Cheap Computing

Jan 1 2015   12:46AM GMT

Looking Forward to 2015: Security, Security, Security

Robin Robin "Roblimo" Miller Profile: Robin "Roblimo" Miller


This is a short post, because it is the one that says good-bye to 2014 and hello to 2015. I am not a big fan of year-end posts, but all my journalist buds are doing them so I might as well do one, too. And the three main things I see happening to us in 2015 are security breaches, security breaches, and security breaches.

The most important thing most of us can do to keep our personal computers and other devices secure is password discipline. Make sure your passwords are not guessable. Think of the character in a movie or TV show who finally tries the computer owner’s mother’s maiden name, backwards, and Voila! …gains access to the supposedly secure information he or she needs.

I’m a major proponent of obscure passwords that contain letters, numbers, and characters like #, ^, and | to keep things obscure. By using multiple *types* of characters, you multiply the effort needed to make a successful brute force attack on your important information.

Another problem within your power to overcome is password reuse. No, you should *not* use the same password on Twitter as you use on Slashdot. Or on this site. You should have unique passwords for all the sites you visit.

I’ll admit that I don’t follow this dictum 100% myself. There are websites I regard as trivial, for which I have set up passwords only because they forced me to. I have a few “universal” passwords I use for these sites — but not for ones I care about.

What about data breaches like the ones at Sony, Home Depot, and Target?

These, sadly, are beyond your control. I got caught in the Home Depot attack, and my wife got caught in the Target one. Sony? I have no idea. If their security problems extend to Sony Software, I may be affected — except I have a unique password for Sony’s software sales and support site, which I use because I use (and like) Sony Vegas for video editing.

Unique passwords are the best way to protect yourself against attacks on companies with which you do business.

Also: As a general rule, changing all passwords at least every three months is good security practice. It’s a true pain in the keyboard, but that’s the basic problem with security measures: they’re all inconvenient. But if you don’t put up with the inconvenience, one day you might check your Visa statement and find a charge in Whackistan for 17 rocket-propelled grenades. Yeah, I know. Awful. So stay as secure as you can, and if a merchant with whom you do business gets hacked, change the password you use with that merchant immediately if not sooner.

There are at least 42 zillion other security measures you can take, starting with (especially if you use Windows) running anti-malware software and making sure it stays up to date. This is a basic precaution. Another one is to keep an eye on your installed software and making sure you know why each program is there and where it came from. And for Glub’s sake, learn how to delete software from your system, not only by means of the obvious utilities (such as the Windows control panel) but by getting down and dirty in your system’s files and deleting suspicious ones — with a “Restore point” set (in Windows) so that you can undo a deletion if the deleted file turned out to be legit and necessary.

And now I shall stop typing. Security is a state of mind; a process instead of a project, if you will. In 2015, please make security priority one, priority two, and priority three. You may not be 100% safe from the next band of crazies that decides to infest the Internet, but you’ll be a lot safer than if you *don’t* take basic security precautions.

And with that, the only thing left for me to say is…

Happy New Year!

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • kjochem

    By the way, a larger character set will not help in brute force attacks. Only the number of characters is important. I prefer passwords with at least 16 characters because it will take a while to guess this, even with compute boards.

    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: