ISEEK Institute

Computer Safety Tips

Tip #5: Keeping Up With Changing Privacy Protections

Privacy concerns on social media sites, especially Facebook, are constantly changing. In order to ensure that you're not broadcasting information that you're unaware of, it is important to monitor new services, security settings, and features of these popular sites.

There are many useful resources for information on the latest in social media. Common online news sites like Google News, Yahoo News and Huffington Post have technology sections that will feature articles detailing changes to popular social networks. For more focused resources, The Wall Street Journal's What They Know blog is an excellent resource for articles on internet and digital privacy and Facebook Watch is a Facebook specific watchdog that has up–to–date, usable information on current Facebook privacy concerns.

Social media sites can be powerful online tools, but as with all tools, they come with responsibility, especially in the age of online background checks.

• Washington Post article on social media background checks

Tip #4: Disabling Third–Party Cookies

Disable third–party cookies in all web browsers. These cookies are from sites or services other than the sites that are visited and are used only to track internet users' online activity.

Normal first–party cookies allow for custom settings, remembered log–ins, and other benefits to the user. On many sites, these cookies may be required to properly use the site. Third–party cookies are provided by sites and services that want to know what users are doing across different websites. This tracking, though theoretically anonymous, collects large amounts of personal information and can threaten personal privacy. To disable third–party cookies, look for the privacy settings in the browser's preferences or options.

Some Common Browsers:

• Google Chrome: Click the tool button > go to "options" > click on the "Under The Hood" tab > click "Content Settings" > The window that pops up will be for cookies. Mid–way down the page, there will be a check box for "Block all third–party cookies without exception." Check that box and hit "close."
• Microsoft Internet Explorer: Click "Tools" > "Internet Options" > click the "Privacy" tab. At this point, you have 2 options. Either set the slider to "medium high", which will allow some 3rd party cookies, but won't interrupt normal browsing, or click the "Advanced" button below the slider. In that window, click "Override cookie handling" and click "Block" under third–party cookies.
• Mozilla Firefox: Click the "Tools" menu > "Options" > "Privacy" tab. Uncheck the "Accept third–party cookies" box.

Disabling third–party cookies should not negatively affect the web browsing experience.

Tip #3: Updating Your Software and Browsers

Update software, especially operating systems, web browsers and high–risk applications like Adobe Reader, Flash and Java, as often as possible to protect against digital intrusion and theft.

You should update/patch your web browser (i.e. Internet Explorer, Firefox, Chrome, Safari, or whichever you use) as soon as the update is released. Most web browsers now notify you when an update or patch is available for you to download. These updates fix vulnerabilities in the web browser that bad guys use to attack your system and steal your information. So please be safe and patch your web browser in a timely fashion.

Software developers, security companies and hackers find new security weaknesses in common software titles every day. These weaknesses allow attackers to bypass security measures and covertly install software to take control of the computer, steal banking information and sensitive documents, and send email spam. Security patches and software updates made to remove these weaknesses should be installed as quickly as possible in order to reduce the risk of attack. The risk to unpatched systems goes up considerably a few weeks after a patch is released, as attackers get a chance to create exploits targeted at the specific weaknesses fixed in the patch. Having high quality anti–virus and anti–spyware software installed and updated will help to minimize the damage of a successful attack, but a little prevention goes a long way.

• AVG free anti-virus
• Spybot S&D anit–spyware

Tip #2: Creating a Strong Password

Be careful when choosing a password. Include capital letters and numbers throughout the password (not just at the beginning or end) and avoid words that appear in the dictionary.

Modern password cracking programs use common password lists (which break the majority of passwords), dictionary listings, and even algorithms that generate pronouncable words that aren't in the dictionary. Common subsititions like @ for a and 1 for i are also covered.

For the most secure password, consider using a phrase instead of a single word. For example, ilovebacon. Add in some caps and numbers, ilOvebA98con. Another trick is to use the first 2 letters from each word in a phrase, eg. "only you can prevent forest fires" becomes onyocaprfofi or oN2yoCap1rfoFi.

If forced to regularly change a password, don't iterate numbers (eg. going from sunshine3 to sunshine4). Changing the number may be easy to remember, but if someone broke the previous password, the new one will be obvious.

Tip #1: Protect Your Password Hint

Password hints – those questions that you select at the end of account registration – are a major security weakness. When picking a question, make sure it isn't something that you mention on Facebook or other sites and that it is something no one else knows... not even friends or exes.

Password hints were designed for a relvatively anonymous, disparate internet, where it was unlikely that a stranger would be able to find out personal information, like the name of your first pet or the city you were born in. With the rise of Facebook and other social networking sites, personal information has become much more available, which has increased the risk of breakins. Picking secure hints is particularly important on email accounts, as email often ties in to other sites and services, like Facebook, and can give the intruder access to other accounts.

In a recent incident published on Computer World, a man was arrested for using Facebook to guess the password hints of strange women. He then rifled through their email accounts and posted explicit pictures of them on their Facebook profiles, which he gained access to using their email accounts.

It is important to remember that the hint is just as important as the password. Using a fake answer to the security question can provide a valuable increase in security. Instead of using the name of your dog, use the name of a dog in a book or from a TV show. Just make sure that it is something you'll remember that others can't figure out.