How many of you would take your home computer to a public place and leave it running?
Or make a list of every web site you browse (EVERY WEB SITE YOU BROWSE) and publish it in the newspaper?
Would you write your credit card number down on pieces of paper and pass them around large groups of people?
We are engaged in the digital analogs of these things all the time, and most of us don't know it.
How many of you would take your home computer to a public place and leave it?
If you fire up a wireless laptop in my house you'll see four of my neighbors' wireless networks, all but one open to the world. I'm about as technical as the sole of an old shoe, but it would be trivial for me to hack into one of their computers and cause all kinds of problems: peek at pictures, read on-line journals, grab credit card numbers or snag on-line passwords stored in cache. Though I'm harmless, some are not. This type of cyber-tom-foolery happens regularly. Thieves drive around looking for wireless networks, discover them, break into them (usually trivially) and make off with the digital rewards.
Or make a list of every web site you browse (EVERY WEB SITE YOU BROWSE) and publish it in the newspaper?
If you think only you know the web sites you visit, think again. Your computer stores traces of where you go in cyberspace and, depending on the security settings on your browser, other web sites can get access to that data. Even if you're careful on your computer, the ISP you use to connect to the Internet can store that data. Some of them are even starting to sell that data--in a way that is actually pretty ingenious. Let's say you're up on a web site reading a review of the movie "Bourne Ultimatum." You might notice that the next web site you go to has an ad to rent or buy one of Matt Damon's other movies. This is possible because some ISP's are starting to provide data about the last place you browsed to the next place you browse and charging for that information. Read the privacy notice of your ISP carefully and I imagine that in many cases you'll find that you can't prevent it.
Would you write your credit card number down on pieces of paper and pass them around large groups of people?
If you send your credit card number over email or tell someone your credit card over the phone (land-line or cell phone) you might as well be writing it down on little pieces of paper and dropping them off a building roof into a crowd. Technology for "listening" to phone calls and "sniffing" emails on the Internet is basically mainstream. It's easy to rationalize, "Oh, I'll just do it this once," but the first time you find big charges on your credit card that you didn't make, you get serious about protecting yourself.
It's interesting to me that we can be so much more careful about protecting our non-digital assets, when our digital assets can be stolen or undermined so much more quickly.
I'd love to hear what precautions you're taking to protect yourselves.
My wireless router has the ability to configure two seperate SSID's, one for my own private network, and one for guest access. My neighbor can log in to the guest access and use the Internet, while I still am on a seperate network! Of course, anyone can setup a simple firewall to protect their home network :)
ReplyDeleteBeyond that, I make certain to be careful who I give my credit card number to. Though I don't worry about it too much. I assume that anything I post or do on the Internet is public information if it is not encrypted (properly, too). If I really want anonymity, I use TOR in (In combinations with encytion- encryption is a MUST for TOR usage!)
-James Lee Vann
Simple. I use Macintosh - just like the military is starting to do. No adware, no spyware, no virus problems. One scan of Secunia.com shows fewer security worries for Mac than anything Windows based, so that about says it all.
ReplyDeleteMy home network is double firewalled (meaning, I have a firewall at the router and one at each of the computers in the network), so we could say I do run my systems in "paranoid mode" :-)
ReplyDeleteSince I do not provide services outside the LAN to the web (I do not need to) I'm 100% invisible to the "outside world". In my firewall I never use 'deny' but 'drop' packets, so for scanners my machine does not exist.
As per my WiFi I use the same approach as Alex Esplin (above) using WPA and Hardware address (or MAC address) to allow access to the LAN. i do not use a WiFi router, but an access point. The difference being that the access point is a specific address in the LAN though which any machine trying to access the network has to authenticate and match up 1) ESSID 2) WPA and 3) have a valid MAC address. On top of that I use a feature referred to as "not promoting" by which your router/access point is effectively hiding itself from WiFi scanners. This means that anyone trying to find my ESSID ( required to log in ) has to get it from me.
I think that in therms of protection that is good enough ... but I'm considering to encrypt transmission in a not distant future ... when I can devote the time out of coding to apply encryption ;-)
[...] In response to: Joel Dehlin: You Have the Right to Remain Visible [...]
ReplyDeleteI think that with a little research and common sense it isn't too hard to protect yourself from the hackers that are out there. The truth is the best thing someone can do to protect themselves is ask for help. There is usually at least one or two people in a ward or friends with someone who can secure your network, turn on your firewall and filter your cookie access.
ReplyDeleteI recommend encouraging your bishop to have someone hold a class or fireside and spread the word. It's similar to missionary work...nothing gets done until you open your mouth.
Many computers systems now, especially the most recent technology have some protections ON by default (computer firewalls, browser privacy settings).
ReplyDeleteOnce simple way I protect my home wireless network is by making it 'invisible,' i.e., I don't broadcast my network name.
While I believe being aware of these issues is important, I'd caution against paranoia. Real privacy issues lie with a minor point made in your post - companies legally selling your information (ISPs are only one example, think super market bargin cards, credit reporting agencies, etc...)