ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Securing Personal Information: Smart phone

    Scheduled Pinned Locked Moved IT Discussion
    26 Posts 9 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • gjacobseG
      gjacobse @scottalanmiller
      last edited by

      @scottalanmiller said:

      @g.jacobse said:

      This morning I took my sun to the doctor

      Well - he is a bright spot of my day....

      @scottalanmiller said:

      Check out Keypass. Although for things like this, we just use our family wiki. It is a MediaWiki wiki and secured on our own server and encrypted via SSL. @dominica and I love it. We keep all of our important info there and a lot of trivial stuff too. From bank account info to a guide to what we packed in which packing boxes.

      I have Keypass on the desktop / laptop. but there isn't a KeYpass for iOS. it's MiniKeepass. I can drop the file into my DropBox account and pull it from there and use the same database.

      Any concerns with that process - dropping the db in to a cloud storage location - Yes,..I admit,..Just a tad bit on the paranoid side...

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.

        For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.

        DashrenderD 1 Reply Last reply Reply Quote 0
        • thanksajdotcomT
          thanksajdotcom
          last edited by

          LastPass gets my vote

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @scottalanmiller
            last edited by

            @scottalanmiller said:

            DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.

            For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.

            I take it you trust the encryption on OneNote?

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @Dashrender
              last edited by

              @Dashrender said:

              I take it you trust the encryption on OneNote?

              OneNote itself doesn't encrypt anything. I don't really need that data encrypted at rest as I'm not storing it anywhere that I am worried about.

              1 Reply Last reply Reply Quote 0
              • C
                Carnival Boy
                last edited by

                SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

                I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.

                gjacobseG scottalanmillerS 2 Replies Last reply Reply Quote 1
                • gjacobseG
                  gjacobse @Carnival Boy
                  last edited by

                  @Carnival-Boy said:

                  SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

                  I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.

                  Yes - SSN = Social Security Number

                  There is a pretty decent drive in the last year or so to safe guard private information due to the high number of SCAMs, and pirating. All you need a the SSN, Name and little else and you can really ruin a person.

                  The security conference I was at last week, the Detective on a FBI task force asked us how many of us pull credit reports on ourselves to check for isses,.. then asked how many of us pull them on our children.

                  He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Carnival Boy
                    last edited by

                    @Carnival-Boy said:

                    SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

                    It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.

                    Yes, the US actually has that as a problem. Mind boggling, I know.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @gjacobse
                      last edited by

                      @g.jacobse said:

                      He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....

                      Just need a good lawyer for that. A credit agency illegally collecting data on a minor is a crime. They don't have any right to do so. You just have to be willing to go after them for damages. As with everything in the US, nothing is a crime unless the victim can afford a good lawyer.

                      1 Reply Last reply Reply Quote 0
                      • Reid CooperR
                        Reid Cooper
                        last edited by

                        It's horrible how social security numbers are abused in the US. Until the government decides to protect the people from identity predators by completely stopping the use of SSNs as IDs by third parties it will continue unabated. There is no incentive for the companies doing so to collect legitimate data.

                        DashrenderD 1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender @scottalanmiller
                          last edited by

                          @scottalanmiller said:

                          @Carnival-Boy said:

                          SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

                          It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.

                          Yes, the US actually has that as a problem. Mind boggling, I know.

                          Off topic I know, but how would you solve this? Even if the Credit companies all decided to assign you a unique number, how would it be any safer than a SSN?

                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender @Reid Cooper
                            last edited by

                            @Reid-Cooper said:

                            It's horrible how social security numbers are abused in the US. Until the government decides to protect the people from identity predators by completely stopping the use of SSNs as IDs by third parties it will continue unabated. There is no incentive for the companies doing so to collect legitimate data.

                            But again, all this does is shift it from a government issued number to a privately issued one, how is that any safer?

                            1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Dashrender
                              last edited by

                              @Dashrender said:

                              Off topic I know, but how would you solve this? Even if the Credit companies all decided to assign you a unique number, how would it be any safer than a SSN?

                              Because it would be THEIR number to protect and not a public number needed by you and for you for nearly everything that you do. Your SSN is not an ID, is not unique, is not protected, is not secret, cannot be changed and is needed for a massive array over everyday things. It is used as a password, not an identifier in many cases.

                              Nearly everyone who stores information about you stores it privately. Credit agencies are unique in that they collect data not connected to you and tie it to you by something that is not an ID.

                              1 Reply Last reply Reply Quote 0
                              • JaredBuschJ
                                JaredBusch
                                last edited by

                                Back on the original topic (because I was not here for a couple days)...

                                @g.jacobse mentions reducing accounts.. You cannot reduce accounts. You need to expand them.

                                Reducing accounts means tying more services to fewer accounts. That is the opposite of what you want to be doing.

                                You want all services to be unique accounts unrelated to each other. In theory you would have a different email for all of them, but that is going overboard.

                                Each service should never be linked to a Google account or Facebook account, etc. You should be signing up to each service directly using their internal account creation system with a unique password on each system.

                                Then use LastPass or KeyPass to handle all of the account authentication.

                                KeyPass is much less useful and the work it takes to make it as useful as LastPass is not worth the investment of time. LastPass is $12/year to gain access to the mobile app.

                                gjacobseG 1 Reply Last reply Reply Quote 1
                                • gjacobseG
                                  gjacobse @JaredBusch
                                  last edited by

                                  @JaredBusch

                                  It's over all that I'm trying to reduce the number of accounts. In cases of places like Pintrest - it has it's own account details,.. I didn't and don't trust the Google or Facebook sign in.

                                  My Facebook page is close to being deleted... It's only there to follow a few people that I would not otherwise be able to follow / communicate with. Facebook mobile split the FB app and Messenger - I'm not installing the messenger - don't like extra crap on my phone.

                                  I believe I have a total of seven GMail accounts.. separation and function,...

                                  I will look at LastPass - but even at $12.oo a year,.. I'm not sure I want to pay for something... I like OpenSource and free if possible. But respect the authors and they do very much deserve support for the work they do.

                                  scottalanmillerS JaredBuschJ 2 Replies Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @gjacobse
                                    last edited by

                                    @g.jacobse I would keep the messenger and not use the FB app if I had to choose just one. Keep the one for communications.

                                    1 Reply Last reply Reply Quote 1
                                    • JaredBuschJ
                                      JaredBusch @gjacobse
                                      last edited by

                                      @g.jacobse said:

                                      I will look at LastPass - but even at $12.oo a year,.. I'm not sure I want to pay for something... I like OpenSource and free if possible. But respect the authors and they do very much deserve support for the work they do.

                                      It is free to use. You only have to pay for the Premium membership if you want to use the app on your mobile device. But at that point it is the same as KeyPass, just slightly better in that as a commercial application, things are generally more polished.

                                      1 Reply Last reply Reply Quote 0
                                      • 1
                                      • 2
                                      • 1 / 2
                                      • First post
                                        Last post