Privacy 101

Time Traveler News:
There are now three of The Travelers posting to social media. You might find yourself on one of their pages.

In the mean time I wanted to make my first cyber security related post a sort of quick run down of how secure you already are. These are just basic things you can do, there are many advanced ways to minimize your internet footprint and thwart would be attackers.

  1. Personal security
    • Do you have an RFID credit card? (The kind you don’t have to swipe it to pay)
      • If yes, be aware of RFID theft. Your credit card information is basically broadcasting in your immediate radius, enabling a well equipped thief to snatch your credit card information out of the air without you knowing.
    • Do you carry a social security card?
      • While it is beneficial to carry a Social Security card at times, such as when you need one as a second form of identification; be aware that having your social security number compromised is one of the worst things that can happen. With a social security number and a few other minor pieces of identifying information such as a birthday, an attacker could request new passwords for your online accounts–thereby compromising every account linked to those accounts

    • How do you carry your license and other identifying information such as credit cards, social security cards, school id, library card, etc?
      • Be wary of leaving your personal items places, as losing a wallet or purse gives thieves a golden ticket to your identity
    • Do you have and carry a smartphone?
      • If yes, make sure to have at the very minimum a passcode lock on your phone. Not only does it protect against would be snoopers, illegal phone searches by police (to a degree), but also hackers.
      • Be aware of your app privileges, especially location related information. Location information in combination with other real time data can be used to track an individuals movements and habits.
      • Disable bluetooth unless you need it. By having it on you allow potential attackers to blue snarf your messages and contacts.
      • While more advanced, you want to disable or at least limit pairing. This allows attackers to “juice jack” you by plugging a cord into your device for a few seconds then running malicious software.
      • You can download encryption for your files and folders, and continue to add more and more layers of security; deterring more and more attackers.
      • Also be aware that layers of physical smartphone security are only as good as your private browsing habits. Later I will discuss proxies and alternate browsers.
  2. Hardware security
    • Check your cables, are there any breaks or taps?
      • Are there any intermediate devices between the ethernet cable and the network port on your computer? If you don’t know what they are, remove it
      • Check your other input / output ports to see if there are any intermediate devices plugged in. This could be a key logger attached to your keyboard, or a video capture device in line with your monitor cord.
    • Ideally you want to have at least two partitions on your hard drive, with each one encrypted; whilst running a whole drive encryption overtop. At the minimum you need to be aware of your security settings. BIOS can be locked with a password, requiring an authentication BEFORE windows even starts.
  3. Software Security
    • Make sure if you’re not using the default “Administrator” account; that you at least change the default admin password. If you are using administrator access; at the minimum make sure you have a strong password, as your account becomes a leverage point if someone gains unauthorized access.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s