Secure: The Phones They Don’t Want You To Have

October 26, 2015

Edward Snowden, Steve Jobs, and Google walk into a bar- sketch some ideas on a napkin…

Well, I suppose, that’s not exactly how it happened. But, that it did happen is twice as intriguing and thrice as cool.​

In a nutshell: A smartphone running on an Android-based software system. They call it SilentOS.

I’m talking about the latest edition of the Blackphone (Blackphone 2) released by Silent Circle. It looks like a smartphone, but it’s intelligence reaches far beyond that of the smartphones we are used to. It reaches into a different direction. “Privacy Without Compromise,” they say.

Is it perfect? No. Is it better than the common iPhones and Androids? When it comes to matters of privacy and the sovereign rights of the user, we have to say yes. Anything is hackable, but what we have here is going in the direction of our best interest.

The point is that they are addressing a growing concern that companies such as Verizon, AT&T and other telecommunications companies are selling their customers out to a number of sources, including governmental agencies. And the common smartphones most of us use are much more vulnerable to hackers and trackers.

Silent Circle, the makers of the Blackphone 2, are not alone either. Boeing actually makes a similar type of “secure” smartphone. They call it the Boeing Black. Lastly, FreedomPop has what they call, the “Privacy Phone,” sometimes referred to as the Snowden Phone (a reference to NSA whistleblower Edward Snowden). It's advertised to “protect your privacy from hackers, government agencies and spyware.” I’d like to try all three of these out. Give ‘em a test drive and see how they fare.

Have you used any one of these three smartphones? Let us know in the comments. I’ll keep you posted as I explore them too. There are a lot of excellent reviews of the Privacy Phone on the FreedomPop website. I’ve also heard good things about the Blackphone 2. A lot of improvements have been made since the original Blackphone came out in early 2014.

Again, check these out if you have yet to hear about them:

Blackphone 2, from Silent Circle.

The Privacy Phone, aka, the Snowden Phone, from FreedomPop.

And the Boeing Black.

The phones they don't want you to have. To be mobile and keep thy tracks cleared.​

Facebook I Love You But Just As A Friend

October 25, 2015

     Have you ever had a friend that you love, but always tends to cause trouble?

     Maybe you’ve been friends for a long time but they always seem to cause some kinda problem or manifest some strange drama? You love 'em, but it tends to get on your nerves, right? I knew a kid like that when I was younger. He was a good kid, but he did the most outlandish things to get attention. The only thing that ever happened was he got on everyone’s nerves. And if sometimes he was with a group of us, he got us in trouble. And the kind of trouble you had no fun getting into.

     This is what Facebook is becoming. That friend.

     What I’m referring to specifically, is the Cybersecurity Information Sharing Act (CISA). It is a proposed law that has been introduced and re-introduced in the Senate since mid-2014. In the summary straight from Congress.gov, the law intends to:

          “Permits private entities to monitor and operate countermeasures to prevent or mitigate                                             cybersecurity threats or security vulnerabilities on their own information systems and,                                                 with written consent, the information systems of other entities and federal entities.                                                       Authorizes such entities to monitor information that is stored on, processed by, or                                                       transiting such monitored systems."

Now, what is rather interesting about this is that the tech industry, security experts and the public, in general, all object to this law.

All, that is, except for Facebook.

That doesn’t come as a total surprise, but it is causing a lot of commotion since Facebook has always been in the realm of controversy for violating users rights. In the United States, we have privacy rights. What CISA aims to do is give any “good ‘ol boy” company legal immunity for playing along.

If “Company A” (e.g. Facebook) gives the U.S. government the private data of its users, even though that used to be illegal because of privacy laws, they (Company A) will be granted immunity.

This is being sold as “cybersecurity,” but all that private data- who knows all the reasons they want it for? One thing we do know- they can use it for more than just security reasons. Even though the vast majority of the general public, tech world and security experts are screaming out against this, lobbyists are pushing for this like their life depended on it.

Lobbyists like Myriah Jordan, Facebook’s Public Policy Manager, who before she went to Facebook, worked for Senator, Richard Burr, the Senator responsible for re-introducing the CISA bill. Facebook itself is lobbying for this bill to be passed into law.

The bottom line? Facebook is not our friend. Facebook uses us, as you might use some thing. Like, say, a product. We are a product to Facebook and entities like the government (and other businesses) are Facebook’s customers. And these businesses like the U.S. government have a vested interest in making deals with a company like Facebook regarding their product.

If you would like to sign a petition to encourage Facebook to back off on their support of CISA, then check          this page out at YouBetrayedUs.org.

I love you Facebook, but just as a friend. One that may need to be put into check if you keep stepping on my toes.

And playing with the devil.

Not Too Big To Rig

October 17, 2015

“There’s nothing I can do about it.”

That’s what she told me. The lady at the bank, when I confirmed with her that my account was hacked. A few months later it happened again.

“That’s it,” I thought. “I’m done.”

So we’re talking chump change. A few cents here and there under a transaction referred to in my bank statement as “Foreign ATM / Exchange Fee.” $.54 here, $.68 there. One time it was $8.32. And it all adds up. How much money could you gather if you accumulated all the pocket change, coins in your couch or under your car seat for a good period of time?

It’ll add up, that’s for sure.

That’s the idea. Small amounts don’t set off alarms in the banking security system. And although the federal law states that the bank is liable in the event of a security breach, the stolen amounts are adding up. In what direction is this system going? Who are the people that hack into someone else’s bank account?

In a way, they’re winning. The banks aren’t making an issue of the matter either. And this whole scheme is rarely, if ever, reported in major news outlets. So hackers gonna hack! And the banks are going to turn a blind eye as long as their customers don’t make a big enough noise about the lack of security. After all, it’s just chump change, right?!

But it does all add up. So that’s when I said enough’s enough. I don’t want to be on the hacked end of this scheme anymore. I dug into the whole world of internet/computer security. I’m enjoying the experience too. Computers and the internet totally influence our daily life. It’s about time we all start becoming accustomed to how they work, specifically regarding our safety and protecting our interests, financial, health, etc.

That is how humans seem to act across the board though. We just are not that concerned about safety or security until we actually see that it needs to be addressed. We needed many head injuries to happen before we decided to make helmets for bicycle riders. So many people born in the 1940s and 50s have joked about riding in the back window when they were kids and roll all over the back seat when dad would make a turn or come to a stop. Now, kids are strapped into specially made car seats until practically old enough to drive.

A new technology comes on the scene, and we have our fun. Then we adapt and see where we need to protect ourselves. That’s where we’re at now. The internet, as most of us know it, is still a teenager. And for the younger generation, it’s older than them. And we have the damn internet driving the car while we’re all rolling around in the back seat having fun.

We want to have fun. We just want to have a few safeguards in place to make sure we can stay having fun for a long time. It’s considered common sense now to where bicycle helmets. Kids are in car seats in every state across the country. Similar types of precautions and safety measures that we write about on ClearYourTracks.com will also one day become commonplace.

They need to. We now know that the banks are not too big to rig. And we know the government has rigged itself. It’s now just a matter of consumer advocacy.

Clear your tracks. Or else.

One Major Piece Of Computer Security You May Be Missing

There’s no shortage of analogies of the human body and computers. I’m throwing one in the mix from a different angle. It's likely one you have not heard before. It is a concept that most people are unaware of regarding either side of the analogy.

Here goes. A computer is meant to have two levels to its immune system just like the human body does. It's the one major piece of computer security you may be missing. But, what does this mean?

Well, first of all, let’s talk about the immune system of a human being. We have the inner layer and the outer layer. Most people think of the white blood cells as their primary defense shield. White blood cells have long been given top billing when it comes to immune system awareness. That is not true, however. The front lines of your immune system is your skin. It’s actually the whole “outside” of your body.

More specifically, think of your body, very generally as the shape of a donut. Your skin is the outside of your body. But your mouth is the outside of your body too. In fact, from the mouth all the way to the anus is a tube, like a river that varies in size and width at different points.. And it’s the outside of the body. It’s the “hole” in the center of the donut. Just because the hole is in the center of the donut, that doesn’t mean we call the inside walls of that inner circle the inside of the donut. It’s the outside. It’s the same thing with the human body, from the mouth to anus.

With this awareness comes the understanding of immunity. Your skin (and mouth all the way through that whole tube) is the body’s first line of defense. If something gets through the skin or that first layer of defense, THEN the white blood cells are called into action. At that point, it could be attacking the heart, the liver, the kidneys or the immune system itself, depending on the intruder. The immune system needs to be highly intelligent and continually educated as to all the potential threats it can be facing, to stay prepared.

It’s the SAME way with computers. Computers have/need an immune system. Computers themselves, and all the applications we have on them. So for instance, you can have an ANTI-VIRUS program installed on your computer. Wouldn’t you want one of those in your body? An ANTI-VIRUS program? See, some people get the idea for the computer, but not the human body, or vice-versa. You could have a VPN service employed for your internet access. Something as simple as having a piece of tape over the camera on your computer could protect you from a whole array of things, spy related.

It’s all about preparation and protection. That’s what immunity is about. In your body and on your computer. Your computer needs an immune system. It doesn’t even come with one. You need to build it. Here are a couple key points to understand computer immunity:

- Like your body, your computer needs immunity from multiple angles. Just like your skin has multiple forms of immunity in the form of bacteria and hormones to protect from different things, your computer needs similar type protections. So you may have a password or passphrase to log into your computer. Then you may have anti-virus software installed. There are a whole number of different things you can have just to protect the computer itself.

- Then you have all the applications. These relate to the organs in the body. For example, do you share files online with a company like Dropbox? Well, there are vulnerabilities there. Loopholes have been found in Dropbox’s system that can put you and your information at risk. On the other hand, SpiderOak is a service that has a much tighter, more secure system. Think of it like this: Dropbox was grown with pesticides. SpiderOak is organic. So think of all the Apps on your computer and make sure they’re safe and secure.

- Think of your computer’s immunity as the immunity for the human body. It needs to be intact, prepared and strong. It needs to be fed and tended to on a regular basis. There is no “cold season” in the computer-hacking-security world. It’s open season year-round. Be prepared.

Now, it's up to you. You have to be proactive. The government's not coming to your aid on this one.

It’s one of those things- it’s simple. But you have to do it.

You Can’t Touch This. No, Actually You Can.

October 5, 2015

I’ll just tell you how it happened. A recent conversation.

          Friend: Do you use TouchID on your phone?

          Me: Looks at him like he has 47 heads. “Nah, man.”

          Friend: Why not?

          Me: Because it’s my fingerprint.

          Friend: I don’t get it. You have a passcode on your phone. Isn’t your fingerprint more secure and private than a passcode? How can you hack a fingerprint? You can’t!

          Me: You haven’t been to IsTouchIDHackedYet.com, have you?

          Friend: (laughs) No, never heard of it.

          Me: It’s no longer active. See, a few years ago when Apple came with their chest sticking out, talking about how great and secure their new TouchID technology is, as life would have it, someone had to prove them wrong. IsTouchIDHackedYet.com was set up by the Chaos Computer Club in Germany. They kinda had a party. They put $20,000 up and challenged someone to hack it. That is, a bunch of these hackers all chipped in and challenged one another to find a way to hack it. You know, for fun. And for $20,000. Here’s the kicker. Not only did someone do it- they did it within 24 hours. You can imagine all the time and the many millions of dollars that went into developing this technology, and here it only takes someone a day to break it, hack it.

          Friend: Wow, that’s crazy, I’d never heard about that. But the fingerprint thing is just so cool, that it's just there on our phone!

          Me: Well yeah, that’s why you never heard about it. We become intoxicated by the fancy technology. We lull ourselves into a trance. Subconsciously, we recall all the high-tech spy-CIA-FBI-KGB thriller movies we saw where the person presses their finger to a piece of glass on the wall and the door slides open, ever so smoothly. And is it secure? Well yeah! In the movies, they have to cut off the guys finger (or hand) if they need his fingerprint! But not anymore. They don’t need the fingerprint. Just a little MacGyver-styled hacking. You're done within the day. None too many is the wiser.

Until now, my friends.

The moral of the story is have fun, but be aware.

Beware.

Beware the latest and greatest thing coming down the pike, lest you get hacked, cracked and tracked.

Preventing Your Child’s Digital Footprint

With tons of kids going back to school in the last week, we once again see a slew of pictures from proud parents. All over social sites we see little tikes getting on and off the bus, posing in their new clothes and all excited to get to school. It’s a very innocent and customary thing to do. I remember my mom doing it when I was younger.

Before the internet, you had to take pictures with an actual camera and then drive the camera to a store for the pictures to be developed. My mom kept those pictures, maybe sharing a set of doubles with my grandparents, right? Other than that, no one saw me getting on the bus the first day of kindergarten. The technology has changed so fast even though it wasn’t that long ago. Digital photography with a WiFi connection is a total game-changer. When they get posted on the internet, those images are given to that site and any third-party to which that site is affiliated.

As I’ve written previously, my wife and I have a young son. I’m inspired to learn how to best proceed when speaking about him or posting pictures or video of him online. To date, we’ve been very conservative about that. It’s encouraging to see the growing concern and discernment of parents in this regard. We are seeing a growing number of companies demanding one’s login information to certain sites when hiring. Is this the future? Will there be a section reserved for your Facebook login information on job applications? Will passwords for our email address be a permanent fixture on our resume? That is the direction we are heading.

Then there’s the very real concern of cyberstalking-pedophiles. Facebook, particularly has proven to be an effective tool for these monsters. Parents post their home address, pictures of their children, the school they attend, etc. That is a whole crazy topic of discussion itself.

We’re in a brand new world. Adults are learning as they go, intoxicated by the fun and seducing qualities of all the exciting technology. We’re slowly growing up, though. As in life, it’s not about saying “it’s time to grow up, no more fun.” It’s just time to realize that while we’ve been having fun the party got a little out of control. But I believe you gotta have fun in life. That doesn’t seem to be a common part of the conversation when talking about online privacy and the invasions of it.

That’s all Clear Your Tracks is about, though. It’s like when I explain to my son why it’s a good idea for him to wear a helmet when he rides his bike. We have the conversation; then he’s set. He can now spend the rest of his time having fun on his bike. He’s not consciously burdened with all the reasons running through his head on why to wear a helmet. You learn some tools and ideas that help you do a thing responsibly, and then you have fun doing it. We’re going to continue to learn all sorts of strange behaviors and programs currently in play on the internet. As of today, there are a countless number of them. And they’ll keep coming from all different directions. It’s just a part of life. That’s not the problem. We can handle that. By the fact that a problem has presented itself means that there is a solution to discover. We’ll continue to probe all these issues and find the best solutions.

Preventing your child’s digital footprint is a challenge. After careful thought, it’s also something you may decide is a necessary challenge. It’s clearing your tracks and your child’s tracks while also considering potential paths we may not want them on at all if we knew where it could lead.

Just food for thought from a concerned father.

Life Is Short, Hack An Affair

August 24, 2015

Life is short, hack an affair?

The recent Ashley Madison hack highlights the concern that even sites whose actual gimmick demands high security are not even safe from hackers. There could be a lot of reasons why someone (or a group) would want to invade a site specifically like Ashley Madison. I don’t want to get caught up in the moral debate whether or not the customers of that site deserved it or not. I’ll just say I was not a member.

The point is that a site that depends on complete privacy for everything it’s members do, say and write has been hacked to the furthest degree. Not just credit cards. As seen by former reality TV star Josh Duggar’s hacked profile, intimacies like the details of the kind of sexual encounter he was seeking were also stolen and then released to the public.

It would be like someone breaking into one’s home and stealing a bunch of valuable stuff. Jewelry, collector coins, antiques, etc. But while they are there, they also grab a diary. There’s always valuable stuff in a diary! They bring it home and looking through the diary they read that this person has been hiding something from their spouse. Like, say, an extramarital affair. Now, this can be used as leverage in at least a couple ways. One, the burglar could mail the diary to the spouse who has been cheated on and tell them to look at the bookmarked page to find out for themselves. Second, a little note could be mailed to the cheating spouse telling them their little secret is known and the burglar is now using it as leverage to violate this family further.

hacker as burglar

We see someone breaking into our home as wrong every single time. If they were to discover and disclose an affair one is having with their spouse, we would empathize with that cheated spouse but we would still keep most of the focus on the burglar. This is one of the tricky things about the modern burglary, called hacking. It’s done by an anonymous person, sitting in their house. Total anonymity. There’s no dusting for fingerprints. Today’s hackers have an easier time concealing their identity than yesterday’s house burglar. The policing of this stuff has just not been perfected yet to any significant degree. So we have to police ourselves.

See that hacking is wrong. It’s immoral and illegal. Furthermore see that when you get hacked it’s not a simple process of prosecution. We don't just call 911, have the local police officer come to our house and arrest the bad guy and take him to jail. You have to be your own cop. A preventative cop. All over the world there are computers (including smartphones) and they each represent a respective direction from which a burglar could come. You need a policy in place on how to protect yourself from that potential threat.

More on that in the next chapter.

Protect And Serve Your Own

August 15, 2015

​I grew up -as we might say in New England- in a wicked safe neighborhood. I mean, I was a kid. It felt safe to me. And looking back, it was. It was the 80s. A group of us kids could get together and bounce around to each other’s house all day long. We'd play kickball at one house, have lunch at another and then ride our bikes up to the end of the road and over this big log on the edge of it to the convenience store. We’d buy some baseball cards and big league chew with the money we got from mowing lawns or washing mom and dad’s car. We could be hanging out all day long without any concern on the part of our parents. All the kids could play outside on a beautiful summer day, all day long, unattended, and it was totally safe. Today that same neighborhood may appear to be very similar. In many respects, it may still be, but with the advent of the internet and related technologies we’ve added a few dimensions and gone a little deeper into the rabbit hole. We didn’t lock the doors in my neighborhood, and I didn’t know anyone with a computer.

Many kids today have their own computers and smartphones. A computer and smartphone with an internet connection is a total game-changer. Every movement of a child carrying a smartphone is at risk of being tracked with the Location Services turned on. Location Services switched on tells the tracker (or hacker) where they’ve been, the route they took to get there and how long they were there. Apple says they store this information temporarily for them to better serve our needs as customers and assist in improving the product. However, more and more reports are coming out that these types of tracking abilities are being utilized by official channels like the National Security Agency. After all, their internal motto is Collect It All… In addition to that, there is always the threat of a hacker.

What is the purpose of all this data collection? Why is it necessary to have the ability to track everyone all the time? These are ideas that are imperative to explore further. This world is a beautiful place. In fact, it’s perfect. And there are, and always will be, people and subcultures that are working against the general public's best interest. Defending ourselves against those threats is a core purpose of this site. The kind of monitoring that is in place now though is very unsettling.

Little boy with smartphone

That can’t be the kind of world in which we want to raise our children. Of course, we are learning how to change it. At the same time, we need to learn how to work with the current circumstances. That is what clearing our tracks is all about. Be conscious of the tracks you make and the way you make ‘em. That’s a basic principle of life. These days, with computers and smartphones especially, be careful of who’s following the tracks you make. In fact, it may be better just to erase those tracks as much as you can. Even the most innocent child with a smartphone in their pocket, riding their bike around an otherwise friendly neighborhood is subject to potential harm. Let’s change that.

It’s up to us, the family. Protect and serve your own. The responsibility is too important to leave to the professionals.

Ben Franklin Has A Suggestion For You

Ever the consummate artisan, Ben Franklin designed the first American penny in 1787. It’s called the Fugio Cent. It contains the maxim “Mind Your Business.” Historians believe that he wanted this to be the national motto. Millions of people, in the public and private sectors, conducting business under the guiding principle of minding their merchant and personal business, i.e., you do your thing, and I'll do mine. We can work side by side, harmoniously, and as long as our moral compasses are in balance we will build a wonderful community. So, mind your business.

Email Security

Fast forward a few hundred years to today. Minding one's own business is hardly a priority for many individuals, never mind governments. We have people trolling and stalking others on the Internet and hacking into their computers and phones. Email providers like Google are offering other companies in the marketplace valuable information extracted from our email so they can better target us as customers. According to Google, we accepted this if we opened a Gmail account. Whether we have a Gmail account or not, whether we care or not that an email provider is soliciting our private correspondence to third parties.

Did you know that was happening? Were you "minding your business"? The fact is, we have consented to many invasions of our business, private and otherwise. It's simply a matter of awareness to what we signed. Reading the Privacy Policy, the Terms of Use, etc. Ultimately, I'm talking about being mindful of our business. Being thoughtful and aware of the engagements we make when on the internet. What Ben Franklin referred to as Minding Our Business. If we don't, who knows who will? Or already is? Ben Franklin has a suggestion for you. So do I. Mind your business. And clear your tracks.

The Clam Chowder Two-Step Protect

Remember in the original Ace Ventura movie when Ace goes backstage at the metal concert and knocks on a door? We don’t know what’s going on, but a voice then asks him for a password. He responds, “New England Clam Chowder.” There’s a pause before the voice comes back, “is that the red or the white?!” He guesses “white” and the door opens. His computer-hacker buddy Woodstock then greets him.

That's a great tip for internet security. I call it "The Clam Chowder Two-Step Protect". You can also think of it as just a two-step authentication when setting up passwords on various sites. Sometimes this can be even more than two steps. The more, the merrier. On top of enabling two-step authentication, do not click the option to “remember this password.” Consider using pass "phrases" instead of single words. The more hurdles you need to jump, the more hurdles a hacker needs to jump.

The concept is simple. Make the pass "words" long. Make them ALL different. Always have to type them out. Change them every month.

To be continued.

Snowman

Enter your text here...