Digital Literacy: Reading Between the Lines

The great folks at Tech Soup Canada host a monthly series of talks, Tech Tuesday, and they recently invited me to share what I know about “Digital Literacy”.  Little did I realize what I’d actually taken on. Digital Literacy isn’t just one tidy little topic. It’s actually a bunch of concepts, interwoven and far-reaching. Confused? You should be. I was.  Which instantly galvanized me to distill a meaningful definition without diluting the impact of all the contributing factors as shown below:

Because Digital Literacy really means multiple literacies. So what we should fully appreciate is that it goes far beyond simply being able to use the technology, but also entails:

“The ability to locate, organize, understand, evaluate and analyze information using digital technology”. Wikepedia

I also very much liked this definition of what it wasn’t:

“Digital literacy is not simply a means by which we consume ever-increasing amounts of data and information, but a critical and creative means of interacting with the world.” Matt Dean

I’ll break it down to 3 core competencies:

USE: do we know how to use the range of technology available to us? And that’s a whole lot of devices

UNDERSTAND:  can we comprehend the information, put it into context? More importantly, can we critically evaluate it? 2 words kept coming up when I did the research: Critical Thinking.

CREATE: Can we produce content, and then successfully communicate and share that content using the tools available?  Content isn’t just words on a page. It’s graphic, visually impactive. It’s audio. It’s sensory.

Another big question raised repeatedly: What can you contribute to the online conversations that is unique? Websites, memes, infographics, blogs, videos and anything beyond that.

ireallymemeit

It’s all well and good to be familiar with the tech available and know how to use it. But baby, baby it’s a wide world out there and not everyone has the same techno advantages. Yes, I’m talking disparity aka known as “The Digital Divide.”  One of the caveats I learned when researching Digital Literacy is that freedom of expression comes with digital constraints.

Being digitally literate requires that we understand our responsibility for accurately and safely curating and disseminating information. Think on that for a moment. Then think about our kids, in schools everywhere, and how they are actively engaging in online media as part of their curriculum.  It would be nice to think there is a level playing field out there, especially when it comes to our kids in the classroom, but that’s far from the reality.  According to CBC Tech columnist Jesse Hirsch, it’s “a pressing social issue.”

“The digital divide is a problem that goes beyond schools that needs to be closed not just with social policies but with the technology industry making sure their products are affordable.”

And this matters vis a vis Digital Literacy because it’s how we learn; how we engage; and how we work.

“Individual freedom and creativity, and societal and economic development, are becoming dependent on a degree of digital literacy.”

But regardless of what devices we use, the key to digital literacy keeps coming back to this:  Critical Thinking.  Just as we critically evaluate print media, we must also critically evaluate digital media. “Don’t believe everything you read” fully applies, especially when it comes to social media. Advertising has morphed along with marketing to target your preferences, and to trace your digital footsteps. It’s all about what we don’t know so I have put together a checklist of things we need to stay safe in our digital communities.

  1. Look for discrepancies, bad grammar, spelling errors.  These are tip-offs that somebody is looking for something you don’t want to give them. Like access or personal information
  2. Don’t follow blindly.  Not everyone is your friend, even on Facebook
  3. Wait! Don’t click that link.  You’ve heard of breaches a lot over this past year. Well, phishing is how many victims get lured in. Malicious code is hidden in that cute attachment of kittens. Or in that website link you were sent. Evaluate!
  4. Malvertising. This is another way the bad guys go looking for easy targets. Many of those online ads actually contain malicious code that can redirect you to a website you never wanted to visit. And the worst is, it will follow you home and help itself to your information.
  5. Sponsored Ads.  Technically, if someone is paid to promote something online, that’s sponsored and it needs to be disclosed. But that isn’t happening. You’d be surprised how they get around it and I’ll talk about that in a moment.
  6. Privacy.  You have a right to your privacy. And your information should be kept private. But the internet is Pandora’s box. Once it’s out there, it’s out there for good and you no longer have control over it. Be very selective about what you sign up for and what you choose to reveal. Select All isn’t always the right answer.

This matters for everyone, but in particular it matters to our kids. This generation is growing up with technology in the classroom, at home, at play.  The onus is on us, as their parents, to understand what they can and will be exposed to.  Which is no small feat especially regarding privacy issues.  The collection of personal information online has become commonplace, and is still done without our knowledge or consent.

Read through privacy statements to see how this works. An example comes from Lucid Press, who make a free design and publication app to integrate with Google Classroom.  They encourage educators to sign up for a free educational upgrade and accounts for all their students. According to the privacy statement for Lucid Press:

lucidpress

Now, we  know these aren’t the cookies that you dunk in milk.  But what about web beacons or pixel tracking technology?  A web beacon is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a site or in an email. The use of a web beacon allows the site to record the simple actions of the user opening the page that contains the beacon. Because web beacons are the same as any other content request included in the recipe for a web page, you cannot opt out or refuse them. However, where they are used in conjunction with cookies they can be rendered ineffective by either opting out of cookies or by changing the cookie settings in your browser. This is from the site “All About Cookies”  a free resource to help marketers and consumers understand the issues surrounding the use of cookies.

If I’ve made you stop and think, then this blog has served a purpose. Hopefully, I’ve given you answers to some questions, and prompted some questions you will now try to find answers for. To help you in that quest, these are some online resources you can look into:

As always, really glad you stopped by and thanks for reading!

A Nasty Case of Krab Web

Computer security concept in word tag cloud on white background

It can happen to anyone. Suddenly, your computer screen is an explosion of pop-ups. You think you’ve clicked close only to have another pop-up take its place.  And then they start opening something you never agreed to. Frantically, you try to shut things down only to discover your cursor has a mind of its own. You try to Google what to do, and keep going to a site you’ve never heard of and don’t want. Welcome to the nightmare of a malware infestation.

MALWARE ATTACK! What Do I Do NOW?

screenfull1

I just spent some quality time cleaning a nasty case of Krab Web malware off a laptop. The user had no idea what the item she downloaded would come bundled with. So, let that be my first helpful lesson to you.  Unless you download directly from the source, you are getting your downloads from third party distributor. The names are common, including biggies like CNET and Softonic.  It isn’t that you can’t trust them.  It’s that even they can’t trust what’s going into the mix.  Your best bet is to forego the default installation choice and choose “custom”.  Because when you just click and agree, a couple pages will zoom past. You may think you agreed to another toolbar but you just signed on the dotted line for a dozen – no, I am so not kidding – a dozen or more annoying and even malicious programs that will take you where you do not want to go.  By this, I mean sites where they are phishing for you and downloadable remote access bogeys lurk. But that is a whole separate posting of pain for another day.

STEP 1: Identify and Destroy

step1Let’s say you are on Windows. Open the Control Panel. Then, select Program and Uninstall.  Try to bear with all the pop-up boxes and not click anything.  Once the list of programs appears, click on the Date column to bring up items most recently added. You should see a list of at least 12 or so from when you did your download.  Some will say “Optimizer”, some will say “Protection”, some will say “Best deals”.  They are all bogus.  You want NONE of them. Start by selecting each one and clicking Uninstall.  You can agree to using the program’s own uninstaller remove it. That’s normal. And the best way to get rid of them.  Here’s what I tossed in the trash:

  • Remote Desktop Access VuuPC\
  • PepperZip
  • Optimizer Pro
  • StormWatch
  • Search Protection
  • My PC Backup
  • Surfkeepit
  • eDeals
  • SPT System Updater Service
  • Word Prozer
  • HQ ProVideo
  • Fast Player

Yes, they may sound legit.  But they all had today’s date stamp, and some of them were particularly nasty malware/adware.  As the song says “Don’t Get Fooled Again!”

STEP 2: Remove Adware using ADWCleaner

adwYou may be able to access your browser at this point. If you can, go to this site: ADWCLEANER DOWNLOAD LINK to download an effective Adware cleaner.

Follow the instructions and install. Click on the “Scan” button and then click “Clean”.  You’ll have to reboot.

 

STEP 3: Remove program files with MalwareBytes

malbytesNow, you  need a program to go after the virus, Krab in this case. Download  MALWAREBYTES ANTI-MALWARE. Follow the prompts and install the free version.

 

 

 If prompted, click the green “Fix now” box to start the scan.

malbyte2You may be prompted to upload updates. Click agree.   The program will scan, you can watch the progress, and when it’s done you’ll be notified.  The dangerous files will be quarantined, and expect to be asked to reboot. Say yes.

 

STEP 4: Clean your Browsers

google1You will probably notice a delightful lack of pop-ups this time. But you’re not in the clear yet. You need to clean your browsers now.  Follow these steps as outlined.

If you use Internet Explorer, click on the right corner gear icon for Settings. From the drop down box, click Internet Options.

 

 

google2

In the next box, click on the “Advanced” tab. Click on the “Reset” button. In the next box, select “Delete Personal Settings” and click “Reset”. When Explorer is finished, click close.

 

 

 

 

 

googleFor Google Chrome, click this symbol at the top right: symbol. Then, click on “Tools” and then “Extensions”.

 

 

 

In the Extensions tab, you’ll see Krab Web and other items, some which you don’t recognize. Click on the trash can icon beside those you want to remove. If you didn’t install it, delete it. extensions

 

STEP 5: Check the Spread

A note of caution: Malware spreads with physical contact so you need to check any other devices you’ve connected to your computer, like USB or flash drives, tablets, or even your phone.  Run a scan using your anti-virus and Malware Bytes.Trust me – you’ll be glad you did. Now you’re clean and protected. Surf safe!

** A big thank you to MalwareTips.com and their helpful site

Passwords: The Keys to Your Digital Kingdom

PasswordChalkBoard

Fortress Security is all about keeping you and your data safe. When your home is your castle, you don’t let the drawbridge down for just anyone, but it’s amazing how cavalier we are about securing our digital fortress. Passwords are what keep the barbarians from storming the gates – literally and figuratively. Your online security begins – and ends – with what you choose.

They are your first defense and they can be one of your best defenses when used properly. How so? Typically, the most that we are asked for is something longer than 6 characters, sometimes with a number. If that’s easy for us to come up with, think of how easy that is for a hacker to break.  It takes only 10 minutes to hack a typical 6-character password in lowercase but if we were to extend that password by 3 characters, making it a total of 9 characters in length, and then made it a mix of numbers and letters, alternating the cases of the letters, we just made the job harder by 44530 years. So, the lesson here is: longer is better, numbers and cases are stronger. Easy.

Easy except that the truth is most of us make passwords we can remember. After all, what good is it if we have to write them down someplace or keep forgetting them?  So, we fall into the trap of using names we know, dates, addresses, favourite foods or places or even celebs. These our things our friends and families already know about us. Guess what? We’ve put all this same personally identifiable information up on the social media sites we frequent, as we chat about lives, our jobs, our interests. Hackers know to go straight to these sites first and find their keys into our digital kingdoms. But now you know, too. Yahoo put together a list of passwords, 500 of them actually, that we shouldn’t be using. (here is the link: https://www.yahoo.com/tech/here-are-500-passwords-you-probably-shouldnt-be-using-96467697789.html). Yes, password is one, and butterfly is another. Along with every common name I’ve ever heard. Lesson learned: no pain, no gain. Making it inconvenient for ourselves makes it hard for hackers. That 9 character nonsense password will be deterrent enough.

So once we’ve gone to the trouble of making that impenetrable password, it should be good enough to use on everything, right? Wrong. So very, very wrong. And yet, that is a mistake most of us make. And almost as bad is when we alternate or recycle passwords. Oh, the inconvenience. Yes, it is a royal pain to manage up to a dozen different passwords, never mind we can’t remember them now.  But that pales in comparison to cancelling all your credit cards, then carefully reviewing your bank and card statements from now on. There are ways to manage your passwords, including third party software. While I can’t say what works best, what I can say is this: if you haven’t already been hacked, you are about to be. This is how you won’t become another data breach statistic on the nightly news.

Welcome to Fortress Security

imagesYour home is your castle. It’s filled with pictures and memories, set up just the way you like, more than just the money you paid for it. You buy insurance to cover the cost of replacing it lest anything should ever happen to it but the truth is – it’s irreplaceable. Nobody wants to go through the heartache or headache of massive loss or damage.  But that’s exactly what happens when our computers crash or phones go missing. We put the equivalent of our entire lives on tech devices. We have become a mobile society.

Most people know about anti-virus software and backups. A percentage use these to safeguard their tech and their data. But the reality is that most people have no idea just how vulnerable they are and what their actual exposure to damage and loss is.  Today, the real risk isn’t dropping a phone into a puddle or circuits frying. It’s something lurking in the shadows, waiting for you to swipe your credit card, visit a website, or open an email attachment. Cybercrime has become a significant player in the new global economy, and it’s here to stay.

If only hackers were those sharply savvy caricatures dressed in black we enjoy in movies. But there is nothing charming or funny about gangs of thugs whose sole motivation is to get rich by ruining the lives of others. And that is the true essence of cybercrime. Our personally identifiable information, or PII, is the new currency of the blackmarket. Usercodes, passwords, drivers licence numbers, home addresses -we are broken down to bits and pieces, sold to the highest bidder, who will then recreate a whole new identity at our cost.

As it stands, the black hats are keeping more than  one step ahead.  For those of us in information security, or InfoSec, it’s a frustrating game of catch-up.  Which means damage control more than damage prevention.  The stakes are high, the payoffs are huge, and the playing field is global. But knowledge is power in this fight. As malware evolves and data breaches make nightly news, for the average user that really will mean an ounce of prevention is worth a pound of cure.