Off Topic Messages

This is Y I'll never view the web on a cell‏

Fri Aug 16, 2013 2:38 pm

http://www.nydailynews.com/life-style/i ... -1.1422680

Public charging stations help smartphone users, but also open a new avenue for hacking

Malicious devices and viruses are lurking as more Internet activity migrates to phones and other mobile devices

By Justin Rocket Silverman / NEW YORK DAILY NEWS

Published: Tuesday, August 13, 2013, 2:00 AM

Updated: Tuesday, August 13, 2013, 2:00 AM

NYC PAPERS OUT. Social media use restricted to low res file max 184 x 128 pixels and 72 dpi

Andrew Schwartz

Tracey Zeeck of Oklahoma City makes use of a Street Charge public 'plug-hub' on Hudson River Park’s Pier 25.

When the battery is low, phone-toting New Yorkers will plug into just about anything — but prior to hooking up they should consider who that charger’s been with before.

With public smartphone chargers popping up along streets and in restaurants, bars and airports, security experts fear unprotected charging could cause an epidemic of electronically transmitted viruses.

“When I see a place to charge my phone I get very excited,” said Elaine Dee, 30, a visitor to New York from San Francisco, as she juiced her phone at a public charger on the Christopher St. Pier last week. “Maybe I’m too trusting, but it doesn’t even cross my mind not to plug in.”

Hacking is going mobile as more people use phones to surf the Web, with attacks against smartphones increasing sixfold between 2011 and 2012. Most attacks come through shady email links and Web browsing, but few phone owners realize that swindlers can also take control of their devices through chargers.

Last month, computer scientists at the Black Hat hackers’ convention in Las Vegas proved how easy it is to hide a tiny computer in a public phone charger. Once installed, that small device — which costs less than $50 to assemble — was strong enough to infect an iPhone with a virus.

In the demo, the virus forced the phone to make a call — but a more malicious code could easily be crafted to steal banking information, email passwords and text messages, or even track the movement of cell owners.

“I would never plug my phone into a public charger,” says Billy Lau, a research scientist at the Georgia Institute of Technology who led the Black Hat demo. “You don’t know whether you are just charging your phone or if something else is going on.”

Lau explained that most viruses are designed to hide themselves, so a typical user wouldn’t know if the phone had been infected.

“The particular reason that this kind of attack is so dangerous is because the hardware is so easy to assemble,” he says. On or off, Apple or Android, many smartphones can be susceptible to charger-based hacks. Password protection makes hacking harder, but not impossible.

“Any current iPhone is vulnerable to this attack,” reports PC Magazine. “The only defense is a very simple rule: Don’t plug your phone into a charger you don’t own.”

That’s tough for busy restaurateur Anthony Colón, 41, who owns Cafecito Bogotá in Greenpoint.

“I have a business to run, and by midday I’m always looking for a place to charge my phone,” says Colón. “I carry my charger in my pocket at all times and constantly look for wall outlets.”

So he was thrilled when he spotted a public solar-powered juicing station — one of 25 roving plug-hubs citywide operated by pilot program Street Charge — on the Hudson River Greenway last week.

Only after hooking up did he wonder what, exactly, he was plugged into.

Street Charge’s units offer free power to a variety of mobile devices in a program sponsored by AT&T through September. But because these towers (like smaller stations at downtown watering holes Agave and Central Bar, and midtown’s Tao, provided through a company called Brightbox) are left unattended, there’s a risk that hackers could co-opt them, security insiders claim.

And because of the way many docking stations are designed, battery-craving phone owners can’t see if any other devices are getting in on the action.

“There’s definitely a security risk associated with public charging stations,” says Alicia diVittorio, a consumer safety advocate at the mobile security company Lookout. “It can be an open channel for potential attackers. We recommend against using them.”

Apple has said a fix for the vulnerability demonstrated at Black Hat is included in a new version of its operating system, due out this fall. But new and better hacks are always possible — and non-Apple products tend to be even more susceptible to attacks.

There have been no reports of phones being hacked at Street Charge docking stations, and Mark Prommel, a partner at Brooklyn-based Pensa, which designed the devices, says it would be a challenge to compromise his machines.

“For someone to get into the unit and replace the board is quite an elaborate process,” he says. “You would have to remove the top panel, and we’re talking hundreds of pounds of equipment. It would be hard to do without being noticed. If you really wanted to steal data from someone, there would be easier ways of doing it.”
No matter how hackers go about it, smartphones are a data gold mine for identity thieves.

Blearly-eyed Brooklynites are constantly asking Mikey Weiss, owner of Williamsburg computer shop Mikey’s Hook Up, to inspect their phones for signs of hacking — usually because a photo or file seems to have vanished. In almost every case, the phone has not been hacked.

“Generally, someone looking to hack a phone is after money,” says Weiss. “So you should worry about it if you are a government or a bank, but someone living month to month is not at high risk.”

The Street Charge station is convenient for a battery refill, but hacker demonstrations have shown that virus attacks can be carried out through such units.
Andrew Schwartz

The Street Charge station is convenient for a battery refill, but hacker demonstrations have shown that virus attacks can be carried out through such units.
How they hack your phone:

1: Build a “Mactan,” a small computer that costs less than $50.
2: Hide the Mactan inside a public charging port.
3: Wait for someone to come along and plug in a cell phone for a quick charge. The virus takes less than a minute to upload.
4: The phone now has a virus that can mine personal information or transmit the phone's location to a hacker.

How to know if your phone has been hacked:

Most viruses are programed to stay hidden, says Billy Lau, a research scientist at the Georgia Institute of Technology, who invented the Mactan. However, there is a way to see if a virus has been loaded onto a phone. For the iPhone, go to “Settings” and then tap “General.” The first menu will present options for “About,” “Software Update” and “Usage.’ If there is another option there, one for “Provisioning Profile,” it means there is some software running in the background that you should have checked out.

More people are using smartphones for their Web access, but there is still a virus risk.
images by Tang Ming Tung/Getty Images/Flickr RF

More people are using smartphones for their Web access, but there is still a virus risk.

What the hack! Attacks against smartphones increased sixfold from 2011 to 2012.
Fotografias de Rodolfo Velasco/Getty Images/Flickr RF

What the hack! Attacks against smartphones increased sixfold from 2011 to 2012.

Charging stations, like this one in Hudson River Park, are convenient — but may fall prey to hackers.
Andrew Schwartz

Charging stations, like this one in Hudson River Park, are convenient — but may fall prey to hackers.

Re: This is Y I'll never view the web on a cell‏

Fri Aug 16, 2013 9:45 pm

you can get anti virus software for the phone, just like you can for the computer...

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 12:34 am

elvis4life wrote:This is Y I'll never view the web on a cell‏.


What's your position on writing out the word 'why'?

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 3:21 am

I have a $30.00 anti-virus/protection app on mine.

Sent From My Phabulous Galaxy Note II Phablet Using Tapatalk 4

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 3:23 am

And if you must be charged, get your own solar charger. Simple.

Sent From My Phabulous Galaxy Note II Phablet Using Tapatalk 4

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 12:10 pm

This is the best security Android app on the market and it's free.
If you would have had this app already installed this topic wouldn't exist. :wink:

http://www.trustgo.com/en/

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 12:29 pm

promiseland wrote:This is the best security Android app on the market and it's free.
If you would have had this app already installed this topic wouldn't exist. :wink:

http://www.trustgo.com/en/

This appears to be ACTUALLY free; the premium version of Norton Mobile Security is 30 bucks. Sigh . . . :( rjm

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 1:13 pm

I said it was FREE in my post, and guess what it's better than Norton and it doesn't nag you. :wink:
Next time hit me up before you waste your $$ :facep:

Re: This is Y I'll never view the web on a cell‏

Sat Aug 17, 2013 1:23 pm

rjm I should post this in my Software section but while we are here, you may want to get this app also, it's another FREE one that's a #1 rated Android app that will speed up and optimize your phone to run like a bat out of ..you know what... you will love the game mode function and yes it's free! :wink:
I recommend to run this as a companion with TrustGo Mobile Security as the two together provide the full benefit of both worlds to provide total care and security on your Android system.

http://www.iobit.com/advanced-mobile-care.php

PS: Norton is a resource hog which ='s battery drainer. although you spent $30, the uninstall will benefit you in the long run if you wisely choose to go with both programs above. :idea:

Re: This is Y I'll never view the web on a cell‏

Sun Aug 18, 2013 1:41 am

I'll think about it; $30.00 is roughly 30 TIMES MORE than your average paid app. Gulp.

I have to buy Nero Recode for the SAME price. So, uninstalling is kind of a tough decision, one must admit. Hmmm.

rjm

Sent From My Phabulous Galaxy Note II Phablet Using Tapatalk 4