free ebooks ==> www.ebook777.com
www.ebook777.com
Finally!AHuman-ReadableGuidetoCybersecurity
free ebooks ==> www.ebook777.com
Congratulationsonpurchasingthisbook!Protectingyourselfonlineiscritically
important,andbyreadingthisbook,youaretakinganimportantsteptokeepyour
personalinformationsecure.Theworldofdigitalsecurityisafascinatingone,andtoday
ismoreimportantthanever.Asyoureadthroughthisbook,youwillgainan
understandingofsomeofthemostfundamentalprinciplesofsecurity,howmanyhacking
schemeswork,andhowyoucanoutsmartthem.
Thisknowledgeisvaluableforanyonewhousesacomputer.Whetheryouuseyour
computerprimarilyforpersonalreasons,oryouareabusinessmanwantingtomakesure
thatimportantcompanyinformationonyourcomputerremainssecure,thisbookcontains
invaluableinformationthatcanhelpyoumaintainprivacy.Itisaconciseexplanationof
securitytopicswritteninplainEnglish,sothatanyonecanunderstandwhatittakesto
keepcomputerssecure.I’llalsoguideyouonwhattodoifyoufindthatyourcomputer
hasalreadybeencompromised.I’vetriedtokeepthisbookasshortandconciseas
possiblesothatitwillbeaseasyaspossibleforyoutosoakupthisinformation.
ThesetipsthatIwillgiveyoucomefromanumberofplaces-manyIhavelearnedfrom
talentedprogrammers,andsomefrommymyownsweatandblood.I’vetriedtoinclude
alotofrealworldexamplesofhackingschemestokeepthisinteresting.ThenI’lltellyou
pro-tipsthatrepairshopsandsecuritypersonnelnormallysellyouforhundredsofdollars.
I’lltellyouhowtogetthesamethingsdoneforfreeoratcomparativelylittlecost,
potentiallysavingyouhundreds.I’llpointyoutofreeprogramsthatworknearlyaswell
ascommercialones.Andforthoseofyouwhoarewillingtoinvestalittlemorein
computersecurity,I’llgiveyoumyprofessionalopiniononthebestcommercial
software.Readthisbook,andyou’llbesavedfromthelegworkofcomparingprograms,
andthentryingtochangewhenyourealizeyoupickedthewrongone.Nomoresearching
Googleandsiftingthroughinternettofindoutwhatyouneed-you’llfinditrighthere.
Byreadingandapplyingtheprinciplesinthisbookcouldsaveyoufromadestructive
hackingattempt.
free ebooks ==> www.ebook777.com
Inadditiontolearningabouthowtoprotectyourcomputer,inthisbookyou’llactually
learnaboutrealprinciplesofsecurity,notjustalistofdosanddon’ts.Thatwillequipyou
tomakesmartchoiceseveninareasthisbookdoesn’tcover.Sometimeswhenwefirst
startlearningaboutsomethingnew,wedon’treallyhaveourbearingsandcangetlost,or
wewasteourtimeonthingsthatdonotreallymatter.It’salsoeasytomissanimportant
area.Intheworldofdigitalsecurity,justoneomissioncanleaveacomputervulnerable.
Inthisbook,I’llgiveyouaholisticviewofhowsecurityworks,sothatyoucanbebest
preparedtomeetthenumberofattacksthatarecomingtoday,andthenewonesdevised
tomorrow.Unfortunately,themorethedigitalworldgrows,themoreincentivehackers
havetobreakintoit.Forthoseofususwhodohonestwork,itisfrustratingthatwehave
todealwiththisproblem.Thatsaid,theconsequencesofnotdoingsocanbe
catastrophic.Byreadingandimplementingthesecuritymeasuresinthisbook,youwillbe
providingyourselfwithafirstlineofdefensethatcouldbethedifferencebetween
productivecomputing,andanincrediblydestructivesecuritybreach.
Asafinalnote,whilethisbookisdesignedtobeahelptoyouinimplementingdigital
security,pleasebeawarethatitisimpossibletocovereveryattack.Newonesare
inventedeveryday.Evenifyoufolloweverytipwritteninthisbook,thereinvariablywill
beotherattacksandvirusesouttherethatcancauseproblems.Itisimpossibletocoverall
aspectsofsecurityinonebook.Thatsaid,thisbookcontainsvaluableinformationthat
willgetyouontherighttrack.Sowithoutfurtherado,letsgetstarted.
Sector1-UniversalPrinciplesofSecurity
A.Encryption.
In2014,HomeDepotannouncedthattherehadbeenamajorbreachoftheirsecurity
systemsinwhichmany,manycreditcardswerestolenfromtheirsystems.TheWall
StreetJournal,56millioncreditcardnumberswerestolen.Criminalshadsnuckin
throughasmallloopholeintheirsecuritysystems,andquicklybegantheircovertthievery.
Theybasicallydevisedasystemwheretheycouldinterceptthecreditcardnumbersof
www.ebook777.com
peoplewhoswipedtheircardsinthestore.Asdatawassentfromthecreditcardreaders
free ebooks ==> www.ebook777.com
towhereitwasstoredandprocessed,thehackerslistenedinonthewiresandintercepted
it.IfHomeDepothadbeenusingthetechnologythatIamabouttoshowyou,theywould
havebeensafefromharm.Asitis,however,theydidnot,andmassivedamageensued.
Attheendofthissection,I’llshowyouabitofareportontheirwebsitewhichdiscusses
howtheyimplementedthiscriticalsecuritytechnologycalledencryption.
Encryptionisinmanywaysthebackboneofanysecuresystem.Basically,itisasystemof
scramblingthecontentsofamessagesothatnobodycantellwhatitsaysunlesstheyhave
therightpassword.Thewholepointofitistoenablepeopletotransmitconfidential
informationthroughaninsecureroute.Here’sanexampleofhowsimpleencryption
mightwork:
IfIwanttodisguisetheword“cat”withextremelybasicencryption,Icouldchangeevery
letterinthewordtothenextoneinthealphabet-so“c”becomes“d”,“a”becomes“b”,
and“t”becomes“u”.Theresulting“encrypted”formoftheword“cat”wouldbe“dbu”.
Icoulddothesametoawholesentenceandgetaresultthatlookscompletelydifferent
thantheoriginal.Ifsomeoneweretolookatoursentencewithoutfirstundoingthe
encryption,itwouldhaveabsolutelynomeaning.Ofcourse,thisencryptionalgorithm
wouldn’tbeverydifficultforanyonetounravel,sofarmorecomplexoneshavebeen
devised.
Inencryptionformulascreatedtoday,therearetwoparts-theformula,calledthecipher,
andasecretpasswordcalledthekey.Intheexampleabove,wecouldchangeitupsothat
insteadofreplacingeachletterwiththeoneafteritinthealphabet,wewouldreplaceeach
letterwiththethirdletterafterit.Wecouldreplaceitwiththetenthletterafterit(and
wraparoundbackto“a”forlettersneartheendofthealphabet).Inthisexample,the
encryptionformulawouldbequitesimple:
Replaceeachletterwiththe__letterfollowingitinthealphabet.
Inourfirstexample,weputthenumber1intheblank,sothateachletterwouldbe
replacedbytheonefollowingitinthealphabet.Wecould,ofcourse,changeitto
free ebooks ==> www.ebook777.com
whateverwewish,andthusslightlymodifyhowourmessageisencrypted.
Inreal-lifeencryption,thekeyisequivalenttotheblankinourencryptionformulaabove.
Byinsertingadifferentnumberintotheformula,wecanalterhowthemessageis
scrambled.Inthesameway,modernencryptionalgorithmskeepmessagessecretbyusing
aspecialkeytoalterhowthemessageisscrambled,tothepointthatonlythepersonwith
thekeywillbeabletounscramblethemessage.
Usuallytheseformulastoscrambleandunscramblethemessagearefreelyavailableso
thatanyonecanusethemprotecttheirinformation.Thekey,however,isalwayskept
secret.Aslongasthatsecretcodeisprotected,themessageissafe,anditisvirtually
impossibletounscramblethemessage.Infact,manyofthealgorithmsusedtodayareso
securethattodaythemostpowerfulsupercomputersonearthcouldn’tdecodethe
scrambledmessage,evenifgiventhousandsofyears.
Theuseforsuchasystemisprettyclear-youcansendasensitivemessagethroughan
insecureroute,confidentthatifanyoneweretointerceptittheystillwouldnotbeableto
findoutthecontentsofyourmessage.Thisisparticularlyusefulinonlinetransactions,
wheresensitivedataiscommonlysentacrosstheinternet.Let’ssayforexample,youare
buyingthisbookfromAmazonwithyourcreditcard(andofcoursethatyoudon’thaveit
saved).Whenyouenteryourcreditcardnumberandclickthe“Buy”button,your
computersendsyourcreditcardnumberthroughyourinternetconnectiontoyourinternet
serviceprovider(likeAT&T,Verizon,yourcablecompany,etc.)Thenyourinternet
serviceprovidersendsyourcreditcardnumbermanymiles,possiblyhundredsofmilesto
Amazon’sinternetserviceprovider,andthentoAmazon’sowncomputers.Oncethey
havethecard,theyhavetosendthenumbertoyourcreditcardprovider(likeVisaor
MasterCard)andmakethecharge.Inoneonlinetransaction,yourcreditcardmaybesent
hundreds,oreventhousandsofmiles.
Sendingyourcreditcardnumbermanymilesacrossinternetwiresisdangerous.Asthe
distanceamessageissentincreases,thechancesofitgettinginterceptedlikelyincreaseas
well.Ifyourmessagewasnotencryptedatall,someonecouldhookintoyourinternet
wiresorwificonnectionandseeeverythingthatyouweredoing.Theycouldseeintercept
andcopyeverythingyousenttoAmazon,includingyourcreditcardinformation.Ifthey
www.ebook777.com
wereclever,theywouldlisteninrightoutsideofAmazon’slocation,andinterceptallthe
free ebooks ==> www.ebook777.com
connectionsAmazonhadwiththeircustomersandstealeverysinglecreditcardnumber!
Obviouslythatwouldbeahuge,hugeproblem,thatwouldmakeonlineshoppingutterly
infeasible.Byencryptingthecreditcardnumber,however,companiesensurethatnoone
buttheintendedrecipientcanreadthem.
Thewaythisisimplementedinreallifeisbrilliant,butalsonearlyinvisibletotheend
user.Yourwebbrowseralmostalwaystakescareofitbehindthescenes.Occasionally
somethinggoeswrongintheencryptionprocess,however,andwhenitdoes,youneedto
knowwhattodo.I’llgooverthatinaminute.RightnowI’mgoingtoexplainingreater
detailwhatyourbrowserisdoingunderthehood.Knowingthiswillbetterequipyouto
understandwhatcangowrong.Iwillwarnyou,however,thatthiswillgetabittechnical;
sinceitsnotabsolutelyessentialtokeepingsecure,itsanoksectiontoskip.Ifyoucan
readit,though,youmayfinditquiteinteresting.
Totransferinformationsecurelyovertheinternet,boththesendingcomputerandthe
receivingcomputerneedtoknowthesamesecretkey.Onecomputercouldcomeupwith
arandomlygeneratedkey,andsendittotheother,thenfortherestofthetime,theycould
communicatesecurelyusingthesecretkeytheybothshare.Buthowcanthatkeybe
securelyexchanged?
Onecouldmeetinpersonwiththepartyinquestion,oronecouldevenspeakoverthe
phoneandcommunicatethesecretkey.Clearlyifoneweretosimplysendthekeyand
thenthemessagerightafterit,thesecurityofthemessagewouldbecompromised.IfI
sendAmazonthekeytodecryptmycreditcardinformation,andthenimmediatelysend
theencryptedinformationrightafterthat,anyonelisteningincouldjustinterceptthe
encryptionkeyandthenpromptlydecryptmysensitiveinformation.
Sohowcanwesecurelyexchangethesecretcode?Theanswerliesinageniusencryption
formulathatallowssecureone-waytransmissionofdatawithoutfirstsharingakey.
Unlikeastandardencryptionformulathatusesonesecretkeytobothscrambleand
unscramblethemessage,thistypeofencryptionusestwodifferentkeys,onetoscramble
themessage,andtheothertounscrambleit.Itisspecificallydesignedsothatthekeyused
free ebooks ==> www.ebook777.com
toscramblethemessage,calledthepublickey,isuselessforunscramblingthemessage.
Onlytheprivatekey,asitiscalled,candecryptthemessageandrevealitscontents.
Here’showthisplaysoutinanexamplescenario.
Amazongeneratesaprivateandpublickeypair,andsendstheirpublickeytoanyonewho
visitstheirsite,buttheykeeptheprivatekeyhighlysecure.Whenyouvisittheirsite,
yourcomputergeneratesanotherkey(unrelatedtoAmazon’skeys),encryptsthiskeywith
Amazon’spublickey,andsendsittoAmazon.Amazondecryptsthekeythatyour
computergenerated,andfortherestofthetimeyouareconnected,yourcomputersusethe
keyyourcomputergeneratedtokeepyourmessagessecure.
1. Amazonsendsyoutheirpublickey
2. Yourcomputergeneratesanothercompletelyunrelatedkey
3. YourcomputerencryptsthenewkeywithAmazon’spublickeyandsendsitbackto
Amazon
4. Amazondecryptsitusingtheirprivatekey.Nowbothsideshavethesamekey
5. YourcomputerandAmazonencryptallinformationwiththekeythatyour
computergenerated.Amazon’spublicandprivatekeysarenolongerused.
Hopefullythatmakessense.Ifnot,noworries,tryreadingitagainlateranditwilllikely
makemoresenseafteryourbrainhassometimetoprocessit.Themainthingto
rememberisthatencryptionisjustawayofscramblingamessagesothatnobodybutthe
personwiththepasswordcanreadit.HomeDepotpostedthefollowingastheirsolution
tothecreditcardscam:
ThecompanyhasimplementedenhancedencryptionofpaymentdatainallU.S.
stores.Thenewsecurityprotectionlocksdownpaymentcarddata,takingraw
paymentcardinformationandscramblingittomakeitunreadableandvirtually
uselesstohackers.HomeDepot’sencryptiontechnology,providedbyVoltage
Security,Inc.,hasbeentestedandvalidatedbytwoindependentITsecurityfirms.
Youcanreadthefullarticleat:
www.ebook777.com
/>
free ebooks ==> www.ebook777.com
FromwhatIcantell,theywereusingencryptionanytimeacreditcardlefttheirinternal
network.Amazingly,thehackersfoundawaytobreakintotheirinternalnetworkwhere
creditscardswerenotencrypted.HomeDepothadtostepuptheirsecuritymeasures,
encryptingthecardsimmediatelyafterpeopleswipedtheminthestore.
Nowthatyouknowhowonlineencryptionworks,here’showyoucanrecognizeifyour
connectionisencrypted.Inmostbrowserstoday,thereisalittlelockintheurlbarthat
showsthatyoursiteisencrypted.Here’swhatitlookslikeinInternetExplorer11,
Chrome,andFirefox:
Chrome:
InternetExplorer
Firefox
Ifyouclickonthelock,youcanseemoreinformationaboutthetypeofencryptionused.
HereiswhatitlookedlikewhenIvisiteddocs.google.cominGoogleChrome.
free ebooks ==> www.ebook777.com
Thetexttotherightofthefirstgreenlockiconstatesthattheidentityofthesitehasbeen
verified.I’llgooverhowthatworkslateron.Fornow,Iwanttofocusonhowencryption
works.
Ifyoulookatthetextnexttothesecondgreenlock,you’llnoticethatinthisinstancethe
connectionissecuredwitha256bitencryption.Usuallyencryptiontodayiseither128bit
or256bit.Allthatreferstoisthelengthofthesecretkeyusedtoencryptyour
connection.Alonger256bitkeyismoresecurethanashorter128bitkey.Thelongerthe
key,themorecomplextheencryptionis,andthemoredifficultitistoundo.Asoftoday
botharesufficientlylongtobeconsideredsecure.
Thenextiteminthesecurityinformationboxisthenameoftheprotocolthatgovernshow
theconnectionisinitiatedandencrypted.Itsays“TheconnectionusesTLS1.2.”Here,
thenameoftheprotocolusedisTLS1.2.RightnowTLS1.2iswidelybelievedtobethe
mostsecuremainstreamprotocolfortransmittinginformationinawebbrowser.TLS1.1
andTLS1.0areolderversionsthatarelesssecure.Another,oldermethodofencryption
isSSL3.0.BothTLS1.0andSSL3.0havewidelyknownvulnerabilitiesthatmakethem
www.ebook777.com
easiertobreakinto.Ifyouareusingasitewithveryimportantinformation,likeabanking
free ebooks ==> www.ebook777.com
orinvestingsite,youshouldthinktwicebeforeyouenteryourinformationifthe
connectionisnotusingTLS1.2,oratleast1.1.Itmayjustbethattheyhavenotupdated
theirsoftware,butforfinancialinstitutions,thisisunlikely.Ifyouseeabankwebsite
withaTLS1.0connection,yourbrowsermaybeoutofdate.Ifyouhaveanup-to-date
browser,itispossiblethatthereisathirdpartyhackerinterferingwiththeconnection,
causingtheconnectiontobegovernedbyalesssecureprotocol.
Thenextitemintheliststatestheactualencryptionalgorithmusedtosecuremessages
transmitted.TheTLSprotocolsimplygovernshowtheconnectionisformed,notwhat
specificalgorithmisusedtoencryptmessages.Computerstodaysupportanumberof
differentencryptionalgorithms(calledciphers),andanyofanumberofthemcanbe
used.TheTLSprotocoldetermineshowyourbrowserandthesiteyouareaccessingwill
decideonacipher.Notallcomputershavethesameciphers,andtheymustfindonethat
bothhaveincommon.Inthiscase,thecipherusedisCHACHA20_POLY1305,whichis
consideredasecureencryptionalgorithm.Herearetheotherciphersthatarecommonly
consideredsecurewhenusedwitheitherTLS1.1or1.2.
-AESciphers
-Cameliaciphers
-Seedciphers
Thatcoversthebasicsofsecureconnectionstoawebsite.Generallyspeaking,
connectionswithTLS1.2willbeconsideredthemostsecure.IfthesitedoesnotuseTLS
1.2,yourbrowserwillstillconnectasusualandtellyouthatyouhaveasecure
connection.Nowthatyouknowmoreaboutencryption,however,youhavethetoolsto
determineifasiteisusingthelatest,mostsecureprotocol,oranolderlesssecureone.
ThisisapictureofthesecurityprofileforastocktradingcompanyIfoundwhenwriting
thisbook.NotethatitusesTLS1.0,aprotocolwithknownsecurityholes.(DisclaimerTradeStationmayhaveupdatedtheirsitesincethewritingofthisbook.Pleasecheck
theretoseethestatus)
free ebooks ==> www.ebook777.com
Thenextitemthesecuritypopupisthekey
exchangemechanism.Asdiscussedearlier,all
communicationbetweenthetwocomputersneeds
tobeencryptedwithasecurealgorithmandkey.
Bothsidesneedtohavethesamekey.One
computergeneratesthekey,andsendsittothe
other.Thekeyexchangemechanismdescribes
howthekeyissecurelytransmittedonceithas
beengenerated.Icoveredhowthisworks
conceptuallyearlier,butthereareanumberof
differentwaysthiscanbeimplemented.My
browserhereistellingmeexactlywhat
implementationisbeingused.Ifyouareusing
TLS1.2,yourbrowsershouldtakecareof
choosingasecurekeyexchangemechanism.
Inadditiontomakingsurethatyouhavegoodencryptionwhenvisitingawebsite,your
browseralsoneedstoverifythatyouareactuallyconnectingtothesiteyouwantto
connectto.Digitalcryptographyisusedtoverifyidentityonline.Usingpublicand
privatekeycryptography,theidentityofaremoteservercanbeverifiedwithatrusted
thirdparty.We’llgooverhowthisworksinalatersectiononphishing.
ItisworthnotingthatifyouseeayellowtriangleoverthelockinChrome,itmeansthat
onlypartofthepageissecured.Oftentimeswebpagesaresplitupintodifferentparts
andeachpartisloadedseparately.Ifoneofthosepartsisnotbeingloadedoveran
encryptedconnection,yourbrowsershouldalertyou.Ifthisishappening,itreallyisa
securityrisk.Ifalltheinformationisnotencrypted,itismucheasierforsomeoneto
injectmaliciouscodeintothesite.Ifyouareaccessingasensitivesiteandreceivea
warningthatpartofthepageisnotencrypted,thenyoushouldproceedwithcaution.Ifit
isasitewithimportantinformationlikeabankaccount,itwouldnotbeunwisetocontact
themaboutit.Ifthepagedoesnotcontainsensitiveinformation,however,itshouldn’tbe
www.ebook777.com
aproblem
free ebooks ==> www.ebook777.com
Beforewrappingupthissection,Iwanttoaddressanimportanttopic,andthatistheneed
tokeepyourbrowseruptodate.Thinkaboutthis:ifTLS1.2wasdevelopedtofix
securityholesTLS1.1,whichwasdevelopedtofixsecurityholesinTLS1.0,whichwas
developedtoreplaceanolder,lesssecuretechnology,youmightbegintowonderabout
thesecurityofTLS1.2itself.WhenwillTLS1.2befoundinsecure?Thatisanexcellent
question,andtherightone.Astimepasses,peoplefindholesinstandardsecurity
protocolsthatneedtobeaddressed.Softwaredevelopersrespondtothesethreatsby
updatingtheirprogramswiththelatestsecurityfeatures.Tokeepyourcomputerassecure
aspossible,youshouldalwayskeepyoursoftwareuptodate.
Intherealmofonlinesecurity,thisisespeciallyimportant.Forexample,Internet
Explorer8doesnotsupportTLS1.1or1.2.InternetExplorer9and10bothsupportit,
butdonothaveitenabledbydefault.OnlyInternetExplorer11doesenableitbydefault.
Inthiscase,byusinganolderversionofInternetExplorer,youareputtingyoursystemat
needlessrisk.ForotherbrowserslikeFirefoxandChrome,updatesareinstalled
automatically,whichmeansthatunlessyoualterthesettings,yourbrowsershouldbeup
todate.IfyouhaveanolderversionofFirefox,youmayneedtoupdateitmanually,
however,asolderversionsofFirefoxdonotautomaticallyupdate.
B.ProtectingFilesonYourPersonalComputerWithEncryption
Keepingfilessafeonyourcomputerinvolvesthesametechnologythatisusedtokeep
yourinformationsafewhilebeingsentacrosstheinternet.Youprobablyhaveapassword
onyourcomputer,andyoumaythinkthatsuchaprecautionisenoughtosecureyourfiles.
Unfortunatelyitsnotquitethateasy.IfIhadphysicalaccesstoyourcomputer,Icould
probablybreakinandreadallyourfilesinamatterofminutes(assuming,ofcourse,thatI
hadyourpermissiontodoso).Yourpasswordisagoodtoolforkeepingbenevolentusers
fromadministrativecontrolonyourmachine,butunlessyouhaveanewcomputerwith
Windows8.1,yourfileswillbeunprotectedfromanyonewhoreallywantyour
free ebooks ==> www.ebook777.com
information.
Thereasonisbecausebydefault,yourfilesarestoredunencryptedonyourharddrive.A
hackercouldeasilypluginaflashdrivewithLinuxonit,andstartyourcomputerup
usingacompletelydifferentoperatingsystem.TheycancompletelybypasstheWindows
useraccountsystemaltogether,andaccessalltheinformationontheharddrive.Ifyour
computerisstolen,yourinformationislikelyunprotectedandcouldbeaccessedby
anyonewithmoderatetechnicalknowledge.Ifyouhavealaptopwithimportant
informationonit,orhaveanyreasontobelievethatitmightbestolen,youshould
seriouslyconsiderencryptingtheinformationonyourharddrivetoprotectit.
We’llgooverrealstepsastohowyoucanencryptyourinformationonyourcomputerso
thatevenifitisstolen,nobodycangetyourpersonalinformation.I’llshowyouwhatI
thinkisthebestfreeprogramforencryption.Ifyoupreferapremiumproduct,I’ll
recommendonetoyouaswell.Ifyoudon’twanttoencryptyourcomputeratall,orare
notinterestedrightnow,feelfreetojustskiptherestofthissection,andwe’llseeyouat
thebeginningofthenext.whatisthenextsection?
Beforeencryptingyourcomputer,youneedtorememberonething-ifyouforgetyour
password,anddon’thaveitsavedanywhereelse,yourfilesarelostpermanently.The
wholepointofencryptionistolockoutanyonewithoutthepassword.Ifyouloseit,your
fileswon’trememberyouandwillbelostforever.Forthatreason,youMUSTbackup
yourencryptionkeyandstoremultiplecopiesofitinsafeplaces.
AnewWindows8.1PCofferstheeasiestwaytoencryptyourfiles,soI’llcoverthiscase
first.AllyouhavetodoissigninwithaMicrosoftaccountwithadministratorrightsto
yourmachine,andyourcomputerwillautomaticallyencryptyourfiles!Prettyeasy,
right?Microsoftseemstohaverecognizedthesecurityholeintheirsetup,andhasdone
somethingtoimprovethesecurityofyourmachine.Forthoseofyouwhohaveanew
Windows8.1computer,youraccountissafe,aslongasyouloginwithaMicrosoftonline
account.ItisimportanttonotethatifyoulogintoyourcomputerwithalocalWindows
accountinsteadofanonlineMicrosoftaccount,encryptionwillnottakeplace.Thereason
forthisissothatMicrosoftcanbackupyourencryptionkeyonlinesoyouarenotlocked
www.ebook777.com
outpermanently.Ifyouforgetyourpasswordonyourcomputer,youcanresetitthrough
theironlineservice. free ebooks ==> www.ebook777.com
IfyouupgradedtoWindows8.1,theencryptionmaynotwork,becauseitrequirescertain
hardwarethatmanycomputersdon’tcurrentlyhave.Ifyourcomputerhasbeenaround
forafewyears,itlikelydoesnothavetherighthardware.IfyouupgradedtoWindows
8.1andwanttoenableencryption,I’llpointyoutoMicrosoft’sguideatthelinkbelow:
/>
ForthosenotusinganewWindows8.1computer(mostofus),thereareanumberof
programsouttherethatdothesamething,andwell.Justremembertokeepyour
encryptionkeyinasecureplace.
ForWindowsUserswhohaveaProfessionalorEnterpriseedition,youhaveabuiltin
utilitycalledBitLocker.Ifyoudon’thaveBitLocker,you’llneedtoupgradetoapro
versionoftheoperatingsystemyouareusing,oruseanotherfreewareprogramI’llcover
later.TouseBitLocker,searchforBitLockerfromthestartmenu,andyoushouldsee
somethinglike“ManageBitLocker”.Whenyouclickonthat,you’llbetakentothe
BitLockerpageintheControlPanel.Fromthereyoucaneasilyenableencryptionby
clickingonthetexttoturnonBitLocker,andfollowingthestepsinthewizardthat
appears.BitLockerwillallowyoutoencryptyourwholedrive,evenifyourprocessor
doesnotsupporttheencryptionthatcomeswithnewWindows8.1PCs.
IfyouhaveaMac,thereisabuiltinutilitycalledFileVaultthatyoucanusetoencrypt
yourdata.Justgotosystempreferences=>FileVault.Thereyoucanselectwhatfolders
youwantencrypted.Someusersmaywanttheirwholedriveencrypted.Oftentimes,
however,youreallyjustneedyourimportantdocumentsencrypted.TheMaccomputer
givesyouthebuilt-inabilitytoeasilyencryptyourcomputer,noneedforanyupgrade.
Appledoesn’tbackupyourkey,somakesuretostoreyourkeyinmultipleotherplacesso
youwon’tforgetit.
free ebooks ==> www.ebook777.com
ForWindowsuserslookingforafreeprogram,themostpromisingoneIhavefoundis
calledDiskCryptor.DiskCryptoroffersencryptionfortheentireharddrive,isfree,andis
opensource.
Opensourcemeansthatthedeveloperoftheprogramhasmadeallthecodeusedtocreate
aprogramfreelyavailabletothepublic.Mostcommercialsoftwarecontainslicense
agreementsthatstrictlyprohibitanyonefromeventryingtoseehowtheprogramwas
made.Opensourcesoftwareisjusttheopposite-anyoneandeveryonecanlookatjust
howtheprogramwasmade,andeventweakapersonalcopyofitiftheyknowwhatthey
aredoing.
OpensourcecryptographyprogramslikeDiskCryptoraresaidtobemoresecurethan
proprietaryonesbecauseanyprogrammercanlookathowtheprogramwaswrittento
verifythatitissecure.Somepeoplehaveconcernsthatthegovernmentscouldcompel
companiestoimplementsecretweaknessesinencryptionsothattheycanaccessthe
encryptedfiles.Whetherthisoccursornotisnotintherealmofthisbooktodiscuss.The
mainpointisjustthatsomepeopleconsideropensourceprogramsmoresecurethan
closedsourceones,andthusoptforopensourceprogramslikeDiskCryptor.Hereare
linkstothehomepageanddownloads:
/> />
SettingupDiskCryptorissignificantlyharderthansettingupBitLocker,sounlessyouare
prettyfamiliarwithcomputers,IwouldrecommendyougowithstandardBitLocker
encryption.Itisfasterandeasier,andifthereareanysecurityholesinit,nonehavebeen
discoveredyet,asfarasIcantell.
Asthissectiononencryptioncomestoaclose,Iwanttoremindyouofafewthings
regardingthesecurityofyourdata.First,remembertochooseagood,strongpassword.
Nomatterhowamazingyourencryptionprogramis,ifyouhaveapoorpassword,
someonewithapowerfulcomputercantestmillionsofdifferentpasswordspersecond,
www.ebook777.com
andmaybeabletofindyoursina“bruteforce”hackingattempt.Remembertokeepyour
free ebooks ==> www.ebook777.com
browseruptodatetoo.Andlastly,Iwanttoremindyouonceagaintoalwaysbackup
yourencryptionkeyorpassword.Ifyouloseit,yourfilesareirrevocablylost.
C.PhysicalSecurity
Sometimesitseasytoforgetthateverythinginthedigitalworld,or“thecloud”,asthey
say,isactuallyman-madehardware,andisjustassusceptibletophysicaltheftasanything
else.Peopleoftenthinkthattheinternetissomethingthatjustmysteriouslyexists“in
cyberspace”.Therealityis,howeverthat“cyberspace”isnothingmorethanabunchof
computersandwiresthatconnectthemtogether.Really,that’sallthatcyberspaceis.
Therearenoghosts,noetherealclouds.Therearejustcomputersandwires.Thereare
bigcomputersandsmallcomputers,shortwiresandlong.Copperwiresandfiberoptic
cables.Butthat’sreallyalltheinternetis.
WhenyoustoreinformationinanonlinestorageservicelikeDropBox,oriCloud,you’re
actuallysendingittoamassivewarehousefilledwithcomputers,calledaserverfarm.
Whensomeonesendsanemailtoyouremailaccount,itisalsostoredinaserverfarm
somewhere.Whetheremailorabackupfromyourcomputer,yourdataissavedtooneor
morecomputersintheserverfarm.Wheneveryouwantitback,thatcomputerwill
retrieveyourdata,andsenditacrosstheinternettoyourcomputer.Thecomputersin
serverfarmsstayon24/7soyoucanaccessyourdatawheneveryouwant,andtheyhave
internetconnectionsthatgounbelievablyfastsotheycansendandreceivedatafrom
millionsofpeopleatonce.
Googlehasputtogetheraprettycoolwebsiteshowinghowtheirserverfarmswork.Ithas
alotofcoolpicturesandexplainssomeofthetechnologyrequiredtobuildit.Ifyouhave
thetime,Iwouldencourageyoutotakealook:
/>Thisaggregationofdigitalinformationispotentiallyverydangerous.Theseserverfarms
containimportantinformationbelongingtocountlesspeople.Asinglecomputercould
containtheemailsorpersonalfilesofhundreds,oreventhousandsofpeople,orcould
free ebooks ==> www.ebook777.com
containlistsofpersonalinformationbelongingtomillions.Ifahackergetsaholdofsuch
informationunencrypted,hecanquicklysiftthroughthefilesusingautomatedsoftware,
searchforpasswordsandothersensitiveinformation,anddependingonwhathefinds,
wreakhavoconthelivesofthepeoplewhoseinformationisstoredtherein.
Asyoucansee,“thecloud”whichisinmanywaysthefutureofcomputing,comeswith
seriousrisk.Toensuresafety,techcompanieslikeAppleandGoogleusuallyhave24/7
securityguardsandstrongwallstoprotecttheirfacilities.Theyalsoencrypttheirdataas
well,sothatifanycomputersarestolen,sensitiveinformationisnotcompromised.
Usuallytheyhavebackupsofinformationstoredindifferentdatacenters,souserscanstill
accesstheirdata.Ifjustonecopyisstolen,however,theconsumerdataiscompromised.
Inyoursituation,youarenotlikelytobehiringaguardtowatchyourcomputer24/7.
Thatsaid,peoplereallydophysicallystealcomputerstogetthedatastoredinthem,and
youneedtotakeprecautionstopreventdatafromgettingintothewronghands.Iwasa
partofanonprofitorganization,yearsago,whosecomputerwasstolen.Myguessisthat
thecriminalsweretryingtoaccesspersonaldatafromthemembersoftheorganization.
Theywerelikelyhopingtofindimportantinformationthatcanbeusedtobreakintobank
accountsandsuch,likesocialsecuritynumbers,datesofbirth,andotherpersonally
identifiableinformation.Fortunately,onlycontactinformationwasstoredonthe
computer,andnoworseharmoccurred.
Whenconsideringyouroverallsecuritystrategy,don’tforgetthatsomeonebreakingin
andstealingacomputer,especiallyatwork,isarealsecurityconcern.Systemadmins,
andanyoneelsewhostoressensitivedatamustbecarefultokeepcriticalsystemslocked
behinddoors,orsensitivedatacouldbecompromised.Ifyourunorworkatasmall
companyororganization,developingastrategytokeepyourcomputerssafeisavery
gooduseoftime.
D.ManagingUserPermissions
ThisisaconceptthatIthinkmostpeoplealreadyunderstand.Allitreallymeansis
managingwhocandowhatonyourcomputer.Computerstodaycomewithabuilt-inset
ofaccesscontrolsthatallowcertainuserstodocertainthings.Justlikeitsimportantto
giveoutinformationonlyonaneed-to-knowbasis,it’scriticalthatindigitalsecurity,
permissionsonthecomputeraregivenoutonaneed-to-usebasis.Besmartabouthow
www.ebook777.com
yougiveoutaccesstopeopleinyourcompany.Don’tgiveanyoneyoudonottrustaccess
free ebooks ==> www.ebook777.com
tothingstheydon’tneed.Evenifyoudotrustthem,itsstillprobablybetternottogive
themaccess.Why?First,becausenomatterwhotheyare,theymaydealwithyourdata
maliciously.Second,eventhoughtheymayhaveabsolutelygoodintentions,theymaynot
havetheskillorknowledgetodealwithitinasecureway.Theycouldaccidentally
damageyourinformation,orevencompromiseyoursystem.I’veseenithappenbefore
whereaninexperiencedpersonwasgivenadministratoraccesstoasystemand
accidentallydownloadedapieceofmalwareonanorganization’scomputer.Theperson
maynotbetryingtosharecompanysecrets,buttheymayaccidentallyloseastickynote
withtheirusernameandpassword.Iftheiraccountgetshackedandtheyhave
administratorpermissions,youcouldbeinseriousdanger.
Ingeneral,byrestrictingaccesstoanythingthatcouldbeuseddestructivelytoaneed-tohave-accessbasisiswise.Computerprogrammerstakethistoheart,restrictingnotonly
howpeople,buthowprogramscanaccesssensitiveinformation.Forexample,security
measuresareusedtotrytopreventanyunauthorizedprogramsfromrunningonyour
computer.IfyouhaveWindows7or8,youareprobablyfamiliarwiththesomewhat
annoyingalertsthatWindowssetsoffwhenyoutrytoinstallsoftware.Thereasonfor
thosealertsisbecauseWindowslimitstheabilitiesthattheinstallerhasonyourcomputer
sothatitcan’tinstallanythingyoudonotpermit.Itactuallyconsidersthatinstallera
different“user”ofthecomputer,andrequiresyou,theadministratortoauthorizethe
programtoinstall.ByrequiringyoutoexplicitlyOKtheinstallationofprograms,
Microsoftistryingtoprotectyoufrommalwareandotherprogramsthatyoudon’twant
installedonyourcomputer.
Implementingasecureuseraccesspolicyisprettyeasyontoday’scomputers.Thereare
almostalwaystwomaingroups-standardusersandadministrators.Sometimesthereare
otheraccounttypeslikeguestaccounts,andsometimesyoucandefineyourownaccount
types.Standardandadministratoraccountsarereallytheonlytwoyouneedforday-todaypurposes.
Asthenameimplies,administratoraccountshavetheabilitytoadministerthesystemtheycanaddandremoveprograms,changesystemfiles,orwhateverelsetheylike.Users
free ebooks ==> www.ebook777.com
withstandardaccountscanrunprogramsonthecomputerasnormal,buttheygenerally
can’tinstallprogramsorchangeimportantsystemfiles.Ifyouhavesomeoneusingyour
computer,sayanotherpersoninthefamilywhojustusesthecomputertobrowsetheweb,
theydon’tneedadministrativerights.Iftheyhaveadministrativerights,butdon’tknow
aboutsecurity,theycanunknowinglyinstallprogramsonyourcomputerthatmight
containmalware.
Itcanalsobeagoodideaforyoutohavetwodifferentaccountsforyourselfonyour
computer-anadministrativeaccountandastandardaccount.Ifyouareusingthe
standardaccountanddownloadapieceofmalwareonyourcomputer,itislesslikelyto
actuallyinfectyourcomputer.Becausestandardaccountscan’tinstallmostsoftwareor
changesystemfiles,malwarethatmaybetryingtoinstallitselfwilllikelybeblockedas
well.
Oneexcellentexampleofcriticalsystemfilesthatneedprotectionarestartupfiles.
Maliciousprogrammersusuallywanttheirvirusestorunautomaticallyatstartup.They
wanttheirprogramsandspywaretoberunningeverytimeyouturnyourcomputeron.If
youaccidentallyrunsomemalicioussoftwarewhileloggedintoanadministrative
account,apieceofmalwarecaneasilyinjectitselfintoyourstartupfiles.Ifyouruniton
astandardaccount,however,theprogramwillhavemoredifficultygettingintothose
importantstartupfiles.
Oneotherimportantaspectofuserpermissionsisthatstandardaccountsdonothave
accesstomostfilescreatedbyanotheruser.Thisisimportantbecauseitkeepsstandard
usersfromaccidentallyormaliciouslydeletingfilesonacomputer.Ifyourkidsusethe
samecomputeryoudo,itsprobablyagoodideatogivethemadifferent,standarduser
accountsotheycan’taccidentallydeleteyourfiles.
TochangeuserpermissionsonaWindowscomputer,justsearchfor“UserAccounts”at
thestartmenu,andyoushouldseesomethingwiththatnameandapictureoftwopeople.
Ifthatdoesn’twork,orifyouarestillrunningWindowsXP,gotostart=>controlpanel,
andthenclickonuseraccounts.Here’swhatitlookslikeinWindows8.1:
www.ebook777.com
free ebooks ==> www.ebook777.com
Fromthereyoucanmanagetheaccountsonyourcomputer.Asyoucansee,itoffersyou
theoptionofchangingyouraccounttype,orifyouclick“Manageanotheraccount”,you
canseealltheaccountsonthecomputer.Whenyouclickonanyofthem,you’llseethe
optiontochangetheuseraccounttype.Thereyoucanswitchusersfromadministratorto
standardpermissionsandvisaversa.IfyouhaveadifferentversionofWindows,itmay
lookabitdifferent,butthesamebasicfunctionalityisthere.
OnaMac,clicktheAppleiconinthetopleftofthescreen,thenselectsystem
preferences,thenchooseUsers&Groups.Fromthereyoucaneasilychangeandmanage
userpermissions.
Bylimitingadministratoraccesstoyourcomputer,youareprotectingyoursystemfrom
beingdamagedbyanunthinkinguser.Byusingastandardaccountonaday-to-daybasis,
youarefurtherprotectingyourcomputerfromunintendedharm.Andbyrestricting
peoplewhomaynothavethebestinterestsofyourcompanyatheart,youcanprevent
themfromdestroyingimportantfilesorinstallingdangerousmalware.
E.LoginSecurity:HowtoKeepHackersOutofYourAccounts
Keepingloginsconfidentialisacriticalaspectofcomputersecurity.Ifyoudon’thavea
goodstrategyforkeepingpeopleoutofyouronlineaccounts,hackerscanstealpasswords
free ebooks ==> www.ebook777.com
andbreakinmuchmoreeasily.Inthissection,I’llfirstgooverhowandwhyyoushould
chooseagoodpassword,thentalkaboutotherimportantwaystomaintainsecurelogins.
Sohowdoyouchooseagoodpassword?Wellfirst,it’sprobablybetterifyouknowwhat
threatyouareupagainst.Thegreatertheabilityofthehacker,themorecomplexyour
passwordneedstobetoavoidahack.Tocrackpasswords,hackersusepowerful
computersthatcantestsometimesbillionsofpasswordspersecond.Becausetheygo
throughahugenumberofrecordspersecond,commonpasswordswillbeeasilyguessed.
Tomakeastrongpassword,don’tuseanycombinationofwordsinthedictionary.
Hackershavetheirowndictionariesofpasswordsthatcontainallsortsofcombinationsof
dictionarywordstocrackpasswords.Theprogramstheyusearepowerfulandquite
clever.Ifyouuseanythingthathasanysortofmeaning,theycanusuallycrackitpretty
easily.Sometimespeoplethinkthatiftheyuseacleverplacementofnumbersorspecial
characterstheycanbesecure.Howeverpasswordslike“passw0rd”or“s3cr3t”areeasily
understoodbypasswordcrackingprogramsandarehighlyinsecure.
Usingeasy-to-findpersonalinformationinapasswordisanothercommonmistakepeople
make.Forexample,includingazipcode,oranameofsomeonecloseinthepassword.
Skilledhackerssometimesdobackgroundchecksontheirtargets,andcanfeedsuch
personalinformationintothepasswordcrackingprogram,thusmakingthatkindof
passwordinsecure.It’snottoohardforacriminaltodoabackgroundcheckonyou,
especiallywiththeadventofsocialnetworkingsiteslikeFacebook;so,itisnotunlikely
evenifyouarenotahighprofiletarget.Furthermore,someonewhoknowsyouand
doesn’tlikeyouwillfinditeasiertoguessyourpassword.Andwhilewearetalking
aboutunsecuredpersonalinformation,itisalsoworthmentioningthatyoushouldchoose
veryobscuresecurityquestionssothatsomeoneclosewhodoesnotlikeyoucannotreset
yourpasswordonyou.Inthatsameline,ifyoufindsomeoneaskingyouwhatyour
mother’smaidennameisfornoapparentreason,takenote,anddon’tgiveittothem.
Anothergoodpracticeinpasswordsecurityistokeepyourpasswordatleast8letters
long,anduseanassortmentoflowercaseandcapitalletters,andperhapssome
punctuation.Tencharactersisevenbetter.Obviouslytheshorterthepassword,theeasier
itistoguess,orcrackbyamassivebrute-forcehackingattempt.Furthermore,byadding
injustcapitallettersyouexponentiallydecreasetheprobabilityofyourpasswordbeing
guessed.
www.ebook777.com
free ebooks ==> www.ebook777.com
Thosearethemajorguidelinesforchoosingapassword.Unfortunately,inadditionto
makingapasswordhardtoguess,followingthesecriteriacanalsomakeitdifficultto
rememberyourpassword.Sohowcanyouchooseamemorablepasswordthatisstill
secure?Onepopulartechniquetodayistocomeupwithamemorablesentenceandtake
thefirstletterandpunctuationofeachwordinit.Forexample,“Mybestfriend,John,
readabookoncybersecurity”.Takingthefirstwordandpunctuationyieldsapassword
“Mbf,J,rabocs”.It’saloteasiertorememberthesentence“Mybestfriend,John,reada
bookoncybersecurity”thanitistoremember“Mbf,J,rabocs”.Andapasswordlikethat
israndomenoughthatacomputerwillhaveaverydifficulttimefindingit.Torecap,here
aretherulesforsecurepasswordgeneration:
1. Atleast8-10characterslong
2.
3.
4.
5.
NOwordsthatarecontainedinthedictionary
Substitutingspecialcharactersforletters,andsimilartricksdoesn’treallyhelp
Nopersonalinformation
Ifthepassword’smeaningisanythingbutextremelyobscure,itisnotassecureasit
couldbe
Ok,sonowyouknowaboutchoosingagoodpassword.Butonegoodpasswordisn’t
enough.Youneedtohaveadifferentpasswordforthemostimportantloginsyouhave,
likeemailandbankaccounts.Why?Becauseifanyofyouraccountsthatusethesame
passwordarecompromised,allareatrisk.Thereareanumberofwaysthiscanhappen,
andeachisquiteproblematic.
Onewayhackerscangetaholdofyourpasswordisbyphysicallystealingaloginserver
fromawebsiteyouuse.(Aserver,bytheway,isjustacomputerwithspecialsoftware
thatallowsittorunawebsite.)Alternatively,theycouldalsocreateavirusthatcould
digitallystealthefilesfromthesiteaswell.Eitherway,thehackergetsaholdofalistof
users,alongwiththeiremailaddressesandpasswordsusedforloggingin.Usuallythe
passwordswillbeencrypted,butifanyoneisusingaweakpassword,theencryptionwill
likelybebroken,andthepassworddiscovered.Unfortunately,thesesamepeoplewith
weakpasswordsprobablyarenotverysecurityconscious,andsolikelyusethesame
passwordonothersitesaswell.Thehackerthentriestologintotheperson’semail
free ebooks ==> www.ebook777.com
accountwiththepasswordhediscovered,andifthepasswordsforbothaccountsarethe
same,thehackercansuccessfullytakeovertheemail.
Anotherreasontomakesureyoudon’treusethesamepasswordacrossmultiplesitesis
becauseyoudon’tknowwhatthewebsitewilldowithyourinformation.Theymay
immediatelyencryptitastheyshould,neverlookingatyourpassword,ortheymaystore
itintheirownpersonaldatabaseandpromptlytryandlogintoyouremailwithit.Itmay
seemlikeareputablesite,butitisquitepossiblethatitissimplyascamtogetyourlog-in
information.
Havingahackedemailaccountisareallybadproblembecausesomanyotheraccounts
areusuallylinkedtoit.Iftheyhackyouremail,theycan1)Browsethroughyouremailto
seewhatservicesyouuse,and2)resetthepasswordsonothersitesandquicklybreakinto
multipleaccountsyouhave.Theycanreadimportantdocumentsyouhave,impersonate
you,andmore.Iftheyhaveanypersonallyidentifiableinformation,theymaybeableto
correctlyanswersecurityquestionsandgetintoevenmoreaccounts.Topreventthisfrom
happening,NEVERusethesamepasswordforatleastyouremailandfinancialaccounts.
Doingsocouldhavedisastrousresults.Usingtwo-factorauthenticationisanotherwayto
protectyouremailaccountwhichwewillcoverlater.
Anothercriticalwaytokeepyouronlineloginssecureistopasswordprotectyour
computernotonlyonlogin,butalsowheneveryourcomputercomesoutofsleepor
screensaver.Thismayseemseemlikeaninconvenience,butcanbeveryworthwhile.
Thisisclearlyimportanttoprotecttheencryptionofanydocumentsandfilesstoredon
yourcomputer.Ifyouhaven’tspecificallyenabledencryption,itisneverthelessimportant
toprotectthelogininformationforyouronlineaccounts.Evenifyoudon’thave
encryptionenabled,thelogininformationtowebsitesisnearlyalwaysencryptedusing
yourloginpasswordbydefaultonyourcomputer.Ifyouhavesavedanypasswordsin
yourbrowser,andyetdon’thaveyourcomputerpasswordprotected,anyonewhosteals
yourcomputerwillbeabletoeasilylogintoyouraccounts.Ifyoudohaveapassword
present,itwillbemuchmoredifficultforintruderstoseethem.
www.ebook777.com
free ebooks ==> www.ebook777.com
Encryptingyourlogininformationisgood,butthebestwaytopreventpeoplefrom
stealingyouronlinepasswordsistoneverstoretheminyourbrowser.Forlessimportant
logins,storingthemmaybefine,butforyourmostimportantlogins,suchasemailand
bankaccounts,Iwouldstronglycautionyouagainststoringanyimportantloginsinyour
browser.Yes,itmaybeencryptedwithyourloginpassword,butstill,forsomethingas
importantasabankaccount,itsreallynotagoodidea.
Thereareanumberofmoreadvancedpasswordmanagementtoolsoutthere.LastPassis
oneofthemostpopular.Whenyoucreateanaccountonanewwebsite,itwillgeneratea
verysecurepasswordforyou,andthenrememberit.Youonlyneedtorememberyour
LastPassPassword,andLastPasswillremembertherest.Furthermoreitencryptsyour
passwordsandstoresthemontheirserverssothatyoucanaccessthemfromanycomputer
anywhere.
Theconvenienceofsuchasystemisobvious,andtherearerealsecuritybenefitstousing
it.Becauseitgeneratesandrememberssecurepasswords,youwillhaveverystrong,
uniquepasswordsforallyoursites.Theproblemis,however,allsomeonehastodotoget
allyourpasswordsisguesstheoneyouuseforLastPass.Thefactthatallyourpasswords
arestoredonaserversomewhereisfurthercauseforconcern.Ifoneofthoseservers
werecompromised,thenyourdatawouldbeatrisk.NowIcan’timaginethatthe
passwordsaren’tencryptedlikecrazyontheirservers,soyou’dprobablybefineusingthe
service.Thatsaid,ifyoudo,I’drecommendthatyoudonothaveitrememberyourmost
importantpasswordsjusttobesafe.
Bygeneratinglong,randompasswords,andhidingthembehindonemasterpassword,
LastPassattemptstomakeupforcommonsecurityissuesassociatedwithpasswords.
Unfortunately,itisstillsubjecttothesameweaknessthatanyotherpassword-protected
systemis—youcanlosethepassword,andallyourinformationiscompromised.To
combatthisweakness,engineershavedevisedanotherwaytoauthenticateusers.That
wayevenifthepasswordislost,thereisstillsomeprotectionfortheaccount.Thisis
calledtwo-factorauthentication,andismostoftenaccomplishedviatexting.
Here’showitworks.Onceyouvisitasiteandenterinthecorrectusernameand
free ebooks ==> www.ebook777.com
password,thesiteimmediatelydispatchesatextmessagecontainingasecretcodetoyour
phone.Tofinishloggingin,youmusttypethesecretcodeintothewebsite.Oncelogged
in,thewebsitemayrememberthecomputerorphoneyouareusingsothatyoudon’thave
togetanymoresecretcodesviatextwhenlogginginfromthatdevice.
Thismethodofsecuringloginsisanexcellentwaytohelpmaintainonlinesecurity.In
ordertohackyouraccount,hackersmusthaveaccesstobothyourphoneandyour
password.Gettingbothofthoseissignificantlymoredifficultthangettingjustone,and
addsinanextralayerofsecurity.Ifyouremailprovideroffersthis,Iwouldhighly
recommendyoutakeadvantageofit.Itisasmallhasslenow,butreallycouldsaveyouin
thelongrun.
F.WifiSecurity-Howitworks(andwhyyoushoulduseawiredconnectionifyou
reallywantsecurity)
Mostpeopleusewifitoconnecttotheinternetathome.Unfortunately,wifiisoften
insecure,andbreakingintoawifinetworkisoftenrelativelyeasy.Virtuallyallwifi
routersuseencryptiontoprotectyourinformationasitissentthroughtheairwaves.
Anyonewithinthevicinityofyourwifinetworkcanseeanyandalltrafficthatgoestoand
fromthewifihotspot.Thatiswhyencryptionisusedtokeepyourinternettrafficthrough
yourwifisecure.Unfortunately,mostoftheencryptionmethodsusedwithwifiare
relativelyweak.
Tohavethebestchanceofsecuringyourwifinetwork,chooseagood,strongpassword
likewehavediscussed.Seriously,ifyoudon’tyourwifipasswordcouldbecrackedin
minutes.Forcriticallocations,chooseanevenlonger,morecomplexpassword.
Forwifisecurity,thestandardWEP(WiredEquivalentPrivacy)encryptionprotocolis
widelyknowntobeeasytocrack,andisofficiallydeprecated.Theonlyreasonyouseeit
onyourroutertodayisforlegacyreasons.WPA(Wi-FiprotectedAccess),wasthenext
securitymodeinventedtoaddresstheproblemswithWEP,butwasalsofoundtohave
significantsecurityholes.Toaddressthis,anotheralgorithmhasbeeninvented,called
www.ebook777.com