We tear down some infosec conventional wisdom—there's a lot of bad advice out there.
@Zerush
link
fedilink
56M

All this of a secure Password, 2FA, VPN, AV etc. does not work, while

1 the user lacks common sense, as this is the largest security hole.

2 if the user has an account in a software or service that sells his data to third parties (surveillance advertising), which is the methode of most US softcompanies to create money, also FOSS.

3 thinking that exist 100% privacy and security if you goes online.

1 the user lacks common sense, as this is the largest security hole.

what we as top 5% IT professionals call “common sense” is completely different from what a “I’m not a computer person” person would call common sense.

@Zerush
link
fedilink
26M

Seen in the Web

“I’m going to open this attachment in my mail, surely nothing happens”

“My 300 friends on Facebook are sure to rejoice, when I tell them that tomorrow I will travel to the Bahamas on vacation”

“Die of Envy, here the photo of my new home in…”

“I’m going to upload a photocopy of my ID and credit card to Google, so that I can watch this age restricterd video on YouTube”.

“Call me in this number seen in my last post”

And worse

It is one thing to not be an IT specialist and another to not be an idiot.

It is one thing to not be an IT specialist and another to not be an idiot.

Most people are idiots, by that measure.

poVoq
link
fedilink
46M

Some good and some bad advise, but don’t fall for the anti-virus shilling. The author works for SophosLabs and the article is hidden advertisement for anti-virus software.

Most anti-virus are snake-oil that increase and not decrease your risk and many are also collecting and selling your private data.

Most home users need Antivirus, though, since they don’t know how to administrate their PC properly. Many download random stuff from the internet and don’t think twice about executing, in fact they happily click away all warnings multiple times.

poVoq
link
fedilink
26M

An up to date Windows with Windows Defender is sufficient for that though… or rather no amount of anti-virus is going to solve that problem.

In addition there have been several documented attacks that specifically used anti-virus features like automatic scanning of email attachments that would have been impossible without this additional software with deep system access.

@blank_sl8
link
fedilink
16M

Antivirus on Windows can stop real threats.

@greensand
link
fedilink
46M

Yeah, writing down your password on a piece of paper can be safer than in an (unencrypted) text file, as long as you hide it well enough

I bet that a piece of paper on your home is way more secure than a password stored in plain text

yes, that is what they said.

@Zerush
link
fedilink
16M

In this point Windows is more secure, because it stores the password encrypted in the HD in a second Keyring, most Linux stored them in plain text. Anyway, a current mistake is to use 12345 as password in all accounts.

Linux store what in plain text???

@eyeballkid
link
fedilink
1
edit-2
2M

deleted by creator

@Zerush
link
fedilink
16M

You can easy test it, go to your browser settings, to passwords and click on “See password”. Doing this in Windows, it opens a Pop-up where you must put the system password before you can see the passwords stored. In last Linux I used (Kubuntu), I could see the passwords directly. Well, it was some time ago, maybe this has changed in last distros.

If you use Firefox, password manager stores its data encrypted (not in plain text). You can also turn on the master password requirement if you like.

@Zerush
link
fedilink
15M

Same in all other browsers, in Windows it’s encrypted anyway in a second keyring, but the lack is, that, when they create a random password, you can’t recover it in case of lost or the HD/PC goes to Valhalla. Same with all other password Manager (I know) Better and more secure to trust in a simple papernote or in your memory.

@eyeballkid
link
fedilink
1
edit-2
2M

deleted by creator

@Zerush
link
fedilink
06M

Yes, Microsoft is certainly an oligopoly that abuses its position with sometimes unethical practices and Windows by default is full of all kinds of spyware and not very respectful of user privacy (although with a little knowledge you can disable these bad habits), but in point security is impeccable and perhaps one of the most secure OS currently. Apparently MS has learned a lot from the past, precisely because it is the main target of the attacks as the majority OS is. The defenses he currently incorporates are among the best on the market.

@eyeballkid
link
fedilink
1
edit-2
2M

deleted by creator

@Zerush
link
fedilink
16M

I think, that has nothing to do with the OS they use. A user with a basic tecnical knowledge can be secure in every OS, the user without isn’t in none of them.

@powerbling
link
fedilink
36M

Thanks, grat read!

@hello_lebbit
link
fedilink
2
edit-2
4M

deleted by creator

Subscribe to see more stories about technology on your homepage


  • 0 users online
  • 18 users / day
  • 75 users / week
  • 183 users / month
  • 533 users / 6 months
  • 4.42K subscribers
  • 2.29K Posts
  • 7.39K Comments
  • Modlog