Categories
Uncategorized

Amazon Sidewalk

Hello, once again it’s time for Tech News from your Local IT Business Helpful Dave! Where we try to simplify what’s going on in your tech world!

Do you own any Amazon Alexa or Ring devices? If so, you are automatically being opted in to Amazon’s new Network Sharing plan! That’s right, your home network and devices are going to be shared with neighbors and strangers alike. Is it safe and secure? Maybe. Can you opt out? Definitely! But should you? Let’s find out as we take a deeper dive!

Our Tech Terms for this week are:

Sidewalk – this is referring to Amazons new data network

Tile – Not what you put on the floor in your Bathroom. It’s actually small device people attach to items that helps find that item in case it is lost.

—Now onto the news—

Amazon’s Sidewalk program is a new network sharing service that users of Amazon Alexa and some Ring Devices are automatically being opted into. The goal of Sidewalk is to make sure all Amazon devices and Amazon Partner devices (Ring, Tile, etc.) always stay connected to the internet.

How it works is simple. First we have to assume that both you and your neighbor have an Amazon Alexa/Echo or Ring Device.

First the Scary Part:

Now let’s assume your neighbor’s internet goes out but someone is ringing his Ring Video Doorbell.

This is where Amazon Sidewalk will come in.

Your neighbors Device whether it be a light, doorbell, or garage door opener, will connect to your home’s internet and transmit data back and forth to your neighbor’s house. It’s possible that these devices can eventually transmit audio and even possibly video. We know it’s possible because one of the frequencies (900Mhz) is currently being used for radios (walkie talkies) for emergency service (police, fire, etc.).

So here’s the question. How can anyone be sure that your devices aren’t being snooped on when they connect to someone else network? Well Amazon stated they are taking measures to secure the data including multiple layers of encryption. As a matter of fact the way the encryption is setup, according to Amazon, is even Amazon won’t be able to see what you are transmitting back and forth.

However we have all seen large companies get hacked and have data breaches before.

Now the Benefits:

You may be asking, why would anyone WANT to leave Amazon Sidewalk enabled?

That’s because Sidewalk does have some benefits that Amazon is touting.

Remember Tile that we mentioned earlier? If you haven’t heard of it, Tile has been making tags for a long time that help you find things you have lost. You attach the tag to a device and if you ever lose it you can use your smartphone to help you find it again.

The problem is devices like Tile are all very limited by range. With Amazon’s Sidewalk, Tile can now use all of the existing connections in the Sidewalk network so whoever loses and item can find it.

But Dave, you’ll say, I don’t care about helping some guy find his sunglasses! Sure, that’s fine. But according to Amazon they are expanding a lot of their services. They will also be including products that you’ll be able to attach to your dog’s collar, or maybe to an elderly relative’s watch or Life Alert device. So that way if they are lost, they can be located as well through the sidewalk network.

This is why Amazon is opting everyone in automatically without their consent. Amazon’s argument is that in the future it will do more good than harm. Amazon also states that the impact on your home network will be minimal (less than 500MB/half a gigabyte a month).

How do I Opt Out?:

If you own an Alexa Device:
  1. Open the Alexa app
  2. Open More and select Settings.
  3. Select Account Settings.
  4. Select Amazon Sidewalk.
  5. Turn Amazon Sidewalk On or Off for your account.

Amazon Official Instructions:

https://www.amazon.com/gp/help/customer/display.html?nodeId=GZ4VSNFMBDHLRJUK

If you own a Ring Device:
  1. Open your Ring App
  2. Tap the three-lined icon in the upper left-hand corner of the screen.
  3. Tap Control Center.
  4. Tap Sidewalk.
  5. Tap the Sidewalk slider button.
  6. You will see a screen asking you to confirm that you want to disable Sidewalk.
  7. Confirm that you wish to disable Sidewalk.

Ring Official Instructions Below:

https://support.ring.com/hc/en-us/articles/360032524592-Opting-In-and-Out-of-Sidewalk

I hope this information proved helpful to everyone! If you have any questions feel free to contact us!

—Working from Home? Learning from Home? We can help remotely as well!—

We have the capability to connect into your PC remotely as long as you can still get on the internet. Feel free to shoot us a message or provide a phone call and we will do our best to assist you!

Please feel free to let me know if you have any questions or comments or want more information.

Thanks and have a good week!

-Helpful Dave

Categories
Uncategorized

ParkMobile Breach

Tech News from Helpful Dave!

Hello, once again it’s time for Tech News from Helpful Dave!

Do you use an ParkMobile to pay your parking meter in Bloomfield? They were recently the victim of a breach and your data was possibly leaked. Are your passwords safe? We’ll talk about that in this update!

Our Tech Terms for this week are:

Hash and Salt: Sound delicious, but they are actually about passwords! Just like any good dish you cook up make sure companies are adding salt to your passwords!

RAINBOW Table: Not just for show, it’s used to steal your password!

—Now onto the news—

ParkMobile data was breached last month and they released a statement that reads:

“Our investigation concluded that encrypted passwords, but not the encryption keys needed to read them, were accessed. While we protect user passwords by encrypting them with advanced hashing and salting technologies, as an added precaution, users may consider changing their passwords in the “Settings” section of [your account].”

So why, if your password was protected against with hashing and salting, do they still recommend you change your password? That’s because these techniques, just like any sort of protection, are not completely foolproof.

Originally a lot of companies stored passwords in plain text format. This means that if your password was “ilovebloomfield” it was stored just like that in the database. So, if someone managed to hack into a company that you had a username and password with, and get that database, they’ve got your password.

So, companies started to modify your password by hashing it. To explain it easily, it’s like taking your password and applying some math to it to change it.

For example: if your password was ilovebloomfield, after we apply hashing your password becomes d53154d85e1907918d923642d039015a.

Companies store the hash instead of your password. That way if the company every gets hacked and the password database stolen, they don’t have your password.

However, as some of you may have figured out, if I know what ilovebloomfield looks like after its hashed, can’t I just figure out what everything else is as well? The answer is yes! Hackers eventually came up with that idea and its commonly referred to as a Rainbow Table (sounds fun but it’s not). The idea is to make a huge table consisting common hashing techniques and common passwords like password1234, letmein, and ilovebloomfield (of course). Then they could just compare the database they stole to their table and figure out everyone’s password.

Now to a lot of people’s favorite parts, favored by chefs, people who love pretzels, and sophisticated cybersecurity experts, SALT.

Adding a Salt to your password is just another extra flavor that helps keep your password safe. It adds a bit more randomness by adding some extra characters to your password. This thwarts many of the common and faster attack techniques. However just like any good cook you have to keep your salt somewhere close by.

The Salt here is created by the company so they need to keep the formula for it somewhere close by so when you try to login the company can look at the Salt as well to make sure your password matches.

Realistically, Hashing and Salting your passwords, just like any form of security, is only as good as the company doing it. These techniques are really to buy time for you to change your password while the hackers are decrypting that stolen database.

Our Recommendation:

We strongly recommend you use a different password for every website and app based two factor authentication.

Managing a lot of different passwords can be a hassle so we recommend our clients use LastPass to help them manage all of their passwords in one place.

Check out LastPass here:

https://lastpass.wo8g.net/mmnzX – This is an affiliate link, if you sign up using this link we receive a commission.

—Working from Home? Learning from Home? We can help remotely as well!—

We have the capability to connect into your PC remotely as long as you can still get on the internet. Feel free to shoot us a message or provide a phone call and we will do our best to assist you!

Please feel free to let me know if you have any questions or comments or want more information.

Thanks and have a good week!

-Helpful Dave