The Cocoon Blog
The Internet as it should be: private, secure and virus free

I’m a coffee shop connoisseur; the most frequent mistake I see with fellow java-lovers is the ease with which they leave their iPhones or iPads lying on the table when they go to retrieve their order. My iPhone is like a third hand when I am in public space; I never let it out of my sight.

When I am in the city (or a high crime rate area), all my devices are carefully concealed. I never give criminals an open invitation to mug me. My Jeep never announces that any semblance of technology exists within.

The lucrative secondhand market for today’s niftiest handsets has produced an explosion in “Apple picking” by thieves. A used iPad or iPhone can fetch more than $400. –ROLFE WINKLER | The Wall Street Journal

After pressure from Congress, regulators and police departments-  the FCC and four major US carriers (AT&T, Sprint, T-Mobile & Verizon) have agreed to form a national joint blacklist database so that stolen devices will not be able to obtain new service. This service should be available sometime in October 2012.

Verizon currently does not allow devices that are stolen to be operated on their network. Sprint cuts off phones that have been reported as stolen and T-Mobile suspends accounts that report stolen phones. AT&T was slow to jump on the bandwagon – but was pleased to join the blacklist initiative.

iCrime

There is a certain mindset that dances to the tune “This could never happen to me!” Get over it already because iCrime could easily happen to you. Gadget theft is big business. My daughter recently experienced the bitter reality of iPhone theft when Siri danced away from a neighborhood BBQ in the arms of a stranger. She was devastated. I couldn’t say “I told you so,” because sometimes people think that the world is made up of entirely nice people.

How can you beef up your security?

Within one hour, Mat Honan of Wired lost his entire digital life to hackers – why? Through the use of social engineering tactics, hackers tricked Apple service reps into granting access to Mat’s iCloud account. Unfortunately, two of his online accounts was daisy-chained – enabling the hackers to gain access to his Gmail and Twitter account. It was a difficult and extremely harsh lesson for Mat to learn and many of us on Twitter sympathized with his pain.

I should have been regularly backing up my MacBook. Because I wasn’t doing that, if all the photos from the first year and a half of my daughter’s life are ultimately lost, I will have only myself to blame. I shouldn’t have daisy-chained two such vital accounts — my Google and my iCloud account — together. I shouldn’t have used the same e-mail prefix across multiple accounts — mhonan@gmail.com, mhonan@me.com, and mhonan@wired.com. And I should have had a recovery address that’s only used for recovery without being tied to core services. –Mat Honan | Wired

Learn from Mat.

Security comes with a price

You are going to have to make a choice between security and convenience. I have learned that inconvenience is one giant step toward fighting iCrime. Backing up data, using complex passwords, disabling services that could open the door to stolen devices – is mandatory when it comes down to proactive versus reactive.

I never want to place myself (or my devices) in a “reactive” position!  I am the type of person that often plans ahead for security disasters. It is the same reason that I use digital surveillance (to upload real-time office images to a remote server) – I take the necessary time to configure and manage my digital assets in order to make life miserable for a potential thief or hacker.

 The Top Ten

1- Backup your iPhone and check the option to encrypt data. You won’t know how much you miss until your iPhone becomes wiped or stolen…

The simplicity of iPhone is that all you have to do is connect your iPhone to iTunes and let it do it’s magic. I use a Windows laptop to back up to the cloud and a Mac to backup locally. I don’t take any chances that either the cloud or the local backup is going to screw me over. Be paranoid – it’s worth it.

2- Use a complex password and set auto-lock on. Strong passwords are still key…

Strong passwords are the first roadblock against thieves and hackers. Don’t bother using a “simple passcode (4-digit numeric) – though there are 10,000 possible combinations for a simple passcode, the complex password offers the strength of 77 to the 37th power.

How do I do it? Navigate to your Home Menu > General > Passcode Lock On > [enter your 4-digit passcode]  Select Turn Passcode off > [enter your 4-digit passcode] Enter Your New Passcode > Click on  Next > [Re-enter your new passcode] and click on DONE.

Also, be sure to Set Auto-Lock to ON: Settings > General > Auto-Lock > Choose 1-5 minutes. Auto-lock is not a strong security function by itself, but when combined with a strong password – it becomes part of a strong security feature.

3- Enable Erase all data on this iPhone after 10 failed passcode attempts. Go to Settings > Passcode Lock > Enter Your Passcode > Click on Done > Erase Data = ON > Enable

If someone steals your iPhone and tries to brute force it, they will be out of luck on the tenth attempt, (when trying to break your passcode) and your phone will be wiped and returned to factory defaults.

4- Enable Find My iphone.  You can download Find My iPhone from the app store or access it through iCloud. You will need to enter your Apple ID and password to access it.

5- Keep your iPhone updated at all times! Simply plug it in to iTunes or download Lookout Mobil Security from the app store.

6- Download apps that come from reliable sources - Such as the App Store. If your phone is jailbroken, Cydia might be the only answer.

7- Disable Bluetooth. Only turn it on when you need it.  Go to Settings > General > Bluetooth > Off

8- Turn off SMS preview. This option is not critical but it can stop a thief from viewing your incoming messages!

9- Manage location settings. Use location settings on a per-application basis only. Go to Settings > Location Services > Turn off all unnecessary apps.

10- Secure your Internet connection . Public Wi-Fi may appear convenient but an unsecure connection can leave you vulnerable to attack. Never allow your iPhone to automatically connect to a wi-fi network. Go to Settings > Wi-Fi > Ask To Join Networks > OFF

Risky behavior on potentially unsecure wifi

67% access personal email
63% access their social network acct
31% shop online
24% access their bank account

Cocoon and its iOS app GetCocoon create a barrier between the user and the Internet, leveraging secure, SSL-encrypted connections to each Internet activity (similar to what banks use). Cocoon eliminates tracking, “man-in-the-middle” attacks, and WiFi sniffers.

 

AppPicker’s mission is to provide a better way to discover iOS and Mac apps that are best for you…

You can read their full review here and you can also follow AppPicker on Twitter and like them on Facebook.

We’re very excited to announce that Cocoon is now available on Apple’s iPad and  iPhone devices! Now you can enjoy the same level of privacy and protection that Cocoon has brought to your computer, while on the go! With smartphone malware, public wi-fi sniffing, and mobile identity theft on the rise, it’s essential that Cocoon users are able to browse securely from any location.

Why it’s Important

A recent survey by Javelin found that 7 percent of U.S. adult smartphone owners have been victim of identity fraud. Furthermore, it is said that as much 24 percent of mobile devices reported malware infections in 2011 (PC Advisor). Mobile malware, like its desktop counterpart, has been known to send malicious text messages, location, or even log keystrokes. The Cocoon app will help protect users from a growing mobile concern: the drive-by malware download.

Perhaps the most alarming issue posing a threat to those browsing from a mobile device is the man-in-the-middle attack. This type of attack is carried out on public wi-fi networks, where users generally browse the Internet over an insecure network with a roomful of strangers. Any one of those strangers could potentially intercept sensitive data and information through what is called a man-in-the-middle attack. In addition to intercepting bank login info, email messages, or credit card details, the attacker may hijack your online accounts; giving them access to all of your personal information.

This is why Cocoon has brought it’s encrypted browsing technology to the mobile platform. With the amount of mobile browsing increasing at the rate it is, it’s becoming very important that we protect ourselves wherever we go.

Fun Tip

Did you know that the Cocoon app will allow you to create disposable email addresses on the go? Just think, you’re signing up for something online, but you really don’t want to be barraged by all that spam mail. When prompted to enter an email address on your iPad or iPhone, simply tap the email field a second time and the “Mailslot” option appears. Hit the button and voila, Cocoon has presented you with a disposable, fully anonymous email address just for that website. Now all the mail that site sends you will be delivered to its own Mailslot box available on all of your Cocoon apps, wherever you go!

We are sliding into the home stretch now! We do not have that many entries, so your chance of winning an iPad is EXCELLENT!  So go ahead and share your story in 500 words or less and you could be the next iPad WINNER…

We are looking for stories that feature how your life was affected by a hacked Internet account, a computer virus, a social networking worm or ? Do you remember the Koobface worm on Facebook? That worm tricked many of us into downloading a fake Adobe Flash update and turned our computers into zombies.  Those of us who succumbed to the worm were completely at the mercy of our attackers. It was a very scary time in the world of social networking.

Not that long ago, I had a Gmail account hacked by a Tunisian hacktivist who held my account hostage until I agreed to tweet about political upheaval in his country. It was a very scary time for me because this particular Gmail account held information about some of my domains, had an extensive contact list, and it also had a few passwords to social networking accounts that I used for testing. Though I can’t enter my cyber-scary hactivist story, you can enter yours!

COCOON DEADLINE: We will be reading contest entries until Midnight PST (GMT – 8:00) and one lucky winner will be drawn at 5 PM PST on Wednesday, November 16, 2011.

 To enter our contest just click on this link and tell us your story. If you have a friend who has not entered, be sure to invite them too!

The Cocoon Team!

Cocoon Privacy Policy

 

We have some great submissions, but we know there are still more great stories to be told. Share your story in 500 words or less and you could win a free iPad!

Your privacy is important to us.  Before you submit your story you  can indicate how you would like your submission to be handled:

• If my story is used, I’m OK being featured (not my contact information).
• If my story is used, I would prefer to remain anonymous.
• If my story is used, I would prefer just my first name be used.

To enter our contest just click on this link and tell us your story and please remember to share this with your friends!

The Cocoon Team!

Cocoon Privacy Policy