SCCCCyber: May 2018

Monday, May 28, 2018

Getting a lot of privacy policy emails and notifications?

Even on your refrigerator?

GDPR might be to blame.

The European Union (EU) passed the General Data Protection Regulation (GDPR) in 2016 with two years for companies with EU residents to comply. The regulations require companies to reveal to customers what personal data is collected, how it is used, and their policies concerning customer data.
Most existing policies before the May 25, 2018 deadline did not have that level of detail. So policies had to be changed and customers notified. Thus the recent emails, postal mailings, splash screens on web site visits, and acknowledge buttons before you can access your accounts.

I have touted the advantage of creating and maintaining an accurate inventory of accounts. These GDPR notices can help with that task.

Some sites and services now offer means of revealing the data they have collected on you via the account(s) created on the sites.
This is a good thing for gaining knowledge of the data collected.
This can be a bad thing if someone can convince a site they are you and can then view that data.

This will take some time to play out now that the regulation is in effect.
An advantage besides reminding you of all the accounts tied to your current email addresses: sites with customers resident in EU countries collect less data. Using a Virtual Private Network (VPN) with an exit point in an EU country gives less advertising, uses less tracking, and thus faster page loads.

Sunday, May 27, 2018

What you can do for your country, the world, and yourself

Defending your home network starts with configuring and maintaining your home router, wireless access point, network devices, and PCs.

These actions may become even more important this weekend.

I have scheduled a class "Securing a Home Network" to cover these topics, but wanted to get this information out now.

If your home router is infected, rebooting clears the infection from running memory. Cycling power clears the memory image. If your router is/was infected - it can be again.
If you use the router's reset button or function, all custom configurations may be lost.

Before the power cycle, note any/all configuration settings. DNS servers, any MAC filters, and others.
Make sure you can login to your router before the power cycle / reboot.
Take this opportunity to change the Administrator passphrase to a stronger passphrase.
Check with the router vendor for the latest firmware. Update the firmware if newer versions are available.
Change the access to disallow remote access unless needed.

Friday, May 18, 2018

Windows Administrator Account revisit

I have stated that doing day-to-day tasks with an account without administrator rights and privileges is a way to avoid or limit the damage malware may compromise your windows PC.
Some have countered that they have been using an account with administrator rights and have programs, settings, favorites, and other items tied that account.
A way to keep those settings and accounts together and have the account not have administrator rights and privileges is to demote
the existing account.
Before you begin you will need to have another account with administrator rights and privilege. You will also need to know the passphrase for the surviving administrator account and have that account enabled.
Use this blog post to create the local account and enable administrator rights and privilege if you do not have one available to you.
Note: If you attempt to demote an existing account without a surviving administrator account the system will warn you.
To demote an account:
From Cortana search box or other means bring up the Control Panel.

Select User Accounts

Select the account to demote. I will demote the local Surface account.

Now use Chance the account type

Use the Standard radio button, click on the Change Account Type button.

Verify the account is now without Administrator rights and privilege.
You will need to verify you can use a surviving administrator enabled account.
Then logout of the demoted account, login to the demoted account, and verify your settings, programs, files, and other items associated with the demoted account are as intended.

When using the demoted account if you need administrator rights and or privilege to perform a task, you should get a User Access Control (UAC) popup box:

Supply a surviving administrator account's name and passphrase to continue.

If you get a UAC popup without and known action on your part, having demoted your account's administrator rights and privilege may have saved your machine from further compromise.