So much of our lives now occur on smart phones and computers
that if they were to be compromised a lot of personal details could be gathered
very quickly. The list below is not comprehensive but a starting point. I will
start with easiest and most important and go to most difficult and less
important.
Tip #1 Enable a
passcode on your smart phone.
If you are using a thumbprint, that is pretty good but
recent court cases show that the government can force you to open your phone
with your thumb / finger print however they cannot force you to give a
passcode. It has also been easier for hackers and other security researchers to
find a way past print readers than the passcode system.
Tip #2 Enable two
factor authentication on your e-mail.
Your e-mail can be a single point of weakness. Weak
passwords, leaving your e-mail signed into a computer, or accidentally revealing
your password by reusing it on a site that gets hacked can leave your e-mail
open to access. What’s the big deal? Well, your e-mail address is usually where
users send password reset requests at other websites. Your e-mail can also
provide a treasure trove of information from your previous correspondence and
save e-mail, such as where you shop, bank, work, relatives, friends, social
media accounts, and much more. Once in an attacker usually changes the password
to lock you out and proceeds to do as much work as possible before you can
alert the proper people. Two factor authentication only allows you or the
person who has access to your smart phone to have the the two keys: your
password and the one time computer generated code.
Tip #3 Use strong
passwords and a password manager.
Hacks on a multitude of websites illustrate just how many
weak passwords people use such as Password1234 or 123Abc. The best thing to do
is to use a phrase that has letters, numbers, symbols, and upper / lower case
such as !ts@lways5unny. There has been a debate about whether password managers
are completely safe because users are putting all their passwords in one place
and some have been hacked, but it is much safer than reusing passwords or using
weak passwords and the hacks on these password managers yielded unusable
information. I recommend LastPass it has so many great features (password
generator, secure notes, two factor, alerts you when a site you use has been
breached, security audit) and now it is free to use on both computers and
smartphones https://www.lastpass.com/
Tip #3 Use HTTPS
when visiting websites.
Websites with HTTPS are using a more secure web browsing protocol. You can easily make sure that you are using HTTPS when available by installing an extension HTTPS Everywhere for Chrome https://goo.gl/IDZ1I and Firefox https://goo.gl/DduiT4
Tip #4 Use a
secure messaging app that encrypts your messages.
Apps like Signal, WhatsApp, and Wickr provide end-to-end
encryption which means that only the people sending and receiving the message
can read a message because they have the computer generated keys to unlock the
code encasing the message. If you want links to these messaging apps, to see a
list of others, or to learn more visit: https://www.eff.org/secure-messaging-scorecard
Tip #5 Use
encrypted e-mail.
There are e-mail programs that allow you to use PGP
encryption to send and receive messages but users usually have to be pretty
tech savvy to do it on their own. Now there is an easy solution that works both
online and on your smartphone. ProtonMail was developed in Switzerland at CERN
and uses some of the industry best encryption and security. Easy to use and
free at: https://protonmail.com/
Tip #6 Turn on
full disk encryption or use an encrypted cloud service.
Both Windows https://goo.gl/khqIGi
and Mac https://goo.gl/AVYgQh have built in
full disk encryption that ensures that only the person with the password can
read / use files stored on your computer. If you are more of the cloud storage
type there is a very secure, very inexpensive solution with SpiderOak https://spideroak.com/solutions/spideroak-one
Tip #7 Sensitive
searches should not be done on Google.
I am a fan of Google but they collect a lot of data on their
users. If you are doing a search that you do not want to receive ads related to
or made a part of the profile that Google has about you use DuckDuckGo https://duckduckgo.com If you want to erase
your Google search history, check out this article https://goo.gl/DnwWnh
Tip #8 Incognito Mode
/ Private Browsing isn’t completely anonymous
Unfortunately there is a lot of information that can still
be gleaned from you even when browsing the Internet in this fashion. Use the
Tor browser or a Tor enabled app for your mobile device. This will allow you to
hide your IP address (where you are physically) and will delete any cookies /
cache after you end each browsing session. Learn more at https://www.torproject.org
Sources that helped:
EXTRA {in the news} :
Facebook has had a
hands-off approach letting fake news be handled the same as real facts. Some
feel that Facebook has a duty to protect its users from misleading information.
The articles below discuss these discuss the issue in far more depth and get
into some basic education about media literacy.
Probe reveals stunning
stats about fake election headlines on Facebook https://goo.gl/mM5ylg
From Hate Speech To
Fake News: The Content Crisis Facing Mark Zuckerberg https://goo.gl/KWVQEK
I write fake news that
gets shared on Facebook https://goo.gl/YgKUil
An Extremely Helpful
List of Fake and Misleading News Sites to Watch Out For https://goo.gl/InpdYL
Quiz: Can you spot the
fake stories? https://goo.gl/1jnYNd
In the war on fake
news, school librarians have a huge role to play https://goo.gl/2fcWdv
