How Real Is Cyber Threat?

Technology is like anything else that can be used for good or for evil purposes.  Many things have dual purposes or even more than just dual purposes, and technology is no exception to this fact.  Perhaps, there is an exception to the rule, but my small brain cannot think up one for the moment.  Anyhow, there are forces in the world that are trying to use technology for evil purposes.  For an example, from nuclear to cyber threats.  Nuclear threat has existed for many decades already, and by now most people know what MAD means.  In this blog post I’m not going to bother with voicing my opinion on nuclear threat.  Instead, I’m going to focus on voicing my opinion on cyber threat.

Lately, we have seen big powers like USA and China accuse each other of cyber warfare.  It’s obvious that it’s hard to know who is doing what in term of hacking one another in the cyberspace.  Nonetheless, I think I know why cyber threat is a growing concern.

On the surface, before we unravel all the layers of onion, we truly cannot see why there are fusses about cyber security.  For some people, they think that cyber threat can be dealt with best cyber security practices and no more than that.  Of course, it’s true that cyber security measures such as installing well known antivirus software and firewall are definitely going to help counter most cyber vulnerabilities.  Nonetheless, there are other cyber vulnerabilities out there that won’t be eliminated by even the most powerful firewall and antivirus programs.  Why?  I think there are some well kept or new cyber vulnerabilities that have not been dealt with, because these cyber vulnerabilities are well kept secrets or too new.  By using these cyber vulnerabilities and better hacking tools, hackers are able to wreck havocs on the cyber networks of the world.

When we peel more layers of the onion off, we can see that cyber security is very important.  How come?  In my opinion, it’s about a digital future where money mainly get create in digital form.  This is the future trend that our present (the world) is heading for.  Of course, if we just rely on cyber networks for communication and not for banking and monetization, then cyber security can only be boiled down to privacy and few other things but not of money matters.  Nonetheless, cyber networks as in the Internet can be used for electronic commerce, banking, and the whole nine yards.  This means cyber security is needing to be taken seriously, otherwise hackers can just waltz in and erase, steal, change, and do whatever else to the digital money that belong to various money matter institutions such as banking, electronic commerce giants, and whatnot.

I can imagine a scenario that a group of powerful hackers that is sponsored by a powerful organization hacks a cyber system of a country to a point that they erase all of the digital money from this country, leaving this country as a bankrupted nation.  Nonetheless, this country can totally create new digital money out of thin air if she wants to, but will this be ethically, legally, and sensibly?  Can such an incident be covered up easily?  After all, we’re living in a globalized world, and transactions are having been done globally all the time; something like this if to rain upon a country will not be easily covered up.

This is why I think cyber security issues are so important nowadays.  Without proper measures to protect cyber networks, the vulnerable Internet can gradually weaken the trust of digital money transactions, leaving countries and everyday people seek out the traditional means of doing transactions.  Perhaps, this is why we’re seeing the prevalence of traditional transactions today.  Cash is one good example of traditional transactions.

When I’m hearing how one country is having difficulty in protecting a state secret from being leaked out through the cyber networks, I think it’s absurd that such a country is connecting her secret networks to the Internet in the first place.  I think each country should keep her state secrets on an Intranet that won’t be connected to the regular Internet.  Furthermore, such a country needs to provide physical protections to her Intranet, because when hacking cannot be done remotely someone ought to waltz into such a network physically so the hacking can be done eventually.  For an example, stealing state secrets with the usage of a thumb drive (USB devices or similar devices).

In summary, I think the fusses about cyber security threat are real.  This is why we are hearing countries complain about being victims to hack attacks and whatnot.  Corporations are also experiencing cyber security issues, because corporate espionage can be done through cyber networks with ease.  Whenever an entity is connecting to the Internet and it doesn’t matter what type of entity that is, cyber security issues become real just like any other important issue that matters.  Of course, if there is a day that we do not rely on the Internet anymore and money transactions do not take place in the Internet, then cyber threat will not be a threat of anything but only a historical fact.

Personal Note:  The advance of encryption is also important, because encryption can be incorporated into various network tools to secure the Internet transactions.  With strong encryption, it’s harder for hackers to decrypt the Internet transactions into plain text, thus preventing important information from being leaked.

Advertisements

How To Protect Windows 8.1 From Viruses And Malware For Free Or On The Cheap!

Windows 8.1 just came out to update Windows 8.  Usually, a slight change in the iteration version such as Windows 8.1, hence it’s still a Windows 8 iteration, means there will be little improvement and change to the overall of the iteration.  Nonetheless, Windows 8.1 is not at all like this.  Instead, Windows 8.1 iteration version brings a lot of changes to the Windows 8 iteration.  One example of the major changes to Windows 8 iteration is that 3D printer is now being supported by Windows 8.1.

When early adopters such as I see something new and shiny, we want to be the first people to jump on the bandwagon.  Unfortunately, more than often we think, being the first people on the bandwagon can be rather unfortunate.  In Windows 8.1 case, there are many unfortunate events.  One example would be driver failure.  Nonetheless, with enough heart, an early adopter might eventually feel that it’s totally worth it.

In Windows 8.1 case, driver failure is supposed to be the least concern, but it turns out to be a much bigger concern.  Furthermore, many software that support Windows 8 aren’t so compatible with Windows 8.1, considering 8.1 is a slight change in the iteration versions.  Some of these incompatible software might work just fine with the switching of the compatibility mode.  (Sarcastically, yes it’s still being run on Windows 8!)  I found out that other software basically refuse to be ran on Windows 8.1 altogether even though these are being instructed to be ran in Windows 8 compatibility mode.

With all of that being said, I’m definitely all for being an early adopter, because being an early adopter might push you to tinker with whatever you’re trying to experiment with at the early stage of its lifespan.  By tinkering with things, one might be able to improve one’s whatever skill and knowledge.  Furthermore, being an early adopter means you can be the early warning sign hero in telling the good and the bad about whatever that you’re trying to adopt early.

In Windows 8.1 case, although not a biggie, I’m going to be the early warning sign hero of how to protect Windows 8.1 from viruses and malware for free or on the cheap.  Within the video right after the break, I speak of how to protect Windows 8.1 from viruses and malware for free or on the cheap.  (Not everyone is having a luxury of affording expensive computer security software’s annual subscription, therefore knowing how to protect a computer from computer infections with a shoestring budget is a very cool thing to do.  Saving money is definitely cool!  Saving money but having a computer getting hacked is definitely not cool!  So doing it right is definitely awesome!  Obviously, there won’t be a hacker proof computer security measure or measures.  Nonetheless, without trying to protect your computer from the bad stuffs implying that you’re welcoming your computer to be hacked.)  Enjoy the video right after the break, and hopefully you don’t snore before the video ends.

(The audio of the video is now synching correctly!  Please enjoy the video!)

How Paranoid Should You Be For Backing Up Your Data?

Backup Backup Backup - And Test Restores

Backup Backup Backup – And Test Restores (Photo credit: Wikipedia)

If you ask me what is the best way to backup your data, I will probably direct your concern to more than one way.  I like to think of not placing all of your eggs in one basket kind of scenario.  What’s the point of backing up data in the first place?  It’s to hope that when things go crazy such as a computer’s data corruption might occur, you can then access your most valuable backup data.  If you only rely on one preferable backup method, then what if in a critical moment that even the backup data isn’t accessible through your preferable only backup method, what will you do then?  Even a perfect storm is a possible scenario for spreading eggs in more than one basket, therefore I think being paranoid about safekeeping your data with more than one preferable backup method is the best way to go about doing the backups for your valuable data.

For us normal folks, the regular Joe(s), who have data that we want to safeguard, it’s a must for us to spread our data in more than one basket.  It must not be that you have to be a company to take this approach.  Furthermore, nowadays regular Joe(s) do have plenty of ways to go about doing backups for their data.  Let me list few of them:

  • Google Drive
  • Pogoplug
  • Dropbox
  • Amazon Simple Storage Service
  • CrashPlan
  • External hard drives
  • Network attach storage solution such as QNAP NAS servers
  • Do it yourself FreeNAS server solution
  • rsync to a renting server with affordable monthly fee

And the list can go on a lot longer as third party cloud services are now in amble supply.  I think the problem isn’t about finding a backup solution or solutions for the regular Joe(s), but it’s about the affordability, speed, security, and conveniency aspects.  Let say, if a regular Joe wants to spread his backup data in more than one basket, how affordable can this be?  So on and so on…

I think affordability should not be as big of an issue as before the time when there were no third party cloud service and competitive (affordable) computer hardware pricing.  If you don’t intend to harbor 100 of Gigabytes worth of data for streaming purpose or whatever extreme configuration, backing up few Gigabytes worth of data should not cost you much at all.  Perhaps, you can do it at no cost too.  One example, I think Google Drive gives you around 10 Gigabytes worth of free data space or a little bit more than this, and just with this service alone you know you don’t have to spend a dime to backup your data as long you are not going over the free space limitation that Google Drive allows.  Don’t like third party cloud services for whatever reasons?  Computer hardware such as external hard drives nowadays are no longer pricing at outrageous prices, therefore it’s easier for regular Joe(s) to go this route for doing their data backups.  How about coupling Linux with a spare, dusty computer to form a local backup storage server at zero cost in term of money, but you have to spend time on putting things together such as installing Linux and deploying Linux’s network attached storage services to have a more complete backup server solution.

I can see that the many third party cloud services as good solutions for doing backups.  How come?  Let say you’re paranoid about the safety of your data to a point that you consider the scenario where local backup data can all be corrupted at the same time for whatever reasons such as a virus/hack attack (or by even a more nefarious scenario), therefore you think third party cloud services are the additional safety reservoirs for your backup data.  If you are this paranoid, I think you’re doing it right.  Although third party cloud services are good measures against local data corruption, there are problems with this whole approach in general.  Let me list a few:

  • Broadband’s upload speed (Internet connection) isn’t fast enough to do a major backup (i.e., backing up huge amount of data in Gigabytes worth)
  • Security issue… how do we know our data can be securely safeguarded and stored on the remote servers?
  • Trust issue… such as how do we know our data privacy and our privacy won’t be breached on the remote servers?

I sneakily snuck in the speed and security concerns about backing up data remotely through third party cloud services, but we should not take the security issue lightly since many people may not want their privately backup data to be made known to the whole world.  Security done right in term of backing up data locally and remotely, this will also address the privacy issue/concern too.  I think employing good network and computer security measures locally will enhance the security protection level for the backup data.  Such measures should be about employing hardware and software firewall, antivirus, and so on.  Don’t forget to update the software and firmware, because through updating these things that you can be assured of weeding out security bugs.  You can never be too sure about the security of your data when you’re backing up your data remotely, therefore you should employing encryption for your backup data before you upload your backup data to the remote servers.  One good encryption measure I know of is TrueCrypt software which can be downloaded and used freely.

I don’t think we should sacrifice our data security for conveniency, because data security is definitely more important than otherwise.  Still, conveniency should be considered in the calculation of our data backup challenge too.  It’s just that we have to make sure we don’t have to sacrifice data security for conveniency.  Let say, you want to backup your data to a third party cloud service, but you don’t like the idea of doing a local encryption for your data first… this means you are sacrificing your data security for conveniency and this is truly bad for you as the owner of the backup data (i.e., privacy concern).

In summary, I think if you’re paranoid enough about the health of your data, then you should devise many backup plans for your data.  You should try to backup your data both locally and remotely, but you should employ encryption for your data when you do backup your data remotely.  Backing up huge amount of data remotely can be very inconvenient at this point in time since so many regular Joe(s) do not have access to fast upload broadband speed.  Let hope this will change soon, and I know things will be moving in this direction since data streaming and data sharing and data backup are in much more demand than ever before.  One example would be Google fiber Internet service.  Google is driving the Internet Service Provider competition forward as Google deploys its Gigabit Internet connection service for many households in various lucky cities and towns.  With Google pushing for more competition in the area of broadband speed, I think the future — having great Internet connection for uploading our backups — is definitely bright.  As time is moving on, the costs of computer backup hardware and backup services can be even more competitive, we can expect the cost of deploying backup measures for our data can only get cheaper and easier.  I like the idea of having a NAS locally, and using one or two third party cloud services for my data backups.

(How paranoid should you be for backing up your data?  In my opinion, the answer should be, the more the merrier.)

Using Aptitude Package Manager To Install APF Firewall On Ubuntu 12.04 Server

Tux, the Linux penguin

Tux, the Linux penguin (Photo credit: Wikipedia)

Installing APF firewall from source on Ubuntu 12.04 Server is possible, but you still have to tweak it somehow to allow it to start on boot and to work correctly with Ubuntu 12.04 server. Luckily, Ubuntu 12.04 does come with aptitude package manager, and we can use this package manger to install APF firewall easily. Unfortunately, you still need to do some tweaking before APF firewall can work smoothly. Nonetheless, it’s like choosing which poison you want to down with, because either choice is going to be cumbersome. There is one more disadvantage of using aptitude package manager to install APF firewall is that the package manager aptitude might not carry the latest version of APF firewall. Nonetheless, when updating APF firewall with aptitude package manager, it’s much easier such as doing aptitude update and aptitude safe-upgrade. Anyhow, let us assume that you pick the poison of installing APF firewall with aptitude package manager, then this video might just be the remedy for you. Enjoy!!!

How To Enable Dynamic Firewall On Fedora 16

The official symbol of the Linux distribution ...

Image via Wikipedia

The developers behind a Linux distribution known as Fedora have been working on a new type of firewall system known as Dynamic Firewall.  Since Fedora 15, users could install Dynamic Firewall.  It’s kind of a disappointment for me to see the latest Fedora 16 isn’t yet shipped with the Dynamic Firewall.  Nonetheless, as how Fedora 15 was, users can still install Dynamic Firewall with Fedora 16.

For your information, Fedora 16 isn’t enabling any firewall by default.  Yes, Fedora 16 is still shipping with the traditional IPTables firewall system.  The question is, why users want to use Fedora’s Dynamic Firewall over the traditional IPTables type of firewall?  It’s because Dynamic Firewall is somewhat smarter.

I’d made a video which shows you how to disable the traditional firewall, enable the Dynamic Firewall, and how to revert back to the traditional firewall from Dynamic Firewall.  The video also points out why and how Dynamic Firewall is smarter than the traditional firewall (i.e., IPTables).  You can check out the video right after the break.

Product Review: Norton Internet Security 2012 (Video)

It’s this time of the year that new computer security products make themselves known.  It’s this time of the year that I like to do product reviews on various computer security products.  Well, within this post, I like to post a video that I had created for the purpose of reviewing Symantec’s Norton Internet Security 2012.  So, I hope you’ll enjoy the “Product Review:  Norton Internet Security 2012” video right after the break.

Questions:

  1. Do you think Norton Internet Security 2011 was a good product?
  2. Do you think that you’re going to try out Norton Internet Security 2012?

Please leave your answers in the comment section below this post.  Thank you!