Search the Community
Showing results for tags 'cyber assets'.
This is a loaded question, because it is dictated by you and what angle you are looking at it. So, the very first question before you go further is: “What/Who am I?” then you follow that with “Who do I think I am up against?” Private Folk: This is the primary target for this forum. Who – You, your kids, family & friends Opposition – Cyber Crime, Hacker Groups, Lone Hackers, or Script Kitties, Government Business person at home: Looking at more mom & Pop to smallish business for our readers. Who – Shall we say for argument small business like you doing web design or the businesses you design for. Opposition – Cyber Crime, Hacker Groups, Lone Hackers, or Script Kitties. Travelers, Big Business or Press: Again, rather big league for my purposes. Who – Big businessmen or Press traveling to questionable areas. These folks can expect to be hacked within 1 hour of signing into their hotel in places like Russia or China. You would not want to have a laptop full of business secrets or notes on where you will meet a dissident. Opposition – Secret police, law enforcement, nation state government backed cyber units. The Dissident/Activist: I am not going to cover this person much as I doubt any of you fit the bill. Who – The Dissident we will say is risking their freedom or life to fight for justice. Security for them is life & death for them and their loved ones. They have to stay smart, extremely paranoid and on edge. Opposition – Secret police, law enforcement, nation state government backed cyber units. Common sense will tell you that You want to protect your computer, phone, tablet and computer from hackers, malware, ransomware, viruses etc. and you’re up against medium to minor threats. The dissident does not want to die so needs aliases, deep covers, saves nothing on a PC. Encrypts hard drives, what you see spies do in movies and are up against well-funded professionals with great skills and tools and the “Law” on their side. Now ask yourself: What is important to me? What am I protecting? What is important to me? - Security or Privacy? This is confusing at first, I know. If my PC is secure… my Personally Identifiable Information (PII) is private. But let us take Google Chrome as an example. Now for the first time the most popular browser in use and many of you use it. I did until I got into security. But look at it from a purely security stand point, shall we? Chrome: Security: Google is a very secure browser. It has had fewer vulnerabilities found than Firefox and they were fixed quickly. Chrome has a form of sandboxing built in. It has a big organization behind it. Google offers rewards to hackers who find vulnerabilities in its products. Privacy: Google is everywhere. It tracks everything you do. The moment you come to Killersites, Google knows you are here and ads that data and you can be profiled by it. KS uses Googleanalitics, so google knows you are here and can surmise how often and what other web sites you go to and before you know it they guess you are a web designer. Google owns many sites now like YouTube, and analytics are everywhere. Google has a corporate monetary interest is tracking you, learning your likes and dislikes and selling it as well as feeding us targeted advertisements. Firefox: Security: Firefox has more of a history of vulnerabilities, but they have all been fairly minor and quickly patched. Firefox has been around longer with a bigger following so a better target for hackers. Now Chrome will be targeted more often. Firefox also has more available security and privacy extensions to make it more secure. Privacy: Mozilla Just makes a browser (OK, email, colander etc.) and has no monetary interest in tracking you. So, as you can see, Chrome may be the more secure browser in theory, but it is a nightmare if you don’t like being tracked. So, Security is about protecting your application. machine etc. from unauthorized changes while Privacy can be about you. What am I protecting? These we call “Cyber Assets”. This is up to you. Here are some ideas, starting with the obvious: Passwords, especially Master Passwords Banking, Stock and other financial info data PII data like SSN, birth date, medical data etc. Questionable Photos & Video Questionable materials How about personal photos, not adult, just simple photos that can identify you, help identity thieves, help people pose as you How about your interests than can be used to profile you Tracking Websites you visit that can profile you Cookies and other things that can track you for a profile Your OS, browser, browser plugins, and cookies can all be used to “fingerprint” you. You could be identified by this data These are some things you will need to consider as you read anything else I post in this forum. You will need to consider these things as you decide for yourself just how far you wish to go with YOUR security. You may have no problem with Google tracking you and making money off your data.