Don't you have a Smart Watch yet?
It will make your e-mail security that much easier to deal with.
Published in 2600 Magazine, 2017 Winter, Volume 34:4
A few months ago I went back to work briefly in a telephone call center. When I worked in that same building 15 years before (for a different company), I had a Timex Databank watch that I could edit a file with, and then download the Alarms to the watch.
Telephone call centers are very time-centric. You need to go On Break or to lunch exactly (or near exactly) on time or you screw up the management of the entire call center. So when I decided to go back to work, I knew I needed to replace the watch I'd lost years ago. I wound up with a Pebble I picked up on eBay at a modest cost, and when you recieved Text Messages on your phone, it's app sent the message to your watch, so you didn't have to dig out the phone from your pocket, and could read the message.
Well, as it turns out, in the modern era, you're not really supposed to have a mobile phone with you in the call center, yet you need Second Level Authentication when logging into your very secure server. As it turns out, if I leave the phone in my pocket, I can receive the text message with the second level authentication code on my watch via BlueTooth, and appear to be a Good Employee as well.
The thing is, I had just attended a Webinar where it turns out that even with your home Yahoo Mail, or Gmail accounts, you really should have 2nd Level Authentication turned on, so that The Bad Guys cant get into your account, because they haven't got your mobile phone to receive that second level of authentication with. I'm the Catch-All e-mail recipient for some Domain Names I manage, and I've seen messages from Yahoo saying an IP address in China tried and failed to be allowed into the Yahoo Mail of someone's account, so the dangers are real. Since I've got the Smart Watch to read off the characters I need for a Second Level of authentication, it's not so bad to turn that on with my Yahoo Mail, and have to enter an extra string of characters when I bring up my laptop for my e-mail.
Since I often check my e-mail over W-Fi, I've gone the Paranoia route one step better as well. When I bring up my browser (I use either FireFox or Chrome, depending which account I'm accessing), I click on that Menu Icon (⋮) in the upper right hand corner, and click "New Private Window" (Chrome), or "New Incognito Window" (FireFox). This means that I'm going to go "End To End" with SSL (Secure Socket Layer) Encryption, so no one in the middle has a chance of getting a look at my not really private e-mails, but you don't want "THEM" to know what's private and what's not, so OpSec (Operational Security) requires you to use encrypted transmission as often as you can. Using the more private web browser windows makes it as painless as it can be.
As we old 60's hippies used to say, "Just because you're paranoid doesn't mean they're not out to get you." And that white hair on top of my head isn't from age, so no wise cracks. I live in Florida, so that means my hair is sunbleached (that's my story, and I'm sticking to it).
Richard Cheshire has been writing as The Cheshire Catalyst since the late 1970's in the TAP Newsletter, predating 2600 Magazine. That "sunbleached" business is pure Social Engineering (a technical term that means "bullshit"). If he sounds convincing though, its because he believes it.
PDF Version: http://CheshireCatalyst.Com/SmartWatch.pdf
by the Cheshire Catalyst