Welcome to HakProof.com. This site is my attempt to reach out beyond the physical classroom to the community at large to help each of you increase your personal SQ or Security Quotient. Today was my 14th visit to WHTC 1450 AM/ 99.7 FM radio station in Holland Michigan to be a guest on the daily show, Talk of the Town.
Click on Link to access the Podcast, of my time on today’s
http://whtc.com/podcasts/talk-of-the-town-today/99/staying-safe-online-james-allen-aug-23/
The Importance of Updates
No matter what device you are using, keeping the hardware and software up-to-date is very important to minimize security problems. New security flaws are discovered every day and often affect devices that are no longer receiving updates. The most common devices include computers, phones, and tablets that do not support the latest operating systems. Other devices that most don’t consider are printers and other similar peripherals along with Internet of Things devices that are becoming more prevalent in our daily lives.
Once phones and tablets are no longer receiving updates they should just be replaced, even if they seem to still work fine.
If you are an Apple desktop or laptop user, make sure your computer can handle the latest version of OS X, soon to be version 10.13 (High Sierra), and if it does then follow the instructions on Apple’s support site on how to update your software. If your machine is no longer supported by Apple then consider replacing it with a new one or installing a version of Linux which often works well on older systems. This will extend the useable life of your machine and still allow to to keep it relatively secure.
Despite all the complaining about Windows 10, it is actually very user friendly and secure operating system compaired to it predecessors. If you are truely worried about being “spied” on by Windows 10 then you need to reconsider owning any device that connects to the Internet or become hardcore security savy quick. Windows has an update utility that will keep your Microsoft software and OS up-to-date, but the best way to keep your non-Microsoft softare at the latest version is to use a program like Secunia PSI.
If you are a long time linux user then you are most likely very familiar with how to keep your computer up-to-date, but you do not have to be a hard core computer geek to reap the security benifits and flexability of Linux. Other than the security benifits, many flavors of Linux will give your older hardware a new lease on life while maintaining a decent level of security. Depending on what distribution of linux you choose, some of them try to mimic Windows and OS X interfaces and controls, which simplify your learning curve. Check out this link for more information: Best Linux Distributions for New Users
Remember that staying secure requires more that just updates. This is just one step closer to staying safe online.
Don’t believe everything you hear in the news about security hacks
Two recent sensational headlines that swept the press have been taken out of context. It is what we like to commonly refer to as Clickbate. Sometimes it is on purpose, and other times it is out of ignorance of the subject being reported. The two stories in question are about DNA being used to hack computers and Graffiti being used to confuse and misdirect autonomous cars.
Both of these items are not currently real world problems. The goal of the researchers was to find potential weaknesses in current technologies by using highly simplified models of the actual technology.
If you truly want to know more about Hacking and security related issues that have the potential of affecting your life then find news sites specializing in security related news.
- http://www.krebsonsecurity.com/
- www.darkreading.com/
- https://threatpost.com/
- http://www.securityweek.com/
- Use your favorite search engine for many more security news sites.
Potentially new security feature in IOS11
In the very near future Apple will be releasing its newest version of its IOS mobile operating system, IOS11. A small subset of users have had the oportunity to test and review the beta versions of OS11. One of the newest features introduced a new hidden feature. By pressing the power button rapidly five times a screen will appear with an emergency call option, along with disabling the Touch ID and requiring the users to retype their password. The value of this new feature is two-fold. First, It provides a quick way to gain access to emergency services. Secondly, if you can activate this feature before law enforcement seizes your device, then they will not be able to compel you to unlock your phone using the password legally. Check out this Gizmodo article on the subject for more information.
You do not have to own a computer to be at risk
As Ubiquitous as Internet enabled devices are in today’s world, not everyone has one or uses it to buy things or do their banking. Despite this fact, there is still a risk of losing control of your credit cards and bank accounts. The first issue is the US Postal System, starting with your mailbox. Mail theft from unsecured mailboxes can be profitable for local thieves. Checking account information and Credit Card information is readily available, and you announce that fact when lifting the flag on your mailbox.
Some simple recommendations to protect your payments include using a secure mailbox. The second option is to drop your bills off at an official US Post Office mail drop instead of putting them in your mailbox at home.
Another security problem is just the act of using your Credit Card in public. Every time you swipe your card through a possibly compromised reader or hand your card over to an employee at a restaurant. These examples are just the tip of the iceberg of what can happen with your credit cards. The ways to minimize the threat are far too numerous to review here, but at the very least watch your bank and credit card accounts carefully and if you see anything out of place report it immediately to the appropriate bank or credit card company.
LastPass password manager
Near the end of the radio segment I mentioned a useful feature of my favorite password manager, Lastpass, One Time Passwords (OTP). OTPs allow you to create a series of random passwords, that you print out and store in a safe place, that will allow your to access the account once before it expires. This is a handy feature for several reasons. The first is when you want to log into your lastpass manager from a machine that you do not trust or suspect may have malware on it. The second purpose is to give you access if you temporarily forget your mainpassword. Lastly, and most importantly it allows someone to access your account and gain access to all of your accounts after you die. Create a OTP Password, print it out and place it in an envelope with the statement, “Only open upon my death” or something similiar. Now either put the envelope in a safety deposit box or give it to your attorney. Make sure someone is aware that the safety deposit box exists. For more information read the following article from lynndye.com.
Tools to help you keep your machine healthy
During one of the news and comercial breaks, I spoke with a caller. He asked me what he could do to better protect his machine. Though there are many ways to try to keep a Windows computer healthy.
- Do not run a third party Antivirus if you are using Windows 10. The built-in Defender program works well enough and you minimize your chances of being infected by malware that is designed to use third party antivirus’ to gain access to your machine. I know this does not completely make sense, but trust me on this one or do a little research to find out more.
- There are a few free third party security programs that are worth running occationally, but only in manual mode. Maybe once a month.
- Ccleaner: Eexcellant utility used to do basic cleanup of temporary files and the registry. This program can also be used to do a complete removal of unwanted programs from your machine.
- SuperAntiSpyware: One of the most effective utilities for finding well hidden malware on your machine. Only run full scans for the best results.
- Spybot Search and Destroy: This program a couple of useful functions. One is a spyware scanner and the other is a database of some of the known malicious websites that will be installed to protect your machine.
- Use the free versions of this program and disable any program that these applications may have set to run at startup.
There is more that can be done, but this is a good start along with keeping the software and operating system up to date and mentioned above.