A quick post about security – The basics.

This is a picture of a lock with circuits to look all Look, security is annoying and hard. Unfortunately unless you plan on moving to a cabin in the woods you’re stuck with dealing with it and it’s not going away. Right now there’s stupid amounts of scams going about so I’m going to give very very basic advice and try not to confuse anyone because it is confusing sometimes even to IT professionals. Feel free to forward to family & friends.
General important point – PEOPLE LIE AND SOMETIMES PRETEND TO BE OTHER PEOPLE! I know this is shocking but it happens. Do not take people at face value just because their website looks right and professional or they sound important. I know you think no-one you know would do that but some people do. Crazy huh?
Internet stuff
  1. NEVER click on a link in email or text asking to change a password unless you’ve requested it. Scammers guess everyone has gmail or facebook (and many other things) and can send a pretty convincing façebook.com email with a fake link (you barely noticed that i didn’t type facebook above did you). If you need to change your password, go to the website manually and change your password that way.
  2. Related, if you can, enable two-factor authentication on things you care about. Don’t stop reading because it sounds technical! Two-factor authentication is just a fancy way of saying “If i’m trying to change a password get me to confirm this is from me a second way”. Mostly this means they send you a text as well. For Apple that means they may send you a code on a different device. It makes it a little harder for you but a LOT harder for scammers. Trust me, a hacked account is way worse than 1 minute extra time on password changes. There’s usually a setting in your account settings somewhere. (in facebook it’s under settings – security and login).
  3. Try and use different and complex passwords for different things. I know this one is tricky but if you sign up for facebook with the same email and password as “Joes dodgy special internet thingy” then you’re likely in trouble. There’s some good ways to remember different passwords and if you have a secret way to remember that’s fine. Personally I use a password manager so I don’t have to remember (1password is excellent but there’s others. Ask your tech friends).
  4. I MEAN IT!… use complex passwords and at least make sure the things you use every day and rely on are different from the rest. Also bank ones should definitely be different.
  5. I know this is old news but please don’t click on attachments in email unless you’re expecting them. If you’re not expecting a document/presentation/something else from someone DO NOT CLICK THE LINK till you’ve called them and checked it’s from them. And yes, this is also two factor authentication. 🙂
Non Internet
  1. If someone calls from anywhere (banks, whatever) and asks you to confirm your identity before continuing DO NOT GIVE THEM PERSONAL INFORMATION. Seriously, you’ve not confirmed their identity in any way. They just sound official. If your bank calls, ask what department they’re from and say you’ll call back from the main number then look up that number (don’t take the one they give you).
  2. I know this one sounds weird, but passcodes are NOT passwords. Passcodes are things bank people may know to ask you and are usually pretty simple. A password should be something complex and NOBODY should need to ask you them. Seriously, if an IT person is asking for a password then they’re dodgy. (Yes, nerds, there are exceptions. Shut up and go for the base level security here).
  3. Ask questions. One of the most common scams at the moment is “This is your bank calling – we have a problem with your account”. Ask “Which bank?”. Ask “What is my full name?”. Or better yett, just hang up and call your bank from the number on their website and say “I just got a call from someone claiming to be from your bank – can you redirect me to the person who called?” They have call records.
  4. Lock your phone! I know some of you never will… but if I find your phone in a taxi I can take control of pretty much all of your digital life nowadays including bank accounts, and where are they sending texts to confirm it’s you? At least an easy passcode or fingerprint. You can set the lock for a few minutes but make sure it does lock. Either that or go back to a dumb phone with no internet.
Last point – be skeptical. Someone contacting you does not imply trust, and don’t let them confuse you with technical terms. If you don’t understand ask someone else. This is the modern equivalent of snake oil salesmen in fancy suits and smart looking bottles. Don’t fall for it.
(note: IT peeps – Yes, Shut up. This is simplistic and there are many more ways to protect yourself. This is a basic starter pack. We can work on add ons later. Feel free to add comments below but be polite and offer suggestions)

Why I’ve not quit facebook

So I’ve been asked by many tech savvy friends why I haven’t quit facebook yet and it’s a fair question being that I actually hate facebook with a passion. Honestly, facebook has given me many, many reasons to quit from breach of privacy & trust, crappy user interface, selling my data to strangers, not showing me what I want to see, using political bias to help in influencing major world decisions, collecting stupid amounts of data on me to share with marketers, showing me things I DEFINITELY do not want to see, and basically injecting their intrusive tracking into nearly every part of my online life.

I should also point out that I strongly believe in putting my money where my mouth is so I feel very conflicted by not quitting after all the above.

To that point, it’s a fair question as to why I haven’t quit so allow me to list the reasons why I haven’t yet.

  • I have quite a number of friends & family who I rarely keep up with any other way in at least 10 different countries. I often only find out about their or their children’s antics through facebook.
  • Many of the above are not tech or social media savvy and despite it’s stupid amount of problems, facebook has done a good effort in making itself ubiquitous. Other options are there but not as good for those who don’t keep up.
  • It sadly has become a searchable database of people I need to contact so even if they’ve changed phones six times and switched companies, I can usually contact them through messenger. LinkedIn works on a profession level to some degree for that but the personal is still facebook despite the many valiant attempts by other companies.
  • On a related note, as a freelancer people like to see you have your finger on the pulse. While the pulse may be arrhythmic it’s still a pulse people like to see.
  • Lastly, and purely for personal reasons, there’s times I need to see if people are awake, not least of which includes my wife. Notifications of her activity are my first clue she’s awake in the morning. 🙂

Loosing all the above would not be the end of the world. I mean, I’ve done it before the internet. But at this point in my life the contact with family & friends, not to mention business relations is too important. My morals are heavily conflicted and actually that really troubles me, but losing touch with those I love troubles me more so until there’s a better option that’s widely accepted (which is the key point here) I’m still sticking with it.