"Everybody needs beauty as well as bread, places to play in and pray in, where nature may heal
and give strength to body and soul." - John Muir   Get Kids Outdoors - Get Active - Get Walking

skip



Security and Privacy Guide

New Security Risks & Ways to Minimize Them Part 1

Believe it or not, unlike before, we're now in a new age in which basic security software no longer protect our valuables, because the new threats either disable or corrupt them.

So in addition to taking the usual security precautions (using up-to-date two-way firewall, antivirus and antimalware, and installing updates), I strongly encourage you to read the sobering quotes in every section of this page carefully and then do as recommended, if you haven't already, to minimize your risk of theft of your identity, money, accounts and domain name and website, if you have them.

Disclaimer: By checking out the security resources on this page, you acknowledge and agree that I will not be liable for any loss or damage resulting from those actions.

Risks & How to Minimize Them:

Social Networks

"If you're not knowledgeable or aware of the dangers of social networking, you can leave yourself wide open to identity theft and all the scams that go with it." - BeyondIdentityTheft.com

"When people hear about identity theft, they tend to think of credit card fraud and not what's happening to me. I cannot believe how easy it was for my former classmate to steal my good name and use it as his own..."

"If I've learned anything from all of this, it's that it's my job - and my job alone - to protect my own identity. It's a sad world when the only thing someone has to do in order to commit a crime against you is hear someone else wish you a happy birthday." - IdentityTheft.com

"You make it easier for identity thieves when you make lots of information about yourself public like your birthday, address or phone number because these are often used by call centre workers at your phone company, bank, insurance company. etc. as security questions before they change your password or postal address." - Neerav Bhatt

"ZIP code, [gender], and birth date are enough to determine your exact identity 87 percent of the time, as noted by Latanya Sweeney of Harvard's Data Privacy Lab." - Kevin Gold, Slate.com

For Americans:

"The first five digits of your Social Security number are derived from your birth date and your hometown. So if you post your birth date and hometown - and many people do - you could potentially be revealing over half of your Social Security number." - UT Dallas

Affiliate Marketing (For Americans)

"Are you an aspiring Internet affiliate marketer? ... Are you using your Social Security number as your Taxpayer ID Number? If so, you [are] exposing yourself to the risk of identity theft." - Xiao Huaz

"With identity theft on the rise, it's important to keep personal information (such as your Social Security number) private. However, the [U.S.] government requires that anyone who pays you more than $600 in a calendar year needs to report it to the IRS."

"That reporting must include either a Social Security number or an EIN. If you don't want to give ... affiliate programs your Social Security number, you will need an EIN." - strategicofficesupport.com

"When you sign up with a company to become an affiliate they will likely ask for [your Social Security Number, if you're an American]. If [you are,] it is important that you obtain an employer identification number or EIN. It... can protect you from identity theft."

"You do not have to employ anyone to get an EIN. You only need to have a business... It takes seconds, is free, and very important." - Arthur M., 6ways.blogspot.com

Router

"The worst defence is thinking you’re protected because you have an antivirus you paid good money for. Unless you’re using [a computer] with no internet connection you will be at risk of malware infections even with your well-known brand antivirus and spyware scanners, because modern malware can turn off or damage your AV scanner and avoid detection using sophisticated methods such as CD Emulation Technology."

"This type of rogue application silently injects malicious code from infected ads on legitimate websites. Staying safe online needs a rethink of the battle plan. It’s no longer about just one thing, like a good antivirus."

"AV and malware level protection is an essential, but not front line defence – anymore."

4 Things That Are Now Frontline Defense:

1. A Strong Router Password

"Recently we have seen a browser re-direct that is installed not in the PC, but in the router. Each request in Google search redirected to an unrelated website. The reason the bug was able to install into the router was because it had a default password. When setting router passwords or any password the usual advice is to use complex and difficult passwords." - wiredoffice.com.au

2. A Secure DNS

"Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user’s online web browsing." - Praveen Kumar, freshersplane.com

Using [a secure DNS service] helps protect you from phishing sites and infected websites.

3. A Browser in a Sandbox

"This is the problem… over the past couple of months, we have noticed an increasingly viscous class of infection. It is able to get past any and all virus protective systems. It doesn’t matter whether you run Norton, McAfee, AVG, Trendmicro, anything. No [purely] antivirus software can stop this type of bug."

"The most important tool to use is Sandboxie [or Comodo Antivirus, which includes antivirus, a sandbox and a secure DNS service]. Sandboxie approaches malware protection from a whole new angle. It doesn’t attempt to block anything. What sandboxie does is run your browser from within a contained space on your system and its hard drive."

"Anything transmitted to your machine from the web while browsing is unable to escape this container. When you close your browser, the container is obliterated." - Bryant, quickfixgeek.com

4. Trusteer Rapport

This browser plugin creates a secure pipeline around your connection to a trusted website, that blocks all malware, keeping your private data and money safe and secure. (See the shopping and online banking section below for more.) skip

Java

The U.S. Department of Homeland Security and many cyber security experts advise users that they’re safer and better off without Java.

"There is no reason to enable Java in your browser. It has a very poor security track record and is a major security risk. Disable it immediately." - Stach & Liu - (Java is not Javascript, which you sometimes need on web pages.)

Please Note: You need Java for attending webinars. Unfortunately, it's not possible to disable the latest versions of Java completely when it's not needed - even in Windows (see below). So I strongly recommend you disable Java support in your browsers until you need it or uninstall it if you won't be attending webinars or using other Java-based applications.

How to Turn Off Java On Your Browser - and Why You Should Do It Now

For Mac OS, I recommend disabling Java in two places: in your browsers as instructed in the link above and in System Preferences.

Unfortunately for Windows users, despite what tech websites say and even Oracle, Java's creator, says, disabling Java in Internet Explorer is no easy task; which means re-enabling it is too. So I recommend disabling Java support in another browser and using it for safe web browsing, and leaving Java itself enabled so you can still attend webinars.

Browser Plugins & Desktop Software

Browser "plug-ins don't automatically update, so over time, your plug-ins may get outdated as new versions are released. Keeping your plug-ins up to date is important since many exploits on the web target outdated plug-ins with security flaws." - Google

"Make sure your desktop software is updated because that's where people are being attacked today - Java, Flash, Adobe Acrobat, Windows Media Player, QuickTime."

"These types of client-side vulnerabilities are being exploited. There is a free product by Secunia called a "Personal Software Inspector" you can download for free. It helps mitigate the risk." - Kevin Mitnick, FBI's most-wanted hacker-turned security expert.

Browser Extensions

"I disable [browser] extensions when I am using high-risk, public networks (airports and hotel Wi-Fi)." - Adrienne Porter Felt, security consultant

"Only install [extensions] from websites that you trust. Web browser [extensions] allow webpages to display things like toolbars, stock tickers, video, and animation. However, [extensions] can also install spyware or other malicious software. If a website asks you to install an [extension], make sure that you trust it before doing so." - Microsoft

JavaScript

"Most Web sites use JavaScript, a powerful scripting language that helps make sites interactive. Unfortunately, a huge percentage of Web-based attacks use JavaScript tricks to foist malicious software and exploits onto site visitors. To protect yourself, it is critically important to have an easy method of selecting which sites should be allowed to run JavaScript in the browser." - Brian Kreb, Kreb on Security

JavaScript-Blocking Extensions

Wi-Fi Hotspots

"Coffee shop wireless is like playing Russian roulette: one day the bullet will be in the chamber." "Never use public wifi [wireless] without a VPN." - Stach & Liu, security consultants to the Fortune 1000, high-tech startups and financial institutions

"If you're on an open wireless network, use VPN." - Kevin Mitnick, FBI's most-wanted hacker-turned security expert.


Back to Navigation Links


Get notified when this page changes.

ChangeDetection.com
(requires free registration, has RSS option)
     It's Private


WatchThatPage.com
(requires free registration, has several options)


If you like my web site, tell your friends and family about it. (A window will appear if Javascript is enabled in your browser, and if you temporarily disable your popup blocker, if you have one.)

Recommend my web site to a friend for free.
powered by bravenet.com


Place a Pin on My Guestmap


Please read my disclaimer before visiting the following top sites.

  • Christian Top 1000
  •   Fish the Net's Top Christian Web Sites
  •   Crossmap's Christian Website Rankings
  •   Top Christian Web Sites

Brent's Place at brentsplace.info

©2000-2006 All rights reserved.

Naturalist Template provided by Designs by Darren. Released under a Creative Commons License.
Image of Half Dome provided by PD Photo and STUDIO7DESIGNS in Nautica 2.2 Template
Basic CSS Menu provided by CSS Play.