phishing – is a form of social engineering by which the criminals attempt to obtain personal or sensitive information such as usernames, passwords, account numbers and credit card details by pretending to be a trustworthy entity. This usually occurs through an email or website.

Some things to be aware of as the U.S. Census takes place starting March 1 2020. (Information available via the U.S. Census website 2010.

1. The only way to complete the Census is by filing in a form using pen and ink.
2. They do not send email about the Census.
3. They do not conduct the Census via the Internet through a website.
4. They do not ask for your Social Security Number.
5. They do not ask for donations.
6. They do not ask for your credit card number.

If you have any doubts about anything you are filing out, STOP! If something does not seem right, it probably is not. If you have questions as to the validity of the Census, contact the U.S. Census Bureau.

I have a Droid which runs Google’s Android Operating System and have the ability to run applications from any source on my phone. After all I own it, I should be able to do with it what I want. There is however a notice which requires me to acknowledge that I am installing something from an unknown source and accept the associated risk. iPhone users do not have that same functionality. They have to use software provided by developers who provide “Jailbreak” software and usually an associated application to download software from some third party application source.

Enabling SSH is a common procedure for jailbroken iPhones, allowing a user to log in via a Terminal emulator and gives the user\software the ability to run OS level commands. Unfortunately, not all Jailbreak software provides that simple step of changing the default password. iPhones have a default root password which leaves this security hole that people are taking advantage of.

There are some simple steps you can follow to secure this particular vulnerability. Install some terminal emulator on the iPhone to access a command line. Enter “su root” to access root level, enter “alpine” which is your default password. From there change your password using the passwd command. You will be prompted to enter a new password. (Hint: don’t use apline).

I was wondering what the Jailbreak community thinks of their responsibility to the people they provide their software (Jailbreak services) to. Do they currently provide a warning to the user of the software about this potential issue? Should they release a patch which prompts the user to reset their default password? Could this be avoided if Apple would allow 3rd party applications on the iPhone? All software you install has some level of vulnerability but with the proper support from the vendor, I think it could be better managed than it is today for the iPhone.