Computer Security

As a chain is only as strong as its weakest link, your electronic communications are only as secure as your computer.

If you are running Windows, the good news is there are thousands of free and commercial software packages available to make your computer more secure. The bad news is you probably need them all – and even then, your system will not be very secure. If security is really important to you, switch to another operating system.

Never use your employer’s computer for personal confidential communication. You don’t know and you have no control over what is being monitored or archived or the security of the machine.

The Threats

Threats can be broken into two categories: casual and targeted. Casual threats come as part of the territory as soon as you connect to the internet. Targeted threats come when someone really is “out to get you”.

Casual Threats

The 11/29/2004 edition of USA Today describes an experiment performed in September 2004 in which 6 different computers were connected to the internet, powered up and monitored. “Break-in attempts began immediately and continued at a constant and high level: an average of 341 per hour against the Windows XP machine with no firewall or recent security patches”. The lowest level of attack was 1.9 per hour against a Linux machine. All this was without a user opening a web browser or reading an email.  Things have gotten much worse since 2004.

The machines were left on line for two weeks. “While attempted break-ins never ceased, successful compromises were limited to nine instances on the minimally protected Windows XP computer and a single break-in of the Windows Small Business Server. There were no successful compromises of the Macintosh, the Linspire or the two Windows XPs using firewalls”.  That was 2004, otherwise known as “the good old days”.

In 2005, the BBC reported an experiment in which an unprotected PC was infected within 8 seconds of being connected to the internet.

The break-ins and infections above are passive. This means all the user had to do was connect his computer to the internet and turn it on. In 2004, 99.4% of the attacks were eliminated (not just thwarted) simply by moving from Windows to Linux.  But Linux is not immune to attack either. You need to minimize your exposure through conservative administrative practices such as disabling all unused ports and services. Some Linux distributions, such as Ubuntu, do this by default.

There is a wealth of information on hardening a linux system to be found at Linux

The other type of casual threat is active and requires the user to do certain things to enable the attack. Unfortunately, these maybe the very things you bought a computer to do, like surf the web and read email. Fortunately, once you have moved to Linux (or MacOSX), these activities become much less risky.  Not only are the operating system and applications more secure, they are also much less frequently targeted.

Should an attack on your computer, by means of any vector, succeed, what is the attacker likely to do? The most common malware allows the attacker to take control of your computer. He may then use it for his own purposes which may include sending spam, and using it to attack other computers. He may also install malware that tries to capture your sensitive information such as your credit card numbers, bank accounts, passwords, and PINs. In this case the motive is financial.

Targeted Threats

If you are being targeted for attacks, it means someone is after you specifically. You may or may not know why.

Because they are targeting you, the infection vectors will be different. They are likely to first try to get into your machine through the internet because it is most convenient for them. Or, they may try to trick you into downloading some bit of malware through an email or lure you to a particular website. Finally, it is not unheard of for someone to break into your house to install software or even hardware on your computer.

If you are under surveillance, the person watching you will most likely want to install a keylogger. A keylogger will track every keystroke you type and either send it to the watcher or write it to a file for later download.

Keyloggers can be software or hardware. Inspect your computer frequently. To make tampering more detectable, paint screw heads and other access points with an odd color nail polish so that turning the screws will crack the polish and be detectable. Much more on keyloggers can be found on Wikipedia.

Remember, if you are being targeted, your internet connection is being tapped. Use TLS connections and encryption for everything you can. That will at least slow things down for the watchers.

All sensitive files on your computer should be encrypted. Keep your encryption keys on a memory stick in your personal possession at all times.

Positive SSL Wildcard