A strong password is formed by at least 8 of the most random sequence of letters (uppercase and lowercase), numbers and special characters possible. So we can tell that 3k!0H9w# is a strong password. The problem is, in a world where we have passwords for almost everything, how can we remember this kind of character sequence?

There are  some techniques that might help you obtain a strong password and still make it easy to remember. A common one is to switch letters with visually similar numbers or symbols, something like “P0c4h0nt4$” (Pocahontas). To make it better try to not use single words, but small phrases like “!l1k3P0c4h0nt4$” (IlikePocahontas).

If you still think that this is hard, try at least repeating characters in a word, avoiding a basic dictionary attack. For example, “anacondda”.

People tend to use common words for passwords. You can find a lot of lists on the internet. Check then and if your password is there, I recommend you change it immediately.

A free and very good tool called Keepass can help you to safe store all your passwords. The app database is encrypted, and you will need only to remember a master password (keep this one strong) to access all the other ones.

Be safe!

The mobile phones’ features grow light speed. We can’t even call some of them just “Phones” anymore – now they’re being called “Mobiles”-. You use them for everything. A mobile tells you what you have to do today, how is the weather, take pictures and make movies of your birthday party (and publish it on the Internet), play high quality games, tells you how to get somewhere. You can even play the guitar on some of them!

What I’m trying to say is that your mobile knows where you are, because it’s with you all the time, who you are,  cause it has a lot of information about you, and knows what you’re doing right now (oh, twitter!), as you are using it for everything, all the time.

There are lots of security issues that can be related to mobile phones, with different levels of danger, and different types of people. Ordinary people are unaware that when they lose their devices, they can get bigger problems than just losing some bucks. Even cheaper devices can store personal information like home address, email addresses, social network addresses. Using this information, a malicious person could gather even more personal data, and use this information to prejudice the owner of the device in many ways.

Moving into a business scenario, we can enumerate a lot of possibilities – we can start with wiretapping -. A lot of classified business information travels through GSM communication, and it’s well known that GSM has eavesdropping vulnerabilities. There are a lot of devices that can capture and record a conversation, and they are being sold on the internet for anyone who wants it. I think maybe you will check your office’s light switches and sockets today…

With GPRS and 3G technologies, things could get worse. You can do a lot of things connected to the Internet more than just talk to people. You can send and receive documents, check your bank account, etc. For this you use a lot of different protocols, and these protocols might be vulnerable to certain attacks. With the right tools and knowledge, a person can perform a MITM (man in the middle) attack and intercept your information – and that includes VoIP -.

Do you think you need to be talking at the cell phone for someone to hear your conversation? Think twice. With the right software installed on your device, a person could activate your phone’s microphone remotely and hear all sounds nearby.

Another widely discussed issue is about geographic positioning. You probably have seen some kind of spy movie where someone is being tracked through his mobile phone, and thought “Yeah right! They can’t do that!”. Well, I assure you: They can.  And not only the CIA or FBI, anyone can do it using the Internet.

Well, hope I didn’t scare you (much). So, what can you do to protect yourself? Let’s see some solutions:

- Keep your device off and remove the battery (easy, isn’t it?)

- Use a voice and SMS encryption tool (Did I say PhoneCrypt? Yes!)

- Keep your Bluetooth off, or at least configure an authentication for someone to connect.

- Before installing apps and games, search the net for security issues with them.

- Do not open or reply SMS of a unknown source.

- Keep an ear for breathing or click sounds at the background of your call.

- Don’t leave your mobile alone for a long period; people can get it and install malware.

- Beware other people’s phones left alone near you, they can use it as a eavesdropping device.

That’s it for the first post.
Hope you enjoyed it and found it useful.
A lot more will come soon.

Be safe! Bye!