My apologies. My mind must have been a hundred miles away … or I was looking forward to the sunshine that I knew was coming at the beginning of last week. Anyway, I spent a few days in the garden, tidying-up, we had some friends round for “vintage tea”, and we looked after the youngest grandson a couple of times. Thus … I forgot to write up any notes. I can’t even distinctly remember who was in the meeting. I can remember a few apologies, but just in case I forget someone, I won’t even try to list them as I don’t want to offend.
Anyway, we had what I can only describe as a “jolly” meeting, the highlights being Phil’s contribution on his window to the outside world via YouTube and his new magic device, which he’s written up in the Computing and all things Digital Forum. Also the new exchange currency – diabetic cookies – which are now in open circulation for bribery of members. We also offered to help Mario upgrade his laptop which had (shock horror) Windows Vista as its operating system.
The focus of the “technical” part of the meeting – was reminding you about Forums and Topics as well as the gentle reminder about News being posted in Flipboard. I’ll continue to put news items there – that way we get more time to talk and exchange views, and raise issues in the meeting.
If there was anything of great importance that I’ve forgotten – please remind me and I’ll edit these notes. In fact if anyone can remember anything about the meeting – please let me know 🙂
I’ve been using a WordPress Plugin called OS OpenSpace Maps for quite a while that allows the mapping of trails (I use .gpx format to record the trails) onto an OS Map.
This has worked well, but in updating a blog post I came across the information that the Ordnance Survey has produced a new plugin that works with their DataHub Maps service. This is an even better service and if you’re a low-use user, you can upgrade to the Premium level subscription to get 1:25,000 scale maps.
The map can be easily zoomed and can be clicked to take to full screen size.
Here are a couple of links to help you along the way of installing and using the plugin.
On the Computer Group Zoom call today, Mario advised that his Sony Vaio machine was running slow when connected to the Internet and using Firefox.
The immediate suggestion was to clear the browser cache (Internet History and Cookies) but then it became apparent it was running Windows Vista as well.
Should Mario upgrade his laptop to Windows 10? That depends on the spec. of the machine – let us know Mario and perhaps we can give some advice.
Should the machine be upgraded to Linux rather than Windows 10. It might as well be because there’s no similarity between Vista and Windows 10, so there’s a learning curve anyway and Linux will run much quicker on an older machine AND the default browser on Ubuntu Linux is Firefox anyway.
So here’s a topic which anyone can comment upon and give advice and experience. For me, I think the Linux route is worth exploring. I’ve just “upgraded” an old Dell Inspiron laptop running Vista to Linux and it runs much faster than it did using Vista and it would never have taken Windows 10!
If you’re using maps or navigation on your phone, it is pretty important to allow your phone to know where you are!!
If you don’t want adverts from a coffee chain, perhaps it’s a good idea to disable location services before you go into a cafe!
Or, if you don’t want anyone to know where you are (???) again perhaps a good idea to disable location services.
You can do this in quite a granular fashion, so you can switch off for the device, for the application on the device, or only when using the application on the device. That’s why it’s quite important to close down an application when you don’t need it, or aren’t using it, because it will continue tracking you after you think you’ve stopped using it!
Of course with the Covid-19 tracing capability Google and Apple have jointly worked upon, this relies on an element of location services to be working, but that’s to determine proximity of individuals and as I understand it, location is not stored on any central server.
Yes, to a very high sense it is totally compatible. Only at the most advanced usage with advanced use of macros might there be a problem.
The same is true of OpenOffice but Libre Office has one advantage over OpenOffice in that it can both read and write .docx files – the default format for Microsoft Office. Open Office can only read .docx, but writes out in a slightly different format.
As I recall, LibreOffice can also read .PDF files. We covered this in a Computer Group meeting and without checking I can’t remember that for a fact off the top of my head.
I’ve just loaded Malwarebytes on our iMac and MacBook Pro computers – provided by our bank – and only found one piece of tracker code, on one machine, which was very old and most probably not active. I deleted it.
Macs have a very good history of not being hacked, and when they are they close the problem down very quickly. This is a benefit of Apple owning both the hardware and software and being able to control which of the latter is installed on MacOS.
This was a question that was raised during the General Meeting discussions. PayPal has a Buyer Protection and Fraud Protection policy which for small transactions (ie <£100), and for transactions with companies/individuals you regularly do business with, is probably sufficient protection.
For large value items (ie >£100) and up to £30,000 you might prefer to choose using your credit card because of the Section 75 protection you get.
Well … a lot of people do, and even government and other public bodies do, I believe, and it’s supposed to be very good and used to be recommended by Which?
Luckily, there’s plenty of advice and guidance available – often slanted particularly towards our demographic (ie oldies) …
Those two sites are particularly easy to follow and understand, but others are equally informative and targeted.
Your bank probably has guidance which it publishes online and which is accessible to everyone, not just their customers …
I’ll return to further information, guidance and references at the end of the talk, but first we need to look at a few issues, discuss some terminology that’s widely used and try and tease out what’s really important, and what’s just an inconvenience and then it’s up to you to judge where you find yourself on the scale of …
First let’s distinguish the difference between online security and online privacy. These are two different issues which are however linked. Sometimes you have to relinquish some privacy to receive a service – unless you choose to pay for it (and I’ve long been an advocate of paying for services if they do a job that is necessary); exactly how much privacy are you prepared to relinquish?
Security on the other hand is an absolute – you should not be prepared to accept less than your very best efforts . We’ll deal with that in the third part of the talk.
How do you relinquish your privacy, and how much of a loss of privacy is acceptable?
Some services could not be offered without income from adverts, or paid-for advertising – eg Facebook, twitter and instagram; and some eg Google and Amazon track and provide information to resellers if you don’t block them from doing so. As an example of how much value Google sees in getting knowledge of what you’re doing and where you’re doing it, they paid Apple $8bn recently to remain as the default search engine for any browser that’s running on an Apple device!
Incidentally, if you clicked on that link you’d have been asked whether you wanted to accept cookies – what exactly are they, and what do they do …
This article from Norton explains what they do quite well. Essentially, they record what you do on a website so that when you return some of the settings are remembered and applied. They do however also have a downside in that some can also act to track your activity once you’ve left the site. For that reason, you should disable in your browser the ability of third-parties to glean information from a cookie, and also to prevent them tracking your activity once you’ve left the site. You can at anytime, clear the cookies from your browser, and indeed on some internet browsers set them up to delete cookies when you leave (close the window) the site. You might also have noticed that my browser – Firefox – alerted me to the fact that Norton was using a Fingerprinting cookie itself …
… we’ll leave that for another day!
Another thing you might have observed when I opened the link in my Firefox browser was that the site requested that I enabled adverts to be shown. That is because Firefox, like Brave and Microsoft Edge, by default switches adverts off. These are often annoying and having a browser that blocks adverts, or if you use Chrome – using an ad-blocker like AdBlock Plus often makes for a more “pleasurable browsing experience” by limiting the intrusion you might feel upon your privacy.
Which brings us to browsers and search engines
Search engines are not created equal! Whilst Google is often thought to be the same as the internet and is often mistaken by U3A members to be an internet browser, it is in fact just one of a range of possible search engines that you can use to look for information on the internet. It uses a platform called Chromium to display the results of its searches to you through a browser called Chrome. However, other browsers – Microsoft’s new Edge, Brave and Opera all use the same underlying Chromium technology – the difference being they don’t track what you’re doing “to present the content that most meets your needs” (Google’s philosophy) and in some cases (eg Brave) they can actually prevent tracking of your browsing history. For the reasons given above, I use Apple’s Safari, or either Brave or Firefox as my internet browser.
So what safe and private search engine could you use as an alternative to Google. I use DuckDuckGo …
… but others I could have used might have been Bing, Yahoo or another one included in this article or in the list of articles at the foot of the post …
Finally, no discussion of Privacy can ignore Social Media and Facebook in particular. These applications if left to their own default settings are effectively personal information mining engines. They grab what information they can from you, and sell it on to whoever is willing to pay for it, or are indeed the platform for data mining, vis the Cambridge Analytica affair. Online retailers are not exempt from this and Amazon for instance has a wonderful record of your browsing history and who knows what they do with it! So look at this table taken from the recent Which? Publication – Staying Secure in a Digital World – and just check whether you need to change your settings, if you use any Social Media apps …
So that’s Privacy dealt with.
Should you be frightened?
The take away message I want you to have is Frightened – no; cautious – yes!
Online banking is very secure – a recent survey in Which? produced the following scores …
… plus you are protected and most of the banks are increasingly opting to adopt an online and mobile guarantee to refund you where you’ve been the innocent victim of a fraud. Here for instance is Barclay’s “Online and Mobile Banking Guarantee.”
They really don’t want to shell out money, so are trying to educate us to be wise to scams. So let’s take a scam test …
Banks are also often supplying software free (or at reduced cost) for you to install to protect your machine, to protect you from fraud – and of course themselves from having to pay out! I was recently offered a piece of software called Malwarebytes by the NatWest and although I have an Apple Mac computer which are well known to be relatively secure from Viruses, Spyware, Trojans and other malware, I installed it. I was pleased to note that I didn’t have any malware on the machine. We’ll return to this later!
Surprisingly you might think … it’s safer to use the mobile app on your phone, or tablet to do online banking and retail purchases than a web browser. This is because the app on the mobile device has to be verified by Google for Android (Google Play Store) or Apple for iOS/iPadOS (Apple Store). Whereas a browser could be infected, or compromised with malware. That’s something I’ve learnt from preparing this talk!!!
What is more with the advent of Two-factor Authentication (2FA) which makes use of a personal device associated with you, your phone which you’ve protected with your fingerprint, or facial image), is even more secure.
When you’re out and about and NEED to do an online transaction from your mobile – use cellular rather than WiFi. The latter can be really open to “sniffers”. [I must admit I try to avoid doing online transactions when away from a domestic network.] Alternatively use a Virtual Private Network (VPN) to connect through the Public WiFi “Hotspot”.
So we come to phishing and pharming, vishing and smishing – I kid you not! We’ll leave aside spear phishing because we’re not important enough for that! [Please excuse me not going into details on any of these. You can follow the links for further information.]
However the most scary scam I’ve been made aware of is one that befell a member of my family when they were distracted sufficiently to become the victim of SIM swapping.
Bruce Springsteen shouts out at his legendary concerts “Is there anyone alive out there?” I hope there are still many of you alive out there with me, because we now arrive at perhaps the most important part of the talk.
What should you do to protect yourself?
Some of these are really quite straightforward, some require some intervention by yourselves.
Keep your operating software up to date. This is particularly true if you’re a Windows user, and even more true if you are still running an older version of Windows than Windows 10. If you’re using Windows XP, Windows Vista or even Windows 7 you should seriously consider disconnecting your machine from the internet.
Install anti-malware, or anti-virus software if you’re a Windows user. Don’t pay more than you need to. Windows Defender from Microsoft is Free and for us relatively undemanding users more than sufficient. Keep it up-to-date as well! [As I said previously, your bank might be offering free software as well.]
Keep the software you use regularly up to date as well. Consider removing any software from your machine you don’t use – this is because software vulnerabilities are discovered sometimes quite a while after the software was first released.
Be cautious over installing extensions into your browser. These are often extremely useful and valuable tools, ie password managers, Dropbox, note taking, Google Back up and Sync, but if you don’t get them from the official sources then you might be importing vulnerabilities, eg spyware and trojans to your system.
Very seriously consider logging-out from social media and other retail sites when you’ve finished using them, especially Facebook, you just don’t know what tracking and logging of what you do, even where you are, if you’re logged in on a mobile device.
Free software is both a boon and a curse. Only download open source software from a reputable site such as Softpedia, and never try and get proprietary software for free. Read this article about Free download sites if you want to know more.
Remember the golden rule 1 – if it seems too good to be true, it probably is, so steer clear!
Remember the golden rule 2 – don’t speak to strangers (an oldie but goldie one, that); in other words if you don’t know where an email has come from – ignore it; if the website address looks a little strange – do an internet search on the company or organisation to check if the address you’re looking at is a spoof of the proper one.
Have more than one email address. Use one as your personal address, other ones you can use to “throw away”when you need to register to a website, but you’re unlikely ever to go back to it again. Or have an email address (UserID) specifically for online purchases. Splitting things like this reduces the risk of you being the victim of fraud.
Seriously consider using an email service that is NOT connected to your Internet Service Provider (ISP) – if you decide to change your ISP, and you should review them periodically, then you will have real problems if your email address is linked to their service!
You’ve got Spam filters running? Of course you have – but you better check! Probably your ISP, or email provider (eg Gmail, Yahoo, Microsoft Outlook or Hotmail) is filtering out what it thinks is spam, but occasionally some gets through. If that’s the case then you can always look at the real sender of your message.
You can also apply filters to divert incoming email into different folders in your email system. That reduces the amount of Junk that you need to review. [I’ve also advocated using the “native” email application for your device rather than rely on the web-based service the email provider has. Thus on a Windows device – use Windows Mail (or Outlook); on a Mac use Mail. You can then easily synchronise your email between devices from multiple email accounts. Tidy!]
So we come to Passwords …
… this is the point at which you need to consider intervention and changing your behaviour! You might also need to do a fair bit of work, but it’s worth it if you want to have a secure internet experience.
Oh no! I’ve been pwned … but it was a long time ago and I’ve changed my password many times since then!Ah! That’s better – my “throwaway” email and passwords are “safe”!
So … use a unique password for everywhere you sign on. There’s lots of tricks to achieve this; some of which I wrote about in a post quite a long time ago …
… but the real change of behaviour is to use a Password Manager – again I wrote about this a little while ago and linked it to using Two Factor Authentication, which I described earlier.
Password managers
I used to use LastPass and I believe there’s nothing wrong with it – despite the security scares last year, but other common ones are Dashlane and 1Password. Please make up your own minds after reading some Reviews and seriously consider using one.
However the biggest change in Online Security which started last year with Apple’s announcement of the launch of its’ implementation of FIDO is Passkeys.
The Video and the Slides from the talk given to the Cardiff u3a General Meeting
Your bank, eg NatWest – mine has a Security Centre web presence and particularly they provide a number of Fraud Guides
I could give a million references to changing your privacy settings on Social Media, but here are a couple relating to Facebook, perhaps the most challenging service of the lot.
Not a Spielberg masterpiece but something I knocked up this morning. There is one mistake in it, corrected in the second-half of the video. The Mac requires a 64-bit Linux distro, not a 32-bit one, so the same .iso file I used for the Dell Inspiron was used in trialling Ubuntu 20.0.4 on the 2008 MacBook Pro.
How I built a Ubuntu Linux 20.0.4 system on an iMac and tested it on an old MacBook Pro
I’ve also discovered that Etcher is available for Windows as well – go to pull-down button on this page. It might be worth looking at this as an alternative to Rufus.