Web Developer
422 stories
·
2 followers

Editorial: Just reading headlines can be misleading

1 Share

Don't stop scrolling, keep reading

      
 
 
Read the whole story
Looms
6 hours ago
reply
Share this story
Delete

ISPs say your Web browsing and app usage history isn’t “sensitive”

1 Comment and 3 Shares

Enlarge (credit: Getty Images | KrulUA)

ISPs that want the federal government to eliminate broadband privacy rules say that your Web browsing and app usage data should not be classified as "sensitive" information.

"Web browsing and app usage history are not 'sensitive information,'" CTIA said in a filing with the Federal Communications Commission yesterday. CTIA is the main lobbyist group representing mobile broadband providers such as AT&T, Verizon Wireless, T-Mobile USA, and Sprint.

The FCC rules passed during the Obama administration require ISPs to get opt-in consent from consumers before sharing sensitive customer information with advertisers and other third parties. The FCC defined Web browsing history and app usage history as sensitive information, along with other categories such as geo-location data, financial and health information, and the content of communications. If the rules are overturned, ISPs would be able to sell this kind of customer information to advertisers.

Read 12 remaining paragraphs | Comments

Read the whole story
Looms
5 days ago
reply
Share this story
Delete
1 public comment
Manzabar
4 days ago
reply
Everybody making this claim that a person's browsing history isn't sensitive information should be forced to have 100% of the internet activities posted to a public site to prove their commitment to the idea.
Cedar Rapids

Defense Against Doxing

1 Comment and 4 Shares

A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers, what we said disappeared once we'd said it. Neither face-to-face conversations nor telephone conversations were routinely recorded. A permanent communication was something different and special; we called it correspondence.

The Internet changed this. We now chat by text message and e-mail, on Facebook and on Instagram. These conversations -- with friends, lovers, colleagues, fellow employees -- all leave electronic trails. And while we know this intellectually, we haven't truly internalized it. We still think of conversation as ephemeral, forgetting that we're being recorded and what we say has the permanence of correspondence.

That our data is used by large companies for psychological manipulation ­-- we call this advertising --­ is well-known. So is its use by governments for law enforcement and, depending on the country, social control. What made the news over the past year were demonstrations of how vulnerable all of this data is to hackers and the effects of having it hacked, copied and then published online. We call this doxing.

Doxing isn't new, but it has become more common. It's been perpetrated against corporations, law firms, individuals, the NSA and -- just this week -- the CIA. It's largely harassment and not whistleblowing, and it's not going to change anytime soon. The data in your computer and in the cloud are, and will continue to be, vulnerable to hacking and publishing online. Depending on your prominence and the details of this data, you may need some new strategies to secure your private life.

There are two basic ways hackers can get at your e-mail and private documents. One way is to guess your password. That's how hackers got their hands on personal photos of celebrities from iCloud in 2014.

How to protect yourself from this attack is pretty obvious. First, don't choose a guessable password. This is more than not using "password1" or "qwerty"; most easily memorizable passwords are guessable. My advice is to generate passwords you have to remember by using either the XKCD scheme or the Schneier scheme, and to use large random passwords stored in a password manager for everything else.

Second, turn on two-factor authentication where you can, like Google's 2-Step Verification. This adds another step besides just entering a password, such as having to type in a one-time code that's sent to your mobile phone. And third, don't reuse the same password on any sites you actually care about.

You're not done, though. Hackers have accessed accounts by exploiting the "secret question" feature and resetting the password. That was how Sarah Palin's e-mail account was hacked in 2008. The problem with secret questions is that they're not very secret and not very random. My advice is to refuse to use those features. Type randomness into your keyboard, or choose a really random answer and store it in your password manager.

Finally, you also have to stay alert to phishing attacks, where a hacker sends you an enticing e-mail with a link that sends you to a web page that looks almost like the expected page, but which actually isn't. This sort of thing can bypass two-factor authentication, and is almost certainly what tricked John Podesta and Colin Powell.

The other way hackers can get at your personal stuff is by breaking in to the computers the information is stored on. This is how the Russians got into the Democratic National Committee's network and how a lone hacker got into the Panamanian law firm Mossack Fonseca. Sometimes individuals are targeted, as when China hacked Google in 2010 to access the e-mail accounts of human rights activists. Sometimes the whole network is the target, and individuals are inadvertent victims, as when thousands of Sony employees had their e-mails published by North Korea in 2014.

Protecting yourself is difficult, because it often doesn't matter what you do. If your e-mail is stored with a service provider in the cloud, what matters is the security of that network and that provider. Most users have no control over that part of the system. The only way to truly protect yourself is to not keep your data in the cloud where someone could get to it. This is hard. We like the fact that all of our e-mail is stored on a server somewhere and that we can instantly search it. But that convenience comes with risk. Consider deleting old e-mail, or at least downloading it and storing it offline on a portable hard drive. In fact, storing data offline is one of the best things you can do to protect it from being hacked and exposed. If it's on your computer, what matters is the security of your operating system and network, not the security of your service provider.

Consider this for files on your own computer. The more things you can move offline, the safer you'll be.

E-mail, no matter how you store it, is vulnerable. If you're worried about your conversations becoming public, think about an encrypted chat program instead, such as Signal, WhatsApp or Off-the-Record Messaging. Consider using communications systems that don't save everything by default.

None of this is perfect, of course. Portable hard drives are vulnerable when you connect them to your computer. There are ways to jump air gaps and access data on computers not connected to the Internet. Communications and data files you delete might still exist in backup systems somewhere -- either yours or those of the various cloud providers you're using. And always remember that there's always another copy of any of your conversations stored with the person you're conversing with. Even with these caveats, though, these measures will make a big difference.

When secrecy is truly paramount, go back to communications systems that are still ephemeral. Pick up the telephone and talk. Meet face to face. We don't yet live in a world where everything is recorded and everything is saved, although that era is coming. Enjoy the last vestiges of ephemeral conversation while you still can.

This essay originally appeared in the Washington Post.

Read the whole story
Looms
12 days ago
reply
What is a telephone? :P
Share this story
Delete

​Does Authenticity Really Matter? ...of Masks and Broken Eggs

1 Comment
​Does authenticity REALLY matter? Or is it just a silly buzzword, giving you the mistaken impression that some soul searching will result in finding yourself and magically becoming a millionaire in the process? I used to ask myself these sorts of questions, never really understanding what authenticity meant in practical terms for building a business.

I'm finally starting to understand the value of authenticity in being an entrepreneur. If you are going to make something out of almost nothing but your own vision, that vision better be sharp, relentless, and thoroughly consistent. That is the only way that you will be able to run for miles and years on it.

If you are not running based on your authentic passions, talents, and values, then soon your mask will fall, and your consistency will be that of humpty dumpty fallen off of a wall. If you are like me, you do not have any king's horses or king's men to clean up those kinds of messes in your business.

I have not always known in what direction SH International would take me in, but the core has always been consistently about exploring how to build multinational businesses even with limited resources. Because that's a reflection of what I am- a frugal business woman who loves exploring the world, doing business, and making friends along the way.

As a result, while SH International has pivoted several times in the details, the overall trajectory has remained consistent. This has enabled us to build a strong foundation while still retaining a creative outlook and ability to experiment.

What does authenticity mean to you?
Read the whole story
Looms
13 days ago
reply
Tell it...
Share this story
Delete

Award-winning photographer tops at Dover Air Force base

1 Share

Roland Balik's creative photos come from adjusting camera settings and avoiding automatic mode.

      
 
 
Read the whole story
Looms
18 days ago
reply
Share this story
Delete

Do you tell your kids about your past drug use?

1 Comment

With the threat of the opioid epidemic reaching more families, parents and guardians face increasing pressure to talk to their kids about drugs, public health officials say.

      
 
 
Read the whole story
Looms
18 days ago
reply
I'm not a drug addict... But I hope I have the strength and courage to share my faults when the time comes.
Share this story
Delete
Next Page of Stories