Famous former black hat, Hector Monsegur, gives us the lowdown on how secure we really are (or aren’t). A troubling conversation with a very cool dude.
Hector Xavier Monsegur is a security researcher and Director of Assessment Services at Rhino Security Labs. He was also once a notorious hacker and hacktivist. We don’t get much into that story, but if you’re interested—which, c’mon, you are—you should check out his appearance on Charlie Rose. Don’t worry though: you don’t need his bio to enjoy his style.
- Interested in security-focused operating systems? Check out Tails, Qubes, and HardenedBSD.
- Though the changes won’t go into effect until December 2017, the U.S. Senate did indeed vote “to eliminate privacy rules that would have forced ISPs to get your consent before selling Web browsing history and app usage history to advertisers.”
- Here’s a quick rundown of what Hector recommends you do to raise your security profile:
- Get your password policy right. Use strong passwords and don’t reuse them; get a password manager (preferably with local storage) if that sounds difficult. Enable two-factor or multi-factor authentication wherever available. And enable secondary passwords for your most sensitive or important accounts.
- Be mindful of what you share online, especially on social media. For example, photos often have metadata (time, date, GPS data) embedded. Make sure you’re not leaking this stuff unintentionally.
- Make sure you update your devices regularly, if not automatically.
- If you travel with a laptop a lot, you may want to invest in a secondary machine. Hector recommends a cheap Chromebook, which can be made pretty secure.
- Be discreet. Be sensible. This applies to real life as well.
- If you want to go the extra mile in data security, you’ll want to get yourself a physical 2nd-factor authentication key.
- Our anti-American intuitions were right: when it comes to both internet price and speed, we are the worst.
- Israel leads the world in tech security. They’ve even developed a technique to hack air-gapped networks.
- Conan the Barbarian (with and without commentary!)