by Marc Mintz | Oct 6, 2017
RIP AOL IM. TIME TO RETHINK COMMUNICATIONS
AOL announced today they are putting AOL Instant Messenger to rest on December 15, 2017. AOL IM had a great 20-year run. Although it started the genre, it never worked at keeping current with technology. Now that Verizon has acquired AOL/Yahoo, it is no longer seen as a viable product.
Which gives us a perfect opportunity to rethink our communications–be it instant messaging, voice, email, or video calling.
There are hundreds of communications tools available, each attempting to carve out their unique niche. As our communications often contain private or sensitive information, each of us should be aware of the security pros and cons of the communication option we are using.
In the case of almost all SMS, texting, or instant message apps, there is no privacy to the communication. Not only does the cellular provider see and record all messages, but the app developer may have access. And since there is poor or no encryption, criminals, government, business competitors, and the neighborhood cranks may all be listening.
There are a handful of apps that do provide necessary military-grade, point-to-point encryption. Our current favorite is Wire (https://www.wire.com). The Wire solution offers everything that I look for:
- Easy setup
- Military-grade encryption
- Point-to-point encryption (no cellular or internet provider in the middle)
- Cross-platform (Android, iOS, macOS, Windows, and web browser)
- Free
- Automatic self-destruction of messages
- Pull-back messages
- Group messages
In addition, Wire also provides:
- Encrypted voice calling
- Encrypted video calling
No matter which instant messaging service you are currently using, I recommend trying Wire for the highest level of security and privacy for your communications.
by Marc Mintz | Oct 5, 2017
THE PRACTICAL PARANOID CELEBRATES CYBER SECURITY AWARENESS MONTH
Our good friends at the Department of Homeland Security have declared October to be Cyber Security Awareness Month. In celebration of the festive occasion, TPP is offering 40% discount off all Practical Paranoia Security Essentials (PPSE) Live! book versions through October.
For four years PPSE books have been the #1 best-selling, easiest, most comprehensive guides for high school and college cybersecurity courses, as well as DIY for home and business systems.
Written with the non-technical computer and mobile-device user in mind, but covering the detail needed by the IT professional, each book (Android, iOS, macOS, and Windows) takes the user by the hand with illustrated step-by-step instructions on how to secure every aspect of their device.
TPP stands behind every book with a 100% satisfaction guarantee!
Order your Live! edition now for 40% discount.
PPSE are available in paperback from all fine booksellers,
kindle format from Amazon,
and Live! from TPP.
Practical Paranoia Security Essentials #1 Four Years Running
by Marc Mintz | Oct 5, 2017
Q: WHAT SHOULD I DO WITH MY HACKED GMAIL ACCOUNT?
A:
- Change your password to a strong password (minimum 15 characters).
- Do not use this password for anything else.
- Enable Google 2-Factor Authentication.
- Done.
All information that has been harvested from your account is water under the bridge. You may need to do some damage control, such as changing all of your passwords.
Original post: https://www.quora.com/What-should-I-do-with-my-hacked-Gmail-account/answer/Marc-Mintz-4
by Marc Mintz | Oct 1, 2017
PRACTICAL PARANOIA MACOS 10.13 UPDATE: ENCRYPT FOLDERS AND FILES FOR CROSS-PLATFORM USE WITH ZIP
Practical Paranoia macOS 10.13 Security Essentials has just released an update to chapter 17 Documents. The updated section is Encrypt Folders and Files for Cross-Platform Use With Zip.
macOS and Mac OS X have long included the ability to compress, archive, and encrypt documents folders in zip format. macOS 10.13 has removed the ability to encrypt these items in AES 256. As AES 256 is the gold-standard of encryption, we can’t just sit by and do nothing!
The section has been updated, removing the command-line instructions to encrypt zip, replacing it with using a free, drag-and-drop utility called Keka. Keka provides the easiest (and did I mention free) way to encrypt your documents and folders to military-grade standards. And since zip is an industry standard, your encrypted items may be used on Android, iOS, Windows, and macOS.
The updated chapter may be downloaded here.
Practical Paranoia macOS Security Essentials Quick Look
Purchase Practical Paranoia macOS Security Essentials Kindle, Paperback, and Live!
by Marc Mintz | Sep 28, 2017
Q: CAN ANYONE SPY ON MY PHONE BY KNOWING MY IP OR GMAIL?
A: Simple answer: No.
Original post: https://www.quora.com/Can-anyone-spy-on-my-phone-by-knowing-my-IP-or-my-Gmail/answer/Marc-Mintz-4
by Marc Mintz | Sep 28, 2017
Q: IS THERE A SIMPLE PROGRAM OR WEBSITE THAT WILL ALLOW ME TO COLLABORATE ENCRYPTED DOCUMENTS WITH OTHERS THAT ARE USING IPHONE OR ANDROID?
A: Sure. Google drive with google doc files. Encrypted in transit and at rest.
Original post: https://www.quora.com/Is-there-a-simple-program-or-website-that-will-allow-me-to-collaborate-encrypted-documents-with-others-that-are-using-iPhone-or-Android/answer/Marc-Mintz-4
by Marc Mintz | Sep 28, 2017
Q: ARE ALL ICLOUD EMAIL ADDRESSES SAFE FOR IMPORTANT EMAILS?
A: Apple email sends and receives using encrypted protocols. However, you have no certainty if encryption is present from the point between Apple and the other person. Because of this, you cannot consider Apple email secure. The same is true for almost every other email service.
Therefore, with very few exceptions all email is insecure.
The solution is to encrypt your email end to end. There are several options to do this, the most common being: PGP/GPG, S/MIME, and now Virtru.
You could also use an email provider that is built from the ground up for security. One of the better is protonmail.com.
Original post: https://www.quora.com/Are-all-iCloud-email-addresses-safe-for-important-emails/answer/Marc-Mintz-4
by Marc Mintz | Sep 28, 2017
Q: WHICH ARGUMENT CAN I GIVE SOMEONE WHO DOESN’T CARE IF MICROSOFT, THE NSA, OR WHOEVER, VIOLATES PRIVACY, BY SAYING “I DON’T HAVE ANYTHING TO HIDE”?
A: Ask them for their bank account credentials, and their email password. Then ask if you can have possession of their phone for a day/week/month.
They have nothing to hide, so why the concern for you to have this information.
It’s not about having nothing to hide. It’s about security and privacy.
Original post: https://www.quora.com/Which-argument-can-I-give-someone-who-doesn%E2%80%99t-care-if-Microsoft-the-NSA-or-whoever-violates-privacy-by-saying-%E2%80%9CI-don%E2%80%99t-have-anything-to-hide%E2%80%9D/answer/Marc-Mintz-4
by Marc Mintz | Sep 28, 2017
Q: CAN SOMEONE MAKE CALLS FROM MY IPHONE REMOTELY?
A: “Can” they do it? I’m sure it can be done. “Have” they (or anyone) done it to iPhone? I haven’t seen any documented instance.
It is far more likely that someone has spoofed your phone number – calling someone while making it look like the call came from your phone number. This is a trivial task to do.
Original post: https://www.quora.com/Can-someone-make-calls-from-my-iPhone-6-remotely/answer/Marc-Mintz-4
by Marc Mintz | Sep 28, 2017
Q: CAN THE FEDS ANONYMOUSLY MONITOR YOUR PROFILE WITHOUT FRIENDING YOU, EVEN IF IT’S A PRIVATE PROFILE AND BYPASS PRIVACY SETTINGS?
A. Absolutely. And they do. Not for everyone, but for anyone. Fully legal due to a number of laws passed by Congress after 911. They can even monitor most off-shore traffic.
by Marc Mintz | Sep 28, 2017
Q: IS YOUR EMAIL ADDRESS SEARCHABLE ON LINKEDIN?
A: If you are asking if in my case is it searchable, yes it is. My LinkedIn account is business only. No personal info that wouldn’t be quickly found with an internet search.
If you are asking a general question, this is a preference setting within LinkedIn. You have the option to turn this off.
LinkedIn, Google, Facebook – all social media – exists for one reason, and one reason only. That is to monetize information about you. You are the product. These services typically know far more about you than your spouse or mother.
And each now offers ways to stop or at least limit the information that can be harvested. Within their preference settings, you may configure how your information is shared and accessed. In the case of internet searches, I strongly recommend using DuckDuckGo.com (which can be made the default search engine for most browsers).
by Marc Mintz | Sep 28, 2017
Q: HOW CAN A CONSUMER PREVENT EQUIFAX FROM CAPTURING THEIR PERSONAL INFORMATION?
A. The simple answer is, you don’t. This is the nature of cybersecurity, advertising, and digital life.
What you can do is to ensure that your own house is in order. This includes:
- Validating your bank accounts, credit card statements, and other financials monthly.
- Checking your 3 major credit reports monthly.
- If there is anything incorrect, immediately submit correction paperwork.
- Freeze your credit.
- Ensure that your own computer storage and backup are strongly encrypted.
- Ensure you are using secure email.
- Ensure your home/business network is secure (this may take an IT security consultant to verify)
- Ensure your phone is secure.
- Use only strong passwords – a minimum of 15 characters, with a mix of uppercase, lowercase, numeric, and special characters. Complexity is not important – length is.
- Never share your passwords.
by Marc Mintz | Sep 28, 2017
Q: CAN SIMPLY CLICKING A WEBSITE GIVE YOU A VIRUS OR MALWARE?
Absolutely. I see it almost every day.
I recommend the following to help shield your system and yourself from malicious sites:
- Install only vital browser extensions. Beware of any extension.
- Install trafficlight from Bitdefender extension in your browsers
- Only log in to your computer with a non-admin account (Standard/Normal or Child/Parental Control account).
- Do not install Adobe flash or java.
- Use a different password for each site.
- All passwords should be “strong” (minimum 15 characters)
Original post: https://www.quora.com/Can-simply-clicking-a-website-give-you-a-virus-or-malware/answer/Marc-Mintz-4
by Marc Mintz | Sep 22, 2017
ARE YOU READY FOR IOS 11?
iOS 11 has just been released. Are you and your company prepared to secure your device, data, network, and identity when it arrives on your iPhones and iPads?
Practical Paranoia iOS 11 Security Essentials is the go-to guide to fully securing the home and business mobile devices. Written for the non-technical user, while covering everything expected of the IT professional. We have eliminated all of the technobabble, and included easy, step-by-step illustrated guides for every area of security for your device.
Available now in paperback, Kindle, and our new Live! Online editions.
Download QuickLook.
by Marc Mintz | Sep 21, 2017
ANDROID GO KEYBOARD APP FOUND SPYING ON 200M USERS
As reported in betanews September 21, 2017 https://betanews.com/2017/09/21/go-keyboard-spying-warning/ the very popular Android Go Keyboard app (200 million installations) is sending personal information about users to remote servers. Making matters potentially worse is that the app is using a technique to download dangerous executable code that is prohibited by Google. Oh, and did I mention this is a Chinese developer?
There are two versions of the app on Google Play–GO Keyboard, Swipe input, GIFS, and GO keyboard – Emoticon keyboard, Free Theme, GIF.
It is strongly recommended to uninstall both of these apps immediately.
by Marc Mintz | Sep 20, 2017
ARE YOU READY FOR HIGH SIERRA?
macOS 10.13 (High Sierra) release is just a few days away. Are you or your company prepared to secure your data and identity when it arrives on your Macs?
Practical Paranoia macOS 10.13 Security Essentials is the go-to guide to fully securing the home and business Macintosh computer. Written for the non-technical user, while covering everything expected of the IT professional. We have eliminated all of the technobabble, and included easy, step-by-step illustrated guides for every area of security for your computer.
Available now in paperback, Kindle, and our new Live! Online editions.
Download QuickLook.
by Marc Mintz | Sep 20, 2017
Q: If the attorney at my office reads (Outlook) emails, where is he reading them from, an archive? Will he have access to sent email if both parties permanently delete it right away?
A: The issue is a bit deeper than may initially appear.
Assuming this is company email, it has been determined by the US court system that it is the property of the company, not the employee. This means the company has full ownership over not only the mail system, but anything and everything that you may send/receive via this system. They also have the right, and in many cases, the responsibility, to audit how the system is being used. This includes reading both sent and received email and attachments.
This is not typically done by the company attorney, but someone in the IT department. Often the Chief Information and Security Officer or one of their assistants.
If the email system is implemented well, even when you have deleted an email, it is only deleted from your eyes. The administrator will have full access to any deleted email. This is a legal requirement in HIPAA covered entities (healthcare providers) and SEC covered businesses (financial organizations). This is not from an archive, but a security vault that is built into the email system.
As an aside, the same is true for everything you do and store on your computer.
It is a wise practice to only do business on business computers and network. I recommend to my clients that even employee personal phones not be allowed on the company network. This is a security precaution, as there is no way to know the integrity of the personal mobile device. If it has become compromised, it can easily harvest data from the company network, and transmit this data to the penetrator.
by Marc Mintz | Sep 20, 2017
Q: BECAUSE ALL OF OUR PERSONAL INFORMATION WAS ACCESSED IN THE EQUIFAX SECURITY BREACH, IS THERE ANY POINT TO BEING CAREFUL WITH YOUR PERSONAL INFORMATION?
A: When you leave your house, I assume you lock all of the doors, close all the windows. This is despite the fact that every day thousands of homes are broken into by throwing a rock through a window, picking a lock, knocking down the door, or driving a car through a wall.
Or how about when your body becomes ill. Do you simply throw up your hands and say well, death will come to me at some point, might as well give up now. Or, do you see your doctor and get treated?
Everything in life is a cat and mouse game. Don’t give up just because the chase is on. For some of us, this adds some interest or excitement to the game.
It is important to continue your security and privacy protection in all that you do. Both in the analog as well as the digital world.
by Marc Mintz | Sep 20, 2017
Q: HOW MANY SIMULTANEOUS USERS CAN A SINGLE ACCESS POINT SUPPORT?
A: This varies by device model.
Some low-end units can only support 10 concurrent connections. Mid-range consumer units around 50. Prosumer models such as the Asus RT-AC5300 can have a bit more than 200. Once you move up to professional model – such as Cisco – they can at least in theory support a few thousand.
by Marc Mintz | Sep 20, 2017
Q: WHICH OS WILL MAKE MY LAPTOP LAST LONGER?
A: I hope you will forgive that I am side-stepping your question, as I think it is the wrong question.
Computers are tools. The purpose of a tool is to extend or expand your reach, power, speed, capabilities, so that you can do things you could not otherwise do.
If your tool costs you $1,000, and makes you $1,000,000 in a year that you could not have otherwise realized, do you really care that the tool lived only a year and a day?
So, again, the question isn’t which OS will make your laptop last longer, a more appropriate question is which OS (and hardware) can make you last longer, jump higher, and run faster.
The answer to that question is different depending on your computing skills, resources, and what you are interested in accomplishing. In my own personal case, I’ve worked on everything from IBM 360 mainframes to macOS. I’ve made more money, gained greater industry recognition, and do more interesting things with macOS than with any other OS. But most of those I work with would say the same thing about Linux or Windows.
Original post: https://www.quora.com/Which-OS-Ubuntu-or-Win-10-will-make-my-laptop-last-longer/answer/Marc-Mintz-4
