Privacy and Security News and Tips 20160628

Law-abiding citizens value privacy. Terrorists require invisibility. The two are not the same, and they should not be confused.Richard Perle

Weekly Tip

Protecting your Personally Identifiable InformationIn this ever changing time, and with the constant influx of social media platforms to choose from, everyone is likely to find something that intrigues them. We have Twitter for short thoughts, Facebook for long ones, Periscope for videos, Instagram for photos, and numerous other for everything under the sun.

If you are one to flock to a certain platform, or even multiple platforms, be aware and ever vigilant with your privacy, security, and safety as well as that of your family. Each and every platform has some level of privacy and security setting that will allow you to control what information is used and shared with other users, the platform, and possibly their affiliates. This information can be your location, your shopping and/or browsing habits and history, your posts, your photos, your personal information such as name, address, phone numbers, and email address(es). If you do use social media, put some thought into what you do want to share, and make sure to fully explore all of the settings and options for the platform(s) you choose so that you can remain as safe and secure as possible while still participating in the social expanse.

As always, your privacy and security are up to you to control. And while it takes time now, and on a regular schedule to maintain said privacy and security, the peace of mind and the knowledge that you and your family are less likely to be a victim is well worth it.

Interesting News

Social media apps are tracking your location in shocking detail

Location Tracking: 6 Social App Settings To Check

Social Networking Privacy: How to be Safe, Secure and Social

How Social Media Privacy Settings Could Affect Your Future

If you enjoy this newsletter and know anyone that would be interested in the information contained, please pass this along or subscribe here.

Privacy and Security News and Tips 20160621

There’s no harm in hoping for the best as long as you’re prepared for the worst.Stephen King, Different Seasons

Weekly Tip

With the summer travel season in full swing and the current state of our world it is wise to be prepared for problems,which brings us to a tip I read some time ago and have had in practice since then with minor adjustments for changing technology and environments.

Protecting your Personally Identifiable Information

Think about the contents of your wallet or purse. How many credit and debit cards, id cards, medical information, passports, etc do you have or take w

hen you travel? What happens if you lose them or they are stolen? Do you have medical issues, severe allergies, medical devices? What would you do if you were in a foreign country and had to replace the cards, prove who you are, or needed medical attention after having your wallet or purse stolen? Have you ever thought about making an emergency flash drive to carry your important information securely. I have, and that is today’s tip. To make this drive you will need a few items.

  • A physically small flash drive that is at least 2 GB formatted with exFat for maximum compatibility
  • A copy of VeraCrypt
  • Access to a scanner

The basic layout is as follows.

  1. Format the drive exFat
  2. In the root of the flash drive you will have a text file (MUST BE PLAIN TEXT) with some basic information (name, address, phone, “I AM AN AMERICAN CITIZEN”, “I HAVE INSURANCE”, include emergency contacts also) Title this file EMERGENCY.
  3. A file titled “Medical” that lists your medications, and allergies to drugs, foods, or bugs, as well as your primary care physician’s contact information. This document says “I HAVE HEALTH INSURANCE” at the top of it, so that you don’t run the risk of being denied treatment. If you have traveler’s insurance, put that info in here as well.
  4. A file of “credit card contact info” with details for each card you carry. Use this to quickly cancel your cards if your wallet is lost or stolen. Do not include the CC number, CVV, or expiration date. That data is in the secured partition of the drive.
  5. A scanned image copy or digital photo of your insurance card, front and back.
  6. A web browser. You can get portable versions of Chrome, Firefox, and other browsers that will run directly from the drive—more secure than using a public terminal loaded with who-knows-what snoopware.
  7. Install VeraCrypt and create a portable install on the flash drive
  8. Create an encrypted container on the flash drive approx 1GB in size and make sure to use a memorable but highly secure password
  9. In the container you will have the following items:
    1. Scanned copies of each of your credit and debit cards, front and back. (jpg format)
    1. A file titled “CCNs” that lists the account numbers, expiration dates, and CVVs of your cards as well as the toll-free contact numbers and international collect call numbers for each company. (plain text)
    2. The routing and account number for bank accounts, phone numbers to your local bank’s branch office. Be ready to have money wired or to freeze accounts. (plain text)
    3. Scanned copies or digital photos of your passport, your driver’s license, and at least one other form of state-issued photo identification. (jpg format)

Now that you have this drive, you will need to determine the best means of transport and security for the location and environment. There are drives that are “rugged” and will be fine on their own in most environments, but if you will be in a rainy location you may consider a watertight container. The drive should be on you at all times while traveling and should not be on your keys in case of theft. I carry mine in a “go tube” inside my clothing, but you can wear it as a necklace under your clothes or secure it to the inside of your clothes somehow. The idea is to have it not be subject to a pickpocket or being lost.

Interesting News

Facebook begins tracking non-users around the internet

Stop Facebook From Following You Around the Web

Secret Text in Senate Bill Would Give FBI Warrantless Access to Email Records

Web developers, meet WebGazer: software that turns webcams into eye-trackers

If you enjoy this newsletter and know anyone that would be interested in the information contained, please pass this along or subscribe here.

Privacy and Security News and Tips 20160614

Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.Kevin Mitnick

Weekly Tip

Protecting your Personally Identifiable InformationThe past few weeks brought news of a rush of new hacks and old ones brought back to light. We saw LinkedIn, Tumbler, and Twitter with breaches in the tens of millions of accounts. We saw major celebrities get hacked from Mark Zuckerberg and Lana Del Rey, Katy Perry, the NFL, and DeRay Mckesson.

The story of DeRay Mckesson (see links) is the ultimate motivation for this tip. While most of the celebrity hacks were achieved due to poor security practices such as reused passwords across platforms, weak passwords, and not using two factor authentication (2FA) where available, DeRay was following all of the best practices and was still hacked. When you consider 2FA uses your cell number to send you a text in many cases, have you secured your carrier account with all of the available security measures they offer? In many cases someone can call in and have a new phone assigned to your number which will allow them to receive your 2FA codes and bypass your security. You should visit you cellular account and make sure to enable a security pin right away. It is free and easy and will give you that extra layer of protection that could be the difference between security and insecurity despite all of you other efforts.

As always I do suggest strong, unique passwords for every account as well as unique usernames when feasible. I also suggest unique disposable email addresses for each account if possible. To make this manageable a good password manager is also recommended.

Interesting News

DeRay Mckesson, activist, disavows Trump endorsement after being ‘super hacked’

Mark Zuckerberg’s Twitter and Pinterest accounts hacked, LinkedIn password dump likely to blame

Check your BITS, because deleting malware might not be enough

Researchers Turn Smartphone Vibration Motor into Microphone to Spy on You

If you enjoy this newsletter and know anyone that would be interested in the information contained, please pass this along or subscribe here.