• 3 months ago
I met Andra, who’s a cybersecurity content marketer via Twitter, and I’ve been following her posts for a week or so. A few days before our conversation she posted an article titled “How to Protect Your Freelance Business from Cyberattacks and Fraud”, it intrigued me. So I thought it would be great to have a conversation with her.

After our conversation, I walked away with so much information and insight. Even though I help my clients secure their data and devices, it was great to get a perspective from an expert in this field. Not only that, but the idea she brings forward about ‘communicating simply’ is dear to my heart.

https://peakfreelance.com/blog/protect-freelance-business/
https://twitter.com/AndraZaharia

Post: https://macjunky.com/post/conversation-with-andra-zaharia
Newsletter: https://macjunky.com/newsletter
Contact: https://macjunky.com/contact

#apple #mac #consulting #coaching #training #business #tech #technology #minimalism #simplicity

Category

🤖
Tech
Transcript
00:00:00So I had an amazing amazing amazing chat with Andra the hour went so quick
00:00:06We didn't kind of realize that as soon as I noticed the clock was like an hour's long enough
00:00:11But after actually we spoke for another 20 minutes or so
00:00:16She has such amazing insight and we also think quite
00:00:22alike actually in the way we think communication matters in what the way we present our
00:00:28Technical know-how, it's all well and good throwing buzzwords and throwing keywords. That's very much tech
00:00:36Oriented but if the client or the person doesn't understand that then what's the point and she being a marketer that's in the cyber
00:00:44space cyber security space
00:00:47It made me think about how
00:00:50Again made me think about how IT people
00:00:53and and people in general
00:00:56Talk tech without people understanding and she really has some really interesting
00:01:03insight into
00:01:06the psychological
00:01:08Aspect of how we need to kind of educate people into
00:01:13How cyber security and security in general?
00:01:17social media
00:01:18we actually talked about a whole lot a lot of stuff how it really impacts us and how we
00:01:24Interact with our devices our technology and stuff. It's really I'm not taking anything away from any of my past
00:01:33episodes, but this one I got to say was one of my favorite ones and
00:01:39Hopefully you enjoy it as well. Here's our conversation. I
00:01:44Really wanted to talk to you because of that blog post you posted about
00:01:51Security and so on it was security for freelancers. Was that was that correct? Yes. Yes
00:01:57It was a guy's for security for freelancers. Yes
00:02:00so what prompted you to
00:02:03To write it basically. Oh
00:02:06I've developed
00:02:08several
00:02:10Security guides for several kinds of you know, different kinds of people but what prompted this particular guide?
00:02:16Was a story that I came across on Twitter
00:02:19It was a freelancer who got her identity stolen
00:02:23Someone said set up a profile in her name using her work and all of her details and portfolio on a freelancing platform
00:02:31she didn't have an account on and
00:02:34that
00:02:35Scammer and impersonator was using her good name to pitch clients and how she found out
00:02:40Is that a client who found the dialogue a bit fishy on that platform reached out to her?
00:02:46Send her a message and ask her like hey, this is is this you I thought this was a little off
00:02:53and that's how she realized that this whole thing had been going on without her realizing and
00:02:59From my experience. I know that people are responsive to these kind of things. So to you know, taking proactive behavior and
00:03:08just
00:03:09Doing things before things get bad only when they have a story that impacts them emotionally
00:03:15So I thought that was a good moment. And plus I wanted to so I published this guide
00:03:20in a community for freelancers of one of my friends set up and
00:03:26It honestly it had a much bigger impact than I expected
00:03:29in the sense that I've been doing cyber security content for six and a half years now and it's usually
00:03:39You know it it it has there's some emotional distance there and it's difficult for people to connect
00:03:45Emotionally to these abstract notions
00:03:47so what I try to do is to find that connection point and to find that trigger that gets people to pay attention and
00:03:53Get people to see themselves through the eyes of let's say an adversary
00:04:00Which kind of changes your perspective on things?
00:04:04Yeah, I mean it it prompted me to read it purely because it said freelancers
00:04:10And the and the reason why it prompted me the headline was because I deal with a lot of freelancers and consultants and
00:04:17have done so for like 30 odd years and
00:04:20pretty much
00:04:2298% of them have no idea about this stuff and
00:04:26It amazes me because they care about their wallet
00:04:30Not not many but they care about their wallet, but they don't care about their computers and the computer
00:04:37The email your email address in fact your email mailbox is the most important thing
00:04:44Anywhere
00:04:45You could lose your wallet and you can get your cards back if you lose your email
00:04:51Credentials, it's very hard to get everything that's connected with your email address back
00:04:56And this is the thing that I'm trying to tell people and I hope people who listen to this and watch this
00:05:04understand that
00:05:05Not just email but security is so important encrypt your hard drive. Make sure you have different passwords
00:05:12this this is basically what you talk about and
00:05:16So when I read it in total, I'm just basically nothing like yeah. Yeah, let's let's talk to this person
00:05:22I want to know who she is. So it was really cool to have this conversation with someone who does it
00:05:29For their job. I mean, this is this is what you do, right?
00:05:33Yes, yes, this is exactly what I'm doing and you know
00:05:37I'm thrilled that I have the opportunity to talk to people outside of the cyber security industry because
00:05:43This industry in particular tends to have a very strong echo chamber. So we talk to each other
00:05:50We know things are bad. We know what's going on
00:05:53but we have a hard time getting outside of it and that's because and what I realized over the past couple of years is that
00:06:00There aren't a lot enough people that are focused on communication in the sense of translating things so that
00:06:09You know regular people like, you know, not you and me because you're definitely an exception
00:06:15But you know regular people who are freelancers or whatever they do in their job get this kind of let's say
00:06:22Literacy because it is fundamental. I mean we can no longer separate our identity our offline identity from our online one
00:06:29No matter how we still feel about the separation
00:06:33it does not exist anymore and what impacts us in real life except the impacts our online lives and vice versa and
00:06:41The more we ignore this we're only making it more difficult for ourselves in the long run
00:06:46Because the concept of identity and that's what fascinates me and you were talking about this earlier when you mentioned email
00:06:52the concept of identity is
00:06:54Changing and the way that we define not just our identity as
00:06:59humans as individuals but as humans in cyberspace and
00:07:04Society in general. It's changing so much
00:07:06It's influenced by so many things and there are plenty of let's say mental models and and ways to look at
00:07:14Ourselves and what's going on around us that in cyber security work and again can really elevate your perspective and it can help you get
00:07:23Grounded and also help you understand and navigate all of this complexity because it's not gonna get easier no matter how much
00:07:30Companies try to simplify things. It's not going to get easy
00:07:35No, it's definitely not and this is this is the the angle I'm coming from being in the tech space
00:07:41You know being in tech space for 30 years and I've always liked simplicity not minimalism simplicity
00:07:48Although I call it tech minimalism because it was a buzzword
00:07:53Simplicity I used to call it laziness and the thing is what you what you touched on saying
00:08:00We need to make people understand with basically common language, you know being so
00:08:08knowing tech people and the the the reasons that they use tech is
00:08:13Because they like the tech not because of the client needs it and when I noticed that in early stages of my career
00:08:20I'm like, okay. This is stupid because this person doesn't need this
00:08:24Because it wasn't communicated properly and I think communication no matter where you are
00:08:29I mean if you're in a relationship, we're all in relationships one way or another if the communication breaks down
00:08:37everything
00:08:39Basically explodes, right? So if you don't have the right communication doesn't matter where you are
00:08:44It's a huge problem. And I love the fact that you talk about the communication because not many people do
00:08:51really not many people do and that's really strange because you as
00:08:55You said echo chamber. We all talk about tech. We all talk about
00:09:02Anything any it could be absolutely anything
00:09:04But if the person that you're trying to communicate it to doesn't understand those buzzwords and who you're talking to what's the point of it?
00:09:11But there's no reason to it and that's why I've never liked hacks. I call them hacks
00:09:18I've never liked
00:09:21creating a
00:09:23Space where people couldn't get the information that they wanted. So I always talk in normal language
00:09:30Like if it was a case of you have to put it in the bin you have to do this because of this like no
00:09:36Put it in the bin empty the trash. It's freaking simple. It's not you don't have to over explain the thing and
00:09:43Often what I do and I found myself doing it
00:09:47It sounds like I'm talking to a child sometimes but it helps
00:09:51I had a client call me talking about my my computer is full and I'm like, well
00:09:57I couldn't understand why so I remoted in they're putting stuff in the trash
00:10:02But not emptying the trash for the past. God knows how long and I'm like, how can I explain this?
00:10:08So I've literally said you have a trash can in your kitchen
00:10:12Who comes and takes it out of your kitchen? Well, I do
00:10:17Well, there you go, right
00:10:19Simple simple and they appreciated it because they understood it so clear simple language
00:10:26Matters a lot and I'm gonna start following a lot more now because of what you said as well
00:10:32Because it matters simple language matters
00:10:36It definitely does and I think that it's also simplifying language, but also finding that clarity and finding that
00:10:44that that emotional trigger not in the sense of manipulating people but in the sense of
00:10:50Striking that chord that means something to them when I first started in cyber security
00:10:56While working as a marketer in cyber security, there was very little content
00:11:01There was like super technical content and then very superficial and fragmented content and not much in between
00:11:07while a lot has changed over the last six years and there has been a
00:11:13substantial and exponential increase in in the
00:11:15Quantity and quality of content that's out there in terms of you know, cyber security education and awareness and things like that
00:11:23There are still there's still too much generic content
00:11:28That's made for everyone and talks to no one and speaks to no one and most people don't I gotta stop you?
00:11:34Preach carry on preach
00:11:37Yes
00:11:39They will not people will not listen to this
00:11:43What I try to always do is that I always talk to as many people as possible
00:11:48Who are you know, they're not my friends. They're not in tech like regular folk and I try to understand, you know
00:11:54What's bothering them and who they trust for advice?
00:11:58Because often more often than not tech and security which is obviously part of the party. Yeah
00:12:05They will feel they will make people feel incompetent and people don't like to feel stupid or
00:12:11Unable to do things and unless they feel capable of doing that thing like whatever it is, you know
00:12:17It's stalling antivirus or you know start using a password manager or whatever it is if they don't have the self-confidence
00:12:23They're just gonna reject it right away. And they're gonna say like this is not part of my identity
00:12:28I'm not gonna take on something that makes me feel less capable that I think of myself
00:12:33And it's it's it all boils down to human psychology and what I love about this industry in particular is that it is
00:12:41packed with people
00:12:43Who understand that, you know human psychology is the most important element technology and cyber security is like two percent and the other
00:12:5098 is getting
00:12:52Processes right in communication, right and things like that
00:12:56It's that it's yeah, it's going back to the communication thing
00:12:59If you're just talking in buzzwords and um technical babble, which is what I call it. I mean i'm in tech
00:13:06I know all the babble. I still call it babble because even you know, the funny thing is even some of it
00:13:11I don't understand. I gotta be honest. Sometimes when people talk in real tech i'm like dude just say
00:13:18You're putting this phone from here to here. I mean, what are you using all this babble for? What's the point?
00:13:22I don't know if I don't understand it how on earth do you know how to use a phone?
00:13:29How on earth do you think the average person who doesn't really care about it they just want to know
00:13:34Everything is safe. Everything is secure. My computer works or whatever it is
00:13:39How are they going to understand it if you can't explain it to me simply to me the tech guy, right?
00:13:47So how how wait who's employing you? How how are you getting any work?
00:13:52You know because you know as you say in the past well you said six years
00:13:57but obviously in past 10 15 years computers have got so
00:14:02ingrained in our lives
00:14:05the phones and so on I mean you can go back further than that, but um
00:14:10But the the the thoughts of how people interact with them
00:14:15Haven't changed so much
00:14:17In this and and I see this because i'm feet on the ground talking to people all the time with my clients
00:14:23um
00:14:24and when I change their minds and where when they are, um open to the idea of
00:14:30Working the way
00:14:31I would say work not because I say so because it's better for you
00:14:37Um, they're so happy with it. So I had one client
00:14:40Who was just all over the place with the computer and stuff. She needed a new computer
00:14:46So she bought a brand new computer we changed everything so it was online safe secure password protected, etc
00:14:53Her computer got stolen
00:14:55And she was on the phone
00:14:57Crying her eyes out. Oh my god. Kay. What can I do? Etc. I said calm down firstly secondly
00:15:05Everything is backed up. Everything is secure. Just go to the apple store pick up a computer log in
00:15:10Hour later she called back and she said oh my god
00:15:13Is that it is that all I have to do because now I have everything if you sent me so many chocolates
00:15:18It's crazy
00:15:20I'm, like, yeah, it's not that hard once it's all set up
00:15:24It's not actually that hard to set up. It's just whether you can do it or not whether you want the help to do it
00:15:29So it's not rocket science. It can actually be done without
00:15:33Professionals doing it but if you're not confident enough you hire a professional to do it
00:15:38I can build it. I mean i've built cars
00:15:41But you know what i'd rather just take my car to a garage so I'm confident to do it
00:15:45But I just rather pay someone so it's the same thing
00:15:48but she was so happy because
00:15:50Everything was safe. Everything was secure. We we encrypted our computer
00:15:55So there was no way that the person could ever use that computer again, etc, etc
00:15:59And she was so happy about it and it's happened a few times now
00:16:03Since then but again, it's really simple because of the communication
00:16:08Between me and the per and the client
00:16:11Explaining to her all of this stuff and calming her down and making sure that they understand
00:16:17Where the data is why we need to do this? So it was a hard, you know, it's a hard slog
00:16:24to
00:16:25Change people's minds when they've had this 20 years of experience with it people
00:16:31Right because I hate being called it. I hate it with a passion
00:16:36With a passion
00:16:37so they have this, you know notion of what an it person is and then when they work with me, they're like
00:16:43You're not an it guy. I'm like no shit
00:16:47Exactly exactly
00:16:49people have so many misconceptions that we need to work on that we need to address to make it feel like
00:16:55things are part of normality that they're attainable and I love success stories like these because
00:17:02When you get that feeling when you have that initial panic
00:17:06That oh shit something really bad has happened. Oh, wait. I have a backup. I have like all my stuff back top
00:17:13I don't have everything, you know access like
00:17:16two-factor authentication
00:17:18My accounts are protected
00:17:20then the
00:17:22Just a feeling of release and of peace is it's just it's exhilarating
00:17:27honestly, and I i've seen people do that and honestly it's happened to me as well because
00:17:32At some point I remember losing like a google sheet with something that was super important
00:17:37and
00:17:38I realized that obviously I had backed it up and everything went back to normal and just in the span of 30 seconds
00:17:45I was like, oh wait. Oh, everything's fine. It's cool. It's cool. I have this because past me
00:17:52was careful enough, uh about doing things and to me it is also
00:17:57People when you even the term cyber security feels alien and foreign and super complicated
00:18:04When in fact it is something well anything cyber related feels a bit sci-fi still
00:18:10Although we've like we've gone way past that the sci-fi scenarios
00:18:16But in fact, there are simple things that you can do that only that that also playing to simplicity
00:18:22So it's not just
00:18:24About it's like getting your ducks in a row. It helps you put things in order
00:18:28it helps, you know where things are especially the most important things because that's what you want to prioritize like
00:18:35You know, whatever super important documents you have
00:18:38Like client work that you don't want to lose and anyone who's lost
00:18:44Work at some point or another knows that that is very very painful and you do not want that to happen
00:18:50um
00:18:51It's a simple yeah, sure
00:18:54No, I was sorry. I didn't want to stop you, but you you said about um, keeping your clients information safe
00:19:01And that's so vitally important that freelancers
00:19:05never understand
00:19:06so
00:19:07Um again, I work with a lot of coaches and consultants
00:19:11And they have a ton of information from their clients. So when you say to them, where are you keeping this stuff and they say
00:19:18On my personal google i'm like, uh, oh
00:19:22You know not not personal personal, you know, I think you know as well. There's two googles
00:19:28there's the personal free one and then there's the paid one and they
00:19:32even though it's the same company, they're actually two different companies in the sense of
00:19:37Security and blah blah. They're completely separate and a lot of people don't understand this either which is um,
00:19:43Which is again communication
00:19:46Because they say google I don't want to touch google because i'm one of those people that I don't use any google
00:19:52Products because of the don't be evil is turned into be evil. Uh, so I don't use anything
00:19:59Right, uh, I do however watch youtube and that's about it really. Um,
00:20:04Yeah, but anyway, they don't know the difference between the paid google and the unpaid. So when you say to them actually
00:20:11I have ethics of not using google, but they don't so google
00:20:15Workspace now it's called it was called g suite is actually probably a really good product for it for a lot of these
00:20:21People to use but not the free one
00:20:24So when they say to you, well, you don't use google. Why should I i'm like that's a personal ethic issue
00:20:29So this is this is the this is my ethics
00:20:33It's up to you if you want to use it
00:20:34If not, we'll find something else, you know
00:20:36So you have to think of those kind of things as well because I only
00:20:41recommend
00:20:42things that I use
00:20:44but then
00:20:46You you have to think of the client and what their needs are as well
00:20:50So it kind of depends on how you do it. So if someone says well, I need to use microsoft excel
00:20:56I'm, like well you have a mac you've can use numbers. Why do you want to pay extra?
00:21:01Because I don't use I don't use it
00:21:03If they say well i'm an accountant and I use macros, yeah, okay, you have to use it
00:21:08Right, but i'm not like no don't use it. You have to you know
00:21:12No, it's you have to use the right tool for the right job
00:21:15And if you have a specific job and a specific thing that you need to do with that
00:21:21App just because I don't like it. I'm not forcing you not to use it, right? Yes
00:21:26But the security part of it matters. So again
00:21:30Google there's a good google and a bad google don't use the bad google, but I just don't use the good google
00:21:38No, I know and you you brought up actually a
00:21:43conversation that happens very often in security which is
00:21:46uh, so first of all to your point about using, you know, free google accounts, I would just like to
00:21:53Remind whoever will be watching or listening that if you lose documents google will not be able to bring them back
00:22:00I have seen this happen. They will not be able to bring them back if you're on a free plan
00:22:05So one that once that's gone and once you've deleted it, that's bye-bye
00:22:09And you're not going to be able to retrieve it no matter how hard you try. So keep backups
00:22:15And use a paid account. Um
00:22:17The second thing is that to your point that we should recommend
00:22:22Stuff that people can actually use and people actually need
00:22:25In the tech space and in the security space. There's always the debate of oh if you want to be secure you should use linux
00:22:32No one in their right mind will use
00:22:37No, we're not going to use that that's absurd you're not why why would you want to make people's lives even more complicated than they
00:22:44Already are there. Let's try to teach people
00:22:47Just just you know, what's your setup? This is my setup. Okay. Let's see what you can do. Like what's the baseline?
00:22:53What are the baseline things you can do to keep your stuff safe?
00:22:56Like hey better passwords things like that. We have you know
00:23:00There are so many simple solutions to use now that aren't even that expensive and they're totally worth the money
00:23:06Uh, especially in terms of password management if that's where manager will simplify your life make it more productive
00:23:12And take a big pain
00:23:15Off your back in terms of uh of managing this stuff
00:23:19and uh
00:23:19Also, so it doesn't matter which operating system you choose to use whether on mobile or on your laptop or desktop
00:23:26Whatever it is on your tablets
00:23:28It's just important to try to figure out, you know, what's the best way that you can profit from that, you know product or platform
00:23:37Also in terms of security no matter what that is and no mags are not safe by default
00:23:44No, I well they're they're a great system they're still a great system I switched to like the apple ecosystem
00:23:51Because of their focus on security and I I still like root for them in that direction. They're not perfect
00:23:58No company is but they're as they're they're good enough for me like you mentioned for there you go
00:24:04so if it's
00:24:05This is what I tell people if it's good enough for a cyber security expert
00:24:08It's good enough for everyone else and as you say you I mean
00:24:12Every everything you have it doesn't matter what it is
00:24:15You have to be secure security conscious about it. If you have a wallet, it's going to fall out your pocket
00:24:22Someone's going to steal it. Someone's going to rfid it. There's they're gonna there's something's going to happen with it, right?
00:24:28That's why we pay insurance
00:24:30It's not because necessarily because of the law, although it is illegal not to have the car insurance
00:24:35But the point is if you have insurance you're safe in the knowledge that that's your backup, right?
00:24:41This is the the tech speak. We have a backup of our files files
00:24:46We have insurance just in case we crash our car so we can get our car back, right?
00:24:50It's kind of the same thing. So if you don't insure yourself, like you said
00:24:55with your documents and and and
00:24:59personal information
00:25:01Then only you're you're to blame not anyone else, right? Because they're not
00:25:08There's so much information out there
00:25:10Good or bad, but at least you can get the basic information that you need going back to the mac and pc thing
00:25:18Uh, yes linux blah blah blah. Let's not go there because that to me is it talk
00:25:23But the mac and pc again
00:25:25Yes, macs are way more safer than than pcs are purely because of the operating system not because of the box itself
00:25:33And what people don't understand?
00:25:35Is that pc stands for piece of crap, but that's my personal belief
00:25:40But pcs are not it's not a company
00:25:43It's it's a box that microsoft has a license to put the operating system on
00:25:49So those things don't work together just like an apple does an apple the operating system and the hardware work harmon
00:25:57Harmonously harm work well together. I can't say some words
00:26:02So they work really well together. So the so the the security part of it
00:26:06I would say is way better than the pc
00:26:10because because of that factor
00:26:13now
00:26:14There's still flaws. There's still flaws and they're always constantly finding flaws. It's like bugs in software. They have to fix the holes
00:26:22um, but
00:26:24You can encrypt your hard drive. How do you do that? Push a button? It's encrypted. No one else can touch it
00:26:30You know and things like that that the fact that they've made it so simple is so much more
00:26:37Reachable by by non-techies
00:26:40that
00:26:42I mean there were there was a time where I got fed up with max mpcs and I said get a chromebook
00:26:47get get google blah blah and get a chromebook because it's cheaper and i've
00:26:52Told some parents because they don't like the apple or the pc
00:26:56to get chromebooks for their kids, um, because
00:26:59Why not because a lot of schools here in holland they use?
00:27:03google
00:27:04Ecosystem kind of thing
00:27:07Get a chromebook. There's nothing wrong with chromebooks. But again, you have to secure yourself with it. It's the same with anything. Yes
00:27:13absolutely, and plus there's
00:27:15So there are so many, you know various
00:27:18um entry points to your personal identity belongings and data
00:27:24and besides like the operating system itself, you know, it's good to be in a secure ecosystem to have
00:27:30To to realize what you're kind of your main kind of castle that you're trying to protect is whether it's your
00:27:37Email address or your you know
00:27:38your apple account or whatever your kind of main email address that ties into
00:27:43All of the other main accounts that you have because that's how it starts
00:27:48You use a weak password for your email and that gets cracked and you don't have like two-factor authentication
00:27:54Enabled and they just you know attackers can just span out from there and
00:27:58Reach all of the other accounts that you set up using that email address including your online banking account and so many other things
00:28:05but while
00:28:07The operating system can be safe. Um
00:28:10Your browser is one of the most important entry points into your ecosystem ever
00:28:15And that's often the least protected kind of piece of real estate that people have in their digital lives
00:28:22So first of all, I would like to ask whoever is listening or watching to not store passwords in your browser
00:28:28Please do not do it. They are stored in plain text. You can like
00:28:33if a
00:28:35Malicious add-on or an add-on that was not malicious but turned malicious in the meantime
00:28:40You know people install add-ons for all sorts of things
00:28:44If that turns malicious it the first thing that it'll do is it'll look for your passwords
00:28:49All of the passwords that you have saved in your in your browser
00:28:52And those are so easy to reach if you can see them. You can imagine that someone who knows what they're doing
00:28:59Is you know has a much more?
00:29:02Like it's so much faster and easier for them to reach them and using those passwords
00:29:06Well, you can guess what they're going to do next
00:29:09But do not store passwords in your browser. I've seen people in security companies do this and it broke my heart
00:29:16And I know because often often people don't
00:29:20Eat their own dog food often people even in security companies because they're still people and they're still you know failable
00:29:28Yeah, um, they will not practice what they preach and I I I am very adamant about this
00:29:35I strongly believe that you cannot be you know
00:29:38persuasive when you're trying to help other people in this direction if you don't do things yourself because you don't know how they
00:29:44Feel you don't know how to switch fields. You don't even know what kind of questions pop up in your head and things like that
00:29:50So, please don't store passwords in your browser. And second of all when you get
00:29:56You know, whatever security suite that you decide to use
00:29:59Use their browser add-ons
00:30:01They almost I mean all of the good ones have browser add-ons and they will filter the traffic coming into your browser and stop
00:30:09Malicious pages and ads and even like malicious software that sits behind infected websites that you can see and that
00:30:17Actually affects your you know your device
00:30:20Without you noticing or clicking on anything or doing anything?
00:30:25And you know the bad guys there's this
00:30:28the saying in cyber security that I really
00:30:31um
00:30:32Feel explains the entire situation quite well, which is the bad guys only need to hack you once once and you have to protect
00:30:40All of those, you know entry points to your system
00:30:43and if you're just leaving like
00:30:46Your browser is like just you know
00:30:47Leaving the door open for them or a window open like you go on holiday and leave your own window open
00:30:52Well, it's true. You're gonna have a bad time
00:30:55It's absolutely true. Especially if you post about it on social media. Yeah
00:30:59Which which you shouldn't do no, I mean it's true because though you you're using the web browser
00:31:05I mean the amount of people that use
00:31:08What I call the wrong browser, uh, but a lot of people like it, um, please don't use google chrome
00:31:15um
00:31:16I use safari. It's built in now
00:31:20you brought brought up a interesting point, but there's a this there's a distinction between
00:31:26the browser
00:31:28Holding your passwords
00:31:30And a password manager working through a browser, right? So one password is something I use there's last pass
00:31:37There's a few others. I use one password
00:31:39uh, because I've used it from the beginning of
00:31:43Them whatever anyway, um, however safari
00:31:48Even though it stores part or even though it gives you the ability to store passwords. It doesn't store them in the browser
00:31:56Because the mac has the keychain which is a secure
00:32:01password manager effectively
00:32:03So not all browsers are the same
00:32:06um, I just want to I just want to make sure that that's out there because
00:32:11Chrome does hold it in the browser
00:32:14And it does hold it in plain text
00:32:17And I think firefox also does it I mean they all do it
00:32:20Yeah, the only one that doesn't do it from what I understand is safari because it's built with the software and hardware in mind
00:32:28But it's but it's built into the operating system the keychain
00:32:32so
00:32:33Even though if you so if you're if you are using a mac
00:32:37the built-in one for safari
00:32:40Works i'm not saying safari is fallible. I mean, there's some problems with safari as well that they
00:32:46You know, they're finding but that's like bugs in any piece of software
00:32:50Um, and the other thing I like about safari, even though people think, you know, apple walled garden. You can't do much
00:32:57It's kind of to protect you but it is an annoyance as well to a certain degree
00:33:02for people who like to
00:33:04Change things and manipulate and you know stuff like that, but those manipulations like in android devices
00:33:12can be
00:33:14Exactly, right can be hacked and etc. So
00:33:18Yeah, I don't like people messing with the shit that I buy ie apple. Let me do what I want to do
00:33:24However, there's the other side of it. Whereas they're actually doing it for two reasons one for their own
00:33:31Financial gain blah blah to keep in your system, but they're also doing it because it's actually
00:33:37Safer to do it that way as well. So i'm not saying they're
00:33:41They're good. But yeah
00:33:44That that's a very good point and security is a compromise it will always be
00:33:48I think one of the most difficult things and one of the biggest challenges of our
00:33:52Let's say era and going forward is to figure out how to get security to be usable and to beat out
00:33:57Invisible layer that's built into the system, but doesn't add friction points like we have now
00:34:03When you lose your password you have to retrieve it
00:34:06You have to go into your email and go through a bunch of hoops to you know get stuff done
00:34:10But at the same time we must realize as adults that we are
00:34:15that there will be some compromises that we have to make because I feel like
00:34:20gamification and in making things super simple has sometimes led to kind of
00:34:27infantilize people they just you know, treat people like kids and not
00:34:32Not not give them, you know, the responsibility that they have security is a shared responsibility the tag that you use
00:34:40Has of course terms of use that no one reads that, you know, give you your share of responsibility and I feel like
00:34:48um
00:34:49You know, it's it's of course. It's one thing to try to make things simpler and smoother
00:34:54Uh, and you know less, you know friction
00:34:58Creating and things like that
00:35:00but it's another thing to to try to
00:35:04You know get people to feel like they don't have to do anything at all because that will breed
00:35:10Responsibility and it will breed a false sense of security that so many people live with
00:35:16Generally, and that leads to more security issues than we realize, you know people just not thinking like sure
00:35:24I'm gonna send all of these sensitive documents via whatsapp. It's secure. It says it's encrypted
00:35:31Yeah
00:35:33No, it's crazy. I mean it's it's things like we transfer
00:35:37Um, I know lawyers who send stuff through we transfer i'm like dude. Are you serious?
00:35:42I mean this is no you shouldn't do that because they store it
00:35:46And they can access the files now if it's a file sending it sending a dog picture to your granddad or whatever it is
00:35:52Yeah, whatever
00:35:54But lawyers doctors who use we transfer and and uh dropbox they're not great for security either
00:36:01the thing is i'm not a cyber security expert in any shape or form, but because being i've been in tech from
00:36:09From the age of 103 from a long time ago
00:36:13um, I know how it's
00:36:15Uh transpired and I know how to protect myself because i've always been in tech since I was like eight years old
00:36:21But uh, but a lot of people just don't get it and as you say they want the simplicity of it
00:36:27But I turn it back and throw it back at them
00:36:30So I say to them if you lose your bank card and someone picks it up and goes to the bank
00:36:38Would you be happy if the bank says? Oh, you've got the card. Yeah, no problem. This is your account. Here's your pin number
00:36:44You wouldn't be happy about that, right?
00:36:46You wouldn't because your bank is gone
00:36:49Not because
00:36:51Because you wanted the simplicity of I just want my pin. Can you just give it to me over the counter?
00:36:56You know, it's me
00:36:57No, it doesn't work like that. They have to post it to you. So i'm I want to
00:37:03advocate
00:37:04um companies
00:37:06posting your email password because
00:37:10It's never going to happen. But yeah, I mean that's where we've got to now. So yeah the simplicity of it that is
00:37:17Thing making things simple is very hard
00:37:20Right. However, it is the hardest. It's the hardest
00:37:24However, people sometimes make things or companies sometimes make things simple because it's easy for them to make it simple
00:37:31But that doesn't mean
00:37:32Security wise it's good, right? Which is exactly what you're saying and and simplicity
00:37:38If you want to get it if you want to do it, right is really freaking difficult really freaking difficult
00:37:45It is and it can leave loopholes like this one. So when you mention the bank example, there's actually a type of attack
00:37:51That preys on telecom operators inability to have secure processes
00:37:58for um
00:37:59Transferring your phone number to a different sim
00:38:02They're called sim swap attacks and what an attacker will do is that they will call your telecom with information that they can
00:38:09Easily find about you online and if your telecom provider doesn't have like strong authentication
00:38:15Mechanisms validated that's you
00:38:17You know with multiple details and if you've posted those details on the internet or they got leaked in some way or form
00:38:25You know cyber criminals can easily get those about you and they will call the telecom operator and say like hey
00:38:30Can you transfer you know this phone number to a different sim?
00:38:34And at some point, you know, you realize that hey, I don't have a signal when what's going on with my phone number
00:38:41and by the time you
00:38:43Realize that this is happening and you figure out a way to get it back and you know block
00:38:47this camera and so on they will have already used your phone number to
00:38:51Maybe get those two-factor authentication codes and log into your email or your online banking account
00:38:58And every other you know things that they can use
00:39:01Uh through your phone number which is also core part of our identity along with our email
00:39:06And you might say like hey, yeah, but I don't have that much money to my account or you know
00:39:11My like my cards are empty. What can you do with that? They can use them for money laundering
00:39:16They will use your empty accounts to transfer money that they have, you know
00:39:20Made through illegal activities like cyber crime or ransomware or a bunch of other things and you will become
00:39:28You know part of an illegal operation
00:39:31Exactly, and you can face charges and all those sorts of things
00:39:34So yes, you can be a target and be a victim even if they have in theory nothing to steal from you
00:39:41They will find a way to use you in their operations because that's what they do. That's their business
00:39:47It's easy. It's easy for them to do it. It's easy money. And this is what people don't understand
00:39:53Oh, it won't happen to me until it happens to you. It's happened to
00:39:57Someone I know very close to me. Um, he is a wife girlfriend, whatever his partner
00:40:04um called me
00:40:06He said I just got a call
00:40:08And they wanted to log into my computer. I was like you didn't did you she said well, yeah, and I was like
00:40:15but
00:40:17You know me. Why would someone else call you for a computer?
00:40:22So she was on the phone
00:40:24And as soon as they said give the credit card number she actually started reading it
00:40:30Credit card and i'm like you didn't give all of it. I said no because I thought it was fishy
00:40:34So I didn't give them the last four digits. Luckily luckily
00:40:39and i'm like
00:40:40This is I mean the person
00:40:43They they're not stupid people these people they
00:40:47I mean, you know, they're not stupid people
00:40:49But anyone could be duped this is the thing this is why these cyber criminals are so freaking clever
00:40:56That you don't expect that. I had a client who's what you just said about sim swap happened to him
00:41:03and i'm like well
00:41:04uh
00:41:05And he called me to say can you help me? I'm like, well, i'm no cyber security guy, but i'll help what I can
00:41:10Let's change all your passwords everywhere. Let's start with that first
00:41:14And we did and luckily nothing else was changed but they were trying to get into his um his bank account
00:41:22That's what they were trying to do
00:41:24Someone else called me about there. They said um, I can't I couldn't log into my linkedin and I couldn't understand why
00:41:30and what they did he had a hotmail account or something, so they
00:41:34Duped something or whatever they got into the hotmail and luckily all they did was they created a rule
00:41:41This is so clever. They created a rule that said anything about hotmail
00:41:47Ransomware, whatever just got deleted or got archived
00:41:52Automatically, so even though you could use the the the email
00:41:57You wouldn't see those emails coming in
00:42:00And what they did went went into their um linkedin account
00:42:06And sent a bunch of messages
00:42:08So they were literally just getting into the linkedin account without him knowing
00:42:13Basically, yeah, yeah without him
00:42:16It's crazy
00:42:19Yeah, the examples are so powerful because they show us that
00:42:23First of all, we can be the victims but maybe what hurts most is that people we care about
00:42:30Can become victims because of us or through us, you know using us as a stepping stone
00:42:35And we're talking about you know children have their identity stolen and their futures compromised people open up
00:42:42you know, this mostly happens in the states, but
00:42:45Because you know in europe we have a much more bureaucratic society
00:42:49Which sometimes helps us especially in terms of security. It's painful to live with it
00:42:54But at least we have that going for us, but in the u.s
00:42:57When people you know when when scammers and cyber criminals steal children's identities and they set up credit cards and loans in their accounts
00:43:05And you know you realize that your 13 year old child now has
00:43:10thousands and thousands of dollars in debt
00:43:13Exactly, and you know all like loan sharks come to your door and try to you know
00:43:18Get their money back and it just it can get so messed up with consequences that are really long term
00:43:25Even when data breaches happen, so they happen today, but their effect is cumulative
00:43:31And the more data leaks about you
00:43:34The easier it is for them to compound all this data and to profile you like really deeply and to automate attacks against billions of people
00:43:42Because that's what happens and I guess that you know
00:43:46We may be you know people in countries that don't have english as their primary language
00:43:51Were mostly sheltered up until a few years ago when cyber criminals started translating and adapting their emails and their tactics
00:44:00And making them really professional like not too many grammar errands not too many yeah nigerian princes
00:44:07Yeah
00:44:08I still get those emails. I you know, I started replying to them. This is the hilarious thing
00:44:14That when I when I was using about it
00:44:16I when I was using facebook years ago years and years ago before it became the stupid thing. It is now
00:44:22Um, I used to get lots of spam
00:44:25Messages and I was like, you know what i'm never going to stop this so let's play play with them
00:44:30and unfortunately, I didn't keep them, but they're all they were all on my
00:44:35Facebook account at the time. So I was just posting so you just play with them
00:44:39So what I started doing was reply with absolute and utter gibberish
00:44:45Like things like yes, I would like to buy your goats
00:44:48But only if one of them had three feet
00:44:50But i'm not sure if they could use a telephone because if they can use a telephone they might be able to phone et
00:44:55And it's not possible to be able to buy a bunch of corn
00:45:00and just complete nonsense and you reply and they would just
00:45:03Sometimes reply back and then you will reply again and after two replies
00:45:07They'll just leave you alone and they'll take you off the email list because that email account still exists
00:45:14But they're like, okay. This guy's crazy. So that's how I personally i'm not saying it works
00:45:20I'm, just say I have worked for me and I wouldn't recommend doing this
00:45:24But it did it did work for me
00:45:27Uh, it was hilarious fun to do sometimes it is fun to do but yes
00:45:31I also recommend like just mark it as spam and just mark it as spam email address. But yeah, we're professionals. Let us do it
00:45:40We know at least we know what we're getting into so yes, definitely
00:45:45Yeah
00:45:46It's good. It's crazy how you can really
00:45:49Confuse them, but they are really clever as you say that the language has changed the way they are
00:45:56Communicating and a lot of the times what i've noticed that because there's a lot of youtube channels that I watch
00:46:02um
00:46:03Guy called ben something he goes after the scammers in pakistan
00:46:07And india and stuff like that
00:46:09Brilliant videos because he does stuff with the bbc as well
00:46:13and
00:46:14they are so
00:46:16The scammers i'm talking about they are so sophisticated that they hire people in the country to receive the money
00:46:24So they don't have foreign accents and things like this. You know what I mean? So they can't be deemed as
00:46:31You know
00:46:32Illegitimate and stuff like this. They're getting very very clever about this kind of stuff
00:46:37It is and with all the information we're willingly disclosing about ourselves online
00:46:42We're just making it super easy for them, I mean even burglars
00:46:47go on facebook and see
00:46:49When people are leaving on vacation because they're posting their plane tickets, please do not do this
00:46:55And they know exactly like how long they're gonna
00:46:58You know not be home and where they've left and all of the other details
00:47:03And we're just making like you're inviting them into your home
00:47:07It's it's yeah, it's an open invitation so okay, let's go through this because someone asked me this my one of my first
00:47:16conversations I had with
00:47:18Sebastian actually because he was amazed that I don't use facebook. What's up? Blah blah blah all this stuff
00:47:25Let's go. Let's ask you. Do you use any of those products those platforms?
00:47:31I do not use so I I closed my facebook account years ago. Same with instagram. I
00:47:36before I
00:47:38deleted them I
00:47:40You can basically delete all of the geo tags on instagram at least you used to be able to do that
00:47:46But it's been years so I don't know if they still have that option
00:47:48But if you want to go back if you want to still keep using instagram
00:47:52But you want to like delete all of your check-ins you can go and have all of that data wipe them out
00:47:57I don't I don't use those anymore and it's been
00:48:01A massive burden lifted from my life and I work in marketing and people ask me, you know
00:48:07Not too many people because people don't understand nowadays, you know why?
00:48:11I've decided to do this. But when I when at first, you know when I first closed my accounts like years ago
00:48:17Um a few people ask me but how are you going to work in marketing if you're not on facebook like the internet?
00:48:23It is so extensive. There are so many places on the internet where you can talk to people that are not facebook
00:48:31and the other ones and yeah, I haven't been able to move like
00:48:36my parents
00:48:37from whatsapp to signal unfortunately
00:48:41I it's it's difficult
00:48:43But i've taught them like a couple of things that have stuck with them things like if you receive like strange
00:48:49Messages or see a promo or things like that send it to me first. I'll take a look at it
00:48:53I'll tell you if it's okay to click or not. So they do that which which is really good
00:48:58um
00:48:59But I try to keep my setup
00:49:03to a minimum
00:49:04so even though I have a much larger digital footprint than most people simply because i've been working in digital marketing for
00:49:11Over 10 years and it's just it is part of my life. It is something that i've done knowingly
00:49:18Yeah, and I know what I I I took extra precautions to protect myself
00:49:23but um
00:49:25I try to keep things minimal. I try to keep my let's say identity small in the sense of you know
00:49:32Not oversharing. I don't I never like to posting pictures from my home or things like that
00:49:39And I always I look at these vloggers and influencers and they're like you're just mapping out your home to millions of people
00:49:47This is not healthy in any way
00:49:50No, I mean
00:49:52The the thing I mean with with me I the only social networks I use actually uses twitter and linkedin
00:50:00linkedin
00:50:02I'll probably post my feet out of the window or something same with twitter
00:50:07But have I I mean I record in my office
00:50:12um
00:50:13So I I used to also use twitter instagram or you know, all of that stuff
00:50:19back
00:50:1910 years ago kind of thing
00:50:22but I started
00:50:25Thinking do I need to what am I gaining from it and
00:50:29Now well now but you know five years ago
00:50:33Why the fuck am I giving my details to to these these companies, right?
00:50:38um
00:50:39i'm i'm a
00:50:40I'm a strong believer in owning your own audience
00:50:44So if anything happens to any social media I can still work right because something happened to me back in
00:50:522009
00:50:53via google
00:50:54And I was like, whoa
00:50:56Work has stopped what's going on because I put my eggs in one basket, which was google ads
00:51:02Google went to evil. I stopped using them. Um, facebook went to evil. I don't use any of their products
00:51:09on a security
00:51:10point of view
00:51:12Um, it's very rare for me to post check-ins. Actually. I don't now I used to have I mean foursquare was a big thing
00:51:20Um as well, yeah, it's a huge thing
00:51:22But the only thing I posted there was i'm in my office
00:51:26Well, everyone knew my office because I had a walk-in thing. So that wasn't a big deal
00:51:31But I wouldn't post anything else or not too much and then I started realizing about this own your audience
00:51:37Why am I giving my data away?
00:51:39Then it turned into wait a minute. This is a security issue
00:51:43Not an own your audience issue. It's a security issue
00:51:47Um, but it ties in together everything ties in together
00:51:51Yeah, they do tie in together. But that's that's how I that's how I moved it from one to the other
00:51:56kind of thing first I thought about um,
00:52:00uh
00:52:01A ethics issue for me kind of thing and then I turned it into a security issue, but it is actually both
00:52:08effectively it is it is both and it affects us society-wide because right now we're
00:52:14With
00:52:15Obviously the cliche with the speed of transformation and things like that
00:52:19But besides that the societal impact that technology has now is so deep
00:52:25And it brings on so many ethical dilemmas and ethical issues. Like you mentioned that we need to fix because otherwise
00:52:34Not that we need to fix but because we're never going to be able to fix them as a whole
00:52:38But at least keep them in check
00:52:40So we don't end up living in a dystopia that we've seen in movies and it's fun when you get
00:52:46To leave at the end of the movie, but not if you end up but not in real life kind of society
00:52:51Exactly. Exactly. So I strongly believe so I don't you know
00:52:55Tech literacy and the security part that comes with that is not optional. It is essential it is
00:53:04And it's even more important for the younger generations who are born with
00:53:08Technology that don't know what the world looks like without it. We
00:53:13Have you know having been these generations that know what life looked like before the internet. We have some sense of
00:53:20let's say a different understanding of
00:53:22Social relationships and things like that and interaction and what's artificial and what's authentic and things like that
00:53:30And I think we have a stronger radar of knowing when things like really drift from
00:53:36You know, they they become like really divergent with what is healthy
00:53:40um
00:53:41But kids don't have that they were born
00:53:43They think this is normal to be constantly connected and like you mentioned at the beginning of our conversation our brain our biology
00:53:51Has not evolved to keep up with these things and that's why we're dealing with so much anxiety and so much pressure
00:53:58And lord i'm just happy i'm not a teenager in 2021
00:54:02Oh, wow
00:54:03Sucks
00:54:05It does suck. Yeah, I mean, um
00:54:08The thing is
00:54:10I'm, so lucky that I was born back in the 60s
00:54:13late 60s
00:54:15That I could go outside and play with sticks and not worry about
00:54:20There's some you know, is there a like waiting for me? Is there a heart waiting for me? Did someone?
00:54:27Did my stick playing go it go viral or whatever? I'm, so glad of that because yeah
00:54:34Because we we shouldn't care about that and that's not how kids people forget kids
00:54:40That's how people shouldn't be living. We're living in a society where we're waiting for
00:54:47Confirmation of what we're doing rather than actually doing what we need to do, which is live our lives
00:54:53Our life shouldn't be dick, I mean, you know, I have this thing where life should be sorry
00:54:59I have this saying where basically work should be incidental to life and life shouldn't be incidental to work
00:55:05And social media now plays a big role to that because life should be the main thing
00:55:11So social media should be just in a play thing. That's incidental
00:55:17it shouldn't be your main focus and but people in
00:55:22Influences and I fucking hate that saying but influencers have created this
00:55:28like you say this this
00:55:31Vision of how the world is which isn't true, which is basically like adverts and magazines that there were
00:55:39Restrictions on those things and I think restrictions should happen on the internet to a certain degree as well
00:55:47The thing is the internet
00:55:49You know, I was there at the beginning
00:55:51As well, and it was such a beautiful thing. It was like wow, I can send this file to my friend
00:55:56I can tech I can what I can do this now instead of sending a letter. This is awesome
00:56:01And it's turned into this closed
00:56:03System where these big tech companies have basically said this is my area
00:56:08This is that you know, this is my area and they've changed the landscape of what of what the internet
00:56:15Was supposed to be
00:56:17and I wished
00:56:18And I I really do wish
00:56:21or wished that
00:56:23Tim berners-lee
00:56:25Did charge a nano cent every time someone used www not for the money
00:56:31For him because he didn't want that
00:56:33What he wanted was the world wide web to be free and open
00:56:38unfortunately and
00:56:39Not blaming him
00:56:41He didn't charge for it because he wanted it to be open. But if he had charged for it
00:56:47that money would have gone into
00:56:50Not the crap that we have now
00:56:53the education
00:56:54the the
00:56:55Different kind of infrastructure the lawyers, etc, etc
00:56:59He would he would be the richest guy on the planet basically if it uh, if that happened, but then again
00:57:05Would it have been would the internet be as big as it is if he did do that?
00:57:10Because then some people probably not probably not that's that's a different timeline and I think that it is
00:57:17It the internet I still think about you know, you mentioned, you know
00:57:21Just being able to play outside without any kind of afterthoughts whatsoever
00:57:26I was in college and I didn't have a smartphone in college and it was the best experience. I did not feel compelled to check
00:57:34Anything and I I gave a class
00:57:36At a master's program like two years ago in person and 80 of the kids were staring down their phones
00:57:43They're like this because it was the first time for me like doing this in front of students
00:57:48I could not muster up the courage to say like, you know what if you don't get off your phone get the fuck out
00:57:53Because i'm not taking this. Oh, I wish you did. Oh, I wish
00:57:56Yeah, I wish I did as well
00:57:58But if i'm gonna do that again, if that happens again, I promise that I will tell record it record it
00:58:04It'll go viral. We'll make it go viral
00:58:07Oh, no. No, I do not want to go viral. Please do that
00:58:11But yes
00:58:12The the internet is a magical thing and I still appreciate it so much because because of the internet and and because of you know
00:58:19Due to twitter, which I love it's my favorite social network. I've met the best people there
00:58:23Yeah, we're having this conversation now and it's just it's changed my life in so many ways
00:58:30It's made me a better person in so many ways, but it also scares the crap out of me
00:58:35because I feel like things are are
00:58:38Had we're we're losing control of things
00:58:41And we're losing control in the sense that too much power is in too few hands
00:58:46And that's never good for anyone ever and what tim berners-lee wanted to do with the internet was avoid
00:58:51specifically that to keep the internet free and decentralized and and you know
00:58:56independent of political control
00:58:59But as the humans that we are as the species that we are politics always get greed everywhere
00:59:06Greed it's greed. It's it's not just politics. It's more to do with greed
00:59:11It starts with greed and then turns into politics and it's always greed doesn't matter what country you're in doesn't matter how high you are
00:59:19It's it's you know, my balls are bigger than yours and I want more money and it's greed
00:59:23That's that's basically it and and that's the unfortunate thing
00:59:27But anyway, um, hey, this has been an awesome awesome chat. I'm definitely we're gonna definitely gonna do this again
00:59:35Especially if
00:59:37Especially if you record the get the fuck out my room
00:59:42We'll talk about that
00:59:44Definitely as well. But hey, honestly, it was a great chat
00:59:48Time flies because I can't I can't believe it's been an hour already. But um
00:59:53When you enjoy a chat the time time flies. Hey again, thanks again. So true. Have a great day
00:59:59And i'll talk to you soon
01:00:01Thank you, thank you too
01:00:02This has been incredible and I feel like this renewed sense of energy and it is so nice to talk to people like fighting
01:00:08The good fight and trying to help others
01:00:10I think that is one of the best things that we can do with our lives in general. So thank you for this
01:00:15Absolutely. Awesome. I'll see you on twitter
01:00:19Yes
01:00:20See you later. Ciao