Tech Friday with Dave Hatter - August 7th 2020 - SPONSORED BY INTRUST IT


  • How to erase much of your digital footprint:
    • Many people would like to take back what they've posted online because old information can be dredged up to cause problems
    • Before you go full Luddite, understand that most human-resource departments and college-admissions offices often use social media to review candidates
    • If an individual is off the grid it may be held against them. Some organizations see this as the individual has something to hide or is not tech savvy
    • The best best is to think before you post, and carefully limit your digital footprint going forward, and clean up what's out there
    • What you can do:
      • Delete old unused email accounts
      • Delete old emails
      • Delete old content from social media platforms. This may be very tedious and time consuming
      • Disconnect connected apps and platforms to stop information from leaking between platforms
        • Use good cybersecurity practices:
        • Strong, unique password for every account
        • Multi-factor authentication (MFA) everywhere you can
        • Anti-malware software
      • Lock down social media understand the privacy settings more importantly, understand that once you post something, it's nearly impossible for it to be truly private
      • Use a Virtual Private network (VPN)
      • Use privacy friendly platforms and tools:
        • DuckDuckGo
        • Tor
        • Firefox
        • Brave
      • Lock down your browser and use extensions like Privacy Badger and HTTPS Everywhere to limit tracking
      • Create "burner" accounts
      • Turn off services like location and bluetooth when not needed
      • Ensure that cloud based backups are secured with a password, MFA where possible, and encrypted
      • Work with a company like Delete Me who for a fee will provide annual "protection plans" that guarantee removal of your personal data from data-broker services
      • Remember that in many cases, once you delete content, there is no way to retrieve it
      • Also, understand that old content may be archived somewhere like the Wayback Machine:https://archive.org/web/web.php
  • Billions of credentials can be purchased online:
    • New research by Digital Shadows shows that nearly 15 billion credentials (username and password) are in available in Dark Web markets
    • Digital Shadows research also shows a 300% increase in stolen credentials from over 100,000 data breaches in the past two years
    • Sadly, these credentials (creds) cover a wide variety such as bank accounts, social media and video streaming services
    • More than five billion creds were assessed to be "unique", meaning they have not been advertised more than once
    • Because of credential reuse, these creds could be reused to compromise many accounts
    • The average credentials sell for $15.43 but some are free. As you might guess, financial accounts are the most expensive at $71 but may go for as much as $500 based on the account's "quality"
    • The security researcher behind HaveIBeenPwned, Troy Hunt, recently said he had noticed a lot more credential lists in circulation recently and they seem to be growing quickly
    • On a bright spot, Hunt said “These lists are also dependent on having passwords accessible in either plain text or with weak cryptographic protection (i.e. MD5 or SHA-1 hashes) which fortunately is becoming increasingly uncommon"
    • Digital Shadows also reported on the rise of "account takeover as-a-service" where criminals can rent credentials often for less than $10
    • You should use strong, unique passwords for each account
    • You should enable multi-factor authentication (MFA) anywhere and everywhere possible
    • You should use a password manager like LastPass
    • You should check for compromised credentials:
      • Chrome and Firefox can now check for compromised credentials when you login
      • Check for compromised creds here:https://haveibeenpwned.com/
      • Most identity theft protection services will provide this as part of their fee
  • The vast quantities of data being collected from your devices may be used to "score" you:
    • Companies you've never heard of are collecting your data to generate "surveillance scores”
    • The scores, think of your credit score, can be used to predict your future behavior
    • The score are sold to organizations that use them to make decisions about you
    • People who have low scores can potentially suffer negative consequences
    • For example, CoreLogic sell scores to landlords that they claim will predict if a potential tenant will pay the rent on time
    • The Chinese Communist Party has been doing something similar for some time
    • Per Wikipedia: "The Social Credit System is a national reputation system being developed by the Chinese Communist Party (CCP), under CCP General Secretary Xi Jinping's administration. The program initiated regional trials in 2009, before launching a national pilot with eight credit scoring firms in 2014. In 2018, these efforts were centralized under the People's Bank of China with participation from the eight firms"
    • This is made possible by the fact that "smart" devices (IoT) are constantly collecting every detail about our lives. In our surveillance capitalism model, we mostly provide this data voluntarily
    • Coupled with rapid advances in technology such as AI, these companies can crunch this data in near real time leading to a score
    • We don't know what data is used, how the score is calculated and in most cases, if we are penalized by a low score
    • Privacy experts have raised concerns becasue you have no way to see or dispute your score
    • In the Washngton Post, consumer advocates Harvey Rosenfield and Laura Antonini said "Surveillance scoring enables companies to cloak old-school discrimination in an aura of technological infallibility and wonder."
    • So far, there is nothing to regulate these practices
    • Rosenfield and Antonini also wrote "Secret surveillance scoring places us at the precipice of the 'singularity,' a dystopian turning point after which machines will make judgments about humans that will determine our fate. We either seize control of our future, or risk losing it."
    • New privacy laws like the California Consumer Privacy Act and others may help address this in the future
    • Contact your Federal representatives and make them aware of your concerns about these practices

55KRC · THE Talk Station in Cincinnati

Listen Now on iHeartRadio