Security Tips

Facebook and Google Tracking

While Facebook is getting all the news about all the data it collects from its users, Google does the same and more. One of the ways you can see what data Google is collecting about you is to go to History.Google.com. Luckily, you can turn off all this tracking. From the hamburger top left menu, choose Activity Controls and turn off all the tracking options. As you can see from my activity, nothing shows up after you turn off everything.
google-history-600


Cryptomator – Encrypting Files

Steve Gibson recently talked about one way to encrypt files using the program Cryptomator.org. While it appears that some versions are free, on the Google Play store, the price is $4.99.

xxxxxxxxxxxxx


—————–

 

 

Advertisements
Posted in Security | Leave a comment

ASCII versus UNICODE – important

Thanks to Steve Gibson for not only explaining this security exploit, but also giving us solutions. His video is at the bottom.

Here’s a quick summation.

When you click on a link in your email (Don’t Do It), and it takes you to what looks like the site, in actuality it might be a hackers fake site. It will look like what you want, but in actuality, it’s something totally different. Most browsers not only accept ASCII characters – like AaBb!@# and &#$ etc., but they also take characters from the Unicode alphabet.

Some Unicode characters may look very similar to ASCII characters, but what you are looking at may be totally different using Unicode.

The solution I am using is to add a Chrome extension – Phish.AI IDN Protect.

Security-unicode-600

Here’s is Steve’s explanation along with more options for different browsers.

Posted in Security | Leave a comment

Can’t Open Email in Gmail

I had a friend bring over his computer and his problem was that while he could open Gmail, if you clicked on an email it wouldn’t open.

I even tried opening his email on my computer and it would not open, which tells me that some how in his settings, he had something that stopped the email from opening.

My solution was to uninstall Chrome from his computer and then reinstall it.
That fixed the problem.

I still don’t know what the source of the problem was, but at least we now have a solution.

Posted in Gmail | Leave a comment

Shodan – Information and Tips

Shodan is a search tool that both white and black hatters use to find vulnerabilities on internet-enabled devices.

Wikipedia has lots of great information, so I’m not going to re-hash all the basics.

The main question each of us should be asking ourselves is, “Are my devices, computers and IOT toasters etc. vulnerable to attack?”

shodan-01-350One site recommended by Steve Gibson is this:
http://iotscanner.bullguard.com/

It has two scans available – the basic scan and the deep scan.
It will show if you have any vulnerabilities.

Below is where I’m going to list more articles about Shodan.

 

 

Posted in Misc | Leave a comment

Fake Phone Messages

security-phone-fake-message-300.jpgMy wife’s phone recently showed her this message.

It appears to be a fake message, similar to what you might get on your computer.

They want you to follow their instructions which it appears will install a bitcoin mining program.

She is smart enough to not fall for this popup and we ended up turning her phone off and then back on to get rid of the popup.

We still don’t know how she got the popup, but it’s a great learning lesson that we all need to remember.

 

Posted in Security | Leave a comment

Change Your DNS Server

One security tweak to keep your web browsing more secure is to change your DNS server. DNS is similar to a white pages – you look up a name and find an address. In this case, it turns your web address from http://www.google.com and changes it into numbers like 8.8.8.8 which is the google DNS server.

Most computers are set to AUTO and use the providers lookup service. The bad thing is that this list doesn’t filter out the bad guys from this list. What you want is a DNS server which won’t allow you to go to sites controlled by the bad guys.

That’s what the 9.9.9.9 DNS server is.
Here’s a description taken from Steve Gibson’s Security Now podcast.

“So the focus is a privacy and security enhancing DNS service which is completely free to use. So it’s recursive anycast DNS that provides end-users with robust security protections, high performance, and privacy. From their own description, under security they said: “Quad 9 blocks against known malicious domains, preventing,” they wrote, “your computers and IoT devices from connecting to malware or phishing sites. Whenever a Quad 9 user clicks on a website link or types an address into a web browser,” they write, “Quad 9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad 9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike.”

 To change the settings on a chromebook,

  • Click on the bottom right clock.
  • Click on the Gear icon
  • Settings – Network
  • Double click on your wifi network connection.
  • Do this again – double click on your wifi network.
  • Click on Network
  • Click on Name Servers
  • Click on Custon Name Servers
  • Type in 9.9.9.9
  • Enter – the close out the Settings box.

Here is how to change the settings on a PC.

Finally, the best solution is to change DNS on your router so that all devices have the benefit of 9.9.9.9


Question – if you change the DNS on your computer, does this over-ride the settings on your router? The answer is Yes! Below is Steve Gibson’s response to this question.

Posted in Roku, Security | Leave a comment

VLC – Screen Capture

VLC is the program I use to play video content, but it also has other capabilities. This tutorial shows how you can capture your screen as you work on the computer. Unfortunately, this doesn’t seem to work on a chromebook.

Posted in Misc | Leave a comment