A Little Tech Security in an Insecure Age?

But thou, O Daniel, shut up the words, and seal the book, even to the time of the end: many shall run to and fro, and knowledge shall be increased.

– Daniel XII: IV – King James Version

Aside from my hobbies I am a student of the Holy Bible. And because this main blog here on antimatter.oslaania.net is an art and hobby site I generally don’t talk religion on here. And while I personally subscribe to the core tenants of the Christian faith even though I admit I don’t practice it as well as I should, and I obviously don’t agree with some views held by Christians about art — some issues I am exploring on my own and trying to seek answers from through the Bible alone, not the opinions of Christians who want things done their way, as evident by how I run my website. But this is my website and I’ll cite a Bible verse if I want to. Free Speech!

Nonetheless it never ceases to amaze me how much things have grown and developed in just the last century alone- even just the last 30-40 years. I remember my old Apple II computer in my youth and now the newer Macintosh and Windows computers… 48k and 128k Apple II machines vs 4GHz machines with 8GB RAM, etc. etc. these days… sheesh! And in just a few short decades! Desktop computers in the early 1980s barely ran above 4-8hz and a memory capacity of 20-48k! So we’ve come a long ways in a short period of time.

Even things like encyclopedias — I recently saw how Encyclopedia Brittanica is finally “hanging it up” in the print division, I’m surprised that didn’t come sooner. It’s becoming no longer cost-effective to publish a 20+ volume encyclopedia every year, especially as fast as data changes, etc.

But as technology increases, so does the risks that come with it. “Tech Security” is almost an oxymoron anymore.

And for every “lock” that’s made as it were, someone is making a way to “pick” it. For every encryption being written someone is writing a hack.

To top it off, even big business websites like Yahoo, Facebook, etc. are becoming more draconian, unscrupulous, and controlling. Tracking the private content of users, invading privacy, etc.

Have you ever noticed while reading email on Yahoo, ads that correspond to key words written in your emails?

You post something to your friends on Facebook and a corresponding ad pops up that relates to your posting?

WHY CAN FACEBOOK AND YAHOO SPY ON OUR EMAILS AND POSTS BUT IF WE SPY ON A COMPANY THROUGH “HACKING” OR GOING THROUGH THEIR GARBAGE DUMPSTERS THAT’S  “CORPORATE ESPIONAGE?”

It came out last year that the US Federal Trade Commission was investigating Facebook for unfriendly and potentially illegal website tracking – and Facebook is an enemy of all creativity, individuality — a site bent on making people adapt to and accept conformity, lack of identity, no freedom of thought or individuality — everybody’s page looks the same. Same format, same layout, same style– only the names and faces change. No use of custom html, no use of animated GIFs or PNG files, etc. No blogs. And for all of Facebook’s so-called “privacy settings, I have my account set to the maximum “friend’s only” settings but it still doesn’t prevent spiders from Google, Yahoo, and other search engines from crawling a user’s site and posting the contents of their pages. One cannot even write a robots.txt or .htaccess to do something about that. A far cry different from the old Myspace that everyone has since abandoned. At least Myspace could be customized somewhat back in the day. Now Facebook is apparently being investigated for dishing out passwords to employers?

TO FACEBOOK: BURN IN HELL!

I make no bones about the fact I use a handle on Facebook because of the kinds of abuses that can arise from the use of one’s own real name. Let Facebook ban me! Deleting cookies and obtaining a new IP address is easy, plus I also have other anonymous accounts on there. Tough shit, Facebook!

Not a very “Christian” attitude I admit but I don’t like the policies of that company. On the other hand, I realize I should probably close my accounts on there. The way I see it, so-called “friends” who don’t keep in touch because I’m not on Facebook aren’t my friends anyways. But that’s a different story.

That aside–

There are simple things you can do to protect your privacy on the internet.

1. Don’t use your real name. Use an alias. If the site has a real name policy and won’t let you have an account without one, consult with qualified legal counsel– I don’t believe a site can legally force you to use a real name or force you or require to provide credentials. Even sites like Yahoo and Google are trying to pull this crap these days trying to require people to provide phone numbers to “validate” accounts. IMMEDIATELY hit “back” on your browser – you DO NOT have to provide them any such information — unless you want telemarketers! If it is a site like Elfwood where you cannot post art unless it is your real name? Screw ‘em! They’re only going to endanger you. A real first and last name can be used in searches with local court, county auditor or other offices of public record to pull up all sorts of information including names, addresses, pictures of your home, the names of your spouse, any children, etc. A full first and last name and ZIP CODE is all that is needed! So don’t give our your name or anything about your identity about yourself on the internet to persons you do not know, period! Use a “pet” name (a favorite name your friends like to call you), a pen name, a nick name or handle on Facebook, not your real name.

Don’t be cocky and use sites like Linked In and show yourself off to everyone – what are you trying to prove?

Unless you have a last name like Johnson, Smith, Miller, Williams, and there are 100s or 1000s of them in your local phone book… (i.e. you’re able to safely say “Happy hunting, asshole!”) But EVEN SO — skillful searches can cut thousands of names down to a few choices in seconds- all that’s required is a first and last name and zip code. And just as you can use this information to make yourself aware, people with EVIL intentions will use this information to harm anyone they can take advantage of.

“We are Anonymous!” is the best policy!

2. Browsing — constant cleaning out of your cookies, cache, and history is the best policy. Cookies are what websites use to track your browsing, produce “corresponding” advertising to your Facebook posts or key words in your emails, etc. Use “in private browsing” on your browsers. Do you really need an account on every bloody site?

3. Avoid using “free” email services if possible. Only use them for “spam” accounts and dealing with business. I recommend private hosting. I have a couple of accounts I use publicly for “spam” so all the “junk” can go there but my private email accounts are on my own domain and I keep them private. A private hosting account will allow you to not only have your own website and domain but also to create your own private email accounts inside of that domain name. Since I own Oslaania.net and Nyrva.org I can have any email address I want under those two domains, and as many private addresses as I want. And no ad companies can track and post ads to them. Admittedly I do use a Yahoo account for all my business with companies so all the crappy penis enlargement and “loan refinancing” junk mail can end up there and not my private accounts. (Sorry, no pills for me please. I like my penis just the way it is, thank you!)

4. In conjunction with point 3 — host your own website — There are many ISPs offering plans as low as $4 a month up to $7 a month (what I am paying) for personal hosting accounts. I get unlimited bandwidth, disk space, can make as many emails as possible, etc. And none of it is subject to restrictive corporate policies (like those of companies like Facebook, Google, Yahoo, Microsuck, etc.) — there are still rules to follow– nothing illegal of course. But most reasonable ISPs still allow a pretty broad range of freedom of what you’re allowed to do with you own site. I recommend ones that allow “adult hosting” (which is what I use) – not to run a porn site per se, but an ISP that is “porn site” friendly will usually be a lot less restrictive about what you’re allowed to do on your site (aside from illegal activities, etc.)

5. In conjunction with point 2 — Do you really need a YouTube account? Use in-private browsing, save your favorite videos to your BOOKMARKS in your browser, not to your account. Does the world need to know what videos you like? If you know how to use your bookmarks well you can even categorize them accordingly.

6. Kill your JAVA, Javascript, and Flash whenever and wherever possible – use your browser preferences to disable them. Javascript and Flash are great and nifty things but also can provide huge security holes. Do you really need them? Do you really need to play Farmville? You gotta be on there every other minute to get your crops and they nickel and dime you to death just to get the latest building on your farm that you need 50 neighbors to help you build anyways! Forget it! Seriously, get a Playstation or a Nintendo Wii! Opt into HTML5 in place of Flash on sites like YouTube or any other sites that offer the HTML5 option. If you must use them have two browsers — one browser you use for your little games where you DO NOT use your online banking or other more SECURE functions – and the other on a more secure browser with these options disabled. Nothing is foolproof but every little bit helps. (Edited 23-April-2012) However, do not think because you do the “two browser” deal that you are safe. Any usage of programs such as Adobe Flash opens your computer up to possible security risk, as does Javascript. Eliminate as much use of them, and altogether if possible. Text your friends on your cell phone and set your browser to total “private” to keep the loopholes out.

7. FIREWALL – DO YOU HAVE YOUR FIREWALL TURNED ON?

Check your control panel! Call your buddies, check your computer documentation, etc. if you do not know how to turn on your computer’s firewall! Get your firewall turned on if it is not on! (We have a few Firewall links here for Mac OS X 10.4 Tiger users – for orther Mac OS X, Linux, or Windows users, check your control panel- you’ll have to consult with a friend, related forums, or qualified computer specialist).

8. Routers AND DHCP – if you have a router and know how to use it these can be great devices if you know how to use them right, between your computer and your network as buffers to help protect your system. (Seek a local computer consultant.) (They can ping your router, not your computer itself if you have it set right) (Edited 23-April-2012) Also reset your DHCP lease and change your IP address as often as possible. If you use DSL or Cable internet you no doubt have a setup that automatically obtains an IP address from your local service provider for your local machine. To change this IP address you need to “cancel” your DHCP lease in your network settings and obtain a new IP address or reset your router. If all else fails, unhook your system completely from the internet when you go to bed at night – for at least 10-15 hours, then re-establish your connection. Your computer should obtain a new IP address and DHCP lease from your local ISP.

9. Passwords: Most people make the mistake of using simple words and using things that relate to their friends, family, hobbies, etc. This is a bad practice! You may like “Angry Birds” but don’t make your passwords “angrybirds23″, especially if everyone knows you’re a big fan. Passwords should be things no one knows about and should be changed frequently and be a MINIMUM of 10-12 characters, containing (whenever possible) upper AND lower case letters, numbers, and symbols. eg.

3!b4:X7c$6eG4

or for something easier make it like a word — C@$hmaN268!

Or how about @nGryB1rd$23 — kind of looks like “Angrybirds23″ but now it’s letters, numbers, and symbols — (personally I hate “Angry Birds” and think people who are fans deserve to be hacked! haha! OK, maybe not that bad but I’m not a fan. You get the point.)

Still you use something UNRELATED to things people know about you- use something people don’t know about you instead.

Don’t share your passwords, don’t write them down, if you do, memorize and destroy, or keep it in a very secret place away from your tablet, laptop, or PC!

PHISHING: DON’T BITE THE HOOK!

NEVER RESPOND TO ANY EMAIL REQUEST OF ANY KIND WHATSOEVER claiming to be from eBay, PayPal, Facebook, or any other kind of site whatsoever asking for bank account information, credit cards, passwords, or any kind of personal information whatsoever. Even claims that you need to submit personal information to “clear up an issue” — or better yet, scams on popular game sites like “Gaia Online” that claim to be from an Administrator that claim you need to submit your password in 20 minutes or you will get banned because “they need to run an account scan”. These are PHISHING SCAMS and are people who are trying to trick you into giving them your personal information. Clever hackers and phishers will even create “dummy” websites designed to look like “popular” websites or sometimes even the website for your local bank, down to prompts to enter your login credentials. When you enter your login information on these “dummy” sites they get routed to the hacker – and you may or may not get routed to your real account. Meanwhile the hacker NOW HAS YOUR LOGIN CREDENTIALS and can clean out your bank account, can order things off your eBay or PayPal with your account information, or whatever you have supplied them with. On game sites like Gaia Online- teenage kids who don’t know any better find their accounts cleaned out of those special items they got for their Gaia characters, or their Gaia gold or cash. DON’T RESPOND to ANY REQUESTS for PASSWORD or PERSONAL INFORMATION in any emails PERIOD!

If there is an issue, always log into your accounts the NORMAL way and settle any issues through that website’s customer service channels, and be SURE to report any suspicious emails (like fake PayPal or eBay emails) to that company’s fraud department. (ebay and PayPal both have spoof@ebay.com and spoof@paypal.com where you can simply forward fraudulent email requests for your personal information.)

Even for LOST PASSWORDS, most websites will provide you with a “lost password” link at their login prompt to reset your password through the email address you created your account with and will NOT be able to provide you with your password information itself. So don’t fall for scams from bullshit emails from “administrators” claiming they need your password information to “fix” your account — it’s a HACKER and they’ll “fix” you all right!

Keep in mind: Hackers do not “hack” – most of them look for loopholes, weaknesses, or take advantage of naive users willing to voluntarily “give up” their information!

DON’T BE THE WORM ON THE PHISHING HOOK!

10. Frequent backups of your data! Don’t worry about your OS, your apps, etc. Back up your pictures, your artwork, your music, movies — the stuff that matters most. Burn them to DVDs, get 8GB thumb drives off sites like Amazon for $10 – quit making excuses! The best defense against data loss is “that last known good copy”. Make sure you do it frequently if you have those favorite songs or pictures you don’t want to lose and you keep adding to that library of yours.

11. If you get hacked — Do you own a site? Do you have an account on an art site or Facebook or other public or social media site where you can share your personal content and have been hacked? If so – DON’T ADVERTISE IT! Publicly saying “Dammit I got hacked” will encourage the hacker(s) to come back and try some more. Don’t let ‘em see ya sweat! Change your passwords, (you should be changing your passwords frequently anyways but most people don’t) report the hackers to the admins, but don’t make it public. A lot of hackers have egos to bruise and will encouraged if they know they can upset you. Hit ‘em where it hurts- don’t give in to their egos. “Don’t feed the trolls.”

12. Subscribe to an inexpensive identity theft service. Many services will offer you legal insurance in case something happens. These days many employers’ benefit plans and even banks offer inexpensive services to their customers! Don’t take chances if someone gets ahold of and uses your personal information. ID Theft Protection is no longer optional in this day and age. Do your research – avoid plans that sound too good to be true because they are!

These are just a few ideas. Nothing is foolproof but taking steps to protect yourself, your identity, your data, etc. can go a long way.

That’s all for now!

Until next posting — something more fun and hobby related…

God bless,
Jade Dragon

Notice: This posting is for informational and “entertainment” purposes only and not to be construed or viewed as “expert” advice. Neither Oslaania.net or the author of this article make any warranties, or guarantees of any kind whatsoever express or implied with respect to this article. This information is believed to be “reasonable” and “reliable”. However any implementation or use of this advice or information is solely at your own risk. Users are encouraged to seek the advice of professionals and experts in related fields pertaining to these issues. This work is merely a statement of opinion and is not necessarily anybody else’s opinion. © by Jade Dragon and oslaania.net, all rights strictly reserved.