Posts

Episode 109 Show Notes – Information Security @ Home

This is Episode 109, and we’re continuing our Information Security @ Home series.

We’re smack dab in the middle of the holiday season. Lots of people are going to receive neat, new electronic gadgets as Christmas gifts. Who doesn’t like cool new gadgets?! Your refrigerator can order milk before you’re out of milk, your dishwasher can send you messages when the dishes are done, your television can remind you it’s time to veg out on the couch for the latest episode of The Undoing, and your doorbell can show you who’s at the door while you’re away. We LOVE gadgets! (even if they end up killing us)

But wait! What about information security? What about privacy? What about safety?

Herein lies some problems. Problems that we (infosec folks) want to help you avoid.

Information security is an afterthought, if it’s ever a thought at all! We continue to connect more devices, install more apps, and stream more things. Home networks become more complex, and most people don’t even know what they’re trying to protect. This is your home network, and it’s your responsibility to use it responsibly. Nobody cares about the protection of you and your family more than you. It’s time to step up and learn some basics before this gets any more out of hand. (it’s already out of hand, but it’s not too late)

So…

In case you didn’t know, we’re less than 16 days from Christmas!

…and less than 23 days left in 2020!

I’m not sure what I’m more excited for at this point, Christmas or 2021. 2020 can suck it. Well, I guess it already has. Here’s to an awesome end to an ______ year!

I’ll (Evan) be leading the discussion this week, and these are my notes.


SHOW NOTES – Episode 109

Date: Wednesday December 9th, 2020

Episode 109 Topics

  • Opening
  • Catching Up
  • Information Security @ Home
    • Picking up where we left off in episode 108
    • Demonstration – The router/firewall
      • Finding your router.
      • Logging into your router.
      • Changing the default password.
      • Poking around a little bit.
    • What’s on your network anyway? You can’t possibly protect the things you don’t know you have.
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey oh! Welcome to episode 109 of the UNSECURITY Podcast. We’re glad you’ve joined us. The date is December 9th, 2020 and I’m your host Evan Francen. Joining me is my pal and co-worker, Brad Nigh. Good morning Brad!

[Brad] Cue Brad.

[Evan] It’s nice to come up for air this morning, and it’s nice to hang out with you man. How you doing?

Quick Catchup

It’s 4th quarter, I’m now a week and a half behind and it’s only getting busier. Hopefully Evan is in a better mood than episode 106.

We’ll discuss a thing or two…

Topics:

Transition

Information Security @ Home

[Evan] Last week, we got into some of the important things we should be doing at home. When I say “we” I mean everybody, security people and non-security people alike. We mentioned that step #1 should be to change the default password on your home router. We talked about it, gave some advice, and pointed people in the right direction. Today, I’d like for you and I to demonstrate how to change a router password and talk about it while we’re doing it. After this, we’ll poke around a little inside the router’s configuration. Once we’re done with that, we can move on to the next task; finding out what’s on your network.

Sound good?

[Brad] Cue Brad.

Begin discussion

Information Security @ Home Discussion

  • Picking up where we left off in episode 108
  • Demonstration – The router/firewall
    • Finding your router.
    • Logging into your router.
    • Changing the default password.
    • Poking around a little bit.
  • What’s on your network anyway?
    • Why is this important?
    • What you should do next…

Transition

[Evan] Alright. Good stuff. Hopefully our listeners learned a thing or two. For those who already knew this stuff, hopefully they’ll share with others.

That’s that. On to some news…

News

[Evan] Crazy stuff going on in this industry. What’s new? Well, here’s a few things that caught our eye this week:

[Evan] That’s a lot of news for one day, and that’s only the tip of the iceberg.

Wrapping Up – Shout outs

[Evan] That’s it for episode 109. Thank you to all our listeners. We dig you. Also, thank you Brad! Who you got a shoutout for today?

[Brad] We’ll see.

[Evan] Next week, we’ll continue the Information Security @ Home discussion. We’ll dig in a little more on identifying system on your home network and talk about patching. In the meantime, send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and this other guy is on Twitter at @BradNigh. Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

Episode 108 Show Notes – Information Security @ Home

NOTE: We’ll be a day late this week, recording on Wednesday. Work stuff and personal stuff, you probably know what it’s like.

It’s time for episode 108 of the UNSECURITY Podcast!

Brad and I (Evan) hope you had a wonderful Thanksgiving (assuming you’re in the U.S.). 2020 is a funky year to say the least. So many things that were “normal” before, aren’t so normal anymore. Despite the craziness of this year, we still found MANY things to be thankful for:

  • Our faith, and knowing that everything is going to be OK (eventually).
  • Our family.
  • Our friends.
  • Our co-workers.
  • Our community (the infosec community and our home community).
  • The people we serve.

While acknowledging that some of us have suffered significant losses this year, there’s always something to be thankful for. If you ever need support in dealing with loss or you’re just struggling, reach out to people around you. Here are some resources you might find helpful:

Love truly heals.

Some of us had a couple days off work last week. Monday we jumped right back in. The emails were still there (and maybe more of them), the projects are still in full swing, reports are still due, etc., etc. Assuming you recovered from the Monday onslaught, here we are! It’s Wednesday, and it’s time for episode 108!

Brad’s back, he’s leading the discussion today, and these are his notes. Welcome back Brad!


SHOW NOTES – Episode 108

Date: Wednesday December 2nd, 2020

Episode 108 Topics

  • Opening
  • Catching Up
    • What’s new?
    • Thanksgiving hangover?
  • Information Security @ Home
    • Picking up where we left off in episode 106
    • Why is this a big deal (personally and for employers)
    • What can we do about it?
    • Intro to what Brad and Evan do.
  • News
  • Wrapping Up – Shout outs
Opening

[Brad] Hey there! Thank you for tuning in to this episode the UNSECURITY Podcast. This is episode 108, the date is December 2nd, 2020, and I’m your host, Brad Nigh. Joining me as usual is my good friend and co-worker, Evan Francen. Good morning Evan.

[Evan] Cue Evan.

[Brad] This will be first time I actually get to talk to you about why yesterday was my first day back since 11/17.  I have no idea what you’ve been up to because I was basically totally offline.

Quick Catchup

It’s 4th quarter, I’m now a week and a half behind and it’s only getting busier. Hopefully Evan is in a better mood than episode 106.

We’ll discuss a thing or two…

Topics:

  • 4th quarter is notoriously busy, like VERY busy, for us. Everyone is running at 100% capacity right now, which is good, but also stressful.
  • What’s going on at work? Any cool developments or announcements? Heck yeah there are!
  • Security Sh*t Show – no show last week. It was Thanksgiving!
  • Back to book writing…

Transition

Information Security @ Home

[Brad] Well, we had planned to do this last week, but 2020 won’t stop 2020’ing.

[Brad] We are going to go into more details about some of the things we do, hopefully without giving away too much, to try and help others. I feel like this could end up just about anywhere, so it should be fun!

Begin discussion

Topic Ideas:

  • Picking up where we left off in episode 106
  • Why is this a big deal (personally and for employers)
  • What can we do about it?
  • Intro to what Brad and Evan do.
  • Maybe we’ll show some examples and stuff while we’re here.

Transition

[Brad] Alright. That’s that. On to some news…

News

[Brad] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:

Wrapping Up – Shout outs

[Brad] That’s it for episode 108. Thank you Evan! Who you got a shoutout for today?

[Evan] We’ll see.

[Brad] Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan can be found at @evanfrancen. Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

Episode 107 Show Notes – Happy Thanksgiving

Hey there, it’s time for episode 107 of the UNSECURITY Podcast!

Just when you think you can’t get any busier…

You get busier.

Maybe if I learned to say “no” a little more often. My dilemma is 1) mostly brought on by myself and 2) is a blessing. It’s better to be busy than to have nothing to do, especially when you’re helping people. I’m grateful.

Short introduction today. Too much going on to elaborate much (for now).

On to the show notes…

This is Evan, I’ll lead the discussion today, and these are my notes…


SHOW NOTES – Episode 107

Date: Tuesday November 24th, 2020

Episode 107 Topics

  • Opening
  • Catching Up
    • What’s new?
    • “Information Security @ Home”
  • Happy Thanksgiving
    • What are your grateful for?
    • What’s different this year?
    • What’s the same?
    • Holiday shopping tips for EVERYONE
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey there! Thank you for tuning in to this episode the UNSECURITY Podcast. This is episode 107, the date is November 24th 2020, and I’m your host, Evan Francen. Sadly, Brad won’t be joining me today. He’s out of commission fighting a bout of labyrinthitis. The prognosis is good, so we expect him to be back soon!

So, this means you’re all stuck with me. I’ll do my best to provide some value for your ears and brain.

Quick Catchup

[Evan] The catchup time is a little different without Brad, so I’ll just give you a quick recap of what I’ve been up to.

Topics:

  • 4th quarter is notoriously busy, like VERY busy, for us. Everyone is running at 100% capacity right now, which is good, but also stressful.
  • Security Sh*t Show – this is live on YouTube every week; Thursday nights at 10pm CST.
    • Last week Chris Roberts and I did the Paqui One Chip Challenge online with a couple fans.
    • We also unveiled a new sticker (see below). If you’d like one, just subscribe to the Sh*t Show YouTube channel and let us know.

  • Information security hobbies – I’ve been working on a Raspberry Pi home network security device, including Kismet, pfsense, and Pi-hole. More to come on this next week.
  • Maybe another thing or two.

Transition

Happy Thanksgiving!

[Evan] Originally, Brad and I were going to continue our discussion about information security at home, then I realized that this is Thanksgiving week! Instead of talking about our original topic, I’m going to talk about protecting yourself (and your family) from holiday shopping scams. For many Americans, Friday marks the beginning of the holiday shopping season, and it’s important for all of us to be careful! Lots of things have changed this year, it is 2020, but some things haven’t. The scammers are still scamming, and a most of the scams are the same this year as they’ve been in years past.

Some interesting stats/information:

  • 61% of Americans have already started holiday shopping (before Thanksgiving)
  • 22% of Americans start their holiday shopping on (or after) Thanksgiving
  • 15% of Americans start their holiday shopping in December
  • 2% of Americans start their holiday shopping in January (hopefully for next year)
  • Last year:
    • $730 billion was spent on holiday shopping
    • $135.5 billion was spent holiday shopping online
    • $71.3 billion was spent holiday shopping using a mobile device
  • Online holiday shopping (in terms of dollars spent) is expected to increase by 35.8%

More online shopping coupled with the fact that most of us are more distracted (than ever), means attackers could have a heyday.

Opportunity + Distraction = Success (for scammers)

Tips to protect yourself and your loved ones (we will make this into a checklist soon):

Most important – situational awareness. It’s the umbrella for all other protection activities/behaviors.

  1. Ship to a secure location – avoid shipping to places where merchandise could sit unattended and insecure for long periods.
  2. If you decide to use a mobile app for shopping, use official retailer apps only.
  3. Don’t save payment card (debit or credit) information in any shopping accounts
  4. Using Apple Pay or Google Pay for payments wherever it’s available.
  5. If you’re unfamiliar with a retailer, do your research before buying. Make sure the site and retailer are legitimate.
  6. Don’t rush to purchase at the lowest price. Slow down and think about security risks first.
  7. Never make purchases on public Wi-Fi – Never.
  8. Use a VPN when shopping (or doing anything sensitive) online.
  9. Always use strong passwords and a password manager.
  10. Check security and/or privacy policies, especially for retailers you’re unfamiliar with.
  11. A legitimate retailers will NEVER ask for your Social Security number, so don’t give it out.
  12. Make purchases with credit cards over debit cards.
  13. Make purchases with prepaid debit cards over credit cards or regular debit cards.
  14. Review all your accounts and bank statements regularly. You should be doing this all year.

Please be careful this holiday season. DO NOT let scammers steal ANY of your joy or hope!

Transition

[Evan] Alright. That’s that. On to some news…

News

[Evan] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:

Wrapping Up – Shout outs

[Evan] That’s it for episode 107. Gonna give my shout outs…

[Evan] Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!