Now I really feel like a Borg – it’s like we’re all thinking (and writing) about the same thing. It’s hard to tell where the ideas come from sometimes.
They also offer free SSL certificates. There is a small fee for business use of these wonderful offerings.
Sometimes you’ve just got to pay for the Lamborghini*** if you want to get there fast and you’re going after the big prize, right?
So – this ain’t one of the free ones that I’m going to be telling you about, know what I mean? But it all depends on what your goals are, doesn’t it?
Well.. I guess the Lamborghini analogy only goes so far… but I would just love to drive one ONCE in my life (forgettabout owning one…) I can dream, can’t I?
So – let’s choose which one:
OK> I’m done! (yes, I can drive any stick shift)
The MOST important film about information security and privacy that has come out in recent memory. For ALL audiences – no tech knowledge required.
PLEASE WATCH this trailer!
It doesn’t matter if you don’t know a mouse pad from an iPad. SERIOUSLY.
It is not even remotely technical – but it will open your eyes to what is REALLY going on out there every single moment of every single day of our lives. And that is NO exaggeration.
You might (I hope)t never look at your own interactions with the world in the same way again. After just watching this trailer! If you take it seriously.
Or, you might just write it off as paranoia and say “it’s not going to happen to me.”
Right now, those of us who write and speak about this are almost always written off as fringe extremists. Well-intentioned, but prone to paranoia you’d say. Right?
Don’t even read the rest of my long-winded post if you’re bored… just watch the trailer. Let’s see if we can get the film somehow (I don’t know how – I contacted the distributor today).
I’m so embedded into the Google/Facebook matrix (will it become GoogleBook some day? Who will win in this quite sinister and insidious drama that you don’t even know about…) that I don’t know HOW to extract myself.
I will try – but the data is out there and these footprints are more permanent than the ones on Hollywood Blvd.
WAKE UP CALL PEOPLE!!
Take a real look at what it really means to be using EMAIL! (the way that most people use it right now…)
If you only focused on that ALONE, you’d be five YEARS ahead of 99.999% of people…
Don’t trust me! Do some research on… dare I say it.. that data-mining powerhouse… Google!
Put in some search terms like “is email secure?” or something like that. Or – ‘implications of using plaintext email’ (which is what it is).
Check on the Comodo.com Website – just for example. There’s a nice little statement about email on there- they’re not even selling you anything (or rather – they have free versions of just about everything you’d need). I think it’s right around where they offer free digital certificates from a trusted Certificate Authority. Read about Digital Signatures. I did, and I use one now on every email I send. It took me a little bit of brain power to figure out – but it was FAR from rocket science (because I’m far from a rocket scientist 🙂
Read my post about the new exponential increase in the “ways and means” by which Facebook is potentially going to give even Google a run for its money as GOD OF DATA-MINING!
I’ll start to explain (from a beginner’s perspective however) how this is all so easily done with some basic training:
I’ll list the TOOLS and/or software (almost all free), most of which I don’t even really know how to use yet as a beginner, but I’m learning, I’ll also try to create a compendium or library of online, up-to-date, sources/resources for news and information, that verifies, explains, and reveals why you would be ABSOLUTELY mistaken if you decided not to take this seriously.
Or, if you were foolish enough to think that it wasn’t already happening, en masse.
Free tools we can ALL download in seconds… that hackers use routinely:
Tool ONE (of MANY)
Let’s start with Wireshark.. http://www.wireshark.org/
Then there’s Tenable Nessus
This is just a two second, off the top of my head list… I can come up with dozens and dozens of others and those are just the ones I know (which is probably the tip of the iceberg. .
Go to the DefCon Website
Note: There is no harm in posting these tools. They’re straight from my textbook for the most part. You can get them in seconds with any search engine for Pete’s sake! They’re not the problem. They need to be readily available and they are routinely used by network administrators and security professionals to find vulnerabilities in networks – it’s essential!
It’s like any ‘practicing’ that people do in sports or whatever. You simulate and learn from experiences that are as close to real (or probable) as possible. The military calls them wargames. They’re nothing new – just new tools for the job. It’s called Penetration Testing (love the sexual innuendo there?) in the Information Security/Cybersecurity field.
Many more tools and links to what’s really going will follow – I promise!
Are there solutions?
YES – one thing is called encryption (also ancient in origins) We need end-to-end encryption to become a matter-of fact for anything and everything we do!
Is it easy to use now? Not easy enough, unfortunately. Certainly not for the general consumer audience. It’s too hard, I think. It CAN be done, but the likelihood of adoption in its current form is close to zero IMHO!
NOTE: This obviously will NOT stop folks from divulging stuff on so-called “social media sites,” even though behind that lovely facade of creating a wonderful world of sharing there lies a data-mining beast the likes of which has never been seen before in the history of humanity.
Read all about it on my site – and do your own research! But don’t trust the people selling you the product- – get it?
These sites, GoogleBook and such, (and I’ll have to provide evidence to back this up) are very much like magicians in how they interface with us – there is a lot of ‘slight of hand’ and misdirection going on.
They’ll continue to make LOUD public announcements stressing their new ‘security measures’ and how they are increasing your privacy day by day!!!!
That is what you’ll read about in the news and what you’ll believe – because you WANT TO believe it and because you know no other reality and have RELINQUISHED CONTROL.
You feel that privacy is an absurd notion in this day and age, and it’s FAR too late to exert any control anyway. Right?
YOU ARE WRONG!
There is actually HOPE for us, and certainly hope for those that we train correctly for their journey into The Matrix!
These TOOLS – the ones that allow invasion – and the ones that enable protection – have actually been around for AGES (in Internet time).
The social media nightmare though?
That’s sort of newer – and harder to grasp in terms of true implications because even the companies themselves haven’t yet ‘invented’ the ways in which they can and WILL use the data.
Read my posts as they develop, and if you think I’m some sort of lone gunman on this, I can refer you to many other MAJOR bloggers and writers who have already written to me privately that they agree with every single thing I have just said.
Let me hear from you!
Questions, Comments, Suggestions, etc. for stuff I’m looking for, and stuff you want me to look for!
Anything goes. I want to start to make this a conversation instead of a lecture! 🙂
food for thought… I can’t comment since I’m an absolute beginner as a first semester cybersecurity student – but I’m reading as much as I can!
Software developers regularly attempt to create new encryption and hashing algorithms, usually to speed up things. There is only one answer one can give in this respect:
Here is a short summary of reasons why you should never meddle in cryptography.
- Cryptography is mathematics, very advanced mathematics
- There are only a few good cryptographers and cryptanalysts and even they get it wrong most of the time
- If you are not one of them, never, ever, ever try to write your own cryptographic routines
- Cryptography is a very delicate matter, worse than bomb defusing
- Consequently you must know that most usual “cryptographic” functions are not
- Even when it is good, cryptography is too easy to abuse without knowing it
- Bad cryptography looks the same as good cryptography. You will not know whether cryptography is broken until it is too late
So, I hope you are sufficiently convinced not to create…
View original post 126 more words
Excellent! Exactly what we need to see more of! Get it out there so people can begin to let it sink in and do something about it! Thank you for creating this!
Sophos has written a guide that helps even your grandmother understand phishing and encryption. “Threatsaurus,” a .pdf guide you can download for free from Sophos, and is written in plain language, not security jargon.
According to Sophos, “Whether you’re an IT professional, use a computer at work, or just browse the Internet, our Threatsaurus is for you.” It includes an A-Z glossary on computer and data security risks as well as practical tips to stay safe from email scams, identity theft, malware and other threats.
Disclaimer: MIT (and IS&T) does not officially endorse, support or recommend Sophos products. Please contact the company directly if you are interested in them.
Good article. If only people would start to listen and do some of these things.
Tomorrow – I’m going to start posting links to the TOOLS we (ummm… we cybersecurity students and they – hackers) can easily use to gain access to just about anything. Since I’m a beginner I’ll state right up front that I barely know how to use these tools (yet) – but I do know they’re out they’re – they’re mostly FREE – and they’re highly effective and very, very sophisticated.
Why do WE have or use them? Because it is the Prime Directive that those of us who seek to PROTECT networks (and therefore your information) MUST be able to probe those networks (penetration testing) for vulnerabilities just as well as the miscreant trying to access said networks…. You look for holes and you attempt to fix them. It’s how it works – or should work.
What ELSE is done with these same tools? I think you can guess. Can’t you? Let me know if you can’t. More on this tomorrow. Or today since it’s 3:43AM and I need to get some sleep!
Personally, I think that the data-mining capabilities of Google and Facebook make them the two biggest threats to information security and privacy that have EVER existed in the history of the world.
Whatever they may offer (privacy tools???) and whatever they may say publicly, the reality as I see it is that there is an absolutely monstrous gap in the public consciousness between what it even MEANS to digitize information (those permanent footprints or fingerprints or whatever dopey thing you want to call them – that are there indelibly and irretrievably) and the potential implications and effects of that digitization.
These companies aren’t evil in any way. They’re just – how do you say it? A-moral? Or Neutral when it comes to impact? We’ve seen this when it comes to the exposure of places like (well, really any big company) using Chinese (what is essentially sweat-shop) labor.. and countless ways that defy imagination.
The point is – people can’t even conceive of how their information could be used. In fact, I surmise that even these companies themselves have only just begun to figure out how they can use the untold terabytes of information that flows into them every single day. I’m not even sure there is a means of quantifying it. But, they hire the BEST and the BRIGHTEST and well they should.
The conundrum remains though. You can’t teach people about something they don’t even know exists. It’s just not on people’s RADAR in general. It won’t be until there’s a critical mass of exploitation. I’ve got NO clue as to what that breaking point will be – but it will happen.
Unfortunately, it is already too late (in a sense) for most of us – who have been (including myself – and I’m a cybersecurity student!) streaming information out there for countless years… all in cleartext – all sitting on countless redundant servers in countless places around the world.
I’m staggered by the implications and I don’t even think I know the extent of the implications 🙂 Until encryption is (hate this word) UBIQUITOUS there is really not much hope. And until people stop putting their lives online (which is almost inconceivable actually at this point in how society functions) – or are much, much more selective about it – it is probably hopeless. We can only true to accelerate the seepage – and keep writing about it until it seeps into public consciousness and then maybe we can (or some generation can) come to grips with the Matrix that we’ve already created. Right now though? We aren’t even putting on the bandages that are out there – because people don’t even know they are bleeding!