Cat Coode has been giving advice on protecting your identity here at Year of Code Waterloo Region, but also on the YummyMummyClub site and her own website Binary Tattoo (with a great app list). Are people starting to understand how to protect themselves online? What new threats are out there? And what’s her favourite identity theft movie?! These questions and more she kindly answered for us here.
How do you keep on top of all the security issues to share with your readers and clients?
A lot of reading and a lot of Google Alerts. There are a handful of reliable sources when a security issue breaks and then I find the further down the chain you go, the less accurate the information. For instance, recently there was a breach of LinkedIn data. LinkedIn and a few technical sources were quick to confirm that the breach was actually from 4 years ago, and the security threat had been patched. Also, the passwords that were taken were hashed, which basically means they are indecipherable. When some of the mainstream papers picked it up they were already talking about how your password may be compromised. Later, sites that just produce click bait had headlines like “LinkedIn Breached: Time to cancel your account!”. Both versions are using scare tactics and giving out the wrong information. It’s the way the internet works now, but you do need to know where to look to get verified information.
What’s the number one thing you wish people would do to keep safe that they don’t do?
Understand and set their privacy settings. Some networks, like Facebook, are more complicated than others, but I am always surprised at the amount of public information people are giving away. Your profile and cover photos, for instance, are *always* public. That means anyone in the world can see them. On Facebook, the associated comments with those photos are also public. You can individually change that on profile photos but not cover photos. When I am doing search reports, I get a lot of information on people from reading comments on those pictures. Here are some of the other hidden settings on Facebook you should be using.
All things digital should be considered permanent and potentially public. Even pictures you have stored on your personal phone that have never been sent. There are numerous ways these could make it to someone else’s hands.
What trend is most alarming? And where do you see things improving?
Online scams and malware (malicious software). When downloading apps or opening attachments, you need to always make sure they come from a reliable source. Ransomware has become very popular now, too. That’s where your device is locked until you provide financial compensation to have it unlocked. Seniors are most susceptible to these scams because they believe that an email that appears to come from their child or grandchild must be legitimate so they are not wary in opening them.
Device makers are cracking down on malware sold from their own app stores because it reflects poorly on them.
What more could schools be doing to teach digital literacy and protecting one’s information online?
There are two things at play online, proper behaviour and protection of data. The most important lesson is to help kids understand the permanence of everything they put online. That will help both define how they do things and what they put out there. When I talk to kids I give them a lot of examples of how their data is being stored and used. It is difficult for kids, and many adults, to grasp the public and permanent nature. Often with examples they can see how their actions fit in to the bigger picture. Digital Citizenship rules should also reflect both aspects of safety and reputation.
How do you convince teenagers to take data threats seriously?
Examples. Examples. Examples. And in this day and age there are lots. Kids losing jobs, nude photos being shared, people being bullied. Most people say “well that would never happen to ME”, so if you can show them other kids just like them then it helps to drive the message home.
You have been writing on this topic for awhile. What has been your most popular blog post?
The How-To blogs are always popular but the one I probably got the most feedback on was How Disney Uses Big Data. I have had that one published on several websites now. I think people like it because it shows how a situation, like visiting Disney World with your family, has been vastly improved and simplified using tech and data you don’t even see.
Do you think in the future we’ll be using bio security features more commonly, or is there a better way to protect access to our devices?
Absolutely, it’s biometric. I was actually recently in a chat with a number of internet security professionals, including several companies that make password keepers, when this question came up. The answer was unanimous. Currently we have voice print, finger print, and iris identification. Apparently finger is easiest to duplicate so companies are looking for alternatives. Typed passwords are just too susceptible to being hacked and people have too many. In the meantime, you should set up multi-factor authentication on all your important accounts. That is where you require both a password as well as an additional code provided to your phone or email that verifies you are the account holder. You would need to use all factors each time you add the account to a new device,
What’s your favourite movie about security or identity theft?
I love this question. I watch a lot of movies having to do with social media and much like movies about hospitals or tech experts, they are full of inaccuracies. I finally put together a blog on the 6 movies that best portray how social media is used. That one gets about a dozen hits a day so clearly a lot of people are asking the same thing! My favourite of the group is Men, Women, Children because it shows so many archetypes of social media and online users.
You can subscribe to Cat Coode’s newsletter and blog updates on her website, BinaryTattoo.com.