Customer Discussions > Kindle forum

How to keep a Kindle Fire HD from being hacked when using a nonsecure wifi?


Sort: Oldest first | Newest first
Showing 1-16 of 16 posts in this discussion
Initial post: Dec 21, 2013 6:43:47 PM PST
Lonearcher says:
My daughter's school has a bring your own device program and provides wifi, but their service is unsecured. A while back, she needed to borrow my KFHD for an in class project. That same day, both of my email accounts were accessed by someone else from an out of state location, using my passwords. I suspect that my KFHD was some how hacked while she was using it at school.

Is there a good app that can prevent this from happening again? We bought her a KFHD of her own since she needed it for school, but now I'm concerned about it being hacked.

Posted on Dec 21, 2013 7:12:06 PM PST
DLee says:
Lonearcher, I would suggest mining your way through this thread - it's quite a lot to read but will give you a better understanding of what you're dealing with.

http://www.amazon.com/forum/kindle?_encoding=UTF8&cdForum=Fx1D7SY3BVSESG&cdThread=Tx3P7GX2JSZQWVM

In reply to an earlier post on Dec 21, 2013 7:21:55 PM PST
Lonearcher says:
Thank you DLee, I have a lot of time on my hands tonight and this looks like just the right reading material to fill it.

Posted on Dec 21, 2013 7:40:58 PM PST
DLee says:
You're welcome, and good luck. If you manage to pull a solution (or at least an idea) out of all that discussion do let us know.

In reply to an earlier post on Dec 21, 2013 7:59:01 PM PST
That makes no sense. Wifi security only affects data that is sent between the device and the router. For someone to get your email password from sniffing the network, they would have had to be connected to the school's network as well, which seems unlikely if they were in a different state that same day.

In reply to an earlier post on Dec 21, 2013 8:41:43 PM PST
Lonearcher says:
I'm afraid I really don't know enough about this subject to know whether it's possible or how it may have been done. For the most part, my internet usage is limited to only a very few locations that I know are secure. (Or at least I think they are.) I was thinking maybe the location was due to a proxy server, or something along those lines.

At any rate, I spent a lot of time that evening changing passwords.

In reply to an earlier post on Dec 21, 2013 8:52:48 PM PST
Last edited by the author on Dec 21, 2013 8:53:39 PM PST
Lonearcher says:
DLee, thank you again, it was a very interesting read. Turns out I had at least two, possibly four, apps on my KFHD that could cause it to be vulnerable.

Now that I know a little more about the KFHD and how it works, I'll be better informed about what I'm downloading and why before I do it.

In reply to an earlier post on Dec 21, 2013 8:59:52 PM PST
Old Rocker says:
Might I ask what those apps were and if you got them from the Amazon app store? If you did you should report it to Amazon.

I do agree with AK above that it's really unlikely to be from some sort of WiFi compromise.

In reply to an earlier post on Dec 21, 2013 9:33:20 PM PST
Lonearcher says:
Two of the apps were file sharing apps (WiFi File Explorer PRO and ES File Explorer) that apparantly can leave a port open if not closed correctly and the third was Splashtop Remote Desktop HD. Those three were from the Amazon app store and they appear to be legitimate apps. I had downloaded them because I thought I would be able to use them, (and they were free) but never actually needed them.

The fourth was an app for Mobile 1 Market, which I ended up never using either.

You're both probably right, it hasn't happened again, but I haven't been able to pin down any other likely source of the breach. Both my home and work networks are secure.

In reply to an earlier post on Dec 21, 2013 9:44:47 PM PST
Yes, although that presumes the info wasn't handed on to someone else, which it easily could have been. The further away an illicit user is (whether interstate or international), potentially the more damage they have time to do before law enforcement can track them down and stop them. So interstate or international alliances between hacker and illicit user seem perfectly possible to me.

In reply to an earlier post on Dec 21, 2013 10:18:39 PM PST
Old Rocker says:
Thank you for the info. That's very curious.

In reply to an earlier post on Dec 22, 2013 4:16:30 AM PST
Last edited by the author on Dec 22, 2013 4:16:57 AM PST
DLee says:
Thanks for sharing what you've found. I'm a little surprised at ES File Explorer; I use that often on my devices, not just Amazon devices (but I only use them on my home network and a secured hotspot device when out and about, so I've never considered it a potential risk).

Posted on Dec 22, 2013 6:49:44 AM PST
There was an excellent, in-depth article in InfoWorld last week about Android security risks. It focused on enterprise users but much of the info applies to individual users as well. One of the issues they pointed out was that many apps ask for more permissions than they need and most users grant those permissions without considering the security risks that may be involved. Here's the link to the article: http://www.infoworld.com/d/mobile-technology/clear-eyed-guide-androids-actual-security-risks-232034?page=0,0

This is the best security app I've found for detecting and protecting against malicious apps: Antivirus and Mobile Security

This article in PC Magazine explains how their app protection scheme works: http://www.pcmag.com/article2/0,2817,2403572,00.asp

Posted on Dec 22, 2013 8:00:23 AM PST
TuxGirl says:
Note that if you put the desktop piece of splash top Remote Desktop on your computer, that opens a security hole on your computer.

Posted on Dec 22, 2013 11:04:15 AM PST
Soulrider says:
While I don't know much about the Android specific side of things, I would be more leery of any remote control software than your daughter's use of the network. As was said, she more than likely would have had to have sent some sensitive information and have had that intercepted by someone specifically monitoring that network vs just simply using the network. The remote software on the other hand could leave open all sorts of holes and back doors for people to access your Kindle and it's information.

From the point when I first got my Kindle Fire HD, I've been saying I wish there was some good information readily available from Amazon or wherever regarding each of the "permissions" that the different apps require and what they do. That way, a person could decide when they go to download an app whether the permissions that app requires are appropriate or not.

In reply to an earlier post on Dec 22, 2013 11:15:40 AM PST
Jazzy_Jeff says:
Just search app permissions for Android on Google.
‹ Previous 1 Next ›
[Add comment]
Add your own message to the discussion
To insert a product link use the format: [[ASIN:ASIN product-title]] (What's this?)
Prompts for sign-in
 


 

This discussion

Discussion in:  Kindle forum
Participants:  9
Total posts:  16
Initial post:  Dec 21, 2013
Latest post:  Dec 22, 2013

New! Receive e-mail when new posts are made.
Tracked by 1 customer

Search Customer Discussions