Home Tech News Five Tech Commandments to a Safer Digital Life

Five Tech Commandments to a Safer Digital Life

347
0

Tech is constantly changing, and so is the way we use it. That means we always find new ways to let our guard down for bad actors to snoop on our data. Remember when you shared your address book with that trendy new app? Or when you posted photos on social networks? Those actions may all threaten the security of ourselves and the people we care about.

Vijay Balasubramaniyan, the chief executive of Pindrop, a security firm that develops technology to detect fraudulent phone calls, said we should never forget that fraudster could eventually use any piece of our identity we post online to hijack our online accounts.

“Your digital identity, which comprises all your pictures, videos, and audio, is going to fundamentally allow hackers to create a complete persona of you that looks exactly like you without you being in the picture,” he said.

So here are some essential guidelines — like strengthening passwords and minimizing the data shared by your phone camera — to keep you and your loved ones safe for the foreseeable future. I refer to these as the five tech commandments, hoping you will remember them as if they were gospel.

Digital Life

Let’s talk about bad password hygiene. According to a survey by Security.org, a research firm, about 45 percent of Americans use weak passwords that are eight characters or fewer. (Fourteen percent used “Covid” in their passwords last year.) The majority of Americans also acknowledged reusing passwords across different sites.

This opens doors to many security issues. Weak passwords can be easily guessed by hijackers trying to access your account. And if you use the same password for multiple sites, like your banking account, Target shopping account, and Facebook, then all it takes is for one of those sites to be hacked to make all those accounts vulnerable.

For most people, the simplest solution is a password manager, software that helps automatically generate long, complex passwords for accounts. All the passwords are stored in a vault accessible with one master password. My favorite tool is 1Password, which costs $36 a year, but free password managers like Bitwarden.

The other option is to jot down passwords on a piece of paper stored in a safe place. Make sure the passwords are long and complex, with some letters, numbers, and special characters.

No matter how strong you make a password, hackers can still get it if they breach a company’s servers containing your information. Security experts recommend multifactor authentication, also known as two-step verification.

Here’s how two-factor authentication has generally worked: Say, for instance, you enter your username and password for your online bank account. That’s Step 1. The bank then sends a text message to your phone with a temporary code that must be punched before the site lets you log in. That’s Step 2. In this way, you prove your identity by accessing your phone and that code.

Most mainstream websites and apps, including Facebook and significant banks, offer methods of two-step verification involving text messages or so-called authenticator apps that generate temporary codes. Just do a web search for the setup instructions. If a company doesn’t offer multifactor authentication, you should probably find a different product, Mr. Balasubramaniyan said. “If a vendor says, ‘All I’m doing is passwords,’ they’re not good enough,” he said.

Many of us rely on our smartphones for our everyday cameras. But our smartphones collect lots of data about us, and camera software can automatically note our location when we snap a photo. This is more often a potential safety risk than a benefit.

Let’s start with the positives. When you allow your Camera to tag your location, photo-management apps like Apple’s and Google Photos can automatically sort pictures into albums based on site. That’s helpful when you go on vacation and want to remember where you were when you took a snapshot.

But when you aren’t traveling, having your location tagged on photos is not great. Let’s say you just connected with someone on a dating app and texted a picture of your dog. If you had the location feature turned on when you snapped the photo, that person could analyze the data to see where you live.

Just to be safe, make sure the photo location feature is off by default:

On iPhones, open the Settings app, and select Privacy, Location Services, and Camera. Under “Allow Location Access,” choose “Never.” On Androids, inside the Camera app, tap the Settings icon that looks like a gear cog. Scroll to “tag locations” and switch the toggle to the off position.

You might temporarily turn the location feature on to document your vacation, but remember to turn it off when your trip ends. Jeremiah Grossman, the chief executive of Bit Discovery, said we should be informed about the photos we take and send to others.

Explicit photographs could eventually be exposed to the public. “People break up, and people are jerks,” he said. “Even if that isn’t the case, you give some photos to someone, and they get hacked, and all of a sudden, it’s out there.”

We must learn this lesson repeatedly: It’s generally not a good idea to give away information about your friends when using websites and apps, especially with unknown brands. When you share your address book with an app, you can provide the names, phone numbers, home addresses, and email information of all your contacts to that company. When you share your address book with an app to invite others to join, you give away others’ data even if they choose not to accept the invite.

Typically, when you share your address book with an app, it’s to find other friends who also use a service. But Clubhouse, the social networking app popular during the pandemic, was recently criticized for its aggressive collection of address books.

Users could decline to share their address book when signing up for Clubhouse. But even if they did so, others on the app who had uploaded their address books could see that those new users had joined the service. This wasn’t ideal for people trying to avoid contact with abusive exes or stalkers.

There are kinder ways than sharing your address book to find out whether your friends are using a new service — like asking them directly. According to a French data regulator, moree than 10,000 users signed a petition complaining about the privacy flair, which said last week that it had opened an investigation into Clubhouse. Clubhouse updated the app this month, addressing some of the privacy concerns. It did not immediately respond to a request for comment.

All security experts agreed on one rule of thumb: Trust no one. When you receive an email from someone asking for your personal information, don’t click on any links and contact the sender to ask if the message is legitimate. Fraudsters can easily embed emails with malware and impersonate your bank, said Adam Kujawa, a director of the security firm Malwarebytes.

When in doubt, opt out of sharing data. Businesses and banks have experimented with fraud-detection technologies that listen to your voice to verify your identity. You may even occasionally interact with customer service representatives on video calls. The most sophisticated fraudsters could eventually use the media you post online to create a deepfake or a computer-generated video or audio clip impersonating you, Mr. Balasubramaniyan said.

While this could sound alarmist because deep fakes are not an immediate concern, a healthy dose of skepticism will help us survive. “Think about all the different ways you leave biometric identity in your online world,” he said.

LEAVE A REPLY

Please enter your comment!
Please enter your name here