"Best Practices" for internet surfing.


Technology


With the recent uproar in the Gamer Life forum, I thought it might be a good idea to start this thread for the more inclined users to share tips and warnings to the less aware Paizo users on how to reduce their vulnerability on the 'net. My first pass:

1) Be Wary:

  • Just connecting to the internet makes your computer vulnerable.
  • Opening a browser (any browser) makes it even more vulnerable.

2) Reduce your vulnerability:
  • Whenever possible, use less popular software. The more popular, the more it is targeted for vulnerabilities.
  • Keep software up to date.
  • Use security software when possible (anti-virus, firewall, anti-spam, etc.).
  • Change default passwords.
  • Keep as little personal information as possible on your computer.
  • Be extra cautious on any social networking site. As of right now, none of the social networking sites are built with security in mind. Consider any information on a social networking site as public-viewable. FaceBook is one of the worst offenders right now. Many of their applications (such as FarmVille) can be exploited to compromise information.
  • Close pop ups with the "close-button" (the X at the upper right of the window) whenever possible. Yes/No and Accept/Decline type options can be encoded to be malicious no matter which option you choose.

3) Be aware of social engineering trends:
  • Don't trust "celebrities" any more than you would some random user. (Any one with a little fame, not necessarily "big name") I think this stems from the feeling that a famous person wouldn't risk their reputations, and therefor wouldn't do anything malicious. That is very likely true, but it allows others to pretend to be those celebrities - playing on that trust.
  • Be wary of any attempt to drum up traffic to a site.

Naturally, the safest thing to do is not turn on a computer. Each person has to weigh the risks to benefits and decide what is good for them.


So, either I nailed it in my first pass - not very likely...

Or no one else gives a damn about the surfing safety of other Paizonians?


The netbots have infiltrated their systems and thus they are no longer around to be able to express that they should have heeded your warning. ;)

Liberty's Edge

Paizo Charter Superscriber; Pathfinder Companion, Pathfinder Accessories Subscriber; Starfinder Charter Superscriber

I will add a Few things

Disenchanter wrote:

2) Reduce your vulnerability:

  • Use security software when possible (anti-virus, firewall, anti-spam, etc.).
  • Always us Security Software, take out the when possible. If you have been on the internet for any amount of time and you don't have a AV, most likely you have a Virus. It is important once you have an AV program to keep it up to date.

    Disenchanter wrote:
  • Change default passwords.
  • Try not to use the same password for every page, and try to make the passwords for important web pages, ones that hold your credit info and finance, as difficult as possible. Have those password 10+ characters long with Special characters and numbers involved.


    Pathfinder Adventure, Adventure Path, Rulebook Subscriber

    What happened in the GL forum?

    I'm too scared to look now ;)


    Get to know your router setup screens. If you are using a router, turn off broadcasting unless you really need it (I use a router because it provides an additional firewall, but I keep broadcasting off because I don't have any wireless needs). Also, as far as I know all routers of a particular model are still programmed with the same easy setup passwords (out of the box). In other words, for a certain model router the default password will always be the same, and can easily be learned by anyone. Therefore, as soon as you connect your router, change the passwords(s) immediately to minimize the chances of anyone accessing your router to steal your bandwidth or do anything else naughty. Also, on your router setup screens you will find a log of activity, so you can (and should) keep an eye on that to make sure you aren't hosting uninvited guests.

    Liberty's Edge

    The-Last-Rogue wrote:

    What happened in the GL forum?

    I'm too scared to look now ;)

    Just some slavering fanbois getting themselves all lathered up over some Canadian fetish model. Nothin' to see here, movin' on.


    Urizen wrote:
    The netbots have infiltrated their systems and thus they are no longer around to be able to express that they should have heeded your warning. ;)

    Now, that is funny. :-)

    Dragnmoon wrote:
    Always us Security Software, take out the when possible

    I agree with the sentiment... But it isn't always possible.

    I have yet to find any security software for smartphone OSs. And with the tablet computer market turning to those, I'm kind of worried of them becoming carriers - if not infected themselves.
    Also, Linux based anti-virus hasn't reached the "easy to set up and install" point just yet. I'm not too sure about Mac either.

    jocundthejolly wrote:
    If you are using a router, turn off broadcasting unless you really need it (I use a router because it provides an additional firewall, but I keep broadcasting off because I don't have any wireless needs).

    I take it you mean to shut of wireless if you don't need it, rather than turning off SSID broadcasting?

    If so, I agree completely. Wireless security is nearly obsolete. Only WPA2 remains "uncracked" and I am sure it will fall shortly.
    Spoiler:
    By uncracked, I mean not yet easily defeated by determined individuals/groups. WPA and lower can be breached within hours (or less) with readily available software on the 'net.

    If you mean the SSID broadcasting, that doesn't matter much. The "leechers" you would stop by making your network hidden, are the same ones you would stop by using security. Hidden networks are easy to find with readily available free software on the 'net.


    Use a Mac. Not that I use one, mind you, but the threat of contracting a virus on one is pretty minuscule.


    Disenchanter wrote:

    So, either I nailed it in my first pass - not very likely...

    Or no one else gives a damn about the surfing safety of other Paizonians?

    I can't speak for everyone else, but where I'm concerned you're preaching to the choir.

    Dark Archive

    DoveArrow wrote:
    Use a Mac. Not that I use one, mind you, but the threat of contracting a virus on one is pretty minuscule.

    To be fair, Mac security is largely marketting spin.

    Anyone subscribed to regular security update sites like SANS, InfoSec, or dozens of others will see regular vulnerabilities in Mac land, and not a small number of those are rated high or severe.

    It's all in how fast a vendor gets a patch out, and how fast a user installs it.


    VagrantWhisper wrote:
    DoveArrow wrote:
    Use a Mac. Not that I use one, mind you, but the threat of contracting a virus on one is pretty minuscule.

    To be fair, Mac security is largely marketting spin.

    Anyone subscribed to regular security update sites like SANS, InfoSec, or dozens of others will see regular vulnerabilities in Mac land, and not a small number of those are rated high or severe.

    It's all in how fast a vendor gets a patch out, and how fast a user installs it.

    My lil lady has a Mac and feels the need to get a decent security / virus package. Not being familiar with Macs myself, any serious / affordable recommendations out there?

    Spoiler:
    How long will it take for A.T. to chime in that we need a Tech Forum..... ;)

    Liberty's Edge

    DoveArrow wrote:
    Use a Mac. Not that I use one, mind you, but the threat of contracting a virus on one is pretty minuscule.

    Because no one writes viruses for Mac. The fact that Macintosh computers rarely get viruses isn't a testament to their virus protection, rather, it's a testament to the whims of bored hackers worldwide.

    Paizo Employee Chief Technical Officer

    Urizen wrote:
    My lil lady has a Mac and feels the need to get a decent security / virus package. Not being familiar with Macs myself, any serious / affordable recommendations out there?

    Don't spend a dime.

    Learn to use the firewall built into OS X. It's really simple—just turn it on and check the appropriate boxes to allow only services you need to allow... and if you don't know what a service is, don't allow it. If you have 10.5 or later, it'll prompt you if new things you didn't already allow want in, and again, if you don't know what a service is, don't allow it.

    As for virus protection, REALLY don't spend a dime. I've seen maybe two Mac viruses in the wild *ever*, and those were both in pre-OS X days. That's not to say you shouldn't have virus protection—just that it's not worth money. ClamXav is a decent free solution that's fairly easy to use.


    Vic Wertz wrote:

    Don't spend a dime.

    Learn to use the firewall built into OS X. It's really simple—just turn it on and check the appropriate boxes to allow only services you need to allow... and if you don't know what a service is, don't allow it. If you have 10.5 or later, it'll prompt you if new things you didn't already allow want in, and again, if you don't know what a service is, don't allow it.

    As for virus protection, REALLY don't spend a dime. I've seen maybe two Mac viruses in the wild *ever*, and those were both in pre-OS X days. That's not to say you shouldn't have virus protection—just that it's not worth money. ClamXav is a decent free solution that's fairly easy to use.

    Thanks, Vic. I think she was more worried about Adobe products causing a loophole for such calamties as she is a professional graphics designer that uses the CS3 (soon CS4) suite on a daily basis. But I'll point her to that link for her benefit.

    Paizo Employee Chief Technical Officer

    Urizen wrote:
    Thanks, Vic. I think she was more worried about Adobe products causing a loophole for such calamties as she is a professional graphics designer that uses the CS3 (soon CS4) suite on a daily basis. But I'll point her to that link for her benefit.

    Just make sure you install all the security updates (from Apple and Adobe, and anyone else) that come along. Apple's pretty good about fixing exploits before there are actual in-the-wild problems, but Adobe is a bit less good.


    Vic Wertz wrote:
    Just make sure you install all the security updates (from Apple and Adobe, and anyone else) that come along. Apple's pretty good about fixing exploits before there are actual in-the-wild problems, but Adobe is a bit less good.

    Thanks! I read out loud your response to her and she agreed emphatically (especially about the Adobe remark). Just wanted to dot her i's and cross her t's.


    And stop looking at those sites.


    ...And remember children, should you go to those dirty Pornographic websites, you will be subject to a "Power Word Blind" spell

    Community / Forums / Gamer Life / Entertainment / Technology / "Best Practices" for internet surfing. All Messageboards

    Want to post a reply? Sign in.
    Recent threads in Technology