[DrCaleb]

OnTheIce OnTheIce:

BartSimpson BartSimpson:

OnTheIce OnTheIce:

We're talking computer security, Bart. Try and keep up.

My comment about paranoia was with respect to the topic at hand and I stand by my comments about DrCaleb being a little too paranoid with his data.

OTI, if you know anything about computer security then you'd know that raging paranoia in this realm still leaves people unprepared.

Effectively speaking, there is no such thing as paranoia in the realm of computer security. There's only a trade off between how much security you can afford and how much you really need.

Sure there is...I've been in the game a long time...I've seen the paranoia of viruses, Y2K, the 'cloud'...etc, etc...

Especially when we're talking about generic home users.

Generic home users are the ones most susceptible to identity theft. There is no darker hell than finding out someone on the other side of the country has been opening bank accounts in your name, and even getting criminal convictions as you. Trying to prove it wasn't you there and then, and repairing your credit rating is an exercise in anger management.

It's easier just to password protect your phone.

[DrCaleb]

Zipperfish Zipperfish:

DrCaleb DrCaleb:

Truly secure data should be air-gapped,

By more than a meter now. Do you have any idea whay that is?

There was a case where a researcher said he discovered a new method of virus transmission that used a laptop speakers and microphone to jump from machine to machine. It hasn't been verified or reproduced, but it's chilling nonetheless.

[Zipperfish]

DrCaleb DrCaleb:

Zipperfish Zipperfish:

DrCaleb DrCaleb:

Truly secure data should be air-gapped,

By more than a meter now. Do you have any idea whay that is?

There was a case where a researcher said he discovered a new method of virus transmission that used a laptop speakers and microphone to jump from machine to machine. It hasn't been verified or reproduced, but it's chilling nonetheless.

Ah--thanks. I was wondering about that. Most security failures are human error, I imagine. People plugging in their devices: "But i just wanted to power it up, not connect it to the computer"--as if the machine knows the difference.

[Tyler_1]

I don't want anyone to steal my pet pictures, but I am more worried about bad things happening to my stuff in a physical more than a mental way.

[OnTheIce]

DrCaleb DrCaleb:

Generic home users are the ones most susceptible to identity theft. There is no darker hell than finding out someone on the other side of the country has been opening bank accounts in your name, and even getting criminal convictions as you. Trying to prove it wasn't you there and then, and repairing your credit rating is an exercise in anger management.

It's easier just to password protect your phone.

Yea, cause that happens all the time.

[DrCaleb]

OnTheIce OnTheIce:

DrCaleb DrCaleb:

Generic home users are the ones most susceptible to identity theft. There is no darker hell than finding out someone on the other side of the country has been opening bank accounts in your name, and even getting criminal convictions as you. Trying to prove it wasn't you there and then, and repairing your credit rating is an exercise in anger management.

It's easier just to password protect your phone.

Yea, cause that happens all the time.

Again, I can only assume you haven't been paying attention. It's a frequent and growing crime. There are entire underground industries that operate entirely on stolen identities.

$1:

Facts

Identity theft techniques can range from unsophisticated, such as dumpster diving and mail theft, to more elaborate schemes.
Technology, mainly the Internet, facilitates more elaborate schemes, such as skimming, phishing, and hacking as criminals gather profiles of potential victims. Computer spywares and viruses, designed to help thieves acquire personal information, are an emerging trend.
Victims of identity theft or fraud can experience financial loss and difficulty obtaining credit or restoring their "good name".
The Canadian Anti-Fraud Centre (CAFC) maintains statistics on the complaints they receive.
In 2009, the CACF received identity fraud reports from 11,095 Canadian victims, totaling a loss of more than 10 million dollars. This represents an increase of more than 1 million dollars of what was reported in 2008. Payment card fraud was the most commonly reported incident, and yet, many instances of identity theft and fraud go unreported.

Information sought

Identity thieves are looking for the following information:

full name
date of birth
Social Insurance Numbers
full address
mother's maiden name
username and password for online services
driver's license number
personal identification numbers (PIN)
credit card information (numbers, expiry dates and the last three digits printed on the signature panel)
bank account numbers
signature
passport number

http://www.rcmp-grc.gc.ca/scams-fraudes ... ol-eng.htm

$1:

How to fight identity theft

Ask that your accounts require passwords before any inquiries or changes can be made, whenever possible.
Choose difficult passwords – not your mother's maiden name. Memorise them, change them often. Don't write them down and leave them in your wallet, or some equally obvious place.
Be careful what you throw out. Burn or shred personal financial information such as statements, credit card offers, receipts, insurance forms, etc. Insist that businesses you deal with do the same.

https://www.priv.gc.ca/resource/fs-fi/02_05_d_10_e.asp

[DrCaleb]

DonnaWho DonnaWho:

I don't want anyone to steal my pet pictures, but I am more worried about bad things happening to my stuff in a physical more than a mental way.

I'd be worried they'd steal all those Christmas ornaments! (yes, I know that's a hipster trend now. )

[OnTheIce]

DrCaleb DrCaleb:

Again, I can only assume you haven't been paying attention. It's a frequent and growing crime. There are entire underground industries that operate entirely on stolen identities.

Again, you're being a little to paranoid considering the situation.

It's not a common problem.

Anyone with basic, free virus/malware protection wouldn't even get past these types of emails noted in your article.

[DrCaleb]

OnTheIce OnTheIce:

DrCaleb DrCaleb:

Again, I can only assume you haven't been paying attention. It's a frequent and growing crime. There are entire underground industries that operate entirely on stolen identities.

Again, you're being a little to paranoid considering the situation.

It's not a common problem.

Anyone with basic, free virus/malware protection wouldn't even get past these types of emails noted in your article.

Ok, and . . . ? Email phishing is just a tiny little corner of the virus world. There are so many Trojans and hacks that don't even register with antivirus programs, they are becoming useless. Why put all your eggs in one basket?

Even Norton says they detect 70% of malware, at best. Why let malware even get near your PC?

It's not paranoia if they are actually out to get you.

[Public_Domain]

OnTheIce OnTheIce:

DrCaleb DrCaleb:

Again, I can only assume you haven't been paying attention. It's a frequent and growing crime. There are entire underground industries that operate entirely on stolen identities.

Again, you're being a little to paranoid considering the situation.

It's not a common problem.

Anyone with basic, free virus/malware protection wouldn't even get past these types of emails noted in your article.

You are a hacker's wet dream,

[OnTheIce]

DrCaleb DrCaleb:

Ok, and . . . ? Email phishing is just a tiny little corner of the virus world. There are so many Trojans and hacks that don't even register with antivirus programs, they are becoming useless. Why put all your eggs in one basket?

Even Norton says they detect 70% of malware, at best. Why let malware even get near your PC?

It's not paranoia if they are actually out to get you.

Norton sucks. Why people pay for that garbage is beyond me.

Public_Domain Public_Domain:

You are a hacker's wet dream,

Just cause I don't drink the tin-foil-based koolaid, doesn't mean I'm susceptible to hackers.

[PluggyRug]

OnTheIce OnTheIce:

Norton sucks. Why people pay for that garbage is beyond me.

Beyond me as well. A few years ago the Norton (Symantec) anti-virus CD came with a virus.

[DrCaleb]

Public_Domain Public_Domain:

OnTheIce OnTheIce:

Anyone with basic, free virus/malware protection wouldn't even get past these types of emails noted in your article.

You are a hacker's wet dream,

He's a typical computer user though. I'm only 'paranoid' in his eyes because of inexperience. Network Security is what I do.

I sit behind a firewall that took millions to build. I have some of the best equipment at my disposal, some costing hundreds of thousands of dollars. It's my team's job to stop all the nations and their hacker armies hacking our network trying to get the data we keep for the people of this province. And it's a juicy target!

And with all this just last month, one guy checking his email from a heavily locked down government PC managed to open a Trojan disguised as a .PDF file, and it opened ransomware that password encrypted his Documents, the shared Documents server for his department, and the shared document server for the whole Ministry. In only a few minutes! Millions of files, gone! Years of research, years of work to create those documents. Gone! But we have backups.

It cost 4 people 3 days time to blow those infected servers away and restore the data. So, how confident am I in a free antivirus? NOT!

[PluggyRug]

Question for DrCaleb....how prevalent is the ransomware stuff.

[OnTheIce]

DrCaleb DrCaleb:

Public_Domain Public_Domain:

OnTheIce OnTheIce:

Anyone with basic, free virus/malware protection wouldn't even get past these types of emails noted in your article.

You are a hacker's wet dream,

He's a typical computer user though. I'm only 'paranoid' in his eyes because of inexperience. Network Security is what I do.

I sit behind a firewall that took millions to build. I have some of the best equipment at my disposal, some costing hundreds of thousands of dollars. It's my team's job to stop all the nations and their hacker armies hacking our network trying to get the data we keep for the people of this province. And it's a juicy target!

And with all this just last month, one guy checking his email from a heavily locked down government PC managed to open a Trojan disguised as a .PDF file, and it opened ransomware that password encrypted his Documents, the shared Documents server for his department, and the shared document server for the whole Ministry. In only a few minutes! Millions of files, gone! Years of research, years of work to create those documents. Gone! But we have backups.

It cost 4 people 3 days time to blow those infected servers away and restore the data. So, how confident am I in a free antivirus? NOT!

I have a degree in Computer Science and have a college education in Network Management and Engineering. I don't work in the field anymore.

I work in a company with 1200 people, all connected. I have never seen the type of issues you describe at the office or at home. Ever.

Your experience is unique. Government's and corporations are targets. We know that. Let's not pretend that home users are the same or require the same type of security. Even the most basic security software with a cheapo router will provide most home users all the security they require.