DOWNLOAD: Best tool to repair Windows problems & optimize system performance | Best driver update software for your PC
 
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Security and privacy at the same time. A basic view.

  1. #1
    Cithel is offline Senior Member
    Join Date
    Nov 2009
    Location
    Omaha, Nebraska USA
    Posts
    168

    Default Security and privacy at the same time. A basic view.

    If this isn't the place for this my apologies. It started out as an email and my friend suggested that I post it so others can read it. Feel free to delete it if this isn't the place. Thanks.

    I'm not paranoid. I've been using PC's in various forms for 20 years and have seen one, perhaps two viruses on any of the systems I've managed. I don't mind that the NSA wrote a security document for Microsoft and anyone that steals my identity will be sorely disappointed. But at the same time we have to recognize that any OS is vulnerable to attacks. Yes Alice, even Mac's.

    In my opinion privacy is an even bigger concern. What information can people get from you without you knowing? It turns out that it's as much information as you are willing to give them. But by using a relatively easy to setup basic configuration and simple common sense you can manage the risk.

    Let's start with common sense. Knowing that you are always vulnerable is the key. Before clicking a link, opening an email attachment, filling out a form, downloading a file from a website, IRC or a torrent ask yourself if you trust the person that is making it available to you. If you are not sure that you trust them, don't do it. The thing to keep in mind is that the person making things available on the Internet is just as likely to be a criminal as the person you deal with in a face-to-face real world encounter. If I popped up in front of you and in real life and said; "Here is this free CD with all kinds of cool screen savers and stuff, just install it on your computer, its safe!" would you do it? Or would something seem fishy? On the internet, if something seems fishy then it probably is, just like the real world. Your instincts are your friend, using them is the first line of defense!

    Because I sometimes forget to ask myself if what I'm doing is a good idea I have a basic security configuration in place. The goal of that configuration is not to be invulnerable, but to be good enough. The truth is that you are unlikely to get a virus, trojan or worm in the first place (see common sense above). To that end I don't need the best anti-virus (flavor of the week), nor do I need to run multiple software programs that do the same thing. One firewall is enough. Don't laugh, I've had customers call me and say that they can't get on the internet and when I get there I find two or more firewalls running along with a couple virus scanners and two or three anti-malware programs. Reasonable defense is the key, not a false sense of protection. You know, like the Apple commercials. Sorry, couldn't resist.

    ---------- Post added at 07:04 PM ---------- Previous post was at 07:02 PM ----------

    A "good enough" security and privacy configuration consists of the following:
    1. A router with an active firewall.
    2. Latest released version of your operating system.
    3. Software firewall.
    4. Anti-virus software.
    5. Anti-malware software.
    6. Sandbox software.
    7. Properly configured Web browser with add-ons.

    I can hear it now, but you said 1 firewall is enough! True but the firewalls that I'm talking about serve different purposes (see below). This setup is what I think of as a default-deny configuration. Simply put that means that unless I choose to allow something it is denied.

    A router with a firewall.
    This is a key piece of equipment and I highly recommend having it. This is the piece that protects you from outside attacks. If you are running an older or un-patched OS this part is essential. This device sits between your cable modem (or whatever device your ISP gives you) and your local computers. When it's configured to block all incoming internet connections and the password is changed from the default it makes your local computers / internet connected devices virtually impervious to outside attack.

    Latest released version of your operating system.
    You should always run the latest released version of your operating system unless there is a very good reason not to. On the Windows side of things Vista was much more secure than XP. XP is much more secure than Windows 2000. Windows 7 is much more secure than any previous release. Is it perfect? No. Is it better? Very much so. There are many reasons that neither Microsoft nor anyone else can release an OS that is impervious to attack, including things like anti-trust and lack of perfect humans to write the code but by and large each generation of the OS is better than the last. Also you should patch your operating system on a regular basis. Updating on a regular basis is highly recommended and Microsoft (among others) makes this really easy with Windows Update.

    Software firewall.

    A software firewall runs on your computer for the purpose of preventing information from going OUT of your system without your permission. The router stops people on the internet from connecting to you and this prevents software on your computer from contacting them, without you knowing about it.

    Anti-virus software.
    A real time virus scanner to insure any files that you do download are safe before you open them.

    Anti-Malware software.
    Real time malware protection is a key component in your security setup. Malware accounts for more privacy issues than any other threat in today's computer environments. Anti-malware programs monitor what the software on your system is doing and looks for suspicious activity. I recommend a good basic program that is easy on resources but that is updated frequently.

    Sandbox Software.
    This is the piece that most people find the most confusing and the hardest to setup. The way that I finally understood the idea was when I started thinking about the sandbox as a container. The sandbox software creates a "container" for programs to run in. To any program running inside the container it appears just like a normal computer but it isn't, the container holds everything that the software does within the container. This provides a "virtual work area" for the program. The benefit of doing this is that any malicious software that is installed or run within the container never gets out of the container unless you explicitly allow it (Default Deny from above). For my purposes this container provides not only a work area for potentially risky programs but a way to insure that someone that steals my PC doesn't get my personal information. There are other privacy benefits as well.

    Properly configured Web browser with add-ons.
    When a browser is "sandboxed" security is much less of an issue but the browser is still a huge part of the privacy issue. Personally I don't like companies that collect information about me without my permission so I use several add-ons that do a pretty good job of blocking most of those trackers. I also use an add-on that blocks web site advertising on any site that I don't trust. Ad blocking is a tougher issue with me as I know from experience that a website needs the ads to cover real costs so I use the add blocker sparingly. I also use an add-on that manages and stores my on line passwords. It's beyond the scope of this guide to explain how it works but passwords are stored at their location in a secure manner. Only I know the one password that is required to access them and if my PC goes missing no one is going to be able to get the passwords. Also it's very easy to use a different and much more complex password on each website that I sign up on further protecting my information.

    ---------- Post added at 07:05 PM ---------- Previous post was at 07:02 PM ----------

    The software I use.
    My browser of choice is Firefox with the following add-ons:
    1. Adblock Plus (Blocks Advertising)
    2. Customize Google (buried in the settings are several privacy features like Anonymize the Google cookie UID and don't send any cookies to Google analytics which I always turn on)
    Flag fox (It tells me what country the website is in with a little flag in the address bar, that way if I'm ordering something from a website I can make sure it's not a website in Taiwan, unless that's where I'm ordering from of course)
    3. Flashblock (Prevents flash from running unless I allow it)
    4. Ghostery (Blocks 3rd party ad bugs on websites from tracking my reading habits and targeting me for advertising)
    5. LastPass (This is the password add-on that I mentioned above, I highly recommend it. It also allows me to turn off the password management in Firefox)
    6. ShowIP (Shows the IP address of the current page in the status bar, but what is really nice about it is that you can right click the IP address and query different sources for the domain information. Like who owns the server and other contact info)

    Sandbox software.
    I use a registered copy of Sandboxie. The shareware version is every bit as good but I use a couple of things that require registration like forcing specific applications to run sandboxed no matter how they are started. In tandem with Sandboxie I use a utility called Eraser to automatically delete the sandbox securely.



    Firewall, anti-virus and anti-malware software.
    I use Comodo's Internet Security Suite. I tend to stay away from expensive bloated suites. I like Comodo because it's fast, reasonable on resource usage and the firewall is top-notch. Also it's free. I like the firewall in Windows but it has a major lack for me. I want to block programs from accessing the internet (default deny) and while the built in firewall does that quite well I have yet to find a good interface for it. With the firewall in Comodo (and most other firewalls) the firewall notifies me that a program wants access and allows me to create a rule for that program easily. To me that's the last piece Microsoft needs to implement to be a great solution.

    Latest released version of your operating system
    Windows 7 fully patched.

    A router with a firewall.

    I use a Linksys device but there are many good vendors out there and lots of great devices. I don't use wireless access at home but combining the router, firewall and wireless access point in single device is a great idea as long as it is locked down properly. I'll leave it to the wireless experts to explain it, I'd love to read it.

    ---------- Post added at 07:06 PM ---------- Previous post was at 07:02 PM ----------

    Putting it all together.
    If you made it this far in this guide congratulations! Seriously though here is the way it all works together. First all outside attacks are blocked by the router, this allows me to connect all my local machines and devices and let them talk to each other on a network that is secure from outsiders.

    Any software running on my local machine is prevented from accessing the internet unless I've created a firewall rule for it. This prevents software on my machine from connecting to anyone else and giving them any information.

    For those programs that are mainly used for internet access (web browser, email client, torrent software and the like) they are automatically started in a sandbox. They run in a single sandbox and when the last program running in the sandbox is closed the sandbox is securely deleted automatically. I do this for a couple of reasons; the first is that it prevents anyone with physical access to my machine from seeing what I've been up to. The second is that it blows away any way of tracking what I read on the internet between sessions (deletes cookies, tracking bugs and everything else I've done in that internet session). Lastly any virus or malware that I might have gotten is deleted. I've configured Sandboxie to ask me if I want anything I download to be saved outside of the sandbox so when the sandbox is deleted it doesn't destroy any files that I want to keep. Sandboxie is also able to be configured to allow bookmarks and history to be saved outside the sandbox so that info isn't lost if you want to keep it. Note that if you start a program from a program that is already running in the sandbox that new program also runs within the sandbox. e.g. My Firefox automatically opens a torrent file in uTorrent when I click a torrent link. When uTorrent opens it's also in the sandbox. For the record I don't use any torrent software for piracy, contrary to the belief of many cable companies Linux Distros are not an indication of downloading movies.

    There are a couple things that aren't perfect in this setup. Mainly to do with running Firefox in a sandbox. I use a couple websites for my homepages, I like to log in to them automatically and both those sites store cookies to do that so what I do is load Firefox outside of the sandbox and log in to those two sites. That way the cookies are stored outside of the sandbox. The same goes for Firefox and add-on updates. When they are available just start Firefox outside the sandbox and apply the updates.

    I spent a couple weeks looking at different software and trying to define what I really wanted to do on this project. In part it was done just as a learning exercise but once installed and configured this setup is so unobtrusive that I can't imagine running without it. I hope this proves helpful for others and any constructive comments are most welcome.

    C.
    Last edited by Cithel; 23rd November 2009 at 04:02.

  2. #2
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Thank you "If you made it this far in this guide congratulations!"

    LOL

    Seriously:security is a way of thinking.

    I think you will agree with me, since it seems we have almost the same way to conceive security (I hope "conceive" is right, my native language is not english).
    I would only suggest not to use Comodo software, because of its "dark side" (I suppose you know what I'm referring to).


    As for the rest I appreciate.

    P.S did you use Alice PC too? ehr Alisa Mac I mean
    Last edited by leofelix; 23rd November 2009 at 15:52.

  3. #3
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    As my friend says very long and that might put people off reading it all the way through. I personally found it hard to do so, but the points you made were good so thanks for the posting

  4. #4
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,572

    Default

    Nice read - thanks

  5. #5
    Cithel is offline Senior Member
    Join Date
    Nov 2009
    Location
    Omaha, Nebraska USA
    Posts
    168

    Default

    Quote Originally Posted by leofelix View Post
    I would only suggest not to use Comodo software, because of its "dark side" (I suppose you know what I'm referring to).

    P.S did you use Alice PC too? ehr Alisa Mac I mean
    leofelix, Not sure what you mean about the dark side of Comodo, did I miss something? What would you suggest rather than Comodo? I haven't researched firewall, AV or AM products for a while so if there are better ones out there I'd appreciate your advice

    Alice PC LOL

    Quote Originally Posted by seti View Post
    As my friend says very long and that might put people off reading it all the way through. I personally found it hard to do so, but the points you made were good so thanks for the posting
    seti, I agree that it's too long. I'm not a very good writer, just not something I'm good at. Thanks for your reply though!

  6. #6
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    I am glad that you took it in the right way.

  7. #7
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Quote Originally Posted by Cithel View Post
    leofelix, Not sure what you mean about the dark side of Comodo, did I miss something? What would you suggest rather than Comodo? I haven't researched firewall, AV or AM products for a while so if there are better ones out there I'd appreciate your advice

    Alice PC LOL
    :-)
    I mean this

    Comodo continue to issue certificates to known Rogue/Malware - Donna's SecurityFlash

    for example

    or this

    Another Comodo Controversey ~ Security Garden

    ----------

    However I know Comodo is on the top list of

    Results and comments - www.matousec.com

    I still do not use Windows 7 unfortunately, but I was a proud Commodore 64 user.. 25 years ago.
    I know that Comodo works very well on Win 7, when OnLine Armor 4 has still some issues...
    Perhaps PC Tools Firewall plus 6 could be a choice.

    And do not be so modest, please: you are a very good writer, I like irony and ability

    Cheers
    Last edited by leofelix; 24th November 2009 at 07:36.

  8. #8
    Cithel is offline Senior Member
    Join Date
    Nov 2009
    Location
    Omaha, Nebraska USA
    Posts
    168

    Default

    Quote Originally Posted by leofelix View Post
    I still do not use Windows 7 unfortunately, but I was a proud Commodore 64 user.. 25 years ago .
    I know that Comodo works very well on Win 7, when OnLine Armor 4 has still some issues...
    Perhaps PC Tools Firewall plus 6 could be a choice
    Thanks for the links, that is both sad and a bit disturbing. I haven't been paying much attention to the Cert's side of things for a while, I'm not in the market anymore. I'll take a look at PC tools and see if they will work for my needs. I've used both OA and Firewall+ in the past and both were good products.

    Remembering 25 years ago is sort of fun. I started on the Atari 400, then moved up to the Atari 800XL with 64k RAM and a cassette tape deck as a storage device. Had to write down the tape index to even try to load a program that I had spent hours typing, since there were only cartridges and typing as ways to run programs.

    My Next computer was an IBM XT (5150) if I remember right. I know it had a 10MB MFM HardDisk and a 360k Floppy Disk. Man I was livin large!

    Then an AT (a 286 processor and I bought a separate math coprocessor, I was uber cool!), 386, 486, 486DX (wow they were awesome! 32 bit! Yeah baby!) and then into the Pentiums and all the way into current day.

    I started upgrading and building my own machines in the AT days, My first upgrade was putting in that math coprocessor from above. Boy was that scarey! Soldering a chip on a board? Wow!

    Along the way I had a commodore 64, an Amiga before commodore bought them, I know I had a Lisa like machine with the Motorola 68000 chip in it. But it might have been the original Mac version rather than an actual Lisa.

    OK, Now I feel old.

  9. #9
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Wow Cithel,
    now I'm feeling old too:-)
    We have a similar past.
    My first personal computer was an IBM 8088 system (if I remember right) with no HDD, I had only two floppy drives ( 5.25"), the first to load MS DOS the second one for my programs (IBM writing assistant, Lotus 1 2 3), 640KB RAM, and a 12" monitor.
    Then I bought a Toshiba laptop i286 and 20 MB HDD... wow it seemd to me I got a lightning.
    I developed in Basic a menu in order to choose what program to run bypassing MS DOS apparently.
    I had MS Word which I used frequently, some games like "Wolfenstein 3D" and "Prince of Persia".....

    Well I'd better to stop myself I'm going Off Topic.

    You talked about SandBoxIE.
    I use RETURNIL or I play with a Virtual Machine instead.

    Would you like to write for TWC forum a small SandBoxIE guide/tutorial?
    My request is informal , of course.
    Don't feel obliged to write it, please
    When you want and if you want:-)

    Thank you
    Last edited by leofelix; 25th November 2009 at 14:08.

  10. #10
    Cithel is offline Senior Member
    Join Date
    Nov 2009
    Location
    Omaha, Nebraska USA
    Posts
    168

    Default

    Quote Originally Posted by leofelix View Post
    You talked about SandBoxIE.
    I use RETURNIL or I play with a Virtual Machine instead.
    I looked at Returnil too, but I wanted something that was a little more blended into the OS, rather than virtualizing the entire system. Something that was more selective about what runs in the virtual environment. Since the only things that I want in the virtual environment are internet related programs, for me Sandboxie turned out to be "good enough".

    My understanding is that Returnnil is the more capable of the two. In Returnil you can actually install system level drivers and the like in the virtualized environment, while in Sandboxie you can't go that far. But I decided that I didn't need that level of sophistication and then opted for the convenience of not rebooting to get into or out of the virtual environment. I believe that Returnil is more secure than Sandboxie since Returnil simulates the entire OS while Sandboxie simply virtualizes whatever resources that the programs in the sandbox request.

    Both are great choices just different styles of doing the same thing.

    Virtual machines are great for a lot of things but I don't use them as much as I used to or more accurately I use them to simulate servers, development environments and when I need a Linux machine. Lately for the Linux stuff that I need to do andLinux has been doing just about everything I need without jumping into a VM.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22