Resources for Data Privacy Day


I hope that you have it circled or appearing in red on your calendar.

From the Wikipedia:

The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices

Wikipedia contributors, “Data Privacy Day,” Wikipedia, The Free Encyclopedia, https://en.wikipedia.org/w/index.php?title=Data_Privacy_Day&oldid=993515499 (accessed January 27, 2021).

It’s something that should be part of everyone’s daily routine.

Never have we been so aware of the need for privacy and security. We also have better tools than ever to help the cause.

If you do a simple search for “Data Privacy Day”, you’ll find that there are all kinds of resources. It could be more daunting than actually the problem at times, it seems.

I poked around and found three really good resources and have highlighted a sub-link at each site to help the cause.

Be safe out there.

Password awareness


Wow, my selections on topics about Google was on fire this morning with stories about the new extension designed to keep your access to accounts safe.

Password Checkup is an extension for Google Chrome designed to:

Wherever you sign-in, if you enter a username and password that is no longer safe due to appearing in a data breach known to Google, you’ll receive an alert. Please reset your password. If you use the same username and password for any other accounts, please reset your password there as well.

Like many people, I have supposedly had my credentials taken in a breach somewhere along the line. This, determined from this website.

It was a wakeup call to me that all these warnings about not using the same password all the time actually made sense. I’m now far more cautious and use very unique passwords everywhere along with two factor authentication wherever possible. I’ve switched to a password manager on my computer to make difficult and unique passwords possible. I’m still not necessarily feeling 100% secure and, until something that comes along to make things more secure, will probably never feel that way. I don’t think it’s necessarily a bad idea either.

I do a spring cleaning periodically and close down accounts that I created at the spur of the moment and then kind of forgot about them. Having had an employer who had a payroll data breach makes the possibilities of problems very real. I think I’ve become a better user as a result.

The irony of using a plugin and browser from a company that relies on personal information isn’t lost on me either.

When was the last time you did a personal security checkup? Would you use a utility like this one? According to the extension site, 568 people are currently using it. Will you be 569?

Good Passwords


Check out the following page.

http://www.cbsnews.com/8301-205_162-57539366/the-25-most-common-passwords-of-2012/

This will take you to the 25 most commonly used online passwords in 2012.  Are you using any of them?  Hmm?

@bgrasley and I still marvel that “monkey” is still on the list!  I do know some people who have used those in the past.  It’s always a piece of good advice to tell them to change it to something more difficult to guess.

Why is it important?  Well, your password is the only thing that keeps hackers from your accounts, and ultimately your privacy and your money.  Biometrics may be on the horizon but we’re not there yet.  A person who guesses your password is, in effect, you online and is able to do things that you can.  Knowing how to protect an account is an important skill that all students should acquire.  I’d start by taking a list of popular ones and realize the damage that can be done.  I just noticed recently a well known individual from MIT end up being hacked on Facebook.  In this case, the hacker posted some information about a weight loss program.  Not good.  Having that password allows you to do all sorts of things.  Consider the following…

Name of the hacked person is hidden to protect them and the actual URL which is probably the destination for some phish website has been over written with red to hide it.

Intel has a great utility website to give you an idea as to just how strong your password is.  It’s located at:

http://www.intel.com/content/www/us/en/security/passwordwin.html

and it’s worth spending some time at.  Note the warning that your password doesn’t actually leave your computer but it’s a good idea not to use any real password anyway.  Maybe something close would give you a good enough idea of how good your password is.  So, how good is “monkey”?

Not good!  That advice is good for anything that’s found in a dictionary.

The nice thing to pass along to students is the information that Intel provides under the results.  It’s a really good summary of some of the ways to make your password difficult to guess.

The website is well worth the bookmark and a great idea to have students test potential passwords whenever new accounts are created.  Surely, you’re not about to use the same password on every site, are you?  are they?

So, how do you generate a good password?  Well, one way is to use this website.

http://strongpasswordgenerator.com/

(I’d add a character or two to the suggestions that it generates just to be sure…)

I generated one.

How good is it?

I think I’d be a great deal more comfortable with that security.  You just then need to find some way to remember it!  Contemporary browsers have the ability to remember passwords.  (Just make sure that you have a secondary control over the passwords in case someone sits down at your computer!)  Or, addons like LastPass do a terrific job.

Just don’t write your passwords down on paper!

 

Determining What Calls Home


I’ve done some thinking about computer security and privacy over the past while.  It’s been precipitated by conversations with Gust Mees.  It’s good thinking.

We’re all in the same boat.  Just think of the number of times you’ve clicked the checkbox beside this.

  • My team of lawyers and I have read and studied your terms and conditions and we’re cool with agreeing to your rules and the fact that you’ll be accessing some of my private information on this device.  

I know that you’ve done it because you’re using a computer with an operating system and a web browser so you’ve already done the above twice.  (Unless, of course, you’re using someone else’s computer and they’ve already given permission on your behalf.)

This morning’s reading led me to a free application called “Permissions Explorer“.  Of course, my lawyers and I looked through the individual applications as they were being installed but once installed, they’ve got a little out of mind.

I installed it this morning and liked its legal terms –

“/* No permission required to use this app, no ads. Does only what you want it to do */”

So, I decided to put it through its paces.  I was quite impressed with its completeness.

Upon first launch, a menu indicates just what areas of privacy/security it will investigate.

2013-02-02 14.29.37

Ever curious, I decided to work my way through them.  For example, what 61 applications do I have that have access to my contacts?

2013-02-02 14.30.03

As I looked through them, I can see why.  After all, FirstClass and Gmail are the two email systems that I use on a daily basis.  It only makes sense that they have access to my contacts.  It was through exploring the rest of the applications that I became intrigued and really immersed in the exercise.

The next step is to ascertain what resources the applications have permission to use.

2013-02-02 14.40.29

Interesting!  I’ve got 66 ways to vibrate this device.

Look at the number that have access to the internet.  They will all have their purpose – Internet browsers, of course.  Email clients, for sure.  FourSquare?  That’s how you’ll know that I’m walking the dog at the Navy Yard.  It’s interesting to go through the list and  wonder about some of the less obvious ones.

There were a few surprises in the exercise but, for the most part, the results made a great deal of sense.  I’d really like to lay my hands on similar applications for all the major devices.

In the classroom, I think that they could be used very successfully to generate an awareness and a discussion about how students are connected and just what that means.

It would even be an enlightening exercise to generate a report and then look at all the applications that are on school or home provided computers and classify them as “necessary”, “unnecessary”, or “I wonder why”.

It might even generate more interest in looking at the legal terms and conditions the next time you install an application or sign up for a web service.

Learn Computer Security in a Week!


That’s the claim from Gust Mees who has devoted a great deal of effort putting together an online course for those desiring to know more about what they can do to keep their computer safe and their online browsing experiences happy.

On his blog, Gust has put together a week’s worth of activities that will take you to the secure side of computing.  Each day has a number of activities pointing you to some of the best of the web in terms of security.  If your computer is not sporting best of breed software, then you need to take a run through his activities.

Gust has selected great Windows and Macintosh software titles as part of is course.  Even if you’re using another product, it’s worth the time to check out the opposition; the more you read and understand about computer security, the better off you’ll be.

Gust is also a curator of related resources.  Check the top of his page for security stories in both English and French.  He’s always tucking away the best of what he reads.

If that’s not enough, check out his Scoopit! resources for collections dealing with security and education.  He curates nice collections there.  In fact, we’ve been known to share each others’ scoops at times!

You can follow Gust on Twitter at @knolinfos

Powered by Qumana