Charles R. Crooks

Shaman, Healer of Hearts and Minds

(214) 923-5848

May 24

 

A Note on Computer Security

With all the hoopla regarding people have their emails hacked due to weak passwords or other forms of spoofing, it is important to provide you assurances that any information that I have collected from you is encrypted and kept in a secure location.

 

1.      Any information I have collected is private and, will never be turned over to anyone for any reason whatsoever. 

2.      I will never sell or make available my email lists to anyone.

3.      This includes email addresses and or other contact information, which allow a third party to identify you.

4.      Because I am HIPPA certified, I am applying the same basic security policies exercised for medical data storage for all data I have within my systems.

5.      If it becomes necessary to stop communications and/or cease my businesses, all information will be permanently destroyed.   “Bleach Bit”

Furthermore, I would like to bring your attention to your computer security.

Many would be surprised as to the number of weak passwords out there, which can easily be guessed by any eight-year-old. Besides my work as a healer since nineteen seventy-four, from nineteen eighty-five tell now I have been an IT consultant. In the past, I have worked on projects dealing with government security, various manufacturing organizations, and medical data services.

 

Just to give you an idea of some the passwords I have run across, the following is a list of the more humorous ones.

·         Government photographic reproduction labs, (Top Secret)  password: spooks

·         Major bank in South Carolina, password: moneybags.

·         Railroad in Northeast United States, password: choo-choo.

The above examples are of course no longer in use but to give you an idea as to the apathy individuals will assigned to the security of their systems. Nowadays of course, there is dual factor password/challenge system and a few other goodies that are quite helpful.

 

I have also talked to many people in today’s world who have very weak passwords. A common example this would be the name of their pet. If there really sophisticated, the password will be augmented with the first two digits of their address at their home. So, the password would be Harvey14.

 

A good rule of thumb is to utilize two unassociated words separated by a space or special character. For example some banks do not allow a special character if you wish to use one. So replace that special character with a couple of numbers and you still have a password with two distinct words unassociated with each other.

 

A good example of a password would be a word that you would easily understand separated by a couple of numbers or dashes and another word that you would easily remember yet have no connection between the two words. To further illustrate this example I will create a brand-new password which will be very secure from a Costco advertisement.

 

Polycarbonate99 vitamin, eyeglass14oilm, Sloppyseed14powergel. As you can see with a little practice and even a little humor, you can come up with your own password that is very easy to remember yet almost completely impossible to crack.

 

The next thing to watch out for is emails masquerading as an information notation from your bank or other business requiring you to click on a link so you can reset your password or deal with some particular item. What will be interesting is the email will have all the HTML text and everything looking just like you came from your bank. However, it is a very important that you look at the header of the email and examine the address where the email came from. Also take note and look at the address of the link in the email that you need to push the button on. So for example let us say is claiming to be from Compass Bank. What you will notice is the from address will have something very similar to bbvacompass.com however it will be just enough off hoping that you do not catch it. Here is an example:bbvacompass1.com, or bbvacompass.org, or verify.rrdr.compass.com.

These very examples above are the primary reason that many email addresses are spoofed. Once you click on one of these links, the infected website will download a utility on your machine that will do all kinds of nasty things including tracking your keystrokes. This is how some the major tech firms in United States have been nailed by various actors in various countries. 

 

There is also one other item worth considering. Many people are finding it enjoyable to user fingerprint for logging into many systems. Moreover, it is convenient. However, there is a problem. That is if someone were aware to hack the system that you are logging into, they would have your fingerprint information available to anyone who wants it. So, the only way that you are going to be able to get around that particular problem is remove your finger, not a pleasant idea. If you know that, your personal system at your home or office is very well secured, with encryption of the drive and all that fun stuff, then go ahead user fingerprint therein. Otherwise, avoid it when possible.

 

 

In the bonds of the work I am,

 

Charles

 

All original material is © Copyright 2003-2018 Charles R Crooks All Rights Reserved

Return to Table of Contents