Category Archives: Surveillance

Employee Monitoring

Image Credit: Photo by Venveo on Unsplash

Employee monitoring services provides the business owner or manager with the capability of recording employee interactions with clients as well as ensure their effective use of time. When used exclusively for the purposes related to business, there is practically no ethical qualms about it.

Employee monitoring is a reasonably efficient way of finding out whether a specific marketing strategy is working, or the interactions are appropriately conducted. There are other products that can also be used in conjunction with it, such as outbound call and live chat tracking products. However, employee monitoring software opens up endless possibilities for abuse of the information that becomes available to the person in charge of monitoring. It provides access to an employee’s phone logs, social media activity, e-mails and chats. While there is not supposed to be any personal activity during worktime, there often is, and the vulnerability of the digital trail that it leaves is further erasing the border between personal and public spaces.

The full list of features that employee monitoring software may include:

  • e-mail
  • computer screen snapshots
  • phone use
  • internet use
  • app use
  • keystroke logging
  • audio and video surveillance

By rating employees’ efficiency, the business owner can easily evaluate the need for a raise in salary, or, conversely, negotiate the need to improve the performance, alter the team makeup and so on. There both pros and cons to the process.

PROS

  • Less wasted time
  • An average of 90-270 minutes is wasted per 8-hour workday
  • Fewer errors
  • Catch the mistakes at early stages before they lead to destructive consequences
  • Better employee insights
  • Reward the most productive employees with a promotion, warn the least productive ones
  • Increased security
  • See whether an employee is endangering your business, or whether they are in danger
  • More transparency
  • Remote work can now also be monitored
  • More efficient delegation
  • Every employee’s strengths can be used in the right place
  • Less administrative work
  • Much of the administrative duties can be automated
  • Flexible reporting
  • Easily generated reports with different parameters

CONS

  • Negative effect on morale
  • The mistrust and suspicion generated by the monitoring are not conducive to employee efficiency
  • Increased stress
  • Stress levels rise when employees realize that their activities are being continuously monitored
  • Subjective lack of privacy
  • The world is already growing less and less private by the day, and being monitored at the place of employment takes out a great deal of privacy out of life
  • Higher employee turnover
  • Many people prefer to work at a place where they are not constantly under scrutiny, so they may want to change their workplace
  • Legal and ethical issues
  • There are constant discussions, both legal and ethical, on the issue of an employee’s personal boundaries at a workplace.

The range of apps on the market is rather extensive, and includes such highly rated apps as Time Doctor, ActivTrak, DeskTIme, Virtual Logger and Clever Control. Regular spyware apps, without the slant towards employee monitoring, but the ones that can be installed on the phone of a spouse, a child, or, basically, any person whose phone you have access to, like MSpy or FlexiSpy, can also be used, particularly on company-owned phones. In combination with the specifically employee-monitoring apps, these give even the most suspicious employer the control they want over the employees during their time at work.

Spying Tech-2018: a Selection

Photo by Dhaval Parmar on Unsplash

Ingenious spying gadgets have always been fun to play around with at any age, for both kids and adults. As progress marches ahead, the gadgets get more sophisticated, and we’d like to introduce a few of the 2018 newbies that are sure to keep you entertained for a long time.

Invisible camera

Euisik Yoon and Sung-Yun Park, engineers at the University of Michigan, have come up with the next-generation spying camera. It’s the ultimate device that is light-powered, and is merely one millimeter in size. If it were any smaller, it would actually be practically unviable – it would be impossible to pick it up or operate. Both self-sustaining and unbelievably small, it captures visual imagery with a quality of 15 frames per second, which is not exactly HD, but is adequate for informational purposes. However, this is just a prototype, and for the time being is nothing beyond proof-of-concept. Perhaps that is best kept out of the mass market for now, since the surveillance options in today’s world are definitely overwhelming as it is. Government has access to increasingly greater amounts of information, Google and Facebook gather incredible amounts of data on our preferences, there is a wide range of cell phone and computer apps that can spy on us, do we really need an efficient micro-camera whose battery will never run out? For now, the issues that need to be worked out are image data storage and the hardware to transmit it.

Robot security

Another one of the amazing gadgets coming our way is the AI robot security camera. Created by Amaryllo International, this invention can identify not only human beings by their faces and pets, but also cars, and other property items. It has received the prestigious 2018 CES Innovation Award and is already on the very top of the ratings list in the global smart home market. Amaryllo has employed proprietary patented technologies that replace traditional PC-based security tracking systems, where each of the cameras has embedded multi-core CPU units. The camera robots utilized by Amaryllo base their actions of AI, which is taught to recognize faces and objects, speak to and auto-track intruders, well, it can even check your e-mail for you when necessary. Amaryllo products are also used in international law enforcement, and may one day replace CCTV systems, making security systems switch from a passive to a proactive approach, looking for possible threats and even protecting themselves from hackers.

Zany luggage

And on a more lighthearted note – the following is not actually a spying device, but does blend spying technology with robotics. It’s luggage – but luggage that’s smarter than you could ever imagine. The Forward Robotics CX-1 is a wheeled suitcase with a built-in camera and smart sensors. What’s so amazing about it? Well, its wide-angle camera and 4-wheel drive system allows it to avoid obstacles and keep track of you all on its own. It zips around, following you through the airport thanks to the custom tracking algorithm designed by a Chinese tech company. You can communicate with your baggage by gestures, simple hand movements will make stop and go again. It has not been launched into mass production just yet, but it’s a fully functional prototype, which was unveiled at the CES 2018.

There’s an incredible number of amazing gadgets and concepts at different stages of development all over the world. Keeping track of everything is becoming increasingly more difficult as technology progresses, but we will keep trying to pick out the most interesting morsels of information and to keep you informed.

From Spying to Cybersecurity: a Sample of Events

Photo by Antenna on Unsplash

Cybersecurity is the utmost concern for any person with an electronic device and any business with online presence – which basically makes up a dominant majority, at least in the developed countries.

We are all at different levels as far as cybersecurity is concerned – some have heard of the threats, but have no clear ideas of their sources and consequences, some and then there are the experts who’re at the front lines, making the cyberspace a safer place. Some are interested in the historical origins of spying, which is the direct predecessor of cyberspying and other cutting-edge virtual threats that sometimes infiltrate real life. There are literally dozens and dozens of international events related to all aspects of spying – from espionage history to the highest level of cyber-expert conferences.

Here’s a smorgasbord of different events around the US for 2018, with choices for amateur home-bred cyber experts to history buffs to more professional and experienced computer users.

Spies, Lies and Atomic Secrets: Santa Fe Spy Conference

This event involves a whole week of lectures, excursions, discussions, question and answer session, communicating with like-minded people. Road Scholar organized the conference, inviting history and espionage experts, operatives and intelligence experts to Santa Fe, NM for an unforgettable experience. The city was chosen as the location because it was home to the Manhattan Project in the 1940s. The lectures will touch upon a whole range of subjects, such as the Cold War-time nuclear espionage, cybercrimes of today, national security as it has been understood throughout history. A whole day will be devoted to the field trip to Los Alamos National Laboratory on the Pajarito Plateau that hosts the Bradbury Science Museum.

  • October 21-27, 2018
  • $1,999
  • 7 days, 6 nights, 15 meals included
  • Website – roadscholar.org

DefCon Hacking Conference

In comparison to other security events, this is a far more informal convention with fun hacking games and competitions. Debate panel discussions, which involve cutting-edge hacking strategies, take up the major segment of the conference, and it’s your chance to see the people and learn things that aren’t to be observed anywhere else.

  • August 9-12, 2018 Las Vegas, NV
  • Website – defcon.org.

BSides events

There is a multitude of BSides events – they are the sideline conferences that take place during other major security-related events, such as Black Hat or RSA. A person attending one conference may mingle with the attendees of the other one, or attend both. BSides events are organized by volunteers, and can take either a Structured or Unconference form. Unconferences are more informal, and are built around a certain topic, involve lots of open discussions moderated by experts.

  • May 5, 2018 – Atlanta, GA
  • May 26, 2018 New Orleans, LA
  • August 7-8, 2018 Las Vegas, NV
  • October 26, 2018 Washington, DC
  • Website – securitybsides.com.

Conferences and conventions are a fun and efficient way to communicate with people who share your interest and learn new things. We’ve provided a very limited sample of what’s going on in the cybersecurity convention industry, but, in fact, there are many, and every person, with an interest in the sphere and any level of expertise can find something for themselves.

Surveillance in the US: Gathering Momentum

Photo by Matthew Henry on Unsplash

With all the conveniences that it has indeed brought in, the digital era poses a number of extremely serious issues to be pondered. One of them is whether convenience and time-saving are worth the ever-increasing limitations on privacy that accompany them.

Christian Parenti, the author of the 2003 book The Soft Cage – Surveillance on America from Slavery to the War on Terror presents a rather chilling antiutopian view of our society with regard to the surveillance aspect. The future is delineated with rather grim prospects – at least if the development of digital surveillance continues at the same pace. In fact, there is no reason to assume that it will stop, rather, all signs are pointing to its acceleration. Even though some degree of surveillance has been exercised by the state at all times, the onset of the digital epoch has really made it an all-pervading menace. Privacy may no longer be a viable concept very soon, and it’s arguable whether it still is today.

Information collection and usage

Since 9/11, the scale of the surveillance apparatus has become truly enormous. National security may justify certain measures required to step up the safety of a country’s citizens, but the fact that there is virtually no control over the surveillance measures anymore, let alone citizen control, is disturbing. The standards implemented by many US agencies that conduct various surveillance operations are extremely vague, and differ between the FBI, NSA, DHS, and state and local law enforcement agencies. PRISM, an NSA program exposed by Edward Snowden, collected Internet communications, was a part of a much wider-scale Protect America Act of 2007 and FISA Amendments Act, and there are many other surveillance programs operating in the US that were enabled in the recent decades. Wiretapping, surveillance drones, data mining of subpoenaed records, smartphone infiltration are all a part of a pervasive government attempt to be aware of all the citizens’ activities. 1984-ish? Just a bit.

Aside from the information collected by security agencies under a security pretext, there is the internet. An average person’s online activities are notoriously easy to log, hack into and use for malicious purposes – from identity theft to blackmail. Our browsing history, purchase history, content of messages, photographs, social media profiles, locations allow to create a rather comprehensive portrait of any individual.

Practically all of our activities can be traced when our digital footprint is combined with actual surveillance (CCTV cameras, toll gate cameras, ATM logs, mobile phone information, etc.). Our information is in plain view, open to the government, on the one hand, and to ever-hungry corporations, on the other.

The future of ‘dataveillance’

The very fact of collection of incredible amounts of sensitive information constitutes an intrusion of privacy, but the ways in which it subsequently used is another, entirely different, area, subject to abuse and misinterpretation. Americans are generally divided mid-way on the issue of privacy vs. surveillance, with about the same share concerned with the extent of surveillance, both commercial and governmental. Many believe that some liberties are worth trading in for increased security, but another issue is that most people do not even understand the extent to which they are exposed both offline and online, with the younger population more sensitive to the issue than their older counterparts. While today it’s possible to take at least some measures to protect oneself from ‘dataveillance’, a term coined to express the merging of online and offline surveillance measures, experts predict than in the very near future there will be practically no way to prevent either corporations or the government from collecting sensitive data. There’s a solid chance that technology to protect your personal information will emerge simultaneously with surveillance technology, so we need to keep our eyes open and our minds clear, monitoring the situation and staying aware.

Are Your Apps Spying on You? They Probable Are

Photo by Dayne Topkin on Unsplash

Privacy. It’s becoming one of the crucial commodities of the modern day, and it is diminishing by the second. One of the key offenders that are intruding on our personal space are mobile apps, the very same things that are supposed to make our lives still easier, more convenient, safe, comfortable and whatnot. There are zillions of mobile apps, most of them written for the Android operating system, slightly less for iOS, and significantly fewer – for Windows Phone.

Many of them provide incredible opportunities that enhance every part of our life – working, exercising, planning, cooking, visual entertainment, keeping up with the latest news, shopping, developing creative skills, learning languages, the list is basically endless, and if you think of something, there’s most likely an app for it already – to make the process easier and more efficient.

Is the motivation of the app developers always transparent? Is it always a fair trade for the app’s price? Well, most often it is – you pay for an application to help you deal with a particular aspect of your life, and it does make your life simpler, as promised. But very often, especially with free apps, but not exclusively so, there are concealed motives and concealed issues that users need to be aware of. How can your app permissions be abused?

Big Data vs end user

The major issue in our times, when Big Data seems to rule, is – well, exactly, data. Personal data is becoming less and less private as time goes on, and apps have a huge share in this process. Have you ever had a strange inquiry from a newly installed app, which requested entirely inappropriate access to your device? You must have, because it’s very typical. For example, a calendar planning app may request access to your photos and microphone, an exercise app – to your e-mail, and a Mandarin-learning app – access to your location at all times. Why, you ask?

The answer is very simple – corporations are willing to pay significant amounts of money for user data that, when compiled, allows them to target advertising, fine-tune their policies, and generally be able to have a portrait of the population across continents, regions and countries. This portrait allows them to manipulate people in many ways – commercial in case of corporations, and political, if this data is collected by or ends up in government-related hands.

What can an end user do when an application requests access that seems irrelevant to its main, or even auxiliary, functions.

  • Definitely do not grant access to data if the request seems unreasonable. Intuition and common sense may be more valuable now than ever.
  • Try to install apps from rusted developers only, or ones with a significant amount of positive reviews.
  • Read up on the app before installing it, including user reviews in the app store.
  • When presented with a request to confirm the app’s level of access to your device system operations, don’t dismiss it lightly. Read through the list of requests and analyze the need for each.

Think of whether the requests are reasonable, because if they aren’t – there are two case scenarios. The more positive one includes relatively harmless data-mining conducted by the app, to be later sold for marketing and advertising purposes. The less pleasant one leads to phishing, malware installation on your device, identity theft and financial fraud. The consequences may be truly devastating, so it’s really worth it to keep an eye out for suspicious app requests. Moreover, some applications do not even request access, just seize it automatically, and still others don’t allow to turn off the specific permissions granted by your device. So, actually, the best strategy may be to conduct regular check-ups of the permissions in place at any particular time, and monitor the situation.

Basic Cybersecurity Tips for Seniors (and Anyone Else, for that Matter)

Photo by Joseph Chan on Unsplash

Besides being useful, informative and generally amazing, the Internet is also dangerous terrain. Children and young adults may not even remember life before the Internet began replacing many things in our lives. Since they have grown up with it, they have a more or less natural feeling of its limits and threats (which does not at all mean that they don’t need rules and guidance in internet usage).

They are vulnerable due to their age and possible lack of critical judgement, rather than lack of technological prowess; however, there’s an even more vulnerable group increasingly more present online – senior citizens. In fact, by 2014, over 60% of the US population over 65 used the Internet to some extent. The latter may experience trouble with the safety threats that the web poses because of the opposite reason – they may lack a general understanding of how the internet works, what its setbacks are and how online activities may cause problems in real life. It’s a stress for most of our grandmothers and grandfathers, as intelligent, experienced and thoughtful they may be. So, we’ve compiled a list of simple steps that should greatly enhance internet safety for those who haven’t had much experience with it.

Clicking links and opening e-mail attachments

Definitely something to avoid, unless you’re absolutely sure of the sender, his or her intentions and the fact that it’s safe. For instance, if a friend has informed you that he’s going to send you a picture or a link to an interesting article or video, then you’re most likely safe. If, however, a link appears in a letter out of the blue, even from a trusted sender, just don’t click on it. There are many sophisticated malware and phishing methods that require you to click a link, and then mine your personal information, including passwords and banking info.

Use more than one credit card

It’s best to apply for several different cards with low credit lines than keep your eggs in one basket. In case of credit card theft or fraud it would make more sense to deal with a smaller compromised amount. The use of debit cards should be limited to cash withdrawal transactions, since credit card companies far surpass banks in fraud and theft protection.

Use different devices for different activities

It’s a worthwhile investment to separate your activities between a low-risk and a high-risk device, such as two computers, or a computer and a tablet. The point of doing that is to divest high-risk activities (these include e-mail, shopping, web browsing, etc.) from encrypted transactions (such as interaction with an online banking service), so that in case of your information being compromised it will not incur significant financial losses and prevent identity theft.

No public WiFi without a VPN

Public WiFi networks are notorious for being dangerous, since signing on to one exposes your device entirely. In order to be invisible to others when on a public WiFi network, a VPN (virtual private network) is required. It’s a program that creates a layer of protection from prying and makes you invisible to the public, and if you think of the Internet as just another public space, it would make a lot of sense.

Don’t communicate your information

The Internet makes it easy for cyber criminals to conceal themselves and conjure up websites or online identities to lure personal information from people. Entering online contests or giveaways, joining clubs, participating in charity should all entail checking the website’s reliability. Straightforward requests for personal information via e-mail or otherwise should be ignored and/or reported.

While the Internet has made our lives incredibly more convenient, it has opened up new possibilities for previously inexistent types of crimes. Following this basic advice should prevent a major portion of these problems, so that you can go about shopping, banking, dating online, staying in touch and getting information safely.

Simple Yet Efficient Steps to Protect Your Smartphone

Photo by Chad Madden on Unsplash

Everyone is concerned about smartphone security these days – to a different degree, of course, but everyone has heard of spyware, of the Big Brother watching, of identity theft, and of many other imminent threats that are multiplying by the day in the contemporary world. Some of them are exaggerated, but most do exist and are very much feasible. We have to admit that if a top-notch hacker targets you specifically, there’s basically not much you can do about keeping your smartphone invincible – unless you’re a top-notch hacker yourself, of course.

In all other cases, you shouldn’t neglect the simple measures that may potentially deter a spyware attack on your device.

Download original apps, and only from trusted websites

It’s always preferable to get all your software from trusted resources – Play Store or App Store are best – since third-party sites do not have security measures in place to make sure that there is no malware in-between or right inside legitimate programs. Pirate versions of applications may have embedded malware code that you would not notice until it’s too late, and your personal information has been leaked. That’s why ‘jailbreaking’ an Apple device is not recommended either – it makes the operational system prone to attacks and intrusions.

Strong passwords

A strong password is good for preventing unauthorized access to your phone, at least by those that are not too skilled in hacking devices. Mix upper and lower case letters with numbers for best results or, even better – use password generators. Download passwords are an extra step that should add security, which will prevent your phone from downloading and installing apps, even if the perpetrator gains access to the phone itself.

Anti-malware and antivirus software works

Antivirus and anti-malware should be on at all times and updated regularly. Paid versions usually offer more functionality than free ones, so it is definitely a good investment.

WiFi and Bluetooth

Free WiFi networks and unauthorized Bluetooth connections can be a threat to the security of your phone, serving as an under-the-radar way in for the malware. An attack via a shared wireless network can be very severe, so when in doubt – either don’t connect to a questionable one, or use a VPN instrument.

Read new app agreements and permissions

Apps often want to access a wide variety of functions on your phone, some of which seems inappropriate. For instance, when a music player app wants access to your contact list or GPS location services, or a paint program requires access to the camera and microphone, we recommend finding reasonable alternatives, unless there’s a clear reason for such access requests.

Potential warning signs

There may be active spyware on your phone if any of the following signs are present on a regular basis: battery life suddenly became significantly worse, the phone restarts itself for no apparent reason, phone performance speed is down. It’s time to activate your antivirus or run a malware check.

Keep your personal data personal

Personal data should not be made available to questionable apps or websites, since it may later be used for malicious purposes.

Don’t hand over your phone to people you don’t know well

The most common among the multiple ways that spyware can get onto your phone and begin to do its damage is through installation by third parties, which requires physical contact. Thus, physically safeguarding it is a very important step.

Regular check-ups

Conduct regular checks of the apps running on your phone. It’s far easier to do on iOS than Android devices via proprietary settings, but there are security apps for no-hassle surveillance of your Android device permissions and active applications.

Be one step ahead

Activate the ‘find my phone’ or remote locking option on your device, or, if you have good reason to, there’s always the auto-erase option after a specific number of incorrect password attempts. Remote locking is accessible via iCloud for iOS devices, and in the google.com Device manager section.

Reconsider auto-login and be wise about passwords

Consider removing the auto-login option for the most sensitive websites, or use a password manager as an extra layer of security. Don’t use the same password on any two websites – as many times as it’s been said, it’s still not enough.

As you see, there are a number of steps, which in their totality actually create a functioning line of defense around your device and the sensitive information that it contains. Don’t neglect them, and you’ll be ahead of at least some of contemporary electronic threats.

The Future of Tracking Technologies

Photo by Mikaela Shannon on Unsplash

Out of the many technological developments that are becoming a part of our lives in this amazing time that we are witnesses to, some have a systemic effect, while others have a more local effect. Tracking technologies belong to the former category, and affect practically all other aspects of our devices’ functioning.

Location-based services are required by the widest range of apps and services – from weather, news and dating apps to phone location, IoT, and iTunes. Where else can they possibly be used? What other functions can they possibly fulfill?

Technological progress is not merely a linear advancement along the same lines, it entails the emergence and implementation of game-changing ideas, so there’s always a novel concept to be based on the already existing technologies. Let’s consider the new ways in which location tracking services are becoming yet more useful.

The three leaders

  • First of all, GPS-based technologies, which is well familiar to everyone and are used extensively already, will become even more pertinent for the following reasons: targeted advertising is growing more and more precise, mobile gaming that tracks a player’s movements is also advancing with the development of AR/VR technologies, and its popularity is very likely to skyrocket. GPS is also a very promising trend in livestock welfare tracking, a notion that combines GPS with biometric sensors, a health and fitness tracker to be placed on grazing free-range livestock.
  • The second technology currently under development is IPS, or indoor positioning system. It’s well-known that GPS loses most of its tracking power indoors due to its technical nature and loss of connection with the satellites. Most current IPS are able to determine an object’s indoor position, but still need major fine-tuning in order to be able to track an object in motion. They use different technologies, such as magnetic positioning, acoustic and radio technologies, dead reckoning and are able to measure the distance to a nearby node with a fixed position. In the future, when IPS is improved, it can be integrated with GPS to create a seamless tracking system.
  • The third development that we’d like to talk about is of an entirely different scale – it is a major, groundbreaking turn. Cloud computing is taking the next step and transforming into fog computing, which will create even more connections and links within the IoT (internet of things). Fog computing aims to connect the cloud to edge not devices. It does not sound like it’s a tracking-related notion at first, but IoT certainly requires location information in order to create a more comprehensive infrastructure. Of course, this is most lucrative to advertisers and entrepreneurs, but that’s the world we live in, and the benefits of previously unheard-of convenience have a price tag – less privacy being the major one. Fog computing can also potentially benefit the entire community, whether in an urban environment, where smart traffic lights would be able to allow emergency vehicles through without any delays, or anywhere, with energy distribution applications ensuring a consistent allocation of power to all consumers.
  • Fog computing is currently at the inception stage, and most deployments that use this technology often face a number of challenges, including network bandwidth, security and latency. The notion came about in 2014, when CISCO introduced its vision of the future. It stated that fog computing is the more efficient way to process information than consuming cloud services by generating increasingly vast amounts of data. Rather, it allows to localize control and provide faster communication between devices, and does not require access to the cloud for such communication.

We have merely touched upon the three major bases of tracking technology of today, but as time goes on, there are bound to be many surprises and inventions that will change our lives in an even deeper manner.

Passwords – True Guards or False Friends?

Photo by Markus Spiske on Unsplash

One of the numerous issues with the increasingly more digitalized contemporary reality is the sense of false security that it so easily instills in people. We are lulled into feeling that our passwords are keeping our data safe, our bank accounts are linked to our e-mail, our phones unlock with our unique fingerprints, and so on.

We are not here to argue that the 21st century is a fantastic, breathtaking time to be alive – it is indeed, with all the diversity, amazing technology and freedom that it offers. But there’s a price tag on everything, including the convenience and ease of many everyday tasks that can be undertaken online (or in many cases can exclusively be conducted), and, in this case, the price are the digital threats, such as identity theft, the ever-increasing danger of privacy intrusion, cyber-bullying, personal information leaks, bank fraud and other numerous potential security breaches that may range from unpleasant to life-threatening.

Passwords are one of the chief security walls between a device or application user and the potential threats posed by hackers and malware, among other issues. Or are they? Are they merely a veil that creates a false sense of security?

Basic password rules

Well, certainly if a top-level hacker sets a goal to get into your e-mail, provided that you’re not a top-level hacker yourself, it’ll most likely be a matter of minutes, or hours at the most. However, since this is an unlikely case scenario, we’d say that passwords are a relatively reliable defense against an average break-in attempt. So it does make perfect sense to learn the basics of proper password creation, namely:

  • Random is better than predictable
  • Complex is better than simple
  • Long is better than short
  • Avoid:

Reusing old passwords / Using the same password on different websites /Keyboard patterns / Doubling up the password to meet length requirements

  • Two-step verification should be used where available

And here’s another piece of advice that’s so obvious that it almost seems ridiculous – do not ever use the passwords like 123456 and password. These are the first to be cracked by the most amateur hackers, and denote your complete oblivion to the basic digital safety rules. Common pop-culture terms, numbers in their regular or reverse order, letmein, qwerty, iloveyou, admin, welcome, whatever and login top the “most popular passwords” lists for years on end – never mind the fact that in a perfectly sound digital world there should not be any such lists to begin with. According to one of the latest Splashdata compilations, the newest 2017 addition is, ironically, trustno1.

A password manager app is actually a great way to store passwords in a secure manner, and generate new ones if you’re all out of ideas.

How vulnerable are we?

As the number of our activities shifting to the digital zone is increasing with the speed of lightning, the number of threats that we encounter grows at approximately the same rate, so we need to be aware of how vulnerable we are and do whatever we can to become at least somewhat less vulnerable.

There is a lot of frightening information out in the open about hackers being able to crack up to 90% of 16-character strong passwords. This is possible primarily due to the relatively insecure cryptographic method called hashing, which is most commonly used. The passwords are ran through a one-way mathematical function, which creates a hash, or a unique string of numbers and letters. The hash can be then converted back into a plain text password.

The first stage of an attack usually cracks over 50% of the passwords, while the later attempts are increasingly more complicated, utilizing so-called Markov attacks, brute-force attacks and wordlist attacks, and reveal a smaller and smaller number of passwords. There isn’t much than a regular user can do about the way that a website treats their password. However, making sure that you’ve complied the relatively simple basic rules will indeed protect you from break-ins – at least to a certain extent.

Do Smartphones Know too Much about Us?

Image Credit: Josh Felise / Unsplash

Our smartphones hold so much information about practically all aspects of our lives – it’s scary to even start thinking about it. Contact phone numbers, photos, videos, location history, banking passwords, personal messages and e-mails – this is just the standard list, there is definitely more significant and intimate information on your device than you’re willing to share with anyone, let alone the criminals that may have stolen your phone.

There are numerous programs that can be installed on a smartphone, known as spy apps, which will grant you control over the phone and online activities of a troublesome teenager, a cheating spouse or an unscrupulous employee. They basically allow a similar degree of control over their electronic devices as a thief would have over yours in case of theft. Let’s assume you are not planning to take advantage of the information you find on a child’s or an employee’s phone and will only use it for their benefit in the former case, and for the benefit of your company – in the latter. There are still moral issues to be considered, but here, at least, there is no criminal activity involved.

The secret life of a stolen phone

What happens, though, when your phone with that wealth of personal information floats out into the ocean of distinctly criminal activity? Unpleasant, to say the least, but very disturbing and downright dangerous in the worst-case scenario. After his iPhone got stolen, Dutch filmmaker Anthony van der Meer decided to see what would happen to another phone, which he rigged especially for the theft by installation of Cerberus, an app that lets you be the guard of your own phone if it is stolen. The range of this app options is strikingly similar to spying apps – it allows to trace location history, take photographs and record video remotely, control the internet connection, phone calls and contact list updates. It also allows you to backup or wipe your data remotely, which certainly sounds useful. This anti-theft program basically allows you to spy on your own phone. With a little bit of extra work, which entailed installing the app in the system memory segment, instead of the user segment, van der Meer made sure that the program can survive a full phone wipe. He also made it run under the radar by changing the app name and making it more inconspicuous, as well as forbade automating updates or flashing.

Then he placed himself in a situation where he provoked the theft of the phone (it actually took four days of work, which is reason for optimism), and began his investigation, filming himself in the process and revealing some of his counterpart’s activities, but not his face. What he observed over the course of the next weeks was not particularly eventful, but that’s not quite the point of this real-time low-budget tech thriller. The point seems to be more in the exploration of the psychological relationship we have with our devices and the disturbing feeling we get when they are stolen, since they have grown to be practically parts of our selves. The film also explores the unusual one-sided relationship that the filmmaker began to form with the thief in possession of his phone. Strangely enough, issues of privacy emerged as van der Meer felt that he may be invading the privacy of the alleged thief. This is an issue that also arises with spying apps, which are not unambiguous from a moral standpoint.

Protect yourself!

The Find my Phone film is a curious exploration, but don’t just stop at watching it and musing on the concept. If you are genuinely concerned about the security of personal data that your phone contains, installing an anti-theft app is a very good idea – before it’s too late. Not many of us want to conduct as thorough an investigation as van der Meer did, most of us just want to be protected from identity theft, people meddling in our personal affairs and banking accounts and other types of unpleasant activity that may ensue.