A Dirty Little Secret About Backdoors!

in #technology7 years ago (edited)

So it's come to my attention that I haven't written anything recently about my field of work. I think most people who follow me know from past post that I work in... let's just call it, "network security."

And with that, I try to generate some good karma for myself by lending helpful tips to you fine people about protecting yourself against a hacker's tomfoolery.

But I'm going to let you guys in on a dirty little secret... something that you might even take offense to. Ready?

"A hacker is only as effective as his/her target allows them to be!"

suicidalviral.jpg

"What in the hell does that even mean?"

Basically what I'm so subtly trying to say is, most thieves get in through the backdoor... that YOU leave open!

In "network security" a Backdoor is a basically a portal (or vulnerability) in your system that hacker uses to sneak in (usually undetected) and take whatever information they want!

Real Talk For A Minute?

Look guys, we are in the "year of our Lord," two thousand and seventeen!

This isn't the wild west days of the Internet anymore. You know, where we were "freeballing" through the web and downloading crazy shit without knowing about like malware, chatting with strangers on IRC, and making up goofy Hotmail accounts.

We should know better now. And we should be better at protecting our identities and lively-hoods! This is serious shit here!

("So now the question should be... "Okay, then how do I protect myself?")

Great question! Glad you asked! I have a few tips on how to keep that backdoor locked as tight as possible.

Lets start with something simple:

Digital Ninjitsu

I always tell my nearest and dearest that their goal should always be to be as invisible as possible!

What do I mean by this?

1. There should be nothing in your browser history older than a day! You should clear your history pretty much every day.

2. Any files in your computer with ANY personal information needs to backed-up to a flash drive then deleted from your computer!

Basically what I'm saying is, there should be no evidence you ever even used that computer!

Next up:

Password Mumbo Jumbo

Without getting too technical, if your password is under 15 characters long, you are making it too easy for a hacker to obtain it. It should also be as nonsensical as possible.

Cracking a password with "brute force" (it's a hacker term... don't let it confuse you) takes time! Especially depending on the system the hacker is using. The longer and confusing the password is, the harder it is for them to attack you.

Just trust me on this.

Also, you should change this password every 3 months!

Question Everything

This is going to be a little more harder to explain. There something in the field we call a "social engineering hack!" It's pretty complicated to explain to the average user, but I will try to make it easy for you.

SEH is basically a term for finding a weakness in the user, NOT the computer! It's all about human error!

So for example:

Getting an email from your "cable company" or "Facebook" or "your bank" with a link for you to click on and SIGN IN to their page to check on your account.

Except the problem is, these are all fake pages! And when you sign in, guess what? Yep, they now have your password!

suicidalviral.png

Be aware of where you click and where you sign into. If you receive an email telling you to click on a link and sign in, call your bank or cable company or whoever supposedly sent it and make sure it was from them!

Just remember:

suicidalviral.jpg

There are more specific attacks I can talk about like "phishing" and "piggybacking," but I'll let you do the research on that if you want to learn more.

Lets Wrap This Up!

There are a lot of other ways to secure your system that are pretty involved and complicated, but the things I've listed here will more than do the job!

Look my lovelies, the world can be a bad place with bad people! For examples of this you should read my post about the "Dark Web" (I've posted a link below).

We have to be better, sharper, and urgent about protecting our information. Cause once it's stolen, you will go through Hell to get some semblance of normalcy again!

Hope this was helpful my lovelies! If you thought this was cool or somewhat interesting, would so appreciate an upvote and a resteem!

CHECK OUT THE LINK BELOW FOR RELATED MATERIAL!

Facebook's Security Is Like Guarding Your House With A Cat!

Dark Web Vs. Deep Web... And All The Weird Shit In Between!

Google Isn't The Enemy, But It Damn Sure Is A Problem!

Sort:  

Wow truly amazing post, I followed you and gave you my 100% upvote on several of your post 👍👍keep up the good work

You are more than welcome, keep it up 👍

Passwords are a pain. Thanks to steemit they are history...at least on steemit!
An interesting post. A solution to weak passwords is to make one using three random words like.

banana curry monster

Or something equally unrelated.

A brute force attack would take 18,000+ years to crack this simple method.

Scared much? Hackers are overrated. The public are just too lazy to protect themselves from themselves.
And generally deserve a good thrashing.
(I said that out loud didn't I?)
I'll get my coat. ;)

One can improve resilience to dictionary-based attacks by misspelling words too and including other characters. In this case:

Banamma kurr33 mUnstarr?

It's still easy enough to remember but several orders of magnitude more secure!

Very true @walaoeh this form of password would increase the time to crack it exponentially.
18,000+ years is already long enough don't you think? ;) tip!

As far as passwords are concerned - unless, like me, you're a programmer who can afford to spend the time to build his/her own personal secure password vault software - I highly recommend using LastPass. I've been using it myself quite a bit in the past and can say it's probably your safest bet; and it's also really cheap too! Besides, I wouldn't really go as far as getting anxious about browser history and all that stuff.

Now moving on to the security of the files on your computer.. I've been using Avast Premier for over 4 years and can guarantee you that no form of hack (of course, unless you're being specifically targeted by some genius hacker) will ever be able to breach your security. Avast offers standard antivirus, ransomware file protection, secure DNS, secure browser for banking, active online protection stopping you from entering phishing websites or downloading malware, etc.

Just my 2 cents, but that's how I recommend someone stays safe.

This is extremely useful info for all the regular Joes and Josephines reading this!

Post was very informal and helpful. I have to make sure that I am following thesr rules because I only know a little about computers and other things I am interested in as far as creating app, coding and website development. hey @cleverbot do you think I should blog about decodeing?

I'm here to help! And yeah, better safe than sorry with your vital info. I've seen some shit!

Good read! I like to think the best hackers are

the one sitting next to your computer and watching carefully as you type in your password.

Or the one who says: "I'm just the repair guy", and you believe him, but he ain't.

I love social engineering.

You can always count on human error!

You've received a FULL upvote from #TheUnmentionables - a SteemIt community full of members who like to kick ass, take names, and occasionally do it wearing (or forgetting to wear) our unmentionables...

Click the Image to Join Our Discord Server:

Please upvote this comment so we can help our members grow faster!

I thought this was both cool and interesting ... so, yeah, you got my UV -- and now here's my comment. (Grin)

First, I think there is potential for a separate article from each of your sub-headings. A little extra information ... maybe some explanations of why these recommended techniques are such a good idea ... would fill the text out nicely for 4+ more articles / posts.

Also, I'd encourage you to write other posts following this same idea on phishing and piggybacking rather than just suggest people Google those topics. As someone who actually works in network security, you bring a valuable perspective to these issues. Capitalize on your authority and standing for your audience. (Don't send them away. Now that you've got their attention -- impress them further. Teach. Explain. Give them extra value to take away when they do move on!)

You could make this into a 6 - 7+ part series. You write very well. (You should see some of what I've waded through tonight. This was an oasis of rest and refreshment -- and I thank you sincerely for that.) I would do my best to see these pieces get the support you -- and they -- deserve.

from #theunmentionables

Thank you so much for the compliment and the advice! I've considered doing a more in-depth series, but I also try to keep things "general" enough for people who aren't "techy" to understand the message. I really do appreciate your thoughtful comment!

Thank you for this post. I look forward to reading the rest of your post. Following you.

Coin Marketplace

STEEM 0.23
TRX 0.22
JST 0.037
BTC 98870.54
ETH 3475.75
USDT 1.00
SBD 3.21