The Reality of Internet security, 5 simple precautions

We all know the obvious threat to boundaries that can occur with Facebook just by average use, but what happens if you have a disgruntled IT parishioner or teenage Youth Group attendee?

One might be surprised what a hacker can do...and how often it actually happens. The truth is that yes a real hacker is capable of doing a lot of damage, however if they are really good they would be going after different targets.

The internet is a fantastic and wonderful place in which all God's children are connected by this digital incarnation of the Holy Spirit. Just because it is misappropriated doesn't mean it can't be used to make our lives and ministries better. If you take some basic precautions you'll be just fine.

I'm going to list some common/uncommon sense ways to protect your self through simple precautions.

Five Simple Precautions


1. Never put anything that you could be blackmailed or slandered with.

This may seem like a narrow interpretation, of the old "never put anything you don't want seen on the internet" but there are some things I would risk it for. Credit card info given to trusted sites for purchases and other services can be very secure. These services provided are often essential and pretty dang cool.

However the reality about sites like YouTube, Facebook, Twitter, Photobucket and even Amazon is that they can be hacked with ease. Facebook can in fact be hacked with a simple android phone application called Faceniff. If I can hack your Facebook from my phone, you should consider what that might mean for you.

The good new is that there is simple ways to provide basic protection, these will keep out the the simply attacks by programs like faceniff and firesheep.

Check out these simple protections by using this simple solution in the Simple Browser Security instructions, on the Instructions page

2. Be more careful on foreign wireless networks and make sure your own network is secure.

Hacker attacks require that they be able to access your network. This is the nexus of all hacker attacks. 

Hackers need access to your network to be able to get to your information. Your security can be easily increased by securing your home wireless or wired network.

Detailed instructions will be provided in the instructions section under Wireless security 101 on the Instructions page

Basically, be careful of strange wireless networks that use a WEP (Wired Equivalent Privacy) protection. 

The PLTS and GTU wireless networks use this sort of encryption and are then laughably easy to hack. In fact I'm pretty sure the only reason our wireless is still standing is by means of God given grace. The specialized operating system BackTrack make it easy as cake for the moderate to advanced user (like me) to break into a WEP encoded system.

In your home system make sure you always always use WPA (Wi-Fi protected access) or even better WPA2.

3. Make strong passwords and change them often

I'm extraordinarily bad at this but this is ridiculously important to do. The more complex a password the harder it is to break into.

Encryption (Εν Κρυπτειν meaning "to hide in") is simply hiding your password under layers of number, complex ciphers  and equations. No password is ever completely secure because it is only hidden under vast layers of numbers. This shouldn't be frightening, its just the same in real life.

When a hacker attempts to decode a password, he uses a program to work through the encryption, it is like hiding your password in a bible verse.

For my work with Chris Evans using the faculty assistance account, we use bible verses as password

The better the encryption, the more obscure the verse is. So instead of choosing a verse John 3:16 for a password, a book popularly cited verse with lots of repetition and formulaic phrases, you would prefer to hide it in Leviticus. Therefore the best biblical verse would be Acts 8:37, go ahead, I dare you to find that verse.

The better the password, the harder it is to spell and find on a bible gateway search. Instead of making your password John 3:16, which everyone knows where to find, make your password more obscure and unlikely for someone to guess at. Again, Acts 8:37.

This is of course dreadfully complicated and inconvenient to do every time. Thankfully there are tools that make this significantly easier like LastPass.

4. Shopping Websites rely on their reputation. Check their reputation and make their reputation.

Check their reputation

Sites like FraudWatch and Whois.net are valuable tools for checking websites and their reputations for sketchy business. In addition, watch what your buying. There is no place you can get an Ipad for $1.

In addition simple Google searches can help you get a lot of information on a merchant.


If you any doubt about a merchant but intend to buy from them anyway, use Paypal or Google Checkout when possible. These third party businesses have a reputation for trustworthiness. They exists so that you can make purchases without giving  your credit card to anyone. You can even use Paypal to shop without a credit card. You can use them to pay with a direct account withdrawal or debit card.

Make their reputation

Good shopping websites like Amazon and eBay that exist entirely online are dependent on reputation for honesty and service. Both Amazon and eBay in large part rely on sellers who work with them to sell their products. It is therefore important, as your duty as a citizen of the information age, to review bad and good purchases. Every few purchases make sure you go to where you got it and review the seller.

The problem with ministry is that you often give so much with little affirmation, that is why I make sure to give credit even for the most mundane demonstrations of superior service.

Especially on eBay, this is important as most of the sellers are individuals. Make sure you read their ratings not simply in quality but as quantity. If their last positive rating happened 3 months ago, that should send up a red flag.

Good websites stand behind their product

I personally would never buy anything delicate from a site that says all sales are final. The good thing about Amazon, Paypal, Google Checkout and eBay is that they allow you to report sellers and help you dispute the charges.

5. Always use a Credit card or Debit card for online purchases, unless you use PayPal or Google checkout.

This seems like counter intuitive but it really isn't. Just like PayPal and Google Checkout, a credit card allows you to dispute unauthorized charges.

The difference between credit cards (when you treat them like debit cards) and cash is that once cash is lost you can never get it back. When someone commits credit card fraud, theft, or unauthorized charges its mess to deal with customer service over the phone, but you can always get money stolen or wrongfully charged returned.

Ultimately, the best defense is something the IT industry has been doing for a long time. Study the Enemy. Look at hacking sites and learn what they can do, and take appropriate precautions.

Another myth is that Macs and Linux are immune to hackers. This is untrue. While they posses greater stability, the reason they are not hacked is because they are not used by many high value targets. If there is a will there is a way for a hacker to get what he or she wants.

I wouldn't worry too much, just like in real life, criminals target valuable items. They don't wan't to hack your email account so they can read your emails to your professor or friends and family.

Sources
"Fraud Education Shopping Online Safely." FraudWatch International. Ed. FraudWatch International Pty Ltd. FraudWatch International Pty Ltd, 2003. Web. 25 Nov. 2011. <http://www.fraudwatchinternational.com/ife/shopping-online-safely/>.


Benchmark. "Protect Your Online Profiles from FaceNiff Hackers | I Am Benchmark."Benchmark | Mortgage Branches | A Community of Professionals. Benchmark. Web. 25 Nov. 2011. <http://www.iambenchmark.info/security-issues/protect-your-online-profiles-from-faceniff-hackers/>.


Wholearns.com. "FaceNiff Makes Chopping a Breeze." Who Learns?! WhoLearns.com. Web. 25 Nov. 2011. <http://www.wholearns.com/faceniff-makes-chopping-a-breeze/>.


Trapani, Gina. "How to Crack a Wi-Fi Network's WEP Password with BackTrack." Web log post. LifeHacker. LifeHacker, 28 Oct. 2011. Web. 25 Nov. 2011. <lifehacker.com>.