past week proved that you can’t rely on something as simple as a web
browser to keep your personal data and identity safe from harm.
Critical flaws were found in the Internet Explorer and even Firefox
web browsers, leaving users potentially vulnerable to spyware, viruses,
and password-sniffing. But don’t throw up your hands in defeat—with the
right software tools and a little Advanced Common Sense, you can secure
your data so that even if someone did get onto your computer or into
your email, they’d find nothing but headaches and woe. Read on for our
list of ten software apps and strategies for locking down your online
life. Photo by Anonymous Account.
10. Wipe that iPhone (or BlackBerry) before trading in.
almost inevitable that your iPhone’s storage space or feature set will
seem completely outdated at some point, depending, of course, on
personal tolerance. Before you trade it in or sell it, though, take
heed—your personal data is still there,
and recoverable with a few modest hacks. Considering how much email,
login information, and web history is sent through a phone these days,
it’s worth looking at Jonathan Zdziarski’s wiping method,
which involves jailbreaking your phone and jumping into the command
line to wipe it down clean. Rocking the BlackBerry? Check out BBGeeks’ much easier wiping steps. UPDATE:
Commenters (and emailers) point out that iPhones and iPod touches
running the 2.0 software and later can securely wipe out all data
without a jailbreak. Head to
Settings > General > Reset > Erase All Contents and Settings to erase/re-write/wipe your personal data and settings.
9. Use virtual credit cards for iffy online buys.
a DVD from Amazon is usually a pretty standard, safe transaction, but
that cutesy little shop with the clever T-shirt? That’s when you should
take a few minutes and get a virtual—or “one-time,” “secure,” or
“online”—credit card. Most major banks, PayPal, and Discover
offer them, even if they’re not widely used. If you’re not quite sure
about a site, or even if your own computer might be watched, it can’t
hurt to try a card made for only one purchase.
8. Hide data inside files with steganography.
You probably know it’s not smart to keep sensitive, need-to-remember data in a file named
all_my_bank_accounts.doc. But few laptop thieves or backdoor hackers are going to look for your PayPal data inside
soaring_whales.jpg. Even if they did, they’d only see Orca and friends if you stashed your stuff with easy-to-use steganography tools.
They’re also great for trading the kind of information you wouldn’t
normally send over email inside otherwise non-intriguing files of all
types, sparing you the need to go through too much extra effort.
7. Plan for the worst.
As one editor here recently learned,
even a decently protected computer or email account can be gotten too,
and it’s hard to tell why. So while precaution is a best practice, it’s
just as smart to fortify your digital life for intruders. Clean out
your old and never-mailed contacts to avoid apologizing to them later
(to say nothing of infecting or spamming them later). Delete any
emails, archived or not, that contain passwords, account numbers, PINs
and the like—some web sites have a bad practice of emailing them right
to you. And make sure you know how your webmail provider would reset
your account if it was ever compromised—long-ago-sent activation code,
ultra-secret question, or something else entirely. If you don’t know
this, then a break-in truly is the end of that convenience.
6. Get smarter on security questions.
web-based apps provide a fail-safe way to get your password to you if
you’ve forgotten it. Some are more secure than others, but almost all
of them ask for some kind of verification/security question—”What is
your mother’s middle name?” is pretty common, and so is “What was your
first pet’s name?” Thing is, a lot of that stuff is easy to get at, as
former Vice President candidate Sarah Palin learned the hard way. Blogger danah boyd’s security question algorithm
isn’t heavy math, just smart thinking. You basically create two words—a
snarky response and a unique word you’ll remember—to encapsulate your
actual answer. Unless a clever college student looking to scandalize
you lives inside your head, chances are you’ve closed off this weak
5. Boost your browsing and downloading privacy.
Giving away all your web activities is easy to do, if you don’t take
any precautions at work or home. For seriously strict IT policies at
work, give our guide to private browsing at work
a read-through. Need even more security to hide your traces? Try an
anonymous proxy service. Many proxies go up and fall off the net every
day, but the Tor network and its cross-platform browsing tool, Vidalia,
works in most situations to prevent end-result sites from knowing where
you’re at. As for all that BitTorrent traffic that gives you occasional
pause for thought, we’ve got you covered there, too.
4. Theft-proof your laptop (and its files).
Few everyday emotions can stand up to the “Laptop Dillemma”
in complexity. Your laptop is supposed to give you freedom and
flexibility, but it’s also a big chunk of moolah just crying out to be
lifted. Adam Pash isn’t quite paranoid, but he does have a handle on
how to keep your laptop from being stolen, or get pics and locations on
the sly of the thief if it does, and prevent your data from getting
compromised. Read his guide to setting up a laptop security system and pick out the anti-theft elements that make sense for you.
3. Secure your wireless network.
matter what any salesperson tells you, you should never take a wireless
router out of its box, hook up a few wires and start surfing from the
belkin54g hotspot. Tech site Ars Technica has a great guide to “The ABCs of securing your wireless network,”
covering everything in your house—Xbox, Wii, laptops, and iPhones—and
the best protocols to use. For a more nuts-and-bolts basic guide, try
our long-ago wireless network tutorial, but don’t use the WEP standard mentioned in there.
2. Encrypt your data whole or piecemeal.
whatever the reason, we’ve all got files that shouldn’t be available to
anyone who sits down at our keyboard, whether they live across the
globe or across the hall. Encryption has come a long way in ease-of-use
and accessibility, and some operating systems—mainly the “business” or
“ultimate” kind—have native support for encrypting drives and folders.
For most of us, though, there’s TrueCrypt, available for Windows, Mac, and Linux systems. We’ve walked through encrypting entire drives or single folders with TrueCrypt,
and while there are plenty of encryption tools out there, TrueCrypt is
a nice balance of hard-nosed security and understandable, actual-human
1. Use KeePass. Love KeePass. Be secure.
It works on any system, it works with any program, and you can have it automatically between your computers. In short, KeePass
is pretty indispensable for anyone who isn’t doing the bad, bad thing
of using the same password on every web site and computer app. Once
you’ve learned the basics of the free, open-source password vault, you can make it work your own way with great plug-ins. Already using Firefox’s password manager? That’s cool—you can export them into KeePass. If you’re a multi-computer, multi-operating-system person, the free online storage service Dropbox can serve as your ultimate password syncer through KeePass.
Beyond these ten tips, what measures do you take that most others
ignore? Got a great hassle-free security program we’ve skipped? Tell us
about it in the comments.
By Kevin Purdy