Online Security: Keep What’s Yours, Yours.

So we’ve talked a lot about privacy and security online in this class and obviously it’s a huge topic in the news right now. What I’ve taken away from this discussion and discovery is that, whether or not the way tech companies are handling our data is wrong or bad or illegal and whether or not they’re doing that intentionally and for profit, they’re definitely not directly looking out for us either. We sell our souls every time we skip past reading the Terms & Conditions Agreements, and they know no one reads those, but still it is our responsibility to educate ourselves in self-preservation. No matter where you fall on the spectrum of blaming the companies or blaming ourselves, it is reassuring to know that you’re protecting yourself and your data as much as possible online. So in the spirit of educating myself, I’ve done a little research and have compiled a short list of some steps you can take to arm yourself and your Internet habits.

 

Easy Things

Review your privacy settings. This is straight forward, but by reviewing the settings and editing past the defaults on your various accounts allows you to manage who sees what and where your data is going to a basic degree.

300x0w.jpg

Set good passwords. I am super guilty of this, but it’s not particularly secure to use one password for all of your accounts. Use unexpected passwords and switch it up regularly. To be as safe as possible, ideally you would create a different password for every account that would be comprised of a random collection of letters, numbers, and symbols. A great way to do this well and not have to remember a million gibberish words is to install a password manager. That way, the manager remembers your random passwords and you just have to remember one really good password for the password manager! Apparently LastPass is a good one, but I can’t speak from experience, so if you try it let me know.

Use two-factor authentication for the big things (or all things). This adds an extra layer of protection to your accounts by sending a code to your phone even after entering a password to make sure it’s really you. Just be sure to keep your phone number safe as well! Here is the link to a website, Turn It On, that explains how to turn on two-factor authentication on many major websites in case you need some help with this.

 

More Involved Things

Download security software to protect yourself from spyware. Spyware is a type of malware designed to collect and steal the victim’s sensitive information without the victims knowledge; this can include basic things like monitoring your browsing habits to really confidential things like financial information. Some best practices to avoid spyware are to not click on any suspicious pop-up windows, delete emails you suspect to be spam, and be careful when downloading free applications. If you want to get serious, you can download software to combat the problem like Malwarebytes, Spybot Search and Destroy, and Lavasoft’s Ad-Aware.

Encrypt everything. Most major messenger applications are encrypted end-to-end, which refers to your message securely traversing the internet but not when it’s in storage, but recent developments have shown that these systems are vulnerable to man-in-the-middle attacks. Also if you back up your data to the cloud, companies like Apple can be forced to turn this over to the police, so encrypted local backups should be carried out regularly to ensure that your data is being stored securely. Signal is the most secure messaging app according to security experts, and though it is end-to-end encrypted like iMessage and WhatsApp, it includes measures like verification that the person you’re speaking to is who you think they are with safety numbers and scan codes. The app also collects almost no metadata and even scrambles all of its records so that they can’t be used by the intelligence services.signal-pic

 

Considering this is the result of me educating myself, I have taken none of these precautions at this point. After doing this research, however, I will definitely be examining my habits and taking some of these steps to improve my self-protection. I think that apps like Signal, will really gain popularity going forward as we become increasingly more concerned with online security. If you’d like to learn more, there are a lot of more ways you can maximize online privacy in the many sources that I used and linked below. Stay safe out there!

giphy13

 

Sources:

https://techcrunch.com/2018/04/14/how-to-save-your-privacy-from-the-internets-clutches/?utm_source=tctwreshare&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29&sr_share=twitter

https://www.extremetech.com/internet/180485-the-ultimate-guide-to-staying-anonymous-and-protecting-your-privacy-online

https://www.zdnet.com/article/simple-security-step-by-step-guide/

https://heimdalsecurity.com/blog/online-privacy-essential-guide/

https://www.elie.net/blog/security/how-to-improve-your-online-security-and-privacy-in-10-easy-steps

8 comments

  1. First off, the Bon Qui Qui thumbnail gif was entirely the reason I chose to read this blog post.

    I think my favorite suggestion of yours is to review your privacy settings. One time I went on an international trip where we were required to change our Facebook privacy settings in order to protect the secrecy of the organization (see what I did there? I used caution in the way I phrased my comment so you could understand the message but I didn’t reveal any secure information). Of course, there are more websites with your data than just Facebook, but it’s a good place to start.

    If you’re a fan of the show Psych, you may have seen an episode where a woman would go to a speed dating place and ask questions from people that would likely answer their account recovery questions (mother’s maiden name, favorite color, high school mascot). For now it seems the biggest threat to cyber security is less likely ‘hackers’ and more likely these types of social engineers. You’ve probably seen the Facebook posts saying “If you type your password in a comment, Facebook will start it out. See: **********.” I seriously wonder how many people have been ‘hacked’ due to this scam. Two-factor authentication is a great way to counter these attacks.

    Great post!

  2. @1bobbystroup makes such a good point about the Facebook posts that have popped up with the “what was your high school mascot” and then subsequently many posts trying to prevent people from answering those. I think as a user base, people on Facebook have forgotten its a public sight and that everything you post can be used against you. How many people have passwords using their pets names, a number with meaning like a birthday or graduation year, or something that could be ascertained by information you innocently posted. In the wake of the FB data scandal, I’ve been taking a critical eye to what I share or what I’ve shared in the past and how that could be used against me.

  3. Certainly a well-timed post considering recent events! I’m particularly intrigued by the use of two-step authentication. After reading this post and looking at the website you linked I definitely plan to use that setting on some of my apps. I also currently use a password manager called Dashlane, which I would highly recommend. It allows you to save all your passwords in one place, protected by a “master password”. It has a lot of other features too, like spaces to store encrypted notes, digital copies of IDs, and digital copies of your receipts from online purchases. I haven’t utilized all these features yet, but I’ve been very pleased with it so far.

  4. I also appreciated this post, and need to take these steps to check out my own security and privacy! I’m curious about these master password apps – seems like a great way to diversify your passwords and remain secure, but how assured of security can you be with this one app? Does it seem like an easy way for hackers to gain access to everything all at once? But, to your point, most of us already give hackers access to everything by using lousy passwords over and over again!

  5. This is such a useful post and one I should definitely work to implement in my life. I fall victim to the ease of saving passwords or using the same ones due to the convenience. I have been thinking a lot lately about where the line falls for me, and others, between convenience and safety. I worry I will only change my habits once I fall victim to a security attack or breach. I am interested to see how companies work to raise awareness of the need for security protection, and if there will be a rise in companies like Dashlane or LastPass. I think there will be a rise in startups or companies that are focused on security and a market will grow from these opportunities.

  6. Paige this was an awesome post. Like @1bobbystroup, I did click partially because Bon Qui Qui caught my eye too. I think you brought up a bunch of good notions about cyber security and one in particular is how it is constantly changing. You mentioned how although some of the messaging apps might be encrypted end to end, they are not encrypted in storage. Wild to think that isn’t considered a best practice just yet.

    I really liked your discussion of the App Signal. I came across this earlier in the semester and I find it super interesting that people have rallied behind an app devoted to encryption and funded it strictly through donations. It really shows that maybe this Peer-to-Peer networking is going to be the future of technology and decentralization. Especially with our discussion of Blockchain this week and the potential to cut out a bunch of central intermediaries, I think that this concept of increasing encryption and peer to peer connections is really cool.

    Lastly, I liked that this post had a few good big general points. I think that you covered some of the best practices of privacy settings and cyber-security from a personal standpoint. Keeping this post focused on what we can do was really succinct and I thought was well done. Sometimes posts get caught up in too many topics and don’t get down to a clear and concise point. Well done!

  7. Nice post. I use a password manager, Dashlane. It just helps keep better passwords and helps you make sense of them all. Not perfect but better than me constantly forgetting the passwords or choosing ones easy to remember.

  8. Thank you for this post! I am not a fan of blaming other entities typically for whatever damage that has been done, but given that the Cambridge Analytica case was a bit unique, I am still rather upset and furious about that. As you mentioned, however, it is our duty to do our best in preventing any further data breach by diversifying our password patterns in different platforms (although FB’s case is a bit unique as it is entirely their fault; they cannot simply get away with saying they are “sorry”). I doubt that there will be any form of compensation from FB regarding recent scandal unless there is a legal sanction, so the responsibility for our data protection falls onto us even further.

    I also wonder how recent fingerprint password function will play a role in this, as more people will be adjusted to that function (at least on the phone for now). Regardless, changing passwords is encouraged (I heard monthly or so) by many websites, even gaming websites that would care less about users’ privacy than companies like Facebook should. The demand and need for privacy will continuously rise with the recent FB scandal, and I believe that it was a good checkpoint for us to reflect the risks we bear in using seemingly free service.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: