Ok, here is day 3 of Nico’s Security Best Practices…sponsored by Morons Too Ignorant to Remember A Password and Too Smart To Make It Complex. Today inline with the previous postings we are going to target the human element.
HEY! Wake up there is no such thing as a secure environment, that is a FARCE! There is a such thing as a safer environment. If I want to get into your system there is very little you can do in order to protect yourself if I have time and resources. So, why even try to “secure” my environment?
Lets think about our most recent attack group “Anonymous.” Through a decentralized command structure we have found that they have some access to some pretty evasive TTP (tactics, techniques and procedures) and combining various people in different disciplines have been able to leverage a myriad of attacks through abundant resources. The formula is:
Time x Resources + Skill = Success. If I have an abundance of either time or resources and couple this with skill, we will find the attack probability of success to increase. However, lets get to what you really want, tips on how not to be an easy victim.
Today, I want you to Google this. If you have a Microsoft machine its called “Microsoft Baseline Analyzer” and this is a good tool for the machines on windows that allows you to see a lot of threats on your machine. It’s free and you will find most of the holes in your system. I also want you to find some trojans and malware that may be on your system. Google or find MALWARE BYTES and SNITCH these are immensely useful programs with regard to the security of your environment. They both have a trial version which are great and awesome but the paid version is more verbose than the trial.
Ahh and finally password security. I will only say this a “strong” Password is useless if I can identify it by your commonly accessible things, like your kids names, birthdays and pets names, regardless of the use of special characters. If this is you, take your fist and beat your face…lol. Honestly its not smart.
This leads me to the next point on nico’s creepy practices. If you don’t want freaky Jasons calling you then take your real phone number off of your Facebook profile! YES, EVEN IF IT IS HIDDEN! ‘Why Nico, why are you such a secretive person?’ Simply put, BECAUSE people lose phones, people make friends on Facebook to whom they do not know, people let strangers borrow their phones to make calls and or exchange numbers. CRAZY People use BUMP or don’t cut off NFC on their shiny new and old Phone. Crazier people don’t cut off their Bluetooth when they don’t have a bluetooth in use. In short people aren’t safe.
To create a safer computing environment is difficult at first, but with practice, like walking, it will become second nature. If you think that I am just a paranoid person or I don’t know what I’m talking about then disregard me. Whether or not I consider myself a target of opportunity or not is irrelevant, I like my privacy. No, I don’t do random acts of hactivism, but if it is not your business then, why should I divulge anything to you? Regardless of who you are, subordinate or superior, friend or foe, we all should have the opportunity to, at minimum, choose the information that we give, because in this digital age ‘knowledge is power’ and if you don’t believe me ask ENRON, Arthur Anderson and Willie Nelson. VIVA LA Simpleton!!!