All posts by Josh

Computers, Poker, Soccer, NFL, Tennis, Money, Work, Pleasure, Rock Music and lots of scary films... Just some of the things that I love. Hopefully gives you an idea what type of geek I really am!

Googling Yourself – It’s really not that vain…

Have you googled yourself recently? Have you googled the name of your business?

Some people reading will be thinking “well, of course I have!” and others may be more along the lines of “Hmm, no, I’ve never needed a reason to”. Well, your name is your brand whether you’re a small business, big business, or an individual person getting by in life :)

Something happened this week that was simply weird, and highlights why you need to Google yourself, today (right now. Seriously, why are you still reading this?)

Living in North London, I’d noticed a new BBQ style restaurant called Brisket by Finsbury Park and had been interested to try it out for some time. This week, I finally decided to go for it, so googled “Brisket finsbury park” to find the website. The top link came up as http://www.brisketbbqkitchen.co.uk/

BBQ Brisket Web Page May 2015
BBQ Brisket Web Page May 2015

Looks pretty basic but does the job. Social links for some reason only go to facebook.com/twitter.com rather than the actual social accounts (which do exist), but the Menu works, there’s opening times & maps and all information someone would need before visiting!

Great – The menu looked awesome but most importantly, their opening times suggested they were open on Thursday evening…!

On turning up to the restaurant, I was very surprised to find that it was closed. It had been closed all week (though there were people inside)! – I called the number from the website and got through to the manager inside who casually informed me that they are closed preparing for a new menu. I asked why they wouldn’t update their own website to say they were closed, and this is where things got super weird.

The manager informed me that they don’t have a website. Huh? What? Now that was a confusing thing to hear. I explained I was outside and had the website on my phone, so he came out and I showed him the site. He confirmed:
1) It is the right phone number
2) It is the right location and name
3) It was a fake logo
4) There was a fake email address
5) It wasn’t a website anyone involved in the restaurant has created

This is by far a very abnormal situation, but let’s take a look at how this might have happened
– Maybe the owner created this long before the current manager was hired, and then forgot about it?
– Maybe there is a scam going on… Someone sees a new restaurant, registers the domain and builds a basic website to build up traffic and increase SEO ranking, and then if the restaurant gets popular, blackmail them into paying or doing something nasty with the website if not..?
– Any other ideas? I guess I could have been lied to, but I have more faith than that!

Ok, so now lets get a bit more technical and do some digging. I’ve checked the contact details of the person who registered the domain and we see this:

Brisketbbqkitchen.co.uk whois data
Brisketbbqkitchen.co.uk whois data

This gets even stranger as while http://www.mtiwebdesign.co.uk/ is a real company (that registered the domain), the address is some random residential address and the name Adam Carter, is from the TV series Spooks. Creepy right?

Google maps image for MTI Web Design
MTI Web Design Head Office

What should Brisket do next? Well, they need to contact MTI Web Design, get the site shut down, and potential start a legal claim to get the domain back in order to be number 1 on Google. Alternatively, buying their own domain and building a good website, with good SEO, would have a similar effect.

People reading this may now still think that regularly googling their own name isn’t necessary, but seriously, the web is a big place – A lot happens on it, and there is a lot of history around your digital footprint. It’s becoming more and more common for employers to google staff names to see what type of digital world they live in, and if that brings up some nasty surprises you could find yourself out of a job!

In summary, make sure you start googling yourself! Pro tip: Use speech marks around your name and add some extra data such as location to get a more accurate result set. If you’re called “John Smith”, then you don’t have to worry too much, but searching for:
“John Smith” Leeds
Will narrow down the results but may bring up your Facebook profile if your location is public.

Happy Googling y’all!

Tweet me @thejsug !

Don’t forget online security!

Since my last post, I have seen quite a few instances of friends or colleagues getting hacked online including:
– Facebook account hijacks
– Email accounts compromised
– Passwords lost/changed and accounts locked

In one case, it was a severe hack which led to a professional business emailing out all customers with a link which then infected other businesses networks when opened! Online security is hugely important for businesses and for people, yet often forgotten.

Small to large businesses should invest in network security, but the realism is that this can be costly, and even when spending big numbers, you can get hacked (sorry Sony!)

North Korea hacks Sony!

As long as you don’t upset North Korea, or political activists, you’re most likely quite safe from a targeted and substantial attack such as the one above – However, there are a lot of automatic bots out there trying to hack the “little people”. End users (you and me) rather than businesses, are generally less secure and thus easier targets.

Most people are aware of the online dangers and do a few things to protect themselves, but all it takes is one email or one “accident” for a potentially serious and frustrating sequence of events. The purpose of this blog post is more of a few tips on how to keep secure online – Follow these and you’ll be much better off!

1) Enable 2-factor-authentication on Email accounts (if compatible, such as Gmail) and Facebook. This means you need a code sent to you via SMS to login… You can save computers so only need to do it once each time. If someone knows your password, they still can’t access your accounts without your phone this way!

2) Make passwords secure – It’s frustrating trying to remember lots of unique complex passwords with letters, numbers, lower case, upper case, symbols and who knows what else. The last thing you want to do is have something like a pet name as your password with a few letters changed to numbers though – This isn’t difficult to “brute force” guess by trying lots of combinations. There are tools to improve your online security such as Lastpass that can do the hard work for you, or you could use letters from phrases! (Don’t forget your password 4 ever would be Dfyp4e for example…)

3) Is that a link in an email? Uh oh – Never, ever, EVER, open a link from an email unless you verify it! It’s as simple as that. Sophisticated attacks can make an email look like your bank, facebook, your email provider, or even a relative or friend! If it looks like a serious email and you really think you need to click the link, CHECK! Either google the first line of the email (to see if this is a common hack), or call the person that sent you it to check it was genuine. If it was from Facebook, or your bank, go to their sites directly by typing in their URL in the address bar. Even if the link is to their website, it may be a phishing attempt (so it’s actually a spoof site setup to steal your details).

4) Is that a link in a tweet? Same thing as point 3. New hacking techniques include facebook or twitter messages from random people including shortened links that do the same thing – Steals passwords or installs viruses. Even if it’s from someone known, they may have been hacked. Always check first before opening! If Alan Sugar tweets a link randomly and tells you all to open it, he’s either been hacked, or he’ll most likely write some text before or after the link explaining what it is. If he posts another tweet after, it’s most likely genuine.

5) Install free virus scanners – There is no need to pay for anti-virus protection. While they can be great software packages to have, there are several free solutions which do jobs as good if not better than the most expensive ones (http://www.avira.com/en/avira-free-antivirus). F-Secure which is £40ish a year (or more) will provide adequate protection, but so will Microsoft for free.

6) Put a pin code on your phone, and tell is to request the pin every single time you take it off standby. It amazes me how many people do not do this (because it can be a little bit annoying). The fact is, if you had your phone stolen without the requirement of a pin, your identity could be stolen in about 2 minutes. How? Well, I imagine it’s sync’d with your email account, social logins and potentially even certain financial accounts (IG.com has saved login details in their app for example.. Terrible idea!)

The above 6 points are fairly obvious to some, and to others maybe something new – Just because you have anti-virus doesn’t mean you’re secure. Either way, follow those points and you’ll hopefully never have to deal with a panicky situation of a compromised account. Online security should be treated like your own personal home/car!

Anti-virus meme

ADDITION:

Paul Johnson correctly suggested that the safest passwords are actually full sentences including spaces. For example:
This is a very hard password to break

Not only is it memorable, but due to the length and punctuation it would be near impossible to brute force. The only problem is not all websites allow passwords to be this long (including spaces). That adds to the complexity of the situation, though something to bear in mind! For those sites, it may be worth using the first letter of each word (and including some numbers of course).

Thanks Paul!

I have also replaced the recommendations for Microsoft Security Essentials with Avira Free-Antivirus (thanks Mike!) – Turns out Microsoft SEC has gone downhill the past few years!

Tweet me @thejsug !

Safer Internet Day #SID2014 – A Tech Perspective!

There are a lot of days in the calendar year where the general public are made aware of various worldwide issues, though from a personal view, Safer Internet Day (http://www.saferinternet.org.uk/safer-internet-day/2014/) is one of the most important as it affects us globally.

Safer Internet Day

While technology has evolved at an alarming rate since Apple introduce the first iPhone, there’s now a major disconnect between the law and what happens online. To add to the problem, not all parents/teachers/police officers actually understand what happens on the internet, and how to protect the vulnerable. According to the internet security company ESET (as reported by The Telegraph), 77% of parents bought their children an internet-enabled device last year, however only 45% of parents activated any parental controls or ani-virus software!

In my teens, I participated in voluntary leadership work at The Zone, a Jewish social club in North Leeds. At that time, Facebook didn’t exist, though kids were just starting to learn about the new craze “MySpace”. Back then, things weren’t so much of an issue as computers were limited to public areas such as a living room, with the family sharing one computer. With smartphones, tablets, netbooks and other portable devices however, children are becomning a lot more independant in their online activities, and while I knew about the threats to some level, working for 4 years at Crisp Thinking highlighted the real dangers online.

The Kids & Teens product sold by Crisp is a service which integrates with online environments that have young users (anywhere below 16, but mostly below 13). The software uses advanced profiling mechanisms to detect internet predators and as I used to say to the customers “Crisp can tell the difference between a child talking to a child and an adult pretending to be a child talking to a child” – Doesn’t quite roll off the tongue but you get the drift. What was a surprise for me is that while we did detect that type of activity, the most common type of abuse (at an alarming rate) was severe bullying and profanity… That may not seem bad for a lot of people used to the digital world, but remember, I said we were in environments which mostly targetted under 13’s!!

This post isn’t meant to scare you into thinking children shouldn’t have a digital life, but if left unmoderated and unmonitored, it is as dangerous as leaving your child in the middle of a bad neighborhood, alone. Would you do that? No. Would you educate your child into not being in that situation in the first place? Of course you would – Though for some reason, that hasn’t yet translated into the same online.

To make matters more difficult, if you restrict your child’s internet usage, you’ll likely be seen as the big bad wolf removing toys for no good reason (in the child’s view). Equally, if you watch everything they do, they’ll start to use acronyms and codes to get around being detected (you won’t believe how smart kids are today.. here’s some common acronyms and believe me, you’ll be surprised: http://www.noslang.com/top20.php).

What’s the solution? Education! Talking to a stranger online is still talking to a stranger – I imagine that’s something you tell your children not to do, and this should be re-applied to the online world too. Teaching youngsters about online privacy is also important with the basic concept of whatever you do online is or can be public! If you don’t want your parents/grandparents to see something you’re doing online, then you really shouldn’t be doing it..! Ensuring your children are aware of the online dangers will mean that, in their own best interests, they stick to doing more safe stuff online such as playing games with only their friends, and if they do use social media, restricting privacy settings so randomers can’t message or tag them in public content.

It’s not an easy time to be a parent of a young teenager due to the threats in the online world, and the lack of knowledge around these issues, but it is crucial that they are not ignored. There have been too many cases of cyber bullying/blackmail/abuse which has resulted in tradegy. Facebook/Twitter and other online environemnts need to take more responsibility, but until the law catches up to figure out how they should do this, it’s up to the parents to find a way to ensure their children are safe online.

If you ever do find your children talking to someone older online, you can and should report them to CEOP: http://ceop.police.uk/safety-centre/

If you want more advice or recommendations on technologies that can help, feel free to tweet me, though here are some more pieces of content related to Safer Internet Day:

The BBC – Parents unaware of dangers faced by children on smartphones
Safer Internet Day – Advice for parents and carers
The Telegraph

Stay Safe!

Josh

Tweet me @thejsug !