Thursday, May 11, 2017

Adam Walker

Greetings everyone!

Welcome to my blog. My name is Adam Walker and I am excited to try what the kids call these days "blogging". Personally, I have never been a fan of owning a diary, or any sort of writing in general -- I am a complete math and science geek -- but this looks to be a riveting experience. Now, let me tell you a little bit more about myself. I am a senior at BASIS Scottsdale looking to document my experience during my research over my last trimester. I enjoy listening to any type of music, but my favorite would probably be grunge/rock/alternative. Speaking of music, I love to play guitar, and have been playing since 8 years ago. I have never not enjoyed guitar to give you an idea of how much I love it. Moving away from the arts now, I enjoy mechanical work on my car, a 2012 black Mustang (a car I am most proud of) and scrimmaging with friends in soccer.



Now as much as I would like to tell you everything that happens in my life, my blog will focus on one specific topic, my senior research project -- cYbeR you not secure? How to be safe in an online world. In this project, I will be working under Serial Technology Entrepreneur Mr. Mark Vange to work on the internet presence of a virtual reality flight simulator. To put that in simple terms, how a video game will interact with the internet. To the side of that, and what my project actually is about, I will be researching and compiling the best methods to be secure on the internet so that the average person like you or me can be the most safe online. In the end, I will have a guideline that will help determine what measures you have to take to be safe online depending on what your main purpose for going online is.



Phew! I hope this all makes sense. It just seems to go in one ear and out the other when I try to explain it to people. In about a week and a half from the day this was posted, it will be my first day actually working on this project. Exciting times! Feel free to comment on any future posts regarding my projects or this one, if you are feeling up to it. I hope you have a wonderful day. This is Adam signing off.



Saturday, April 15, 2017

Finale

Hello everyone, and welcome to my last post where I work on my project's research section. The majority of this week was focused on my power point presentation which required me to finish up the rest of my research as soon as possible. All that was left for me to do was to analyze your answers to the survey and see what I can use in regards to my presentation. It is still astonishing to know that 154 people took my survey which was much more than I anticipated. I ended up having to pay money because Survey Monkey would only let me see 100 of your answers. I call it an investment for my future.

After reading through your answers on the survey, I expected most of what you said. Some questions were chosen specifically to add validity to my argument; others were chosen because I truly wanted to see what people did or thought regarding a specific topic. For example, one question that the people answered interestingly was about how to save passwords, or more specifically, what you did to store your password. The answers were pretty much evenly spread across all possible answers which gives me the perfect opportunity to answer how to best secure passwords. Of course, I'm not going to answer you right now, but in my presentation I will. Another interesting correlation I found was that time spent online does not affect one's knowledge of general computer security whether people answered that their work required them to be online all the time or very little. 

With presentations just around the corner, I find myself thinking much more about my approach to explaining my research. Going through each individual slide and organizing it concerning not only the audience's ability to follow what's on screen, but also my research's timeline put my project in a new perspective. I really was able to see how much potential my research has in terms of audience impact. There are so many ways I can explain computer security to people that making an impact will be fairly easy as long as I explain things properly. This gives me a ton of freedom when creating my slides, so I can explore and focus my time on making it enjoyable and entertaining. I don't want people to see a rushed 15 minute presentation where the audience barely has time to really think about what I'm saying. I want people to walk out actually thinking that my presentation was really cool and interesting and they will immediately change their computer habits.

Anyways, that’s it for this week guys. I want to give a huge thanks to everyone who has joined me in my journey so far and I hope to see this through to the end with you as well. As always, this is Adam signing off.


Saturday, April 8, 2017

Networking

Hello everyone and welcome to my week 9 blog post. We are so close to the end of our blogs. I’m not sure about you, but it feels like we just started last week, but I digress.  Onto the main point of this week’s blog, it turned out to be a great opportunity for me regarding networking. I would like to give a special thanks to Cyndy Romagnolo for giving me this opportunity. Not only has it confirmed what my research has been leading towards, but also allowed me to meet some fantastic people in the field of cyber-security.



Ms. Romagnolo sent me an email after taking my survey inviting me to a meeting at Fidelity targeted at their clients that talked about personal security online. She said that my research sounded exactly like what this one person had been working on, John O’Conner, the EVP, executive vice president, of Fidelity Wealth Management.  Attached was a paper from their work and in it were some conclusions that I had also come to conclude, pretty much verbatim. I’ll attach it at the bottom of my post. You should read it. It contains a bunch of useful information that you will also find is really close to what I have been talking about. It was super reassuring when I talked to him about my research and was able to see the correlations between his and mine. Not only that, seeing him present gave me plenty of ideas for my presentation. I was super nervous going into this meeting. I had no clue how big this was going to be or how serious this meeting was. I mean me a simple high-schooler at such a big meeting. Impossible.  In addition to all of this, I managed to talk to a special guest, an ex-FBI guy named Greg who I connected with because of my NSA internship.  As you can probably tell, I gained a lot of useful insight and knowledge about my research as well as managed to do some great networking. So, again, I would like to give a special thanks to Ms. Romagnolo for inviting me to this meeting. It was super useful and I will carry with it the networking and knowledge that I gained for the rest of my career.
Now, I would also like to thank everyone for the overwhelming response I received on my surveys. Everyone who praised it in the comments thank you. I really hope it was a great survey for you to take. That is it for this week, and I look forward to my final post coming up. This is Adam Walker, signing off.

Here is the link to John's paper: https://drive.google.com/file/d/0B0uSQfxphinnbmxlcUVjQWtvcFE/view?usp=sharing

Friday, March 31, 2017

Survey Time



What's up? How have you been? Hope you've all been doing well. Time's flying by and we are already entering April. That's absolutely crazy. I can safely say we are all on the final stretch to the end of the school year. Now, for the past two weeks, I have been working on the ever-so elusive survey which you will all finally get your hands on. Everyone seemed super excited to take the survey, and I am really happy about that. The links will be included at the bottom of this post. For now, I am going to talk about the final touches on my survey

In order to finish up the survey for public use, it had to go through some stages of editing. After compiling a list of all the questions, I would go through and read each one very carefully in order to make sure they were as clear and concise as possible. They had to be impartial and easy to answer. When people think about a question for too long, they become bored and impatient, and will probably answer the following questions very poorly. Some questions ended up needing to be elaborated upon. Some were combined with others. Some were taken out completely. It ended up looking professional and understandable... until my mom came in with the mind set of someone not tech-savvy (she's definitely not adept with technology). She would slap some sense into my tech-geared mind, so terms and other procedures that make complete sense to me but may leave someone like my mom completely clueless had to be revised. It wasn't until this round of editing was completed that my survey was ready for release. Because you can't have more than a survey with more than 10 questions without paying for it on SurveyMonkey, I had to split up my survey among two links. Make sure that if you do decide to take my survey, which I really implore you to do, take both. There's also a cool little activity at the end of the survey for you to do. Just a little something to spice it up.




In addition to finishing my survey this week, I also took it upon myself to mess around with all the different anti-virus/anti-malware services. I did basic research learning a lot more about why there are multiple services when they all pretty much do the same thing -- protect against malware. I plan to actually pit them against real malware by placing harmful malware on my computer. Of course, it will be in a controlled environment. But hey, if something does go wrong, I've been planning on changing the parts in my computer for a while now, so I'd have an excuse. Maybe I'll even record myself doing so, and let you guys see it in action next week. Who knows? We'll have to wait and see. 

Here are the links to the surveys. Survey 1 Survey 2 . The first is linked to my first survey, and the second one to my second survey. Take them in order, and I hope you like the end. As always, it had been a pleasure writing this blog and I look forward to reading your comments. As usual, this is Adam, signing off.

Friday, March 24, 2017

Survey

Hello everyone! As usual, I hope you had a wonderful weekend, and welcome to this week's blog. 




As you should have read in my previous, I finished up all of the plug-ins my mentor recommended. From there, I had to decide what to do next. We came up with a few more plug-ins just for fun as they aren't necessary for my research as well as outlined the remaining parts of my research. What we came up with was the survey, which I had already planned to do from the beginning, and continued our conversation from there. It led to many topics I could include in my survey which would be narrowed down and formatted to fit the typical syntax of a survey. I do not have the survey finished because I would really prefer to finalize and perfect every aspect of it. I can't afford to be unprofessional and colloquial in my diction because I am basically asking you guys for your own time to help me. I digress. This post will be going a bit more in depth what my survey will cover. Consider it a teaser for the actual release.




One of the most populated topics of cyber-security that people (that is, people not privy to cyber-security) discuss is passwords, and the theft thereof. What defines password security? What makes it strong or weak? What is a good password? Well, that's one of the many questions my research plans to help answer and, in order to make my argument much more convincing, I need to gather data from you. Now, I'm not going to ask for your passwords. That's just idiotic. I'm going to ask about your thought process. Do you simply choose a word that means nothing to you? Or is it an item or idea very special to you? Do you commonly use uppercase. numbers, symbols? How long do you tend to make your passwords? I need to know these facts in order to show you what people do, and help change your poor password choosing habits. I need to also make clear in  my survey that I intend to keep all these answers confidential. Well, I shouldn't even say keep. Everyone will be anonymous and I intend to trash your answers once that data is collected. I need the participants to feel safe and comfortable when answering. You'd be surprised how many people shy away from these things or may feel embarrassed when bringing up a poor habit. It is crucial that my data accurately represents what you guys actually do, not what you think you do.

Now this is only one of the topics that will be included in my survey. I will be asking about your online habits and security programs. Where do you keep your passwords? Do you save your passwords? Do you visit unsafe sites? Why do you think they are unsafe? safe? These are the kinds of questions I will be asking. I hope you better get an idea as to what I plan to accomplish after reading this. It's a much more arduous task than I originally thought -- one I didn't think would take this long. I hope you enjoyed my blog this week and I look forward to reading your comments. As always, this is Adam, signing off.



Friday, March 17, 2017

What's Next?

Good morning, afternoon or whenever you are reading this! I hope you all had a wonderful spring break as I know I did. I can't count the number of shows I caught up on over break. Alas, all things come to an end. Enter the next week and I'm already onto the next steps of my project, but, first thing's first, I had to finish all the plug-ins that I promised to cover. All that was left was WordFence security which I was saving for the end. I also managed to meet up with Mr. Vange Thursday to talk about the next steps I had in mind. 

WordFence security is self-explanatory: it enhances the security capabilities of your website. The installation was super quick and easy, but allowed for much versatility. The most important feature that I could take advantage of was scanning. The scanning feature allowed the plug-in to scan my website for any security vulnerabilities. Of course, my website did not have any problems, but with very large websites. There are so many plug-ins and themes scattered around the code that it would be very hard to keep track of with just a few people. That's why the computer scans for you. That is probably the most useful, but there are many other features. You could set up two-step verification, limit sign-ins live if you are in the middle of an attack, black-list ips, ban networks by finding the attackers exact location, and set-up a firewall. There are many other features, but these are the one's I found the coolest. Here is a picture of all attacks happening on all WordFence security networks: (These are just the ones that have been blocked)



Now, as for the future, I plan on looking at a few other plug-ins -- one or two, but don't expect that many. One that I am looking forward to is CloudFlare which is a CDN or content or cache delivery service. Basically, a system of distributed servers (networks) that deliver webpages and other web content to a user based on the geographic locations of the user, the origin of the webpage, and a content delivery system. OK, maybe not basic, but all you need to take away from that is it will act as another layer of security and means to gather more data about the website. On top of this, as we approach the end of school, I need to be thinking more end game. So, as I initially planned, I am going to create a survey that will be collecting necessary data for me to use in my research. I am not going to tell you anything about it. You will have to take it yourself. No, I require that you do. It should be ready in the next couple of weeks. After discussing what I should bring up in my survey, Mr. Vange and I just talked about cyber-security and hacking in general which helped a ton in coming up with questions for my survey.

So, this is what I have been up to this past week. Again, I hope you all had a fun and exciting spring break, and, as usual, this is Adam signing off.


Friday, March 3, 2017

JetPack and WooCommerce

Hello, everyone! Welcome to this week's blog! So this week I worked with JetPack and a little bit of WooCommerce. JetPack as most of you should know from last week's blog acts like an add-on to the WordPress core. Developed by the WordPress team, it allows website owners to more easily manage their website through a variety of functions. There are two versions a paid and free. I did not use the paid version that comes with lots more functions, but I can speculate. Some functions that I can perform for free are stats (site visits, refers, etc.), adding social media buttons so people can share my website, publicizing where my posts are automatically uploaded to my social media, and email subscriptions to name a few. Those are the first few that came to mind, but there are many more. As for the paid version, there are tools for SEO, google analytics, and enhanced video uploading to name a few. SEO stands for search engine optimization. If you search something related to my page, and I had prime SEO, then my page would be the first to pop up on your screen. I think you can understand the benefits of that. It does come with some security benefits such as security scanning which constantly scans your website for threats and anti-spam protection.



After working with JetPack, I decided to move onto WooCommerce. WooCommerce allows the user to transform their website into an eCommerce website with all the necessary tools to monitor one. There are many plug-ins that improve WooCommerce, but that is not a concern. I am just learning what is required to create one (dealing with the security and information analytics). It does pose a problem since I have already created a website that functions like a social media website. I do not want the two to interfere with each other, so I am thinking of creating a second website utilizing WooCommerce. It should not be a problem creating another since I already dealt with the beginning processes to make one, obviously. I also want to read a lot more into the details of WooCommerce. Out of all the plug-ins I have in my arsenal, this one is the most bulky. Bulky is a sense of "there is a lot of stuff to learn". I am looking forward to this considering my parents run an eCommerce website -- well, own one. They have a team that deals with all the technicalities. They just have ownership.

I will be taking my Spring break next week along with you guys, so there will be no post next week. I hope you all will have a wonderful Spring break without too much work. If you have any tests coming up, good luck! Adam, signing off.



Friday, February 24, 2017

My Website

Hi, everyone! I hope you have had another wonderful week. This past week I focused on the plug-in BuddyPress and started working with another plug-in called JetPack. BuddyPress has great chemistry with OneAll because BuddyPress allows people to register under an account on your website and interact with others much like any other social media website. JetPack is a WordPress extension from WordPress.com itself. It allows people to subscribe, share and many other basic functions that may come with a blogging site or any website for that matter. 



To go into more detail on BuddyPress and relate it back to my research, it has allowed me to control information people must enter when registering for an account. For example, generally when you create an account on any website, you have to enter the basic information: your name and email, gender and age, maybe a description of yourself for your bio. These are all things I can control with BuddyPress. Once a person has registered their account and activated it, they are allowed to, like most other social media websites (this is the basic idea behind BuddyPress), interact with others. You can friend them, update your social status, post to a wall which can be liked, shared with others, and commented on, private message others, and much more. I think it is a really unique plug-in. I will be sharing the link to my website, so you people can go play around with it. It's not a perfect website, so there are many things that need work, but that's not important to me. Some buttons don't do anything and I don't need them to -- they are more just decoration. Just have fun exploring: My Website



As for JetPack, I have only just recently started implementing it. As you read in the beginning, that is what it does. I am not all up to date on what it does because I am still learning about it. Relating it back to my research, I know that it will allow for improved analytics and sharing with social media that could possibly be attacked -- I am not saying it will be attacked. It is very unlikely. I will be able to share more about this plug-in next week.

So, now I will give you a few tips when navigating my website site. When you first register and enter in the required information, you will be asked to activate the account. An email will be sent to your email address where you click on the link and activate it much like any other. It will probably be in your Spam, so make sure to check there. Another rule of thumb, some buttons don't work and the website may change on you. That just means i'm working on it. Other than that, go crazy, explore, give feedback. I will obviously be on my website from time to time, so if you want to talk to me, just message me there if you can find which account I am on. I have a lot. 

This is pretty exciting for me. Being able to run this website with people on it provides a cool feeling that I can't quite describe. I hope you like the website and I will be looking forward to seeing you on it. I hope you have a fun and exciting weekend. Signing off, Adam.


Friday, February 17, 2017

OneAll

Hello everyone! Welcome to my blog's second week! To start of this post, I would like to give you an overview of what I have done, and then go a little bit more in depth further on. To start this week's work, I was given some plug-ins to use on my website, but this week I focused on OneAll, a social networking API, or application public interface. I will be doing more than one plug-in a week, but I also had to setup and get my website working before I could actually isolate and observe what the plug-in actually did. 

WordPress, the open-source content management system or CMS, is what I built my website on. Using Pantheon, a website management platform, I was able to create and host a WordPress website for free using a provided domain. Ironically, it was first a blogging website and still is a popular one. I will insert a picture of what the cover of my website looks after this paragraph. Now, OneAll, the social networking API, allows users to login to my website using various social media, whether that is Twitter, Facebook, Instagram, LinkedIn, Google Plus, the list goes on. After initializing the social media with my account, a process i'm not going to bother you with, I would be able to take a look at information that that user has when signing in under that social media. For example, under google plus, I could be able to gain access to your exact location, while in Twitter, I can really only gain access to your email. Wouldn't you feel safer if you logged in under your Twitter account instead of your Google Plus? Now, of course, when logging in, it will tell you what the website devs and admins will gain access to. Just make sure to actually read it. Don't worry, it's not as long as the terms and conditions where you just hit accept. So this is just one example of what my research this week has given me. There are many other plug-ins that I plan to research in the future that are much more in-depth, but here is the first one.




I also figure you viewers want to know what my work looks like. Since I work from home, I guess I will have to take a picture of my desk to show you where I am whenever I am working. Here it is:


I hope you have an idea of where I spend half of my day now.


Anyways, I hope you enjoyed reading about my second week, also the first week where I really got to dive into my work. Have a nice weekend!

Friday, February 10, 2017

The Most Interesting

Hello everyone! I hope you have had a wonderful week. I'm going to start off by saying this has been one of the most interesting weeks of my life. Quite a bold statement, I know, but I can back it up. But before I start my tangent, I would like to talk about the progress I have made on my research.

Due to events that happened this week, which I will talk about later, I did not really get too involved in my research until this Friday (that being the day this is posted) due to time constraints for both me and my mentor (no longer on-site). We met today to talk about about the future of my research and my work with him. You all know what the research is; however, after our long meeting we have finally landed on a solid starting point. No longer will I be working on the internet presence of Fighter Base specifically (I will still update you all if you want to know about its progress). Instead, I will be tinkering with a software called WordPress. Essentially this is one of many means to create your own website, and, with the use of Pantheon, a website management platform, I will be able to test a false website created by me through security plug-ins which will allow me to imitate what goes on on any website when you perform certain tasks such as signing up for a subscription through your Facebook account. All of this will allow me to gain the necessary knowledge I need to help you, an average consumer, make the correct the judgement call when faced with a risky situation online. I hope this all makes sense. I would have been doing a very similar thing with Fighter Base, but this gives me more freedom to test more theories. As a side note, I did get to test the game in all it's virtual reality goodness which is pretty exciting considering it was my first time ever using virtual reality.



Alright, so I bet a few of you are still wondering what made my week so interesting. It was just this past weekend that I was flown out to Maryland by myself to take some tests at the NSA headquarters. That's right, you read that correctly. I would have taken pictures, but this being the NSA and all, I couldn't exactly just bring my phone in and take a picture, so you'll have to just imagine what it looked like. That's not true, I do have a few pictures, but it's just some very bland trees outside my hotel room.



Anyways, I am an applicant for their summer internship where I will doing... Stuff (they haven't exactly told me yet since I don't have my security clearance). But, what was most exciting was the polygraph test I had taken. Now I can't tell you what questions they asked me nor how the polygraph works. You may be thinking to yourself: Isn't this just a lie-detector? Yes and no. It is much harder to tell the truth than you think it is. For example, there was a question that I was obviously telling the truth on -- for simplicity's sake, let's say it was murder (something I obviously haven't done)-- it still spiked. I'll leave it up to you to figure out why it would spike. I will be flying out again in the near future to take some more tests which is absolutely exciting for me. Now do you understand why this was one of the most exciting weeks of my life? Pretty cool stuff don't you think? If you have any questions, include them in your comments below and I will reply as soon as possible. Thanks for tuning in this week.