Disable Human Voice Recording Review in Alexa

Disable Human Voice Recording Review in Alexa

As reported in Venture Beat on August 3, 2019, Amazon has almost silently announced that Alexa users are now able to choose to block human reviewers from listening to their recordings. Although this human listening is intended to provide quality assurance that the AI is performing as instructed, it does introduce creepy Big Brother Is Always Listening into our lives.

In a statement provided to VentureBeat about the change, Amazon spokesperson said:

We take customer privacy seriously and continuously review our practices and procedures. For Alexa, we already offer customers the ability to opt-out of having their voice recordings used to help develop new Alexa features. The voice recordings from customers who use this opt-out are also excluded from our supervised learning workflows that involve manual review of an extremely small sample of Alexa requests. We’ll also be updating information we provide to customers to make our practices more clear.

To disable the ability for humans to hear your recordings taken by Alexa:

  1. Open the Amazon Alexa app.
  2. Tap Settings.
  3. Tap Alexa Privacy .
  4. Tap Manage How Your Data Improves Alexa.
  5. Disable all options
Q: Is it safe to use thumb drives with my work computer?

Q: Is it safe to use thumb drives with my work computer?

A: Let’s start with this: Federal cybersecurity guidelines are that any portable external storage (USB drive, thumb drive, flash drive, SD card, etc.) are not to be permitted. This is a mandate for government systems, government contractors, health care providers, and financial organizations. It should be a mandate within your organization.

There is a reason for this madness.

One of the common methods of infecting computers with malware or allowing a hacker to access a computer is through portable external storage devices. This can be done in dozens of ways. But just to name a few:

  • The storage device is compromised at the factory (this has happened numerous times).
  • The storage device is left on the ground by the criminal, knowing that around 1/3 of people will pick it up and try to see what is on it.
  • The storage device may have been attached to another computer, and that computer is compromised, and therefore infected the external storage device.
  • The storage device may hold an electrical charge or be wired to short out your system.

HOW TO WORK WITHOUT PORTABLE EXTERNAL STORAGE

  • Use cloud storage to share data – Google Drive, Dropbox, Box, etc. are excellent options.
  • Your IT department should have an air-gaped computer specifically just for dealing with portable external storage devices. They can take the device, plug it into this sacrificial computer and scan it for problems. If it passes, you may now use the device.

Not meaning to be a hard-ass about it, but really, truly, DO NOT HAVE A PORTABLE EXTERNAL STORAGE TOUCH YOUR COMPUTER (unless it has passed a security audit by your IT staff). Doing so places your computer and the integrity of your company data at high risk. And depending on your organization, may subject the organization to very hefty compliance violation fines.

Q: What is an encrypted chat client?

Q: What is an encrypted chat client?

A: Probably best to take this one bite at a time:

Encrypted: The process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.

Chat: A specific form of electronic communication. Originally containing only text, but in recent years has been upgraded to allow inclusion of images, video, and sound.

Client: The application used by the end-user of the computer or mobile device.

So, and encrypted chat client is an application that allows two or more people to share text and possibly images, sound, and video among themselves, and prevents others from access by way of encoding the communication.

Examples include Apple Messages, Wire, and Signal.

Stop Amazon From Listening

Stop Amazon From Listening

As reported yesterday, Amazon has thousands of staff listening to you through your Echo devices.

But there is a way to stop this listening:

  1. Open the Alexa app on your mobile device.
  2. Select the menu icon.
  3. Select Settings, found at the bottom of the submenu list.
  4. Select Alexa Account, found at the top.
  5. Select Alexa Privacy.
  6. Select Manage How Your Data Improves Alexa.
  7. Turn off Help Develop New Features.
  8. Turn off Use Messages to Improve Transcriptions.
  9. Exit out of Settings.

Alexa will no longer learn and improve from your responses, but your records will be safe from evesdropping.

Stop Amazon From Listening

Yes, They ARE Listening

As reported in Bloomberg <https://www.bloomberg.com/news/articles/2019-04-10/is-anyone-listening-to-you-on-alexa-a-global-team-reviews-audio>, Amazon has thousands of staff listening to what their devices hear. Based on the information provided by Amazon, it is clear that their devices are listening at times when the user hasn’t directed it to with an “Alexa” preface.

This has been the assumption within the IT security community ever since voice-response devices hit the market. I have long found the behavior of Apple’s Siri to be suspect. For example, I may provide Siri with a full paragraph of spoken content, and then watch as Siri enters text, removes some text, enters some more text, edits text, and then completes the paragraph. This is not the action of AI, but of a human translator.

In the case of Siri, it can be disabled on both iOS and macOS devices. It is different with Amazon Echo devices. Without voice response, they serve little purpose or value.

For me, personally, I’m leaving my Echo devices (8?!) unplugged until needed.

Q: Is it possible to eliminate the possibility that opening an email will result in a virus on my computer?

Q: Is it possible to eliminate the possibility that opening an email will result in a virus on my computer?

A: If you are talking about absolutes, no. However, you can dramatically reduce the chances of compromise when opening email:

  • Use an email provider that pre-scans your mail for malicious content. This is one reason I favor Google. All incoming email is scanned by over a dozen of the leading anti-malware software before it gets to you.
  • Install a quality anti-malware software, and keep it updated daily. I’m fond of Bitdefender GravityZone. It will automatically update hourly, and is consistently among the top 3 products in its category.
  • Enable application whitelisting. With this active, only applications you have approved can launch/execute/open. Since malware isn’t on your list, it simply cannot launch and cause problems.
Facebook pays teens to spy on them

Facebook pays teens to spy on them

As reported on TechCrunch January 29, 2019, it appears that as bad as we thought Facebook to be, it has the resources to be far worse.

Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms.

Facebook admitted to TechCrunch it was running the Research program to gather data on usage habits, and it has no plans to stop.

When Guardian Mobile Firewall’s security expert Will Strafach was asked to dig into the Facebook Research app, and he told us that “If Facebook makes full use of the level of access they are given by asking users to install the Certificate, they will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed.” It’s unclear exactly what data Facebook is concerned with, but it gets nearly limitless access to a user’s device once they install the app.

Read the original report for more information on all of the apps Facebook is using, and how it is in direct conflict with Apple’s developer rules.

More Junk Apps on Android

More Junk Apps on Android

As reported January 17, 2019 on ZDNET<https://www.zdnet.com/article/some-android-gps-apps-are-just-showing-ads-on-top-of-google-maps/>, 19 new Android apps have been found to be nothing more than junk getting in your way.

All of these apps do the same thing–add an advertising layer on top of Google Maps. At least one even has the gall to request payment to remove the ads in Google Maps–ads that wouldn’t exist except for that app itself!

If you have any of these apps installed on your Android device, remove them ASAP. The problem apps include:

Garage Sale! Ubiquiti UniFi Cloud Key

Garage Sale! Ubiquiti UniFi Cloud Key

Ubiquiti UniFi Cloud Key

New, in box (2 units), 1 floor display unit

UniFi® Controller Hybrid Cloud

  • Secure UniFi Hybrid Cloud Technology
  • Fully Integrated, Stand-Alone UniFi Controller Hardware
  • Remote, Private Cloud Access to the UniFi Controller
  • Manage Your Networks from a Single Control Plane
  • Intuitive and Robust Configuration, Control and Monitoring
  • Remote Firmware Upgrade
  • Users and Guests
  • Guest Portal/Hotspot Support

Full product description: https://store.ubnt.com/collections/wireless/products/unifi-cloud-key

List price: $99. Amazon price: $105. MintzIT price: $75 each (includes shipping).

Contact:

Marc Mintz

505.453.0479

Garage Sale! Ubiquiti UniFi AP AC Pro Wireless Access Point

Garage Sale! Ubiquiti UniFi AP AC Pro Wireless Access Point

Ubiquiti UniFi AP AC Pro Wireless Access Point

New, in box (2 units available)

The UniFi AC Pro AP features the latest Wi-Fi 802.11ac, 3×3 MIMO technology in a refined industrial design and is ideal for deployment of maximum‑performance wireless networks.

  • Manage Your Networks from a Single Control Plane
  • Intuitive and Robust Configuration, Control and Monitoring
  • Remote Firmware Upgrade
  • Users and Guests
  • Guest Portal/Hotspot Support

Full product description: https://store.ubnt.com/collections/wireless/products/unifi-ac-pro

List price: $149. Amazon price: $138. MintzIT price: $119 each.

Contact:
Marc Mintz
505.453.0479

Garage Sale! Ubiquiti UniFi Security Gateway Pro

Garage Sale! Ubiquiti UniFi Security Gateway Pro

Ubiquiti Unifi Security Gateway Pro

SN: 1801kfcecda036c89-4nqi9w

New, in box.

Enterprise Gateway Router with Gigabit Ethernet

  • Advanced Security, Monitoring, and Management
  • Sophisticated Routing Features
  • Integrates with UniFi® Controller Software
  • Manage Your Networks from a Single Control Plane
  • Intuitive and Robust Configuration, Control and Monitoring
  • Remote Firmware Upgrade
  • Users and Guests
  • Guest Portal/Hotspot Support

Full product description: https://store.ubnt.com/collections/routing-switching/products/unifi-security-gateway-pro

List Price: $344. Amazon Price: $321. MintIT Price: $289 (Includes shipping)

Garage Sale! Ubiquiti Unifi Switch 24 250W

Garage Sale! Ubiquiti Unifi Switch 24 250W

Ubiquiti Unifi Switch 24 250W

SN: 1752g788a20fa31ba-2n5und

Floor model, unboxed.

Managed PoE+ Gigabit Switches with SFP

Build and expand your network with Ubiquiti Networks® UniFi® Switch, part of the UniFi line of products. The UniFi Switch is a fully managed, PoE+ Gigabit switch, delivering robust performance and intelligent switching for growing networks.

List price: $399, Amazon price: $372. MintzIT Price; $350 (includes shipping).

Garage Sale! Ubiquiti Unifi Switch 16 150w

Lucky you, Santa left some IT goodies under our tree!

Ubiquiti UniFi Switch 16 150W
SN: 788A20FD84B9
New, in box.
The UniFi® Switch delivers robust performance over its 18 independent switching ports. Two SFP ports offer optical connectivity, and 16 Gigabit Ethernet ports offer 802.3af/at PoE+ or 24V passive PoE sharing a total of 150W PoE.

Full product description: https://store.ubnt.com/collections/routing-switching/products/unifi-switch-16-150w

List price: $299, Amazon price: $285. MintzIT price: $250 (includes shipping).

Contact:
Marc Mintz
505.453.0479
[email protected]

Q: Is getting on the unsecured WIFI connection at a library a really unsafe idea?

Q: Is getting on the unsecured WIFI connection at a library a really unsafe idea?

A: An insecure network is an insecure network – regardless of the physical or geographical location.

As to how unsafe it may be, depends on your definition.

The biggest issue is the good possibility that your network traffic is watched. This means that any username, password, or other sensitive information you enter may be viewable by some creep in or near the library.

If you are using your own computer, the workaround is to use a vpn service. This will securely encrypt all of your internet traffic while on a network – unsecured or secured. I’m fond of NordVPN.

If you are using the library’s computer, you won’t be able to install software, so VPN and tor are not available to you. The only alternative is to ensure that whenever you may need to enter sensitive information, the webpage is encrypted. This displays differently in different browsers, but you may either have a lock icon in the address field, or the URL will start with https, instead of http.

Q: How to make a strong password I can remember?

Q: How to make a strong password I can remember?

A: Sorry, that is simply not possible. The current US Government recommendation for strong passwords is a minimum of 15 characters. Our brains would have a tough time remembering just five such passwords, much less a different password for every website.

The easy solution is to use a password manager to automatically create, store, retrieve, and enter these monsters. I’m fond of LastPass. Super easy, automated, integrates with Android, iOS, macOS, Windows, all major browsers, encrypts passwords at the device, shares the password database among all of your devices, and with the for-fee version, you can share designated passwords with family or staff.

Q: What precautions can be taken to avoid being traced online?

Q: What precautions can be taken to avoid being traced online?

A: This is a topic that books are written about (several by yours truly). Much depends on how high a value target you are (if the NSA is interested in you, good luck), and what you need to use the internet for.

But here is a list to get started:

  • Use a quality VPN service that also includes tor within their system. I’m fond of NordVPN. As you can see from this screenshot, from the hundreds of available NordVPN servers, they have some that provide Onion services over VPN. This is the industry-standard “belt-and-suspenders” strategy to anonymize your web activities.
  • Use a secure email system. I’m fond of ProtonMail. ProtonMail uses PGP/GPG to military-grade encrypt all of your email. Even ProtonMail administrators cannot access your email.
  • Run an unmodified version of the Tails operating system. This can be installed on and run from a thumb drive from any Linux, macOS, or Windows computer. When using Tails, you effectively hide your digital fingerprint, so that your computer cannot be identified. It includes secure versions of web browser, instant messenger, and email software.
best selling IT security books
Get Your Bitdefender Upgrade

Get Your Bitdefender Upgrade

MintzIT has upgraded Bitdefender

With over 40 million malware waiting to harvest, corrupt, or encrypt your data, anti-malware software is an essential addition to the operating system of any and every operating system. The only anti-malware product we currently recommend is Bitdefender GravityZone for Business.

Starting January 1, 2019, computer users who have the MintzIT version of Bitdefender GravityZone installed will see some much anticipated changes. These can be seen when opening the application:

On-Access. This has always been active. This indicates your anti-malware (anti-virus, anti-trojan, anti-ransomware) is active and scanning every file that is opened.

Traffic Scan. This has been newly added this year. Traffic Scan examines all incoming and outgoing traffic for any malicious code. If it is found, it is blocked from taking any action.

Antiphishing. This has been newly added this year. This feature examines every website visited. It prevents users from inadvertently disclosing private or confidential information to online fraudsters. Instead of the phishing web page, a special warning page is displayed in the browser to inform the user that the requested web page is dangerous.

We have extended protection to other types of scams besides phishing. For example, websites representing fake companies, which do not directly request private information, but instead try to pose as legitimate businesses and make a profit by tricking people into doing business with them.

If you find that a legitimate website is being blocked by Bitdefender, please call our office 505.814.1413, and we can whitelist the site.

Get Bitdefender

If you don’t currently have Bitdefender protecting your computers, this is a great time to do so. MintzIT will install Bitdefender GravityZone for a yearly subscription of $36 per computer, plus $37.50 installation labor fee. Call 505.814.1413 x 1 and we will perform the installation while you call!

Q: How to make a strong password I can remember?

Q: How secure is personal information that we provide to hotels?

A: Not secure at all.

It is privy to the front desk staff, management, leadership – almost all in unencrypted format.

Unless you are staying at some shady facility, the law requires a drivers license or other ID in order to reserve a room. With your state-issued ID in hand, your information is monetized when sent to the hotel ownership (some other multinational Corp) for sales and marketing.

It is likely sold to other advertisers.

Not to mention that local, state, and federal law enforcement have free access to this information.

All. That. Said…

If one thinks they have to concern themself with security and privacy at the level of hotels, it’s time to wake up! They are several blocks back in the line of people and organizations sniffing through your data.

Q: What precautions can be taken to avoid being traced online?

Q: What are the reasons my school and work track everything I do on the Internet?

A: If someone came to you asking for $1000, the keys to your car, and your credit card, you would probably want to know what they were using them for. Not so different for your school and work.

When you are at school or work, you may be using their computers, software, hardware, network, or broadband. These are valuable resources that must be shared among all users.

Imagine if a few people decided to watch streaming 4K movies using these resources. These movies can take up to 15Mb/s bandwidth for each movie. If the school or work has a 50Mb/s Internet connection, 3 people streaming will choke out all other use.

There is a darker side to this issue as well. Schools and workplaces have a legal responsibility to ensure their resources are being used – for lack of better phrasing – for good, and not evil. If a student or employee is conducting illegal activities using the school or work resources, everyone gets caught up in the legal process.

Q: Is it possible to eliminate the possibility that opening an email will result in a virus on my computer?

Q: How often should I change my passwords?

A: According to NIST (one of the federal groups tasked with creating best practices for cybersecurity), there is no longer any recommendation on password aging. That doesn’t mean it’s not a bright idea to do so, just that there are no recommendations.

The recommendations for passwords are:

  • Use a different password for every site and service.
  • Use only strong passwords – defined as 15 characters or more.
  • Use 2-Factor Authentication whenever it is available.

I add the following recommendation:

I can hear that voice in the back of your head screaming A different password for every site, and a minimum of 15 characters? No way I can remember these!

Life is far too precious to waste any time remembering passwords. Instead, let technology do it for you with a Password Manager. I’m fond of https://www.lastpass.com. Let the Password Manager create your passwords, remember your passwords, and auto-enter your passwords.