Last week an associate sought help from being digitally stalked, after sifting through a few guides these were the most thorough I've found for basic cybersecurity.
Hackblossom (very thorough, has a 'cheat sheet' condensed version, but lots of reading to do and can be overwhelming in times of emergency)
Hackblossom (very thorough, has a 'cheat sheet' condensed version, but lots of reading to do and can be overwhelming in times of emergency)
Chayn's brief guide (quick, not thorough):https://chayn.gitbook.io/diy-
Chayn's complete guide (I've not yet reviewed it--note that it's a separate link but includes a sort of procedural outline for navigating through all elements and a step for basic risk assessment in the process):
https://chayn.gitbook.io/
WHO'S BEHIND SOME OF THE "REOPEN" CAMPAIGN?
As an example of digital security risks based on current events--someone (not me) found and compiled a list of various websites and IP addresses belonging to the various groups that advocate for re-opening the economy.
There's at least one case of a few names and physical addresses being found (possibly including someone's home), several gun companies and coalitions (which corroborates reports that the protests were quarterbacked by 3 brothers who owned a gun company) and another being traced to being funded by the Nevada Republican Party.
https://docs.google.com/spreadsheets/d/1HQnx-RvMM7BrpX1ysgjqzu8XkaDeu0w4gJgTtzB3dfk/edit#gid=0
On one hand, I think of how some native horseback warriors would carry a special stick and tap an enemy with it in battle as a kind of humane way to acknowledge they've bested the opponent while sparing their life. So when it comes to this kind of quasi(? I don't really know what the official definition is)-doxxing, there's a part of me that just wishes they'd get their act together and that folks would gently tap them on the shoulder (or leave a note at their doorstep).
Violence often manifests an unusual duality to the spirit.
Use caution with online social media quizzes--or just don't do them:
Given that we're 1) in the midst of a major election year 2) in the midst of a major pandemic that forces everyone to stay at home and use the internet more often if they have access to it and 3) at the cusp of a major economic crisis
This is a key time for gathering information and refining ai + fake social media profile creation.
The Senior Picture challenge, and various personality quizzes are all prime suspects.
[see Ukrainian connection to the quizes]
ZOOM
Meanwhile, the reason for concern over zoom's security vulnerabilities for folks who tend to get lumped into the other side of the political spectrum:
For folks who downloaded the app, it's possible someone could get your own IP address much like the stuff above. Since the "zoombombing" incidents often targeted PoC
I'm not going to put energy into editing a comment I made elsewhere so here's the basic reason for caution among folks who are often targeted by the Neonazi groups that have disrupted various zoom meetings:
The issue with zoom for people who advocate: to wait and continue trusting a platform where Neonazis already coin the term "zoombombing" for its easy exploits is a serious risk--especially to anyone that's not compatible with the white supremacist agenda. Your fundamental safety and survival outweighs features and nice feelings for professionalism or at least should for people who've historically had the cards stacked against them.
For people whose communities or families have directly been threatened by neonazis, leaving trust to a company with your presence and data--chats, names, correspondence, images, likely user IP addresses and MAC addresses [which can reveal one's personal physical location] too for those who installed--is a serious threat to personal safety and also national security considering the encryption key behavior and where the zoom development division is based or if data gets intercepted and brokered out in unscrupulous ways.
The last item I'll raise is that zoom isn't based on open source principles which probably says a lot about their fundamental paradigm and culture for transparency. That they've repeatedly misrepresented their security assurances -- much of it being architectural and organizational level -- suggests to me it'll take a while to fully adjust their stance.
https://www.npr.org/2020/04/
As always I also need to include a disclaimer: as individuals, I
appreciate and respect my international friends. I also know that
countries, US, China, Iran, Russia, wherever--don't always act in the
best interest of each others' residents (including their own), and
remind folks that several of these countries often set up, fund, or even
operate entire companies, not to mention often have specialized
departments or units where peoples entire full-time job entails
adversarial and exploitative activity.
In the U.S., we've seen various tensions and systemic issues in society further amplified and exploited--whether it's racial tension and police brutality, or rumors of chemical plants exploding that rely on digital gossip to spread, or as most of us have heard about and witnessed, propaganda, false news, and misinformation around political candidates.
In the U.S., we've seen various tensions and systemic issues in society further amplified and exploited--whether it's racial tension and police brutality, or rumors of chemical plants exploding that rely on digital gossip to spread, or as most of us have heard about and witnessed, propaganda, false news, and misinformation around political candidates.
No comments:
Post a Comment