A Multi-Layered Approach to Computer Security

[dew7]

In this day and age, we need a multi-layered security approach.  Unfortunately, companies are not doing enough to safeguard their computer systems.  These systems suffer from backdoors that were sometimes put into the systems by the original software programmer to gain easy access to the computer network.  Sometimes, hackers discover these backdoors and can wreck havoc.  In addition, not all employees are following protocols with regards to security by having laptops with confidential employee and customer individual information that are left in a car that can easily be broken into and then the laptop is stolen.  Car thieves are targetting valuable electronics that people are carelessly leaving in their cars.  Computer security has become too weak and companies are starting to become too lax in their security standards.  This has resulted in break-ins at places like the recent hack of AT&T.  Universities are now targeted for valuable student data that crooks can use in identity theft.  Yes, the situation looks bleak but we must all rise up and do what we can to protect ourselves.
     For starters, I suggest reading all email in plain text, always block HTML code and view the HTML code when you are sure it is safe, consider a better browser than Internet Explorer such as Mozilla Firefox which supports higher encryption standards --- Internet Explorer is limited to only a maximum of 128 bit encryption whereas Mozilla Firefox has much greater encryption.  For example when I log in to my Yahoo mail account, Internet Explorer only allows the 128 bit encryption but Mozilla Firefox allows the Yahoo suggested 256 bit encryption for log-in.  (Much thanks to Jeysie for setting me right on this issue of how Mozilla Firefox was much better than Internet Explorer)  Also, it is nice to have a hardware firewall in your router that blocks most attacks before they can reach your computer.  I also use Zone Alarm Professional which I have found to be a great software bi-directional firewall.  Another key benefit is the anti-spyware component which caught what it detected as a Trojan on the 98SE side of my machine but turned out to be a piece of Adware that slipped though.  Well, I corrected a weak security procedure that I had implemented which was not using a tool such as McAfee's Site Advisor to tell me which sites were dangerous to go to on the Internet.  Okay, now we move on to keeping your computer safe when things slip through.
     Most people know about the importance of an anti-virus program.  Anti-virus programs are still important but viruses have become less of a nuisance than adware, spyware and malware which brings me to my next point.  A few anti-spyware programs are essential security to any computer network.  I have found Adaware SE, Spybot Search and Destroy, Spyware Blaster, CWShredder and HiJack This to be essential anti-spyware tools.  I also use the Windows Defender beta on the XP Pro. side.  Many of these programs can be safely acquired from majorgeeks.com which I have found to be a great and useful site that does not seem to have the dangerous spyware and adware that can be found on other sites when trying to download these programs.
     Okay, now more about email.  If email says you won and gives you a link then don't click it.  If email tries to pretend to be your bank and get information from you then report ASAP to the Feds if you are in the U.S.A.  The Federal Trade Commission has set up an email address that you can forward spam messages that you received in your in-box or bulk mail to them.  I highly suggest that you do this if you are in the U.S.A. and have the time since we need all the help we can get to help shut down the mass computer networks that are sending out so much spam.
   Finally, I have lots more information but I am not writing a book yet so feel free to respond if you have any more questions.

[Yonkey]

GMail solves almost everything you mentioned, but still it's not 100% secure, since any mail server can be vulnerable to attack unless you're running it off your own computer.  Even then, your server must communicate with another in order to access the internet, so data could be intercepted there as well.

The solution to all this is actually to upgrade the entire Internet to IPv6.  Currently, the majority of the internet runs on IPv4.  Unfortunately IPv4 was never designed for  things like security, QoS, reliability, etc.  When the Internet was created, it was made on the basis of trust.  Spam, Adware and viruses didn't exist back in the 60's, because initially the only things they were sending and receiving were plain text.

Unfortunately, the cost to upgrade the entire Internet is more than the richest company in the world can afford, so it'll still be a while before IPv6 becomes the standard.

[dew7]

Thanks for your response, Yonkey.  I appreciate it.  I think I will take a look at Gmail since I have heard lots of good things about it but I have never used it. 
   I noticed that Gmail requires a mobile telephone number or an invitation so if anyone wants to give me an invitation then I will check it out but I am not planning on giving my cell number even to Google because there is already too many problems with identity theft.  I do somewhat trust Google but I want to try to limit the amount of information that I share and my cell phone number is private to me.  I am sure others know how I feel and that is why I have my cell phone number on the do not call list, a password on my account and have made it clear to the company I use which is Verizon Wireless to not release my phone records to anyone altough I have nothing to hide it is not other people's business in my opinion.

<sorry for the rant --- still a little annoyed at an attempted identity theft that occured a little over  a year ago -- the crook(s) got very little but it was a great hassle to insure that my identity was kept safe>

[Yonkey]

I never gave Google my cell number.  If you want I can send you an invite, I still have 100 of them.

But to get back on topic, and since I just had a Computer Security class a couple hours ago, someone in class asked a question about the stock market being completely digital now, and what will happen if it is subject to an attack.

The prof said that they actually have non-digital human redundancy built in, meaning that if something were to happen, there is still a paper audit trail that will "save" it from attack.  

So, another way to think of this is that the solution to computer security is as you stated, a multi-layered approach with plenty of redundancy.  There's a reason why financial institutions and whatnot have pass phrases in addition to your password, because that acts as redundancy in the event of someone unauthorized trying to access the information.

The more ubiquitous information gets, the less appeal it will have to hackers.  I think I mentioned this in a PM to you before, but a hacker won't get any emotional pay-off out of breaking into a bank account, when it's simple enough for both a 5 year old and a 95 year old to do.

[dew7]

Thanks for replying and sure you can send me an invite for Google mail.  You should have my hotmail address.      

[Yonkey]

Thanks for replying and sure you can send me an invite for Google mail.  You should have my hotmail address.      

Sent!

[dew7]

Thank you so much for the invite.  I sent you an email which I think you will get a laugh out of the title of my gmail account.  I guess I forgot to log off of TSL forum last night.   

[Yonkey]

Don't worry about logging off if you're not in a public place.  Gmail automatically forces you to relogin every two weeks I think.

[dew7]

I notice how both Yahoo, Gmail and Charles Schwab all use AES 256 bit encryption.  The Bank of America website only use RC4 128 bit encryption for some reason.  I certainly find this puzzling that their encryption method is so much weaker in Mozilla Firefox.  Internet Explorer 6 is limited to 128 bit encryption.