Category Archives: Privacy

How to Stay Secure Online

Standard

Whether you’re an internet newbie or an expert, you are equally vulnerable to all kinds of cybercrimes. While the internet offers many opportunities to explore, create new things, collaborate on exciting projects, or take online MOOCs from top ranking universities of the world, it also has some serious trade-offs that we often choose to neglect. There is a basic rule of thumb: your private information remains private only if it never leaves your own head.

We aren’t saying you shouldn’t trust anyone in life, but trusting someone with your private information (passwords, accounts credentials, security questions, PINs etcetera) always puts you at risk of losing that information, and the valuable services they allow you to access. There are a few tiny tips that you can follow to ensure your own security online. And like they say, “since you never leave the main gate of your house open for thieves and murderers and whoever”, (clichéd as that may be), you should be vigilant about the security and safety of your online life as well.

Stronger passwords

In the digital world, passwords are like the keys to your gate; never to be shared! It is the most essential element as it is used to get into your personal accounts. So how do you create stronger, more resilient passwords?

Use mnemonics: They improve memory by using the words from your favorite rhymes, poetry or say, a movie title, for example, yaar ko hum ney jab ajaadekhaa can be turned into yKhnjBd. You can make passwords even stronger by using digits for letters: 0 for o/O, 5 or 2 for S/s etcetera. Play with variations that would be more easily memorable for you. If not mnemonics then simply make sure your password contains a combination of capital letters, small letters, digits and signs and not just a single sentence with all small or capital letters.

Always use different passwords for high-value or sensitive services. For instance, don’t use the same password for Twitter and for online banking. And use a different password again for your e-mail account: after all, where do your password reminders get sent to?

Use KeePass (keepass.info) to store your passwords, credit card PINs, computer passes and any other sensitive information. Do not write it on paper or save it in email/mobile drafts. Also, do not store passwords on your browser’s password manager. Browsers store passwords in a single known location – which means an attacker will always know where to look, even if the passwords are encrypted, increasing the chance that data will be compromised.

How to be secure on social media

Most of our time online is spent on social media sites. Twitter, Facebook, LinkedIn and Google+ are increasingly becoming a vital part of our daily life. While things are pretty simple on Twitter, (everything is public OR hidden if you keep a protected account), it’s a bit different when it comes to Facebook. We add our friends, acquaintances and family members on Facebook, which means more private information is shared, risking a much wider view of your online identity. Facebook accounts can also be used to harass, create fake accounts using your publicly shared information and photos; and it can become messy, with you having to ask your friends to mark your account as spam, and then going through the process of getting your account deleted and establishing a new one. But that frustration can be avoided with a few privacy settings. Also, please do not add just about everyone who sends you a friend request. You not only expose your private information, but also that of your Facebook friends and family members. Always make sure if that guy who used to be in your school and you two never actually spoke to each other is genuinely interested in friendship with you, or whether he is trawling for your private information? If that account which seems to be of your college teacher really belongs to the teacher or is it a fake account?

Spend some time on your Facebook privacy settings to make sure they are set to how you want them to be. Go to the settings gear icon on the top right corner and click on the Privacy Settings on the drop down menu. In the privacy settings window you can set who can look at your profile, who can search for you by e-mail or name, who can tag you in their photos and other important settings. Go through each of them to make sure you do not miss any important point. Remember in particular that ’friends of friends’ can be a very large number of people you don’t know, even if you have been careful in who you accept as your own circle of ‘friends’.

When you update your status or share a photo, there is a little icon to edit the post/photo’s visibility from public to friends to custom, etcetera. Do make use of it, rather than just accepting the default settings, as the default settings on Facebook may not necessarily be the best ones for you.

Some important browsing tips

• Always use HTTPS!
• Keep location feature/GPS disabled when not necessary.
• Use two-way verification (available on Gmail, FB, Dropbox, etc) for that extra security layer.
• Change your passwords every couple of months as a precautionary step.
• Use proxy services when you intend to remain anonymous because of the security issues – particularly while blogging about sensitive issues.
• Set your browser to ‘always clear cookies and browsing history’ – especially when using a machine which is not exclusively being used by you.

Your online persona is a part of you, and it is as valuable as any other information you may have. The more you ‘live online’, the more care you should take of your online life.

Published on Dawn Spider Magazine

20131013-144932.jpg

Advertisements

FinFisher Commercializing Digital Spying – How You can be a Victim?

Standard

FinFisher is surveillance software by Gamma International UK Ltd marketing the surveillance solutions to government security officials through exploiting security lapses in anti-virus programs. It is basically a spyware suite designed to allow someone to spy on a computer or mobile device. Described by the company as “Governmental IT Intrusion and Remote Monitoring Solutions”, FinFisher has its command and control servers installed in around 36 countries globally, according to a report and analysis by Citizen Lab. Pakistan is one of those countries, and Pakistan Telecommunication Company Ltd (PTCL) owns the network where FinFisher server is found.

The FinSpy malware – tool of FinFisher intrusion kit – was often injected in the potential victims’ machines by sending them malicious email. In the analysis, Citizen Lab found that email addresses which were used to send these emails were on the names of some popular Read the rest of this entry

انٹرنیٹ کی سکیور براؤزنگ کرنے کے لئے نعے سال کے ١٠عزم

Standard
.یہ ترجمہ گلوبل وائسز کے لئے کیا گیا تھا. بلاگپوسٹ کے لکھاری ہشام المرات ہیں
Global Voices Advocacy  پے ہم نے ہمیشہ انٹرنیٹ پے اظہار ے آزادی پے فوکس کیا ہے. ہم اپنے فیلو انٹرنیٹ یوزرز کی انٹرنیٹ پے سیکورٹی, censorship سے بچنے اور خود کو محفوظ کرنے کے لئے گائیڈز اور ٹولز پبلش کرتے رہے ہیں.

ہمارا اس نعے سال 2013 میں بھی یہی عزم ہے کہ ہم آپ کے حقوق کی حفاظت کرتے رہیں. اس کے لئے ہم رپورٹس اور گائیڈز پبلش کرتے رہینگے جو کہ citizen privacy journalism، online activism، surveillance، anonymity، advocacy جیسے بیشتر ایریاز پے مشتمل ہونگی.

سال ٢٠١٢ کے ختم ہونے کہ ساتھ ہم اپنے ریڈرز کے لئے ١٠ ایسی ریزولوشن پیش کر رہے ہیں جو مختلف ٹولز اور سٹریٹیجیز کے ذریعے آپ کو آن لائن اپنی حفاظت کرنے میں مدد کرینگی. ہمیشہ یہ یاد رکھیے کے کوئی بھی ایک تکنیک یا طریقہ آپ کو ١٠٠% تحفظ دینے کا واعدا نہیں کرسکتا. ہر وقت اپنے شعور اور ادراک سے خود کو مسلح رکھیں.

#1 موبائل فون استعمال کرتے وقت اپنی شناخت کو چھپائیں – Read the rest of this entry

“A facebook status can get you arrested faster than killing someone now”

Standard

In India, the largest democracy on Earth, 21-year old Shaheen Dhada was arrested for posting a status update on Facebook questioning the complete shutdown of cities for Bal Thackeray’s (rightwing leader notorious for inciting religious hatred and violence) funeral on Sunday, 18th November. Her friend Renu Srinivas was also arrested for “liking” the update which reportedly read: “People like Thackeray are born and die daily and one should not observe a ‘bandh’ [shutdown] for that.“

The girls were arrested under section 295A of the Indian Penal Code (IPC) for “hurting the religious sentiments of others” and section 66 (a) of the Information Technology Act, 2000, after the complaint was made by a local Sena leader in Palghar police station, reported NDTV.
66A of the Indian IT act deals with communication made via computer or other devices which may be “grossly offensive,” have a “menacing character,” or even cause “annoyance or inconvenience”. This draconian law had been severely criticized for being authoritarian and stifling freedom of expression.

Dhada quickly removed the comment and apologized for it but that didn’t stop this hostility. Some 3,000 party activists of extreme right- Read the rest of this entry