By Joe Kashi, for the Redoubt Reporter
Internet communications can be likened to walking in a beautiful but snake-infested jungle — you need to watch where you step. Train yourself and those around you to be security conscious.
Computer security is as much commonsense and a security-conscious mindset as it is a specific program or piece of hardware. For others to compromise your security, they must first have some sort of “in,” whether physical penetration, operating system security deficits that have not been identified and repaired, or the surreptitious installation of malicious software by infected removable storage media, from other infected computers on your office network or delivered as an Internet payload.
- Avoid the back alleys of computing that are especially likely to mug your data or privacy. Some Internet sites look and sound like the real thing but are silently redirected to scammers. This practice is termed “phishing” but can be readily countered by turning on the “phishing filter” in most browsers, avoiding redirected websites and using some common sense. Although an old exploit, it’s still very common. In fact, I recently saw this occur with TED talks, of all things.
- Never give out personal and financial data of any sort in response to email. Be especially wary of unsolicited emails to the effect that your login data or financial and bank account information should be verified or updated. These are often crude but frequently effective attempts to get enough information to victimize the unwary. If you really must make changes, then do so by telephone to an independently verified telephone number to your bank’s service department or a known good login site that you independently enter into your browser’s URL window.
- Be particularly careful about opening the attachments to unsolicited email. This is a favored delivery mechanism for malicious payloads.
- Always enable some sort of firewall program on every connected device, whether mobile or office-centric.
- Avoid using remote access features that allow you to access and manipulate your office network. These can be severe security risks unless you set up what is termed a “virtual private network,” which uses a dedicated port for secure, automatically encrypted, two-way communication over the Internet. A VPN requires the same encryption keys on both ends, so it’s relatively safe. If at all possible, disable all forms of remote access into your devices.
- One of the most important general security approaches is to ensure that your computer downloads and installs both routine and critical security and operating system updates. After ensuring that your system is up to date, check your general security settings, making a sensible balance between security and ease of use.
- Turn off the automatic execution by your Internet connection of scripting, Java, apps and Active-X components. Require that you be prompted to give affirmative permission before running them or altering your operating system, programs or apps. Doing so gives you at least a little bit of control over potentially rogue programs that might damage your system or compromise your privacy and security.
Wi-Fi wireless networking can be relatively secure, and the latest .11n versions have reasonably good bandwidth. Unfortunately, we still see a fair number of wireless network users who do not implement whatever security their hardware allows.
Mobile computers and other devices with activated Wi-Fi hardware can be susceptible to ad hoc network intrusion. A few years ago, I spoke about computer security at the American Bar Association’s annual technology conference in Chicago, placing a $20 bill on the podium and challenging audience members to see whether they could connect to my notebook computer. It took some of the audience members less than three minutes to do so, even though there were no nearby Internet “hot spots.”
Most people don’t realize that the wireless connections of some Windows operating systems can silently make direct ad hoc connections to other unsecured Windows computers with peer file sharing activated. In such cases, a stranger can read your files and write to them without your knowledge.
I’ve personally observed wireless security breaches literally occurring in real time when Windows network bridging features surreptitiously connect one notebook computer’s wireless card to another wireless-equipped computer and use that rogue wireless connection to further connect to a business’s theoretically more secure, hard-wired network. It’s among the more significant problems that can occur when people use their own devices for business purposes. So-called rogue computers are then beyond any security measures instituted by the firm and can then infect other systems, compromising the security of the entire network.
While waiting at Chicago’s O’Hare Airport after speaking about computing security to an American Bar Association technical conference, I startled a group of waiting passengers by simply turning on my notebook computer, watching as it detected and connected to powered-up notebook computers being carried down the concourse by other passengers. These people, of course, had not implemented even rudimentary wireless network security.
Bluetooth and Near Field devices are probably even less secure when used without sufficient care and knowledge of their connection methods. Always pair Bluetooth and Near Field devices in a secure area, then turn off discovery and lock down your Bluetooth to ensure that nothing but already paired, trusted devices can connect.
Losing flash disks
Those tiny, ubiquitous flash drives and memory cards are easy to lose. Inexpensive USB 3 flash drives now frequently store as much as 256 to 512 gigabytes of data. That’s larger than the hard disk capacity of many busineses’ central network file servers. Some newer devices, such as the Ironkey USB external hard disks and flash drives and Sandisk flash drives sold at Costco, include data encryption capabilities built into the drive. More expensive versions include biometric authentication devices. The Ironkey devices with biometric authentication are relatively expensive compared to the competition but are the safest option if you’re carrying sensitive data.
Computer security is inevitably a moving target requiring reasonable diligence in identifying technology that’s convenient and helpful without unduly jeopardizing security. Mobile computing and communication has not only the usual risks for office-centric systems but also security concerns unique to the mobile experience. If you use mobile devices and cloud service, then you’ll need to take into account the additional mobile concerns that we highlight in this article.
Art of satire contest
The Redoubt Reporter and ARTSpace, Inc., are sponsoring a satiric art writing contest open to everyone, with suitably satiric prizes. Parody pomposity! Release your inner philistine!
Good visual art either works or it doesn’t. Attaching pretentious, pompous writing that “explains” the image adds little value. Too often, though, boring images are subject to art “criticism” that seems to bear more resemblance to the writer’s inner projections than to the image itself or the artist’s intent.
In appreciation of delightfully horrid, florid writing, we’d like you to give it a try.
We’ve published several unmanipulated photos of real objects and scenes that appear abstract. Write some satiric commentary about one or more images, identifying which photo(s) you are satiring. Your parody should be plausible, pretentious-sounding and humorous.
I’m unwilling to hold anyone else’s images up to ridicule, so these are my own photos. Fire away! When the Redoubt Reporter publishes our favorite submitted satires, we’ll tell you what these photos really are.
The images and more information can be found here: www.redoubtreporter.wordpress.com.
Email entries to firstname.lastname@example.org. Be sure to mention which photo(s) you are referencing. Entries on each photo should be no more than 150 words. Tell us your name and a little about yourself — profession (or school you attend if you’re a student), where you live and any art background you might have. The deadline to enter is Dec. 7.
Local attorney Joe Kashi received degrees from MIT and his law degree from Georgetown University. He has published articles about computer technology, law practice and digital photography in national media since 1990. Many of his articles can be accessed through his website, http://www.kashilaw.com.