Don't You Have a Smart Watch Yet?
A few months ago I went back to work briefly in a telephone call center. When I worked in that same building 15 years before (for a different company), I had a Timex Databank watch that I could edit a file with, and then download the alarms to the watch.
Telephone call centers are very time-centric. You need to go "on break" or to lunch exactly (or near exactly) on time or you screw up the management of the entire call center. So when I decided to go back to work, I knew I needed to replace the watch I'd lost years ago. I wound up with a Pebble I picked up on eBay at a modest cost. When you receive text messages on your phone, its app sends the message to your watch, so you didn't have to dig out the phone from your pocket, and you can read the message on your watch.
Well, as it turns out, in the modern era, you're not really supposed to have a mobile phone with you in the call center, yet you need "second-level authentication" when logging into your very secure server. As it turns out, if I leave the phone in my pocket, I can receive the text message with the second-level authentication code on my watch via Bluetooth, and appear to be a "good employee" as well.
The thing is, I had just attended a webinar where it turns out that even with your home Yahoo! Mail, or Gmail accounts, you really should have second-level authentication turned on, so that "the bad guys" can't get into your account because they haven't got your mobile phone to receive that second level of authentication with. I'm the catch-all e-mail recipient for some domain names I manage, and I've seen messages from Yahoo! saying an IP address in China tried and failed to be allowed into the Yahoo! Mail of someone's account, so the dangers are real. Since I've got the smart watch to read off the characters I need for a second Level of authentication, it's not so bad to turn that on with my Yahoo! Mail, and have to enter an extra string of characters when I bring up my laptop for my e-mail.
Since I often check my e-mail over Wi-Fi, I've gone the paranoia route one step better as well. When I bring up my browser (I use either Firefox or Chrome, depending which account I'm accessing), I click on that menu icon (⋮) in the upper right hand corner, and click "New Private Window" (Chrome), or "New Incognito Window" (Firefox). This means that I'm going to go "end-to-end" with Secure Socket Layer (SSL) encryption, so no one in the middle has a chance of getting a look at my not-really-private e-mails, but you don't want "them" to know what's private and what's not, so Operational Security (OPSEC) requires you to use encrypted transmission as often as you can. Using the more private web browser windows makes it as painless as it can be.
As we old 1960s hippies used to say, "Just because you're paranoid doesn't mean they're not out to get you." And that white hair on top of my head isn't from age, so no wise cracks. I live in Florida, so that means my hair is sun-bleached (that's my story, and I'm sticking to it).
Richard Cheshire has been writing as "The Cheshire Catalyst" since the late 1970s in the TAP Newsletter, predating 2600 Magazine. That "sun-bleached" business is pure social engineering (a technical term that means "bullshit"). If he sounds convincing though, its because he believes it.