I really liked the idea behind Dr. Gallo’s article on using the internet securely in this month’s Journal of Financial Planning. Here’s a link to “The Young Adult: Financial Education, Social Networking, and Internet Security” by Eileen Gallo, Ph. D., so you can follow along. Overall, I think it’s a nice introduction, but there are a few additional perspectives I’d like to add.
Under “Basics”, Gallo warns that one should never use a public computer to access information that requires a password, and suggests that one use a Mac to the preference of PCs, since they are less prone to viruses. I suggest that we up our internet security game a bit here.
First, keeping your sensitive data off a public computer is pretty easy to do – just don’t type it in. Here’s the thing, though, you can’t just avoid public computers, you also need to avoid public internet connections. Websites usually encrypt the first login of a session, but frequently don’t encrypt anything after that. This allows your connection to be “sidejacked,” which means that people can look at what you’re looking at and even act as you on some websites. The software for sidejacking this is easily available, free, and simple to use. The best way to prevent this is to not use public WiFi, such as at restaurants, hotels, public libraries, and so on.
But what if you need to use the internet? My technique is to use a “sacrificial computer,” which is an iPad2 tablet. Mac, which we’ll discuss in a second, is more resistant to viruses, but more importantly, is easily recoverable. My understanding is, that if my iPad2 is nuked by a virus, I can take it to the Apple store and have the drive wiped and do a reinstall of the operating system. All the data that matters on my iPad2 is backed up to other locations, so it’s pretty easy to shove it all back in again. Beyond that, no matter what, I don’t login to banking or social networking websites from any insecure machine. It’s just good sense.
Now for this Mac business. I don’t disagree with Dr. Gallo on the safety of a Mac versus Windows machine, but I want to go one step better and about twelve hundred dollars cheaper by using portable apps and/or a live USB.
Portable apps are applications that are installed on a USB drive or external hard drive, that will run on a (usually windows) computer. To run an application, simply stick the USB drive in to the USB jack on the side of the computer, open the file system, and run the program you want. There’s a suite of apps and instructions available from PortableApps.com. The reason portable apps are so useful is that it allows you to run the programs you need while not saving you information to the computer you’re using at the time. I’m sure you can think of a situation where that would be useful.
Also, you can make a live CD or live USB of a Linux-based operating system, such as Ubuntu. This live CD or USB can be plugged in to the computer while the computer is off, and when the computer is started, you have BIOS boot from the USB drive or CD. This will make the computer run your operating system from the drive in RAM. When you’re done, you shut down the computer, which wipes the RAM, and remove the drive or CD. Using the Live CD or USB lets you do your business on a computer using all your own software from the ground up.
I also have a thought on the management of make complex passwords, but it’s terribly hard to make complex passwords that are memorable. I suggest that you use a program like KeePass. It’s available as a portable app, and on several OS’s. This is a program that makes a password database for you to keep track of your passwords. It will also generate highly randomized, long, probably secure passwords for you, if you like. The database is encrypted (so you do have to memorize at least one strong password), but you can send the encrypted file across computers with ease.
There’s more to computer security than this, but I trust your ability to search the internet for more information and free, quality computer programs that will take care of you. Good luck!