Erase yourself

Probably inspired by GDPR, some Global vendors are following the tracks of social media giants by making it easy to download ALL your data.

It will take seven (7) days but I just put in my request for info to Apple hoping for some surprises.  There will be many of us who state that we have “nothing” to hide and don’t care what information is held.

You don’t know what you don’t know

https://privacy.apple.com

Self-discovery is always a healthy thing gives you the power to decide to delete ALL, correct or reset.

Basic discovery

App Store, iTunes Store, 
iBooks Store and Apple Music activity
Apple ID account and device information
Apple Online Store and Retail Store activity
AppleCare support history, repair requests and more
Game Center activity
iCloud Bookmarks and Reading List
iCloud Calendars and Reminders
iCloud Contacts
iCloud Drive files and documents
iCloud Mail
iCloud Notes
iCloud Photos
Maps Report an Issue
Marketing subscriptions, 
Marketing downloads

 

Re-calculating

Every time I jump onto a plane it’s a chance to re-calculate my life choices and look at things from a different angle.  This time around, I’ll be testing out the Google DNS alternative 1.1.1.1 from a technical and personal perspective.

1.1.1.1 for consumers should speed things up a bit and sidestep the monitoring and logging from Internet Service Providers.  Naturally, I’ll start with my PS4 and later on selected routers and servers.

Breaking up is hard to do

Leaving the default settings active is the easier thing to do and creates a nice comfort factor as things just work as expected.  Messing with your settings and configuration can cause you a world of headaches.  As usual, the best practice is backup, backup and then test your backup.  Warning: You can “BREAK” your internet connection by messing with DNS.

In the meantime, check 1.1.1.1 for a non-technical guide to a brand new cleaner Internet experience.

Not down wid OPP

My professional life involves constant deep dives into Other Peoples’ Problems (OPP)….taking on the same ethos in my private life is truly a different matter.

Today, getting intimate with peoples’ digital life is way too risky and a very Thankless endeavour.  Taking on any private system admin task means exposing yourself as a technician to unwarranted criticism and abuse; get it a wrong and you’re a snooping idiot IT guy, get it right and nothing is said.

Not my Problem

It’s a constant catch 22 scenario especially when you can see friends and family making familiar tactical and operation errors i.e. never ever backing up their data, never encrypting their data and never changing their passwords.

Here are 10 things that people don’t change often.

Change bank account or card
Change email address
Change passwords
Change phone device
Erase or reset phone device
Change phone number
Change social media accounts
Change inner friend circles
Change ISP or Geolocations
Change public IP address

Tactical Reconnaissance: Basics for profiling, tracking or snooping.

So you think you’ve been hacked

As an individual, where do you turn if you think you’ve been breached and your antivirus software tells you nothing?

Your Internet Service providers? Your bank?
Your email provider?
The techie friend of a friend who can find a job in the industry?
Your insurance company?
Your IT department at work?

…or your friendly neighbourhood CISSP®Certified Information Systems Security Professional.

Generally, though, it’s down to you and Google to figure it out.

Take your life offline if you get hacked.

In the meantime, you stumble around telling friends you’ve been hacked or that your tech is crap.

Naturally, social media is a massive help to find out if someone else has the same problem.  In my experience, the emotional pressure is one of the biggest issues.  Feelings of WTF and “why are they doing this to me” cloud your judgement and objectivity.

Don’t be a victim, be a warrior. Hellblade: Senua’s Sacrifice

InfoSec skills – Computer Emergency Response Team (CERT)

As a Small Business or individual, If you were going to hire a Private IT Security Professional here’s what you should be looking for.

Trust me I’m a Professional – Until Dawn™

Loving this 2016 IT Security Job Description

Experience as part of an incident response team (either in-house or as a consultant).

An ability to provide technical analysis and direction for investigations.

An understanding of networking protocols and infrastructure designs; including, firewall functionality, routing, encryption, host and network intrusion detection systems, load balancing, and other network protocols.

An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.

Willing to work out of hours and public holidays as part of a shift Rota and when on call as needed.

Inherent passion for information security and service excellence.

An ability to analyse and reverse engineer various file types including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files.

Be able to complete post-mortem analysis of network logs, traffic flows and other activities to identify malicious activity on a network.


Keep it Clean

I cannot be bothered to delete Exchangeable Image File (EXIF) data recently so if you dig deep enough you’ll know when and where I took this image and on what device.

Cyber Crime, Cyber Bullies, Cyber Idiots…….and now Cyber Clean.

I saw this on a friend’s shelf and was sniggering for ages, marketing people enjoying the Cyber-hype.

Stick the word “Cyber” on everything

The product itself is pretty cool and basically a keyboard and device cleaner that works.

We are safe and clean

….….for now.

Available from JOKER in Hong Hong…honest I’m not making this stuff up.