Modern Privacy and Cyber Security: We’re All Going To Die!

This is the first article in our new series, Modern Privacy

At the beginning of 2017, I published an article on privacy. Typically, my articles take hours to write and research, not to mention the editing process for which I am eternally grateful to Jennifer Yeadon of SmartFile (thanks! -Ed.). This particular article, however, took weeks to finish.

That’s not because it’s longer or more complex than other articles I’ve written. Rather, we live in interesting times where news story after news story turns up about privacy, security and how our rights as Americans are eroding. It’s almost as if the world couldn’t catch up to the endless stream of news that was pouring out of every corner of our media.

Every morning I start at 5 a.m. by reading the cyber security, cyber warfare and privacy news coming out of Asia, then the Middle East, Europe/Africa and, finally, the western hemisphere. It keeps me ahead of the threats to be able to alert both my staff and clients of the latest global threats.

Since not everyone is as fanatical as I am, we thought it would it be a great idea to create a regular column on the latest threats to privacy and security out there as well as an analysis of the impact on every aspect of our lives. So, without further ado, let’s begin!

Amazon’s CIA Listening Device, Echo, Now Lets Your Ex Virtually Into Your Home

If you’re unfamiliar with Amazon Echo, aka Alexa, then you’re probably not reading this article but rather heading into town in your horse and buggy. This IoT device has taken the tech market by storm. Amazon has made a smart and convenient device that plays music, keeps your shopping list and lets you buy things from Amazon immediately. It also may or may not let the CIA and NSA hear you and your spouse argue, or worse.

To continuously expand the capabilities of the unit, Amazon has added a calling feature to the Echo that searches your contact list and enables you to call and message contacts directly through the Echo. Including those you may have blocked — like an ex-partner.

Here’s the issue: Amazon forgot to add any kind of filtering capability, so now anyone in your contact list, including the ex, can contact you directly via the app and Echo in your home. Amazon, I’m sure, is working on updating the app to reflect more private settings but its lack of inclusion from the start shows where Amazon’s mentality is regarding privacy in general. As long as you’re in their ecosystem for everything, privacy has a backseat to their needs and desire to sell you more stuff.

[Update: As of June 2017, Amazon has now incorporated blocking capabilities into the Amazon Echo.]

The FCC Thinks All the Cool Kids Hate Privacy

I wrote a recent article that is more in depth on the subject of how we, as US citizens, are seeing rollbacks in our privacy rights regarding data collection by our internet service providers (ISPs) thanks to our new administration. Unfortunately, this issue is not unique to the United States.

Freedom House, an independent watchdog over privacy and freedom rights, has released a report on internet access rights around the globe and the results are a bit depressing. It would appear that the countries that range from “Partly Free” to “Not Free” outnumber those that are considered “Free.”

With the removal of privacy protection rights in the U.S., the country has shifted more towards the “Partly Free” category. This country has historically gone to great lengths to ensure individual rights for a myriad of things, from gun rights to freedom of speech and enshrined as an inalienable right is a right to privacy from others, including corporations and the government. Hopefully, the FCC will reverse what they just reversed but we shall see.

Good News: The NSA is Collecting Slightly Less Data

The NSA recently stated that they would not be collecting emails and texts that contain “identifying terms” sent by Americans to email servers overseas. The NSA collects vast amounts of data that move through the internet infrastructure of the United States and we do know that they have deep ties with many of the ISPs that give them an unprecedented amount of access.

We also know that they have created secret arrangements to weaken security to make it possible to infiltrate government and corporate entities with ease. So, news like this is rather welcome to the Privacy Rights community.

I’m not getting on a soapbox here. Odds are if you’re reading this then you’re probably well informed on the shenanigans the US government likes to get into and understand that part of it is acceptable from a cyber defense/cyber warfare strategy. However, there is definitely overreach into the privacy rights of citizens.

The point is that this declaration is a step in the proper direction in terms of a citizen’s ability to maintain slightly more privacy when communicating outside of this country. That’s not a bad thing and while the NSA can often be looking for a needle in a haystack they do have multiple tricks up their virtual sleeve to achieve their goals.

Proving that You Get What You Pay For: Google Docs to Strengthen Security After Attack

Pretty much everyone I know received at least an email from someone they know saying they needed you to open a Google Docs link and form, which ended up being an elaborate phishing scam. In the aftermath of this mess, Google has announced they’re going to enact greater security measures and protocols to combat future phishing attacks via their products.

Love them or hate them, Google has always been rather solid and on-the-ball with threat mitigation through patching and development. Like most major tech companies, they’re under constant attack and, as I’ve written before, have been hit hard in the past. Good to see them learning from past lessons and mistakes! Please, Google, never stop being vigilant for your users’ sakes.

Cyber Warfare 101: Turning Your Antivirus Software Against You!

This last bit of news is beyond fascinating. A pair of researchers has been able to turn anti-virus software into a weapon and have it attack the computer and network it was designed to protect. By finding a way to fake out the antivirus engine, the software could be fooled into thinking that legitimate files were threats and then proceed to wipe them out. It’s a brave new world, folks.

Consider that most cyber security experts, myself included, believe that the next major horizon of cyber threats for regular users is the IoT phenomena. This is an industry that is wrought with poor cybersecurity development into their products and is constantly being hit and infected thus turning the devices into weapons for a hacker or worse. Enter this new issue, where we have software designed to be whitelisted and elevated into computers and we have another massive threat out there in that our computers can be used against us on top of the IoT infection issue.

As hackers innovate so do the good guys. This is a never-ending cat-and-mouse game and the best we can do is keep up with the threats to our security, privacy and keep educating ourselves on the potential dangers and threats to both. Stay safe out there!

Want more Modern Privacy?

Get new Modern Privacy articles delivered straight to your inbox.

Sign up here to stay informed about developments in privacy and cyber security.

Falling On Your Sword: The Last Gasps of Privacy

“Hey, everyone! I’ve been asleep for the last six months. I assume nothing interesting has happened, right?”

It almost feels like we’ve lived through a golden age of privacy protections and, much like an exegesis of past historic events, we can sit and reflect on what was and what will be. If America has stood for one thing through its entire history, it’s that individual rights and privacy are paramount. We have entire sections of our governing documents devoted to this.

Previously I wrote an article about the many ways we as a people are tracked, monitored and scrutinized for the purposes of government surveillance, corporate analytics for advertising and a few other reasons. It was shocking to write as the few examples I knew off the top of my head morphed into multiple topics and I was just beginning to find the rabbit hole at that point. Continue reading “Falling On Your Sword: The Last Gasps of Privacy”

Using PowerShell for File and Folder Auditing

Often, in enterprise environments especially, it is useful to keep track of certain activities — like when files have been modified, who modified them and at what time. This is the basis for file auditing and in this post we will explore some of the basics of getting file and folder auditing setup in Windows-based environments using Powershell. Continue reading “Using PowerShell for File and Folder Auditing”

Cloud-Based Storage for Small Business

Running or working at a small business brings the joys and trials of filling multiple roles. As a small business owner or employee, you wear many hats. Not only do you have to sell your product, please a client or complete a service (or possibly all of the above), you have to adapt to the changing industry. Continue reading “Cloud-Based Storage for Small Business”

6 Myths About Secure File Transfer

Secure file transfer is a buzzword. Today, most IT professionals interpret it in many ways, ranging from “encrypted file sharing” to “confidential information transfers.” Despite the nuances of defining this term, several common misconceptions still exist in the industry. Here are six myths about secure file transfer that need to be dispelled. Continue reading “6 Myths About Secure File Transfer”

The Practical System Administration Roundup

Whether you’re a new at system administration or an old hand, it’s always great to know someone who is experienced in your profession. In this case, the Practical Sysadmin Josh Reichardt is that helpful resource for your sysadmin needs.

If you’ve missed Josh’s posts on topics ranging from setting up Rancher dev environments to data backups to different prompts to use at the command line, here’s your chance to check them out below. Continue reading “The Practical System Administration Roundup”

March Bracket Challenge: What’s The Scariest Thing Your Users Do?

It’s March, which means one thing here in the U.S. (okay, two if you count St. Patrick’s Day) — it’s tourney time! Everyone fills out their college basketball brackets to see who can pick the best mascots — I mean basketball teams — each game.

To celebrate the Sweet 16, we’ve created our own bracket that we know IT folks will love. A bracket to help you determine what’s the scariest thing your users do! Alright, maybe you’ll love it because two randomly selected people will win a $150 Amazon gift card.

To participate in SmartFile’s bracket challenge, click here. You must submit your brackets by March 29th, 2017! Even if you don’t win, don’t fret, because we will be doing a consolation tournament that we’ll announce on the 30th of March. We’ll also let you know what frightening user activity was most often selected as the champion! Continue reading “March Bracket Challenge: What’s The Scariest Thing Your Users Do?”

SmartFile Enrolls at The Union

SmartFile has moved! If you will recall, we previously had our home in the Stutz building, a great office space with a lot of charm. However, as we’ve grown so have our space requirements.

We wanted to move into a new office that was able to expand as our team grew, so while we were sad to leave the Stutz (and various delicacies from Bearcats) behind, we were excited to move on to bigger opportunities. We were especially excited to move into another historic building with an interesting history. Continue reading “SmartFile Enrolls at The Union”

Letting Toddlers Fly the Airplane: How a Lack of Process and Education Can Kill Technological Solutions

Recently I attended the RSA Conference in San Francisco. Conferences like this are always a great place to learn about new products and trends, not to mention great for networking and picking up potential customers. This massive conference held row after row of cybersecurity and technology corporations vying for my attention and business.

From venerable industry brands to unique startups, everyone was there showing off their problem-solving products. However, they all seemed to be lacking one critical component: a knowledge of end-user processes and the education it takes to see the big picture. Hear me out on this one, because it would seem that the many problems companies have with their technical solutions don’t necessarily call for more technology. Continue reading “Letting Toddlers Fly the Airplane: How a Lack of Process and Education Can Kill Technological Solutions”