Wednesday, December 26, 2018

Web Secret 551: Karst Stone Paper

When I work, I always have a notebook in front of me.

There I keep track of ideas, jot down bits of HTML code, write down products I might want to try.

Because I am an extreme stationary nerd, I use different brands of notebooks. I have favored: I was on the lookout for my next favorite notebook when I came across the Australian based Karst Stone Paper company.

The company claims it is possible to make paper without timber and water, without chlorine or acids, without waste, using only a third of the carbon footprint of regular paper using recycled stone.

On the plus side the paper is smoother, brighter, and more durable than traditional paper.

The negative? It's expensive and the notebooks are heavy, not ideal for lugging around in a backpack or a messenger bag.

I ordered one immediately.

Wednesday, December 19, 2018

Web Secret 550: Apple AirPods

Apple's AirPods are white, wireless headphones.

At $159 a pair, I thought I could live without them. Actually, I thought I could live without wireless headphones altogether.

But then I received a pair as a gift and some of that changed.

Things that didn't change: They are white (boring), and they look odd sticking out of your ears.

Things that changed:
  1. The incredible sense of freedom resulting from being untethered.
  2. The convenience of seeing on my iPhone how much battery life is left.
  3. The way they snap into the portable case that charges them.
  4. The high quality audio - though I can't get them to be as loud as I want - which is probably better for my eardrums.
Now I can't imagine how I lived without them.

Wednesday, December 12, 2018

Web Secret 549: Alexa

My California son came home for Thanksgiving.

He showed up with an Echo Dot, and many many Smart Plugs.

The Echo Dot allows you to access's intelligent personal assistant Alexa through voice commands. You use the Smart Plugs to control the electronic gizmos in your home. All you do is plug the Smart Plug into the wall and then plug your device into the Smart Plug.

Things you can ask Alexa to do:

1. "Alexa, order 100 rolls of toilet paper on Amazon."
2. "Alexa, what is the weather in Samoa?"
3. "Alexa, set timer for three hours, take medicine."
4. "Alexa, turn on Nespresso machine."

Remember the computer on the Enterprise in Star Trek? That was my reference point.

Things I quickly learned about Alexa:
  1. Alexa is not yet perfected so I found myself shouting at her a lot.
  2. I don't want Alexa. I want Alex, preferably with a British accent so I can give free rein to my butler fantasies.
  3. Alexa does a lot of simple stuff which is just easier and quicker to do the old fashioned way - by pressing a button. For example, If Alexa does not obey my command to turn on the Nespresso machine in my hour of need - say every morning when I first wake up - I become very angry and end up disconnecting the Smart Plug and plugging the Nespresso machine back into the plug.
  4. If you live with someone who uses Alexa a lot, say goodbye to peace and quiet as there is always somebody yelling at Alexa or Alexa is rattling on about one thing or another.
  5. Alexa is not remotely wireless - you have to plug in the Echo Dot and plug in every device you want to control with Alexa.
  6. On a final creepy note, Alexa sometimes starts talking about random things without prompting. Very Twilight Zone...
So for me, Alexa is not yet ready for prime time. But I did make a mental note to try her again in a couple of years.

Sooner or later, she will be ubiquitous and perfected.

And then...

Wednesday, December 5, 2018

Web Secret 548: the free energy principle

Karl Friston is the foremost neuroscientist in the world and on a short list to eventually win the Nobel Prize in Medicine. He has published more than 1,000 academic papers since the turn of the millennium.

I had never heard of him until I read an article in the December 2018 Wired Magazine: The Genius Neuroscientist Who Might Hold the Key to True AI. Let me summarize what may be Friston's greatest contribution to human knowledge.

It's called the free energy principle and it aims to explain how the human brain works.

Friston believes that the best way to think of the brain is as a probability machine. The idea is that brains compute and perceive in a probabilistic manner, constantly making predictions and adjusting beliefs based on what the senses contribute. The brain is an “inference engine” that seeks to minimize “prediction error.”

In seeking to predict what the next wave of sensations is going to tell it—and the next, and the next—the brain is constantly making inferences and updating its beliefs based on what the senses relay back, and trying to minimize prediction-signal errors.

Free energy is the difference between the states you expect to be in and the states your sensors tell you that you are in. Or, to put it another way, when you are minimizing free energy, you are minimizing surprise.

A single-celled organism has the same imperative to reduce surprise that a brain does. According to Friston, any biological system that resists a tendency to disorder and dissolution will adhere to the free energy principle—whether it’s a protozoan or a pro basketball team.

When the brain makes a prediction that isn’t immediately borne out by what the senses relay back, it can minimize free energy in one of two ways: It can revise its prediction—absorb the surprise, concede the error, update its model of the world—or it can act to make the prediction true.

If I infer that I am touching my nose with my left index finger, but my proprioceptors tell me my arm is hanging at my side, I can minimize my brain’s raging prediction-error signals by raising that arm up and pressing a digit to the middle of my face.

Why should you care?

The free energy principle is also a theory of mental illness. When the brain assigns too little or too much weight to evidence pouring in from the senses, trouble occurs. Someone with schizophrenia, for example, may fail to update their model of the world to account for sensory input from the eyes. Where one person might see a friendly neighbor, a schizophrenic might see a demon.

If you think about psychiatric conditions, and indeed most neurological conditions, they are just broken beliefs or false inference—hallucinations and delusions,” Friston says.

So: The free energy principle offers a unifying explanation for how the mind works and a unifying explanation for how the mind malfunctions. It stands to reason, then, that it might also put us on a path toward building a mind from scratch.

And that dear reader, is where I leave you.

Read the article.

Wednesday, November 28, 2018

Web Secret 547: Do you know why robots are here?

One of my sons works for a startup accelerator.

Accelerators typically help startups find seed investments, connections, and mentorships, as well as teaching them how to pitch their companies, etc. to accelerate growth.

The other day he sent me this 2 minute video link with the rubric: "the fastest growing enterprise software company in history."

Because I am a remarkably unobservant person, I watched it the first time without understanding:

Did you get it?

Watch again: the executives at UiPath are explaining how robotic automation allows them to pursue other challenges. Meanwhile, in the background, their computers are completing tasks at warp speed without their input.

The robots are automating even complex tasks and use machine learning to accelerate these processes even more.


Wednesday, November 21, 2018

Web Secret 546: A Dark Consensus

About a month ago, the New York Times published an article "A Dark Consensus About Screens and Kids Begins to Emerge in Silicon Valley."

Essentially, the article is about how technologists in Silicon Valley are struggling to limit the screen time of their children. They believe "the benefits of screens as a learning tool are overblown, and the risks for addiction and stunting development seem high."

I believe this issue is possibly the greatest facing the parents of the under 18 generation.

Here are two practices of the parents in the article:

1. Daughters, ages 5 and 3, have no screen time “budget,” no regular hours they are allowed to be on screens. The only time a screen can be used is during the travel portion of a long car ride or during a plane trip.

2. Children aren't allowed to have cellphones until high school, are banned from phone use in the car and severely limited at home.

Of course the difficulty is that other children may have cell phones and tablets, and it is easy to go over to a friend's house after school and use their devices.

I liked the approach of this technologist:

" phones until the summer before high school, no screens in bedrooms, network-level content blocking, no social media until age 13, no iPads at all and screen time schedules enforced by Google Wifi that he controls from his phone. Bad behavior? The child goes offline for 24 hours."

But the reality is that opinions about best practices limiting screen time are all over the spectrum. Some parents believe that all children should learn to code at an early age. Others don't believe in strict limits arguing they watched TV all the time as a child and still became successful.

There is a dearth of research on the subject, in part due to the lightning speed with which technology evolves. As soon as we establish best practices, we are faced with a new evolution. Watch out when virtual reality is perfected and we can disappear into worlds that have no reality.

In the interim, EAPs have the opportunity to develop lunch and learn programs about how to limit screen time. And individual counselors can develop this expertise to help their clients of all ages.

Many grownups have a problem with screen time.

Wednesday, November 14, 2018

Web Secret 545: Sextortion Scam

In the past couple of months, thousands of people (possibly millions) received the following disturbing email: (Note: email exactly as it is sent, weird grammar and English included.)
"I am aware of one of your passwords: Lets get directly to point. Not a single person has compensated me to investigate about you. You do not know me and you are probably wondering why you're getting this e mail?

actually, I actually installed a software on the adult vids (sex sites) site and you know what, you visited this web site to have fun (you know what I mean). When you were viewing videos, your internet browser initiated working as a Remote control Desktop that has a key logger which provided me access to your display screen and also web cam. Right after that, my software program collected your complete contacts from your Messenger, FB, and email . After that I created a double-screen video. 1st part shows the video you were viewing (you've got a good taste haha . . .), and 2nd part shows the view of your webcam, and its u.

You do have only 2 alternatives. We are going to understand these types of choices in aspects: 1st solution is to disregard this message. In this case, I am going to send your actual video clip to just about all of your contacts and thus you can easily imagine about the disgrace you feel. Not to mention should you be in a relationship, just how it will eventually affect?

Number two choice will be to pay me $3000. We will think of it as a donation. As a consequence, I most certainly will without delay eliminate your videotape. You will keep going on your daily life like this never happened and you will not hear back again from me.

You'll make the payment through Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google)."
When I first heard about this scam, I read dozens of articles explaining it and offering suggestions on how to handle it. The best of these was "Sextortion Scam: What to Do If You Get the Latest Phishing Spam Demanding Bitcoin."

Here are the recommendations:

1. Do not pay the ransom.

2. Don’t panic. Contrary to the claims in your email, you haven't been hacked (or at least. This is merely a new variation on an old scam which is popularly being called "sextortion." This is a type of online phishing that is targeting people around the world and preying off digital-age fears.

3. What makes the email especially alarming is that, to prove their authenticity, they begin the emails showing you a password you once used or currently use.

Again, this still doesn't mean you've been hacked. The scammers in this case likely matched up a database of emails and stolen passwords and sent this scam out to potentially millions of people, hoping that enough of them would be worried enough and pay out that the scam would become profitable. Think Facebook hack or any of the dozens of major hacks you have heard about before.

4. If the password emailed to you is one that you still use, in any context whatsoever, STOP USING IT and change it NOW! And regardless of whether or not you still use that password it's always a good idea to use a password manager.

5. And of course, you should always change your password when you’re alerted that your information has been leaked in a breach. You can also use a service like Have I Been Pwned to check whether you have been part of one of the more well-known password dumps. (Note: every single one of my email accounts was compromised in one or more data breaches - often from sites I had never heard of.)

6. Do not ever respond to this type of scam. If possible, don't even open the email.

7. Moving forward, enable two-factor authentication whenever that is an option on your online accounts. Yes, I know this is a pain in the neck.

8. One other thing to do to protect yourself is apply a cover over your computer’s camera. A small strip of electrical tape will do.

You've been warned.

Wednesday, November 7, 2018

Web Secret 544: Sash Bag

Sometimes a company uses social media and email so brilliantly, I drop to my knees in awe. And I am compelled to share their story so you can learn from it.

I am talking about you, Sash Bag.

Sash Bag started off as a very small company on Kickstarter in 2016. In fact, they were looking for a mere $29,000.

Ultimately, they raised $81,737 from 738 backers. Still pretty much small potatoes.

So how in the world did they raise $1,019,486 from 4,914 backers on Kickstarter just two years later!?

No, they didn't go on Shark Tank.

And yes, they do have a great product. And provide outstanding customer service.

But their success is the result of so much more.

They made inspired use of Facebook and communication to their backers.

As they raised more and more money, they shared their success and offered more and more perks to their crowdfunders. As it appeared that they were going to hit $1,000,000 - they promised to throw a party for everyone who had invested - if they broke the million dollar mark.

They created a sense of community among the users of their product and they were completely transparent and inclusive about the process by which they source and create their bags. For example, they made videos of the factories in India where they source their Ikat fabric.

They shared the joy of their success and their gratitude to the Sash Sisterhood - women (and even a couple of men) - from every walk of life and all over the world.

Oh, and that Million Dollar Sash Bash is taking place February 23rd, 2019.

Wednesday, October 31, 2018

Web Secret 543: Gapminder

Gapminder is a non-profit venture that promotes sustainable global development and achievement by increased use and understanding of statistics and other information about social, economic and environmental development at local, national and global levels.

Boring, you say?

Think you know basic facts about the people who inhabit the world?

No and no.

First, take the Gapminder Test, 13 questions, 45 seconds per question. If you pass the test, you are qualified to become a Gapminder and you will be honored with the Gapminder Facts Certificate 2018.

The questions include:

In the last 20 years the proportion of people living in extreme poverty worldwide, has...? followed by 3 multiple choice options


How did the number of deaths per year from natural disasters change over the last hundred years? followed by 3 multiple choice options.

I scored a 35%.


The Gapminder folks imagined the world as a street. All the houses are lined up by income, the poor living to the left and the rich to the right. Everybody else somewhere in between. Where would you live? Would your life look different than your neighbors’ from other parts of the world, who share the same income level?

It is all visual - they visited 264 families in 50 countries and collected 30,000 photos.

Start here.

Be amazed.

Wednesday, October 24, 2018

Web Secret 542: AskWonder

Many years ago, my brother founded and was the CEO of a company called FIND.

This was pre-Internet.

Companies paid FIND a yearly retainer in exchange for the ability to ask questions - any question under the sun.

Of course most of the questions were business oriented:
  • What is the market for bubble gum in Argentina?
  • How does the Palomar Observatory clean its telescope?
  • What is the best restaurant in Singapore to entertain a business client?
In 2018, the majority of these questions could be answered in seconds, if not minutes, by simply typing a query into Google. Or even asking Alexa.

But for most of FIND's existence, these questions were answered by looking up information in books, staring at a microfiche on a scanner, or calling people on the phone.

I first worked for FIND as a 16 year old intern. My days were spent traveling to libraries around Manhattan with a heavy bag of nickels, finding reference materials, and then making photocopies of articles in books, for hours at a time. It was extremely tedious.

Later, as a 21 year old, I researched the answers to questions, poring through encyclopedias, calling subject experts around the world, and sending interns on missions to dig up information.

This hands on education requiring me to profoundly understand the primary sources behind information has made me the ace researcher that I am today. I can literally fly through the web to locate the answers to questions. I worry about the young people who don't viscerally understand where information comes from and are thus more likely to be fooled by fake news and other forms of Internet disinformation.

FIND later merged with Guideline, Inc, was acquired in 2007 by Infogroup, and then merged with Opinion Research Corporation, eventually becoming defunct.

Today a new company has taken up up the mantle left by FIND. promises to answer any question in 24 hours or less. They use the Internet, algorithms and thousands of researchers scattered around the globe to provide their services.

Good ideas get reinvented.

Wednesday, October 17, 2018

Web Secret 541: Bypassing EAPs

The biggest threat to EAPs are mental health apps and platforms that are selling directly to employers. They are less expensive than EAPs, and over promise spectacular results. They also use slick marketing techniques and state of the art tech - which most EAPs lack. And they are usually headed - and started - by technologists - not clinicians.

Here are four of them:

Quarlet Health
Tech-enabled approach that connects physical and mental treatments uses Joyable’s CBT app.

Empower Interactive
Web and mobile tools teach core concepts of cognitive-behavior therapy (CBT) to address the root of behavioral health problems.

ieso digital health
Online delivery of evidence-based psychological therapies - CBT only.
Back by AI technology, offers mobile, accessible emotional support services AKA coaching.

Using technology and data, connects companies and their employees to mental health providers, therapy, and coaching programs that work.

My comments:

What do these companies do better do better than EAPs?
They sound cool, use great marketing and exhibit social media savvy. They trumpet evidence based interventions up front and central. Promise hi tech anywhere anytime service delivery. They are user friendly and offer “fun” visual tracking of progress - typically through apps.

What do EAPs do better than these companies?
CBT is the new Kool-Aid and pretty much the only approach used. What is completely missing is the powerful and valuable EAP assessment that delivers customized counseling and/or referrals to the treatment approach and level of care needed by the employee AND an evaluation of the workplace factors and impact relevant to each case.

Pay attention, people.

Wednesday, October 10, 2018

Web Secret 540: iOS 12

By the time you read this, Apple will have released its new iPhones and unveiled iOS 12, its new operating system with way too many unnecessary features.

Refinery 29 published an article in August comprehensively reviewing all these new bells and whistles.

But here is all you really need to know:

Do Not Disturb
You can now schedule a specific time frame when you don't want to be bothered by calls, text messages, or other notifications. You can specify turning it off for an hour, until you leave your current location, or until this evening. When you open your notification screen, tap and hold the moon icon to see your options and choose the one that works for you.

Control your use of apps, social media or email
There is a new “Screen Time” tab in Settings. Select that, and you’ll see options to set “downtime” and limits on certain apps. Doing so prompts you to take a break from Instagram or email after a certain amount of time each day. The tab also shows a full breakdown of how much time you spend on social media each day and over the course of the week.

Battery Performance
The Battery tab within Settings offers a clearer picture of how your battery performs from day to day. You not only see exactly when you last charged your iPhone and how well it maintained that charge from hour to hour, you can also see the usage over the course of 10 days.

That's all you need to know.

Wednesday, October 3, 2018

Web Secret 539 : 10 years

My first iWebU blog post was published on August 14, 2008, over a decade ago. Since that date, my blog has posted weekly for ten consecutive years without ever missing a single week.

I celebrated with caviar and champagne, in my penthouse suite at the Mandarin Oriental in Paris.

Or, in another version, it completely slipped my mind until this moment.

In that first post, I pledged to:
  • empower non-technically inclined professionals
  • help you translate your vision into a growing presence on the web
  • teach you how to use technology to make new contacts, influence people and increase your earning potential
  • keep you on top of the latest and most disruptive trends in social media, hardware, software and technology.
I think I did that.

Wednesday, September 26, 2018

Web Secret 538: The New York Times

I recently waged a war against the New York Times.

I have been reading the New York Times every day since I went off to college approximately 200 years ago.

For decades, the paper has been delivered to my doorstep.

Every morning I start my day with a double shot of espresso and a review of the headlines. I read no more than one story about Donald Trump so that I can refrain from throwing crockery against the wall. I culminate with the crossword puzzle which I fill out with a fountain pen filled with my favorite orange ink.

All of this has been going on for decades like clockwork.

Until 3 weeks ago when it stopped.

Sometimes I got the paper late, sometimes times it didn't come at all.

I called customer support endless times. Nothing changed. They refused to connect me to the company that actually delivers the paper.

Since the weekend paper came just fine, I cancelled my weekday paper.

I tried reading the paper on line and printing out the crossword.

I absolutely hated it.

One day the Saturday paper failed to arrive and I called customer service again.

This time, I was connected to the delivery company.

My contact there, Rosa, fixed everything and actually followed up to make sure I got my weekend paper.

I decided to go crazy and restart weekday delivery.


Sometimes you just need a human.

And virtual is not good enough.

Wednesday, September 19, 2018

Web Secret 537: block chain and cryptocurrency

You don't know this, faithful readers, but for the past year I have been scouring the earth looking for a definition of block chain and cryptocurrency that I could share with you.

The definition would have to meet only criterion - that I would understand it.

Well that hasn't happened. However, several months ago my spouse passed along an article "The essential guide: blockchain, cryptocurrency and real estate" which sort of explain the topic so that I can sort of understand it.

Since I firmly believe everyone needs to sort of understand this, here is that explanation:

"Cryptocurrencies are digital currencies that are traded and exchanged over the internet, used to buy and sell goods, invest and build wealth. The “crypto” in their name comes from cryptography, the field of studying and enacting secure communications. Cryptocurrencies are designed to offer a secure method of trading and secure record-keeping of who traded what, when–using computer programming (though the “who” is often an obscure number).

The best-known and most widely used cryptocurrency is bitcoin, created in 2008... Bitcoin started with barely any value and has now created its own millionaires and billionaires. Due to the structure of the math equations underlying bitcoin, only 21 million bitcoin can ever be made — or “mined,” in bitcoin terms — which holds the currency’s value (already, the world has collectively mined most of the currency, over 80 percent).

Bitcoin also becomes harder to mine as more hits the market, requiring more time, more computing power, and more energy. Eventually, at some point if and when all of it is mined, the only way to acquire bitcoin will be by trading it.

There are a host of other cryptocurrencies as well, each with their own distinguishing features. Another you may have heard of is Ethereum.
Block chain
Blockchain is the underlying technology that powers all of these cryptocurrencies. The name is fitting because it is literally an electronic chain of blocks of information, each block representing the latest transaction or many transactions, plus a record of the previous block, and the answer to a tough math equation.

A blockchain is a distributed, decentralized digital ledger where transactions are recorded. A blockchain exists not in any one place, but thanks to the internet, is spread out across multiple computers. Which computers? The ones being used by anyone who has made a transaction on the blockchain, from individuals to organizations. The system allows financial transactions to take place without a middleman, like a bank, which is how cryptocurrencies are traded.

It’s a public ledger, first and foremost, and you can transact anywhere in the world without a middleman at a relatively cheap price compared to traditional avenues,” explained Josh Olszewicz, a cryptocurrency day trader.

There are multiple different blockchains each with their own cryptocurrencies being traded and transactions recorded. Additionally, many of the leading blockchains can host a potential infinite number of custom tokens on top of it as well. A blockchain stores all the information about cryptocurrency and token trades in chronological order, so you can go back and see the very first trades, as well as assigning numbers to each user of the blockchain, so you can see who owns what. The record of these trades can’t be altered or tampered with.
You sort of get it right?

I know - that isn't good enough.

If I find a more understandable explanation - I will share it with you.

Wednesday, September 12, 2018

Web Secret 536: Trolls

Internet trolls are the hotile and sometimes dangerous people who post nasty comments and disinformation on the Internet - usually to create trouble of one kind or another.

Last month, The New York Times published an article "The Internet Trolls Have Won. Sorry, There’s Not Much You Can Do." by Brian X. Chen.

Unfortunately, understanding trolls and trolling is essential in the 21st century, so here is my summary of the most important information culled from this important article:

Most experts agree agree that trolling has no easy fix.

Chen notes: "Over the last decade, commenting has expanded beyond a box under web articles and videos and into social networking sites like Facebook and Twitter. That has opened the door to more aggressive bullying, harassment and the ability to spread misinformation...

Case in point: the right-wing conspiracy site Infowars. For years, the site distributed false information that inspired internet trolls to harass people who were close to victims of the Sandy Hook school shooting. This week, after much hemming and hawing about whether to get involved, some giant tech firms banned content from Infowars.

What does that show us? That you as an internet user have little power over content you find offensive or harmful online. It’s the tech companies that hold the cards.

There are many theories about why the internet seems to bring out the worst in people... people use the internet to get more of what they do not get enough of in everyday life. So while people have been socialized to resist being impulsive in the real world, on the internet they cave to their temptations to lash out.

...the quality of comments vary widely depending on the pieces of content being discussed and the audiences they attract. For example, there are videos about niche topics, like home improvement, that invite constructive commentary from enthusiasts. But there are others, such as a music video from a popular artist or a general news article, which ask people from all around the world to comment. That’s when things can get especially unruly.

It’s up to the content providers and tech platforms to vet their communities and set rules and standards for civilized discussion.

Many resource-strained news publications fall short: They often leave their comments sections unmoderated, so they become cesspools of toxic behavior. It is also an area where tech companies like Facebook and Twitter struggle, because they have long portrayed themselves as neutral platforms that do not that do not wish to take on the editorial roles of traditional publishers.

What about fake comments?

Tech companies have long employed various methods to detect fake comments from bots and spammers.

Unfortunately, security researchers have shown there are workarounds to all these methods.

When the Federal Communications Commission was preparing to repeal net neutrality last year, there were 22 million comments posted on its site, many of which expressed support for the move.

One expert used a machine-learning algorithm to discover that 1.3 million comments were likely fakes posted by bots.

What can you do?

For the issue of spoofed comments, there is a fairly simple solution: You can report them to the site’s owner, which will likely analyze and remove the fakes.

But for truly offensive comments, the reality is that consumers have very little power to fight them. Tech companies like YouTube, Facebook and Twitter have published guidelines for what types of comments and material are allowed on their sites, and they provide tools for people to flag and report inappropriate content.

Yet once you report an offensive comment, it is typically up to tech companies to decide whether it threatens your safety or violates a law — and often harassers know exactly how offensive they can be without clearly breaking rules.

Beyond reporting comments individually, you could also use an online petition tool like to demand that tech companies remove offensive content.

The article closes with this advice:

Think before you read... Think before you speak. And you don’t always have to respond. A lot of things do not deserve a response. Sometimes not responding is more effective than lashing out.”

Wednesday, September 5, 2018

Web Secret 535: What's My Line

When I was a child, one of my greatest pleasures was watching TV game shows with my grand-mother.

Grani - as we called her - was a regal, worldly woman who had emigrated to the USA from Russia via Berlin and Paris. She spoke 4 languages and was always immaculately dressed with a strand of pearls around her neck.

Retrospectively, I find it hilarious that this regal person enjoyed some of the most proletarian aspects of 1960s America. She would take me on frequent expeditions to Lamston, a now defunct Five and Dime store, and Chock Full O Nuts, a coffee shop featuring a lunch counter where we ate cream-cheese on date nut bread sandwiches.

One of her favorite shows was What's My Line?, a panel game show that originally ran from 1950 to 1967. The game required celebrity panelists to question a contestant in order to determine his or her occupation, i.e., "line [of work]." Each show culminated in the panelists putting on masks and trying to identify a "mystery guest" with their questions.

Most of the major figures connected to the show were remarkable in their own rights. The show was moderated by John Daly, a World War II correspondent who witnessed Gen. George S. Patton's infamous "slapping incident". As a reporter for the CBS radio network, Daly was the first national correspondent to deliver the news of the attack on Pearl Harbor and the first to report the death of President Franklin D. Roosevelt.

Panelist Dorothy Kilgallen wrote a newspaper column "The Voice of Broadway", which was syndicated to more than 140 papers. In 1936, she competed with other New York newspaper reporters in a race around the world using only means of transportation available to the general public. She was the only woman to compete in the contest and came in second. She was invited to the coronation of Queen Elizabeth II, defended comedian Lenny Bruce from obscenity charges, and reported on the trial of accused murderer Dr. Sam Shepard.
Arlene Francis was the highest-earning game show panelist in the 1950s, making $1,000 (equal to $10,172 today) per show.

Panelist Kitty Carlisle was a film actress who had acted in "A Night at the Opera" (1935) with the Marx Brothers, two films with Bing Crosby, Woody Allen's "Radio Days" (1987), "Six Degrees of Separation" (1993), and "Catch Me If You Can" (2002) in which she played herself in a dramatization of a 1970s To Tell the Truth episode.

Panelist Bennett Cerf was the erudite founder of the Random House publishing firm.

Host and panelists were dressed in evening wear, the men in tuxedos and the women in beautiful cocktail dresses.

All of the What's My Line shows can be viewed on YouTube.

One day on a whim, I showed one of the episodes to my Millenial twins. They became instantly addicted and started streaming the 100+ shows.

They are fascinated by the A list celebrities, from Sean Connery to a very young Elizabeth Taylor, from Bette Davis to Jackie Gleason.

They are fascinated by the elegance and formality with which host, panelists and guests behave.

They are fascinated by the guests and substitute panelists who later became famous. Watch pre Star Trek William Shatner, outrageously flirting with an attractive guest, or Tony Randall, ten years before "The Odd Couple" TV series.

But they are most fascinated by the every day guests whose occupations no longer exist due to modernization and techhnology. Jobs like Hat Check Girl and Diaper Service Man.

Will you enter and sign in please.

Wednesday, August 29, 2018

Web Secret 534: Carved

I am a firm believer in putting a case on your smartphone.

Over the years I have been through many iPhone cases as I upgraded through various models.

Seldom, however, have I come in contact with more beautiful cases than the ones made by USA based

Look at this geometric T-Rex.

Their magnificent animals on wood.

Their premium "satellite" cases.

And my personal favorite "custom map" case. Select any location in the world, and the map is carved into the case.

I'm planning an upgrade in September.

I'll be in touch with you - Carved.

Tuesday, August 21, 2018

Web Secret 533: Curable

Curable is an app that helps users control their chronic pain.

I can't think of a more necessary modality right this minute.

Doctors are drastically reducing opioid prescriptions even when this makes no sense whatsoever.

Unless you are fortunate to live in a state where medical marijuana has existed for a long time - you have no access to even the low THC cannabis pain relievers.

So pain sufferers need another option.

In an October 2017 article "Curing the Incurable", long time TechCrunch reviewer Jon Evans explains how Curable helped his wife dramatically reduce her chronic migraines.

He writes: "[The] treatment program is based on the (thoroughly scientifically grounded) notion that chronic pain tends to slowly rewire the brain to “perpetuate the feeling of pain” — and that this neurological sensitization to pain can be undone, in whole or in part, via mindfulness and cognitive behavioral therapy...It may sound odd that cognitive techniques can overcome and eliminate real physical pain, but there is an sizable amount of hard science behind this, which Curable users are walked through."

If you've tried PT, pills, acupuncture, epidural shots, and everything else under the sun, why not try it?

I know I am.

Caveat: I am not a medical professional and you should check with yours before using Curable.

Wednesday, August 15, 2018

Web Secret 532: Srugim

The Internet is making me realize that I am just as provincial as those demonized imaginary deplorables from the Midwest.

I already had an inkling I was in a self imposed ghetto when I was pondering unfriending my last Republican Facebook friend because he voted for Trump. If I did that I would be perfectly insulated from anyone who didn't have exactly the same values I have.

And then I didn't do it - because - well he likes Star Trek and classic rock and dogs and. Well you get the point. I had to make it work. In our little Facebook world, I made myself reach across the aisle.

And I thought about this all over again when someone suggested I watch an Israeli TV show (aired between 2008 and 2012) called "Srugim."

Srugim has been called the Israeli "Friends." Superficially you could think that. It's about five 30 year olds who live in the same Jerusalem singles neighborhood called "The Swamp", hanging out in each others apartments and angsting about love and life.

Except that the five are Modern Orthodox Jews.

For the record, though I am Jewish, I have never had any Orthodox friends or even acquaintances.

They don't agree with my secular view of the world. I would shun them in a minute if I actually met them in real life.

But the series was recommend by a friend I greatly respect, so I streamed it on Amazon Prime Video.

Srugim is like "Friends," if "Friends" didn't have a laugh track, addressed questions of faith and doubt, death and mourning, and took its time telling a story.

Watch it.

Wednesday, August 8, 2018

Web Secret 531: Lemonade

Say you're a young Millenial. Maybe in your first job.

And you rent an apartment. And you are required to have renter's insurance.

It's 2018. What do you do?

You download the Lemonade app. Here is Lemonade explained:

What makes Lemonade special in the insurance world? It's cheap. Really cheap. A studio apartment in a doorman building could cost as little as $11.00 to insure.

As one article explains, Lemonade promises “world record claims handling” in only three seconds with “25% of claims paid in 3 seconds.” And you can “get insured” in only 90 seconds. And with its “Zero Everything” option, the customer is promised “zero deductible, zero rate hikes, zero worries.”

Nothing is too small to report stolen under a renter or homeowner’s policy, including flip-flops. The website actually says flip-flops are covered.

Here is how it works. Someone steals flip-flops out of your apartment. Use the Lemonade App to record a video of yourself explaining what happened, what the flip-flops look like and what you think they are worth, say, $10. Send it to Lemonade, and its “AI runs 18 anti-fraud algorithms,” which is basically the computer deciding whether you might be lying. If it believes you, the “AI will pay you in 3 seconds” and send $10 to your bank account. If the AI thinks you might be lying, you get diverted to a human to process the claim.

If life gives you lemons...

Wednesday, August 1, 2018

Web Secret 530: Jobo

My 24 year old twins are job hunting.

They aren't combing job boards like Monster or Indeed.

That would be labor intensive.

That would be inefficient.

That would be old fashioned.

Instead, they have a robot looking for jobs for them.

Not like the robot in "Lost in Space" or "The Jetsons."

They use Jobo - the Job Bot.

Jobo promises to "Find jobs worldwide, get updates about new job offers. Let the bot do his job."

Set up is a snap:

1. Add Jobo on messenger

2. Create a profile with the key words that describe the job you are looking for. Setup your own job alarm - ie how often you want to be messaged about your job opportunities.

3. Apply for jobs via messenger or directly.

Easy. Very 2018.

Wednesday, July 25, 2018

Web Secret 529: uBreakiFix

Ask any Gen Z person to show you their smartphone and I will bet you over 50% of the time, the screen is cracked.

Badly cracked.

And they don't seem to care.

This is a profound mystery to me.

I consider my iPhone to be a miraculous device, something to be tended too and protected at all times.

In over ten years of ownership, I have never cracked any screen of any device I have ever owned.

But if I did, it would get fixed within 48 hours.

Now here is the rub. If you are still under warranty, you have to make an appointment with the Genius Bar. And they might need to keep it for hours, maybe even days.

If you do not have Apple Care+ or are out of warranty, it will cost you $149 to fix the screen.

I'd rather take my smashed screen to uBreakiFix.

uBreak is a franchise with hundreds of outposts throughout the USA.

There the repair will cost less: $129.99. And the repair will take under 2 hours.

I feel better already.

Wednesday, July 18, 2018

Web Secret 528: 11 ways to encourage yourself and others to take a break from technology

I recently came across a Forbes article "11 Ways To Encourage Mental Breaks From Technology In The Workplace."

Interestingly, most of the suggestions could be applied to ourselves or our families. As usual, here is the edited version:

1. Create Smartphone Break Areas
Ask people to voluntarily put the smartphone in a box in a certain area of the workplace.

2. Truly Respect Time Off
If an employee is supposed to be off of work, do not send them an email during that time. Don't assume an email is less intrusive than an actual phone call. If you would not call them at that hour, then don't email either.

3. Create Boundaries For Out-Of-Office Communications
Unless a job is billed as 24/7 on-call, maintain boundaries for outside hours communications. Establish cut-off times that are clear and enforceable as nightly deadlines for work outreach.

4. Leave Phones Out Of Meetings
Have a "no smartphone" policy in meetings -- not just team meetings but one-on-one meetings in your office. Leave your phone out of sight, switched off, or put it on silent with no vibration.

5. Clarify The Level Of Priority
Give your team the flexibility of priority awareness. Use the subject line of an email to scale the urgency of an action. Notations like "action by COB today," "before lunch," or "prepare for next staff meeting" give a clear timeline. On the other hand, preceding status updates with FYSA (For Your Situational Awareness) clarifies that no immediate action is required.

6. Promote Self-Care
Implement a wellness program, add yoga and other de-stressing activities, and/or add a quiet zone. Create safe, phone-free zones for employees to unwind and decompress. Senior leaders must demonstrate that they value self-care and allow spaces for employees to do the same. This also means that out-of-office truly means that employees are unavailable during that time.

7. Encourage Employees To Disable Notifications
Getting a mental break at work can be less about getting away from the smartphone and more about diminishing unnecessary sights and sounds. Sound and sight distractions such as email, text and app notifications exponentially increase stress and decrease productivity. If you do nothing more than turn off email "pings" and pop-up windows, you will greatly enhance a sense of focus and calm at work.

8. Take Meetings Outside
If you work near any green space, start taking small groups or one-on-one meetings outside. Find space near a fountain to meet with employees or just walk and talk. Fresh air stimulates greater creative thinking. Walking improves circulation and overall health.

Wednesday, July 11, 2018

WebSecret 527: Happiness in an app

The New York Times recently published an article listing "happiness" apps.

Since we could all use a little happiness, here is what they recommended:

Happy Not Perfect

Designed to bio-hack the brain in five minutes, Step 1 of seven, Check-in, decreases the impact of an emotion just by acknowledging it. Step 2, Breathing, takes you out of fight or flight. Step 3, Journaling, allows you process, digest, and let it go by way of a digital fire ceremony. Step 4, Gratitude, shifts the focus to the positive. In Step 5, a mini Mind Game disrupts thought patterns. Step 6, a Compassion Challenge, boosts self-esteem. Step 7, Vibes, lets you pay it forward. Guided meditations are optional.

Perk: A subscription ($9.99 for one month; $39.99 for six months; $59.99 for a year) provides access to more than 250 meditations and to a gratitude diary and compassion challenge history.

Smiling Mind

Developed by psychologists and educators, Smiling Mind is a free app aiming to make mindfulness accessible to everyone, including children as young as 7. Meditations are offered according to age group and audience, for example Adults, Sport, Mindfulness in the Classroom, Mindfulness in the Workplace. Prompts like “How Do You Feel?” encourage checking in with oneself.

Perk: With Family Sharing, up to six family members can use this app.

Insight Timer

The most popular free meditation app on Android and iOS stores, Insight Timer is home to some 4.5 million meditators and offers guided meditations, talks and podcasts by mindfulness experts, neuroscientists, psychologists and meditation teachers, in 25 languages, on topics including depression and grief.

Perk: Practitioners of all levels seeking community can see how many meditated “with” them, send direct messages and join discussion groups.


Named the No. 1 New App by Apple in 2017, Aura offers mindfulness meditations, short stories, music, sounds of nature, a gratitude journal and life coaching sessions to soothe stress and anxiety and help users sleep better. The artificial-intelligence-powered program uses questionnaires to personalize and improve the user experience.

Perk: The app is free - however, a subscription ($11.99 for one month; $59.99 for one year; $399 for lifetime) allows unlimited access to meditations of 3 minutes, 7 minutes or 10 minutes.


Wednesday, July 4, 2018

Web Secret 526: individual cybersecurity when traveling

So you have tickets to the FIFA World Cup in Russia.

Lucky you.

Remember when, a few posts ago, I told you that Russia is enemy number one when it comes to cyberwarfare?

This is what Conde Nast Traveler thinks you need to do to safeguard your data if you choose to go (just about anywhere in the world):

If it looks too good to be true, it probably is Free tickets, FIFA lotteries, VIP seating upgrades—chances There is no such thing as a free lunch. Do not reply to, click on or otherwise interact with these offers. Delete, delete, delete.

Protect your devices. If you can, leave the devices you really love at home. Invest in a cheap unlocked phone you can use when you're traveling with a local SIM cards. If you absolutely need to bring a laptop with you when you travel, consider buying a sub-$500 Chromebook, eg: the Asus Flip C302. Bonus: with Chromebooks, everything is stored on Google's cloud, so if it the laptop gets jacked, you won't lose everything.

If you insist on bringing your laptop, make sure everything is backed up in the cloud and on an external hard drive before you leave, and ensure the device is secured with a password that isn't "password123."

Public Wi-Fi networks are basically "Steal my stuff" invitations Avoid public Wi-Fi networks when you can. Even if you think you're somewhere safe, like your hotel lobby, it's not worth the risk. You don't know who else is in that lobby, and you don't even know whether the network you're connecting to is legit, it's not hard for a hacker to create a hotspot with the name "Hotel Free Wi-Fi."

If you absolutely have to connect to one, don't do anything sensitive.

Use a VPN (virtual private network). Think of a virtual private network as a tunnel that encrypts all your data as it passes through and scrambles your location (by changing your IP address), even if you are connected to the internet through a public network.

Two that are recommended by Wired magazine are F-Secure FREEDOME VPN and

HTTPS is your friend—HTTP is not. If a website starts with "https" it means it's encrypted, making your browsing more secure. If it's missing that "s"—for secure—anyone can snoop on what you're doing. To be safe, install HTTPS Everywhere as an extension into your browser: it automatically switches sites from the door-wide-open http to the far more secure https.

Rent a portable hotspot. Far more secure than public Wi-Fi are portable hotspots, the pocket-sized devices you can rent. They give you a secured individual Wi-Fi connection around the world, so you can connect to the internet without using international data or open Wi-Fi networks. Skyroam (starting at $9 a day) and Roaming Man ($9.99 a day) are two good options; both give you password protected 4G Wi-Fi access in more than 120 countries around the world.

Be safe.

Wednesday, June 27, 2018

Web Secret 525: Virtual reality sexual harassment prevention training

I used to provide corporate training programs on sexual harassment prevention.

The typical audience for one of these training events was at best bored and at worst overtly hostile. The higher the ratio of men to women in the room, the more hostile the group. But I still think I did a good job.

I divided everyone in the room into teams of two. I provided the pairs with 10 vignettes which they had to discuss and decide whether the behavior constituted sexual harassment. This task rapidly defused the anger and made everyone think about harassment - maybe for the first time. After a set amount of time, I brought everybody back together and we discussed each vignette, calling on the teams to share their decision making process and their answers. It was consciousness raising for the participants.

But that type of training is labor intensive and expensive. And quite frankly, not typical of the average training. Most programs are didactic affairs where a lawyer stands in front of a group of co-workers and drones on about case law.

There had to be a better way, and to accomplish that, Morgan Mercer, founded Vantage Point.

As detailed in a recent Wired article, Morgan was at a dinner party in late 2016, when the conversation turned to harassment. Everybody agreed on one point: People can’t identify it and don’t know when to step in. A few mornings later, she woke up with the idea that virtual reality (VR) could help. She taught herself basic programming, and within nine months had secured funding and signed up multiple partners.

The rest of Vantage Point’s plan involved making the simulations as immersive as possible. Here is a typical scenario:

Prepping for a big presentation is stressful, and your boss isn’t making it any better. He’s leering at your coworker Rachel in the middle of a meeting (!), asking if she’s bringing a date to the company dinner (!!). I mean, what do you do? Say something? Take it to HR? Talk to Rachel? The discomfort is the point.

Well done, Morgan.

Wednesday, June 20, 2018

Web Secret 524: Robocalls

I absolutely loathe robocalls.

So imagine how not surprised I was when I came across a New York Times article that confirmed what I already knew: robocalls are proliferating because it is so damn cheap to send them out by the thousands.

Better yet, the Times had a companion article "Robocalls Flooding Your Cellphone? Here’s How to Stop Them."

Let me summarize it for you:

Rule No. 1: Do not answer numbers you don’t know. If you do answer, don’t respond to the invitation to press a number to opt out. That will merely verify that yours is a working number and make you a target for more calls. Turn to the government

Rule No. 2: Turn to technology.Download apps such as Truecaller which will block the calls. YouMail will stop your phone from ringing with calls from suspected robocallers and deliver a message that your number is out of service. Many of these apps are quite pricey. Hiya is free.

Rule No. 3: Turn the tables. The Jolly Roger Telephone Company turns the tables on telemarketers. This program allows a customer to put the phone on mute and patch telemarketing calls to a robot, which understands speech patterns and inflections and works to keep the caller engaged.

The robots string the callers along with vocal fillers like “Uh-huh” and “O.K., O.K.” After several minutes, some will ask the callers to repeat their sales pitch from the beginning, prompting the telemarketers to have angry meltdowns.

Rule No. 4: Watch what you say. One recent scheme involves getting consumers to say “yes” and later using a recording of the response to allow unauthorized charges on the person’s credit card account, the F.C.C. warned in March.

When the caller asks, “Can you hear me?” and the consumer answers “yes,” the caller can gain a voice signature that can later be used to authorize fraudulent charges by telephone.

Best to answer with “I can hear you.”

The future: The callers are evolving. Some have numbers that appear to be from your area code; others employ “imitation of life” software in which the robocall sounds like a live person, complete with coughing, laughing and background noise. This artificial intelligence can be programmed to interact in real time with a consumer.

I'm scared too.

Wednesday, June 13, 2018

Web Secret 523: Cybersecurity - part 5

This is the last in a series of 5 posts about cybersecurity.

Do you ever host or attend conferences or meetings? Rhetorical question.

There are cybersecurity best practices to consider, as I discovered after plowing through "The Cybersecurity Challenge", an article which I summarized for this post.

Registration puts financial information at risk. If you are storing any personally identifiable information and collecting credit card payments, you must comply with the PCI (Payment Card Industry) data security standard. There are companies that can help you with that.

Every assemblage of human beings includes a large mobile devices. It is not unusual for attendees to have a smartphone, a tablet and a laptop.

A large risk facing planners and attendees is the ill-advised use of free or “public” Wi-Fi networks in the destination. A large number of destinations have taken measures to prevent rogue Wi-Fi networks tricking attendees into connecting to them, however it’s still a common threat to take into consideration.

It is a relatively straightforward task for bad guys to generate a Wi-Fi signal that is going to look equal to or better than a real one. And they might even tailor it to your meeting and say, ‘Attention EAPA convention attendees — free Wi-Fi available to you.’ Such a hoax is called a “man in the middle” attack. It means the bad guys now have unfettered access to your computer.

Some experts advise clients to inform meeting attendees they should never use the free Wi-Fi networks in a Starbucks or any other public place.

We’ve gotten people to the point that when they are at a hotel or convention center, they expect free wireless internet. That is what has created the vulnerability that everybody now faces.

The typical meeting attendee, however, is not aware of the risk. And a big part of the problem, is that meeting attendees don’t read their program or background material. And the people running the meeting don’t make announcements telling attendees not to use unofficial free Wi-Fi networks.

Not even the safety of the Wi-Fi network at a hotel or convention center should be taken for granted. You must make sure that the provider is using secure equipment and that it has secure connection from its technology to the internet. You also need to make sure that the people involved in running it have been backgrounded and vetted.

The good news is that there is a simple recommendation to mitigate risk. Before attendees head out to your meeting, send them an email that is about just one thing, online security. It should say, "We are concerned about your cybersecurity, so we are informing you that the official Wi-Fi network for the meeting is named XYZ. That is the only network you should connect to. If you connect to anything else, we cannot promise that you are secure.”

Another option is to make a formal announcement at the meeting. For example, at the beginning of an opening general session.

A more elaborate step is to use a virtual private network, or VPN. A VPN is a computer program that creates encrypted connections. And because of that, it’s much harder for someone to intercept your signal. The technology is widely available and inexpensive today. It can be acquired for just a month to cover the meeting dates, then canceled.

Pay attention, people!

Wednesday, June 6, 2018

Web Secret 522: Cybersecurity - part 4

This is part 4 of a 5 part series on cybersecurity.

What can mental health providers and institutions do to protect themselves from a cyber attack?

Even a one person private practice or a smaller company can implement cyber safeguards.
  1. Become knowledgeable about technology. Mental health clinicians are notoriously tech adverse. However, unless you are living and working off the grid, ignorance is no longer acceptable.
  2. Educate yourself and your employees about the threat of cyber-attacks and ransomware. Education needs to be an ongoing process.
  3. Use two factor authentication and encrypted email for sensitive information. Hushmail is a secure email utility. 
  4. Make sure your website is HTTPS (HTTP Secure), e.g. In HTTPS, your website is encrypted by a layer of security and thus is less vulnerable. 
  5. At the Forum, we were told that 95% of malware can be addressed by anti-virus software. So deploy anti-virus and update as needed. 
  6. When Apple or one of the major tech companies you use (e.g. Microsoft) sends you an update patch, download it.
  7. Use complex passwords.
  8. Over and over the experts at Yale talked about the need for “good cyber hygiene.” Establish standards for cyber literacy, and other necessary protocols.
  9. Have a workplace social media policy.
If you aren’t sophisticated about things computer, hire an expert.

As we said good-bye, one attendee said, “and now I go back in my car and drive away while using Waze to find my route and Spotify for entertainment, giving up my privacy and leaving myself wide open to hacking.”

Wednesday, May 30, 2018

Web Secret 521: Cybersecurity - part 3

This is the 3rd in a 5 part series on cybersecurity.

The Media used this terminology in the aftermath of the Trump election:Russia hacked our electoral system during the 2016 election.” One presenter at the Yale Cyber Leader Forum I attended explained that in actuality, our electoral system was not hacked.

What actually happened is that Russia used Facebook and other social media to propagate fake news stories about Hillary Clinton. They perpetrated identity fraud to do this. Interestingly, these events were not seen to be a failure of the US government but rather a problem with social media. Separating the fake news from legitimate information is a massive challenge. And separate from cyber-attacks.

There are more and more cyber-security companies but the number of breaches isn’t going down. Only 20% of cyber security budgets go towards prevention.

Hackers are ever more sophisticated. Malware can be delivered in a video download. An innocent sounding e-mail will have a subject heading like “Look at these cute cat videos” and a link to download a corrupted video.

The US government has been reactive rather than proactive in its approach to cyber-attacks. One Yale Forum expert believes we should also “degrade the potential of adversaries to harm us.”

During another Forum break, the owner of a cyber security company explained he had to go through great lengths to get his employees to use encrypted email. The irony was not lost on him.

What about the future?

Yale experts made the following predictions:
  • There will be more and more digitization of our lives.
  • The Internet of Things (the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity enabling them to operate within our existing Internet infrastructure,) will continue to grow and permeate every facet of our existence. Devices are going to go from being outside of our bodies to inside our bodies. One expert wondered about the risk of soldiers going on a training run while wearing a fitness tracker.
  • More and more of our data will move to the cloud. (The cloud refers to software and services that run on the Internet, instead of locally on your computer. Think Spotify.)
  • Identity theft will become easier as we will develop products that can perfectly imitate our voices and other aspects of our individuality.
  • Compliance with cyber-security needs to be easier. Is there an equivalent to putting all the smart phones in a lead box before entering the meeting room?
  • We may never be ahead of the adversary.
  • The disaster of the future will be a cyber-attack.
Asked to imagine a news headline of the future, one attendee said: “Botnet of human body parts takes down the power grid.” (FYI: a botnet is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge.) As we become increasingly bionic, we become increasingly vulnerable.

So what can we do? I answer that question in the 4th and final post in this series.

Wednesday, May 23, 2018

Web Secret 520: Cybersecurity - part 2

This is part 2 of a 5 part series on cybersecurity.

We are vulnerable to cyber-attacks for a variety of reasons:
  • As early as 1994 experts called for a national information infrastructure – that hasn’t happened
  • Much of the USA’s most sensitive information is not encrypted. How comforting.
  • A recently enacted 2017 Trump law allows your internet service provider (AKA FIOS et al) to sell your metadata without your permission.
  • When companies upgrade their websites, they upgrade their security but old webpages still exist and are vulnerable to hacking. One expert said, “We have 20 years of vulnerable websites.”
  • Two-Factor Authentication was devised in the 70s but has only recently begun to have traction. In other words, we have technology to foil attacks but decision makers are slow to deploy it. And people are even slower to adopt it. Two Factor Authentication is an extra layer of security known as "multi factor authentication." It requires not only a password and username but also something that only the user has on them, i.e. a piece of information only they should know. For example, the answer to questions like "What is the name of your first pet" or "what is your dream vacation spot?"
  • In an April article titled “Failed by Facebook, We’ll Return to the Scene of the Crime. We Always Do.”, the New York Times reported how even when a company is hacked, or fails to protect our privacy, we go right back to using it.

    “The reality is that when it comes to privacy, the trade-off has already been made: We decided long ago to give away our personal information in exchange for free content and the ability to interact seamlessly with others… After just about every big privacy hack over the past decade, people quickly returned to the scene of the crime, using the same store or online site that had been compromised.”

    During the Forum, one expert pointed out how even the most egregious lapse will result in only a brief downtick in a company’s stock market performance.
  • We are fighting a 21st century crime with outdated approaches. The attack vectors multiply and the preparedness of end users is very low.
  • In the 21st century, US armed forces do not manufacture the weapons they need, they subcontract with a private enterprise. Similarly, US apps, software, and hardware are in the hands of the Apple, Microsoft and Googles of this world. The US government turns to these companies to self-police themselves.
  • Cyber-security is not primarily a technical challenge but rather a social/political problem. An educational problem. A legal problem. A policy problem.
It is concerning that several Yale Forum experts stated that there needs to be “carnage” for the country and its citizens to pay attention to cyber security. Meaning one or more people need to die as a result of a hack for the public to demand that attention must be paid. One expert even wondered if we need a “grand carnage moment” to make it happen.

Along that line, some of us during a lunch break wondered when a person’s medical history will be hacked causing them serious injury, even death. Would we even know if it happened? So far hospital records have only been hacked by ransomware.

What happens next?

To be continued next week...