#newinternet101

How Dark Patterns Can Trick You Online

What’s a “Dark Pattern”? It’s an eye trick to make you do things that you didn’t really ask for when interacting with an interface.

Ugh...

... before I say anything like “unsubscribe”, I’m going to say that I’m one of the many people that probably don’t read the privacy part of the Terms and Conditions (or basically, the terms and conditions). 

Maybe it’s time we start trying REALLY hard to look into free services and how they use the data. Every company (ESPECIALLY Tumblr) uses data to help with the development of their offerings and showcases to advertisers. 

I don’t think most of us have a problem with showing what they are doing with our data as long as they don’t do anything bad with it. But what’s bad? What're the limits here? How can we be sure that a company is following the rules?

Even Lifehacker suggested them and each app goes through a vetting process!

This should be kind of obvious, however, I seen people done this on COUNTLESS demo devices to the point where it’s not really obvious.

But you shouldn’t log into your accounts (any of them) from another device with the exception of using them to recover a lost/stolen device. However, there may be times when you need to log into your account and thus, leaving yourself open until you log out.

Okay, how about the times when you know to do this, but you forgot to log out?

Don’t worry, there are ways to force yourself to log off of remote devices assuming that you log in using a service capable of doing so. (Keyword: “Active Sessions”) Here are some examples:

Gmail / Google Account - https://support.google.com/mail/answer/8154?co=GENIE.Platform%3DDesktop&hl=en

Tumblr https://unwrapping.tumblr.com/post/135680081562/active-sessions

Facebook - https://www.facebook.com/help/211990645501187?helpref=faq_content

Outlook / Microsoft Account - https://account.microsoft.com/devices

Twitter, Linkedin, Yahoo... um... funny story. 

Years ago, plugins such as Java and Flash were needed to run websites. However, as time goes on, hackers and others started to run exploits within both programming languages, making it easier to get information from your computer or run viruses at worse, or at best annoying you with ads. 

These days, most of the web do not need Flash or Java. Chrome, Firefox and other Internet browsers are depreciating Flash and the Java plugin, making them optional to run. Go one step further and simply don’t install it.  

You’re not missing much if you don’t install one or the other. Mobile devices don’t have them as an option and the web is becoming “mobile first”, so you keep that in mind if asked by a site to enable it. 

Read More:

http://isflashdeadyet.com/

https://www.tripwire.com/state-of-security/security-data-protection/the-upcoming-death-of-the-java-plugin-has-been-announced-no-flowers-please/

If you got more than one iOS device and/or an OS X Machine, you probably get annoyed every time a notification pops up, ringing all the devices. Since it can be a privacy issue, you may want to control that.

Lifehacker has a guide on how to do such: http://lifehacker.com/how-to-prevent-imessages-from-accidentally-appearing-on-1794255706

True or False: SMS messaging is secure.

If you answer “true”, time to guess again. Forth Amendment aside, police and other mischievous sources can pull signals out of the sky. (And police can do it without a warrant). They can also get text message data up to 180 days legally without a warrant, among things.

SMS is an outdated technology that is easy to access and spoof (look at all the free SMS services). So, the best thing to do is to use a service that offers end-to-end encryption (this means that the people you want to have a secure conversation with should have that app as well).

So, what most people recommend for end-to-end secure chats?

Whatsapp. 

It’s automatically set with encryption on by default. You can also use it on your desktop (when synced with your phone). 

The second best is Facebook Messenger, that offers an encryption feature as well, but is limited to your device you start it on (example, you start on a desktop, it’s not going to carry it to the phone), making it a bit harder to use. 

iMessage also features encryption, however, you can only talk to people that have an iOS device. 

If you rather have an open source messenger, then Signal would be your best bet. They also offer a desktop client (you need to install it on your phone first, like Whatsapp). Signal is actually more peferred over Whatsapp as they are owned by Facebook, while Signal is independent.

You’ll noticed that I didn’t mention other services, not even Google’s Allo. While Allo does have secure chats, it’s probably a lot harder to use than Facebook’s!

Another thing to keep in mind... while messages maybe encrypted, the meta data still can be read (on your phone). So, security first!

WIll SMS become encrypted? Since carriers are doing battle to see who can offer the best experience... don’t bet on it. 

Read more:

www.whatsapp.com

www.messenger.com

https://whispersystems.org/ (Signal)

I’m going to be doing a series of tips/tricks for you to be fully aware of what’s going on in cyberspace. These tips are meant to be brief little tidbits that are digestible, informational, and can help you be safer online.

Each tip will also have a link to sources.

I’ll make the tips with a tag called #newinternet101 and every once in a while, update a page with a masterpost leading to all the tips.