ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

How to Really Protect Your Most Private Information On-line

Updated on June 9, 2011

complexity equals risk

Complex systems will contain flaws, the more interactions a system permits, the greater is the chance of those flaws being exploited.
Complex systems will contain flaws, the more interactions a system permits, the greater is the chance of those flaws being exploited.

realistic data security

Keeping the data on your computer safe is not easy. You could completely isolate your computer: no network; locked in a bunker, too deep for wi-fi to reach; epoxy the USB ports; and post a couple of armed marines for anti-theft protection. This would probably work. Even if, the bad guys had managed to penetrate Intel, or Microsoft, or one of the peripheral manufactures that contributed the parts that make up your computer, the bad guys probably would have no way to get any information they stole out of the bunker.


However, an isolated computer is not very useful. Sun used to be fond of saying, "the computer is the network". I think these days most of us use computers for communication. Given that, the fact is, that if a capable someone really wants the information on your computer, they can probably get it. It is not quite like in the movies where the genius hacker pulls your password out of the ether and logs-in in thirty seconds flat. It is really just the old law of warfare that it is easier to attack than to defend; if the opponent is wearing armor, just get a gun that is big enough to punch a hole in the armor.


In the case of data security, the big guns are simply that the system of users, applications, operating systems, networks, and hardware that we use are complex. If one spends enough effort looking for ways to use that complexity in unintended ways, one can find a method. Persuading users to trust something they shouldn't, is just one of these (e.g. I am a victim of political persecution in Nigeria, and I just happen to need your bank account to launder 20 million dollars.). You might also find a program that is a bit too capable (e.g. a hidden feature of a Acrobat Reader that lets pdf files execute programs) or just a bug in the operating system that can be exploited to run some arbitrary code. There have even been cases of hardware manufactured with active viruses included (e.g. USB sticks, and electronic photo frames), not to mentioned rumored nation state usage of hardware planted special purpose code.


Some methods of exploiting systems are published openly with the intent of informing security professionals about how to address them. However, with a little research into these lists of vulnerabilities and what software is installed on a given system, a method of attacking that system may present itself. This little bit of research can also be automated. Browsers happily announce their brand and version level when contacting Web servers, making the research about a given system's configuration status easy. These techniques are used to penetrate large numbers of computers, in a not particularly targeted way, everyday. If your opponent is skillful, determined, and has resources, they could find and use a vulnerability that is not known to the manufacturer to attack a specific, high value target.


The standard advice for protecting yourself against the more common and widespread kind of attack is to keep your system patched and run anti-virus software. This helps, but not as much as you might think. On the patch side, there are delays between when a vulnerability is published and when a patch is available. There are also delays between when a patch is available and when it is applied. On the anti-virus side, the hackers have two advantages. They can test that their virus is not detected before they release it, and they can release large numbers of modified viruses to overwhelm the anti-virus companies' ability to process the number of samples they produce. Anti-virus companies have responded by adding heuristics to detect programs that are doing suspicious things, but it is very hard to do this without interfering with legitimate programs.

So, in rough numbers, figure that if you follow the standard advice, you are 60-90% safer than if you didn't. If you have very important information on your computer, this level of protection is basically useless. Conversely, if what you are protecting is a credit card number, and you don't like waiting for automated phone answering systems to cancel your card, you may be saving yourself quite a bit of hassle, by following the standard advice.

If you want to protect information that is very important, say the Swiss bank account number for the proceeds looted from the country you used to be dictator in, some additional protections are advisable. First, buy a separate computer for this information. Otherwise, the next steps will be too inconvenient to follow. Limit the attack surface of the computer that holds the information: don't install (or uninstall) any software you don't absolutely need; restrict network access to only those activities necessary to process your information; if you must use USB devices, limit their use to this computer only. Limit communication: only access systems needed to process your information; use a protocol that allows verification of server identity (i.e. HTTPS); use firewalls and network address translation to prevent other systems from initiating communication with yours. Encrypt your hard disk: hey, its cheaper than the salary of those two armed marines.

You may think that dedicating a computer like this is too expensive and too much trouble, and it may be. It really depends on the value of the information you are trying to protect. It might be cheap insurance, if your information is very valuable.

Comments

    0 of 8192 characters used
    Post Comment

    No comments yet.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)