Annual Security Recommendations

I have described computer security a number of times in my blog. Now I am going to discuss some of the tools that I recommend this year for you to use. Here are my recommendations:

Browser: Firefox – Its open source and is the backbone of tor for a reason. I much prefer firefox to any other browser. Chrome is a close second but I do not like that its not open source. I only use Firefox for email and sites where I login otherwise, I use the next site listed as most secure for all of my searching, research, googling, etc. https://www.mozilla.org/en-US/firefox/
Most secure browser: Tor. Tor is designed for those times when you don’t want anyone to see what you are doing. TOR blocks your ISP, the government, etc. from seeing what you are doing online. https://www.torproject.org
Mobile Browser – Firefox and Firefox Focus are my preferred when I am connected to VPN, otherwise I use various versions of TOR for mobile which can be found in the app stores for android/ios. Firefox focus is the best but it may be too limiting for some so Firefox is the next best. Focus is really fast and simple. https://support.mozilla.org/en-US/kb/focus
Security add on for your browser – uBlock – works for firefox and chrome and keeps away ads and other nonsense. This helps many pages load faster too. It will also prevent youtube ads. https://www.ublock.org/
VPN – Cyberghost. There are tons of good vpns but I like that this company offers a true free version. If you are using a program like Kodi to watch TV/Movies you better be using a VPN. https://www.cyberghostvpn.com/en_US/
Malware/adware – Malwarebytes – its free and very powerful.  https://www.malwarebytes.com/
Antivirus – Avira – Its free! I also think Windows defender that comes free with windows is decent.  https://www.avira.com/
Firewall – Zonealarm – https://www.zonealarm.com/software/free-firewall/

Online Privacy – Why is it important and how do I keep my information private?

Online Privacy – Why is it important and how do I keep my information private?

There has been a lot of buzz recently about online privacy, however; this is not a new issue by any means. Online privacy has been a concern for years. Go do a quick google search for online privacy and you will see articles from 2010, 2008, etc. discussing the issue. What is new is that thanks to our government your ISP (company you buy your internet from i.e. Verizon, charter, time warner, etc.) will be allowed to sell your browsing habits. So first, why does this matter?

For the most part, it doesn’t. A large percent of what we do online is harmless. For example, me searching for a new video game in google will tell amazon I want that game. And ads on Facebook will be for that game. With Insurdinary, it will be able to keep your insurance on private and to compare insurance quotes, you would know that Insurdinary is better.Kind of cool in a sense that the internet knows what I want. This is also scary. Imagine that you think you are sick with a disease, and now amazon, google, health insurance companies, life insurance companies, future/current employers, know about it. The real question though is, should anyone be able to see what you are doing online? Is it their right? Should your ISP be able to spy on you? If you say OK, I would ask, would you allow your mortgage company to come in your house and go through your drawers? Because that is essentially what is happening. So yes, it is a concern and should be to anyone.

So, what can you do to prevent this from happening? There are a number of things and I am going to break this up so that it’s easier to understand. The important thing to remember is that you are never going to be 100% secure. But you can take steps to make it harder for anyone to spy on you. Think of it like an onion, the closer you are to the middle, the harder it is to get to you. The outer layers (i.e. no security) are easy to get to but several layers in takes more work. Also, keep in mind I am not discussing Malware, Viruses, etc here, I have other blog posts about that but I do always recommend antivirus software, malware software, and a good firewall, if you want to learn more about network access control, you can go to this page to find good information in this area.

To stop your ISP from spying on you (to stop just facebook/browser scroll down to the end):

For your computer/browser (for most home users):

Step 1 – get a VPN.

VPN – This is the first thing you need. I am not going to explain what a VPN is, just that it makes it so that your ISP (or job) cannot see what you are doing. They can only see that you are connected and using data. The great thing with VPNs is they are so versatile, you can use use them for a ton of things. VPNs, like iPlayer VPN, are used for program and show access no matter your location. Other VPNs protect sensitive information and protect your devices from cyberthreats. Now, the issue with VPN is that the VPN company can see what you are doing. So yes, they can sell your data just like your ISP. But I trust them more and most do not sell your data, just the shady bad ones do. However, keep in mind if you are doing something illegal, the VPN company will turn your information over to authorities if they are subpoenaed – no one is going to jail for you. You will also need to have a secure and fast connection so you can cater the software (click here to find some packages).

There are tons of options for paid and free ones. I personally like Hotspot shield, CyberGhost, and Windscribe because they have free versions. Here is a link to them:

https://www.hotspotshield.com/

https://www.cyberghostvpn.com

https://windscribe.com/

Step 2 – Start using Firefox.

Why? Because of the security and add-ons. Once you download Firefox, you need to install the following add-ons. They are: HTTPS Everywhere and 1 of the privacy/adblock addons I explained below. They will not affect your browsing experience, they will however make it much more secure. Additionally, use the private browsing mode of the browser.

And do these:

  1. Add NoScript, uBlock, Disconnect, or Privacy Badger to your Firefox add-ons. This prevents only scripts that you allow. I personally use uBlock and Privacy Badger together.
  2. Use DuckDuckGo search engine. This is a search engine that does not record/track your searches. You can very easily make this your default browser by going to your browser settings and its just as good as Google. https://duckduckgo.com/

For the most secure (for people who are more technically inclined):

Use Tor Browser. Tor browser with its default settings is going to be super secure. Its slower because of how it works to hide your identity but if you are searching things no one can know about, use this. https://www.torproject.org/

Download Tor Client. Tor is the best security that most home users can set up themselves. If you are a super high tech person and want something more secure you already know way more than what I am blogging about and shouldn’t even be reading this so this post is not for you.  https://www.torproject.org/

For your mobile device:

  1. Get a VPN. There are tons of free ones. You can use hotspot shield as I mentioned above. I use X-VPN on IOS. Keep it on always.
  2. For android, get Firefox browser and use the add-ons I mentioned above. Use private mode.
  3. For apple, use Firefox Focus browser. Apple does not allow Firefox add-ons, so use their focus browser. It’s actually much fast than any other mobile browser.
  4. Use DuckDuckGo search engine. This is a search engine that does not record/track your searches. https://duckduckgo.com/
  5. Use the web version of apps, not the apps themselves. For example, use facebook in the browser, rather than the app. Yea I know a big pain.

For those that want to be super secure, use a Tor browser. While there is no official mobile Tor browser there are tons that are free ones that use the Tor network. I personally have Onion browser for my iPhone.

To stop facebook and other internet companies like google, amazon, etc from spying on you:

1. You can always just not use the internet but come on…

2. Start using Firefox.

Why? Because of the security and add-ons. Once you download Firefox, you need to install the following add ons: uBlock and you can add Privacy Badger if you want double protection. Keep in mind, when using these add ons that some websites, like your online bank, might not work correctly, so if a site isn’t working correctly, you can simply turn them off for that site with the click of a button. It will remember, so its only the first time you visit that site.

3. Use DuckDuckGo search engine. This is a search engine that does not record/track your searches. You can very easily make this your default browser by going to your browser settings and its just as good as Google. https://duckduckgo.com/

4. Backup your data. Don’t wait for an attack for you to start backing up your data. Make sure you’re ready for any threat to your data. Visit sites like www.venyu.com/colocation/ to know more about cybersecurity.

CHMOD Commands – Permissions an LMS administrator should know

You must understand permissions if you are managing an LMS (as some of my students will do when they graduate). Thus I am posting this from last night’s class:

›Three types of users: User – Group – World

These permissions can be given for one group, multiple groups, one user, etc.

Three types of permissions: ›Read (R or 4), Write ( W or 2), Execute (X or 1)

Sometimes written as – RWX or a number equivalent such as 777. Each word corresponds to a number depicted below that can add up to 7 (4+2+1).

›R- Read (4) – read files

›W- Write (2) – write/modify files

X – ›execute (1) -Read/write/delete/modify/directory

›Example –

›-r–rwx—- = User can read, group can do everything, world cannot access

›777 = Everyone can do everything

›422 =User can read, group can write, world can write

›Rwx-rwx-rwx = Everyone can do everything

›-wx-r—– = User can write and execute, group can read, world cannot access

Bringing gaming engines to the web: Mozilla and Unreal

This is pretty cool and definitely where we are going in terms of gaming. Bringing game engines to the web means you can play high end games in your browser, which means cross compatibility across devices. Now what they need to do is bring games like WOW to the browser. For those that do not know Unreal is a gaming engine and Mozilla is the company that brings us Firefox. This will definitely be something that is explored in my gaming class next year!

Link to unreal

Article 1, Article 2

Should everyone in America learn to program? Code.org believes so

I have been preaching this for many years now. Everyone should learn to program. It should be a skill taught at either the K-12 or college level which is valued as a vital skill just like reading, math, etc. Now I am not saying they need to learn C++ but rather I believe students should learn the logic of the machine and how to do some very basic level coding. This will help them use all technology, help them troubleshoot, and overall just help them understand how the devices they are using think.

Here is code.org that offers free mini courses for students

HTML5 Security and Vulnerability Issues

While these are fairly obvious they are something that users pushing HTML5 should be aware of. The first is vulnerability. What does this mean?

All of your code is essentially open source. While thats great for me, its not great for businesses and really anyone who is trying to make money off of their software. There are some ways around it but keep in mind that both HTML5 and Javascript are open source. Here is a good article that goes into it:

HTML5 – Not Designed for Business Applications

The next issue is security. Apparently the standards have not really been developed with security in mind as it will really be up the developers, users, and browsers. So there are going to be some issues when this is used more often…and of course this is the case with any new technology. Here is an article that goes into the topic:

Old hacking tricks work too easily in attacks on HTML5, security expert says

Google APIs

I recently used Google APIs for my new Android App. I highly recommend checking them out. For those that do not know what these are, they are snippets of code that allow you to do many different things, such as putting Google Maps on your website or mobile app. I used them to post and RSS feed on my mobile app via javascript.

Here is the link to Google APIs: https://developers.google.com/

What are Google APIs: http://www.rankforsales.com/google-api-s-and-their-uses.html

The Google API stands for ‘Application Programmable Interface’. As it’s name implies, it is an interface that queries the Google database to help programmers in the development of their applications….By definition, Google API’s consist basically of specialized Web services and programs and specialized scripts that enable Internet application developers to better find and process information on the Web. In essence, Google APIs can be used as an added resource in their applications.”

Some examples: http://mashable.com/2007/08/09/google-apis/