Dan Griffin's Blog

Comments on security, PKI, smart cards, cryptography, and entrepreneurship.

Check out this poor guy -

http://www.shahine.com/omar/WhatWillYouDoWhenItHappensToYou.aspx.

 

Some tips for avoiding his fate:

  • Don’t use WiFi. In fact, if you really care about your data, don’t use WiFi ever, anywhere, including in your home. Relax that recommendation if you know what you’re doing and have configured a strong key and admin password on your wireless router. And note: corporate certificate-based wireless access, such as what Microsoft campus uses, is secure.

  • Don’t use the same password for multiple sites. If one site is compromised, then your accounts at all of the other sites that share that same password are compromised as well.

  • Ditto for password recovery phrases. Those are generally bad news anyway, because they tend to be easy to guess, especially by a hacker who has obtained other information about you.

  • Always use SSL. For example, you can access Gmail via https://www.gmail.com. Too bad encryption isn’t the default on the free email systems.

  • Check your machine for spyware. If your browser periodically crashes, you probably have spyware installed. If you install a lot of software off the internet, you probably have spyware. If someone has hacked one of your accounts, you may have spyware. Go to a reputable security vendor, download their latest spyware cleaner, and run it.

 

Stay safe. We’re all in this together …

Permalink |

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment