Just the Basics

As promised in my last post, I want to start with some of the basics. While everyone’s needs for digital security will be different, there are some fundamental things that we all should do to ensure a certain level of security and privacy while online. Like I said before, the online world is an increasingly hostile space when it comes to our privacy, and we can no longer assume a minimum level of safety without taking some additional precautions. There was a time when very few people wore seat belts in the car. Now, most of us realize that we are much safer when taking a little extra precaution whenever we drive. Think of these tips as seat belts for your ride down the information superhighway.

  1. Install Virus (malware/spyware/adware) protection: There really is no excuse for not having virus software any more. Most people have access to some sort of malware protection for free, either from their Internet provider or a number of other options. For Windows users, Defender provides a basic level of protection and it’s included with the O/S. And for those non-Windows users out there (Linux and Mac), I say this; there is no such thing as a secure operating system. If it’s a computer, it can be compromised—and that includes mobile devices.
  2. Make offline backups: Even with malware protection in place, bad things can still happen. Aside from the usual computer failures, there are other more disturbing trends. Ransomware is a relatively new type of threat that can render your system unusable. Bad Guys literally hold your system hostage by encrypting all of your data forcing you to pay the ransom for the key to decode it. One way to combat this type of attack is to have multiple copies of your important data where you can easily recover it. However, don’t leave these backups attached to your system or depend solely on an “always connected” solution, as the Bad Guys can attack that too. USB thumb drives are cheap—get a few and use them to do your backups, then remove them and store them in a safe place. Cloud backup solutions are a good option too, but make sure you read tip #3 first!
  3. Use unique passwords for all sites: Yes, I know this is a pain, and I can guarantee that you have already heard this from someone other than me. That’s because password reuse has become one of the easiest ways for Bad Guys to hack your online accounts. It’s practically a given that at least one of your online accounts will be involved in a data breach at some point. Those breached IDs and passwords get passed around the Internet for fun and profit. If you use the same password for all your accounts, consider them all to be exposed. To more easily manage multiple passwords and keep them secure, you can use a Password Manager. I’ll cover these in an upcoming post, but for now, change your passwords, and if you have to, write them down.
  4. Install Ad Blockers: Yes, pop-up windows and ads on web pages are annoying, but that’s not what I’m talking about. In recent years, ads have also become malicious. Most major web sites don’t put ads on their pages directly. Instead, they outsource the ad space on their pages to a 3rd-party provider who ultimately supplies the code to display ads from paying retailers. Therein lies the problem. Since the web site owner doesn’t oversee the ads on their site directly, they have little control over the content. If that content gets compromised somewhere down the line, the site could unknowingly be distributing malware. And don’t think this only happens on the sketchy pages. It has happened recently to some very well-known sites.
  5. Enable automatic updates: The majority of attacks take advantage of well-known vulnerabilities in major software and operating systems.  In many cases, these vulnerabilities have already been fixed by the software’s creators. However, the attacks succeed because device owners failed to install those fixes in time. One way to ensure this doesn’t happen is to enable the automatic update features available in most of these applications.

Okay, I know that was a lot to absorb for the first post, so I’ll stop there for now. Tune in next time when we will start to go more in-depth to some important topics.

Thanks for reading, and Happy New Year!

Same Site…New Mission

When I first launched this blog in 2008, the world was a much different place. That may sound like an old cliché, but I stand by that statement. Think for a moment about where we were; Obama was poised to become POTUS for his first term, American Idol was in its seventh season, most of us failed to understand the true meaning of the term “sub-prime lending,” and the iPhone was only just beginning its global dominance of the mobile device market.

Fast-forward nearly nine years and technology has all but taken over. Our entire existence is digital, from shopping and banking, to navigation and entertainment, we manage every aspect of our day-to-day lives with technology. Thanks to the ubiquity of hand held devices, all manner of Internet connected gadgets (the “Internet of Things”), and the ability to connect from virtually anywhere, we have become completely dependent on technology for almost everything.

And this dependency comes with a price—our privacy.

As a Cybersecurity professional I know, arguably better than most, just how exposed we are while performing routine tasks in a world where an online presence has become not only commonplace, but a necessity. It is unfortunate, but most Internet-connected businesses are tracking our every online move, attempting to glean every last drop of our digital habits for their own gain. And, let’s not forget an ever growing number of evil-doers who would seek to profit by stealing our private information and selling it the highest bidder.

Furthermore, there are those in the government that would like to infringe on that privacy as well. Some would seek to limit our Constitutional right to free speech. Still others would have you believe that in order to fight terrorism, we should give up more of our own freedom—especially when it comes to technology, by allowing the government to limit encryption methods, or force tech companies to install “digital back-doors” that would allow easier spying by law enforcement.

Add to this the current political climate, where nation state hacking has become a very real and present danger, possibly even aided and abetted by the incoming administration. The same administration that would seek to limit freedom of the press, and curtail other forms of free speech in order to preserve the illusion of its political prowess.

The online world has become a hostile place, and it is likely to get worse before it gets better.

I found myself thinking about my old blog again, within this new context. What if I attempted to provide some timely and useful information that people may want and need to protect themselves in these increasingly unfriendly times? I began to feel compelled to share my own knowledge and experience to provide some helpful guidance and advice for others to use.

So, I’ve decided to start blogging again with a new purpose. I’ll be writing instructional posts aimed at providing the average (read: non-cyberprofessional) person with the tools and knowledge they need to stay safe, and maintain their privacy, in this increasingly hostile world. We’ll start with the basics; the things that everyone should do to protect themselves from everyday threats like malware and online tracking, using and managing strong passwords, or configuring two-factor authentication (2FA) for commonly used web sites. Then we will move on to more advanced things like sending and receiving encrypted communications, and anonymous browsing using the TOR network.

I’ll also be growing a list of relevant links in the blogroll for easy reference. Here you’ll find shortcuts to privacy information, detailed instructions for security tools, and other topics you may find helpful.

I hope you will find this information useful. Of course, whether you choose to implement the protections I propose is entirely your choice—as it should be. But, if you are worried about your decreasing privacy and feel like you have lost control of your digital life, my mission is to provide you with some tools to help you take back control.

End Of The World?

If you’re reading this, you have likely already noticed that the world has not ended. Were the Mayan’s wrong? Well, not exactly.

While it’s impossible to say with certainty that the world will not end on any given day, there is no reason to believe that this one is different from any other. As it turns out, the “prediction” gleaned from the Mayan Long Count calendar was vastly inaccurate and in fact a gross misinterpretation of the facts.

Imagine an archaeologist from 5,000 years in our future finding your 2012 Cutest Baby Animals! wall calendar and jumping to the conclusion that, since there are no more entries past December 31st, our civilization must have been predicting that the world was going to end. Of course, we know that the 2012 edition of our calendar is not our whole calendar – it is simply a one year chunk of it. We just start counting again at January 1st 2013 and go on our merry way. Happy New Year!

Well, the Mayan calendar works the same way. Check out these articles, here and here to see how the Mayan Long Count calendar actually works. It is actually quite sophisticated and has the ability to count into the millions of years and beyond, just like the Gregorian one that we use.

That said, there is still certain significance to today’s date, according to the Mayans. In fact, today marks the end of the 13th b’ak’tun. A b’ak’tun is a long period of time – approximately 144,000 days – and 13 of them was considered by the Mayans to be the “cycle of creation.” It was this terminology that led to the myth of a Mayan Armageddon. What happens when this cycle of creation is over? Does everything end? Well, in a word, no.

Consider that the Judeo-Christian mythology says God created Heaven and Earth in 6 days, and on the 7th He rested. This gives rise to our 7-day week with Sunday as the day of rest. So then, this “cycle of creation” is 7 days long. But does the world end every Sunday? Of course not, we just start over again on Monday and begin working our way to the next weekend.

The Mayan calendar is no different. Of course, there is much more significance placed on the date because the cycle is considerably longer. Thirteen b’ak’tuns is over 5,000 years, so it’s probably more akin to our millennium celebration of the year 2000. In fact, the Mayans would refer to it as a time of “rebirth” and worthy of celebration. But, tomorrow they will begin counting in the 14th B’ak’tun beginning a shiny new cycle of 13.

So welcome to 13.0.0.0.1, and Happy New B’ak’tun!

Rock & Roll Hall of Fame – Induction Ceremony 2012

Airdate: May 5, 2012 on HBO

I can remember not too long ago tuning into a Rock & Roll Hall of Fame induction and not knowing most of the acts that were being honored. I’m not quite sure what it says about me that the 2012 ceremony not only highlighted artists that I knew, but that are also some of my favorite acts of all time. I choose not to look at it like time is catching up with me, but instead, that the Hall of Fame is catching up to my musical tastes. Since the qualification for an artist to be nominated is that their first album be at least 25 years old, it is very likely that I am in denial. Nevertheless, I’ll thank you to keep your opinions on the matter to yourself and allow me to continue my delusion.

The honorees were:

  • Donovan
  • The Small Faces/Faces (two versions of the same band)
  • Guns N’ Roses
  • The Red Hot Chili Peppers
  • Beastie Boys
  • Freddie King
  • Laura Nyro
  • Don Kirshner (music publisher, promoter and producer)
  • Cosimo Matassa (producer, studio owner)
  • Tom Dowd (producer, engineer)
  • Glyn Johns (producer, engineer)
  • The Crickets
  • The Famous Flames
  • The Comets
  • The Blue Caps
  • The Miracles

As expected, much of the televised ceremony was spent honoring the big-name acts with celebrity introductions, acceptance speeches and performances, either by the artists themselves or as a tribute. I tuned in thinking I would only be interested in the performances by the acts I already loved, along with a couple of particular interest – namely the Green Day opening number and the Sara Bareilles tribute to Laura Nyro – but I soon found myself drawn in to the full drama of the evening.

I was amazed as I listened to John Mellencamp describe his early obsession with Donovan, at which point he held up his personal, original vinyl copy(!) of one of Donovan’s albums where you could see “Mellencamp” handwritten in black marker on the jacket – surely the mark of a teenager claiming ownership of a prized possession.

I was enthralled listening to the remaining two members of the Beastie Boys reminisce fondly of their teenage years in Brooklyn, myself knowing that the third Beastie (Adam Youch – MCA), who at the time of the ceremony was still battling cancer, had passed away only days before the event was televised.

I laughed when Stevie Van Zandt recalled the moment he and his band mates stared in disbelief at the cover of Rolling Stone magazine which confirmed that the lead singer of FacesRod Stewart – was white!

I laughed again hearing Chris Rock tell the story of the first time he and his friends saw the Red Hot Chili Peppers live. The only problem – they had intended to see Grandmaster Flash who was actually playing in a club a few blocks away. They had never heard of the Chili Peppers before that night.

Each presenter, one after another, paying tribute to the artists they loved, not as one celebrity honors another, but as fans; ordinary people idolizing the artists that motivated and inspired them, touching their lives in all different ways.

The performances were inspiring too. Freddie King and Donovon turned back the clock with a few of their original hits. Kid Rock and a host of hip-hop artists powered through a thundering Beastie Boys mash-up that rocked the house. Sara Bareilles performed a fantastic rendition of Laura Nyro’s Stony End evoking the full power of the Barbra Streisand version. Both Faces and Guns N’ Roses performed without their original lead singers (Rod Stewart was unable to attend, and Axl Rose – who knows?) but soldiered on with replacement vocalists.

There are certain singers whose vocal talents are so strong and so unique that they defy imitation. This is most evident when another vocalist attempts to do just that – imitate. It isn’t always obvious who such singers are until they are copied and the copy fails to stir the emotions as much as the original, but I can now say that Rod Stewart and Axl Rose are those kinds of singers. Their range and vocal power make it seem so effortless, but their substitutes illuminate their true talent. Don’t get me wrong, the performances were good and I still enjoyed them, but the originals are better.

Finally, the show concluded with a performance by the Chili Peppers. As the band took the stage, shirts off, it was hard to believe they have been making music for more than 30 years. They looked like they hadn’t aged a day as Flea and Anthony leapt all over the stage accompanied by all three of the drummers that had performed with them over their entire career. They stormed through full-tilt renditions of By The Way and Give It Away leaving everything on stage and showing why they are still one of the world’s top live bands.

When they finally invited the other inductees to join them on stage for a show-stopping rendition of Stevie Wonder’s Higher Ground, they brought the house down. Watching Flea attack his bass while jamming with Slash, Ron Wood, and Billie Joe Armstrong made for a fantastic ending to an amazing show.

Best and Worst of 2011

Well, it’s been a year since my last blog post, so I’ve got some catching up to do. And since this time of year seems to bring a lot of “best of” and “year in review” lists, I thought I would throw my hat in the ring and post a list of my own. It will give me a chance to review some of my favorite things from the past year, and at the same time bring this blog up-to-date (more or less).

So, without further ado, here’s the list, in no particular order:

Best

  • Adele: 21 – I was a fan of Adele’s first album, 19 for some time, but this album has brought her music to a new level of popularity and acclaim. Of course, her sophomore effort has gained such widespread appeal and radio airplay that the music is coming dangerously close to the saturation point. However, this well is deep, and just as one song approaches the danger zone of ubiquitous airplay, here comes another gem that was waiting in the wings for its chance to shine.
  • Sara Bareilles: Kaleidoscope Heart Tour – I caught this tour twice in 2011 and I was not disappointed. The venues are getting larger, so that tells me I’m not alone in my appreciation of Sara’s live performances. With Kaleidoscope Heart, she now has a second major studio album to provide material for her set list, but she still throws in the occasional song from Cee Lo Green or Mumford & Sons. But don’t just take my word for it. If you’re looking for further proof of the brilliance of her live performances, I highly recommend Live at the Fillmore (DVD/CD combo) – don’t judge until you’ve listened to her live version of (Sittin’ On) The Dock of the Bay.
  • The Walking Dead – I guess technically this belongs in a Best of 2010 list, but I’ve included it here for a couple of reasons: First, it’s awesome! (although I have heard complaints about season 2 being too “talky”); Second, I feel it is largely responsible for mainstreaming the horror genre into serialized television. I don’t know if American Horror Story would have had a chance without it, and for that, I am grateful.
  • American Horror Story – Speaking of which, if you aren’t watching AHS, you should be! I was unsure how well a pure haunted-house story would translate to a serialized weekly, but personally, I was hooked before it even aired the first episode. Those amazingly sparse and cryptic TV spots and print ads did a fantastic job of piquing interest in the show while revealing almost nothing of the plot line. I couldn’t wait to find out what it all meant, and it hasn’t let me down yet.
  • Crazy, Stupid, Love – I know when I first think of “surprise ending” I don’t immediately think romantic comedy. They don’t seem to go together, but the ending of this movie caught me totally off guard. I couldn’t believe that so much could go so wrong, so quickly as it did in this film’s climactic scene. It was truly unexpected – and hilarious.
  • Fringe: Season 4 – In my opinion, Season 4 of Fringe is a gift – considering last year at this time I was nearly convinced that the show would wither and die in its new Friday night time slot. I’ve never been happier to say I was wrong! Not only did it survive the midseason move to Friday, it was quickly picked up for at least one more season – and is continuing to tell an interesting and unique story.
  • Game of ThronesWhen I finally became an HBO subscriber in late 2011, this was at the top of my list and it was well worth the wait. If you are thinking about climbing on board with this show, be warned, it takes some dedication to get all of the families/characters straight. It’s worth doing some homework to get the full impact of all of the cheating and backstabbing that the story has to offer.

Worst

  • Anything by Coldplay: but especially Mylo Xyloto
  • Adele’s throat condition: causing her to cancel most of her U.S. tour.
  • The death of Amy Winehouse: The news probably came as a surprise to no one, but still managed to shock the world. The singer, known for her binges of substance abuse and tendency for nearly incomprehensible performances, was found dead in her home on July 23, 2011 at the age of 27, joining the likes of Jim Morrison, Jimi Hendrix, Janice Joplin and Kurt Cobain in the Forever 27 Club.
  • Netflix: I wouldn’t have thought it was possible, but Netflix managed to go from top-of-the-heap status to “why am I paying for this” in one fell swoop. It’s becoming harder for me to justify my monthly fee when I no longer get DVDs, and it seems like every movie I want to watch isn’t available for streaming. Furthermore, it’s only going to get worse if they can’t settle their disagreement with Starz in time for the contract renewal. Can you say “Hello, Hulu Plus?”

So, what do you think?  Agree?  Disagree?  Think I forgot something major?  Let me know in the comments section or on Facebook!

Is Fringe Doomed?!

For those of you that follow Fringe on Facebook, you probably know by now that it will be moving to Friday nights after the return from winter hiatus.  Of course, as Joss Whedon fans are painfully aware, Friday night is where good Sci-fi goes to die…especially on the Fox network.

That’s bad news for Fringe fans!  Yes, the show has been taking a beating in the ratings war, and Fox is surprisingly quick with the plug-pulling in recent years.  (Hard to believe that the X-Files once thrived here, and only after years of nurturing from the network through hard times and low ratings.)  After some initial struggles finding its rhythm during the first half of season one, Fringe has since found a comfortable groove with a strong plot and well crafted episodes, full of drama and suspense.  Not to mention a mind-bending theme of parallel universes that allows the actors to really show their range as they must play multiple versions of their characters from different sides.

S3E8 - Entrada

The most recent episode — Entrada — was one of the best so far as Olivia finally returns home, but at great cost to herself and others.  Meanwhile, the Fringe team in our world begins to discover the truth about Bolivia and her secret plans.  Bolivia does make it back to the other side, but since she doesn’t have Olivia’s unique Cortexiphan-enhanced abilities, her missing mass must be replaced to keep the balance.  Not a good thing if your name happens to be Broyles.

I thought Fringe was different.  I thought it  had a chance.   Who knows?  Maybe I’m wrong.  Believe me, nothing would make me happier in this case than to be proven wrong by the Fox network.  I won’t hold my breath.