Welcome!
If you have an account, please:
Log in

Home network safety tip: keep most devices on the “Guest” network

Home network safety tip: keep most devices on the
Malware from the manufacturer means bad times for everyone

It would be great if the stories of products sold by major retailers with baked-in malware were relegated to decades past, but the issue hasn't gone away. The Electronic Frontier Foundation reports that a low-budget kids tablet by Dragon Touch was sold on Amazon for the better part of a year despite having possible malware preinstalled from the factory.

There really is no clear and obvious way to prevent any instance of factory malware, but one thing that could help quite a bit is to keep your networks separate.

This is an example of a router with guest network functionality built in.
(See online!)

Many home routers these days offer "guest networks" which are intended to let houseguests or visiting friends access your Internet without exposing your home computers and files. It's convenient and easy to set up along with your normal network. But the best part is that you can use the same trick to keep untrusted devices away from your important data!

You'll need to look in the manual, instructions, or a handy Youtube video if you need help for your specific router (or buy a new one if your current one doesn't support it), but, once configured, it's simply a matter of asking: "does this device/thing need to connect to my home computers or backup systems? If "no", put it on the guest network!

Bottom line, you might have several computers and maybe a printer/scanner on your home network for file sharing or backup purposes, but why let the Playstation or Echo in the same space? They can still access the Internet on the Guest Network and that's really all they need

Moving forward, always put phones, tablets, and any other device stays segregated on the guest network where, if they become infected, they can't damage your real computers and important data.

Tags: ,

Time to re-evaluate my browser strategy. Time to be Brave

Time to re-evaluate my browser strategy. Time to be Brave – The Geek Professor
Brave. The privacy browser

Keeping up with security and privacy topics when your work is only tangentially related and life sweeps you away (so you don't have time or energy the rest of the time) is not easy. That's why your best chance for getting an upgrade is finding the time to focus and experiment OR finding the right article at the right time… and I hope this will be that for you.

I've tried to focus this article on how most people use the Internet most of the time. For extreme folks, there are other options including Lone Wolf and Tor, but for everyone else, keep reading:

Hate having to read an entire article for the answer? Here's the bottom line: I use Firefox for websites with logins (except social sites), Brave for regular Internet (and social sites that constantly lead out to the Internet), and a little bit Edge as backup and personal brand segregation.

The brief background

Why is this necessary? Because companies are doing everything in their power to get into your business. They track where you go, what you click, what you're interested in, or just what they THINK you're interested in based on your browsing and clicking patterns. Besides being creepy and unwanted, it creates problems.

What happens when someone else uses your computer or you look something up for a friend or family member? Now their interests get mixed with yours causing you to see ads and recommendations that aren't remotely relevant. And what happens when you accidentally click a bad link in a chat or email (it happens to the best of us)? Many attacks are based on the idea that you're logged into your email or bank in another tab of the same browser (this is called cross-site scripting). And what if someone buys ad space and puts malicious code in or (or it's just rude and obnoxious)?

To reduce risks, annoyances, and invasion of your privacy while keeping things extremely simple, the pro tip is browser segregtation

Generally speaking, you can break down your Internet use into two or three main categories:

  1. Actual browsing. Searching, clicking, exploring, etc.
  2. Account-based web applications. Email, banking, shopping, etc.
  3. Social and personal brand. LinkedIn, Facebook, Twitter, and other things connected to your professional image.

Let me explain each in more detail.

Benefits to browser segregation

Browsing

When you're browsing around the Internet, you want the toughest browser around because you could end up anywhere at any time. Click a bad link, type a url wrong, or just browse around normally where sites attempt to identify you individually, track you, invade your privacy, and put you at risk due to poorly managed scripts and advertisements. As your default browser, this is the one that will load if you accidentally click the wrong thing in a Discord chat or any other app on your computer.

This is also the one you want to use for your private social accounts and any other app that is so closely tied to the general Internet that its nearly indistinguishable from open Internet anyway. Things like Reddit and Pinterest or alternate accounts for Twitter and Facebook that aren't tied to your identity.

Basically, you need your A-game browser – the best of the best – when out in the wilds of the open Internet.

Account-based Web Applications

This is where you keep your login-based accounts like emails, banking, shopping, and so on. If it's not a semi-Internet site like Reddit or Pinterest and it requires a login, keep it in your secondary browser.

Granted, sites like Amazon are very invasive as well, but much of the way they spy on you requires that you're out browsing the internet and not staying on a handful of specific websites. Additionally various types of attacks depend on you browsing around and taking a wrong turn while your tasty bank account or email are open in another tab of the same browser. Using separation this way largely prevents that too.

Don't overcomplicate it! For many people, keeping your logged in accounts and open browsing separate is good enough, but if you want to see why I use a third, read on.

Identity Accounts and Branding

In my case, I chose to have one more separation where my identity is known and my reputation at stake. To make sure that I don't cross wires and rant about how much I hate the VI editor on my branded-Reddit page, I keep them segregated too.

LinkedIn, Reddit with my professional name, Kickstarter, Twitter (if it survives into 2024 and beyond), my official Facebook (if I ever decide to make one) – basically, I keep these in a third browser because:

  1. I want to keep a third more standard browser around in the rare cases where sites refuse to load in anything else
  2. I can visually tell if I'm in the wrong place because of the different browser. That helps me think twice about what I'm going to post since it's tied to me individually.

Which browser and why?

For identity-based Internet

I'll cover this first and only briefly since only some people will be using the 3rd-level browser. I use Edge because it's one of the three major-supported browsers and will work for any site that doesn't like deviations from the norm. Also, it's not Chrome (the worst for privacy invasion).

For account-based Internet

For this one, I chose Firefox. Firefox is nowhere near the privacy-focused and community-friendly browser it used to be, but most of the ways it sucks now require being on open Internet. It's still going to be supported by major websites and you shouldn't have any trouble using your accounts with it.

For open Internet

I had been sleeping on this one for a while and heard bad things in the past, but read and watched videos and did some research. I determined that, as of this posting, Brave is the best browser for privacy online. It has a built-in adblock function and VPN (the first is free, the VPN you have to pay for, but not a big deal). It's nicely presented, fast, and works everywhere I've tried it so far.

Brave is also building a privacy-based search engine which is something DuckDuckGo has been known for, but even DDG has some issues that Brave does not. If the Brave search isn't working for you, Google and DDG are still there. Brave does use some kind of cryptocurrency gimmick, but that's optional and doesn't get in the way enough that I see it as a dealbreaker.

Summary

For best safety/security/privacy, use at least two browsers and mentally separate your activity online into "log-in account stuff" and "everything else" (and maybe a third for "anything that I use my real name for"). Tags: , , , ,

Farmville Addiction Leads to Baby’s Death

Today a severely depressing story of a baby that was shaken to death for interrupting his mother's Farmville time.

A normal parent knows interruptions happen and can deal, but someone suffering from an addiction is different. They're obsessed and nothing else is as important!

The Mashable article says this:

Needless to say, it is Ms. Tobias — and not the game itself — that is responsible for the death of her 3-month-old son.

While this is completely true, I don't think it's right to say that Farmville was not involved and bears none of the responsibility. The game, is fun, engaging, bright and feeds into people's innate needs to build, organize, nurture, and escape (all signs of addictive games), but worst of all, Farmville punishes you for not playing. When you stop playing, your animals and crops die.

At some point, the people who make Farmville had a meeting to decide how to keep people playing the game and came up with the death idea. To be fair, maybe they didn't realize how this would lead many people into addiction, but it has and that fact is pretty obvious by now.

Even Mashable agrees:

FarmVille, named one of the “worst inventions” in recent decades by Time magazine, has more than 60 million members, most of whom access the game through Facebook (Facebook). Some players have found it so addicting that they’ve lost their jobs and racked up debts north of $1,000.

In the end, what company owns up to this and apologizes or changes their ways even in the face of deaths and misery that they had a hand in causing? Instead, they'll blame the user saying that it's totally their responsibility for becoming addicted. So the only choice you have is to handle it yourself.

You have to manage or completely avoid games that are (allegedly) built addictive. Just do a search for "name of game" addictive and if there are pages and pages of results, you just might want to steer clear.

Tags: , , ,

Answer a Phone Survey – Get Cheated

(Image used under: Creative Commons 2.0 [SRC])

I've always debated things like helping jaywalkers, buying magazines at the door, and listening to telemarketers, but I think that I've finally come up with a common solution. Don't pick up anyone on the side of the road. Don't buy anything at your doorstep that doesn't involve cash and girl-scout cookies. And definitely, never, ever, talk to someone selling something or doing a "survey" on the phone.

The Consumerist is running a story about a warehouse worker who took a phone survey and was fired for it. It turns out that the shady company on the other end remixed the phone call recording to make it sound as if he answered "YES" to questions like "are you authorized to make phone plan decisions for your company" and "do you want to switch to Thieving Scumbag Phone Service Inc?"

It may not be fair to the people who are honest, but there's just no way for you to know who is and who isn't safe to deal with so the only logical choice to to stay out of it entirely. Check out this advice from a prior phone survey industry member on how to permanently get out of the call listings.

Tags: ,

Story of Gaming Addiction

(Image used under: Creative Commons 2.5 [SRC])

This is a heartbreaking account of someone's battle with gaming addiction. Posted here so I can look it up later.

This pretty much sums it up.

"I hated level 40," she said with a sigh. It was the first time we'd spoken in eight years, and she had never forgotten the night I spurned her advances in favor of gaining a level in EverQuest.
Tags: , ,

5 Minutes Posing as a 14-year-old On Social Site

(Image used under: Creative Commons 2.0 [SRC])

A police official in the UK signed up a new account with a girls name and used data and a photo that suggested he was a 14 year old girl.

Within 90 seconds, a middle-aged man wanted to perform a sex act in front of me. I was deluged by strangers asking stomach-churning questions about my sexual experience. I was pressured to meet men with whom I'd never before communicated.

If you plan to let your kids use sites like these, you have to know what they're getting into. Make sure you have the name and password to their account (being friends with them is not enough) so you can see what they see and talk to them about it. Also bone up on safety precautions like learning the proper way to secure your account.

Tags: , , ,

Beware the Inevitable Haiti Earthquake Relief Scams

Beware of spewing garbage

As always happens with current events and especially with relief and aid efforts, scammers come out of their holes to steal money meant for the unfortunate. E-mails and social networking messages will start pouring in and fake relief websites have popped up already. Avoid scams that only make scammers richer and donate only directly to major organizations (such as the Red Cross) or at least do your research first.

The Better Business Bureau has a listing of charities that are in good standing at http://www.bbb.org/us/charity/

For more information about the scams, see the Ars Technica article on the subject.

Tags: , , , , ,

H1N1 (Swine Flu) Myths, Facts, and Governement Negligence

Swine Flu!

The CDC says swine flu is everywhere. A CBS investigation says it's not. How do you know who's telling the truth? Well, try looking at the evidence.

According to Dr. Mercola of mercola.com:

  • The CDC has stopped testing for Swine Flu so how would they know how wide-spread it is?
  • The CDC has a long history of conflicts of interest between makers of vaccines and regulators of vaccines.
  • "the U.S. government has granted vaccine makers total legal immunity from any lawsuits that result from the new swine flu vaccine"

And a little more detail on that last one:

The most problematic aspect of the PREP Act is that it removes all financial incentive to make a safe product.

In fact, vaccine makers now have a negative incentive to test it for safety, because if they are aware of problems, then they could potentially be held liable for willful misconduct!

As long as they can prove they "didn't know" of any problem, they will not be liable for damages. Hence it's in their best interest to know as little as possible about the adverse reactions it might cause.

Before you get hyped up about this "pandemic" and rush out to get the vaccine, maybe you should do a little more research. I'm not suggesting there's some conspiracy theory here, just that if what the article says is true, we already know that poor regulation leads to tragedies and abuse and the Swine Flu issue may be just one more example.

Tags: , , , , , ,

Control Your Online Banking With Twitter. Seriously!?

This is a great idea!
(Image source is unknown)
With tweetMyMoney, you can monitor your account balance, deposits, withdrawals, holds and cleared checks with simple commands. And, you can even transfer funds within your account. It’s all available on Twitter, 24/7! And, the best part is, our tweetMyMoney service is free!

(Emphasis mine)

Hello Twitter banking, goodbye money.

Why anyone thought this was a good idea, I don't know. Granted, you can't transfer money to OTHER accounts, only "within you account", but someone who breaks into your twitter account can still get a lot of information about you and move your money around causing you serious overdraft fees.

The issue at heart here is that getting information about your account and moving money around only requires the security of your Twitter account (which isn't to say much). How many people put strong passwords on their Twitter like they do the bank? How much effort does Twitter put into their security?

I think the idea of alerts to your phone is kind of cool, but maybe the bank should have set up its own Twitter-like messaging service instead of using a public one that's a big fat target of bad guys already.

Tags: ,

Veterans Affairs Phone Scam

Beware of traps
(Image used under: Creative Commons 2.0 [SRC])

Sadly, traditional phone call scams still work particularly against those of the previous generation that never had to distrust any callers. This one is targeting military veterans:

"America’s Veterans have become targets in an inexcusable scam that dishonors their service and misrepresents the Department built for them," said Dr. Gerald Cross, VA’s Under Secretary for Health. "VA simply does not call Veterans and ask them to disclose personal financial information over the phone."

Remember that people who call you could be bad guys. Before giving away any sensitive data, find out how to reach them through ONLY public phone numbers available on the official website or in a phone book NOT using any numbers they give you.

Tags: , , ,

Loading...

If you want to learn more about my professional background, click here to learn more.

Check out one of my guides/tutorials:

computer security Tutorial
|INDEX|next: Spyware Scanners

Security Software

Make sure you have a up-to-date Anti-Virus Program to protect you against bad websites or files.
Sometimes spyware gets in your computer and the anti-virus won't stop it. Use a spyware scanner to find and remove spyware and adware.
Use a software firewall to detect bad code on your computer when it tries to connect to the Internet.
Always keep your system up to date with security patches or none of the rest of your security software will matter.
Use an encryption tool to protect your important data when storing or transmitting it.
Switch to Firefox for your web browsing and you'll be better protected from Internet threats.

Safe Computing Practices

Don't get tricked by fake alerts or clever webpages into downloading viruses or spyware!

... or check out any of my other guides and tutorials by clicking here!

Anti-Virus

A virus can come from files, e-mails, web pages, or even devices you plug in (like thumbdrives or printers) and destroy your files or your computer once they get in. An anti-virus is software designed to detect and prevent that from happening.

[Click for full description]

Spyware Scanners

Learn how to detect and remove spyware and adware using a free scanning tool.

[Click for full description]

Software Firewall

Learn what a firewall is and why you want one on your computer.

[Click for full description]

Operating System Updates

Make sure to keep your operating system up-to-date with security patches or else none of the rest of your security software will be able to protect you.

[Click for full description]

File Encryption

Learn how to protect your important files on your computer or when transmitting them with free tools for file encryption.

[Click for full description]

Mozilla Firefox - Internet Browser

There are many browser choices out there. Read why I think Firefox is one of the best.

[Click for full description]

Fake Alerts

Maybe you've done everything right and you're computer is sufficiently fortress-like, but then you or someone in your family falls for a simple scam that tricks them into directly installing the bad guy's virus! Learn how to spot and ignore fakes!

[Click for full description]