Showing posts with label Malwarebytes. Show all posts
Showing posts with label Malwarebytes. Show all posts

Sunday, March 24, 2019

Your Privacy

Your privacy is my problem. It is your problem.

Disclaimer: the authors who share this blog do not knowingly or intentionally exploit other peoples' data. We do not accept paid advertisements. We do not try to track visitors. However, our host does so. From time to time, we warn you about that.

Our host reminds us (the bloggers):
"European Union laws require you to give European Union visitors information about cookies used and data collected on your blog. In many cases, these laws also require you to obtain consent.

As a courtesy, we have added a notice on your blog to explain Google's use of certain Blogger and Google cookies, including use of Google Analytics and AdSense cookies, and other data collected by Google.

You are responsible for confirming this notice actually works for your blog, and that it displays. If you employ other cookies, for example by adding third party features, this notice may not work for you. If you include functionality from other providers there may be extra information collected from your users."

If you, dear readers, have the ability to go right now to check which "cookies" have dropped onto your device like deer ticks, you may see links to the participating authors' websites, and a whole raft of google urls. Clear them often. No one who monetizes "tracking" takes any notice of "Do Not Track" requests.

David Ruiz, blogging for Malwarebytes offers some helpful insights into data privacy and cybersecurity.
https://blog.malwarebytes.com/security-world/2019/03/not-definitive-guide-cybersecurity-data-privacy-laws/?utm_source=double-opt-in&utm_medium=email-internal-b2c&utm_campaign=EM-B2C-2019-March2-newsletter&utm_content=laws

It's instructive reading, especially the part about the GDPR, and tracking, and collecting, and storing, using and sharing visitors' data.  Ruiz also points out what this author sees as an extraordinary loophole in Californian privacy laws. It's a "data breach" if a rogue actor actually downloads your data. If he just looks at it (presumably even if he looks at it and deploys pen and paper), it is not a data "breach". With a breach, the victim must be told, and offered a lifelock-like service for a year. If the rogue took a look, not so much.

And then, there's Spokeo.com

In 2017, this author thought that she had successfully opted out of having her information monetized by Spokeo on Spokeo.  Then, she read "Spokeo Update..."

Legal bloggers Scott Kelly, David N. Anthony, and  Timothy "Tim" J, St.George blogging for the law firm Troutman Sanders LLP share insights into the Fair Credit Reporting Act lawsuit that Spokeo almost three years after  the Supreme Court ruled that an individual who suffers no provable financial injury, but whose financial privacy was invaded... may sue.

https://www.lexology.com/library/detail.aspx?g=6b3a05ad-3815-4cf8-8a89-0b3009100810&utm_source=Lexology+Daily+Newsfeed&utm_medium=HTML+email&utm_campaign=Lexology+subscriber+daily+feed&utm_content=Lexology+Daily+Newsfeed+2019-03-20&utm_term=

Or the original
https://www.consumerfinancialserviceslawmonitor.com/2019/03/spokeo-update-parties-settle-long-running-fcra-dispute/#page=1

Is Spokeo selling guesstimates of your credit score? You should look into it. Even if they have a disclaimer that states that one may not use the information that they sell in order to decide if one wants to employ/lend to/rent to... or otherwise make a business decision about the subject of one's Spokeo search, a skeptic would wonder why anyone would pay $39 or whatever to discover information one will not --on one's honor-- use.

For the next three years, it ought to be relatively easy to opt out, if you do not want to be monetized on Spokeo "so lost relatives and friends can find you".

Another reason to opt out is that Spokeo may reveal --free, to all-- the names of your aunts, uncles, cousins, parents, grandparents, children, siblings.  Never chose family members' names as any of the answers to those double and triple verification questions that financial institutions may think are only known to the real you.

Happy hunting.

All the best,
Rowena Cherry

Sunday, December 02, 2018

Authors should be particularly vigilant in compartmentalizing their vital information. Apart from the usual dangers of crooks wanting a hook for spear phishing, or to hack into some source of funds, there are crooks who even try to steal unpublished manuscripts!

Heloise Wood and Natasha Onwuemezi wrote about it recently for The Bookseller.

https://www.thebookseller.com/news/publishers-react-cyber-criminals-attempt-pilfer-manuscripts-874176

If you are an author or a reader, perhaps you have attended a convention or event at a major hotel chain. It is likely that a lot of SFWA members, or Authors Guild members, or Romance Writers of America members, or Romantic Times convention-goers, or have been to a Marriott or Starwood Hotel or convention center in the last five years.

You surely will have heard of the latest data breach:
http://news.marriott.com/2018/11/marriott-announces-starwood-guest-reservation-database-security-incident/

One surprising revelation is that some unfortunate, sociable people may have had their passport numbers, drivers license numbers, birth dates, credit card numbers and more exposed.

Do you have Malwarebytes? A professional genius suggested to me that Malwarebytes is a superior product to keep Apple products safe. No one has offered this author any incentive for saying this, but it does work well, it scans often, and unlike rival products that might or might not have the word "Trust" in their name, one can have Malwarebytes on and not be automatically blocked by banks and brokerage houses.

Malwarebytes gave subscribers an early heads-up on the Starwood breach. (RWA was next quickest to alert members.)

http://click.malwarebytes.com/?qs=b8079dd9f4432aba121831613ffc097db40ce93fa4dab885884087c169afcaa4b1be94cbde983fc959cf4c993d6789e0dea279811da486ed

By email and by link, Malwarebytes offers great advice for anyone who might ever have had a Starwood hotels account. Their Data Breach Checklist is worth saving.

https://blog.malwarebytes.com/wp-content/uploads/2018/11/B2C-Data-Breach-Checklist-2018.pdf

Of course, we all know that we ought to reset passwords.... and many of us procrastinate. In fact, before blogging today, this author logged in to her SPG account and discovered that her username had already been reset to a new one. The password could then be reset, but only by someone with access to the email account on file.

Credit accounts etc should be monitored. Anyone with a DISCOVER card can receive very good, free credit monitoring and an updated FICO score every month. Fifth Third Bank offers a credit monitoring service which costs approximately $7.00 a month. That's cheaper than Lifelock, which is about $12.00 a month. Those affected by the SPG breach are being offered Webwatcher for one year. Make a note of when your anniversary date with Webwatcher will be, or you may be surprised with an automatic renewal fee.

Credit freezing is now free, so is a good option if you aren't planning to sign up for a new credit or debit card or to take out a new mortgage.

No one wants to say it, but does one really need to share one's birth date with anyone who asks, including store clerks? I don't need a $10 Vera Bradley coupon mailed to me on my birthday. Every week through the snail mail, I receive coupons from all manner of vendors for all manner of apparel and accessories.

By the way, your doctor or dentist may ask for your social security number, but you do not have to give it to them. You don't have to give them access to your smart phone number, either.  Just because they ask you to write a review of their practice does not mean you should. Do you want Google and Facebook to know approximately when you visited a gynecologist, and which office it was?

Speaking of HIPPA, the law firm of Hall Render Killian Heath and Lyman PC penned an interesting article some weeks ago about hospitals being fined for allowing a film crews to film patients without the consent of the patients who were filmed.

https://www.lexology.com/library/detail.aspx?g=7cd57e75-d3ba-41c1-a949-aa003895c5d3&utm_source=Lexology+Daily+Newsfeed&utm_medium=HTML+email+-+Body+-+General+section&utm_campaign=Lexology+subscriber+daily+feed&utm_content=Lexology+Daily+Newsfeed+2018-09-26&utm_term=

And, totally off topic, but to do with privacy, did you hear about the female student whose landlord evicted her just before her final exams because her suite mates (apparently inspired by the student's choice in political millinery) conducted a search of that student's room and private possessions in her absence and without her permission, and discovered a legally owned and safely stored gun, and complained to said landlord?  This, in a State where gun ownership is lawful, and in a rental where the lease was silent about gun ownership.

All the best,
Rowena Cherry