|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
.Patch lady here – with day 2 of 31 days of paranoia. Today I’d like to remind you of how much we’ve become depended on passwords and yet how fragile t
[See the full post at: Patch Lady – 31 days of paranoia – day 2]
Susan Bradley Patch Lady/Prudent patcher
When the MFA allows email, I’ve set up a group email box so that both people get the MFA token. Haven’t worked out the cell phone problem yet. Good questions.
Susan Bradley Patch Lady/Prudent patcher
Good point. I will plan on a “time out” topic on how much we are relying on technology to our detriment.
Susan Bradley Patch Lady/Prudent patcher
What is not stored on my HD, cannot be stolen from it, or get lost by hardware damage.
My advise is simple. Do as little online and computer transaction as possible. A life this way is possible, you know. Do not use password managers. Do not store passwords on your HD. Do not allow browsers to store passwords. Manually log in every time you visit that site, forum, shop. Keep the number of such services, shops etc small, as small as possible. Do not use the same password for several sites (you would be surpised how many people do that).
Or in simple words: go into that book shop instead of ordering from Amazon. You can search and investigate online wonderfully. (Do so without logging in anywhere and thus allowing them to profile your search preferences). Who says you must necessarily buy online? (Especially in Germany where books have fixed prices and cost the same everywhere, in all shops offline and online).
The biggest security risk is the belief that all and everything must be done via apps, online, computers. I wonder how some people managed to survive until today while just 15 years ago all this was relatively new and still “exotic”.
I log in somewhere only when I really want (=”need”) to buy there, or want to post on that forum. Mostly, I stay anonymous everywhere. One of my two main reasons why I stopped fooling around with stocks one and a half year ago, were serious security concerns regarding financial apps that I needed to do so. The days when Android was fail-safe and was not under attack at all, are long since over. I do not trust smartphones. To me, a smartphone just is a target of somebody else. Why people store sensible data on smartphones – that could be stolen, infested, corrupted, lost – is completely beyond me. I laugh today that I did that for some time myself. Thank goodness I woke up before getting hit hard.
A good compromise also is to have your passwords in a simple .txt-list on a USB stick, of coruse heavily encrypted. When needed, you paste and copy the needed one. I would always keep not needed sticks and HDs physically disconnected from the active platform, of course. Plug in, log in, unplug: and then do your action.
Marc
I am a security nut. Here is my routine (but keep in mind I am retired and don’t have to be in the loop).
I give my email out to very few people. I have a separate gmail account for on-line banking. I do online banking because it is so convenient and I justify it by the fact that I check my account daily so that if there was something untoward I would discover it right away and the bank would have to make good and also because some of the hacking is done in the bank itself which online banking has nothing to do with..
I have only two credit cards that I check on a few times a week online. If a store has been hacked or I see something on the card I call them and get a new card. This is not a problem because I use the cards for very few accounts so if I have a new card number there is not much hassle.
I have a separate gmail account for ordering from my very few stores. All my gmail accounts have two factor authentification with a Yubico key.
I use the Firefox browser and DuckDuckGo with https everywhere,adblocker ultimate, ublock origin, privacy badger (all of which I download from the sites themselves as much as possible).
I don’t trust password managers as they can be hacked. For the few accounts that I use they each have a separate password that is written in a book on my desk and also in a binder in my bookcase. They are very long and complicated and nobody but hubby uses my IMac. I even have a bandage over the camera on the IMac. I do not use Siri or any of the programs on the IMac. Long ago I did not trust Facebook or any other social media — my friends and family laughed at me but whose got the last laugh now? Woody’s is the only blog I belong to.
I don’t use anything “in the cloud”. I have nothing of value stored on my computer so that I do not have to back up my computer as anything of value is a hard copy in my desk.
I refuse to have a smartphone and have an embarrassing flip phone that is only really needed to call hubby from the supermarket to ask if we need eggs. I refuse to text as I can be emailed or called on the home phone or the cell phone.
I have locked my credit with the major credit bureaus and minor ones most folks aren’t aware of and I have Security Alerts placed also which now are for one year.
This all may sound over the top but it works for me. My friends laugh at me but they have been hacked and I never have. Also, I am not particulary social and therefore it is easier for me to keep this low profile. I do not keep emails on my computer — if they are of value I copy them to a folder in my desk otherwisw they are deleted. Every evening I delete my google chrome history and cookies and Firefox is set to automatically delete them.
Whew! I think that’s all folks!!
Did I find a soulmate here? 🙂
Much the same like you do I do over here. A smartphone I only have since two years, and mostly for the camera and OSMAND navigation: WLAN is switched on as needed only, and is mostly off , and mobile data is almost never on, only when I travel by train and want train and timetable updates. I have a nice prepaid card for it that limits the monthly costs to fabulous 2 Euros only, for I have no use of SMS and telephone (if I use this, it would cost me 9 cents per message/minute). I reserved only a 100 MB contingent per month, thats what costs me those 2 Euros. 95% of that contingent passes unused, often its the full 100% I do not use.
I pay cash, have no credit card, and have two bank accounts. The one I use for shopping online and the monthly bills like electricity, insurrance etc. It has no overdraft credit and always only holds the money needed for a 1-month interval at max. It gets filled up by a second bank account that holds a higher reserve but has no online access. This way, if my PIN or ID would get stolen, the damage that could be done, already is contained. Most of my treasure is not placed digitally at a bank.
No Twitter, Facebook and the likes for me.
You asked for paranoia – you get it! 🙂
Marc
The following is not specific legal advice, but I found these references about Digital Assets and Estate Planning online:
Leaving Digital Assets Through Your Will
https://www.nolo.com/technical-support-main/online-will-leaving-digital-assets-through-will.html
Writing a Letter to Survivors
https://www.nolo.com/technical-support-main/online-will-writing-letter-survivors.html
Sample Will and Power of Attorney Language for Digital Assets
http://www.thedigitalbeyond.com/sample-language/
These articles should help get the ball rolling when you discuss the whole process of Estate Planning with your own attorney.
-- rc primak
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
