When Edward Snowden leaked all of that information about NSA spying, it was basically stuff most of us already knew, but still willfully kept the blinders on because it was too huge to think it was actually real. That tends to be the problem. Most of us use many devices, e-mail, phones, and tech that we use but have absolutely no idea how any of it works. Recently, there was a post on Reddit that asked, “”Hackers” of Reddit, what are some cool/scary things about our technology that aren’t necessarily public knowledge?” And the answers ranged from interesting, too terrifying, and to make you want to hide in a cave for the rest of your life.
On having the strongest internet security:
You can have the strongest IT system in the world. You can spend billions on software & hardware protection, but if I can ring the new employee called “Cathy” and say “Hey, Cathy, you’re new here right? Yeah it’s John from IT Security, There’s been a breach and I need Sys Admin password quickly so I can patch it up”. “Ok” says Cathy, under stress to fix the problem And there I have it. I got the password. It’s called Social Engineering and 9 times out of 10 that’s how people hack accounts.
An insiders view on just how crappily built everything is:
As someone who has programmed since the late 80’s the scariest thing is just how flaky everything is.
It’s turtles all the way down except the turtles are horribly written unmaintained code that no-one commented and the guy who wrote it left the company 5 years ago to take up yak farming.
Our entire modern economy and to some extent society is entirely dependent on systems that were written by people like me.
That is fucking terrifying.
Then, someone responded to that which made me feel like we’re all covered with gasoline headed for a spark:
Weinberg’s Second Law: “If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.”
An obvious yet completely overlooked security idea of not using the same password for every site:
Don’t use the same password for anything. Hacker 101 is that once you compromise one account (ideally e-mail), you go through their e-mail notifications to see what other accounts they have. Then you go to those sites and try to log in with the same password. It usually works. Also you really shouldn’t even use the same username for difference sites, because if I crack an account other than your e-mail address I can still just Google your username or try sites I think you might visit. So your Reddit username should not be your GMail username and they certainly should not be the same password.
What about your webcam?
Yes, we can use malware to remotely activate your webcam, microphones, and whatever else is plugged into your computer. Cover the lens when you’re not using it. Ditto on cell phones, but there’s no much you can do about that short of removing the battery.
Yikes. Time to buy some black tape. Actually, I’m just going to go ahead and throw my entire house away. But, it gets even crazier.