Tuesday Sweep: 10 October 2017
Your weekly reminder to back up your data, update software and otherwise pay attention to your digital environment. (Oh, and to go to the CRASH Space meeting…)
There have been some truly sensational breaches lately… and yet I’m kinda bored? They all start to look alike. Folks in Company X management didn’t allocate enough funds/man hours to keep their infrastructure up to date because it’s no one’s sexy pet project. Company Y employee, frustrated with crappy or overly complex Company Y infrastructure or protocol, used their personal devices because the devices were easier to use, newer, and/or more convenient. Someone in Company Z hires Company Q to do work based on price or a buddy-buddy relationship, not realizing on not caring that Company Q can’t or won’t follow standards.
All these breaches, with these headline busting catastrophic results, have such boring, super mundane origins. Occasionally some press release will be all “spies did it,” but these purported (or real) spies didn’t do anything… cool. I was promised stealth drones checking out drive lights outside office towers. All these breaches have predictable bad management decisions at their core. It’s almost as if security needs to be taught even more in B-Schools than Computer Science programs.
Jump in Here
- Welcome. If you haven’t been following along, it’s okay. You’re not behind, you’re just where you are.
- I highly recommend the coach tool at the Crash Override Network has a great step by step break down for many of the same introductory steps we did here.
- Feeling more ambitious? Review the list of OneThing articles and pick one to catch up on.
Sweep
The basics.
- Updated software recently? Pick a new device to check on today.
- Backups still up and running? When was the last time you made a clean disk image? Here’s a new great article on how to design a backup system.
- App and Password Gardening: Delete a low quality app from your phone or delete an account that you don’t need that doesn’t make you happy. Digital cruft builds up. Delete it. If you’re keeping it, can you move the password to your password manager (delete it from everywhere else) and add two factor authentication?
- Move to offline archive & delete your histories where you can find them.
- Double check privacy settings on your phone, social media accounts. The folks running the companies can change the TOS and add “features” before you notice them.
Learn
Where do you scan for news?
- Super bummed to have missed the Open Source Hardware Summit this year, but I can console myself with videos from last year.
- I’ve been exposed to more TV news in the last month than I have seen in AGES… and O.M.G. Stop covering stupid personal spats and START COVERING ISSUES!
- What I learned from Schneier this week? Don’t use contractors? (3 different snags)
- On the “Who controls what you know” front: Google and Facebook Failed Us (The Atlantic: Blocks add blockers) but also on The Atlantic… this really cool article on the intersection of drawing and thought and how it relates to Google’s AI research.
- From the SANS newsletter (RSS), today’s proactive ray of sunshine! The University of Missouri is “Using Public Data to Alert Missouri Entities of Vulnerabilities.” Go public educational institutions and public data FTW.
- iOS users, careful of pop-ups asking for your password.
- Harvey Weinstein scandal and White Supremacists in tech companies… I’m wishing that either came as a surprise, but fingers crossed awareness creates change.
- Worm-brain Arduino! Open source!
- I love this training crows to collect cigarette butts
Reflect
Feeling dumb or stupid about how not-l33t you are? Angsting over some silly thing you “know better than to do.” Stop. That isn’t useful. Regret is only of use if it prompts an actual change in behavior. Maybe it’s NOT you that sucks. Could be it’s the technology and you could come up with a fix that would help lots of people. Look forward and make a plan.
Engage
We are a community. You are a welcome part of it.
