Chances are good that most – if not all – of us leave our computers unattended somewhere, sometime. For me this is at home. Though I generally abide by best practices and shut down before leaving my computer, occasionally I don’t. I can be caught close my MacBook’s lid and heading out the door to run an errand, walk the dog, whatever. I do have some peace of mind that no one is messing with my computer, however. This is because of an app called Blink.
Recently reader asked me to write a post about the implications of Cellular, Wi-Fi, Bluetooth, and Near Field Communication (NFC) radios in smartphones, and the privacy and security implications of each. I will, and it will be in several parts. Today I am going to cover smartphone Wi-Fi security and privacy. I’m sure you’re heard that you should leave your smartphone Wi-Fi turned off when it’s not in use – but why? Continue reading “Smartphone Wi-Fi Security”
After hearing my recent interview with Aaron on the In the Rabbit Hole Urban Survival Podcast a couple weeks ago, I realized that I’ve yet to talk about vehicle privacy and security. For those of us in North America, vehicles are a way of life. Vehicles present some unique privacy and security challenges. In this post I’m going to talk about a few things you can do to improve vehicle privacy and security. Most requires some minor behavioral modification. Continue reading “Vehicle Privacy and Security”
I strongly advocate the use of password managers. In October I will be reviewing and providing tutorials for a number of password managers as part of my National Cyber Security Awareness Month posts. Even with password managers, however, you still need to remember – and be able to manually enter – at least a few passwords. Your like full-disk encryption and password manager require passwords you know and remember. Diceware passwords are cryptographically sound passphrases that are easily remembered and easily created. This technique is quickly becoming one of my favorite for creating good passphrases. Continue reading “How To: Diceware Passwords”
Email is a service that we all rely on. Finding an email provider that promises a good balance of privacy, security, and convenience is a fraught proposition, however. As readers here doubtlessly know, I have huge privacy concerns around email. I hate giving out my real email address if possible, because it equates to attack surface (more on this later). I also hate using the same email for multiple services, but this creates major convenience problems. And I can’t store email with providers that either a.) dont’ store my data securely or b.) store it securely but scrape it for marketing purposes. Readers here also know I am a big fan of ProtonMail. This is why I decided to give ProtonMail Premium a try. Continue reading “ProtonMail Premium Review”
I recently received an email from my close friend, Gabriel. He is deployed to a very dangerous corner of the globe. In it he asked me to handle some of his digital affairs in the event of his death. Of course I agreed, and the conversation started a train of thought: if I died, what would happen to all my electronic files? With no way to access these, everything I have created would be forever lost upon my death. Worse still would be a scenario where, as the result of injury or illness, I could not remember or enter my own password(s). These are my ideas: one workable yet secure solution to the “death and passwords” problem, and one perfect world scenario.
Quick announcement: I was recently interviewed for the In the Rabbit Hole Urban Survival Podcast. This time Aaron and I talked about physical security. We had time to delve pretty deeply into some good topics including general security considerations, deadbolts, padlocks, and safes (a lot of stuff about safes). If you’re interested check it out at https://www.intherabbithole.com/e179/. If you like it, feel free to let Aaron know. Continue reading “ITRH Interview on Physical Security”
In my last post I recommended some specific locks. This week’s post will cover improving the security of existing locks, or the Grade 1 hardware I recommended. The goal is to create a “Grade 1+” lock, by adding some additional security measures. Enhancing deadbolt security very achievable with just a little spare time, access to a locksmith, and some basic hand tools. Continue reading “Enhancing Deadbolt Security”
Several weeks I ago I wrote a post about Mechnical Lock Threat Models, detailing categories of locks, and the users who should have them. In this post I am looking specifically at deadbolt selection, and offering some recommendations based on my mechanical lock threat models. Continue reading “Threat Model-Based Deadbolt Selection”
I travel a lot, and I stay in a lot of hotels. For the last five years I have averaged somewhere 150-200 nights a year in hotels. This year (so far) has seen me in hotels in at least 32 different cities including Boston, Charleston, Knoxville, Las Vegas, New York, Phoenix, Salt Lake City, San Diego, Tampa, Vancouver, and a host of military towns. This gives me a lot of opportunities to see and think about the security of hotels and hotel rooms. Hotels generally try to put on a face of security with signs reading, “For our guests’ safety this door is locked between the hours of __ and __”. I have found this, in reality, to be so much security theater. Hotel staff are trained in hospitality, not security. And no matter how secure a hotel attempts to be, there are inherent flaws that are hard to overcome. Let’s look at some examples of hotel room insecurity and what you can do to mitigate them. Continue reading “Hotel Room Insecurity”