Browsed by
Category: Privacy

Risk Analysis at the AT&T Store

Risk Analysis at the AT&T Store

Smartphone shopping. More fun than a root canal, isn’t it?

I needed a new phone to bring to my employer’s BYOD program. I decided not to use my personal phone number with that, so my existing device was not under consideration. Also our BYOD program puts the device I bring onto the AT&T network, and my existing account with Google Fi would have to be dropped. For a wide variety of reasons, including my ability to have text-message conversations from a browser on a laptop, I do not want this to happen.

So this shopping occasion and conversations with some folks about it made me think through the risk assessment involved when we buy a smartphone. We are getting ready to take an on-body surveillance device with us everywhere we go. We’re taking on quite a bit of risk to our privacy, at least. It’s smart to minimize it where we can and make sure that whatever’s left is worth the benefit.

My main criterion was to find a model that came with as little software as possible pre-installed – especially software that can’t be uninstalled without rooting or jailbreaking the phone. A rooted or jailbroken phone won’t be accepted into our BYOD program.

I am especially concerned that social media applications Facebook, Twitter, and Instagram, not be on the phone out of the box. Recent analyses have shown that the Facebook app on a phone is reporting data about the phone’s user back to Facebook regardless of whether it’s in use. Regardless of whether the phone’s owner has logged in or not! The phone itself is enough of a unique identifier to make logging into Facebook almost superfluous. As someone who has otherwise deleted Facebook, purchasing a new phone with a back channel to Facebook on it is simply not on my agenda.

I wish I could say it surprised me to find that every Android phone in the store had Facebook pre-installed, and not removable. This took all the Android phones out of contention. While I am well aware of the many ways to clean this garbage off a phone, I need to be sure I can keep this phone compatible with that BYOD program. This constrains what I can do to make an Android phone usable.

So that turned my attention to iPhones. Happily, none of them comes pre-installed with any social media applications. Unhappily, the current models cost $800 and up. This reminds me of the fact that while a 70 inch “smart TV” is $900, a 70 inch monitor is $4500. This is because the maker of the monitor is not planning on spying on you through the device and selling the data taken to all comers.

The story has a happy ending; the store had some “obsolete” iPhone 6s units on sale, and I escaped with a bill of less than $200 and a safer phone.

Ads Just Keep Getting Worse

Ads Just Keep Getting Worse

“Relevant” is the ad industry’s current excuse for all the spying, tracking and intruding on our lives that they are currently tormenting us with.

Good NYTimes article through here – click!

They “need” to suck down every aspect of our personal lives and habits and idle thoughts… so they can show us better sneaker ads. Sneaker ads that creepily show up the minute we register to run in a 5K. Or walk past a Foot Locker.

This is why I block all ads, everywhere on the Internet. I was reading the descriptions of what it’s like for people experiencing this kind of ad stalking and I have to admit: I can’t relate. I experience exactly none of it. And I’m glad.

When media websites grouse at me for running an ad-blocker, I mentally respond, well, make the ad experience less hideous. Make it less of a personal violation. Wipe out the malware. But these things, they will not do. Instead, they scold and threaten. So if a site still won’t allow me to proceed without white-listing it in my ad blocker, fine. I move on with life.

And oh yeah… if you think it’s not getting worse… the New York Times article linked above mentions ad-blocking as a possible course of action. Not too long ago, that was a glaring omission.

And the creepiest of all, the mother lode of creepy, is Facebook. #DeleteFacebook!

Anyway. Get uBlock Origin for all your PC browsers. Brave for mobile, and add Better Blocker for iOS. The mobile solutions aren’t as comprehensive as the PC, but they are the best I’ve found so far.



Not Beaches!  BReaches!

Ah yes, breaches.  Not really a much better movie, I’m afraid, yet we keep seeing it over and over.  Big splashy headlines touting eye-popping numbers, followed by unsolicited offers of credit monitoring from companies who are really, really hoping their arbitration clauses hold up.

They do seem to arrive in clusters, also.  The latest one-two punch is Marriott, then Quora.  Marriott managed to get hacked and then not detect it for four years, finally now disclosing that half a billion-with-a-B guest records were exposed.  Credit cards, passport info, all the good juicy stuff.

This revelation was followed-up last night by Quora revealing that “only” 100 million-with-an-M records were breached.  This email notification went out overnight and resulted in 150,000 people going, Dammit, my Quora account got hacked! and 99,850,000 people going, Wait… what?  I have a Quora account?

In any case, the odds are very good that you have been among the nine-or-ten digit totals of a few data breaches already.  Here are a few tips on how you can deal with this and get on with life

  1. Take the monitoring.  When they offer you credit monitoring free for a year or so, take it.  Can’t hurt.  Worth the price. But you probably won’t need it because of the other things you are going to do on this list, like…
  2. Freeze your credit.  Go to each of the major credit reporting agencies’ websites (EquifaxExperian, TransUnion) and follow their process for freezing your credit reports.  Yes, this will make impulsively opening new credit accounts more difficult.   Why do you say that like it’s a bad thing?
  3. Check your statements.  Look for any phony activity.  Your issuer will make good on anything you report as fraudulent on your credit cards if you report it promptly.  Don’t wait.  By the way: banks are not obligated the same way to make good on fraudulent activity on debit cards – even if you use them as a credit card at the point of sale.  So in general, don’t do that.  I only use my debit card in the bank’s ATMs.
  4. Check your credit report.  Like a lawyer, the credit report checking site you want is not on TV!  Ignore all the catchy jingles and flying pigs with smartphones, and go to the only non-scammy site out there:
  5. Manage your passwords.  We’ve talked about it in the past: how your passwords need to be different at every site you log into.  If they got your Quora password, let that be all they got.  For those of you who are not already using a password manager, the best advice I have is this:  START USING A PASSWORD MANAGER RFN.  There are things sites can do to make a password-file data breach lower impact;  hashing and salting are not just cooking techniques!  But not every site does the right things, and not every site does the things right.  And it only takes one failure to give everyone a bad day.  So you have to protect yourself, and using complex passwords that are unique per site is how you do that.  And the only way to keep those passwords all straight is with a password manager.
  6. Enable Two-Factor Everywhere.  Two-factor authentication is becoming widely popular since the vast majority of sites are now able to leverage things like Google Authenticator apps on users’ smartphones.  This means that dedicated hardware tokens are no longer required, and the barrier to users adopting it for their own logins are as low as they can be now.  Be sure you use this wherever it’s available: it means the difference between a password compromise being annoying vs. Game Over.

If you can get yourself to where you are doing these six things, Breaches can be another movie that you just make fun of.

Digital Assistants

Digital Assistants

AKA permanent spyware

You must assume: if they can hear you ever, they can hear you always.

Amazon is offering bedside units with cameras.  What could possibly go wrong?

In 1984, Orwell speculated the state would force us all to have in-home surveillance.  We did George one better and went out and bought our own voluntarily.  From Smart TVs to Alexa: I know of no way to consider these things safe to have in your home.  My advice is to throw them all in the giant disk-drive shredder.

April Fool?

April Fool?

It’s an established fact that any headline in the form of a yes/no question can safely be answered, “no.”  And so it is with today’s post, as you will see.

One of the things we humans have to watch out for is, who can use data we generate almost unconsciously.  We have to be careful about the data that flows from our fitness devices, smartphones, home gadgets and web browsers.  The web browser is a hotbed of information about you on many levels, but today we are going to focus on one of the most fundamental.  It’s something we can think of as the absolute rawest version of your browsing history: your DNS data.

DNS stands for Domain Name System.  Simply defined, DNS is the Internet utility that turns server names into numeric addresses the Internet can use to get your requests to the right place.  So to read this post you entered a request for “” and it was DNS who knew that means  Therefore your web browser’s request for this page was routed to that Internet address, and from there, this content was returned to you.  If you had to manually look up a similar address for every website you wished to visit, I am going to guess you would not use the web very much.  Or at all.  I would surely not.

Now you may have a browser function for “Private” or “Incognito” browsing.  So if you wanted to hide the fact that you read a certain website, you would invoke that function, then read your “taboo” site, then close it out.  You would trust (or maybe you verified) that once you close that session, no record of your forbidden activity is preserved.  And that might indeed be true – but only so far as the computer on which you did this browsing is concerned.  In order to get the content at all, your computer had to send in a DNS request for the site you wanted to read, which had to be interpreted and executed.  Which means your ISP had access to the request and can build from that a very intricate history of your browsing habit.

Not only that, but the ISP may decide to do more than watch.  (They are going to have to have the numeric addresses in any case, so the list of sites is not really the main issue here.)  But ISPs have been seen to use their built-in DNS to hijack some requests and outright deny others.  The so-called “Great Firewall of China” is in large part, a corrupt DNS.  ISPs in “free” countries have been observed injecting ads and altering web pages, especially those of competing services.  The current FCC, in the USA, is unlikely to provide any relief.

So the smart course of action is, in my opinion, to move away from the ISP-provided DNS.  And I have used a bunch.  OpenDNS was lovely until it was bought by Cisco and started shedding features and performance.  For a while, therefore, I have been using Google’s service.  Not bad, not great.  Google gets to spy on my web browsing habits — but they do that anyway, so I’m no worse off.

Then, yesterday, on April Fools’ Day (!), Cloudflare announced a new DNS service.  The address of their main server is  Four 1s, they said, so of course they simply had to announce it on 4/1.  They promise not to retain logs or any identifying information, so there is nothing to resell or exploit.  If they breach that promise, it will come out.  For now, the service is touted as “Privacy-First.”  And oh yeah, it’s very fast.  15 milliseconds is considered a pretty good response time for DNS.  The North American results I have seen for this have it returning responses in under 5ms.

So for now… my DNS setting is number 1! 1! 1! 1!

And no, it was not an April Fool.  The habit of tech companies to announce fake services they think will get a laugh… all it gets is an eye-roll.

Again, 10?

Again, 10?

Back in 2016, I swore off Windows completely and especially Windows 10.

One of the reasons was a “feature” called Telemetry, that basically amounts to “Windows 10 is 100% spyware.”  It was widely reported at the time, along with an elaborate hokey-pokey you could dance to disable most of it.  My choice was, “Aww, the heck with it” but many people chose to continue.

Now we have the “1709” or “Fall Creators” update before us, and guess what?  It’s time to reinvent that hokey-pokey!  Not only is all the Telemetry back on, but it’s harder than ever to disable.

Recommendations for software products are popping up to help you manage this, but if software products were put forth that disable features of a non-spyware operating system the way these things do, we’d probably consider them malware.

It seems that Microsoft has decided they can’t make decent money selling consumer operating systems, so they will go all Facebook and sell all your data instead.  If you have been wondering why Win10 was free – or nearly so – now you know why.  Only this is, if anything, worse than Facebook.  At least Facebook can only get to things you decide to upload to it.  Windows 10, if that’s your operating system, has… EVERY-DAMN-THING!

So – hey – here’s an idea.  If you want a free operating system, I have a deal for you!  Click on the cute penguin to get started.

Safer Social Media

Safer Social Media

click through for more privacy tips, via Gizmodo

We live in the age of social media, that’s for sure.  Facebook claims over 2 billion people as its users.  Twitter is how we first get breaking news, how we know it’s time to turn on CNN or MSNBC to see what happened when the earth moved in Iran, how the Executive Branch of the US government distracts the press and the people from its horrifying agenda.

To keep up with sorta friends from high school, third cousins, and D-list celebs, we give Internet companies startling amounts of information about ourselves and our activities.  Not using social media at all is an option, but not one many of us take.  I use Twitter 99.5% in read-only mode.  I use Facebook and LinkedIn not at all.  I use Google+ more actively.  Some of you reading this just went either, “uh, what’s Google+?” or, “I didn’t know anyone still used that!”

The reason I don’t use Facebook or LinkedIn comes down to the privacy nightmare that these social network products are.  As the saying goes, “If you’re not paying, you’re not a customer.  You’re the product.”  Consider that whatever benefit you get from the use of these sites, you pay for it with information about your life, your family, your friends.  Everything you post is analyzed in detail that would shock you.

So the least you can do is not to overdo the sharing.  Lock down what you place online so that only the audience you intend can enjoy it.  It means, in general, going into the Privacy and Security settings, and taking a lot of options that are not the default.  Because the products you’re using are guiding you to share and share and share some more.  The more you share, the more their shares appreciate.

Here is a roundup of fairly current articles that will guide you how to max out the privacy possible in all the major social media products

Like everything in information security, this is a trade-off.  How much you want to protect your privacy vs. how much you want to take advantage of the instant connections and the interest groups you can find in the virtual worlds of social media.  Not everyone will choose my complete abstention from “major” networks, and I don’t expect them to.

But one final word: To whatever extent you can live with it, please try not to use these products on your phones.  Yes, I know, the spur-of-the-moment selfie or that Hey, Internet! Look At My Food! moment when you’re out and about can be irresistible.  But every single social media corporation does much, much more than you visualize with the information you give it by letting it operate on your phone.  You location — at all times.  Your contacts.  Whatever your phone’s camera can see or its mic can hear.  Anytime.  Please, think about it.

What’s Missing?

What’s Missing?

What’s missing from this pretty-good article?  Give it a read, but the TL;DR is that a NY Times cyber-security writer tells us what she does to make herself safer online.

It includes everything I do, and a few things I don’t.  But there’s one crucial item missing.


It’s not hard to figure out why ad-blocking is left out of a NY Times online article.  But I will say that until the publications who pay for it exert some pressure on the ad networks to clean up their act, I will continue to block ads 100%.

If they refuse to let me visit, I will gladly go elsewhere.

I predict that the publications will never do this, because the cost of ad-borne malware is a complete externality to them.  They never feel the tiniest pinch.  They leave that to us.


Why I Block Ads. Everywhere.

Why I Block Ads. Everywhere.

Advertising supports a lot of the content you enjoy on the Internet.  The economics of it should be simple.  An advertiser pays a certain amount to get a commercial message in front of many readers or viewers.  Some percentage of those viewers make a purchase.  When enough revenue comes back to the advertiser, the ad is a good investment: returning more in margin to the business than it cost to produce and place.  In practice it’s a lot more complex than I state here, but the backbone of advertising remains just that simple.

This simple idea has recently started to create problems of the sort that show up in the Safer Computing inbox.  Advertisers realized that a digital advertising message can be a lot more than a picture with words or a short film to watch.  This means you can experience web pages with ads that are mini-games, ads that follow you around a page as you scroll, ads that follow you from page to page as you browse, and more.  

You may also be aware that ads make and store all sorts of inferences about you — inferences they gather from what goes on in your browser and on the rest of your computer.  These inferred personal profiles are scooped up by data brokers and packaged to be resold to other marketers.  That’s supposed to be done in enough volume to make each individual profile impossible to identify.  But recent research has shown that, with so many different data points being collected, working backward from a large “anonymized” data set to reliably identifying individuals is far easier than anyone suspected.  Yet, without enough different data points, the package is not attractive to marketers.  It will not find a buyer.

Another very disturbing trend in advertising is the enormous number of computer virus and Trojan infections that the ad networks now make possible.  Remember that the ads are more than just pictures or films, they have all kinds of sparkly interactive features.  They dance, they sing, they explore the bleeding of edge of being so annoying that you want to throw the computer out the window and go for a walk instead.  And how do they accomplish these things?  

Every one of those ads is a small program that you have half-consciously invited to run on your computer.  Your browser was instructed to bring these programs along with the content you wanted to see.  The intent of these programs appears to be delivery of a commercial message — but other functions are often hidden there.  Viruses delivered within web ads have infected hundreds of millions of computers around the world with everything from botnet spam clients to ransomware.  The websites that deliver these ads don’t often know what they are sending out; they simply allow ad networks to deliver whatever they like within broad guidelines and accept the payments for what is passed along.  The networks that aggregate and place these ads do not have the resources to check out all the ads they deliver, from what may be thousands of sources.  What’s worse, they don’t have the incentive.  With enough layers of middlemen, there’s nowhere for liability to land.

With all that to consider, I decided a while ago that I would block ads everywhere I could.  There are two counter-arguments to blocking ads I did consider.  One is, how will I support the websites whose content I am enjoying?  Simple: I actually become a paid member or supporter of any sites I read frequently enough.  Some sites I visit for the first time, say they won’t serve me content unless I disable my ad-blocker.  Fair enough, I say, and click away to find a similar item elsewhere.  

The other counter-argument is, how will I learn of cool new products or services I might want to try?  Since I was never one to find such things through ads, I consider this a small loss if any.  But the truth is, I check out new things that are any larger than tiny impulse buys at recommendation sites like Wirecutter, Sweet Home or Consumer Reports.  I prefer unbiased comparative reviews to advertising content, for decisions to purchase.

My current ad-blocker of choice is uBlock Origin by Raymond Hill.  It’s a very low-profile browser add-on for Firefox, Chrome or Opera. I say “current” because my choice has changed a few times recently.  Other ad-blocker providers have gradually been seduced by money and become ad networks in themselves, serving what they call “safe” or “white-listed” ads.  Their users have had varying levels of choice about this, from “a little” to “none.”  With uBlock Origin, so far so good.  If things change, I will add an updated recommendation in this space.

This article first appeared in The Empty Closet.

Death and Taxes

Death and Taxes

Death and Taxes. With enough lawyers you can avoid most of the taxes, but as sure as I am typing these words, and you are reading them, every one of us is going to die[*]. While we each have a will to cover our possessions and assets, how many of us include in that document what to do about digital assets? More to the point – if someone dies and leaves no will, the law is reasonably straightforward about what to with their possessions and finances. But our legal system has not yet really begun to address consistently what to do with the dear departed’s Facebook or Twitter accounts, their email, websites, and so on. These are digital assets but there’s not necessarily a physical item that corresponds to any of them. To make sure these are handled according to my wishes after I die, I have made a “data will.” Note: I am not a lawyer and this is not legal advice. If you want your “data will” to be enforceable as part of your actual, legal last will and testament, you must consult a lawyer.

What’s in a data will? This will differ in the details for everyone but I think these major sections are a good starting point. First and foremost, passwords. If you are using some kind of password management tool (as I suggest!), this will be easy. You will only need to tell your survivors where the password data resides, and what is the master password to gain access to it. If there’s no password manager wrangling all your individual passwords, you’ll have to list them all in this document, or an attachment. The password list or manager also provides a map of where you had an online presence and business or personal relationships, which will help in other ways.

If some of your online accounts have two-factor authentication such as an app on your phone that generates a 6-digit code when logging in from a new device, etc., make sure the document details where to find that, and how to use it. Also, include information on how to unlock your phone!

Email is still a fundamental service in the online world, especially when it’s the focal point for most sites’ password-reset processes. So make sure your document includes an abundance of information as to where your email is delivered, how to log into it, and pointers to the password manager entries for the email password (or the email password itself).

You may wish some of your online accounts and services to continue running. For example, you may host a family website, or use a backup service that includes your spouse’s or other family members’ data. Instructions as to what should be kept going vs. what can safely be shut down will be useful here. Also consider that any auto-pay arrangements, such as monthly or annual billing to a certain credit card or via PayPal, might not be obvious to your loved ones. Make these arrangements explicit in this document.

Finally, how to notify online friends & colleagues of your death. Many of us are members of virtual communities that might not have visibility to other more traditional ways our death would be communicated, such as local obituaries or even Facebook pages. If you are a member of professional mailing lists or other such niches of cyberspace, make sure your survivors will know how to send a notification to those communities. You may have been working on a joint project at the time of your death: it’s only polite to let the team know you won’t be at the next meeting.

Once you have completed this awesome document, you have two main things to worry about: How to make sure it has the desired effect once it’s needed, and how to keep it safe, meanwhile. I mentioned above that if you want it to be legally enforceable, then you need to consult with a lawyer as to how to make it part of, or an attachment to, your will. Be sure to confirm whether or not it will become part of the public record – if so, you will want to work with your lawyer to conceal the passwords and other sensitive information in your document.

As for the security of the document while you’re still alive, I refer back to the three most basic concepts of information security: Confidentiality, Integrity and Availability. All three of those apply here, with very high stakes. You need to be sure the document is not disclosed to anyone unauthorized, that it is not altered without your knowledge, and that your survivors can get to it after your death without serious obstacles. There are many ways to accomplish each of these three things, but what I will delve into a future post is document storage “in the Cloud”, and how that can address all three of these concerns.

this article originally appeared in the September 2016 edition of The Empty Closet.

[*] – except maybe Peter Thiel but really… who wants to be a vampire?