You know what we love where I work? Security. Seriously, it’s our favorite thing to talk about around NSS Labs Headquarters that’s not the finale of West World (yes, we’re still stuck on it).
We dream about security threats while analyzing what a breach really means. We obsess about keeping things secure, we argue about strategy, and plenty of times, we wax poetic on ways teams can make their systems more secure.
As the NSS Labs crew heads into this year’s RSA conference, we’ll be surrounded by some of the brightest minds in security.
On the other hand, we’ll also be around those looking to hack those bright minds. Security culture is complex like that.
But, we figured this was a good time to share some tips that any team could use to make their systems stronger, the basic stuff everyone can do. A few might seem obvious, but it never hurts to remind folks that simple measures could keep their systems secure.
1. Make sure your plug-ins are up to date
There are a lot of people who hit “remind me later” when it’s time to download that plug-in update. But, what folks don’t realize is that those updates typically provide patch fixes for known bugs, or errors working as backdoors to all kinds of viruses.
It’s a hacker’s job to try their damnedest to get into your computer, and by not updating your Java, you’re giving them that much more firepower.
Plug-ins like Java or Flash need to be updated on the regular.
If you want an alternative to checking for updates manually, both Firefox and Chrome offer plug-ins of their own, which tell you when updates are available for practically everything on your machine. All you need to do is click a button, and you’re off to the update races – your browser does all of the work for you. By doing so, you’re giving shady characters one less avenue to potentially get your information.
2. Get proactive in the fight against ransomware
If you haven’t heard of ransomware, here’s the easy definition: it sucks. Some variants of ransomware live in your spam folder and can turn your computer into a brick with a simple click. If you’re unlucky enough to open that email from the Nigerian Prince, and next thing you know, you’re locked out of your machine – it’s likely you’ve been hit with ransomware.
Ransomware is a threat that scrambles your data and then makes you pay a ransom to decode it. Over 4,000 ransomware attacks happen every day. Go ahead, Google it. Every. Day. It’s the second most scary thing next to self-diagnosing on WebMd.
Staying vigilant in today’s ever-evolving tech landscape is imperative. Hackers don’t sleep – they’re always looking for a way to get paid. Not everyone falls victim to this plague, but there are a few steps your team can take to ensure no one is opening an email they shouldn’t.
If you’re running an IT team, or are in charge of your company’s security, there are a few easy best practices you should keep in mind when dealing with your not so technical co-workers:
- Get an incident management plan together with your IT team
- Remind coworkers to not open shady-looking emails from unknown addresses
- Simulate an attack and put your system to the test
- BACK UP YOUR STUFF – Get a Dropbox account for your important documents and work in Google Docs or Confluence
- Set up automated system alerts when code looks compromised
- Adjust your computer’s security settings to alert staff in case of suspicious activity
3. Keep your password complicated
Look, this seems easy enough, but there are a lot of people who use 1234 as their password. Really.
By making your password complicated with a series of numbers and symbols, you’re protecting yourself and your information.
Cyber awareness is crucial – it’s important you don’t give hackers the edge. By making the password complicated, it’s harder for password jugglers to crack your accounts.
4. Wipe that drive
Just because you delete something from your computer doesn’t mean it’s gone.
Computers have hard drives like the raptors in Jurassic Park: they remember.
When it’s time to get a new laptop, make sure your drive is wiped clean and you give it a factory reset. If you don’t, those files you thought you’d deleted could fall into the wrong hands.
And there you have it – four simple tips to get your team more secure in 2017.
Airbnb has blocked 50K+ bookings for being too big during COVID-19
(NEWS) Airbnb has cancelled a huge number of reservations as a security precaution during COVID-19 in the past year or so.
In the last year or so, Airbnb has purposefully prevented at least 50,000 people from making irresponsible reservations on their properties, in many cases blocking those people from the platform itself. This prevention, at least in theory, helped cut down on the number of COVID parties during the pandemic.
According to The Verge, Airbnb’s head of trust and safety communication, Ben Breit, acknowledged blocked reservations in several cities across the United States, including Dallas, San Diego, and New Orleans. Breit confirmed that this response was an attempt to prevent large gatherings and parties during the height of the COVID-19 pandemic during which many areas banned group activities involving more than a few people.
While some requests for reservations were simply denied or “redirected”, many users were blocked from using Airbnb entirely. Airbnb noted that the number of blocked requests outpaced the number of people who were blocked, signifying that some accounts attempted to make more than one reservation before being removed from the platform.
Airbnb reportedly stated that “Instituting a global ban on parties and events is in the best interest of public health” prior to enacting a total ban on rentals at the beginning of 2020, a decision that gave way to the blocks and redirections in the last 12 months.
The evaluation system used to flag problematic reservations is relatively simple, according to Breit: “If you are under the age of 25 and you don’t have a history of positive reviews, we will not allow you to book an entire home listing local to where you live.”
But Airbnb didn’t entirely remove multiple-body listings or large rentals. The Verge reports that flagged users with the aforementioned criteria were still able to book both small rentals in local locations and larger rentals in reasonably distant locations.
Regardless of the optics here, Airbnb’s policy efficacy can’t be ignored. Multiple cities reported comparatively “quiet” holiday seasons–something that may contribute to Airbnb’s decision to extend their policy through the end of this summer.
The hosting company is also offering increased security measures, such as noise detection and a 24-hour hotline, at a discounted rate to property owners.
As both the vaccine gap and the proliferation of the Delta variant of COVID-19 continue to contribute to outbreaks, one can reasonably expect Airbnb to hold to this policy.
TL;DV summarizes video meetings so folks can catch up in quickly *with* context
(TECHNOLOGY) TL;DV makes catching up on video team meetings slightly more tolerable and easily digestable.
2021 was the year of virtual meetings, and while there are some perks associated with remote collaboration (I’m looking at you, pair of work pants that I didn’t have to wear once this year), these meetings often feel exponentially more arduous than their dressed-up counterparts. TL;DV, a consolidation app for Google Meet, looks to give back a bit of your time.
TL;DV (an acronym for “Too Long; Didn’t View”) is a Google Chrome recording extension that helps users specify important sections of meetings for anyone who needs to view them asynchronously. Users can tag specific segments in Google Meet sessions, transcribe audio, and leave notes above tagged sections for timestamp purposes, and the subsequent file can be shared via a host of both Google and third-party apps.
While the extension is only available for Google Meet at the time of writing, the TL;DV team has included a link to a survey for Zoom and MS Teams users on their site, thus implying that the team is looking into expanding into those platforms in the future.
The mission behind TL;DV is, according to the website, to empower users to “control how we spend our precious time” in the interest of combatting FOMO and meeting fatigue. By dramatically shortening the amount of time one must spend perusing a meeting recording, they seem well on their way to doing so.
Of course, the issue of human oversight remains. It seems likely that meeting facilitators will drop the ball here and there while tagging sections of the recording, and employees who miss crucial information in a recorded session are sure to be frustrated in the process–just not as frustrated as they might be if they attended the entire meeting live.
The current (free) version of TL;DV is in Beta, so users will have a three-hour cap on their videos. The development team promises a professional version by the end of 2021, with the added bonus of leaving prior recordings available for free for anyone who used the Beta. This is certainly an extension to keep an eye on–whether or not you’re remaining remote in 2022, virtual conferencing is no doubt here to stay.
Hiding from facial recognition is a booming business
(TECH NEWS) ‘Cloaking’ is the new way to hide your face. Companies are making big money designing cloaking apps that thwart your features by adding a layer of make up, clothing, blurring, and even transforming you into your favorite celebrity.
Facial recognition companies and those who seek to thwart them are currently locked in a grand game of cat and mouse. Though it’s been relentlessly pursued by police, politicians, and technocrats alike, the increasing use of facial recognition technology in public spaces, workplaces, and housing complexes remains a widely unpopular phenomenon.
So it’s no surprise that there is big money to be made in the field of “cloaking,” or dodging facial recognition tech – particularly during COVID times while facial coverings are, literally, in fashion.
Take Fawkes, a cloaking app designed by researchers at the University of Chicago. It is named for Guy Fawkes, the 17th century English revolutionary whose likeness was popularized as a symbol of anonymity, and solidarity in V For Vendetta.
Fawkes works by subtly overlaying a celebrity’s facial information over your selfies at the pixel level. To your friends, the changes will go completely unnoticed, but to an artificial intelligence trying to identify your face, you’d theoretically look just like Beyonce.
Fawkes isn’t available to the general public yet, but if you’re looking for strategies to fly under the radar of facial recognition, don’t fret; it is just one example of the ways in which cloaking has entered the mainstream.
Other forms of cloaking have emerged in the forms of Tik Tok makeup trends, clothes that confuse recognition algorithms, tools that automatically blur identifying features on the face, and much more. Since effective facial recognition relies on having as much information about human faces as possible, cloaking enthusiasts like Ben Zhao, Professor of computer science at the University of Chicago and co-developer of Fawkes, hope to make facial recognition less effective against the rest of the population too. In an interview with The New York Times, Zhao asserts, “our [team’s] goal is to make Clearview [AI] go away.”
For the uninitiated, Clearview AI is a start-up that recently became infamous for scraping billions of public photos from the internet and privately using them to build the database for a law enforcement facial recognition tool.
The CEO of Clearview, Hoan Ton-That, claimed that the tool would only be improved by these workarounds and that in long run, cloaking is futile. If that sounds like supervillain talk, you might see why he’s earned himself a reputation similar to the likes of Martin Shkreli or Ajit Pai with his company’s uniquely aggressive approach to data harvesting.
It all feels like the beginning of a cyberpunk western: a story of man vs. machine. The deck is stacked, the rules are undecided, and the world is watching. But so far, you can rest assured that no algorithm has completely outsmarted our own eyeballs… yet.
Business Entrepreneur2 days ago
If you’re easily distracted, you’re more likely to thrive as an entrepreneur
Business News2 weeks ago
Everyone should have an interview escape plan
Business Finance1 week ago
Freelancers: How to get away from billing hourly
Business Finance2 days ago
6 questions to ask when considering a startup accelerator
Opinion Editorials1 week ago
How strong leaders use times of crises to improve their company’s future
Business Marketing1 day ago
Jack of all trades vs. specialized expert – which are you?
Tech News1 week ago
Hiding from facial recognition is a booming business
Tech News1 week ago
Spike helps you stay on top of website issues before they happen