Steve's Views Rotating Header Image

Online Security, is it really needed?

What value does security have anyway? Misapplied it can become a great stop, a barrier to get anything done.

This includes information that you don’t want to be publicly available to anyone, it does not matter if they are specifically interested in it or simply stumbles upon it. That includes information which could be used against you, sometimes in ways you never considered. It does not have to be something illegal, simply embarrassing, or more commonly have a financial value.

Security the art of applying an optimum balance between functional and inaccessible.

The harder it is to make and retain resources, such as money, to care for yourself and your family, the more common it becomes that people come up with what is known as Unusual Solutions.

Examples of unusual solutions are robbing banks, old ladies, becoming a drug dealer, online theft and sabotage for profit, just to mention a few.

With technology running ahead of common knowledge it starts to become a mystery that only the few can understand and master. I think it’s safe to say that computer technology has pretty much always been ahead of common knowledge. Typically we have young people reaching to master this mystery and become its master. Their curiosity can put them on a path of criminal activities without the balance of personal ethics and integrity.

The more you learn about computers the more you realize things you can do with it. One thing that has always been very popular is being able to communicate between computers. Some of you remember modems. A device used to connect a computer with another computer. Huge progress!

Then we got networks where one computer can reach many, which eventually resulted in the internet. Now we have huge portions of the world able to reach anyone across the world.

That opened the door for even more exciting opportunities, which for some, meant seeing how many computers they could get into, just for fun. Some people were more oriented towards destruction and would laugh gleefully (I imagined) at wrecking havoc on someone else computer.

At some point some individuals got the idea that some people would pay to cause or prevent damage. Which of course grew to groups, political parties, and governments in different countries. Today it is so prevalent that most computers are likely to be “touched” by someone else who does not have your best at the forefront of their mind. What they can do depends on how your computer is set up and your activities.

Fortunately individuals, groups etc. exist who wish to prevent the damage being caused.

However, ultimately it is up to you, the individual with a computer connected to the internet, to take some positive action towards maintaining some security. The more you don’t know the more it can hurt you. You can pass the need for knowledge onto someone who knows more than you and that you have a reason to trust.

Statistically it is safe to say that it is better to find someone you have a reason to trust than waiting for someone to approach you. Trusting one, any one, that you chose to give good advice is better than not doing anything to stay safe, or at least safer.

For many this whole subject is a big black mass of not knowing. But you can do something about it using common sense. You can establish, by yourself, some basic policies that will be better than ignoring it all. Just don’t fall into the group of deniers that think that because they don’t have anything of value on their computer they will not become a victim.

For example, you probably lock your car which is a simple policy that you probably do every time you use it without even thinking. A computer is harder to keep secure but still there are simple things you can do. The first is to ensure you have a password which is not obvious which means it is not the birthdate of someone in your family, in fact it should not be any birthdate. That is not enough (or different) characters, rather it’s better to let your computer generate a password for you. Today it should probably be at least 10 long and contain a mix of lower and uppercase letters, numbers and if allowed some symbols.

Then ensure each have a unique username (if possible) and password for each online login you have. Often people loose security from using the same login across different locations. (Your password manager easily keeps track of them for you.) When one organization is hacked your data can be part of it. These lists of logins are then spread across the internet with people who loves to make it work for them

The most basic datum should be that if you put any information (data) on a networked computer then it can end up in someone else hands. If you think with that and accept the possibility then you are less likely to suffer too much.

Email is a very popular and unfortunately effective tool to get you to open the door for them to get into your computer, which includes making you go to your bank and giving them your money on some pretense that has but one purpose – to steal from you. This is called social engineering, they pretend to be someone else in some imaginary situation where you feel sorry for them being in that imaginary situation and then give them your money (sometimes even thinking it’s their money you are returning).

There are security updates coming out somewhen frequently, these should be applied when they come out. Any online tool are in a direct position to cause great harm to your computer and whatever you have on it or access to. Thus ensuring they are kept up to date is of outmost importance.

General bug fixes are good as well. Unfortunately some companies creates new problems when they fix the old one. Unless you really need that fix, wait for one or more fixes before applying it which allows time for them to solving it properly.

Another security issue is using software running on their servers, for example, online accounting, or whatever service offered that is running on their servers (I’m not including running your website).

For one you have no physical control of your information, if they go down you will too. Someone else is in charge of looking after your information, at whatever pay grade and motivation that you will never know. Imagine hiring someone to work for you where you don’t know when they are there, what they are actually doing, from whatever country or organization with whatever motivations?

It can be as simple as something goes wrong anywhere between you and them and you cannot access your company information. It could be someone digging a trench and accidentally cuts off the network cabling below ground. They could be under attack and brought down since they are hosting many other companies and maybe one of them is a target. In the end you have no control.

Such a company might be a life saver when you don’t know enough to have these computer functionality in your own operation, if so, ensure to have a definitive plan to get it in-house and maintain full backups of YOUR data, even if it is on their servers.

Avarice, which is defined as extreme greed, have put many in the “poor house” from having lost all their savings through some scam. Even plain greed makes people go for that quick buck. This is often a case where the person believes they cannot make enough money and will happily be fooled into thinking the fast buck will be their ticket to permanent happiness.

When I receive a call from some stranger, even if I know the company they claim to work for, I never accept the “good fortune” they are presenting me with. If it was legitimate I would also receive an email and a physical letter proclaiming my good fortune. AND that is not enough to convince me I’ve won something. I would have to have enrolled in that something AND if it comes through an email it would know my name and other details AND have proper grammar AND be professional sounding, then I would still be on my guard and NEVER make ANY payments to release my funds, boat or whatever they claim. They would also have a number I could compare to a publicly posted number.

In other words I NEVER believe it to be real unless I could use some different method to verify their claim that is not coming from them.

If it is a phone call the easiest way to call their bluff is to ask for their name and a call back number. If given a number I then search the internet for that number with the word scam. Usually someone else have been targeted and it has been noted online.

Any legitimate organization that would have a reason to give you ANYTHING, would be easily accessible and 99% well known.

Regardless of how someone else could possibly determine if you have, or don’t have, anything of value to them without breaking into your computer, there IS something you have of value which is a computer connected to the internet. Any computer is valuable even if it is empty as a tool for someone else to use to wreck more havoc on the internet.

Of course if your computer is an office computer of some organization, that organization might very well be a target for nefarious activities. There better be someone who understands computer security or it’s just a matter of time.

A little example from years past. A country deemed untrustworthy of harnessing nuclear power was approaching some level of being operational that another country decided to put a roadblock there.

The challenge was the lab was not on the internet and could not be broken into remotely. They solved it by ensuring some computer code was inserted into a printer being sold to that government, specifically that nuclear lab. When they connected that printer to their internal network the code sprang into action and established connections to other devices, devices which were then sabotaged in way that was not obvious but delayed their progress towards having the bomb.

Spend a little time towards at least understanding the concepts of computers. A computer is a tool, a stupid tool without any real intelligence. Any perceived intelligence is programmed into it, without that programming it is a door stop, with great potential but still a doorstop. It can only follow exact instruction one after the other. It is programmed to make logical decisions that again is programmed into it.

Most of the times computer terms comes from terms used in daily life. If you look at the plain English definition you can usually figure it out. Take “network” you have heard of networking, getting together with a group of people to maybe promote each others products and services, or home made cookies. For a computer it is also networking by connecting a communication cable called a network cable. That cable in turn connects to one or more devices which ends up creating a connection to the physical wiring across the world known as the internet.

You have the intelligence to do networking a lot easier for you not requiring special shared programming amongst all the computers and having a radio (for WiFi) and/or a cable to connect it to others. Computers follow protocols, much the same as we have protocols in how we address each other. The difference is that a computer will fail if the protocol is not followed EXACTLY.

Though everything a computer does is based on human principles, after all, humans built it. 🙂

Comments are closed.