open padlock

If you’re not concerned about your privacy, you’re not paying attention

Cross-posted from MomsRising.org.

I don’t know about you, but the past year has been a real wake up call for me about the importance of digital security. I used to think of hackers as bored teenagers showing off for their friends, or scammers sending viruses and spam to people by the millions. But today’s online outlaws are much more sophisticated.

Not content to just blast misleading links at us, elite hackers have started spear phishing. This is a tactic that sends an e-mail to an individual with unique, personalized information making it look very real, and convincing the user to click through to a website where they will enter their login credentials. Some hackers also use social engineering (not technology) to trick people into giving away critical information that can then be leveraged to compromise accounts.

Unfortunately, we need to worry not only about obviously sensitive information like bank accounts and e-mails, even seemingly inconsequential accounts can be exploited to provide an opening. Once a hacker gets into any of your accounts, be it iTunes, Etsy, or Pinterest, they can use that information to access other services.

The threat to our privacy is real, and we have seen that there are people who may target us and access our data not just for commercial purposes but for political use. People and organizations that are working for social change have every reason to be concerned about how our personal information, organizational data, and private communications might be used.

Good security is a pain to implement, but every inconvenience for us is an even bigger hassle for a would-be hacker. Start now from wherever you are, and make incremental changes to improve your personal and organizational security.

 

OK, Ruby, we’re terrified! What do we do?

There is always room for improvement of our security practices, especially as we learn more about the threats that are out there. Here are my recommendations for where to start.

 

More resources

 

Here’s your reward for making it to the end of this challenging post! Freak out and laugh and get down all at the same time with Ashley Black learning about digital security with the help of Talib Kweli and others, on Full Frontal with Samantha Bee (NSFW).

Lakoff's Taxonomy of Trump Tweets

Stop allowing a greedy, childish, narcissistic loser’s pathological lies to control the news cycle

The media is still continuing the same behavior that normalized Trump and allowed him to walk right into office with less qualifications than a 9th grade class president. They are helping Trump block out rational conversation about real issues by treating his insane tweets as real news. Yesterday they spent all day talking about his crazy “wire tapping” story! (It’s either totally invented or proof that a court found reasonable suspicion of him last year. If the latter, let’s talk about the many suspicious ties to Russia.)

Stop reading his tweets. Stop sharing his tweets, even to criticize them. Stop treating them like they matter or like he matters. He is an unhinged loser and a complete puppet of the White supremacist Steve Bannon. Stop acting like his childish rants are the most important news of the day.

Great reminder from my favorite cognitive linguist George Lakoff:

Remember: @realDonaldTrump’s use of Twitter is strategic.

Trump Tweets

Just another reminder that the companies that profit off our content and relationships give no fucks about us

Screenshot from a friendSo my Instagram account got hacked early last week. I’m not sure when. I found out when someone sent me this screenshot on Tuesday showing my photos with a different profile, which seemed to be marketing porn.

I submitted support tickets to Instagram on Wednesday and again on Thursday but never got any reply. Strangely, a few other friends said that they were also hacked this week! But they were able to get access back in less than a day after contacting support.

Finally, I used a professional network I’m in to see if anyone had contacts at Instagram. This connected me to someone, but he was on vacation! After I bugged him, he eventually connected me to someone else, and she was able to get my account restored on Saturday afternoon. They are both political staff there, not the help desk.

I still don’t know how it got hacked so I don’t know if there was a breach at Instagram or if someone got my password. I would very much like to know, and I also find it unacceptable (but sadly not surprising) that their tech support didn’t even care to reply to me or to stop a malicious hacker compromising their platform.

This whole thing caused some unpleasant flashbacks to The Great Hack of 2013, but my security is much better now because I use truly random, computer-generated passwords (and a password manager) and I always utilize multifactor authentication when it’s an option. So I immediately changed a few passwords that were overdue anyway, but I don’t see anything else suspicious on other accounts. Still keeping a watchful eye open…

“Aberrations”

So many import and disturbing updates in Micah Sifry’s latest First Post at Civicist: Aberrations.

This point from Evan Osnos in The New Yorker probably freaked me out the most:

“Since Election Day, Trump has largely avoided receiving intelligence briefings, either because he doesn’t think it’s important that he receive them or because he just doesn’t care about them. George W. Bush, in the first months of 2001, ignored warnings about Osama bin Laden. Only in our darkest imaginings can we wonder what warnings Trump is ignoring now.”

Also, I learned a new word “Americanism.”

The Real Voter Fraud: How Trump Used Facebook to Suppress Voting

This is the story of how the Trump campaign used data to target African Americans and young women with $150 million dollars of Facebook and Instagram advertisements in the final weeks of the election, quietly launching the most successful digital voter suppression operation in American history.

Throughout the campaign, President-Elect Donald J. Trump shrewdly invested in Facebook advertisements to reach his supporters and raise campaign donations. Facing a short-fall of momentum and voter support in the polls, the Trump campaign deployed its custom database, named Project Alamo, containing detailed identity profiles on 220 million people in America.

With Project Alamo as ammunition, the Trump digital operations team covertly executed a massive digital last-stand strategy using targeted Facebook ads to ‘discourage’ Hillary Clinton supporters from voting. The Trump campaign poured money and resources into political advertisements on Facebook, Instagram, the Facebook Audience Network, and Facebook data-broker partners.

Source: How the Trump Campaign Built an Identity Database and Used Facebook Ads to Win the Election – Startup Grind – Medium

Drupal is crazy

Let’s do Drupal!

Following up on the very basic intro to Drupal class I created and taught for Girl Develop It RDU in the spring, I am now offering a half-day workshop for beginners who actually want to start getting their hands dirty using Drupal. The class is this weekend and we still have a lot of spaces left, so if you or someone you know is interested in getting a better understanding of Drupal, please let them know and share this link: meetup.com/Girl-Develop-It-RDU/events/232604888/

My slides or “curriculum” (such as it is) are available here: bit.ly/gdirdu-drupal. If you would like to adapt them for other noncommercial uses, please let me know and I will share an editable copy.

GDIRDU circle logoDrupal Development_1

In which I fail to cheer for @Jack’s return to #Twitter

A lot of people (well certain people) have been fussing about Twitter co-founder Jack Dorsey returning to the company as it’s new CEO. While I think he’ll easily be better than his predecessor Dick Costolo, I see no cause to celebrate.

The magic in Twitter has always been the connections between people and the ability to grow and connect communities of people. The Arab Spring is the most famous and impactful example of this, but “Black Twitter” is a more current illustration. It’s a large and decentralized community which is having a real impact on people’s lives through connection, cultural critique, and shining a light on police brutality via #BlackLivesMatter.

Today I followed a link posted by an old Twitter friend. It was a collection of reactions of “Twitter influencers” to Jack’s return. They were all white, a couple were my friends. Responses ranged from “we’ll see” to “Jack is my BFF.” There was not a single concern raised. It should come as no surprise that all of the white, male CEOs of Twitter were hired by a board which is itself nearly all white men (with the exception of a few Asian men and one very powerful woman).

Twitter has been making moves to try to compete with media companies (and Facebook) by pushing big news and events, memes that trend via their mysterious algorithm, and celebrity tweeters. This ground has been covered and there will always be someone who does that better than them. Twitter’s unique value proposition is the ability to find and directly connect with real people who you don’t already know but who add value to your life. To be a participant in a movement (whether it’s for democracy or your favorite TV show) rather than just a consumer. I have rarely seen Twitter’s corporate policies show that they understand or appreciate this value. In addition, their continuing lack of interest in doing anything serious about the pervasive abuse of women online further shows that they just don’t care about us, the users that give their platform meaning.

So I wrote a few tweets about this, but it’s hard to convey the complexity and the importance of this in 140 characters so I wanted to expand in this blog post. If you share my concerns, I’d appreciate a retweet or other show of solidarity.