“Relevant” is the ad industry’s current excuse for all the spying, tracking and intruding on our lives that they are currently tormenting us with.
They “need” to suck down every aspect of our personal lives and habits and idle thoughts… so they can show us better sneaker ads. Sneaker ads that creepily show up the minute we register to run in a 5K. Or walk past a Foot Locker.
This is why I block all ads, everywhere on the Internet. I was reading the descriptions of what it’s like for people experiencing this kind of ad stalking and I have to admit: I can’t relate. I experience exactly none of it. And I’m glad.
When media websites grouse at me for running an ad-blocker, I mentally respond, well, make the ad experience less hideous. Make it less of a personal violation. Wipe out the malware. But these things, they will not do. Instead, they scold and threaten. So if a site still won’t allow me to proceed without white-listing it in my ad blocker, fine. I move on with life.
And oh yeah… if you think it’s not getting worse… the New York Times article linked above mentions ad-blocking as a possible course of action. Not too long ago, that was a glaring omission.
Ah yes, breaches. Not really a much better movie, I’m afraid, yet we keep seeing it over and over. Big splashy headlines touting eye-popping numbers, followed by unsolicited offers of credit monitoring from companies who are really, really hoping their arbitration clauses hold up.
They do seem to arrive in clusters, also. The latest one-two punch is Marriott, then Quora. Marriott managed to get hacked and then not detect it for four years, finally now disclosing that half a billion-with-a-B guest records were exposed. Credit cards, passport info, all the good juicy stuff.
This revelation was followed-up last night by Quora revealing that “only” 100 million-with-an-M records were breached. This email notification went out overnight and resulted in 150,000 people going, Dammit, my Quora account got hacked! and 99,850,000 people going, Wait… what? I have a Quora account?
In any case, the odds are very good that you have been among the nine-or-ten digit totals of a few data breaches already. Here are a few tips on how you can deal with this and get on with life
Take the monitoring. When they offer you credit monitoring free for a year or so, take it. Can’t hurt. Worth the price. But you probably won’t need it because of the other things you are going to do on this list, like…
Freeze your credit. Go to each of the major credit reporting agencies’ websites (Equifax, Experian, TransUnion) and follow their process for freezing your credit reports. Yes, this will make impulsively opening new credit accounts more difficult. Why do you say that like it’s a bad thing?
Check your statements. Look for any phony activity. Your issuer will make good on anything you report as fraudulent on your credit cards if you report it promptly. Don’t wait. By the way: banks are not obligated the same way to make good on fraudulent activity on debit cards – even if you use them as a credit card at the point of sale. So in general, don’t do that. I only use my debit card in the bank’s ATMs.
Check your credit report.Like a lawyer, the credit report checking site you want is not on TV! Ignore all the catchy jingles and flying pigs with smartphones, and go to the only non-scammy site out there: annualcreditreport.com.
Manage your passwords. We’ve talked about it in the past: how your passwords need to be different at every site you log into. If they got your Quora password, let that be all they got. For those of you who are not already using a password manager, the best advice I have is this: START USING A PASSWORD MANAGER RFN. There are things sites can do to make a password-file data breach lower impact; hashing and salting are not just cooking techniques! But not every site does the right things, and not every site does the things right. And it only takes one failure to give everyone a bad day. So you have to protect yourself, and using complex passwords that are unique per site is how you do that. And the only way to keep those passwords all straight is with a password manager.
Enable Two-Factor Everywhere. Two-factor authentication is becoming widely popular since the vast majority of sites are now able to leverage things like Google Authenticator apps on users’ smartphones. This means that dedicated hardware tokens are no longer required, and the barrier to users adopting it for their own logins are as low as they can be now. Be sure you use this wherever it’s available: it means the difference between a password compromise being annoying vs. Game Over.
If you can get yourself to where you are doing these six things, Breaches can be another movie that you just make fun of.