The AI Column: How To Practice Safe Cyber

Share

Defense Secretary James Mattis announced last month that his department would be standing up a new task force to make recommendations about securing the defense industrial base from cyber attack. This comes after a Chinese company was charged with attempting to steal trade secrets from a leading U.S. chip manufacturer.

Service members and veterans are also at risk. A member of the Royal Air Force had her online dating profile hacked in order to elicit information about the Joint Strike Fighter. Prison inmates have scammed service members out of money using dating apps.

As a service to my fellow Long Marchers, here are a few suggestions for keeping yourself safe online.

Use a password manager. Password management is the bane of modern cybersecurity. Since every merchant and service provider wants to establish a secure and lasting relationship, they all require you to set up passwords. Many people reuse passwords to avoid having to memorize new ones.

This is a bad idea because if my florist has a data breach, a hacker could sell that information on the dark web. Someone will now know my Netflix password and can access my Match.com account (Good luck and give my best to Nancy.) But, if that were also my bank password, I would be in deep trouble.

A password manager requires you to learn one strong passphrase that may be longer and more complicated than normal. A Billie Holiday or Kanye West fan might use “$trangefru1thang!ngfromtheP0PLARtree” Nothing is impossible to crack, but a string of characters that long is much more difficult. The manager then creates and remembers passwords for all the other services you use. If one is compromised, you only lose one.

You can’t use a password manager for government computer systems and you should never use them for classified systems. But, they should free up some grey matter to remember which particular stream of obscenities you use to login to Army Knowledge Online. 

Location services are not your friend. A cell phone is a tracking device you pay for yourself. While it is fun to brag about attending sporting events or concerts, you should change your default settings to not automatically allow your apps to be able to access location services. You want to decide for yourself when you announce where you are.

Mobile apps often want your location to make it easier to give you a curated experience, in tech jargon. Obviously, Yelp and Uber won’t work without accessing your phone’s GPS. But, don’t give your camera that access, as your photos may end up with geolocation data embedded in them. Nancy might realize your pictures from last weekend’s hiking trip with the boys were taken three years ago, in Peru.

Learn to juggle. It’s a good idea to keep multiple email accounts for different purposes. One for friends and family. Another for buying things. When I go on dates, which email and phone number you get depends on how well the date went (Sorry Nancy. It’s not you, it’s me). That may seem harsh, but it is better than dealing with a stalker.

If you are going to do something you wouldn’t want your mother to know about, like buy tickets to a Dan Savage Film Festival or attend a black tie private party that requires Venetian masks, you might want to have an account only for that too.

Managing multiple accounts like this is a hassle, but it adds layers to your security. Remember, most of those merchant accounts have a “forgot password” feature that is tied to the email account you give them. So, getting access to that email account gives the hacker access to all the other merchant accounts tied to that address as well.

Also, be aware that some free email providers like Google’s Gmail read your messages and sell that information to advertisers. While they are not sending that information to your boss, if you complain to your friends about your car breaking down, you’ll get ads trying to sell you a new car. So, your tickets to that furry convention might get you ads for things you might not want your parents to know about.

“Mal Ware” is a veteran of the AI racket so salty, he still has an 8.7 rating on www.hotornot.com. For more cyber tips, he recommends “The Art of Invisibility” by Kevin Mitnick. Opinions expressed are his own.