Articles‎ > ‎Data Security‎ > ‎

Securely Surfing the Web, Part 2

No Security Solution is Perfect…

Every security device or system has a “weak link” that makes it vulnerable to being exploited.  For example, the strongest encryption is vulnerable to a weak passkey which is used to encrypt the data it’s protecting.

Windows, Mac OS X and Linux (which is used by the Chromebook) are vulnerable to DNS attacks where the DNS servers were compromised or settings were replaced.  For example there is a new attack where a machine infected by a certain type of malware sets itself up as a DHCP server on a network.  This allows the malware author to redirect unsuspecting users into using tainted DNS servers. (Note: for more information search for “TDSS Rootkit” [http://en.wikipedia.org/wiki/TDSS])

As more data gets stored in the “Cloud” the need to compromise local computers becomes less important.  Popular web sites or service providers will become a more highly valued target to an attacker.  Smaller companies are even more enticing targets to data thieves’ because generally they don’t have the money or expertise to properly secure their data.

Another exploit that attackers use now are weaknesses in web applications that we use every day.  Some web sites don’t always their encrypt authentication process, which made it possible for someone to steal the browser cookie used to authenticate that web browser’s session.  For example, this exploit was used against several popular web sites, it has since been patched but it took a few months for the companies to fix this vulnerability. (Note: for more information search for “Firesheep” [http://en.wikipedia.org/wiki/Firesheep])

Any unencrypted information is fair game on the Internet. Whether you enter into a web site or you store files on servers in the cloud your data is vulnerable.  Protect yourself by:
  • Ensuring your browser session is encrypted by checking for https:// in the web address before entering personal or private information into a web site.
  • If you use a cloud based file backup solution use an application like TrueCrypt (http://www.truecrypt.org/) to encrypt your data before storing it at the service provider.

Are You the Weakest Link?

If someone does something like click on links in spam, or download an executable from some site or person that they don’t know.  Then it’s those people that you almost can’t build enough protections into the system to guard them from themselves.

Sometimes there can fine line between exploit and foolhardiness, and sometimes there is foolishness.  It’s also hard for system prevent person from giving away their personal and private information such as a social security number, bank account information, username and password, etc. 

Its situations like this that it’s up to person using the Internet to learn about some basic data security techniques, such as:
  • Never give out any personal information to anyone on the Internet you don’t trust.
  • Use a strong password, change it often, and use different password for every web site and application that you use.
  • Encrypt and backup your data regularly.  Store it off-site or use an Internet backup service.
  • Never download executable or click on links from sites or email you don’t trust.
  • Patch your system and application, use a firewall, and an up-to-date anti-malware suite.

For more tips, check out my book Avoiding Information Insecurity: Fighting Modern Day Cyber-Threats (2011 Edition).

(Read part 1 of this article)

Comments