Cyber/computer security, etc.

[MutantScalper]

There might be a thread about this subject out there but couldn't quickly find it.

Lately I've been wondering about cyber security/computer security and how to go about it in a smart way. I have a desk top, laptop and now a smart phone and I'm not an expert on how to go about securing them. One problem might be that I rely on freeware programs such as Avast and Malwarebytes but I've now read that they might not be sufficient by themselves.

Some people advocate certain anti-virus softwares, some do full regular re-installs of the system and keep their stuff on separate storage devices. Regular re-installs might be quite a hassle with all the updates etc. but it might be the best way to go about it. There's probably a lot of stuff about network security etc. that I have absolutely no clue about.

How do you guys go about securing your stuff, got any tips for a relative IT-noob?

 

[AskWazzup]

Well, being on windows is inherently pretty unsafe for most users, but since changing is not an option for most users, i would advise to choose open source software, if possible, over freeware stuff. With open source software anyone can check the source code for malicious things, as opposed to freeware stuff that is only a binary that does whatever the creators chose, when you install it. And be sure to research the websites that are sharing the software if they have any bad reputation amongst users, like adding malware to the software installs, as sourceforge used to do, but then got caught and lost most of their users (i don't think they do that anymore).

Also, don't use the same passwords for everything and use long passwords with mixed letters and numbers. Sentences are even better, like "treefucked56horses".

If a program insists on administrators rights when installing, be a bit cautious (for android check if the program asks for strange permissions, like internet connection, editing files etc. when it should not need those), because with administrators rights it can do pretty much anything it wants with your computer if it has malicious intents.

Also, there are programs like "glasswire" that help you easily track what's going on with your internet connection.

 

[MutantScalper]

Yes I know of those malwares added to freeware stuff, and even programs being nothing but malware being presented as anti-virus stuff etc. And I know of the new recommendations about passwords. Problem is that these days one has to create long passwords for log ins to dozens of sites, and then preferably keep the pass words on a physical piece of paper. Wonder how many bother with this.

Thanks for the Glasswire-program, will check it out.

It's strange though, one would think that crucial things like cyber security would be built into the computers themselves but they're not. I think in smart phones at least info security is becoming a major 'feature' in certain models.

 

[AskWazzup]

Yes I know of those malwares added to freeware stuff, and even programs being nothing but malware being presented as anti-virus stuff etc.

I mean websites that share alot of various software that were uploaded by users and then the the website (without permission) adds malware to previously safe software.

And I know of the new recommendations about passwords. Problem is that these days one has to create long passwords for log ins to dozens of sites, and then preferably keep the pass words on a physical piece of paper. Wonder how many bother with this.

I do. I have a whole book for important passwords. For websites like nma, i don't really care and use whatever password is more easy to remember.

 

[MutantScalper]

Yes, good to have a separate place for the passwords. Also, the browser offers to 'remember' the password but one should never allow them to do so. Just a lot of strange stuff that's counter-intuitive with the whole system.

 

[AskWazzup]

I usually just turn off the whole "history" option and sometimes even javascript and cookies (i keep a whitelist of websites that i trust for those options) if i feel particulary paranoid ).

 

[MutantScalper]

Yea I wonder how many, say, elderly folks know all these little tricks. I mean there are folks sending thousands of bucks to senders of "Nigerian letters", that ought to tell something about the intelligence of some computer users.

 

[AskWazzup]

How is the glasswire stuff MutantScalper? I don't use windows, so i only had a brief moment to use it, so i am curious.

 

[MutantScalper]

Haven't tried it yet. I'm sure it's a good program but I'm getting a bit sceptical about using third party software. It's used to monitor the web traffic to and from a computer?

 

[AskWazzup]

Haven't tried it yet. I'm sure it's a good program but I'm getting a bit sceptical about using third party software. It's used to monitor the web traffic to and from a computer?

That's a good strategy. As for the program:

 

[MutantScalper]

Hmm ok I guess it's a legit software. I suppose one way would be to change into Linux systems and use open source software, of which I have unfortunately not so good experience from. They switched to using Linux and open software at a former work place of mine, Linux works well but the open software stuff kind of constantly hickupped when doing heavy duty image processing or video editing. And it wasn't even that heavy duty. I would really like to use Linux and open software and maybe will in the future. Now that I've paid for Win 8.1 plus MS Office etc., I would want to get my money's worth out of this first.

They used to say that Linux and Mac systems don't have any viruses etc. but I guess that's changed now and they have malware as well. Not as much as Windows though.

 

[AskWazzup]

Hmm ok I guess it's a legit software. I suppose one way would be to change into Linux systems and use open source software, of which I have unfortunately not so good experience from. They switched to using Linux and open software at a former work place of mine, Linux works well but the open software stuff kind of constantly hickupped when doing heavy duty image processing or video editing. And it wasn't even that heavy duty. I would really like to use Linux and open software and maybe will in the future. Now that I've paid for Win 8.1 plus MS Office etc., I would want to get my money's worth out of this first.

It's getting there, but as of now you still (at least from time to time) have to poke around the system and get your hands a bit dirty to fix issues that might come up. They answer is usually pretty easy to find on the internet though, like when Wasteland 2 on my pc refused to open up the citadel, because the Wasteland 2 code tried to open up too many files at once and the linux kernel blocked that shit (the fix was pretty easy: ulimit -n 4096; steam).

They used to say that Linux and Mac systems don't have any viruses etc. but I guess that's changed now and they have malware as well. Not as much as Windows though.

There were always malware on any system, as no one system is safe from exploits, it's just much, much harder to do on Mac, or Linux, unless you download some random script and run it with a "sudo" command, or from the root. Personally i never had a firewall or anything like that on linux and my computer has never been compromised since i started using linux, i just don't even think about it anymore. Part of that is that when you are using one of the main (or pretty much all known) distributions, they have a repository of open source software and a team of people who maintain it (they make sure there is no funny buisiness with any of the programs) and since the main way of installing software in those distibutions is from the package manger of that repository, you can be pretty safe in knowing that none of what you install will compromise your pc. The other part is that the whole system is much more transparent and not that leniant with the root permissions as windows is, and of course because most malware is made for windows.

 

[MutantScalper]

Quite interesting stuff really. I'm not a Linux specialist and I guess one doesn't necessarily have to be one to use it. I will look into these things as soon as I can, can't guarantee about the switch to Linux quite yet. I do have a laptop that I could possibly turn into a Linux machine but I'll have to look into it.

 

[Hassknecht]

None is safe from the hackers.

 

[AskWazzup]

Quite interesting stuff really. I'm not a Linux specialist and I guess one doesn't necessarily have to be one to use it. I will look into these things as soon as I can, can't guarantee about the switch to Linux quite yet. I do have a laptop that I could possibly turn into a Linux machine but I'll have to look into it.

Oh i'm not recruting anyone, just commenting on the current situation. For basic things like browsing internet, watching videos etc. you don't need any linux knowledge, but getting some drivers, proprietary programs and such to work can sometimes be a hassle (sometimes they work out of the gate, depends). I had a new laptop (which i sold and built a pc instead) with a pretty new model wireless card inside and the linux kernel didn't have the drivers for it inside (the kernel comes with many drivers for graphics cards, wireless cards, ethernet etc.), so i had to compile a few things, add the compiled drivers to the kernel and the thing still didn't work. Later i got it to work when i kind of randomly found out that the "secure boot" option in the bios was blocking any unsigned drivers (the secure boot option in motherboards came from windows). So it's still not entirely noob friendly. For old laptops the major distributions usually work without any need to tinker with anything and my current Manjaro linux pc installation was also pretty hassle free, as i installed the system, steam and downloaded/played a game in less than 30 minutes. This was the first time that an amd gpu worked out of the gate without any need to install drivers (i'm currently on open source ones).

.....
None is safe from the hackers.

Ha, how fast the definition of "highly portable" changes ).

 

[valcik]

Lately I've been wondering about cyber security/computer security and how to go about it in a smart way.

Start with this comprehensive blog! Don't rush, take your time and read all the hints:
https://securityinabox.org/en

 

[MutantScalper]

Start with this comprehensive blog! Don't rush, take your time and read all the hints:
https://securityinabox.org/en

Ok thanks Valcik, I'll check it out.

I installed the Glasswire program that Askwazzup recommended, it's 'cool' but I'm not yet sure if I'm able to use it well enough to detect the potential security threats. Plus I'm not sure what I'm looking for. It seems to be that it's easier to be the 'hacker' then the guy who is responsible for computer security etc. It's possible to 'scan packages' etc. and that way monitor someone's net traffic. So I'm not sure if there's a fool proof solution to this.

 

[Brahmin Noodles]

I would recommend VirusTotal. It's in browser, and you can upload a file for scanning. Within a minute or two it scans the virus with about 50 different anti-virus programs. It's free, too. Only problem is you can only upload files up to 125 MBs. I use it on every file I get off the internet before I open it.

 

[MutantScalper]

Yes, there's also the Tor-browser supposed to make one 'invisible' on the net, also used to browse the 'dark net'. Correct me if I'm wrong, too lazy to google any of this.

 

[AskWazzup]

Yes, there's also the Tor-browser supposed to make one 'invisible' on the net, also used to browse the 'dark net'. Correct me if I'm wrong, too lazy to google any of this.

It has a strange way of potentialy making you a target of various goverment bodies, since the ammount of users in tor is quite low, but the shit they do there is quite high, which attracts attention from the law upholders.