AXEL.org

Kristen Pyszczyk

How To Stay Safe Online When You’re Traveling

Travel can be a mind-opening and life-altering experience. Whether you’re traveling for business, for pleasure, or to visit your family in your hometown, it’s always great to get away from the drudgery of your daily routine to see new things and meet new people.
However, unfamiliar places can bring unfamiliar dangers. And while you’ve likely been told to not keep your valuables on your person in case you get mugged or to lock yourself in a small cabinet when visiting family so they can never find you again, the rules for safely using technology while you travel are a bit nebulous at times.
Never fear: we’ve got you covered. Here’s how to keep your personal information safe when visiting an unfamiliar — or all too familiar — locale.

Business travel

Wow — you’re important enough that it’s actually necessary for you go to a whole different city or country for work. Because you’re needed there. Ok. Are you Beyonce or something?!
Anyway business travel has its own set of risks and challenges, so here are some things to keep in mind.

  • Bring only what you need. Increasingly, security personnel at airports will look through devices to determine if their owner poses a security threat. And the risk of having something stolen is greater in unfamiliar environments. Bring the tools you need to safely work, but don’t bring anything you don’t absolutely need.
  • Keep your devices on you at all times. Yes, the danger of security going through your phone is real, but don’t check your work laptop that has all your company’s trade secrets. If one of your devices gets lost, then anyone who finds it will be able to hack into it and figure out when your next secret album is dropping. (You are Beyonce, aren’t you?!)
  • Don’t trust the Wi-Fi. This is always a solid tip, but especially important when you’re traveling for business. Never use unfamiliar public Wi-Fi to do official company business or any sensitive personal browsing. Doing so leaves you open to hacking, government surveillance, and increased risk of malware being installed on your device.
  • Use a VPN. If you’re traveling for business, all of your internet browsing should happen while connected to a VPN. Many companies require you to use a VPN to log into their networks while working, but if your company doesn’t, invest in one.
  • Consult your company’s IT department before you leave. Ask your IT department if there are any special considerations for working remotely in the country you’re visiting, unless your IT department is just three people sitting in a basement. Then just follow the tips above and also begin looking for a new job.

Personal travel

Wow — you’d rather explore the world than sit at home in your sad studio apartment with your cat. Because you want to. Ok.
When traveling for pleasure, you should bring only what you need, be wary of Wi-Fi, and keep all devices on your at all times, as mentioned above. Here are some additional tips for world explorers.

  • Wait until you get home to post pictures. It’s tempting to post all your sexy beach pics immediately to make others jealous, but it’s best to wait so you’re not advertising that your home is empty or giving away your location.
  • Don’t do any crimes online. If you do venture on the Wi-Fi, make sure you know that laws in the country you’re in. For instance, don’t go on adult sites in Cuba and don’t trash the government on social media in China — it won’t turn out well for you!
  • Password protect all your mobile devices. You should always have strong passwords in place for all your hardware and online accounts, but it’s particularly important when you’re traveling. Have strong passwords for hardware and two-factor authentication for all accounts.
  • Don’t swim with your phone in your pocket. This has nothing to do with online safety, it’s just better if you don’t.

Visiting your family in your hometown

Oh man — how’d you get tricked into visiting your hometown? Whether you’re home for the holidays or visiting your beloved family dog Sparky, your hometown is full of dangers

  • Stay in a hotel on the dark side of town. Do not reveal the location of this hotel to anyone. Pay in cash and use “Jon Bon Jovi” as a pseudonym.
  • Do not complain about your mom’s meatloaf on social media. Similar to complaining about the government in China, this will get you into big trouble.
  • Turn off all location-sharing capabilities on your phone, and make sure your phone isn’t set to automatically connect to Wi-Fi. Government agencies and your mom can use this information to track your location.
  • Whoops — your mom found you at your sketchy hotel because Jon Bon Jovi is a pretty obvious pseudonym. Grab Sparky and leave in the night.

Traveling can be a minefield of digital dangers, but as long as you exercise reasonable caution and refrain from using the pseudonym “Jon Bon Jovi,” you should have a safe trip. Bon Voyage, Beyonce!

How To Sound Like A Cybersecurity Expert

Cybersecurity is a buzzy topic these days. Everyone seems to be clamoring for tips on how to stay safe online, and you read in a listicle somewhere that cybersecurity is currently one of the fastest growing fields. So how can you get a piece of the respect and professional prestige that a cybersecurity expert might have? Simply follow these tips.

Warn people about social media

Inform people that by posting photos of their brunch on social media, they are giving hackers and state actors the tools necessary to take you down.

But actually, that’s too specific and information-y to remember, and it’s kind of a downer. Make your warnings vague, as in, “that Facebook is up to no good!” or “be careful about Twitter!” This way, when the next terrible Facebook or Twitter thing happens, people will recognize your prescience.

Bring encryption up often

Now, you may not know what encryption is, and I certainly don’t, but what we do know is that it’s somehow important to cybersecurity experts. Talk about it a lot, and if you encounter someone whose knowledge on encryption is more advanced than yours, simply run away.

Make a big deal out of the dark web

Studies have shown that people love hearing about the dark web. Take advantage of this fact to improve your social standing by making a huge honkin’ deal out of the dark web whenever you can.

If you see someone holding a credit card, mention that there’s lots of stolen credit card information on the dark web. This will confuse them into thinking you can help them keep their credit card information off the dark web.

Extra points if you can explain to people what TOR stands for. But if someone actually asks you how it works, this is again the moment to simply run away.

Loudly proclaim that quantum computing is the future of cybersecurity

This is certainly true. Don’t ask me why.

If someone asks you to elaborate on your claims, run away.

Chant “identity, not perimeter” to anyone in your general vicinity

The idea here is that perimeter security, or the mighty firewall as some call it, will be overtaken by identity and access management security, which allows for more granular permissions to be set, and ensures that even if someone does breach the firewall, they won’t have access to everything.

But that’s sort of a long thing to remember, so just remember the chant. If anyone asks questions about the chant, tell them to stop interrupting the chant.

Start a group chat to share cybersecurity articles you don’t understand

You’re not legit until you’re sharing articles saying common facts that we all know about like “phishing is a thing,” and “hackers have our data.”

To solidify your standing as a thought leader, however, you need to take it one step further. Sharing articles about concepts you don’t understand will allow you to rise to the top of the cybersecurity fake expert field. Look for a title like “why you NEED quantum encryption TOR identity blockchain security NOW.” If someone asks you what that means, tell them it’s too late for them if they don’t know.

How To Shop Safely On Black Friday And Cyber Monday

The time we’ve been waiting for all year is finally here: Black Friday and Cyber Monday are upon us. The holidays are the season for spending time with cherished family and friends, but Black Friday is much better because you get to buy new stuff. Friends and family move away, they get busy and can’t see you, but your new stuff will sit in your home with you until it has to be forklifted out to clear a path after you get trapped under a pile of 70% off Google Homes.

But the coming sales aren’t all fun and games. As the holiday shopping season ramps up, cyber criminals are also ramping up their activities. Here’s how you can protect yourself from being a victim of cybercrime this holiday season.

Don’t shop online in public

Seriously: the whole goal of online shopping is so you can sit in your house in your underwear and order as many pairs of Air Jordans as your credit card limit will allow. So why, in 2018, are people still leaving their houses to do this? Pro tip: being inside your house is always safer than not being inside your house. Additionally, sitting in a coffee shop while entering your credit card number will just leave you open to scammers looking over your shoulder, and they will also see that you decided a toaster would be a good gift for your mom. Additionally, using public WiFi to make purchases is not recommended: when possible, use your home WiFi or another trusted network. Also seriously, a toaster?!

Use sites you trust

Now is not the time to try anything fancy: go to the sites you know, and if you want to shop somewhere new and unfamiliar, research the company online to make sure it’s legitimate.

Make sure you use secure sites

You’ll want to use sites that use HTTPS instead of HTTP. Websites that have HTTPS in their URL will encrypt all information sent between your browser and the website. If this is too boring to remember (it is) just look for a little lock right beside the URL in your web address bar. Keep in mind that this is not a guarantee that the website is safe, but this does add an extra layer of security.

Check your bank statements regularly

Check your bank statement online, and check it often to ensure that no suspicious activity has transpired in any of your depleted accounts. Call your bank immediately if you notice something is off. And while it is highly suspicious that you bought an EZ Bake oven for yourself, that’s not the type of suspicious activity you’re looking for.

Do all that boring stuff we always tell you to do

Update your passwords regularly. Don’t use the same password twice. Ensure your computer’s software is up-to-date. Use anti-virus software. Don’t hand out your social security number like it’s Monica’s Christmas candy. Appreciate all Friends references.

Avoid using your credit card when possible

No, that doesn’t mean you should use debit. In fact, please don’t! But apps like Apple Pay are more secure, and many large retailers are now accepting Apple Pay through their apps. Many banks also offer virtual credit cards specifically for online transactions so that your real card number doesn’t fall into the wrong hands. Unless the wrong hands are also your hands, in which case I cannot help you.

Don’t shop on websites using your mobile browser

It’s hard to see if they’re secure. Instead, use the retailer’s app. Yes, this means you must download yet another app as you’re hunched over your desk at work just trying to buy a pair of boots before anyone notices you haven’t sent the invoice you promised Cathy, but Cathy can wait. This is your online safety we’re talking about, Cathy!!

Don’t click on links

Type the website URL directly into your browser’s address bar instead of clicking on links sent to you through email, text, or other messaging apps. Scammers will often send emails or messages that look exactly like a retailer’s marketing materials, but these links will direct you to a fake website or install malware on your device.

Spend all your money!!!

Max out those credit cards and drain your accounts. If you have nothing to steal, scammers cannot steal from you. (This is obviously a joke – it’s important to spend wisely and make sure that you have money left over for food. Do you have money to buy me food? Just kidding. Unless you’re offering.)

Black Friday and Cyber Monday are a great way to temporarily escape from the dreary prison of your life. Just make sure to follow these tips so you can ensure that you are the only one spending your money. Happy shopping!!

6 textbook examples of how NOT to respond to a Data Breach (Seriously guys?)

Yahoo: Do nothing and pray it goes away

Why are we surprised at this?! When Yahoo suffered a breach in 2013, it decided to just keep quiet about the 3 billion accounts that were compromised. Surely this would prove to be an effective strategy?

LOL.

The news broke a whole FOUR years later, in 2017, that 3 billion accounts had been hacked, which is more than the company claimed in 2016, which is the first time anyone heard anything about a data breach. We shouldn’t really be surprised, as “do nothing and pray it goes away” has been Yahoo’s MO for quite some time now.

FriendFinder Networks: Take days to respond and then downplay the incident in a vague press release

FriendFinder Networks is a company that you’d reeeally want to keep your data secure. It operates AdultFriendFinder, a “sex and swinger community,” and when it suffered a breach in 2016, the response was slow and the press release was tepid. The company affirmed that it “encourages users to change their passwords,” and appeared to put most of the onus on the users, commenting that it would contact users “to provide them with information and guidance on how they can protect themselves.” Seriously?

This press release came after days of speculation, which is actually forever if you are a user of an adult website waiting to find out if your data has been made public.

Equifax: Fail to patch software, take forever to disclose breach, let execs sell their shares

Equifax has one of the shadiest timelines of this group, and competition was stiff here!! After failing to patch a known vulnerability in March 2017 in widely used open source software Apache Struts, the data of 143 million US customers was potentially exposed in May 2017. Then on July 29th, days after the breach was discovered, executives sold off nearly $1.8M worth of Equifax shares. Hmm….this looks bad, but maybe there’s something we don’t know here. (Read: there’s not. It’s bad.)

Ticketmaster: Pretend it’s not happening

Ticketmaster was alerted to a possible breach in April of 2018, but decided to do its best impression of an ostrich and just pretend it wasn’t happening until it received apparently irrefutable (or un-buryable) evidence on June 23rd. Online bank Monzo released a statement shortly afterward saying it spotted the breach in April, but Ticketmaster said nah after an internal investigation revealed no evidence of any such breach.

I’m confused. Are we just letting companies investigate themselves now? This is not how any of this should work. Anywho….

Facebook: Deny deny deny

Facebook didn’t suffer a breach. Instead, it voluntarily gave away a treasure trove of user data and then informed us that we had all agreed to it in the terms and conditions. Whoops – we should have read those, but they’re just so boring, and no one can recall seeing a line item that said “we will give away all your data, suckers, and there’s nothing you can do about it LOL.” I think I would have remembered that…..

To its credit, Facebook did admit that its data had been “improperly shared,” but didn’t go so far as to call it a breach. They didn’t go so far as to call us suckers either, but that doesn’t mean it isn’t true.

Exactis: Leave us all in suspense as if our data’s safety was a plot point in a Mission Impossible movie

None of this is entertaining, you guys. Apparently there is a “database with pretty much every US citizen in it” floating around the internet, according to security experts. That seems pretty bad.

But even worse, the company associated with the breach has stayed silent for days, which is deeply bumming out 230 million of us who would kindly like to know if our personal information is available online.

The bottom line

Data breaches are inevitable. Attackers are targeting companies on a daily basis. But ignoring the fact that a data breach has occurred, failing to patch a known vulnerability, putting the onus of dealing with a breach on users, and – most obviously of all – selling off your stock when you have insider information of a breach doesn’t help anyone. Companies need to be honest when they think a breach has occurred, or they risk losing their customers’ trust. And as our data multiplied exponentially, trust is becoming scarce.

Quantum Computing Will Change Cybersecurity – If We Can Figure Out What It Is

Quantum computing is the next type of computing that is going to be important. How do I know? Because people throw the term around in casual conversation the way they add a cloud, machine learning, or blockchain reference to statements to make themselves seem smart. It’s like, fine, you know I can’t argue with you now because I don’t know what you’re talking about, but do go on.

Now I don’t have a STEM background at all, but I still think that I should be able to understand WTF everyone else is talking about. So I’m setting out on a quest to understand quantum computing. Please join me as I demystify this mysterious new technology, and try not to laugh too hard.

First stop: Google.

I thought I could start by just Googling what quantum computing is. I thought wrong. The definition uses words like “superposition” and entanglement,” which sound vaguely inappropriate and specifically confusing. Google also helps me out with this little nugget: “A quantum computer is a device that performs quantum computing.” Oh do go on.

Upon further reflection that included stuffing a bunch of popcorn down my gullet and singing half of a Mariah Carey song loudly, I come to the realization that quantum computing is somehow different than regular computing. Oh wait – that’s in the definition I’m staring at.

But, wait, I see the word binary – that’s a word I know. Ok so quantum computing doesn’t rely on zeros and ones. Interesting…..

This reminds me of those characters in Star Trek, the Bynars, who communicated exclusively in binary. They were cool little guys. In the TNG episode “11001001” the Bynars even upload all their binary into the Enterprise’s computers. Could this be a clue to quantum computing? Perhaps I should rewatch this episode to find out!

Four hours and five episodes later…………………

Ok, I’m back. That episode is really good, and I had forgotten that the Bynars travelled in pairs. So cute. I am no further from solving the mystery of quantum computing, and I think on some level I knew that I was only making up an excuse to find temporary reprieve from my perilous quest. But no! For the sake of everyone reading this, I won’t give up so easily.

After further research, I’ve encountered a promising definition from Forbes:

On a scientific level, quantum computers work within the world of atomic particles and subatomic particles. In this world, the particles exist in multiple states at a time, allowing a quantum computer to operate in those same multiple states. This goes beyond the laws of physics and operates in an entirely different way than the one state of time that we exist within. It’s easy to immediately feel confused by this concept because human beings don’t know what it’s like to exist in multiple states of time.

What fresh hell is this?

I am beginning to wonder if an altered consciousness is necessary to unlocking the secrets of quantum computing. I really thought Forbes would help me out here, as it’s geared towards business-oriented people like me. If business-oriented people sat at home eating popcorn and singing Mariah Carey on a Tuesday afternoon, that is. It’s my life, and I don’t want to talk about it.

Actually when I read on, Forbes does make a few good points: quantum computing conserves energy, vastly improves cyber security, and is great for processing large data sets. So basically, quantum computing will solve all our problems by completely bypassing the laws of physics. NBD.

I’m getting sort of a Wizard of Oz vibe from this whole thing, to be perfectly honest. Some magical man behind the curtain will solve all my problems as long as I don’t pry too deep into how, exactly, he will do this.

Sounds like a steaming heap of something that came out of a horse to me.

Perhaps if I watch The Wizard of Oz, I can gain more insight into how mysterious entities like wizards and quantum computing function….it’s worth a try.

……………………four hours, one movie, and two naps later………………………

I’m back to finally crack this quantum computing nut once and for all! The Wizard of Oz didn’t really help me out, and I got sidetracked thinking about how hard Judy Garland’s life was. Now there was a talent snuffed out too soon. Perhaps if we were all Bynars, life would be less difficult. We’d always have a little buddy that’s just the opposite of us….or, no, that sounds like having a cat. Did Judy Garland have a cat?

Anyway. I’m reading a new article now. It’s telling me that quantum computers use a thing called qubits, and that, in contrast to conventional computer chips, these super computer chips can be both zeroes and ones at once. That’s cool and all……But why would they want to? (I mean technically, the answer to that question is because it’s faster, but existentially, I’m not sure these scientists can answer that.)

Apparently the qubit must be kept very cold to work properly. And also, this is how it’s described: “This 1-inch-long wafer is made of synthetic sapphire topped with a 100-nanometer-thin layer of printed aluminum.” Why synthetic sapphire? Was the wafer born in September? Everything about this description is wild, and I am coming to realize that I will never be able to understand this thing without first having a solid grasp of at least grade 10 physics and possibly a PhD in whatever this is.

To be honest, it sort of seems like the scientists are just making things up to mess with us at this point, and I really don’t blame them. At this point, they probably just want us to stop talking about blockchain. They’re not wrong.

As I make one final attempt to figure out what quantum computing is, I come across another Forbes article. Fool me twice, Forbes….

Ok so apparently once quantum computing becomes the norm, all of our security protocols will be rendered useless, and the only way to prevent this is — you guessed it — quantum resistant cryptography. And thankfully, “This encryption cannot be broken mathematically because it is protected by the laws of physics.” Good?

Now this is starting to seem like the world’s most terrifying game of rock paper scissors: STEM wars edition. Physics trumps mathematics, but what trumps physics?

I’ll tell you what trumps physics: Mariah Carey’s beautiful voice. And my voice too when I sing her songs, but in a different, viscerally painful for others type of way, sort of like when the rock mangles those defenseless scissors. So I’m going to get back to that and hope you learned something today. Let’s see, to sum up, essentially quantum computing exists, it’s extremely elaborate, and nobody will ever understand it, probably not even the people working on it. The Bynars can’t save us now.

Good Idea / Bad Idea: Protecting Yourself Online Edition

I have always loved to think of my life decisions in the simplistic black and white terms of the classic Animaniacs Good Idea / Bad Idea segments.

Here’s a great example:

Good idea: taking a deep breath before jumping into a swimming pool.

Bad idea: taking a deep breath after jumping into a swimming pool.

Animaniacs is a classic, and I love how good idea / bad idea makes it seem so easy to do the right thing. Of course, over the years I’ve found that life is rarely as neatly broken up into good and bad as the show made it seem. However, keeping your data and yourself safe online is one area in which the good and the bad are fairly self-evident, and it’s also an area that becomes more and more important each day. So let’s do it. Also, watch Animaniacs if you haven’t seen it — it’s a damn classic.

Good idea: Make sure you don’t share information about your location. Do not geotag!!
Bad idea: Posting your address, followed by a long story about how you’re home alone with the doors unlocked.

Good idea: Review your privacy settings on each of your platforms regularly.
Bad idea: Just making everything public, because you “don’t have any information worth stealing anyway.”

Good idea: Dying without ever knowing which Spice Girl you are most like based on your posts.
Bad idea: Authorizing any third party application you’re not familiar with (e.g. Perzonality Testz R Us LOLZ) to access your Facebook data for any purpose at all. It’s not worth it to find out which vegetable most closely matches your face. Though good lord I know it’s tempting. You should also prevent your data from being shared with apps that your Facebook friends are using – find more tips here.

Good idea: Regularly Google yourself in order to find out what potential employers would see if they checked up on you.
Bad idea: Avoid Googling yourself in order to never find out what potential employers would see if they checked up on you. I mean, I get it, but sticking your head in the sand to ensure that no problem ever reaches you at all is no way to….oh forget it, it’s a great way to live and I cannot hear you from way down here in the sand.

Good idea: Limiting the number of digital platforms you give your personal data to.
Bad idea: Setting up a profile on every new platform you encounter, using it for a few months, and then abandoning it. If a potential employer finds your 2003 MySpace blog, they’re the ones who will be sorry.

Good idea: Two factor authentication.
Bad idea: Giggling because “two factor authentication” sounds like something a robot would say. It does, but someone who uses the same password for everything and it’s “password1” really shouldn’t be laughing.

Good idea: Sharing pictures of your cat on Reddit or Imgur.
Bad idea: Sharing pictures of your child on Reddit or Imgur. This is at every parent’s discretion, and far be it for me to tell you how to parent your kid, but also why are you broadcasting the most vulnerable member of your family on the platforms with the most terrifying creeps.

Good idea: Not sharing your password with friends.
Bad idea: Using your most trusted barista at Starbucks as some sort of human password manager. I guarantee that barista will turn on you the moment your drink order becomes too idiotic. Don’t ask me how I know. *Sips Venti Iced Skinny Hazelnut Macchiato, Sugar-Free Syrup, Extra Shot, Light Ice, No Whip.*

Good idea: Taking everything you see online with a grain of salt
Bad idea: Kicking yourself for not realizing that Elvis was homeless in San Diego this whole time. This has nothing to do with privacy, but it’s important for your safety that you always verify what you read online. And also it’s important that I mention this story about Elvis because I was deeply upset when I found out this wasn’t true.

Good idea: Never revealing too much about yourself to strangers online.
Bad idea: Striking up a friendship with a nine-year-old painting prodigy, her mom, and her teenaged sister, only to later discover that it was actually just a middle aged woman playing three different characters. On an unrelated note, I just watched the original Catfish documentary, and boy is it good!!

Good idea: Familiarizing yourself with different kinds of phishing attacks.
Bad idea: Entering your online banking information into a random site so you can receive your tax refund that is being emailed to you and you haven’t submitted your taxes in six years, but this should turn out pretty good.

Good idea: Declining to engage with trolls and bullies online.
Bad idea: Becoming an infamous internet troll and getting enough people angry at you that you eventually get doxxed.

Good idea: Only posting things online that you’re comfortable with everyone seeing, even if your privacy settings are airtight.
Bad idea: Posting specific, detailed rants about your boss on Facebook that would both allow your boss to finally get the leverage to fire you and also enable any enterprising stalker to easily find you at your workplace.

Good idea: Logging off once in a while to read a book.
Bad idea: Seriously, read books, or this is what will happen: