cybersecuritybasics
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
cybersecuritybasics [2022/10/28 18:23] – jgmac1106 | cybersecuritybasics [2022/10/28 19:34] (current) – getting rid of meta writing statements jgmac1106 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | As an Internet activist, a member of a marginalized group, or just a concerned security citizen you may want to take steps to protect yourself online. You can take a few steps to go a long way. Below you will find my best tips in descending order of both capability and complexity. Meaning everyone should "Be Smart" but not everyone needs to use " | + | As an Internet activist, a member of a marginalized group, or just a concerned security citizen you may want to take steps to protect yourself online. You can take a few steps to go a long way.Based on threats to your self and data think about security as |
Please share tips you find useful for the average internet activist who may not have networking and IT skills. | Please share tips you find useful for the average internet activist who may not have networking and IT skills. | ||
Line 7: | Line 7: | ||
The professionals call this Operational Security and Situational Awareness. When you go online you put yourself and data at risk. You must assume anything, even if encrypted or on a private social network, will get out. | The professionals call this Operational Security and Situational Awareness. When you go online you put yourself and data at risk. You must assume anything, even if encrypted or on a private social network, will get out. | ||
- | The only weight that matters in cybersecurity is the 6 lbs you carry in your skull. Think before your click. Make sure you are working in a place where you and your data are safe. Never share any kind of log in credentials | + | The only weight that matters in cybersecurity is the 6 lbs you carry in your skull. Think before your click. Make sure you are working in a place where you and your data are safe. Never share any kind of log in credentials |
===== Turn on 2FA/MFA ===== | ===== Turn on 2FA/MFA ===== | ||
- | Authentication means proving who you are when you try to gain access to a newtwork. Usually you get authorized by authenticating a username and a password match. You need better security. Enable multi-factor authentication on all your online services. | + | Authentication means proving who you are when you try to gain access to a network or system. Usually you get authorized by authenticating a username and a password match. You need better security. Enable multi-factor authentication on all your online services. |
- | With Multi-factor-authentication, | + | With Multi-factor-authentication, |
Also know you local laws in terms of which factors police can use, such as face unlock, versus something you know such as a password. | Also know you local laws in terms of which factors police can use, such as face unlock, versus something you know such as a password. | ||
Line 27: | Line 27: | ||
Rarely, better yet, never click on any link sent over SMS or private message. If you do make sure you know the sender. Look at the URL, if not shortened. Make sure it seems legitimate. Remember the accounts of people you trust can get compromised. | Rarely, better yet, never click on any link sent over SMS or private message. If you do make sure you know the sender. Look at the URL, if not shortened. Make sure it seems legitimate. Remember the accounts of people you trust can get compromised. | ||
- | If you work with really sensitive data, or your identity puts you at risk, you should never open links through SMS and make sure any external connection gets scanned for malicious code. You should not use browser based email and only use a client with trusted | + | If you work with really sensitive data, or your identity puts you at risk, you should never open links through SMS and make sure any external connection gets scanned for malicious code. You should not use browser based email and only use a client with trusted |
===== Passwords ===== | ===== Passwords ===== | ||
Line 33: | Line 33: | ||
Most breaches happen because of stolen credentials. Usually from another system. Meaning Miriam may use the same bank password as her email. Her email got compromised and her password sold online. It then got used to drain her bank accounts. | Most breaches happen because of stolen credentials. Usually from another system. Meaning Miriam may use the same bank password as her email. Her email got compromised and her password sold online. It then got used to drain her bank accounts. | ||
- | Use a unique password every time. Some people may use the same password for multiple services and this puts them at risk. I know it makes it easier to remember but it puts you and your data at risk. | + | * Use a unique password every time. Some people may use the same password for multiple services and this puts them at risk. I know it makes it easier to remember but it puts you and your data at risk. |
- | Length beats complexity. Special letters and random Capital letters may get required by systems but they do little for security. Instead think in pass phrases and not passwords. Length takes longer for computers to crack. You can use Diceware pass phrases to truly randomize a lengthy password, | + | * Length beats complexity. Special letters and random Capital letters may get required by systems but they do little for security. Instead think in pass phrases and not passwords. Length takes longer for computers to crack. You can use Diceware pass phrases to truly randomize a lengthy password, |
- | Stay away from personal details. Many passwords get cracked through social engineering. Someone may look through your profile and see you own cats, they may then look to see if your pet has a registered name or breed. These phrases then get tried in brute force attacks. | + | * Stay away from personal details. Many passwords get cracked through social engineering. Someone may look through your profile and see you own cats, they may then look to see if your pet has a registered name or breed. These phrases then get tried in brute force attacks. |
- | Use a Password Manager. These tools save and encrypt all your passwords and then use single use codes, called hashes, to log in. Passwords managers provide better security given the number of accounts. | + | * Use a Password Manager. These tools save and encrypt all your passwords and then use single use codes, called hashes, to log in. Passwords managers provide better security given the number of accounts |
+ | |||
+ | * Maybe password books make sense. I know this sounds like blasphemy to security experts but to a family of five where people may have dozens of passwords each writing them down seems understandable. Granted please use a password manager but password books aren't evil for personal use cases. If a family keeps one in a fireproof safe it will help after catastrophe. I know it creates risk but if you have physical access to a families password book, in their safe, they have bigger problems than getting hacked. | ||
- | Maybe password | + | * Use incorrect answers for security questions. Many systems ask questions for password |
===== Separation of Duties ===== | ===== Separation of Duties ===== | ||
- | Think of your devices | + | Think of your devices |
- | Then make yourself a second user. This user will connect to external systems like we apps and social media. This user should not have rights to modify the system. If you come across a program you need to install you would log out and log in with the admin account. Then grant the user account access to to the application. | + | Then make yourself a second user. This user will connect to external systems like web apps and social media. This user should not have rights to modify the system. If you come across a program you need to install you would log out and log in with the admin account. Then grant the user account access to to the application. |
===== Backups ===== | ===== Backups ===== | ||
Line 63: | Line 65: | ||
===== Replace Routers and Modems ===== | ===== Replace Routers and Modems ===== | ||
- | In some countries, such as USA, the telcoms, rent routers and modems to people who then pay $12.00 a month for years to pay for a $90.00 modem/ | + | In some countries, such as USA, the telcoms rent routers and modems to people who then pay $12.00 a month for years to pay for a $90.00 modem/ |
This maybe overkill but some users may want to even add utilize modems, routers, and firewalls to create an encryption layer between their network and the outside world. You can add firewalls to home networks. They also make mobile versions if you need security on the go. | This maybe overkill but some users may want to even add utilize modems, routers, and firewalls to create an encryption layer between their network and the outside world. You can add firewalls to home networks. They also make mobile versions if you need security on the go. | ||
Line 69: | Line 71: | ||
===== Wires Rock ===== | ===== Wires Rock ===== | ||
- | Every wireless access point and every Bluetooth connection creates an attack vector for adversaries. Getting into offline hard wired systems will often take physical access. Try to use wires whenever possible. Plus your bitrate to your wireless speaker makes the music awful. Not having your XBOX wwired | + | Every wireless access point and every Bluetooth connection creates an attack vector for adversaries. Getting into offline hard wired systems will often take physical access. Try to use wires whenever possible. Plus your bitrate to your wireless speaker makes the music awful. You really should use wired cans instead of wireless earbuds(and a lossless format) unless you hate music. Not having your XBOX wired is why you get bodied |
===== Separate Networks ===== | ===== Separate Networks ===== | ||
- | You may want to have one network for your work and another for your family | + | You may want to have one network for your work and another for your family. This may improve sanity and speed as much as security. If you deal with really sensitive data or operate online personas that can bring you physical or legal harm you should follow this step. You basically firewall off your personal internet use and your activist internet use. This is not cheap and requires specialized knowledge. |
cybersecuritybasics.1666981428.txt.gz · Last modified: 2022/10/28 18:23 by jgmac1106