Current tech-trends are leading us into more and more connectivity, “smart objects”, like the force, are surrounding us and binding us. Not only the obvious PC and phone, but your watch, TV, light bulbs, speakers and even your fridge is gathering information in order to provide you with a “better and more personalized” experience.
But are we joining a technology revolution which change our lives forever in a safe way? Who’s using our data? Where is it going? Should we worry about it? Are we heading blindfolded into a suicidal mission in a Northrop F-5E fighter jet?
Well, it depends.
Security is overrated, privacy doesn’t exist-A close friend.
I love every time my friend lectures me about how he is fine with “companies having my data in order to give me a better service.” His opinion, which is completely valid, lacks of some crucial information about how this game works.
First of all, security is not privacy. They are not the same thing. Yes, they are tightly intertwined with each other, but that doesn’t make them one. According to dictionary.com their definitions are:
Long story short, privacy is the freedom or ability to choose what information about you is public. And security is the measurements to keep everything you don’t want to be public, as private as private Ryan.
Google has my information!
Yes they do, location, activities, daily routes and times, contacts, etc. They do have a lot of information, not only Google, but every big company is tracking you. Facebook, Twitter, Amazon, Apple, etc.
Now, this is not inherently bad, at least when we’re not talking about Facebook (their policies are kinda weird), the companies use their free products to track you and later sell your data. Whoa! but not that way. They sell indirectly, they sell markets. If another company hires their ad system, companies like Google use the data of millions of users to guarantee that their product reaches the intended market. If you want to dig even more into this look for documentation about how Adsense & Adwords work.
So, is no one safe?
You might be. That information comes and goes encrypted directly from your devices toward the servers of the companies, which are virtually impossible to hack. So, while the company is doing honest work, there’s nothing to worry about.
And my privacy?
In the matter of companies, all of them have ways to opt-out from the data collecting, some as simple as two or three clicks. The real privacy, the thing you should be worrying about, is your digital presence and persona. Every post, tweet, picture & blog post; everything you post publicly on the web, either damages or constructs your image. By being literate on how to post intelligently and always working on building a better digital reputation, you’re in control of your privacy. I’ll be writing about this topic a lot in the next entries, stay tuned. Meanwhile you can read this.
And the hackers?
A raw definition of hacking could be: Exposing, faking or destroying information that is not supposed to be public. There are a lot of different reasons why a hacker might want to get your data, from just for fun, to destroying your company, or politics. They use flaws in our security to kill every last corner of our privacy.
See? Intertwined, but not the same thing. And yes this is a real threat, for every internet user, specially the non tech-savvy. It’s very important to clarify that a hacker’s target, most of the time, is the human user.
The most flawed part of a computing system, is the user.
What do hackers do?
That’s a whole other topic, I’ll be posting at this blog about different threats to security, but examples of this are:
- DNS and direct link Spoofing
- Physical access hacks (like the rubber ducky)
- Social Engineering
- In-network sniffing
- Key loggers
- System backdoors
- Identity Thief
What can they expose?
Many people believe that they’re not relevant, important or famous enough to be targeted. Sorry to break the illusion, but we’re all potential targets. Of course famous people (or their relatives) are top targets, but that doesn’t guarantee us anything. Here is some of your most relevant data:
- Identity and passwords
- Bank accounts
- Personal pictures
- Company Information
- Relationship status
- Compromising chats, videos or pictures.like what they’re doing to
I [don’t] like what they’re doing to me
No one does. Fortunately there are tons of ways you can protect yourself. Again, I’m gonna be posting in this blog specific ways to defend yourself from certain attacks. But for now here are some nice things you might want to start with:
- Get a password manager (such as lastpass), this will guarantee your credentials online are safe.
- Encrypt your disks. This will protect your data even if you lose them physically.
- Add two-step verification. Some sites like google, allow you to add a second verification, usually displayed as a token in a different device.
- Lock your devices! Really. Windows+L is your best friend.
- BACK-UP! You’ll be surprised how much people trust only their laptop drive.
- Don’t lend your devices to anyone. Trust no one.
- DON’T EVER, EVER, EVER, EVER, EVER, EVER USE A PUBLIC FREE WiFi NETWORK. SERIOUSLY.
- Try to keep every Internet of things (IoT) product in a different network. We’ll talk a lot about this later.
After this steps you’ll be much safer.
So, as you may see, things are not as straight-forward as we think. System flaws and security threats are being discovered everyday, so, in the matter of cybernetic security, keeping yourself updated is the best defense you can have. I’ll be posting a lot of this security basics in the following months (hopefully more than that) so keep reading, comment, and feel free to ask me in the blog or at my twitter.