Protect Yourself From Data Breaches - DTNS WEEKLY TECH UPDATE 11/23/2016

Hey all, thanks for reading! This is the weekly newsletter companion to Daily Tech News Show at http://dailytechnewsshow.com/ 

 You can get this newsletter by backing DTNS for $5 a month or more at http://patreon.com/dtns 

This week I take some tips from Hal 5's Darren Kitchen combined with a few of my own to give you some good ways to protect yourself from data breachers. First here are some big stories from the week, in case you missed it. 

Mike Isaac at the New York Times reports that three former and current Facebook employees say the company has developed a tool that would remove posts from news feeds based on geographic areas. The feature would allow a third party to monitor and block certain content. It is one of a number of experiments being explored as options to get Facebook unblocked in China and may never be implemented. http://www.nytimes.com/2016/11/22/technology/facebook-censorship-tool-china.html 

Stanford researchers studied how 7,804 students evaluated information online. 82% of middle school aged children did not see a valid reason to mistrust a post by a bank executive arguing that young adults needed more financial planning help. It was labeled as sponsored content. When asked which of two stories they would choose to learn facts about year-round schooling, 60% chose an opinion piece  or could not explain why they chose the news story. 4 of 10 high school-aged students believed a picture of a deformed flower and a headline about toxicity in Fukushima without source or location for the photo. https://techcrunch.com/2016/11/22/most-students-cant-tell-fake-news-from-real-news-study-shows/ 

The US National Transportation Safety Board is investigating in accident involving one of Facebook’s Aquila unmanned aerial vehicles meant to deliver Internet to remote areas. The UAV suffered a structural failure during landing after its first test flight at 7:43 AM on June 28th near Yuma. Facebook mentioned the failure in a July 21st post but the NTSB investigation was unknown until now. Preliminary findings have not been released. https://www.bloomberg.com/news/articles/2016-11-21/facebook-experimental-drone-accident-subject-of-safety-probe 

US President-elect Donald Trump named two advisers to his Federal Communications Commission landing team Monday. Jeffrey Eisenach of the American Enterprise Institute has worked as a consultant in the telecom industry, worked at the Federal Trade Commission during the Reagan administration, and written against classifying the Internet as a public utility. University of Florida professor Mark Jamison has worked for Sprint and has criticized the leadership of current FCC chairman Tom Wheeler. The two will recommend who the President should appoint to the FCC. http://fortune.com/2016/11/21/trump-net-neutrality-fcc/ 

In statements following the vote to approve a merger of SolarCity and Tesla, CEO Elon Musk said SolarCity's new roofing material should cost less than traditional rooftop shingles to make and install. The savings is expected because the solar shingles could be cheaper to ship due to lighter weight and less risk of breakage. The shingles would reportedly feature tempered glass made by Tesla, a new solar film from 3M  MMM 0.14%  specifically designed for this project, as well as solar power technology jointly developed by Tesla, SolarCity and Panasonic. http://fortune.com/2016/11/18/elon-musk-tesla-solarcity-solar-roof/ 

Bloomberg reports Apple has disbanded its division that develops wireless routers like the Airport Express. Engineers have apparently been moved to other teams including the Apple TV group. Routers have not made up a significant part of Apple’s revenue. https://www.bloomberg.com/news/articles/2016-11-21/apple-said-to-abandon-development-of-wireless-routers-ivs0ssec 

Apple has introduced the iPhone 6 Plus Multi-Touch repair program for models that have the so-called touch disease that results in a flickering screen or unresponsive touch screen. Apple has reduced the repair fee for the iPhone 6 Plus from $300 to $149 for the problem. If you've already paid for the repair, Apple says you can contact it for a reimbursement of the difference. While iFixit and others suspect a design flaw in the touchscreen controller chips as the cause. Apple maintains it only happens after stress on the device such as multiple drops on hard surfaces. http://arstechnica.com/apple/2016/11/apple-will-fix-iphone-6-pluses-with-touchscreen-problems-but-it-will-cost-you/ 

Instagram launched two new features Monday for Android and iOS. First you can now send a direct video or photo message that disappears after the second viewing. And second, Instagram Live now lets you broadcast live video to anyone who follows you. The stream goes away when it ends too, no watching streams later. Instagram will only send notifications that you’re live to some friends while everyone else needs to notice the live tag on your Instagram Stories bubble. Instagram will also highlight the most interesting live streams in the Explore tab Stories section.  The features will arrive for users over the next few weeks. https://techcrunch.com/2016/11/21/instagram-live/ 

Wal-Mart is experimenting with using the blockchain distributed ledger technology to identify sources of unsafe food. The idea is that transfer of food items everywhere in the supply chain from grower to store shelf would create a digital receipt with no way for suppliers to alter the info. The test is being run on pork from China and an unidentified “packaged produce item” in the US. The hope is to identify unsafe products faster and with more accuracy reducing cost. If the tests are successful, Wal-Mart will expand them to multiple food items in both countries. https://www.bloomberg.com/news/articles/2016-11-18/wal-mart-tackles-food-safety-with-test-of-blockchain-technology 

Google’s DeepMind and the University of Oxford have used 5,000 hours of BBC programs to teach a deep learning system to lip read. The training was done on episodes of Newsnight, BBC Breakfast and Question Time and three others from January 2010 to December 2015. Then performance was tested on broadcasts from March to September 2016. The AI annotated 46.8% of all words while a professional lip reader annotated 12.4%. Applications could include hearing aids, general speech recognition in noisy environments and silent dictation. https://www.newscientist.com/article/2113299-googles-deepmind-ai-can-lip-read-tv-shows-better-than-a-pro/ 

ZDNet’s Mary Jo Foley says her sources say Microsoft is working on an x86 emulator for ARM processors running Windows. It’s expected to arrive on the Redstone 3 version of Windows in Fall 2017. This would allow mobile devices in Continuum mode to run desktop Windows apps, not just Universal Windows Platform apps. Last Night Twitter user Walking Cat found a reference to the emulation called CHPE. http://arstechnica.com/information-technology/2016/11/x86-emulation-rumored-to-be-coming-to-windows-for-arm-in-late-2017/ 

CLOSER LOOK - PROTEC YOURSELF FROM DATA BREACHES

Data breaches get loads of publicity, and while Darren and I talked about how not all breaches are valid, enough of them are that it's worth taking some precautions.

There's not much you can do to force a company not get breached but there are some things you can do to minimize the risk to you if you choose to use a service. And let's be honest, most of us are not going to stop signing up for all services on the Internet. 

The trick is to make the information an attacker would give as low value as possible and barring that make it difficult for them to gain anything from having it.

1. Don't reuse passwords between sites.

If an attacker breaches a site and even if that site stored your password in plaintext, if you didn't use that password anywhere else it won't do them much good. Hopefully the site in question resets their passwords quickly but even if they don't you've still limited potential damage to the one site. If you use a password in more than one place suddenly every one of those places is vulnerable if only one of them gets breached.

2. Use long passwords

As Darren put it,  don't be low hanging fruit. The longer it takes to crack your passwords the less interested attackers become. Use LONG passwords as they're incredibly difficult to crack. If nothing else, if you're using a 10 character password now, make it a 20 character simply by typing it in twice. 

3. Turn on two factor authentication

Obviously not all sites offer this but if they do, use it. That way even if they get your password somehow they have to go to the extra trouble of cracking the other factor which is more difficult. Remember, it's all about putting in speed bumps. 

4. Sign up for an alert service

Darren recommends haveibeenpwned.com or similar to be notified when your email address is found in a breach so you can most quickly make changes to the account in question, especially since services have been known to drag their feet on notifying exposed users.

5. Don't enter info you don't need to

Some people go so far as enetering fake birthdays, but it's good policy to only give sites the info you absolutely need to in order to make use of the service. Companies will always ask for more because they can personalize things, or sell the data to advertisers. But if you never enter the info in the first place no attacker can get it from that location.

Thanks all for reading! And if you're in the US, have a Happy Thanksgiving. If you're not in the US have a happy watching all the people in the US post about turkey Thursday.