Unlock the secrets of keeping your family safe in the digital world with insights from our guest, Craig Clarke, a cybersecurity expert passionate about bridging technology and parenting. As children spend more time online for school and play, understanding cybersecurity beyond antivirus software is crucial. Craig shares practical advice for aligning school and home safety practices, from reviewing school cybersecurity policies to choosing secure devices like Chromebooks for their robust safety features and cloud-based efficiency.
Explore the nuances of password management and technology awareness with us. Craig highlights the differences between popular communication platforms like Microsoft Teams, Zoom, and Google Meet, emphasizing the user-friendly nature of Chromebooks, especially for the less tech-savvy. Discover the power of dedicated password managers like LastPass and Bitwarden in protecting against identity theft and cyber threats, while we caution against the pitfalls of relying on built-in web browser password managers on shared devices.
Empower yourself with strategies for enhancing your child's online safety through education and privacy management. Learn the importance of two-factor authentication, the risks associated with phishing, and how to maintain tech-free zones to protect personal privacy. Craig offers guidance on engaging with schools about cybersecurity policies and teaching children responsible technology use, ensuring they grow up to be savvy, informed digital citizens.
Useful links:
https://www.cyber.gov.au/learn-basics
https://www.choice.com.au/consumers-and-data
https://www.grc.com/securitynow.htm
https://www.grc.com/haystack.htm
https://foundation.mozilla.org/en/privacynotincluded/
https://en.wikipedia.org/wiki/Computer_security
danabaltutis.com, mytherapyhouse.com.au, https://mytherapyhouse.com.au/your-childs-therapy-journey/ https://www.danabaltutis.com/services
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:01):
Craig Clark, welcome to the Empowered Parent Podcast.
I thought it would be timely totalk to you because I know that
you are passionate aboutcybersecurity.
You are also the informationtechnology guru go-to person,
everything for my therapy house,and you are constantly
(00:24):
reminding myself and my staffabout the information technology
security.
So today I wanted to have youon the show to talk a little bit
about information technologysecurity, cyber security and how
parents can support theirchildren through that and
(00:47):
themselves.
So first of all, welcome, andI'm glad you could join us today
.
Speaker 2 (00:53):
Oh, thanks, it's great to be here.
Speaker 1 (00:56):
And Craig, what inspired you, or what motivates
you to be so into cyber security?
Speaker 2 (01:07):
That's where the world's going.
It's a large part of life and Ican only see it getting more
important over time and beingmore of a part of life and part
of the interactions andhistorically, if you look back
on it, it has been the case.
Speaker 1 (01:30):
And what about have you?
Do you study security, or is ityour hobby, or how did you get
into it?
Speaker 2 (01:39):
So I got into it simply by listening to a podcast
which I've been listening to, apodcast which I've been
listening to for many years now,and I found that it was just
very interesting what they weretalking about not so much as
which antivirus is better thanthe other one or that sort of
(02:00):
thing, it was more about thereasoning behind, so you could
learn the reasoning behind theinformation provided and then
you could apply that to newsituations, which I think was
very interesting, informativeand useful.
Speaker 1 (02:15):
So when you said the virus, what does that mean?
Like, what were you sayingabout that?
Which virus?
Antivirus software whichantivirus software is better
than the other.
It's more about understandingwhy use antivirus software.
Is that right?
Speaker 2 (02:30):
Yes, okay, and minimising that risk of having a
viral infection, yep yep.
Speaker 1 (02:35):
Okay, let's talk about antiviral software.
I'll be interested to talkabout that later, but let's
start with the big question.
But let's start with the bigquestion.
Why would cyber safety be sucha big concern for parents as
kids head back to school thisyear, especially with so much
(02:56):
learning happening online?
Speaker 2 (03:01):
And what should parents be aware of?
So I think that part of that'sgoing on is that it will
possibly be the first time theirchildren be introduced to cyber
security, and hopefully theywill have a very good
introduction to it.
But the schools may be doing aminimal job or not get much of a
(03:22):
chance to take that informationand provide it in a format that
every child understands, and Ithink it's one of those very,
very important lessons that thechild needs to understand
because it's going to impacttheir whole life.
Speaker 1 (03:36):
Do you think that it would be worthwhile for parents
to ask for the school's cybersecurity policy to have a look
at that?
Speaker 2 (03:46):
Policy would certainly be a good start.
What they're recommending, whatthey're doing, and they should
also be able to provide a formatfor the parents to look at,
read, understand and see howthat educates them.
Speaker 1 (04:00):
Because then they can educate their child right and
they can have the same languageas well as maybe use similar
strategies at home.
Speaker 2 (04:08):
Yeah, well, it might not be the same language, it
might be use your differentnative language, it might be use
more pictures rather than words, or it might be other ways, but
it's the same lesson beingtaught at school and at home.
Speaker 1 (04:25):
And I know that at my , my therapy house, we now use
chromebooks and, um, this wassomething you introduced me to
many years ago when they firstcame out.
Um, what?
Why are schools usingchromebooks now, and what is the
benefit of a Chromebook overjust a regular?
(04:49):
They're called PCs, are they?
Speaker 2 (04:51):
Laptops yeah, regular laptops.
So basically there's threetypes of laptops.
You can buy Windows, which isthe Microsoft Windows.
That's probably the biggestlaptop provider or operating
system on the laptops.
The next one will be the Appleand after that you will get the
things like Linux andChromebooks.
(05:13):
But if you go down to many ofthe local hardware IT stores,
they will have Windows computersand they'll have some
Chromebooks there.
What I really like about theChromebooks is they're small,
they're light, they don'tproduce a whole lot of heat,
(05:36):
they're economical because theyare basically a cloud-based
environment.
So the intent is that, insteadof having that problem of, oh,
I've downloaded all my files,now what do I do with it?
It's well, just log into a newChromebook, it's all there,
don't worry about it.
Speaker 1 (05:53):
So you minimize that risk?
Do Chromebooks need anantiviral software?
Speaker 2 (05:57):
No, no, they don't, and that's just.
One of the great things aboutthe Chromebooks is they are
extremely secure, extremely safe, and that's part of the reason
why schools, education andbusinesses use them is they are
fast to learn and use Forenterprises and schools.
(06:19):
You can control what the userscan have access to and what they
can download or use, et cetera.
So it's just a nice systemwhich is not that complex or
challenging as what it would befor, you know, a Windows-type
computer.
Speaker 1 (06:39):
And I know with Chromebooks what I really like
about them.
They've got a drive, their owndrive, and you can share files
with other people.
But then you can revoke theshare.
Right, you can take it back.
Or they can just be a viewer orthey can be an editor.
Is that right?
Speaker 2 (06:57):
Yeah, so when you're talking about the drive, that's
the Google Drive in the cloud,and when you share something via
that system, then it'sbasically in the cloud and
anyone can access it at any timeif they've been given prior
access.
So it might be a case of youcan create a file which anyone
can access and they only needthe file name or location, as it
(07:24):
were, and with that they canaccess it.
But you might have restrictedit so they can only view it.
Speaker 1 (07:32):
They can't edit it and can they download it?
Speaker 2 (07:34):
You can turn that on or off as well.
Speaker 1 (07:36):
Okay, great, so you don't yeah.
So that's pretty safe, isn't it?
Speaker 2 (07:40):
It's very safe.
It's very much one of thoseways of controlling who has
access to information or cancontrol it, and it's also for
when you have an employee andthey're no longer an employee
for whatever reason.
You can then just removeaccesses, and it's just very
quick and easy rather thantrying to go behind the scenes
(08:02):
and clean up issues with, youknow, attached storage and stuff
like that.
It's just so much quicker andeasier.
Speaker 1 (08:11):
What about some parents?
Listening will be Applehouseholds and obviously because
Apple's got a lot of great appsand everything for kids.
Apple's got a lot of great appsand everything for kids.
Is it easy to transferknowledge from an Apple to an
Android, like Android?
Speaker 2 (08:35):
being Chromebooks Windows, so it's very easy to
transfer, even to using aChromebook.
Basically, it's a Googleproduct, so all the information
is available via Google.
There's lots of informationvideos about it.
It's very well supported.
They're basically being basedaround a search engine.
If you want information, youcan just search for it.
(08:57):
Even down in settings you justsearch for a setting and it
comes up.
There's none of this having toremember the particular boy of
going through I went to here andthen I went to C and then it
was F and then to D of gettingto somewhere which is very, very
hard to recall, especially sixmonths later when you have to do
it again or when you suddenlyrealise that what I did six
(09:19):
months ago is no longerappropriate for today.
I've got to undo it.
How do I do?
It's just so much easier andquicker.
Speaker 1 (09:25):
So let's talk about security.
Some people really, you knowthink that Apple is the most
secure system.
What would you say to that?
Speaker 2 (09:39):
I wouldn't say it's the most secure system To be the
most secure system.
Turn it off If it's switchedoff.
Speaker 1 (09:50):
it's secure, yeah, right.
Speaker 2 (09:52):
Yeah, you know there is a risk with anything
connected, but the Chromebooksare extremely well designed and
designed from the very beginningof their life, which was to be
secure, and that's put into itall the way through, and that's
(10:13):
why using them for a business isso much easier.
I don't have to get a Windowscomputer, install all the
software, create the accountsfor someone and then, hand it
over to them.
I'll just give them theChromebook straight out in the
box still, and they can open itlike it's their Christmas
present and log in and straightaway they've got access to
(10:35):
everything that they should haveaccess to.
That's part of the business.
We give them access.
Speaker 1 (10:40):
I know that quite a few government systems use Teams
.
Speaker 2 (10:45):
Microsoft Teams yeah.
Speaker 1 (10:46):
Have you heard of Teams?
Speaker 2 (10:47):
Yes.
Speaker 1 (10:48):
And how is that different to like, let's say,
zoom or Google Meet or somethinglike that?
Speaker 2 (10:57):
So Google has Google Meet and Google Chat and they're
basically the same sort ofsystems.
It's just a different ecosystem.
Speaker 1 (11:04):
And that's Microsoft, isn't it?
That's on a Windows computer.
Speaker 2 (11:08):
Microsoft Teams.
Speaker 1 (11:09):
Yes, yes, yes, so you can't really do it on a
Chromebook, is that right?
Speaker 2 (11:16):
I reckon you probably could do it on a Chromebook.
If you needed to have MicrosoftTeams, you could probably
download and install that.
Speaker 1 (11:21):
Yeah.
And many of the things that youcan use with a Chromebook is
just.
If you can use it on yourChrome web browser on Windows or
Apple and you find that works,then you can do the same with a
Chromebook, and I think with theChromebook you don't need to
pay, do you Like?
For I know I've done all myvideos via Google Meet and
(11:46):
that's just part of myChromebook, so I don't have to
pay for it, right?
Speaker 2 (11:52):
No, you just get your Gmail account and that's it.
You just log in with that.
Yeah, it's all there.
You don't need to pay extra forantivirus.
That's all built in from thestart and it's just a nice
ecosystem that's friendly towork with.
The other things which I findis that people I find that are
(12:14):
finding Windows challenging ordifficult.
When you give them theChromebook and say, here, have a
look at this, try that theyfind it a much faster system to
use, even though it's much lowerin the hardware specifications.
It's just much quicker for themto switch on.
Speaker 1 (12:31):
And you've done that a lot, haven't you?
You've really counselled peoplearound what technology would
work best for them.
Speaker 2 (12:39):
It certainly works best for those people who don't
have a passion for technology.
It updates itself in thebackground.
You don't have to sit therewaiting and waiting while
windows does its updates andthings like that, and that's
just one of those things thatpeople seem to really enjoy is
just I open up the laptop and itjust switches on straight away
and I'll log in and it's done.
Speaker 1 (13:01):
There's no waiting for this or that yes, I, I know
that's one of my things.
I'm not that patient when thelaptop starts.
Craig, let's talk one of yourpassions passwords.
So when I first met you, I hada little book and I had all my
(13:21):
passwords in it, or I was usingthe same password over and over
again.
Okay, what do you say to that?
Speaker 2 (13:31):
That is just inviting the criminals to take over not
just that account but all ofyour accounts and, in effect,
your identity on the internet.
And that identity on theinternet is not just on the
internet.
It starts encroaching on yourlife in real life.
Speaker 1 (13:51):
Yeah, validations and checks and everything All of
that.
Speaker 2 (13:55):
Before you know it, you're going to have a lot of
problems with you know, provingthat you weren't the one who
borrowed this.
Stole that, whatever, becauseyour identity has been stolen.
Speaker 1 (14:06):
And I see it a lot Like people will say, oh, my
profile has been stolen, orplease don't respond because
someone's my profile has beenstolen, or please don't respond
because, someone's taken myprofile, so what do you use to
keep your password safe?
Speaker 2 (14:23):
So I always use and recommend a password manager.
Speaker 1 (14:27):
What's that?
Speaker 2 (14:28):
So that's your diary, but in a cloud version of it.
Um, so basically it means thatby being in the cloud, when I
log into, a different devicewill be my phone or my
chromebook or the computer atwork I've got access to all of
my passwords to access that sitethat I need to get to Now.
(14:53):
One of the other benefits of itis being cloud-based.
It keeps it up to date, so if Iupdate it on one device, it
automatically updates foreverything everywhere.
Speaker 1 (15:03):
And do you need to have?
How do you get into it?
Like, do you need to remember apassword?
Like, you still need toremember a password, right?
Speaker 2 (15:10):
Yes, you'll still need a password, like you still
need to remember a password,right?
Yes, you'll still need apassword.
So, basically, that's why theycome with the idea of one
password or last password beinglast password you'll need to
remember.
It's all based around thatsimple idea of you can only
really remember one password,because if you start looking at
(15:31):
how many websites you've got orinteracted with over time, I
think we've got well over 300.
How can I possibly remember 300different passwords, which are
all gobbledygook?
It's just.
Speaker 1 (15:45):
So you mentioned LastPass.
There's also Bitwarden.
What other password managersare there?
Speaker 2 (15:53):
The web browsers have them built in.
I'll be a little reluctant touse the built-in web browsers.
Speaker 1 (15:59):
Yeah, I've seen them pop up.
Speaker 2 (16:02):
Especially if it's a device you're sharing or people
are sharing that access to thatweb browser.
That's extremely dangerous.
Speaker 1 (16:11):
Or someone could steal your device right.
Speaker 2 (16:14):
Exactly, and that's the problem.
If you have very lax securityfor the device and they can get
into that web browser, that's it, they've got everything.
And that's where the thingslike LastPass, bitwarden, et
cetera they all are enabling thebrowsers.
They're a little browserplug-in which enables you to
(16:38):
automatically log into a website, so for example, if.
I want to log into the bank'swebsite.
I can go into my passwordmanager and type in the bank
name and it'll pop up with thelittle icon for it.
I click on that and then itjust goes into.
That, opens the tab, opens itup, logs it all in for me and
(17:02):
that is it.
It's done.
The great thing about this isthat if someone tries to send me
a spam email which says youneed to log in and verify this
account transaction, or even ifI'm unfortunate enough to have
clicked on the link, my passwordmanager will know that's the
(17:24):
wrong link or never log in.
So it's a beaut way ofpreventing those fake spam URLs
which look very similar to theoriginal.
Speaker 1 (17:41):
And URL.
Is the link right yeah?
Speaker 2 (17:44):
so those links, and quite often they will make it
deliberately look like it, orthey'll make a typing mistake
and create an exact duplicate ofthe original website you are
trying to log into.
For example eBay or PayPal orsomething like that, and you
know.
You just type your username andpassword in and you've already
(18:07):
given your details over to thecriminals?
Speaker 1 (18:09):
Part of your identity ?
Yeah, your details over to thecriminals?
Part of your identity?
Yeah, so, um, what you know?
People have passwords withtheir name and zero one at the
end.
What is a safe password?
And what you know?
I know that people talk aboutthe goobity gobbity.
You know alphabet passwordswith a lot of zeros, and this
(18:29):
and that and the other.
Um, is that why passwordmanagers are good, because they
generate them, or how does itwork?
Speaker 2 (18:36):
Password managers are great because they generate
those long, strong passwords.
So the longer the password, thestronger the passwords.
By having a lot of differentthings in the password Like what
?
All the whole load of numbersand letters which mean nothing
(19:00):
to anyone, it means if someonedoes look at you or look at that
password at some stage, it'simpossible for them to remember
it so it makes it hard foranyone to see it and then access
it, etc.
Um, it also means that you'renot going to use a simple
password or one which is goingto be in a dictionary attack,
(19:22):
and it's you know the criminalshave tried everything these days
and they have access tobillions of passwords that have
been used, with email addressesor account name and password,
and they'll just run themthrough everything until they
get access, and you know that'show they do it.
(19:45):
So to get a strong password, youcan either use your password
manager, but you probably needone to log in so to create your
first or the useful password.
Just remember, longer isstronger.
So you know, use four words andsymbols, a couple of symbols,
(20:06):
and you can use symbols ornumbers, something like that, as
padding.
So you might want to putpadding of being six zeros at
the beginning and then six zerosat the end, and as long as no
one knows that you're using sixzeros as your password or
padding, then it's probably okayand you might decide.
(20:27):
Well, actually I want to doextra strength, I want to do a
beginning and the middle, and ifyou need to write something
down, you can write down yourpassword, but you leave out your
padding and all of a sudden,now you've got it written down
in your wallet or your purse,but no one will be able to
access it, even when they havethat piece of paper because,
(20:48):
they won't have that little bitof padding, and where that
padding goes, so what about withfamilies, like if kids need
passwords, and how would thatwork with a password manager?
So, ideally, you know, train thechildren on using password
(21:13):
managers, you know, and creatingthat unique, one password to
get into their system, intotheir password manager, if they
need access to something elsewhich is a shared thing, for
example, it might be youraccount at the library or
(21:33):
something like that the libraryor disney channel or youtube or
something yeah, for those sortsof things you wish to share,
then you can actually do sharingwith password managers.
and again, this is a systemdesigned to manage passwords, so
I could share a password withyou, for example, but I could
(21:56):
ensure that you can neveractually see the password, but
you could always use it and thenI can revoke it and I don't
have to do anything other thanlog in and go revoke and that's
it.
Speaker 1 (22:05):
So that puts in that extra safety where if a child
has, say, mum or dad's passwordand then they want to share it
with their friend, they can'tbecause they don't really know
the password.
Right, they don't know thepassword, but they can use it.
Speaker 2 (22:18):
They can't change the password as well.
So it just makes life muchbetter.
And it's an easy solution whereyou know I could say, well,
look, you can go into.
You know the bank and you knowI could say, well, look, you can
go into.
You know the bank and you know,get that transaction done today
.
I'll give you 24 hours to do it.
I'll give you access for thenext 24 hours.
It'll just automatically revokeafter 24 hours.
(22:42):
You know it's a great system.
Speaker 1 (22:44):
And let's talk about two-factor authentication.
What is it and is it important?
Speaker 2 (22:52):
Two-factor or multi-factor.
So two-factor is something likea password, something you know
and something you have.
So that might be your one-timetoken, which is time-based,
which is those six digits thatkeep rolling around.
That's become very popularsimply because you just need a
(23:17):
little app on your phone.
Speaker 1 (23:19):
That's an authenticator app, isn't it?
Yeah?
Speaker 2 (23:23):
They're pretty much all the same.
They all run on a standardsystem, so it's really quick and
easy, as long as you can typein six digits.
It changes every 30 seconds.
Speaker 1 (23:33):
So basically you put in your password from, say, the
password manager, and then itsays authenticate yourself as
well.
So then you can use yourauthenticator app or security
questions or anything like that.
Speaker 2 (23:48):
I would not use security questions.
It's not as safe.
Speaker 1 (23:51):
Right.
Speaker 2 (23:51):
Because security questions are usually like what
was your mum's birth?
Yeah, Maiden name.
Speaker 1 (23:56):
What's your dog's name?
Dog's name when did you live?
Yeah, what?
Speaker 2 (24:00):
school did you go to?
What was your first car?
All those questions and socialengineering et cetera, or, a
good stalker would certainlywork that stuff out over time.
Yeah right.
So definitely don't do that.
You must use your multi-factorauthentication system.
Speaker 1 (24:16):
Good point.
So how can parents monitortheir child's online activity
without invading their privacyor creating unnecessary fear
around technology?
Speaker 2 (24:32):
How do you create that?
That's an interesting question,because if you're monitoring,
then to a degree it is aninvasion of privacy, but for
certainly it's.
The internet has.
Speaker 1 (24:47):
It's safety, isn't it really?
You're doing it for safety, Isthat right?
Speaker 2 (24:52):
For safety of the child, because they're not
mentally developed and there'sthings which are on the internet
which are not age appropriate.
There's certainly stuff whichis adult and certainly you don't
want to be going to those sites.
Speaker 1 (25:09):
And I mean you've got parental controls.
But I guess the thing would belike the problem-solving skills
Kids may not, you know, yet becognitively equipped to realise
oh, that's a spam or that's aphishing or, yeah, phishing.
Speaker 2 (25:25):
They might understand the phishing, they might
understand the sarcasm.
They might not understand thewhole bullying and harassment
type of stuff that can go on anddoes happen.
It's just it can be the cesspitof society and quite often is,
(25:47):
and that's why, even thoughyou're an adult, there are some
sites you just choose never,ever to go to.
Even though you're an adult,there are some sites you just
choose never ever to go to.
Certainly those are anythingthat's offering, you know, paid
software for free, or you knowI've got the crack code for it.
Download it here, or I'vebroken it here.
Download and install.
That's all stuff you do notwant to do, because you're
(26:10):
basically installing somethingthat a criminal has created and
they want to take over yourcomputer, your identity.
Speaker 1 (26:20):
So I guess, like one of the things that I've been
thinking about is setting thefoundation early, letting
children know what the internetis, that it's a shared space,
there are all different peopleon there, and that parents just
need to support them in havingyou know, knowing what to who to
(26:41):
interact with.
I guess.
Speaker 2 (26:46):
I think it has to be education first and foremost
because if you try to usesystems and technology to manage
or micromanage them, they willbe going to school and then
working out with their friendsor family, et cetera, or wider
family, how to get past thosethings.
Speaker 1 (27:07):
And there certainly is DNS resolvers, which will
block access to sites which arenot age appropriate and, I guess
, talking to kids openly whatthey like on the internet, what
they've found, that would bereally important as well.
(27:27):
As you know setting content andfilters content like setting
the filters with time limits.
You know setting content andcontent like setting the filters
with time limits, you know.
So children don't feel likethey're being interrogated and
micromanaged the whole time.
Speaker 2 (27:43):
Yeah, yes, yeah, so you'd have to time limit your
own time watching them, etcetera.
Speaker 1 (27:49):
Yeah.
Speaker 2 (27:50):
And it might be doing it well in the kitchen, but
they're in the lounge room, sothey're at a distance, so you're
not, you know, standing overtheir shoulder watching
everything they do.
But in some respects this iswhat's happening in society as
we speak.
Is there, is that going on foreach and every one of us by the
(28:13):
various systems we use there?
Pretty much is no privacy insociety anymore with the way
that Facebook, for example, haslittle images and things on
every website to track you andso they can then sell your
information to advertisers.
Speaker 1 (28:31):
And I know myself like we laugh at work because we
talk about something and thenall of a sudden there's
something coming through.
It's like are they listening tous?
Speaker 2 (28:41):
Oh, exactly, yeah, you talk about.
For example, I talk about chubsecurity at work and then all of
a sudden I start getting allthe chub security stuff on my
phone.
It's just like it knows.
Speaker 1 (28:53):
Yeah, it's listening.
Speaker 2 (28:54):
And that's just talking around the phone, yeah.
And that's just a phone.
Speaker 1 (28:59):
So it's better just sometimes to switch your phone
off and put it away if you don'twant that to happen.
Would that be right?
And having tech-free times,tech-free zones.
Speaker 2 (29:11):
If you really want privacy, then go nude in the
middle of a field.
Otherwise it's too hard.
You cannot do it becausethere's technology embedded in
so much stuff and it's soimpossible to prevent people
from listening in.
It really is on hot under theblanket at the same time, so
(29:34):
that people can't watch you andread your lips.
It's just.
Privacy is gone, unfortunately,and the government wants to be
able to read all the metadata,so they want to know where
you've been, what you've done.
Speaker 1 (29:48):
And so this is the way parents can also monitor
what apps kids are on right,because there's a lot of apps
and then they download and it'ssubscription only and all of a
sudden they're actually payingfor things.
Because I've seen that happenas well with parents that kids
all of a sudden are like buyingthings from their.
Speaker 2 (30:11):
All of a sudden are like buying things from their
like, say, from the iTunes storeor, you know, google App Store,
yeah, so any time the child'sgot that ability to pay for it,
then that's a real concern,unless they have demonstrated
that ability to appreciate thepower they have and that trust
(30:38):
as well.
But just on apps in general,every six months you should have
a look at what apps areinstalled on your computer, what
apps or browser helpers areinstalled on your browser, and
any that you don't use you needto remove, because all of them
will slowly but surely decreasesecurity on your device by
(31:01):
providing a bigger surface area.
Speaker 1 (31:03):
Hey, which reminds me , let's talk about keeping your
computer plugged in electricity,like, is it true that the
battery can run out reallyquickly and does it go down and
down and down if you don't putelectricity into your computer
or device?
Speaker 2 (31:23):
So yeah, the laptops all have batteries in it.
To me, you know, keep itplugged in if you can, because
it's basically, it has a certainnumber of cycles before that
battery is going to drop itscapacity and that's regardless
of that battery technology.
Speaker 1 (31:43):
Is that what you do with your phone as well?
Yeah, you keep it plugged injust in case there's a blackout.
Speaker 2 (31:49):
Well, and that's the other reason, you know, if
there's a blackout, I've got alittle unnatural power supply
for my NBN connection so that Ican continue to browse the
internet, etc.
While everyone else is in thedark.
Or if the mobile phone towerfalls over, it's, you know, I
still got to rely on that nbnconnection.
(32:11):
It's.
It's part of that wholebuilding multiple layers of
security, of continuity.
Speaker 1 (32:21):
So that's another thing parents could really
educate their children in iskeeping their technology charged
.
Speaker 2 (32:28):
Oh, definitely, especially if that child has to
go to school and if they'reconstantly running that battery
down to a very, very low.
That's the quickest way to killa battery is keep running it
down low.
Those days are well and surelygone.
That's the quickest way to killyour battery.
And if you do that, then you'regoing to notice that the
(32:50):
battery won't last as long andthen one day it'll be halfway
through school or work orwhatever.
Speaker 1 (32:56):
It's just not going to work because the battery's
gone flat and you normally havea day's use out of the battery
and now you don't Right, let'stalk about phishing scams.
What does phishing actuallymean?
Speaker 2 (33:13):
Phishing going onto the beach.
Speaker 1 (33:14):
No, not that P-H-I-S-H.
Speaker 2 (33:17):
Oh okay, yes, going onto the beach and no, not that
p-h-i-s-h.
Oh okay, yes, um, so fishing inthat context is the.
It's creating that fakeidentity or that fake
communication, so that it'strying to be misleading and
deceptive, and it might betrying to encourage you to log
(33:39):
into your website that you thinkyou're logging into to confirm
or deny something.
So it might be the bank, andall of a sudden, you've clicked
on that phishing email.
It's created what looks likethe website you think you're
going to, you put in yourdetails and that's it.
The criminals have now takenover because they will, in the
(34:01):
meantime, be relaying all thisinformation so that you'll be
interacting with your bank viathem.
Speaker 1 (34:09):
So what's the difference between phishing and
scams?
Is there a difference or notreally?
Speaker 2 (34:17):
Well, phishing is usually a little bit more
targeted, where scams are justgeneric things, like you know.
I'll offer to you knowbitchmize your drawer of waste,
sort of thing.
Speaker 1 (34:28):
Or put a new roof on or something, yeah things like
that.
Speaker 2 (34:31):
That's you know, they're called scams, but it's
all the same sort of terminologyand ideas.
Speaker 1 (34:39):
So what should?
Let's just just finishing up.
What would a parent ask aschool to do to help them
understand how they're usingtechnology safely and
responsibly?
Speaker 2 (34:56):
So talk to them about their cyber security policy,
their cyber education and whatthat includes, you know.
Are they going to teach themabout password managers?
If not, why not Teach them alsoabout, you know, cleaning the
stuff off that you don't need?
Speaker 1 (35:17):
Okay.
Speaker 2 (35:17):
You know a new laptop is going to be a more secure
laptop than one that's beenaround you know three or four
years and you've downloadedhundreds of different things on
it, tried it for half an hourand then decided no, I don't
want that anymore, but just leftit, and they always leave bits
and pieces behind.
The other one is teaching aboutand this is one thing I don't
(35:41):
think the government spendsenough time on which is teaching
about how to prevent thescammers that are phoning up
saying, oh, you've got aMicrosoft computer, you need to
do this, this and this.
Anytime you're getting thatphone call out of the unknown,
you just say sure, okay, Ibelieve you, I'll call you back.
(36:02):
What's your extension number?
Then look up their organisationin the phone book or you Google
it, whatever it is that youlike to use, and you call back
and quote that extension.
Anything other than that you'renot interested, and usually, by
asking that question, I'll lookit up in the phone book and
(36:23):
I'll call you back by extension.
They'll be hanging up on youvery fast.
Speaker 1 (36:28):
So yeah, that's that often.
That's happened to me as well.
So what tools or settingsshould parents enable on their
child's devices to create asafer online experience?
I know that there's parentalcontrols like Google Family Link
or Apple Screen Time.
(36:49):
There's time limits.
There's safe browsing filterswhere we can block adult content
and unsafe websites.
There's location and privacysettings which disable
unnecessary tracking on apps.
Is there anything else that youcan think of?
Speaker 2 (37:08):
The government does have some cybersecurity website.
I can't recall the name of it.
That's probably a good place tostart and have a look.
I'd also check in with theschool what they can do and what
education they can provide, butit has to go hand in hand.
The way of doing it has to gohand in hand with education.
(37:29):
If you just implement all theseways of preventing your child
or children from getting accessto what they want to get access
to, then they're going to becomea hacker in time because
they'll just spend the time andwork out how to get through and
past all these things.
Speaker 1 (37:47):
So if when you're saying, you know education,
discussions with kids andconversations so parents could
use everyday examples, so, forexample, what would you do if
someone online asked you foryour password?
You could have thatconversation with the child and
see what they'd say.
Speaker 2 (38:06):
Oh, definitely.
You certainly want to talk tothem that that's not a good idea
, that you don't share passwordslike that.
Sometimes you may need to sharea password.
Speaker 1 (38:18):
But then come and ask someone.
Speaker 2 (38:20):
But it's always you know who needs that password,
why they need that password, andwill that end up giving them
control, total control of thataccount?
And is that appropriate?
Speaker 1 (38:34):
And then maybe like comparing cyber safety to real
world safety, so like, just likewe don't talk to strangers, we
don't talk to strangers on theinternet either.
Speaker 2 (38:46):
Perfect yeah, exactly .
Speaker 1 (38:48):
And then you know, maybe instead of scaring kids
you know it's sometimes good forthem to be like internet
detectives and report scans andspot scans.
Right, yeah, because in thatway that gives them agency and
also it's not so fearful.
It's not a game, but it's thatyou know there are scammers out
(39:11):
there, but you just have to beable to spot them.
Speaker 2 (39:15):
Yeah, you have to be able to spot them, but it's also
being able to spot them.
Yeah, you have to be able tospot them, but it's also being
able to go.
Well, if there's any plausiblepossibility of that being real,
search for it yourself.
So if someone's trying to sellyou the, the plant that never
dies, then you go and search forthat via a different search
(39:40):
engine.
Speaker 1 (39:40):
I know I've done that quite often.
Speaker 2 (39:41):
And all of a sudden you work out that you know that
plant that never dies.
Well, that's not real, it'sjust a scam.
Speaker 1 (39:48):
And then also probably a good idea is to
create a family tech agreementwhere the family has rules for
device use, um, online behaviorand reports.
You know anyone can reportconcerns and maybe they could
talk about that over dinner aswell.
You know, like what's happenedon the internet, what, who's
(40:11):
read what, so it becomes like amore like a a general
conversation a generalconversation, a regular
conversation.
Speaker 2 (40:19):
So it'd be, um, you know, when you see one of those
scam emails that comes through,you know it'd be like oh look,
this is what I've found, this iswhat I've seen, this is how I
worked out it was a scam andthis is how I also, uh, reported
it to the bank, for example.
Speaker 1 (40:37):
Um, so, yeah, that's a good idea.
Yeah, so they see that itsparents are doing it as well.
Yes, yeah, craig, maybe youcould forward me some links that
parents can go to for safetypasswords and things like that
and we could put them on theshow notes for parents to look
(40:59):
at.
And what is the last gem thatyou would like to say to parents
about safety and technologytoday?
Speaker 2 (41:14):
Learn about it.
If you don't know about it,it's going to be a problem
sooner or later, simply becausethe impact of this is just
continuing to grow and grow.
Speaker 1 (41:29):
And how do they learn ?
Speaker 2 (41:31):
Take an interest in a little bit In cyber security.
Speaker 1 (41:36):
Cyber security.
Speaker 2 (41:38):
Try and work out what the best practices are and try
and keep up to date with thosebest practices.
But it's look at why is this?
You know, don't try and buy thebest widget to solve my thing.
Work out why it's that widget,why someone recommends a widget
(41:59):
to solve my thing work out whyit's that widget, why someone
recommends a widget to solve theproblem.
Speaker 1 (42:02):
Asking the question why?
Speaker 2 (42:04):
Yeah, questions why are more important.
Speaker 1 (42:06):
And for what purpose?
Speaker 2 (42:07):
do you?
Speaker 1 (42:08):
want this information .
Thank you so much, craig, forcoming on the show today.
I know that I sort of corneredyou into it and I said come and
talk technology, because I knowyou love talking technology and
I thought your wisdom and yourpassion and you know your
experience would benefit manyparents out there who have
(42:31):
technology in their home andwhose children might be just
starting to use technology forthe first time in a school
system this year.
Speaker 2 (42:41):
Oh, thanks.
Speaker 1 (42:42):
Thanks.
Craig Clark, welcome to the Empowered Parent Podcast.
I thought it would be timely totalk to you because I know that
you are passionate aboutcybersecurity.
You are also the informationtechnology guru go-to person,
everything for my therapy house,and you are constantly
(00:24):
reminding myself and my staffabout the information technology
security.
So today I wanted to have youon the show to talk a little bit
about information technologysecurity, cyber security and how
parents can support theirchildren through that and
(00:47):
themselves.
So first of all, welcome, andI'm glad you could join us today
.
Speaker 2 (00:53):
Oh, thanks, it's great to be here.
Speaker 1 (00:56):
And Craig, what inspired you, or what motivates
you to be so into cyber security?
Speaker 2 (01:07):
That's where the world's going.
It's a large part of life and Ican only see it getting more
important over time and beingmore of a part of life and part
of the interactions andhistorically, if you look back
on it, it has been the case.
Speaker 1 (01:30):
And what about have you?
Do you study security, or is ityour hobby, or how did you get
into it?
Speaker 2 (01:39):
So I got into it simply by listening to a podcast
which I've been listening to, apodcast which I've been
listening to for many years now,and I found that it was just
very interesting what they weretalking about not so much as
which antivirus is better thanthe other one or that sort of
(02:00):
thing, it was more about thereasoning behind, so you could
learn the reasoning behind theinformation provided and then
you could apply that to newsituations, which I think was
very interesting, informativeand useful.
Speaker 1 (02:15):
So when you said the virus, what does that mean?
Like, what were you sayingabout that?
Which virus?
Antivirus software whichantivirus software is better
than the other.
It's more about understandingwhy use antivirus software.
Is that right?
Speaker 2 (02:30):
Yes, okay, and minimising that risk of having a
viral infection, yep yep.
Speaker 1 (02:35):
Okay, let's talk about antiviral software.
I'll be interested to talkabout that later, but let's
start with the big question.
But let's start with the bigquestion.
Why would cyber safety be sucha big concern for parents as
kids head back to school thisyear, especially with so much
(02:56):
learning happening online?
Speaker 2 (03:01):
And what should parents be aware of?
So I think that part of that'sgoing on is that it will
possibly be the first time theirchildren be introduced to cyber
security, and hopefully theywill have a very good
introduction to it.
But the schools may be doing aminimal job or not get much of a
(03:22):
chance to take that informationand provide it in a format that
every child understands, and Ithink it's one of those very,
very important lessons that thechild needs to understand
because it's going to impacttheir whole life.
Speaker 1 (03:36):
Do you think that it would be worthwhile for parents
to ask for the school's cybersecurity policy to have a look
at that?
Speaker 2 (03:46):
Policy would certainly be a good start.
What they're recommending, whatthey're doing, and they should
also be able to provide a formatfor the parents to look at,
read, understand and see howthat educates them.
Speaker 1 (04:00):
Because then they can educate their child right and
they can have the same languageas well as maybe use similar
strategies at home.
Speaker 2 (04:08):
Yeah, well, it might not be the same language, it
might be use your differentnative language, it might be use
more pictures rather than words, or it might be other ways, but
it's the same lesson beingtaught at school and at home.
Speaker 1 (04:25):
And I know that at my , my therapy house, we now use
chromebooks and, um, this wassomething you introduced me to
many years ago when they firstcame out.
Um, what?
Why are schools usingchromebooks now, and what is the
benefit of a Chromebook overjust a regular?
(04:49):
They're called PCs, are they?
Speaker 2 (04:51):
Laptops yeah, regular laptops.
So basically there's threetypes of laptops.
You can buy Windows, which isthe Microsoft Windows.
That's probably the biggestlaptop provider or operating
system on the laptops.
The next one will be the Appleand after that you will get the
things like Linux andChromebooks.
(05:13):
But if you go down to many ofthe local hardware IT stores,
they will have Windows computersand they'll have some
Chromebooks there.
What I really like about theChromebooks is they're small,
they're light, they don'tproduce a whole lot of heat,
(05:36):
they're economical because theyare basically a cloud-based
environment.
So the intent is that, insteadof having that problem of, oh,
I've downloaded all my files,now what do I do with it?
It's well, just log into a newChromebook, it's all there,
don't worry about it.
Speaker 1 (05:53):
So you minimize that risk?
Do Chromebooks need anantiviral software?
Speaker 2 (05:57):
No, no, they don't, and that's just.
One of the great things aboutthe Chromebooks is they are
extremely secure, extremely safe, and that's part of the reason
why schools, education andbusinesses use them is they are
fast to learn and use Forenterprises and schools.
(06:19):
You can control what the userscan have access to and what they
can download or use, et cetera.
So it's just a nice systemwhich is not that complex or
challenging as what it would befor, you know, a Windows-type
computer.
Speaker 1 (06:39):
And I know with Chromebooks what I really like
about them.
They've got a drive, their owndrive, and you can share files
with other people.
But then you can revoke theshare.
Right, you can take it back.
Or they can just be a viewer orthey can be an editor.
Is that right?
Speaker 2 (06:57):
Yeah, so when you're talking about the drive, that's
the Google Drive in the cloud,and when you share something via
that system, then it'sbasically in the cloud and
anyone can access it at any timeif they've been given prior
access.
So it might be a case of youcan create a file which anyone
can access and they only needthe file name or location, as it
(07:24):
were, and with that they canaccess it.
But you might have restrictedit so they can only view it.
Speaker 1 (07:32):
They can't edit it and can they download it?
Speaker 2 (07:34):
You can turn that on or off as well.
Speaker 1 (07:36):
Okay, great, so you don't yeah.
So that's pretty safe, isn't it?
Speaker 2 (07:40):
It's very safe.
It's very much one of thoseways of controlling who has
access to information or cancontrol it, and it's also for
when you have an employee andthey're no longer an employee
for whatever reason.
You can then just removeaccesses, and it's just very
quick and easy rather thantrying to go behind the scenes
(08:02):
and clean up issues with, youknow, attached storage and stuff
like that.
It's just so much quicker andeasier.
Speaker 1 (08:11):
What about some parents?
Listening will be Applehouseholds and obviously because
Apple's got a lot of great appsand everything for kids.
Apple's got a lot of great appsand everything for kids.
Is it easy to transferknowledge from an Apple to an
Android, like Android?
Speaker 2 (08:35):
being Chromebooks Windows, so it's very easy to
transfer, even to using aChromebook.
Basically, it's a Googleproduct, so all the information
is available via Google.
There's lots of informationvideos about it.
It's very well supported.
They're basically being basedaround a search engine.
If you want information, youcan just search for it.
(08:57):
Even down in settings you justsearch for a setting and it
comes up.
There's none of this having toremember the particular boy of
going through I went to here andthen I went to C and then it
was F and then to D of gettingto somewhere which is very, very
hard to recall, especially sixmonths later when you have to do
it again or when you suddenlyrealise that what I did six
(09:19):
months ago is no longerappropriate for today.
I've got to undo it.
How do I do?
It's just so much easier andquicker.
Speaker 1 (09:25):
So let's talk about security.
Some people really, you knowthink that Apple is the most
secure system.
What would you say to that?
Speaker 2 (09:39):
I wouldn't say it's the most secure system To be the
most secure system.
Turn it off If it's switchedoff.
Speaker 1 (09:50):
it's secure, yeah, right.
Speaker 2 (09:52):
Yeah, you know there is a risk with anything
connected, but the Chromebooksare extremely well designed and
designed from the very beginningof their life, which was to be
secure, and that's put into itall the way through, and that's
(10:13):
why using them for a business isso much easier.
I don't have to get a Windowscomputer, install all the
software, create the accountsfor someone and then, hand it
over to them.
I'll just give them theChromebook straight out in the
box still, and they can open itlike it's their Christmas
present and log in and straightaway they've got access to
(10:35):
everything that they should haveaccess to.
That's part of the business.
We give them access.
Speaker 1 (10:40):
I know that quite a few government systems use Teams
.
Speaker 2 (10:45):
Microsoft Teams yeah.
Speaker 1 (10:46):
Have you heard of Teams?
Speaker 2 (10:47):
Yes.
Speaker 1 (10:48):
And how is that different to like, let's say,
zoom or Google Meet or somethinglike that?
Speaker 2 (10:57):
So Google has Google Meet and Google Chat and they're
basically the same sort ofsystems.
It's just a different ecosystem.
Speaker 1 (11:04):
And that's Microsoft, isn't it?
That's on a Windows computer.
Speaker 2 (11:08):
Microsoft Teams.
Speaker 1 (11:09):
Yes, yes, yes, so you can't really do it on a
Chromebook, is that right?
Speaker 2 (11:16):
I reckon you probably could do it on a Chromebook.
If you needed to have MicrosoftTeams, you could probably
download and install that.
Speaker 1 (11:21):
Yeah.
And many of the things that youcan use with a Chromebook is
just.
If you can use it on yourChrome web browser on Windows or
Apple and you find that works,then you can do the same with a
Chromebook, and I think with theChromebook you don't need to
pay, do you Like?
For I know I've done all myvideos via Google Meet and
(11:46):
that's just part of myChromebook, so I don't have to
pay for it, right?
Speaker 2 (11:52):
No, you just get your Gmail account and that's it.
You just log in with that.
Yeah, it's all there.
You don't need to pay extra forantivirus.
That's all built in from thestart and it's just a nice
ecosystem that's friendly towork with.
The other things which I findis that people I find that are
(12:14):
finding Windows challenging ordifficult.
When you give them theChromebook and say, here, have a
look at this, try that theyfind it a much faster system to
use, even though it's much lowerin the hardware specifications.
It's just much quicker for themto switch on.
Speaker 1 (12:31):
And you've done that a lot, haven't you?
You've really counselled peoplearound what technology would
work best for them.
Speaker 2 (12:39):
It certainly works best for those people who don't
have a passion for technology.
It updates itself in thebackground.
You don't have to sit therewaiting and waiting while
windows does its updates andthings like that, and that's
just one of those things thatpeople seem to really enjoy is
just I open up the laptop and itjust switches on straight away
and I'll log in and it's done.
Speaker 1 (13:01):
There's no waiting for this or that yes, I, I know
that's one of my things.
I'm not that patient when thelaptop starts.
Craig, let's talk one of yourpassions passwords.
So when I first met you, I hada little book and I had all my
(13:21):
passwords in it, or I was usingthe same password over and over
again.
Okay, what do you say to that?
Speaker 2 (13:31):
That is just inviting the criminals to take over not
just that account but all ofyour accounts and, in effect,
your identity on the internet.
And that identity on theinternet is not just on the
internet.
It starts encroaching on yourlife in real life.
Speaker 1 (13:51):
Yeah, validations and checks and everything All of
that.
Speaker 2 (13:55):
Before you know it, you're going to have a lot of
problems with you know, provingthat you weren't the one who
borrowed this.
Stole that, whatever, becauseyour identity has been stolen.
Speaker 1 (14:06):
And I see it a lot Like people will say, oh, my
profile has been stolen, orplease don't respond because
someone's my profile has beenstolen, or please don't respond
because, someone's taken myprofile, so what do you use to
keep your password safe?
Speaker 2 (14:23):
So I always use and recommend a password manager.
Speaker 1 (14:27):
What's that?
Speaker 2 (14:28):
So that's your diary, but in a cloud version of it.
Um, so basically it means thatby being in the cloud, when I
log into, a different devicewill be my phone or my
chromebook or the computer atwork I've got access to all of
my passwords to access that sitethat I need to get to Now.
(14:53):
One of the other benefits of itis being cloud-based.
It keeps it up to date, so if Iupdate it on one device, it
automatically updates foreverything everywhere.
Speaker 1 (15:03):
And do you need to have?
How do you get into it?
Like, do you need to remember apassword?
Like, you still need toremember a password, right?
Speaker 2 (15:10):
Yes, you'll still need a password, like you still
need to remember a password,right?
Yes, you'll still need apassword.
So, basically, that's why theycome with the idea of one
password or last password beinglast password you'll need to
remember.
It's all based around thatsimple idea of you can only
really remember one password,because if you start looking at
(15:31):
how many websites you've got orinteracted with over time, I
think we've got well over 300.
How can I possibly remember 300different passwords, which are
all gobbledygook?
It's just.
Speaker 1 (15:45):
So you mentioned LastPass.
There's also Bitwarden.
What other password managersare there?
Speaker 2 (15:53):
The web browsers have them built in.
I'll be a little reluctant touse the built-in web browsers.
Speaker 1 (15:59):
Yeah, I've seen them pop up.
Speaker 2 (16:02):
Especially if it's a device you're sharing or people
are sharing that access to thatweb browser.
That's extremely dangerous.
Speaker 1 (16:11):
Or someone could steal your device right.
Speaker 2 (16:14):
Exactly, and that's the problem.
If you have very lax securityfor the device and they can get
into that web browser, that's it, they've got everything.
And that's where the thingslike LastPass, bitwarden, et
cetera they all are enabling thebrowsers.
They're a little browserplug-in which enables you to
(16:38):
automatically log into a website, so for example, if.
I want to log into the bank'swebsite.
I can go into my passwordmanager and type in the bank
name and it'll pop up with thelittle icon for it.
I click on that and then itjust goes into.
That, opens the tab, opens itup, logs it all in for me and
(17:02):
that is it.
It's done.
The great thing about this isthat if someone tries to send me
a spam email which says youneed to log in and verify this
account transaction, or even ifI'm unfortunate enough to have
clicked on the link, my passwordmanager will know that's the
(17:24):
wrong link or never log in.
So it's a beaut way ofpreventing those fake spam URLs
which look very similar to theoriginal.
Speaker 1 (17:41):
And URL.
Is the link right yeah?
Speaker 2 (17:44):
so those links, and quite often they will make it
deliberately look like it, orthey'll make a typing mistake
and create an exact duplicate ofthe original website you are
trying to log into.
For example eBay or PayPal orsomething like that, and you
know.
You just type your username andpassword in and you've already
(18:07):
given your details over to thecriminals?
Speaker 1 (18:09):
Part of your identity ?
Yeah, your details over to thecriminals?
Part of your identity?
Yeah, so, um, what you know?
People have passwords withtheir name and zero one at the
end.
What is a safe password?
And what you know?
I know that people talk aboutthe goobity gobbity.
You know alphabet passwordswith a lot of zeros, and this
(18:29):
and that and the other.
Um, is that why passwordmanagers are good, because they
generate them, or how does itwork?
Speaker 2 (18:36):
Password managers are great because they generate
those long, strong passwords.
So the longer the password, thestronger the passwords.
By having a lot of differentthings in the password Like what
?
All the whole load of numbersand letters which mean nothing
(19:00):
to anyone, it means if someonedoes look at you or look at that
password at some stage, it'simpossible for them to remember
it so it makes it hard foranyone to see it and then access
it, etc.
Um, it also means that you'renot going to use a simple
password or one which is goingto be in a dictionary attack,
(19:22):
and it's you know the criminalshave tried everything these days
and they have access tobillions of passwords that have
been used, with email addressesor account name and password,
and they'll just run themthrough everything until they
get access, and you know that'show they do it.
(19:45):
So to get a strong password, youcan either use your password
manager, but you probably needone to log in so to create your
first or the useful password.
Just remember, longer isstronger.
So you know, use four words andsymbols, a couple of symbols,
(20:06):
and you can use symbols ornumbers, something like that, as
padding.
So you might want to putpadding of being six zeros at
the beginning and then six zerosat the end, and as long as no
one knows that you're using sixzeros as your password or
padding, then it's probably okayand you might decide.
(20:27):
Well, actually I want to doextra strength, I want to do a
beginning and the middle, and ifyou need to write something
down, you can write down yourpassword, but you leave out your
padding and all of a sudden,now you've got it written down
in your wallet or your purse,but no one will be able to
access it, even when they havethat piece of paper because,
(20:48):
they won't have that little bitof padding, and where that
padding goes, so what about withfamilies, like if kids need
passwords, and how would thatwork with a password manager?
So, ideally, you know, train thechildren on using password
(21:13):
managers, you know, and creatingthat unique, one password to
get into their system, intotheir password manager, if they
need access to something elsewhich is a shared thing, for
example, it might be youraccount at the library or
(21:33):
something like that the libraryor disney channel or youtube or
something yeah, for those sortsof things you wish to share,
then you can actually do sharingwith password managers.
and again, this is a systemdesigned to manage passwords, so
I could share a password withyou, for example, but I could
(21:56):
ensure that you can neveractually see the password, but
you could always use it and thenI can revoke it and I don't
have to do anything other thanlog in and go revoke and that's
it.
Speaker 1 (22:05):
So that puts in that extra safety where if a child
has, say, mum or dad's passwordand then they want to share it
with their friend, they can'tbecause they don't really know
the password.
Right, they don't know thepassword, but they can use it.
Speaker 2 (22:18):
They can't change the password as well.
So it just makes life muchbetter.
And it's an easy solution whereyou know I could say, well,
look, you can go into.
You know the bank and you knowI could say, well, look, you can
go into.
You know the bank and you know,get that transaction done today
.
I'll give you 24 hours to do it.
I'll give you access for thenext 24 hours.
It'll just automatically revokeafter 24 hours.
(22:42):
You know it's a great system.
Speaker 1 (22:44):
And let's talk about two-factor authentication.
What is it and is it important?
Speaker 2 (22:52):
Two-factor or multi-factor.
So two-factor is something likea password, something you know
and something you have.
So that might be your one-timetoken, which is time-based,
which is those six digits thatkeep rolling around.
That's become very popularsimply because you just need a
(23:17):
little app on your phone.
Speaker 1 (23:19):
That's an authenticator app, isn't it?
Yeah?
Speaker 2 (23:23):
They're pretty much all the same.
They all run on a standardsystem, so it's really quick and
easy, as long as you can typein six digits.
It changes every 30 seconds.
Speaker 1 (23:33):
So basically you put in your password from, say, the
password manager, and then itsays authenticate yourself as
well.
So then you can use yourauthenticator app or security
questions or anything like that.
Speaker 2 (23:48):
I would not use security questions.
It's not as safe.
Speaker 1 (23:51):
Right.
Speaker 2 (23:51):
Because security questions are usually like what
was your mum's birth?
Yeah, Maiden name.
Speaker 1 (23:56):
What's your dog's name?
Dog's name when did you live?
Yeah, what?
Speaker 2 (24:00):
school did you go to?
What was your first car?
All those questions and socialengineering et cetera, or, a
good stalker would certainlywork that stuff out over time.
Yeah right.
So definitely don't do that.
You must use your multi-factorauthentication system.
Speaker 1 (24:16):
Good point.
So how can parents monitortheir child's online activity
without invading their privacyor creating unnecessary fear
around technology?
Speaker 2 (24:32):
How do you create that?
That's an interesting question,because if you're monitoring,
then to a degree it is aninvasion of privacy, but for
certainly it's.
The internet has.
Speaker 1 (24:47):
It's safety, isn't it really?
You're doing it for safety, Isthat right?
Speaker 2 (24:52):
For safety of the child, because they're not
mentally developed and there'sthings which are on the internet
which are not age appropriate.
There's certainly stuff whichis adult and certainly you don't
want to be going to those sites.
Speaker 1 (25:09):
And I mean you've got parental controls.
But I guess the thing would belike the problem-solving skills
Kids may not, you know, yet becognitively equipped to realise
oh, that's a spam or that's aphishing or, yeah, phishing.
Speaker 2 (25:25):
They might understand the phishing, they might
understand the sarcasm.
They might not understand thewhole bullying and harassment
type of stuff that can go on anddoes happen.
It's just it can be the cesspitof society and quite often is,
(25:47):
and that's why, even thoughyou're an adult, there are some
sites you just choose never,ever to go to.
Even though you're an adult,there are some sites you just
choose never ever to go to.
Certainly those are anythingthat's offering, you know, paid
software for free, or you knowI've got the crack code for it.
Download it here, or I'vebroken it here.
Download and install.
That's all stuff you do notwant to do, because you're
(26:10):
basically installing somethingthat a criminal has created and
they want to take over yourcomputer, your identity.
Speaker 1 (26:20):
So I guess, like one of the things that I've been
thinking about is setting thefoundation early, letting
children know what the internetis, that it's a shared space,
there are all different peopleon there, and that parents just
need to support them in havingyou know, knowing what to who to
(26:41):
interact with.
I guess.
Speaker 2 (26:46):
I think it has to be education first and foremost
because if you try to usesystems and technology to manage
or micromanage them, they willbe going to school and then
working out with their friendsor family, et cetera, or wider
family, how to get past thosethings.
Speaker 1 (27:07):
And there certainly is DNS resolvers, which will
block access to sites which arenot age appropriate and, I guess
, talking to kids openly whatthey like on the internet, what
they've found, that would bereally important as well.
(27:27):
As you know setting content andfilters content like setting
the filters with time limits.
You know setting content andcontent like setting the filters
with time limits, you know.
So children don't feel likethey're being interrogated and
micromanaged the whole time.
Speaker 2 (27:43):
Yeah, yes, yeah, so you'd have to time limit your
own time watching them, etcetera.
Speaker 1 (27:49):
Yeah.
Speaker 2 (27:50):
And it might be doing it well in the kitchen, but
they're in the lounge room, sothey're at a distance, so you're
not, you know, standing overtheir shoulder watching
everything they do.
But in some respects this iswhat's happening in society as
we speak.
Is there, is that going on foreach and every one of us by the
(28:13):
various systems we use there?
Pretty much is no privacy insociety anymore with the way
that Facebook, for example, haslittle images and things on
every website to track you andso they can then sell your
information to advertisers.
Speaker 1 (28:31):
And I know myself like we laugh at work because we
talk about something and thenall of a sudden there's
something coming through.
It's like are they listening tous?
Speaker 2 (28:41):
Oh, exactly, yeah, you talk about.
For example, I talk about chubsecurity at work and then all of
a sudden I start getting allthe chub security stuff on my
phone.
It's just like it knows.
Speaker 1 (28:53):
Yeah, it's listening.
Speaker 2 (28:54):
And that's just talking around the phone, yeah.
And that's just a phone.
Speaker 1 (28:59):
So it's better just sometimes to switch your phone
off and put it away if you don'twant that to happen.
Would that be right?
And having tech-free times,tech-free zones.
Speaker 2 (29:11):
If you really want privacy, then go nude in the
middle of a field.
Otherwise it's too hard.
You cannot do it becausethere's technology embedded in
so much stuff and it's soimpossible to prevent people
from listening in.
It really is on hot under theblanket at the same time, so
(29:34):
that people can't watch you andread your lips.
It's just.
Privacy is gone, unfortunately,and the government wants to be
able to read all the metadata,so they want to know where
you've been, what you've done.
Speaker 1 (29:48):
And so this is the way parents can also monitor
what apps kids are on right,because there's a lot of apps
and then they download and it'ssubscription only and all of a
sudden they're actually payingfor things.
Because I've seen that happenas well with parents that kids
all of a sudden are like buyingthings from their.
Speaker 2 (30:11):
All of a sudden are like buying things from their
like, say, from the iTunes storeor, you know, google App Store,
yeah, so any time the child'sgot that ability to pay for it,
then that's a real concern,unless they have demonstrated
that ability to appreciate thepower they have and that trust
(30:38):
as well.
But just on apps in general,every six months you should have
a look at what apps areinstalled on your computer, what
apps or browser helpers areinstalled on your browser, and
any that you don't use you needto remove, because all of them
will slowly but surely decreasesecurity on your device by
(31:01):
providing a bigger surface area.
Speaker 1 (31:03):
Hey, which reminds me , let's talk about keeping your
computer plugged in electricity,like, is it true that the
battery can run out reallyquickly and does it go down and
down and down if you don't putelectricity into your computer
or device?
Speaker 2 (31:23):
So yeah, the laptops all have batteries in it.
To me, you know, keep itplugged in if you can, because
it's basically, it has a certainnumber of cycles before that
battery is going to drop itscapacity and that's regardless
of that battery technology.
Speaker 1 (31:43):
Is that what you do with your phone as well?
Yeah, you keep it plugged injust in case there's a blackout.
Speaker 2 (31:49):
Well, and that's the other reason, you know, if
there's a blackout, I've got alittle unnatural power supply
for my NBN connection so that Ican continue to browse the
internet, etc.
While everyone else is in thedark.
Or if the mobile phone towerfalls over, it's, you know, I
still got to rely on that nbnconnection.
(32:11):
It's.
It's part of that wholebuilding multiple layers of
security, of continuity.
Speaker 1 (32:21):
So that's another thing parents could really
educate their children in iskeeping their technology charged
.
Speaker 2 (32:28):
Oh, definitely, especially if that child has to
go to school and if they'reconstantly running that battery
down to a very, very low.
That's the quickest way to killa battery is keep running it
down low.
Those days are well and surelygone.
That's the quickest way to killyour battery.
And if you do that, then you'regoing to notice that the
(32:50):
battery won't last as long andthen one day it'll be halfway
through school or work orwhatever.
Speaker 1 (32:56):
It's just not going to work because the battery's
gone flat and you normally havea day's use out of the battery
and now you don't Right, let'stalk about phishing scams.
What does phishing actuallymean?
Speaker 2 (33:13):
Phishing going onto the beach.
Speaker 1 (33:14):
No, not that P-H-I-S-H.
Speaker 2 (33:17):
Oh okay, yes, going onto the beach and no, not that
p-h-i-s-h.
Oh okay, yes, um, so fishing inthat context is the.
It's creating that fakeidentity or that fake
communication, so that it'strying to be misleading and
deceptive, and it might betrying to encourage you to log
(33:39):
into your website that you thinkyou're logging into to confirm
or deny something.
So it might be the bank, andall of a sudden, you've clicked
on that phishing email.
It's created what looks likethe website you think you're
going to, you put in yourdetails and that's it.
The criminals have now takenover because they will, in the
(34:01):
meantime, be relaying all thisinformation so that you'll be
interacting with your bank viathem.
Speaker 1 (34:09):
So what's the difference between phishing and
scams?
Is there a difference or notreally?
Speaker 2 (34:17):
Well, phishing is usually a little bit more
targeted, where scams are justgeneric things, like you know.
I'll offer to you knowbitchmize your drawer of waste,
sort of thing.
Speaker 1 (34:28):
Or put a new roof on or something, yeah things like
that.
Speaker 2 (34:31):
That's you know, they're called scams, but it's
all the same sort of terminologyand ideas.
Speaker 1 (34:39):
So what should?
Let's just just finishing up.
What would a parent ask aschool to do to help them
understand how they're usingtechnology safely and
responsibly?
Speaker 2 (34:56):
So talk to them about their cyber security policy,
their cyber education and whatthat includes, you know.
Are they going to teach themabout password managers?
If not, why not Teach them alsoabout, you know, cleaning the
stuff off that you don't need?
Speaker 1 (35:17):
Okay.
Speaker 2 (35:17):
You know a new laptop is going to be a more secure
laptop than one that's beenaround you know three or four
years and you've downloadedhundreds of different things on
it, tried it for half an hourand then decided no, I don't
want that anymore, but just leftit, and they always leave bits
and pieces behind.
The other one is teaching aboutand this is one thing I don't
(35:41):
think the government spendsenough time on which is teaching
about how to prevent thescammers that are phoning up
saying, oh, you've got aMicrosoft computer, you need to
do this, this and this.
Anytime you're getting thatphone call out of the unknown,
you just say sure, okay, Ibelieve you, I'll call you back.
(36:02):
What's your extension number?
Then look up their organisationin the phone book or you Google
it, whatever it is that youlike to use, and you call back
and quote that extension.
Anything other than that you'renot interested, and usually, by
asking that question, I'll lookit up in the phone book and
(36:23):
I'll call you back by extension.
They'll be hanging up on youvery fast.
Speaker 1 (36:28):
So yeah, that's that often.
That's happened to me as well.
So what tools or settingsshould parents enable on their
child's devices to create asafer online experience?
I know that there's parentalcontrols like Google Family Link
or Apple Screen Time.
(36:49):
There's time limits.
There's safe browsing filterswhere we can block adult content
and unsafe websites.
There's location and privacysettings which disable
unnecessary tracking on apps.
Is there anything else that youcan think of?
Speaker 2 (37:08):
The government does have some cybersecurity website.
I can't recall the name of it.
That's probably a good place tostart and have a look.
I'd also check in with theschool what they can do and what
education they can provide, butit has to go hand in hand.
The way of doing it has to gohand in hand with education.
(37:29):
If you just implement all theseways of preventing your child
or children from getting accessto what they want to get access
to, then they're going to becomea hacker in time because
they'll just spend the time andwork out how to get through and
past all these things.
Speaker 1 (37:47):
So if when you're saying, you know education,
discussions with kids andconversations so parents could
use everyday examples, so, forexample, what would you do if
someone online asked you foryour password?
You could have thatconversation with the child and
see what they'd say.
Speaker 2 (38:06):
Oh, definitely.
You certainly want to talk tothem that that's not a good idea
, that you don't share passwordslike that.
Sometimes you may need to sharea password.
Speaker 1 (38:18):
But then come and ask someone.
Speaker 2 (38:20):
But it's always you know who needs that password,
why they need that password, andwill that end up giving them
control, total control of thataccount?
And is that appropriate?
Speaker 1 (38:34):
And then maybe like comparing cyber safety to real
world safety, so like, just likewe don't talk to strangers, we
don't talk to strangers on theinternet either.
Speaker 2 (38:46):
Perfect yeah, exactly .
Speaker 1 (38:48):
And then you know, maybe instead of scaring kids
you know it's sometimes good forthem to be like internet
detectives and report scans andspot scans.
Right, yeah, because in thatway that gives them agency and
also it's not so fearful.
It's not a game, but it's thatyou know there are scammers out
(39:11):
there, but you just have to beable to spot them.
Speaker 2 (39:15):
Yeah, you have to be able to spot them, but it's also
being able to spot them.
Yeah, you have to be able tospot them, but it's also being
able to go.
Well, if there's any plausiblepossibility of that being real,
search for it yourself.
So if someone's trying to sellyou the, the plant that never
dies, then you go and search forthat via a different search
(39:40):
engine.
Speaker 1 (39:40):
I know I've done that quite often.
Speaker 2 (39:41):
And all of a sudden you work out that you know that
plant that never dies.
Well, that's not real, it'sjust a scam.
Speaker 1 (39:48):
And then also probably a good idea is to
create a family tech agreementwhere the family has rules for
device use, um, online behaviorand reports.
You know anyone can reportconcerns and maybe they could
talk about that over dinner aswell.
You know, like what's happenedon the internet, what, who's
(40:11):
read what, so it becomes like amore like a a general
conversation a generalconversation, a regular
conversation.
Speaker 2 (40:19):
So it'd be, um, you know, when you see one of those
scam emails that comes through,you know it'd be like oh look,
this is what I've found, this iswhat I've seen, this is how I
worked out it was a scam andthis is how I also, uh, reported
it to the bank, for example.
Speaker 1 (40:37):
Um, so, yeah, that's a good idea.
Yeah, so they see that itsparents are doing it as well.
Yes, yeah, craig, maybe youcould forward me some links that
parents can go to for safetypasswords and things like that
and we could put them on theshow notes for parents to look
(40:59):
at.
And what is the last gem thatyou would like to say to parents
about safety and technologytoday?
Speaker 2 (41:14):
Learn about it.
If you don't know about it,it's going to be a problem
sooner or later, simply becausethe impact of this is just
continuing to grow and grow.
Speaker 1 (41:29):
And how do they learn ?
Speaker 2 (41:31):
Take an interest in a little bit In cyber security.
Speaker 1 (41:36):
Cyber security.
Speaker 2 (41:38):
Try and work out what the best practices are and try
and keep up to date with thosebest practices.
But it's look at why is this?
You know, don't try and buy thebest widget to solve my thing.
Work out why it's that widget,why someone recommends a widget
(41:59):
to solve my thing work out whyit's that widget, why someone
recommends a widget to solve theproblem.
Speaker 1 (42:02):
Asking the question why?
Speaker 2 (42:04):
Yeah, questions why are more important.
Speaker 1 (42:06):
And for what purpose?
Speaker 2 (42:07):
do you?
Speaker 1 (42:08):
want this information .
Thank you so much, craig, forcoming on the show today.
I know that I sort of corneredyou into it and I said come and
talk technology, because I knowyou love talking technology and
I thought your wisdom and yourpassion and you know your
experience would benefit manyparents out there who have
(42:31):
technology in their home andwhose children might be just
starting to use technology forthe first time in a school
system this year.
Speaker 2 (42:41):
Oh, thanks.
Speaker 1 (42:42):
Thanks.
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Intentionally Disturbing
Join me on this podcast as I navigate the murky waters of human behavior, current events, and personal anecdotes through in-depth interviews with incredible people—all served with a generous helping of sarcasm and satire. After years as a forensic and clinical psychologist, I offer a unique interview style and a low tolerance for bullshit, quickly steering conversations toward depth and darkness. I honor the seriousness while also appreciating wit. I’m your guide through the twisted labyrinth of the human psyche, armed with dark humor and biting wit.