Uber has Privacy data problems

Uber has Privacy data problems that employees are exploiting to track politicians, celebrities, ex spouses, etc.

Posted in Privacy | Leave a comment

Threat Intelligence & Ransomware

Ransomware, where attackers encrypt your data and demand a ransom to release it, is starting to become a common threat. Threat intelligence techniques are required to determine if you are susceptible to this type of attack.

Posted in Ransomware | Leave a comment

Security and feudalism: Own or be pwned

Cory Doctorow explains how the Electronic Frontier Foundation (EFF) is battling the perfect storm of bad security, abusive business practices, and threats to the very nature of property itself. In the emerging Internet of Things (IoT) there is a need to take action to avoid a dystopian future. Cory identifies the disastrous consequences of DRM being left unchecked and how we need to be fighting for a future where our devices can be configured to do our bidding and where security researchers are always free to tell us what they’ve learned. Find out what you can do to fight for what is right.

Posted in DRM | Leave a comment

Lies vs the Truth

Psychological research has shown that the saying “Repeat a lie often enough and it becomes the truth”, a law of propaganda often attributed to the Nazi Joseph Goebbels, does have some validity. Of course this does not really make something the truth but people start believing it is and among psychologists something like this is known as the “illusion of truth” effect. This is becoming more of a problem in our age of social media where people are getting more of their information from crowds of often like minded people.

Fortunately repetition isn’t the only factor on forming beliefs of what is true. Logical reasoning, critical thinking, and verifying what is actually true can all contribute to finding the truth. Where repetition becomes more of a factor however is when it is used as a shortcut technique for guessing what is true. Reliance on shortcuts tends to happen a lot more in a world where huge volumes of information are barraging us daily.

What can we do about it? I think there are 6 main actions we can take ourselves and in helping others:

  1. Educate yourself and others on critical thinking and logic skills
  2. Do investigative research on the topics that really matter to you.
  3. Listen to the arguments of different views and evaluate the possibility that they may have some validity.
  4. Use and share credible sources that you have investigated, understand any potential bias, and have been shown to be trustworthy.
  5. Don’t pass on false or misleading information.
  6. Identify lies when you come in contact with them, especially for people close to you.

A good example of the battle for truth against lies is making edits on wikipedia which has a process for updating its encyclopedia that includes identifying sources for assertions being made. If fighting for the truth sounds like work, it is, but isn’t being a force for truth as you know it worth it? Retreating into a shell and letting lies spread will not make our interdependent world a better place. Pick your battles and make a choice that is right for you on how you can use your influence to make a difference in your own battles for the truth.

Posted in Trust, Truth | Leave a comment

Bruce Schneier on DDOS

Distributed Denial of Service (DDOS) attacks are a big problem affecting the availability of services on the Internet. Problems with business models in the age of the Internet of Things (IoT) will lead to these devices to be used in botnets since they are largely insecure low hanging fruit. Bruce Schneier provides some context on this topic.

Posted in DDOS | Leave a comment

Geek Summer Reading: Encryption!

Mozilla recommends some books about encryption for summer reading.

Posted in Encryption, Secrets | Leave a comment

Requested Security References

Requested Security References

The following are some reference links requested from my Information System
Security Officer Orientation
course.

Reference for Urban Legends and Scams

Free Windows Malware Protection Applications:

Web of Trust Crowdsourced Website Reputation

  • This browser WOT software
    can provide warnings about Web sites that have a bad reputation for malware,
    incorrect information, or aggressive marketing scams

Privacy

Future Computer UX Security Challenges

Posted in Awareness, References | Leave a comment

Best Free Anti-Virus Utilities

I was just asked recently what my recommendations are for best free anti-malware software. I checked my previous recommendations and was shocked that they were made 10 years ago. My how time flies but thankfully sometimes recommendations can stand the test of time.

PCMag just made a new set of recommendations (March 1 2016) for free Anti-virus protection software

I have had good experiences with AVG, Panda, and Checkpoint. My experience with Checkpoint is with their ZoneAlarm firewall which works well but has a lot of ads. Good to see that AVG and Panda are still top rated and in business after all these years.

Consumer Affairs also has a fairly detailed roundup of anti-virus product reviews which could be useful to consult if you want to include commercial software at various prices.

Posted in Anti-malware, Uncategorized | Leave a comment

The State of Computer Security

James Mickens explains the dismal state of computer security. It’s complicated.

Posted in Awareness, Security, Uncategorized | Leave a comment

DocZone Online Scam Investigation

The video is 45 minutes long but it is well worth watching to really increase awareness about the extent of online scams. The highlights for me were:

  1. 419 eBook by Will Ferguson (419 is the Nigerian criminal code for the famous “Nigerian” scam) which is based on an ancient scam from English history
  2. “Catfish” documentary? by Ariel Schulman on the epidemic of people assuming virtual identities or stealing identities to deceive people. There is also a tv show.
  3. 419eater.com about volunteers battling against fraudsters to at least waste their time if not discourage them from committing fraud
  4. The “Clairvoyant” in a tent in Belgium demonstration (around 37 minute mark) which shocks people about what anyone can know about them from their social media posts.
  5. Monica Draper, a web site developer (and hero in my opinion), who used access to fraudster Glenn Whitter’s web site and email to uncover and contact his other victims. She wrote a book about it – Raped Financially (or if you prefer the Raped Financially eBook). She also provides a useful tip (at the 41 minute mark) on a Google photo search feature to catch suspicious photos being used in scams. Just drag the photo you are questioning onto the Google Image web site to see all the places it is being used.

The DocZone site for the dot.con episode also has some useful links regarding online scams:

  1. Dot Con character updates
  2. Top 10 Canadian Scams in 2014
  3. How Vulnerable Are You to Online Fraud?
  4. How to Protect Yourself Against Scams
  5. To see comments on the DocZone Dot Con episode or leave your own comment there. Comments include everything from complaints about the government, fraud on match.com, paypal fraud on kijiji, LinkedIn business deals, etc.

DocZone has some really excellent documentaries on other subjects too so check it out.

Posted in Awareness, scams | Leave a comment