Let’s get current! Breaches, leaks, and passwords…

It’s been too long since our last episode. Let’s get caught up and then move forward!

TOPICS

* It’s been a challenge to do these episodes on top of being the sole person building my business. I’ve worked with a mentor, though, and I’m changing my process. Episodes are going to be coming much more quickly now.

* Data breaches – I talk about the Facebook and Ubiquity data breaches and what do do about them.

* 2FA/Two-factor authentication via texting and email. These are bad methods for securing your accounts. Well, OK, they’re better than NOT using two-factor authentication. IF you have the option of using app based 2FA such as Authy, Google Authenticator, etc. or a hardware token such as a Yubikey, please use one of those methods INSTEAD of text messaging or email. A lot of banks (WAY TOO MANY) don’t allow anything but text or email. We do our best.

* Backups – I like SpiderOak One for a secure, private data backup provider.

* Secure file sharing services – I’m playing with Boxcryptor for encrypting data inside less private services like OneDrive, Google Drive, Dropbox, Box, etc. So far it looks very good. It’s not super easy to use, but it’s not bad. Plus, there is a free option.

* Text messaging is NOT secure. It’s very easy to steal your cellphone number for texting. This is why I don’t want you using texting for two-factor authentication. There’s a link to an article on this. It’s a quick read!

* Apple and Google are most definitely collecting information from our devices every few minutes (at least). There’s an interesting study (link below). I hope to revisit this in future episodes.

HOMEWORK FOR NEXT TIME

* Do you first, or next backup! Extra credit: Do a test restore!

* Collect your data from Facebook. Extra credit: Leave Facebook (if you can)

* Update your passwords, especially at Facebook and Ubiquity/UniFi, especially if you’ve been in these breaches. Check https://haveibeenpwned.com to see if you’re listed there.

* Move form text (SMS) and email two-factor authentication to using Authy, Yubikey, etc. as much as possible. Links are below

LINKS FROM THIS EPISODE

* Authy – two-factor authentication (2FA) app

* SpiderOak One Backup

* Facebook data breach

* Ubiquity data breach

* A Hacker Got All My Texts for $16 – an easy, interesting read

* Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google – very scholarly and interesting (PDF download) or an article by The Register

PODCAST WEBSITE

https://monozukuritech.com/podcast

HUMANE TECH EMAIL NEWSLETTER

Sign-up to receive a weekly newsletter that’s to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared.

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

Backups 102 and 2FA restore fail

It’s not just data that we need to back up. We also need to back up processes. I recently failed to do that and I share a story of woe from my phone breaking my two-factor authentication.

TOPICS

* story about 2FA backup methods

* 3-2-1

* backup to external drives

* consider encryption

* how often? as often as your data changes….

* two local drives – continuous backup vs point in time

HOMEWORK FOR NEXT TIME

* Do you first (next?) backup.

* Extra credit: Do a test restore!

LINKS FROM THIS EPISODE

* Authy – two-factor authentication (2FA) app

* Apple TimeMachine (macOS and Mac OS X only)

* Microsoft Authenticator – two-factor authentication (2FA) app

* SanDisk 256GB USB Flash Drive

* Seagate Backup Plus Portable 5TB for Windows or Mac

* VeraCrypt – encryption software for Windows Mac, and Linux (warning, not incredibly user friendly — I’ll cover this more humanely in the future)

* Windows Backup (Windows 8.1 only)

PODCAST WEBSITE

https://monozukuritech.com/podcast

HUMANE TECH EMAIL NEWSLETTER

Sign-up to receive a weekly newsletter that’s to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared.

COMING SOON

* file sharing services: Dropbox, OneDrive, Google Drive, iCloud Drive, etc

* secure cloud storage

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

Urgent iPhone and iPad Update

URGENT APPLE UPDATES

Apple releases iOS 14.4 and iPadOS 14.4. These updates fix problems with the iPhone and iPad which have been used to attack devices.

It’s been a while since our last episode. Thank you for waiting! This podcast was going to be relaunched TOMORROW with a full episode, but this update was too important to ignore.

LINKS FROM THIS EPISODE

> HOW TO BACK UP YOUR APPLE IPHONE OR IPAD

https://support.apple.com/en-us/HT203977

> HOW TO UPDATE YOUR APPLE IPHONE OR IPAD

https://support.apple.com/en-us/HT204204

> HOW TO BACK UP YOUR ANDROID DEVICE

https://support.google.com/android/answer/2819582?hl=en

> HOW TO UPDATE YOUR ANDROID DEVICE

https://support.google.com/android/answer/7680439?hl=en

NEXT EPISODE

Once I get all of our Apple devices updated I’ll finish editing Episode 9 – Backups (continued).

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at podcast@mozu.info.

Backups 101 (Cybersecurity Essentials #3)

Backups 101

Cybersecurity Essentials #3

We start this episode with two stories.

  • How was my old Gmail address found in website’s data breach when I never had an account there?
  • A growing small business was horribly hurt because the cybersecurity essentials were not in place. Still, backups partially saved the day.

New Cybersecurity Class – $56

Personal Cybersecurity Foundations opens October 8th. You know that your email addresses and passwords have been stolen in data breaches. Are you using a password manager and two-factor authentication on a daily basis? If not, I’ll walk you through choosing, installing, and using both through live and recorded sessions and step-by-step instructions.

See how to work around any challenges you might face. Ask me questions online or schedule an included one-on-one session with me!

https://training.monozukuritech.com

LINKS FROM THIS EPISODE

Backup Hard Drives

  • Backup your Windows computer using this hard drive and the included software – WD 4TB My Passport Portable External Hard Drive, Black – WDBPKJ0040BBK-WESN – https://amzn.to/2GjurQQ
  • Backup your macOS computer using this hard drive and your Mac’s built-in TimeMachine software – WD 5TB My Passport for Mac Portable External Hard Drive – Blue, USB-C/USB-A – WDBA2F0050BBL-WESN – https://amzn.to/3jtTq2j

Humane Tech Email Newsletter

Sign-up to receive a weekly newsletter that’s to-the-point with helpful advice, links, and information on upcoming podcast episodes, and more! Your information will never be sold or shared.

http://eepurl.com/he8SQ9

Next Episode!

Cybersecurity Essentials #3: Backups 102

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

The Evacuation Episode

The Evacuation Episode

Hurricanes, fires, COVID-19, and online school…the world is a challenging place for most of us an horribly frightening for many. What can we do to stay safe when we’re suddenly displaced.

LINKS FROM THIS EPISODE

FREE ANTIVIRUS/ENDPOINT PROTECTION

  • Sophos Home (free and trial versions)https://home.sophos.com/en-us.aspx – There are lots of options for good endpoint protection. I’m offering Sophos as an option because it works well, is easy to install and get running, and is free for 30 days. It’s also available for both macOS and Windows.

VPN

  • ProtonVPN (free and paid versions) https://protonvpn.com/ – I’ll be talking in depth about VPNs in a future episode. As with endpoint protection software, there are other good VPNs. I believe ProtonVPN is one of the best for both security and privacy.

Next Episode!

As I upload this episode, the air quality is greatly improving and it’s actually raining. If things remain relatively calm, we’ll be back on schedule with Cybersecurity Essentials #3: Backups.

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

Multi-factor Authentication (Cybersecurity Essentials #2)

Multi-factor Authentication (Cybersecurity Essentials #2)

What if there was a way to keep people out of your accounts even if they did steal or hack your password? There is and it’s time to get it on every account you have.

LINKS FROM THIS EPISODE

DATA BREACHES, LEAKS, AND OTHER COMPROMISES

If you haven’t looked yourself up in Have I Been Pwned https://haveibeenpwned.com/ please do it now! If your information has been compromised please change your password at any listed sites. This database is not all inclusive and there are other ways to search for your information but this is a good start.

WARGAMES (1983)

https://en.wikipedia.org/wiki/WarGames

MULTI-FACTOR AUTHENTICATION APPS

  • Authyhttps://authy.com/ – Use it just about anywhere including sites that say they’re only offering Google Authenticator.

Hardware Authenticators aka Tokens

  • YubiKeyhttps://www.yubico.com/ – YubiKeys are very well known in the security world and have been trusted for a long time. Compared to the free apps the YubiKey options may seem very expensive. If you can afford them, they are much better than the apps. A warning, though, they can be complicated to initially set up. Once they’re working, they’re amazing.

  • OnlyKeyhttps://onlykey.io/ – OnlyKey has options are less expensive and have more features than YubiKeys. Like YubiKeys, they can be more difficult to use than MFA applications.

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

Passwords (Cybersecurity Essentials #1)

Passwords (Cybersecurity Essentials #1)

Our passwords are an essential ingredient to our privacy and cybersecurity protections. They’re also a pain, easy to steal, often reused (bad idea), and hard to remember. That said, I want you to forget all of your passwords except two.

LINKS FROM THIS EPISODE

DATA BREACHES, LEAKS, AND OTHER COMPROMISES

Look to see if you’ve been in one or more data breaches or leaks at Have I Been Pwned https://haveibeenpwned.com/. Safely enter your email address(es). If your information has been compromised please change your password at any listed sites. This database is not all inclusive and there are other ways to search for your information but this is a good start.

PASSWORD MANAGERS

All of these are end-to-end encrypted (technically it’s just encrypted if it’s installed on your computer) and are zero knowledge. These terms mean that the organizations creating and managing the password managers can’t see, access, use, or change the information you save in their systems.

  • KeePassXChttps://keepassxc.org – free and open-source. ONLY works on the computer running the application. Can be synchronized with your other devices but can be tricky to set up and maintain. Does not automatically store any information in the cloud.
  • BitWardenhttps://bitwarden.com – free and paid accounts available, open-source. Options to store only on your computer, in the cloud, or both.
  • LastPasshttps://lastpass.com – free and paid accounts available, closed-source. Cloud-only. Easily accessible and fully synchronized on desktops, laptops, and mobile devices.
  • 1passwordhttps://1password.com – only paid accounts available (free trial option), closed-source. Cloud-only. Easily accessible and fully synchronized on desktops, laptops, and mobile devices.

WEB BROWSERS – Do not save your passwords in your browser(s).

If you’re enjoying the podcast please leave a review and subscribe. If you have comments, questions, concerns, or suggestions please email us at humanetechpodcast@protonmail.com.

The 10 Cybersecurity Essentials

In this episode, we introduce the 10 cybersecurity essentials for individuals, families, and small businesses. We end this episode with an assignment, your first steps to take in setting up these essential protections and habits. The next ten podcast episodes will focus on one essential, discuss why it’s important, and provide steps for moving forward.

The 10 Cybersecurity Essentials

  1. Passwords
  2. Two-factor Authentication
  3. Backups
  4. Updates
  5. Endpoint Protection
  6. Web browser setup
  7. Ad blocking
  8. Virtual Private Networking (VPN)
  9. Firewalls
  10. Encryption

General safety and online conferencing

Humane Tech gets a new structure. Shorter and to the point. YOU ARE NOT ALONE. COVID-19 has us isolating but that doesn’t mean we can’t be in each others’ lives.

In episode 2, I bring you general privacy and cyber security tips. Do these seven (7) things and you’re in pretty good shape. Then we hit on online conferencing concerns and how to approach them. Finally, I illuminate a few of the threats we need to watch out for.

SUPPORT

Humane Tech is not sponsored and there are no paid advertisements. Instead, we prop up each other. In this episode, I mention three businesses supporting women in the Portland/Vancouver metropolitan area (this is Oregon and Washington states).

Ps & Qs Market is offering curbside groceries service and take-out meals. Their food is wonderful and so is their staff.

Thatcher’s Coffee is owned and operated by our great friend and her incredible staff of women. They support the community and now we can support them. While they are currently closed, you can support them by buying Thatcher’s Blend Coffee from Roseline Coffee. We ordered two bags over the weekend and expect to brew some up on Wednesday or Thursday.

Rose Haven is a day shelter and community center serving women, children and gender non-conforming folks experiencing trauma, poverty, and physical and mental health challenges. Restoring stability and dignity for 3,500 guests annually. They are incredible people and continue to work hard through this COVID-19 crisis. We’ll support them as long as we can.

We’re grateful for you. Let us know what you want to hear next.

Holiday travel and purchases; Multi-factor Authentication

There’s been a lot of news recently about juice jacking and privacy concerns with smart devices. We discuss this and focus on how to protect yourself using multi-factor authentication.

Smart TVs and Privacy

These concerns have been around since at least 2017 but most everyone I talk to is surprised to know what’s going on. Here are some article links for more information:

Juice Jacking

Multi-Factor Authentication (aka MFA, 2FA or two-factor authentication, etc.)

It’s pretty clear that I believe that you should be using MFA today, now, get on it! It’s been around for years and most people don’t know or don’t care. Security professionals like me are yelling from the roofs that it’s important but few are hearing us.

However, nothing is perfect. Included in the links is at least one article describing issues with two-factor authentication. Deadbolts and other physical locks are not perfect, either, but we use them because they do more good than not. Use MFA/2FA!

You are valuable, your personal information is valuable, let’s work together to keep both safe.

Have a great week.