Facebook and Google Tracking
While Facebook is getting all the news about all the data it collects from its users, Google does the same and more. One of the ways you can see what data Google is collecting about you is to go to History.Google.com. Luckily, you can turn off all this tracking. From the hamburger top left menu, choose Activity Controls and turn off all the tracking options. As you can see from my activity, nothing shows up after you turn off everything.
Cryptomator – Encrypting Files
Steve Gibson recently talked about one way to encrypt files using the program Cryptomator.org. While it appears that some versions are free, on the Google Play store, the price is $4.99.
Thanks to Steve Gibson for not only explaining this security exploit, but also giving us solutions. His video is at the bottom.
Here’s a quick summation.
When you click on a link in your email (Don’t Do It), and it takes you to what looks like the site, in actuality it might be a hackers fake site. It will look like what you want, but in actuality, it’s something totally different. Most browsers not only accept ASCII characters – like AaBb!@# and &#$ etc., but they also take characters from the Unicode alphabet.
Some Unicode characters may look very similar to ASCII characters, but what you are looking at may be totally different using Unicode.
The solution I am using is to add a Chrome extension – Phish.AI IDN Protect.
Here’s is Steve’s explanation along with more options for different browsers.
I had a friend bring over his computer and his problem was that while he could open Gmail, if you clicked on an email it wouldn’t open.
I even tried opening his email on my computer and it would not open, which tells me that some how in his settings, he had something that stopped the email from opening.
My solution was to uninstall Chrome from his computer and then reinstall it.
That fixed the problem.
I still don’t know what the source of the problem was, but at least we now have a solution.
Shodan is a search tool that both white and black hatters use to find vulnerabilities on internet-enabled devices.
Wikipedia has lots of great information, so I’m not going to re-hash all the basics.
The main question each of us should be asking ourselves is, “Are my devices, computers and IOT toasters etc. vulnerable to attack?”
One site recommended by Steve Gibson is this:
It has two scans available – the basic scan and the deep scan.
It will show if you have any vulnerabilities.
Below is where I’m going to list more articles about Shodan.
My wife’s phone recently showed her this message.
It appears to be a fake message, similar to what you might get on your computer.
They want you to follow their instructions which it appears will install a bitcoin mining program.
She is smart enough to not fall for this popup and we ended up turning her phone off and then back on to get rid of the popup.
We still don’t know how she got the popup, but it’s a great learning lesson that we all need to remember.
One security tweak to keep your web browsing more secure is to change your DNS server. DNS is similar to a white pages – you look up a name and find an address. In this case, it turns your web address from http://www.google.com and changes it into numbers like 18.104.22.168 which is the google DNS server.
Most computers are set to AUTO and use the providers lookup service. The bad thing is that this list doesn’t filter out the bad guys from this list. What you want is a DNS server which won’t allow you to go to sites controlled by the bad guys.
That’s what the 22.214.171.124 DNS server is.
Here’s a description taken from Steve Gibson’s Security Now podcast.
“So the focus is a privacy and security enhancing DNS service which is completely free to use. So it’s recursive anycast DNS that provides end-users with robust security protections, high performance, and privacy. From their own description, under security they said: “Quad 9 blocks against known malicious domains, preventing,” they wrote, “your computers and IoT devices from connecting to malware or phishing sites. Whenever a Quad 9 user clicks on a website link or types an address into a web browser,” they write, “Quad 9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad 9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike.”
To change the settings on a chromebook,
- Click on the bottom right clock.
- Click on the Gear icon
- Settings – Network
- Double click on your wifi network connection.
- Do this again – double click on your wifi network.
- Click on Network
- Click on Name Servers
- Click on Custon Name Servers
- Type in 126.96.36.199
- Enter – the close out the Settings box.
Here is how to change the settings on a PC.
Finally, the best solution is to change DNS on your router so that all devices have the benefit of 188.8.131.52
Question – if you change the DNS on your computer, does this over-ride the settings on your router? The answer is Yes! Below is Steve Gibson’s response to this question.
VLC is the program I use to play video content, but it also has other capabilities. This tutorial shows how you can capture your screen as you work on the computer. Unfortunately, this doesn’t seem to work on a chromebook.