GadgetTrak Blog


Sony PSN Data Breach – Plain Text vs Hashed Passwords Explained
Friday, April 29, 2011



There have been a rash of data breaches where passwords have been compromised that were stored as plain text and not converted to a one-way hash as they should be. However, most consumers and even many developers particularly in startups don’t know about the best practice of hashing passwords, what it means and how it can help protect users. ActiveTrak founder Ken Westin provides a writeup explaining how hashes are used and why they are important when protecting customers’ data.

Read full article

Why Smartphone Location Data Is Logged And Shared
Friday, April 22, 2011


Although Apple is on the hot seat this week for the file that was found that is logging your location data unencrypted, both Apple and Google have been logging your location for quite a while. Both platforms regularly transmit name, location and signal strength of Wi-Fi networks along with a unique device ID back to Google and Apple. Although both claim that this data is collected and “anonymized” they do not provide a lot of specifics regarding how the data is collected and secured. Android also keeps a cache of location data, however it is only accessible by a root user and is once the file hits a certain size will reset itself, unlike the Apple file which saves cached data for what seems to be forever, it does not appear to cycle itself.
(Continued)

ActiveTrak CEO Interviewed Regarding iPhone Tracking Issue
Friday, April 22, 2011


iPhone – Spy In Your Pocket Tracking Your Every Move
Wednesday, April 20, 2011


Researchers have discovered a spy in your pocket, your iPhone is keeping a working history of where you have been in a hidden file on the phone that is copied over to your computer when connected and synched with iTunes. Not only is the device logging your location, but also at timestamp so anyone with access to this file will know when and where you have been.

Odds are that this is something Apple was doing for use in a later feature, or possibly for bug reporting purposes, but the fact that this data is logged on your device and copied to your computer without consent is grounds for concern. That Apple would intentionally do this also raises serious concerns regarding Apple’s approach to privacy. You can download an application that you can run that will load the file and show on a map where you have been. I ran a test on my iPhone 4 which is only a few days old and the results were as expected, it showed me at work and at home and everywhere in between.

Download the app here

With GadgetTrak software we always felt that tracking should only occur when the customer activates tracking and location data should only be saved on the server when the user specifically requests this option, apparently our privacy philosophy is not something shared with Apple. When you activate tracking with GadgetTrak for iOS you are provided with an option to store the data on the server, or simply have the tracking data emailed to you without it being stored.

Case Study: GadgetTrak FLIR IR Camera Tracking Solution
Thursday, April 14, 2011


“We are very excited to announce our exclusive agreement with GadgetTrak to offer this new recovery technology customized to FLIR IR cameras. The affordability and protection is exactly what our end-users want”
Tom Scanlon
Vice President at FLIR Systems

ActiveTrak Inc. was approached by FLIR, the leading manufacturer of infrared and thermal imaging cameras to create a custom solution for their devices. The project entailed creating a version of our patented GadgetTrak technology that could be embedded directly into the camera’s firmware. When the device is connected to a PC, GadgetTrak reports location and other forensic information regarding who is in possession of the camera.

The price point for these devices range from $3K to $300K and a solution to assist in keeping track of them was of huge value to FLIR’s customers. Launched as a co-branded product under the brand “ThermaTrak” the service was offered as part of the extended service warranty, or sold as a stand alone service for $99 per year. In addition to creating a custom client for FLIR’s cameras, a custom user interface was created for customer services representatives to register customers, as well as a co-branded front-end that customers could access to activate the tracking of devices.




FLIR ThermaTrak Datasheet

The project was completed on schedule and launched in the Summer of 2009 to their customers with a very positive response, measured by the increase in users who opted for the extended warranty plans, or who purchased the stand alone subscription. “This is the first-ever theft tracking system for IR cameras. We are very excited to announce our exclusive agreement with GadgetTrak to offer this new recovery technology customized to FLIR IR cameras,” said Tom Scanlon, vice president for FLIR. “The affordability and protection is exactly what our end-users want.”

To learn more about partnering with GadgetTrak please contact us.

Hackers Targeting Celebrity Phones and Laptops for Private Photos
Monday, April 11, 2011


As many as 50 female celebrities in Hollywood have fallen victim to a ring of hackers who have been stealing naked images of them from their phones and laptops. The targets are said to include Scarlett Johansson, Jessica Alba, Christina Aguilera and Miley Cyrus to name a few. Former “High School Musical” star Vanessa Hudgens recently met with the FBI to discuss nude photos stolen from her e-mail account.

Of course the best way to keep images such as this from being stolen and hitting the Internet is to not take such photos in the first place, however it does raise privacy questions with regards to the images you take, where they are stored and how you share them. Even if we are not taking naked photos, sometimes our photos are still very private and not something we wish to share with anyone. Photos of our children, family and friends can be both priceless as well as sacred to us, especially celebrities who have to work hard to keep their private lives private.

We take privacy very seriously, this is key to why we have so many celebrity customers. GadgetTrak Mobile Security provides users with the ability to remotely wipe their phones including photos if the device is lost or stolen. The images are also encrypted on the phone and backed up securely using their own privacy key that only the customer knows, so not even our employees can access the images or contact data. This is all by design, GadgetTrak Mobile Security was designed to help protect your data and privacy from the ground up. Try our free 7 day trial to see for yourself.

Giveaway: 100 Free Licenses!
Monday, April 11, 2011


We believe that everybody should have their laptops safe from theives. So, we’re excited to announce that we’re giving away 100 FREE licenses for one year of GadgetTrak Laptop Security for either Mac or Windows!

It’s easy to win. Simply follow the instructions below to register via Facebook or Twitter and we’ll randomly select 100 winners on Tuesday (April 19th, 2011). Do both and double your chances to win :)

Cheers!

Option 1: Using Facebook

  1. Click the ‘Like’ button below to become a fan of GadgetTrak on Facebook


  2. Then click the ‘Like’ button below to share our giveaway with friends & family.


Option 2: Using Twitter

  1. Click the “Tweet” button below to send out a tweet about our giveaway.

  2. Follow GadgetTrak on Twitter so that we can contact you if you win!

    Follow GadgetTrak on Twitter

Epsilon Data Breach – Why GadgetTrak Encrypts Your Data
Sunday, April 10, 2011


Epsilon Data Management, a large email marketing services company with approximately 2,500 clients, disclosed April 1 that attackers had stolen customer data belonging to several of its clients. The breach may be due to an Epsilon employee who was duped via a social engineering tactic referred to as spear-phishing compromising and employees computer and gave remote access to the attacker. The data that was gathered was simply the users email address and name, however many of Epsilon’s clients were banks and major retailers, so there is an even greater risk of further spear-phishing attacks targeting the compromised clients customers.

What if this attack happened in a situation where more than just your email and name are stored? Early on we saw that many of the mobile security providers who provide data backup do not encrypt the data they backup. When you log into your control panel you can view all your photos and contacts right there in the web interface. The problem with this is that so can that company’s employees, it also opens up the potential for a hacker to access your information if their systems are compromised through attacks such as what Epsilon experienced, or even simply a disgruntled employee.

This is why GadgetTrak Mobile Securityuses our patent-pending method to encrypt all data backed up data using your data privacy key that only you know, this key is not stored on our servers. Your encrypted data is then uploaded to our secure infrastructure via a secure SSL connection. Since only you know the encryption key not even we have access to your data this protects your privacy and helps ensure your data is not compromised.

This is just one example of a step we have taken to better protect your data and privacy, others include requiring three factor authentication to access the web control panel, encrypting your passwords and security questions in a one way hash and disabling the client access when tracking is active. If you have any questions regarding security or privacy of GadgetTrak software please contact us at security(at)gadgettrak.com.

GadgetTrak Donates to The Meth Project for Every Device Recovered
Monday, April 4, 2011


Nationally, police believe 75 to 80 percent of all property crimes are committed by people addicted to methamphetamine, or who profit from addicts. In our experience recovering devices we have found this to ring true, so every time we recover a device for our customers we make a donation to The Meth Project. The Meth Project is a large-scale prevention program aimed at reducing first-time Meth use through public service messaging, public policy, and community outreach. Central to the program is a research-based marketing campaign that graphically communicates the risks of Meth use. If you would like to learn more about the project or make a donation yourself please vist www.methproject.org.

  • Recent Posts

  • Recent Comments

    • Archives

    • Categories

    • Meta