30DISC – The Weigh-In

After all the time, effort and money we’ve invested into this program, the question comes: was it worth it. Let’s do a person by person review and see where we are at:

Geoffrey

The big change for me recently was moving from a Windows environment to Linux. I’ve finally taken the plunge, bought a new laptop and installed Ubuntu Linux. That has been a learning curve, and some of the changes I made during the program were essentially voided by this change, but it has given me a significantly higher degree of security and comfort. I’m pleased to say that most of the Challenge has stuck – I’m still using Firefox as my browser with NoScript and all the plugins, I haven’t installed any new apps on my phone, and I’m still using Protonmail as my primary personal email address. Overall I’m very pleased with how much I’ve stayed on course with this project.

Juan

Whilst Juan was the problem child of the group, I’m really very happy that most of the work we did seems to have stuck. He is now much more conscious of the decisions he makes when he uses technology and giving away his information. He is still using the same hardened Lenovo Yoga 730 laptop he started the challenge with. The only thing to note is that it appears that at some point some of the Windows privacy settings have changed. I can’t imagine Juan doing that himself by choice so it’s either happened either:

  1. a Windows Update has reset the settings to default
  2. an application he’s installed or updated has changed the settings
  3. a pop-up window asked him to update the setting and he’s agreed to that

None of these particular options are very palatable, and reinforces my move to Linux. Juan is still using Protonmail for his personal email account and has become a bit of a booster, telling all of his friends about it. He is still using his password manager and has become pretty reliant upon it, which is a great thing. Interesting though with the split from Diana, lots of passwords needed to be changed and their joint family plan had to be undone which took so working through but it is, apparently “all good”. One of the best things to come out of this is that Juan entirely forgot about the fact that he had a Yubikey in his laptop giving him hardware Two-Factor Authentication until he had to take his laptop in to his IT department and they asked “What are you doing with this?”. It’s still working and hasn’t had any complaints about it.

So that’s pretty much where the good news ends. As expected Juan went back to using Chrome instead of Firefox so he lost the goodness of his add-ons and is back to leaving his accounts signed in with 30 tabs open in a browser window. We’ll have to do something about that. As expected, NoScript was a real challenge for Juan and he got really frustrated with having to keep approve scripts on a page to make it work. Again, something we’re going to have look at this time around. Lastly, Juan got a shiny new Android phone and did nothing to it to make any more secure than normal, so that’s something we’ll have to go over again.

Grading – B-

Priscilla

As discussed in the “What Happened” post, Priscilla faced some issues that essentially took all her focus from everything else other than trying not to vomit and generally trying to feel better. Thankfully she has had the all-clear from her medical professional so now it’s time to get back to what’s really important in life – securing your privacy!

So where are we at? Thankfully, her phone and laptop are the same (although she is due for a phone upgrade) so all the changes there have stuck (except one, we’ll get to that). Priscilla is also a fan of Protonmail and she and Juan made the comment that it feels good to know that messages between the two of them inside the PM systems are about as secure as email can be. What was interesting was that during our discussion, Priscilla seemed interested in my move to Linux and seemed intrigued so we may need to explore that. The big win we had was with the password manager – Priscilla found that going through her list of accounts and changing passwords and storing them in LastPass was something meaningful that she could do whilst being very ill so I’m very pleased with that outcome.

That said, the illness did take it’s toll on Priscilla’s smartphone security. Tons of apps were installed to give her a distraction during long, uncomfortable treatments and recovery and as such, who knows how much data has leaked out. Beyond that though, Priscilla is in a pretty good place privacy wise, so that’s quite pleasing.

Grading – B+

So that’s where we stand. A few things to go back over and try to tighten back up, and to see if we can figure out why the original changes didn’t stick. We’ll cover that in the next post, likely next week.

Previous Days Here:
Day 0 – Introduction to the Team
Day 1 – Installing Operating System and Application Updates
Day 2 – Set Up A Standard User Account
Day 3 – Review Privacy Settings
Day 4 – Setup Private & Secure Email
Days 5&6 – Weekend Project #1
Day 7 – Install a Password Manager
Day 8 – Change Your Passwords
Day 9 – Browser Security
Day 10 – Firefox Security Add-ons
Day 11 – NoScript Security Suite
Days 12&13 – WiFi Security Checkup
Day 14 – Virtual Private Network
Day 15 – Two Factor Authentication
Day 16 – Smartphone Security I
Day 17 – Smartphone Security II
Day 18 – Secure Messaging
Days 19&20 – Encrypting Your Data
Day X – What Happened?

Written by Geoffrey