This month's CyberAdvisor covers these four main topics:
Decentralizing from Big Tech
Essential iPhone security
Living with your VPN
Hacking smart homes
Big Tech is Too Much
It's been known for a long time - Big Tech is an abuser of enormous power and influence, an exploiter of privacy and personal information, and consistently clever in their dishonesty with the rest of society. And exhibit "A" for Big Tech's misbehavior has always been Google.
But earlier this year, Apple's new privacy policies forced Google's hand to reveal the extent of their data collection. Now we see how truly awful the worst of the worst is.
You can click here to see facts about the extent of Google's data collection practices. Still, in a nutshell, you'll find it's pretty much everything - including information unrelated to their products and information about your contacts.
If you use their products, Google knows:
what you look like
what you sound like
your beliefs
who you’re likely to vote for
your sexual tendencies
your financial status
your health condition
In addition, they know where you are, where you’ve been, and where you will likely go next. Google also controls all your ‘content’ – pictures, videos, audio files, and documents. And, if they don’t like your content, they can unilaterally lock you out.
These data collection practices store enormous volumes of data subjected to algorithms and AI software for analysis and engineering. With goals of maximizing their power and profits, Google, in turn, shows you the internet they want you to see. All this, conducted by unaccountable parties holding your data for an indefinite time. Such is your contractual agreement using Google's products.
Google even scans the emails of non-subscribers who send emails to Gmail accounts. These are people that have not signed up for Gmail, yet their information is collected, stored, analyzed, and sold by Google.
“Google doesn’t care about protecting user privacy, they care about protecting their surveillance business model. If they really cared about privacy, they would just stop spying on billions of people around the world.”
DuckDuckGo earlier this year when Google finally revealed their data collection practices.
✓Google is a massive commercial surveillance system without accountability and with a consistent record of overreach and deception.
De-centralize Your Digital Self
Anyone concerned with privacy and personal security and desires some level of individual autonomy must recognize the stakes with Big Tech. Fortunately, individuals have choices and can take alternative actions that de-centralize from Big Tech's grasp and takes back a meaningful chunk of your digital life.
The obvious place to start with de-centralizing from Big Tech is with Google. And the most effective first step is removing the Chrome browser from your devices.
✓ If Google is a spider, Chrome is its web.
The chart below lists categories of data collection by each of the Big Three browsers:
"When you sync your Google accounts to Chrome, the data slurping doesn’t stop there. Information from other Google-owned products including its email service Gmail and Google search can be combined to form a scarily accurate picture"
“Why does a web browser need my financial data? I think that says it all really. I really struggle to think of a suitable justification for that.”
Security researcher Sean Wright, Forbes, May 20th, 2021
✓ For alternatives to the Big Three browsers, Firefox, Brave, and DuckDuckGo, do not collect or share any of your information.
Next, Delete Google Maps
Switching from Google Maps to Apple Maps is another key move to de-centralize from Google. When granular detail about everything in your life is coupled with location data, it's hard to exaggerate the potential repercussions from Google Maps' data collection machine.
So powerful is this data, Google has been caught time and again lying and covering up its location-sharing practices. The company even engineered Maps to fool users into believing they could control and disable tracking when in fact, the function is always on whether you're using it or not and without regard for personal user settings.
The chart below contrasts data collection practices for Apple Maps and Google Maps:
✓ For a leveraged effect when moving away from Google, delete its Maps apps from your devices.
Fire Your Gmail Account
I'm sure I sound like a broken record by now, but it stands that one of the smartest and most effective ways to de-centralize from Big Tech is by refusing to use their email accounts.
We call it 'privatizing' and believe nothing is more critical for privacy and security today than taking back your inbox from Google and other "free" email accounts.
When you privatize email, you regain ownership and control of your personal information - now considered the "new oil" and the most valuable commodity on Earth.
This chart compares data collection for the Big Three email providers:
We're big advocates for privatizing email as a primary strategy to avoid cybercrime and increase privacy, and it's one of the first things we do for a new client at TDS. More on private email, here, and for a deeper dive into why it's time to fire Gmail, here.
✓ For the long run, privatizing personal email is the most effective way to protect your privacy and personal information from Big Tech and avoid cybercrime and damages.
Cyber Risk with Smart Homes
How's this for a fact of the month?
Here is a link to the smart home story but as of today, it's still down due to InfoSecurity Magazine being under attack by hackers.
✓ Smart homes and offices are extremely vulnerable to hackers and cybercrime-related losses.
TDS's Managed Network Security service protects an entire network and all the connected devices from harm and anonymizes all internet activity for privacy. To test the security of your network, click ShieldTest.
Protecting iPhones and iPads
Last month we introduced a new security product that combines device protection with a VPN. Fittingly enough, it's called Mobile Protection, and this is the first time we've recommended security for iPhones and iPad.
It seems the timing is just right when looking at some of the headlines in July:
✓ Upgrade - If you are a client and haven't upgraded from Freedome yet, click below for Mobile Protection with VPN:
On VPNs
Speaking of VPN apps, yes, they still drive us crazy, and yes, we still use them every day. We hang in there because the benefits of anonymizing on the internet are so worth it.
From a business standpoint, VPN apps make no sense for TDS. They require a lot of support and can frustrate users. It would be easier to just drop them from our product line, but we love our customers too much for that.
The pain users feel when adapting to a VPN is derived from learning. Perhaps unknowingly, they are developing skills to think critically about their digital presence and engagement. I don't know of anything more essential to our business mission at TDS. So we'll continue to advocate and support VPNs for all our clients, and we'll continue to work with developers to make them work better and easier to use.
✓ A new link is on the support page with a handy VPN troubleshooting checklist titled "VPN won't connect? Here are 13 things to try."
Cybersecurity for Families
Congratulations to my friend Eddie Marshall, Global Head of the Dentons Family Office and High Net Worth sector, for publishing his book:
"The Family Office: A Comprehensive Guide for Advisers, Practitioners, and Students."
Eddie and I traveled the country together a few years ag presenting to family offices on cybersecurity. My contribution to his book is acknowledged for the cybersecurity expertise I provided. Eddie worked hard on this project, and I've always admired his work. Congrats Eddie! I just ordered the book on Amazon and will share some of it soon.
Microsoft exec: Targeting of Americans’ records ‘routine’
"Most shocking is just how routine secrecy orders have become when law enforcement targets an American’s email, text messages or other sensitive data stored in the cloud,” said Burt, describing the widespread clandestine surveillance as a major shift from historical norms."
June 30th - AP News
How to Make Your Web Searches More Secure and Private
"You might want to switch to a different search provider that doesn't log your queries. And if you want to stick with Google, there are ways to limit the amount of data that gets recorded.
July 11th - Wired Magazine
I'm Begging You to Use a VPN at Hotels
"Connecting to a public network is a risk anywhere—coffee shops, libraries, and airports—but hotels are one of the worst since hackers have so many possible targets using the same connection."
July 20th - LifeHacker
Home and office routers come under attack by China state hackers
"China state hackers are compromising large numbers of home and office routers for use in a vast and ongoing attack against organizations in France, authorities from that county said."
July 21st - Ars Technica
How to Protect Computers & Phones
"The FBI said in 2020, internet crime complaints in the U.S. were up 69%, and $4.2 billion was lost to online crime and fraud. $966 million of the total reported losses are attributed to senior citizens, with all the crimes taking place on their personal technology devices."
July 22nd - Total Digital Security
A PC virus is now attacking Macs – Here’s what to look for
"For as little as $49 a month, the Mac version of the malware can be purchased from criminals on the Dark Web. This poses a huge problem for everyday users, as the malware is capable of stealing usernames and passwords, taking screenshots, monitoring keystrokes or running unauthorized software."
July 24th - Kim Komando
On Digital Vaults - the safe-deposit box of the future
"A digital vault is a secure repository for sensitive and valuable documents and digital assets. Digital vaults are held on secure servers, in secure facilities, and off the cloud, but with cloud-like features like browser access."
Brad Deflin, founder and CEO of Total Digital Security, protecting private clients, wealthy families, and VIPs from cyber risk.
July 27th - The Bradenton Herald
Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees
"An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign."
July 28th - The Hacker News
Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers
"An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying ransomware on infected systems."
July 29th - The Hacker News
Why You Suddenly Need To Delete Gmail On Your iPhone
" ... a new update from Apple, combined with a privacy backlash this month against “creepy” mail tracking, should now be the final convincer for millions of users to delete their Gmail apps, ensuring that their data is not being secretly harvested.
July 31st - Forbes
The Family Office: A Comprehensive Guide for Advisers, Practitioners, and Students
"Family offices are private organizations that assume the daily administration and management of a wealthy family’s personal and financial affairs. Historically, these repositories of great wealth were shrouded in secrecy, their activities conducted behind closed doors."
Amazon Books - with contributions by Brad Deflin
For previous CyberAdvisor Letters:
To view Blog posts:
Total Digital Security, 7777 Glades Rd, Suite 100, Boca Raton, Florida 33434, United States, 877-643-6391