Stay safe on the web

--Originally published at TC2027 – Miguel 101

“El que nada debe, nada teme”

“If you have nothing to hide, you have nothing to fear” it’s a very common phrase (my parents use it a lot), and when it comes to our daily lives on the web, it’s used a lot (specially by the government).

We all know about those cases like the dispute between Apple  and the FBI on the San Bernardino attacks. A judge asked Apple to provide “reasonable technical assistance” by helping them unlock the attacker’s iPhone.
At the time, the only way to do this was to write some kind of master key capable of unlocking the device (and every other iPhone too). Obviously, Apple refused because creating such a powerful backdoor into their devices would have easily fired back to they customers (either by hackers finding a way to replicate this master key or straight ahead by being used by the government for surveillance. Looking at you, NSA).

Whenever these kind of news rise up to the mainstream media, again, you get your typical internet user making use of that phrase I started this post.

“Why are iPhone users so against this backdoor the FBI is asking for?
It’s gonna help them get the bad guy! If they have nothing to hide they shouldn’t have nothing to fear!”

But if you stop for a second and think about it, this famous phrase doesn’t even make sense. As Edward Snowden would put it:

“…Privacy isn’t about something to hide. Privacy is about something to protect. That’s who you are. That’s what you believe in. Privacy is the right to a self. Privacy is what gives you the ability to share with the world who you are on your own terms. For them to understand what you’re trying to be and to protect

Continue reading "Stay safe on the web"

But why, tho?

--Originally published at TC2027 – Miguel 101

So my whole semester has been about computing security.
I’ve been listening weekly and very faithfully Security Now’s podcast, learning about all the new risks on security in our today’s world and my mind has been kinda focused on that since I started listening to that podcast.

And at the middle of this security obsession I stumbled upon a very striking question on the mastery topics of my TC2027 course.

Why should we study computing security?

Heck! Why should we even bother in the first place?!

I know you all got that one friend or family member (if not more than one) that when you bring up a good security advice or tell them about a new breakthrough on security tech (as the good cautious geek you are) they’ll call you a tinfoil hat lunatic.
“I gotta do all that?! What a pain in the butt!”. “Are you seriously telling me I cannot repeat my passwords? How do you expect me to remember all of them if I got 100 different ones?!”. “What’s so urgent about updating the firmware of my smartCameras on my home? If it ain’t broken it, don’t fix it. I won’t waste my time doing so.”


And there you got your why. Those kind of people are the reason Security it’s so important. More importantly, the amount of people who think like that it’s what makes Security such a critical field to be studied.

Because people always put commodity over security we need to study and make our security technology almost perfect. This convenience over security is what made The Reaper IoT feasible on the first place! People don’t want to waste time updating the firmware on their IoT devices, cause that’s extra work for them.

But that’s no the worst

Continue reading "But why, tho?"