A Defensive Computing Checklist    by Michael Horowitz
HOME | About | Domain Names | VPNs | Rules of the Road | DC Presentation | ChangeLog | Stats |

EXTRA CREDIT

MOST IMPORTANT CARDS/PAPERS

Take pictures of your most important cards/papers and keep them both secure and available. What cards/papers? For example:

  1. Drivers license
  2. Medical insurance cards (in the US at least)
  3. Birth Certificate
  4. Passport
  5. If you own a car, your automobile registration
  6. In the US, a Social Security Card
  7. For older Americans, a Medicare card
  8. For a time, a COVID vaccination card was in this small group
  9. For a homeowner, pictures of their home for insurance purposes
  10. Maybe credit cards? If for nothing else, to have the phone number to call when the card is lost/stolen
  11. etc. etc. etc.
A photo (front and back) is not as good as the original card, but it is waaaaaaay better than nothing.

It is important to keep these photos secure because they would easily lead to identity theft if a bad guy got ahold of them. But every coin has two sides, if they are stored in an extremely secure manner, they may be hard to get at in an emergency. One suggestion is to store them in a password manager on your phone and/or on a computer. I would suggest not using that password manager for anything else and not using its master password anywhere else either. These pictures are the key to our personal kingdoms.

Personally, I make one encrypted and password protected file out of all these photos and store that file both in my home and in the cloud using a secure storage provider, one of those listed on the Secure File Storage page.

Still another tactic, for anyone with an all-in-one printer/scanner/whatever, is to simply make copies of these important cards/papers. Where to store the copies is a matter of opinion, but certainly keep them somewhere other than where the originals are kept.

ASSORTED STUFF

JUICE JACKING

USB cables normally carry both data and electricity. Data can be a problem, as it is an avenue through which a device can be attacked. The attack is called Juice Jacking (maybe Juice-Jacking) and the potential danger was first raised back in 2011. There are multiple defenses (see below) but the most commonly suggested defense is a USB cable that only does power. These cables go by multiple names: Power-Only cables, Charge-Only cables, USB Data Blockers or a USB condom.

  1. This excellent article USB Data Blocker Teardown (Aug 2020) explains three different types of USB data blockers.
  2. For an intro see How to Protect Yourself From Public USB Charging Ports by Chris Hoffman for How To Geek. August 2018.
  3. Protect your data with a USB condom by Adrian Kingsley-Hughes for ZDNet. April 11, 2023. With two different popular types of USB ports, you may need multiple USB condoms: There are: USB-A-to-USB-A, USB-A-to-USB-C, and USB-C-to-USB-C.
  4. Adafruit makes the PortaPow USB condom
  5. SyncStop also sells USB cables/adapters that only do power.

There are a number of other defenses too:

  1. Obvious: Rather using a public USB cable, plug into an electric outlet with your own cable and adapter
  2. Obvious: Use your own portable charger/battery
  3. Get a charge in your car, if possible
  4. If you are desperate, Brian Krebs suggests that a phone is much safer if its powered off. This from his April 14, 2023 article: Why is 'Juice Jacking' Suddenly Back in the News?

The Krebs article was one a number of articles in April 2023 that asked just how likely such an attack is. It was probably the best. Another was: Actually, Charging Your Phone in a Public USB Port Is Fine by Heather Tal Murphy for Slate. April 13, 2023. Despite the click bait headline, the article does recommend using a USB condom. It is mostly a takedown of how the tech press works. It says there are no known instances of a phone being hacked due to plugging into a public USB port. Still, this assumes that installing malware on a phone is the only danger and ignores the issue of files that might be visible over the data connection - files that can be copied and thus leave no trace on the phone. The article also says that new Android and iPhones ask whether you want to share data or charge only when they plug into a USB port that is set up to capture data. Of course, a victim can answer the question wrong. And, the articles does not not define "new" so its not clear when this feature was added.

 

 This page: 7 views per day (over 413 days)   Total views: 2,712   Created: April 13, 2023
This Page
Last Updated

October 15, 2023
Site Page
Views TOTAL

 910,897
Site Page
Views TODAY

  790
Website by
Michael Horowitz
@defensivecomput
top
Copyright 2019 - 2024