DON'T BE A DUMMY More on Network/Internet/Computer Security for the Common Man |
So here we're going to talk about Security involving networks, the internet, and your various accounts. This is a serious issue that nobody talks about enough, and it seems to me, as an I.T. pro, that nobody really takes SERIOUSLY enough.
Why Security is Important When personal computing became a thing in the late 70's/early 1980's. Computers were largely remote devices that sat on a desk, in a locked room. This is the most secure a computer could be. They did not have a connection to any external networks or even internal networks for that matter. Any viruses or malicious behavior was spread by human beings in the office either being stupid, or being deliberatly bad actors, the latter likely taking advantage of the fact hardly anyone knew what the deal with a computer was back then. But since the dawn of the internet in the mainstream consciousness security has increased in importance every single year, as we went from dial-up connections when we were only using them, to the current time of 24/7/365 broadband internet connections via both our phones AND our computers. This has generated major security concerns for obvious reasons - what obvious reasons you ask? Well. For starters, we have devices that sit on the worlds biggest computer network (the internet) unattented for hours at a time. That's a lot of time to sit globally connected and unattended. So what can you do to protect yourself, and what is F.U.D. (fear, uncertainty, and doubt), and what is just some fear-monger trying to shill another VPN product. So that's what this page covers, everything having to do with computer security in the modern time.The First Line of Defense is COMMON SENSE It does not matter how good an anti-virus you have, or how good your malware scanner is, or how many ports you blocked, one of the #1 ways bad actors and malicious programs get on your computer, is not exercising common sense! Honestly, we should start calling it "uncommon sense" these days given how rare it is. But I digress, 90% of the trouble people get into on the internet, is by not being careful and using the grey matter between their ears, and it's so simple, so easy, It's one of the reason us I.T. guys end up tearing our hair out and going gray early! Because it has NOTHING to do with the computer! And everything to do with how you USE THE COMPUTER AS A HUMAN BEING! Credentials - aka Username, and Password - are intended to protect your account from unauthorized activities, whether they be malicious or not. They are intended as a access control mechanism. They are not to be shared, they are not to be given out to anyone, and they are not to be passed around all willy-nilly. As an I.T. pro, it's amazing how much you see this sort of stuff go on in our industry. 2 users sharing the same account, people giving out their passwords all willy nilly, other Techs not disposing of them in secure fashion after they have been given out for whatever reason. That's also why you need to CHANGE your password, preferrably between 30-90 days from when it was set. Especially for Internet based services, because despite the best efforts, most companies will get some form of a "data breech" in their time on the internet, and your e-mail address or credentials could be on that list. What happens is when a bad actor, a malicious "bot", or a malicious hacker group gets ahold of data from a breech, they can have e-mails, usernames, passwords, addresses, confidential data, and so on. I use a site called Have I Been Pwned to check my various accounts against data breeches. I know it's a royal pain in the ass, especially with the draconian security measures these companies have to apply today to reset your password (verification codes to e-mail/sms/phone-call, Capchta images, random generated images and verification codes, etc...maybe even the irritating call to support), but it's a necessary pain in the ass, kind of like getting your car an oil change. The next common sense thing is what you choose to visit on the internet. Let's start with the no-brainers.... Typically, websites associated with illicit activies - ie. Pirated Wares (spelled - WAREZ), Music, Movies, and of course, things some groups consider morally questionable (p*rn) tend to leverage the fact that these activities are questionable and a "gray area" at best, and therefore might decide to get their funding from less as reputable sources that might install bots or malware on their pages that will latch itself onto your web browser or even your computer's operating system, resulting in pop-ups, data breeches of your own machine, or even ransomware and other malicious software getting installed. Is dangling a carrot in front of your amorous face of something, or someone, you cannot get really worth it? Sure, you might have the game now, but you're going to lose all of your data later quite possibly. I know it sounds like a corny PSA on this page for cybersecurity, but this stuff is no joke. Another common vector of course is foreign websites, particularly ones that sell things or offer goods or services that feel like a shady infomercial. I would be wary of anything hosted in China, Russia, or India most especially. I'm not being racist, this has nothing to do with someone's skin color or country of origin on a regular level - this is a POLITICAL thing. Basically put, other countries don't place the same importance on the internet that we do in America, Japan, or Most European countries. A lot of legislators in other countries see it as a "toy" or a "joke" to them as the internet is not one of the 3 basic needs to be alive (meaning just ALIVE, not employed). Often they don't punish bad actors, rather, they just let it go on, and whoever's stupid enough to bite, "deserves it" in their eyes. Also, another common sense thing is to not open e-mails that don't belong to you - meaning if you don't know who the sender is, then don't open it, and for fuck sake, if you DO open it, don't open the attachments, or follow the links. That said, there IS a way to check if a link is legitimate, and that's by hovering over it and seeing if it leads where you think it should. If you find it the least bit questionable, then don't do it. An old band director I had on field trips used to tell us all the time "when it doubt, don't!" and this rule applies to the internet and networks double-so. I have some serious cred here - I've only had enough malware to have on one hand, and only one virus that took a machine down through any potential fault of my own in 20 years (and lo and behold it was a Microsoft Product, Hotmail to be specific, LOL). In a security event at work, I was one of the few computers still left standing because I followed security policies, almost nobody else did. You'd be amazed how much damage a few bad actors can do in the span of a few hours, it's fucking sickening! That's a really clean track record.The Protection You need vs. What's Advertised So let's take a look at what each security technology is for, and what it does..... Firewall - a firewall is basically a piece of software that intercepts traffic coming in from the internet. It also can block traffic going OUT TO the internet as well. Firewalls are configured with a set of regulations called "Rules" which you set up yourself usually. The most difficult part of configuring a firewall is knowing what to turn on and what to turn off if you're not a "computer person". Anti-Virus - Anti-Virus software is a piece of software that scans files and your hard drive for viruses, which are malicious software. I separate viruses sepratley from Spyware/Adware/Malware, because of the intent. Viruses are notoriously malicious and can cause everything from your computer acting weird (pop-ups, strange programs launching you never installed, changes to your file associations with an unknown program), to outright "bricking" your computer by destroying it's hard drive, and/or the content on it. Spyware/Adware/Malware Scanner - This is a program that scans your internet cache and hard disk for spyware/adware/malware - basically things that are less than a virus, but still providing unwanted results from the device. Spyware, as the name implies, spies on your computer activities and send them back to a remote server undisclosed. Some of this stuff is used for mining your data just to sell you crap, but sometimes it can be used for more nefarious purposes like collecting your passwords for unauthorized access. Malware is the most damaging, and can range from things like "Ransomware" which is software that will encrypt your files/hard disk (or lie and say it did), and then ask you to pay money or bitcoin to get the key to unencrypt your data. Another type of malware is software that continually spawns browser instances pointing to sites - which I've found is pretty common with p*rn sites while out in the field repairing computers. Basically, the browser will keep spawning up more "ad partners" until you either remove the malware, or wipe the machine. Lastly, you have Adware which is more aimed at pestering you with ads for what could be legitimate (but shady), or illegitimate products. VPN (Virtual Private Network) - Everyone loves throwing around Virtual Private Networking these days, but nobody really seems to understand the purpose of VPN. Virtual Private Networking is a technology that encrypts the connection you are using over the internet - otherwise known as "tunneling in" - to connect to the server at the other side without people being able to see or intercept the data. The #1 use case of VPN is at your job when working remotely to protect the data of the company you work for. Howwever, it seems some companies (like Nord) are really pushing to have EVERYONE using a VPN. A VPN CAN be useful for a home user for things like, posting to Reddit while permabanned, or using a unsecured WiFi network while out and about (ie Public WiFi), but otherwise, the risk without is not as extreme as the FUD spreaders seem to love to throw around about it. It's also useful for watching TV in other countries as well apparently. How Can You Protect Yourself So how can one protect themselves in the modern internet? Well, the most secure way would be just to not sign up for anything except maybe a gmail account, and only surf well known websites directly that you actually NEED to access - and that's about it. |