Toolkit: Keeping Yourself Safe Online

This week’s publication of the sensitive information of a handful of celebrities has highlighted the fact that many of us, especially high-profile individuals, are subject to malicious attacks by would-be wrongdoers. Whether the attacks on Ms. Lawrence et al. over the weekend were made possible by an iCloud security oversight or simply bad passwords, it made clear that we must not take our security, especially online, for granted.

I am by no means a security expert, but I have done my research, and I think now is a very appropriate time to share what I’ve learned and how you can protect yourself.

 

Passwords

Did you know that the number one password used online is “password?” I know you would never use that, but are you sure that the passwords you’re using are actually that secure? With the power of today’s computers, most passwords currently used are relatively easy to crack by dictionary or brute-force attacks. For instance:

  • The password GoStanford! will be bruteforced with a home computer in ~10 seconds.
  • The password TechTable will be bruteforced with a home computer in ~8 minutes.
  • The password Star2015Wars will be bruteforced with a home computer in ~11 hours.

 

How secure is your password? Find out at: http://blog.kaspersky.com/password-check/

So what should you be using? Something like hJbEZeDkbVKcCRA7fgAthyBmAMX6. It would take the world’s fastest supercomputer more than 10,000 centuries to bruteforce that! Even if the computer knew the password contained 28 characters of a–z, A–Z, and 0–9, there are are 153,803,885,110,405,674,678,434,597,293,100,547,399,764,930,461,696 possible combinations for it to try.

How can you possibly remember that?!? You don’t have to! Use a tool like LastPass to generate and store passwords for every site you visit.

 

Encrypted email

You probably have noticed that gmail and other email services use the HTTPS protocol for your connection with them. However, the Snowden leaks revealed that that doesn’t necessarily mean that Google and others keep your email encrypted within their own networks, and that the U.S. Gov’t, for one, has used that fact to inspect emails. More importantly, you can never know the security status of the recipient’s computer.

How can you make sure no one sees your email while in transit? Use encrypted email. There are myriad ways to do so. Get the rundown here.

Remember: you can NEVER be 100% sure of your recipient’s security, so never send credit card numbers, SSN, or other sensitive information via email.

 

File encryption

Similarly to the email encryption problem, cloud storage data is not necessarily encrypted, and you can never be too secure with the files stored locally on your computer. For that reason, I recommend keeping sensitive information only in encrypted format, whether on your own computer or in the cloud.

I generally use Apple’s Disk Utility to encrypt sensitive files, but there are easier ways, e.g., miniLock.

 

Online connection/identity privacy

Perhaps most important: you need to be using a VPN (Virtual Private Network) to connect to the Internet. It’s the only way to guarantee that all your data transmitted is encrypted and secured from prying eyes. From Lifehacker: “When you connect to a VPN, you usually launch a VPN client on your computer (or click a link on a special website), log in with your credentials, and your computer exchanges trusted keys with a far away server. Once both computers have verified each other as authentic, all of your internet communication is encrypted and secured from eavesdropping.”

Added benefits of using VPN:

  1. Downloading. Don’t want to be on somebody’s list just because you have a torrenting app installed? Using VPN, no one will be able to see what you’re downloading, legal or illegal.
  2. Streaming. Think your ISP is throttling your connection whenever you’re watching Netflix? With VPN, they can’t see what you’re looking at, just that you’re using your Internet connection. Be aware: they can still see your broadband usage, so don’t think VPN will get you out of your data limit.
  3. Globetrotting. If you connect to a U.S.-based VPN server, you’ll be able to access Hulu and Netflix and other U.S.-only services while on the road!

 

Follow the Lifehacker link for more information. I use Private Internet Access ($3.33 to $6.95 per month). It’s fantastic!

1 Comment

  1. Susan Termohlen on September 3, 2014 at 3:54 pm

    Awesome. I intend to use all the suggestions.