November 13, 2020
Sometime in the late spring of 2017, I sat down at Crystal Rose’s dining room table and downloaded Coinbase. At that point, I had known her for two weeks. I was entering the tech world after a five year modeling career, hoping to pivot to something that would give me more financial independence and security. I hadn’t known much about Crystal before we started working together, just that mutual contacts had positive things to say and that she was whip smart. What I came to understand later, and what I appreciate most about her now, is that she is a champion for women’s involvement in STEM. She walks that walk every day. After I downloaded the mobile wallet, Crystal explained the importance of saving my private keys somewhere safe and secure, how crypto transactions work, and why diversifying my portfolio with digital assets would help me in the future. She was the first person to pay me in bitcoin.
That conversation was the catalyst for where I am today. Three and a half years later, I am the communications manager for Sense Chat. It has taken me that much time to soak up all the information I can about the tech world and blockchain industry, although I recognize I have only scratched the surface. Of the many “aha!” moments I have had while working with Crystal and her team, one stands out the most. It was a glaring red neon sign that said, “You’ve been interacting with technology for all of your life and you know nothing about it!” As someone who prides myself on my critical thinking skills and my ability to research and learn on my own, I was disappointed at my own ignorance.
This isn’t to say that I didn’t know how to use my computer or phone. I could do plenty of seemingly complex things before entering the tech world: tether my laptop to a tv, clear my browser history, recover files I thought had been lost. But I was missing a fundamental understanding about how the technology I interact with on a daily basis functions, which makes me infinitely more susceptible to manipulation. This is a barrier and a problem for every single one of the 3.5 billion people who own smartphones, every one of the 1.7 billion daily active Facebook users, and every one of the 4.3 billion people across the globe who have internet access. Not only that, but the systems those billions of people interact with are flawed in a way that exploits them.
I believe that human beings are inherently valuable. I believe we have the right to digital self-sovereignty in the same way that I believe we have certain inalienable rights from the moment we arrive in the world. Unfortunately, I’ve discovered that the current systems have not been built with these rights in mind. Education, then, is key to bridging the gap between the average person and informed, autonomous users. The blockchain industry is a small (in a global context) subset of tech. Before anyone can wrap their head around how it works though, it’s important to understand how the previous system works and how it has used you for your time, attention, and data. Further, we should be arming ourselves with defenses against this system.
In an effort to bridge this gap, I leveraged my own following on social media and the Sense Chat Instagram to start what I called the Technology Literacy Series. My goal was to give specific, actionable information that would help people not only protect themselves, but understand why they should want to in the first place. As the short posts gained traction, my inbox started filling up with messages from other colleagues, friends I hadn’t talked to in years, and people I had never met. I had really touched on something for a lot of readers who were interested in the topics, but didn’t know where to start. This education has become deeply attached to my career, but also my purpose. Below, I’ve compiled some of my favorites from the Tech Literacy series so that they live in one place. It is my sincere hope that I can continue to learn from the brilliant team that surrounds me, impart that knowledge unto others, and empower both myself and the people in my sphere to interact with the ever-changing landscape of technology so that we may use it as a tool instead of allowing it to use us.
I look forward to sharing more of my world with all of you soon. Please feel free to drop me a line at firstname.lastname@example.org if you have any questions!
1. The post that started it all:
What does it mean to be technologically literate? Beyond the obvious knowledge required to use technology, we think it’s important to understand the permissions we give our devices and applications. Many of us are guilty of scrolling past terms of service documents without actually reading them, but in doing so, we’re missing important information.
In the coming weeks, we’re going to be sharing information with our community that will help you become more tech literate, focusing on privacy and self-sovereignty.
In the spotlight today is TikTok. The Chinese app was recently banned in India and has also been found using a back door to copy passwords and login information from Apple users’ clipboards. What does this mean for TikTok users? Your personal data has likely been compromised and it’s time to change your passwords (our next post will talk about the importance of strong passwords and utilizing password managers). In addition, the app has access to your camera, microphone, full contact list, location information, and the ability to read and write to the device’s storage. On Android devices, the app also has the ability to access other open applications (this sounds a lot scarier when you consider that many of us use mobile banking or money transferring apps).
A lot of us are guilty of using the same couple of passwords for all of our accounts. Although that makes our lives easier in the short term, it also makes it a lot easier for anyone who wants access to your accounts or information. Your first order of business: change passwords for important accounts to a randomly generated password with numbers, symbols, and no recognizable words.
You’re probably thinking — well that’s a total pain? How am I going to keep track of that? To which we’d say, your second order of business is setting up a password manager (Our team has used both 1Password and Lastpass). These are free services that can provide a lot of value for you, and installing the browser plugin will help you automatically store login details as you sign in to different sites on your device. Different password management systems can also show you metrics on how many different accounts you use the same password for!
Your third and last order: turn on two factor authentication, and where possible, authenticate with an app like Google Authenticator instead of your phone number. This provides a second layer of protection against nefarious activity. Anyone trying to log into accounts with 2 factor auth turned on will be required to enter a code, even if they’ve managed to crack your password! It is also, unfortunately, getting easier and easier for people to “port” phone numbers, or steal them from your cell phone provider. What does that mean for your information? Let’s say someone is able to port your phone number. They try logging into your bank or crypto wallet, and are asked for the authorization code. If they’ve stolen your phone number, the code can be sent via text, and they have full access to changing your passwords and locking you out.
These extra steps usually mean an extra 30 seconds of work when you’re logging in, but they can save you a lot of heartache in the future. Protect your privates!
3. Location and GPS Permissions
Many apps on our phones, and even our phones themselves, mine too much of our location data. In fact, most of these applications don’t need access to our location at all. Where does the data go? It gets sold to the highest bidder of course, just like all your other data.
Take a look at the above slides for the step by step process of turning off frequent location information on iOS and Android, and disabling/changing location permissions on individual apps themselves.
A few things to keep in mind — There are certain apps that actually need access to your location (hello maps and dating apps!) but these should only have permission to track you WHILE you’re using the app. Turning off location services for apps that don’t need it at all could mean you’re no longer able to geotag your photos on instagram, Facebook, or other social sites. This is a pretty small price to pay to protect your information.
If you want to protect yourself from past location tracking, do a quick google search for step by step guides on deleting location information from Facebook, Instagram, Twitter, and other frequently used sites.
4. Using a VPN
How important is it to maintain digital freedom? We’re probably biased but it’s number 1 on our list. Privacy and security are directly tied to digital freedom, so without them, we have nothing.
VPNs are a great way to keep yourself safe online. A VPN is a clever bit of software that masks the IP address of any device you install it on. In simple terms: When you use a VPN, it looks like you’re connecting to the internet from somewhere else.
An unsecured connection means someone could be reading everything you say and watching everything you do. Many search engines harvest your data and log all your online activity. This collected data is then used to target ads at you, or worse, is sold to the highest bidder. A trustworthy VPN will secure and encrypt your internet, locking it away from prying and malevolent eyes.
Websites track your location from your IP address, so if you change your IP address, you can manipulate the system and appear to be in places you are not. But it’s not just a benefit at home: A VPN can be especially useful when traveling. Some countries do not allow you to access certain sites or applications within their borders.
There are plenty of VPN’s out there, but our favorite is ExpressVPN, which has monthly or yearly subscription services for the price of two cups of fancy coffee per month (although we think the cost of digital privacy is *priceless*).
5. Tracking Codes in Facebook Messenger
Facebook has been on our radar for a long time, due to ongoing data and privacy concerns. Our team recently discovered that Facebook Messenger has a secret. It doesn’t tell you this, but *every* picture that you send with Facebook Messenger gets a little tracking code embedded into it.
The tracking code is a “Special Instruction” number with a length of 96-bytes called “FBMD” which is embedded as data in all images sent in messenger. It happens on all images you send — whether they were taken with your camera, sent by someone else and then forwarded, or found on the internet and uploaded.
The exact function of this tracking code is not disclosed by Facebook, but it’s no secret that Facebook likes to track things. One can imagine that the FBMD could be attributed to the the sender of the image, but it also might track an entire chain of custody in a Facebook Database to show how an image travels through messages and emails and even Instagram after starting in your FB Messenger.
There’s no way to turn this function off, but you can make smarter choices about how you share photos and information in the future (by using Sense Chat). Protect your privates!
Up on the chopping block today: BOTS! 🤖 A bot is software that is designed to automate the kinds of tasks you would usually do on your own, like making a dinner reservation, adding an appointment to your calendar or fetching and displaying information. The increasingly common form of bots, chatbots, simulate conversation. They often live inside messaging apps — or are at least designed to look that way — and it should feel like you’re chatting back and forth as you would with a human. But bots on social platforms like twitter or instagram can be a big problem.
There are times where bots can be really helpful, but those of you who have seen The Great Hack on Netflix will know their presence can be insidious. It is becoming increasingly difficult to know whether you are interacting with a real human or a bot online. At Sense, we like to make human-centric products. No bots or spam allowed!
While you wait patiently for the launch of our app this summer, there are a few ways to protect yourself from bots online:
⁃http://Botcheck.me is a browser extension that utilizes machine learning to identify political propaganda bots on twitter.
⁃BotSlayer is a browser extension that helps track and detect potential manipulation of information spreading on Twitter. BotSlayer uses a detection algorithm to identify hashtags, links, accounts, and media that are being amplified in a coordinated fashion by likely bots. Users can view/explore tweets and accounts associated with such amplification on Twitter or search for related content.
7. Finding Real Information in a Post-Information Age
With the US elections right around the corner, social media use has gone up significantly. Many are sharing information, articles, and videos pertaining to the political movements around the world. As many of us have recently discovered, nefarious and bad actors are at work. Here are a few tools that can help you choose the right information to digest:
Hoaxy: Hoaxy is a web-based tool that visualizes the spread of articles online. Hoaxy searches for claims and fact-checking going back to 2016. It tracks the sharing of links to stories from low-credibility sources and independent fact-checking organizations. It also calculates a bot score, which is a measure of the likely level of automation. Overall, the IU Observatory on Social Media is interested in studying and better understanding how information is shared online. They are also interested in studying how social media affects public discourse.
The Glorious Contexubot: The Glorious Contexubot is a verification and fact-checking tool that identifies the sources of audio and video content.
Hamilton 2.0: Hamilton 2.0 is a web-based dashboard that provides real-time information on Russian propaganda and disinformation online. It does so by tracking hundreds of Russian-linked Twitter accounts that are related to influencing information in the United States and Europe. The tool provides analysis of the narratives and topics promoted by the Russian government and state-backed media on Twitter, YouTube, broadcast television, and state-sponsored news websites.
8. URL Tracking
Up on the chopping block: URL tracking. This is how companies are able to target users and retarget users. It is used to track and profile users to measure the effectiveness of their advertising. It’s a violation of privacy, even if it’s collected “anonymously” — that data is still used to create a profile of each user.
Some key data points they harvest: number of clicks, who shares their links, where the information spreads geographically, and more.
Facebook adds a tracking link called a Facebook Click Identifier or “fbclid.” If you remove the “?” (Query) and everything after it, the link still works but is not tracked.
With Apple articles on Apple News, it’s not possible to remove the tracking. Instead, Google the title of the article and go to the actual news source. Sharing the original content is the only way to avoid being tracked.