Category Archives: Technology

PRIVACY AND SECURITY IN THE COVID-19 TIMES – PART 2

This is the second part of a post I shared recently regarding best practices to help us with your online privacy and security.

Email

Be aware that when you use an email account from GMail, Yahoo Mail, Hotmail, etc you are compromising your privacy. These companies give you a free email account, but in exchange they have access to all your emails. They use the content of people’s email to learn more about people’s behavior and improve their advertisement tools. In addition the emails you sent are not getting encrypted, so a malicious agent can also gain access to them.

The alternative would be to use an email account from a provider like ProtonMail which not only protects and respects your privacy but offers very high security standards with end-to-end encryption. Another alternative is to register your own domain and manage your own email service, but that is more costly and time consuming.

Read more…
Gmail’s privacy problem and why it matters
New Warning Reveals Gmail’s Major Privacy Problem

Text Messages

Similar to email, different text message providers like Facebook Messenger or WhatsApp, do not offer the highest possible security features. For example even though WhatsApp encrypts the content of a message, it does not encrypt the sender, receiver, date, location, etc information.

The best alternative for private and secure text messaging is Signal. This is a non-profit organization that created a text messaging system that prioritizes privacy and security. It is the de-facto text messaging application for reporters dealing with sensitive information.

Apple’s Messages are also encrypted and secure, but you can only use this service if both sender and recipient own Apple devices which is very limiting.

Read more…
https://freedom.press/news/sharing-sensitive-leaks-press/
Why everyone should be using Signal instead of WhatsApp

VPN

Every time you visit a page on the web your IP address is shared with the page you are visiting. This compromises your privacy because your internet provider knows what IP address has assigned to each customer at any given time. And if the website your are visiting does not use a secure connection (https) all the traffic between you and the website could be seen by a malicious agent.

A very simple solution to protect your privacy and security while browsing the web is to use a reputable VPN service like ProtonVPN. Be careful because there are VPN services out there that will track you and sell your data to advertisement companies. The VPN connection will encrypt all the traffic end-to-end so a malicious agent would no longer be able to intercept it, and it masks your IP address so websites can no longer track you.

Web Browser

Continuing on the previous thread about browsing the web securely and privately keep in mind that even if you are using a VPN service websites can still track you through other means, like the use of cookies. For that specific case you can use your browser’s incognito mode.

In addition, be mindful of who makes the browser you are using:

  • Are you using Chrome, a browser from an advertisement company that loves to track everything you do? Then give yourself an F
  • Or are you using Firefox, a browser from a non-profit open source community that does a good job protecting your privacy and security? Now you can give yourself a B
  • Or are you using Brave, a browser built with privacy, security and advertisement blocking at its core? Brave even includes the ability to start a browsing session with Tor enabled which offers the highest level of privacy by using a technique named Onion routing. Congrats you get A+!

Read more…
Goodbye, Chrome: Google’s Web browser has become spy software

Privacy and security in the covid-19 times

With everyone staying home the use of online platforms for communication has increased and with that the inherent problems that some platforms have when it comes to protecting security and privacy increases too. So why not use this opportunity to share some best practices I follow in order to keep myself and those I communicate with safer? I have to disclaim that even though I’m a software engineer with many years of experience, I am not a security/privacy expert. However I think I can still share useful information, so here it goes.

What is the difference between privacy and security

Privacy and security are related. Privacy relates to any rights you have to control your personal information and how it’s used. Think about those privacy policies you’re asked to read and agree to when you download new smartphone apps. Security, on the other hand, refers to how your personal information is protected. Your data — different details about you — may live in a lot of places. That can challenge both your privacy and your security.

https://us.norton.com/internetsecurity-privacy-privacy-vs-security-whats-the-difference.html

Email

When communicating over email always be mindful of the To/Cc and Bcc fields. If your email is going to small group of friends and they all know each other, using To or Cc is appropriate. But if you are communicating to a group and not everyone knows each other, respect everyone’s privacy by using the Bcc field.

When responding to an email that contains multiple people think very careful when to use the Reply All function. Does everyone really need to know that you think a joke someone sent was funny? Maybe just reply to the original sender.

Read more…
https://blog.boomerangapp.com/2013/07/email-etiquette-how-to-use-bcc/
https://www.huffpost.com/entry/reply-all-email-etiquette_n_1232315

Passwords

If you can remember your passwords, then your passwords are terrible! Good passwords are the ones that are almost impossible to remember. So the idea is to use a Password Manager: this is an application you can install on your computer and smartphone where you can store all your passwords, so you don’t have to remember them. You will need to remember only 1 password: the one you use in order to access the Password Manager.

Password Managers make it very easy to use a different password for each application/website. That way if one password is compromised, the rest of your passwords are safe.

Read more…
https://www.popularmechanics.com/technology/security/a26629/use-password-manager/
https://keepass.info/index.html

Video conferencing

Lots of people have been doing video conferencing lately and one application that has become popular is Zoom. Unfortunately this app has multiple (link, link, link) security and privacy problems.

Instead I highly recommend people use FaceTime when everyone in the call have an Apple device. When that is not possible use open source alternative Jitsi or Google Hangouts.

Social media

Be mindful of what you share on social media. Do you really need to post your date of birth, phone number or home address on facebook?

When posting pictures that include others, be mindful of their privacy: Maybe ask your friends if it is ok to tag them before you do.

Consider disabling location services for some social media apps. Do you really want facebook app to know all the places you go to during the day?

Do not connect your social media information: I don’t mind to have silly pictures of me on facebook. I’m ok having my work information posted on LinkedIn. But I don’t want a work contact on LinkedIn to easily find those silly pictures on my facebook profile. Be in control of what you share on each social media platform and avoid interconnecting them.

Logging on a new website


Many websites/apps require you to sign up before you can use their services. When this happens always prefer using the email sign up option and avoid using the Facebook Signup/Google Signup option. Even though the FB/Google Signup is convenient, when you use it the website/app automatically gets access to some of your personal information, while signing up with email just gives them that: your email address.

Read more…
https://www.cbsnews.com/news/what-are-you-sharing-when-you-sign-in-with-facebook-or-google/

Screenshots


When taking screenshots on your computer or smartphone to post them on social media or share them elsewhere, always be mindful of what will show up on the screen shot. You can always crop the screenshot to remove areas of your screen that don’t need to be shared. And you should also blur or remove other parts that might expose aspects of your (or others) privacy.

Sharing links

Websites use a technique called tracking in order to tell how a visitor landed on their page. So for example when a website looks at a weekly report, they might see that 90% of their page viewers came from a shared link on facebook, and only 10% came from a Google Ad click. This helps websites make marketing decisions because they can analyze traffic trends. When this happens your browser will show something like this on the address bar:
https://www.takeouttracker.com/?fbclid=MMcSd116IwAR3StPd0TvvBd0F9iXMMcSdftt9ftt9ftt9XMMcSd11
The website address is only the first part. Everything after the ‘?’ (shown in blue) is the facebook tracking stuff. If you want to share this website with a friend over email or SMS make sure you delete everything after the ‘?’, and confirm that the website still loads correctly without it on a new browser window. This protects your own privacy because that long code after the ‘?’ has information that points back at you. It also makes the links look much cleaner.

Bonus topic: Sharing someone else’s work

This topic has nothing to do with privacy or security but I decided to add it here too, because I think it is important to create awareness on this problem: When sharing something on social media always try to share it from the original source. Many times an artist will produce a song/cartoon/drawing/etc and if you visit his website/youtube channel the artist can make some money because of advertisement. But if you share it from a different source, not only the artist no longer receives anything, but you are giving the benefit to the other person that copied and reposted the art. If you receive something and you don’t know who the author is, try a quick search and see if you can find the original author and share that instead. There is always the extra benefit that the original art will always be higher quality/resolution than the copy one.

Here are two images: one was stolen by a stupid Cliparts website and they even have the nerve to ask for attribution.

And then you have the original image full size and resolution from the wonderful The Oatmeal.

brewery plans update

This is a less verbose English version update of my brewery plans that partially repeats some of the information posted here.

2001

– Graduated from Computer Science degree in Medellín, Colombia and moved to Austin, Texas to work for National Instruments.

2014

– Unhappy with role and salary at National Instruments began the process of looking for a new job, but in the process I discover that software development no longer excites me. Instead (and out of nowhere) one night I decide that I want to start a Brewery in Austin.
– Buy my first kit for home brewing beer.
Continue reading brewery plans update

Programming Interview Tips

Behavioral Questions
Think about good examples you can describe from school (or internship) projects that were successful, in which you played an important role. Think about projects that went wrong initially and how the situation was corrected. What did you learn from the situation? what would you do different next time? think about a difficult bug you had to solve and how you approached the solution. Think about the different programming languages and which ones you like best and why. Always be very honest in your answers, since the interviewer can easily spot when you are making up stuff. Do not come across as the “perfect programmer”. Show that you have made some mistakes and have learn from them. Show that you have good communication skills, good team work skills, that you are a rapid learner, that you go the extra mile…
Continue reading Programming Interview Tips

Hacked too

A few days ago, my fellow blogger Kirsch posted about his blog being hacked. Well, I was victim of the same attack. Both of our blogs run on DreamHost and use WordPress.

I found a detailed description of the attack here, however this description refers to a 2 year old attack. I highly doubt WordPress would go this long without a patch to fix the vulnerability.

Everything has been restored to normal thanks to my backups and tools provided by DreamHost.

Why can’t Skype have a slick user interface like Adium?

I read that Skype had released a beta of their latest version for OS X and decided to give it a try, hoping to see some improvements on the user interface, but I was really dissapointed. Why does it have such bulkier and wasteful user interface? Skype could learn a thing or two from Adium. Granted, I had to tweak Adium preferences a bit to get such slick and compact layout, but at least they give me the option to do so.

El centro de entretenimiento perfecto

El título de este artículo suena mucho mejor en inglés, pero ese es el precio que tengo que pagar, desde que decidí escribir en español.

Les presento mi nuevo centro de entretenimiento, que lejos de ser perfecto si está increible:
the_perfect_setup

  • Televisión LCD de 42 pulgadas Westinghouse (VK-42F240S)
  • Mac Mini (MB138LL/A)
  • Amplificador Onkyo (TX-LR552)
  • Bocinas Wharfedale (Diamond 9.2)
  • Subwoofer JBL (PowerBass PB10)

Conexión
Video digital: Mac Mini (salida: DVI) – TV (entrada: HDMI)
Audio digital: Mac Mini (salida: óptica) – Amplificador (entrada: óptica)

Lo mejor es poder tener toda mi colección de música centralizada en la Mac Mini y poder editar las fotografías que tomo en una pantalla enorme. Los videos de Hulu y los episodios de Lost en alta definición (HD) se ven fantásticos.

Soy feliz. (y soy del verde)

High dynamic range (HDR) imaging

High Dynamic Range (HDR) imaging is the process of taking several pictures of the same subject with different exposures and then combining all of them to produce an image with a wide range of intensity levels. In other words, HDR uses the pictures with longer exposure to obtain more detail and color on the darker parts of the picture and does the opposite with the pictures with short exposure. The end result is a picture that is closer to what your eyes actually see.

To produce an HDR image you take several pictures of the same subject using different exposures. You must use a tripod because you want all the pictures to align perfectly. At minimum you will take 3 pictures: one underexposed, one overexposed and one that is just normal (with the ‘right’ amount of exposure), but you can take more using different levels of under and over exposure.


Once you have the pictures, you need an imaging software to merge them. I first tried to follow these instructions using Gimp on my Ubuntu virtual image, but the process was really slow and the result wasn’t very good. Notice how the merged pictures don’t align perfectly:

Then I downloaded a trial version of Adobe Photoshop CS4 and the best thing is that it does all the merging and aligning for you and here is the result of that:

The result looks good, but I’m not impressed. I’ve seen really amazing HDR pictures on the web, so I’m going to keep experimenting with it and post any further progress I make with this technique.