Sunday, February 23, 2020

Cybersecurity Tips

* SLOW DOWN.

* Stop and Think.

* Don't click. Copy and paste a link into web browser.

* Research first.

* Lock your computer, cellphone when you're away.

* Backup before make any change, on daily, and weekly.

* Using KeePass or KeePassXC on Mac for password manager.

* 7-Zip or Keka for macOS file archiver

* Write it down. Pen and paper are good.

* Email with plain text mode.

* Airplane mode if not in use.

* Power off if not in use.

* Install only necessary app.

* Uninstall if no longer need.

* Use CerUtil or gpg to verify the integrity of downloaded file.

Before installing, you should always verify that your download matches

the signature that is published alongside the release package!

* Use Two-Factor Authentication (2FA) if provide.

* Keep it simple.

Tuesday, February 11, 2020

How to verify checksum of a downloaded file on MacOS

$ openssl dgst -sha256 VirtualBox-6.1.2-135662-OSX.dmg

SHA256(VirtualBox-6.1.2-135662-OSX.dmg)=

20fb52bbd7edec58c9eef69046240a809091727872b8b4b254db272ffd6950b4



$ openssl dgst -sha256 Oracle_VM_VirtualBox_Extension_Pack-6.1.2.vbox-extpack

SHA256(Oracle_VM_VirtualBox_Extension_Pack-6.1.2.vbox-extpack)=

54047312d836c17ef0939410f755cb5a23e3037ec402198cc97f755181b25632



Compare result with value in

https://www.virtualbox.org/download/hashes/6.1.2/SHA256SUMS



Reference: https://apple.stackexchange.com/questions/230917/need-a-cli-to-check-the-sha256-hash-of-a-file

How to recognize a fake Geek Squad renewal scam | Consumer Advice

Except from  https://consumer.ftc.gov/consumer-alerts/2022/10/how-recognize-fake-geek-squad-renewal-scam Scammers are at it ag...