Revisiting Online Security (Part 1)
New Year's Resolutions get a bad rap, but I have a suggestion that is simple and will have a big pay-off for you; improve your online privacy and security.
I know there are a lot of articles out there on this topics, but in my opinion, most of these articles are either shallow, clickbait type articles, or they dive right into the deep end and take privacy to the ridiculous extreme.
Yes, I've written about this before, but this is one of those subjects that is important to update often.
Now, just to be clear, I am not an expert in this field, but I have done a lot of research into this and I've worked hard to sift through the clickbait to find the really credible people to listen to.
I'm going to break this down into simple, easy-to-do exercises, and I'm not going to hit you with everything at once. This article will be the first of a series.
BEFORE I START, I want to talk about WHY you should focus on online security. It comes down to three points...
The internet is a cobbled together mess of code that has so many holes in it that some people think that talking about internet security is, in fact, a joke. The founders of the internet didn't design it for security, and attempts in 1978 to add encryption into the internet were shot down by the NSA. Since then, it's become complicated beyond belief.
The thieves of this world have turned to the internet, because they can make a lot of money (and cause pain) very easily by stealing from a lot of people at once. If you wonder how low these people can go, do some research on how people are hacking into medical devices in hospitals, and demanding ransom in exchange for people's lives.
There are some simple things you can do to make yourself more protected. Typically, these cyber criminals don't set their sites on you and target you specifically (unless you're rich, famous or unlucky). You are probably one of many people they are attacking at the same time. Make things a little more difficult for them and the hackers will probably move on to easier prey.
Let me tell you a quick story. I have a friend who is an uber-geek. He makes his living by keeping networks secure. I am also friends with his mother-in-law. She's a wonderful person. Probably about 75 right now.
She got a call one day from someone claiming to be "Microsoft Support". The guy said that he understood that she was having problems with his computer. She said, "Well, as a matter of fact I am." They continued to talk and she then gave him remote access to her computer. Now, keep in mind that she could call up her son-in-law at any time and he would help her with anything she needed to have done.
As soon as she gave him access to her computer, she realized that she did something stupid. She wanted to cut him off immediately, but she didn't know what to do. In a completely calm voice, the guy told her what he was going to do next. He proceeded to upload a virus to her computer that erased everything. He didn't even try to steal anything (that we know of). He did it all just to hurt a random woman and to hear her scream on the phone.
So yes, it's important to protect your privacy and security.
Here are some simple actions you can take now...
FIRST, uninstall software and apps that you don't use. This is true for your computer, your phone and your tablets. The more apps you have, the more likely you are to have vulnerabilities and malware. Don't simply trust that the software you download. By downloading software, you are potentially giving strangers access to your data. For example, did you know that Apple allows apps to take screenshots of your screen at any time without your knowledge? This is not a bug! This is a built-in developer tool that is designed to allow developers to support their software (plus it's also probably a back-door for the NSA).
SECOND, update all of your apps and your operating system. I know it can be a pain to constantly update all of these apps, but many of these updates fix security holes, so keep everything updated.
THIRD, put a piece of tape over your computer camera. Or, buy one of these. This is a measure that is recommended by Edward Snowden, the FBI and pretty much everyone in the security industry.
FOURTH: Did you know that Google keeps a record of every search you've ever done? If you are going to use a search engine, use one that does not track you. I recommend www.StartPage.com or DuckDuckGo.com.
FIFTH: Use a VPN. Our fantastic (sarcasm) Congressmen are enacting a new law that gives your Internet Service Provider (Verizon, ATT, Spectrum, Cox, etc) full legal rights to watch everywhere you go online and they can sell this information! Legalized invasion of privacy! But there is a way you can protect yourself and make your computer more secure from hackers; a VPN. A VPN is software that makes your online activities invisible to ISPs and hackers, and it makes your WIFI much more secure. All you have to do is install it, and it works in the background. Note, however, that there are some VPNs that still track you, so it's important to get a trusted VPN. This is the VPN software that I use.
SIXTH, use a password manager app. This is probably the most important thing you can do. What it comes down to is that you need to have a different, long, complicated password for each site you log into. Because if you use the same password for different sites, and if someone steals your password (which they already have), they can use that password to log into other sites. There are only three ways to keep track of such long, complicated passwords. 1) You can write them down on a piece of paper, but this is clumsy, slow and then you have another risk if someone were to find the paper and snap a picture of it. 2) You can use an algorithm for your password that allows you to have a different password for each site. 3) You could get a password manager app, such as LastPass or Bitwarden. The password manager topic is so important that I plan on writing a whole article on this in the near future.
SEVENTH, always enable two-factor authentication when possible. Most good online services offer two-factor authentication. This either involves a text message, or better, the Google Authenticator App (best is a physical security key). If an online service gives you the option for two factor authentication, you should do it. You may even decide not to use a service if they don't offer two-factor authentication. Here's a good guide that teaches you how to turn on Two-Factor Authentication on different sites.
I will write Part 2 on this subject soon. In the mean time, do your own research, take action, and share your advice in the comments.
Thanks and have a great day!