encryption laws

Will Turbo Turnbull head to the polls early? Guy Rundle’s short musing on the idea prompted quite a few comments yesterday, from the supportive to the skeptical.

On a looming election

John and Jeannette Gleeson write: Malcolm should call the election as soon as possible, to either give the electorate the chance to kick the useless clowns out, or reinforce an increasingly authoritarian, discredited market economics government for another three years because then the electorate will well deserve what they get, due to their indifference and apathy.

Frank Ward writes: I am certain that the Turnbull government is going to the polls early because of the rate of government advertising on television during the big sporting events over the last weeks. Whilst in could be said that it was in regard to the Super Saturday but I cannot remember such a blitz for by-elections before and I have been around for over 60 years of politics. As you state, if he gets a fairly reasonable result on Saturday he will go as you say so he can get first cut of the party’s finance.

On security digital privacy

Rob Pickering writes: As a technology professional (along with being an information security professional) I don’t agree with the assertions that he makes (in Comments, July 24) in his response specifically about two factor authentication and my concern is that people reading it may not follow good practice as a result of it.

For the avoidance of doubt, two factor authentication works on the premise of “something you know AND something you have” rather than just being the old hat way of knowing a password, you also need a one time pin to access a site.

Taking someones mail, without knowing their password and to which service that password is for is useless — much like having a password without having the phone registered as the second factor (to get an SMS) is also useless — this in inherently more secure than just having a single factor of authentication.

There’s a lot of misinformation spread about cyber security in general but in the interests of balance, I’ll give you the five best things you can do for your online protection:

  1. Update your software (and hardware): No, seriously, when you’re prompted to do it, do it immediately and preferably set your devices to auto update where they can. It’s so rare nowadays to have failures in devices because of an update, but it’s certainly happens less often than peoples devices are compromised because of software vulnerabilities. Also, turn on the inbuilt Windows antivirus if you’re running Windows — it’s not the most amazing product on the market, but it’s better than nothing.
  2. Implement two factor authentication on your most important accounts: At a minimum for the email address that you join everything with (your primary email address) but preferably for all services that support it — particularly anything financial or sensitive
  3. Have good credential hygiene: that’s to say, be smart with your passwords — don’t make your banking password the same as the password you use to join the local grocery stores home delivery (which is more likely to have its server compromised and your credentials leaked) — in fact, try not to share passwords at all between sites. A much better idea is to use a reputable password manager (LastPass, 1Password are a couple of choices) and have unique passwords for each site that you login to. If you’ve got this tool installed it will automatically prompt you when you use a password to save it to your vault and then you can forget about it from then on. A smart idea is to employ tip two on the password vault as well and make it two factor for an extra level of safety with a unique and challenging password.
  4. Stay away from the ‘bad’ parts of the internet: Novel, I know — but the torrent site that you go to in order to download the latest TV show makes its money off dodgy affiliate ads with largely nefarious people that often come with a side serving of malware aimed at stealing data. This is leaving aside the matter of supporting the creation of content so that we can continue to enjoy it well into the future — Apple Music/Spotify is $12 a month, Netflix/Stan is the same and you’ve got more content than you could ever watch/listen to. If you REALLY must go to these sites, then employ a pop up blocker — uBlock Origin is pretty good and does a decent job of keeping the bad stuff away from you but I certainly concur that sites that are supported by advertising miss out on this revenue if you do this as well.
  5. Backup your stuff: We’ve now moved to a world where most people’s most precious things are stored on their computers — so in case you have a problem, retaining a backup of those irreplaceable photos is pretty key. You can use services like iCloud or Dropbox on your phone, or something like Backblaze or Time Machine on your PC/Mac, back it up to the cloud somewhere, secure that with my suggestions above and even if you lose your device, have a hardware issue, or have an infection, getting your data back will still be possible and that’s what matters.

Whilst this sounds like a lot of work, it’s really not given what’s at stake: data, privacy, finances and in some instances, reputation and is largely setup and forget. Take an hour on a Sunday to do this and you’re set for life.

What do you make of today’s edition of Crikey? Write to us at [email protected] and let us know.