Category: Surveillance

Watching your back in the Digital World

Posted on

Power-On Self-Test

Business and Personal life continuity in our new lockdown era ramps up the criticality of pings.

Cut off anyone’s internet access and with seconds that are flapping around like a fish in the floor. Within minutes their brain will implode and after an hour irreversible brain damage will kick in. Well, a slight exaggeration but you get me point.

Over 90% of our service requires an internet connection and it much cheaper now.
So with these old vulnerabilities in plain view why craft up new malware and exploits. Just reuse the classics, this Christmas, for example, we may see the same threats resurfacing. Privacy is so 2018 as many “bend the knee” to be tracked to “protect” society.

If you really want to socially distance yourself and isolate simply kill your WiFi, job done. No constant stream of toxic global pandemic news sending your brain into panic and disbelief but no entertainment [Sad Face?].

Time to dig up all DVDs or maybe actually talk to the person you live with…if you are lucky enough to co-habit.

Anyhow, my Internet Diet of 24-hours is over and I’m back online uploading this article.

Poor old UK Government has no idea what to do next

Posted on

Erase yourself

Probably inspired by GDPR, some Global vendors are following the tracks of social media giants by making it easy to download ALL your data.

It will take seven (7) days but I just put in my request for info to Apple hoping for some surprises.  There will be many of us who state that we have “nothing” to hide and don’t care what information is held.

You don’t know what you don’t know

https://privacy.apple.com

Self-discovery is always a healthy thing gives you the power to decide to delete ALL, correct or reset.

Basic discovery

App Store, iTunes Store, 
iBooks Store and Apple Music activity
Apple ID account and device information
Apple Online Store and Retail Store activity
AppleCare support history, repair requests and more
Game Center activity
iCloud Bookmarks and Reading List
iCloud Calendars and Reminders
iCloud Contacts
iCloud Drive files and documents
iCloud Mail
iCloud Notes
iCloud Photos
Maps Report an Issue
Marketing subscriptions, 
Marketing downloads

 

Posted on

Re-calculating

Every time I jump onto a plane it’s a chance to re-calculate my life choices and look at things from a different angle.  This time around, I’ll be testing out the Google DNS alternative 1.1.1.1 from a technical and personal perspective.

1.1.1.1 for consumers should speed things up a bit and sidestep the monitoring and logging from Internet Service Providers.  Naturally, I’ll start with my PS4 and later on selected routers and servers.

Breaking up is hard to do

Leaving the default settings active is the easier thing to do and creates a nice comfort factor as things just work as expected.  Messing with your settings and configuration can cause you a world of headaches.  As usual, the best practice is backup, backup and then test your backup.  Warning: You can “BREAK” your internet connection by messing with DNS.

In the meantime, check 1.1.1.1 for a non-technical guide to a brand new cleaner Internet experience.

Posted on

Not down wid OPP

My professional life involves constant deep dives into Other Peoples’ Problems (OPP)….taking on the same ethos in my private life is truly a different matter.

Today, getting intimate with peoples’ digital life is way too risky and a very Thankless endeavour.  Taking on any private system admin task means exposing yourself as a technician to unwarranted criticism and abuse; get it a wrong and you’re a snooping idiot IT guy, get it right and nothing is said.

Not my Problem

It’s a constant catch 22 scenario especially when you can see friends and family making familiar tactical and operation errors i.e. never ever backing up their data, never encrypting their data and never changing their passwords.

Here are 10 things that people don’t change often.

Change bank account or card
Change email address
Change passwords
Change phone device
Erase or reset phone device
Change phone number
Change social media accounts
Change inner friend circles
Change ISP or Geolocations
Change public IP address

Tactical Reconnaissance: Basics for profiling, tracking or snooping.

Posted on

So you think you’ve been hacked

As an individual, where do you turn if you think you’ve been breached and your antivirus software tells you nothing?

Your Internet Service providers? Your bank?
Your email provider?
The techie friend of a friend who can find a job in the industry?
Your insurance company?
Your IT department at work?

…or your friendly neighbourhood CISSP®Certified Information Systems Security Professional.

Generally, though, it’s down to you and Google to figure it out.

Take your life offline if you get hacked.

In the meantime, you stumble around telling friends you’ve been hacked or that your tech is crap.

Naturally, social media is a massive help to find out if someone else has the same problem.  In my experience, the emotional pressure is one of the biggest issues.  Feelings of WTF and “why are they doing this to me” cloud your judgement and objectivity.

Don’t be a victim, be a warrior. Hellblade: Senua’s Sacrifice

Posted on

InfoSec skills – Computer Emergency Response Team (CERT)

As a Small Business or individual, If you were going to hire a Private IT Security Professional here’s what you should be looking for.

Trust me I’m a Professional – Until Dawn™

Loving this 2016 IT Security Job Description

Experience as part of an incident response team (either in-house or as a consultant).

An ability to provide technical analysis and direction for investigations.

An understanding of networking protocols and infrastructure designs; including, firewall functionality, routing, encryption, host and network intrusion detection systems, load balancing, and other network protocols.

An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.

Willing to work out of hours and public holidays as part of a shift Rota and when on call as needed.

Inherent passion for information security and service excellence.

An ability to analyse and reverse engineer various file types including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files.

Be able to complete post-mortem analysis of network logs, traffic flows and other activities to identify malicious activity on a network.