Tag: cybersecurity

Snapchat Ghost Mode – and how to protect your child from snap stalkers

Activism, Cyber Safety, Privacy, Social Media, Startups

Technology shifts and changes so quickly that it can be hard to keep up. Almost every day there are updates to your computers, “patches” to fix software, improvements to the apps on your phone and more. If you are like me, you’ll have automatic updates on so that these changes take place in the background – often overnight – so that when you turn on your device for the day – voila! – new improvements at your fingertips.

But not all updates are created equally – or with your best interests in mind.

A recent Snapchat upgrade added a new feature – Snap Maps. It’s a way to “view Snaps of sporting events, celebrations, breaking news and more from all across the world”. Sounds great, right?

But it’s also a way for you and your friends (or the general Snap user) to share your location with each other. So now, if you are wondering where your friends are and what they are doing, you can seek them out.

It’s super easy to use, just open the Camera screen and “pinch out” like you are zooming out from a photo and Snap Maps will be activated.

From the map you can see snaps from interesting locations and events as well as photos of people that you know or are connected to.

But isn’t that stalking?

It’s rather cool that you can see where your friends are. In fact, Google has variations on this functionality in its maps – and even had the standalone product, Latitude, until it was closed down in 2013. At the time, I had concerns with Latitude and with the data that we uncaringly share with the people who make our phones and create the apps we run on them – and so too do I have concerns with Snap Maps.

Don’t get me wrong, as a marketer, location information can be super useful. And as a person with friends all around the world, I get a particular kick out of knowing where my friends and connections are and what they are doing.

For example, I know my friend Suzanne is travelling in the US at the moment. Thanks to Snap Map I now know that she was just on Mariposa Street in San Francisco. No doubt checking out the local fried chicken shops.

That’s kind of fun. But as a consumer it makes me nervous.

We know that on social media, the concept of “friendship” is fairly loose. There will be a lot of randomness in your friend list – plenty of people who you don’t know, have never met, and probably wouldn’t invite to your home to stay for the weekend. Yet, you can trust them with your location, each and every second of the day.

A warning for parents

As adults, we can make choices about who shares our personal information, location and so on. But parents with children who use Snap Chat may not realise what has become available with the new Snap Map functionality. In fact, most parents won’t know that some children have open privacy settings meaning that anyone can “friend” and connect/share information with them without asking.

Imagine, for example, your child has a group of friends who use Snap Chat to share photos, chat and keep connected outside of school. Then imagine that there’s an incident – like some bullying or bad behaviour – a falling out of some kind.

Thanks to Snap Maps, all your child’s connections (including the bully) will know where your child is whenever they are logged in.

No doubt, parents have asked their children about their connections and “friends”, and have received assurances that “no, I don’t add people I don’t know” … but words and actions are sometimes strangers. In this video, Joey Salads conducts a Snap Map stalking experiment with the parent of a young girl. The results are compelling.

Turn on Ghost Mode to protect your Snap Chat privacy

The only way to stop your location being shared across your Snap Chat network is to enable “Ghost Mode”. You will be prompted for location sharing the first time you upgrade to Snap Maps, but you can also edit your privacy settings later.

If you have children, I’d recommend you enable Ghost Mode immediately. In fact, unless you’re confident that you know your connections well, I’d enable ghost mode on every device. Being location aware can be useful, but data sometimes reveals more than we expect – and there’s no reason for us to turn a blind eye to it.

Wordfence Launches Cyber Attack Activity Report

Blogging, Cyber Security
No matter whether you run a personal blog or a professional website, you will find yourself at some stage, the victim of a cyber attack. These cyber attacks, often referred to incorrectly in the mainstream media as “hacking” can take a variety of forms including:
  • DDOS – distributed denial of service attacks engage networks of computers to bombard your server with requests
  • Brute force attacks – where the attacker attempts to guess your login details usually using an automated system that can send hundreds if not thousands of requests very quickly
  • Malware / spyware – where a piece of malicious code is inserted into your system which allows another person (or a program) to take over your computer
  • Ransomware – where a small program activates on your computer, encrypting all your data requiring the payment of ransom before you are sent a key to unlock your own machine.

Despite the relative openness and transparency on the web, few people or firms openly talk about cyber attack. This means it is difficult to gauge just how widespread these cyber attacks actually are and whether we should be personally or professionally concerned about this phenomenon.
Now, each month, creator of the WordPress firewall plugin, WordFence, have begun producing a regular report on cyber attacks. This report collates attack information based on the plugin’s install base (WordPress powered websites and blogs all around the world). And while this is just a subset of websites and platforms that live on the internet, it provides a great insight into cyber attacks, including:

  • The IP address from which the attack originated
  • Country of origination
  • Number of attacks launched
  • Types of attacks.
This first report reveals that 13 out of the top 25 IP addresses originate in the Ukraine. France comes in second with 7. As the report explains:
Most of these originate from Iliad Enterprises. Iliad is a large organization with many subsidiaries and over 4000 employees. They tried to buy T-Mobile in the USA 2 years ago. The netblock for these IPs is registered to Iliad, but the attacks may originate from one of many subsidiaries of Iliad, like the ISP ‘Free’ in France.
So, how many attacks are we seeing? The report states that there were:
  • 63 million complex attacks – attempts to exploit weaknesses in your website code, plugins or database
  • 67 million brute force attacks – attempts to guess your passwords and user IDs.
What can you do about your WordPress / web security?
One of the biggest holes in your website / WordPress security will be patches. Make sure you are:
  • Regularly patching your site – updating it with the latest changes
  • Regularly updating your plugins – turn off the plugins and functionality that you don’t use, and update the ones you do.
There are also some basic security approaches that you should implement, including:
  • Complex user passwords – require that your users all have complex passwords that consist of upper and lower case characters, numbers and symbols and have a substantial length (more than 8 characters)
  • Put in place a mechanism that blocks users after a small number of unsuccessful login attempts
  • Add a web firewall to monitor and protect your code from unauthorised updates.
Why should you care?
Even if you are running a small business, cyber security is an issue for you and your brand. Sites that are affected by malware, for example, will find themselves blacklisted by Google. That means that every time someone searches for your business or tries to visit your webpage, Google will step in and ask you whether you want to proceed to an “insecure” website. And then, of course, there are other issues – from loss of files, customer data and more.
Quite simply, these days, brands simply cannot afford to be lax. The good thing is, that there are a growing number of integrated solutions and plugins for most platforms. Take the time to secure your site and hopefully you won’t have to make the time to clean up a problem down the track.