We've become accustomed to having ready access to the internet just about anywhere. The problem is, it's easy to forget how vulnerable that makes us to security threats. We show you what's secure and what's not, and how to make sure your smartphones and tablet PCs don't get hacked the next time you step out of the house.
6. URLs beginning with 'https:' are safer (but not foolproof)
Whenever you're accessing a site where you'll be sharing personal or confidential information - your bank's site, for example - you want to make sure that you're doing so securely. The s in https means that you're connected to the site via the Secure Socket Layer (SSL). In layman's terms, this means that all data transmitted to that particular website over the internet is encrypted.
SSL is not foolproof though: If you're on an unencrypted network connection, you may still be subject to man-in-the-middle (MITM) attacks, a form of eavesdropping where the bad guy makes a connection independently with two parties and then "gets in the middle," making both believe that they are talking directly to each other.
These types of attacks are rare, but to guard against them, make sure you're both connected to a secured network and that websites use https when you're entering sensitive information.
In addition, says Nocera, most email service providers have both a clear text option (that sends unencrypted data) and an encryption (SSL) option. "Make sure you have the SSL option enabled," he says.
7. Use VPN
If you have access to a VPN (virtual private network), use it. A VPN provides secure access to an organisation's network and allows you to get online behind a secure layer that protects your information.
8. Turn off cookies and autofill
If your mobile device automatically enters passwords and login information into websites you visit frequently, turn that feature off. It's convenient, but it can also be a privacy threat. To get back some of the convenience that autofill offers, you can try third-party apps, available for most platforms, that can manage saved passwords with a higher level of security. Mac OS X, for instance, comes with a built-in password manager - Keychain. KeePass is a free, open-source password manager for some versions of Windows. For iOS and Android smartphones, there's LastPass, 1Password and SplashID. Using them is not as secure as turning off autofill altogether, but it's one way to strike a good balance. In the end, a little inconvenience can go a long way toward added security.
9. Watch your apps!
Apps are great, and many are free, so it can be tempting to download with abandon. But, Nocera cautions, you should be selective about the apps you download, particularly in the Android market, because "the Android app market is a little bit more open", without the strict developer guidelines found in Apple's App Store. Do some due diligence before downloading apps. Make sure that you trust the developer and have taken the time to review some of comments.
TaintDroid is an Android tool that can identify apps that transmit private data and notify users that a third-party application is requesting private information. However, it's not an app that's offered through the Android Market. Instead, users have to manually compile and build the app using the framework provided by an app analysis company.
NEXT PAGE: If you still get hacked..
- Make sure your devices don't get hacked
- 9 tips for keeping devices safe
- Even more tips
- If you still get hacked