SECURITY RESEARCH AND DATA PRIVACY
Always Rambling on about Games and Security
Snooping, Hacking and Deception
I’ve been tinkering for a while now, tweaking my expertise but not really using it to full effect. Having defeat two major bosses, I am now moving onto a new chapter fully geared up with new independant mobility stepping into a unknown path.
Rambling ramble but basically I’m a happy boy with over.
With DUAA now in force, it’s time to tweak my approach to data permissions and change tactics.
The Netflix movie – The Accused was so intensely accurate in terms of what has happened and could indeed happen again to someone being wrongfully accused via our glorious social media ecosystem.
I had to stop watching it halfway through just to analyse the touch points (spoiler alert) –
| Threat / event | Possible risk counter measures |
| High number of followers 200+ | Do you know all these people? |
| Open profile – public access to personal data, followers, posts etc | Limited how unknowns can tag you |
| Connected family and friend’s profiles are open and contain meta data such as location details, home address etc | Limited how unknowns can map your relationships |
| Phone location services open | Turn off when no Apps not in use |
| Images taken by 3rd party in public revealing location | Tough one to tackle as people are always snapping |
| CCTV data mapped with social media | Almost impossible to hide |
| Monitoring a hashtag in real time | No real reason to do this unless you are actually going to react |
| Online rumour pushed as fact | Response to accusations in real time by key social media channels, put out a pubic statement, engage a legal advisor. |
| Online threat to life reported by phone | Report online and get a crime number |
| Open-source intelligence (OSINT) data used to compile and share personal data on public forums anonymously. | Check yourself to see what you are sharing publicly |
The arena of International Law, Digital crime and Money creates an absolute boiling pot of complex, interconnected issues that can sometimes be difficult to understand. The case of Microsoft Corporation, Plaintiff verses Defendants in a Civil Action No. 1-24-cv-2323 in Virginia USA where the plaintiff disabled the abuse of their system and then took legal action is bedtime story reading.
The defendants were truly global and included end-users of a hacked system. Defendants were named and shamed but apparently the legal counsel of the plaintiff had personal information leaked publicly (Doxing).
So much for privacy.
No one in the case is off-limits and brings a point that privacy is a gargantuan task nowadays where even high-level operatives are vulnerable to attack and exploitation.
Ever tried watching a small business owner struggle to send private data securely? Inadvertently, they fallback to sending passport or credit card details over WhatsAPP. Not so bad as it’s end-to-end encryption right?
“WhatsApp does collect certain metadata, such as information about your contacts and communication times. This metadata is not protected by end-to-end encryption and can be shared with parent company Meta (formerly Facebook) and, under certain circumstances, with law enforcement agencies.”
So this is not so bad and you have nothing to hide right?
Not many small business owners have the time or money to spend on drilling down to the right controls that should be in place for their business and naturally use what they use in the personal lives which often means the bare minimum.
Additonally, unless directly linked to finanical issues Data protection comes in last. So what can be done prior to a data breach incident for small business?
Firstly, take the personal pulse out of the mix and work with someone who is tech savvy and thinks like a business person with risk in mind.
Happy, Cyber Truck hunting.
Business and Personal life continuity in our new lockdown era ramps up the criticality of pings.
Cut off anyone’s internet access and with seconds that are flapping around like a fish in the floor. Within minutes their brain will implode and after an hour irreversible brain damage will kick in. Well, a slight exaggeration but you get me point.
Over 90% of our service requires an internet connection and it much cheaper now.
So with these old vulnerabilities in plain view why craft up new malware and exploits. Just reuse the classics, this Christmas, for example, we may see the same threats resurfacing. Privacy is so 2018 as many “bend the knee” to be tracked to “protect” society.
If you really want to socially distance yourself and isolate simply kill your WiFi, job done. No constant stream of toxic global pandemic news sending your brain into panic and disbelief but no entertainment [Sad Face?].
Time to dig up all DVDs or maybe actually talk to the person you live with…if you are lucky enough to co-habit.
Anyhow, my Internet Diet of 24-hours is over and I’m back online uploading this article.
