Security Online

By Betty Hardin, Big Blue Water LLC

(Presented 01/12/2011 at the Saugatuck Networking Group)

“He causes all, both small and great, rich and poor, free and slave, to receive a mark on their right hand or on their foreheads, and that no one may buy or sell except one who has the mark or the name of the beast, or the number of his name.” Revelation 13:16-17

Hackers, thieves, predators, viruses, people who misrepresent themselves as someone else .. the internet is full of them.  On the internet people can be anybody they want to be.    We need to know that and we need to share that with our friends and family and everybody we know.

Beyond that … there’s a lot more that we need to share.

What’s the biggest social networking site on the internet?  Facebook.

Every day somebody asks “How can I secure that?”  The answer is that you can’t.  Facebook is the epitome of putting anything on the web .. anything you email .. or put on the web .. anything that traverses the internet is public .. you better assume as much.

Even over a cellular network .. you send somebody a picture, you post a video on youtube, you chat with a friend on facebook.. it’s public.    If you don’t want somebody to ever hear it, see it, read it or know about it .. don’t keep a digital copy.  That’s how you secure it.  Don’t even keep a paper copy.  Don’t write it down.

In fact – my Mom told me once – long before computers came along – to never put anything in writing that might later come back to haunt or hang you.

The difference between facebook and a server that you have in house is that you can physically secure your server – you can block internet access to it.  You can block it so that only you can connect to it.

On the internet, you don’t own it.  On facebook, you don’t control the servers.  You don’t control the code.  You can’t control access to it.  You can’t control anything about it.

All it takes is a one glitch in a computer program – one programmer introduces a bug – to bring the whole house of cards down and give everybody access to everything – for everybody.

Granted if you have your own server all it takes is a disgruntled employee or the guy in the kitchen to click the wrong button and bring it all down too.

But really – look at the scale of the two.  You have your business with 2 or 20 or 100 employees .. facebook?  Billions of people.

In your business, the people working for you generally have an aligned interest.  Facebook?

Your buddies in your social circle are going to say “here – the worlds going to see – the underground, above ground .. “

Every piece of mail that crosses the internet is stored in every server that it touches .. I can setup a mail server to relay mail for all of our clients; if I slave hard drives off that computer I can cache every message that goes through it – forever.

If you use a local mail client it keeps a copy on your computer.  It touches your server when you send it out – and stays there.  It touches the recipient’s computer – and stays there.  More often than not, it bounces through several servers in the middle – and stays there.  Even if you delete it – it stays there.

And then there are spam and antivirus appliances that sit on the outside of those networks.  They receive every message – they scan it – they see the content – before they allow it to pass through to your mail server.  Do they cache it?  Don’t know .. can’t tell you.  I don’t own the equipment.

The guy that owns that box knows what that box does.

Who is the biggest search engine out there?  Google.

The players in the latest technology war are Facebook, Google, Microsoft and Apple.

Who is going to become the keeper of the data?    Who is going to have all that personal information?

Google is fighting Microsoft and Apple on smart phones.  Not so much the operating system anymore .. the chrome OS .. their fighting over the browser and the phone systems.

They’re fighting with facebook over who owns the human web.  Who owns all the details about all of the people out there?

Who has that marketing database that can be mined for anything on anybody?
It’s the richest source of information out there.  It’s knowledge about everybody that even the FBI and CIA don’t have; they’ve got a start – but they don’t have it.

Do you wonder how all those ads on facebook are specific to your interests?

Google is not altruistic.  They’re not just making it easier for you to search the web out of the goodness of their hearts.  They track every link you click, they track what they show you, they track what you look at – your browsing history and habits – and where the computer is in the scheme of things.

The old way was to be store cookies on your machine to keep track of all that .. now it’s stored in a database – on Facebook and Google servers that are associated with your unique IP Address.  (Number of the beast)

Delete your cookies .. use private browsing session .. use a Mac which is not as vulnerable as windows .. and you’ll still get advertisements relative to whatever you’ve been looking at lately.

I use a dynamic DNS address .. it changes every time I connect to the internet .. I use multiple machines .. they still find me.

They’re building a fingerprint of MY system .. they don’t have the complete fingerprint tied to me – personally – yet – but they will – that’s what they’re going for .. that’s what they’re all going for.

Then they will own everything .. they’ll own the government.  The government wants to police its citizens .. and they can’t do it without ‘them’.

It is a paranoid thing.  Big Brother.  But it is what it is.

I wouldn’t even own a computer if it wasn’t my livelihood – but alas, I have no choice.

What was a 1TB drive worth in 1973?  What would it be worth?  There wasn’t that much data in the world – it was all on paper.  Today you can go buy a TB drive for $100.  Go buy another one tomorrow.

Nobody is getting rid of anything.  I have stuff dating back to the mid-90’s –six external hard drives plugged in and running in my home office right now.
You need to give me more space –  I’ve got so much stuff I need more space!

Do you know who owns one of the biggest data centers in the world?  Google.

Do you think it’s just for scraping the web and serving up search results and letting you hookup with your buddies on facebook?

They’ve tried to do it with Google Wave, Google Buzz, Google this .. they built around the search and are now trying to get into the social.  Facebook controls the social – Facebook is way ahead of everybody else with the human element – but Facebook doesn’ t have all the ad and monetization piece of it.  Google has the ad piece.

They all have their strengths but they’re trying to get the other guys stuff.  It’s the ultimate party – they’re all striving to be the core thing.

One by one, they’re knocking the other players out of the market.  Just like Alta Vista, Lycos, AOL, and others, Yahoo will become a blip.  Yahoo is laying off their people and selling their buildings.

It may continue to exist – and there’s the point – nothing disappears on the web.  It may die but it doesn’t go anywhere .. it just floats and lingers.

How do you protect yourself in such an environment?  Don’t use it.  If you want to secure your computer you lock it in a room with no electricity.

But that’s not realistic.  I have to use it to stay in touch with my grandkids, my friends, my family .. to work.

The only choice I have is to minimize it.
Be smart about it.
Make sure you know who your friends are.
When you’re surfing the web – don’t click on the advertisements.
Don’t install the software you downloaded for free – “oh hey – I went to this website and they want me to install some software.  They like me – they gave me something free!”

“You’ve won a million dollars.  Click here.”

It goes back to the old saying “Nothing is free”.  There’s a cost for everything .. and that cost today is information about you.

You willingly give it to them.  It’s all demographics.  Marketing.  Marketing drives the world.  And everybody wants that demographic information because then they can predict where the herd moves to next and where to put the next $5.

Then they know where the game is going .. and if they know where it’s going they can control it.

They’re moving us to the “Cloud”.  The cloud has always been there .. it is the internet .. and I’ve been an advocate of storing things on line.  The convenience for us enables us to work from home – like we quite often do.  It enables home – or work – to be where ever we might be.

A considerable amount of my personal information is already in the cloud; I bank online and pay bills electronically.  My email is on the web and on my phone.  I sync all of my devices to google calendar and share my calendars (I have about 7 of them) with friends, family, coworkers, and my employees.

Seriously – I am becoming alarmed by stories that the US Government has subpoenaed Twitter, Gmail, and Facebook users over their support of wikileaks.  Even more concerning is the fact that often these subpoenas are sealed – preventing those companies from notifying the users they affect.

It used to be that if the government wanted information about me they had to come direct to me – and it was at least my choice to cooperate or not.  Now with everything in the cloud, the decision to share my personal information is almost entirely out of my hands.  And – unless the company storing my data decides to fight on my behalf – chances are I won’t even know about it until it’s too late.

I might not even be aware that I have an association with the next organization deemed to be ‘controversial’ by the government.

The latest concern ..

“… President Obama has signaled that he will give the United States Commerce Department the authority over a proposed national cybersecurity measure that would involve giving each American a unique online identity.”  They’re calling it the “National Strategy for Trusted Identities in Cyberspace”.

The Commerce Department.

Face to face conversations are sometimes best.

Commerce is the exchange of goods and services from the point of production to the point of consumption .. commerce means the whole system of an economy that constitutes an environment for business. The system includes legal, economic, political, social, cultural, and technological systems that are in operation in any country

US turns to Twitter as WikiLeaks chase continues

National Strategy for Trusted Identities in Cyberspace

United States Department of Commerce