9 FACTS ABOUT COMPUTER SECURITY

March 19th, 2015 • Internet, Technology, Uncategorized, Web

1. Having a strong password actually can prevent most attacks

Users can protect themselves against the most likely and pernicious threat actors by taking two simple steps:

1) Installing a password manager and using it to create unique passwords for every service they use.

2) Activating second-factor authentication options (usually via text messages) on their email and social networking accounts.

The latter is especially important since attackers love to take over the email and social accounts of millions of people and then automatically use them to pivot to other accounts or to gather data on which accounts belong to high-value targets.

Having a good password is easy — and it’s still the best thing you can do.

2. Just because a device is new does not mean it’s safe

One of the most pernicious myths about security is that devices begin their lives completely safe, but become less secure as time goes on. That’s simply not true, especially when so many devices come with vulnerable adware like Superfish pre-installed on them (if you recall, Superfish came pre-installed on many Lenovo laptop models).

3. Even the very best software has security vulnerabilities

Information security is more like medicine — a bit of art and science — rather than pure science. That’s because our technology was built by humans, and is being exploited by humans with very unscientific motivations

4. Every website and app should use HTTPS

You’ve heard every rumor there is to hear about HTTPS. It’s slow. It’s only for websites that need to be ultra-secure. It doesn’t really work. All wrong. All sites on the Web need to be HTTPS, because without HTTPS it’s easy for hackers, eavesdroppers, or government surveillance programs to see exactly what people are reading on your site; what data your app is processing; or even to modify or alter that data in malicious ways.

5. The cloud is not safe — It just creates new security problems 

Everything is cloud these days. You keep your email there, along with your photos, your IMs, your medical records, and your bank documents. And it’s actually safer there than you might think. But it creates new security problems you might not have thought about.   When you’re trying to defend a cloud system, you’re looking for needles in haystacks, because you just have so much data to handle. There’s lots of hype about “big data” and machine learning right now, but we’re just starting to scratch the surface of finding attackers’ subtle footprints. A skilled attacker will know how to move quietly and not set off the pattern detection systems you put in place. In other words, some automated attack methods become blatantly obvious in a cloud system. But it also becomes easier to hide.

6. Software updates are crucial for your protection

There are few things more annoying in life than the little pop-up that reminds you that updates are required. Often you have to plug your device in, and the updates can take a really long time. But they are often the only thing that stands between you and being owned up by a bad guy. 

7. Cyberattacks and cyberterrorism are exceedingly rare

Your biggest threat is somebody breaking into your accounts because you have a crappy password. But that doesn’t stop people from freaking out with fear over “cyberattacks” that are deadly. These kinds of attacks are incredibly unlikely.

8. Darknet and deepweb are not the same thing

Ablon writes that one of the main problems she has with media coverage of cybercrime is the misuse of the terms “Darknet” and “Deepweb.”

She explains what the terms really mean:

The Deepweb refers to part of the Internet, specifically the world wide web (so anything that starts www) that isn’t indexed by search engines, so can’t be accessed by Google. The Darknet refers to non-“www” networks, where users may need separate software to access them. For example, Silk Road and many illicit markets are hosted on [Darknet] networks like I2P and Tor. 

So get a password vault, use two-factor auth, visit only sites that use HTTPS, and stop worrying about super intricate cyber attacks from the Darknet!

Source: Gizmodo