By James38 / Blog / / 0 Comments

PSA: Severe Vulnerability in All Wi-Fi Devices

This entry was posted in General Security on October 16, 2017 by Mark Maunder   0 Replies

This is a public service announcement (PSA) from the Wordfence team regarding a security issue that has a wide impact.

Today is being called “Black Monday” in many information security circles. We have had a major Wi-Fi vulnerability announced that affects absolutely every device that supports Wi-Fi. The vulnerability allows attackers to decrypt WPA2 connections. A second vulnerability also emerged today, and we will cover that at the end of this post.

The Wi-Fi vulnerability is being called “KRACK”, which is short for Key Reinstallation Attacks.

I’m going to cover the problem in relatively non-technical terms in this post so that you are able to clearly understand how this affects you and what you can do about it, right now.

Once you are done reading this, I strongly recommend you spread the word, because this Wi-Fi weakness can allow attackers to crack WPA2 which was previously thought of as a secure Wi-Fi encryption protocol.

The WPA2 Wi-Fi Vulnerability

WPA2 is a protocol that secures all modern protected Wi-Fi networks. According to statistics by Wigle.net, it secures 60% of the world’s Wi-Fi networks.

Researchers at KU Leuven, a university in Flanders in Belgium, have discovered a way for an attacker to read sensitive information that is sent over a Wi-Fi network using WPA2.

Attackers can use this to steal sensitive information like credit card numbers, passwords, chat messages, emails, photos and more. The attack works against all modern protected Wi-Fi networks.

It may also be possible for an attacker to inject malicious information into the Wi-Fi network. This could include ransomware and malware.

The vulnerability is in the Wi-Fi standard itself, and not in individual products or their implementations. That means that all products that correctly implement the WPA2 standard are affected.

If your device supports Wi-Fi, it is likely affected by this vulnerability. 

Products that are known to be affected by this at this time include Android, Linux, Apple, Microsoft Windows, Linksys and more. The list of affected vendors is enormous, and vendors including Amazon, Cisco and Netgear are scrambling to release patches to fix this issue.

BleepingComputer has compiled a running list of vendors that will be growing over time as more information about patches becomes available.

What to Do About the WPA2 Vulnerability

This affects every device you own that uses Wi-Fi. If your device uses public Wi-Fi, you are at higher risk. The vendors that make your products are working on patches which they will release in the coming days. As they release the patches, you will need to update your devices and hardware.

The good news is that this vulnerability does not require you to replace any hardware. It is fixable through a software update.

The devices and hardware you will need to update, once patches are released, include the following:

  • Desktop workstations
  • Laptops/notebooks
  • Mobile phones
  • Tablets and e-readers that use Wi-Fi
  • Home and office routers
  • Home devices like NEST, Amazon Echo and Google Home
  • Printers, both home and office, that use Wi-Fi
  • Any other device that uses Wi-Fi

You should prioritize devices that use public Wi-Fi higher than your other devices. This puts mobile phones and tablets at the top of the list.

How to Stay on Top of Updates

Your desktop, mobile and tablet devices will prompt you when an important security update is available. Many may update automatically. Most devices also provide an option to manually check for updates. We recommend you do that periodically this week so that you catch any updates as soon as they are released.

For routers, printers and other “Internet of things” devices, you may have to sign into the device to manually update the device “firmware.” For routers, you can contact your Internet service provider for help if you are unsure how to update. You may need to consult the manual of other devices or do a Google search to learn if they are affected.

You can find out the technical details on the KRACK attack from the researchers themselves at krackattacks.com.

Black Monday

Another vulnerability known as “ROCA” was also announced today. This vulnerability involves an attack on public key encryption which may weaken the way we authenticate software when installing it. It affects many other systems that rely on public/private key encryption and signing. Fixing this also requires you to update your devices using vendor-released software updates, so keep an eye out for security updates for your devices and workstations that fix any ROCA-related issues.

The combination of KRACK and ROCA is why we are referring to today as “Black Monday.” These are both severe vulnerabilities, and they emerged on the same day.

It is imperative that we get the word out about these vulnerabilities so that our friends and colleagues can update their devices before they are exploited. Please spread the word.

manage my Apple ID
By James38 / Blog / 0 Comments

How to manage your Apple ID on your iPhone

What is an Apple ID?

An Apple ID is the personal account you use to access Apple services like the App Store, iTunes Store, iCloud, iMessage, the Apple Online Store, FaceTime, and more. It includes the email address and password you use to sign in, as well as all the contact, payment, and security details that you’ll use across Apple services.

When do I use my Apple ID?

Any time you set up a new device, make a purchase, or use any Apple service, you will be asked to sign in with your Apple ID and password. Once signed in you’ll have access to the service and all the personal information in your account.

How many Apple IDs do I need?

Just one. Use the same Apple ID everywhere you sign in to ensure that all your Apple services and devices work together seamlessly and you can access your personal content from all your devices.

Can I share an Apple ID with someone else?

Your Apple ID should not be shared with anyone else. It provides access to personal information including contacts, photos, device backups, and more. Sharing your Apple ID with someone else means you are giving them access to all your personal content and may lead to confusion over who actually owns the account. To share iTunes & App Store purchases, photos, a calendar, and more with someone else, try Family Sharing, iCloud Photo Sharing, or other easy-to-use sharing features.

How can I keep my Apple ID secure?

Security and privacy are very important to Apple and we provide a number of ways to secure your Apple ID and protect your privacy including strong passwords, two-factor authentication, and more. Learn more about security and your Apple ID.

For more information or help, visit Apple Support.

iOS 11 wallpaper
By James38 / Uncategorized / 0 Comments

In the excitement leading unto the new iPhone, the 8th one, apparently to be called iPhone X, there has been a raft of internal leaks appertaining to the latest features including facial recognition and many other features. Read more here 9 to 5 Mac magazine and see the latest iOS 11 wallpapers.

But for the real truth and the real features wait until Apple unveil it on Tuesday – there is always a surprise or two and lots of things to make you go wow and want to buy one.

We wrote this article below quite a while ago in response to lots of calls we get each week about other repair shops work. Typically people ask us to go and have a look at a screen that is

  1. Not responding to touch or is doing its own thing ? (behaving like someone else is typing)
  2. Coming apart at the edges after a short period of time
  3. Has unresponsive areas

We understand technology and we understand that sometimes it goes wrong. We are the only repair shop in Yorkshire to give a 12 month warranty with all our repairs (excluding water damage) as we know things can go wrong. 

We only deal with UK suppliers who give us a 12 month warranty – so we pass this onto our customers. Which means if you aren’t happy and we think it’s the fault of the product we’ve fitted we’ll repair it again at our cost. Return the faulty item to the supplier and they can deal with it. We get a new one in replacement.

Sometimes also repairs aren’t straightforward, a little like a doctor, symptoms can be misleading or have more than one illness/fault. So we’ll always use our best educated guess to solve it, it maybe then that the fault re-occurs, it’s then we’ll help further to try and diagnose more specifically for you. In some rare cases chip faults at board level can masquerade as part issues, making you think its the battery or charging port that’s at fault when actually it’s the charging chip failing.

If you get a poor service from another repair shop, read the article below but always try and resolve it with them. Anyone should give a warranty, an undertaking to have done a good job and put it right if it fails. They have that legal responsibility. Don’t ket them tell you it’s something you must have done.

If you need help, advice or to book a repair, call us on 0330 999 2949

 

Faulty phone screen repair and the law – how do i complain

 

 

How to child-proof your iPhone and iPad

Here at Mend my iPhone York, we’re often getting phone calls from customers who have damaged iPhones. One common cause of the damage: Kids. iPhones and iPads are the perfect device for keeping kids amused, whether it’s while you’re waiting for your food in a restaurant or because you can’t stand another episode of Caillou on Netflix.
Apps for kids are a massive industry, from preschool games, through common sight word spelling games all the way to GCSE revision apps. Chances are at some point you will be handing over your phone or pad to your offspring – but if you do, you want to make sure it comes back in the same state you left it. Here’s how.

Protecting your account

So, you’ll probably have heard the stories where a kid used their parents iPhone and ran up thousands of pounds of debt on their iTunes account? That’s the sort of thing you need to prevent happening if you’re handing your phone over to your own (or someone else’s) offspring. You may also have apps with sensitive data, things you don’t want your child to accidentally get into. Here are a few options for controlling who gets to do what on your phone.

Guided Access

This setting was intended to help workers keep focused on their phones. It restricts access on your phone to a single app – and that’s perfect for letting your kid play Angry Birds while you’re in the doctor’s waiting room. You’ll find guided access under Settings – General – Accessibility – Guided Access. There you can turn it on or off, and change the settings. A really useful one is the timer, so if you want to limit screen time, that’s one way to do it (and your phone can give a verbal reminder to save you being yelled at).
A quick and easy way to set this up is to open the app that you want your kids to use, then triple click the home button to get into settings and turn on guided access.

Restrict in-app purchases

Restrictions will help you avoid accidental purchases, or your kids running up a bill buying extra turns on Candy Crush. Go to Settings – General – Restrictions and enable restrictions. You’ll be asked to set a passcode; choose a different one from your unlock code which, let’s face it, your toddler has probably already memorised.

Once you’ve done that, you have a few options. You can simply turn off in-app purchases completely (but then you can’t buy extra turns in Candy Crush); belt and braces is to turn off iTunes store, iBooks store, apps and in-app purchases. You can also change your settings to require a password for every download.
You might also have seen some apps offering passcode protection on a per-app basis. These aren’t Apple features, and some require your phone to be jail-broken in order to install. That’s a process where the restrictions Apple place on iOS are removed, allowing apps to do things to your phone they wouldn’t usually be able to do. Buyer, beware.

Protecting your child

You probably have a firewall with parental restrictions set up at home, but when you’re out and about using other people’s wifi or your mobile data allowance, it could be different. The good news is that there are settings on your iPhone that will help you mimic your firewall and protect your children from some of the less savoury content on the internet.

Restricting Access

Back into settings again, then general – restrictions. If you haven’t already enabled them, do that now. If you scroll down to ‘allowed content’ you can choose things like the ratings of any videos that play we well as the opening of apps like Facebook and Twitter. It won’t turn them off, you’ll just need to use your restrictions passcode to lift them.
There are also several parental control apps that manage restrictions to sites, and monitor screen time if you want to do that.

Protecting your phone

Kids drop things. Even things that they want to be very careful with. I’m sure your kids are perfect little angels, but my kids have even been known to throw things when they’re upset. Things like iPhones. Although the screens are surprisingly robust, they do break (don’t worry if they do, we can fix them) but it might be worth investing in some protection if your children use your phone or iPad a lot.

Screen Protection

Use something like Tech Armour’s Ballistic Screen Protector to give the phone a fighting chance.
Waterproofing
The submariner by Kona is waterproof up to 100 feet. It won’t just protect your phone if it accidentally falls in the bath, it will let you take your phone into the pool or underwater to take pictures.

Shockproof cases

The OtterBox defender comes in a whole range of colours and is reasonably priced, it comes with an in-built screen protector and a stand so you can use it for Facetime or watching videos.
There are many more different cases, it’s worth thinking about when and where you and your kids use your iPhone or iPad so you can make sure that you’ve got the right type of protection.
One last tip

Find my iPhone

I have a friend whose toddler tossed their phone out of the buggy on the way to the shops; the only way they were reunited was using that app.

That’s our brief guide to kid-proofing your iPhone or iPad. We hope it helps. If all else fails and your iPhone or iPad do take damage, give us a call on 0330 999 2949. Don’t worry, you won’t be the first.

mend an iPhone

Why you should mend your iPhone rather than upgrade

 

Whoops! You’ve dropped your iPhone, again, and the screen is cracked. Oh well, you’d been eyeing the shiny new model anyway so it’s the perfect time to upgrade. Just throw the old one in the drawer and forget about it, right? Many people do: that’s why there are now more mobile phones than people.
As the name of this website might suggest, we’re a bit biased on this topic, but here’s why we think you should mend your iPhone rather than (or as well as ) taking that upgrade:

Financials

When you upgrade you get tied into an expensive contract. The phone companies have to do that, they have to recover the cost of the handset along with the cost of your calls, texts and data over the term. If your current phone has already lasted through the original contract you now have the chance to unlock your phone and shop around for a deal that will offer you better value for money.
When you take out a contract, you don’t usually have to pay (up front) for the phone itself, so it can be easy to forget that they’re worth hundreds of pounds. The re-sale value on iPhones is pretty good and even damaged phones are sought after, but you’ll get the best return on your investment if you mend your iPhone before you sell.

New isn’t always better

Phone companies, and Apple in particular like to market towards early adopters. They know that there is a huge appetite for their latest upgrade, and they are trying to bypass your common sense and get you to want something you don’t necessarily need. If the only problem with your current phone is a cracked screen, a sticky home button or a worn out battery then you can fix those with a simple repair and wait and see if there are any problems with the new model before you invest (iPhone 4 antenna, anyone?)

It’s Greener

Sticking your phone in a drawer isn’t the environmentally responsible thing to do. iPhones contain precious metals and plastics that can be recycled, if the phone really has come to the end of its life. Remember the old adage, ‘Reduce, reuse, recycle’. Reduce means only upgrading if you really need to, and if you must then make sure your iPhone gets reused, until it really is obsolete and needs to go to the great Apple Store in the sky. Just don’t let it go to the landfill, please.
Repair may be cheaper and easier than you think
You may have heard horror stories about how much iPhones cost to repair, or have a friend of a friend who had a bad experience with a shop or market stall who did more harm than good when fixing their phone. If you have concerns about finding a repairer, ask around. Word of mouth is a great way to choose someone to mend your iPhone.

Here at Mend my iPhone York, our prices are kept up to date, right here on our website. We will come to your home or office, (or you can meet us at one of our drop-ins) and we will carry out the repair in front of you. We don’t leave unless you’re happy – you don’t have to take our word for it, look at the reviews our customers have left on our Facebook page.

Pass it on

A lot of people pass their phone on when they upgrade. Adults pass their handsets to their kids (an heirloom iPhone!) or onto their own parents to bring the older generation into the world of smart phones. Even if your young ‘uns are too little to take a phone out of the house, they can still use the handset as a mini-mini-iPad and play games or listen to music.

That’s great but my phone is water damaged, you can’t repair that!

Actually, we can. It’s one of our specialities. Even iPhone that other repairers wouldn’t touch with a barge pole, we’d gladly take a look. Even if we can’t save the phone, we may be able to save your data and the memories on your photo stream? Priceless.

Mending iPhones is what we do – we want you to mend your iPhone. It’s what we’re good at it, and for all the reasons we’ve stated above we think it’s the right choice. So, if you’re in York (or thereabouts) then give us a call on 0330 999 2949 and we’ll do what we do best: Mend your iPhone.

By James38 / Uncategorized / 0 Comments

Mend My iPhone uses Rural Sim

James Thompson and his business Mend My iPhone has become part of the RURAL SIM revolution in using a Mobile SIM which improves signal connectivity by covering multiple networks on one SIM.

James spends a lot of time travelling extensively across North Yorkshire supporting domestic and business users with iPhone and iPad repairs on site.
Frustrated with mobile phone signal strength James moved to RURAL SIM which covers multiple networks on one SIM and increases his ability to stay connected and stay in touch with his clients.

James believes RURAL SIM not only benefits his business. It can be used by anyone in remote communities (whatever your age), first responders and essentially anyone who wants peace of mind in making best use of mobile signals available from multiple networks across a wide geographic region. Even M2M and IOT bundles are available on request.

To contact James please call RURAL SIM number 07924 841714

 

 

For more details on this amazing Sim product please goto www.ruralsim.co.uk

By James38 / Blog / / 0 Comments

WannaCry Ransomware: How to protect yourself

If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.
If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.
If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.
Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.
For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.
Get the word out

The second wave of attacks appears to have just started within the past few hours. This is going to be a rough week for Windows users. We recommend you get the word out by sharing this post to help keep friends and family secure.

Additional resources:

A fact sheet: https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168
A detailed description of the worm and the exploit it uses to spread: https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/
Deep technical analysis: https://blog.comae.io/wannacry-the-largest-ransom-ware-infection-in-history-f37da8e30a58
Info on new variants detected today (also linked to in the post, above): https://blog.comae.io/wannacry-new-variants-detected-b8908fefea7e
Coverage analysis on Virustotal. A spreadsheet showing which signatures/files are being detected by anti-virus vendors, when they were first submitted to virustotal and the names of each component each AV vendor is using: https://docs.google.com/spreadsheets/u/1/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml#
NoMoreCry: A tool created by the Spanish cyber security center (CCN-CERT) to prevent infection by this ransomware. We don’t recommend you use this tool at this time. Instead, patch your system and use a an anti-virus product or firewall rules. This is merely for academic interest: https://www.ccn-cert.cni.es/en/updated-security/ccn-cert-statements/4485-nomorecry-tool-ccn-cert-s-tool-to-prevent-the-execution-of-the-ransomware-wannacry.html
A live feed of WannaCry infections on a map: https://intel.malwaretech.com/WannaCrypt.html
Microsof Customer Guidance: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
A tweet by Tal Be’ery describing the root cause of the vulnerability with links: https://twitter.com/TalBeerySec/status/863741929401585664
Did you enjoy this post? Share it!

 

see the full article here: 

New WannaCry Ransomware and How to Protect Yourself