Understanding The Value of Copy & Paste Services

In terms of how people use computers and communicate information to one another through them, I cant help but feel as though copy and paste internet services are some of the most underutilized and/or underappreciated resources on the internet. Perhaps this is because I am a self-taught computer geek who first got his start inside the digital world of underground hacking, but even outside the hacking world you might be surprised to learn that there are a number of everyday uses for these types of programs – especially in the corporate work force.

For those of you who do not know how they work, online copy and paste services work much like emails, only there is no logging into any accounts and instead of sharing information through an email message, you share it through an online hyperlink. Simply write a message out, copy it with your mouse, go onto a web service, press paste and enter the information, then copy the URL address that’s generated and you are ready to share with the world – it’s literally that easy.

Benefits of Copy & Paste Services

Sending information to large groups of people in team chats or online groups. If you are working for one of the more innovative companies or organizations around the world, then you entire workforce or office should have made the switch over to a team chat service, such as Slack or Chatbox. If not, perhaps you should get on that. Copy and paste services are ideal for large chatroom’s like these because they offer a faster and easier platform to share information with a large number of people. Much easier than emails, for example. Say your company consists of 50 people and you have them all organized inside a team chat, rather than send a message out by linking up 50 different people through their individual email addresses, a copy and paste URL posted to chatroom reaches all 50 people at the same time, at a fraction of the time/effort.

Hyperlinks save everyone time and effort. For the reader, copy and paste URL’s save time by allowing people to receive messages/information without having to log into or browse through an online account. Instead, all they need to do is click on one link. For the sender, copy and paste URL’s also save a great deal of time. Copy and paste services allow you to create and share messages with an unlimited number of people with literally two clicks of a mouse, whereas drafting an email message requires you to type up and/or link to multiple destinations.

Hyperlinks are public and have unlimited exposure time. Unlike personal emails and email accounts, which have to be logged into and are sealed from the public eye, copy and paste URL’s can be accessed by anyone on the internet at any moment in time, no matter where they are or what accounts/Apps they are using – all they need is an internet connection. Most copy and paste services have the option to create public or encrypted posts, allowing the user to control who can see the information and for how long.

Sharing information through hyperlinks is good cyber security practice. If you are wondering why hackers in particular turn to copy and paste services to share information with one another, this is done for two reasons. First, these services allow you to share an unlimited amount of text without the need for file sharing – which is invaluable asset when dealing with people you do not know or can’t necessarily trust. Sometimes, when sending individual messages in texts or online, there is a cap on the amount of words/data you can send in one window or box, making it inconvenient to share/release large amounts of information all at once. Often times, if a message is long enough, the solution would be to create a .doc, .pdf, or .txt file to hold all the information. However, consolidating this information through a copy and paste service and turning it into a URL offers an easy way around all of this, while preventing the need for file sharing between users. This is critically important to understand because it is not that hard to maliciously manipulate files with hidden, secret or embedded code to corrupt your systems once downloaded.

Second, it allows you to share information without revealing your personal information, such as your personal email account(s). Not only can this protect your privacy, but when dealing with the wrong people or advanced cyber threats it also protects your personal IP Address and computer/device itself. Not only is this invaluable while working within the digital underground, but this could also be an invaluable practice on the corporate or business level just as well. If you do not need to share your email address with others, don’t.

The Best Services Providers To Use

Ghostbin:

Back in 2016 I interviewed the founder of Ghostbin, Dustin L. Howett, to get a sense of who he was and what he had created, because at the time Ghostbin was becoming perhaps the most widely utilized tool inside different hacking circles. Howett told me that he created the service as a side project, really, while he was away at college. Explaining that he simply he didn’t like the fonts, format, coloring or layout of traditional paste services, such as Pastee or Hastebin, so he just went ahead and wrote his own source code one day and threw it up on the internet.

At the time, Howett wasn’t even a publicly disclosed figure and his service, Ghostbin, had only received its name for going out of its way to protect user privacy, by disabling IP logs of any/all visitors using the the site to post content – though this policy has changed over the years. Along the same lines, the service has now evolved to allow users to create their own individual accounts, allowing them to edit or delete the postings they’ve made – a feature which wasn’t available in years past.

As for the service itself, comparatively to others like it, Ghostbin is rather generic and straight forward – a net plus in my book. Posts can either be encrypted or unencrypted and you do not have to be a registered user to make any posting if you don’t want to be. The site disables all advertisements, and has the simplest interface you can possibly imagine. Again, a net plus in my book – not a negative.

Try Ghostbin: https://ghostbin.com

Pastebin:

Pastebin is without a doubt the most famous, popular and widely used copy and paste service on the internet. Unlike its competition, Pastebin offers a whole host of editing and connectivity options that other services do not – including customized URL’s for individual postings and the ability to share directly to social media. Pastebin is also a little easier to use than some of the others, and compresses all text into one easily readable page/window. Other copy and paste platforms, such as Ghostbin, do require you to format text as you enter it and the longer the text is, the more formatting is required – something which isn’t an issue with Pastebin.

The only downsides to Pastebin, at least in my opinion, are that the site enables advertisements which can be distracting and the service itself can be unreliable from time to time. Due to its popularity, Pastebin often comes under heavy cyber/DDoS attack, and periodically suffers from internet blackouts because of this.

Try Pastebin: https://pastebin.com

PrivNote:

Admittedly, I did not hear about PrivNote until the other week – shout out to GSH for the tip! PrivNote is really unique in that it allows users to create hyperlinks which “self destruct” the first time after they are used/read. Meaning that you can set a hyperlinks settings to completely disable itself as soon as it is clicked, protecting information and ensuring privacy/confidentiality – hence the name of the service. On top of this, users have the ability to encrypt each note they create, adding a duel layer of security.

While these features may sound a bit extreme or advanced, the service itself actually has one one of the cleanest interfaces I’ve seen. In fact, I dare say PrivNote might be the easiest copy and paste service to use if you’ve never done this before. For that very reason alone the site deserves a visit.

Try PrivNote: https://privnote.com

Hastebin:

Honestly, it has been a couple years since I last used Hastebin and the service has changed significantly since I’ve left. Today, Hastebin looks a lot like and operates much the same as Ghostbin – only far simpler and less secure. Hastbin has the same generic layout as Ghostbin, but it does not offer as many different fonts, formatting or heading options. As for why I say it is less secure, that’s because Hastebin comes with a built in feature which lets readers or recipients of the URL edit the text of the message itself after it is sent- something which is not available on other services. This may be good for joint collaborative efforts, but isn’t necessarily ideal for owners of specific information.

Try Hastebin: https://hastebin.com

Phone Security

1.) Encryption

Encrypt your entire Operating System (OS). Phone encoryption is the first line of defense for whichever phone you happen to use, ensuring that no one can even so much as turn on your device without the proper credentials. It is important to understand that encrypting your phone and setting a screen lock for it are not the same thing. It is also important to understand that, depending on the type of phone you have and who manufactured it, screen locks can be bypassed by 3rd parties – such as hackers – as well as through different backdoors found within various software applications/programs you’ve installed on it. Encrypting your phone on the other hand encrypts your entire operating system all at once, requiring password authentication for the phone to even boot up and power on in the first place – ensuring that no App, program or file can be exploited or corrupted to gain full access to your phone.

Depending on what type of phone you have, your settings might come with a built in feature allowing to encrypt individual Apps. If not, you can install a firewall application for that – more on this later on in the article. If you are unfamiliar where to find your phones encryption options, they are available in the “security” section under the main settings menu. Please note that it can take an hour or more to fully encrypt your phone, so it’s important to always begin with a fully charged battery.

Select an appropriate screen lock. Screen locks are a different form of encryption in a sense, ensuring that no one can use/operate your phone when you lose it, are away from it or leave it out in public. As far as how you set it up, there are 4 different options to choose from – each one having its pro’s and cons.

  • Password Lock. Users will be required to enter a unique password consisting of letters, numbers and symbols to unlock your device. Personally, I believe password protection to be by far the most secure of all options. However, for the same reason, it could be considered the most “inconvenient,” because it requires the most amount of time/attention to enter every time you wish to unlock your device.
  • Pin Lock. Pin locks work exactly like password protections, only they exclude letters and symbols. Meaning that users will be required to enter a pass-code of random numbers in order to unlock your phone. For the very reason that pins exclude letters and symbols, they are a little less secure than passwords, exponentially decreasing the theoretical number of guesses it would take to crack/unlock your device.
  • Patter Lock. I am finding that this is becoming the most “trendy” screen lock these days, simply requiring users to use their fingers to “connect the dots” and draw a unique pattern on the front of their screen before it unlocks. However, I find pattern locks to be less secure than some of the other options, because there is a much higher probability of successfully drawing a random pattern to unlock a device than their is guessing an advanced password or pin.
  • Biometrics. The newest “craze” is security is using your own fingerprints, eyes, face or facial expressions to unlock different devices. However, while these options may be the most convenient and fastest, they are also by far the least secure. I say this because multiple studies have proven how easy it is to trick biometric security measures, and often times the pictures off your own social media accounts are enough to bypass them.

Password/Pin protect your SIMor SSID card. It is important to understand that encrypting your operating system and setting a screen lock will do nothing to protect your data cards or memory chips, securing those is an entirely separate matter. So lastly, you are going to want to encrypt/password protect your SIM and/or SSID card. To do this simply enter into the security options within your phones main settings menu, find/select your memory chips and create a unique pin lock for them. This ensures that no matter where your memory chip goes or whatever phone/device it’s plugged into, no one will be allowed to access your contacts, photos, videos, messages, files or data without entering the correct pin code first.

If you would like help learning how to build strong and easy to remember passwords to encrypt your accounts/devices, please read more in the tutorial provided below.

How To Write Un-Hackable Passwords: https://roguesec.co/how-to-write-un-hackable-passwords/

2.) Firewalls

Some phones come pre-installed with various firewall options, but if yours does not then there is a sizeable number of firewall Apps to choose from. Firewalls are critically important to security because they allow users to seal off or block different Apps, limiting the possible points of entry for hackers or other 3rd parties. Depending on the type of firewall you select, you may also have the option to encrypt individual Apps on your phone, adding a 4th layer of encryption to your device while ensuring that even if someone is able to unlock it, they will not be allowed to use selected Apps without further permissions. This is particularly important/helpful if you utilize different types of chatrooms, group chats for work or VoIP services.

Perhaps most importantly, firewalls severely limit potential abuses of your phone. You can select different options to completely seal off individual Apps altogether, or seal off different settings/areas of your phone from outside sources.Not only does this prevent hackers from using selected Apps to compromise your phone, but at the same time it prevents App owners themselves and other 3rd parties from gaining access to your phone all the same. Firewalls also protect against unwarranted data collection of your phone, including call/text history and general phone usage. More importantly, building a strong firewall and sealing off selected Apps can free up memory space/data usage, both speeding up your phone and saving battery life. If there are Apps on your phone that you’ve never used a single day in your life, or you feel may be spying on you/invading your privacy, simply use your firewall to disable them altogether with the click of a button.

On a similar but side note, never blindly give every App different permissions just because they ask for them. For example, when first navigating a new phone you might find that you are regularly asked to allow different Apps to do random things, such as collect data or record audio/video. It might seem harmless, but think about it for a second. What the hell does the Google Chrome web browser possibly need to record audio for? The simple answer is it doesn’t, you are only being set up to have your phone hacked by authorities and/or law enforcement officials at a later date in time – should they ever feel the need. By checking these options and blindly granting permission to different Apps, your are secretly granting 3rd parties the permission to ‘flip the switch‘ so to speak and turn your phone into a spy/recording device whenever they want. So, don’t fall for it. There is literally no need to give different developers that much permission over your phone.

3.) Manage Security Certificates

Similarly, you should seriously check out the security certificates or “Trusted Credentials” list which came pre-installed on your phone. On my Android ZTE for example, my phone was handed to me with over 100 different security certificates installed on it, some of which grant different Government agencies/offices direct root access to my phone without requiring legal documents or warrants of any kind – no exaggeration. You might not have been told about this when you bought your phone, buy they are there. Just a short list of some of the organizations which have direct root access to my phone; China Financial Certification Authority, CyberTrust, Deutsche Telekom, Hellenic Academic Research Institute, HongKong Post, Japanese Government, VISA, TurkTrust,Wells Fargo, as well as countless other organizations operating under different Government umbrellas.

Thankfully though, you do have the ability to revoke these certificates/permissions if you like. Simply find where these certificates are under your settings menu and disable whichever ones you desire. Just note that disabling some of the most fundamental ones, such as those issues by your telecommunications provider, may break access to different areas of your phone – but this is always reversible.

4.) Internet Security & Antivirus

Most people are always surprised to learn that the same measures used to secure your computer can often times be transferred directly to your phone, this includes things like VPN’s and antivirus. For the purposes of this section of the article, I would like to discuss different measures you can install to help protect your phone and keep your data that much more private/secured.

  • VPN’s: I am not going to get into a breakdown of what VPN’s are and how they work, it is just important to understand that you can install and utilize a VPN connection on your phone all the same as a computer. If you already own a paid VPN account, simply install the service providers App on your phone and establish a new connection through it. Your IP Address and internet connection will be secured all the same, just note that the internet speed of your phone will be effected a little more significantly than a computer, simply because a phone can not process as much information as fast as a computer can.
  • Proxy’s: It is another common misconception that you can’t utilize proxy connections or the Tor network on your phone, this is simply untrue. You can either hide your IP address and internet activity by installing the Tor App directly, or you can install something known as Orbot – developed by The Tor Project. Orbot transfers all data/network activity from your phone across various tor relays, essentially turning the Tor network itself into a giant VPN connection/encryption setting for all of your data and every last thing you do on your phone. Unlike Tor, Orbot doesn’t just simply protect internet activity – even the Apps developers profess itself to be a “full phone VPN.”
  • Re-Route DNS: Another way to protect against data spying, 3rd party abuses or intrusive hackers is to re-route your DNS through different service providers. For example, I personally route all of my network activity through Cloudflare DNS servers for added privacy and security. IBM’s Quad 9 DNS service is another good option, blocking you from gaining access to known malicious websites while preventing your device from ever becoming part of or wrapped up in a botnet. You can do your own research to find other options which may be more suitable, but another popular option is Google’s public DNS service.
  • Install Different Browsers: Just as with computers, you can choose a whole host of different browser options, many of which are far more secure and private than Google Chrome or the built in web browser found on your phone. If you would like to learn more about browsers, as well as the different/added benefits of each, please utilize the following link: https://roguesec.co/building-selecting-safer-web-browsers/
  • Antivirus: Phone antivirus programs essentially work the same as computer antivirus’, only they are far simpler and much cheaper. A good antivirus program for your phone should cost anywhere from $2-5$ per month, and will protect your phone against malicious hyperlinks, scan all downloads for viruses, as well as prevent all of the most common/basic forms of cyber attack. Some phone based antivirus service providers, such as Kaspersky Lab, also come with built in VPN connections to secure your internet activity at the same time.

5.) VoIP Services

While VoIP services are not necessarily essential for everyday phone use, they do offer critical protections for political activists, journalists, researchers and citizens living under oppressive regimes all around the world. VoIP stands for “Voice over Internet Protocol,” which is just a fancy way of saying they transport all calls and messages over established internet connections, rather than routing them through your telecommunications or phone service provider – such as AT&T or Verizon. For this reason, VoIp services prevent your data from being intercepted, recorded or stolen by telecommunications companies and other 3rd parties, such as Governments, thus protecting any information you send across them. VoIP services also offer the ability to encrypt messages or calls between like users, further protecting your privacy. By comparison, both of these options are not available on standard text messages or phone calls. In politically oppressive countries, VoIp services offer a critical means to bypass Government imposed restrictions or blockades on national telecommunications. VoIP services also let you make international calls for free.

While this might sound a bit complex or advanced, once installed, operating a VoIP connection/application is no more different or complicated than making a regular phone call or sending traditional text messages. Lastly, VoIP connections also offer a secondary means to reach contacts, should your phone lose service, go out of range or come under blackout. Rather than relying on the signal strength of your network service provider, all you need to use VoIP services is an active internet connection.

The Best/Top VoIP Service Providers:

 

Email Security Strategies

Before we begin, you can have the most advanced cyber security practices and anti-virus in place but if you do not have a strong enough password to secure your devices or online accounts, all your security measures might as well be useless. As I have already explained in a previous tutorial, more people are hacked as a result of weak passwords than any other single factor. With that established, the 2nd most common way to hack someone is through their email inboxes or accounts – just ask Hillary Clinton, John Podesta, John Brennan and the DNC about that. Make no mistake, if some of the worlds most powerful people can have their personal emails hacked, so can you. This is also why learning how to practice better email habits should be of the upmost importance for you heading into the future.

What To Avoid & How Email Hacks are Pulled Off:

While browsing through your email account(s), never open a single email or click on any link(s) from a sender you do not know personally. It might seem harmless, but the simple act of curiously opening an email or clicking on a link within an email can open Malware or register and transmit the IP Address of the device you are using to the sender of that email or link.

When a hacker sends compromising emails or links to your personal inbox it is a technique known as “Phishing,” and it is perhaps the most common form of cyber-attack you will ever encounter. I am willing to bet that everyone whom has ever owned an email account has seen a phishing scheme at one point or another in their lifetime, whether they were even aware of it or not. This is also why it is important to not just leave your email out in the open for all the world to see, or blindly pass it around to so many pages across the internet – especially if you have something to lose.

Believe it or not, there are even free and public services which allow any person to secretly attach a program to any given link or email they send, which automatically transmits data such as your IP Address as soon as you open it. This type of program also reveals things like the time of day you clicked the link, the type of browser you were using and how long you kept the window open. This is also what is referred to as a “trap-link.” The most common of which comes in the form of an “IP-logger,” which automatically registers the data of any device that clicks on it. While this might sound extremely complicated or foreign to you, again, regardless of the legality of it all, there are actually multiple free services, platforms and tools available on the internet for people to do just this.

Needless to say, always use caution and judgement when clicking on any links in your inbox, online chat, message or social media network alike – especially from people/sources/senders you do not know or have never done business with directly.

Separate Your Inboxes:

A good practice is to also use separate accounts for different purposes. For example, use a separate email account for your online banking and/or business than you would use for family, friends, or subscribing to magazines. This ensures that if one account is ever breached or compromised, not every aspect of your life gets compromised along with it. Additionally, use separate passwords for separate accounts and always reserve your strongest passwords for your most important accounts. You should also utilize two-factor authentication whenever and wherever possible.

If you are a website domain owner, or own multiple email accounts, you can also secure your personal or business inbox behind a mail forwarding service through your domains DNS settings or an alternative service provider. Selecting this option will allow you to pass out an email address without actually revealing the true end destination where those emails will be sent, essentially turning the mail forwarding address into an “alias” or “proxy” for your real account.

If you would like to learn more about alternative/encrypted email service providers, as well as why you should consider making the switch to them, please utilize the following link: https://roguesecuritylabs.ltd/making-the-switch-to-encrypted-emails/

If you need help learning how to read, write and remember stronger passwords to secure your online accounts, please utilize the following link: https://roguesecuritylabs.ltd/how-to-write-un-hackable-passwords/

Securing Social Media Accounts

As always, strong password protection is the number one priority for securing social media accounts. This includes using your phone to enable two factor authentication (2FA) for them. Due to the simple fact that social accounts usually hold far less important data/information than emails, I am willing to bet anything that close to 100% of all hacks against your social accounts will be deterred if you simply enable 2FA for them. It is also a widely known fact that more social accounts are compromised as a result of weak passwords than any other single factor.

Password Security Guide + 2FA: https://roguesecuritylabs.ltd/how-to-write-un-hackable-passwords/

While using your social media accounts, just as with emails, never open a message from or click on links by users, senders or accounts you do not know personally, were not expecting to hear from or haven’t done business with in the past. As I have already with emails, hackers can phish your social media accounts all the same. Moreover, it is actually much easier for a hacker to uncover your “IP Address” through something like Facebook Messenger than it is through email. This can also be done without you clicking on any individual hyperlink. For example, you can find someone’s IP when engaging them on Facebook by using a simple sequence of “cmd commands” – which are freely available on every Windows device.

Like your mother always told you, never talk to strangers – especially online 😉

You can add an extra layer of security to your accounts by preventing them from being “indexed” by search engines and web crawlers. This can be accomplished by making small changes to your account settings. By default, the largest social media platforms are all designed to connect to search engines like Google, Bing or Yahoo, in order to make social networking more accessible and convenient for everyone. However, allowing your account to be indexed means that theoretically anyone in the world could search for and find your account if they really wanted. Whereas if you disable your account from being indexed then the only people you personally give your account information to will know where to find it.

To do this, simply go under your accounts setting, scroll to Privacy Settings and uncheck the “Public Search Results” box. This will remove your profile’s page from Google, Bing, and Yahoo search returns. This is also a security practice instructed to Federal Employees and members of the US Defense Department.

Building/Selecting Safer Web Browsers

As I was going about re-configuring my website and domains earlier this week I noticed something very interesting, while my SSL Certificate was in the process of being authenticated I was able to access my unsecured website on every web browser except for one; Mozilla Firefox – which would not allow me to connect to the web page in order to keep me protected.

Just so you understand what I am talking about here, browsers like Microsoft Edge, Google Chrome and Apple Safari will all freely allow you to access a web page which has the potential to compromise your security – including websites which do not have an authenticated or verified SSL Certificates. This is because these web browsers are configured to be “convenient” and easy to use, security is either nonexistent or an afterthought on these particular browsers. With that said, there are a number of web browsers out there specifically designed around security, which also happen to be equally as easy to use/operate. Here are some of those browsers, along with some other helpful information to help you make more informed security choices online in the future.

Mozilla Firefox

Mozilla Firefox is considered by some to be the world’s most secure web browser. I say “some” specifically because many people would argue that Tor is actually the most secure browser out there. However, without Mozilla Firefox the Tor browser wouldn’t even exist. This is because Tor uses the source code of Firefox as the foundation to build their browser. As for why I personally consider Firefox more secure than Tor, this is because the DarkNet is inherently a much more dangerous place than the ClearNet, and you can’t access the DarkNet or Deep Web on Mozilla Firefox alone. Browsing through and interacting with the Deep Web, even while using Tor, naturally puts you and your security at a much higher risk.

What makes Firefox particularly unique is that much like WordPress.com, the browser allows you to install various Add-Ons, extensions or plugins that can help you maximize your security. For the purposes of this article, if you are going to use Mozilla Firefox, I highly recommend that you install NoScript, Ad Blocker Ultimate and Disable WebRTC connections. There are more plugins than I could possibly mention here, those are just some of the most important ones you can install specifically in terms of online security.

WebRTC is a little talked about “glitch” that allows third parties to circumvent your security and compromise your systems, even when you are using a VPN or Proxy service. As of today, Mozilla is the only web platform I am aware of that allows you to disable all WebRTC connections entirely. By comparison, other browsers like Google Chrome literally ban people from disabling WebRTC connections through their browser, as to allow US “authorities” like the NSA and FBI to more easily hack and track users online if need be. However, non-Government hackers exploit WebRTC all the same as Federal hackers, and for all the same reasons.

Download Firefox Here: https://www.mozilla.org/en-US/firefox/download/

Tor

I understand that the Tor Browser has gone on to develop a slightly negative reputation in today’s society but, believe it or not, the Tor Project was first developed by and still receives a majority of its funding from the United States Department of Defense. It is important to understand that even though some people use Tor to do some pretty bad or illegal things, just like anything else in life, the browser is only what you make of it.

Tor was not developed for criminals, it was first developed by the US Government in order to keep agents, operatives and members of the Armed Forces safe and secure online. It just so happens that over time the browser and its systems were hijacked by criminals and terrorists alike, whom also need to remain hidden and secure online for many of the same reasons as Government employees.

The Tor browser works by bouncing your internet connection through thousands of individual “proxy servers” around the world on a perpetual randomized time loop. At any given moment in time your internet connection could be bouncing from Thailand to Venezuela to Canada and theoretically anywhere in between, concealing your computers identity and making your internet activity essentially impossible to trace. In addition to redirecting your internet traffic away from the eyes of your Internet Service Provider, it also conceals the IP Address of the computer you are using behind a proxy. This is particularly important/valuable for political activists and human rights defenders living in oppressive countries all around there world, where peoples online activity can get them arrested or killed. Since the browser directs all of you online activity to different countries around the world, this allows activists to remain hidden from their Governments while also granting them access to any sites banned or restricted by their respective Governments.

It is important to note that Tor is perhaps the best web browser at preventing or deflecting an active hacking attempt against your computer. However, I would never use Tor for things like credit card transactions or editing/customizing your personal website. This is because anytime you are using a proxy you are using someone else’s connection. While this may hide your internet activity from 3rd parties, it makes you internet activity available specifically to the owner of whatever proxy server you happen to be using at that time, and not every proxy server exists with honorable intentions – though “most” Tor exit node operators tend to be trusted activists.

Download Tor Here: https://www.torproject.org/download/download-easy.html.en

Opera

Opera is a little known web browser that has traditionally had a minuscule following throughout the past. However, in 2016, Opera started to gain a more main stream following, particularly with the cyber security community, after the browser started to become standard with a built in VPN. This means that the Opera browser stands in front of your computers IP Address while you browse the internet and your activity will remain hidden from your Internet Service Provider and/or 3rd parties. While the VPN is far from the strongest of safest on the market, it is still a very unique feature that has helped the browser grow in popularity over the years.

Download Opera Here: http://www.opera.com/

Epic Privacy Browser

One of the newer browsers on the market, Epic is specifically designed around online security. Each time you close the browser all of your cookies and tracking information is automatically deleted, preventing any websites from remembering or recording your previous activity. Similar to Opera, the Epic Privacy Browser also connects your computer through the companies own servers, acting as a proxy service for your device. This prevents any hackers/websites from recording the IP Address of the device you are using to browse the internet. Additionally, much like Mozilla, the browser will not allow you to connect with or access any site that does not have a recognized SSL Certificate.

Download Epic Here: https://www.epicbrowser.com/

Browser History, Cache & Cookie Management

If someone gains access to your computer for malicious reasons one of the first things they are going to want to do is check your browser history to gain access to websites and accounts that you frequent the most. Just think for a moment about all the pages you visit online, that you do not need to log into every time you visit. While this may be convenient for your personal browsing habits, it is also very convenient for hackers.

For this reason, you should always delete your browser history and clear all browser cookies on a fairly regular basis. You would be surprised to know how much information your browser stores/remembers about you, until you delete it all. Please note that some browsers offer to delete cache and cookies through the settings menu and some anti-virus programs also offer to do the same. However, if you cannot find or do not own these programs, one of the best programs to clear history, cookies, cache and everything else is known as CCleaner and it is completely free and open source for anyone to own. The “C” in CCleaner literally stands for “Crap,” because the program deletes all of the useless crap you’re your computer happens to store about you. The program itself is entirely free to own, but it is one of the most effective programs on the market. For example, even multi-billion dollar tech companies are known to use the program on a regular basis.

Download CCleaner Here: www.ccleaner.com/download

How To Write Un-Hackable Passwords

Before we begin, why should learning how to write strong passwords be of much more importance to you? Believe it or not, it is a statistical fact that more people are hacked as a result of weak passwords than any other single factor. This is also why encryption – aka passwords – should be much more important to you. With that said, learning how to read, write and remember strong passwords is not nearly as hard or complicated as people might think, in fact it is rather easy once you understand the core concepts.

Lesson 1 – Password Length:

To unlock someone’s password, “law enforcement authorities” and/or “hackers” will either run something known as a “Brute Force Attack” or “Dictionary Attack” against it, in an attempt to break or de-crypt the numbers, letters and symbols contained within the password itself. One by one over time, these software programs will slowly decrypt the password, just like cracking the numbers to open a vault or safe.

Quite simply, the more complicated/randomized the sequence of numbers, letters and symbols in your password are, and the longer the password is, the longer it takes hackers to break. Moreover, each letter, number or symbol you add on to the end of your password literally makes it exponentially harder for even the most sophisticated programs to crack. For example, here are estimates from the FBI regarding how long it takes them to crack lengthier encrypted passwords.

  • seven-digit passcodes will take up to 9.2 days, and on average 4.6 days, to crack
  • eight-digit passcodes will take up to three months, and on average 46 days, to crack
  • nine-digit passcodes will take up to 2.5 years, and on average 1.2 years, to crack
  • 10-digit passcodes will take up to 25 years, and on average 12.6 years, to crack
  • 11-digit passcodes will take up to 253 years, and on average 127 years, to crack
  • 12-digit passcodes will take up to 2,536 years, and on average 1,268 years, to crack
  • 13-digit passcodes will take up to 25,367 years, and on average 12,683 years, to crack

Lesson 2: LEET or “1337” Language:

L33t Language is a way of replacing letters with numbers and symbols in everyday sentences and it is perhaps the most basic form of encoding used to encrypt messages. To understand how it works, here are some quick examples:

Normal Statement: BankruptMedi4 or TheDailyProletariat or Elitepassword or Activism

L33t Version: 84nkru97M3di4 or 7h3D@i1y9r0L37@Ri@7 or 31it3p4$$w0rd or 4ctivi$m

It doesn’t necessarily have to be that complicated and you don’t necessarily have to replace as many letters with numbers and symbols, those are just examples of how it works. You can run a dictionary attack at “84nkru97M3di4” or “7h3D@i1y9r0L37@Ri@7” all day long, go ahead – have fun. To make the password even stronger mix in capitalized and un-capitalized letters throughout.

I think I have explained the concept easily enough? To make an un-hackable password simply take a name, phrase, short sentence – et cetera – that is personable to you and convert it into l33t language, then use that as your new password. Not only will it be impossible to break, but it should be fairly easy for you to remember. And as always, use two-factor-authentication whenever possible.

Lesson 3: Two-Factor Authentication

I’ve always understood that 2-Factor Authentication (2FA) is a concept lost on most “normal people” in society right now, but a new statistic really puts it all into perspective. This would be the news that, according to Google’s own statistics, less than 10% of all Gmail or Google business owners currently have enabled 2-Factor Authentication for their online accounts. Considering that Google is estimated to host well over 2 billion accounts globally, this means that there are over 2 billion insecure accounts floating around the internet right now – and that’s just from Google alone!

This is not to mention the fact that there are literally billions of email addresses, along with their passwords, currently available on the Deep Web and DarkNet for search. For example, there are single websites around the internet that are currently selling the log in credentials of 1.4 billion people and if anyone of those people simply just enable 2-factor authentication for their accounts, all the information stored on those would become utterly useless.

Responding to the news last week Grzegorz Milka, a Google software engineer, said that the company’s latest statistics “demonstrates the lack of awareness of cyber threats and the way to mitigate them.” Adding that he believes more people don’t or haven’t “configured 2-Factor Authentication for their accounts” because “many users believe 2FA can make their experience worse,” or at least more of a hassle. To do everything they could to mitigate the problem from their end, Google also took the occasion/platform to release a 2-Factor Authentication tutorial of their own, imploring Google users to immediately begin securing their accounts in this way.

Google 2FA Tutorial: https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome

As for what 2-Factor Authentication is, does or means, it’s not nearly as complex or complicated as people think. In fact, it only adds about 10 seconds to the amount of time it already takes you to log into your accounts anyways. Essentially, as soon as you type in your password and press enter you will receive a text message on your phone, which will have a short code for you to type in. Without that secondary code no one is allowed to login, even you. That’s it – literally. That’s the amount of “hassle” it will take you to begin practicing strong cyber security in the future. Again, despite the simplicity of it all, less than ten percent of people in society have taken this step.

2-Factor Authentication should be available for nearly every App or account you own, and you can find/enable it by searching for it in your account(s) settings. As I also once explained in a different article on this subject earlier last year, even if someone already knows your password, “close to 100% of hackers will be prevented from successfully hacking into your social media accounts if you simply enable 2-Factor Authentication” for them – and I still believe this holds true today.

Interestingly/Coincidentally Enough?

As I was in the process of writing this article I got a text message informing me of new log in codes to verify, because someone had somehow managed to brute-force their way past my password – which no one has ever been able to do before. Put another way, my site was literally saved from being hacked/hijacked by malicious cyber actors, all because I once enabled 2-factor authentication on my account(s) months ago. To put the importance of 2-Factor Authentication into focus, I’ve invested thousands upon thousands of hours of my personal time into this website, and it took me less than one minute to turn on and verify 2-Factor Authentication for it – certainly worth the time/effort!

Making The Switch To Encrypted Emails

This past February a US judge ordered Microsoft, an American based tech company, to honor the search warrants of American law enforcement agencies requiring the company to hand over any/all data, emails and the like which the company stores on servers located overseas. The ruling came in direct contradiction to a previous ruling from a Federal Appeals Court in August of 2016, which upheld a US Circuit court ruling from July 2016, prohibiting the US Government from seizing data stored on servers located outside of US borders.

The principle behind this case is very simple to understand, does the United States Government have the right to demand foreign businesses located outside of the United States hand over their records to the United States Government if that company happens to do business with a US citizen? In other words, are foreign nations forced to abide by US law and comply with all US based legal requests? Well, according to the most recent ruling, as of February 2017, at least as far as US courts are concerned, the answer is “yes.

What Other “Authority” Does The US Government Have?

Let’s use the world’s most popular email service provider as a quick example – Gmail. Quite literally, everything you do on your Gmail account is accessible by Google at any given moment in time. After-all, you are using their service. If the US Government ever wants to see your account or any of the information on it, then all they have to do is pull up the file of a generic document, insert your name on top of it, print it out and just like that they magically have a “subpoena” to obtain all of your information from Google.

Despite how simple of a process this is, it is all groundbreaking stuff too. Believe it or not, it was not until May 2016 that the US government even needed to get a warrant or legal document of any kind to search through all of your personal emails. Don’t believe me?

Read More – Email Privacy Act of 2016: https://www.congress.gov/bill/114th-congress/house-bill/699

For you international folk out there, the news isn’t much better. You see, the US Government has its own private court known as a FISC court which, historically speaking, blindly grants “99.96%” of all warrant request brought in front of it – but who’s counting, right?

With that out of the way, all of the information above only goes to show how easy it is for the US Governments to go about obtaining all your data “legally.” But as I think we are all aware by now, agencies like the NSA or CIA do not necessarily care about US law and have the very real authority to act outside of it – #PatriotAct. To be fair, this does not necessarily mean that someone working for the US Government is literally watching/reading every single email you write every minute of the day, but they theoretically could be if/whenever they wanted to.

To that very point, early in 2016 Google came out with a press release addressing how “state-sponsored hackers” had breached over 1 million Gmail accounts over the course of that year. This was also not an isolated incident and it’s not just Google which has been targeted by these types of breaches. Literally hundreds of millions of Yahoo and Hotmail accounts have also been exposed over the years.

Read More – 3 Billion Yahoo User Accounts Hacked, Including 500 Million Email Addresses: http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

So far I have only addressed how easy it is for the US Government and/or law enforcement agencies to access all of your personal accounts/information, this does not even account for all of the non-Government organizations or hackers out there or oppressive regimes located in countries all over the world. In fact, I am willing to bet that at least 95% of all hackers worldwide are non-Government affiliated. Moreover, Hillary Clinton, the DNC, CIA, John Brennan and John Podesta should all serve as evidence for just how easy it can be for hackers to compromise anyone’s email account if they really want to – even some of the most powerful people in society.

Quite frankly, there is a reason why politicians and members of the Armed Forces are told never to use their own personal or private email accounts, because none of these services are properly protected or encrypted! While members of the Government and Armed Forces use their own private versions of encrypted email services which are NOT open or available to the public sector, thankfully, there are a number of free and paid email encryption services out there open to the general public.

For Example:

Mailfence

Mailfence is a relatively new company globally, but one which I have already placed at the top of all encrypted email service providers. Mailfence operates their servers out of Belgium, a country internationally renown for having some of the strongest and most resolute privacy laws in the world. Unlike the United States, every surveillance request or request for information inside Belgium, including on Mailfence’s servers, must be legally brought in front of a Belgium judge and proven in court as legitimate. In this way Belgium protects user data and business confidentiality in a way that no other country in the world does.

Sign Up/Create an Account Here: https://mailfence.com

ProtonMail

This email service provider offers free end to end encryption and hosts its servers in Switzerland, outside of US jurisdiction – theoretically. When signing up, at no point in time are you asked for any personal information and you do not need to attach any other emails account or phone numbers in order to register. This service also utilizes 2-factor authentication to log in, preventing hacking attempts. ProtonMail has also partnered with humanitarian organizations around the world, such as Amnesty International, in order to help fight back against Government surveillance and cyber censorship in developing countries around the world.

On a lighter note, if you are a fan of the Television drama “Mr. Robot” this is Elliot’s email provider of choice on the show.

Sign Up/Create an Account Here: https://protonmail.com/

Tutanota

This is another free encrypted email service that has become quite popular in recent times. In fact, earlier in 2016 Tutanota officially surpassed 1 million accounts – becoming the world’s largest encrypted email service provider. In 2017, Tutanota then went on to surpass 2 million accounts, furthering the countries rock solid reputation as an industry leader.

What makes Tutanota unique is that the company makes their source code “open source,” meaning that security researches investigate for themselves the level of encryption they are receiving. For all you n00bs out there, making your source code public record and still not having it hacked proves just how good the code really is.

Sign Up/Create an Account Here: https://tutanota.com/

CPU/Internet Security While Traveling Abroad

Make no mistake, if you do not utilize a VPN when using public internet or a foreign Wi-Fi connection, while you might not be hacked every time, you are certainly rolling the dice with your personal security. This is because once you are on a shared network your computer becomes visible to anyone else using that network. Shared network connections also make it exponentially easier for hackers to find, hack and even remotely access any devices shared by that network. The more open the network, the more people that use it and the more public the place, the greater your risks are.

Regardless if you are using your own internet connection or you’re in a foreign country, a good anti-virus software and strong firewall rules should detect and/or block any file changes to your systems, preventing an attack from infecting and spreading on your device. Therefore, purchasing good anti-virus software is the simplest thing you can do to protect your computer, especially when traveling abroad or foreign/un-trusted connections. A good anti-virus should only cost you around $40 a year, well worth the price for the protection it provides. As for your computer’s firewalls, you can freely adjust these settings by simply typing “firewall” into your computers search menu – more on that later on.

VPN’s

It is important to note that an anti-virus program will only prevent an attack from spreading on your device. When it comes to preventing an attack from finding your device in the first place, this is where a “Virtual Private Network,” commonly referred to as a “VPN,” comes into play. For those of you whom might be unfamiliar, VPN’s work by redirecting all of your “internet traffic” through a “proxy server” – allowing you to access the internet from an end-point you desire/trust.

While this might sound like incredibly complicated “computer lingo,” it is actually quite simple to understand. Say you make your home in New Hampshire, but you are traveling to Egypt. A VPN will allow you to connect to the internet in Egypt, then use that connection to find and connect to your home’s Wi-Fi router – transferring everything you do online through it, rather than through some random router in the middle of Egypt. Once connected, the location of your computers “IP Address” and your internet activity will remain hidden/encrypted behind your home router; aka your VPN.

To put it another way, even when you use a Wi-Fi connection in Egypt, or anywhere else in the world for that matter, your computer will only be physically accessing “the Internet” from New Hampshire. So, even when you are using the internet on the ground in Egypt, it will be as if you were on your computer back at home – because you will literally be using the same network connection in either instance.

Still Following?

There are two different ways you can go about setting up a safe and secure VPN or Proxy Server for your computer. The first will cost you money, but is far simpler. The second is completely free, but it is rather “involved” and you will have to put in a lot of time and effort to do the research for yourself.

Before I go any further, I could not advise strongly enough against free VPN services; you should NEVER install a free VPN program or App on your devices. With that said, there are a number of established and trusted VPN Service Providers out there. A good service will cost you anywhere from $40 – $120 a year to use and a simple Google search return will direct you to some of the industry’s biggest names. While researching paid VPN providers, you should always look for companies that either do not record or regularly delete user logs. Country of origin is another critical factor when selecting a service. VPN service providers operating out of countries like the United States, Russia, Egypt – et cetera – are not to be trusted because the laws in these countries allow for their governments to compromise VPN servers fairly easily. On the other hand, VPN’s operating out of countries like Switzerland and Belgium tend to be trusted because laws in these European countries protect customer privacy and business confidentiality, and require their Governments to go in front of courts and present valid legal arguments for companies to hand over their data – if any such data is ever recorder or logged in the first place.

The second option, learning how to build and install a VPN on your own device, gets a bit “technical” at times, but setting up your own VPN connection does make your computer far more secure than any service you could possibly purchase – no exaggeration. For the purposes of this article I will not explain how to install a VPN or use your home’s Wi-Fi router as a proxy server, instead I would direct you to YouTube or Google, where you can find a number of good tutorials on these subjects.

Getting ‘Into The Weeds’ A Bit Now…

The existence and use of VPN’s has become somewhat controversial over recent years. For example, countries like the United Arab Emirates, China and Russia have made VPN ownership illegal. Other countries including Saudi Arabia and the United States have even made VPN ownership alone grounds for criminal investigation in certain cases. Meaning that you wont necessarily be arrested just for buying or using a VPN service, but you may be investigated over what you were using it for. Once again, the old “Federal Saying” on these matters hold true – “if you have nothing to hide, then you have nothing to fear.

However, there is a simple way to avoid all of this. Learning how to build you own VPN connection is 100% legal and considering that you would be doing everything for yourself, on a computer and router you already own, no one would ever know or need to know that you are using a VPN in the first place.

There is also a slight difference in the fact that purchasing a VPN will hide all of your internet activity from your internet service provider, whereas if you create your own VPN connection and use your home router all of your online activity remains visible. The only drawback to creating your own connection is that your personal IP Address will remain visible and out in front of all your network activity, whereas a purchased VPN will use the companies private servers, thus concealing your IP Address behind theirs – acting as an extra layer of security.

With that said, earlier I stated that building your own VPN is far more secure than anything you can purchase. This is because a VPN you build will simultaneously protect all of the files on your computer, something a purchased one does not. A purchased VPN will only conceal the location of your computer, it literally does nothing to prevent, stop or fix a cyber-attack against it.

It is also important to understand that VPN’s are not just for computers; they are available on all devices – even phones. Put another way, VPN’s are available on any device you can use to access the internet.

Miscellaneous Tips, Tricks & Security ‘Hacks’

The following information will help you both secure your computer straight from the start menu and help you restore you computer back to safety if it is ever compromised.

First, you should make sure that your firewall is turned on. Even if you know nothing at all about computers or security, turning on your firewall literally takes no skill, it is already pre-configured by your computer manufacturer and you just have to make sure that it is turned on. If you really want to take the time, I recommend going through your firewall’s settings, checking the rules and entering the terms onto a Google search just so you can learn yourself something new about them.

Second, if you haven’t done so already, you should encrypt your computer. If for some reason you are still unaware, “encryption” is just a fancy word for creating password entry. If you ever leave your computer unattended in a public setting or live in a house with multiple people, you should always makes sure that no one can use your computer without authorization. Meaning that when your computer starts, before anyone can physically access anything or do anything on it, they have to enter the correct password first. Setting this up is incredibly easy and you can edit or select this option straight from the settings on your computers start menu.

The next option is extremely critical, but is something which is often overlooked. You are going to want to make sure to disable remote access to your computer. Believe it or not, anyone whom knows anything about hacking can physically access/use your device through something as simple as Windows cmd if they share the same internet connection or know your IP Address. If you do not disable remote access to your computer you are essentially leaving the door wide open for anyone to walk through or exploit.

Lastly, if at any point in time you believe that you have downloaded any virus, Malware or Spyware, you can simply go to your computers start menu and search for “system restore.” All you have to do is find a date before you believe you contracted the virus, select it and restore you computers settings/files back to that date. This will restore your computers systems as it existed on that date. However, just note that while you will be losing the virus from your computer, you will also be losing all of the files, documents, pictures or anything else you have created or saved since that date. While it does not work every time or with some of its stronger versions, this should literally be your first move if you ever contract ransomware.

External Hard Drive

This next bit is something that I almost never see included in other online security tutorials, which is why I am including it here today. If you want a fool proof way to secure, protect and back up all of your most important files, you should invest in what is known as an external hard drive. You can buy a USB external hard drive in any major box store for anywhere from $75 – $200 and it fully ensures that if your computer ever gets compromised, all of your files and data is backed up.

External hard drives are extremely important if you wind up getting a serious computer virus, such as ransomware. An external hard drive will allow you to completely wipe your computers data, clear the virus off your systems and then re-load your files right back onto your computer as if nothing ever happened. Considering that most ransomware will charge your thousands of dollars to un-encrypt your data, an external hard drive back up is literally a $100 fix to a $1,000 problem. Always remember, backup, backup, backup your data – buy a USB!

Moreover, if you live in an at risk country and are ever worried about someone gaining remote access to or searching your computer, you can keep programs like Tor or TAILS on your external hard drive for safekeeping. If necessary, a USB is also much easier to hide or destroy if it ever comes to that point. You can also set up separate encryption for your USB, making it impossible to search without authentication.

How to Encrypt Your USB: https://www.online-tech-tips.com/computer-tips/encrypt-usb-flash-drive/

Learn Linux

Contrary to popular belief, even if you are using a “Windows Computer,” you do not actually have to run Windows as your primary operating system. While learning how to use and install Linux is not necessary and often times a useless nerd skill, there is no debating that Linux systems are far more secure than Windows or Apple will ever be. Therefore, if you are truly interested in learning a new skill or improving your cyber security practices, then learning Linux systems should be at the top of your priority list.

I am not going to teach you how to do this in this article or any other for that matter, that is what they make Google and YouTube for. Instead, I will just tell you what the world’s most secure operating system is; TAILS.

Download TAILS Here: https://tails.boum.org/install/download/index.en.htmlhttps://tails.boum.org/install/download/index.en.html

Why Windows Is More Secure Than Linux: http://www.pcworld.com/article/202452/why_linux_is_more_secure_than_windows.html

Sweet cmd Commands

If your network connection ever starts to become slow or your web pages simply aren’t loading as fast as normal, there is a simple trick that will automatically speed your internet connection back up, without disconnecting you from the internet or requiring your internet router to be reset. The best part is, not only will the following command sequence speed your internet connection back up, but it can also negate DDoS attacks and will kick any 3rd parties, such as hacker, off your computer/connection every time it is used.

Simply go to start menu, open cmd and type in the following sequence exactly as it is written below – don’t actually type “(enter),” that is simply where you press enter before typing the next command:

  • title H4x0r (press enter)
  • color a (enter)
  • echo off (enter)
  • cls (enter)
  • ipconfig/flushdns (enter)
  • ipconfig/release (enter)
  • ipconfig/renew (enter)

Please note that only the sequence in bold is necessary, the first part is just for fun 😛

Random Helpful Links

Test Hyperlinkes for Malicious/Hidden Content, Such As IP Loggers, Before You Click Them: http://onlinelinkscan.com/

Test Recent Downloads for Malicious Content/Viruses: https://virscan.org/

Encrypt Your Hard Drive: http://www.pcworld.com/article/153826/data_encryption_tools.html

Encrypt Individual Your Files on Windows, Linux & Mac: http://www.howtogeek.com/195124/how-to-easily-encrypt-files-on-windows-linux-and-mac-os-x/

Enable BIOS Protection: http://www.pcworld.com/article/158292/Enable_BIOS_Passwords_for_Extra_Security.html

pfSense Firewall – The Worlds Most Used/Trusted Open Source Firewall: https://www.pfsense.org/download/

How To Enable Quad9 DNS service from IBM: https://www.quad9.net/

How to Enable Cloudflare’s 1.1.1.1. Privacy Based DNS Service: https://1.1.1.1/

Internet Router Security

This next bit is a little more “involved,” but it is pretty straight forward and something that almost no one in society seems to practice for some reason. You might be surprised to know that your internet router is completely unsecured straight from the company/manufacture, and the user name and password needed to physically access the routers settings is usually uniform. For example, here is the username and password for nearly every Comcast issued internet router, one of the US’s largest internet service providers.

User Name: admin
Password: password

As you can imagine, this is not exactly rocket science for anyone to figure out or crack, so you are going to want to encrypt your individual internet router by setting up your own password for it. You can find your routers unique IP Address by opening cmd and typing in “ipconfig/all” – then looking under “default gateway.” Next you are simply going to want to open your web browser and type in that number/IP Address into the URL and press enter, where you will be prompted to sign into your routers log in page. If you do not already know this information beforehand, you can find your routers default log in credentials by simply entering a Google search for it or calling your internet service provider.

Highlighting just how much of a priority router security should be for you, the fact that your routers login is publicly listed on the internet and the login is the same for every customer should tell you all that you need to know. Moreover, despite what your ISP might ask of you, this is also why you should never use your personal router as a free and public hotspot. For example, if you are using your router as a hot spot and have not changed your default login credentials first, then theoretically any person using that hotspot could access and corrupt your router using the same information I just provided above – it’s literally that easy. This includes gaining access to information like the IP Address of any/all devices which has ever connected to the internet through that router.

With that out of the way, once you have logged in and are messing around with your routers settings, you can do things like set up a new password for it, white-list selected devices allowed to access and strengthen the routers firewall. Another advanced security tip is to disable your router from publicly broadcasting your internet signal. To do this, simply have a look under settings and disable the “SSID broadcast” feature.

To understand why this is important, have you ever clicked on your devices Wi-Fi button to see all of the available networks in range around you – particularly in a large urban area? Unless you live way out in the country, in addition to your own, I ‘m sure you are used to seeing all of your neighbors wi-fi connections. Disabling the SSID broadcast feature on your router will prevent your network from being picked up by everyone else in your neighborhood, keeping your connection hidden, secret and more secure. After-all, if no one knows your network connection is out there then no one is going to be looking to mess around with or exploit it.

Now that you know all of this information, you might also want to start warning all of your neighbors/friends now too 😉