How to Really Protect Your Most Private Information On-line
complexity equals risk
realistic data security
Keeping the data on your computer safe is not easy. You could completely isolate your computer: no network; locked in a bunker, too deep for wi-fi to reach; epoxy the USB ports; and post a couple of armed marines for anti-theft protection. This would probably work. Even if, the bad guys had managed to penetrate Intel, or Microsoft, or one of the peripheral manufactures that contributed the parts that make up your computer, the bad guys probably would have no way to get any information they stole out of the bunker.
However, an isolated computer is not very useful. Sun used to be fond of saying, "the computer is the network". I think these days most of us use computers for communication. Given that, the fact is, that if a capable someone really wants the information on your computer, they can probably get it. It is not quite like in the movies where the genius hacker pulls your password out of the ether and logs-in in thirty seconds flat. It is really just the old law of warfare that it is easier to attack than to defend; if the opponent is wearing armor, just get a gun that is big enough to punch a hole in the armor.
In the case of data security, the big guns are simply that the system of users, applications, operating systems, networks, and hardware that we use are complex. If one spends enough effort looking for ways to use that complexity in unintended ways, one can find a method. Persuading users to trust something they shouldn't, is just one of these (e.g. I am a victim of political persecution in Nigeria, and I just happen to need your bank account to launder 20 million dollars.). You might also find a program that is a bit too capable (e.g. a hidden feature of a Acrobat Reader that lets pdf files execute programs) or just a bug in the operating system that can be exploited to run some arbitrary code. There have even been cases of hardware manufactured with active viruses included (e.g. USB sticks, and electronic photo frames), not to mentioned rumored nation state usage of hardware planted special purpose code.
Some methods of exploiting systems are published openly with the intent of informing security professionals about how to address them. However, with a little research into these lists of vulnerabilities and what software is installed on a given system, a method of attacking that system may present itself. This little bit of research can also be automated. Browsers happily announce their brand and version level when contacting Web servers, making the research about a given system's configuration status easy. These techniques are used to penetrate large numbers of computers, in a not particularly targeted way, everyday. If your opponent is skillful, determined, and has resources, they could find and use a vulnerability that is not known to the manufacturer to attack a specific, high value target.
The standard advice for protecting yourself against the more common and widespread kind of attack is to keep your system patched and run anti-virus software. This helps, but not as much as you might think. On the patch side, there are delays between when a vulnerability is published and when a patch is available. There are also delays between when a patch is available and when it is applied. On the anti-virus side, the hackers have two advantages. They can test that their virus is not detected before they release it, and they can release large numbers of modified viruses to overwhelm the anti-virus companies' ability to process the number of samples they produce. Anti-virus companies have responded by adding heuristics to detect programs that are doing suspicious things, but it is very hard to do this without interfering with legitimate programs.
So, in rough numbers, figure that if you follow the standard advice, you are 60-90% safer than if you didn't. If you have very important information on your computer, this level of protection is basically useless. Conversely, if what you are protecting is a credit card number, and you don't like waiting for automated phone answering systems to cancel your card, you may be saving yourself quite a bit of hassle, by following the standard advice.
If you want to protect information that is very important, say the Swiss bank account number for the proceeds looted from the country you used to be dictator in, some additional protections are advisable. First, buy a separate computer for this information. Otherwise, the next steps will be too inconvenient to follow. Limit the attack surface of the computer that holds the information: don't install (or uninstall) any software you don't absolutely need; restrict network access to only those activities necessary to process your information; if you must use USB devices, limit their use to this computer only. Limit communication: only access systems needed to process your information; use a protocol that allows verification of server identity (i.e. HTTPS); use firewalls and network address translation to prevent other systems from initiating communication with yours. Encrypt your hard disk: hey, its cheaper than the salary of those two armed marines.
You may think that dedicating a computer like this is too expensive and too much trouble, and it may be. It really depends on the value of the information you are trying to protect. It might be cheap insurance, if your information is very valuable.
references
- CVE - Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a list or dictionary that provides common names for publicly known information security vulnerabilities and exposures. CVE common names make it easier to share data across sep arate network security datab - Cisco Blog Blog Archive The Effectiveness of Antivirus on New Malware Samples
During the course of security research we often acquire new malware samples. We typically first try to determine what we have acquired and if it is a new or