Insights For Success

Strategy, Innovation, Leadership and Security

Social Media

How to make yourself an easier target for hackers

GeneralEdward KiledjianComment
Your_data.jpg

I've talked about different technologies to provide additional protection when working online (Chromebooks1, Chromebooks2, VPN1, VPN2, VPN3, etc.) The truth is that anything that is posted, shared, stored or connected online risks being hacked and leaked. 

Instead of telling you how to protect yourself, I want to share tips on how to make yourself a flashier and easier target for hackers. After all, why make their lives more difficult than it needs to be? 

Reuse the same passwords everywhere

Reusing the same passwords everywhere is convenient for you and hackers. If they manage to crack or steal your password from one site, they can then reuse that same one on your other accounts. Don't make their lives difficult and reuse the same password for all your online accounts. While you're at it, use simple short passwords using only letters to make it easier to crack.

Don't use 2-factor authentication

2-factor authentication is usually a secret code generated on your phone using a free tool like the Google Authenticator or Authy. The purpose of 2-factor authentication is to provide additional account protect that would prevent someone from accessing your account if they somehow manage to get your password.

2-factor authentication goes against our goal of making you easier to hack. Doesn't 2-factor authentication sound like a lot of trouble for nothing? Why would you want to make it difficult for hackers to access your account if they have gone through all the effort of finding and cracking your password? 

Whatever you do, do not enable 2-factor authentication so your account can be stolen easier. 

Trust everyone and click on those links

Security advocates always caution users not to click on "strange" links from known or unknown sources. Sure often these types of links are used to install malware on your machine or to steal your login credentials (phishing), but you may miss that funny joke a friend sent. 

Hackers go to great lengths to make their emails look legitimate so why not reward all their hard work by clicking on them? If you don't click on those links, you will force the hackers to work harder to steal your information, and who wants to work harder? 

So I say click on those links quickly. If you see a link click on it regardless of any doubts you may have. 

Don't update your software and operating system

All software is written by humans and is therefore imperfect. Reputable software vendors (that hate hackers) release regular updates to their products to patch vulnerabilities that may be exploited. 

Our goal is to make you an easy target so why install updates? Updates take time. It is easy to forget checking for them (on smartphones, tablets and PCs). The easiest thing to do (the most hacker-friendly) is just to leave your machine as it is, and not install any updates. After all, what if the update changes a function? 

The moral of this story is to just leave well enough alone.  Don't make a hacker's life more difficult than it has to be, don't update your software or operating system.

Don't ever turn off Bluetooth

You work hard, and anything that makes your life easier should be encouraged and used. Bluetooth is a modern convenience for anyone that uses wireless headphones. You turn it on and pair it with your favourite headphones when you first set up your device and forget about it. 

Convenience is king. When you want to listen to a podcast or some music, you shouldn't be bothered to fiddle with small switches in some control menu to turn on Bluetooth. 

There are well-known attacks against Bluetooth that could allow a remote attacker to connect to your device and steal data stored on it. Who cares? Convenience is king and outranks security. We want to make your devices as vulnerable as possible, so whatever you do, leave Bluetooth on. While you are at it, leave other data transfer features on (like Airdrop on Apple and WIFI). 

Don't use a VPN

I have written about VPNs for years. How they can be used to protect your data when using unknown or untrusted WIFI networks. This article is about making your life and the hackers life easier, not making you more secure. 
VPNs are a hassled. You have to buy a subscription, install the app on your devices and remember to turn it on everytime you connect to an untrusted WIFI network. When using a VPN you are paying to make your WIFI experience more complicated. Does this seem logical to you?

Hackers love using unprotected or poorly protected WIFI networks to perform reconnaissance and even break into your devices. Hackers have a wide variety of easy to use tools that work on devices connected to these open WIFI networks where users aren't using a VPN. So the moral of the story is convenience. After all, if you can't trust your local coffee shop with your data security, who can you trust. 

Remeber that your goal is to make your and the hacker's life easier so trust easily and trust often. Don't use a VPN to encrypt your traffic and make it impossible for a local hacker to steal your data or compromise your device. 

Share a lot and often

The purpose of social media is to share information with friends and other strangers that are connected to you. So the hacker rule is to share as much data as possible and share it often.

Peacing data together is a fantastic way for a hacker to build a profile about you so they can reset passwords, use your credit or craft believable phishing emails. Make sure that all your social media profiles are public. Then once you your profile is visible to everyone on the internet, make sure you post a tone of "useful" information such as 

  • habits: (when you go to the gym, restaurant, stores, etc) so hackers can figure out where you live
  • vacations:  everyone wants to know that you have left the country for a week of sun and relaxation. Especially those hackers and thieves. It is so much easier when the target (oops... I mean friend) lets you know it is a good time to steal from them. 
  • Date of birth: MAke sure you use your real date of birth on social media sites so friends (that can't be bothered to remember your birthday) can wish you a happy birthday. Hackers can then use this information to apply for credit in your name. It's a win-win for everyone. 

The moral of the story is to post lots of personal data, regularly and as quickly as possible. 

Conclusion

I hope you have found these tips useful. I know many hackers will thank you for being such a friendly and trusting person. Remember that good security is inconvenient and convenience is the most important factor to a busy person like you. You are too busy to worry about securing each and every service you use, so don't. 

After all, people are generally nice and trustworthy. So open that attachment. Click on that link. Share that vacation departure notice. Life is short, live a little.

26 girls saved from exploitation by Twitter

GeneralEdward KiledjianComment
chains-19176.jpg

The media is quick to publish reports about the "evils" of social media. Twitter is a favourite whipping target.

Here is a little-told story about 26 young girls (aged 10-14) being saved from the clutches of human traffickers in India because of a simple tweet.  Adarsh Shrivastava, a good samaritan, travelling on an Indian train noticed a group of young girls that seemed to be in distress. He twitted the train operator which was the start of their rescue. 

A representative from the Ministry of Railways forwarded a support request to the railway police. 

Shortly after being notified, the railway police intervened and rescued the girls. Two men were arrested. 

Source: NDTV

Best URL shorteners

GeneralEdward Kiledjian4 Comments
UTL_short.jpg

URL shorteners are something you either use a lot or never. Google launched it's own URL shortening service in 2009 with unique (at the time) features like third-party API access, QR code generation, ability to use easily on mobile. 

But Google is retiring this public facing service and replacing it with Firebase Dynamic Links (FDL) accessible by developers only. 

This is not surprising since Twitter retired Deck.ly when it acquired TweetDeck.

If you have links, Google is giving you until March 30, 2019, to figure out what you are going to do (even though you will lose the ability to create new short links on April 13). 

google_short1.PNG

What are the best Goo.gl alternatives?

bitly.PNG

1 - Bit.ly

The first alternative has to be Bit.ly which is one of the most popular URL shortening services on the internet and one of the oldest. You create an account and then generate short links as required (you can also choose a tag to group your URL). 

Bitly allows you to create custom branded short URLs, which is excellent for marketing. 

Owly.PNG

2 - Ow.ly

Hootsuite runs a service called Ow.ly. Ow.ly offers all of the features of Bit.ly but integrates with HootSuite. So if you use Hootsuite to manage your social media presence, this could be the best option for you.

The big difference is that Bit.ly allows you to quickly shorten a link from their main webpage without having to sign-up whereas Ow.ly does not.

rebrandly.PNG

3 - rebrandly.com

Many lists include Firebase from Google but I am omitting it since it is only designed for use by developers in apps (not useful for the average Joe). My last recommendation is Rebrandly.com which offers custom URL shorteners. Many large cloud companies are Rebrandly customers (such as Microsoft, Dropbox, etc).

rebrandly1.PNG

Before you get scared and look away, they offer a free tier that will meet the needs of most users.

Conclusion

A URL shortener is a service that you will rely on for years, and I have presented the companies (services) that look to be the most stable. Remeber that when the service disappears's your links break which could wreak havoc on your social strategy.

Tool to check if your favorite username is free on dozens of sites automatically

GeneralEdward KiledjianComment
  •  
  • Whether you are a burgeoning social media star, a marketer or just a lover of everything social, you probably want to use the name username on all the major social media sites. Using the same name makes it easy for your adoring fans to find you. 

This is when an online service called NameCheckr comes into play. You enter the desired username and it check the sites for availability. The sites included in its search (as I write this are):

  • Domain (.com)
  • Domain (.net)
  • Domain (.org)
  • Domain (.io)
  • Facebook
  • MySpace
  • GitHub
  • About.Me
  • Twitter
  • Instagram
  • Vimeo
  • Papaly
  • Google+
  • Youtube
  • GetSatisfaction
  • StumbleUpon
  • Tumblr
  • Meetup
  • FeedBurner
  • Blogger
  • Reddit
  • Pinterest
  • FourSquare
  • Pinterest
  • Flickr
  • Ello
  • Dribble
  • Last.FM
  • IFTTT

Click on the load more option and you also get

  • Vine
  • DeviantArt
  • Kinja
  • Spotify
  • ETSY
  • LiveJournal
  • Badoo
  • Disqus
  • eBay
  • Technorati
  • Wordpress
  • Behave
  • Domain (.co)
  • Domain (.us)
  • Domain (.cc)
  • Domain (.me)
  • Domain (.biz)
  • Domain (.info)
  • Domain (.de)
  • Domain (.at)
  • Domain (.eu)
  • Domain (.ru)
  • Domain (.jp)
  • Domain (.mobi)
  • Domain (.in)

Click on any of the services showing the name is available and it will take you to the page where you can register it on that service.

Testing the service

As a test, I ran ekiledjian through the service and after a couple of minutes of processing, it showed me which services had it avaialble or not. 

How to find how many Twitter fake followers you have

technologyEdward KiledjianComment
Image by  Patrik Nygren  used under Creative Commons License

Image by Patrik Nygren used under Creative Commons License

When web placement was paid per click or per view, Twitter importance was measured by the number of followers you had. Those days are long gone because modern tech savvy social media users understand that engagement is the ultimate measure.

In some cases, people bought Twitter followers to make themselves look  better but there are times when those fake followers are added by bots. Why? Because many people automatically follow back all of their followers and these SPAM accounts get a decent following quickly.

Fakers App

The first tool is an online service called the Fakers App.  This app allows you to identify how many fake or empty accounts follow you. Better yet, they can perform this same magic on competitors or service providers trying to sell you on their HUGE social media following.

Head over to the webpage (link)

Click on the Connect to Twitter button

Authorize the app to connect to your twitter account. Then let it do its magic

In my case only 3% of my followers are fake. 46% are inactive which isn't surprising knowing how most registered Twitter users rarely tweet. You can use the search box to check this info for someone else

TwitterAudit

TwitterAudit (link)  is another interesting tool that takes a 5,000 follower sample from your account and then creates a follower value score by looking at the ratio of followers to following, number of tweets, date of last tweet, etc.

It creates some interesting graphs:

Conclusion

You'll notice that the stats provided by each site aren't perfectly aligned but they are close. The Inactive status of the Fakers App isn't too valuable for me considering most people sign up and spend most of their time on twitter lurking. 

Ultimately less than 3% (in both cases) of my followers are fake. What about you?