Category Archives for Security

Banking On Safety On Cyber Monday

November 29, 2015


This is a major pet peeve of mine.

Do not use your debit card online. Hackers can perhaps surprisingly easily break the encryption around your debit card that puts your whole bank account at risk. If your debit card gets hacked, you may have a challenging time getting that money back.

Instead, use your credit card. They're traditionally much safer and more secure. And disputing a charge on your credit card is much more user-friendly than trying to replace funds from a debit card hack.

Additionally, you can also use a Simon card or a credit card gift card. These are even more secure since they operate as simple gift cards that can be used practically anywhere. One thing to keep in mind when using them is that you sometimes need to register them when making purchases online, which means attaching your name and address to it. It isn’t required with every use, but if you go to purchase a $75 item with $100 on the card, even though you have sufficient funds on the card, the merchant may have stricter security measures and not allow the transaction to complete if the card has not been registered. Then you have to wait for the card company to refund the money back to the card, which of course takes them about a week to do.

If you’re looking for near-total anonymity and security when shopping online, one clever way to go is to use a Coinstar. These machines are all over the place in the US, UK, Ireland, Canada, Puerto Rico and Mexico. You can cash coins in and get cash for a small fee, OR you can cash coins and/or cash in and get a gift card for many businesses, including for NO FEE. You don’t have to give up your email or street address. Simply give the machine your money and it’ll give you a coupon code to many businesses.

Now, if you are concerned about spying and monitoring of purchases by the NSA, then beware that these approaches don't address that concern. Even if you use a browser like Tor to shop on say, Amazon, they can still get access to that if they want. It's best to assume that the NSA can monitor anything you do that leaves a paper trail. Even if you use a service like Coinstar, they can access the purchase on Amazon, and trace the gift card number back to the specific Coinstar you used in which grocery store. And that whole transaction obviously has the shipping address you used to have that purchase sent to you. If you're concerned about this, then see the next post about keeping yourself completely anonymous from even the NSA.

It's actually quite easy.

Until then, I hope you're having a fantastic holiday season so far! Be safe and have fun.

Caught In The Deep Web On Silk Road

Wow. I just watched Alex Winter’s new documentary, “The Deep Web.”

If you haven’t seen this, I highly recommend you check it out now. Since you’re obviously online, it affects you and numerous rights that you hold assumed. The implications in this film are far-reaching and long-lasting.

It’s the story of the deep web and Ross Ulbricht, or as he was allegedly known on the Silk Road website, “Dread Pirate Roberts.” (As you may have imagined, the name was taken from the mythical Princess Bride character.) I don’t want to spoil the film for you but here are some key points to get you to check it out:

- Ross Ulbricht is an intelligent guy. He held multiple degrees, including a Master’s from Penn State, where he attended on a full scholarship.

- He supposedly started Silk Road to create a community for, probably among other reasons, to minimize the violence that is encountered through drug transactions and the overall “War on Drugs.”

- Through the forums on the Silk Road website, he wove a very clever political message and created a very large community with it.

- The story of Wired magazine senior editor, Andy Greenberg’s early correspondence with Ross on the Silk Road forums.

- Ross’s parents are interviewed extensively. Their presence sheds an interesting light on the dynamic of his family life. His sister is also featured.

The film shows some of the messages written by Dread Pirate Roberts, (aka, “DPR”) on the Silk Road website. “He” makes clear that Silk Road is not about drugs, or guns, or “sticking it to the man,” but more about freedom and citizen rights.

That does, however, contradict the fact that much of Silk Road ended up being about drugs, guns, and illegal activity. At least to those outside Silk Road. Additionally, while Ross was studying at Penn State, he became interested in Libertarianism.

This philosophical connection to DPR seems to thicken the plot a bit.

One of the initial challenges I think he will face regarding the public's opinion is the identity of the DPR character. Ross denies being DPR, but he was arrested in a public library in San Francisco with his laptop opened and confiscated while he was logged into the Silk Road website. With that evidence the government says Ross is DPR.

Ross admits starting Silk Road but denying being DPR with the government having his computer with all kinds of damning evidence (including a journal he supposedly kept of the whole Silk Road creation) may present a challenge in the court of public opinion.

According to the film, the judge that Ross faced in court significantly restricted the Defense’s ability to counter much of the evidence and witnesses presented by the prosecution. One of the most troubling aspects of the whole case is that the FBI never had to disclose how they -seemingly- hacked the Silk Road servers. They had no warrant so it seems as though they may have violated Ross’s 4th Amendment by what may be an illegal search and seizure. The Defense was not allowed to bring this matter up during the trial.

There is still tremendous mystery and fear surrounding the Deep Web. Ross Ulbricht's story is one of getting caught in the deep web while on the Silk Road paved with Bitcoins and the FBI hot on his trail for years. There is so, so much to this story and film. And it affects all of us. I highly encourage you to check it out.

Here it is on their website. Also on Hulu.

It’s a great film. And an important one. Whether you agree with the outcome of the trial or not, this is a Landmark Case and affects everyone in the world of Internet Privacy and our rights surrounding it.

Secure: The Phones They Don’t Want You To Have

October 26, 2015

Edward Snowden, Steve Jobs, and Google walk into a bar- sketch some ideas on a napkin…

Well, I suppose, that’s not exactly how it happened. But, that it did happen is twice as intriguing and thrice as cool.​

In a nutshell: A smartphone running on an Android-based software system. They call it SilentOS.

I’m talking about the latest edition of the Blackphone (Blackphone 2) released by Silent Circle. It looks like a smartphone, but it’s intelligence reaches far beyond that of the smartphones we are used to. It reaches into a different direction. “Privacy Without Compromise,” they say.

Is it perfect? No. Is it better than the common iPhones and Androids? When it comes to matters of privacy and the sovereign rights of the user, we have to say yes. Anything is hackable, but what we have here is going in the direction of our best interest.

The point is that they are addressing a growing concern that companies such as Verizon, AT&T and other telecommunications companies are selling their customers out to a number of sources, including governmental agencies. And the common smartphones most of us use are much more vulnerable to hackers and trackers.

Silent Circle, the makers of the Blackphone 2, are not alone either. Boeing actually makes a similar type of “secure” smartphone. They call it the Boeing Black. Lastly, FreedomPop has what they call, the “Privacy Phone,” sometimes referred to as the Snowden Phone (a reference to NSA whistleblower Edward Snowden). It's advertised to “protect your privacy from hackers, government agencies and spyware.” I’d like to try all three of these out. Give ‘em a test drive and see how they fare.

Have you used any one of these three smartphones? Let us know in the comments. I’ll keep you posted as I explore them too. There are a lot of excellent reviews of the Privacy Phone on the FreedomPop website. I’ve also heard good things about the Blackphone 2. A lot of improvements have been made since the original Blackphone came out in early 2014.

Again, check these out if you have yet to hear about them:

Blackphone 2, from Silent Circle.

The Privacy Phone, aka, the Snowden Phone, from FreedomPop.

And the Boeing Black.

The phones they don't want you to have. To be mobile and keep thy tracks cleared.​

Facebook I Love You But Just As A Friend

October 25, 2015

     Have you ever had a friend that you love, but always tends to cause trouble?

     Maybe you’ve been friends for a long time but they always seem to cause some kinda problem or manifest some strange drama? You love 'em, but it tends to get on your nerves, right? I knew a kid like that when I was younger. He was a good kid, but he did the most outlandish things to get attention. The only thing that ever happened was he got on everyone’s nerves. And if sometimes he was with a group of us, he got us in trouble. And the kind of trouble you had no fun getting into.

     This is what Facebook is becoming. That friend.

     What I’m referring to specifically, is the Cybersecurity Information Sharing Act (CISA). It is a proposed law that has been introduced and re-introduced in the Senate since mid-2014. In the summary straight from, the law intends to:

          “Permits private entities to monitor and operate countermeasures to prevent or mitigate                                             cybersecurity threats or security vulnerabilities on their own information systems and,                                                 with written consent, the information systems of other entities and federal entities.                                                       Authorizes such entities to monitor information that is stored on, processed by, or                                                       transiting such monitored systems."

Now, what is rather interesting about this is that the tech industry, security experts and the public, in general, all object to this law.

All, that is, except for Facebook.

That doesn’t come as a total surprise, but it is causing a lot of commotion since Facebook has always been in the realm of controversy for violating users rights. In the United States, we have privacy rights. What CISA aims to do is give any “good ‘ol boy” company legal immunity for playing along.

If “Company A” (e.g. Facebook) gives the U.S. government the private data of its users, even though that used to be illegal because of privacy laws, they (Company A) will be granted immunity.

This is being sold as “cybersecurity,” but all that private data- who knows all the reasons they want it for? One thing we do know- they can use it for more than just security reasons. Even though the vast majority of the general public, tech world and security experts are screaming out against this, lobbyists are pushing for this like their life depended on it.

Lobbyists like Myriah Jordan, Facebook’s Public Policy Manager, who before she went to Facebook, worked for Senator, Richard Burr, the Senator responsible for re-introducing the CISA bill. Facebook itself is lobbying for this bill to be passed into law.

The bottom line? Facebook is not our friend. Facebook uses us, as you might use some thing. Like, say, a product. We are a product to Facebook and entities like the government (and other businesses) are Facebook’s customers. And these businesses like the U.S. government have a vested interest in making deals with a company like Facebook regarding their product.

If you would like to sign a petition to encourage Facebook to back off on their support of CISA, then check          this page out at

I love you Facebook, but just as a friend. One that may need to be put into check if you keep stepping on my toes.

And playing with the devil.

One Major Piece Of Computer Security You May Be Missing

There’s no shortage of analogies of the human body and computers. I’m throwing one in the mix from a different angle. It's likely one you have not heard before. It is a concept that most people are unaware of regarding either side of the analogy.

Here goes. A computer is meant to have two levels to its immune system just like the human body does. It's the one major piece of computer security you may be missing. But, what does this mean?

Well, first of all, let’s talk about the immune system of a human being. We have the inner layer and the outer layer. Most people think of the white blood cells as their primary defense shield. White blood cells have long been given top billing when it comes to immune system awareness. That is not true, however. The front lines of your immune system is your skin. It’s actually the whole “outside” of your body.

More specifically, think of your body, very generally as the shape of a donut. Your skin is the outside of your body. But your mouth is the outside of your body too. In fact, from the mouth all the way to the anus is a tube, like a river that varies in size and width at different points.. And it’s the outside of the body. It’s the “hole” in the center of the donut. Just because the hole is in the center of the donut, that doesn’t mean we call the inside walls of that inner circle the inside of the donut. It’s the outside. It’s the same thing with the human body, from the mouth to anus.

With this awareness comes the understanding of immunity. Your skin (and mouth all the way through that whole tube) is the body’s first line of defense. If something gets through the skin or that first layer of defense, THEN the white blood cells are called into action. At that point, it could be attacking the heart, the liver, the kidneys or the immune system itself, depending on the intruder. The immune system needs to be highly intelligent and continually educated as to all the potential threats it can be facing, to stay prepared.

It’s the SAME way with computers. Computers have/need an immune system. Computers themselves, and all the applications we have on them. So for instance, you can have an ANTI-VIRUS program installed on your computer. Wouldn’t you want one of those in your body? An ANTI-VIRUS program? See, some people get the idea for the computer, but not the human body, or vice-versa. You could have a VPN service employed for your internet access. Something as simple as having a piece of tape over the camera on your computer could protect you from a whole array of things, spy related.

It’s all about preparation and protection. That’s what immunity is about. In your body and on your computer. Your computer needs an immune system. It doesn’t even come with one. You need to build it. Here are a couple key points to understand computer immunity:

- Like your body, your computer needs immunity from multiple angles. Just like your skin has multiple forms of immunity in the form of bacteria and hormones to protect from different things, your computer needs similar type protections. So you may have a password or passphrase to log into your computer. Then you may have anti-virus software installed. There are a whole number of different things you can have just to protect the computer itself.

- Then you have all the applications. These relate to the organs in the body. For example, do you share files online with a company like Dropbox? Well, there are vulnerabilities there. Loopholes have been found in Dropbox’s system that can put you and your information at risk. On the other hand, SpiderOak is a service that has a much tighter, more secure system. Think of it like this: Dropbox was grown with pesticides. SpiderOak is organic. So think of all the Apps on your computer and make sure they’re safe and secure.

- Think of your computer’s immunity as the immunity for the human body. It needs to be intact, prepared and strong. It needs to be fed and tended to on a regular basis. There is no “cold season” in the computer-hacking-security world. It’s open season year-round. Be prepared.

Now, it's up to you. You have to be proactive. The government's not coming to your aid on this one.

It’s one of those things- it’s simple. But you have to do it.

Preventing Your Child’s Digital Footprint

With tons of kids going back to school in the last week, we once again see a slew of pictures from proud parents. All over social sites we see little tikes getting on and off the bus, posing in their new clothes and all excited to get to school. It’s a very innocent and customary thing to do. I remember my mom doing it when I was younger.

Before the internet, you had to take pictures with an actual camera and then drive the camera to a store for the pictures to be developed. My mom kept those pictures, maybe sharing a set of doubles with my grandparents, right? Other than that, no one saw me getting on the bus the first day of kindergarten. The technology has changed so fast even though it wasn’t that long ago. Digital photography with a WiFi connection is a total game-changer. When they get posted on the internet, those images are given to that site and any third-party to which that site is affiliated.

As I’ve written previously, my wife and I have a young son. I’m inspired to learn how to best proceed when speaking about him or posting pictures or video of him online. To date, we’ve been very conservative about that. It’s encouraging to see the growing concern and discernment of parents in this regard. We are seeing a growing number of companies demanding one’s login information to certain sites when hiring. Is this the future? Will there be a section reserved for your Facebook login information on job applications? Will passwords for our email address be a permanent fixture on our resume? That is the direction we are heading.

Then there’s the very real concern of cyberstalking-pedophiles. Facebook, particularly has proven to be an effective tool for these monsters. Parents post their home address, pictures of their children, the school they attend, etc. That is a whole crazy topic of discussion itself.

We’re in a brand new world. Adults are learning as they go, intoxicated by the fun and seducing qualities of all the exciting technology. We’re slowly growing up, though. As in life, it’s not about saying “it’s time to grow up, no more fun.” It’s just time to realize that while we’ve been having fun the party got a little out of control. But I believe you gotta have fun in life. That doesn’t seem to be a common part of the conversation when talking about online privacy and the invasions of it.

That’s all Clear Your Tracks is about, though. It’s like when I explain to my son why it’s a good idea for him to wear a helmet when he rides his bike. We have the conversation; then he’s set. He can now spend the rest of his time having fun on his bike. He’s not consciously burdened with all the reasons running through his head on why to wear a helmet. You learn some tools and ideas that help you do a thing responsibly, and then you have fun doing it. We’re going to continue to learn all sorts of strange behaviors and programs currently in play on the internet. As of today, there are a countless number of them. And they’ll keep coming from all different directions. It’s just a part of life. That’s not the problem. We can handle that. By the fact that a problem has presented itself means that there is a solution to discover. We’ll continue to probe all these issues and find the best solutions.

Preventing your child’s digital footprint is a challenge. After careful thought, it’s also something you may decide is a necessary challenge. It’s clearing your tracks and your child’s tracks while also considering potential paths we may not want them on at all if we knew where it could lead.

Just food for thought from a concerned father.

Protect And Serve Your Own

August 15, 2015

​I grew up -as we might say in New England- in a wicked safe neighborhood. I mean, I was a kid. It felt safe to me. And looking back, it was. It was the 80s. A group of us kids could get together and bounce around to each other’s house all day long. We'd play kickball at one house, have lunch at another and then ride our bikes up to the end of the road and over this big log on the edge of it to the convenience store. We’d buy some baseball cards and big league chew with the money we got from mowing lawns or washing mom and dad’s car. We could be hanging out all day long without any concern on the part of our parents. All the kids could play outside on a beautiful summer day, all day long, unattended, and it was totally safe. Today that same neighborhood may appear to be very similar. In many respects, it may still be, but with the advent of the internet and related technologies we’ve added a few dimensions and gone a little deeper into the rabbit hole. We didn’t lock the doors in my neighborhood, and I didn’t know anyone with a computer.

Many kids today have their own computers and smartphones. A computer and smartphone with an internet connection is a total game-changer. Every movement of a child carrying a smartphone is at risk of being tracked with the Location Services turned on. Location Services switched on tells the tracker (or hacker) where they’ve been, the route they took to get there and how long they were there. Apple says they store this information temporarily for them to better serve our needs as customers and assist in improving the product. However, more and more reports are coming out that these types of tracking abilities are being utilized by official channels like the National Security Agency. After all, their internal motto is Collect It All… In addition to that, there is always the threat of a hacker.

What is the purpose of all this data collection? Why is it necessary to have the ability to track everyone all the time? These are ideas that are imperative to explore further. This world is a beautiful place. In fact, it’s perfect. And there are, and always will be, people and subcultures that are working against the general public's best interest. Defending ourselves against those threats is a core purpose of this site. The kind of monitoring that is in place now though is very unsettling.

Little boy with smartphone

That can’t be the kind of world in which we want to raise our children. Of course, we are learning how to change it. At the same time, we need to learn how to work with the current circumstances. That is what clearing our tracks is all about. Be conscious of the tracks you make and the way you make ‘em. That’s a basic principle of life. These days, with computers and smartphones especially, be careful of who’s following the tracks you make. In fact, it may be better just to erase those tracks as much as you can. Even the most innocent child with a smartphone in their pocket, riding their bike around an otherwise friendly neighborhood is subject to potential harm. Let’s change that.

It’s up to us, the family. Protect and serve your own. The responsibility is too important to leave to the professionals.

The Clam Chowder Two-Step Protect

Remember in the original Ace Ventura movie when Ace goes backstage at the metal concert and knocks on a door? We don’t know what’s going on, but a voice then asks him for a password. He responds, “New England Clam Chowder.” There’s a pause before the voice comes back, “is that the red or the white?!” He guesses “white” and the door opens. His computer-hacker buddy Woodstock then greets him.

That's a great tip for internet security. I call it "The Clam Chowder Two-Step Protect". You can also think of it as just a two-step authentication when setting up passwords on various sites. Sometimes this can be even more than two steps. The more, the merrier. On top of enabling two-step authentication, do not click the option to “remember this password.” Consider using pass "phrases" instead of single words. The more hurdles you need to jump, the more hurdles a hacker needs to jump.

The concept is simple. Make the pass "words" long. Make them ALL different. Always have to type them out. Change them every month.

To be continued.


Enter your text here...

A Dark Act To Follow

What would you do if you woke up tomorrow and found that your debit card was hacked after shopping online? Or someone cracked the password on your email accounts? How would you feel if you knew government agencies were spying on you through your webcam, even though they didn’t even suspect you of any wrongdoing?

All these things have happened to millions of people. In fact, my wife and I were once both victims of debit card hacking- in the same month! We also have a young son. I need to protect him from and prepare him for this world.

snowman hacker

Protecting ourselves in a brave new world from such offenders is imperative. As we learn about ways to protect ourselves against these kinds of acts we inevitably open a Pandora’s box on matters far beyond our imagination as to who is a threat to us, our family and why. It’s not just the anonymous, nefarious debit card hackers. It’s companies and public officials we were taught to believe operated in the best interest of the public. It’s a mad world that we need to understand, so we don’t fall prey to it. And so that we may rise above and enjoy it as it should be!

How do we do this? How do we protect our personal, social and financial identities as law-abiding citizens? That's what we must learn. We are decades past 1984. Ignorance of these present-day circumstances is a dark act to follow. The time to act is now. You’ve found this message, so it’s not too late.

I’m the Snowman. I’ll show you how to protect yourself and… clear your tracks.