mtony75

40 something geeky dad –> Mastodon

Anthony Cousins post via @kdbowe on Instagram sums it all up for me beautifully.

This has to be the brightest rainbow I've ever seen. Felt like it was landing right on somebody's house.

Welcome again to another Cyber Security Awareness Month tech tip. All October long digital citizens all over the Internet will share tips and best practices they use to help protect their digital lives. For most people online cyber security is not a top priority. Not always because they don't care. Mostly it is because they have never thought about the implications of their actions online. Actions like pressing “Reply All” to a mass email or checking in at a location on a social network can leave data about ourselves open for people we don't intend to see and use against us. That is why great thought and care must be used when doing anything online.

Be Careful With Your Location

Never before in history have human beings been able to record their lives in such detail as they do now. With the modern smartphone anyone can catch the most mundane to life defining events in high definition. Be it with a simple image, video, algorithmically generated filter, or augmented reality moments can never be forgotten. With the help of a GPS radio though locations can be remembered forever as well. Don't get me wrong. Location data on photos can be a very useful feature. But in the wrong hands and with enough data someone can map out your entire routine. Enough photos during the day when you should be working and your job location can be figured out. Same at night and now your home address is exposed. So location should be a very private and secure part of your digital identity.

Strip Location From Public Posts

When sharing details about your life publicly you should try to remove location data from your photos and video. Especially if your are sharing around areas you are at everyday (i.e. home, work, regular restaurants, post office, etc.). Directions are different for each platform you use so you should become familiar with them all.

  1. When emailing photos to people you are not completely familiar with use an app or the operating system your are using to strip location data from the images.
  2. When sharing photos though a social network (i.e. Facebook, Twitter) or a photo storage service (Google Photos, Flickr) make sure photos shared though the service removes or blocks location data.
  3. If possible use photo editing tools to create a soft focus effect that will obscure landmarks and street signs in your photos.

Location information in the wrong hands can compromise the digital and real world safety of not just your but your friends and family. So it is important to take the proper precautions when sharing information online. Remember that all October long is Cyber Security Awareness Month #cybersecuritymonth. So please share any and all tips you either see or can think of that will help other digital citizens appreciate how important protecting their data and identities online is.

References

Cyber Security Awareness Month Tip #1

Previous Cyber Security Tech Tip

Remove EXIF Data in Windows

Remove EXIF Data in MacOS

Photo EXIF Editor Android

Photo GPS Location Remover iOS

Welcome digital citizens to another Cyber Security Tech Tip. As a reminder throughout the month of October in observance of Cyber Security Awareness Month I will try share a tech tip each day that have helped me how to keep my digital security in mind. Cyber Security is a topic that far too many Internet and computer users do not pay enough attention to. Not that it is completely their fault. In the process of learning how to save Word documents, watch streaming video, and updating social network statuses we aren't taught or told how to protect our data. And because we are all so connected if my systems and accounts are compromised I increase the risk for the same happening to all the people I correspond with via email, instant messaging, and social networking because personal information I have collected about those people is apart of my data footprint. Data that can be mined and weaponized.

Keep Your Web Browsers Up-To-Date

Be it on your mobile phone, tablet or computer your portal into the Internet is usually a web browser. Pretty much the letters “http” and “.com” are apart of the global lexicon. So a large portion of a person's digital footprint goes though their web browser of choice. That makes a web browser a very advantageous means to target and collect data. When a vulnerability to a web browser is found it is a very serious matter. Updates must be installed immediately. If not every piece of data that your push through or receive from your web browser of choice can be intercepted by a third party. So at least once a week check your browser to make sure it is running the most current updates.

Google Chrome

In Google Chrome you want to click on the triple dot button in the upper right hand part of the browser menu. From there go to Help –> About Google Chrome. You will see a window pop up that gives you current information about the version of Chrome you are using. If there is an update it will download it and give you and button to restart the browser to apple the update.

Firefox

The update method for Mozilla Firefox is quite similar. You will want to chick on the Hamburger Menu (triple dashes) in the upper right hand part of the browser window. From there click on “Help” –> “About Firefox”. As with Chrome a window will pop up with current Firefox information. If an update is needed it will update and give you a button to restart the browser once it is ready.

Edge

Edge is a Microsoft product. As long as you have Windows Updates enabled patches for Edge will run in the background when available.

It is important to make sure you are running up-to-date software. With web browsers being most digital citizens primary entry point to the Internet they should be the first software applications you check updates for. Remember to pass on any tips you see or think up all October. And have a safe #cybersecuritymonth.

References

Cyber Security Awareness Month Tech Tip #1

Previous Cyber Security Tip

Homeland Security Securing Your Web Browser

Welcome again digital citizens to my digital security tips. October is recognized at Cyber Security Awareness Month #cybersecuritymonth. As such you will see different organizations and individuals share ideas and best practices online for people online. This is so people who do not think about securing their digital identity think about using the Internet and their computing devices in a way that protects themselves, friends and family in a more cyber security focused way.

Safe Power

Personally I am a heavy phone user. I read news, check my social networks and messengers, play the occasional game here or there. As a result my phone battery hates me. That is why I think my phone waits for me to away from home before it alerts me that I am about to be cut off from the rest of the world... digitally. Which is a huge pain because like it or not we are all dependent on our mobile devices for more than just entertainment. They are our communications and navigation devices. Seeing this need many organizations have put out mobile charging stations for public use. They usually consist of a surface the multiple types of charging cables that allow for multiple types of devices to be connected to them. This is a big help one the surface. It is not however always wise to use.

Mobile phones are computers. Because of this fact they can be hacked into like any other computer. The most obvious and least thought about way to hack into a phone is though the charger port. Just like you can connect your cable to your home computer to sync data and music with your phone or table is the same way your phone can be attached by a malicious party. And a common way this is done is to setup-up fake phone charging stations with hidden computing devices attached to them so when you connect your phone to them they are attached using multiple known methods. So to protect yourself here are a few things to keep in mind:

Always Bring A Phone Charger

Most places you go you can find a power outlet. Its is always better to buy a spare data cable and charger brick from your phone manufacturer and keep in your bag than to use a power station. Most time its is even better than to use a friends cable due to differences in how different phones accept power and cable build quality.

USB Charge-Only Adapter

In case you do not have a cable of your own there are devices called USB Charge-Only Adapters you can use in a pinch. These dongles block the data pins so that only power is transmitted to your phone. It is worth noting that data pins are used for fast charging. So you won't see fast speeds due to the lower current available.

Invest In A Portable Battery

It is wise to buy a portable battery in case of an emergency. You can find solutions from even your local discount store that will give you at least two power refills from a single battery charge. You will have to get in the habit of recharging yet another device every night. But the security of knowing that you can just plug your phone in to your own power supply that goes with you anywhere is worth it.

Cyber security isn't a single minded approach to protecting yourself. In today's world you have to think of any possible way you or your computing devices and digital information can come into contact with resources you do not control. That is why Cyber Security Month is so important to participate in. Not to show off how much you know. But to be open to learning a new tip that will help secure your own data even better. Remember to pass along any tip you find helpful during the entire month of October.

References

Cyber Security Awareness Tip #1

Previous Cyber Security Awareness Tip

How To Protect Yourself From Public USB Charging Ports

Homeland Security Tips on Traveling with Mobile Devices

Happy Cyber Security Awareness Month digital citizens. Throughout the month of October different organizations and individuals will post cyber security focused tips and best practices to help users of the Internet keep the digital security of themselves, friends and family in mind. So to pay it forward I wanted to share as many cyber security focused tips as I could this month. While I have already written about topics from what a proper password should be to things to keep in mind when setting up your home Internet router one topic I can think about ties both of these concepts together. Using the Internet on the go. And while the state of mobile data networks is drastically better than it was when I received my first cell phone dead spots and back reception areas still exist that make users seek out and connect to Wi-Fi hotspots away from home. Unfortunately this can be a great security risk.

Virtual Private Networks – Security On-The-Go

We have all been there. Out around town and you are trying to get a news update or check your (insert social network of choice) feed and it is taking forever. As you look up at the reception icon on your phone you notice you barely have any bars showing. But surely someone in the area has free Wi-Fi you can jump on. Maybe you are next to a Starbucks or McDonalds. Better yet when you look at your available networks list the nail salon on the corner has four bars. Life safer right? WRONG!!!

When you connect to a Wi-Fi hotspot all your data is going though those devices. With a little effort people with legal or illegal access to that network can see what websites you are accessing, data you are sending back and forth, your social media logins, timelines, and messages as well as any and all other data that you are sending and receiving. That is a lot of trust you must decide to have in a nail salon or gourmet coffee place. And while a lot of sites and service make sure that all data uses https (hyper text transport protocol secure) to encrypt your data so that unwanted eyes can what you are doing, the Internet as a whole isn't completely secure. Especially when you factor in the danger of people setting up Wi-Fi hotspots that look like they are connected to legitimate business but are just there to allow devices to connect to them and record everything that goes from your device to the Internet. That's why if you are in the habit of connecting to Wi-Fi networks when you are away from home via your mobile phone, table or laptop computer you should really invest in a Virtual Private Network account (VPN).

A VPN is a way to create a connection to private computing devices over a public Internet connection. So if you are at your local pubic library or outside of Walmart and connect to free Wi-Fi you can start your VPN software and encrypt all your data. So even if you are connected to a fake Wi-Fi hotspot they will not be able to see any of the data you are transmitting in a readable format. There are just a few things you need to keep in mind so that you are getting the best experience and most protection from your VPN software:

You Get What You Pay For

There are plenty of VPN services on the Internet. And a lot of them are free. Avoid these at all cost. If you software is free and isn't being run by and truly altruistic non profit organization then the service is trying to sell you ads and use your data in some form to sell to advertisers. This doesn't happen 100% of the time. But it does a high percentage of the time. A simple search on any popular search engine will give you ads to plenty of good VPN services. And if you are an avid podcast listener you can always find trials and rebates on the more popular ones. (i.e.Honestly Tech Podcast and The Material Podcast).

No Logs

If you are paying for a VPN you must be serious about your data privacy. So a VPN service that collects and saves log data on your connections to it should be an automatic hard pass. So make sure to read though the service's frequently asked questions pages (FAQs) or even text/call a technical representative and ask them directly “Do you keep logs?”. If they do ask for how long. If it is anything more that a few days or so think about moving on.

Strong Encryption

This one should not be such a hard one but in theory it is possible to have a VPN without encryption. Which is pretty much counterintuitive for what you will want to use it for. So make sure they service you pick uses strong encryption.

Multiple Devices

Many VPN services allow you to use multiple devices simultaneously. So make sure that is an option if you use more than one device on the go.

VPNs aren't something you need a lot of money to take advantage of. So you don't have to worry about breaking the bank. Just keep the tips above in mind and you should be able to find an affordable and secure VPN service that respects your digital rights. And please remember to pass on any cyber security tips #cybersecuritymonth tips you see or think up via email or social networking.

References

Cyber Security Month Tech Tip #1

Previous Tip

Wikipedia Page on VPNs

Tech Radar Best VPN Services 2019

Welcome and Happy October and Happy Cyber Security Awareness Month. During October you will see a number of people and organizations share helpful tips online that promote Cyber Security Awareness. Billions of people use the Internet in some form everyday. A overwhelming majority of those people take their digital security for granted. We must always protect our online accounts, use firewalls to keep our computers and mobile devices clean and intruder free, and be careful not to share our location though social networks and photographs we take and share online. But one place we as users of the Internet forget to care for and secure the most is at home.

Your Home Router

Your home Internet router is probably the busiest and most forgotten appliance in your home. All your home Internet traffic passes though it and hopefully all the bad Internet traffic trying to get into your home network is stopped by it. The home router is on usually twenty-four hours a day and is constantly working. And in the age of social networking, video streaming, file and picture share, video gaming along with securing your home network it is always working hard. So the best first tip for home routers is very simple. Get a good router.

You Get What You Pay For

Rule of thumb when you are dealing with the Internet. No matter how many devices you have on the inside of your network and how much traffic you create to access the Internet, the Internet is always trying to get into your network. And I mean all the Internet. So the best way to protect all your personal devices and data is to get a modern up-to-date router. It is really tempting to find a cheap and small router even as temporary solution because you think you will be able to get a better one in a week or two. Trust me and don't do it. Those devices are usually underpowered, lack even the most obvious features and options, and more often than not way behind on updates from the most current Internet threats and vulnerabilities. My two favorite places to go for an updated list of good router reviews are on Tom's Hardware and The Wirecutter.

Update Your Router

If your home router is worth its salt the manufacturer of the hardware will put out updates quickly and often. Nothing is worse that having a router that hasn't been updated in months. That is usually a good sign that you need new hardware. There is always a new attack or newly discovered vulnerability found when it comes to routers and firewalls. So if your router's system software/firmware has not been updated in at least a season your hardware may be end of life and out of support.

Secure Your Router

Logging into the the management console of your home router can be a very intimidating ordeal. But understanding and properly configuring your hardware is important. You should only have features turned on that you fully understand and need. Options like Wi-Fi Protected Setup (WPS) and Universal Plug-N-Play are dangerous to leave running. While it is safer to turn them off you should consult your home network device documentation to see if it will interfere with any of your streaming devices, printers or computers before doing so. But a good thing to keep in mind is if you don't know if you need it, turn it off and see what breaks.

It is a good practice to also create long and complex passwords for your router login and for devices to access your wireless network. Just to recap always at least fourteen characters with two capitals, two numbers, and one special character. Also change the default SSID for your wireless networks. Using default settings can cause major confusion if you and a neighbor have the same network device with the same default settings. Both your devices and your neighbors devices will always try to join the wrong network because they have the same name. And lastly when securing your wireless networks use the strongest form of Wifi Protected Access (WPA) your router is capable of. Always read both the printed and digital documentation for your router. Most questions your have can be answered with the information they provide. And try to make it a habit to log into your router once a week or so. Just so you get use to logging into it and checking if everything is working as expected.

Remember to have a safe and secure Cyber Security Awareness Month #cybersecuritymonth for all of October. Share and pass along any tips you find or think of yourself.

References

Cyber Security Month Tech Tip #1

Previous Cyber Security Tip

Homeland Security Router Tips

7 Tips To Secure Your Home Router

Your Router's Security Stinks: Here Is How To Fix It

routersecurity.org

GRC Shields Up Port Testing

Tom's Hardware List of Best Routers for 2019

The Wire Cutter List of Best Routers

Welcome and hello Digital Citizens. Once again I hope you all are having a great and safe Cyber Security Awareness Month (#cybersecuritymonth). Throughout the entire month of October you will see different people and organizations on the Internet share tips that will help people think a little more about protecting the digital identity, information, location of themselves as well as their friends and family. Many users of the Internet don't realize how easy it is to give away too much information about themselves. So October was picked to show people how to use the Internet more carefully. And I've decided to share a couple of tips I've picked up to pass along.

More Than Just A Password (2 Factor Authentication)

It goes without saying that if you are use to computer systems you know what a password is. If you have used an iPad, smart phone, laptop or email system you have had to use a password to enter any of those systems (and hopefully you are using a strong complex password). But in a world of phishing schemes and systems break-ins it is very possible that your password can fall into the hands of “the bad guys” even if you don't do anything wrong. And someone with your password can enter your system most times without you knowing and take your data as well as impersonate you online. So it is helpful to have an extra layer of protection for your systems along with your password. Enter 2 Factor Authentication.

2 Factor Authentication (2FA) is an extra layer of security that you have to proved to a computer system to prove you are in fact you. The general idea is that along with your username and password which can fall into the hands of anyone in the world, a second form of identity that you and only you have on your person is used to prove to the computer system in question that you are you. That way even if Web Service Awesome is broken into and your password is unencrypted it is almost useless because they will be asked for an additional form of information before it give anyone access to your account.

Some common forms of 2FA include an app that generates semi random codes on your phone that you can enter into a system (Authy), a physical device that generates codes instead of your phone (RSA Token) and (YubiKey), or a system when messages are sent to a mobile device you register to confirm your are trying to log into a system (Google Prompt) (Google Second Step). Most major systems like your email, social networks, banks, and even ride sharing services accept 2FA to protect your account and personal information. One older form of 2FA involved using SMS text messages to send codes to your phone. Due to the lack of encryption and security on SMS it is usually recommend to avoid this option whenever possible.

2FA should be used on all your major accounts. The ones that you use the most. Like your bank, your primary email, and your primary social networking account. usually if any of these account fall into enemy hands they can be use to gain access to other accounts. So you want your first line of defense to be your strongest. Start slow though. I wish 2nd Factor was as easy as it sounds. But there is information associated with your keys and tokens they you need to keep in safe places so in case of an emergency you can regain access to your account. If you don't you may loose access forever. Sound scary but with proper precautions it is very hard to do. Just be careful all #cybersecuritymonth and beyond. And remember or pass along any helpful security tips you all October.

References

Cyber Security Month Tip #1

Previous Cyber Security Month Tip

Google Prompt

Google Second Step

Authy

YubiKey

RSA Token

Welcome again Digital Citizens. October is recognized on the Internet as Cyber Security Awareness Month (#cybersecuritymonth). During this month different people and organizations online will post tips throughout the month of October to help people improve their understanding of cyber security. Lots of people use computers today. Unfortunately, a large percentage of Internet users are not a familiar with how to protect their identities and data online. So Cyber Security Awareness Month was created to try to expose as many people to online best practices as possible.

Do You Know Where That Thumb Drive Has Been???

Back in the days of CRT monitors and 9600 baud modems the world of computers were ruled by the floppy disk. This magical media type allowed people to transfer data over long distances (i.e. your friends house or co-worker's cubical) to your own computer system. Computer internetworking was something you saw in science fiction movies or that you heard rumors about from computer hackers that break into government systems and have to run from the law for the rest of their lives. So normal people used floppy disks to install and share data.

Floppy Disks

Floppy Disk Sizes What the world quickly discovered during the age of the floppy drive is just how connected we all are. While I may have a personal computer and only know three people who I can share disks with, those three people could know three each. And so on and so forth. On top of which a couple of those people within two or three degrees of separation may actually have access to a modem that they use to download files on bulletin board systems from Los Angeles to Berlin. To put it short it was not uncommon for computer virus outbreaks to pop up all over the world in no time at all because of data hopping from floppy disk to computer system to new floppy disk. The age of floppy disks, zip drives, and even CD-ROMs are to most digital citizens a legend seen in museums. There is however a form of physical media that most of use still are familiar with. The Thumb drive.

Thumbs drive are easy to pass around and share. So they end up in multiple computer systems. This makes them as dangerous as floppy drives use to be back in the day. So when a thumb drive is connected to a computer system you do not control you have to hope they are up-to-date on all their system patches and that their virus protection is current. That doesn't seem like a big ask but you would be surprised at how many people treat their computers like storage in their garage. They get to cleaning it when they get to it. Worse yet, it is not uncommon for bad actors (i.e. hackers, identity thieves, phishers) to put malware such as keyloggers, scripts, and rootkits on thumb drives and lay them around so people will find them and use them on their home or work computers. That is a big NO NO!

It is easy to forget that physical computer security is as much a part of cyber security as protecting your digital security and identity. So remember to keep these tips in mind:

  • Always keep your virus protection up-to-date.
  • When and if possible use security features like password protection and encryption on your person thumb drives.
  • Keep personal and business thumb drives separate.
  • Disable autorun so nothing can automatically run from your drive just my inserting it into your USB port.

And most importantly:

  • NEVER EVER USE A THUMB DRIVE WHEN YOU ARE UNSURE OF ITS ORIGIN!

These tips won't keep you 100% safe, but they will help you avoid 90% of obvious pitfalls and traps. Have a safe October and remember to feel free to pass on and share any tips you have all month long to help people think about Cyber Security #cybersecuritymonth.

References

  1. Cyber Security Tip #1
  2. Previous Tip
  3. Homeland Security Tips For Using Caution With USB Thumb Drives

Hello again Digital Citizens. Today I bring you my third tip in my “homage” if you will to Cyber Security Awareness Month. Every October different people and groups that use or do business on the Internet trying to share best practices on using the Internet in a security focused way to spread the word about that protecting your digital identity is an important job. We all tend to forget how easy it is to sometimes give too much information about ourselves online. Even when we think we are doing it in a safe way. So I'll try to do my part by passing on some quick tips that I use everyday to keep Cyber Security in mind and protect my identity and data online.

Don't Open That Attachment

The biggest feature of email, instant messengers and SMS is the ability to send files. Most commonly we receive images of our loved ones or of an event. But very often we also receive files. Files like a PDF of a flyer or schedule. Sometimes even a spreadsheet or word document for work or a volunteer organization you give time to. To put this as clear as possible, this is a no-no.

1. It Is Always Flu Season On The Internet

The term Computer Virus has been a part of the modern lexicon for decades now. But what many people don't realize is how easy it is to not only catch a computer virus but to pass one on to all our digital contacts. Most email services and programs are really good about scanning attachments before an intended user can even see it nowadays because of the years developers of those programs spent fighting the different Internet viruses that have sprung up over the years. But they are not always perfect. So you have to be very careful about files you receive from people. Especially on Instant Messengers (i.e. Facebook Messenger, What's App, Signal, iMessage, etc).

2. Files Can Do Strange Things When We Aren't Looking

Outside of viruses there is another danger with files you receive off the Internet. Files like PDFs and Microsoft Office (excel, word, PowerPoint, etc) can internally contain mini programs that allow them to offer extra functionality like math calculations. In the wrong hands however these files can doing things like send unsolicited emails to all your contacts and install malicious programs on your system without you noticing.

File attachments are necessary. There is no getting around that. But you must use extreme caution when using them.

  1. If you don't know the person or organization sending the file DELETE IT.
  2. If you know the person or organization but were not expecting a file from call the sender and VERIFY IT.

  3. If the file has a file extension you are unfamiliar with DELETE IT and report the email as spam.

Remember to keep Cyber Security in mind throughout the month of October. Feel free to pass along any tips you see on the Internet in reference to Cyber Security under the hashtag #cybersecuritymonth. And if you have a best practice you would like to share please pose it. We can all learn from each other.

References

Cyber Security Tip #1

Previous Tip

How To Spot A Dangerous Email Attachment

Homeland Security CISA Tips When Dealing With Attachments