SANS has released its OUCH! Newsletter, a particularly great one this time that gives wonderful instructions on securing your home WiFi, and WiFi in general. You can find the PDF here.
Lenny Zeltser talks in this blog post about how antivirus works. An interesting read all around.
The Department of Homeland Security has a great post that talks about cybercrime, identity theft, and prevention. A sample from the article:
Security gaps from employee carelessness can be costly not only to an organization but to the individual affected. Hackers are now targeting employees through emails that appear to be from colleagues within their own organizations.
These types of attacks are more and more common.
Ouch has released the latest edition of its newsletter, this issue is about backups.
Backups … are your last line of defense when something goes wrong.
Having had to restore from backup more than a few times myself, this is very true. It only takes one catastrophe to learn, but why learn the hard way? Check out this latest edition of OUCH! from the fine people at SANS.
The SANS post for security awareness month today was excellent. It spoke in great length on how and when administrative privileges should be used on computers. It might be less often than you think. It is always a good idea to run your day-to-day operations in a user mode, rather than administrator all the time.
Let’s say I have two available characters: ‘1’ and ‘0’. This is what computer scientists and mathematicians call binary. If I had a password that was two characters long, these would be all my available options:
00
01
10
11There are four permutations, because I have 2 possible values for the first character multiplied by two possible values for the second character. What if I increased my password length to 3 characters? Then there would be 2*2*2 (or 2^3) permutations. How can I increase the strength of my password? Well, I can do two things: increase my set of possible characters, and/or lengthen the password.
This is why including mixed case, numbers, and symbols in your password is a good idea. The set of lowercase letters has only 26 characters. So let’s say your password is 8 characters long, and only consists of lower case letters. If someone were trying to guess your email password (and trust me, there are people out there who are trying), they would only have to go through 26^8 possible passwords. That sounds like a lot, but for a computer it’s all in a day’s job. Now, let’s say you include just one uppercase letter, one number, and one symbol. That increases the character set to about 70 characters (depending on which symbols are allowed). Now they have to go through 70^8 possible passwords, because that number, symbol, and uppercase letter could be anywhere in your password. That’s 2760 times as many passwords to search through!
Of course, don’t go overboard with mixed-case, numbers, and symbols. One of each is sufficient. An easy way to increase security without making the password hard to remember is simply by increasing the length, as is demonstrated by this xkcd comic.
Some of the ideas that are most important to understand when online are outlined and explained by Department of Homeland Security.
