Equifax Illustrates WHY Certain Information Is Sensitive

There have been thousands of articles about the Equifax breach recently, but very few have discussed the deeper reasons why information that used to be common knowledge has become so critical to online safety and security. This blog post from AgileBits, makers of 1Password, is a great primer on why certain information is now considered sensitive. It all boils down to the fact that banks have adopted identifiers (such as Social Security Numbers) as secrets and “identifiers are bad secrets.” To illustrate the point, the author includes a fun clip from Monty Python’s Flying Circus, the famous “Bruces Sketch.”

There might be a lot of Bruce’s in the room, but there are probably not two with the same birthday and definitely not two with the same Social Security Number (SSN). So the name Bruce can’t be used as an identifier. Bruce + SSN used to be ok, but became a secret when banks began to use them for telephone banking. Bruce + birthday is not great, but add Bruce’s address and that should be unique. However, it is not a secret because Bruce’s birthday can be found on his Facebook page and his address is probably 1,000 places online. Identifiers are clearly bad secrets.

The Equifax breach has brought the problem to a head by speeding up the process of demonstrating that identifiers are bad secrets because for hundreds of thousands of people those identifiers are now public information (for hackers). The solutions are complicated and while many people think they don’t have any “secrets” and ask themselves “Why would a hacker possibly be interested in my boring family photos?” The deeper issue is the increasing interconnectedness of online and physical identities. For a deep dive into how to protect yourself online, see my recent series, “Online Security.”

AgileBits is certainly doing their part to help people keep track of the real secrets: passwords, credit card numbers, driver’s licenses, passports, etc., but a kept secret is only as good as the privacy of the place it is stored such as a smartphone or computer. For more information on this part of the problem, take a look at Apple’s excellent new website on privacy. It presents a clear picture of  how closely related secrecy and  privacy really are.

Google Requests a Fax of an Online Form?!

Here’s a fun throwback to end the week. Google requested that I send them a fax. Really Google? How about I chisel the information into a clay tablet and send it with a tribute of grain via the next caravan going to Mountain View? Yes, Google really sent me the form below after I closed an old G Suite account.

There are thousands of major Google account maintenance tasks that can be done online with no physical paperwork necessary. With Google Fetch and Render large websites can be reindexed, organizations can open accounts to manage hundreds of email addresses, advertising can be broadcast around the world in an instant, but a $2.64 refund requires the telephonic transmission of scanned printed material through the use of a machine invented in 1843. Wow, there are apparently some gaps in the high tech world of Google.

Feedly – Because If You Are Still Starting Your Morning With a Zigzag…

“… through a standard set of Web sites (sic), you’re wasting time and energy. Feedly is what you Needly.” That corny quote is courtesy of a New York Times article from May 2013 and in terms of reading blogs, not much has changed since then.

And it’s not just blogs. Many people still visit a list of websites every day such as news, fitness, sports, celebrities, etc., quickly resulting in a deluge of information peppered with tons of intrusive ads. What they don’t know is that many websites offer one or more “RSS feeds” containing direct links to articles posted each day. For example, The Verge is an excellent source of technology news. They even break down their feeds into useful categories such as posts about “Microsoft, Apple, Google, Apps, Mobile, Science, Features, etc.”  Many companies large and small also have their own blogs with RSS feeds. National Instruments (NI) has a webpage with links to not only their own blog (with over 1,500 posts!), but the technology blogs of their partners as well.

The confusing part is that everybody from the New York Times to The Verge to NI use something called “RSS” to publish their feeds even though they are completely different sources of information published on completely different schedules. The Verge might publish more than 20 articles on a busy day while NI only publishes one article every couple weeks. So why visit multiple sites everyday, some of which might only publish occasionally? That’s where an “RSS reader” comes in. After setup and subscribing to various websites’ RSS feeds, it only displays a list of new articles. Articles in this list are marked as “read” either by being read (duh) or by skimming through headlines. Once marked as read, they do not show up again.

The easiest part is finding a good RSS reader. No need to do a Google search, just use Feedly.com. It’s free, simple to setup, and synchronizes content across its website, smartphone app, and tablet app. It is also fast, straightforward, and provides direct access to a wide variety of high quality news sites organized by topic such as Technology, Business, Design, Photography, Science, and Travel. Other websites and blogs can easily be added via the search box. Once the basic setup is complete, each time Feedly is accessed, it only displays a list of headlines from unread material.

So if you have some free time during these last few weeks of summer, setup Feedly and enjoy distraction free reading of your favorite websites and blogs. By the way, the Elephant Tech blog can be subscribed to by searching for “elephanttech.com” using the search box in the upper right corner…

Leaving LinkedIn After Over a Decade

It was a tough decision, but I finally closed and deleted my LinkedIn account. A professional lifeline for over a decade, it is hard to measure the value of the contacts I had there. However some online transgressions are impossible to overlook and violating privacy is at the top of my list. To be fair, it was probably in their terms and conditions, one of those “sacrifices” we make everyday as a trade for a valuable service offered at no charge, but flagrantly breaking the implicit trust involved in privacy required immediate action.

What did LinkedIn do? They accessed my profession and personal email contacts without my permission and used them to suggest new connections. Before you ask, I am 99.9% sure that I NEVER gave them permission to do this with the other 0.1% reserved for the remote possibility that they tricked me into it somehow. Throwaway email addresses that I only used once and have not used for 10 years were showing up in this list. Doing some research online, it was suggested that LinkedIn might have gotten these addresses when I had LinkedIn open and Gmail open in two browser tabs at the same time. I’m not sure if this is true, but it would be one way to explain it.

It must be tempting for a company like LinkedIn to think that they are helping the world by connecting people professionally and the more connections, the more they are helping. Gmail does something similar by looking into Gmail accounts and suggesting ads so why can’t LinkedIn do the same? But it’s not the same by a long shot. There is an expectation of separation when multiple tabs are open in a browser. Amazon doesn’t look to see what I purchased recently from Nordstrom online and even Facebook, for all their privacy issues over the years, doesn’t seem to make personal suggestions based on my email contacts stored in Gmail.

So goodby LinkedIn, we had a good run where I published over 180 articles on your publishing platform and connected with hundreds of other professionals. As your email said, maybe you’re sorry to see me go, but if you had wanted me to stay, you would have never have violated the trust we worked so hard to build.

Hablamos Español – Jeb Bush, Sonia Sotomayor, Tim Kaine, Rubio, Paltrow, Affleck…

We have been studying Spanish for the past few years and after trips to Costa Rica, Spain, Cuba, Uruguay, Mexico, and Chile, it has become clear how incredibly pervasive the Spanish speaking culture is in the United States as well. Despite the title, this is not a political post, but a nod to the diversity that is so thinly veiled behind the English dominated world. A favorite restaurant employee, a Supreme Court justice, construction workers, many politicians (whether you agree or disagree with their political positions), landscapers, “caucasian” celebrities, professional athletes, and many others all speak the second most popular language on the planet (behind Chinese!).

So here is a short list of my favorites, not in any order and certainly omitting many. I’ll start with Jeb Bush because he inspired me to write this post after seeing him on “El Punto,” the news show hosted by the popular Spanish television anchor Jorge Ramos. Please excuse the ads, Univision goes a bit overboard and I promise hearing Jeb Bush speaking fluent Spanish is worth it.

Next up is the Supreme Court Justice of the United States Sonia Sotomayor in an interview with Jorge Ramos from 2013.

If you don’t speak Spanish, jump to the last 30 seconds where you can see her dancing salsa with Mr. Ramos, muy divertida!

Also, the NY Times article “Habla Español? Tim Kaine Is Latest Candidate to Use Spanish” features several politicians including Tim Kaine, George W. Bush, Michael Bloomberg (or Miguel Bloombito as he is sometimes referred to for his poor Spanish skills), Marco Rubio, and Jeb Bush. Finally, the article, “Guess Who Else Speaks Spanish?” lists 10 more Spanish speaking celebrities with short videos of them speaking.

Yet despite the number of people who speak Spanish around the world, it is shockingly underrepresented in the high tech world. When I managed Mexico for a high technology company, every trip was a revelation. A small calibration lab in what looked like a rundown part of town housed state of the art equipment that was sometimes new, sometimes old, but always kept in impeccable condition. Thirty year old measurement microphones used regularly were still stored in their original mahogany boxes with the original manuals nearby. Engineers often times utilized older equipment to the fullest long after their North American counterparts had moved onto to the “latest and greatest” product offerings.

If your sales and marketing teams are not paying attention to Latin America, they should be. It is a massive market poised for growth. Unexpected highlights include Mexico’s emerging importance in high tech, Costa Rica’s focus on Corporate Services, and Columbia’s exploding IT sector (the third largest in Latin America). To be fair, these efforts will probably not create overnight record breaking growth in the bottom line, but a long-term strategic plan will certainly pay dividends over time especially since most companies are not focusing on Latin America at the moment. At the very least, you will find (like I did) a rich, open culture that greets the rest of the world with a hearty, “Tengo ganas de trabajar con usted pronto.”