Securing your data

posted Dec 20th 2008 2:21pm by
filed under: firefox hacks, iphone hacks, pcs hacks, security hacks

Lifehacker has published an overview of some of the many ways you can secure your data. The post was prompted by recently released browser vulnerabilities: first IE, then Firefox. They cover techniques far beyond just browser security, like how to properly wipe your iPhone. They mention disk encryption go-to TrueCrypt along with password management tools like KeePass. They also suggest using temporary credit cards to mitigate the impact of fraud.

[photo: Rija 2.0]



6 Responses to Securing your data

  • TJHooker says:
    December 20, 2008 at 5:45 pm

    DEP and group policies on windows are exhaustively underrated. DEP on windows is actually better than ProPolice and the the stuff in Fedora 10 and the latest GCC. Ask anyone who knows what a canary value is.

    I run everything under DEP and configured signed driver loading, services, and group policies. I don’t run a firewall, and use free avira with it’s I/O monitoring/guard.

    Most people just assume that because source code is available, the code is correct and efficient.

    Reply Report comment
  • amk says:
    December 20, 2008 at 5:47 pm

    “Hide data inside files with steganography.”

    i’ve made a habit of not criticizing the posts on this site. although it’s incredibly difficult right now I’m going to stick with that. goodnight.

    Reply Report comment
  • ragnar says:
    December 21, 2008 at 4:07 am

    you can put it in the safest safe of the world and it gets stolen. so first rule: encrypted backup. A real mans backup, to an external storage device, off location, but not connected to the internet, external Drive, DVD-RAM, DAT.

    Reply Report comment
  • TJHooker says:
    December 21, 2008 at 12:39 pm

    A “real mans backup” is nice and all, but the data is still being used on an active system with many attack vectors.

    Most software uses the registry or an ASCII file to store data, and most times vendors don’t encrypt the data; this is the case with Thunderbird and Pigin for example.

    In comparison a physically disconnected storage with an AES based protection would be nice for backups, but real time protection is way more important.

    Password Safe, Group policies, DEP, and Signed driver loading are about as good as real time protection gets on windows. With this setup data is stored correctly for the most part(considering no auto-logins,) vulnerable processes are very unlikely to run shellcode with stack based overflows, and rootkits are restricted to userland. Also group policies restrict privileges to malware.

    Reply Report comment
  • thenoz says:
    December 21, 2008 at 4:20 pm

    i think http://www.thenoz.wordpress.com had some killer ideas

    Reply Report comment
  • Fachu Malof says:
    March 5, 2010 at 4:37 am

    Made some good points, I liked it.

    Reply Report comment

    • Leave a Reply

    XHTML: You can use these tags: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Hack a Day serves up fresh hacks each day, every day from around the web as well as hacking related news.

    Send us your hacks










         



    Hacks

    Resources