November 21, 2024 • 22 mins
Online harassment is as bad as it’s ever been. And the election results have a lot of people worried about their privacy & safety. Before you make any big moves like logging off forever, do a quick digital hygiene check. There are a few simple steps you can take today to make life a little harder for online trolls.
Resources:
https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/
https://open.nytimes.com/how-to-dox-yourself-on-the-internet-d2892b4c5954
https://www.aclu.org/news/free-speech/some-steps-to-defend-against-online-doxxing-and-harassment
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:01):
Cool Zone Media. Hello, and welcome back to It Could
Happen Here, a show that is no longer hypothetical now
that it is happening here. I'm your occasional host, Molly Conger,
and today I just want to talk to you a
little bit about your online security. It's a hot topic
right now for obvious reasons, and this won't be a
(00:23):
comprehensive overview on the subject by any meanings. I'm sure
there will be more episodes in the future covering specific
angles on this and more depth, but today I just
want to touch on some basics, especially for people who
may be asking themselves some of these questions for the
first time. This is more of a mental framework and
a pep talk. The main message here is don't freak out.
(00:46):
I'm not saying the situation isn't serious for your concerns
aren't real. It's very serious. But freaking out is not
going to do you any good. And if you're looking
for complicated, high tech solutions to the very real anxiety
that you're feeling right now, this episode doesn't have it.
That's not what I have for you today. And I
(01:06):
know a lot of people have really specific concerns about
apps they might be using to track their menstrual cycles
or fertility, and we're not going to touch on that
today because I think it's a topic that deserves its
own episode, and an episode where I talk to an
actual expert. So I'm hoping to get that out next month.
So what are we talking about? The answer is pretty simple,
(01:30):
calming down and shutting up. That's right. It's only Thursday
when this airs, but it is always shut the fuck
up Friday in our hearts, because the main source of
the risks you can do something about is your own mouth.
Because here's the thing. I'm not an expert on digital security.
(01:52):
I'm not a computer programmer or a hacker. I had
to call our producer Danil one time because I went
to record an episode in my little recording device said no,
and I almost cried. And it turned out I accidentally
slid the little tab on the data card that locks it.
I don't know, but what I do know a lot
(02:13):
about is how to exploit someone else's lack of digital security.
If you're a listener to my show We're Little Guys,
you know that I kind of have a knack for
finding out everything there is to know about a guy
so what I can offer you is a sort of
reverse engineered guide to stay safe online from someone like
(02:34):
me but evil. I like to tell people that you
should be thinking of your digital security kind of like
your health. People are going to have different risk factors,
different vulnerabilities, different concerns, different goals. If you're undocumented or
on a student or work visa, the risks and possible
consequences for you are very different. If you're queer or trans,
(02:56):
or a person of color, your risk profile looks different.
If you're economically dependent on family members whose politics don't
align with yours, your risk profile is different. If you
have a criminal record, if you work in a field
where your political activity is a significant threat to your
continued employment, if you're running for office, if you have
a security clearance, if you have children or vulnerable family
(03:17):
these are all different vulnerabilities, and you're going to have
specific concerns that are unique to you. And this isn't
meant to address those specific risk scenarios. But just like
people who may have different risk factors when it comes
to their health, everyone can benefit from the basics. You know,
no matter who you are, you have to wash your
(03:37):
hands and when it comes to digital security. A lot
of people want to jump right to the exciting, complicated
technical fixes. You know, they want the Kim Kardashian full
body MRI equivalent of being safe online. People want to
talk about buying burner phones and getting a Faraday bag
and evading high tech surveillance, but they're not washing their hands.
(03:59):
People love to say they're going to buy a burner phone.
But if you go to Walmart and you buy a
burner phone, and you put your credit card into the
machine that is recording a video of your face, and
then you take that phone home and turn it on
inside your house next to your real phone, you've done
nothing but waste your time and money. So we're not
talking about solutions like that. We are talking about is boring,
(04:21):
un sexy, basic stuff that everybody can and should be
doing before they jump into the deep end. If you
choose to go that route, because I'm not saying you
shouldn't worry about more advanced threats, I'm just saying you
have to start here. So before you can figure out
how to mitigate a risk, you have to nail down
what that risk actually is, What is the outcome that
(04:43):
you're hoping to avoid. There's a lot of anxiety right
now about unknowable possibilities, and it's really easy to get
overwhelmed with the what ifs of a worst case scenario
and then you just end up feeling really helpless. And look, yeah,
there are there are some potential threats here that I
don't have the tools to help you address. But that
(05:05):
doesn't mean you shouldn't be taking the steps that are
within your control right now. You have to fight off
that feeling of helplessness. So what we're talking about here
is threat modeling. I gave a little workshop a few
months ago about digital security, and the first thing I
asked the group was what is the bad thing that
you were worried will happen? And most people's answer to
(05:27):
that was they're worried about getting docksed. Okay, that's fair,
that's a valid fear, But what do you mean by that?
What specifically is the piece of information you are worried
someone will discover? Is it your name, your address where
you work? Is it connecting two pieces of your online
(05:47):
identity that you thought were separate. Docsing can mean a
lot of things to different people at different contexts, and
it can happen in degrees right, like you know my
full legal name. I'm doxed to whatever extent that means anything.
But this could still happen to me. Someone could still
discover a piece of information about me that I wish
(06:10):
they didn't have. And most people can't become completely anonymous.
I can't help you do that, and honestly, I don't
think that should be most people's goals. Don't disappear. I'm
not telling you you should disappear. This is just about
figuring out what makes sense for you and what you
can do to navigate the landscape that you've chosen to
(06:33):
operate in. So, what is the actual negative outcome specifically
that is making you feel afraid? What is the concrete
thing that you are thinking about when you experience that fear.
(06:56):
And people's answers tend to be that they're worried about
getting harassed, They're worried about their physical safety, they're worried
about negative fallout at work or at school. People's fears
tend to be about things like getting arrested, getting sued,
getting fired, getting hurt, and getting embarrassed. And so the
next question is can you identify the potential sources for
(07:18):
the kinds of harm you're worried about, and you can
sort these into a few primary categories. The state can
harm you. That's the police, the government. You can get
charged with a crime. Institutions can harm you. If you're
a student, you can get in trouble at school. If
you have some kind of professional license, people could file
complaints against you. Politicians and organized political groups can harm you.
(07:41):
You know, Marjorie Taylor Green might tweet your TikTok video
or Canary Mission might do a blog post about where
you work. And right wing groups can harm you. You
might get targeted harassment from some Nazi telegram channel. The
worst case scenario, maybe you were physically threatened or attacked
by an extremist group. You could get swatted. And then
(08:02):
there's just this sort of wild card of the random
strangers and Internet mobs and the way they factor into
and exacerbate all of the above scenarios. When it comes
to harm from the state, that's beyond what we're talking
about with this digital hand washing metaphor. A lot of
the prevention steps you can take today are still going
(08:24):
to help you. They're still worth taking. But at the
end of the day, if the government wants to know
who runs a Twitter account, who drove to a protest,
who supported a movement, who donated money. That's beyond the basics.
Most of what I have direct experience with are just
these basic measures that you can take today to make
it a little bit harder for the average weird little
(08:44):
guy to get into your business. It'll stop the average
online troll, it'll slow down a decent sleuth, but it's
not the kind of stuff that stops a guy with
a warrant. Think of protecting your online identity like being
inside your house. If you have no curtains, someone walking
down the street can see you, even if they didn't
(09:06):
go out of their way to look. If you're putting
everything out there with no thought to digital security, somebody
could dock see without even trying, just like they would
be able to see and through your windows from the street.
Somebody who is a little more curious about you might
walk into your yard. But if you put up a fence,
maybe that person will decide this isn't really worth my time.
(09:28):
Somebody who loves peeping in windows and really wants to
see you, he's gonna hop your fence, right. But the
average troll will see these barriers and they'll get bored.
But again, curtains, a fence, a locked door, a guard dog,
these don't stop a guy with a warrant. So we're
talking about just putting up barriers that slow down and
(09:49):
discourage the average low to mid level weirdo. In short,
delete your Facebook, set your accounts to private, you signal,
put a passcode on your phone, and say less and
try to do something about the data brokers. Let's break
these down one at a time. I'm sure it's been
talked about on this show before, but I tell everyone
(10:11):
in my life download Signal. Download Signal. It's free, put
it on your phone. It's just an encrypted messaging app,
and I use it by default, pretty much exclusively in
place of regular texting, just because it's easier for me
to have everything in one place. It doesn't collect or
store your metadata, it doesn't back up to the cloud,
and you can set all of your conversations to automatically
(10:32):
disappear at whatever time interval you choose. You don't need
text messages from a year ago, You don't. Those can
never help you, They can only hurt you. Just let
them go and turn off the biometric unlock on your phone,
whether that's a fingerprint or a face ID, turn it off,
turn it off. Set a passcode. If you get arrested
(10:54):
and you have your phone on you, they can use
your finger or your face to unlock it without warrant.
But if you have a passcode, you're a little bit safer.
So set a pass code that's at least six digits
long longer if you can bear it, I know. But
when it comes to social media, you have some choices.
You may look at your own threat model and say, well,
(11:15):
I don't care if everyone can see what I've posted,
and that's okay, right. We all have different goals and vulnerabilities.
And if you're a very public organizer, then yeah, you
need public social media. But if you've been using Facebook
for twenty years, you probably weren't always very careful about
what was on there. And there are privacy settings now
(11:37):
where you can retroactively set all of your old posts
to a new privacy settings. You should do that start
there if you haven't done that, but that still leaves
a lot of digital debris. If you've changed your display
name to something more private in recent years, something that
isn't your current legal name, old posts that other people
(11:58):
made about you still have your old name in them.
So if they tagged you ten years ago, that old
name is still a link to your current profile, and
you can't control the content that your friends and family
posted years ago. And on the flip side, if in
the end you decide you don't care what's on your
(12:19):
Facebook about you, when you're doing your threat modeling, consider
the people close to you, because when I'm working at
this from the other side, a lot of times I'll
find that, you know, the guy that I'm looking for
has done a pretty good job cleaning up his own
digital presence, but his wife, his mom, his sister, someone
(12:39):
in his life as not. So if there's someone in
your life who maybe is at greater risk than you are,
don't be their weak spot. And if you're in a
position to do so, talk to the people in your
life about this. Have these conversations about what are our risks,
what are our goals, Let's do a digital hygiene and
(13:00):
check together. Because you can build an impenetrable digital fortress
around yourself. But if you're aunt Kathy is live streaming
your baby shower, that didn't do you much good. And
now that more people are talking about these kinds of concerns.
You can try approaching the subject with people in your
life that may not have been receptive to it a
year ago. Show your mom how to set her Facebook
(13:21):
to private. Take the time to explain to your less
political siblings why they should think about the ways in
which their social media use might expose someone they care about.
Don't just scold them or you say it's reckless that
you're doing this, talk about why so when it comes
(13:51):
to social media, I'm saying delete your Facebook as a
sort of shorthand for the general cleanup of the stuff
that you've left online for the last twenty years. Cleaning
up your online presence is the number one thing you
can do right now to thwart the bizarro universe version
(14:11):
of me who is trying to collect every piece of
information about you. Because even if you're careful today, even
if you're so smart about it now and you're not
putting anything online that puts you at risk, you weren't
always that careful. We're all guilty of it. People who've
been doing this for a long time, people who know better,
We're all guilty of being a little messy online. It's okay,
(14:34):
there's no shame that you didn't know before. Don't feel silly,
don't feel guilty. Just start cleaning it up today and
so to figure out what exactly you might have been
leaving out in the open, one thing you can try
is doxing yourself, or do it with a friend, right,
try doxing each other. So start with a completely clean cash,
(14:54):
deleat your cookies, whatever, Open an incognito browser, start with
a blank slate, and just google yourself. Google your name,
your address, your phone number. Google the usernames that you
currently use on various sites. But google the username you
used in high school. Google your old aim handle, Google
(15:15):
the email address you made when you were twelve. What
comes up? And is that information you want everybody to have?
Probably not. Start by deleting accounts you don't use anymore.
Just wipe those bad boys right out. You don't need those.
A lot of people have no idea that the ghost
of their old MySpace page still exists online. I've actually
(15:39):
used that one fairly recently to confirm the details about
a person's close associates and family members. They hadn't logged
into MySpace since twenty ten. But your top eight lives
forever so delete or set to privates any account that
you don't use, don't need, or just don't need to
be public facing. Log into every social media site, every forum,
(16:02):
every online store where you've ever created an account, and
just look at what's visible. Your online reviews may contain
information about where you live. Your profile on some forum
you posted on in twenty twelve probably has your birthday
on it. And if you're an active Pinterest user, your
Pinterest boards are probably revealing a lot more information about
(16:23):
you than you realize, information about your family, your interests,
your plans for the future. People will make Pinterest boards
with names like Jaden's second birthday, and now I know
that you have a son named Jaden whose second birthday
party you were planning last July. That's a real example.
So set these things to private. Change your profile picture
(16:44):
to something that isn't your face. Look at your username.
Did you have to put some numbers at the end
of that because the one you wanted was taken? Are
those numbers your birthday? And vary your usernames a little bit.
Unless you have some kind of professional reason for using
a personal brand across every platform, don't use the same
username everywhere. Keep separate areas of your life. Separate, don't
(17:09):
make it any easier than it needs to be to
connect these different pieces of your digital footprint into one
picture of who you are. Because again I'm not talking
about becoming completely anonymous online. A lot of people need
to exist online as the person that they are. You
have a LinkedIn, you do public facing organizing. I'm not
(17:31):
saying you need to disappear from online, but if you
have accounts that you don't want connected back to your
true identity, If there are pieces of you that exist
that you don't want side by side, don't connect them.
So if you anonymously run a social media account for
an activist group, don't use it to follow your own
(17:51):
real account. Don't like your boyfriend's posts when you're logged
into your anarchist shit posting account if you don't want
it connected to you, don't create overlap. If you post
a screenshot from one social media platform onto another, a
screenshot of a tweet on your Instagram, whatever, be mindful
of what's in that image. Is there a thumbnail of
(18:13):
your own profile picture in there? Does the screenshot show
that you interacted with that post? Because a filled in
heart on an Instagram screenshot is something I have used
as a building block for a docs. And maybe you've
never posted anything identifiable on Twitter, but if you've posted
a link to your Twitter account on Reddit, or are
(18:34):
you in a big discord and you shared one of
your own posts with your friends in there, like hey
look at this bang or tweet I'm going viral. And
I say both of those specifically because both of those
are specific mistakes that I have seen people make that
were for me a crucial link between two accounts that
connected the dots to figure out who they were. Use
(18:55):
two factor authentication, use a password manager, use complex passwords,
never recycle a password. Check databases like have I been poned?
See what's been leaked about you? And some of that
data is out of your control now, but it's out
there and you can't call it back. But you can
change all of your passwords today. You can download a
(19:15):
password manager and change all of your passwords today, and
all of your passwords should be something different from one another.
I'm going to say it again, change all your passwords.
Stop using your dog's name as your password for everything.
It was hard, but I did it, okay. And when
you're doing this digital hygiene check. You know you're googling yourself.
You're checking these breach databases. One of the things you're
(19:38):
going to find is your address, your email address, and
your phone number, and your parents' names and your parents address.
All of these pieces of what you thought were personal
private information. They are bought and sold to data brokers,
and these data brokers put them online on sites that
people can pay to access. Fel like people find your
(20:00):
true people search white Pages. There's hundreds of them. Now.
By law, all of these sites have to have a
link on them somewhere where you can ask them to
delete your information. Some of them make it kind of hard,
and it may take weeks for them to actually honor
the requests, and you may have to follow up. But theoretically,
(20:20):
if they're operating legally, you do have the ability to
manually clean up how much of your personal information comes
up from these data brokers. But I'll be honest with you,
it's whack a mole. You could spend one afternoon a
week for the rest of your life making opt out
requests and following up on them and checking back to
make sure it's really gone. You can do that. I
(20:43):
used to do that, but there are also services that
will do it for you for a fee. I think
there may be an episode in the pipeline examining that
particular ecosystem and some more details. So I won't go
into the pros and cons of different services that exist,
but if that's something you're interested in paying for, do
some research about it before you put your money down.
(21:03):
But at the end of the day, I just want
you to remember you can't solve this whole problem. That
might sound like a defeatist message, but I think it's healthy.
I'm not saying it's hopeless. I'm saying you have to
spend your energy where it counts. People ask me all
the time, you know, are you worried about this or
that specific threat? And the answer is yeah, probably, Yeah,
(21:27):
of course I'm worried. But you can't let that fear
overwhelm you. You know, if I get fixated on the
existence of threats that are outside of my control, I'll
just freak out, and that makes me less capable of
focusing on mitigating the threats that are within my control.
So don't put blinders on, don't lie to yourself, you know,
(21:49):
be realistic, but don't wear yourself out worrying about things
that are so far out of your control that all
you have is fear. So today, now take a deep breath,
delete your MySpace account, and talk to your mom about
setting all her old Facebook pictures to private. It could
(22:11):
Happen Here is a production of cool Zone Media. For
more podcasts from cool Zone Media, visit our website foolzonmedia
dot com, or check us out on the iHeartRadio app,
Apple Podcasts, or wherever you listen to podcasts. You can
now find sources for it could Happen Here, listed directly
in episode descriptions. Thanks for listening.
Cool Zone Media. Hello, and welcome back to It Could
Happen Here, a show that is no longer hypothetical now
that it is happening here. I'm your occasional host, Molly Conger,
and today I just want to talk to you a
little bit about your online security. It's a hot topic
right now for obvious reasons, and this won't be a
(00:23):
comprehensive overview on the subject by any meanings. I'm sure
there will be more episodes in the future covering specific
angles on this and more depth, but today I just
want to touch on some basics, especially for people who
may be asking themselves some of these questions for the
first time. This is more of a mental framework and
a pep talk. The main message here is don't freak out.
(00:46):
I'm not saying the situation isn't serious for your concerns
aren't real. It's very serious. But freaking out is not
going to do you any good. And if you're looking
for complicated, high tech solutions to the very real anxiety
that you're feeling right now, this episode doesn't have it.
That's not what I have for you today. And I
(01:06):
know a lot of people have really specific concerns about
apps they might be using to track their menstrual cycles
or fertility, and we're not going to touch on that
today because I think it's a topic that deserves its
own episode, and an episode where I talk to an
actual expert. So I'm hoping to get that out next month.
So what are we talking about? The answer is pretty simple,
(01:30):
calming down and shutting up. That's right. It's only Thursday
when this airs, but it is always shut the fuck
up Friday in our hearts, because the main source of
the risks you can do something about is your own mouth.
Because here's the thing. I'm not an expert on digital security.
(01:52):
I'm not a computer programmer or a hacker. I had
to call our producer Danil one time because I went
to record an episode in my little recording device said no,
and I almost cried. And it turned out I accidentally
slid the little tab on the data card that locks it.
I don't know, but what I do know a lot
(02:13):
about is how to exploit someone else's lack of digital security.
If you're a listener to my show We're Little Guys,
you know that I kind of have a knack for
finding out everything there is to know about a guy
so what I can offer you is a sort of
reverse engineered guide to stay safe online from someone like
(02:34):
me but evil. I like to tell people that you
should be thinking of your digital security kind of like
your health. People are going to have different risk factors,
different vulnerabilities, different concerns, different goals. If you're undocumented or
on a student or work visa, the risks and possible
consequences for you are very different. If you're queer or trans,
(02:56):
or a person of color, your risk profile looks different.
If you're economically dependent on family members whose politics don't
align with yours, your risk profile is different. If you
have a criminal record, if you work in a field
where your political activity is a significant threat to your
continued employment, if you're running for office, if you have
a security clearance, if you have children or vulnerable family
(03:17):
these are all different vulnerabilities, and you're going to have
specific concerns that are unique to you. And this isn't
meant to address those specific risk scenarios. But just like
people who may have different risk factors when it comes
to their health, everyone can benefit from the basics. You know,
no matter who you are, you have to wash your
(03:37):
hands and when it comes to digital security. A lot
of people want to jump right to the exciting, complicated
technical fixes. You know, they want the Kim Kardashian full
body MRI equivalent of being safe online. People want to
talk about buying burner phones and getting a Faraday bag
and evading high tech surveillance, but they're not washing their hands.
(03:59):
People love to say they're going to buy a burner phone.
But if you go to Walmart and you buy a
burner phone, and you put your credit card into the
machine that is recording a video of your face, and
then you take that phone home and turn it on
inside your house next to your real phone, you've done
nothing but waste your time and money. So we're not
talking about solutions like that. We are talking about is boring,
(04:21):
un sexy, basic stuff that everybody can and should be
doing before they jump into the deep end. If you
choose to go that route, because I'm not saying you
shouldn't worry about more advanced threats, I'm just saying you
have to start here. So before you can figure out
how to mitigate a risk, you have to nail down
what that risk actually is, What is the outcome that
(04:43):
you're hoping to avoid. There's a lot of anxiety right
now about unknowable possibilities, and it's really easy to get
overwhelmed with the what ifs of a worst case scenario
and then you just end up feeling really helpless. And look, yeah,
there are there are some potential threats here that I
don't have the tools to help you address. But that
(05:05):
doesn't mean you shouldn't be taking the steps that are
within your control right now. You have to fight off
that feeling of helplessness. So what we're talking about here
is threat modeling. I gave a little workshop a few
months ago about digital security, and the first thing I
asked the group was what is the bad thing that
you were worried will happen? And most people's answer to
(05:27):
that was they're worried about getting docksed. Okay, that's fair,
that's a valid fear, But what do you mean by that?
What specifically is the piece of information you are worried
someone will discover? Is it your name, your address where
you work? Is it connecting two pieces of your online
(05:47):
identity that you thought were separate. Docsing can mean a
lot of things to different people at different contexts, and
it can happen in degrees right, like you know my
full legal name. I'm doxed to whatever extent that means anything.
But this could still happen to me. Someone could still
discover a piece of information about me that I wish
(06:10):
they didn't have. And most people can't become completely anonymous.
I can't help you do that, and honestly, I don't
think that should be most people's goals. Don't disappear. I'm
not telling you you should disappear. This is just about
figuring out what makes sense for you and what you
can do to navigate the landscape that you've chosen to
(06:33):
operate in. So, what is the actual negative outcome specifically
that is making you feel afraid? What is the concrete
thing that you are thinking about when you experience that fear.
(06:56):
And people's answers tend to be that they're worried about
getting harassed, They're worried about their physical safety, they're worried
about negative fallout at work or at school. People's fears
tend to be about things like getting arrested, getting sued,
getting fired, getting hurt, and getting embarrassed. And so the
next question is can you identify the potential sources for
(07:18):
the kinds of harm you're worried about, and you can
sort these into a few primary categories. The state can
harm you. That's the police, the government. You can get
charged with a crime. Institutions can harm you. If you're
a student, you can get in trouble at school. If
you have some kind of professional license, people could file
complaints against you. Politicians and organized political groups can harm you.
(07:41):
You know, Marjorie Taylor Green might tweet your TikTok video
or Canary Mission might do a blog post about where
you work. And right wing groups can harm you. You
might get targeted harassment from some Nazi telegram channel. The
worst case scenario, maybe you were physically threatened or attacked
by an extremist group. You could get swatted. And then
(08:02):
there's just this sort of wild card of the random
strangers and Internet mobs and the way they factor into
and exacerbate all of the above scenarios. When it comes
to harm from the state, that's beyond what we're talking
about with this digital hand washing metaphor. A lot of
the prevention steps you can take today are still going
(08:24):
to help you. They're still worth taking. But at the
end of the day, if the government wants to know
who runs a Twitter account, who drove to a protest,
who supported a movement, who donated money. That's beyond the basics.
Most of what I have direct experience with are just
these basic measures that you can take today to make
it a little bit harder for the average weird little
(08:44):
guy to get into your business. It'll stop the average
online troll, it'll slow down a decent sleuth, but it's
not the kind of stuff that stops a guy with
a warrant. Think of protecting your online identity like being
inside your house. If you have no curtains, someone walking
down the street can see you, even if they didn't
(09:06):
go out of their way to look. If you're putting
everything out there with no thought to digital security, somebody
could dock see without even trying, just like they would
be able to see and through your windows from the street.
Somebody who is a little more curious about you might
walk into your yard. But if you put up a fence,
maybe that person will decide this isn't really worth my time.
(09:28):
Somebody who loves peeping in windows and really wants to
see you, he's gonna hop your fence, right. But the
average troll will see these barriers and they'll get bored.
But again, curtains, a fence, a locked door, a guard dog,
these don't stop a guy with a warrant. So we're
talking about just putting up barriers that slow down and
(09:49):
discourage the average low to mid level weirdo. In short,
delete your Facebook, set your accounts to private, you signal,
put a passcode on your phone, and say less and
try to do something about the data brokers. Let's break
these down one at a time. I'm sure it's been
talked about on this show before, but I tell everyone
(10:11):
in my life download Signal. Download Signal. It's free, put
it on your phone. It's just an encrypted messaging app,
and I use it by default, pretty much exclusively in
place of regular texting, just because it's easier for me
to have everything in one place. It doesn't collect or
store your metadata, it doesn't back up to the cloud,
and you can set all of your conversations to automatically
(10:32):
disappear at whatever time interval you choose. You don't need
text messages from a year ago, You don't. Those can
never help you, They can only hurt you. Just let
them go and turn off the biometric unlock on your phone,
whether that's a fingerprint or a face ID, turn it off,
turn it off. Set a passcode. If you get arrested
(10:54):
and you have your phone on you, they can use
your finger or your face to unlock it without warrant.
But if you have a passcode, you're a little bit safer.
So set a pass code that's at least six digits
long longer if you can bear it, I know. But
when it comes to social media, you have some choices.
You may look at your own threat model and say, well,
(11:15):
I don't care if everyone can see what I've posted,
and that's okay, right. We all have different goals and vulnerabilities.
And if you're a very public organizer, then yeah, you
need public social media. But if you've been using Facebook
for twenty years, you probably weren't always very careful about
what was on there. And there are privacy settings now
(11:37):
where you can retroactively set all of your old posts
to a new privacy settings. You should do that start
there if you haven't done that, but that still leaves
a lot of digital debris. If you've changed your display
name to something more private in recent years, something that
isn't your current legal name, old posts that other people
(11:58):
made about you still have your old name in them.
So if they tagged you ten years ago, that old
name is still a link to your current profile, and
you can't control the content that your friends and family
posted years ago. And on the flip side, if in
the end you decide you don't care what's on your
(12:19):
Facebook about you, when you're doing your threat modeling, consider
the people close to you, because when I'm working at
this from the other side, a lot of times I'll
find that, you know, the guy that I'm looking for
has done a pretty good job cleaning up his own
digital presence, but his wife, his mom, his sister, someone
(12:39):
in his life as not. So if there's someone in
your life who maybe is at greater risk than you are,
don't be their weak spot. And if you're in a
position to do so, talk to the people in your
life about this. Have these conversations about what are our risks,
what are our goals, Let's do a digital hygiene and
(13:00):
check together. Because you can build an impenetrable digital fortress
around yourself. But if you're aunt Kathy is live streaming
your baby shower, that didn't do you much good. And
now that more people are talking about these kinds of concerns.
You can try approaching the subject with people in your
life that may not have been receptive to it a
year ago. Show your mom how to set her Facebook
(13:21):
to private. Take the time to explain to your less
political siblings why they should think about the ways in
which their social media use might expose someone they care about.
Don't just scold them or you say it's reckless that
you're doing this, talk about why so when it comes
(13:51):
to social media, I'm saying delete your Facebook as a
sort of shorthand for the general cleanup of the stuff
that you've left online for the last twenty years. Cleaning
up your online presence is the number one thing you
can do right now to thwart the bizarro universe version
(14:11):
of me who is trying to collect every piece of
information about you. Because even if you're careful today, even
if you're so smart about it now and you're not
putting anything online that puts you at risk, you weren't
always that careful. We're all guilty of it. People who've
been doing this for a long time, people who know better,
We're all guilty of being a little messy online. It's okay,
(14:34):
there's no shame that you didn't know before. Don't feel silly,
don't feel guilty. Just start cleaning it up today and
so to figure out what exactly you might have been
leaving out in the open, one thing you can try
is doxing yourself, or do it with a friend, right,
try doxing each other. So start with a completely clean cash,
(14:54):
deleat your cookies, whatever, Open an incognito browser, start with
a blank slate, and just google yourself. Google your name,
your address, your phone number. Google the usernames that you
currently use on various sites. But google the username you
used in high school. Google your old aim handle, Google
(15:15):
the email address you made when you were twelve. What
comes up? And is that information you want everybody to have?
Probably not. Start by deleting accounts you don't use anymore.
Just wipe those bad boys right out. You don't need those.
A lot of people have no idea that the ghost
of their old MySpace page still exists online. I've actually
(15:39):
used that one fairly recently to confirm the details about
a person's close associates and family members. They hadn't logged
into MySpace since twenty ten. But your top eight lives
forever so delete or set to privates any account that
you don't use, don't need, or just don't need to
be public facing. Log into every social media site, every forum,
(16:02):
every online store where you've ever created an account, and
just look at what's visible. Your online reviews may contain
information about where you live. Your profile on some forum
you posted on in twenty twelve probably has your birthday
on it. And if you're an active Pinterest user, your
Pinterest boards are probably revealing a lot more information about
(16:23):
you than you realize, information about your family, your interests,
your plans for the future. People will make Pinterest boards
with names like Jaden's second birthday, and now I know
that you have a son named Jaden whose second birthday
party you were planning last July. That's a real example.
So set these things to private. Change your profile picture
(16:44):
to something that isn't your face. Look at your username.
Did you have to put some numbers at the end
of that because the one you wanted was taken? Are
those numbers your birthday? And vary your usernames a little bit.
Unless you have some kind of professional reason for using
a personal brand across every platform, don't use the same
username everywhere. Keep separate areas of your life. Separate, don't
(17:09):
make it any easier than it needs to be to
connect these different pieces of your digital footprint into one
picture of who you are. Because again I'm not talking
about becoming completely anonymous online. A lot of people need
to exist online as the person that they are. You
have a LinkedIn, you do public facing organizing. I'm not
(17:31):
saying you need to disappear from online, but if you
have accounts that you don't want connected back to your
true identity, If there are pieces of you that exist
that you don't want side by side, don't connect them.
So if you anonymously run a social media account for
an activist group, don't use it to follow your own
(17:51):
real account. Don't like your boyfriend's posts when you're logged
into your anarchist shit posting account if you don't want
it connected to you, don't create overlap. If you post
a screenshot from one social media platform onto another, a
screenshot of a tweet on your Instagram, whatever, be mindful
of what's in that image. Is there a thumbnail of
(18:13):
your own profile picture in there? Does the screenshot show
that you interacted with that post? Because a filled in
heart on an Instagram screenshot is something I have used
as a building block for a docs. And maybe you've
never posted anything identifiable on Twitter, but if you've posted
a link to your Twitter account on Reddit, or are
(18:34):
you in a big discord and you shared one of
your own posts with your friends in there, like hey
look at this bang or tweet I'm going viral. And
I say both of those specifically because both of those
are specific mistakes that I have seen people make that
were for me a crucial link between two accounts that
connected the dots to figure out who they were. Use
(18:55):
two factor authentication, use a password manager, use complex passwords,
never recycle a password. Check databases like have I been poned?
See what's been leaked about you? And some of that
data is out of your control now, but it's out
there and you can't call it back. But you can
change all of your passwords today. You can download a
(19:15):
password manager and change all of your passwords today, and
all of your passwords should be something different from one another.
I'm going to say it again, change all your passwords.
Stop using your dog's name as your password for everything.
It was hard, but I did it, okay. And when
you're doing this digital hygiene check. You know you're googling yourself.
You're checking these breach databases. One of the things you're
(19:38):
going to find is your address, your email address, and
your phone number, and your parents' names and your parents address.
All of these pieces of what you thought were personal
private information. They are bought and sold to data brokers,
and these data brokers put them online on sites that
people can pay to access. Fel like people find your
(20:00):
true people search white Pages. There's hundreds of them. Now.
By law, all of these sites have to have a
link on them somewhere where you can ask them to
delete your information. Some of them make it kind of hard,
and it may take weeks for them to actually honor
the requests, and you may have to follow up. But theoretically,
(20:20):
if they're operating legally, you do have the ability to
manually clean up how much of your personal information comes
up from these data brokers. But I'll be honest with you,
it's whack a mole. You could spend one afternoon a
week for the rest of your life making opt out
requests and following up on them and checking back to
make sure it's really gone. You can do that. I
(20:43):
used to do that, but there are also services that
will do it for you for a fee. I think
there may be an episode in the pipeline examining that
particular ecosystem and some more details. So I won't go
into the pros and cons of different services that exist,
but if that's something you're interested in paying for, do
some research about it before you put your money down.
(21:03):
But at the end of the day, I just want
you to remember you can't solve this whole problem. That
might sound like a defeatist message, but I think it's healthy.
I'm not saying it's hopeless. I'm saying you have to
spend your energy where it counts. People ask me all
the time, you know, are you worried about this or
that specific threat? And the answer is yeah, probably, Yeah,
(21:27):
of course I'm worried. But you can't let that fear
overwhelm you. You know, if I get fixated on the
existence of threats that are outside of my control, I'll
just freak out, and that makes me less capable of
focusing on mitigating the threats that are within my control.
So don't put blinders on, don't lie to yourself, you know,
(21:49):
be realistic, but don't wear yourself out worrying about things
that are so far out of your control that all
you have is fear. So today, now take a deep breath,
delete your MySpace account, and talk to your mom about
setting all her old Facebook pictures to private. It could
(22:11):
Happen Here is a production of cool Zone Media. For
more podcasts from cool Zone Media, visit our website foolzonmedia
dot com, or check us out on the iHeartRadio app,
Apple Podcasts, or wherever you listen to podcasts. You can
now find sources for it could Happen Here, listed directly
in episode descriptions. Thanks for listening.
It Could Happen Here News
Hosts And Creators
Robert Evans
Garrison Davis
James Stout
Show Links
AboutPopular Podcasts
24/7 News: The Latest
Today’s Latest News In 4 Minutes. Updated Hourly.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.