Secure Your Amazon Profile

Secure Your Amazon Profile

Did you know you have a public Amazon profile that is automatically created when you sign up for an Amazon account? This profile doesn't provide too much information publicly by default, but it is another data point for 3rd parties. Michael Bazzell from Intel Techniques provided a quick guide in his latest email newsletter on how to take a few easy steps to secure your Amazon profile. The following is an excerpt taken from his email, and is intended only for a quick reference. For the complete guide and his other material, please see his website listed above. I claim no credit for this tutorial. 1) Remove your Amazon public profile Your Amazon profile is created automatically, whether you want it or not, and it contains comments, ratings, public Wish Lists, biographical information, and other site interaction. This profile doesn’t include your purchases or your browsing history, but it’s very informative. If you want to control what activity is visible on your public...
Read More

Password Management

What's that yellow sticky note poking out from under your keyboard? Is that your password? If you're like many people this may be the case. While this may be practical and convenient, it's not a good idea. It might be ok in the privacy of your own home, but it can still be risky. Privacy and security (online safety) is all about managing your risks and deciding what is right for you. If you would like suggestions on how to better handle your passwords (yes, I used the plural form) and manage your risk read on for my thoughts and experience. I'll start with the risks of poor password management then provide a couple of solutions and resources to check your password strength. Risks Obviously, your passwords are your virtual keys. Unlike traditional keys, though, they aren't safely tucked in your pocket. They are either in your head, written down, or saved electronically. There advantages and disadvantages to each of those methods...
Read More

Online Privacy

A couple of years ago I had the privilege of attending a seminar about electronic privacy and security led by former FBI computer crimes investigator Michael Bazzell. If this is your first time hearing that name or digging into this topic I highly encourage you to visit his websites, listen to his podcasts, and/or read his book. His blog is a great place to start. You can find it here: https://computercrimeinfo.com/wp/. During his presentation he explained the many ways our private information is obtained without our consent; either through social engineering, data mining, or outright hacking. At the end of the presentation, he even gave a live demonstration showing a wifi pineapple device that he setup earlier in the day to spoof the guest wifi of the facility. In doing so, he collected personal information from a handful of smartphones in the room (including pictures, web sites visited during the presentation, and more). Needless to say, I was impressed with his...
Read More