Participants hold their laptops in front of an illuminated wall at the annual Chaos Computer Club (CCC) computer hackers' congress, called 29C3 in Hamburg, Germany.

Participants hold their laptops in front of an illuminated wall at the annual Chaos Computer Club (CCC) computer hackers' congress, called 29C3 in Hamburg, Germany.

The latest data drop from WikiLeaks allegedly exposes the CIA’s hacking tools, including technology that could let officials spy on individuals through their smartphones and smart TVs. What does this mean for our personal security and privacy? How do hackers do what they do and how can you protect yourself?

Guests

  • Scott Schober President and CEO of Berkeley Varitronics Systems, a wireless-technology security company based in New Jersey; author of "Hacked Again."
  • Andy Greenberg Senior security writer, WIRED; author: "This Machine Kills Secrets: How Wikileakers, Cypherpunks, and Hactivists Aim To Free The World's Information."
  • Neema Singh Guliani Legislative counsel focusing on surveillance, privacy and national security, American Civil Liberties Union Washington Legislative Office.
  • Dan Kaminsky Co-founder and chief scientist, whiteops.com, a cyber security firm.
  • Kevin Roose Vice president of editorial at Fusion.

Kevin Roose News Director at Fusion Gets Hacked

How easy is it to be hacked? Well, last year Kevin Roose the News Director at Fusion asked two hackers at DEF CON- the biggest Hacker Convention of the year-  to destroy his life by hacking into it in front of him. The results are striking.

How To Protect Yourself From Hackers: Your Questions Answered

We received so many questions during our discussion, we invited one of our guests back to answer some of those we didn’t have time to answer during the live show. Scott Schober is president and CEO of Berkeley Varitronics Systems, a wireless-technology security company and author of “Hacked Again.” Here, he answers some listener questions we received on Twitter, by email and in the comments section:

What do you recommend the average person do to secure online accounts? I probably have 100-150 online accounts.

That is a large amount of sites.  If these are sites for shopping, I recommend getting a single credit card for online purchases so you can carefully monitor this account if it gets compromised, you can notify the issuing bank. You can also request the issuing bank put a max spend limit for single purchase so if your card is compromised the damage is limited.

How safe is it to have web browsers, like Google Chrome, save passwords?

It depends. Perhaps if you lock up your computer in a safe place and no one has access to it.  In addition, I recommend that upon start up you have a PIN set up to secure your computer or laptop. If your computer is accessible by others I would not recommend saving your passwords through your browser.

Should you disable auto-fill when filling out forms online?

This really depends upon the type of forms you are auto filing. If this is for filing your taxes I would NOT have it auto fill. But if you are registering for a cooking class you are fairly safe with an auto fill.

What do you think of the auto Safari passwords?

This is convent as when you use the AutoFill on Safari your passwords, your contact information, and even your credit card can be automatically filled in.  I like that fact that it can automatically generate a STRONG password which is ideal for users that are not comfortable generating a long/strong password.   I personally prefer to type in everything manually and note my login credentials and password in a black book I store in my safe.  It is old school, but it does work.

I also recommend using anti-keylogger software (which encrypts every keystroke you type) to protect yourself in the event a hacker places a keylogger on your computer or mobile device.  I personally use StrikeForces (https://www.strikeforcecpg.com)  GuradedId and MobileTrust  anti key logger software.

How private is the iPhone’s private browsing mode?

Nothing is 100% secure or private. iPhone’s private browsing feature will provide some privacy. It disables standard tracking and data collection features that most bowsers have.  This is advantageous in that it can block websites from placing any cookies on your iOS device. Private browsing will disable the recording of all the sites you have visited.

What do the panelists think about protection services like Lifelock, Identity Guard, or Identity Shield?  Are they worth it? Do they work?

These protection services provide some value, especially if you have been a victim of identity theft. These monitoring services send you alerts which is handy.  You can also directly contact TransUnion (www.transunion.com), Equifax (www.equifax.com) , or Experian(www.experian.com)  directly and request fraud alerts.  When you request this from one bureau, all the other agencies will automatically be notified.  In addition, Credit Karma (www.creditkarma.com)  is now offering free credit monitoring alerts.

Many of these protection services will on your behalf request that your name be removed from the ‘pre-approved’ credit card mailing lists that fill our mailbox.  You can directly opt out of this at the web site: www.optoutprescreen.com for free yourself. The lost wallet protection is handy, but again you can do this yourself and call and cancel your credit cards, drivers’ license, social security cards, etc…

Is it true that Apple products running Safari are less susceptible to being hacked remotely or to internet viruses than PC computers running Windows?

Overall, yes statistically there are less Apple products that are hacked because there are less Apple smart phones (approx 14.5% globally). There are less Apple computers than traditional Windows PC’s so hackers will target the largest market and focus their attacks on older more vulnerable systems.

Is Linux more secure than windows or OS X?  

Not necessarily, but as mentioned above is not a prime target for hackers.  Recently I needed to write a sensitive document so I disconnected my internet while I was working on it. I will not transmit it electronically.

Are password manager programs, like LastPass, vulnerable to being hacked and letting someone into all your accounts?

Yes, they are vulnerable. Overall if you are going to use a password manager the key is to create a long and strong master password and never share this with anyone.  Lock it up somewhere safe. There is always the risk that a password management company gets hacked, but the passwords are encrypted.  Remember nothing is 100% safe.

I personally do not use LastPass because it was hacked. Even though I personally do not use it, I do feel that users who create lame / weak passwords LastPass is an excellent consideration.

Overall if you are going to use a password manager the key is to create a long and strong master password and NEVER share this with anyone. Lock it up somewhere safe. There is always the risk that a password management company gets hacked, but the passwords are encrypted. Remember nothing is 100% safe…

It’s my understanding that Linux is generally considered safe from viruses because of its small user base. Is this still so given the proliferation of Android?

Android uses the Linux kernel which is open source.  I think the question is more of where do you buy/download your apps?  If you go to Google Play you are safer then downloading APPS from a 3rd party.  Google Play attempts to check the various apps and vet them to verify there is no malware hidden, but that is not easy to carefully police with the millions of apps available. Apple tends to be have more stringent vetting to keep its apps secure.

What about VPNs (Virtual Private Networks)? Do they really provide additional security?

Yes, VPNs secure traffic to and from your internet connection. This make it difficult for hackers to see your data while it is in transit.  You create a private network that blocks or walls off other computers as well as the internet.  No one outside the network can see your data assuming you are configured with this kind of secure encryption.

 

Related Links

Topics + Tags

Comments

comments powered by Disqus
Most Recent Shows