What’s are the frictions keeping you from doing “what’s right”? Regret is only useful if it leads to a plan on how to improve.
Confessional: This is a reverse confession. I did some things “right” by security standards that I’m not happy about. Emblematic, looking at an exuberant thread of people posting images of their pets with their pets names all my panic bells went off. “That’s the stupidest thing I’ve ever seen. Why would they give up potentially sensitive information like that.” What. A. Terrible. Reaction. It’s not totally wrong, though. Starting with security questions, I came up with a list of at least a dozen ways I could use that data in under 15 minutes. I hope @evacide writes her harm reduction approach essay soon. And yet, even with the OneThing series, in my ideal world the average folks not thinking about security wouldn’t have to start. I want developers to take responsibility for making it safe to play. That inconsequential thread about puppies represented people trying to create connections during a fractious time. It was beautiful. We need more of that, not less.
In the mean time…
Continuing Set Up
We’ve covered so much so fast. You’re not behind, you’re just where you are. Pick something to do.
- If you’re having trouble with all the set up, the coach tool at the Crash Override Network has a great step by step break down for many of the same introductory steps we did here.
- Review the list of OneThing articles so far and pick one to catch up on.
This list will be getting longer, but lets keep it simple while folks are still setting up.
- Updated software recently? Pick a new device to check on today.
- Backups still up and running? When was the last time you made a clean disk image?
- Reduce your attack surface: Delete a low quality app from your phone. Delete an account.
- Double check privacy settings on your phone, social media accounts.
Where do you scan for news? I keep an eye out for recent exploits and breaches that have come to light, new tools, interesting idea’s, etc.
- BREAKING: Obama Commutes Bulk of Chelsea Manning’s Sentence!
- Art: RESET a short film (16 min) by Kryler Åkerström explores how we know what we know, and how do we decide who to trust. If you need something a bit lighter I’m resonating with Aki Inomata’s Why Not Hand Over a “Shelter” to Hermit Crabs? for an essay full of reasons.
- If you’re wondering why I’m including art links, what it has to do with security, and why its at the top… see exhibit A from Wired this week.
- EFF has put out their own 100 day plan.
- ArsTechnica, MIT Technology Review and (UPDATE) Schneier have articles on the WhatsApp controversy from the point of view of how to calculate tradeoffs. Security has the same problem as other technical journalism. It can be tricky to tells what’s sensationalism. (Did you see what I did there?)
- So glad the the CryptoMuseum exists because its a chance to remember that I’m a hardware person.
- For Developers: Instead of chucking over Giuliani’s terribly insecure website, or wondering where folks come up with names like “Cozy Bear” or “Fancy Bear,” my time probably would have been better spent this week really reading the Commission on Enhancing National Cybersecurity’s report on Securing and Growing the Digital Economy.
We are a community. You are a welcome part of it.