Cyber Extortion

How often do you use your email? Your Twitter / Facebook / other social media accounts? Your cloud apps? What would you do if you lost it all? What is recovering it worth to you?

When we have something of value, it becomes a target. And, the more we entwine our lives with technology, the more valuable those 1s and 0s become to us.

Though cyber extortion is not new, it is interesting how common it is becoming.

The latest attempt I recently read involved the loss of the @N twitter handle, which was facilitated by both PayPal and GoDaddy.

Then there is the case of Hunter Moore who was arrested and indicted by the FBI for his involvement in hacking private email accounts to gain access to explicit pictures that were meant for private use only. While this was not exactly extortion, it was a method of hacking and stealing of personal digital property that was used to shame and make money off of unsuspecting people.

Last year the story making the rounds was about Cryptolocker hijacking people’s data and then requiring money to unlock it and regain access to it.

Then there was of course the great Facebook, Gmail, Twitter hack I wrote about in December.

This is by no means an exhaustive list, rather just one to show the different ways your data can be used against you.

What does this all mean for you? It should heighten your awareness of cyber security and the very real threats that exist out there today. How do we mitigate these threats? We do what we can to protect our data. Following is a simple list of steps you can take immediately to avoid becoming a victim.

  1. Back up your data
  2. This means not only data you physically have access to like your financial documents, family photos/videos, or your music – but also your online presence. Many social networks let you download the entire contents of your user profile. You should also consider redundant backup options such as physical backups and off site backups. Just remember to make sure both are secure.

  3. Use 2-Factor Authentication
  4. Facebook, Gmail, Twitter, Paypal and more utilize 2-factor authentication. My first introduction to this was using an authenticator for my World of Warcraft account, which I opted for as soon as they were made available. I still use 2-factor on that account today. This Life Hacker article has a great rundown of all the places you should enable it. Do it now!

  5. Hide Sensitive Information
  6. While sites may require you to provide a birthday or email address, the also usually give you the ability to keep this information private. Those who need to know the year you were born or your private email address already have that information or can ask for it. There is no need for it to be out in the open for everyone to see. Also, don’t let sites save your credit card information. While it is an added convenience, as the case of @N above demonstrates, it can be used against you. Other advice he offered in his article was to call your institutions and require them to NOT share any of your personal information over the phone. That means birth dates, names, or partial information like last 4 of social or credit cards.

  7. Be Wary of Strangers
  8. This may sound odd as the whole allure of the internet is connecting with strangers. However, if you don’t know someone, you should be very cautious about letting them into any social network circle where they can find out more information about you as this can be used against you.

  9. Be Careful Online
  10. Don’t click on anything you can’t easily identify. Don’t submit information to sites you are not familiar with. Don’t trust things just because they come from people you know. Don’t download things to your computer without some sort of software protection installed.

In summary, treat your digital property much like you would treat your physical property. Follow the Hide Lock Take philosophy. It works for both your email and your car.

Facebook & Self-Censorship

Salon recently featured an article (Salon.com) about a study (PDF) that reveals how Facebook monitors self-censorship by tracking everytime we type something, even if we decide not to post it. While it is understandable that people are concerned with this tracking of information that we do not share, I believe it is also important for us to understand that Facebook is not a free service. We pay for the opportunity to use this service by providing our precious data. Therefore, it is Facebook’s goal to gather and retain as much data as possible, even if that data is never explicitly shared.

Though I do not agree with their practices, as I am an advocate for the user and users rights when it comes to their data, I do understand them and contend that it is within their right to do this – even if it is an unsavory practice to perform. As a user, your rights and your power lay solely within the choice to use the product. If you want to retain ownership over your data, sharing it on a service where you provide said data for payment of using the service, is likely not the wisest choice. Keep that in mind when you type anything into any text box anywhere on the web, because as this example proves, that data may be saved even if you hit cancel.

Facebook, GMail, Twitter, Hackers, 2-Factor Authentication and You

Being the 2-factor security person that I am, I know many of you have probably read about Facebook, GMail, and Twitter passwords being hacked. Though you can’t do much about that (other than not have accounts with those services of course), there are steps you can take to keep those accounts secure even if someone else has your password. All that is required is that you have a mobile phone and that you set it up from your computer (I don’t know of a way to do this from the mobile side only).

Facebook:
Facebook users, to enable the 2-factor setting click on the lock icon and click on the link at the bottom that says “See more settings”.

Once there, click on the Security link 2nd from the top on the left.

Then click on Login Approvals.

There you will be given a checkbox to “Require a security code to access my account from unknown browsers”.

You can check that box and then choose which method you use to get your codes. I chose the code generator because that will work even if I only have access to WiFi, whereas receiving a text message may not. I would also at this time generate extra codes just in case you lose your phone. Save them in a place that will be easy to access, so you can get back to your account easily should you need to.

While you’re in the security section I would also suggest you check the active sessions and recognized devices. End activity on anything you don’t recognize. Lastly, setup your trusted contacts. Be sure to choose people who actually use Facebook regularly.

GMail:

GMail users who use their accounts on multiple devices may find this method a bit cumbersome, but it’s only cumbersome to setup. Once it’s done, you don’t have to make any changes unless you get a new device or wish to disable it.

Login to your GMail account and then find the cog icon under your picture on the upper righthand side of your screen and click settings.
Screen Shot 2013-12-05 at 12.41.44 PM

Once there, click Accounts at the top and you will find security settings.
Screen Shot 2013-12-05 at 12.45.46 PM

Clicking Account Recovery Options lets you set up your phone to use to recover your account should you forget your password or to challenge hackers. You can also add a recover email address as well as an alternate email address you can log in with. I would highly suggest doing both.

Clicking Other Google Account Settings will take you to a page that lists all of the settings for your Google identity. If you’ve never been here, I suggest you read it so that you understand more about the way Google views & uses your information. For our purposes today, click on Security from the menu on the left.

From there, scroll down to the bottom to find 2-Factor Authentication and turn it on.
Screen Shot 2013-12-05 at 12.51.47 PM

After you set it up, you will want to create device / application specific passwords for your account so that you can log into your email through your phone, tablet, or other device that doesn’t use 2-factor authentication. You can click on the link visible in the screen shot above to get there.

Pro-Tip, you can use one generated password for all of your devices if you enter it into all of them at the same time. Caution though, if you do that and have to revoke it for some reason (you lose your phone), you’ll end up revoking it for all devices instead of just that one.

Twitter:

Login to Twitter and click the cog icon on the top right hand side of the nav bar.

Then select settings from the menu.

Then select Security and Privacy from the menu on the left.

Then select one of the two login verification options available.
Screen Shot 2013-12-05 at 1.23.50 PM

Hopefully this was helpful to some of you. I know these settings can seem buried and intimidating if you’ve never used them before, but I suggest it is worth it to go through all of this trouble so that you don’t end up losing your digital life to someone else’s malicious activities.

Censorship Quotes by Literary Authors

Censorship Quotes by Literary Authors

Correlation != Causation

This:

The Subversiveness of Elvis Presley

“Communist authorities equally understood Elvis’s subversive manner, even as an Army private.When it was announced that Presley was bound for the U.S. base at Friedberg, the East German Communist Party accused the United States of plotting to undermine the morals of Red youth,’ Karal Ann Marling relates. ‘To show that this act of provocation would not be tolerated, party boss Walter Ulbricht ordered the arrest and imprisonment of fifteen teenagers who marched through the streets of Leipzig in 1959 shouting, ‘Long live Elvis Presley!’” (p. 268) 

Cohen, R. D. (1997). The delinquents: Censorship and youth culture in recent US history. History of Education Quarterly37(3), 251-270.

What is your attention being diverted from?

Rather than simply forbidding young people to listen to certain forms of music, read certain books, or see certain movies, many families have abdicated this responsibility to civic action groups and the government. Such a relinquishment of authority over individual lives has led to denunciations of various media forms, calls for self-regulation of individual mediums, and attempts to ban completely some sexually explicit speech.” (791)

Perhaps even more important than the right of Americans to decide what they wish to read, see, and hear for themselves is the fact that this generation’s purity crusade is diverting national attention away from more important areas. Indeed, many individuals who believe in a government based on popular participation have not yet realized that by devoting so much energy to what is essentially the private business of American citizens, their attention has been successfully diverted from participation in the political and economic planning processes of the nation.” (850)

Interesting that if you consider gaming, specifically violent video games, to be the topic at hand, these conclusions are as relevant today as they were over 20 years ago. 

Blanchard, M. A. (1991). American Urge to Censor: Freedom of Expression Versus the Desire to Sanitize Society—From Anthony Comstock to 2 Live Crew, The. Wm. & Mary L. Rev.33, 741.

So, about that dissertation thing

Well, being a PhD candidate means one thing and one thing only – now I have to write a dissertation. While yes I knew this was the next stage in the journey, I am not sure I am adequately prepared. I know that seems silly, I mean I have written a Master’s thesis and all. This one just seems (and is!) so much bigger and more daunting. I’m one of those people where the more daunting something seems the harder it is for me to get going on it. However, once I get going I’m usually FULL STEAM AHEAD! 

Now to just figure out how to get going. One thing I’ve tried so far is to buy a few books on the subject of dissertation writing. Since this particular piece of writing is more traditional than say my past ethnographies, I really have to figure out the ins and outs of it and what is expected of me. While I’m sure there is likely some dissertation writing class offered by the university, I am not local and therefore cannot take advantage of that.

So, this means I need to educate myself on it.

Here are the books I bought:

  1. Writing a Successful Thesis or Dissertation: Tips and Strategies for Students in the Social and Behavioral Sciences 
  2. How To Tame Your PhD (Thesis Whisperer Books)
  3. Authoring a PhD: How to Plan, Draft, Write and Finish a Doctoral Thesis or Dissertation (Palgrave Study Skills)

So far book 1 reads more like I textbook than I would like, but I’ll muddle my way through it anyway. 

Book 2 seems good, but it has a lot of weird typo issues on the Kindle edition. 

Book 3 I have yet to start. I’ll at least finish book 2 first before I try. Book 1 may take a little longer. 

My goal is to have these finished by the end of September as I’d like to try to have my first three chapters written by the end of November so that I can defend my topic before the ends of this semester and hopefully get my IRB application submitted and turned in at the start of Spring (if not just before). This has to be done soon in order for me to start my research portion in January and hopefully be finished with the physical research aspect by end of February. Then analyze the rest of spring and into summer when I hope to finish and then start writing by fall to submit my first draft by the end of that semester or by the beginning of Spring 2015. 

My goal is to graduate May/15. I’ll have finished my phd in 5 years if I can do that. That doesn’t seem so bad in my book. Especially given that I have a full time job and twins! 

Fedora Research Citation

You can now cite my Fedora research using this APA citation

Harrelson Hubbard, D. (2013, July). An Exploration of Fedora’s Online Open Source Development Community. Paper presented at the Free Software Workshop, FISL14, Porto Alegre, Brazil. Retrieved from http://softwarelivre.org/wsl/blog/wsl-2013-schedule

You can view it on Scribd.

International Free Software Workshop Presenter

Hi everyone!

Just a quick update to inform those who follow me due to my work on Fedora. A version of my masters thesis will be presented in Brazil (via video) on July 5th at the International Free Software Workshop.

You can find more information here: http://softwarelivre.org/wsl
I’m in Session 4.

You can find my full paper as submitted here: http://tux.gseis.ucla.edu/WSL2013_papers/Harrelson-fedora03.pdf

There may be edits to this paper as a result of this workshop.

More to come!

Edit: You can now cite my Fedora research using this APA citation

Harrelson Hubbard, D. (2013, July). An Exploration of Fedora’s Online Open Source Development Community. Paper presented at the Free Software Workshop, FISL, Porto Alegre, Brazil. Retrieved from http://softwarelivre.org/wsl/blog/wsl-2013-schedule

Gaming, Blogging, Social Networking & More!