Yo mama’s so old, her resume’s on a floppy disk…
I grew up on computers. Way before smartphones put the internet in the hands of every man, woman, and child in modern society, I sat in my room, staring at a black screen with c:// in a white font. There was no graphical user interface (GUI) back then, so there were no mice, track pads, or touch screens; you had to type everything. The word-processing programs (Word Perfect was the best, by a large margin) changed the pixelated screen from black to blue.
Technology has vastly improved since those days.
I’m one of a shrinking minority of people who understand that your desktop, with all its shiny icons, is not the foundation of your computer. It’s a subfolder within a subfolder within a subfolder at best. Your computer has a structure, and this structure applies also to any network and even the internet itself. This basic understanding gets me into as much trouble as it resolves, but knowledge is power, so allow me to impart a little wisdom to you as to why your data is not safe online.
NSA whistleblower Edward Snowden leaked a lot of technical manuals and other documentation to the media. In doing so, he gave us proof that our government is monitoring everyone but themselves. It’s crazy to think we’re the only ones, though. Governments on all habitable continents have been caught snooping on their citizens. No matter where you are, there’s a reason some government agency would want to monitor you.
No matter how safe you are with your personal data, it’s not safe from government snooping. Some of the Anonymous hackers involved in data breaches of Stratford, HB Gary Federal, Sony, and PayPal used temporary laptops (similar to a drug dealer’s burner phone) and kept all info (including the operating system) on USB drives, and they still got caught. If these tech experts were tracked, even with all of their advanced techniques for evasion, then you don’t stand a chance.
We are living in the future, and our actions are being judged by anyone with the money to access and analyze it. Keeping your head down will temporarily avoid any trouble, but your only real chance for long-term change is joining the various protests against government monitoring, such as February’s International Day of Privacy, held annually by the Computer Chaos Club (Europe’s oldest and largest hacker organization).
Let’s say you don’t have any social media accounts, and you never shop online. You likely have an email address, though. You also have an employer and a financial institution, and you shop somewhere. All of these businesses store your information. I don’t even have to hack you to know everything about you; I just have to hack Sony, Target, Facebook, Hotmail, or some other company you do business with.
It happens all the time. If you use the same username and password for everything, you’re much more at risk of people using your stolen info to further harm you. Mitigate this risk as much as possible by only working with and for honest companies you trust. This way you’ll be less likely to be involved in a beef that has nothing to do with you. Anonymous has issued several statements explaining how companies are targeted not because they’re rich, but because they’re corrupt.
What you post online will last longer than you; you’re just some meat puppet with a shelf life, but your Twitter account is part of a publicly-owned company. Every app or game you download on your phone wants your personal info and they’ll incentivize you giving it to them with extra features, easier connectivity, and bonus in-game items. Every time you use your Facebook, Twitter, Foursquare, LinkedIn, Disquss, or other social-media accounts to log in to an app, you’re giving them access to your personal information, and they will use and sell this information as they see fit. Did you ever notice many apps and games don’t tell you they’re not sharing your information? That’s because they are.
With your information already out there and lasting so long, you should be the one in control of how you’re remembered. At this point, you’re better off making your voice heard publicly – at least you’ll control your own narrative. Be proud of who you are, and keep your social media accounts updated with how you feel and what you think. If they’re monitoring us, the least we can do is give them our honest opinions. Don’t ever be afraid of voicing your opinion – how those opinions are accepted by others is their problem. It might be wise, however, to take just a minute think about how you will feel if that opinion or photo you just posted were to be looked at ten years from now by a prospective employer.
Losing your phone is like losing your keys, wallet, and everything else in your life. You don’t realize how much personal information is on your phone; it could be devastating if someone stole or found it. Luckily, there are measures you can take to mitigate this risk. Tiffany Rad, a Senior Security Researcher at Kapersky Labs offers this advice:
“A feature that is useful for consumers is to have is a remote “kill” option should the phone be lost or stolen. There are free apps available that will not only try to locate the phone by pin-pointing the location of the last cell tower to which it connected, but if it is determined that the phone cannot be retrieved, you can remotely erase/wipe the phone.”
Losing physical possession of your device is hardly the only threat, however. Data-retrieval devices can be anywhere; simply walking down the street exposes your phone to everyone with a wireless signal within 500 feet. Anytime you swipe your credit or debit card, the machine could’ve been compromised (and you’d never know). ATMs are especially vulnerable because the manuals are so easy to obtain online, and laws have made prosecuting ATM theft difficult. No matter what you do, there is a risk associated with it. Keep yourself informed about the many data theft possibilities by Googling the specifics for your particular phone and financial services, as the subject is much too detailed and complicated to go too far into here.
You may think you’re not worth watching, but everyone is worth watching. When you apply for a job, potential employers stalk you. When you meet someone new, they stalk you. Some people you haven’t even met will stalk you to see if you’re worth getting to know. Scorned exes, rivals, friends, and family are all stalking you. People may not talk about it, but everyone snoops. Basic password protection and social media privacy settings can mitigate this risk.
The hard part of hacking isn’t breaking into a system. With a few attempts (and, in the worst case, a brute-force attack), you can get into anyone’s network or computer. The hard part is knowing what to look for and where to look once you’re in there. The basics of computer structure explained at the beginning of this piece are easily applied, however, and many people besides me know this…and I just blabbed it to everyone whose reading this. Knowledge was passed on in art, song, and literature well before the internet was invented, so even removing hacking info from search engines won’t delete it from human memory.
There are efforts to reframe how you think about computers (with the most basic one being to train users into thinking their home screen is the root folder) so fewer people grasp computer hacking concepts, but the knowledge will always be easily available to those who know where to look. There are no good or bad people, just good or bad actions, and people hack for good and bad reasons. Many times, it’s to satiate curiosity, practice, or just for the lulz. The point is, hacking is like playing the guitar; it is easy…it just takes 10,000 hours of practice.
Even if you’re technically cautious, you may not realize how obvious your social cues are. Social hacking is how most cyber-attacks are executed, not technical programming. Although we all like to feel unique, convincing people to give up their personal data is simple. Data and forensics consultant Steven Burgess explains how social hacking may be responsible for Target’s recent data breach.
“A careless Target worker, possibly in the IT department, was fooled by a link in an official-looking email – ostensibly from his or her bank, or from a manager or superior in the company–or by visiting an alluring website–to reveal important authorization credentials, which were passed on to the hacker,” Burgess proposes.
Don’t let this article dissuade you from taking every possible precaution, such as locking and password-protecting your devices, using two-step authorization, encrypting personal data, and using anonymizing services such as TOR and OTR chat. Following these steps will help ensure your private chats remain private.
Love this article? Share it with your friends on Facebook