Updates to the Black Mirror – Keeping it Safe, Really

It occurred to me after reading my last post on the cautionary tales of Black Mirror, that for those of you who don’t know, there are several key things we can all do to help protect from the scourge of identity theft, social shaming, unwanted surveillance, loss of privacy, etc. Do you know these things?

The only reason I know these things so well, if because of my colleagues #Mark Egan, #LarsRabbe, (thanks guys), Mad Security, the genius inventors of @Splunk, and a host of other folks who, during my continuing career in Information Tech, have taught me about the increasing risk of security hacks, and the frankly rather basic things we must all do to protect ourselves.

Hopefully we all know by now why tech is getting so exciting – why we will be able to do things for ourselves that were previously unimaginable, as this all gets so much better, this consumer-driven high tech world we are living in. Hopefully you know about online banking, Fitbit, Juul ecigs, Waze, Uber, Tesla, iRhythm, and that toilet in The Island where Ewan McGregor pees after waking and it tells him “no bacon today.” (Okay on that last one, we must be close to having those, right? I want bacon!)

Want to take advantage of all of this amazing technology without worrying every single second about its disadvantages? Want to watch Black Mirror and not feel sick? Do you already play safely on the Internet, by following the rules, both basic and advanced? Here’s the test…. remember, it starts basic, gets a bit harder:

  • Change your passwords on a regular schedule – quarterly is fine
  • Make your passwords memorable, but do not write them down, do NOT share them with anyone (not at work, home, the spa, or anywhere!)
    Read this: https://lifehacker.com/four-methods-to-create-a-secure-password-youll-actually-1601854240
  • Set a password/screen saver on your Mac/PC/Table/Phone – time out those devices
  • Encrypt your Mac or PC – its easy with the ones that come with your Mac or PC. Get an antivirus package.
  • At work if your IT department did not yet implement Okta (or equivalent) and some small bit of MDM (doesn’t matter who) – give ‘em hell (I know I’m a CIO – so just do it nicely). Okta, makes it so that when you are in the office, you log into all your company’s applications with one regular, strong password. But if you are logging in from home or a coffee shop, you get to use that SAME single password, BUT Okta will text a code to your phone so you can prove who you are. That’s called “Multi-Factor Authentication (MFA)” Also, MDM means “Mobile Device Management” – which means if you lose your phone or tablet, your IT group can wipe it clean so no thieves get your company and your personal data. You can also enable this for yourself, but good to have an IT team behind you as well. Don’t store files from work on your phone, tablet, etc. anyway.
  • Use Dropbox or Box or Google or MSFT for your files – your goal young Padawan, is to store NOTHING in file format on your “Black Mirror” – everything in the cloud, backed up and protected is the way.
  • Let’s punch that last point, fundamentally, work it out on your phone, Mac, or PC so that you store almost NOTHING natively on the device. What Doug? Yes, stream your music, your photos, your videos from cloud services, store youyr files in Box, Dropbox, Google, MSFT – if you have NOTHING natively on your phone, and you lose it, buy/lease another phone, you should be up and running within 15 minutes. That’s your goal friends.
  • Do NOT open emails from people you don’t know – in particular do NOT click on any link they send you. This counts at Facebook, and other social media sites. Doing this by mistake will quite possibly infect you with an “advanced persistent threat (APT)” – these are small programs, given you by bad actors on the internet (again no clicking on links you don’t know) and they insinuate themselves into your company’s systems, onto your laptops, etc. The kind of things they can then do are things like “send all your files, customer records, anything else out of your “network” over to wherever-the-f__-they are, so they can rip us off. Heard of Target, Equifax, other disasters of security? That’s how they do it – and 90% of the time it’s our fault, the employees, who thought it would be fun to click on Uncle Fester’s Daily Joke email.
  • Stream your music from the cloud (Spotify, Apple, whatever)
  • Store your pictures in the cloud (Photo, Lighthouse, Instagram, whatever)
  • Put your movies on YouTube – set up sharing preferences so you can count on that as your portal
  • Don’t invite the world to be your Facebook friends – make it your real friends/family – if you find yourself inviting hundreds of people, make pages for whatever hobbies are compelling you to do so (for instance, my rock n roll book, has it’s own page
    https://www.facebook.com/rockinthecityofangels/
    And a website for my blogs: https://diegospadeproductions.com
  • Use twitter for bullshit – that’s what it’s for https://twitter.com/RockinCOA
  • Stop all paper statements from coming to you in the mail. Shred anything with your personal/banking or other data on it. If you do get paper, Office Max will shred in bulk over at Iron Mountain – the best.
  • Go through your filing cabinet, remove all old paperwork that’s available online, old statements, all that crap you are keeping – I took 39 lbs of paper to Office Max for shredding the first time I got it thru my head that keeping this stuff was dangerous
  • Have your bills, other “payables” pay automatically off your American Express card. Amex (sorry pretenders elsewhere) has the best security protocols, and best customer service. Have the “card” text you every time it is used. You will get a lot of texts (if you spend like me) but they will bring you inner peace as you see bills paid, and know no one is using your card but you.
  • Pay your Amex card once a month. All of it. Carry no interest on bank cards.
  • Use a service to check your credit score frequently. Close all credit accounts you aren’t using and some that you ARE using. Keep enough of a combined credit line to get out of trouble if a spending emergency comes (like, LCD Soundsystem is coming in concert –need to get 4 tickets!!!!). Remember, old cards, unclosed old accounts, and open accounts with high spending limits all add to your “potential liability” in your credit score – clean it up – I like Credit Karma for managing all this.
  • Freeze your credit bureaus – I’m told that if you freeze your accounts at the three main agencies (TransUnion, Equifax, and Experian) you can help prevent people from opening accounts in your name.
  • Take old computers, tablets, phones, etc. to a reputable company – we have one here on Haight Street, who will wipe it – erase your data, private records, everything, and donate to schools.

How many did you get right?

Sounds complicated but none of the above actually IS complicated – that’s the dirty secret of IT (heh heh).

Some people say to me, Doug, why cloud (basically servers at data centers tht are run by professionals – that’s cloud), why store everything elsewhere, not on the notebook I keep in my grubby hands? Well young panther, because they have 10 security guys whose kung fu is better than your one guy’s kung fu. Get Splunk and ask your IT guys to examine how much b__sh__ unknown traffic is coming in and out of your network. Conversely, hook Splunk up to Box, or Amazon EC2, or Salesforce, or Netsuite, go the the beach, and have a Mai Ti while Splunk shows you that no dirty players are logging into your systems, reading or copying your files, etc. We can and do beat these bad actors – don’t let them ruin your digitally-native life.

 

Type Safely, Enjoy the Fruits of Tech…

Doug

Andreas Vollenweider

Andreas Vollenweider is the Swiss genius who gently plucks the electroacoustic harp with such feeling and with such beautiful tones, that he manages in just a few bars to conjure up everything good about the genre of music known as New Age. Next to brilliant keys composer Kit Watkins, he ranks top of the class in this, his chosen art.

Andreas hasn’t been to the states for a very long time, much less, in his native Europe as he’s long been working on new material, for which we are waiting with great expectations. Let’s hope he returns soon.

My wife Artina and I have been “on a tear” over the last decade catching bands and individual musicians in concert wherever the appear – locally in San Francisco or Los Angeles if possible, but if the closest a favorite band plays happens to be on the east coast, New York, Boston, Philly, etc. we will make the trip.  We’ve done this for U2 (360 tour), Billy Crystal (one-man show), The Cure, PFM, and many others. We were fortunate over the last three years to have multiple reasons to go to the U.K. — home of my heart as it comes to music. We saw Simple Minds do their early album cuts at the Roundhouse, Kate Bush at the Odean for one of here 22 rare comeback performances, Stone Roses in the park, and, importantly my hero Rick Wakeman performing his masterwork Six Wives at the castle of Henry VIII, and his Arthurian Legend Redux at the O2. We even saw Artina’s favorite-ever singer/saxman Van Morrison in Lugano – what a blessing. It’s been expensive, certainly a luxury, and I owe it all to my last job at Splunk. I think we’ve “done it all” so to say – not sure as we peruse the list of bands we’ve loved, that another would draw us over the pond again.

Having said that (never say never – a lesson well learned from Sean Connery) I was looking through my hundreds of concert DVDs – yes I’m THAT guy) and slipped in the concert film of Andreas this morning. It’s brilliant, heartfelt, beautiful, as with all of his work. Then I checked his website, and it appears that, at least as of September last year, he plans a new release and tour. If he does that and does not come to the states, we will travel once again. If it is to be in Switzerland, which would not raise a complaint from this fan, then maybe an evening in Interlaken, Zermatt, or Lugano? Please Mr. Vollenweider!

The other main things to report, after I took quite a break from writing:

  1. LCD Soundsystem, the brilliant, Talking-Heads-ish electro-indie band, sold three nights at the Greek Berkeley – gotta go
  2. Steven Wilson is back at the Fillmore in May – his concerts are second-to-none
  3. Bananarama plays in February, as does Robert Plant – certainly two ends of the musical spectrum!?!?
  4. Best yet, the Dixie Dregs have reunited the original lineup, and are playing all over California in April – more on that to come
  5. Anything else I missed?

Reflections on Black Mirror

pasted image 0Streaming media has taken over from network TV. Among the many shows we’ve binged on Netflix, one of our favorites is Black Mirror.

Each episode is a unique story, much like The Twilight Zone and others long ago. Uniquely, the Black Mirror stories are each cautionary tales about technology in our lives – the risks of misuse, loss of privacy, loss of intimacy.

One episode for example follows a mother who tracks her daughter through an implant and tablet app that allows for real-time geolocation and vitals, but also displays what her daughter sees and even blocks disturbing content from her vision. Other episodes also extend the reach of today’s technology to fictionalize uncontrollable security robots, intrusive virtual dating apps and other scenarios that focus generally on the dark side of ‘future’ technology adoption by consumers. In nearly every episode, the focus is on consumer devices, phones, pads, sensors, and the use of massive amounts of machine data spewing from these devices, shown for either better or usually detrimental impacts on the individual.

In reality, even with the technology – devices, software, analytics and machine learning we have today, we face these ethical dilemmas. My kids, both millenials, give their data freely, and expect to gain advantages from its mining. And having worked at Splunk, understanding the potential of ‘big data” analytics and artificial intelligence, I am of like mind. Sharing freely with attendant benefits outweighs security concerns – the exception being behaviors which can directly lead to identity theft.

A recent news show featured a British security expert explaining what data we are all sharing via Fitbit and similar devices, how our whereabouts and travels could be shown on a heat map, what implications that has for military personnel, etc. Yet the benefits of using a Fitbit and openly sharing geolocation and your vitals is well established. Another positive example of using analytics and AI to mine data for its potential was highlighted in a show about Chicago police, social workers, and clergy who have teamed together to mine data collected on potential felons in order to predict criminal behavior by these individuals (yes, without the imprisoned beings depicted in Minority Report!). Once they have a list of high risk subjects, a member of the police squad, a social worker, clergy, etc. actually visit the subject at home and try to convince them to enter into counselling, job training, and other programs. It’s not even at a 50% acceptance rate, but every point on that graph matters, and lives are saved. These points offer some light to go with what is often assumed to be a darker path via big data. And the implications for running a better business, endless!

And, finally, I always know what musicians are coming, via bandsintown, where they know what I like 🙂