time, with the right information, you can give kids the tools to make smart decisions. The simple act of sitting down and explaining to your teens and tweens that what they text, tweet, and post can also affect them in the real world is a great foundation for building safe habits. Additionally, make sure kids protect their mobile devices with McAfee® Mobile Security, available for free for both Apple iOS and Android devices.

TeensandtheScreen_Tip_Reputation

And, of course, stay on top of the latest consumer and mobile security threats by following @McAfeeConsumer on Twitter and Like us on Facebook.

lianne-caetano

The post Teens and Screens: What Parents Need to Know About Teenagers’ Mobile Habits appeared first on McAfee Blogs.

Don’t Get Kicked By Football Players Online

The biggest sporting event of the year just kicked off. If you’re not a football fan (that’s soccer for us Yanks), this is the ultimate goal and it’s just getting started. Many fans will head to Brazil to watch these games and their favorite players, but many more fans will flock online to find out information about the players and teams.

Cybercriminals once again are taking advantage of these large numbers and have pounced on the eagerness of fans of the world’s most popular sport. Portugal’s Cristiano Ronaldo dos Santos Aveiro just barely edges other football stars as the world’s riskiest football player to search for online and tops the McAfee “Red Card Club.”

The McAfee “Red Card Club” is a list of eleven Brazil bound players whose web pages are considered to be risky for fans to search for online. Following Ronaldo are Argentina’s Lionel Messi, Spain’s Iker Cassillas, Brazil’s Neymar and Algeria’s Karim Ziani.

The sites most likely to be risky are those offering videos showing the athlete’s skills, and screensaver downloads. These rigged sites are just waiting to trick you into giving up personal information so that the thieves can steal your identity or get ahold of credit card information and max out your cards.

The study uses McAfee® SiteAdvisor® site ratings, which indicate which sites are risky when attached to football players’ names on the Web and calculates an overall risk percentage.

 

RedCard

 

So what’s an excited football fan to do? While it’s probably not feasible for us to stop searching for information about these stars, we can make sure we are safe while doing so. Here are some tips for you to stay safe online:

  • Be suspicious — If a search turns up a link to free content or too-good-to-be-true offers, it usually is.
  • Be extra cautious when searching on hot topics—Cybercriminals set up fake and malicious sites that dominate these time-sensitive search results.
  • Use web protection— Make sure to use a safe search tool that will notify you of risky sites or links before you visit them. McAfee SiteAdvisor software can be downloaded for free here.
  • Check the Web address—Look for misspellings or other clues that the link might be directed to a phony website.
  • Protect yourself—Use comprehensive security on all your PCs, Macs, smartphone and tablets, like McAfee Live Safe™ service, that comes with McAfee SiteAdvisor, a complimentary tool that protects your from going to risky websites and prevents malicious downloads.

 

Stay safe online!

 

RobertSiciliano

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

The post Don’t Get Kicked By Football Players Online appeared first on McAfee Blogs.

Kill switch, but which? Towards a more holistic approach to phone theft

Whether your smartphone is white, black or gold, it’s now about 30 times more valuable per ounce than a block of solid silver – and almost as easy to convert discreetly into cash. Is it any wonder that more than 10,000 mobile phones are now stolen in London every month?

The issue has become so serious that London mayor Boris Johnson has publicly questioned whether it is “beyond the wit of tech wizards to stop phone theft”. While this may not be the case, the question remains of how the industry can begin to tackle the smartphone theft issue.

The car stereo theft epidemic of the 1990s offers some lessons: change the value, or the ease with which thieves can liquidate that value, and make the stolen phone easier to recover and riskier to handle.

As a hacker, I solve problems with technology. Often that means reshaping the technology I work with, endowing it with new capabilities to serve my needs, and it is this way of thinking that we need to tap into when looking to solve the problem of smartphone theft. By hacking smartphone technology we can enhance it with features that will defend users against theft and ensure that those who do steal devices are caught and prosecuted.

Many of us have recently heard or seen the term “kill switch” floating around in the media. The concept of a kill switch can be interpreted in several different technical ways, each of which has its own advantages and disadvantages, but all of which attack the economy of smartphone theft.

1. Activation locks
Activation locks rely on a design that forces a smartphone owner to register with the manufacturer’s servers in order to activate its features. These servers track who a phone belongs to and keep a record of its basic security settings, so every time a device gets wiped clean or is reinstalled, they can reinstate the security locks and ownership rights the next time it activates.

Overall this is a good approach, but it does have a couple of weaknesses. First, you only discover that a phone is “locked” when you get part way into the reactivation process as that is typically when a wiped device starts to talk to the appropriate servers again. As this is not something a person buying a second hand phone is likely to discover until long after the transaction, the thief still has plenty of opportunity to sell the stolen device.

2. Persistent security software
Some manufacturers have announced that anti-theft tracking software will be installed as part of the phone’s operating system, with the idea that even if the device is wiped, this tracking software will remain installed. By making security software more difficult for criminals to remove, we both protect users and make it easier for the stolen phones to be found, and therefore riskier to sell. However, while this kind implementation makes the software harder to remove, it is not impossible so this approach should be combined with other security features for maximum effect.

3. Software or hardware to remotely ‘brick’ a phone
In this case, a “self-destruct” capability is built into the phone. Once the phone is stolen, this feature is activated, rendering the phone useless, like a brick. Rather than Mission Impossible-style exploding phones, this kind of feature usually relies on microscopic fuses that are embedded in the processors or software that irretrievably scrambles the device firmware. A bricked phone is the most dramatic approach that people think of when someone mentions a kill switch – however, it is also the hardest approach to get right.

First, it’s very hard to break hardware in a way that can’t be repaired since the industry is getting better at fixing things all the time, even at a microscopic level. Secondly, it will be incredibly hard to adequately secure this type of feature, particularly given the ability to kill large numbers of phones in an area or even a whole country.

Looking for a holistic solution

There is never going to be a single silver bullet that stops smartphone crime. The most effective approach to a kill switch will utilise a number of locking, disabling and tracking technologies in combination so that their strengths are magnified and their weaknesses mitigated.

The ideal approach will ensure that every time a device is wiped or reinstalled, it automatically authenticates with manufacturer or operator servers to re-establish the correct security software and security settings. Once reactivated, this software protects the device while advertising its true ownership, killing the opportunity for the thief to cash in on his crime. Meanwhile the device should silently begin to call for help by transmitting its location to the authorities even after the SIM card has been removed.

A robust, holistic approach such as this would represent a direct attack against the economy of smartphone theft. Instead of being a valuable commodity, a stolen smartphone would become a liability for whoever handles it: a digital whistleblower more likely to get a thief arrested than compensated.

Marc Rogers is principal security researcher for Lookout

To get weekly news analysis, job alerts and event notifications direct to your inbox, sign up free for Media Network membership.

All Guardian Media Network content is editorially independent except for pieces labelled ‘Advertisement feature’. Find out more here.

The Privacy Problems with Mobile Messaging Apps

When you chat with someone through a third-party messaging app, be aware that someone may read it—someone other than your intended recipient. Much like a package left unattended on your doorstep, the risk of someone getting ahold of personal items or information is at an all time high. Online privacy is a premium, which is why mobile chat apps that proclaim to keep conversations completely secure are so popular—despite some recent hiccups.

In late April, security researchers discovered that the popular mobile messaging app, Viber, sent video and images without encrypting them (the equivalent of scrambling the message so only the intended receiver can descramble and thus read) first. To make matters worse, the app also stored the messages online on a publicly available server, making it possible for private photos and messages to be accessed by anyone with enough determination and knowhow. The company has now solved the issue, but the potential damage done is still hard to determine.

But Viber isn’t alone.

Snapchat, the popular messaging platform that promises to erase each message after it is viewed, recently settled with the Federal Trade Commission regarding a similar infraction. The reason: its messages didn’t actually disappear as often as promised.

Then there’s WhatsApp, the messaging platform recently acquired by Facebook for $16 billion. In December, I wrote about the security bug that allowed its chat histories to be stored in other apps on an Android phone—an easily exploitable security hole for hackers.

All of these bugs, loopholes and lapses in security highlight the reality that mobile messaging apps aren’t as secure as you think they are. Additionally, whether something is supposedly anonymous or ephemeral, what you send is on the Internet forever in some form or another. In reality, once you hit the “post” or “send” button—and in some cases, even before—any message, photo, video, chat log, comment or email is never truly erased on the Web.

While all of these vulnerabilities are fixable and often fixed as soon as they are discovered, the burden of protecting private messages still falls on the user. Because most of these mobile chat apps store messages on servers before relaying them to your intended recipient, it leaves them vulnerable to clever criminals or security loopholes. Anyone with the right hacking knowledge, or warrant, can access those private messages later without your or the company’s knowledge. And then it’s out there, forever.

So with this in mind, what can you do to protect yourself and your personal information when using mobile chat apps like Viber? Here are a few things to keep in mind:

  • Avoid surfing the Web or sending private information via public Wi-Fi. Public Wi-Fi is an invaluable tool to some, but can pose more security problems than it is actually worth. Since public networks tend to be used by a lot of people, they’re prime targets for hackers. Hackers can easily sniff data like photos, messages, passwords, usernames, and banking information that’s sent from laptops, tablets or smartphones.
  • Avoid sending sensitive information on chat apps or via text message. Social Security numbers, bank accounts, and racy photos—these types of information need to stay off of your gadgets and messaging apps. McAfee’s 2014 Love, Relationships and Technology study found that 50% of people used their mobile devices to share and receive intimate content. Phones can be lost or stolen, and the nosy among us can simply peer over a shoulder to see what’s on a phone’s screen. Before sending something personal or potentially embarrassing, ask yourself if you would be comfortable having it posted publicly online.
  • Protect your phone with security software. Hackers can, theoretically, read your messages remotely. But if you don’t secure your phone with a password, anyone who gets their hands on your device can accomplish the same much faster. That’s why it’s important to lock your device down with a password or PIN code. McAfee® Mobile Security, free for both Android and iOS, provides backup and recovery for contacts on both versions. Additionally, Android users can secretly take a photo of whoever is in possession of your phone and also remotely wipe your data.

And, of course, stay on top of the latest consumer and mobile security threats by following @McAfeeConsumer on Twitter and Like us on Facebook.

lianne-caetano

The post The Privacy Problems with Mobile Messaging Apps appeared first on McAfee Blogs.