Cybersecurity Part One
By The Sex Ed
Illustrated by The Sex Ed
It’s long been a priority of The Sex Ed to provide our community with Cybersecurity tips—practical information on how to keep yourselves safe online.
As the lines between public and private continue to blur, it’s unclear how concealed our online activities are and how much our digital privacy rights are protected. Are our Zoom and Google Hangouts confidential? How do we know that our medical records are safe? Or that our FaceTime “virtual sex” dates aren’t being recorded and distributed? Now more than ever, we need to be careful with how we interface with the apps we take for granted.
In addition, we need to be careful about how we post and what personal information we put online. Protests in support of Black Lives Matter movement are exposing the many ways that law enforcement can use our metadata—from photos and text messages, to location services and beyond. We need to understand how and why certain methods of documenting these protests can cause potential harm, and how sharing misinformation can put people in danger.
If you’re a regular listener of our podcast, you will remember our season 2 finale, which centered around the subject of Artificial Intelligence. In that episode, we learned about the myriad ways in which our likenesses and identities could be used - with or without our consent - now and in the near future.
With that in mind, we contacted Cybersecurity expert and ethical hacker Thèo Anastos to ask for his top tips when it comes to protecting ourselves online. Thèo, along with his mother and mentor Cecilia Anastos, has taught cyber defense courses in the private sector as well as to the US Navy SEALs.
On Passwords
Make sure you have a very strong password. I'd recommend 16 characters long for any email accounts or accounts to financial institutions. You should mix upper case and lower case letters with numbers and use special characters like (!, &, $, *). It increases the strength of a password that way.
On Two-Factor Authentication
Thèo: Using a two-factor authentication on accounts when available is very helpful. You will receive an email or a text message giving you a secondary pin number. If someone were to get your credentials somehow and they tried to log into your account, they wouldn't be able to access it because they would need the second authentication method.
On At-Home Safety
For Printers and Devices
Thèo: Change the username and password of any device that you buy, a printer for example, you want to make sure it doesn't have the factory-given username and password on it.
What are the risks of having Google Homes or Amazon Alexa in your homes?
Are they safe?
Thèo: People can use them to listen in on you. It's just like having an open microphone in your house at all times. If that device were to get compromised, your day-to-day life could be accessed by someone else. They’re not recommended but if someone already has them and they don't want to get rid of it, there are some precautions you can take:
To Protect Your Internet Access and Connection
In Home Router
Thèo: On each router there's an IP number on it. You can update the router's software and change the username and password to the router. You want to change the username to something unique but also something that can't be used to identify you. Make sure that you've selected WPA2AES or WPA2TKIP encryption methods on the router.
Another good tip regarding routers is if they have multiple channels, you want to use a one channel for yourself. Usually it will be the five gigahertz channel and then use a guest channel for anybody visiting the home, or if you have people living in there like your kids. Save another channel for any devices that need the Internet connection, like printers or if you have an Amazon Alexa, something like that. Then save one channel for maybe a significant other, someone who if the relationship ends you can just change password. Then You don't have to worry about any security issues from that end.
VPN for laptop / computer
Thèo: Another good way to secure your information is by using a VPN. For laptops and desktops you can install a Sophos or Malwarebytes, both which are pretty good antivirus softwares.
Passwords / Face ID / Fingerprints
What about securing your cell phone?
Thèo: You want to make sure that you secure your smart phones with a password and NOT a fingerprint or using Face ID. The main reason for this is a password is something that you know, whereas if the unfortunate circumstance were to happen where if you get drugged or knocked out, they could use your finger or your face to log into your phone and send messages on your behalf.
Other messaging tips
Thèo: I recommend changing the settings on your phone so that your notifications don't give a preview when they display on your home screen. That way if you’re with others and your phone is visible and you get a text pop up, no one else can read it. If it just shows you that you have the notification but it doesn't give you the preview, it's a lot safer.
How can you protect your location?
Thèo: Make sure you turn your Bluetooth off when you're not in motion. If you get out of your car, just turn Bluetooth off if you are using that while you were driving. Another good way to secure your phone is by using a VPN such as ExpressVPN. That'll just mask your IP when you're on your phone. Again, you want to make sure you have your Bluetooth turned off and using an ExpressVPN as well.
How can you safely use phone applications that may ask for or require access to your location?
Thèo: In general, for location services, you want to make sure that they are turned off unless you're using the navigator. Having them off is a lot safer because when your location services are on, your phone's Wi-Fi is just constantly pinging towers you go by and so you can get tracked that way. In terms of using the navigator, if you're about to go somewhere you can just turn it on so it knows your location, or you can just manually put it in.If you have your location services on, any time you send a text or an email or take a photo, upload anything, there's going to be a GeoCoordinates of your location that goes along with whatever you send out.It is important to not check in places on social media apps because that's public. Anybody can see who has checked into that place and if someone were to try to stalk you, they could be using that as well.
Is someone watching us?
Thèo: if you have an iPhone you can go to your settings, in the privacy analytics and improvements, and then from there go to the analytics data. That will give you a list of the apps that are taking processing power from your phone. If there are any listed that you don't recognize or if you dig a little deeper and they're not really coming up with anything, then that might be a spying app or something with malicious intent.
Similarly if you have an Android phone, you can go to the application manager into the downloaded apps. That will give you the same list of apps or processes that are taking up power from your phone, and if there's anything you don't recognize then you can try to remove it. Best case scenario you can delete it. If you're still having issues getting an app off your phone, you can make a backup of your phone, then factory reset your phone. After you factory reset, just re-upload everything you saved in the backup and then that should remove it.
How can you protect yourself from scammers?
The Federal Communications Commission (https://www.fcc.gov/covid-scams) recently posted a list of phone scams going on during COVID-19 including hoax text message campaigns and robocalls offering free home testing kits, false information promoting cures, selling health insurance, and more.
Thèo: Be careful not to click on any links you receive in emails or texts because they can contain malware on them. A lot of scammers will send phishing emails from financial institutions or other big companies trying to trick people into clicking on a malicious link.
Stay tuned for Part Two of this essay!