Posting Security ID’s in Social Posts

Tags

With the changes in the world following the pandemic and the opening up of job roles, there has been a rise on the number of people changing roles and jobs which have been reflected on Social Media such as LinkedIn/Twitter and possibly other social channels. One of the biggest trends I have noticed is the posting of security passes and work ID’s to show that the person worked at their current employer and the dates/times that they have been at that company.

Whilst this may make the person feel good about their move, they have most probably breached a security policy within their existing/old employer by posting their full pass online. With modern technology its easy to replicate the pass and then try and gain access to a companies office.

A quick search for the word Security Pass on LinkedIn shows a huge amount of passes that can be easily replicated and used by others to breach a companies security boundaries

Best practice is not to post this type of document on social. The last contact from your old company might be through a lawyer!

Data Fellowship – Passed

Tags

, ,

Back in February 2021 I wrote a short blog about a Data Fellowship apprenticeship that I was beginning. Today that journey came to an end when I received notification that I had passed the final parts of the course, exam, projects and interview. This means that I now hold a qualification and am awaiting my certificate as BCS Data Analyst (level 4).

It has been a long journey to completion, but each stage has been an adventure and one that I have enjoyed working through.

For this I have had to complete a set of courses and assessments through a training provider and BCS which included:

I am now planning my next learning adventure.

Sign Up and Forget Culture

Tags

Have you ever visited a website that you have signed up to and created an account and then never used it again?

There have been a number of stories appearing recently that highlights a growing problem with the abundance of services and account sign ups on the internet. The story I will focus on is about a home owner who found a car parked on her property that she knew nothing about. The outcome was that the landlord had signed up for a carparking service a few years back and never cancelled it.

Mum’s fury as driver ‘parks car on her driveway for Birmingham Airport’

Mystery solved into holidaymaker parking car on furious mum’s drive for Birmingham Airport

Over the many years of the internet how many services and pages have you signed up to and have subsequently forgotten about as you have moved onto other services or simply not used it in a very long time?

GDPR is there to protect and ensure data is up to date and correct, but is it really being applied to accounts on systems. There does seem to be a lack of reminders or removal of accounts that have been dormant/not logged in for some time from systems.

You will probably have key accounts that you maintain and use:

  • Daily – such as Social Networks, Shopping, Banking
  • Monthly – such as Utilities (Water, Gas, Electricity)
  • Yearly – such as HMRC/ Inland Revenue for a Tax Return

What else have you signed up to and then not used? Forgotten or unused accounts could pose a security threat to your identity. A good way to see if your details have been gathered by hackers and being sold is through the website Have I been Pwned. https://haveibeenpwned.com/

My Top 5 recommendations to consider when creating an account are:

  1. Think about the system/service you are signing up for. Is this a one off transaction or something you will use on a regular basis.
  2. Use a password management tool to help you track all the sites you use and have accounts on and review this once a month or every couple of months.
  3. Consider cancelling/deleting accounts that you no longer need.
  4. Use different passwords on different systems. A password management tool will help.
  5. Check your emails for changes to accounts/terms and conditions on systems you haven’t used in a while.

Data Fellowship – BCS Level 4 Certificate in Data Analysis Tools

Tags

, , ,

I know that I haven’t posted into my blog in a while. Mainly because I have been busy with my Data Fellowship and a few other things. Recently I have been studying for todays exam “BCS Level 4 Certificate in Data Analysis Tools” – QAN 603/0824/2.

The ability to still take exams at home (under exam conditions), is a bit more relaxing than having to take a journey to get to an exam centre, but still just as unnerving as you complete and press the end exam button awaiting the mark. The ability to take exams at home, still under the same conditions with cameras on and screen shared does open the ability to obtain qualifications up to more people and fit them in better around a normal working day.

The objectives of this part of the course/exam are:

  • Explain the purpose and outputs of data integration activities
  • Explain how data from multiple sources can be integrated to provide a unified view of the data
  • Describe how programming languages for statistical computing (SQL) can be applied to data integration activities, improving speed and data quality for analysis
  • Explain how to take account of data quality when preparing data for analysis, improving quality, accuracy and usefulness
  • Explain the nature and challenges of data volumes being processed through integration activities and how a programming approach can improve this
  • Understand testing requirements to ensure that unified data sets are correct, complete and up to date
  • Explain the capabilities (speed, cost, function) of statistical programming languages and software tools, when manipulating, processing and cleaning data and the tools required to solve analysis issues
  • Explain how statistical programming languages are used in preparing data for analysis and within analysis projects

Source: Syllabus

Exam passed and now on with the final submission of my Project Portfolio and Synopsis Project.

Using the best of the Q Continuum

Tags

,

Everyone should have heard of / used the term IQ in relation to Intellectual Quotient or EQ in relation to a person’s Emotional Quotient Which is measured using a standardised set of tests to measure human intelligence. A Quotient is the degree or amount of something.

If you were looking for something on the new series of Picard and Q sorry, however I am looking forward to watching it. The use of Q (Quotient) today can now be used to measure a range of things from Body to Managerial and there is a Q for most of the letters in the alphabet. Below are some of the key ones to be aware of

AQ – Adversity Quotient is used to show the ability of a person to deal with adversities in their life.

BQ – Body Quotient is used to show your whole-body health.

CQ – Cultural Quotient is used to show and improve effectiveness in culturally diverse situations.

CQ – Curiosity Quotient is used to show how powerfully motivated someone is to learn about a personally interesting subject.

DQ – Decency Quotient is used to show how a leader has the genuine desire to do the right thing and wants something positive for everyone. Ensuring everyone feels respected and valued.

EQ – Emotional Quotient is used to show the ability to perceive, use, understand, manage, and handle emotions.

IQ – Intellectual Quotient is used to show a person’s intelligence using a standardised set of tests.

MQ – Moral Quotient is used to show understand right from wrong and to behave based on the value that is believed to be right.

PQ – Physical Quotient is used to show self-awareness and how well attuned you are to your physical wellbeing.

SQ – Spiritual Quotient is used to indicate spiritual parallels with IQ and EQ

There are many others, some not as mainstream within people’s knowledge. There are many articles around each of the Quotients and which make a rounded person. For me its all of them:

AQ + BQ + CQ + DQ + EQ + IQ + MQ + PQ + SQ = Well Rounded Person

Below are 5 Self Reflection questions to ask yourself

  • After reading the list above how many of these are you aware of?
  • Which of these do you use today?
  • Which will you use going forward?
  • Which is your strongest quotient?
  • How will you bring all your quotients up and be aware of them?

Importance of Regular Screen Breaks

Tags

I can remember sitting in class and hearing the teacher saying “Hemingway! Stop day dreaming and looking out of the window!”. Forward many 10’s of years to the weekend just gone and my optometrist saying, “Mr Hemingway, You need to look out of the window more!”

Sitting in front of a computer screen all day has caught up with me. Especially driven in recent times with video calls.

So why look out of the window more, Meibomian Gland Dysfunction (MGD) is when the eyelid glands don’t produce enough oil to stop the watery layer of the tears from drying out. You don’t blink as much when your looking at the screen for a long time. There are a lot of other factors that can play into or cause MGD, however screen time is the most likely for me.

I have a mild case which is treatable with a warm flannel or warmed Eye Bag and some gentle massaging eyelid to help release the tears as its been caught early enough. If left and nothing done could become more serious in time.

The exercise I was given is a 20:20:20 – look out of the window every 20 minutes at something more than 20 yards away and blinking 20 times.

Taking regular breaks is a must, even if to look out of the window regularly.

A timer on the desk now counts every 20 mins so I can get a reminder when head down in a screen concentrating.

Repairing Mobiles just got easier

Tags

How many people drop a mobile and crack the screen every day? In 2017 O2 reported that around 7.5 million people have a broken screen. Today I suspect that this is a lot higher today.

Screens are one of the most the in demand repairs that are carried out today. In some cases the phone can only be repaired by a manufacturer or authorised repairer. Cost is always a factor and some look for cheaper options or the ability to repair it themselves.

The ability to purchase spare parts for mobiles has been available for a long time from online places like eBay and manufacturers have found ways to stop the home repair and unauthorised repair markets such as by adding in device ID’s onto each hardware component and tying these to the main board so it stops working once you swap a part out.

Things are changing with Apple now announcing the ability to soon purchase spares from Apple Repair Shops with 200 parts available for the iPhone 12 and 13.

This is a great move towards the goals of sustainability as devices will be able to be repaired more easily and the broken parts can be returned to Apple as stated in their announcement – “Following the repair, customers who return their used part for recycling will receive credit toward their purchase.”

Online forums and videos have made repairing devices easier as you can follow a set of instructions or watch someone else doing it. An example of a repair video Apple Broke iPhone 13 Screen Repairs.

The better part is that the parts can come with a manual to help you repair, which will provide an official way to do this.

With the drive to be more sustainable and pressure mounting on recycling techniques and sending items to land fill companies are providing better ways at recycling. The Royal Mint is building a smart phone recycling centre to extract metals such as gold from phones.

It would be good to see other manufacturers allowing the ability to repair devices by providing spares.

So is it easier to repair a phone? It will be easier to obtain parts and instructions, however repairing a phone is still a challenge due to the many connectors and cables between the boards and components together. Care is needed if undertaking this as you may cause other damage during the process.

Further Reading

Looking at upcycling a mobile phone

Social Engineering on Social Media

Tags

,

Opening my social feeds this morning for a quick browse over a cup of coffee and some toast, it doesn’t take long of scrolling down to find a post asking “What was the first car you owned? No Lying <laughing emoji>”. This post has 61k likes, 959k Comments and 8.4k shares and was only posted on 9th August. And people wonder why they get hacked.

Password systems for a long time have used a similar set of questions as they are usually easy to answer and remember, because they were life events. Questions such as:

  • What is your mother’s maiden name?
  • What is the name of your first pet?
  • What was your first car?
  • What elementary school did you attend?
  • What is the name of the town where you were born?

These types of social engineering data gathering posts are nothing new, but it would seem that people do not understand the greater risks around answering them.

With the large amount of data appearing on the dark web for usernames and a persons details (even if they don’t contain passwords) matching this data with the answers from social posts such as the one above gives a potential hacker more information about you. They now have the ability to reset your password using the answers you have provided to the security questions and take control of your accounts.

How many of you reading this post have answered the question similar to “What elementary school did you attend” or anything to do with education, but forgot that the same information is already lurking in your LinkedIn profile?

One way to check if your in any data on the dark web is to check using your email address at a service such as https://haveibeenpwned.com/

If you see a family member or friend post these types of questions on social media, it may be worth a conversation with them to advise of the dangers of such posts and the consequences of social engineering.

Tips to stay safe

Here are some tips for staying safe with your identity.

  • Don’t answer these types of posts on social media, even if its a friend who has posted it.
  • Check your not using an answer to a security question that is already in your social profile.
  • Use fictitious information instead of real information, but something you can remember.
  • Treat these answers like passwords and think about adding complexity to them.
  • Use two factor authentication where it is available on a system.

Further Reading

BCS Fellows Technical Advisory Group (F-TAG)

Tags

,

I am both excited and honoured at the opportunity to be part of the first cohort for the BCS F-TAG (Fellows Technical Advisory Group). Looking forward to participating and helping to lead bringing my experience and knowledge as part of this group.

Aim of the F-TAG

BCS’ Fellows Technical Advisory Group (F-TAG) is a diverse selection of experts who will distil insights on cutting edge technologies to benefit the entire BCS membership, the wider industry and ‘UK plc’; F-TAG complements the work of existing boards and groups. Source.

F-TAG is made up of 25 BCS Fellows selected from diverse demographic and professional backgrounds; their expertise ranges from software testing to smart homes. Source.

Find out more at : https://www.bcs.org/policy-and-influence/bcs-fellows-technical-advisory-group-f-tag

F-TAG Members: https://www.bcs.org/policy-and-influence/bcs-fellows-technical-advisory-group-f-tag/f-tag-members

Online Meetings – Be yourself!

Over the past year and a bit the world was forced online more that it was before and meetings in the most case became video calls. Some loved it and excelled, some we okay and some shy’d away from the camera completely for a number of reasons.

So not everyone wants to be in front of a camera and not everyone has a film studio set up and is broadcasting from their kitchen table – That’s okay. You use what you have to do the best that you can do. So what can you do to help yourself look better on the calls.

Be Yourself!

Most importantly is Be Yourself.

Relax. You are not presenting the news or interviewing a top senior official (Unless you actually are of course).

Be confident and have a positive mindset.

If you are camera shy, consider joining on camera to do the introductions, then turn the camera off.

Meetings will have a bigger impact when your on camera as your audience can see your reactions and expressions just as though you are in a face to face meeting.

Contribute to the call. Don’t forget to contribute to the call. That’s why your there.

Treat each call as a face to face meeting, it is but using video instead.

Reduce any distractions so you concentrate on the call in hand.

Lighting

Try not to sit with a window directly behind you, especially with the sun shining as this produces a halo effect around you which does not look good to others on the call.

If you can’t move and don’t have blinds or curtains, then consider bring some light in front of you to counter balance the light behind you. You will need to do this even if you are using an in call backdrop.

Search for “led video light” on somewhere like Amazon for some good options. It doesn’t have to be expensive.

If you are using your phone to make calls, consider an “LED Selfie Light Stand”.

Camera

Knowing where your camera is on your device is important, it can make the difference between the audience looking up your nose and seeing your face at a good level.

Clean the lens. It can make a big difference, especially if you are using a phone.

If you are using a laptop and have an external keyboard and mouse, consider using a laptop stand to raise the camera or even an external camera on a stand to get a better shot.

If you are using a mobile, consider getting a stand for it if inside so you can keep the camera steady.

Microphone

Also knowing where your microphone is on your device is and setting its sensitivity can ensure that you are heard okay and reduces any other background noises in your environment. Headsets with mics often have a mic set to only pick up the wearers voice only.

If you have an external mic, consider a windshield or pop shield to help reduce background noises.

This can mostly be controlled via your operating system device settings or for external mics and headsets the appropriate software/drivers may have options.

Remember your microphone has a mute option in the video calls.

Speakers

Software in devices is very good at stopping feedback where you hear yourself speak on a call and the microphone is picking that up and replaying in over the top. Some people prefer to use an headset with inbuilt mic so they only hear the call in the environment you are in.

Background

Most of the main video calling platforms now have the ability to place backgrounds behind you so the audience can’t see the area that you are calling from.

When using these it is important to remember that the software is using your camera to cut around your image and display the background behind you, so if you want to show something on camera, it may struggle and you may have to turn off your background to do this.

Test it out

Once you have a set up you are comfortable, test it out. There are options on most of the video calling platforms to do this, or set up a call with a colleague or friend to test out the set up and get some feedback.

References

Dr Lucy Rogers has produced a set of videos that were for her students, but would help anyone looking for some advice.

Speaking to an Online Audience – Tech
https://www.youtube.com/watch?v=iaKATPbrNhc&t=44s

Speaking to an Online Audience – Voice
https://www.youtube.com/watch?v=3j9TgUh8bQE&t=33s

Speaking to an Online Audience – Content
https://www.youtube.com/watch?v=4TezFfYyXjo&t=180s

Speaking to an Online Audience – You!
https://www.youtube.com/watch?v=ilzhziTdHSk&t=33s