How to Set Up and Use Your Amazon Echo Dot

Your new Echo Dot is a gateway to a world of smart home automation and fun with your virtual assistant. While Amazon offers several Echo devices, the Dot is a great choice due to its low price tag and slim profile. If you’re stuck during the setup of your Echo Dot or need help figuring out the basics, you’ve come to the right place. In this guide, you’ll find everything you need to know to get started with your Echo Dot and utilize its power. We’ll cover some common problem areas too. Let’s get started.

Echo Dot Unboxing and First Time Setup

First things first, you’ll need to open the box that your Echo Dot arrived in. Inside, you’ll find a few items:

  • The Echo Dot unit — we’ll refer to it as the Echo or Dot from here on out.
  • A standard microUSB cable for powering the unit.
  • A power adapter to plug into the wall.
  • Quick Start Guide with the basic setup instructions that we’ll cover in a moment.
  • Things to Try card with some sample Alexa commands.
How to Set Up and Use Your Amazon Echo Dot 01 Echo Dot Box Contents

Start by plugging the microUSB cable into the back of your Dot. Then plug the standard USB end into the adapter, then into a wall plug. Ideally, you want to place your Dot in a central location in a room so it can hear you from anywhere. Its microphones are solid, so you shouldn’t have to play around with it too much.

Your Echo will start up and show a blue light. Give it a few minutes to run through its initialization process. When you see an orange ring of light, Alexa will tell you that you’re ready to get online.

How to Set Up and Use Your Amazon Echo Dot 02 Echo Dot Setting Up Lights

Grab the Alexa App

Since the Echo Dot doesn’t have a screen, you’ll continue the setup on your phone. Install the Alexa app for your device from the appropriate app store:

Open the Alexa app, and sign into your Amazon account (or create an account if you don’t have one already). If you already use the Amazon app on your phone, it might pick up your account automatically.

How to Set Up and Use Your Amazon Echo Dot 03 Echo Dot Sign In

Once you’re signed in and accept the terms of use, you’ll see a list of Echo devices. You’re setting up an Echo Dot, so select that option. Confirm your language option, then hit the Connect to Wi-Fibutton. Since you plugged in your device earlier, the light ring will already be orange as it advises. Press the Continue button.

How to Set Up and Use Your Amazon Echo Dot 04 Echo Dot WiFi App Setup

Your phone will then attempt to connect to your Echo Dot automatically. If this doesn’t work, the app will ask you to press and hold the Dot’s action button (the one with a bump) for a few seconds. Once it finds the device, tap the Continue button again.

Now you need to add the Echo to your WiFi network. Tap the name of your network here, then enter the password. A moment after you press Connect, your Echo will go online.

How to Set Up and Use Your Amazon Echo Dot 05 Echo Dot WiFi Setup

The final step is deciding how you want to hear your Echo. You have three options: BluetoothAudio Cable, and No speakers. The Dot allows you to connect your device to a speaker using Bluetooth or an audio cable for better audio. If you don’t want to use either of these, the last option will play all audio through the Dot’s basic speakers.

How to Set Up and Use Your Amazon Echo Dot 06 Echo Dot Sound Options

Select No speakers for now and we’ll discuss the other options later.

After this, you’ve completed the setup! The app will offer to show you a quick video on using Alexa, and throw a couple of sample commands at you.

Important Echo Dot Functions

You can start asking Alexa questions as soon as you complete the setup. But to get the full experience, you should know about some of the other functions of your Dot.

Echo Dot Buttons and Lights

We haven’t discussed the buttons on your Echo Dot unit yet. Take a look at the top, and you’ll see a few:

How to Set Up and Use Your Amazon Echo Dot 10 Echo Dot Top Buttons

  • The Plus and Minus buttons control the volume. When you tap one, you’ll notice the white light ring around your Echo grows or shrinks to display the current volume. You can also say Alexa, volume five to set a volume level — any number between 1 and 10 inclusive will work.
  • Tap the Microphone Off button to disable your Echo’s microphones. The device will light up red to let you know it’s disabled and won’t respond to the wake word. Press it again to enable the microphones.
  • The button with a dot is the Action Button. Tap it to wake up your Echo just like saying the wake word. Pressing this button also ends a ringing timer or alarm.

Note that if you have a first generation Echo Dot, you control the volume by twisting the outside ring. The earlier model doesn’t have volume buttons.

Your Echo Dot will often light up with different colors and patterns to communicate with you. Keep an eye out for these common ones:

How to Set Up and Use Your Amazon Echo Dot 11 Echo Dot Red Light
  • Solid blue with spinning cyan lights: The device is starting up. If you see this regularly, you may be accidentally unplugging your device.
  • Solid blue with a cyan sliver: The Echo is processing what you said.
  • Solid red: You’ve disabled the microphone using the button.
  • Waves of violet: The device encountered an error when setting up WiFi. See the troubleshooting section below if you’re getting this often.
  • Flash of purple light: When you see this after Alexa processes a request, it means your device is in Do Not Disturb mode.
  • Pulsing yellow light: You have a message. Say Alexa, play my messages to hear it.
  • Pulsing green light: You’ve received a call or message. See below for more info on Alexa calling.
  • All lights off: Your Echo is in standby and listening for your requests.

How to Keep Your Personal Information Secure

Protecting your personal information can help reduce your risk of identity theft. There are four main ways to do it: know who you share information with; store and dispose of your personal information securely, especially your Social Security number; ask questions before deciding to share your personal information; and maintain appropriate security on your computers and other electronic devices.

Keeping Your Personal Information Secure Offline

Lock your financial documents and records in a safe place at home, and lock your wallet or purse in a safe place at work. Keep your information secure from roommates or workers who come into your home.

Limit what you carry. When you go out, take only the identification, credit, and debit cards you need. Leave your Social Security card at home. Make a copy of your Medicare card and black out all but the last four digits on the copy. Carry the copy with you  — unless you are going to use your card at the doctor’s office.

Before you share information at your workplace, a business, your child's school, or a doctor's office, ask why they need it, how they will safeguard it, and the consequences of not sharing.

Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, bank statements, expired charge cards, and similar documents when you don’t need them any longer.

Destroy the labels on prescription bottles before you throw them out. Don’t share your health plan information with anyone who offers free health services or products.

Take outgoing mail to post office collection boxes or the post office. Promptly remove mail that arrives in your mailbox. If you won’t be home for several days, request a vacation hold on your mail.

When you order new checks, don’t have them mailed to your home, unless you have a secure mailbox with a lock.

Consider opting out of prescreened offers of credit and insurance by mail. You can opt out for 5 years or permanently. To opt out, call 1-888-567-8688 or go to optoutprescreen.com. The 3 nationwide credit reporting companies operate the phone number and website. Prescreened offers can provide many benefits. If you opt out, you may miss out on some offers of credit.

Keeping Your Personal Information Secure Online

Know who you share your information with. Store and dispose of your personal information securely.

Be Alert to Impersonators

Make sure you know who is getting your personal or financial information. Don’t give out personal information on the phone, through the mail or over the Internet unless you’ve initiated the contact or know who you’re dealing with. If a company that claims to have an account with you sends email asking for personal information, don’t click on links in the email. Instead, type the company name into your web browser, go to their site, and contact them through customer service. Or, call the customer service number listed on your account statement. Ask whether the company really sent a request.

Safely Dispose of Personal Information

Before you dispose of a computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.

Before you dispose of a mobile device, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device. Remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history, and photos.

Encrypt Your Data

Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted. Look for the lock before you send personal or financial information online.

Keep Passwords Private

Use strong passwords with your laptop, credit, bank, and other accounts. Be creative: think of a special phrase and use the first letter of each word as your password. Substitute numbers for some words or letters. For example, “I want to see the Pacific Ocean” could become 1W2CtPo.

Don’t Overshare on Social Networking Sites

If you post too much information about yourself, an identity thief can find information about your life, use it to answer ‘challenge’ questions on your accounts, and get access to your money and personal information. Consider limiting access to your networking page to a small group of people. Never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.

Securing Your Social Security Number

Keep a close hold on your Social Security number and ask questions before deciding to share it. Ask if you can use a different kind of identification. If someone asks you to share your SSN or your child’s, ask:

  • why they need it
  • how it will be used
  • how they will protect it
  • what happens if you don’t share the number

The decision to share is yours. A business may not provide you with a service or benefit if you don’t provide your number. Sometimes you will have to share your number. Your employer and financial institutions need your SSN for wage and tax reporting purposes. A business may ask for your SSN so they can check your credit when you apply for a loan, rent an apartment, or sign up for utility service.

Keeping Your Devices Secure

Use Security Software

Install anti-virus software, anti-spyware software, and a firewall. Set your preference to update these protections often. Protect against intrusions and infections that can compromise your computer files or passwords by installing security patches for your operating system and other software programs.

Avoid Phishing Emails

Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.

Be Wise About Wi-Fi

Before you send personal information over your laptop or smartphone on a public wireless network in a coffee shop, library, airport, hotel, or other public place, see if your information will be protected. If you use an encrypted website, it protects only the information you send to and from that site. If you use a secure wireless network, all the information you send on that network is protected.

Lock Up Your Laptop

Keep financial information on your laptop only when necessary. Don’t use an automatic login feature that saves your user name and password, and always log off when you’re finished. That way, if your laptop is stolen, it will be harder for a thief to get at your personal information.

Read Privacy Policies

Yes, they can be long and complex, but they tell you how the site maintains accuracy, access, security, and control of the personal information it collects; how it uses the information, and whether it provides information to third parties. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.

8 in 10 Doctors Have Experienced a Cyber Attack in Practice

Physicians, overwhelmingly, are finding themselves the target of cyberattacks that disrupt their practices and put patient safety at risk. Contact our cyber security experts for a free security audit!

A staggering 83 percent of physicians told AMA researchers that their practices have experienced a cyberattack of some type. The 1,300 physicians surveyed also said not enough cybersecurity support is coming from the government that will hold them accountable for a patient information breach. These and other findings are contained in a first-of-its-kind survey from the AMA and management consulting firm Accenture. The data (infographic) provide new depth—and an often overlooked physician voice—to the discussion on how best to protect patients in a complex health care system that is increasingly connected and vulnerable to cybercriminal exploitation.

“The important role of information sharing within clinical care makes health care a uniquely attractive target for cyber criminals through computer viruses and phishing scams that, if successful, can threaten care delivery and patient safety,” said AMA President David O. Barbe, MD, MHA. “New research shows that most physicians think that securely exchanging electronic data is important to improve health care. More support from the government, technology and medical sectors would help physicians with a proactive cybersecurity defense to better ensure the availability, confidentially and integrity of health care data.”

A June 2017 report by the congressionally mandated Health Care Industry Cybersecurity Task Force found “health care cybersecurity is a key public health concern that needs immediate and aggressive attention,” and that, “most importantly, cybersecurity attacks disrupt patient care.” The 88-page document underscores the risk to medical care delivered in smaller settings, which are especially vulnerable to attacks by cybercriminals.

Most of the AMA survey respondents report being either very or extremely concerned about future attacks aimed at their practices. All practice settings are at risk, but attacks are twice as likely at medium- and large-size practices. Malware—the broad term for a wide range of malicious software—is a top concern, as are breaches involving the theft of electronic patient health information.

Nearly three-fourths—74 percent—of the respondent physicians said that interruption or inconvenience to the running of their practices is their greatest concern. In the context of medical care, that business disruption can very quickly become a patient safety concern. Phishing attacks also are among the top threats cited by physicians. The technique involves the use of often very sophisticated sham emails to entice recipients to reveal sensitive information—such as passwords—or trigger malware, including ransomware that blocks access to patient records and other viral practice information until an untraceable online payment is made.

Other cybercriminals just want to steal patient information outright. Medical files are highly valued in the world of financial fraud because of the depth of information they contain, far more exploitable than just a credit card number hacked from a retail site. But, increasingly, the concern is that patient information will be used in a wide variety of health care fraud. Fake claims to defraud payers also place false diagnosis and treatment information into the medical record of the legitimate patient whose data were hijacked. It is not only patient files that are at risk. Another serious concern, still mostly on the horizon, is the hacking through online connectivity and malware of medical devices—the FDA recently recalled nearly a half-million pacemakers because of that vulnerability—critical to patient care.

Still, there is no turning back on the positive uses of the technology and the AMA survey reports that 85 percent of the respondents believe it is important to have the ability to share patient electronic information. But they are critical of the public policy implementation that, after they were encouraged to go online, frustrates them when it comes to meeting the accountability standards Washington has set.

Cybersecurity's big practice costs

Meaningful use incentives—now part of Medicare’s Merit-based Incentive Payment System—put many physician practices on the road to online connectivity. The privacy enforcement standards under Health Insurance Portability and Accountability Act (HIPAA) set substantial penalties for violations. However, the complexity of HIPAA compliance has left physicians in a quandary—how to comply with elaborate requirements, explained in dense legalese, when the application of the law is in the real-life world of patient care.

The vast majority of physicians—87 percent—believe their practices are HIPAA compliant, but 83 percent believe HIPAA compliance is “insufficient.” They want to understand where their practice is at greatest risk so that attention and investment can be directed there. Many physicians say they want tips for good cyber hygiene, simpler legal language on HIPAA requirements, how-to advice on conduct cybersecurity risk assessments, and information on what to consider before hiring a consultant to help with HIPAA compliance.

Meanwhile, practices are running up six-figure annual cybersecurity bills. The amounts can be $250,000 per year for a nine-physician practice, or as much as $400,000 annually for a regional medical center with 50-plus physicians. To make the most effective use of the spending, it is important to establish a cybersecurityrisk-management program. The AMA has partnered healthcare cybersecurityalliance HITRUST to help small- and mid-sized practices with dependable information and strategies, in a series of workshops in eight cities throughout the country, including Pittsburgh, Chicago, Cleveland and Dallas. See the complete listof upcoming dates and locations.

Physicians can get a quick start on understanding the issues with the AMA’s one-hour cybersecurity webinar Jan. 24, 2018. Online attendees will be informed on what the AMA is doing about awareness and understanding on the issue, and how physicians can advocate to protect their patients and gain insights into the shared responsibility for securing electronic patient information.

Snowden's New App Turns Your Phone Into A Home Security System

Any sufficiently paranoid person will remind you, is only as good as your physical security. The world's most sensitive users of technology, like dissidents, activists, or journalists in repressive regimes, have to fear not just hacking and online surveillance, but the reality that police, intelligence agents, or other intruders can simply break into your home, office, or hotel room. They can tamper with your computers, steal them, or bodily detain you until you cough up passwords or other secrets. To help combat that threat, one of the world's most well-known activists against digital surveillance has released what's intended to be a cheap, mobile, and flexible version of a physical security system. On Friday, the Freedom of the Press Foundation and its president, famed NSA leaker Edward Snowden, launched Haven, an app designed to transform any Android phone into a kind of all-purpose sensor for detecting intrusions.

Haven uses your phone's sensors to monitor for changes in sound, light, and movement.

Safe Haven

Designed to be installed on a cheap Android burner, Haven uses the phone's cameras, microphones and even accelerometers to monitor for any motion, sound or disturbance of the phone. Leave the app running in your hotel room, for instance, and it can capture photos and audio of anyone entering the room while you're out, whether an innocent housekeeper or an intelligence agent trying to use his alone time with your laptop to install spyware on it. It can then instantly send pictures and sound clips of those visitors to your primary phone, alerting you to the disturbance. The app even uses the phone's light sensor to trigger an alert if the room goes dark, or an unexpected flashlight flickers.

"Imagine if you had a guard dog you could take with you to any hotel room and leave it in your room when you’re not there. And it’s actually smart, and it witnesses everything that happens and creates a record of it," Snowden said in an encrypted phone call with WIRED from Moscow, where he has lived in exile since 2013. "The real idea is to establish that the physical spaces around you can be trusted."

Since he became the director of the Freedom of the Press Foundation in early 2016, Snowden has led a small team of programmers and technologists working on security tools. The projects so far range from software that only allows secrets to be decrypted if a group of collaborators combine their secret keys, to a hardware modification for the iPhone that's designed to detect if malware on the device is secretly transmitting a user's data.

The 'Evil Maid' Problem

The notion of a smartphone-based alarm system arose when Micah Lee, a technologist at the news outlet The Interceptand board member of the Freedom of the Press Foundation, suggested it to Snowden in early 2017. Lee hoped for a new approach to the perennial problem that the cybersecurity community calls the "evil maid" attack: It's very difficult to prevent someone with physical access to your computer from hacking it.

Eventually, Lee and Snowden's group of developers at the Freedom of the Press Foundation partnered with the security-focused nonprofit Guardian Project to build and test a software solution to that problem. "We thought, is there a way we can use a smartphone as a security device," says Nathan Freitas, the director of the Guardian Project. "Take all the surveillance technologies in smartphones and flip them on their head, to keep watch on all the things you care about when you’re not there?"

'Imagine if you had a guard dog you could take with you to any hotel room and leave it in your room when you’re not there.'

EDWARD SNOWDEN

In practice, Haven could protect its users from more than just hands-on computer hackers; it could guard against everyone from abusive spouses to authoritarian police. In November, the groups teamed up with the Colombian activism group Movilizatorio to conduct a trial with social justice activists—a group that's been the target of dozens of assassinations over the last year, in the fallout of tense negotiations between guerrilla groups and the country's government. Movilizatorio founder Juliana Uribe Villegas says the app provided a key reassurance that month, for a group of 60 testers, that government or criminals agents weren't breaking into their homes to plant surveillance equipment or, far worse, to kidnap or physically harm them.

"It's very significant for them to know that they have tools they can use themselves when the government isn’t protecting them," Uribe Villegas says. "It’s great to think about cybersecurity, but in countries like ours, personal security is still at the top of our list."

Privacy First

Of course, any device that takes pictures and records audio clips in your home or office and sends them over the internet might sound more like an intolerable privacy violation than a security measure, especially for someone as privacy-sensitive as Snowden, who hasn't even carried a mobile phone since he first became a fugitive from the US government in 2013.

Haven sends encrypted alerts when activity triggers your phone's sensors.

But Haven takes some serious measures to prevent its surveillance mechanisms from being turned against a phone's owner. It integrates the encrypted messaging app Signal, so that every alert, photo, and audio clip it sends to the user is end-to-end encrypted. As another safeguard, users can also configure Haven to work with the Android app Orbot, which has an option to turn your phone into a so-called Tor Onion Service—essentially, a server on the darknet. That means the Haven phone's event log can be accessed remotely from your desktop or another phone, but only over Tor's near-untraceable connection. In theory, that means no eavesdropper can break in to access those audio and photo snapshots of your sensitive spaces.

"Now you can take this huge aggregation of sensors available on any phone today—accelerometers, light sensors, cameras, microphones—and make it work for you and only you," Snowden says. He notes that despite his personal avoidance of carrying a smartphone, even he has used Haven in hotel rooms while traveling and at home, albeit only with some additional precautions that he declined to fully detail.

In WIRED's initial tests of Haven's beta version, the app successfully detected and alerted us to any attempts to approach a laptop on an office desk, reliably sending photos of would-be evil maids over Signal. If anything, the app was too sensitive to saboteurs; it picked up and alerted us to every stray office noise. The app's accelerometer detection was so hair-triggered that even leaving the phone on top of a computer with a moving fan inside created hundreds of alerts. You can set thresholds for the audio, but it was tricky choosing a level that wouldn't trigger false positives. Freitas says the developers are still working on fine-tuning those controls, but that users may have to experiment.

Snowden acknowledges that Haven can't stop an intruder bent on physically harming someone. But by simply detecting and recording their presence, it might just make them think about the consequences of that intrusion's documentation, and give victims a significant tool they haven't had before. "If you’re the secret police making people disappear, Haven changes the calculus of risk you have to go through," Snowden says. "You have to worry that every possible cell phone might be a witness."

Source: Wired

Digmine Cryptocurrency Miner spreads via Facebook Messenger

Watch out for video file (packed in zip archive) sent by your friends via Facebook messenger, according to the researchers from security firm Trend Micro crooks are using this technique to spread a new cryptocurrency mining bot dubbed Digmine.

The bot was first observed in South Korea, experts named it Digmine based on the moniker (비트코인 채굴기 bot) referred to in a report of recent related incidents in South Korea.  Digmine infections were observed in other countries such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela.

Attackers are targeting Google Chrome desktop users to take advantage of the recent spike in the price of cryptocurrencies.

Digmine is a Monero-cryptocurrency mining bot disguises as a non-embedded video file, under the name video_xxxx.zip, but is actually includes an AutoIt script.

The infection starts after the victims click on the file, the malicious code compromise the system and downloads its components and related configuration files from a command-and-control server.

Digmine first installs a miner (i.e. miner.exe—a modified version of an open-source Monero miner known as XMRig) that silently mines the Monero cryptocurrency in the background. The bot also installs an autostart mechanism and launch Chrome with a malicious extension that allows attackers to control the victims’ Facebook profile and used it to spread the malware to the victim’s Messenger friends list.

“Facebook Messenger works across different platforms, but Digmine only affects Facebook Messenger’s desktop/web browser (Chrome) version. If the file is opened on other platforms (e.g., mobile), the malware will not work as intended.” reads the analysis published by TrendMicro.

Digmine is coded in AutoIt, and sent to would-be victims posing as a video file but is actually an AutoIt executable script. If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends. “

Researchers observed that since Chrome extensions can only be installed via official Chrome Web Store,  crooks launch Chrome (loaded with the malicious extension) via command line.

“The extension will read its own configuration from the C&C server. It can instruct the extension to either proceed with logging in to Facebook or open a fake page that will play a video” Trend Micro continues.

“The decoy website that plays the video also serves as part of their C&C structure. This site pretends to be a video streaming site but also holds a lot of the configurations for the malware’s components.”

DigmineDigmine

The technique doesn’t work when users open the malicious video file through the Messenger app on their mobile devices.

“The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line. This functionality’s code is pushed from the command-and-control (C&C) server, which means it can be updated.” continues the analysis.

Facebook had taken down most of the malware files from the social networking site.