New Tech Brings Domestic Violence Dangers

As a security researcher one area I’ve always cared about is the use of tech in domestic violence cases. My regular readers know how I feel about people who advocate keyloggers as a parental tool. Wake up people, over 90% of the keylogger market is used to spy and control ex-spouses and lovers. Detection and removal of keyloggers is one feature I still always include in the free version of WinPatrol.

It has been over a year since I’ve written about the risks to domestic violence survivors and based on recent experiences it’s time I share some new tips. My past presentations still apply so before I talk about new risks here are links to previous information I presented to the National Network to End Domestic Violence.

• NNEDV Bluetooth Security Presentation
  
  
• NNEDV WiFi Security Presentation

New Tricks

GPS Tracking: The Good and Bad.
One new tech tool for kid safety has been popular but may put survivors in danger. Many cell phone carriers provide GPS tracking for as little as $10 a month. This service allows you to track the location of your child and see where they go and how long they stay. As a parent/grand parent I think this is a fantastic use of technology. Unfortunately, it could also be used by controlling ex-partners. If the words, “Look mom, Dad bought me a new cell phone for Christmas” sound familiar you should think twice. Perhaps I’m a little more suspicious than most but I’ve already advised more than one mom in abusive custody fights how to turn off the GPS feature. If your ex can track your child when in your care, they can track you as well.

30 Day Hold for your Mail
The United States Postal Service has implemented a lot new technology but may still need to add some safe guards. I was recently asked to help a woman who was arrested for failure to appear in Schenectady County Family Court. According to the court she was sent notices advising her of family court matters which she was required to appear. Turns out she never received this mail. She also never received her electric bill and other important correspondence. It turns our her husband went online and with little effort had the post office put a “hold” on her mail without her knowledge. A nice little trick which I hope my readers are good people and won’t abuse this information.

Donate your Phone
Lastly, I know you all have old cell phones sitting around that could be put to good use. Domestic Violence shelters and national organizations like NNEDV still accept donations of old cell phones. These phone are critical to domestic violence survivors and can be a lifeline to help. Check with your local agency or get more information at “Donate Your Phone”.

Cell Phone Security Part 1

Last summer I spoke at a conference of trainers for the National Network to End Domestic Violence. One of topics of interest was cell phone security. After reading so many news stories lately about cell phone hacking I thought it was important to renew this topic. Most of the tips still apply today.

One important thing to remember is your cell phone or Blackberry is a computer. It stores your personal data and is designed to communicate easily with the world. Proper use includes keeping your data backed up regularly and keeping it secure. One of the common ways your cell phone or smart phone communicate is using technology called Bluetooth. Just like your computer, you should know about the following.

· Discovery Mode
This is a special mode that allows you to sync or pair up two devices that provide Bluetooth communications. In discovery mode information about your cell phone is readily available to Bluetooth scanners. In most new phones, when you turn on Discovery mode it will only be available for a short time frame. While this sometimes makes it a pain to pair up devices it’s a great safety feature. Your phone should never remain in Discovery Mode.

· Keep your Phone to yourself
Don’t let others mess around with your phone. Every phone has a physical Bluetooth network address which can’t be changed. Someone checking out your phone can find this numeric address and use it to communicate with your phone even when it’s not in discovery mode. This unique number can not be changed and will look something like 11:1A:D9:EB:11:C7

· Passwords
Just like on your computer your password should not be 1234 or your birthday. It should not be your address, pets name or the same as your ATM pin.

· Unsoliticated Connection Requests
Don’t be shocked if you receive a request to connect for an update or what looks like a news story or free ringtone. It’s very possible this could be an illegitimate attempt at a pairing. If you do get an unsolicited request reply No. If it appears to come from your phone company, you can always call them directly to confirm.

· Update your firmware
Again, just like on your computer, you should regularly connect to your phone vendor and see if any “firmware” updates are available. It’s possible that some kind of security hole was found in your phone’s software and a firmware update could be needed to repair it.

· Encryption
When syncing up your address book or or other data with your computer check to see if encryption is available. This may require you to remember another password but it’s a good idea. While Bluetooth data is designed to only be available in short distances there are long range antenna’s out there which have the ability to read Bluetooth data from a distance.

In part two I’ll review some of the most recent hacker techniques and what products are available that might be able to protect you.

Bluetooth Security Presentation

As I mentioned yesterday I’ll be speaking at a conference about wireless security and along with WiFi or 802.11 wireless, the topic will cover Bluetooth technology which is widely used today in cell phones. I’m including an outline of my talk and welcome your comments, suggestions and stories.

One important thing to remember is your cell phone is a computer. It stores your personal data and can communicate easily with the world. Proper use includes keeping your data backed up regularly and keeping it secure. One of the common ways your cell phone or PDA communicates is using technology called Bluetooth. Just like your computer, you should know about the following.

• Discovery Mode
  This is a special mode that allows you to sync or pair up two devices that provide Bluetooth communications. In discovery mode information about your cell phone is readily available to Bluetooth scanners. In most new phones, when you turn on Discovery mode it will only be available for a short time frame. While this sometimes makes it a pain to pair up devices it’s a great safety feature. Your phone should never remain in Discovery Mode.
  
• Keep your Phone to yourself
  Don’t let others mess around with your phone. Every phone has a physical Bluetooth network address which can’t be changed. Someone checking out your phone can find this numeric address and use it to communicate with your phone even when it’s not in discovery mode. This unique number can not be changed and will look something like 11:1A:D9:EB:11:C7
  
• Passwords
  Just like on your computer your password should not be 1234 or your birthday. It should not be your address, pets name or the same as your ATM pin.
  
• Unsoliticated Connection Requests
  Don’t be shocked if you receive a request to connect for an update or what looks like a news story or free ringtone. It’s very possible this could be an illegitimate attempt at a pairing. If you do get an unsolicited request reply No. If it appears to come from your phone company, you can always call them directly to confirm.
  
• Update your firmware
  Again, just like on your computer, you should regularly connect to your phone vendor and see if any “firmware” updates are available. It’s possible that some kind of security hole was found in your phone’s software and a firmware update could be needed to repair it.


• Encryption
  When syncing up your address book or or other data with your computer check to see if encryption is available. This may require you to remember another password but it’s a good idea. While Bluetooth data is designed to only be available in short distances there are antenna’s out there which increase the ability to read Bluetooth data.