Friday, May 12, 2017

Myth and Reality - The Truth and Dangers with Artificial Intelligence


The inspiration to write this post came when I logged onto our Salesforce account, and was presented with the marketing banner, "Meet Salesforce Einstein, AI-powered CRM for everyone."  It occurred to me that AI is the new Cloud, the new IoT.  As such, its use has become commonplace in the news, articles, advertising - everywhere, and most assuredly, its meaning has become vague, evoking the yearning for the "latest and greatest" while dire warnings from science, science fiction, and business are becoming more urgent and public.

This publicizing of a technical term creates a great opportunity - to raise awareness, both of what it is and what it can become, and to hopefully inspire some action.


In Computer Science, Artificial Intelligence (or AI) is a term that has been thrown around since at least I was in college back in 1990 (as a Bachellor's in Computer Science from University of Michigan).  I have found that, until the last year or so, it has been a pretty technical term that those of us in the industry seem to intuitively understand.  However, now that its use has become ubiquitous in the day of "smart phones" and massively-capable mobile devices, I feel that its use and meaning may have become watered down and obfuscating much in the same way that the term Cloud has become prior to it.  I'd like to clear that up.

First of all, we have Hardware (or the physical parts of a computer that you can touch), and Software (or the instruction code that is bundled up into a thing that performs tasks and makes the hardware useful).  AI is software, for sure, but not all software is AI.  This is in much the same way as putting a hard drive on the Internet and calling it a Cloud isn't really a Cloud, but a Cloud-accessible storage.

So what are the basic elements that make it AI?  I would say that it requires a few things:

  • Capability to "learn"
    • What do we mean by learning?  This is so intrinsic to what it is to be a Human, that we almost don't have a precise grasp on it.  We try something - and we fail, or succeed, and that outcome gives us a certain level of understanding that we didn't have before, and we use that to inform our future decisions.  So if we turn left while driving, and hit a wall, do we refrain from turning left thereafter?  No, but we do look and examine the conditions first (is there a wall?) before attempting a turn, either left or right.
    • The ability of animals to learn ranges from very simple (think insects) to extremely complex (think primates, dolphins, whales, elephants let alone us Humans).  Software learning could consist of building a database of "facts" and using those to make decisions, but learning on anything but the level of an ant is much more complicated than that.  It is comparable to reprogramming ourselves based on input, not simply cataloging the results and using them.  We can learn new skills, for example, that we didn't have before (these range from mental to physical skills, and combinations thereof).
  • Recognition via senses
    • We have our various senses:  touch, taste, smell, sight, hearing, kinesthesis, time, and more.  We can recognize, for example, with sight a color (say red), in various light will be different actual colors, but we still recognize it as red because of the context of the ambient light.  We are far, far more nuanced than that simple example, recognizing faces, even similarities between faces (oh, you look like his daughter), and more.  AI commonly consists of pattern recognition, sometimes using what is called a neural net as a computing construct to build history and analyze input based on that history.  You've seen the sci fi shows that do facial recognition, where they pull up all the cameras in a city and search for someone (they are really close to that now in reality), and perhaps have set up a sign-on with the PS4 camera so that when you show your face, it logs you on.
  • Language
    • If you have tried to learn a different language, or even delve into the depths of your mother tongue, you will know what a crazily complex thing Human languages are!  However, AI will be able to understand, at least at a rudimentary level, spoken and written language.  What do we mean by "understand?"  Yes, understand the explicit meaning of words, if not the implicit meanings ("what do you mean, yes honey I love you?  Are you mocking me?").  Intonation, inflection, even body language are things that are probably way off, but they undoubtedly will be coming - if we continue on the path we are on now in AI research.
  • Decision-Making
    • As I said earlier, cataloging the outcomes of actions and making decisions based on those outcomes and current input, is a very small part of decision making.  If you don't think that's true, then you aren't a Project Manager - a very highly skilled profession that requires years of training and experience to pull of successfully, even with highly skilled learners that Humans are.  But some form of adaptive decision making is part of a true AI solution.
  • Morals
    • A set of limiting and/or guiding principles, the violation of which are thought of as horrific and punishable, also must be included in a true AI.  Think Isaac Asimov's rules on robot behavior.
    • What if these moral limiters could be bypassed (e.g. the robot's eyes turn from blue to red)?  What if some unscrupulous developer excluded them altogether?  What if someone hacked them?


So, it would seem we are pretty far off from C-3PO, Human-Cyborg Relations, right?  Yes and no, yes some things we have very far to go (hey, they are still struggling with a 2-legged robot keeping its balance), and in other things they have made huge advancements.  However, now, before things get too far, is the time to step back and ask important social questions, like why, or should we?  Elon Musk, the founder of PayPal, Tesla Motors, and SpaceX (among others) thinks that achieving some of these key AI milestones is merely a matter of a couple decades away (or less).  And he should know - he is involved in a lot of technology development, including self-driving cars.

Am I predicting all doom and gloom?  You know the old saying, the road to Hell is paved with good intentions.  It starts out with cool things like mobile phone assistants, but then it progresses to clerks who can take your order and deal with dissatisfied customers (in a mostly dissatisfying way), to robotic assembly lines that can fix their own production issues - but suddenly, something happens.  Skynet becomes self-aware, and determines that Humans are a scourge to be wiped out.  Frankly, I cannot see any progression of AI that doesn't end in some catastrophic, cataclysmic struggle for existence.  That's the stupidity of being Human - we push and push and push, knowing that we are pushing off the cliff, but it's someone else's responsibility, someone else's problem.  That's right, the aliens are projecting an SEP field on us!  I have endless faith that Humans are self-destructive to a small or large degree, depending on how successful you are.

Does AI have to progress to the point where machines become a danger to us?  Let's look at things this way.  Computers are already so complex, that there is probably not a single person on this planet anymore who can comprehend the full set of what is going on there.  That means, the product is beyond the understanding of any individual.  The complexities that arise mean that we don't fully understand the consequences.  We don't fully grasp the potential - and all we can see is what the Sales and Marketing people want us to see.

As a self-confessed tech geek and tech aficionado, I am warning us all that this is a bad path.  There is no good ending for this.

In the Media

AI is in the media on an almost daily basis.  From self-driving cars, to smart homes, electronic assistants (Alexis, Siri, Cortana, and Hey Google), to even things we don't think of like traffic lights and telephone call routers, AI to some basic level has been here for decades.  However, it has reached a point where technology, research, and capabilities have expanded tremendously - and this brings up danger signs.

What, am I saying that the latest military top secret project will become Skynet (think Terminator)?  Or that the people in charge will bypass authentication and set things to automatically run without safeguards will enable the digital world to enslave humanity (think Brian Herbert's prequels to Dune)?  Yes, as a matter of fact, even though that may sound farfetched and outlandish, Elon Musk and Stephen Hawking, 2 of the world's foremost minds in business, technology and science, are warning just such a thing.  I have agreed with that assessment wholeheartedly for about 30 years, as a computer expert who has been developing and implementing automation solutions that help make businesses run better and faster.

What's the Answer?

Get rid of computers!  Yeah, right.  The only way that will happen is by circumstances outside of our (Humanity's) control.  So if that's not an option, do we stop research on AI?  I know 2 high profile brilliant people who would say so, and I strongly urge a complete and total ban on AI.  Machines should not do the above, and it should be enshrined in our laws, our religions - or, if not, we risk extinction.  Maybe even having governmental or non-governmental review boards to review software for signs of AI, and enforcement to punish perpetrators of a newly-defined crime, a crime against Humanity's future.

I have read a lot of books, fiction and non-fiction.  Of all the books I have read, my hands-down favorite are the Dune series by Frank Herbert and son Brian Herbert.  Especially piercingly prescient, the father's series takes place thousands of years after the Human race barely avoided extinction from its self-induced machine overlords (the subject of the son's prequels).  In the myriad of planetary systems, thousands of distinct cultures and civilizations descended from Earth - each and every one of them has a basic law at the core of all religions, government, society - Thou Shalt Not Create a Thinking Machine.  In the books, Humans learned their lessons about the boundaries of technology - and had achieved faster-than-light interstellar travel, vast technological marvels, and more - all without a machine more intelligent than a calculator.  True, that's a novel - and true, computers are fast, capable, and people spend money on faster and more capable.  But at some point, all of these warnings will come to fruition (not may, WILL).  And we will have to repeat the lessons of the universe of Dune - if we survive.

Sunday, August 28, 2016

New iPhone 7

As September 7 approaches and the impending announcements from Apple, they are in an unprecedented situation. While the company doesn't give a whit about market share, they have been declining steeply.  For the first time in its short history, the iPhone sales are in decline. Why? What's going on? More importantly to the company, product, and investors, what will they announce in the 7 to reverse the trend?

I've said many times that Apple is the choice of people who are concerned about digital security and privacy. I've also said its the company for people who like an ecosphere of products that work together. But when push comes to shove, it appears most people want just a smart phone, and one that appears to be innovative. Never mind if the innovation is internal, or geared toward app developers. 

So the rumors that usually pan out say the 7 now removes the audio jack, has the same dimensions, but no real clues as to what's really new. The Apple Watch is also rumored to have an upgrade at the same time. But so far this hasn't impacted iPhone sales noticeably. 

So is Apple in trouble? Far from it. The Mac is still selling strongly, and even though down iPhone sales are good, and profits are good. But truly it is challenging to restore growth to their flagship product. 

Tuesday, March 8, 2016

My AT&T Account was Hacked - How could we have avoided it?

Last week, our AT&T Wireless account was hacked on the web site.  The way they got in, was they probably guessed or stole the password for my wife's login from some other website, and tried it on a variety of carriers until it worked.  We got a text message from AT&T last week that the security questions had been changed.  When I went to look at it, they hadn't.  I immediately called the AT&T Fraud department, and they told me that no updates had been made, and no changes to the service, and that the system must have sent the message to me in error.

Yesterday, I got another text message on my phone, that my billing address had been changed.  It had been changed to a Miami Beach address.  At about that time, my wife called me from our kid's phone, saying that her phone no longer worked.  Neither did one of our other phones.  At that point, we realized that a new user had been authorized on the account, and that a new phone number had been added last week, and one of the phones (out of contract) had been used for an upgrade.  AT&T showed that the new phones had been picked up at the Apple store on Broadway, in New York.

Apparently this is very common, for thieves to use stolen credit cards, pay online on a hacked account, and pick up a phone from the store.  Once they do that, they sell the phone as quickly as they can, and pocket the cash.

Meanwhile, it took about 5 hours with AT&T Advanced Technical Support to get our phones restored, and with the Fraud department to get everything else straightened out.

The worst thing about all this was, it could have (and should have) been prevented!  How?  Let's look at the perfect storm of everything that went wrong:
  1. AT&T Account Security provides a phone number, e-mail address, and generated access ID to log in and manage your account.  3 different ways of logging in.  Simplify it, give us 1!
  2. AT&T Account Security has the option of requiring a PIN that you specify, for "any and all account changes that will cost you money."  Apparently that is misleading.  We turned on that PIN feature last year and set the PIN, however it only works for in-store purchases.  The web site does not require the PIN, and this is something they are aware of, and have not yet rectified.  Shame on them!  If they had required the PIN, then simply using the login stolen from somewhere else would have not been enough.
  3. Simple Password Login - my wife (who will remain unnamed to prevent embarrassment) used to use the same password for everything.  Everywhere.  This practice is still rampant, and I strongly discourage it.  As I've recommended several times (1, 2), you should not know the vast majority of your passwords.  You should have a super secret master password that you only use one place, for your password vault, and have all others be randomly generated long alphanumeric with punctuation marks.  Thieves know that people like to use passwords that are easy to guess (by the way, if your password consists of a word, even if you change letters to numbers or add numbers at the end - it is extremely easy for computer software to guess), and use the same passwords everywhere.  Software is specially designed to exploit the patterns we use ($ for S, 0 for O, 1 for L, etc.) and crack the passwords within minutes (average is 6 minutes or less).  So even if thieves hack a system you logged into and steal encrypted passwords, they can decrypt it within minutes.
  4. Text Confirmation PIN - Apple and many other companies send text messages to known, pre-registered devices to confirm identity.  For example, if I log into iCloud, it sends a PIN to my phone, which I then have to enter (after username and password) in order to access my cloud account.  This is simple and very easy, and should be done by AT&T and all mobile carriers to confirm something as basic as adding, removing, or upgrading a line.
  5. Multifactor authentication - whenever this is available, turn it on and use it.  This means, instead of just asking for username and password, some other thing is asked for to prove you are legit.  For example, a lot of systems use Google Authenticator.  This is like those RSA secure keys you may have seen, which generate a new number every 30 seconds.  When you log in, you have to enter name, password, and the number - which follows a predictable pattern only known between your device and the site you are logging into.  Another example, is not just asking for name and password, but some other random mix of questions that you define, and answers you set up.  For example, "What was your first car?"  "1981 DeLorean" - if you set up 3 to 5 Q&A, then it randomly selects one, and you have to answer that plus name and password to log in.
Luckily, we caught this quick.  Chances are very slim it was quick enough to catch this thief, or even quick enough to prevent him from selling the phones he stole.  We lost a bit of peace of mind, and time spent dealing with it.  But other forms of identity theft can be much more damaging, and you owe it to yourself (and the efforts of law enforcement to catch these criminals) to learn what you can do, and prevent these from happening.

And whatever you do, don't believe it when a guy calls saying your PC has reported problems to their server!

Thursday, February 18, 2016

Did you know that PC Security Services can "help" fix your computer problems?

I got a call from a guy named Harry (yeah, right, this guy with a middle-eastern Indian-sounding accent's name is Harry), who claimed that he got my number because my Windows was reporting problems to his  server, and he was calling to help me out.  Good thing too, Harry!  (Interesting choice of names - this was Peter Parker's friend who turned out to become a super villain...but that's a different universe.)

I asked him how he got my phone number.  Harry told me that everyone who has a Windows computer has a unique computer license ID number (TRUE), which is automatically registered with them (FALSE - it is only registered with Microsoft, and they do not share their customer registration information with any third party companies).  And that they receive reports at their technical server that goes to their R&D center, and notifies them of issues.  (FALSE: Nobody would do this without a service contract that would bill you periodically.)

He then told me there were a bunch of problems with my Windows computer (I held off, not telling him I have Macs).  I decided I would play the dumb user, so I went along with him.

First, he wanted me to run the Event Viewer.  OK, harmless enough.  Then, he showed me a log of errors that Windows keeps.  He had me look at the count of errors, and whatever number I gave him, it was too much (it was 8,232).  [FACT CHECK:  During the normal operation of any computer system, it will log errors.  This is fine - some non-essential part of the computer failed to do something the way it expected, it logs an error.  Typically, this is nothing to be concerned about.  If you are concerned, take it physically to someone you trust, not to some guy who calls up over the phone.] Then close that window, and run MSCONFIG.  This tool shows startup jobs, as well as services.  He had me look for any services by Microsoft Corporation that were stopped.  There were a lot, and he said this is bad.  [FACT CHECK:  There are always some stopped, by the way - not every service is turned on.  In fact, I had specifically gone through just a few months back and disabled some more non-essential services, to improve performance of my system, but he didn't know that.]

So, he said that the bad software I get from e-mails and browsing the web, disabled important Microsoft services.  [FACT CHECK:  This is typically the way bad software gets on your computer, but this is the way that the antivirus security software checks and protects most often.]  Then, he wanted me to go to a web site,  This one failed to come up, so I can only guess that the domain has been blocked by net monitoring.

So, he had me go to, and wanted me to click Connect to Technician.  [FACT CHECK:  This is the kind of attack that is harder to protect against.  They get you to run something over the web browser, or install a program remotely with your permission, during a time when they have obtained your trust.]

This is where they get you.  I had played dumb with Harry, stringing him along, and pretending I didn't understand ("how do I find the Control key?  Oh, the CTRL key!").  After half an our of having this guy patiently explain to me how to minimize a window, find the CTRL key, and find the Windows key, let alone type in the commands he wanted (all the while I was Googling the stuff he told me, came across this warning by Microsoft), I asked him if the Connect to Technician will fix my problem.  I said, because I have a big problem, I have too much money in my bank account, and wanted someone to steal it from me to help me with the problem.

The dude didn't know what to say.  I told him I had been a Windows expert for 30 years, and now have Macs, so I don't even have Windows at home.  And, that I would be reporting the phone number and web site to the FBI and FTC.  Ah, so much fun making the guy squirm in his chair when I asked "Where is the Control key?" - if only I could see his face.

Friday, October 30, 2015

Is The Ability To Find And Secure Your Misplaced Mobile Device Important?

Apple mobile devices (indeed, computers as well) ask you to turn on location broadcasting when you first set it up.  That is, it broadcasts its location to your cloud account, so when you log in via the mobile or web app, you can locate your devices.  Further, on their mobile devices, this also enables a feature called Activation Lock.  This means, your hardware is prevented from any kind of system reset or reinstall, without first entering your cloud account password and device password, or removing it from your cloud account.  This prevents unauthorized people from, for example, swiping your device, and reinstalling it, and selling or using it like a new device.

So, the other day, my daughter walked home from the bus stop - got home, did her normal thing, had dinner, and after dinner, said "Dad, have you seen my phone?"  With an iPhone, the normal procedure is to log onto iCloud, and tap "Play Sound" on the lost device - which, it shows on a map where it is.  (By the way, if the battery is dead or it is offline, it shows the last known location when it was still connected to the network.)  The sound plays even if the phone is turned on silent, so they thought of that, of course.  She couldn't hear it, and apparently can't read maps well either.  It showed on the next street over, on the way home from the bus stop.  Sure enough, it actually showed which side of the street it was on, to an accuracy of inches.  I pulled the car over, at night, and walked to the spot on the neighbor's lawn, and voila.  There it was.  (By the way, the phone locations have been so accurate, that I have been able to look at the map, and determine if it is in the front or back side of my house.)

It occurred to me, if someone had an Android device, what would they do?  Android enthusiasts claim you can do anything and more on an Android device that you can do on an iOS device.  Is this true?  Well, turns out, not quite.  First of all, they do have a rudimentary location capability, but it has to be enabled, and it isn't by default.  It doesn't prompt you to do so on a new device (at least, not yet).  Once you enable it, you can locate it, but only if it's online, and that's all you can do.  If it is on silent, you can't play a sound.  Do you know how many times this has helped us find the iPhone or iPod that slide behind the couch cushion, or been hidden by the mischievous little brother?

Further, Android has very loose security - if someone does steal your device, they can easily root it, reinstall the OS, and voila, they have a phone or tablet they can sell or use as new.  How's that for protecting your investment in their product?  I find it disgusting.

And, what about computers?  With a Mac, it becomes much more difficult to protect from theft, as the hardware is made to be swappable and replaceable.  So a simple hard drive swap, and it's gone forever.  But, at least barring that, you can locate and possibly recover your machine if it is connected to the Internet.  Assuming the location services for IP address isn't spoofed, and works well.

So, Apple at least has a basic protection on their computers, while they have an awesome well-rounded solution on their mobile devices.  If you are angsting betwixt the fruit or the dessert brand of devices, I'd say the fruit is much healthier.

Tuesday, September 29, 2015

Increase Security by Removing Old WiFi Networks

With your computing device (that's the generic term for anything with a processor, memory, operating system, and software - including phones (smart or dumb), tablets, computers, set top boxes, gaming consoles - heck anything nowadays, even your toaster!), chances are if you move it around, you are joining various WiFi networks.  What happens when you join a WiFi network?  The "computer" stores the configuration for connecting to that WiFi in the future, and automatically reconnects when something with the same name is available.  For example, let's say I buy a Linksys WiFi router for my home, and I leave the default name or SSID "linksys."  I join my laptop.  Now, let's say I drive out somewhere, park my car, and fire up my laptop to work on a Word document.  If someone nearby also owns a Linksys router (any model) and left it on the default name, my computer will connect without asking me (thinking it is a recognized network).

Why is this bad?  Let's say a hacker knows this, and sets up a network called that, or called "AT&T WiFi" or "Starbucks" or any myriad of commonly-used SSID names.  Many devices will connect to it automatically, and voila, he can watch the traffic going across his network, and possibly even hack into that device (computer, phone, etc.).

Are you worried yet?  You should be.  There are things you can do, however, to help limit the chances of this happening.

  1. Pay close attention when you are joining a new network.  Some devices show a different icon if the network is a normal WiFi router, versus a mobile hotspot (in other words, using someone's cell phone to set up a WiFi hotspot would show as a different icon).  If this is the case, and you didn't intend it to be a personal hotspot, then don't join it.
  2. Verify with the store or hotel you are at, what their WiFi name is.  Maybe there are several listed that are spelled similarly.
  3. Frequently review the list of saved WiFi connections you used in the past, and delete any one you think you will never use again.  Below are instructions for how to do this in various devices.


In Windows 7, 8, or 10, go to Control Panel, Network and Sharing Center, and click Manage wireless networks (one way to get there is to click on the network icon in the tray, and pick "Network and Sharing Center" from the pop-up menu):

Then, select the network from the list, and pick the Remove button:


For Android devices, go to the Settings app, go to WiFi, and simply tap the network in the list, you will have a Forget button to remove it from your list:

Apple Mobile (iOS)

For iOS devices, go to Settings, WiFi, and tap the little Info "i" button next to the network name.  There will be a "Forget this Network" option

Apple Macintosh (OS X)

For a Mac, go to Network Preferences (you can get there easily from the WiFi logo on the system menu).  Make sure to unlock the preferences for changes, and then click Advanced:
Finally, locate the network or networks you want to delete (hold down Command to select multiple), and pick Remove.  Confirm with the dialog to remove them, and click OK.

Finally, don't forget to click Apply to save your changes.

Note that you will have a similar thing for Apple TV, Roku, or any various TV devices, although you may not travel with them, and therefore probably don't join networks.  But if you do, think about it.

Friday, September 18, 2015

Credit Card and Identity Theft - Are You Doing What You Should To Be Safe?

In a recent blog article, a Canadian analyst firm released a study that showed hackers are more and more looking to hack into online accounts, and not as much for credit cards.  This is because online accounts are more persistent - that is, your credit card may change, but the updated card (as a new one is issued) will be registered to an account.  (Yet another reason to use a service like Apple Pay or Samsung Pay that does not give your card to the merchant.)

And, in an earlier news article, NPR indicated that you are probably doing your online security all wrong - that IT and security experts place top priority on using a password manager to manage very long, randomly-generated passwords.

So, how do you manage your passwords?  Do you have a handful that you can remember, that you use everywhere?  If so, as the ZDNet Ashley Madison password analysis shows, you are doing it wrong!  Chances are, your password is very easily guessable, even if they don't have access to an unencrypted copy of it.

Why should you care?

  1. America is the single biggest target in the world of cyber attacks.  Why?  We have the money, we are the most known country, and there is a lot of ill will against us for many political or economic reasons.
  2. Each year, about 100 million American identities are hacked and stolen - from online purchase sites, from big stores (you swipe your card at the register, it gets stored in the database, and the database is hacked), and even from the Federal and State governments.  (Do you trust anyone to manage their systems for your security?)  To make matters worse, it may be months or years before a hacked institution even discovers the breach.
  3. As the cost of stolen identities and fraud mount, the brunt of those costs are initially borne by the companies or governments that are hacked - but those costs get baked into the cost of the goods and services, and we end up paying more for them.  Credit cards already have a percentage of fraud built into them - that is going up, and we pay in terms of fees and interest rates.
  4. If your own identity is stolen, the thieves can do a large variety of things.  They can open up accounts as you (cases have emerged where people suddenly got bills for houses they never bought, phone lines they never ordered, and credit cards they never opened).  They can use your card without even physically stealing it - they can create a duplicate.  Your credit history can be ruined, and indeed you may have to spend countless hours, months, or even years fighting in court to fight charges and clear your credit.
If you don't care about these 4 points, then stop reading now.  If you do, then what can you do about it?  Use a password manager.  DO NOT use a spreadsheet or some document, either electronic or written, to store your passwords.  Use an encrypted manager software, like MasterLock's vault, 1Password, or LastPass.  Personally, I prefer the last 2, because they have apps that integrate with Windows, Mac, iOS, and Android - so when you are in an app, you can use the password vault to enter your password.  A few other tips:
  1. Constantly keep up to date on any OS updates.  This is true for your computer, as well as all your devices.
  2. Use AVG Privacy Fix app on your mobile devices to review and tighten your privacy and security settings throughout your social networking apps.  Stop giving games any access to your Facebook or other profile - this is just asking for trouble.
  3. Switch to the password managers (e.g. LastPass or OnePassword), and generate new, random 16-digit or longer passwords for all your accounts.  LastPass has a security challenge analyzer, that analyzes all the stored passwords, and lets you know which ones are used for more than one site (a big no-no), and gives you an overall score you can use to increase your security.
  4. Be very very aware (and wary) of joining WiFi networks
    • Many hackers set up fake WiFi networks that look like real ones.
    • Hackers can also join public WiFi networks, and "sniff" the traffic going across it, to steal wide-open passwords (passwords transmitted as plain text, instead of being encrypted), or even financial data.
    • Typically, many devices show a different icon for a mobile hot spot vs. a permanent WiFi router.  Pay attention to small details like icons.
    • Set your devices to not ask to join available networks.  You should only join if and when you need to, and only the networks that you choose at the time.
    • Review your device and computer joined networks, and delete the ones you think you should never use again.  I will provide a future post showing how to do this.  Meanwhile, e-mail me if you have questions, or post in the comments below.
    • In Windows, you can use the security profiles Home, Work, or Public, to set some sharing options that may help keep you safer.
  5. If you care about your security, make sure to use a secure platform.
    • Apple computers and mobile devices, un-jailbroken, are agreed upon by security experts to be the most secure platforms.  As many recent exposures have shown, Android is the least secure, and Windows has long been known as the biggest target (and therefore least secure) laptop/desktop platform.  The unified operating system across desktop/laptop/tablet/phone for Windows and others, means you increase your exposure to a virus, malware, or exploit because one that targets one device type, makes all vulnerable.  Apple notoriously produces a separate Operating System for each type of device: computer, mobile, automotive, watch, and set-top-box.
    • Apple has the most comprehensive offering across devices, that safely and securely integrates your data and operations across their ecosphere (and many other compatible devices, such as HomeKit-compatible home automation appliances).
    • I cannot recommend any other platform for mobile devices, as I have not yet seen any that measure up.  Unless you want to get Blackberry, but I wouldn't recommend that nowadays.
    • Linux provides an excellent platform for desktop/laptop/server computing, although you may find a lack of support for many end-user software packages, and mobile devices.  For general computing, if you are looking at a Chromebook, then I'd say where do you put your trust - in an Advertising company whose primary income is generated from targeted ads (who develops ChromeOS for free)?  Or in open-source Operating Systems from a reputable company who makes their money from services and premium offerings (ala Canonical)?  Personally, if I were not inclined to get Apple, I would put Linux on a home or business machine.