StopSign Internet Security Blog

A new year brings new opportunity for us all to change our old habits for new ones. Take me, for example. I’ve set up a few resolutions for myself that include getting healthier, spending more time with my family, and learning a new programming language. Maybe you want to dedicate more time to a hobby, or finish up that project car that’s been sitting in your driveway since 1998. :)

New Year resolutions are kind of a laugh to most people, because we all know that as humans, we’re loathe to change on our own. We all get used to doing things a certain way unless life kicks us in the behind to do something about it. But this year, you and I can make a positive change before something bad happens.

I’ve got 3 super simple things you can do to make the technology-related side of your life better. Each of these will either save your life (seriously), save you from embarrassment &/or identity theft, and save you from the wrath of a loved one for losing important files… like wedding photos, etc. Read on:

1. Resolve to be safe with technology

   Some of you probably laughed when I said a tech-related resolution could save your life, but this really could: Use your tech and gadgets only when appropriate. I’m looking right at you, car texters. But it goes beyond texting while driving. Stop messing with your GPS devices, using your cell phone without a hands-free device, and even fiddling with your stereo settings while driving. A click here or there to change a station or re-route your GPS is one thing, but I’ve seen a lot of people concentrating more on the gadgets than the road. Don’t be the one who becomes a statistic!

2. Resolve to change your passwords

   This will be, by far, the easiest and best thing your can accomplish in this resolution list. For every service you use, whether a bank, Facebook, or Amazon.com, change the password. You and I both know that it’s been a while. Maybe not for every login you have, but if you’re like most people then many (or even most) of the services you use haven’t seen a password update since you first signed up.

3. Resolve to back up your important files

   With services like Dropbox, making backups of important files like your digital photos is easier than ever. And if you’re worried about putting sensitive data in the cloud then do what I did: Buy yourself an external USB hard drive and back them up there. Even if all you did was a straight copy and paste from your desktop or laptop to your external drive, you’d have the peace of mind that your files are safe. I have a friend who lost all of his wedding photos because of a hard disk crash, and let’s just say it wasn’t pretty to hear about the wrath of his lovely wife.

I sincerely hope you take those 3 simple changes to heart. You’ll find that they aren’t tough to do, and you’ll be a lot safer in the long run by doing them. Here’s hoping you and your loved ones enjoy a happy, safe, and technology filled 2012!

As wireless devices become more common, keeping your wireless (AKA WiFi) network at home secure is increasingly important to many people. And while a lot of people keep their WiFi open, we feel it’s erring on the side of caution to go ahead and lock down your wireless network at home.

Looking at 2 opposite sides of the wireless security spectrum, you have well-known security expert Bruce Schneier who allows his home WiFi network to be open and unsecure, which sounds all well and good. But then you read stories about neighbors and/or strangers using your “wireless network for criminal activities” like downloading child porn, and it makes you think twice about keeping an unsecure network.

Here are a few tips you can use to help keep your wireless network secure:

• Change the username & password on your wireless router:

  Keeping the default factory settings of any device opens you up to hackers who keep track of these things and share them among each other. And creating a good, secure password is a quick and easy way to alleviate the risk of easily hacked WiFi gateways.

• Use wireless network encryption:

  Wireless routers in recent years all have the ability to use the WiFi Protected Access (WPA/WPA2) protocol. Break out the instruction manual or do a Google search for your router, and figure out how to set up WPA. Older WiFi routers may have WEP, or Wired Equivalent Privacy, but it has some security holes that make it vulnerable to attack and isn’t recommended. If your wireless router doesn’t support WPA/WPA2, then we suggest you get a new one.

• Update your Internet security software:

  Whether you use StopSign or another product, make sure that you keep it updated. Most antivirus/anti-spyware packages have a mechanism to auto-update itself. Turn that on so you’re always sure to get the latest updates. Keeping your Internet security software updated can help prevent any problems if/when an attacker breaks into your WiFi network and starts to poke around.

• Change the Service Set Identifier:

  Also known as the SSID, this also come with a default name that tips hackers off when they see it. Most people who aren’t computer savvy leave the default, and that can indicate to a hacker that there may be other easily found vulnerabilities with a particular network. Change the SSID to hedge your bets against the hackers.

• Remove the ability to log in remotely:

  Most wireless routers come with remote log in turned to off by default, but don’t take a chance. Be sure it’s off, and leave it off.

• Enable MAC address filtering:

  Not to be confused with Macintosh computers, a MAC address is a unique code on all wireless network cards. MAC address filtering tells your router to only allow devices with a known MAC address to connect to your WiFi.

It may seem like a lot to do, but today’s wireless router manufacturers know the dangers associated with an open WiFi network, and most work hard to make changing these things easy on you. Changing defaults, making secure passwords, and keeping updated Internet security software will to a long way in making your home wireless network secure!

A New Year brings in a lot of new things to everyone… New hopes. New dreams. And yes, sometimes it brings in some new bad things, too. Such is life. But while we can’t help make your favorite sports teams win, and we can’t do anything about that crazy co-worker in the cubicle next to you, but we can give you some tips on how to stay safe online in 2011.

You can bet your bottom dollar that Internet privacy concerns, identity theft, malware distribution, cyber attacks, and a host of other technology-related problems are only going to rise and morph over the course of the year. (They always seem to, don’t they?!) Keep yourself, your family, your information, and your money safe by following the tips below:

• Change your passwords:

  Yep. All of ‘em. I know I mentioned it last year, but if you didn’t change your passwords then, you really should change your passwords right now. The safety and security of the information on your PC is literally a password away from being grabbed and abused by unscrupulous characters on the web.

• Patch it up:

  You’ve got a computer. You’ve got software. And you’ve probably got patches you can apply to them all. Unpatched machines and software leave holes open that hackers can take advantage of, so patch your PC today. Doing so will not only keep your machine secure, it might make a program or two a bit more peppy or give it a few more features.

• Desocialize your network:

  Look, I love Twitter, Facebook, an LinkedIn just as much as the next guy or gal, but every now an again you should review and do a little housekeeping on your social networking profiles. Think about it: Do you really need Jake, formerly of accounting, on your friend list now that he’s gone and you only added him because he was a co-worker in the first place? I didn’t think so.

• Geolocation in moderation:

  Our blog post “Stranger Danger: Geolocation Features and Internet Safety” still stands, in my personal opinion, as one of the most important blog articles written in 2010 from both a personal safety and Internet safety standpoint. If you haven’t seen it, please read our article on geolocation safety tips now, especially if you’re using any of the location-aware features of Twitter, Facebook, FourSquare, or any other service or device.

I sincerely hope these tips help you stay protected. Happy New Year, and I hope you have the best of luck with all of your Internet privacy and Internet security concerns in 2011.

There’s a really interesting article from Georgia Tech that talks about how the advanced computing power that’s readily available today may actually be making password length an even more important factor for creating a secure password. Using graphics processors, researchers are able to quickly, and cheaply, break 8 character passwords in a matter of hours. From the article:

Georgia Tech researchers are investigating whether this new calculating power might change the security landscape worldwide. They’re concerned that these desktop marvels might soon compromise a critical part of the world’s cyber-security infrastructure — password protection.

We’re big proponents of secure passwords here at StopSign, so this story really spoke to us. It confirms that any password less than 8 characters in length is pretty much useless, and even 8 character passwords are now not exactly cutting edge. The new recommendation for the total number of characters in a password? The article says:

…any password shorter than 12 characters could be vulnerable — if not now, soon

Brute force attacks on passwords that are 12 characters would currently take approximately 17,134 years, while an 11 character password would take around 180 years. It’s amazing what one character difference can make.

As usual, we recommend not only longer passwords, but also that you use a mix of uppercase and lowercase letters, as well as other characters and symbols such as the asterisk (“*“), hash sign (“#“), ampersand (“&“), and the like. Doing so will greatly increase the time it takes to break your password. For more on creating strong passwords, check out our article “12 Tips for Making a Good Password.“.

There’s a threat lurking on your computer right now. A presence so fraught with security holes that to expose it to any malicious element on the Internet would likely result in things such as identity theft, spyware, hacked accounts, and worse. What’s this problem? The problem, my friend, is you.

“Only amateurs attack machines; professionals target people.” Bruce Schneier (computer security expert)

So you’re a danger to yourself and others around you when it comes to Internet security… don’t feel bad. We’re all guilty of it. As humans, we’re notoriously good at being bad: we forget to pick up the milk even though our significant other reminded us, we skip a meal and eat way too much later that night, and we certainly get complacent when it comes to Internet security. And that last thing, that’s what we’re talking about. You can deal with your SO and your doctor on those first two. :)

We’ve talked about social engineering before, which is an easy way for hackers and phishers to get information out of you. Instead of breaking into your computer they attempt to break into you, using emails, instant messages, and in some cases even phones or talking to you in real life (both of which are much more rare, but still possible). Once they have gained your trust they begin to break down walls and get at what they really want: your sensitive information. Passwords, account numbers, access codes… anything they can get their hands on that might prove valuable.

In order to stop these people from breaking into your life, you have to train yourself to jog your brain out of complacency when it comes to Internet security. Three of the easiest ways to lock out the bad guys are:

1. Strong passwords:

   Maybe we’re sounding like a broken record here, but a good password is one of the easiest, and best, deterrents to attacks ranging from account privacy to identity theft. Build yourself a better password.

2. Trust but verify:

   We’re not suggesting that you live your Internet life in a bubble, just use the same precautions you’d use in the real world. Use some of the tips we wrote in our blog post “5 Simple Tips to Staying Secure Online” and that should cover your bases.

3. Lock down accounts:

   Your privacy is one of your most important assets online. For every service you use, from your bank to Facebook, make sure that you understand how their security and privacy policies affect you and lock down information such as your physical address and home phone number so that only people you want contacting you can do so.

Reducing the amount of information publicly available about you and keeping up with a few easy Internet security tips will go a long way to keeping you safe… from yourself. :)