Connect with us

Tech

Five Tech Commandments to a Safer Digital Life

Published

on


Tech is always changing, and so is the way we use it. That means we are always finding new ways to let our guard down for bad actors to snoop on our data.

Remember when you shared your address book with that trendy new app? Or when you posted photos on social networks? Those actions may all pose consequences that weaken security for ourselves and the people we care about.

Vijay Balasubramaniyan, the chief executive of Pindrop, a security firm that develops technology to detect fraudulent phone calls, said we should always remember that any piece of our identity we post online could eventually be used by fraudsters to hijack our online accounts.

“Your digital identity, which comprises all your pictures, videos and audio, is going to fundamentally allow hackers to create a complete persona of you that looks exactly like you, without you being in the picture,” he said.

So here are some of the most important guidelines — like strengthening passwords and minimizing the data shared by your phone camera — to keep you and your loved ones safe for the foreseeable future. I refer to these as the five tech commandments in the hope that you will remember them as if they were gospel.

Let’s talk about bad password hygiene. About 45 percent of Americans use weak passwords that are eight characters or fewer, according to a survey by Security.org, a research firm. (Fourteen percent used “Covid” in their passwords last year.) The majority of Americans also acknowledged reusing passwords across different sites.

This opens doors to many security issues. Weak passwords can be easily guessed by hijackers trying to gain access to your account. And if you use the same password for multiple sites, like your banking account, Target shopping account and Facebook, then all it takes is for one of those sites to be hacked to make all those accounts vulnerable.

For most people, the simplest solution is a password manager, software that helps automatically generate long, complex passwords for accounts. All the passwords are stored in a vault that is accessible with one master password. My favorite tool is 1Password, which costs $36 a year, but there are also free password managers like Bitwarden.

The other option is to jot down passwords on a piece of paper that is stored in a safe place. Just make sure the passwords are long and complex, with some letters, numbers and special characters.

No matter how strong you make a password, hackers can still get it if they breach a company’s servers containing your information. That’s why security experts recommend multifactor authentication, also known as two-step verification.

Here’s how two-factor authentication has generally worked: Say, for instance, you enter your user name and password for your online bank account. That’s Step 1. The bank then sends a text message to your phone with a temporary code that must be punched in before the site lets you log in. That’s Step 2. In this way, you prove your identity by having access to your phone and that code.

Most mainstream websites and apps, including Facebook and major banks, offer methods of two-step verification involving text messages or so-called authenticator apps that generate temporary codes. Just do a web search for the setup instructions.

If a company doesn’t offer multifactor authentication, you should probably find a different product, Mr. Balasubramaniyan said.

“If a vendor says, ‘All I’m doing is passwords,’ they’re not good enough,” he said.

Many of us rely on our smartphones for our everyday cameras. But our smartphones collect lots of data about us, and camera software can automatically make a note of our location when we snap a photo. This is more often a potential safety risk than a benefit.

Let’s start with the positives. When you allow your camera to tag your location, photo-management apps like Apple’s Photos and Google Photos can automatically sort pictures into albums based on location. That’s helpful when you go on vacation and want to remember where you were when you took a snapshot.

But when you aren’t traveling, having your location tagged on photos is not great. Let’s say you just connected with someone on a dating app and texted a photo of your dog. If you had the location feature turned on when you snapped the photo, that person could analyze the data to see where you live.

Just to be safe, make sure the photo location feature is off by default:

  • On iPhones, open the Settings app, select Privacy, then Location Services and, finally, Camera. Under “Allow Location Access,” choose “Never.”

  • On Androids, inside the Camera app tap the Settings icon that looks like a gear cog. Scroll to “tag locations” and switch the toggle to the off position.

You might choose to turn the location feature on temporarily to document your vacation, but remember to turn it off when your trip is over.

Jeremiah Grossman, the chief executive of Bit Discovery, said we should be judicious about the photos we take and send to others. Explicit photographs could eventually be exposed to the public.

“People break up, and people are jerks,” he said. “Even if that isn’t the case, you give some photos to someone and they get hacked, all of a sudden it’s out there.”

This is a lesson we have to learn again and again: It’s generally not a good idea to give away information about your friends when using websites and apps, especially with unknown brands.

When you share your address book with an app, for example, you are potentially providing the names, phone numbers, home addresses and email information of all your contacts to that company. When you share your address book with an app to invite others to join, you are giving away others’ information even if they choose not to accept the invite.

Typically, when you share your address book with an app, it’s for the purpose of finding other friends who are also using a service. But Clubhouse, the social networking app that became popular during the pandemic, was recently criticized over its aggressive collection of address books.

When signing up for Clubhouse, users could decline to share their address book. But even if they did so, others on the app who had uploaded their address books could see that those new users had joined the service. This wasn’t ideal for people trying to avoid contact with abusive exes or stalkers.

More than 10,000 users signed a petition complaining about the privacy flaw, according to a French data regulator, which said last week that it had opened an investigation into Clubhouse.

Clubhouse updated the app this month, addressing some of the privacy concerns. It did not immediately respond to a request for comment.

There are kinder ways than sharing your address book to find out whether your friends are using a new service — like asking them directly.

All security experts agreed on one rule of thumb: Trust no one.

When you receive an email from someone asking for your personal information, don’t click on any links and contact the sender to ask if the message is legitimate. Fraudsters can easily embed emails with malware and impersonate your bank, said Adam Kujawa, a director of the security firm Malwarebytes.

When in doubt, opt out of sharing data. Businesses and banks have experimented with fraud-detection technologies that listen to your voice to verify your identity. At some point, you may even interact with customer service representatives on video calls. The most sophisticated fraudsters could eventually use the media you post online to create a deepfake, or a computer-generated video or audio clip impersonating you, Mr. Balasubramaniyan said.

While this could sound alarmist because deepfakes are not an immediate concern, a healthy dose of skepticism will help us survive the future.

“Think about all the different ways in which you’re leaving biometric identity in your online world,” he said.



Source link

Continue Reading

Tech

How China’s Outrage Machine Kicked Up a Storm Over H&M

Published

on

By


Squirrel Video, a Weibo account dedicated to silly videos, shared the Communist Youth League’s original post on H&M with its 10 million followers. A gadget blogger in Chengdu with 1.4 million followers shared a clip showing a worker removing an H&M sign from a mall. A user in Beijing who posts about television stars highlighted entertainers who had ended their contracts with Adidas and other targeted brands.

“Today’s China is not one that just anyone can bully!” he wrote to his nearly seven million followers. “We do not ask for trouble, but we are not afraid of trouble either.”

A fashion influencer named Wei Ya held a live video event on Friday hawking products made with Xinjiang cotton. In her Weibo post announcing the event, she made sure to tag the Communist Youth League.

By Monday, news sites were circulating a rap video that combined the cotton issue with some popular recent lines of attack on Western powers: “How can a country where 500,000 have died of Covid-19 claim the high ground?”

One Weibo user posted a lushly animated video that he said he worked through the night to make. It shows white-hooded men pointing guns at Black cotton pickers and ends with a lynching.

“These are your foolish acts; we would never,” a caption reads.

Less than two hours after the user shared the video, it was reposted by Global Times, a party-controlled newspaper known for its nationalist tone.

Many web users who speak up during such campaigns are motivated by genuine patriotism, even if China’s government does pay some people to post party-line comments. Others, such as the traffic-hungry blog accounts derided in China as “marketing accounts,” are probably more pragmatic. They just want the clicks.



Source link

Continue Reading

Tech

NFTs Are Neither Miracles nor Scams

Published

on

By


Perhaps you find this confusing or silly. Push that aside for a minute.

Mostly, my beef about NFTs is how people, particularly those who live and breathe technology, talk about them and other emerging companies or concepts including the blockchain, the audio chatroom Clubhouse and ultra fast trains.

Almost immediately, people sort themselves into camps to declare that THIS WILL CHANGE THE WORLD or it’s TOTAL CODSWALLOP THAT WILL RUIN EVERYTHING. We would all benefit from more breath and less breathlessness.

In life, most things are neither glorious revolutions nor doom. And behind most novel ideas is often the possibility of something useful. The trouble is that hyperbole and greed often make it hard to sort the glimmers of promise from the horse manure. So let’s take a step back.

The purported big idea behind NFTs, as Kevin and Charlie Warzel, my colleague in Opinion, each explained this week, is to tackle a problem that the internet created. With sites like YouTube and TikTok, anyone now has the power to make music, a piece of writing, entertainment or another creative work and be noticed. But the internet has not really fulfilled the promise of enabling the masses to make a good living from what they love.

NFTs and the related concept of the blockchain hold the promise to, in part, give people ways to make their work more valuable by creating scarcity. There is promise in letting creators rely less on middlemen including social media companies, art dealers and streaming music companies.



Source link

Continue Reading

Tech

What We Got Wrong About Uber and Lyft

Published

on

By


What went wrong? Gregory D. Erhardt, who analyzes transportation modeling systems at the University of Kentucky, told me that the companies and some transportation experts misjudged how the ride services would be used.

The theory of on-demand rides was that they would be like carpooling. As people drove to work, they’d pick up an extra person or two along the way — and some money, too. But Uber and Lyft turned out to be more like taxis.

Uber and Lyft, as they expanded, focused on dense urban areas, where there were plenty of potential drivers and riders. But even there, drivers spend a large percentage of their working hours roaming around without fares and clogging the streets, Dr. Erhardt said. The combination of all of these factors was more miles driven in many large and midsize cities. (Dr. Erhardt and his colleagues are soon publishing additional research into the effects of ride-hail services in about 250 U.S. metropolitan areas.)

Dr. Erhardt and I talked over three lessons from this misjudgment. First, Uber and Lyft need to share their data so that cities can understand the services’ impact on the roads. Second, public officials need to steer transportation policy to encourage helpful behaviors and limit destructive ones. And third, new technology needs guardrails in place — and maybe those need to be established before its impact is obvious.

The first point is that Uber and Lyft, which tend to keep certain information such as where people travel and idling times secret, need to share information with cities and researchers. “Cities are pushing hard and have a strong case that we should be able to use this data for planning and research purposes,” Dr. Erhardt said.



Source link

Continue Reading

Trending