OpSec vs LinkedIn, round 1

Consider usi…use a burn email address that is only used for Linkedin and to use if you forget your password.
Professionally, you’ll need to use your real name.
Search: Don’t allow public searches, make people use Linkedin to be able to search for you
Company: Consider not putting your current company on the list if you’re in the high risk group.

Advertisements

OpSec vs Facebook, round 1

This is a quick summary of things you need to remember when creating/configuring your account

Consider usi…use a burn email address that is only used to receive Facebook notifications and to use if you forget your password.
Name: You can’t use Batman on Facebook (take my word for it) but you can use something that does not disclose your real name OR at least hide yourself from the web/public search and/or limit who can search for you on Facebook.
DOB: Does Facebook really need to know what your date of birth is? If they are going to send you a birthday gift, well…you get the idea, change it to something else (and write it down!)
Address, location, etc: Your friends know where you live, does the world or your other friends need to know.
Phone Number: really, is Facebook going to call you?
Search: limit the search to your friends or friends of friends, don’t allow people to search for you by email address.

A picture is worth a 1000 words

What harm can one picture bring…well…

A photo can identify where you are at a point in time
A photo can show others where you live/work
A photo can show something that could be used against you in the future

If you tell your mum that you were at home studying and you post a photo of you clubbing on Facebook…you better find a good excuse to explain that before you get home.

If these are things that could get you in hot water, best that you think about how you take your next photo.

Be aware of landmarks, company names/logos if you don’t want to be tracked.

At the very least, keep your photos private.

Here’s an example from early in the year:
http://nakedsecurity.sophos.com/2014/01/09/stalker-friendly-app-nametag-uses-facial-recognition-to-look-you-up-online

Psychology of Psychos

They come in different shapes and sizes.

Dr Jekyll/Mr Hyde: nice one day, bad 4ss the next.
The clinger: harder to get rid of than a bad smell

and so on…

There is no easy way to find out what kind of person some really is until you really get know them. Trust is a two way street, being ‘street smart’ will help you build trust and weed out the weird ones.

If you’ve experienced any one of the above or can think of others, what would you have done differently to avoid meeting them in the first place or to be able to sever ties with them quickly?

Perhaps good OpSec will help?