More stories

  • in

    How to turn on Android’s Private DNS mode – and why it’s an absolute must for security

    Jack Wallen / Elyse Betters Picaro / ZDNETNearly everything you do on your desktop, laptop, phone, and tablet begins with a Domain Name System (DNS) query. Essentially, DNS turns domain names (such as ZDNET.com) into an IP address so web browsers and apps know where to get the information you want.Also: How to enable earthquake alerts on your Android phone (including these Samsung models)Without DNS, you’d have to type 34.149.132.124 every time you wanted to go to ZDNET.com or 74.125.21.102 to go to Google.com. Even by simply running a Google search, DNS is at work. The problem is that standard DNS isn’t encrypted, meaning all your queries are sent over the network as plain text. Why is non-encrypted DNS a problem? Let’s say you’re on a public network — like a coffee shop — and you start searching for things on your Android device. Or maybe you have to access a CMS or another work tool, and you don’t want the public to know the address you’re typing. If someone else is on the same network and has the skills, they could intercept your non-encrypted search queries (or the URLs you visit) and know exactly what you’re looking for. That’s where Private DNS Mode comes into play. Once you enable this feature, all of your DNS queries are encrypted, so bad actors won’t be able to view them — even if they capture those packets. In other words, Private DNS Mode should be an absolute must for anyone who values their privacy and security. Also: I test dozens of Android phones every year: Here’s how the best models stack upBut how do you enable Private DNS Mode on Android? It’s actually pretty simple. Let me show you how. How to enable Private DNS mode on Android version 11 or newer If you’re using Android version 11 or newer, the old method of Private DNS no longer works. Instead of handling this process manually, you have to install an application created by Cloudflare, called 1.1.1.1 + WARP. Once you’ve installed that app, it will open, and you’ll see a slider marked Disconnected. Tap that slider, and it will enable the service. More

  • in

    This Linux distro routes all your traffic through the Tor network – and it’s my new favorite for privacy

    Jack Wallen / Elyse Betters Picaro / ZDNETPrivacy has become a keystone for keeping your information safe and preventing third parties from creating consumer profiles that could then be used for targeted marketing… or worse.To that end, there are countless products and services that promise to keep you and your information private. Some work, and some are nothing but snake oil. For me, the best route to privacy goes through Linux and one of the many privacy-focused distributions. Recently, I stumbled upon another such distribution, Securonis. The name reminds me of the Arconis cybersecurity solution, but I’m confident the Linux distribution and the proprietary business software have nothing to do with one another. Securonis is based on the Debian testing branch and automatically, out of the box, routes all traffic through the Tor network, which means it’s private and secure from the jump. It also includes a good number of applications geared toward keeping you even more secure. Also: I found the most private and secure way to browse the web — and it isn’t incognito modeSecuronis can be run as a live distribution (directly from RAM without installing it on your drive) or it can be installed with the easy-to-use Calamares installer. All of this might sound complicated. After all, you’ll find several preinstalled apps that might make you go, “Huh?” But even with added software like I2P Router, PxrtalCrypt, Securonis DNSCrypt, System Knight, VesperaCrypt, SecDNSChanger, and Wireshark, this distribution can be used like a standard OS — only more private. And with Securonis defaulting to the MATE desktop, anyone, regardless of skill level, will feel right at home. Even the web browser (FireScorpion) is geared toward privacy. Also: The best Linux VPNs: Expert tested and reviewedWhat is Securonis like to use? I approached it as if I knew nothing about Linux, Tor, or any privacy-focused tools, and here’s how it went. My experience with Securonis I decided to go the installation route, which was incredibly simple. I answered a few quick questions, typed my user information, and the installer was off. After roughly five minutes, the installation completed, and I was ready to log in. After logging in, my first impression was that Securonis looks like any other Linux distribution with security and privacy in mind. The MATE desktop is as simple as it gets, and the theme is the usual dark take on the desktop. There are some application shortcuts that have me curious, such as the launchers in the top bar. One is named Seconionis (not a typo). This is the Securonis take on the Onion network. When I click that icon, a window appears with options such as Start Tor Routing, Stop Tor Routing, Tor Status, Restart Tor, Set Autostart, and more. Essentially, Seconionis is my gateway to the Tor network, which makes it an important tool. More

  • in

    184 million passwords leaked across Facebook, Google, more: What to know about this data breach

    Moor Studio/Getty Images While it’s not as large in scale as the latest data breach that leaked over 16 billion passwords, another incident has exposed passwords and other sensitive information across some of the most popular services on the internet. Cybersecurity researcher Jeremiah Fowler revealed his discovery of a massive online database containing more than […] More

  • in

    I found the easiest way to delete myself from the internet (and you shouldn’t wait to use it, too)

    <!–> ZDNET’s key takeaways Incogni is an automated data-removal service with an easy onboarding process. It requires minimal technical knowledge to operate. A dedicated mobile app doesn’t exist yet, but would be welcome. –> Ever heard of Incogni<!–>?  You may have heard about the company, launched by one of our favorite VPN providers, Surfshark–>, in […] More

  • in

    How to turn off ACR on your TV (and what your TV stops tracking when you do)

    Kerry Wan/ZDNETDid you know that whenever you turn on your smart TV, you invite an unseen guest to watch it with you? These days, most popular TV models utilize automatic content recognition (ACR), a form of ad surveillance technology that gathers information about everything you watch and transmits it to a centralized database. Manufacturers then use your data to identify your viewing preferences, enabling them to deliver highly targeted ads.Also: 184 million passwords for Google, Microsoft, Facebook, and more leaked in massive data breachWhat’s the incentive behind this invasive technology? According to market research firm eMarketer, in 2022, advertisers spent an estimated $18.6 billion on smart TV ads, and those numbers are only going up.To understand how ACR works, imagine a constant, real-time Shazam-like service running in the background while your TV is on. It identifies content displayed on your screen, including programs from cable TV boxes, streaming services, or gaming consoles. ACR does this by capturing continuous screenshots and cross-referencing them with a vast database of media content and advertisements. More

  • in

    Your Android phone is getting a big security upgrade for free – these Pixel models included

    Kerry Wan/ZDNETMobile devices are always a tempting target for cybercriminals. That’s true not just for consumers but for companies. According to Google, more than half of organizations have pointed to smartphones as their most exposed endpoint, and data breaches often occur from improper use of these devices. In a blog post released earlier this month, Google describes the latest protections available with its Android Enterprise platform, which rolls out to most Android 16-compatible handsets, including Google Pixel phones as old as the Pixel 6.Also: Your Android phone is getting 4 big upgrades, thanks to Android 16Mobile devices have become popular, convenient tools among workers, as they can access email, apps and other internal business resources from anywhere. But often an employee’s phone is unmanaged and uncontrolled, leading to security weaknesses that can be exploited by hackers and attackers. Android Enterprise offers organizations and IT admins a way to better manage these devices, whether they’re company-owned or employee-owned. Though Android Enterprise has been around for a number of years, here are some of the latest initiatives Google has introduced. CNET survey: Just 11% of people upgrade their phone for AI features. Here’s what they want instead  Security features Advanced protection: Employees can better thwart targeted attacks through strong mobile device protection. With just a single tap, they can enable multiple security features to defend against online attacks, malicious apps, unsafe websites, scam calls and other threats. This feature is accessible on Android 16 and higher but may only be available on certain devices and in specific regions. Identity Check: This feature prevents scams such as PIN theft and shoulder surfing, in which nearby thieves can pick up the PIN or password used to access a phone. With Identity Check, signing in to the device and apps requires a biometric method, such as facial or fingerprint recognition. This feature is also available on Android 16 and higher on certain devices. Also: 7 simple things I always do on Android to protect my privacy – and why you should tooCorporate badges in Google Wallet: Employees can add their corporate ID badge to the Google Wallet app and then use their phones to securely gain entry to NFC-enabled buildings and offices. Secure network access with Access Point Name: Access Point Name, or APN, is a secure gateway between a mobile network and the public internet. With APN enabled, IT admins can apply custom cellular network configurations on managed devices to control how they use cellular data. More

  • in

    Facebook’s new passkey support could soon let you ditch your password forever

    NurPhoto / Contributor/Getty For all of us who hate passwords, passkeys represent a simpler and safer way of authenticating online accounts. But adoption has been slow, with many companies and websites still relying on passwords. Now the world’s biggest social media platform is jumping on the bandwagon. On Wednesday, Facebook announced that it’s now rolling […] More