SECURITY RESEARCH AND DATA PRIVACY
Always Rambling on about Games and Security
Watch your back
I’ve been tinkering for a while now, tweaking my expertise but not really using it to full effect. Having defeat two major bosses, I am now moving onto a new chapter fully geared up with new independant mobility stepping into a unknown path.
Rambling ramble but basically I’m a happy boy with over.
With DUAA now in force, it’s time to tweak my approach to data permissions and change tactics.
The Netflix movie – The Accused was so intensely accurate in terms of what has happened and could indeed happen again to someone being wrongfully accused via our glorious social media ecosystem.
I had to stop watching it halfway through just to analyse the touch points (spoiler alert) –
| Threat / event | Possible risk counter measures |
| High number of followers 200+ | Do you know all these people? |
| Open profile – public access to personal data, followers, posts etc | Limited how unknowns can tag you |
| Connected family and friend’s profiles are open and contain meta data such as location details, home address etc | Limited how unknowns can map your relationships |
| Phone location services open | Turn off when no Apps not in use |
| Images taken by 3rd party in public revealing location | Tough one to tackle as people are always snapping |
| CCTV data mapped with social media | Almost impossible to hide |
| Monitoring a hashtag in real time | No real reason to do this unless you are actually going to react |
| Online rumour pushed as fact | Response to accusations in real time by key social media channels, put out a pubic statement, engage a legal advisor. |
| Online threat to life reported by phone | Report online and get a crime number |
| Open-source intelligence (OSINT) data used to compile and share personal data on public forums anonymously. | Check yourself to see what you are sharing publicly |
The arena of International Law, Digital crime and Money creates an absolute boiling pot of complex, interconnected issues that can sometimes be difficult to understand. The case of Microsoft Corporation, Plaintiff verses Defendants in a Civil Action No. 1-24-cv-2323 in Virginia USA where the plaintiff disabled the abuse of their system and then took legal action is bedtime story reading.
The defendants were truly global and included end-users of a hacked system. Defendants were named and shamed but apparently the legal counsel of the plaintiff had personal information leaked publicly (Doxing).
So much for privacy.
No one in the case is off-limits and brings a point that privacy is a gargantuan task nowadays where even high-level operatives are vulnerable to attack and exploitation.
According to the United Nations, more than 5,600 people were killed in gang violence in Haiti in 2024, with another 2,212 injured and 1,494 kidnapped. This stands in stark contrast to the luxury cruise ships that dock on the island every few days, bringing thousands of affluent tourists.
I was aboard one of those ships, shielded by a mountain range that made it nearly impossible for locals to even catch a glimpse of the vessels by road.
Tourists grappled with the realization that they weren’t experiencing authentic Haiti. Instead, they wandered within a tightly controlled, sanitized environment where Haitian vendors were restricted to specific zones. Security was discreet, carefully preserving the illusion of a carefree vacation.
Warnings were posted, advising tourists not to venture beyond their designated areas, creating a feeling of a manufactured, gated experience—almost like a modern-day Jurassic Park. Visitors could buy a keychain or a fridge magnet as proof of their trip, while outside the protected zones, half the population was struggling to survive.
Why is this even a tourist spot?
GTA 6 will drop this year and the hype train will explode as casual and pro gamers move into this new world and ditch their real lives.
Ever tried watching a small business owner struggle to send private data securely? Inadvertently, they fallback to sending passport or credit card details over WhatsAPP. Not so bad as it’s end-to-end encryption right?
“WhatsApp does collect certain metadata, such as information about your contacts and communication times. This metadata is not protected by end-to-end encryption and can be shared with parent company Meta (formerly Facebook) and, under certain circumstances, with law enforcement agencies.”
So this is not so bad and you have nothing to hide right?
Not many small business owners have the time or money to spend on drilling down to the right controls that should be in place for their business and naturally use what they use in the personal lives which often means the bare minimum.
Additonally, unless directly linked to finanical issues Data protection comes in last. So what can be done prior to a data breach incident for small business?
Firstly, take the personal pulse out of the mix and work with someone who is tech savvy and thinks like a business person with risk in mind.
Happy, Cyber Truck hunting.
