4th Doctor: Scringe stone found in a dead man’s pocket? A lost mine? A phony map. Are people still falling for that old guff? I mean, are they?
1st Romana: You mean you didn’t believe his story?
4th Doctor: No.
1st Romana: But he had such an honest face.
4th Doctor: Romana, you can’t be a successful crook with a dishonest face, can you.
Doctor Who, The Ribos Operation part 1 1978
While I haven’t been doing tech now for several years, given the great hack of 2017 I think it’s one again time to give you several pretty basic rules on password security, that, if followed by John Podesta and the DNC, would likely have the media looking for a different conspiracy to blame Hillary Clinton’s defeat on.
Rule Number 1: If it has a computer in it and said computer connects wirelessly to any other, it’s hackable:
Your phone, your game system (and at the rate we’re going pretty soon your car and toaster) are all basically computers, accessing the net and being accessed. Any such systems need to be treated as such when it comes to keeping sensitive info or opening attachments or setting passwords.
Me I don’t connect my cell phone to the net, I don’t use it for email, hell I generally don’t keep it charged or on unless I’m traveling. I use it as a phone when I need a phone, that’s it.
Rule Number 2: If you live in the first world and have a credit or debit card you ARE worth hacking.
A lot of people figure because they’re just average folks without a lot of money hacking you isn’t worth someone’s time hacking or spamming you remember (per gallup figures) that the median per capita income in Nigeria is $493, That for a quarter of the nations of the world $100 represents the median monthly per capita income of a person.
If my temp warehouse job paying just over minimum wage with no bennies pays above the median annual household income of all but 23 countries in the world, higher than Spain, Italy, Portugal and nearly double the median annual household income of Russia is enough to draw the ladies from Cape Verde to work & make 13 times the per capita GDP of their nation, how much more tempting is just sitting at home and trying to make such money without traveling thousands of miles and learning a new language and culture.
And remember we’re talking median incomes meaning there are plenty of people who make less. If you are taken for a few hundred that might get you angry, but it’s more than most folks see in a month and if you can be taken for a few thousand for most such folks, they’ve hit the lottery.
Rule Number 3: Your passwords are only as secure as the least careful person who knows them
There are plenty of people who don’t bother to change default password or use something like their birthday or their phone number or address as a password, but even if your password is a Klingon phrase translated into Esperanto using a book cipher from an obscure 11th century Arab poet, if you give it out to Harold to check his email on your tablet it’s only as secure as Harold keeps it.
Rule Number 4: Your home and business network is only as secure as the least careful person on it
Even the most careful person slips up on occasion, think how often the least careful person does and remember any shared platform means your security is dependent on every other person on it.
Rule Number 5: Rule Number 4 about business networks applies to your bank, to Amazon, to your electric company and anyone else who stores your credit card info.
I would be Very careful about who you allow to keep a stored credit card on file and how many people you allow such info. if you think it’s a pain just remember the number of hours you have to work to earn that $100 , $1000 or $10000 again or the number of hours you have to spend on the phone to get a phony charge credited.
Rule Number 6: Attachments and links in unsolicited emails (even from friends) are your enemy.
This is also known as the “John Podesta Rule” If you have an attachment that claims to be from a bank or a friend or amazon or the electric company you don’t click on said links or open said attachments until you email them back (at the address you have stored) or call them (at the number online NOT the number provided in the email) to confirm it. And if you get an email from a friend and it consists only of a link make it a point to email your friend back and let them know they’ve been hacked.
Rule Number 7: NEVER EVER CLICK ON A “VERIFY ACCOUNT OR PASSWORD” LINK IN AN EMAIL AND ENTER YOUR ACCOUNT OR PASSWORD INFO
That is an old one but it still takes in plenty of people. the IRS, your bank, comcast, amazon et/all aren’t going to be sending you unsolicited emails like this. It’s one thing when you set up an account to get a “click here to verify” while doing so, it’s quite another to get one a week, a month or a year later. If you’re not comfortable simply deleting these emails call the company or organization in question, they would likely like to get info on these hacks.
Rule Number 8: Open wi-fi to the pubic is just that, open to the public
If you are using an open wi-fi network in a public don’t you dare be buying stuff online or entering your credit card info, particularly in a big city. That’s just asking for it.
Rule Number 9: Run the updates
It doesn’t matter if a software or OS maker has found and fixed a vulnerability in a piece of software if your system never updates to install the fix as those who fell for yesterday’s superhack discovered:
The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering.
Shortly after that disclosure, Microsoft announced that it had already issued software “patches” for those holes. But many companies and individuals haven’t installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn’t fix.
By Kaspersky Lab’s count, the malware struck at least 74 countries. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to the security firm.
Note again the vulnerability of older systems that patches weren’t made for
Rule Number 10: Apple devices are not immune
Amazingly there are still some people who think that if their device is made by Apple it can’t get a virus and are therefore safe, let me remind them: 1. Most attacks these days are on the software run on an operating system rather than an OS itself 2. If someone has your password they don’t need a virus. It’s a corollary to rules 4 & 5. Your system is only as secure as the least secure program you run on it.
Now it’s likely the big worldwide hack used tactics more advanced than any of this, furthermore none of these tips guarantee that you will never be hacked any more than locking your doors and windows guarantees your house will never be broken into but if you remember these steps and earn to recognize unsafe behavior then over time you will be more likely to spot a scam when it comes.
All of this is paid for by you. If you think this site and our writers are worthwhile goal consider subscribing and become (if you wish) a listed as a Friend of DaTechguy blog
Remember all subscribers get my weekly podcast emailed directly to you before it goes up anywhere else.
And of course if you want to give a one shot hit (and help pay DaWife’s medical bills) you can hit DaTipJar
If you are not in the position to kick in your funds we’ll always accept your prayers.