Click the Play button below for the audio version of this posting.
On the Fourth of July, Americans celebrate independence, declaring we are no longer subject and subordinate to the monarch of Britain.
But today we are subject to greater tyranny through constant internet surveillance and breach of our online privacy. We are at the mercy of our government, Facebook, Google, cyber criminals, and other bad actors intent on knowing, seeing, and recording our every digital nanosecond.
Time for an updated Independence Day.
I’m Marc Mintz, Project Director for The Practical Paranoid (TPP).
TPP and I have worked to enlighten the public that it does not take an Apple Genius, Google Guru, or a Microsoft Engineer to secure your systems, data, and communications. Almost everything the government and big business do to ensure their cybersecurity and internet privacy can be done for you, by YOU, for less than what we spend on coffee. And in just a few hours.
Our Practical Paranoia Security Essentials books have been showing non-technical users how to do this for over eight years.
The number one comment we receive from buyers of Practical Paranoia Security Essentials books is how surprised they are at how fast and easy it was to secure their phone, text, email, browsing, and entire digital life.
The second most common comment from buyers is how intimidating Practical Paranoia books appear. Some buyers never jump into using a book after they purchase it.
With release of five new operating systems this year – Android 12, Chrome OS, iOS 15, macOS 12, and Windows 11 – we needed to remove the intimidation factor so that everyone could learn how to protect their data, communications, and privacy. And we did it.
Announcing five brand-new Practical Paranoia Security Essentials Online Workshops that cover all the new OS products.
Protecting your digital life is as important as locking your home and carrying a driver’s license.
There are three paths to cybersecurity and internet privacy:
You can pay a certified cybersecurity professional to do all the work that you will do in a TPP workshop. But pros cost $1,000-$4,000.
You can buy the Practical Paranoia book and DIY for only $64.95. But you would have done it already if it weren’t for that pesky intimidation factor.
Now you can do the work on your own–but with an industry leader guiding you in a workshop– the only workshop of its kind available anywhere at any price.
Think you don’t have the skills or background knowledge to do your own cybersecurity? We designed each workshop for the non-technical computer, tablet, and smartphone user. If you can tap, double-tap, and save a file, this course was made for you!
Each OS workshop consists of:
A series of 7 to 10 one-hour classes on Zoom
A copy of the latest best-selling TPP book, a $64.95 value
Our August beta workshops will be presented live by an industry expert who has taught technology courses internationally
Each class is recorded for students to access if they miss the live session
Easy hands-on assignments to harden your security and privacy to industry standards
AND Private Instructor Hours via Zoom to help you over any rough patches
The Practical Paranoia Security Essentials Online Workshops are only $275. And, it gets even better!
If you register for any of our first beta workshops in August 2021, your cost is only $125 for any workshop. Registration for beta workshops is limited and will close quickly.
Protecting you, your family, and your business cybersecurity and internet privacy is fast, easy, and inexpensive. You may even have fun doing it!
I just love it when with just a few mouse taps I can add a solid layer of security to all the devices under my roof. It’s just icing on the cake when it’s free!
All of the internet-connected devices under your roof need to communicate over the internet in order to function. This includes computers, tablets, smartphones, webcams, smartwatches, smart doorbells, smart thermostats, printers, and more.
With your computers, tablets, and smartphones, you can add a layer of protection against malware by installing quality antimalware software. But what about your printer, smartwatch, doorbell, thermostat… you get the picture. Each of these smart devices are open to a breach, and few offer any option to install or configure security.
The other possible problem is adult content. Should you be a parent that would prefer little Jane and Johnny to not have access to adult content, it can be a full-time job playing content cop.
All of your home and business devices must connect to the internet through your router. Inside of each router is a setting specifying which Domain Name Server (DNS) the router will use to learn where to direct this internet traffic. If a DNS server was knowledgeable about which web addresses held malware or adult content, the DNS could pass this info along to the router, blocking access to these sites.
Lucky you! There are DNS servers with this knowledge, and Cloudflare offers them at no charge.
The How To
If you would like to block known malicious and adult content sites from all of your home and business devices, you just have to change your router DNS settings. By default, most routers use your internet provider’s DNS servers. You will change this IP address to those of Cloudflare.
Every router has a unique interface. In the example below I’m using a CenturyLink Actiontec C3000A.
Log in to the modem. If you aren’t familiar with the process, call your internet provider for instructions.
From the menu bar, select Advanced Setup.
From the sidebar, select DHCP Settings.
In the main area of the page, scroll down to 5. Set the DNS servers allocated with DHCP requests.
From this area, select Custom Servers.
For malware only protection, set the Primary DNS to 22.214.171.124, and Secondary DNS to 126.96.36.199. For malware and adult content protection, set the Primary DNS to 188.8.131.52, and Secondary DNS to 184.108.40.206
Tap the Apply button.
Your modem may reboot. The protection will be in place immediately.
It’s Your Data… Protect It
Most people ignore their cybersecurity and internet privacy because they think it is too difficult or expensive. But what if it was fast, easy, and (almost) free? Our guides have been written by certified experts, with step-by-step illustrated instructions so that even a child can harden your security like a pro.
Visit https://thepracticalparanoid.com for the easiest, most comprehensive cybersecurity and internet privacy guides you can buy. Guaranteed!
Amazon Set to Share Your Internet With Neighbors – How to Opt-Out
Come this Tuesday, June 8, 2021, Amazon will launch the Amazon Sidewalk service. This service for Echo and Ring devices automatically opts-in to share your internet bandwidth with other Amazon devices in the neighborhood.
At first glance, this service is a great idea. Share a small slice of your internet bandwidth – 80Kb/s and a 500Mb monthly cap – with other Echo and Ring devices that have lost connection with their home wi-fi. For example, if your next door neighbors’ Ring doorbell loses connection with the home wi-fi, the Ring doorbell will automatically connect with the neighbor’s home wi-fi for uninterrupted service. Or if a dog wearing a Tile escapes from their yard, as long as the dog is within range of a network using Amazon Sidewalk, the Tile will accurately report the location of the dog.
Add on to this service that it is free to Echo and Ring customers (well, at least initially), and it is a great deal.
However, there are only a few big-tech companies that have proven to handle internet privacy responsibly, and Amazon is not one of them.
The Amazon Sidewalk white paper states that any sensitive data transmitted through Sidewalk is encrypted and that Amazon does not have a way to decrypt the packets. If that is true, they need to start hiring better engineers. Even if it is true, very serious hacks of secure systems is a daily news item.
Perhaps my biggest gripe is that the system is set to automatically opt-in. I’ll take this as tacit acknowledgement by Amazon the many/most of it’s customers would choose to opt-out instead.
What You Can Do – Opt-Out
If you have an eligible Echo or Ring device and do nothing, you are automatically part of the Amazon Sidewalk system.
If you prefer to not be a part of the Amazon Sidewalk system, follow these steps:
For Amazon Echo Device Owners
Open your Amazon Alexa App.
Select the More option in the bottom right corner of your screen.
As reported today, May 26, 2021 in the Record, a paper presented at the MADWeb workshop at the NDSS 2021 security conference, researchers from the CISPA Helmholtz Center for Information Security analyzed 186,434 Chrome browser extensions, finding 2,485 that disabled at least one security header used by the top 100 most popular websites.
Security headers are a server response to the browser request that allows site administrators to enable security features inside the browser or other client applications. the most common security headers include the ability to have a site work via an encrypted HTTPS connection, protecting users from cross-site scripting attacks, and that code running inside iframes can’t steal browser data.
What We Can Do About The Issue
Unfortunately, the list of culprit extensions is not included in the report, nor was any significant work performed on Firefox extensions. However, this serves as a solid reminder to keep browser extensions to the bare minimum.
Open your browser to the Extensions page.
Research each found extension.
If the extension is from a suspect developer or does not provide essential services to you, delete the extension.
Repeat for each browser in use.
The research paper titled First, Do No Harm: Studying the manipulation of security headers in browser extensions is available here.
Google announced today that Linux on Chromebooks is finally coming out of beta with the next release of Chrome OS (v91).
If you are a Chromebook user, this is GREAT news.
I’m a huge proponent of Chrome OS. Although not the best solution for some users, for many (most?) folk, it is an ideal solution.
Chrome OS offers:
on minimal hardware…
which significantly reduces the price of the machine.
In the event of catastrophic corruption, has the fastest and easiest system reset of any computer.
When the very simplified Chrome OS doesn’t offer what you need, you can install Android 11 compatible apps. And when the apps don’t offer what you need, you can jump right into Linux.
In many ways, using a Chromebook is like having the best of three worlds on just one inexpensive laptop.
Enable Linux on Chrome OS
If you are a Chrome OS user that hasn’t yet explored Linux, you don’t have to wait for the next OS update to use Linux. It is already on your machine just waiting to be released. The following are excerpts from the Practical Paranoia Chromebook Security Essentials book and workshop.
Assignment: Enable Full Linux
In this assignment, you enable the full version Linux on your Chrome device.
Prerequisite: A Chrome device that can run Linux.
Prerequisite: Fully updated Chrome OS.
Update Chrome OS
Go to Settings > About Chrome OS > Check for updates.
Install all available updates.
Enable Linux Support
Go to Settings > Developers > Turn On.
If you do not see Linux in Settings, your device is not compatible with Linux. It may be time to upgrade to a newer device.
In the Set-up Linux (Beta) on your Chromebook, select Next.
Enter a username, set the Disk size, then select It may take up to 30 minutes to install.
When a black window opens, you now have Linux installed! This black window is called the Terminal. It is where commands are typed/entered.
We need to verify all security keys used to install Linux updates are up to date.
In Terminal, enter the following. When done, tap the Enterkey. When your username reappears in the Terminal, the command has been completed:
In Terminal, enter the text below, followed by the Enter key. Try to commit this to memory. This is how you always update & upgrade Linux and associated software.
sudo apt update && sudo apt upgrade
Assignment: Give Linux Access to Downloads and Google Drive
By default, Linux is restricted to accessing only the files in the Linux folder. To make it more usable on your device, give it access to your Downloads folder and Google Drive.
Right-tap on Downloads > Share with Linux.
Right-tap on Google Drive > Share with Linux.
What Else Can You Do in Linux
As great as Chrome OS is, sometimes you just need a quality word processor or the desktop version of a web browser, perhaps the security and privacy of the Signal Messenger? All of this and much more are available through Linux on Chrome OS.
As one example, let’s install LibreOffice (a direct competitor to Microsoft Office, free, open-source).
Assignment: Install LibreOffice on Linux
LibreOffice is an open-source replacement for Microsoft Office. By installing it, you have a full-featured word processor application on your device.
Verify all upgrades and updates are applied to Linux. Enter the text below, followed by the Enter key:
sudo apt update && sudo apt upgrade
Verify all repository keys are current. Enter the text below, followed by Enter:
In Terminal, enter the text below, followed by Enter.
sudo apt install libreoffice -y
Explore Libre Office
When you install a Linux application, it is a full desktop app, running under the Linux operating system, not under the Chrome browser user interface.
Open Libre Office by going to Launcher > (you may need to expand the Launcher window) > Linux apps > Libre Office.
Set the default text format to MS Office .docx. In Libre Office, go to Tools > Options > Load/Save > General > Document type > Text document, then to Always save as > Word 2007-2019 (*.docx). When done, select
Set the default spreadsheet format to MS Office .xlsx. In Libre Office, go to Tools > Options > Load/Save > General > Document type > Spreadsheet, then to Always save as > Excel 2007-2019 (*.xlsx). When done, select OK.
Take a few minutes to explore the menu structure and interface of Libre Office. While not quite the same as Microsoft Word, most people feel at home after a few hours working in it.
Secure Your Chromebook, Communications, and Your Privacy
Take the next step to secure your digital life. Practical Paranoia Chromebook Security Essentials is the fastest, easiest, most comprehensive, and fun book and workshop available. We Guarantee it!
Practical Paranoia Security Essentials version 5.0.1 released
WAHOO!!! We have reached a new milestone with Practical Paranoia. All five books (Android 11, Chromebook, iOS 14, macOS 11, and Windows 10) have been updated to version 5.0.1. With this update, all books now have:
Synchronized chapters, sections, and assignments. This means if you want to lock down your security and privacy on both your Windows laptop and Android phone, and perhaps your mother’s Chromebook and iPhone, each chapter for each book will be identical with the exception of the specifics of the device being worked on.
Chapter timings have been added. For those taking the live or prerecorded Practical Paranoia workshops, you now know going in how long it will take to complete a chapter, and approximately how long the homework will take.
Synchronization is huge. To accomplish it, we started from scratch to rewrite each book. But the results are amazing. For someone wanting to learn about more than one platform, this literally cuts learning time by 50-75%.
This makes Practical Paranoia Security Essentials not only the easiest and most comprehensive cybersecurity and internet privacy guide available for a regular end-user, but it is now the fastest available.
Download the Look Inside preview of Practical Paranoia Security Essentials v5.0.1, and discover why this is the easiest, most comprehensive, fun, and fastest way to harden your cybersecurity and internet privacy.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.