Show newer

I am excited to announce that I will be speaking at Cybersecurity Conference by North Texas ISSA ntxissa.org/csc

@kyle I believe that's only happening on the phones that were purchased through the plan, typically the best thing to do is to buy an unlocked phone outright, that's not as free as buying Librem, but at least you would be able to factory reset it.

As long as the code behind "smart" home devices is proprietary, these companies are free to spy on us as much as they like. Help us fight back: tell your friends about free software and urge then to join the FSF! Support #FreeSoftware. fsf.org

TIP: Review your phone weekly and uninstall any software that is currently not in use. Typically software asks for many permissions and you'd have to grant those if you'd like to use service, however once you done with occasional services, like Uber, Airbnb and so on, uninstall software to prevent it from invading your privacy until next time.

Bad design choices: say you are in a room that has light at the ceiling and you are a person who doesn't look down at the phone screen, instead you bring it up and look straight, then adaptive brightness dim screen down because there is just a very tiny amount of light getting on that sensor ... I guess it's time to put that phone down.

There is a stark difference between theory and reality, for instance in theory move from DoD from this article cyberscoop.com/pentagon-vendor was suppose to improve security, indeed way too many software vendors have no idea what do they put into their product, what SDK they use and so on, in fact those vendors need to be held accountable, however at the end government will get worse of both worlds.

I've been wondering why we aren't hearing about self-driving freight trains, there are so many startups trying to solve a problem of self-driving cars, but the problem of freight trains is easier to solve, just control speed. Is there a conspiracy out there? Yes I have seen a few drops of the news here and there, but that's something that can be built right now and it doesn't have any coverage in the media.

TIP: Any internet request starts with DNS and you might be profiled by DNS server provider, so choose your wisely! Get it under your control: replace default DNS service from your ISP and try avoiding companies that supply other services to you. Better run it yourself.

TIP: Divide and conquer or more business friendly separation of duties is very applicable to privacy, if you are using particular mobile phone vendor, just do not use web browser that was made by a same company. If you are using some web service(like free email) try to use tools(browsers, mobile devices) made by a different company to access that service. Less connection particular corporate entity could make off of your data harder for them to profile you.

I don't use Google, but people were complaining that service is down. Any one?

TIP: For better privacy use a search provider that doesn't personalize your internet searches, and potentially doesn't track search criteria. For example DuckDuckGo declares in their FAQ that they do not track user search criteria and thus can't filter out items based on previous searches and they don't have access to any other cloud data that can be used for the same purpose.

Went out to whiskey tasting event organized by North Texas ISSA, it was good to meet fellow cybersecurity practitioners and taste some whiskey.

Some people take dramatic turn and switching to dumb phones, while there are actual benefits as when it comes to your attention and just general health and well being, biggest drawback is your privacy as mobile cell phones and SMS messages are easily interceptable and unencrypted. You'd be better off switching to Linux phone, same benefits due to a lack of main stream entertainment/social media apps, plus encrypted communication with strong communication apps. Best of both worlds!

@mike so what you are saying that campaign posing as fake Coursera or Degreed would work better. You need to share those details with infosec folks :)

@mike yeah unfortunately that's where things are going, Tesla is also using a subscription model for self-driving features, but that one is a bit more justifiable since the AI model is a software and so on, but charge for a heated seat is a pure greed.

Thus protecting your privacy is not necessarily about protecting your data it's about protecting your metadata. It's about depriving providers of those pieces of metadata they would typically use to perfect prediction models they created for you. Models that would better understand you, even better than you understand yourself, up to the point when your next move is sold ahead of you reaching decision point for it.

Show thread

When talking about privacy especially in the context of a social media people often resort to an argument like "What's a big deal, I meant for that picture to be public." and you are absolutely right, that picture of yours is the least important price of information. What's more important is what is called metadata. Metadata that allows provider to answer questions like what he was doing before he posted, what he was doing afterwards, how friends reacted, why he posted and so on and so forth.

Free market does not exist when market players make their purchasing decisions based on metrics that have no correlation to price or value of the product or service.
However true power comes when you can control social narratives that define those metrics and if you can bet on players acting in a particular way because of those social pressures created by metrics you have achieved ultimate power to predictably generate piles of money, hmmm ... wait this is how media-WallStreet symbiosis works.

@mike Here is a potential use case, let's say recipient of that information can't run PGP, so they involve their IT staff, but do not want them to see information, so 4096 bit key to cover transmission, and then simple zip pass to prevent IT from picking into it.

Show older
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!