Luke Lewandowski has been working in the IT sector since 1965. He keeps himself informed and relevant as the IT industry is constantly evolving. Since his retirement, he creates and manages websites for charities, not-for-profits, small businesses, clubs, organizations, and friends. He is currently managing 15 websites. He provides email list and distribution support to several clubs and organizations.
He is a Cruise Ship Special Interest & Enrichment Speaker for various cruise lines, speaking on different topics of general interest. Luke also volunteers for charities, not-for-profit organizations, small businesses, clubs, political parties and other organizations.
He has designed and implemented a security system, a tape archiving system and a disk space monitoring system. In the 1980’s, he helped clients to move from outsourced mainframe service bureaus to in-house, affordable IBM 4300 systems.
Transcription of presentation.
Our Speaker was introduced by Chris Finch.
*Please note that none of the examples from the presentation are recommendations. Luke strongly urges everyone to ask friends about their experiences to ensure that you’re getting the best program for your needs.*
Companies use psychometrics for marketing products and services to people in a targeted manner. In the old days, this entailed putting out many surveys in order to collect enough personal data to build consumer profiles. This process took a lot of time and money. With the onset of social media, an alternative was born. Researchers found that you could build highly detailed and accurate personal profiles by analyzing people’s activity on the internet. For example, with 68 likes, researchers can predict with over 85% accuracy the user’s skin colour, political affiliations, and sexual orientation. Big tech companies collect this information and sell it for a hefty profit. Facebook made $85.2 billion last year, and 97% of the revenue came from advertising. This information can, in turn, be used to send targeted ads, influence behaviour, and possibly cause harm to users.
If you’ve ever clicked on the box that says “I agree to all the terms and conditions” without reading them, you may have unwittingly given a big tech company access to your personal data. This data includes the standard information like your name, email address, and contacts, but also information on all of your phone calls, chats and texts, calendar events, search history, any videos you may have watched, and your political views! Some companies even collect audio data from your phone and other devices. When you agree to all the terms and conditions of using a service, whether or not you read the entirety of the terms and conditions, you give big tech companies the right to collect and store your personal data in any way that they choose without any recourse from you or any compensation to you. You may even find your Facebook photo in an ad and no one would have even had to tell you about it.
While sometimes it may be neat or even useful to have products targeted directly to your needs and desires, there are definitely some risks with having your personal data so readily available to the world. All of this personal data is a magnet for hackers who can endanger your finances, put your identity at risk, and threaten the security of your friends and family. Even small towns have been held up by ransomware for tens of thousands to millions of dollars. A city in Texas refused to pay the $4,000,000 ransom, and they lost all of their police files dating back to 2009.
Luckily, there is a swath of tools available to protect your personal data. First of all, you need a strong password. This password should be easy to remember for you but hard for others to guess. Password strength is directly proportionate to password length. Also, make sure that you’re not using the same password to log in to every website. If you have a hard time remembering more than one password, you can use a password manager such as LastPass, which will generate and remember strong passwords for you.
However, people could always learn your password, so Luke also highly recommends opting in for two-step verification and/or security questions if it is available to add another layer of security. The strongest way of proving who you are is by using biometrics to log in to your devices. This is usually through facial recognition or, more commonly, your fingerprint which is now used on a lot of smartphones. Even if someone steals your phone, they wouldn’t be able to access your data. You can also see what data a company already has on you. For example, you can download all the data that Google has about you by going to takeout.google.com!
You can also do a privacy check-up on all of the social media platforms you use to update your privacy settings to ensure you’re only sharing what you want to share. This process can take a lot of time but is worth the effort.
To further protect yourself, consider:
- Downloading an Antivirus program like Norton
- Using a Malware Software like Malwarebytes
- Paying for a Virtual Private Network (VPN) like Name Cheap to hide your real physical location and browse anonymously to avoid logging, storing, and tracking activity. You should never use a public Wi-Fi connection without a VPN.
- Using a private browser (e.g. Incognito mode on Google Chrome) to keep all browsing data private.
- Search using a private search engine to avoid having your data collected and tracked. Luke recommends DuckDuckGo.
- Using a private email service (e.g. Proton). Free email like Gmail or Yahoo collect information from your emails.
Finally, you can delete all of your data! In 2018, the General Data Protection Regulation (GDPR) declared that companies must report personal data breaches to regulators within 72 hours and that users have control over their personal data. This means that you can tell Google to remove any mentions of you in their search results. You can also delete all of your accounts and all of the data that they have on you. While this isn’t a law in Canada yet, many companies are trying to stay ahead of the curve. There are even websites that can help you live without any Google accounts and still use the internet effectively.
Luke kindly has all the resources, references, and links from this presentation available on his website to download. He also offers high-level consultant services to help protect your personal online data.
Check out his website:
Luke’s email address is: email@example.com
Bill Hooker thanked the speaker for his excellent and thought provoking presentation.
Q & A Transcription
Question from Douglas Filipenko: If Malwarebytes is “free” – who is paying for it?
Answer: Yes. Malwarebytes is just a question. Malwarebytes is a class of software, it’s called a freemium. There’s always a free version, which is very limited, and there is a paid for version. The difference between the free version and the paid for version, is that the free version doesn’t run all the time. For the free version, you have to say, “oh, I guess I better check to see if I have any malware on my computer.” So, you run Malwarebytes, it does an analysis of the computer and reports that there’s no malware, or “here’s some malware, you better get rid of it.” The paid for version is running in the background all the time. So, it stops malware from even coming into your computer. So that’s the difference.
Question from Jack Zaleski: Does using a VPN slow your computer and/or internet access speed?
Answer: The answer is yes, there is a latency but you will not notice it. I connect regularly to Australia; I had to connect to Australia to watch the Tour de France. I didn’t notice any latency at all in the videos or the audio. Unless you’re running on like a terribly slow internet connection, like one megabit per second. We’re up in the gigabytes per second now. So, the answer to that question is it slows you down but you will not notice
Question from John Sullivan: Was your first example (Economist) also a malware due to the extra “e” in the address?
Answer: No. In my first example, the email address was e.economist.com. So, the thing to look to see if it’s a legitimate email address is called the primary domain. That is the thing before the .com. So, for example in the address A.B.C.D.com, D is the domain name. So, in the first example, the domain name was Economist.com. and they had a sub domain called E (e.economist.com). So, for example, my website betterpresentations.ca is my domain, I can create a subdomain called cruiseship.betterpresentations.ca. So, if you get an email from for example, firstname.lastname@example.org, that’s coming from me because it’s a subdomain of my domain. So, my first example is not malware.
Question from John Sullivan: I have used a previous address where I lived. It has capitals and numbers.
Answer: Cool, good password. That’s interesting!
Question from John Sullivan: It may not take 5 million years to crack it – it may get it sooner in the process?
Answer: In some of the examples I used, it said that it would take 5 million years to crack a password. That’s on average. I mean, the computer may crack it in one go. It’s unlikely, but it’s not impossible. So, you’re right. It doesn’t necessarily take the longest time that I give to crack a password. It’s somewhere between one nanosecond and 5 million years. Absolutely right. But on average, it’s going to take a long, long time, and it’s going to be very hard to guess it the first time around.
Question from Alain Boisset: Is Wi-Fi at home a VPN
Answer: No, it’s not. Your Wi Fi at home is a local area network. It’s a network that goes between all the devices in your house to your router. Your router connects to a server. So, a VPN doesn’t connect to the Shaw server or to the Telus server or to the Bell server. Your VPN connects you to an Australian server or a German server or a South African server. So, Wi-Fi is not a VPN.
Question from David Chandler: using your password advice, how long is it practical to make your password?
Answer: I would say 12 characters minimum. Because that’s where the password strength goes from like 34 years to like 10s of 1000s of years. Sixteen if can remember it, but 12 is the minimum.
Question from David Mallory: Is deleting browser history useful?
Answer: Yes, until the next time you get on your browser. You’d have to do this every time. Now a lot of browsers have a setting that says “when I exit the browser, automatically delete my history.” But I don’t know about you, but I keep my browser running all the time. With my desktop, I never shut off my computer, it goes into sleep mode. So, my browser is running all the time. So yeah deleting browsing history is useful in terms of reducing the amount of storage you’re using on your devices, but it’s not that useful in terms of protecting your privacy and preventing your browsing history by being from being collected, stored, and used.
Question from Michael Jacobson and Doug Hoswill: Where does one find a VPN? Can you recommend a VPN to use?
Answer: Just search online for “free VPN”. Be careful of free VPNs. As I said, free VPNs usually give you access to two or three countries. I use a VPN called NameCheap, pretty simple. I’m not recommending it, do your research, it costs a buck a month, I got a deal, it may be up to like a $1.50/month now. So, that’s one option. There are thousands of VPN systems available. A lot of the problem with free VPNs also, is that you’ll be inundated with ads using the free version. So, talk to a friend that is using a VPN and that has used them for a while and see if they’re happy with it. That’s what I recommend in terms of using VPNs.
I’ll tell you one more thing about free VPN systems. Some of the free VPN systems get in the way of some of your apps. So, for example, I’ve used free VPN systems, and all of a sudden, online banking doesn’t work. Or all of a sudden you go to a website, and you know, a video doesn’t play. So, you got to be careful. One VPN I used, which was free, I couldn’t print. So, I had to turn off the VPN in order to print on my on my printer. So, VPNs sometimes get in the way. I have had no problems with the NameCheap VPN by the way, all the apps work, printing works, everything’s fine. Now that may be because I’m paying for it. Not much, but am paying for it. So, my advice on VPN, as somebody. Advice on malware, ask somebody, your friends, if they use that. Advice on password management systems, ask one of your friends if they use one, and if they’re happy with it.