INTERNET SECURITY FOR YOUR COMPUTER

ANDPROTECTING YOUR

PRIVACY

INTERNET SECURITY FOR YOUR COMPUTER

ANDPROTECTING YOUR

PRIVACY

BOB COOKDOAI WEBMASTER

©2010

PC INFECTION RATES

•25% of Business PC’s infected

•60% of all PC’s infected

•Vast majority of users are unaware

•More security attacks in 2009 than all previous years combined

Source: Sophos

PROJECT AURORA

•Google and 30 other top companies were recently attacked and data stolen using sophisticated malware techniques

These attacks were not against Google servers....they were targeted at individual laptops which were then used to get “inside” access

•And you think you are safe?

SECURITY VULNERABILITIES

•Windows (XP, Vista, Windows 7)

•Applications

(Browser, Excel, Powerpoint, PDF, ZIP, JAVA, JavaScript)

•Hardware Drivers

(Computer, Printer, Scanner, etc)

Must keep them all updated!

• But the biggest vulnerability is YOU!

HOW ARE VULNERABILTIES

EXPLOITED?First, they have to get on your computer:

•Open email attachments, click on links

•Downloading Files (Programs, Pictures, PDF’s, ZIP files, etc)

•Just VISITING a website, perhaps through a poisoned Google SEO search result

•Just VISITING a “good” website that has been hacked

(such as US Treasury, reported May, 2010)

•In some cases, just RECEIVING an email, no action required

SEO POISONING EXAMPLE

•Four of top five hits are links to poisoned sites (Underlined in Red)

•Downloaded malware submitted to VT

•Only 24% detection rate!

PROTECTING YOUR COMPUTER

FIRST LINE OF DEFENSE

GET THE UPDATES•WINDOWS - Windows Update

Note - SP3 is only version supported for XP

•APPLICATIONS - Secunia PSI

•DRIVERS - Computer / Hardware Vendor,

Device Doctor

SECOND LINE OF DEFENSEPRACTICE SAFE COMPUTING

• Never log in as Administrator when on Internet

• Keep confidential files on external drive that is only connected when you need it

• Encrypt confidential files (or keep on external drive)

• Don’t open attachments

• Don’t download or share files

• Don’t click on shortened URL’s

• Turn off scripting (not a viable alternative)

• Use a more secure browser (Chrome)

• Turn off HTML email, turn off preview

THIRD LINE OF DEFENSE

•Use an AntiVirus program and keep it updated

•OK, I did all that stuff (well, maybe not all of it). But why do I still get infected? Why won’t my AV program protect me?

MALWARE FACTS•Malware testing results are mostly

bogus, driven by advertising dollars

•Six different kinds of rootkits, most AV only catch one (the easiest)

•Malware author tests his product against AV software ($Billion business)

•Timeline between discovered malware and patch can be months - in the meantime, you are vulnerable

•Heuristics and activity-based

detection catch at most 40% of “new” malware (optimistic)

•Rootkits, Bootkits, File Infectors big problems that defy detection and mostly not used by testing labs to report AV “success” rates

•Most malware testing is done against a published set of malware, allowing vendor “optimization” of results.

•Matousec testing is most comprehensive

MATOUSEC TEST RESULTS

A BETTER AV ALTERNATIVE

Almost all malware depends on memory corruption (usually as a result of a buffer overflow that allows the malware to load and execute)

- eEye Blink Personal is an excellent alternative since it prevents against memory corruption attacks generically (no need for scanner or heuristics

Blink includes three AV scanners to detect malware you unintentionally install

If you have been paying attention, you realize that - even if you are 100% diligent, you are still highly at risk!

This is why Project Aurora and other targeted attacks are successful, in spite of traditional protection measures.

You need a way for your computer to magically return itself to a pristine state every time you turn it on, ridding itself of any malware it may have contracted.

VIRTUALIZATIONA program that allows you to run your browser and any other applications you choose in a “sandbox”, completely separate from your “host” computer.

Empty the sandbox, and everything you did disappears, including all traces of malware you may have contracted - and nothing ever touched your host computer. Its like getting a new clean computer every day!

SANDBOXIEEASY

VIRTUALIZATIONSandboxIE will allow you to easily run your browser, email program, and any other programs you choose in a sandbox.

Anything that happens in the sandbox does not affect your computer.

Empty the sandbox, and everything disappears. Works with all versions of Windows.

LEARN HOW TO USE SANDBOXIE

• Updates and downloads must be done outside of the sandbox

• Consider using web-based email and bookmarks

• Malware not caught by your AV suite will run in the sandbox until you empty it

• Empty browser sandbox each time before you visit a confidential site - eliminates anything bad that got by your AV software

DISK IMAGING

Just in case bad things happen....

Create a Disk Image of your OS and a rescue CD

Completely restore your HD, apps and OS, in 15 minutes

- crashed HD, corrupted registry, etc

- Malware that snuck by

- Use to repair 95% of your computer problems, avoid frustration and service charge

Easeus Disk Copy, Acronis TrueImage, DriveImageXML,

Comodo Time Machine

PROTECTING YOUR PRIVACYYour privacy / identity is at risk:

1. Information others have about you

2. Personal records you lose / theft

2. Your computer usage

Sandboxing and your AV/AS will not completely protect your privacy

INFO OTHERS HAVEOver 350MM data records lost by

businesses since 2005 (Source: privacyrights.org)

Your doctor, dentist, insurance company, gov’t agency all have enough info for someone to steal your identity

You are at risk even if you never use a computer

It is up to you to protect your identity / credit

IDENTITY THEFT DEFENSE

Best defense is to freeze your credit at all three national credit reporting agencies (Equifax, TransUnion, Experian)

Each state regulates terms and cost

Cost usually $10 or less for each freeze/thaw

If you need credit, initiate thaw at only the reporting agency your creditor will use

OTHER THREATS•Debit Cards - burden of proof on you

•Cell Phone

- Wipe data before disposal

www.recellular.com

- turn off Bluetooth when not using

- Lock access with passcode

- Smartphone apps may be malware

- Turn off location services unless needed

•Be careful what you post, it will be cached

•Social networking sites are a haven for malware and social engineering attacks

•Don’t broadcast you are not home

•Don’t use real password hint answers

•Don’t use real personal info

•Many cordless phones are easily eavesdropped, so are VOIP calls

•Even your car spies on you - computer tracks your speed, braking, steering, etc

PROTECTING YOUR COMPUTER

PRIVACY

COOKIES & PRIVACY•HTML cookies mostly safe. Used to

identify you as you browse a website. Easily deleted by your browser

•“Zombie” (aka Browser Helper Objects) are another matter.

- May be persistent

- Can’t delete via browser

- Can turn on your microphone or webcam

ZOMBIE COOKIESManage at:

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html

MANY WAYS TO STEAL YOUR PERSONAL INFO

ONLINE

•Pfishing

•Clickjacking

•Keyloggers

•Hijacking

•TabPhishing

•“Social Engineering”, and the list goes on

BEST DEFENSES•Don’t visit porn or other questionable sites

(Web of Trust browser add-on or OpenDNS client)

•Use a password manager (LastPass) and let it choose secure passwords

•Financial websites

Use two-factor authentication (Token, SMS, call, etc)

Empty you sandbox and close your browser

Use Site-Specific Browser

•Maybe LOTS of info on your computer’s hard

drive. Nuke the HD or destroy it if you are disposing of an old computer. Remove all confidential data from HD if taking it in for service.

•Keep confidential info on external drive that is not connected to your computer unless you need it.

•Encrypt confidential information on your hard drive and on your external or flash drive using a program such as TrueCrypt

•Crossing the border? Homeland Security gives them the right to seize any electronic equipment

•Backup your data and keep one copy off-site

CREDIT CARD USE ON WEB

•OK to use at major sites

•Make sure SSL is enabled (https)

•For best security, check your credit card vendor for one-time-use option

•PayPal - pay via your credit card, not your bank account

•Use PayPal for unfamiliar sites, NOT a credit card (they may steal your number)

WIFIAT HOME:

•Use WPA2 encryption

•Change router default login and password

•Don’t allow others to connect to your network (LAN or WIFI) unless you provide them with a separate router

•Or, get a router that allows separate Guest Access that completely isolates the guest

•Or, just turn off all your computers until guest is done and disconnected

PUBLIC WIFI / LAN• Simple software allows anyone to capture your

session on unencrypted/Shared Key WIFI

• Email login and password may be sent “in the clear”

• YahooMail (and others) has secure login, but messages are not encrypted

• General web browsing done “in the clear”

• Best Defense - use HotSpot Shield

Free service - www.hotspotshield.com

• Always use a software firewall

• Ensure file sharing is disabled

• Turn off WiFi and Bluetooth when not using

ADDITIONAL HINTS• Inventory possessions for insurance

(include pictures, receipts, serial numbers, model numbers, date purchased, etc)

• Keep updated list of all impt info (credit card numbers and contact info, medical/prescription info, banking, insurance, vehicle license/serial numbers, insurance info, etc) KEEP ONE COPY OFFSITE, ENCRYPTED

• Don’t carry your checkbook with you