Tricks for Internet Skating: Daily Safety and Efficiency”
Skating the Internet. Hacks for daily use & safety
The digitalization era keeps expanding. Official procedures, household services, job searches, personal relationships… almost all activities now take place on the Internet.
Since a large part of our life depends on and happen in this place, we must learn to move in this space to be safer and more efficient, in other words, to achieve more by doing less.
The beauty of skating is that everybody has a unique set of variables that they can put in place and express their individual identity in the form of greatness.
- Rodney Mullen
There are many ways to get around the Internet and this is where your knowledge, creativity or ethics come into play. For example, if you value convenience first and foremost, you will probably end up using Gmail, but if you prefer security, you will prefer Protonmail.
Although digitalization is stronger than ever, there’s still a lack of basic knowledge about how to use the network in a functional and responsible way.
The intention of this article is, exclusively, to show you some of the tricks I use in my daily life to move around the Internet more efficiently and safely.
Since a large part of our life depends on and happen in this place, we must learn to move in this space to be safer and more efficient, in other words, to achieve more by doing less.
The beauty of skating is that everybody has a unique set of variables that they can put in place and express their individual identity in the form of greatness.
- Rodney Mullen
There are many ways to get around the Internet and this is where your knowledge, creativity or ethics come into play. For example, if you value convenience first and foremost, you will probably end up using Gmail, but if you prefer security, you will prefer Protonmail.
Although digitalization is stronger than ever, there’s still a lack of basic knowledge about how to use the network in a functional and responsible way.
The intention of this article is, exclusively, to show you some of the tricks I use in my daily life to move around the Internet more efficiently and safely.
About Internet security…
First of all, let’s take a review at basics of
how to be safe on the Internet. Basically, there are 3 points that will significantly help us to increase our security on the net:
- Reduce our exposure. The more accounts you have, the more passwords and concerns you have to manage. So think carefully about where you register and whether it is necessary to do so.
If you only have a Google account, your information could be stolen by attacking you or Google. But if you also have LinkedIn and Spotify accounts, you are 200% more likely to be hacked. - Control exposed assets. It’s common to have accounts on hundreds of sites, some for fun (supermarkets or social networks) and others almost out of obligation (email or invoices). Although it is really difficult, if not impossible, to have control over these sites where we are registered, it is advisable to unsubscribe or configure the trace that we leave on the Internet.
If we have stopped using a social network for good, it is advisable to delete all our data and our account, so that in the event of a future hack, our information will not be publicly available. - Strengthening assets. And for the rest of the cases, it is advisable to try to strengthen our account to avoid scares. This will basically make it more difficult for attackers to carry out any bad deeds they might want to do, such as extracting data or impersonating our identity.
- HaveIBeenPwned — Did you get hacked?
- Bugmenot — Shareable logins to avoid registrations
- Temp mail — Keep your personal email clean
- Email aliases — Multiple emails in your personal email
- Password algorithm — Passwords that you should use
- Password managers — Store your passwords, if needed.
- Latch — Safest setting for your accounts.
- Google Hacking — Search better and faster
- Archive — Find anything posted on Internet, even if it was deleted
- Shodan — Find anything connected to Internet
Have I Been Pwned?
This website allows you to find out if there has been a data breach involving your email address and what data has been exposed.
In 2013, Adobe suffered an attack that leaked 153M accounts, compromising email and passwords.
The more applications you sign up for, the greater the exposure and the greater the risk of our data being exposed.
Don’t panic too much if your data has been exposed, as the vast majority of Internet users have been exposed at some point. Be concerned if you use the same password for all your applications.
Don’t panic too much if your data has been exposed, as the vast majority of Internet users have been exposed at some point. Be concerned if you use the same password for all your applications.
Bugmenot
The
bugmenot.com website provides users and passwords for multiple websites so that you don’t have to do it with your data.
“Shared” user to access telefonica.com website
This page is especially helpful for websites where you’re asked to sign up in order to perform a specific action such as downloading a file or reading an article.
It is important to remember that these users are shared and used by everyone, so wherever you use it, remember not to include your information or make any payments, as other people could have access to it.
It is important to remember that these users are shared and used by everyone, so wherever you use it, remember not to include your information or make any payments, as other people could have access to it.
Temporary emails
Like the previous website, sites such as
temp-mail.org or
internxt.com help us to avoid having to enter our personal email address in pages that require us to be registered.
Temporary email to use wherever you want to sign up
Email aliases
In the case of wanting or having to use our personal email, we can also use email aliases. These allow us to use different emails associated with our main email address.
If your main email is javitorre@gmail.com and you want to sign up to a website but you don’t want to receive any advertising, you could use the email javitorre+spam@gmail.com and the emails will still arrive at your main email address.
You can then filter the emails with this sender to delete them immediately.
This has multiple advantages:
If your main email is javitorre@gmail.com and you want to sign up to a website but you don’t want to receive any advertising, you could use the email javitorre+spam@gmail.com and the emails will still arrive at your main email address.
You can then filter the emails with this sender to delete them immediately.
This has multiple advantages:
- Use of different users in a website with just one email
- Tag and categorise emails (SPAM, games, invoices…)
- It makes harder to hack your email, specially automated hacks.
In Gmail it is as simple as adding a plus sign (+) and then the word of your choice, and you can have infinite aliases.
In the case of Hotmail you will have to c reate the aliases individually in this way.
In the case of Hotmail you will have to c reate the aliases individually in this way.
Password algorithm
Passwords! They are a topic in themselves, whether they are easy to remember, long and difficult, whether to use the Ñ or weird symbols…
We are not going to solve this problem here, but I will comment on a technique that many geeks use to remember them more easily and increase their complexity so that cracking them is practically impossible today.
The most important keys to have strong passwords are:
Therefore, we will start by using a part that is easy to memorise and contains the different elements:
BeerShouldCost1$-
But now we must add something so that each password is different on each website where we register. To do this we can use something from the website or company to add to the end of our password.
For example, the number of letters in the name of the application, or the last three letters, in reverse. In the case of Instagram, it has 9 letters and the last three letters are “ram”, the other way round would be “mar”. This way our password would look like this:
BeerShouldCost1$-9mar
And this algorithm can be used for all our different applications and websites:
We are not going to solve this problem here, but I will comment on a technique that many geeks use to remember them more easily and increase their complexity so that cracking them is practically impossible today.
The most important keys to have strong passwords are:
- Must have characters, numbers and symbols
- Must be easy to remember
- Must be different for each website
Therefore, we will start by using a part that is easy to memorise and contains the different elements:
BeerShouldCost1$-
But now we must add something so that each password is different on each website where we register. To do this we can use something from the website or company to add to the end of our password.
For example, the number of letters in the name of the application, or the last three letters, in reverse. In the case of Instagram, it has 9 letters and the last three letters are “ram”, the other way round would be “mar”. This way our password would look like this:
BeerShouldCost1$-9mar
And this algorithm can be used for all our different applications and websites:
- Facebook — BeerShouldCost1$-8koo
- Medium — BeerShouldCost1$-6mui
- Santander — BeerShouldCost1$-9red
Password manager
Even if we have a good password algorithm, it isn’t a bad idea to have a password manager. This is a software or website where you can store all your passwords and, in addition, they are usually entered automatically when you enter any website where you have a user.
Apps such as 1Password or Bitwarden, the most recommended, help us to have all our passwords centralised, organised by folders or labels.
Apps such as 1Password or Bitwarden, the most recommended, help us to have all our passwords centralised, organised by folders or labels.
1Password mobile and desktop application view
They also have extensions for browsers and mobile apps that, when entering a website or opening an app, will enter the passwords for us, making us forget them completely and we don’t even need to open these apps to see our passwords.
Latch — Multiple factor authentication
2FA or MFA is one of the best security systems we have today to protect our accounts. The
Latch app acts like a house latch, where, even if thieves have our passwords or keys, they can’t get in unless we remove the inner latch.
This makes it extremely difficult for attackers because, in addition to passwords, they must also have access to our mobile phone, where we have the Latch application installed.
How it works is simple. Once we set up Facebook MFA, for example, with our Latch application, every time someone logs into our account from a new device, they will have to enter some numbers that our mobile application will give us in order to gain access.
This makes it extremely difficult for attackers because, in addition to passwords, they must also have access to our mobile phone, where we have the Latch application installed.
How it works is simple. Once we set up Facebook MFA, for example, with our Latch application, every time someone logs into our account from a new device, they will have to enter some numbers that our mobile application will give us in order to gain access.
Temporary access code to our Facebook account
As you have seen with
HaveIBeenPwned?, it’s very easy for our passwords to end up public on the Internet, but if you have MFA on your accounts, even if your details remain public, you know that at least they can’t access your account and act on your behalf. Isn’t that great?
Google Hacking
Googling is an art in itself, where creativity prevails. Even if you think it’s simple or that you don’t need it, I can put you in a bind if I ask you to search for comparisons such as: Which washing machine is better?
All the results that will appear will be mediocre comparisons made by companies that use SEO (or blackseo) to rank well. But the articles that actually compare washing machines will probably appear on page 3 at least, the one we have never reached.
To avoid these problems we can use Google Dorks or Google Hacking, a technique that allows us to do advanced searches on Google using tags that filter the results we will obtain.
All the results that will appear will be mediocre comparisons made by companies that use SEO (or blackseo) to rank well. But the articles that actually compare washing machines will probably appear on page 3 at least, the one we have never reached.
To avoid these problems we can use Google Dorks or Google Hacking, a technique that allows us to do advanced searches on Google using tags that filter the results we will obtain.
Search example for a book in PDF format
Some useful tags are:
Some common examples of this technique are:
- filetype: — Filter results with a specific extension (filetype:pdf)
- site: — Show results found only in the specified domain (site:reddit)
- inurl: — Results where the URL matches the following text (inurl:twitter.com/davidmoremad)
- “” — The quotes indicate that the words between them should be searched for in that particular order
(site:reddit.com “my favourite rap song is”). - + — The + operator followed by a word or phrase (in quotes) tells the search engine that the text must necessarily appear in the search.
(inurl:twitter.com/elonmusk +bitcoin)
Some common examples of this technique are:
- Search images: In Google images we can filter images without background by searching for example: telefonica logo filetype:png
- Search documents: As we have seen in the previous image it is easy to find articles, documents or books simply by indicating the extension we want: +factfulness filetype:pdf
- Search people: If we know the name and surname of a person and put them in inverted commas, it will be easy to see everything there is on the internet about that person. “David El Amrani Hernandez”.
- This technique is also widely used to search for information about people (OSINT) or to search for vulnerabilities in websites and then be able to attack them. For example, just do a search like filetype:docx +Smith +curriculum and you will see many CVs with private data of people.
Archive
We have learned how to search the Internet today, but… What about the sites that are not available? Can’t we see them? Of course we can.
Archive.org is a digital library that stores the history of the Internet, its archives, images and even videos with the goal of preserving history. Thanks to this website we can see what Apple’s website was like in 1996 or Tuenti in 2007.
Archive.org is a digital library that stores the history of the Internet, its archives, images and even videos with the goal of preserving history. Thanks to this website we can see what Apple’s website was like in 1996 or Tuenti in 2007.
Stored history of tuenti.com in the year 2007
So if something has gone online, it is most likely stored in this library. From Elon Musk’s deleted tweets to your photos on the beach that you uploaded to Facebook in 2008.
Shodan
We’ve already seen the potential of the internet of webs but… modern fridges have internet too, and cars, and Alexa and your smart watch…
If all that is connected to the Internet, that means we can also search, track and analyse it. And that’s what Shodan.io, a search engine for internet-connected devices, is for.
If all that is connected to the Internet, that means we can also search, track and analyse it. And that’s what Shodan.io, a search engine for internet-connected devices, is for.
Search for webcams in Madrid by brand Yawcam
Webcams, if they do not have security, are a good example of how public our information is. Using tags similar like the ones we saw in Google Dork, we can indicate that we want to search for Yawcam webcams in Madrid and the first result is already surprising (enlarge image).
This search engine contains everything that is connected to the Internet, and has been connected for some time. Domestic refrigerators, hospital vending machines, company databases, surveillance cameras…
And although this tool is not something I use on a daily basis, I talk about it often as it’s very useful for statistics and analysis by software or city, but I especially use it to raise awareness about the importance of security and privacy.
This search engine contains everything that is connected to the Internet, and has been connected for some time. Domestic refrigerators, hospital vending machines, company databases, surveillance cameras…
And although this tool is not something I use on a daily basis, I talk about it often as it’s very useful for statistics and analysis by software or city, but I especially use it to raise awareness about the importance of security and privacy.
