File spoon-archives/aut-op-sy.archive/aut-op-sy_2002/aut-op-sy.0210, message 51


From: "cwright" <cwright-AT-21stcentury.net>
Subject: AUT: Security on the web and in e-mail
Date: Fri, 11 Oct 2002 14:18:22 -0500


This is a multi-part message in MIME format.


Hey y'all,

I have been doing some clean up of my own security practices and I thought it might be worthwhile to offer up some of the info I have been digging into, at least for those less geeky than myself.  We all know the issues involved with security, but we often do not know the means of being more, if not completely, secure.  As such, I am providing a few links and some recommendations, which will be repeated in the sites I am linking to and offered up in much greater detail, too.

The first stop for everyone should be http://privacy.net.  This is the premier site I have found for information.  The parts on e-mail, anti-virus, firewalls, and remailers are of exceptional importance, as is consideration of using PGP or GPG (open source PGP) software for increased security.

For web-based free e-mail folks, hushmail and ZipLip are frankly excellent alternatives, especially since the encryption methods used and required make your e-mail unreadable to their admins as well, if I understand the technology correctly.  I am going to use some remailers (3-5 is the recommendation) since I prefer to use my e-mail from home, though having a second ZipLip or Hushmail account, if used frequently enough, is also convenient.  The web-based ones are especially important if you do a lot of mail from work.  Hope they don't use a firewall to block your access!  Remember, NEVER use work e-mail unless you want it read!

The second stops should be www.diceware.net and http://www.andrebacard.com/  They have lots of very useful info and links to other things so I don't have to do that here.

Finally, take a dive into the alt.privacy news servers, especially alt.privacy.anon-server and alt.privacy.spyware, but start with simply alt.privacy, which is large and has lots of useful information.

Some basic must-do's for all political folks:

1. Anti-virus software, with regular updates.  This is the one place where spending the money is absolutely worth it!  Or try to get it some other way, but make sure that you can get regular updates.  If you borrow software, remember not to use the live update/auto update features, which can track your IP address and often check your registration.  Download the virus updates as separate files and install them after the download.

2.  Seriously consider a good firewall.  You can get some free and others for cash, but nothing will keep people out of your files better.  This is especially iportant for cable modem users, who are ALWAYS ON when your computer is on.

3.  Seriously consider secure e-mail or a remailer system.  Seriously.  I hope to see a lot more anonymous accounts, hushmail and ziplip accounts in the near future.  The recommendation to use accounts outside your home country (where you are more likely to be a target) is essential and sound.  Avoid US entirely, if possible.

4.  Get ad-aware 5.83, the latest version, and the ad-aware auto-update software.  It is free and it removes spyware, aka software which sends out information about you and your habits, tastes, preferences, etc. from your computer without your knowledge!  I bet almost everyone here will get a rude shock when ad-aware is done.  And run it monthly, if not more often.  I get new garbage all the time.

5.  Consider learning Linux and getting a good, user-friendly version of Linux like RedHat 8.0, Mandrake 9.0 (IMO, better than RedHat and 99% compatible), SUSE 8.1 (best European support), or Libranet 2.7 (for people interested in a cheap version using Debian GNU/Linux, which is less popular, but more powerful and well-designed than the RedHat-based Linux versions, which is the other three I mentioned.)  Linux is slightly harder to use, but mostly only if you want to do fancy stuff with the operating system.  The newest versions are easy to install on any PC, easy to use with nice interfaces and offer a lot, including much better security and stability than Windows.  Just consider that over 90% of viruses are written for Windows, and the majority aimed at Microsoft products, such as IE, Outlook/Outlook Express, etc.  Get Linux, Opera for Linux, and a good e-mail product (KDE 3.0.3 seems to have a nice one), the appropriate security software above and a good office suite or individual applications (word processing, spreadsheets, databases)  Other software (not including office suites) may be harder to get and if you do something with Windows software that is not available on Linux (like Adobe stuff), it may not be easy to switch over.  It will take time and effort to convert, but you can then join the world of safer, more intelligent computing AND support the Open Source revolution, which is just one way that the opposition to capital is making itself felt.  Also, don't spend money on full distributions from the Corps.  Go to www.linuxcentral.com or one of the other vendors and order the operating system for $2-3, instead of $20-50.  Or if you have a CD-burner and a very fast Internet connection, download it from the web (many vendors offer the OS free for download) and burn it to CD and load it that way.

Apple is also an alternative, though I sure as hell can't afford a Mac.  Still, OS X is very nice and very powerful and has a wide range of popular politically useful software available for it, such as the Adobe and Quark multi-media and desktop publishing software.  If you can't switch to Linux for some reason, go Apple if you can afford to (only worth it, IMO, if you go OS X.)

If you must keep Windows, as I have to, then consider learning how to set up a dual-boot, so that you can go between Windows and Linux.  Its not as bad as it sounds, but it is a good idea to get a Linux-capable friend to make sure that you are not going to be SOL.

6.  ALWAYS BACK UP EVERYTHING ONTO REMOVABLE DISKS, like Zips or external harddrives or tape backup.  In fact, if everything you use is on removable mediums, you can pull only what you need onto your system and put it back when you are done, and then remove the disk or disconnect the device.  This is the best form of secure data storage an access.

Most of this can be done for cheap or for free (except last recommendation, if you go Apple) and it is just plain smart for political folks.

If anyone knows of other information, please push it back to me and I will try and forward it out.

For those who know and do all of these things, sorry if this is a waste of time.  For those who don't care, I cannot help you, but please delete any and all information you have about me on your computer because I prefer to get in trouble for my own mistakes and sloppiness :)

Cheers,
Chris

ps  Wish I was paranoid, but its not paranoia when they really are out to get you!

HTML VERSION:

Hey y'all,
 
I have been doing some clean up of my own security practices and I thought it might be worthwhile to offer up some of the info I have been digging into, at least for those less geeky than myself.  We all know the issues involved with security, but we often do not know the means of being more, if not completely, secure.  As such, I am providing a few links and some recommendations, which will be repeated in the sites I am linking to and offered up in much greater detail, too.
 
The first stop for everyone should be http://privacy.net.  This is the premier site I have found for information.  The parts on e-mail, anti-virus, firewalls, and remailers are of exceptional importance, as is consideration of using PGP or GPG (open source PGP) software for increased security.
 
For web-based free e-mail folks, hushmail and ZipLip are frankly excellent alternatives, especially since the encryption methods used and required make your e-mail unreadable to their admins as well, if I understand the technology correctly.  I am going to use some remailers (3-5 is the recommendation) since I prefer to use my e-mail from home, though having a second ZipLip or Hushmail account, if used frequently enough, is also convenient.  The web-based ones are especially important if you do a lot of mail from work.  Hope they don't use a firewall to block your access!  Remember, NEVER use work e-mail unless you want it read!
 
The second stops should be www.diceware.net and http://www.andrebacard.com/  They have lots of very useful info and links to other things so I don't have to do that here.
 
Finally, take a dive into the alt.privacy news servers, especially alt.privacy.anon-server and alt.privacy.spyware, but start with simply alt.privacy, which is large and has lots of useful information.
 
Some basic must-do's for all political folks:
 
1. Anti-virus software, with regular updates.  This is the one place where spending the money is absolutely worth it!  Or try to get it some other way, but make sure that you can get regular updates.  If you borrow software, remember not to use the live update/auto update features, which can track your IP address and often check your registration.  Download the virus updates as separate files and install them after the download.
 
2.  Seriously consider a good firewall.  You can get some free and others for cash, but nothing will keep people out of your files better.  This is especially iportant for cable modem users, who are ALWAYS ON when your computer is on.
 
3.  Seriously consider secure e-mail or a remailer system.  Seriously.  I hope to see a lot more anonymous accounts, hushmail and ziplip accounts in the near future.  The recommendation to use accounts outside your home country (where you are more likely to be a target) is essential and sound.  Avoid US entirely, if possible.
 
4.  Get ad-aware 5.83, the latest version, and the ad-aware auto-update software.  It is free and it removes spyware, aka software which sends out information about you and your habits, tastes, preferences, etc. from your computer without your knowledge!  I bet almost everyone here will get a rude shock when ad-aware is done.  And run it monthly, if not more often.  I get new garbage all the time.
 
5.  Consider learning Linux and getting a good, user-friendly version of Linux like RedHat 8.0, Mandrake 9.0 (IMO, better than RedHat and 99% compatible), SUSE 8.1 (best European support), or Libranet 2.7 (for people interested in a cheap version using Debian GNU/Linux, which is less popular, but more powerful and well-designed than the RedHat-based Linux versions, which is the other three I mentioned.)  Linux is slightly harder to use, but mostly only if you want to do fancy stuff with the operating system.  The newest versions are easy to install on any PC, easy to use with nice interfaces and offer a lot, including much better security and stability than Windows.  Just consider that over 90% of viruses are written for Windows, and the majority aimed at Microsoft products, such as IE, Outlook/Outlook Express, etc.  Get Linux, Opera for Linux, and a good e-mail product (KDE 3.0.3 seems to have a nice one), the appropriate security software above and a good office suite or individual applications (word processing, spreadsheets, databases)  Other software (not including office suites) may be harder to get and if you do something with Windows software that is not available on Linux (like Adobe stuff), it may not be easy to switch over.  It will take time and effort to convert, but you can then join the world of safer, more intelligent computing AND support the Open Source revolution, which is just one way that the opposition to capital is making itself felt.  Also, don't spend money on full distributions from the Corps.  Go to www.linuxcentral.com or one of the other vendors and order the operating system for $2-3, instead of $20-50.  Or if you have a CD-burner and a very fast Internet connection, download it from the web (many vendors offer the OS free for download) and burn it to CD and load it that way.
 
Apple is also an alternative, though I sure as hell can't afford a Mac.  Still, OS X is very nice and very powerful and has a wide range of popular politically useful software available for it, such as the Adobe and Quark multi-media and desktop publishing software.  If you can't switch to Linux for some reason, go Apple if you can afford to (only worth it, IMO, if you go OS X.)
 
If you must keep Windows, as I have to, then consider learning how to set up a dual-boot, so that you can go between Windows and Linux.  Its not as bad as it sounds, but it is a good idea to get a Linux-capable friend to make sure that you are not going to be SOL.
 
6.  ALWAYS BACK UP EVERYTHING ONTO REMOVABLE DISKS, like Zips or external harddrives or tape backup.  In fact, if everything you use is on removable mediums, you can pull only what you need onto your system and put it back when you are done, and then remove the disk or disconnect the device.  This is the best form of secure data storage an access.
 
Most of this can be done for cheap or for free (except last recommendation, if you go Apple) and it is just plain smart for political folks.
 
If anyone knows of other information, please push it back to me and I will try and forward it out.
 
For those who know and do all of these things, sorry if this is a waste of time.  For those who don't care, I cannot help you, but please delete any and all information you have about me on your computer because I prefer to get in trouble for my own mistakes and sloppiness :)
 
Cheers,
Chris
 
ps  Wish I was paranoid, but its not paranoia when they really are out to get you!
--- from list aut-op-sy-AT-lists.village.virginia.edu ---

Driftline Main Page

 

Display software: ArchTracker © Malgosia Askanas, 2000-2005