Citizen - Somebody is watching you! Security Guide – Part I, Language Version: English E-Book

Citizen

Somebody is watching you!

Security Guide – Part I

Language Version: English

LOUIS MELLOY

Contents

Preamble

Chapter 1

Analysis Part 1 – Motivations

Analysis Part 2 – You

Analysis Part 3 – Environments

Chapter 2

Understand Part 1 – Inform

Understand Part 2 – Society

Understand Part 3 – Conditioner

Chapter 3

Sort out Part 1 – Get an Overview

Sort out Part 2 – Exceptions

Chapter 4

Prevent Part 1 – Stranger

Prevent Part 2 – React

Chapter 5

Improvement – Redumize

Letter Example

Table Marketer

Related Links

Closing Marks

About

Paperwork

Imprint

Preamble

Even though information technology is part of my daily work, it feeds me and I can gain a lot of positive things from it, I still have to admit that it is also something that is most abused and least understood!

Already in 1981 I started to deal with personal computers. I have worked and taught in universities and many large well-known companies on a wide variety of IT-Areas and Topics.I also participated in a project in government institutions and created a concept for rights management. From about 1996 I shifted my curiosity more and more towards IT-Security Internet and Data Protection. In the meantime I have worked in well over 100 large IT-Projects as a Consultant, Manager and executive hand.

My decades of experience are based on actual experiences from all the projects in which I have been deeply involved in the matter as a planner as well as a leading player.

Gradually I noticed more and more that IT-Departments as well as private individuals, handle their own data as well as with the data, of their fellow human beings and colleagues very carelessly or irresponsibly. That’s why, after all these years I decided to write this book.

I am confident that you will understand my words and will also be able to benefit from my words. With these book I address myself not only to certain people, but to all those who have lost sight of their rights and security in the rut of the Internet and data mania, and thus help profit-oriented data marketers to more and more wealth and power. This book is for anyone interested in what their privacy is like and how to restore their privacy, even if it becomes a longer way to reach an acceptable state.

The current problems exist globally and not only regionally. We all need to protect ourselves from the loss of our data and privacy, because someone else doesn’t! I don’t write just for the European Union, America, or any single country.

We all have the same problem with our security, the protection of our data and our privacy. This certainly differs somewhat from country to country, but we all have the main problem. However, there is one big difference, the location of the main players!

The entire world population will suffer more and more in the coming years as a result of the permissive throwing over of private matters. This will have many serious and very negative consequences for everyone. The bad thing about it: Most do not realize the dangers hidden behind it. Without this collected data from all the people, such global acts by the rich and governments are not possible.

Gullible or gullible people leave all their freedom on the Internet by revealing their most intimate secrets. This intimate and private data of millions of people is exploited for profit, profiling, marketing, manipulation and persecution by some profiteers and governments.

If we all have no more secrets, because everything about us is evaluated and can be seen online for everyone, then it is high time to change something. We must learn not to give something of ourselves to everyone, without thinking.

Always remember: there is nothing for free!

We must learn, that not everything that is declared as such, or that everyone claims to be harmless is harmless. No government and no one within it is entitled to regard people of the people as inferior, to do everything possible with them for the sake of profit. The task of a government should be first and foremost, to protect the people. Unfortunately, this is less and less the case.

In the many years of my work as a consultant and IT-Manager, I have seen and experienced a lot. I saw and see (many times) how companies store all their knowledge and internal processes, without thinking online, and in a cloud with strangers. Business people translate confidential documents online via Google Translate or other services. Signed business papers as well as drafts. Many people I know write down everything they do on a daily basis, on so-called social media portals, and send private photos and other confidentialities via these digital lines. I see again and again how access accounts of thousands of employees and their passwords to strangers, are synchronized in a cloud. When I ask why this is being done, I get answers like: We have to trust them.

Such statements show me that something is wrong!

Individuals and business people alike store vast amounts of confidential information and data on online storage and on systems in cloud environments, such as DropBox or Google Drive. It’s one thing for individuals to do it, but quite another for companies and people who work in Information Technology and should know better. It shocks me again and again that neither one nor the other cares about data protection.

Many companies today are bankrupt and destroyed because their bosses and employees trumpet everything on the Internet or store concept papers online. Just think of COVID-19. All this is only possible with data!

Ask yourself the following question: If a friend asks someone else for their credit card why doesn’t that friend give out their credit card, but on the Internet or at the hotel reception without hesitation?

Do we trust strangers more than our friends or family?

You should answer this question honestly!

Almost everyone shares more information with others on the Internet than they ever would in their own home. Millions of people communicate more on the Internet than with their partner. Certain people take advantage of this condition for a variety of reasons. The main reasons, however, are always money and power!

I see more and more online services trying to trick others into transferring their data Online. Be it for e-mail accounts, social media, surveys, so-called free digital downloads, music forums, wayfinders and thousands of other offers of questionable websites. We are supposed to convert audio, video, texts, scores and much more online and upload them to strangers systems. There are hardly any programs left for offline use. Once we are used to storing data on the Internet, we get more and more used to it, ask fewer and fewer questions and think less and less about, why this is not a good idea.

Is that freedom? No, it is dependency and the exact opposite!

This online behavior become so familiar and intimate that we feel like it’s our family?

At the moment very few people see that they usually have the enemy in front of them: the wulf in digital sheep’s clothing.

Business and very intimate confidentialities are stored in e-mail inboxes, whose user should know that the operators view and evaluate the content. Everything, the text and appendices in it!

As soon as we send photos, documents, love letters … on systems of foreign owners, other unknown persons have access to it, and we are no longer master of our own data!

Even though many say: They don’t care what anyone else knows about them and they have nothing to hide, I’m sure this is only said out of lack of thought and ignorance, or because nothing bad has happened to these people, yet knowingly because of data misuse!

For private individuals without much knowledge of information technology, such statements can still be understood a little bit, but for Administrators or IT-Managers and people from certain professions, this is more than irresponsible.

Put simply, such people are out of place. It is not only about ourselves but also about future generations. It’s about our children and their children! If everyone knew what was really happening with all the data, with their own private information, the same people would never make such unacceptable statements again. By participating so many in this evil game, many are compromised, who have to fight against it again and again.

In general, there are healthy and unhealthy rules of conduct. Leaving data and information about yourself and other people on the Internet, is one of the worst ever. With this book, I want to enlighten and warn people. Shake them up, and make them think a little more when it comes to security and privacy.

This is the first guide entitled:

Citizen – Somebody is watching you!

I chose this title because, that’s exactly what happens to people: they are observed by others for specific purposes.

I also believe that citizens must be protected. On the one hand, protects against e-commerce (mainly from the USA), on the other hand, against legislators who do not want, or cannot protect their own citizens enough. Thirdly, from people who presume to be able to plan the world and who count themselves among the Elite because many people trust them blindly. This is exactly what has given them material wealth, which in turn is the reason, why all other citizens are only a number in their account, and are regarded as sheep to be sheared and slaughtered.

Only a few people incapacitate and disempower millions of their fellow human beings, and hardly any of those affected understand this or defend themselves. Governments and victims even support this through many of their actions!

Furthermore, these companies encourage cybercrime in one way or another. First and foremost, however, by the fact that their IT Environments and systems, are often not secure against unauthorized access. Again and again, there are reports about it. Over hundreds of millions of stolen records or identities due to a data breach, or misconfigured services, year after year. I have compiled examples in the appendix, and tons more can be found on the Internet on this topic.

Whether it’s the GDPR or,as in the US the CCPA compliance or the rights of citizens in America, Asia, Oceania or Europe: All citizens have rights that should be exercised. Above all, however, these must be known! I encourage you to take the warnings in this book seriously.

Of course, everyone has to decide for themselves what he or she is willing to do for his or her privacy, and what not.

Far be it from me to decide for you, as the e-commerce giants do every day. My hope lies in the hidden reason of those who do not want to be used as a puppet by others. This book is to be understood as a guide. What you make of it is up to you alone.

In many places you will find examples, tips or countermeasures on specific things and topics. Some text sections are to be under-stood as thought journeys (as I call it), and are then marked with THOUGHT JOURNEY. In a sense, I want to scare you, wake you up. Let me show you different scenarios and call a spade . Perhaps you are one of those who always say: I have nothing to hide. Then I hope to be able to change your mind through these pages, and improve the security of all of us a little.

In this sense: informative and effective reading!

Chapter 1

Analysis Part 1 – Motivations

Let’s start with a few questions!

Everyone should ask themselves questions like these and find a meaningful answer.

Who, how, what, where, why …?

First, we need to analyze a few things to understand what’s happening around our data. In the foreground and pivot point is the human being. Then follow technology, rights and obligations, laws. People are, of course, the most important part of everything, because that’s what we’re all about.

Why?

The question of why can be answered the fastest: Money, profit, power and manipulation.

Who has data about you?

Which person, public institution, company, office …? Did you voluntarily provide personal data, or did the owners get your data in another way? If so, have you been informed beforehand?

Why does someone have your data?

Does he have to possess them due to laws, because you have shopped, perhaps had a membership card created, or are your data there for no apparent reason?

In the case of business activities, it is usually the case, that authorized storage and processing of your personal data is only permitted, if a business action has also been taken. If this is not the case, most companies are not entitled, to hold or even process your personal data.

How exactly did they get your data?

The last question is one of the most important of all the previous ones in this section. For the simple reason, that the solution is behind, how easy, or difficult it is for others, to get your personal data.

Have third parties shared your data?

Is there possibly a leak in the form of chatter bags or break-ins at companies?

Are you the chatter bag yourself?

Do you have a virus on your electronic device?

Or are you all too willing to share your information when someone asks you to?

Let us do a short journey.

THOUGHT JOURNEY Start

Through attachments and links from emails, you have computer viruses on your device. These viruses have a mechanism to send a message to all contacts in your address book in order to spread. If a recipient opens one of these e-mails and the link or attachment contained therein, a virus (program) is installed, which causes further damage. This virus transmits data and information from your disk to the attacker. Or the perpetrator gains access to your device, via an installed tool, and takes what he can. That’s what the thief does as long as he doesn’t get noticed, and that can mean years!

Thieves all over the world now have your confidential texts, private photos etc., and resell them, or use your data in various ways to enrich themselves. You leave your internet-connected electronic devices on, day and night, making it easy for attackers to connect to your devices at any time. Smart TV, Amazon doorbell, Smartphone, tablet and countless other ways to access the Internet and to access your home to outside. Criminals know what time zone you are in, and infer when you will sleep. Thus, the data source can be cleared out in the middle of the night in peace. By accessing your notebook, the enemy controls this however he wants. He activates the webcam, and now inspects a large part of your home and your activities. The notebook stands with the display open towards your bed. Your enemy can now watch you sleep or else on the other side of the line!

As a data subject, you have no idea about these processes, no appropriate protection or the necessary experience to protect yourself from such activities. You don’t think anything of receiving e-mails with links from friends, which is why you click on those links. The burglar has now eaten up with you, and keeps coming back, as long as you don’t do anything against it. After your devices are infected by viruses, they repeatedly establish connections to the attackers’ systems. Stealing your data, takes place in this way over a long period of time.

Over time, you give your involuntary communication partner a lot of intimate and confidential information, photos, documents and passwords. Data about your children, your financial situation, what you will do soon, where and when you want to go on holiday in the form of diary, tables, booking confirmations etc. Thieves who are not too far from your home, decide to pay your home a visit. No problem for the enemy, because he knows your habits, your finances and everything else about you!

END OF THOUGHT JOURNEY

Utopia? No, not at all. Such things happen every day!

This can go on for weeks, months and years. There is also malware that logs and transmits your keystrokes. But not only do these log keystrokes, Facebook and other services also, do or did so.

Summary:

People among themselves are often the weak point in terms of security of their own, and other people’s data, as well as in dealing with electronics and the Internet!

Your behavior should be no different in your job than in your private life, when it comes to the permissive disclosure of personal and confidential information. Likewise, the protection of your electronic environment against theft and insight. At your workplace, you have to countersign various documents, that are often not properly read or understood, by you as an employee. These documents often deal with your personal data, and your signature consenting to unconditional processing. Often there are texts in such documents, which completely remove you as the owner of your personal data from your property!

Before signing such documents, you should read them carefully, understand them, and always claim a copy of them. Depending on how you take care of and are concerned about your private information, this can lead to much of it becoming public without you (the original owner) knowing or suspecting about it.

Just like individuals, companies (before anyone else) don’t want trade secrets to be made public. This is paradoxical, as most companies store a lot of data in a cloud, and thus achieve exactly the opposite, but that’s the way it is. It’s even worse when someone sells other people’s data!

It is by no means uncommon for employees at insurance companies, health insurance companies or elsewhere (apart from Google and the like) to sell customer data (own experience!). But there are also break-ins in healthcare systems, in Datacenter, in hotel chains, where large amounts of customer data are stolen. Online, of course!

Hardly anyone bothers to go anywhere on foot, to break in and get data, as it is much easier via the electronic way. Not least because many IT-Environments are poorly maintained, and not sufficiently protected against attacks. Whatever the answer may be, who, how, what …, on the one hand the reason is always lack of knowledge and trust in the wrong place by the original data owner, and on the other hand there is almost always profit!

If you have a virus (or several) on your electronic device, it’s time to take care of good protection. Do not buy the first thing right away, but first inquire about it, and also obtain information about the manufacturer. Just as others have been doing with you for a long time, you are now doing it with the manufacturer of the virus software. Unlike him, you are a private person. The manufacturer of the virus program runs a company that wants to make a profit and therefore sells something. That’s a very big difference!

Antivirus software also transmits data to the network. In addition, the manufacturers of this software collect information from its users. Partly to check the correct functioning of his program, partly to collect information about using customers. However, installing an antivirus program is not enough to protect yourself from malware from the Internet! (A separate guide will follow soon.)

To answer the real question, of how it comes about that you have viruses on your device, the source must be found!

Do you get viruses through social media platforms like Facebook contacts?

By e-mail?

Google drive or Dropbox? …?

From someone you know personally or a stranger?

You may have recently received e-mails from a new contact with links that you clicked to download something, such as photos. At least you thought there were downloadable photos behind it, but in reality it was a virus.

Whatever the reason was that gave you the virus. Figuring this out is very important for your security, privacy, and learning curve to broaden your horizons. Just about any software installed on your electronic devices sends data to the manufacturer as soon as there is an Internet connection, more often than you think. A distinction must be made between which of the programs used must send data, so that it can function properly, and which does so, without it being necessary or even appropriate. A company that combines data to evaluate its software, in order to improve it, does not need any personal data of the user!

For software development, it is helpful to evaluate many different combinations of hardware and software installations:

Is the function guaranteed?

Are error messages generated?

Which operating system is used?

More about this is superfluous and should be assigned by you, to the category data collectors and thus sorted out.

Whenever your data falls into the wrong hands, there is a very high probability that it will be misused, and/or sold without you knowing about it. To find out, who is processing your data, you just need to know who owns it. Anyone who stores data about you is 99 % likely to want to process it, and somehow monetize it. Electronic goods that we voluntarily hand over to others, are usually not recognized as value. However, data always has a value, that has a different number for everyone.

If you order something on the Internet and provide your address, telephone number, credit card number and other information about yourself, then do so of your own free will, unless someone holds a gun to your head at that moment, and forces you to do so (joke on the side).

In most cases, these shops and markets have general terms and conditions and other writings on the Internet, in order to take away from you, from the outset the decision of self-determination as to what may continue to be done with your data. Very few citizens have the muse to read through all these documents when ordering and before shopping. This makes it easy for data collectors to obtain, process, and sell this valuable asset of others when needed. Especially since they receive a lot of it, and without much effort on your purchases.

Public institutions and offices

These are another source and starting point for data pools. Whenever you go to a library, town hall, vehicle registration office etc. and disclose information about yourself in the form of transfer of your address, telephone number, date of birth and other personal information, you share your privacy with third parties. Mostly to complete strangers!

In addition, neither you, nor the person in the local location knows, where all the information entered about you, and millions of other citizens is backed-up and copied. People whose job it is to enter data all day at a workplace, via a computer, no matter what kind of data it is, usually do not know the other mechanisms for processing in the background! These employees are simply doing their job without worrying about, whether the systems behind them are poorly maintained or even working properly.

The system or the computer will already make itself felt in case of a case. Unfortunately, this often does not happen, or at least the person who enters the data day after day, does not notice it. Every thing has its contacts and nobody wants to be talked into their work areas, or even accept advice. IT-Employees often come across as arrogant and conceited. Yes, sometimes from above.

Once again, something doesn’t really work on the electronic device. But you don’t like to ask the Specialist for help, and don’t really dare to say anything yourself so as not to be eyed like a fool.

In many companies, administrators, software developers, user help desk, user support and whatever they may call themselves feel and behave, as if they were the crown in the company and irreplaceable.

The real purpose of such departments is to provide service!

The employees in a company are, so to speak, customers of the IT-Department. These in turn, use electronic devices, software and IT-Processes introduced by the companies. People who work in IT-Departments, are therefore also mediators between the company’s goals, the employees and the technology used. The proper functioning of a company depends, to a large extent on smooth processes with the technology, and the employees behind it! Which is all the more surprising that IT-Departments are often treated as an independent part of the company itself. This special treatment within an entire structure, is simply wrong and have some negative side effects!

There are many reasons for this:

As specially declared parts of an overall acting structure, employees lose the connection to appreciation.

Imaginary people lose understanding of the service they have to provide.

IT departments and people working within them tend to spread resentment.

People with too much freedom within such a structure are not controllable (in terms of their work).

Employees in separately managed departments are often poorly trained without management noticing.

Managers and management levels pay too little attention to these areas.

There are many other negative side effects that can occur, when individual areas of a whole are lifted into the sky or receive too little attention. These points have one thing in common, they harm the company and ultimately all employees!

At this point, I would like to introduce you to the concept of ›CWR FRAMEWORK‹, which you can get on https://artdesign88.com. In addition to the unique view of action, it also contains digital files, to help you understand quality in companies and in the private sector.

The listing of such points is intended to illustrate how motivations arise and what there are. The previous example is about people, employees, citizens who behave one way or the other due to special circumstances. This occurrence has a negative effect on the technology and the processes behind it (but not only). People in IT-Departments who believe that everything about data processing is only their business, and no one else often represent a major weakness in the company. Just because someone can call themselves an administrator, or team leader of the Information Technology, should not be a reason to sacrifice security, data protection and privacy.

Let’s change the places of action.

If you stay in a hotel and have your credit card and ID card copied (a disaster from a security perspective), you are giving away very confidential documents and a piece of your security and privacy to complete strangers. Apart from the security of the storage space.

Having ID cards, passports and credit cards copied by third parties, is something you should definitely avoid!

If you go to the car service, that’s nothing else. Credit card information (attention, someone could also copy the verification code without you noticing), address, telephone number, date of birth, e-mail address, information about your habits and your car etc. Some of it, especially details about a person’s habits and preferences, is highly sought, after in marketing and by anyone who wants to sell something. At Google, e-mails are evaluated in order to be able to carry out targeted marketing. Google collects information about their visitors via various services on millions of websites, without most visitors to these websites knowing about it. Google provides hundreds of thousands of its customers, like the aforementioned website operators, with information about you and others so that they can manipulate you and other humans.

THOUGHT JOURNEY START

You stand at the cash desk and pay by credit card. Around you, other customers who are now eagerly waiting for your credit card PIN code to be entered. Almost every spectator magically looks at your fingers, when you entering the code from your credit card. Since you are in thoughts, and do not expect anything bad, you do not notice this. You pay and walk towards the exit. On the way out, someone bumps into you and steals your bag and purse. You will notice the loss of the bag quickly, but not so quickly the danger of losing the credit card. You only gradually realize that the thief now has digital things about you in addition to physical things.

Be that as it may, the thief now has the PIN code he tracked when you entered it at the checkout on the cash, and the corresponding credit card from you. The first thing he will do is to move to the nearest ATM as quickly as possible, to withdraw as much of your money as possible. Since you don’t immediately realize that someone might have the PIN code of your credit card, don’t pay so much attention to this particular circumstance at first. You report the theft of the bag. It may take a few hours, maybe 1–2 days, to block your credit card.

During this time, the thief can easily navigate to 20 or more ATMs and maybe even plunder all your money.

If you have not set a specific limit for daily withdrawals, it may happen that your entire account is emptied.

END OF THOUGHT JOURNEY

Getting a look at your fingers when entering PIN codes can go well countless times, but once there is someone who not only looks, but will use the information gained to his advantage and your disadvantage!