So I figured I should make a guide to highlight some things about internet security while you shop online at the thousands of online stores that exists today on the internet. First off, please do remember that there is no 100% fool proof way to prevent information theft and only good practices will lead to a lower chance of having your information stolen. Not saying that your information will be lost tomorrow but there is nothing absolute. There are really 2 sides to security that you should be aware of. Theres your computer and the server. I will start off with your computer. The majority of the time when you encounter information theft is through your own computer believe it or not. The first preventive way is to install an antivirus and a firewall (basically the stuff the guys at the computer store will tell you to do). However this will only stop what it is able to catch and doesnt warrant 100% security. Being smart about your emails/sites you visit/things you click plays the greatest part of internet security. Do not, for example click on emails that seems fishy (theyre phishing for your information), and it is possible to have an actual link differ from what you see via HTML coding in emails. It is also possible for anyone to use any email at the "From" section even if it doesnt exist simply due to the legacy of our email systems. So I can be sending emails out from phil@detailersdomain.com if i wanted to and no one will notice (not that im good at impersonating phil). When you send emails, all the email system checks is for all the fields required are filled out (which is really just the To) and depending on which SMTP software its running, it wont even run a check for validity of your target or from and may not even require authentication. You can actually run a email server software on your own machine and have it send out emails and it would be perfectly fine. When you see pop ups that say do you want to install _____, dont install it or allow or even accept it if you dont know what it is, although most antivirus will catch them these days. Also do clear your cache once in a while as there could be cookies left in it that may be monitoring your browsing habits (although not your actual information). The misc. software could be a virus/trojan/keylogger/etc. You may now ask whats the difference between the virus, trojan, keylogger that i just stated as well. Virus in general are classified to do damage to your files/filesystem. Trojans are like Trojan horses and monitors your system, able to grab information out of it, and such. Keyloggers logs all your key strokes and inputs. Do note that keylogging can occur even on websites running scripts or even a transparent site ontop of the real site can happen grabbing your information. Thus it is important to not go to shaddy links. Being smart about the sites you go to is important. Most *ahem* free sites used to have a lot of scripts running on em and dailers and all. (which btw used to charge u through the phone). However its actually more civilized these days at these sites, just a lot of ads. Do be reminded that if you want to browse free porn, do make sure you have an antivirus and firewall just to make sure these sites are those warez hacking sites (which btw are the most lethal ones). Those serial sites have like a stack load of scripts and are the shadiest of em all. So yeah by making sure you're smart about your internet habits and having the preventive measures of antivirus and firewall, you're at a better position than many other people. Now onto the server side of things. Server security is actually a very big industry, simply because many servers contain sensitive information. Now if someone hacked into the DB Forums, they would be able to get all our emails. That isnt too bad but think about it in terms of our credit card information and such. Thus there are companies out there who actually "test" websites to those who pay them to put up something like a "mark of good security" and regularly tested. We can see one on detailersdomain on the top right for example. It doesnt mean your site is unhackable, you'll still get hacked if the hacker had the skills but in general attacks and known methods, the site is safe from attacks. Now when you go to checkout, you would notice that your browser has a locket that comes up (if it doesnt, do NOT buy from that site). This means there is a secure encrypted connection between you and the server through a 3rd party secure certificate provider. To illustrate we have: You <-> Server \ / Certificate provider something like that The amount of bits = the strength of the encryption. However even a very high bit amount of encryption is not 100% secure as computers these days are able to decrypt by brute force quite quickly thus the certificate of secureness (kinda like authentic connection) is important to make sure you're going to a site that actually paid for his/her cert for a verified and secure connection. To put decryption into context, did you know your WEP 128bit wireless router password can be brute forced in less than 30 minutes 5~ years or so ago? It is not impossible to put like a middle man in the connection as that machine can/will be transparent thus we have the certificate providers to ensure there isnt, or atleast unintentionally. Hackers "can" tap your internet if they do stuff to the backbone or they tinker some stuff on your machine to think that theyre the server. But the latter is the more frequent one from information theft. You may also be wondering if Paypal is more secure? In a sense it isnt, but at the same time it is. You go through paypal's security which is possibly more hardened than other sites which makes it more secure, but if you've got some keylogger locally, it wont protect you. This post is by no means to scare anyone off the internet, its simply a post of information and how to prevent your information being mis-used. I did not refer to any of my textbooks or anything for this post so accuracy may not be 100% for everything but it should suffice for every day users. Being observant and smart is the key.
Good information, thanks for putting this together. Recently, NewEgg had a special on Norton Anti-Virus, so I bought it for $19. Hopefully it will do the trick. I've had some of the worst viruses (to where I had to reformat my hard drive) from seemingly non-shady Web sites.
Thanks for taking the time to put this together! Piet: I purchased Norton for my daughters PC and it turned it into a 1 legged mule (slow). I removed everything and installed Avast and the speed went back to normal and the protection seems to be doing it's job
Norton, no matter how many times they try, is always a resource hog in my experience. I personally use Kaspersky Internet Security because i can get it for 19.99/year for 3 PC while on sale lol
you prob clicked some things or received things through the email or you may of pressed a link which was a mimick of the real thing and was running scripts. I mean there are many ways on how you can get viruses, including through USB flashdrives/Memory cards and such. I based this post on "internet security" thus I didnt highlight them. Maybe i'll have to write a guide for your general PC care lol
I agree Norton is a system hog best value = AVG free edition 2011 best full protection and lightweight = ESET NOD 32 $39.99 or 57.99 for 3 computers (eset.com)
And I've gone cross-eyed... Seriously though, thanks for putting that together, lots to digest and think about, but good info.:thumb:
Ask the Iranians about IT security...it seems someone has loaded viral code on their centrifuges. It is real...it is a new kind of warfare.
lol Iran also had viruses in their nuclear facilities, targeting the Siemens controllers around the time they announced their nuclear plans to the world. Kaspersky is russian, and well as much as I dont have 100% confidence, i think that they have the best overall package for the cheapest price. I mean i get a quite good firewall with a quite good antivirus all in one for 20 bucks for 3 machines, thats cheap! Nod32 on the other hand, I think it had asian roots. It is quite light but I didnt like the new iterations of its programs and well, its not as bang of a buck as kaspersky. But I do think it outperforms Kaspersky in tests and definitely better if you're sensitive about speed of your computer. I have also heard good things about Panda security (yes the name is questionable) and theres this Bitdefender or something thats real bad from what people say.
Dont want to mess with IT security, by an Apple! I dare you to try to get a virus! Just my $.02. Great article by the way.
hehe thanks for the compliment, and actually all that I have said also applies to Apple as its also a computer running code. The reason why Apple has less virus statistically is simply because of user base and hackers usually target whatever affects the most people. Thus IT Security market is real big on Windows, however server side security is something one cannot control from your desk so its also important that you're aware of what you're doing and if the server is deploying security features to protect your information. Most servers are running Linux (of which kids thinks theyre the hacker's choice of OS and is indestructible) but holes are opened not only through the operating system but the applications it is running, ie Apache (HTTP Server application). There are more holes as you add more features to applications and its just a viscous cycle lol. Nonetheless, you can't go wrong with buying an Apple if applications you use are available on it, with the OSX App Store, its even easier to buy/install/upgrade applications. The beauty of OSX is that it has many drivers built into it and can usually adapt with some more basic drivers to run peripherals (although the full functionality may not be available) I personally have like 3 desktops running Windows, a macbook and an iphone4. I dont see myself converting all my desktops to Apple though, simply because you get more versatility with a generic PC.
In regards to Norton Anti-Virus, I was under the impression (after speaking with a Symantec rep) that they rebuild the kernel of the program as to directly target the issue of the software bogging down the system. I haven't used NAV in a while, in a few years actually, but am hoping that the new version will be OK. I just rebuilt my desktop yesterday, it's a Quad Core Q6600 w/ 4GB of memory and it's now running Windows 7 64-bit. So nice to have a fresh machine! Added a 1TB WD Caviar Black as well as a secondary hard drive.
I got that impression too and indeed its rebuilt, but its rebuilt in such a way that it isnt any better than the old one in the long run. Initially its faster, but it slows down as you go along.
In regards to Mac based computers, what security program would be advisable ? Thanks again for posting this info up, very useful.
The thing about OSX is that there isnt a real viable antivirus market for it and the operating system itself is bundled with firewall already in place (the ones you buy simply are interfaces on top of it afaik) OSX is also built on top of Unix (codenamed Darwin) which by itself is real reliable and secure. An analogy we could use for it is that unix (which you can buy as Solaris) is industrial grade while windows is commercial grade and linux is the industrial cheapskate's alternative. A bit of history also: Windows 1/3/95/98/2000/XP were built on top of MS-Dos Windows Vista was the first iteration that was built straight up from ground. I do see that Kaspersky and Norton both have antivirus software for OSX. However do note that antivirus are only as good as the speed that they're found. Apple already rolls out patches for their security holes once in a while and antivirus may only be significant in between these patches. If you have real critical information and have bad browsing habits, then buying one of these products would probably be safer but I would say that if you're smart about it, you will be fine without having to buy one. Keeping your applications up to date will plug up exploit holes, especially your browser. So yeah the tl;dr of my wall of text is, buy Kaspersky if you're worried (cuz theyre russian), else just keep your software up to date and save yourself some money.
