Category Archives for Security

Be Smart, Be Invisible

September 11, 2016

     These days, you almost don’t even have to look for the surveillance state creeping its ugly head to see it. It’s everywhere. And with Oliver Stone’s SNOWDEN movie being released this Friday, it’s sure to turn the awareness factor on high and bring the debate to a kitchen table near you.

     Neither presidential candidate has spoken out against any such surveillance state, or in favor of Snowden, whatsoever. Make no mistake, this election will set the tone for the wave of Washington-style surveillance into the next several years.

     It’s up to you and me, to make a stand for the rights that we hold dear. The same rights that our children are hoping we hold dear. Be aware of bills, (like this one), that are being introduced to put a further stranglehold on our liberties and take proper action in whatever way feels appropriate for you. But do something.

     We are actually living in the world that is very similar to what George Orwell wrote about in 1984. It’s just also the same world that Aldous Huxley wrote about too, in Brave New World. Either way, the time for change is now. Things like this and this are unacceptable.

Let's change it up.

Be smart. Be invisible.​

Be indivisible.

Face the facts. Clear your tracks.​

Privacy Vs. Anonymity – To Know But Not To Know

     As the privacy/anonymity debate becomes a bigger, more popular debate, I keep hearing the two terms used interchangeably more often. They’re in the same realm, but still different concepts. Let’s clarify the difference between Privacy and Anonymity.

     Most of us don’t expect and aren’t looking for total anonymity. For example, most of us don’t expect anonymity regarding where we live. It wasn’t that long ago that everyone used telephone books. There were very few people who chose to have their phone number and street address unlisted. This we could say, is a matter of anonymity. If you don’t want me to know where you live, or if I drive by your house but it can’t be disclosed who lives there- this is anonymity.

     On the other hand, privacy really goes a little deeper. So for example, you may be fine with me knowing where you live, but that doesn’t mean that you want me to just walk in your front door, or peek through your windows. Maybe you don’t care about being anonymous, but you still expect privacy. There’s your name, phone number and street address in the phone book, but that doesn’t mean I can drive over and walk in the front door like I own the place. This is privacy.

     In modern culture, we have generally agreed to a degree of openness. Or a particular lack of anonymity. At least at times. If I want the Post Office to deliver a letter for me, I understand that I am asking a stranger to deliver this piece of mail to the addressee on my behalf. That doesn’t mean that I permit them to open it and examine the contents whatsoever, right? In fact, that’s a federal offense.

     What I find massively interesting, is that in the digital world, these concepts that we’ve grown accustomed to, have completely been turned upside down, inside out and thrown away. Gmail can (and does) open your email, examine its contents and does whatever it can do to literally profit from it. If you write an email to your mom telling her you're looking to say, buy a new blender, you might just start seeing ads for kitchen appliances the next time you’re on Google. But it’s ok because you signed up to use their service and they told you they could do this if/when they wanted. And when you clicked through, agreeing to their Terms of Use, you essentially told the mailman he could read your mail for his own reasons and to his own benefit.

This is a total lack of privacy and it is everywhere on the internet. Everywhere. And it’s getting worse at an alarming rate. Make sure you're in charge of what you wish to be seen and protect that which you wish to keep private. Some things are alright to be "out there." And some not.

To know, but not to know too much. Anonymity? Privacy?

You decide.​

The Policy Update They Don’t Want You To See

     “We’ve updated our privacy policy.”

     There are just too many companies (websites) that won’t inform you of this. And it’s rarely a series of changes made in your favor. The worst culprits of this practice are social media sites. For the fact that they make their money by selling us out with all the information we offer them all day long, it’s of little to no interest to protect our privacy. In fact, these kinds of sites will suggest forgetting that you have any privacy to be concerned about in the first place.​

     On their site, that is true.​

     The truth is, they don’t REALLY have to answer to you. Make the product fun, and most of us will go along with the rules. The exception to this "habit" are financial sites, like banking sites, PayPal, etc. In fact, within the last few weeks, PayPal made an update to their privacy policy and informed their users of it.

     App developers are hungry to gorge on your privacy too. While the vast majority of app developers will list the specific changes they’ve made for the update, Facebook doesn’t give any details about any changes. Every time their app has an update, it’s always the same generic message:

     “Thanks for using Facebook! To make our app better for you, we bring updates to the App Store regularly. Every update of our Facebook app includes improvements for speed and reliability. As new features become available, we’ll highlight those for you in the app.”

     If you consider that Facebook is notorious for invading every morsel of privacy you don't intend to give away, then this generic message accompanying each update to the app is, at best, very misleading.

     That's an app, though. Most apps, if not all, give some insight to what the update is, though not usually related to privacy. Social media websites, as in viewing the site on a web browser, make no such announcement. On the contrary, they just change them from time to time, without any notice to you. It's part of the terms of use that you agreed to when you joined their special club.

     You know the "club" I mean. It's the same club they're using to beat your privacy to death every day you stay in their company.

     The title of the privacy policy update they don't want you to see: "You Have No Privacy Here."

     That's why more and more hackers, computer geeks and privacy advocates do not join social media sites. And why even more and more "everyday" people are deactivating their social media accounts.

     Just a little food for thought.

     

     

Everything You Want To Know, But Are Afraid To Ask

     Studies are coming out all the time now, confirming that the more we know we are being spied upon, the more it inhibits our inquiries and curiosities.

     When you go to post something on your Facebook page, Facebook can actually see what you type in the message box even if you delete it and change the words. So if you were banging your head on the floor trying to come up with a witty caption for that cat video you were posting, but everything you typed didn’t look good, Facebook has the whole history of your typing and deleting and retyping.​

     How does that make you feel?

     Well, wouldn’t you think that Google or YouTube would be the same? I mean, at this point, you’d have to assume so, even if you weren’t sure. So that basically means that the biggest sites on the Internet know the thoughts you’re thinking and trying to formulate, better than your closest confidant. They can put a whole psychological profile together on you and position you accurately to help make them money. Right?

     After all, that’s their purpose. To use you, and ALL the information that you provide… ALL the information, and find ways to monetize it. And if you see their numbers, you know they’re doing great at it.

     Again, I ask. How does that make you feel?

     Google, YouTube, Facebook, Instagram- these sites are here for one reason. To make you fall in love with them so hard, that you won’t realize what you’re giving up to use them. Not just your innermost thoughts, but arguably, more importantly, the WAY you think. When they can see your sequence of thoughts as you finalize a message to your friends and family, that’s as good as being in your head and watching the neurons fire.

     So, once more, how does that make you feel? When the Internet is the greatest single manmade resource for, well everything. You can learn anything. You can make money a zillion ways. Meet new people and find long lost friends. But at what cost? When the companies that provide the service by which we get to do all this stuff are trading our ability to use this technology only for our most inner, intimate thoughts? How does that change the way you act when you’re on Facebook? Searching for videos on YouTube? Researching controversial topics (nonstatus-quo) on Google? Do you police your thoughts? Reserve your creativity?

     Of course, there are alternatives. We’ve talked about that before on this site. Finding solutions to these issues that are growing and getting a stronger chokehold on the culture.

     What do we do when we have the whole world at our fingertips? If you had access to everything you want to know but are afraid to ask, for fear of whatever the reason could be, what would you do?

     Clear your tracks.​

Please Respect Our Privacy

Dear Internet status quo, please respect our privacy.

Not just when we have the bathroom door closed.

Not just when we have the “Do Not Disturb” sign hung.

Not just when it’s sealed in an envelope.

Not just when the doors are locked.

Not just when we are naked.

Not just when we’re on private property.

ALL THE TIME. EVERYWHERE.

That means the Digital World too.

Like an email that is sent between two parties.

Pictures we share of our children.

How many cat videos I watch an hour.

Which political candidates I like and dislike.

Where I shop, what I search for, what I buy, how I paid for it and where it was sent.

What I blog and where I’m blogging from…

The list goes on but let the point be clear. Our rights in the physical world are much more easy to protect and police. Which means they’re also harder (not hard) to violate. In the digital world, which in one respect appears to be more freeform, it is much easier to spy and surveil on one another. While many people remain unaware of the vulnerabilities of the internet, the number of informed citizens is growing.

It won’t be in the too distant future that it will be commonplace for everyone to be aware of locking their virtual door and sealing their digital envelopes. Looking at the older generations still alive now, we see they are much more often than not, intimidated and unaware of how the internet works. On the other end, 5-year-olds are learning way more than what most of us might consider basics. These days kids are learning how to use the internet before they know how to ride a bike.

With this changing world, we need to adapt in empowering ways. Demand your rights. Demand your privacy. They’re available, but they won’t be served to you on the proverbial silver platter. You have to know them so you can demand them. Perhaps we can be polite?

“Please respect our privacy.”

…perhaps not.

Let Not One Bad Apple Ruin The Bunch

February 20, 2016

Apple has drawn a line in the sand, so to speak.

It is debatable as to what that line means and signifies, but there is a line nonetheless.

Earlier this week, Apple released a letter to its customers, explaining that the FBI is asking them to create a new kind of phone with a backdoor. A backdoor meaning it would give them a portal for surveilling "terrorists."

This all came about in the wake of the San Bernardino terrorist investigation. There are details in this story still emerging by the hour, but one thing is definite: Apple has made a loud public statement opposing the very idea of stripping out essential aspects of its product that protect its customers privacy.

The FBI is using terrorism as an opportunity to get a foothold to something they've had trouble doing for a while. And making it a big public matter could be an effective strategy because there are still many Americans that all too willing to trade their liberty for safety.

Keep this in mind. Many people claim to be open to the FBI having remote access to their phones/computers, as long as it helps to protect them from "terrorists." The problem begins to pick up speed though when we develop a better understanding of their tactics and strategies. What they collect today from an innocent citizen could be used against that citizen 5-10 years from now.

If sometime down the road you do something that crosses them, they will use everything they can to make a case against you. Even if it was something that you said or wrote, privately, years ago. And they were able to do that because we granted them access to our private communications.

That is what it could look like. And you won't believe how the definition of "terrorist" could stretch. What if you were considered a "terrorist" if you supported an Independent or Libertarian candidate for President, and not a Republican or Democrat? What if you wrote on your Facebook page that you didn't agree with something the President said on TV? Could that make you a "terrorist" or a "threat" to national security? Stranger things have happened.

In summary, the FBI is proposing (trying to force Apple) to create a new kind of vulnerable phone that affects all of us. Even if you didn't care about NSA or FBI tracking and potentially building a case against you for the future, understand this- if you understood the phone the FBI wants Apple to create, you just wouldn't want it. I honestly believe that.

And remember, we're living in the physical world- nothing is 100% secure. Life comes with a degree of risk, and there's nothing any of us can do about that. But we should assume, demand, some "inalienable" right to protect ourselves, which includes our private thoughts. And "private thoughts" that we share are shared with the confidence that they will remain with those intended parties.

The bottom line is, in America, we have rights. As an American citizen, I have rights. Civil rights and constitutional rights. You, the government, your job is to protect my rights. Do not create legislation and policy that violate my rights.

I don't want to interfere with anyone else's "right" to live in fear and complacency, but I stand with Apple.

#Encrypt

Are You Opting In To The New World Order?

These days, if you’re on the internet, you’re doing it. You can’t set up an email account, join any social media site or shop any major online retailer without doing it. You also can’t bank without doing it.

The state of “Privacy Policies” today is not any particular websites policy about protecting your privacy. On the contrary, it’s their statement about how they may use any information you provide to them, or they can gather from your other internet activity away from their site and sometimes even your computer. Much, much more often than not, these are cleverly written and physically formatted so that no one wants to read them, so it’s now common practice to just automatically click the box to accept the conditions. But more and more we are learning that many companies are up to “other than good” intent. At least, not in our favor.

It’s not a matter of morality for the people in these businesses. It’s, “if the law lets us do it, then we will do what we can get away with until we no longer can, or until the slap on the wrist hurts too much.” So they are forcing legislation by way of a lack of moral judgement. That is another way the “World Wide Web” is like the wild, wild west. There is little to no policing, so it’s up to the individual to protect herself. When you accept the “terms and conditions” put forth by a website, especially a “free” site, these days, you could reasonably ask yourself if you are opting into the New World Order.

I recently watched the documentary “Terms And Conditions May Apply” again. You know, the one during which the filmmaker goes “undercover” to meet Mark Zuckerberg and ask him about Facebook’s Terms of Use and Privacy Policy?

It also shows an IM chat with Zuckerberg where he refers to Facebook users as “dumb f@$%s” for trusting him with their personal information.

It also has a few “interesting” anecdotes with former Google CEO, Eric Schmidt. Check it out. It’s a valuable primer on the subject and will get you thinking, discerning, about how you conduct yourself online.

It’s kinda like the adage, “you can’t make a good deal with a bad guy.”

Baby, Can You See Me Now?

December 17, 2015

I’ve been researching baby monitors for a little while now.

Like most (if not all) products to do with babies, there is no shortage of them; mostly to do with different levels of technology. The ones that really surprised me are the ones put out by companies like Foscam and Nest. These are video baby monitors with WiFi built into them, so if the parent is away from the house where baby is, you can still see him through the WiFi connection hooked up to the video monitor. I first read about the issues resulting from these devices being hacked in Mark Goodman's book Future Crimes: Everything Is Connected, Everyone Is Vulnerable And What We Can Do About It.

I totally see how this is cool, and how so many people are intoxicated by the new technology. I read some reviews on this product from people who were just learning that this even existed and the response echoes repeatedly, oh that’s so cool. It’s always the “cool factor.” I don’t see it having much to do with safety factors. After all, baby monitors, as electronic devices, haven’t existed for most of civilization, and when they did come around, they just monitored audio. Not anymore. Now, for parents that are sensitive to the latest and "greatest" gadgets, we have video monitoring devices that can be employed wherever in the world you may be, as long as you have an internet connection.

I can’t help but wonder, if I can tap into this video feed wherever I am, what’s to stop someone else from doing the same thing? The answer? Not much. It’s just a wifi connection. While it certainly has it's security measures in place, if someone wants to hack it, they’ll find a way.

I think we’ll be opting for the old-fashioned radio frequency-based monitor. How easy are those to hack? Some crazy bastard would have to be standing out in the front yard. They don’t have the wifi capabilities that the new fancy ones do. They work right within the confines of your house/property.

While baby monitors are not completely up the road of “clearing your tracks,” it’s important to note that this is Big Brother’s twin sibling. There is tremendous vulnerability on the internet, but similar vulnerabilities are also creeping into our regular day-to-day household items at an alarming rate. The internet and the "internet of things," (IoT). They're really two heads of the same monster.

Be aware of the big picture. The old world is gone. If we want to be safe, we need to take calculated, conscious steps to ensure our security. It’s simple and relatively easy.

We just have to do it.

Do You Want To Know A Secret?

December 12, 2015

Do you want to know a secret?

Creativity is the name of this game. And it doesn’t just flow. Not just under any circumstances.

When The Beatles were preparing to record their next album in late 1968, the idea came up to film the whole process of album creation. That would include them working out all the songs from their roughest form, and the audience would follow them through their evolution. They actually set up in Twickenham Film Studios. This was not a place where music was recorded. It's a place where movies are made. A very different atmosphere than what they were used to at Abbey Road.

What started out as a unique and fun idea quickly turned sour. First of all, they were used to starting work in the studio later in the day and going to the wee hours of the morning, sometimes pushing dawn. Now, they working on working class schedules. As John said, “you can’t make music at 8 o’clock in the morning!”

Second, with the tensions growing among the band members at this time, being filmed was the last thing they needed as they worked on these new songs. During the early stages of one song, Paul and George are shown having a bit of a fight about something. The camera’s off to the side, and we are watching the four of them sit there. George is trying to get Paul off his back about playing something incorrectly, and when the camera cuts to Ringo, we get a clear sense that this is uncomfortable even for him. A few days later, John and George get into a massive fight, presumably off camera. George quit the band that day after lunch only to return a few days later after they agreed to move the band back to a more comfortable setting and just finish the album. The concept of filming the creation of this album had taken over, and it had become too much.

Obviously, they eventually finished the album, which was Let It Be. And while all the other Beatles films have long been officially released on DVD and Blu-Ray, Let It Be remains an unreleased soar spot. Rather than document the creation of their album it recorded the dissolution of the band.

I’ve always liked that album and the bootlegged DVD copy of the film I found years ago, but it can’t help but be noticed that the filming of their private, creative process had an impact on their behavior. And this was just filming they were in total control of. Closed-circuit. Nothing externally imposed. They could have burned all the reels if they wanted to and ever showed anyone. But even still, knowing they were being filmed in privacy, it had an impact on their behavior- in a less creative, free way.

It’s one thing to make a recording of audio or film that is intentional. When the recording is being made for the sake of recording. Like when The Beatles sang into a microphone. This kind of intentional and conscious recording is one thing. It’s another whole thing when the recording instrument is off to the side, as a witness.

I argue that such acts of creativity are more fruitfully done in “secret.” And how far does that line reach? Writing a book? Singing to my infant son? A family making dinner? We have technology all around us now that lets anyone tap into our business as long as they have the simple know-how and a lack of morality. Microphones on cell phones can be remotely turned on by hackers or NSA, even with the phone off. There’s also no shortage of the woes surrounding desktop computer cameras and microphones. Same thing with devices like the Amazon Echo.

The Beatles had no “secrets” when they were making Let It Be. But, with the cameras off, they were probably better off keeping it a “secret”.

Private Parts And Shopping Carts

Many people are concerned about staying safe and anonymous while shopping offline. Major brands like Target, Neiman Marcus, Michaels, Home Depot, etc... With all the stores that have had their point of sale system hacked over the last few years, this has been an issue that needs remedies. One such remedy is quite simple.

Cash.

Now, it's not as easy as just paying with cash. Not these days. There are a few things you want to consider during the transaction. Some of these stores want your email address or if you special order something they may want to put your personal information into a computer. Especially if they store it all in a register that doubles as a computer.

For example, I like to shop at my local bookstore. They have a great mix of new and used books. They can also order pretty much any new book you want if you can give them the ISBN number. He jots your name and phone number down on a post-it note and calls you when it’s in! And the he has a very cheap register that has no computer/wifi connected to it. Just a plain, old cash register. Now this is in far contrast to Amazon.com which stores all your search and purchase history in unencrypted text. So, as former NSA-whistleblower Edward Snowden said, “If you look for the book 1984 on Amazon, NSA knows about it.”

So if you want total privacy, we have that option. The idea is- brick and mortar stores. With cash. And low-tech.

You can do it at big-box stores too. Sticking with the previous example of a bookstore, it works totally fine at Barnes and Noble. Though if you wanted to special order something, they’d probably have to put your name and contact info into a computer, which will be attached to what you are buying. You could, however, ask if they might just order the book for the store’s general stock. Keep tabs on the website or call them a week or so later and head over once it’s in stock.

You can take this idea and apply it to any business. It’s simple too. You’re not going out of your way at all, or at least to a minimal degree. Let’s say you’re 17 years old and exploring your sexuality. You live with your parents, and they’ve given you a credit card. You might not want to use that credit card to purchase a book on homosexuality. What you want is a simple and private transaction. Cash at a local merchant. You certainly have the right. When you get off the internet and go to a store up the street you give yourself the option. 

Since cash is still anonymous, we better take advantage of it. There’s been talk for a while now about putting RFID-style technology in dollar bills. While some high tech engineering does going into dollar bills, we’ve at least managed to keep it anonymous. For now.

These days with so much shopping being done online, and most of the money being transferred electronically, it’s a good reminder that old-fashioned cash is still anonymous and secure. Quite easily, you can avoid hackers and trackers by just supporting your local business with a few folded bills in your wallet.

No one needs to know what book you’re buying. Just like closing the bathroom door at home is completely reasonable, so is buying a book with cash.

Your private parts and shopping carts are your business!