In Technology We Trust

The de facto standard these days, that is, doing business by way of digital means. If you are online, no matter what you do, no matter what security apps you have, your online presence can be a gateway not just your computer but identity. There are several ways that I can demonstrate why you might not be as protected and secure. These are fairly basic, yet it is all some hacker would need to exploit your device. The information below on the right is actual information returned by your device. Results will differ if your device is not directly connected to the internet. This website do not save any of this data

Your Information

Device
Version
Browser
Version
PC or Mobile

A PHP Error was encountered

Severity: Notice

Message: Undefined variable: hw

Filename: tech/e1.php

Line Number: 115

Backtrace:

File: /home/qfinity/public_html/plus/application/views/tech/e1.php
Line: 115
Function: _error_handler

File: /home/qfinity/public_html/plus/application/controllers/Tech.php
Line: 30
Function: view

File: /home/qfinity/public_html/plus/index.php
Line: 315
Function: require_once

IP Address
18.208.126.232

Understanding the context of your info

Essentially the data above means nothing without context, that is, for most of us. Perspective without context would seem as though this is a subjective perspective but in truth and scientifically it is in really objective, though my spin on it and examples used is subjective. At any rate below is the basics and if you click on the plus to the right you will be presented with some pro's and con's on each point (may not work on all browsers).
Device / OS
The device or operating system identifies what base system your hardware is using.
PRO:
Essential for support technicians when assisting you to troubleshoot problems over the phone
CON:
The hacker on the other hand will no what security holes is specific to the operating system
OS Version
The version you use is quite important, increasingly so the older the software is.
PRO:
Since each version even of the same OS can differ greatly, a support tech will require this information when assisting to fix a problem
CON:
The version simplifies it for the hacker in that not only does he or she know what OS you are using but which version thus only need to look for security holes at the current level [version]
Browser
Firstly, a browser might be the tool you use to do banking, research other stuff you do online. Using browsers that are no longer supported by the vendor who developed it or browsers not up to date with security standards and protocols can create a security hole and in turn when security is breached it puts your entire system at risk.
PRO:
Well sort of a 'pro' since you cannot do internet stuff like mentioned without one, but there is a difference between using a browser to enable you to do what you do and a browser that are kept up to date and thing is, this is not to underestimated. Using a 'cool' or 'cute' browser can but almost never is 'solid'
CON:
Browsers have engines, those engines essentially interpret script and code that makes up a website, from simple rendering of text to full blown applications. However, script and code from a developer standpoint is essentially the nett result or output that is produced depending on the programming language used so even when the browser is stable and secure the website you use to do your stuff might not be. Hackers know this pretty well and exploiting resulting security gaps is something many Hackers will scan for. Including security holes, outdated code, and everything in between from the server to the client.
PC or Mobile
Generally different devices have different operating systems and that means if the device is a PC (personal computer) the hacker will use techniques that are specific to the device.
PRO:
Again no real 'pro' other than it is awesome to such a device.
CON:
The Hacker is a peculiar entity, always there but rarely seen, mostly not dangerous since for 'true hackers' it is simply a way to test his skills, a game if you will, just another challenge. They do it simply because they can. Sometimes they their success can mean damage to the target. Yet you have the other kind, they are after your information, whatever it might be, do it for payment for that is their reward.
IP Address
Whenever you connect online regardless of device your internet provide will assign an address to your device that mostly changes only every few hours or days (simply called a Session). Thing is, often times the address is so precise and generally this can be plotted on a real street map to an accuracy of a few meters when the device passively uses GPS and if the device have no GPS the accuracy can be within less than a kilometer, this is partly because just like GPS uses triangulation via satellite, a location can be determined simply by nodes (think of those towers or boxes with some ISP or Telco provider’s label on every other street corner or junction). The more nodes, the better the accuracy.
Mostly this not because ISP’s or Telco’s are evil, instead because it is an internet standard that forms part of what we refer to as The Internet. Whatever you do online without anonymity can be seen by your provider. This is kind of a double edge problem because in part it puts you at risk and in part should someone threaten you by email your ISP can investigate the matter (including other authorities). Without an IP Address there can be no transfer and receiving of information and therefore no internet.
Good news though is that your privacy is significantly more important than you think, the onus is on the ISP to protect those logs. They do so pretty well and if you don’t believe me, try requesting your logs and they will simply say, sure but get a warrant first, that is how well it is protected, I should know I worked for an ISP back in the day. But remember, the single most important thing to a hacker when it is a targeted attack is your IP address and as shown above, the easiest thing to discover.

Shields up... Protection, Safety and Security

Despite the fact that all the above information becomes known the moment you go online, there are measures you can take to protect yourself. Remember technology is only as good as those who created it, albeit software or hardware. And it is a constant race between those who are out to exploit you and those trying to protect you.
And Gone are the days when this article would apply only to Personal Computer users. If you have a mobile device (not just cellphones but smartwatches, smart TV's, even things you would think to be impossible such as pacemakers. Exploits happen almost every second of every day and if your device is not the target then it is a host where Malware can hide, evolve and move on to their actual target.

Essential defensive tactics

  • So first on the list make sure your devices have a layer of active protection, that is, install a known brand which have a decent track record when it comes to safety, is established and not a new product or worse a product still in development but open for test (alpha and beta software) and lastly a vendor that provides decent support and frequent updates not just in terms of detection but the software doing the protection.
  • Never rely on any security software to protect you in every respect, as mentioned in the past it would have sufficed but in modern times consider it more of a symbiotic relationship where the security software depends on your responsibility.
  • There are different types of protection and in the software world you want to make sure you use a well-rounded option mainly consisting of partly an Anti-Virus engine and partly a Firewall. Elsewhere I will provide more insight regarding the terminology and other security options.
  • Consider using a VPN. A VPN (Virtual Private Network) without going into any technical detail essentially “obfuscates” your real IP address. There are many options and as part of the above many vendors includes this in their offering. I personally prefer a stand-alone product.
  • Always ensure you have the latest updates installed in terms of your operating system (like Microsoft Windows Updates or Android updates). Keep your security software up to date and make sure your internet allows for software to update regardless of time.
  • Use security software specifically designed to detect, prevent and defend against Malware. Make sure it works with your primary security software and not against it.
  • A note on the point above... do not install more than one security software suite since instead of doubling your security potential it would rather cancel each other out or be much less efficient.
  • If you are a Windows 10 user, you are already equipped with the above software. But we all know Microsoft’s products in terms of security sucks, right? Wrong, gone are the days when this was true (after all back then the focus were mainly on Windows and Office), Microsoft’s security software is truly comparable to industry leading products and in many ways superior… and one benefit Microsoft have over any other vendor is that theirs are part of the core of Windows whereas others simply build theirs atop Windows.
    • I speak from personal experience, during my previous tenure at my previous employer I had to defend this argument not against one computer 'expert' but two and long story short they ended up proving that they are less of an expert than their own arrogance allowed for.
  • Stop all the link clicking without thinking. A common mistake many of us make is to read an email that appears to be legit but is anything but. I will do an entry on this but for now to use an example, if you get an email from a bank you do not belong to in any way stating something along the lines of "to secure your account please follow the link below". Essentially called Phishing.
  • Do not open attachments that end with the extension zip/html/vbs. In fact if you don’t know the person, delete the email. However, mark it as spam first before you delete it. Essentially if an attachment is .html for example, most products will not see it as a problem in the same way that emailing the latest picture of your dog someone is not a problem, but .html is essentially the stuff websites are made out of, therefore when you open it and it contains malicious code then it could spell disaster or where the .html takes you will appear like a ligit site with logos, font, colours all the same as the original even the form in some case, but once you complete that form and hit submit... yeah you just gave your login credentials to someone else.
  • Avoid using USB Flash drives that someone else gives you where possible. Portable storage is much like people sharing the same needle, it might not infect the first, second or third person but if person number four are infected then so is the needle and from that point forward most people using it will become infected.
  • In general avoid websites that are not secure, that is, websites that begin with http://example.com instead of https://example.com. The ‘s’ in ‘https’ stand for Secure
  • Do not download software from unknown websites, instead download from reputable sources only. Mostly search engines filter out these sites in advance but some do fall through the cracks.
  • Always bear in mind that irresponsibility on your part can have significant impact on your contacts. Or as the saying goes "if you are not part of the solution, you are part of the problem".
  • When it comes to passwords and passphrases attempt to remember opposed to writing them down (who locks their car but leave the keus in the lock, similar thing). Use passwords that are long not short, contains upper- and lower-case character, numbers and so forth.
  • Backup critical information and where possible upload to a cloud service such as Google Drive, Dropbox or OneDrive to name a few popular options. External storage should only be an option if the former is not an option. Other than that, use external storage for files that are simply to large to upload to the cloud. Regardless the important thing here is to backup your data as frequently as possible

Behind the scenes

Remember, your service provider is actively protecting you where possible, and where possible... is mainly email. So, the emails you receive goes through rigorous filters before it reaches you. And the security software you have (hopefully you do have) is also passively protecting you, but if I know this then so does other with malicious intent and therefore there is always a way to fool your security and that of your ISP as these are not seen as a threat so that is why you are the single most important layer of protection and there is little hassle involved.

Better safe than sorry

If you are not sure about some of the above then it is money well spend to have an expert which can both install whatsoever needs to be installed, confirm your current level of protection and someone who can address your questions until you have a good understanding on the above. After all you would not diagnose and treat yourself if you are not a Medical Doctor, so why would you take that approach with the very device you count on to conduct business or contains sensitive information. In say that let me put it another way, if you are feeling sick you do not go to your hairdresser, well I suppose some do... never the less just because someone you know might know a little bit about computing is not the same as consulting an expert in the field of information technology. being proficient at something does not mean you follow protocol. Information Technology is based on standards, principles and knowing when to do what. I constantly and consistent

If there is something strange in the (network)Neighbourhood... Who do you call?

In closing if you do not have any security software, do not just go buy a product based on what ‘best’ according to Jack and Jill. Consult a computer expert because though reputable software is essentially effectively on par with each other there are underlying factors that must be considered. Such as if you have an older computer then it is probably best to use a product that is light weight and not resource intensive otherwise you will simply end up with slower to much slower device. There are many of these underlying factors and in truth what works for one person may not work for another.
I constantly and consistently find that people who are not practitioners in this field undermine IT Specialists. Sure, there are those who refer to themselves as Experts but do not have the experience nor the qualifications. Being capable of doing something is not the same being qualified to do something. So, there exists this dichotomy and I sometimes wonder if it is simply so because IT is misunderstood. If true then that paradigm needs to change, and by change, I mean not somewhere in the future, but rather it should have already changed. Do you know what the number one threat according to the various intelligence agencies globally? It has to be nuclear warfare, right? Wrong the number one threat is cyberwarfare (I am doing an entry on this) and it is not just a threat, it is an existential threat. We live in a world that is dominated by tech, smart this, smart that. From fridges to powerplants to lightbulbs, the risk has never been greater.

Conclusion

Do you know what the number one threat according to the various intelligence agencies globally? It has to be nuclear warfare, right? Wrong the number one threat is cyberwarfare (I am doing an entry on this) and it is not just a threat, it is an existential threat. We live in a world that is dominated by tech, smart this, smart that. From fridges to powerplants to lightbulbs, the risk has never been greater. I started this entry by showing you your own details and even if you have all the protection and security software, chances are that I was still able to show this information. Bottomline is, there exists no such thing as total protection, so be extremely careful when such claims are made. It is scary but however scary it might be it is also true.
Now before you get all paranoid on me. Not all is doom and gloom, no underground bunker required. All you need to do is what you might already be doing but this time around if you honestly follow the advice above, you will find that you can still do what you do but in a manner that is much safer, more secure and more responsible and without breaking a sweat. If enough of us do this we will eventually curb exploitation to such an extent that it will become a rare thing indeed. If we don't we have only ourselves to blame when out of pure arrogance just ignore it... this will, not could, but will result in an existential crisis.