Cyber security (part one)

Cyber security (part one)

There are three topics that I will be discussing over the coming weeks that are all related to cyber security. They are personal cyber security, cyber warfare, and cyber crime. Cybersecurity is all about protecting yourself from your device being used against you. It is not just updating antivirus software, and changing your password. It is also being aware that everything, and I mean EVERYTHING that you do online is being collected.

Passwords. Most people hardly ever change them and often we use the same one for multiple accounts. Cyber security experts like Z. Cliffe Schreuders advocate for lengthy passwords with numbers and characters, or even pneumonic type phrases. For example, “My absolute favourite comic book character is the Question” could be written as “M@fcbc1t?” The phrase takes the first letter of each word, and has a mix of letters, numbers, and symbols. This is one way to protect yourself from competent coders who use password crackers with multiple dictionaries uploaded to them. 

Sadly, the strongest password we need but hardly ever change is the one for emails. Once you have that password, you can change all the passwords for all the other accounts used, as websites helpfully send new login details to that account. Know where to look, and you can also buy the login details to other people’s email accounts if you lack the patience to crack it yourself. If you think your cell phone is safe, think again. There are a number of videos on Youtube explaining how to unlock an iPhone without the passcode. As to the legitimacy of the claims, I was unable to confirm it, as my own device is slightly younger than the Morse key.

Cracking iPhones was a huge story recently where Apple and the FBI faced off. Law enforcement sought the help of the tech giant to unlock the phone of a terror suspect. The Economist noted that there are potential intelligence benefits for the FBI as to the suspect’s motivations and contacts, however, if Apple complied then precedent would be set for potential misuse by ambitious lawyers and the government. In the end, the FBI found a way around the cryptography without Apple’s help, and so the eternal battle between the government and corporations over customer privacy continues. However, in this battle the average citizens have no ally.

Corporations have been known to use the mass data collected from websites to tailor their advertising. It is no coincidence that Facebook adverts display products similar to what you have previously viewed on other websites. And that is the material they have acknowledged they have access to. It is safe (and slightly paranoid) to assume that botnets seek out and copy all the material on your hard drive. But as Harold Finch has often commented on “Person of Interest”, governments do not need to spend countless hours on surveillance when all the information is displayed online voluntarily. To keep yourself protected, Schreuders recommends deleting cookies and using “In Private” browsing to maintain some level of personal cyber privacy, and to use browsers like TOR and search engines like DuckDuckGo. However, TOR was funded by the US military, and we all know how little they care about mass surveillance.  

If you want to change your password regularly, it is best not to use online password generators for obvious reasons. Maintaining different (and ever changing) passwords for your various accounts (email, social networks, cloud storage etc) is another way to protect yourself. To go further, covering the camera and microphones, disconnecting Bluetooth, and restricting which wifi networks you use are easy ways to maintain personal cyber security. These are simple measures to protect yourself, just like wearing a seatbelt when you are in a car. You might not be invulnerable, but some protection is better than none.  

TL;DR­—You should change passwords often and use a mix of characters and numbers. 

This article first appeared in Issue 15, 2016.
Posted 1:27pm Sunday 17th July 2016 by Anthony Marris.