June 12, 2024 • 19 mins
Ever wondered how secure your online presence really is? Find out why strong passwords, password managers like Proton, and two-factor authentication are non-negotiable in this digital age. Join me as I also touch on my recent move and its potential impact on the Ink and Bytes production schedule. Despite the craziness, I’m determined to keep bringing you two blogs and two podcasts a month. And don’t forget, your support on Ko-Fi can make a big difference in keeping this content coming!
In the main segment, I recap my first cybersecurity episode with Nightfire before diving into the essentials of internet safety. Learn why keeping your software updated is crucial, and discover practical tips for safe browsing, such as using encrypted messaging apps like Signal and ensuring websites use HTTPS. We also delve into verifying links to avoid phishing and staying informed through trusted sources and cybersecurity communities. Whether you’re a beginner or an advanced user, this episode offers valuable insights to bolster your online safety. Tune in and make sure you're staying safe out there!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Hello everybody and welcome back to the Ink and
Bytes podcast.
Now, quickly, just somehousekeeping stuff before we
jump into the episode.
I have recently undergone amove away from home.
I am in my own space in anentirely new state, starting a
new chapter of my life, and it'svery stressful and
nerve-wracking.
(00:20):
And if there is a delay incontent it's just because I'm
adapting to my situation.
I still am motivated to do twoblogs and two podcasts a month,
but if I ever fall behind onthat, just know I'm not giving
up, I'm not stopping, I'm justvery busy.
I'm going to have to take on alot more work and be a better
adult just to stay afloatnowadays.
(00:41):
So otherwise, it's an excitingchange.
I've been looking forward to itand if anyone feels inclined to
help me keep doing the podcastand making this content for you
all, feel free to go over to myKo-Fi.
It's ko-ficom slashworldbuilder.
Any amount helps.
I have a $5 a month membershipthat allows you to get a shout
out, and I'm going to be workingon some other special things
(01:03):
like bonus episodes formembership specific subscribers.
So, with that being said,that's pretty much all of the
housekeeping stuff.
Let's jump right into it.
(01:35):
Recently, in episode nine I hadthe first cyber security podcast
episode and I was reallylooking forward to that, because
that's one of the reasons whythis show is called Ink and
Bytes.
I also talk about technologyand gaming and stuff like that,
but we haven't really had theopportunity to talk much about
tech and cybersecurity.
(01:56):
So it was really nice to havethat conversation with Nightfire
and we're going to have themback for more episodes with
specific cybersecurity themes.
So keep a lookout for that aswell.
But today I have a few tips forinternet safety generally that
I just wanted to give everyoneto put in their toolbox for
personal safety, because duringour conversation a lot of the
(02:18):
stuff we talk about is withpersonal safety and how the
internet is not all sunshine androses.
There's a lot of snakes in thegarden that target people
specifically to steal from themand target the most vulnerable
people, which unfortunatelytends to be our grandparents and
those on the older side, whodon't really understand how
technology works and might groanwhen you have to put a password
(02:38):
in.
So this episode is purely goingto be to give you a few tips,
both the novice internet usersand the more experienced
internet users, or just techusers in general.
So there's something foreverybody just to keep in the
back of your mind as you gothrough your day to day
operations, because we spent alot of time on the internet and
a lot of that time we could beunknowingly making ourselves
(03:02):
more vulnerable.
So let's get started with thetips, and the first one is
really basic but no one everreally does it and that is use
strong and unique passwords.
I feel like passwords get a lotmore complaints than they
deserve.
Passwords are literally yourlike number one first line of
(03:26):
defense against people trying toget into your computer, your
accounts for software, yourbanks.
Passwords are there first andforemost to stop that, and it's
their first line of defense.
And so many people use weakpasswords like admin or password
one, two, three, four or theirbirthday, date of birth easily
(03:46):
guessable things, and this mightcome as a surprise to some of
you maybe not a surprise to alot of you.
There are lists upon lists ofcollected passwords that are the
most commonly used, billions,millions of lines long that
password cracking tools can scanand automatically try on
(04:06):
different login portals to seeif you have decided to use a
weak password.
So never use stuff likepassword 1234 or word pass 1234.
Hackers are a lot smarter thanthat.
Same thing with colors, use amix of letters, numbers and
symbols and, again, avoidcommonly used words and easily
guessable information.
(04:26):
Your birthday might seem secure, but that stuff can be guessed
too.
And for you?
More experienced people use apassword manager to generate and
store complex passwords, and Ipersonally highly recommend
Proton services.
They're free, but they're alsovery affordable and their proton
password vault is really good.
(04:48):
And in an age where passwordpassword vaults seem to be
getting compromised, proton hasyet to have an issue, and we
talk about this with knife fire,but proton, specifically d or
encrypts the information in away that they can't even decrypt
it themselves.
So if they were to get breached, there's no way for those
people to get into your stuffand look at it, because even
(05:10):
Proton can't see what you'redoing.
Highly recommend their services.
They have a VPN and an emailservice really good stuff and
also make sure to enabletwo-factor authentication
wherever you can.
That stuff is pretty helpful.
It can be annoying, but it'sdeciding of annoying or
protection.
You want to kind of swaytowards protection.
(05:31):
Next, you're going to want totry to keep your software
updated as much as you can I begyou everyone begs you when
Windows has that pop-up thatsays update now and get the
latest update, as annoying as itcould be, depending on what
time it hits, you just do it.
Don't say I'll do it later,because then later will come.
We've all been there, trust me.
(05:52):
Don't say you don't do thiswhen later comes and that pop-up
comes back up, you postpone itagain.
Those Windows updates are thereto protect you.
A lot of them have importantsecurity updates that patch
critical vulnerabilities and,depending on how critical, you
always want to make sure you'reon the latest version.
Literally the number one stepin the hacking process is info
(06:16):
gathering, which is when ahacker would scan their targeted
machine, see what versions ofsoftware they're running, check
online to see if those versionshave vulnerabilities, software
they're running.
Check online to see if thoseversions have vulnerabilities
and, if they do, exploit them toget onto the machine.
That's literally step numberone.
These updates are there to stoppeople from doing that.
The more you update, the lessoptions people have to attack
(06:40):
you, and it's a rule of thumbfor nearly everything cyber
related Just be aware andwilling to learn.
So just stay up to date, if youcan, about what the most recent
vulnerabilities are and what itaffects.
And if you are in that group ofpeople, make sure you have the
most recent update.
If there's a patch that fixedit, you never want to be behind.
It's always worth to update.
(07:01):
And the tips again I do thisnovices first, then for more
experienced Enable automaticupdates on all devices and
applications and regularly checkfor updates.
If automatic updates aren'tavailable, windows nice it does
that for you.
And for the more advancedunderstand the types of
vulnerabilities addressed in theupdates and use tools like a
(07:22):
WSUS offline update to manageupdates in complex environments.
And that is just a softwarethat allows you to kind of work
in the Microsoft Suite offline.
The next tip I got for you is bewary and understand common
phishing scams.
And when I say phishing, Idon't mean going out to a lake
with a fishing pole and tryingto catch the biggest one in the
(07:45):
lake.
What I mean they sound the same, but they're spelled
differently and they have twodifferent meanings.
Fishing in this sense we'retalking about here in cyber is
the act of sending out a mass offraudulent emails to get people
to interact with it and clickon a link to go to either a
malicious website and download afile which will then compromise
(08:06):
your machine and allow them toblackmail you, would do whatever
they want.
Phishing is like throwing a netin a digital environment and
seeing how many fishes akaemails of people you can get.
Phishing is most common ifyou're in a business ecosystem
with large networks and a lot ofdifferent machines connected,
(08:26):
because that allows attackers toblackmail for information or
skill vertically if they get inone place.
So phishing is more common ifyou're working in a company, if
you're kind of a solo person,everybody gets spam.
Spam is common, is like phishing, because you know they're very
hostile emails.
So for you novices and I don'tmean that in a mean way, it's
(08:50):
just the way I wrote it down onmy notes don't take out
pitchforks and come at me.
Don't click on links ordownload attachments from
unknown senders.
You always want to make sureyou're interacting with emails
from people you know and if it'sfrom a business or something,
make sure you've done businesswith them in the past, because
you're not really likely to getrandom emails from YouTube
unless you are on YouTube.
(09:10):
Same thing goes for Bed, bathand Body Works and all those
other businesses.
You're likely not to getpromotional emails from them
unless you agree to something.
So if you start getting emailslike that, just make sure you
trust it and then verify thesender's email address and be
cautious of urgent or alarmingmessages.
No, your son is not arrested ina foreign country.
No, some prince from Ugandadoesn't love you and doesn't
(09:34):
want to send you money.
Just, that's always a scam andit's so common it hurts.
And for the more experienced,use email filtering tools and
anti-phishing software.
Following that, try to usesecure networks when you need to
, and by secure networks I meanthings like VPNs.
(09:54):
If you're working at home andyou want to do something more
private maybe you're working onsomething at work that is kind
of sensitive you can always goonto a VPN and obscure your IP,
so it makes it look like you'recoming from somewhere else and
it just generally provides youbetter browsing protection.
And also when you're out inpublic and I know this firsthand
(10:17):
I never connect to public likeutility hotspots or internets,
because they're not safe.
Like you go to the cafe, youconnect to the cafe's internet
and this isn't flame to thepeople who set it up, but most
times those networks are set upin a rush in order to provide
free internet, which is in someplaces required by law, and
these areas are the biggesttargets for mitm attacks or man
(10:42):
in the middle attacks and wewon't get into that here because
it's kind of a advanced andcomplex topic, but think of it
like a hacker sitting in betweenyou and your traffic, posing as
something else to get you tosend your information to them
instead of your targetdestination, so on and so forth.
It's a lot deeper than that,but these areas are really easy
(11:03):
to do that, and in an officespace too.
Again, as much as I want to talkabout it, I'm not going to
because it could be a two hourepisode on explaining how that
works.
But just always avoidconnecting to public and free
Wi-Fi unless you're in an areathat's been vetted and you know
has secure Internet and networks.
(11:24):
Usually just use a VPN in thosesituations and again, I highly
recommend Proton's VPN.
There's a desktop app and amobile app, so if you're out
there in public you can switchit on and it's a little bit
better.
And then just avoid accessingsensitive information over
public Wi-Fi.
So if you have to connect to it, like if you're on a campus or
(11:45):
something, just try not to doanything sensitive and if you do
, just go on your data, yourdata will be a little bit more
secure.
Use a VPN, like I said, andconnect when connecting to those
networks and, for the moreadvanced, understand the types
of attacks that can occur overpublic wi-fi again, man in the
middle attacks.
Implement and configure vpnsproperly to ensure maximum
(12:08):
security, like kill fit, a killswitch features in Proton and
server hopping as well to kindof make it harder and keeps you
a little bit more secure.
Might increase the latency alittle bit, but you know again,
safer, sometimes better.
This next one is kind of extra.
This is if you really like tolearn and you're hungry to kind
(12:28):
of understand how a lot of thisstuff works, and that is,
understand the importance ofencryption, and encryption
basically is just taking thingsthat are readable like most
people say, plain text andturning plain text, which is
human readable, and make it notreadable and make it encrypted
(12:51):
oh, fancy word, right, you cansay that in any conversation and
make you sound a lot smarter.
I'm not suggesting you go outthere and buy a textbook and
read about things like thedifferent encryption methods,
such as RSA, md5, and hashing,but it's worth it if you're
interested in that and it'spretty cool.
But even if you encrypt yourstuff, that doesn't mean you're
(13:15):
completely protected.
There is a catchphrase in cyberthat I really like, that a lot
of professionals use and a lotof people in the space use, and
that is it's not if you're goingto get hacked, and some people
say popped, it's when you'regoing to get hacked.
So even if you encrypt yourstuff, there are tools I've used
them in my studies that canallow encrypted information to
be decrypted if it's encryptedpoorly.
(13:36):
One of these popular tools arecalled Jack the Ripper and that
can decrypt things if thesituation is correct.
But again, these thingsencrypting your stuff most
things do that for youautomatically, like mail servers
and communications.
Your stuff is usually encryptedbefore you send it.
Therefore, you automaticallymail servers and communications.
Your stuff is usually encryptedbefore you send it.
(13:57):
And if you want some moreinformation on that process,
feel free to read the blog thatthis is based off of on my
website, again,the-world-buildercom.
I have a list there.
It's a little biased, but I hada fun time writing that one.
And for the tips use encryptedmessaging apps like Signal and
WhatsApp and then ensurewebsites you visit, use HTTPS.
If a website uses HTTP, run asfast as you can, it's not safe.
(14:19):
Https is Hyper Text TransportProtocol.
I'm not Googling that at themoment, so if I got it right,
awesome, that means I remembered.
If I got it wrong, I'm sorry.
And then HTTPS is the samething, but kind of is secure I
believe that's what the s is issecure or something like that.
So most websites use it becausehttps is standard.
(14:42):
If they don't have it, it'ssuspicious.
And for the more experienced,implement encryption on personal
and professional devices.
And then this is where you kindof want to learn the different
types of encryption.
If you're already into thisstuff, it's not that far of a
leap to kind of leaning intothat.
The best thing you can do iskeep learning, as I keep saying.
The next tip is veryself-explanatory, but it isn't
(15:05):
done enough and bears mention,and that is just practice.
Safe browsing habits.
We spend so much of our timebrowsing online that we may
think we're doing everything wecan to be safe and we're not
doing anything risky, but we'veall fallen for the lure of
attempting off for online thatcould have been hostile.
A lot of these are like oh,free V-Bucks or get this game,
(15:28):
cheap discount codes from weirdwebsites, and so on and so forth
.
If something seems too good tobe true, nine times out of ten
it is, and it sucks to admit it,but it's likely not real.
And even recently a personalstory from my end I was working
on a family member's computer,trying to factory reset it
(15:48):
because it's never been factoryresetted and it was swarming
with viruses.
And I actually went onto aMicrosoft website that looked
real and took down a phonenumber for my grandmother to
call and it wasn't a real phonenumber and that was a whole
ordeal.
So even official Microsoftwebsites could be cloned and
(16:09):
faked.
So when you're browsing online,always read the URL, make sure
it looks legit, again make sureyou're on HTTPS, so on and so
forth.
The biggest thing is misspelledURLs like Facebook or something
as simple as that, becauseagain, malicious actors will
prey on the people who do notunderstand the things, and a lot
(16:31):
of people who aren'texperienced or really don't care
will never really read the URLthat they're on.
They'll just assume it's fine.
So always check that out if youcan.
And again for the tips, avoidclicking on pop-ups and
suspicious links, use a securebrowser and adjust privacy
settings and, for the moreadvanced, regularly clear
cookies and cache to maintainprivacy.
(16:52):
Finally, the last tip I got foryou I've already mentioned
throughout this episode, andthat is educate yourself
continuously.
Continuously learning andadvancing your understanding of
internet safety and cybersecurity is one thing that is
entirely within your control.
You can choose to learn and beaware, or you can ignore
(17:13):
everything and take your chances, and that is a normal thing to
do.
When, if you end up doingsomething bad and it does happen
it's easy to blame externalfactors.
It's a normal human reaction.
But there are countlessresources available to educate
yourself, many of which are free.
The best thing you can do iskeep learning and never be
(17:33):
satisfied, and when somethingbad happens, just take it as an
opportunity to be like okay, howdid that happen?
How can I learn more about it?
What can I do in the future tomake sure my security posture is
stronger so that it doesn'thappen again?
How can I not fall for a scamnext time?
So on and so forth.
Just ask yourself thosequestions and pursue knowledge
(17:55):
relentlessly.
And, given how much the digitallandscape morphs and advances,
staying informed is an ongoingeffort, but it's worth it If you
can stop a lot of theseproblems from happening in the
first place.
You'll save thousands ofdollars and a lot of headaches.
And here are the tips Fornovices follow trusted sources
for security news and updatesand take online courses or watch
(18:17):
videos on basic internetsecurity.
I recommend Black Hills Internetor Black Hills Cybersecurity
something that's been a whilesince I listened, but they're
very approachable.
Cybersecurity Powerhouse andtheir podcast is entertaining
and informational.
And, for the more advanced,participate in forums and
communities focused oncybersecurity.
Attend webinars and conferencesto stay updated on latest
(18:40):
threats and solutions, andthere's constantly a bunch of
different conferences going on.
I almost went to a few of them,but you can find websites out
there that just lists a lot ofthe ones that are going on and
just attend them if you can.
That's pretty much all of thetips I got for basic internet
security.
I hope you found them helpful.
I hope you learned somethingnew and I hope, if you're an
advanced user, I hope the tipsthat were tailored towards you
(19:02):
maybe helps you learn somethingnew as well.
That'd be pretty dope, but ifyou like this type of stuff and
you want to see more from me,feel free to head over to
ko-ficom, slash worldbuilder andsubscribe for $5.
I'm working on some extra perks, but it gives you a shout out.
Any little bit helps me keepdoing this as a side hobby and I
(19:25):
love doing it, no matter what.
It's fun to talk into themicrophone and just be a little
bit educational for once.
So thank you again and I'll seeyou in the next one.
Be safe out there.
Hello everybody and welcome back to the Ink and
Bytes podcast.
Now, quickly, just somehousekeeping stuff before we
jump into the episode.
I have recently undergone amove away from home.
I am in my own space in anentirely new state, starting a
new chapter of my life, and it'svery stressful and
nerve-wracking.
(00:20):
And if there is a delay incontent it's just because I'm
adapting to my situation.
I still am motivated to do twoblogs and two podcasts a month,
but if I ever fall behind onthat, just know I'm not giving
up, I'm not stopping, I'm justvery busy.
I'm going to have to take on alot more work and be a better
adult just to stay afloatnowadays.
(00:41):
So otherwise, it's an excitingchange.
I've been looking forward to itand if anyone feels inclined to
help me keep doing the podcastand making this content for you
all, feel free to go over to myKo-Fi.
It's ko-ficom slashworldbuilder.
Any amount helps.
I have a $5 a month membershipthat allows you to get a shout
out, and I'm going to be workingon some other special things
(01:03):
like bonus episodes formembership specific subscribers.
So, with that being said,that's pretty much all of the
housekeeping stuff.
Let's jump right into it.
(01:35):
Recently, in episode nine I hadthe first cyber security podcast
episode and I was reallylooking forward to that, because
that's one of the reasons whythis show is called Ink and
Bytes.
I also talk about technologyand gaming and stuff like that,
but we haven't really had theopportunity to talk much about
tech and cybersecurity.
(01:56):
So it was really nice to havethat conversation with Nightfire
and we're going to have themback for more episodes with
specific cybersecurity themes.
So keep a lookout for that aswell.
But today I have a few tips forinternet safety generally that
I just wanted to give everyoneto put in their toolbox for
personal safety, because duringour conversation a lot of the
(02:18):
stuff we talk about is withpersonal safety and how the
internet is not all sunshine androses.
There's a lot of snakes in thegarden that target people
specifically to steal from themand target the most vulnerable
people, which unfortunatelytends to be our grandparents and
those on the older side, whodon't really understand how
technology works and might groanwhen you have to put a password
(02:38):
in.
So this episode is purely goingto be to give you a few tips,
both the novice internet usersand the more experienced
internet users, or just techusers in general.
So there's something foreverybody just to keep in the
back of your mind as you gothrough your day to day
operations, because we spent alot of time on the internet and
a lot of that time we could beunknowingly making ourselves
(03:02):
more vulnerable.
So let's get started with thetips, and the first one is
really basic but no one everreally does it and that is use
strong and unique passwords.
I feel like passwords get a lotmore complaints than they
deserve.
Passwords are literally yourlike number one first line of
(03:26):
defense against people trying toget into your computer, your
accounts for software, yourbanks.
Passwords are there first andforemost to stop that, and it's
their first line of defense.
And so many people use weakpasswords like admin or password
one, two, three, four or theirbirthday, date of birth easily
(03:46):
guessable things, and this mightcome as a surprise to some of
you maybe not a surprise to alot of you.
There are lists upon lists ofcollected passwords that are the
most commonly used, billions,millions of lines long that
password cracking tools can scanand automatically try on
(04:06):
different login portals to seeif you have decided to use a
weak password.
So never use stuff likepassword 1234 or word pass 1234.
Hackers are a lot smarter thanthat.
Same thing with colors, use amix of letters, numbers and
symbols and, again, avoidcommonly used words and easily
guessable information.
(04:26):
Your birthday might seem secure, but that stuff can be guessed
too.
And for you?
More experienced people use apassword manager to generate and
store complex passwords, and Ipersonally highly recommend
Proton services.
They're free, but they're alsovery affordable and their proton
password vault is really good.
(04:48):
And in an age where passwordpassword vaults seem to be
getting compromised, proton hasyet to have an issue, and we
talk about this with knife fire,but proton, specifically d or
encrypts the information in away that they can't even decrypt
it themselves.
So if they were to get breached, there's no way for those
people to get into your stuffand look at it, because even
(05:10):
Proton can't see what you'redoing.
Highly recommend their services.
They have a VPN and an emailservice really good stuff and
also make sure to enabletwo-factor authentication
wherever you can.
That stuff is pretty helpful.
It can be annoying, but it'sdeciding of annoying or
protection.
You want to kind of swaytowards protection.
(05:31):
Next, you're going to want totry to keep your software
updated as much as you can I begyou everyone begs you when
Windows has that pop-up thatsays update now and get the
latest update, as annoying as itcould be, depending on what
time it hits, you just do it.
Don't say I'll do it later,because then later will come.
We've all been there, trust me.
(05:52):
Don't say you don't do thiswhen later comes and that pop-up
comes back up, you postpone itagain.
Those Windows updates are thereto protect you.
A lot of them have importantsecurity updates that patch
critical vulnerabilities and,depending on how critical, you
always want to make sure you'reon the latest version.
Literally the number one stepin the hacking process is info
(06:16):
gathering, which is when ahacker would scan their targeted
machine, see what versions ofsoftware they're running, check
online to see if those versionshave vulnerabilities, software
they're running.
Check online to see if thoseversions have vulnerabilities
and, if they do, exploit them toget onto the machine.
That's literally step numberone.
These updates are there to stoppeople from doing that.
The more you update, the lessoptions people have to attack
(06:40):
you, and it's a rule of thumbfor nearly everything cyber
related Just be aware andwilling to learn.
So just stay up to date, if youcan, about what the most recent
vulnerabilities are and what itaffects.
And if you are in that group ofpeople, make sure you have the
most recent update.
If there's a patch that fixedit, you never want to be behind.
It's always worth to update.
(07:01):
And the tips again I do thisnovices first, then for more
experienced Enable automaticupdates on all devices and
applications and regularly checkfor updates.
If automatic updates aren'tavailable, windows nice it does
that for you.
And for the more advancedunderstand the types of
vulnerabilities addressed in theupdates and use tools like a
(07:22):
WSUS offline update to manageupdates in complex environments.
And that is just a softwarethat allows you to kind of work
in the Microsoft Suite offline.
The next tip I got for you is bewary and understand common
phishing scams.
And when I say phishing, Idon't mean going out to a lake
with a fishing pole and tryingto catch the biggest one in the
(07:45):
lake.
What I mean they sound the same, but they're spelled
differently and they have twodifferent meanings.
Fishing in this sense we'retalking about here in cyber is
the act of sending out a mass offraudulent emails to get people
to interact with it and clickon a link to go to either a
malicious website and download afile which will then compromise
(08:06):
your machine and allow them toblackmail you, would do whatever
they want.
Phishing is like throwing a netin a digital environment and
seeing how many fishes akaemails of people you can get.
Phishing is most common ifyou're in a business ecosystem
with large networks and a lot ofdifferent machines connected,
(08:26):
because that allows attackers toblackmail for information or
skill vertically if they get inone place.
So phishing is more common ifyou're working in a company, if
you're kind of a solo person,everybody gets spam.
Spam is common, is like phishing, because you know they're very
hostile emails.
So for you novices and I don'tmean that in a mean way, it's
(08:50):
just the way I wrote it down onmy notes don't take out
pitchforks and come at me.
Don't click on links ordownload attachments from
unknown senders.
You always want to make sureyou're interacting with emails
from people you know and if it'sfrom a business or something,
make sure you've done businesswith them in the past, because
you're not really likely to getrandom emails from YouTube
unless you are on YouTube.
(09:10):
Same thing goes for Bed, bathand Body Works and all those
other businesses.
You're likely not to getpromotional emails from them
unless you agree to something.
So if you start getting emailslike that, just make sure you
trust it and then verify thesender's email address and be
cautious of urgent or alarmingmessages.
No, your son is not arrested ina foreign country.
No, some prince from Ugandadoesn't love you and doesn't
(09:34):
want to send you money.
Just, that's always a scam andit's so common it hurts.
And for the more experienced,use email filtering tools and
anti-phishing software.
Following that, try to usesecure networks when you need to
, and by secure networks I meanthings like VPNs.
(09:54):
If you're working at home andyou want to do something more
private maybe you're working onsomething at work that is kind
of sensitive you can always goonto a VPN and obscure your IP,
so it makes it look like you'recoming from somewhere else and
it just generally provides youbetter browsing protection.
And also when you're out inpublic and I know this firsthand
(10:17):
I never connect to public likeutility hotspots or internets,
because they're not safe.
Like you go to the cafe, youconnect to the cafe's internet
and this isn't flame to thepeople who set it up, but most
times those networks are set upin a rush in order to provide
free internet, which is in someplaces required by law, and
these areas are the biggesttargets for mitm attacks or man
(10:42):
in the middle attacks and wewon't get into that here because
it's kind of a advanced andcomplex topic, but think of it
like a hacker sitting in betweenyou and your traffic, posing as
something else to get you tosend your information to them
instead of your targetdestination, so on and so forth.
It's a lot deeper than that,but these areas are really easy
(11:03):
to do that, and in an officespace too.
Again, as much as I want to talkabout it, I'm not going to
because it could be a two hourepisode on explaining how that
works.
But just always avoidconnecting to public and free
Wi-Fi unless you're in an areathat's been vetted and you know
has secure Internet and networks.
(11:24):
Usually just use a VPN in thosesituations and again, I highly
recommend Proton's VPN.
There's a desktop app and amobile app, so if you're out
there in public you can switchit on and it's a little bit
better.
And then just avoid accessingsensitive information over
public Wi-Fi.
So if you have to connect to it, like if you're on a campus or
(11:45):
something, just try not to doanything sensitive and if you do
, just go on your data, yourdata will be a little bit more
secure.
Use a VPN, like I said, andconnect when connecting to those
networks and, for the moreadvanced, understand the types
of attacks that can occur overpublic wi-fi again, man in the
middle attacks.
Implement and configure vpnsproperly to ensure maximum
(12:08):
security, like kill fit, a killswitch features in Proton and
server hopping as well to kindof make it harder and keeps you
a little bit more secure.
Might increase the latency alittle bit, but you know again,
safer, sometimes better.
This next one is kind of extra.
This is if you really like tolearn and you're hungry to kind
(12:28):
of understand how a lot of thisstuff works, and that is,
understand the importance ofencryption, and encryption
basically is just taking thingsthat are readable like most
people say, plain text andturning plain text, which is
human readable, and make it notreadable and make it encrypted
(12:51):
oh, fancy word, right, you cansay that in any conversation and
make you sound a lot smarter.
I'm not suggesting you go outthere and buy a textbook and
read about things like thedifferent encryption methods,
such as RSA, md5, and hashing,but it's worth it if you're
interested in that and it'spretty cool.
But even if you encrypt yourstuff, that doesn't mean you're
(13:15):
completely protected.
There is a catchphrase in cyberthat I really like, that a lot
of professionals use and a lotof people in the space use, and
that is it's not if you're goingto get hacked, and some people
say popped, it's when you'regoing to get hacked.
So even if you encrypt yourstuff, there are tools I've used
them in my studies that canallow encrypted information to
be decrypted if it's encryptedpoorly.
(13:36):
One of these popular tools arecalled Jack the Ripper and that
can decrypt things if thesituation is correct.
But again, these thingsencrypting your stuff most
things do that for youautomatically, like mail servers
and communications.
Your stuff is usually encryptedbefore you send it.
Therefore, you automaticallymail servers and communications.
Your stuff is usually encryptedbefore you send it.
(13:57):
And if you want some moreinformation on that process,
feel free to read the blog thatthis is based off of on my
website, again,the-world-buildercom.
I have a list there.
It's a little biased, but I hada fun time writing that one.
And for the tips use encryptedmessaging apps like Signal and
WhatsApp and then ensurewebsites you visit, use HTTPS.
If a website uses HTTP, run asfast as you can, it's not safe.
(14:19):
Https is Hyper Text TransportProtocol.
I'm not Googling that at themoment, so if I got it right,
awesome, that means I remembered.
If I got it wrong, I'm sorry.
And then HTTPS is the samething, but kind of is secure I
believe that's what the s is issecure or something like that.
So most websites use it becausehttps is standard.
(14:42):
If they don't have it, it'ssuspicious.
And for the more experienced,implement encryption on personal
and professional devices.
And then this is where you kindof want to learn the different
types of encryption.
If you're already into thisstuff, it's not that far of a
leap to kind of leaning intothat.
The best thing you can do iskeep learning, as I keep saying.
The next tip is veryself-explanatory, but it isn't
(15:05):
done enough and bears mention,and that is just practice.
Safe browsing habits.
We spend so much of our timebrowsing online that we may
think we're doing everything wecan to be safe and we're not
doing anything risky, but we'veall fallen for the lure of
attempting off for online thatcould have been hostile.
A lot of these are like oh,free V-Bucks or get this game,
(15:28):
cheap discount codes from weirdwebsites, and so on and so forth
.
If something seems too good tobe true, nine times out of ten
it is, and it sucks to admit it,but it's likely not real.
And even recently a personalstory from my end I was working
on a family member's computer,trying to factory reset it
(15:48):
because it's never been factoryresetted and it was swarming
with viruses.
And I actually went onto aMicrosoft website that looked
real and took down a phonenumber for my grandmother to
call and it wasn't a real phonenumber and that was a whole
ordeal.
So even official Microsoftwebsites could be cloned and
(16:09):
faked.
So when you're browsing online,always read the URL, make sure
it looks legit, again make sureyou're on HTTPS, so on and so
forth.
The biggest thing is misspelledURLs like Facebook or something
as simple as that, becauseagain, malicious actors will
prey on the people who do notunderstand the things, and a lot
(16:31):
of people who aren'texperienced or really don't care
will never really read the URLthat they're on.
They'll just assume it's fine.
So always check that out if youcan.
And again for the tips, avoidclicking on pop-ups and
suspicious links, use a securebrowser and adjust privacy
settings and, for the moreadvanced, regularly clear
cookies and cache to maintainprivacy.
(16:52):
Finally, the last tip I got foryou I've already mentioned
throughout this episode, andthat is educate yourself
continuously.
Continuously learning andadvancing your understanding of
internet safety and cybersecurity is one thing that is
entirely within your control.
You can choose to learn and beaware, or you can ignore
(17:13):
everything and take your chances, and that is a normal thing to
do.
When, if you end up doingsomething bad and it does happen
it's easy to blame externalfactors.
It's a normal human reaction.
But there are countlessresources available to educate
yourself, many of which are free.
The best thing you can do iskeep learning and never be
(17:33):
satisfied, and when somethingbad happens, just take it as an
opportunity to be like okay, howdid that happen?
How can I learn more about it?
What can I do in the future tomake sure my security posture is
stronger so that it doesn'thappen again?
How can I not fall for a scamnext time?
So on and so forth.
Just ask yourself thosequestions and pursue knowledge
(17:55):
relentlessly.
And, given how much the digitallandscape morphs and advances,
staying informed is an ongoingeffort, but it's worth it If you
can stop a lot of theseproblems from happening in the
first place.
You'll save thousands ofdollars and a lot of headaches.
And here are the tips Fornovices follow trusted sources
for security news and updatesand take online courses or watch
(18:17):
videos on basic internetsecurity.
I recommend Black Hills Internetor Black Hills Cybersecurity
something that's been a whilesince I listened, but they're
very approachable.
Cybersecurity Powerhouse andtheir podcast is entertaining
and informational.
And, for the more advanced,participate in forums and
communities focused oncybersecurity.
Attend webinars and conferencesto stay updated on latest
(18:40):
threats and solutions, andthere's constantly a bunch of
different conferences going on.
I almost went to a few of them,but you can find websites out
there that just lists a lot ofthe ones that are going on and
just attend them if you can.
That's pretty much all of thetips I got for basic internet
security.
I hope you found them helpful.
I hope you learned somethingnew and I hope, if you're an
advanced user, I hope the tipsthat were tailored towards you
(19:02):
maybe helps you learn somethingnew as well.
That'd be pretty dope, but ifyou like this type of stuff and
you want to see more from me,feel free to head over to
ko-ficom, slash worldbuilder andsubscribe for $5.
I'm working on some extra perks, but it gives you a shout out.
Any little bit helps me keepdoing this as a side hobby and I
(19:25):
love doing it, no matter what.
It's fun to talk into themicrophone and just be a little
bit educational for once.
So thank you again and I'll seeyou in the next one.
Be safe out there.
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Therapy Gecko
An unlicensed lizard psychologist travels the universe talking to strangers about absolutely nothing. TO CALL THE GECKO: follow me on https://www.twitch.tv/lyleforever to get a notification for when I am taking calls. I am usually live Mondays, Wednesdays, and Fridays but lately a lot of other times too. I am a gecko.