As a certified (i.e., ethical) hacker, Richard Martinez was always interested in data privacy, precisely because he knows how vulnerable privacy actually is. “People don’t realize the information they’re putting out in the world can be used later or gathered and correlated to build a story,” he said.
Even while managing a law firm for 11 years, Richard was powerfully drawn toward the increasingly digitized world. He understood basic coding, but beyond that, he felt a little left behind.
So Richard googled boot camps online—and found the Trilogy-powered Coding Boot Camp at UCI Continuing Education. He liked that it was densely compacted into a three-month program that he could attend full-time (he had recently left his job), and also that it emphasized hands-on knowledge.
The result? Richard learned to code—but he also reinforced a passion: to protect people’s data. “I just want everyone to be safe, including my family members and beyond,” he said.
Below are his tips about how to keep your data safe.
1. Know that hackers are everywhere—and that no one is safe
It’s not like it is in the movies, said Richard. “Hackers are programmers, they’re running a program with an algorithm of names and information against every single financial and social media account in the world,” he said.
To put things into a new perspective, Richard offered a frightening hypothetical: If hackers are even just 1% successful, that’s a phenomenal success rate, since 1% out of say five billion people would yield a 50 million return. Protection is mandatory, he believes, and there’s no time like the present to start.
2. Change your passwords—among accounts, and over time
Of course, no one can truly memorize dozens of passwords by heart—especially not when they’re as they should be: long, case-sensitive, and alphanumeric, with symbols. People are creatures of habit (and lazy, too).
But you’ve got to change up your passwords—and use different passwords for different accounts, said Richard, pointing out that cyber criminals can easily use your social media passwords to hack into more sensitive accounts, like your bank account. “With all the breaches, it’s not hard to figure out,” he added.
For Richard’s group project at the boot camp, he and his team built a website with a log-in page. He describes the extensive lengths that coders have to go through to encrypt, decrypt, and re-encrypt data to protect each account holder’s privacy. But if people use their most habitual or easiest passwords, then our efforts to protect you make no difference, he said.
3. Find out what the internet is already saying about you
While it may sound intimidating to uncover what the world knows about you, doing so is the exact first step to taking proactive measures to protect yourself. “One thing I like to do is to type someone’s name into a search tool using OSINT, an open-source intelligence method. This utilizes the internet as a major tool to find out everything about you,” he said.
With information pulled from OSINT, Richard and others can build the story of your life. In his new job as a DevOps engineer at a law firm, Richard wants to use his newfound skills to propose building a deep web search engine, utilizing OSINT, for them.
He wants to build this software on behalf of the law firm he works for to enhance the service they provide to their clients. “Once you’re validated as a user, as in you’re legitimately looking for your own information without bad intentions, then there’s search algorithms and artificial intelligence that goes into the deep web and looks for any information—your email, your phone number, social security, date of birth. We try to find all the information that we can find on you—and show it to you so you know what is exposed,” he said.
4. Understand what’s possible—and guard yourself
Not everyone has bad intentions, but when it comes to internet privacy, it can be scary how easy it is to find everything about a person’s life based on very few details, said Richard.
“I called my bank and this very nice person gave me their first name. That’s it,” he said, “but then they gave me their city. And so, just by their first name, their city, and knowing where they worked, I found them.”
Of course, Richard wasn’t about to stalk anyone. “I just want the public to be aware of these types of things,” he said.
5. Keep your vacations private—very private
While it’s tempting to tell your friends, family, and the world that you’re about to embark on an exciting trip, Richard strongly advises keeping this information to yourself until you return. “Don’t say you’re going on vacation for two weeks,” he said, implying that it makes your possessions—bank account, valuables, house—pretty vulnerable.
By all means, Richard cautions against blasting your airline ticket on social. “People post their tickets online—so I know where they’re going and you zoom in to see when you’re landing and what time,” he said, joking that he may as well greet you at the airport with a sign to prove his point.
6. Stop geo-tagging
Sharing experiences online has become second nature for many; for some, it’s downright compulsive. But according to Richard, location tags should be avoided at all costs, or used sparingly. In a word, it’s dangerous.
“Geo-tagging is not the greatest thing,” he said, adding that something as harmless as taking a selfie in your house can pose problems—and unwittingly share your home address—if you forget to turn off the geo-tagging feature.
Through this coding boot camp, Richard was able to proactively boost his passion on data privacy. He brought added value to his new role as a DevOps engineer by combining his propensity for leadership, with his new advanced coding skills.
Ready to learn more about how to code for security? Reach out to Trilogy Education today.