Personal and Technical Security Series Pt:4 Email Security

Tips for Protecting Your Online Communication

Email has become an essential part of our daily lives, allowing us to communicate quickly and efficiently. However, with the ever-increasing threat of cybercrime and phishing attacks, it is crucial to prioritize email safety. In this article, we will explore some important tips and best practices to help you safeguard your email communication and protect your personal information.

  1. Create Strong and Unique Passwords:
  • Use a combination of uppercase and lowercase letters, numbers, and special characters.
  • Avoid using common or easily guessable passwords like “123456” or “password.”
  • Consider using a password manager to generate and store complex passwords securely.
  1. Enable Two-Factor Authentication (2FA):
  • Enable the two-factor authentication feature provided by your email service provider.
  • This adds an extra layer of security by requiring a secondary verification method, such as a unique code sent to your mobile device, in addition to your password.
  1. Be Wary of Suspicious Emails:
  • Exercise caution when opening emails from unknown senders or with unexpected attachments or links.
  • Avoid clicking on links or downloading attachments unless you are confident about their authenticity.
  • Look out for telltale signs of phishing, such as misspellings, grammatical errors, or requests for personal information.
  1. Verify Email Sender’s Identity:
  • Pay attention to the sender’s email address. Be cautious of emails that appear to be from familiar organizations but use a slightly different domain or contain additional characters.
  • If you receive an email requesting sensitive information or financial transactions, verify the legitimacy of the sender through a trusted source, such as a phone call or official website.
  1. Keep Your Email Software Updated:
  • Regularly update your email software or app to ensure you have the latest security patches and bug fixes.
  • Outdated software may have vulnerabilities that can be exploited by hackers.
  1. Be Cautious with Public Wi-Fi:
  • Avoid accessing your email or sending sensitive information while connected to public Wi-Fi networks.
  • Public networks can be insecure, making it easier for hackers to intercept your communication.

You can read my previous post on this here

  1. Regularly Backup Important Emails:
  • Create backups of important emails and store them securely.
  • This ensures that you have access to important information even if your email account is compromised or inaccessible.
  1. Educate Yourself and Stay Informed:
  • Stay updated on the latest email scams, phishing techniques, and security best practices.
  • Be aware of common tactics used by cybercriminals and learn how to identify and report suspicious emails.

Conclusion: Securing your email communication is crucial in an increasingly digital world. By following these tips and implementing strong security practices, you can minimise the risk of falling victim to phishing attacks, identity theft, and other email-related threats. Remember to stay vigilant, trust your instincts, and prioritise the safety of your personal information. Safeguarding email communication will provide peace of mind and protect your online presence. Below is an infographic on common Phishing tactics;

With this now being part 4, I think we can put this one to bed :(, no doubt I will circle back and add more to this series in the future but for now I want to get back into tech writing :).

Personal and Technical Security Series Pt:3

Social Media and the Internet

The advent of social media and internet mail has revolutionized the way we connect and communicate with others. While these platforms offer numerous benefits, it is important to be aware of the potential dangers they pose. In this article, we will explore some of the risks associated with social media and internet mail, and provide tips on how to stay safe and protect your personal information.

Online Privacy and Security

 Social Media: One of the major concerns with social media platforms is the potential compromise of personal information. Users often share a wealth of personal details, including their location, interests, and even daily routines. This information can be exploited by cybercriminals for various purposes, such as identity theft, stalking, or targeted phishing attacks. Internet Mail: Email communication is susceptible to hacking and unauthorized access. Cybercriminals may attempt to gain access to your email account to steal sensitive information, send malicious attachments, or perpetrate scams.

Cyberbullying and Harassment

 Social Media: Unfortunately, social media platforms can become breeding grounds for cyberbullying and harassment. Users may face constant online abuse, offensive comments, or even threats. The anonymity provided by social media can embolden individuals to engage in harmful behavior, causing emotional distress and mental health issues. Internet Mail: Email harassment, known as cyberstalking, is a serious concern. Unwanted messages, spam, or threatening emails can invade your inbox, causing anxiety and fear. It is essential to be cautious when sharing your email address online and to report any instances of harassment immediately.

Fake News and Misinformation

Social Media: The spread of fake news and misinformation on social media platforms is a growing concern. False information can easily go viral, leading to confusion, distrust, and potential harm. It is vital to verify the authenticity of news articles before sharing them to prevent the dissemination of misleading information. Internet Mail: Email scams and phishing attempts often involve the circulation of false information. These emails may claim to be from a reputable organization, seeking personal information or financial details. Being cautious and skeptical of unsolicited emails can help protect against falling victim to such scams.

Addiction and Mental Health Impact

Social Media: The addictive nature of social media can negatively impact mental health. Continuous scrolling, comparing oneself to others, and seeking validation through social media can contribute to feelings of low self-esteem, anxiety, and depression. Internet Mail: Constantly checking and responding to emails can lead to increased stress and anxiety, especially in work or personal settings where immediate responses are expected. Establishing healthy boundaries and managing email usage can help mitigate these effects.

Conclusion

While social media and internet mail have undoubtedly transformed the way we communicate, it is crucial to be aware of the potential dangers they pose. By understanding these risks and implementing best practices for online safety, we can enjoy the benefits of these platforms while protecting ourselves from the associated hazards. Remember to prioritize your privacy, exercise caution when sharing personal information, and report any instances of harassment or suspicious activity. Stay informed, stay safe!

Note:

Please remember to always consult professional advice or organizations specializing in online safety for comprehensive guidance on protecting yourself from the potential dangers of social media and internet mail.

Personal and Technical Security Series Pt:2

Following on from yesterday’s post about the new series I will be doing, today we will be focusing protecting yourself, your family and your pets whilst out and about in the world. I am sorry but this is going to be very long post, in fact the series is going to be rather long, and I have cut it down as much as possible.

With an ever-increasing crime rate one of the biggest has been in pet thefts as the demand for man’s best friend has gone through the roof, this is mainly due to more people working from home and during the lockdown. Due to the high demand the cost of puppies has soared, and new puppies have been unable to meet demand, whilst the shelters have largly been ignored. This has seen gangs transfer from drugs and other crimes over to Pet theft as the laws are not up to the modern standards on what a dog is, from the laws point of view a dog is nothing more than property (no more thought of than a computer or kettle) if stolen, the law is changing, and many parties are working to get the law changed. But until it is changed let’s look at the best way to deter a potential theft as well as introduce some good innovators in the world of pet security.

Cool so now we know what we are talking about, let’s get to it ..

Every Day Carry items (EDC)

So apart from the obvious advice about telling loved ones or friends of where you are going and how long you should be, it is always a good idea to have a walking, going about your business EDC, now we are not saying that you should be doing some sort of Jason Borne type EDC but simple everyday things that could come in handy should the worst happen.

General items

  • Wallet and keys (I know bear with me)
    • Wallet should have coins and paper money as well as cards just in case, I would recommend no more that £10 in notes and change to be carried at any one time.
    • It could also help if you are caught short and need to pay to use the toilet, yes some are paid for and some are free, either way its better than a squat in the bushes
    • If you need to buy refreshments for you or your pooch (remember NOT to leave your best friend outside the shop)
    • Keys are self-explanatory, I hope but in modern times we do tend to forget things
  • Mobile Phone (and if available extra Batteries such as a Mophie)
    • A fully charged phone is vital if for any reason if you get into bother, it can be a vital lifeline to family members or the emergency services
    • Phones have tracking apps these days such as Apple’s excellent FindMy service which allows you to share your location with other family members and friends within your network 
    • If you can spring for it use a backup Pay as You Go mobile such as a nightclub phone (any £20 dial/text only non-smartphone will do if for emergencies only where you only need to call or text, but keep it up to date with contacts that you need should the worst happen (I personally have a Sat phone that does calls and texts but gets me the call I need so long as I can see the sky)
  • Pocket book and Pens
    • For writing notes quickly, if your phone dies or in an emergency your phone may not be the best place to take notes.
    • Notice I said pens, personally I would always want to carry multiple pens with me in case one ran out of ink or it got dropped, pens are cheap and readily available. Ghouletech would recommend the refillable type to save on wasted plastics.
    • If you are in shock or other heightened states, writing with pen and paper is instinctive whereas a phone may not be (depending how much you are on it)
  • Waterless hand wash and face covering
    • OK this needs not explaining I hope, I mean we all came through 2020 right?…
  • Small waist bag or over shoulder bag
    • For those of you that are cautious I would recommend a shoulder bag that can be worn under your outer clothing (think of the man bags that are popular now)
    • This is to keep your EDC items in and should be kept stocked up and checked regularly
  • A small first aid and sewing kit
    • Especially useful in times when you are traveling with your pooch or child, or if you are particularly clumsy (like me).
    • Make sure any perishable items within it are kept in date and use the hand steriliser as a wound steriliser (yep its gonna hurt a lot but not as much as an infection) 
  • Mints/sweets or snacks
    • Pick me up if you get lost or hurt whilst walking in unfamiliar or isolated places
    • Let’s be honest the odd cheeky sweet is always a good thing, right? (Jellybeans are my favourite for this type of bag, they are flavourful, playful and light to carry) 
  • Whistle or Panic alarm
    • If you need to get attention fast and far reaching a panic alarm or whistle can be a lifesaver.

So for the Wallet, keys and Mobile phone I would keep this in separate zipped pockets either inside your coat or if not possible within your bag of choice, keep these items out of sight as much as possible, Ghouletech would recommend that you do not flash your expensive smart phone about and limit its use, as it distracts you from your surroundings and some phones can single you out as a target. If possible, we would recommend that in your EDC bag you keep an old phone or simple phone with PAYG sim card both charged and topped up as a backup.

EDC with Pooch

In addition, the above, if you are regularly walking your dog you should be mindful of the extra’s you need to carry, all these items are thought of to keep in your main EDC walking bag;

  • POO BAGS and dispenser
    • It should go without saying, if you would not change your infant child’s nappy then I would suggest you don’t have a dog, it’s the same thing, not only is it unsightly but dangerous to other people’s health especially children.
    • Meg Heath Dog Leads sell these in their store here and they can be attached to your EDC bag externally added bonus is that it gives you a torch for those long winter nights.
    • It’s a legal requirement to pick up after your dog, and you have no excuse not to.
  • An extra Lead (Slip Lead)
    • Recommended that this be a slip lead of sorts found here
    • If your main lead gets cut or breaks, this gives you a backup to your main lead as a main lead I would recommend a good quality lead by a known brand, especially as the main weakness points on a lead could mean that your dog is no longer tethered to you
    • If you come across a stray or lost dog, this gives you an extra lead to be able to deal with that situation
  • Travel Water Bowl and Water 
    • They are cheap, a good one is again available from Meg Heath Dog Leads here
    • If you come across a stray the bowl can be used to both give water and provide some of the snacks to at a distance to help build trust. He/she will trust your dog (so long as they are being friendly) but they won’t trust you at first, your dog may have to vouch for you and give you a reference first 😉
  • Scooby Snacks
    • Keep some fresh snacks with you, this can be useful for a variety of reasons
    • Training your dog is important as training your child not to touch the iron but we will get onto that soon enough 
    • Aids in quicker recall, (it also works for me, if you want be back to you quickly then have a snack ready) if it works on a late thirty’s grown man it will work on your lovable best friend.

General advice

Ok I am mainly focusing on dog or family walking for pleasure, either in a rural countryside setting or the local parks and nature reserves. But this could be adapted to the urban settings. Wear appropriate clothing for the season and your setting, good walking boots or wellies, a coat for the season you are walking in. but this is not the topic of this post, other people know far better than I. 

Advice for your personal protection is to let someone know where you are going, have a route or two planned tell you nominated person which of the routes you are taking and how long it should take you, ensure your phone is fully charged and keep this out of sight as a rule, this is to stop you from being distracted. 

If this is a route you are walking often, vary the times you are walking the route by around a 10 -15-minute window, this way if someone has been watching you, they won’t get an accurate time on your routine, be aware of any changes to the route as you walk it, make a note if you need. Thieves are generally opportunists and so will be waiting for you to be distracted or cause a distraction to enable them the element of surprise, do not give them a reason to target you, phones whilst safer these days are just as much as a target than anything else, keep it zipped away.

If walking with your dog, use a good quality lead and harness as well as an ID collar use every tech available to you for your pooch for safety. Ensure you are complying with the law by ensuring that your pooch is micro chipped and that the microchip details are up to date.

Technology 

Now we get to the best bits, the reason why this blog and website exists Technology, yes, I am a bit of a tech geek that loves my gadgets. But I also love the non tech-based gadgets where a product has been designed to meet a market gap and does it well. Below I will go through some of the tech and its uses and pitfalls, I will try and use two examples of good products, but whilst I have my recommendations it is up to you to decide if they are right for you. Where possible, I will add a link to the product either in Amazon or the Makers direct site.

Tracking Devices

Commercially available software and hardware devices are now ubiquitous. Apple, Google and others have brought to the market both software solutions for your phones and gadgets, but also new hardware. If you are using either of the Apple or Google ecosystems it will be dependent on your personal eco system. With all tracking types of solutions privacy is the biggest issue, I have covered whats available from google and apple as these are the most likely devices people carry. When used to make sure people are OK or to track lost items privacy should not be an issue, BUT when they are abused this treads into privacy violations so make sure if you are setting this up that you and your family are aware, and that you are all in agreement.

Software based

These features are generally built into your phone, laptop or other device, it is a good idea to get familiar with them and use them within your family network, this is especially useful if you have children to be able to know where they are if they are not back within the time they told you they would (if this tech was available when I was a kid I am pretty sure it would have saved me a hell of a lot of trouble with my parents  (OK maybe not!))

Apple FindMy

As an all apple user, this is the first thing I setup on all my devices, it has a neat feature for losable items like AirPods and AirTags that it will send you a push notification with the details of the item and the location of the item when last seen, you can also open the app and see all of your devices and the location, as well as remote lock and erase the devices (if stolen this is invaluable)

Pro’s

  • Its built into all apple devices.
  • Can have a child account so you can control the spending.
  • Works with the new AirTag (we get to this later).
  • Can share storage and purchases with family members.
  • Enable’s family photo library, this is a shared library for your family group.
  • Enables almost real time tracking of all your devices, Air Tags and Family members (family location sharing must be setup and configured).

Con’s 

  • Purchases from the App Store will now come out of the main organises registered account, and it is not easy to change, so if you have separate accounts you have to remind yourself to transfer monies over to balance your books each month (apple please fix this).
  • Only Works within the Apple Eco System, this is not a problem if you and your family are all Apple.
  • Location sharing used to be a pain in the backside to get working but these days 99.9% of the time it works.

To find out more about Apple FindMy and how to enable it please see these links Apple and for the non Apple page Macrumours. Both links give a good overview and setup instructions

Google Family Link

Not being an Android user other than what is built into the SmartTV’s I had to do my research into this, Personally I have not used an android phone in over 10 years and so this is based on my research.

Pro’s

  • Built into the operating system and so part of all Google’s ecosystem
  • Not as restrictive as Apples eco-system, works with more devices and third party devices
  • Can be shared with an iOS device, this is useful if you are a mixed eco system house

Cons

  • Security could be an issue, a report locked himself into a child account and found it lacking in security you can find more details here
  • Limited in features compared to Apple or other Apps available
  • Not as easy or intuitive to use, this is not for the faint of heart and you will need a good sit down with the instructions of technical help to use.

 To find out more about the Google Family link please use Google’s own help site here or pocketlints write uphere, for details of how to share to an iOS device Wondershare has details of this here.

As I said I am not an expert in anyway on the google side of things, this blog is meant to highlight the possibilities using technology you may already have available to you.

Tracking Hardware

 With recent advances in hardware tracking, the main players in this arena are going to be Apple and Tile, both have really good eco systems, again we are looking at what is readily available and what I would go for.

Tile tracker

Probably one of the more ubiquitous amongst us all, they are cheap light and have multiple versions, and a FindMy compatible version in the works. You would be hard pressed to not find one that doesn’t fit into your lifestyle

Pro’s

  • User-friendly App, designed for the not so technical amongst us as well as having the features we need/want.
  • Being a long time product means that the userbase is rather large and increases its chances of being able to track and locate your object.
  • Customisation, the app allows you to customise names, images of the device in situ etc so could be a fun afternoon setting them all up
  • Siren/buzzer is a sharp piercing noise that can be heard over large distances or from other rooms
  • Long battery life

Con’s

  • Some of the models do not have a replaceable battery and so become e-waste quickly
  • Geofencing is not currently part of this eco-system so if something leaves its designated area then you are not alerted

Overall the Tile Tracker product is a really good eco system and if you choose wisely should have a product for many years to come, I have bought loved ones these for keys and other simple easy to lose items and they worked well. To find out more about them tiles website is here. A trusted review can be found here. Once Tile bring out the FindMy compatible version this will be a game changer for them especially if they can keep the price lower than the Apple AirTags we will be discussing next.

Apple AirTags

New to the game and announced and released in 2020, the apple AirTag became an instant hit with Apple users, I have several located in my rucksack, my spare keys, my main car keys and my within my two main jackets (within the lining) and even though I my car a 2016 Jaguar F-type has a tracker and an almost Realtime tracker within the App for the car, I have one tucked in behind one of the panels an AirTag, to give extra piece of mind adding it to the excellent global network that the Airtags bring

Pro’s

  • Upon release they became part of the FindMy network, and were enabled to use any and all Apple devices world wide and pinpoints to aid in tracking your device no matter where you were (people have internationally shipped these by air and tracked the location)
  • They have a user replaceable battery with an expected battery life of 1 year, once you pop the cover off you can replace the coin battery with ease
  • Can be customised in the app with names, and physically, wether you want them plain, an emoji on them or a short message like your phone number then all good its yours

Con’s

  • Expensive, each tag is £29 each or £99 for a pack of 4, if you then wish to add an apple keyring then you are looking at a further £11.95 to £39 depending on your needs (if buying direct from apple third party alternatives are available.
  • One size fits all, this is both a con and a pro as Apple only has one size, they are bulky compared to some of Tiles offerings, so this could be a consideration for you

Apple has the largest network on release, as they immediately enabled all iOS and MacOS devices the ability to stealth connected to to aid in the tracking of the AirTags this gives a massive worldwide tracking ability beyond that of Tile. To find out more about apple AirTags click here. To see these being posted across the world click on this link for a YouTube video.

Safety and security for your pooch

Even with the best training and obedience of your best friend things can and do go wrong, with the ever increasing thefts from homes and out whilst walking it is imperative that we look after our fury family members the best way we can, using some of the tracking software and hardware above and products designed specifically for the purpose of anti theft.

Dog Leads

Not the most exiting of items to think about or plan, but the lead is your tether whilst out and about to your dog, wether walking out in the countryside, in parks and nature reserves or in an urban setting, having the right lead that is both comfortable for you and your dog is imperative, I am not a Specialist in this subject but I would highly recommend you speak with Sarah over at Meg Heath Dog Leads, who is not only a great innovator and designer but also cares about the products she sells and your pet more than anyone. You can find Sarah’s website and contact details over at www.megheathdogleads.co.uk where I am sure she would be happy to discuss with you in detail your needs and wants. 

In the dog leads world you will find a lot of leads that offer some sort of anti theft deterrent and the major people in this business are

  • Meg Heath Dog Leads
  • Petloc
  • Ginger paws

Ginger paws

Ginger paws is a newcomer to the world of anti-theft products and only offers a single lead, the lead is a bulky rope type lead

Pro’s

  • Easy to use as a lead or wrap around belt lead
  • Relatively cheap considering this is a bespoke product at £39+postage
  • Has locking carabiners to attach to your dog’s harness 
  • Designed by a professional walker 
  • Allows hands free walking (if secured around waist)

Con’s

  • No cut resistance
  • No ISO or strength testing is evident
  • Long lead times to get your product of 2-4 weeks

Potential improvements

For this lead I would recommend adding a steel core to the lead that is either ferule clamped or friction welded through the O rings of the Carabiner and handle or add a rope with some cut resistance.

Overall this is a good looking lead but lacks many of the safety features of other leads in this category. It was a designed with a purpose to a certain type of walker and may only fit a small number of peoples requirements.

If you would like to learn more then ginger paws can be found here. And a direct ording link can be found here.

Petloc

Petloc is a weird product and has a lot of downfalls and pitfalls which makes it hard to recommend, this is a steel wire coated in PVC with a combination lock to secure you dog to the collar (also with combination lock) to enable you to Secure your pet outside of shops. That last part grinds my gears as you should NEVER EVER leave your dog unattended outside a shop ever, even with this being a metal cord it can still be cut with the right tools and the combination lock can also be picked within seconds by the right person.

Pro’s

  • High security
  • Overt in nature deterring opportunistic thieves

Con’s

  • Unsafe, if used with the collar this provides a chocking risk if it gets caught or tangled 
  • Difficult to operate and dangerous in an emergency if used with the collar
  • Expensive at full price of the kit these are going for £50

Potential improvements

This is a very good highly overt security product but lacks in many ways due to being dangerous in use, personally I would ditch the anti-cut collar, if this is snagged it is a strangulation risk for your pet, even without the combination lock quick release tabs can get jammed when put under pressure now add to a struggling dog to the mix and you have zero chance of removal and a high chance of a loss of life. The lead itself would lend itself better to a harness that has some form of anti-cut resistance to it, but again would need the fiddly combination box replaced with something else to cater to reactive dogs, the elderly and those with motor skills impairments. 

Overall, if you value your safety and the life of your pet this would be discounted from your mind, I only add this here to show you the breadth of tech and innovation’s if you would like to know more then the website can be found here. However, in its current form please do not consider this as a purchase.

Meg Heath Dog Leads

The longest in business and most awarded and renowned small business on this list is Meg Heath Dog Leads. They have been in business for 15 years currently and hand make all the products on its site by hand and by the same person, in Lincolnshire UK (obviously raw materials are sourced either from the UK or Worldwide but that’s the nature of not owning a mill or foundry). Not only has Meg Heath spearheaded and designed several anti-theft leads for use, but she has also designed and makes top quality products from Head CollarsCollarsand more. You can also call and order if you like especially useful if you want a more bespoke item, made with top quality sourced materials. as an added side not ask about the robustness of the Brass fittings over nickel.

Pro’s

  • Multiple designs available, from the Theft deterrent range, to the Stealth leads makes getting the lead that’s right for you easy
  • Price range is reasonable from a starting point of £19.99 to £38.99 you are bound to find one in your price range
  • Customisable bespoke design
  • Some orders can be embroidered with key information
  • Has been safety tested with weight ratings
  • Faster than average service with next day an option on most orders
  • Backed by a lifetime stitching guarantee, this not mentioned on any other site and a true testament to how much faith Meg Heath Dog Leads has in its products
  • Telephone and email support 

Cons

  • Dizzying array of products, you could get lost in the options (help is at hand with a quick call)
  • You could empty your wallet pampering your pooch here.

Potential improvements

So if you can’t tell I really like the array of products here and the company overall, however with one of the products I would like to point out that, I can foresee some problems with the Stealth range of product found here. This has a dual wire down either side of the lead, and the ends are not secured in a very good fashion and could do with being either ferule clamped or friction welded together to create a continuous loop at both the handle and the lead end, this would mean that the wire would could not be pulled free of the webbing if the lead was cut, remember the webbing is cut resistant not proof, adding this option would make this a perfect lead that is both classy, classic and chic without showing off its true powers.

Overall, I love this companies’ dedication and vision and is my biggest recommendation as a business in the prevention of Dog Thefts. It was hard to find the cons for this company or its products and had to nit-pick. If you would like more information, then please head over here. Or search megheath69 in google. As a disclaimer to this, Sarah the founder and Owner of Meg Heath Dog Leads is an ex-partner of mine and so this should be taking into consideration (however being an ex and still endorsing should tell you something).

Collars

Having a good quality recognised brand, collar is a must, it’s a safety item after all, but also a way to have easy to read information on such as an ID tag or a pet tracker, however I would avoid any anti-cut ones, some are extremely dangerous and if caught could mean a potential fatality as the petloc ons, but also even with clip buckles if they are under tension or plugged with debris could mean that it is hard or even impossible to remove in an emergency situation. Some of these anti theft collars have D rings either side of the buckle meaning you would need to remove the lead to open the collar meaning you would need to remove the tether to free the collar.

We would personally recommend a good quality collar from Ancol, Pets at home or the Breakaway ID collar from Meg Heath found here, and use a quality anti-theft dog harness with a pouch or padding to add one of the hardware trackers from above into.

Harnesses 

Having a good quality recognised brand, collar is a must, it’s a safety item after all, but also a way to have easy to read information on such as an ID tag or a pet tracker, For this device I would pick a good brand and with the addition of padding or a pocket to hide an additional tracker such as a tile or Apple AirTag. If Meg Heath updated its smarter Marty Secure Harness (Here) with some padded areas or a pouch for a tacker it would make the perfect harness.

Summary

Told you this was going to be a long post and phew my fingers have had a workout today. The above is meant for informational purposes only and as an intellectual thought invoker for debate and discussion as well as showing off some of the tech and innovations not normally spoken about on this page. It does make a good change to not just be talking about computers but also my other skills and hobbies as well.  Thanks for getting this far.

To add to this, I would like to take the time to say that the products above are in no way perfect and should be used as complimentary devices to good training and obedience lessons for both you the owner and your pooch.

Finally after previously working in rescue Set would highly recommend that you rescue rather than purchase your next pooch. Many dogs are in rescue for many reasons but saving them from the pound is still a life saved for both of you. I would also highly implore you to give generously to your local small rescue centres who need this more than the larger ones.

Until Next week, I have decided due to the length of these posts they will be weekly, but don’t worry I will fill in with some shorter tech computers based blogs.

PLEASE NOTE: in my research for this post I found some copy cat leads to the IPO protected designs of Meg Heath Dog Leads, these are single core wired and would not offer any safety for your pooch https://klassy-k9.co.uk/shop/ols/categories/alarms—dog-theft-prevention is one such example, please only buy from responsible and trusted suppliers.

Personal and Technical Security Pt:1 – Introduction

Hiatus

Hi all, guess by now you are all wondering if I had fell off the planet or died :o. Sadly for some of you this is not the case ;). If you want to skip the personal history of Seb for the last 18 months go straight to The Series.

Sadly, after my last writing streak, which I really enjoy doing this kind of thing got side lined again by my customers and family commitments. But rest assured I am back to doing some writing now.

With this blog I am about to start to branch out into a more diverse technology and security posts, as not only are the infrastructure, infrastructure technology sectors and apple/linux technologies near and dear to my heart but so is security both in the technology sense but also in the personal sense.

This is something that I have wanted to talk about for a very long time, I believed the time was right in 2020 when things were in the news, but imposter syndrome kicked in and I felt I would have been milking the situation as many did.

The Last 18 months

The last 18 months have been a rollercoaster, haven’t they? For me it was a time of break ups, make ups, happiness, sadness and breakups again with a boring period of no work (about 9 months) feelings of imposter syndrome with a little depression thrown in for good measure, for a period of time I wasn’t working, I should have been relaxing and enjoying my time with family and friends, but what usually happens is my mind goes into overdrive and makes me feel like an imposter to both my family and friends as well as the community that I hold near and dear to my heart a community I have been in since childhood and professionally for around 2 decades.

So current customer ended the contract early, for which I had a good 50 weeks with and made a fair lot of new friends and will hopefully work with them again in the future, I was rolling out a security product as well as helping to re-write/write policies and procedures for a financial services tertiary company as well as advise and consult on best practices within the industry on security matters. I met two good other contractors one a project manager who has now retired and believe sailing his new boat around the world (Honest I wasn’t the reason for him sailing the world to get away from me  ), and a really good PCI-DSS consultant who is also an author, we had some very interesting conversations, and it sparked my brain back into my love of writing not just technical things but things for fun. Yeah, I am aware I am a weird one ;).

The Series

So this is going to need to be at least a 4 part series this is the first in the series and the three main topics covered are 

  • Pet and child safety
    • This is more of an outdoors and away from home blog
    • Pet technology and child tech to keep them safe
    • Tips and advice on safety if the worst happens
  • Home and Belongings 
    • Home tech to keep you safe
    • Warnings and what they look for
    • CCTV and IoT safety 
    • Tips and tricks to keep you and your belongings safe
  • Internet and social media 
    • What to and what not to post on social media
    • Being safe online
    • How to spot a fishing scam
    • Situational awareness

Obviously starting with the pet and child side of things, this being near and dear to my heart, also with the rise in pet ownership and pet thefts in the world it’s better to add one more voice to the crowd than to be a silent mouth. The parts of the series I am most looking forward to discussing are the technologies that are on offer, the innovation’s made in retaliation to the news and the current world pandemic. I draw on the experiences from my professional background as well as those who I have collaborated with during my lifetime.

Sneaky look at what will be discussed

So for the tech and products that we will be discussing here are some of the things we will be looking at specifically, as well as discussing the pro’s and cons of each product. All of the products we will be discussing will be commercially available to the public and without the requirements of needing a licence to use (unless its software or a licenced product).

  • Trackers
    • Hardware trackers for your family and belongings, such as the new Apple AirTags, Tiles and others
  • Software tracking
    • Describing how software tracking works and how to make the most of it for your family and belongings
  • Physical locks
    • What to look for in a good lock and what to avoid for both your home and belongings whilst away
  • Old School tech
    • What should be part of your EDC bag (EveryDay Carry), tips and tricks and how to make the best of them
  • CCTV roundup and home security
    • Tips and tricks as well as reviews of common CCTV systems
  • IoT tips and tricks
    • How to secure them, how to best make the best out of them whilst securing them.
  • Personal protection technology
    • A look into the best personal security tech and the do’s and don’ts around the use of personal security, as well as adding a situational awareness aspect to them
  • New personal body cams
    • Do and don’ts
    • Tips and tricks
    • A round up of some of the worst and best and why

So as you can see we have a lot to cover, and unlike 18 months ago I will get to finish this one as I am semi-retired now (I know not even 40 yet (I just look it 😉 )) plus they have been written already and are waiting on the release schedule for which I am debating a daily over the course of next week or a weekly one, however either way PART 2 WILL BE OUT TOMORROW Thursday 9th December 2021. I do need to tidy up the back end of this website and do some updates, again this got side lined, plus I am not a web designer or web admin, and sadly the person that used to do this for me is no longer about to help even though they had promised a couple of weeks ago but life got in the way of that one. 

Oh and you thought the last schedule was over and done with, think again I am back to writing them now and will catch up and finish what I started if a little late to the party.

In closing this is going to be very fun and insightful for everyone, I have some thanks to the persons who have inspired me and challenged my thinking on the topics and a massive thank you to the product designers and innovators that have really stepped up their game during these trying times.

As always its good to have you here and please keep an eye out for updates.

PART TWO is HERE

https://ghouletech.co.uk/personal-and-technical-security…/

Risks of Using Public Wi-Fi

Introduction

Mobile workers that enable the business to be flexible in working and allows key Team members to work remotely and provide services that would require on-site work, for certain team members this means that key IT infrastructure issues can be remotely brought back online and the issues resolved without the need to travel to site further delaying the resolution with the potential of loss of business and your ability to trade. For other workers, this enables fewer travels and cost savings on desk space as well as allowing team members to be productive whilst on the road.

Synopsis

Allowing team members to work from remote locations comes with advantages. However, remote working is not without its risks. If Team members work from cafés, on trains, or in airports, they are increasing the risks significantly of becoming victims of cybercrime that has the potential to be damaging to your reputation and ability to trade.

Executive summary

When considering whether to connect to the public Wi-Fi network at your local coffee shop, the airport, etc. The massive flaw discovered in WPA2, the encryption standard that secures all modern Wi-Fi networks. These networks are outside of the control of the Security, and Infrastructure teams. This means that IT teams are unable to guarantee that you are not at risk from Cyber Crime.

One of the biggest threats with free Wi-Fi is the ability for hackers to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you end up sending your information to the hacker. The hacker also has access to every piece of information you send out—emails, phone numbers, credit card information, business data, the list goes on. And once a hacker has that information, you’ve basically given them the keys to the kingdom. While you may think ‘okay, I’m not checking my personal email or logging into my bank account, I’m just checking the sports scores,’ remember anything you do on a public Wi-Fi network is NOT secure. Any information you share or access on these networks is as good as gone.

The mantra of connecting to these Public Free Hotspots should be “Do I REALLY need to connect”.

Risk Matrix Scoring

Risk Probability Ratings:

DescriptionDescriptorScale
May only occur in exceptional circumstances, highly unlikelyVery Low1
Is unlikely to occur in normal circumstances, but could occur at some timeLow2
Likely to occur in some circumstances or at some timeModerate3
Is likely to occur at some time in normal circumstancesHigh4
Is highly likely to occur at some time in normal circumstancesVery High5

Risk Impact Ratings:

DescriptionDescriptorScale
Insignificant disruption to internal business or corporate objectives
Little or no loss of front-line service
No environmental impact
No reputational impact
Low financial loss <£100k
Negligible1
Minor disruption to internal business or corporate objectives
Minor disruption to front line service
Minor environmental impact
Minor reputational impact
Moderate financial loss >£100k <£500k
Marginal2
Noticeable disruption to internal business and corporate objectives
Moderate direct effect on front line services
Moderate damage to environment
Extensive reputational impact due to press coverage
Regulatory criticism
High financial impact >£500k < £1m
Significant3
Major disruption to corporate objectives or front-line services
High reputational impact – national press and TV coverage
Major detriment to environment
Minor regulatory enforcement
Major financial impact >£1m <£2.5m
Critical4
Critical long-term disruption to corporate objectives and front-line services
Critical reputational impact 
Regulatory intervention by Central Govt.
Significant damage to the environment
Huge financial impact >£2.5m
Catastrophic5

Risks of Using Public Wi-Fi

There are dozens of online tutorials showing hackers how to compromise public Wi-Fi, some of them with millions of views. The most common method of attack is known as “Man in the Middle.” In this simple technique, traffic is intercepted between a user’s device and the destination by making the victim’s device think the hacker’s machine is the access point to the internet. A similar, albeit more sinister, method is called the “Evil Twin.” Here’s how it works: You log on to the free Wi-Fi in your hotel room, thinking you’re joining the hotel’s network. But somewhere nearby, a hacker is boosting a stronger Wi-Fi signal off of their laptop, tricking you into using it by labelling it with the hotel’s name. Trying to save time and company money, and recognizing the name of the hotel, you innocently connect to the hacker’s network. As you surf the web or do your online banking, all your activity is being monitored by this stranger.

Below is a table of the most common types of cybercrime that your company could be exposed to from using Free Public Wi-Fi along with the risk probability and the Risk Rating scores.

RiskDescriptionProbabilityRating
Rogue Wi-Fi networks Team Members could be tricked into using a Rogue Wi-Fi Network set up by an attacker. That network enticingly called “Free Wi-Fi” may be set up precisely to harvest your business’s valuable data.4/53/4
Man-in-the-middle attacks. Connecting to free, public Wi-Fi Brings business risks from having your company data intercepted by third parties. This is because hackers have the ability to position themselves between your Team Members who are using the Wi-Fi and the connection point.45
Distribution of malware over unsecured Wi-Fi. Hackers can also use an unsecured Wi-Fi connection to distribute malware. Having infected software on your computers and devices can be financially crippling to your business.35
Snooping and sniffingAnother public Wi-Fi risk is hackers using special software kits enabling them to eavesdrop on Wi-Fi signals. This allows cybercriminals to access everything your remote workers are doing online, potentially enabling them to capture login credentials and even hijack your accounts.44
Malicious attacks through ad-hocsAd hocs are peer-to-peer networks which connect two computers directly. When remote workers use a public Wi-Fi network, their devices are likely to be set to discover new networks, making it possible for hackers to connect directly to them.35
Password and username vulnerabilityUsing a public Wi-Fi makes Team Members vulnerable to having passwords and usernames stolen when you log on.  Websites utilizing secure socket layer or HTTPs provide a needed level of security, however this would still not stop the computer being directly Attacked35
Exposure to worm attacks.Worms act much like viruses, with one key difference. Viruses must have a program to attack in order to successfully compromise a system, while worms can wreak havoc all by themselves. When connected to a public Wi-Fi, you run the risk of a worm travelling from another device that’s connected to the network to your computer.24
Installation of IMRATsIMRATs are malicious in nature and are Remote Control and command pieces of the software that can give an attacker direct access to the computer and remove view both the documents stored, keyboard presses and direct access to the Hard drive and other computer functions, this can even be executed when the computer leaves the Public Wi-Fi and can be undetectable even by firewall and anti malware solutions.45
Physical SecurityNot all security is related to protecting Company network and devices but also that of Team members, loss or stolen laptops and devices can be used to gain access to internal network and may put the user at risk of harm or serious physical injury by using high value assets in a public place34

Mitigations 

Using unsecured public Wi-Fi can allow others to see important emails, encrypted messages and unsecured logins. Of course, it would be possible for a cybercriminal to use the access to hack The Corporate device as well. Here are important steps to take before using public Wi-Fi:

  • Convert to the more secure HTTPS for your website and applications, if you haven’t already done so. HTTPS-enabled websites provide critical security and protect users’ personal information such as login credentials.
  • Set up a virtual private network (VPN) for your company network. This should be an always-on VPN connection to your network, shielding their activity from cybercriminals on public Wi-Fi.
  • Advise remote users to turn off Wi-Fi auto-connect settings and Bluetooth discoverability settings. This helps prevent hackers from gaining direct peer-to-peer access to user devices without them realizing it.
  • Ensure that all remote workers have a firewall enabled on devices at all times.
  • Make sure your network and all worker devices are covered by good anti-malware software–including anti-sniffing protection.
  • Use a mobile hotspot provided through your mobile carrier, or tether laptops to a mobile device, and avoid using public Wi-Fi altogether.
  • Set up policies regarding the above, and periodically educate workers so they understand the risks and the importance of taking protective steps.
  • Turn off file sharing and utilise the Windows and macOS features to enable Public Hotspot mode that will add an extra hurdle to potential hackers to overcome
  • Ensure that you are not shoulder surfed and ensure that you are aware of your surroundings if you feel uncomfortable then pack the laptop away and move to a new more populated area.

Recommendations

To ensure that your business and Team members remain safe both in a cyber and personal way the following recommendations are implemented in addition to providing further information to remote workers on how to remain safe and protect the business from undue risks the following should be put into place

  • An always-on VPN Solution that does not allow split tunnelling 
    • This means that the VPN will always be on and active without the user needing to remember
    • Block all internet traffic that is not sent over the VPN
    • Ensure that Windows updates can be sent over the VPN line
  • Remove the Split tunnel to remove the possibility of connecting to home networked servers or other computers 
    • This will ensure that all traffic is secure
    • No data is to be transmitted outside of the VPN
  • Ensure that all Domain GPO’s are trimmed and one for remote workers is set up to direct the End-User Device to the internal update and SCCM servers
    • This will ensure that DNS issues can be picked it
    • Creates a central GPO that can be quickly edited and audited to resolve any issues
  • Ensure the software firewall is enabled
    • This is a last line of defence but one that should be incorporated
    • Ensure this drops pings so that the EUD is almost invisible to the network
  • Ensure the AV server can push latest DAT’s and other updates to the EUD’s
    • This is going to require good management of the AV server 
  • Use GPO’s to stop the EUD’s being file servers
    • This ensures that the risk of being infected with an IMRAT is lessened
    • Adds to the stealth protections of the EUD
  • Enable GPO to not search and connect to Public or insecure hotspots
    • This takes out the human factor and would require a conscious action
  • Provide all remote workers with privacy screens to protect them from passive “shoulder surfing”

With the above it is also good practice to educate the remote working team members of the dangers not only to the IT infrastructure but to themselves and ensure that they are always conscious of surroundings and what they are doing and to make the decision if the work they are doing is really required to be performed in a public place. 

Conclusion

In 2014 experts from Kaspersky Lab uncovered a very sophisticated hacking campaign called “Dark Hotel.” Operating for more than seven years and believed to be a sophisticated economic espionage campaign by an unknown country, Dark Hotel targeted CEOs, government agencies, U.S. executives, NGOs, and other high-value targets while they were in Asia. When executives connected to their luxury hotel’s Wi-Fi network and downloaded what they believed were regular software updates, their devices were infected with malware. This malware could sit inactive and undetected for several months before being remotely accessed to obtain sensitive information on the device.

What is the best way to protect yourself against these kinds of Wi-Fi threats? Although antivirus protection and firewalls are essential methods of cyber defence, they are useless against hackers on unsecured Wi-Fi networks. The best defence against this is to not risk using something that is inherently insecure in the first place, especially where your IT Team does not have control over what is on and goes in and out of the network to protect its team members and its business interests.

The New Network UnFi’d (The pre story)

Ok, guys as per the previous posts, over here in Sunny Lincolnshire we have a new network, its actually been through a few iterations from the last x6 Airport devices and the Cisco SOHO switch but I thought I would share the new network as it has been asked about since I mentioned it.

Continue reading “The New Network UnFi’d (The pre story)”

Deploying SCCM 2016 Current Branch – Part 3

Awesome so we have made it this far in the current series of posts, it’s not an easy one to write and I know it’s not easy to read, now that we are at the last steps of the installation stage, I am even getting a little tired of doing it. So as a quick overview of what will be coming up in the next few months:

Continue reading “Deploying SCCM 2016 Current Branch – Part 3”

Deploying SCCM 2016 Current Branch – Part 2

Well Part 1 was pretty brutal and it only gets worse for you from here when installing SCCM, I may be a little cynical but I enjoy the configuration of SCCM more that the act of installing everything, I am far too impatient and it has never been an easy task to get SCCM ready for install.

Continue reading “Deploying SCCM 2016 Current Branch – Part 2”

Deploying SCCM 2016 Current Branch – Part 1

Something that I have been doing a lot more of for the last year or so and I have really gotten back into it. I dipped out when SMS 2.0 went over to SCCM 2003 (yes I am that old :o). I went off and did the RIS (Remote Installation Service)  and later WDS (Windows Deployment Service) for which I have done blogs on in the past and I really enjoyed those technologies and playing with the automation, not obvious to the casual observer is that a good grounding in WSUS (Windows Update Services) and WDS makes life a lot easier when it comes to SCCM, a lot of the batch scripting and PowerShell Scripting comes in handy.

Continue reading “Deploying SCCM 2016 Current Branch – Part 1”

I’m Back

Wow, so it has been a hell of a long time between the blog posts and so much has changed and I have so much to share with the world, I would love to have an excuse as to why I have not written a post but I have been from London to Glasgow and everywhere in-between since my last post and I have worked with some very talented individuals and some amazing companies. So I thought I would quickly write this to kind of set a schedule for myself and try and get back into the blogging for the website. 

Continue reading “I’m Back”