The reason one uses a VPN is the privacy of one’s internet communications and activities. Choosing the wrong one could expose all of this to the VPN provider, and then to others who will pay for the info.
In addition, some are much faster than others.
Choose wisely grasshopper.
Currently, my personal preference is perfect-privacy.com. Located in Switzerland (government-supported extreme security), they don’t keep logs, allows all of your devices to be on VPN, and they use the latest VPN protocol IKEv2.
Q: SOMEONE IS TRYING TO HACK INTO MY ACCOUNT. I’M GETTING GOOGLE NOTIFICATIONS ALL DAY LONG. WHAT CAN I DO?
A: First, any password can be broken, garnered, or stolen. It’s just a matter how determined the criminal is and what resources are available to them.
US-CERT (one of the primary groups designated to figure this stuff out for the government) recommends a minimum 15 character password for administrative accounts, and a minimum of 8 for non-admin accounts.
Functionally, isn’t your data every bit as important to you as an admins is to them? This is why I recommend the minimum of 15 for everyone.
Next, implement Google two-factor authentication. This will block the criminal even if they gain your password.
At that point, let them try all they want, it’s not gonna happen.
Q: IS THERE ANY POSSIBILITY OF TRACKING TOR BROWSER?
A: Absolutely, and it is done by our own, and most likely other governments. There have been several high-level arrests made for both drug sales and child porn by tracking and identifying individuals through the tor network.
Can an individual do the same? Yes, if they have the resources to set up a large network of tor nodes.
Q: HOW DO YOU MAKE YOUR FACEBOOK PROFILE HACK-PROOF?
A: It’s really quite simple – and Facebook provides all of the tools to do so in under 30 minutes. Just log in to Facebook, and head on over to Log into Facebook | Facebook.
The most important issues are:
Strong password. US-CERT (one of the two Federal groups who is tasked with IT best practices) recommends a minimum of 15 characters. There really isn’t a need for complexity, such as using upper, lower, numbers, and special characters (although that does help). Length is the important factor.
Enable Two-Factor Authentication. In the event someone does find your password, this makes it impossible for them to log in without the code sent to your phone
The rest of the security settings are primarily about limiting what others can discover about you.
Q: WHY DO SOME VPN PROVIDERS REQUEST THAT YOU DISABLE THE FIREWALL TO USE VPN? HOW SAFE IS IT TO DISABLE THE FIREWALL WHILE ON VPN?
A: To be blunt, because they have either improperly developed their software, or there is some shady business going on.
Your Firewall is a first-line defense for cybersecurity. Do not turn it off. I’ve never worked with a quality VPN provider that required this. Currently, my personal favorite is perfect-privacy.com. This is because they allow all of your devices to be on VPN (not just a few), provide excellent step-by-step setup instructions, and they are among the few VPN providers that are using the most current standard – IKEv2. I find this to be superior to any of the other VPN protocols available.
Q: WHAT ARE THE POSSIBLE SECURITY RISKS WHEN IMPLEMENTING FILE SYNCHRONIZATION?
A: In addition to all of the security risks present for any mobile device, computer, and server, there are a few other issues to be watchful of:
All data must be encrypted during transfer.
All data must be encrypted at rest (in storage).
Devices at both points need to be secure from physical access.
Any computers and Mobile devices involved in the synchronization must have full disk encryption, quality antivirus which is kept up-to-date, users logging in with non-admin accounts, and application whitelisting to prevent malicious apps.
If you are looking at file synchronization with a cloud service, I’m fond of Google G-Suite for Business. They meet and exceed any security requirements, even for HIPAA and SEC, with a price-point that is highly competitive.
AOL announced today they are putting AOL Instant Messenger to rest on December 15, 2017. AOL IM had a great 20-year run. Although it started the genre, it never worked at keeping current with technology. Now that Verizon has acquired AOL/Yahoo, it is no longer seen as a viable product.
Which gives us a perfect opportunity to rethink our communications–be it instant messaging, voice, email, or video calling.
There are hundreds of communications tools available, each attempting to carve out their unique niche. As our communications often contain private or sensitive information, each of us should be aware of the security pros and cons of the communication option we are using.
In the case of almost all SMS, texting, or instant message apps, there is no privacy to the communication. Not only does the cellular provider see and record all messages, but the app developer may have access. And since there is poor or no encryption, criminals, government, business competitors, and the neighborhood cranks may all be listening.
There are a handful of apps that do provide necessary military-grade, point-to-point encryption. Our current favorite is Wire (https://www.wire.com). The Wire solution offers everything that I look for:
Point-to-point encryption (no cellular or internet provider in the middle)
Cross-platform (Android, iOS, macOS, Windows, and web browser)
Automatic self-destruction of messages
In addition, Wire also provides:
Encrypted voice calling
Encrypted video calling
No matter which instant messaging service you are currently using, I recommend trying Wire for the highest level of security and privacy for your communications.
For four years PPSEbooks have been the #1 best-selling, easiest, most comprehensive guides for high school and college cybersecurity courses, as well as DIY for home and business systems.
Written with the non-technical computer and mobile-device user in mind, but covering the detail needed by the IT professional, each book (Android, iOS, macOS, and Windows) takes the user by the hand with illustrated step-by-step instructions on how to secure every aspect of their device.
TPP stands behind every book with a 100% satisfaction guarantee!
Order your Live! edition now for 40% discount.
PPSE are available in paperback from all fine booksellers, kindle format from Amazon,
and Live! from TPP.
PRACTICAL PARANOIA MACOS 10.13 UPDATE: ENCRYPT FOLDERS AND FILES FOR CROSS-PLATFORM USE WITH ZIP
Practical Paranoia macOS 10.13 Security Essentials has just released an update to chapter 17 Documents. The updated section is Encrypt Folders and Files for Cross-Platform Use With Zip.
macOS and Mac OS X have long included the ability to compress, archive, and encrypt documents folders in zip format. macOS 10.13 has removed the ability to encrypt these items in AES 256. As AES 256 is the gold-standard of encryption, we can’t just sit by and do nothing!
The section has been updated, removing the command-line instructions to encrypt zip, replacing it with using a free, drag-and-drop utility called Keka. Keka provides the easiest (and did I mention free) way to encrypt your documents and folders to military-grade standards. And since zip is an industry standard, your encrypted items may be used on Android, iOS, Windows, and macOS.
Q: ARE ALL ICLOUD EMAIL ADDRESSES SAFE FOR IMPORTANT EMAILS?
A: Apple email sends and receives using encrypted protocols. However, you have no certainty if encryption is present from the point between Apple and the other person. Because of this, you cannot consider Apple email secure. The same is true for almost every other email service.
Therefore, with very few exceptions all email is insecure.
The solution is to encrypt your email end to end. There are several options to do this, the most common being: PGP/GPG, S/MIME, and now Virtru.
You could also use an email provider that is built from the ground up for security. One of the better is protonmail.com.
A: If you are asking if in my case is it searchable, yes it is. My LinkedIn account is business only. No personal info that wouldn’t be quickly found with an internet search.
If you are asking a general question, this is a preference setting within LinkedIn. You have the option to turn this off.
LinkedIn, Google, Facebook – all social media – exists for one reason, and one reason only. That is to monetize information about you. You are the product. These services typically know far more about you than your spouse or mother.
And each now offers ways to stop or at least limit the information that can be harvested. Within their preference settings, you may configure how your information is shared and accessed. In the case of internet searches, I strongly recommend using DuckDuckGo.com (which can be made the default search engine for most browsers).
iOS 11 has just been released. Are you and your company prepared to secure your device, data, network, and identity when it arrives on your iPhones and iPads?
Practical Paranoia iOS 11 Security Essentials is the go-to guide to fully securing the home and business mobile devices. Written for the non-technical user, while covering everything expected of the IT professional. We have eliminated all of the technobabble, and included easy, step-by-step illustrated guides for every area of security for your device.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.