[Transcript] Episode 4: David Goodin
✨Magical Mindset Podcast: Cybersecurity
Top 5 Cybersecurity Tips: Protect Your Digital Life
[00:00:00] Introduction to Digital Security Awareness
Intro to David: Account and life takeovers are on the rise and people need to protect their digital lives. Many people over-share on social media and the criminals are making the correlations and finding out where they live.
How's your password hygiene and your browser safety? Luck favors the prepared. In this episode, we explore all the wonderful ways you can set yourself up to succeed and take care of your digital life. We're going to discuss cybersecurity tips, five tips everyone needs to know to be able to navigate and express yourself digitally and online.
We will also discuss his inspiration for writing fiction for young adult audiences and audiences of all ages.
[00:00:45] Meet David Goodin: Cybersecurity Expert
Intro to David: On today's podcast, I speak to security architect and cybersecurity expert, David Goodin.
Intro: Welcome to Magical Mindset with Macarena Luz Bianchi, where we explore the magic of mindset, gratitude, and purposeful living. I'm your host, Macarena, and I'm thrilled to have you join me on this journey of wonder, wellness, and wisdom. You can find the episode show notes, your free Magical Mindset Blueprint, and more at xpres.me/podcast. And here's the show.
[00:01:23] The Importance of Strong Passwords and Cyber Hygiene
Macarena: So, David, you're a security architect. David has been a cyber defender for over a decade and works for a high-tech company out of Silicon Valley. He holds a master's in cyber security in digital forensics, science, and numerous cybersecurity certifications. So, David, I'm so happy you're here. We met at the Future of Publishing Mastermind and that was really great. And I'm very excited about your work and your book. What is the name of your book?
David: Digital Fortress. Navigating Cyber Threats. I have a copy right here.
Macarena: Digital Fortress. Oh, awesome. Awesome. Navigating Server Threats. So even though this is the Magical Mindset Podcast, one of the things we talk about is Setting ourselves up for success. And that's why that was the angle when I heard you talk. I'm like, oh, this is really useful. So, I like to keep things lighthearted and empowered. And it is important to keep a clean house. You know what I mean? So, do you want to tell us a little bit more about yourself? Do you want to dive in and tell us what we need to know?
David: Certainly. Thanks for having me, by the way. I appreciate it. And yeah. As far as when you mentioned keeping a clean house that also means a cyber house, if you will on your digital life, keeping your permissions locked down on your machine whenever possible, selecting complex passwords, not having the same password on multitude of sites, right? Just having a password manager or a vault, if you will, that way you keep all your information in one place. That way you just know your one password, get in and you connect out. So, it's just stuff like that is what I'm referring to as keeping your digital life secure.
Macarena: Nice. I'm a big fan of last pass. That's the one I used. I don't know what I would do without it. I have the family plan and trying to get my family to use it has been a bit challenging, but I don't know what I would do. And then I heard somebody that said, instead of thinking of passwords, think of password sentences.
David: Passphrases, yes, the longer the password, the harder it is to brute force the password. So, what attackers will do is they'll hack a site and when you enter a password like when you create a login, it creates a hash, which is like a random string, a character, so it looks like gibberish. But essentially what that is, it's a mathematical formula that takes your password and hashes it, depending on how complex they store it.
If they store just the hash in the database, a hacker can download that and try to crack it or brute force it. But if the site's more secure, they include a salt with a hash, which means they include a random string with your password. It's harder to crack. So, assuming that the intruder has your password, say off a breach site or something, they'll try to use that on a multitude of sites, right?
So, if you have a password for Yahoo and that gets breached, for example, they’ll try Google, they'll try Hotmail, they'll try all these other sites. And if you have the same password, they'll get in everywhere. Then they'll try banking. They'll try, a number of things. They'll essentially create what is called the bot then just program that to try all these at once.
So, within seconds, they've tried everything.
Macarena: And then what are these people after money? Like easy money.
David: It depends on the hack. Most of these so-called hackers, are criminals, right? They try to find the easiest way into your life. They will try to, open up accounts in your name. So, they want as much personal information as possible. That includes, your social security numbers, your Date of birth addresses place of birth, that sort of thing to impersonate you so they can steal your life, essentially.
That's what the criminals are after is easy wins. So, if they can get your password to your email, they can reset your passwords elsewhere. Then they can gain access to your other accounts. If you don't have a two factor or multi factor authentication turned. It's just much harder to access your accounts with those security controls in place.
But without that, they can just reset you. If they command your email, they can just reset your password, then get into all your other accounts.
[00:05:55] Personal Experiences with Cybersecurity Threats
Macarena: So, I've had some sad experience with this. During the pandemic, some crazy thing happened. In Facebook, I had personal Facebook, business pages and groups, really developed groups. One for women's confidence and self-esteem, another one on my wizard training stuff. And one day I got hacked.
Somebody impersonated me and I don't know what they posted that got me suspended. So, I said that wasn't me. This is me. And I lost access to everything. And it was so traumatizing. It was, it took me about a year to get back into it. So that happened once. And then another time I fell for something so stupid.
Somebody says, oh, vote for me for this. And I was like, okay, I did it. And then they're like, send me a picture. So, it was like through Instagram. She's to prove that you did it, send me the screenshot of the text message, because you had to text them.
David: Oh, yeah. Yeah. So, I'm trying to get additional information from that.
Macarena: Yes. So then, it was like arm wrestling a troll. Then I realized what happened. Oh my God. I'm being hacked. And then I changed the password, they changed the password and it was like a couple hours of I'm figuring out, Oh my God, what a nightmare.
David: Yeah, it's like an arms race because what they're trying to do is outwit you and they'll social engineer you by talking to you and trying to get as much information as possible. That's why a lot of age groups like seniors are targeted because though randomly calls, I'm your bank, I need some information about you because your accounts been suspended Verify your social security number and all that and when I tell people is okay, if you get a random call from your bank asking for information, hang up and call back and in that way, you're getting the proper information, just there's a number on the back of your debit card.
Just call that. And it's your bank at that point. Even if you had to wait longer or get their name, try to collect as much information as possible. Typically, they'll give you some bogus name, but if you give that information to your bank or your bank's fraud department, that's more information they have to go by. And also, if a random number appears on your phone and you don't want to pick it up, you can always Google that number to see if anyone's reported it as spam or scammers.
Sometimes there's these websites called 800 numbers or 800 phone numbers. Can't remember the name of the site now. But you can generally Google the number and if anyone else has reported any spam or scams from that phone number, you'll see some comments appear. But typically, what I'll do is with my personal cell phone is I'll lock it down so that nobody can get through unless they're a contact.
So, it's a lot of time. I had some work done in my house one time and the contractor was trying to get ahold of me over and over. He was about to leave. He's like down the street. Oh, you weren't a contact. And I'll put you in and then he was able to text me, but not call me.
Stuff like that sometimes can backfire, but just now everyone thinks of these things and everyone uses their cell phones as their primary communication tools. Now they don't have landlines. So, it's very important to think of these things and try to lock it down as much as you can.
Macarena: I think I have that too. If I don't recognize the number, it goes straight to voicemail
David: Yes. That's the best way to do it. If it's important, if they're a real person, they'll leave a message.
Macarena: Exactly. And then I think the other important thing is these people are preying on everybody being busy or overwhelmed and in autopilot, right? So that's what I talk about to my clients and my people and my books and everything, like how to be present.
So, we don't take the bait. And then sometimes it's just not being in a hurry. And, as you're also an author, we talk about that a lot, like purposely putting the phone in the other room, not answering the phone. So, I think if we can have some distance from the phone, we're not going to so easily take the bait.
It's like another buffer and then we are more present, which has a lot of things.
David: Yeah, exactly. Or utilizing the if it's not practical, put your phone elsewhere. Sometimes you may need it or you're in a critical meeting. Just put it in do not disturb mode. And that way if your meetings over or when you have your focus time, I automatically set focus time on my phones during my writing windows.
That way I'm not going to be bothered. I don't have to remember to do it. It's just a schedule. It automatically happens. And I utilize technology because it's not always practical to put your phone in a Faraday bag or something or put it in another room and so.
Macarena: You just mentioned that, the Faraday bag, tell us what that is.
David: A Faraday bag is a pouch that I put my car keys in there because I don't want my RFID signal from my car keys. So, what that is an actual pouch that blocks all radio signals. You can get them off Amazon for $10. Essentially, they make bigger ones for your phone too. And you can stick your phone in this pouch and it will automatically block all the signals and you don't have to worry about it.
Macarena: Yeah, I have one of those. I have a box and my door because where I live, we're part of a very amusing neighborhood chat. And then people are like, it's all these super expensive cars too. A super Rolls Royce’s, stuff like this constantly being stolen, but the keys were left inside.
David: Exactly. Yeah. Because criminals will use high technology to get those cars. And cause I had a high end sports car as well. And I would be afraid that it would get stolen. So, I would. Throw it in the bag, my keys in the Faraday bag. And then when you're looking for your keys, if you're not used to that, you're like looking for your keys and you don't see your keys, but you see your Faraday bag.
But yeah, just little precautions like that usually go a long way because criminals will just scan or sometimes, they'll just reprogram a key. And just get in the car or if they can get in the car. So, there's all sorts of ways that you can get in and steal your stuff. But yeah, you don't want to make it easy for them.
And that's like cyber criminals as well. They'll actually look for easier targets. They send out. In the book I explained this is how to widen it. And they may get two responses out of 10, 000 emails and that's all they need. They'll just steal your email by hacking different organizations, collecting the email lists, and then just casting a wide net in hopes that somebody will click the link and down the lower end, it's a fish, so that's why it's called fishing because they cast a wide net and hope to get a big catch, but most of the time it's usually a small percentage.
Macarena: So, the first line of defense is not reusing passwords, having long passwords. So that seems like the initial, of course being present so that you don't click on stuff, like auto click on whatever's coming at.
David: Yes.
Macarena: Is that the level one, the first line of defense?
David: First line of defense is having a complex password.
[00:13:08] Advanced Cybersecurity Measures and Tips
David: The second line of defense is actually utilizing a two factor or multi factor authentication. So, you'll have. Apps on your phone are usually good enough. You have several ways of doing that. But SMS, which is you're getting a text message that's better than nothing, but I don't recommend that to people because there's all sorts of attacks where they can actually steal and take over your phone.
They can actually do a SIM swap and easily take over your phone, if you inadvertently click a link that's known as a drive by attack because they'll send you all these links by text. They'll just like randomly send it. Then they'll say, Oh yeah, here's pictures. I got a message from my son the other day and he goes, oh, here's the pictures we talked about.
And of course, it wasn't when I send pictures to my son, it's usually by text and he, doesn't speak a certain way. They're easy to spot. But sometimes people are in a hurry, like you said, and they click the link. Then their phone gets infected because they have malware that will actually take over the phone, do a SIM swap, and sometimes these scammers will actually call your phone provider. I've already had your email at this point.
And they say, I lost my phone. I have a new one now, and I need to reprogram the sim, and sometimes the phone companies will do it, for the criminal, and that way they have your phone, they have your email, and they have essentially your life when you most criminals don't want your wallet, they want your phone, because that's like your digital wallet.
You have your pay apps on there, like Apple or Google pay. You have other apps on there, like your banking apps. And a lot of times you'll get a code, like a SMS code for your banking app, but if they already have your phone, they access your stuff there. But if they have multi factor, which is.
Something else, it's like something you have and something you are, so essentially biometrics come into play. So, if you have a modern computer, you may have a little reader for your fingerprint on your device. And in that something you are, so you actually put in your password.
And then you have to put in the code through say Google authenticator or something. Then the third challenge is your fingerprint and that's considered multi factor as opposed to two-factor, which is the code from your phone and your password. So that's the second line of defense. It sounds complicated, but it's not that hard to set up, and there's all sorts of ways you can get around that.
Macarena: But that sounds really important. I remember I had a bad experience with two step authentication, when it first started. I was using at the time MailChimp.
David: Oh, and yeah.
Macarena: It was at the very beginning of that stuff. Before they had the apps, it was phone specific. So, I updated my phone and then I could not get into my MailChimp, but my assistant could.
But I couldn't, they asked me all these questions. I got them wrong, completely wrong. And it was like eight months trying to wrestle with them. Like it's me. I need access to my account. I couldn't do it. I couldn't do it. It was so crazy. It was like, Oh my God.
David: Yeah, and sometimes when you set up a two factor or multi factor, with Google, for instance, you'll get a bunch of codes and they're like emergency codes. So, what I usually do is when I set up a new multi factor or two factor, I'll get the codes and put them in my password manager just in case I run into that situation, then I have the code to unlock it.
Macarena: Now I do that. And LastPass works great from that. Of the password managers, which one do you use? Which one do you recommend to your people? Does it matter?
David: Generally, I use stuff that's online and offline. I like 1Password because I use a Mac, but that's good. That I've used other things in the past KeePass. I've actually downloaded the code and compiled the password manager myself using KeePass. I've never passed with Linux before because I was paranoid about everyone having my passwords.
Because anything online can be hacked, potentially. And hate to say it, LastPass has had their troubles in the past, and they've been hacked. But anything online, I'm not saying that they're bad. Better than nothing, but I just want my passwords stored in a secure vault that's not particularly online.
There's dangers of that because if my computer blows up, all my passwords are with it, but I have backups and backups of those backups and If someone gets ahold of my password vault files, then they'll try to brute force it to get in there, but I have a very complex one. So, it's just adds another layer of complexity there.
There's all sorts of ways to around that, but I just highly recommend that you have something. It doesn't matter what you have necessarily is. If you have something that's a commercial product is good because you can get support. Just recommend to people that you have it and not just save it in your browser, just have a proper vault.
Macarena: And apply the first two rules, have a complex master password and have the two step and multi-step authentication with that, to extra protect that.
David: Exactly. And one word regarding the multi-year master password is a complex and long. That's great, but you should be able to remember it. Don't ever write anything down and put it on your desk. Some of my less technical relatives have used to put all their stuff on a piece of paper next to the phone and it's okay, that's great, until the plumber comes in and looks at it and takes a picture of it.
Stuff like that. But usually they're older people, so they don't really think of that. They're not from the digital age unnecessarily. And other people just don't wanna. It's like years and years ago when I was first starting my career. One time we had researched this email gateway and I didn't realize what the password was that I just looked underneath the keyboard.
Oh, there it was. And I was able to get it. So, it's just stuff like that. And of course, I was trying to get in because that was my job too, but they didn't tell me what the password was, but it would just write there written in pencil on the back of the keyboard.
Macarena: I remember that. I remember that from the corporate world.
David: Yes. And although it was a security facility, I'm thinking back in my mind, yeah, you shouldn't have that. We should have better procedures on doing this, but this is like 1993 or four when I was just starting my career.
Macarena: Okay. So, we've got steps one and two. Is there a step three?
David: Yeah, just Think twice about clicking. Don't click links in the email if you can't help it. Attachments are hard. But because a lot of times everyone sends PDFs or word docs, make sure you verify the source of truth, right? Anyone can send you an email saying, okay, I'm David Goodin.
I'm sending you an email. They're spoofing. Somebody could spoof my email and just send you, oh yeah, click on this link. Here's a new meeting link or whatever, and you click on it and pretty much installs malware on your computer. So, you definitely want to, unless you're expecting the message, just think twice before you click the link and also verify their emails.
You can double click on the from. Make sure it's a proper email. And with links, you can also tell if they're bad. You can try to hover over it, but sometimes there's been attacks associated with that too. What I typically do is I'll copy the link, put it in a notepad, then I'll analyze the link.
I use actual tools where I can actually put the link into this URL analyzer. It'll break down the URL and tell me exactly what's happening. But obviously users, they're not technical enough to have that, or they don't have time. They don't want to bother with it. But what I would suggest is, just do a few simple spot checks. And if you all of a sudden get links from somebody that you don't normally get links from and say, oh yeah, here's the pictures we talked about or whatever, or I need your banking information, just think twice before you reply. But that's a tough one.
The third option is, try to use your contacts list as much as possible because most people conduct business on their phone these days, right? There are everyone's mobile and they're out and about. Put all that information as much as you can in your contact list, because that way you can avoid just clicking the random links in the emails.
Macarena: So, number three think before you click
David: Yes. Yes.
Macarena: And I guess the phone is like an extension of ourselves and we probably should not let anybody touch it. My nephew recently was a victim. He was working. He works at a grocery store and it was pretty busy. And a young kid comes up and it's Oh, I'm missing my wallet.
I need to call my parents. Can I use your phone?
David: Yeah, and while they're using your phone, they could be installing malware.
Macarena: What they did was they sent themselves like Venmo or PayPal or something like that. And because they had the phone, they clicked on the two-step authentication. So, the lesson there is if someone wants to borrow your phone, you can dial for them and put it on speaker. So, my family was like, "no good deed goes unpunished."
I'm like, that's not true. Now we all just learned something. I think most of us do gooders and people generally, like nice humans, we would have all fallen for that.
David: Exactly.
[00:22:22] Social Engineering and Its Dangers
David: The first rule in social engineering is people naturally want to help. And a lot of times there's been instances where companies will hire an actual person to try to breach their physical security. A common trick is a guy will come up with a suit and tie and like a nice briefcase.
It looked professional and said, my resume got damaged. My son was giving me a hug and coffee spilled all over it or something and give him a sob story, right? I need really need this job. I've been out of work for a while, but I have it on this USB stick. Can you print it out for me?
So, they'll stick it in there. And their computer's getting infected. It looks like a resume, so they'll print it out and go, thank you very much. Then they'll act like they're supposed to be there. Then they'll leave and while the receptionist is busy but the damage is already done.
As soon as they put that USB key in there, stick in there, they have compromised the network.
Macarena: Wow. So, No foreign USBs.
David: Nope, nothing. And another social engineering tactic that they'll use is they'll have these USB sticks with malware on them and they'll write payroll on it or pictures or whatever, some enticing message, usually private photos or something, then they'll put them in bathrooms and people go, Oh, yeah.
Macarena: Oh, what's this?
David: Put it on the parking lot or by the lunch table.
Macarena: I wonder who's this is so I can return it to them.
David: Exactly. Confidential payroll information.
Macarena: yeah. Yeah.
David: Go, oh, so let's look at this. I want to see what Bob's making. So yeah, that's other tricks that attackers will use to get inside networks.
Macarena: Whoa, whoa. So, I take it. We shouldn't walk around scared of these things, but we need to just be aware of them. So, we can take sensible precautions so we're not the easy prey.
David: Exactly. You can be trusting but you can just take an ounce of trust, but verify. Essentially, you don't have to be rude to somebody and say I'm sorry, that's not our policy that insert a foreign USB device into my computer.
So, I can't do that for you, but there's a Kinko's down the street.
Macarena: Exactly.
David: If you're in a hotel, there's a business center, et cetera.
Macarena: Wow. Yeah. We don't have to be everybody's. So I've had some other weird experiences, unpleasant experiences. And again, this was at the beginning. I had a business account with Bank of America at the time. And I was living in Southern California. And then this was really funny, I suddenly see almost close to 9, 000 deposit from somewhere in California, but not where I live. So, at first, I'm like, I asked my dad, did you deposit some money in my account or this was a long time ago. I think I was in grad school at the time. And then he was like, no. And I'm like, I've got to tell the bank, and his initial thing was like, don't say anything, but I'm like,
David: Yeah, you have to tell.
Macarena: This is weird, something's wrong.
And then obviously it was like an inside job and this is where I got paranoid with checks. Checks have all the information on them. It's like a horrible idea, right? So, from then on, I'm like, just pay everything online. If I have to send a check, I usually do it through the bank.
No, I'm not sending checks with my information on them.
Macarena: Because they had a check, they could replicate the checks. So what they did is they made deposits, but then took money out. They played with the cycle of how, something like that.
David: They're testing the system.
Macarena: This was like Friday.
So come Monday, I've got like negative 20 grand or something like that. Some crazy thing like that. And I was like, what on earth? Again, this was, I don't know, God, I'm talking a long time ago, 25 years ago or something like that, just to put it into context. And I'm like, it's somebody at that branch, like it happened in this branch. Someone did it. And then basically the bank was like, oh, we've already lost enough money to this. We're not going to do anything about it. That was like their answer. And I'm like, Oh my God. But what they did, which was horrible is, it doesn't happen like this anymore, but back then, while they're doing the investigation, they froze everything. Personal, business, all of it. And it was like December, right before Christmas.
It was crazy. I was like, what a nightmare.
David: Yeah. And you had bills to pay, you had vendors to pay.
Macarena: But now they don't do that. Now they say, if you say that it's fraudulent, they don't freeze all your assets for 30 days. I think they've improved there. Again, that's part of our digital life. So, I guess.
[00:26:46] Banking Security and Protecting Financial Information
Macarena: Do you have any tips for protecting the money stuff? Like the banks, don't let anybody in your phone.
Don't let anybody use your computer.
David: Account takeovers are getting increasingly common now because of technology. What I typically like to do is set up the multi factor. But set up like a key that's not connected to your phone like a YubiKey or RSA key. There's a device where it looks like there's six digits and when you enter your password, you have to enter another code and typically a pin that you just know, like a six-digit pin, then you'll enter the actual code on the device, then you're in.
So that's just another step to get in.
Macarena: So, would you get that from the bank itself?
David: Yes. Exactly. I know that Wells Fargo has it. Bank of America probably has it too. I know the large banks will have it. It's usually like a hardware key, and you have to order it from the bank.
Or sometimes Google. They may use the Google devices as well. And there's another key called the YubiKey. You have to put your finger on it to just a physical device you put in your USB port or your USB C port and it activates that way. So that's just part of the multi factor equation.
That's probably the most foolproof way to do it. But even with that technology, if you're Hackers determined enough, they'll get in. But that's going to make it the opportunity attacks a lot harder because like the kid in the market that's trying to steal your money, he may get into your bank account, but they can't complete the login or they may know your password, they can't complete it because you have this device.
It's attached to your set of keys and you need to put that code in before you can get into your bank. So that's probably the most foolproof way, if you have that option, depending on your bank,
Macarena: Oh, interesting. Yeah. I'm used to hearing like stuff like that. For commercial accounts, but of course it's applicable to personal.
David: yeah, it's definitely available for personal accounts, depending on the banks. I've seen that option with, at least a couple of the big banks, but not all institutions support it. So, it's that's just if you have the option available, go for it. If you don't, just utilize the multi factor approach. YubiKeys are pretty common.
You can get them. Google has them and you can just order them online and in that way, you can sync it up to your accounts.
Macarena: So some people think that the Google password manager is enough.
David: Yeah. A lot of my friends have mentioned that to me and I said, that's not that great because you can become a victim of a watering hole attack, which is essentially someone may send you a phishing link saying, oh, this is the link to the conference you've signed up for.
And they may be targeting a group of users and you click on it and it looks like the conference webpage. You put all your information in your browser has been compromised as soon as you click the link, essentially. And then they get the information from you, then they'll run other attacks against your browser to get all your passwords and everything inside your browsers potentially. Because you're authenticating as you, as soon as they steal those encryption keys in your browser.
They have the passwords potentially. It's complex attack, and I don't necessarily trust having a cache password and in my system, I just use my password vault for each thing. And I have 30-to-60-character passwords. I often try to use 120-character for the real secure stuff, but most sites can't accept real along passwords. Some don't.
Macarena: And I'm curious about the hardware. I remember from way back in the day. So, I'm also a Mac, even though I've used PCs throughout.
[00:30:28] The Evolution of Cyber Threats and Mac Security
Macarena: I don't know if it's a wives’ tale, if it's actually true that Macs were harder to hack, is that still the case?
David: Not really. Macs are just as easy as PCs, as Windows machines, or Linux machines. Because a lot of viruses and malware in the early days, was written for just PCs, Windows based machines, and hackers are lazy. They just want to get this malware kit off the dark web or wherever and craft the malware to get your information.
On the Macintosh, I've seen a lot more attacks specifically targeting Macs. Where they'll try to steal your information. They'll try to steal your iCloud information or they'll try to sneak a device on your approved list so they can steal your money, et cetera. So yeah, that advice is obsolete.
It's no longer security by obscurity anymore. Hackers are fully aware e of Macs as they are Linux and Windows, and they'll try to exploit them any which way they can. So, fourth item on the list is to Make sure you update everything. As soon as you get update available.
What I tell people to do is look at the security notes on the update. And a lot of people don't want to update things right away because it may break something on their phone or there has been cases where that's happened. But if it's a major security problem, then you'll want to actually update it right away.
I have Google alerts for Mac and Windows updates, since I have multiple machines in my home office. I have Macs, PCs, and Linux machines, as well as Windows, and I update them quite rarely. Once a week, I check for updates. Because there's a lot of out of band updates.
Microsoft, has they call it Patch Tuesday, typically the second Tuesday of the month is when all the patches go out for the PCs. Apple has a similar cycle, but they will also have emergency releases as well. One just happened like a month ago. When you see the end updates available, you want to follow through and update it.
Macarena: Oh, that's such a good one because I don't know why some people hate to do it, but I feel like you're being left behind. And then I guess they address whatever the flavor, the hack flavor of the month is, of the day. That's what they're addressing. That's super important.
[00:32:41] Unveiling the Mysteries of Zero Day Exploits
David: Here's another concept for you. It's called the zero-day exploit. So, what a zero day is, somebody has found a way to get into your operating system and Apple or Microsoft may not know about it yet. And those exploits are really valuable because there's no antivirus or anti-malware to fix that problem.
They'll try to strategically use it to their advantage. And there's hacker sites out there that will actually buy these zero-day exploits. So, these other criminals can launch campaigns to get as many machines infected as possible. Then by then, the vendors have caught up and we'll start issuing patches for that or virus antivirus updates.
Book Ad: With 'Get Well Soon: A Poem of Comfort,' you're not just giving a book, you're offering a heartfelt companion for those facing health challenges. Buy now at macarenaluzbianchi.com Also available in Spanish and for children, The Caring Giraffes!
[00:33:34] The Essential Guide to Patching and Backups
David: Time is of the essence a lot of times. So, you'll want to be sure to patch as soon as you can. I don't exactly. I used to wouldn't patch when I was on the road a lot but a few years ago I would be, before the pandemic and everything, I was on the road every week.
As the nature of my job. Would take a local backup. And that way, when a critical patch will come out, I'll just update it in case my machine blew up, I had my local backup. There's all sorts of strategies around that, but there's no excuse anymore. You can always back up to the cloud.
So, it's just patches as soon as you can, make sure you back up everything first then patch in case something goes bump in the night, but you want to make sure that you're secure.
Macarena: Wow. So really luck favors the prepared. I love that. And I think it's true in a lot of ways, but a little preparation goes a long way.
[00:34:21] Navigating the Digital World: A Cybersecurity Perspective on Social Media
Macarena: So, I'm curious, do you know who Cal Newport is? Like deep work. He's actually a computer scientist.
So, a lot of his work is about like how to get the most out of your brain. And then he's figured to get the most out of your brain. It's better to not have distractions like social media and stuff like this. So, from a cyber security perspective, what is your take on social media?
David: Social media definitely has its place. During working hours, I try to avoid even looking at it. An author, though that's how you market, essentially, is social media. At lunchtime, I'll look at it and make sure that there's nothing I don't need to respond to. But for the most part, it has its place.
Just make some time to devote to it so you can focus on that too. And that way you're not multitasking, working on important document and doing social media at the same time. Cause that's, as you said before, how the mistakes get made. And cause your defenses are down. So yeah, just schedule some time for it.
It's definitely a useful tool. But social media, it's another thing I'll mention as well as I don't accept friend invites if I don't really know them. Before when I started publishing books and everything else, friends and friends, I would accept invites too. Then they would try to say, oh, hi, I want to talk to you.
And all this, and they try to like scam you, right? Or they want to sell you their, It's Oh yeah, I know how to market these books. Give me 500 and I'll perfect the SEO for your website. It's okay, that's another thing to get your money. So, it's so I try to avoid it and not accept any unsolicited invites whenever possible.
Same goes with LinkedIn too, that social media for your workplace. But a lot of people will buy it. These premium. If you're a premium member with LinkedIn, you get so many messages where you can just send them a private message and you get so many of those with the premium plan.
And I've connected with people that I used to work with or I've been connected with before. I may not be connected to them with LinkedIn, and I've used that in the past to get a hold of them, especially in emergencies, but for the most part, I would be on guard with social media. And unless you know these people. A lot of times, people I know will send me links on Messenger and go, oh, check this out, and I don't click on those links that are essentially trying to own your computer.
So yeah, just be cautious of social media. Just use it as you would your phone but in public. When you use your phone in public, you essentially are on guard, people may be looking at it, et cetera. When you use social media, think of it from that mindset. You're working in public.
So, make sure that you're taking the right amount of caution not to do anything that could compromise your security.
Macarena: I like that. You have to be aware that social media is like working in public. Interesting. So, proceed with caution, don't be in such a rush. So, you don't make mistakes. I think now it's better because like we can say. My private Facebook is only for family and friends.
I have my author page, or this group. But it's interesting because I'm glad you brought up LinkedIn because you would think LinkedIn is more professional. The vipers are everywhere.
David: Exactly. And a lot of times people will send you fake job offers too in LinkedIn. They go, oh yeah, then looking at you're qualified for this job. I've talked to relatives that have gotten taken in by some of that before. They're unemployed and he says, oh yeah, you need to send us a hundred dollars to get this going.
You shouldn't have to pay if an employer is looking for you, shouldn't have to pay anything to get a job interview or anything like that. So, if they want something from you that is not your resume, just be careful and don't accept unsolicited emails anyway.
With LinkedIn, it's hard because I've gotten my last several jobs by unsolicited communications with LinkedIn. And he was like, oh, would you like to apply for this company? Oh yeah, sure. And this is years ago. And a lot of those experiences were positive, but you never know.
Macarena: I think you have to double and triple check, just to make sure.
David: Exactly.
Macarena: This has been great. I want to ask you about some other stuff. Is there any other security thing you want to discuss or make sure the listeners are aware of?
[00:38:34] Protecting Your Digital Life: Encryption and Device Security
David: Also, when you're working with a Mac or it's a little harder on Windows is encrypt your computer in devices in backups. In on the Macintosh, there's a file vault and you have to create a secure password for it. And what I typically do is I'll create a password for it. Write it down on a slip of paper, put it in an envelope, and put it in my safe.
That way it's not stored electronically anywhere, but I can get to it if I need it. Or put the key on a drive and lock that up somewhere. In that way, in case you need to rebuild your system, you have your encryption keys, you can get your information. But if someone steals your computer, they don't have all your information anyway, right?
So, if I steal your windows laptop, it's for instance, and it's not encrypted. I can just get into that laptop. I can do a shared connection to it. It's easy enough to break a local password on windows. So, these criminals know that they can or they can just boot from a USB stick and just access your files like a USB stick.
So, they'll boot up using an emergency disk from say Microsoft windows. And then they see your hard drive as another drive on their system, then they can copy it over to another hard drive. But if it's encrypted, they'll never do that because it's, they need that encryption key loaded in memory.
So, it's just much harder for them to get that information.
Macarena: So, when you say encrypt your device, in the Mac, how do I do that? How do I check that's done? Because this is not like needing my password to open it up.
David: Correct. Precisely. You just go into your settings and look up file vault and you'll see if it's turned on or not.
Macarena: Oh, it's on. So, file secures the data by encrypting its content. A recovery key has been set. So, I did this at some point, but I have no idea what it is.
David: So, at some point when you set it up, you typed in the recovery key. It could have been the same as your password, it could be something else. But typically, it's like when my wife got a new machine. I had to restore her system from backup and I had to put the file vault information in there before it would restore it.
You just have to have good hygiene as far as your passwords. If it's in your password vault, which it may be, it's already there and you can access it. Encrypting is great. Just make sure you keep track of all your encryption keys so you can get to that information in case you need to.
And I have hard drives that have a number pad on them and you have to put in a pin code to get in to that device.
Macarena: Wow. Cool. So, you've brought up a couple of things that we hadn't talked about.
[00:41:08] The Perils and Precautions of Lost Devices
Macarena: One is when we lose a device or it gets stolen. I've sadly had this happen, and as a writer losing your laptop is like the worst possible thing that can happen.
When it gets stolen from your house by people doing work or whatever, which has happened. Very traumatizing. But I think that if everything's on the cloud and I know that with find my machine, you can disable it. Like, why would someone, if they can't get into it, the laptop or the iPhone, for example, why do they steal it for parts?
David: No, they usually say a workman's situation, they'll steal it and try to resell it and try to pawn it or, sell it on Craigslist or eBay or wherever. But if your device has been reported stolen, Apple and the program will put your serial number and you could police report.
If you have your serial number already written down somewhere, you can actually report that stolen. There's like this one called Mack of all trades, there's other device buyers out there and what they'll do is you provide the serial number to them and then say, okay.
They'll check the national stolen registry, to see if it was reported stolen and if it's not, they'll buy the device. Just another precaution is Keep the serial numbers on all your devices handy in a file that only you can access. Paper file in your safe, fire safe, is the best.
Macarena: Fire safe? Yeah.
David: Exactly. That's like a safe that's bolted to your wall and nobody can run off with. So just keep it in the same deposit box, something like that. That way, it's out of reach. It's not with your device. Sadly, things get stolen.
When Kindles were like 500 or whatever, I had one stolen. I forgot it in the seat-back pocket. And I called lost and found, nobody reported it. It was a brand new, Kindle at the time. So, I basically then started scratching my head. I was like, what can I do that nobody can get my personal information off of there?
Went to Amazon and reported it stolen and they just locked it. So, nobody could register it and use it as their device.
Macarena: Report stolen stuff. I've been lucky where I've left stuff. We've left stuff on the airplanes and we've been pretty lucky to recovered.
David: Yeah. It's a luck of the draw. The sooner you find out that it's missing the better, because you can just, preferably if you're in the airport, just go to your airline and say, you lost it. Here's your seat number, et cetera. Then they'll try to return it to you. But yeah, most of the time is somebody who's already in that seat and they go, Oh, iPad, it's mine now.
Macarena: Yeah, finders keepers.
David: exactly. Most people will try to turn it in.
Macarena: My kids were, when they were little, they'd be like, look what I found money. Where did you find that? In your wallet. That's not how that works.
David: Exactly. You find it on the street. That's one thing,
Macarena: Your purse. No. Okay.
[00:43:59] Safeguarding Your Online Presence: VPNs and Firewalls Explained
Macarena: So, the last security question I have has to do with networks. Like most of us can't live without Wi-Fi, so we go places. Conventions, airports, hotels, and we log in the Wi-Fi. Are we exposed? Are there some do's and don'ts? Don't do banking stuff in those locations.
David: Yeah. There's several ways schools of thought around that. As soon as you connect to a Starbucks Wi Fi or even the hotel Wi Fi, it's an unsecured connection. So, it's unsecured by default. So, any network that's not your house, I assume that it's been breached and it's after my information.
So, what I'll do is load my VPN software. And establish a security connection as soon as I connect to that network. I have two. I use Nord VPN and I also use private internet access. And I like the private internet access cause it doesn't log anything, but it's a security connection.
So, a lot of times when I do my security research, I'll have multiple VPNs. In that way I have a layered approach and, in that way,
Macarena: A buffer.
David: I'm secure. It's a buffer. Yeah. The problem is if you're doing a video conferencing calls or anything with high bandwidth, it's going to degrade your performance because it's a layer already on.
It puts all your information in a secure tunnel and then information is wrapped. The VPN wraps that information. So, intruders can't just scan the network and see what's being transmitted across the network. It's all encrypted. Then if you have a second layer, it's like having a pipe, then a bigger pipe.
Macarena: And is that app like private internet access VPN? Is that an app you have on the Mac or whatever?
David: It's an app. It is an app on the Mac. Yes. And there's all sorts of VPN softwares out there. Typically, it's an app that's already installed on your machine or you install it when you pay for the service. And then when your machine boots,
it automatically will connect if you set it to, or you can manually do it. Then sometimes I don't want that when I'm doing video conferencing calls or whatever, and I'm on a network that's secure already. I'll take that risk. But if I'm in a hotel, I'll have at least one VPN connection going.
Macarena: And so, when I just look up now on my settings, my Mac settings, like VPN, something that says firewall, What's the difference between a firewall and a VPN?
David: The VPN is mainly you're connecting to another server that's trusted so you can have a secure wrapper around your communications and the firewall just blocks things where you can't scan your computer. You only allow certain ports., a port is just like a socket. That's think of a wall and a hole on the wall is the port.
So, you'll have holes in there for secure socket flare, like 443 where you can't establish a connection for a secure browser connection. Then you open these ports up so you can show apps on your computer can communicate to the outside world. And you only allow these ports for those specific apps.
So, you may have your video conferencing software. Most web-based video conferencing will use the secure sockets, their port 443, but some don't. They have their own ports and you have to enter those ports in or allow them so that the software will work. So, the firewall is just a barrier so that nobody can, A, scan your computer and B try to access your computer without permission. So, you need the ports of them for your firewall to function, but yet you don't want to automatically share everything on your system. So, on the Mac, you have your firewall.
Then if you go to the advanced settings, you have stealth mode, which means that if a hacker is scanning the network, they can't see it on there. It blocks all incoming requests that's not on your firewall list.
Macarena: Oh, so these are things we can do with there. It's part of the set. So, we have the firewall active all the time or only when you're out of the house?
David: Yes. At all times. You should have your firewall turned on at any given time.
Macarena: Okay.
David: And that's why you have the exceptions for your applications and the ports for these applications to work. Otherwise, you'd be frustrated because nothing would work. You typically want to go into your firewall settings and say, you can be real granular about these settings.
You can say, okay, this app can actually send or receive, but I only want to send with this other app or receive with this app, or you can get real detailed on these settings. But the ports are essentially just a way for the apps to function with your firewall.
Macarena: All right, so I've got some homework and so do our listeners. So, you are an author. Thank you so much. It's been so enlightening, all this security stuff.
[00:48:39] Diving into the Author's World: Cybersecurity in Fiction
Macarena: But I want to talk about your books now because I know that you have the book you showed us, which is a nonfiction book for normal people like me. You have a lot of experience with businesses and big systems, which is amazing, but you were kind enough to write this book for normal people, everyday people.
So, we know what to do and how to take care of ourselves. So, we'll definitely put a link to your book. But I want to hear about your other books. So, I know that cybersecurity are part of the things that are happening in your books. Can you tell us more about that?
David: Yeah. It's also a fiction. I started by first fiction I ever wrote was about a teenager. He was playing a game and he was trying to find more information about the game and he wanted this better computer. He was really smart with computers.
So, he started inadvertently hacking and he got into trouble doing it and I have what I call it cyber security fiction. Essentially, it's about not only kids. I read all sorts of things but I have this one book series called The Cyber Teen Project and essentially what that is It's a series of YA (Young Adult) books that follow a few teenagers through their journey of learning computers and hacking.
And they get into trouble of course. And the protagonist, the main character, takes these side jobs and ends up working for a national hacking ring. And he's actually better than their main guy. And the main guy gets mad at him.
Then he hires a hitman to go after him and stuff like that. So yeah, all this stuff in the book. But the point of that is that you use fiction to teach people about cybersecurity. So, what I'll have in these books is, oh yeah, he scanned the network for this machine, then he used this technique to try to get into it.
And I described this through a fictional narrative. So, it actually ends up teaching people as well. But I changed a lot of that around. So, I'll put a piece of code in there. I call it p-snake code. It's Python code. And I take it out of context and change some of the code around. So, you can't actually use it to attack anyone, but it teaches them break it down in narrative as well as dialogue and like they're trying to teach each other how to get into the system or whatever.
Try to use those concepts.
Macarena: I love that. So, the Y18 series, what's the name of that series?
David: The series is called The Cyber Teen Project
Macarena: For grownups, which is the series you recommend? I love YA.
David: Yeah, it's a lot of adults have actually gotten a lot out of that book series as well. So, I'd recommend it for adults as well as teens. It's funny when I first published the first book, white Hat Black Heart I had like a 75-year-old man write to me and saying he loved the book.
And he sent me a letter to my mailbox. So, I replied back and said thank you. And I sent him the next book.
Macarena: That's so cool.
David: And just. So, here's my gift to you. And he loved it. That's a super fan, right? I try to teach all people of all age groups, but since it has a teenage protagonist, it's a YA by definition, but I also have a lot of other cyber punk books and like I have another one, Cyber Overtures that I take artificial intelligence has taken over all music creation, and this is 50 years in the future, like 2071 when I actually wrote this book in 2019, 2020.
So, before Chat GPT or any of that was out. And my thought was I was wanting to the robots have taken over all music creation, have taken all the human ingenuity out. These corporations have taken over everything and it made it not illegal, but less musical instruments are hard to come by.
People can't really compose their own music because these large corporations are spewing out all the music for them and most of the populace, they don't really care, but some rebels care and they're musicians and they want to take the music back for the robots. Alice, the main protagonist, figures out how to make an EMP and where the robots are playing in this concert.
She basically is on the phone with, or, connected to somebody. And she's explodes this EMP and all the robots die, but she doesn't realize the consequences of her actions and all these firing cars coming down and accidents happened as a result of this EMP going off. And that series is called Cyber Overture as well.
It's written for general audiences, kids as well as adults. There's nothing real bad in it or anything, but it's a little bit violence, but nothing that bad. So Cyber Overture series, I just wrote for fun. They're short form fiction. They're like novellas essentially, and I have five of those books and two more that I wrote to extend the story.
Yeah, I just did that for fun.
Macarena: Love it. I love your whole platform and brand. I think that's great how you've been able to use your day job with your creative work, and vice versa. I think it's really cool. And that's why I wanted to talk to you because I was like, okay.
There's nothing wrong with just computer guys, but you are not just a computer guy, you're very creative. Just to be clear, I know a lot of computer guys that are extremely creative too. I do appreciate how those things work together because a lot of people think they have to choose one or the other.
I get that a lot. I was a film producer and I was into business, so like that, sometimes people tell you have to choose, but there are ways of weaving our passions together. So, I love to see that in someone. And obviously I saw that in you, which is why I was like, I know it's called magical mindset, but I know we can talk about some interesting stuff here and I love that your books sound wonderful.
I actually cannot wait to read them. I'm very excited actually. I think that's right up my alley.
David: And I try to teach something in each book and for fun with the Cyber Overture series I took the protagonist from the YA series and he comes back as an old man in the Musical series to help out the protagonist there. So it's have a lot of interconnectivity between the series.
Macarena: Oh, I love that. You've built a world. That's what I'm doing with my YA magic in Miami.
[00:54:43] Exploring AI's Role in Creative Processes
Macarena: So, I have to ask about AI. You wrote about it; you foretold the future. And I was just at a really cool conference this weekend and somebody was saying, she was looking at the business, the publishing business, and she talked about the rules. Like the New York rules before 2011, for example, when it was like, all the publishing had to happen from New York and the publishers, they controlled the scarcity of books.
And, then it was like the gold rush of indie publishing. And then now we're in the, I guess the new age or the golden age or whatever. So, what she pointed out, and this is Becca Syme who I adore. She said that a lot of the things that authors are afraid of, because the author community was up in arms with the whole AI thing when it started, like when it got popular last November, the one before that.
And because I guess maybe because I come out of filmmaking where you've got a vision and you take good and bad ideas from people and then you decide what you do. To me, I was like, Oh, it's just a tool. It depends how you use it. I was very pragmatic about it, but a lot of people had a lot of strong emotions about it.
And so, what Becca was saying was the things that people were afraid that AI was going to cause that they're already happening where readers have too many options that was not caused by AI. That was already in place already.
David: Yeah, exactly. And when, like the large language models and everything else, or everyone thinks it's, the machines are forming sentences. Actually, they're not, they're mathematical equations that are happening on the backend to it's all probability saying, okay, this is likely.
Here's the sentence. This is likely what's going to follow. Then they get their prompts together and try to narrow that down. To me all of that, it's a lot of work to get the story. When I get the story down, I have a scene in mind. I've experimented with that before and nearly always it comes out not the way I was envisioning.
So, I'll just, stream of consciousness, just write and get everything on paper, then I'll tweak and everything else, and I'll use Grammarly or ProWritingAid, and that's AI too, but it's more focused on grammar, yeah, and editing and getting that. So yeah, it's a tool like anything else.
If people want to use it, go ahead, but it doesn't bother me, but I've actually experimented with like brainstorming and it's cool for that, but I'm more of a I just sit down and the way my mind works is I'm thinking about world building all the time and I have Scribbr on my phone and I'm putting in information I think about in my world.
And most of my worlds are based on the real world, so it's easy. But I took this and with my cyborg books, I took a map of New York and this one section of lower Manhattan, I carved out and I created my own world within that. And I call it low town where all these cyborgs and all these cyberpunk stuff is there and all the criminal activities happening.
And all these paths underground, these doctors are working underneath the subway, working on people and stuff like that. So it's, so I created all this world based off the real world. With AI, it's cool, but what you don't want to do with AI is actually people were actually saying, okay here's this information help me print a macro.
Here's the spreadsheet. I need this to happen with it. But they're putting in sensitive information, so you don't want to do that because anything you put in the chat GPT window could potentially get ingested into a database and learned upon with other models. So don't put anything sensitive, anything you wouldn't want to see on the internet.
Don't put it in chat GPT. That's my take on it.
Macarena: The cautionary tale, it was pretty funny how, I started hearing about it and there was like all this drama about it. And I remember that my husband wasn't in this world, so he couldn't relate and then something cool happened. So last year, like around May or something, he said something happened where wrong information was portrayed about his business.
So, it was like a Saturday. And he says, Now I have to spend the next five hours writing a press release.
David: Yeah.
Macarena: I said let's try something. So, we put in the bones of it and it spit it out. And what I found quite fascinating is the boiler plate for his business that I had written. I'm an author. It had no way to improve that. Like it had nothing there. But it had some quite useful stuff. Instead of taking five hours, it took, 30 minutes.
David: yeah, exactly for stuff like that. It's an awesome tool. And during research I found is really good to saying, but you need to verify that but essentially saying when did the subway system in New York first get introduced? Stuff like that it knows about, right?
All that information is online. Then you just verify that, etc. I use it for stuff like that. And it's great for that. And, yeah, I'm not opposed to using AI. I think it's great, but for my creative work, I like just doing it myself because I'm real, I have all these ideas.
Macarena: That's the fun part.
David: I don't have writer's block.
Yeah, exactly. Oh, yeah, where the rubber meets the road. Sometimes I play around and say, okay, write a story on this. And it comes out with something completely different. And it's funny the way it works sometimes.
Macarena: That's funny.
[01:00:07] The Power of Community and the Future of AI in Writing
Macarena: This weekend, one of the things we were talking about, like sustainability and how to be an author for life. And Becca uses the Gallup Strengths Tests so people can understand like how to manage your life and your creative life. And then one of the cool things was, she talked about what is it for you about being an author that really drives you?
And if you had to prioritize. And then for me, which I hadn't really thought about is, I love interacting with readers. Like I know some authors, that have pen names, love interacting with authors. I love interacting with authors too, but anyway, it was really good to be clear about that.
So then, understanding that about myself, then of course, like what I've been doing and in the one we met, it was really inspiring, like doing Kickstarters for community building, doing the subscriptions, all of that stuff is the community part.
David: Yes.
Macarena: So anyway, so it's really cool, for me, the community comes first, then writing. So, when looking at how I spend my time on my business, that's why like sometimes with the writing doesn't happen because I'm like, I've got to get X, Y, and Z done before I can do that. So anyway, so really interesting. And then for us who like community, we're not using pen names and stuff like that for us.
Then it's AI can't replace that, like it doesn't matter. Even if you clone your voice, it doesn't matter. Like it's not going to replace the human interaction that I thinksome of us crave. So that's why I'm not worried about it is what I'm trying to say.
David: Yeah, I wrote a paper on when I was doing my master's in digital forensics on telling the difference between a bot and a real human on a live chat, and I wrote this paper in 2008, 9 rather. Back then it was really easy to tell, but now the bots getting better, right?
Macarena: It's hard to tell. There's some clues, and sometimes it doesn't matter.
David: Yeah.
Macarena: Wow. This has been so good. Thank you.
David: Thanks for having me on.
Macarena: So, thank you so much. We'll put like your contact information and the links and everything in the show notes. So, people will be able to reach you. Do you have a favorite social media?
David: Yeah, I have mainly Facebook or Meta, X and Instagram. And, but Facebook I'm on the most.
Macarena: Perfect. Perfect. Perfect. So, thank you so much. I appreciate your time and your consideration. And these are wonderful tips.
David: Of course, anytime.
Outro 1: Thank you for listening. Luck favors the prepared. Now you know what to do. We all have a little homework, but I think by following these simple five steps, we will be able to feel more at ease. By following the five tips we got from David today, I think we will all feel a little more secure that luck favors the prepared and also being present.
If we're present, we're going to be less likely to auto click and be an autopilot and just go down the rabbit hole. So, another wonderful reason to be present. Thank you so much for listening. And yeah, see you on the next episode.
sponsor: I want to thank our sponsors, Spark Social Press, my publisher, for supporting our show and their commitment to spreading joy and empowerment through their magical books. Spark Social Press believes in the power of mindset and the magic of self-expression. Our enchanting children's book series, The Grateful Giraffes, teaches little ones the importance of gratitude and positive thinking by expressing themselves thoughtfully and tenderly, and with illustrations of their delightful adventures and heartwarming lessons.
Spark Social Press offers gift books for grown-ups for every occasion, helping you express the perfect words to make your loved ones and colleagues feel seen and treasured. With these lighthearted poetry picture books at Spark Social Press, we believe everyone is glorious and deserves to be fulfilled with more wonder, wellness, and wisdom.
That's why our books are designed to spark creativity, uplift spirits, and empower readers of all ages to discover the joy of self-expression and spread more wonder in your life. Visit SparkSocialPress.com. Today, together with spark social press, let's embrace the magic of mindset one book at a time.
Once again, a big thank you to spark social press for sponsoring the show and for bringing more wonder, wellness, and wisdom into the world through our thoughtful and inspiring books.
Outro: Wow. What a journey we've been on together. I hope this episode has left you feeling inspired, empowered, and ready to embrace the magic in your life. I'd love to hear about your experiences and insights. Please tag me on social media using the hashtag magical mindset podcast, or leave me a DM to share your wins, challenges, and aha moments.
Let's keep the conversation and the magic flowing beyond this episode. Thank you so much for tuning in and for being a. Until next time, keep shining your light and embracing the wonder of each day. You've got this!
