This post was co-authored with Joel Fernandez. If you would like to ask Joel any questions please email him at joelfernandezny@gmail.com.The World Wide Web is one of the most impressive human accomplishments of our lifetime. Sir Tim Berners-Lee vision of the WWW is best illustrated in his sketch. It was a proposal to facilitate collaboration between CERN colleagues. Today this rudimentary sketch has grown into a communications phenomenon that connects 1.8 billion people - worldwide.
Although Berners-Lee is the father of the World Wide Web - its exponential growth is directly attributed to our insatiable desire to produce and consume content. The growth of the Internet -- in part -- has been fueled by the evolution of mobile devices. In the United States alone there are 234 million mobile devices.
Six in ten American adults are now wireless internet users, and mobile data applications have grown more popular over the last year.-Pew Internet
59% of Americans go online wirelessly - using a laptop and cell phone. Securing our information and privacy is taking center stage. The biggest threat to mainstream Internet users is the ability to have your traffic 'sniffed' or viewed. Anyone with access to the same network you're currently connected to -- has the ability to capture every packet of data that goes to and from your device.
Since the array of devices and methods of accessing the Web can be as varied, we'll focus on general safety tips.
1. Turn off all Sharing
Regardless of the type of device you have (laptop, smartphone, etc) youshould always turn off all Shared Resources. Specific instructions on your particular device or operating system are readily available. Here are a few:
2. If you have VPN Access, use it !
Most businesses provide (SSL) VPN access to their employees. This enables a user to have a secure encrypted tunnel to communicate through.
3. Ensure you're using SSL
When configuring your device for email access, or using a logon page for website access, utilizing SSL (Secure Socket Layer) will encrypt that data from prying eyes. They will be able to see the internet traffic, but will not be able to decrypt or "understand" what the data actually is. This happens when your page begins with an "https://" instead of an "http://".
4. Limit your connection time
If you're not using the internet connection, turn it off. This has multiple benefits. The first is that it may save some battery life! The second is that limiting your traffic decreases the amount of data you are sending out. A person with enough traffic from you can begin to build patterns and have sufficient information to do damage.
5. Keep your device up to date
One of the best lines of defense is to patch your systems (Operating System, Browsers, Antivirus\Firewall, Firmware, etc) with the latest updates. Updates not only keep your system running smoothly (most of the time) but can patch holes for discovered attacks. It will not do anything to protect you from Zero-day attacks, but patching for old attacks will go a long way.
Follow Ramon Nuez on Twitter: www.twitter.com/ramonbnuezjr
Never store your private data on your computer. Never use simple passwords (jennifer, abcde12345, are the top 2). Never automatically sign on to email. Someone can click on your email reader and get into everything. The usual caveats about opening unsolicited email, blindly clicking on web links, using the same password everywhere, not changing your password, etc. are always important.
Many devices are open to infrared, bluetooth, and WiFi sharing. Be sure to disable all sharing devices. A firewall helps to stop a few hackers, too. I suspect that Starbucks' WiFi access points will have built-in firewall protection adequate to keep China, Russia, Iran, and others at bay, but if you don't know for sure, turn on your firewall software.
I use Linux exclusively.
Since we dwell here in NYC, I think we may be accustomed to more frequent Wi-Fi exploits than other places. In my travels, I’ve found that sitting in some Wi-Fi spots here in our Metropolis, attacks are exponentially more than in other areas. I contributed to these quick steps for the common user to follow regardless of their OS. Like yourself, I prefer *nix OS for anything. It is truly the reigning champ especially when it comes to limiting exposure.
Your points are warranted and very good. I failed to mention password complexity and social engineering attacks in an effort the limit the tips to 5. If we put our heads together, we could probably come up with the top 100 safety tips, but steering novice users in the right direction goes a long way.
Again, thanks for taking the time to read and share your thoughts. Its always appreciated. In the end, educating users on Cyber Security Tactics will help us all.
-JF