Time For a Post About Computer Security
 

A member of my family had their home computer hacked into and files frozen but fortunately a backup of all data files was done the night before so the drives (4 total) were replaced and a new version of Win 11and all utilities reinstalled. Then all data files restored with no loss of their information.

So I figured this is a good time to go over some good thoughts about security. I have noticed many, many computers do not plug or cover or disable their USB ports especially in places like hospitals, stores like Best Buy or anyplace where computers are running but unattended. Why you might ask, so here is what I found during a computer class I taught back in 2016 or so. I had the computer security manager from COMNAVSUBPAC (Point Loma base San Diego) say he had a copy of the master kill software on a thumb drive he had gotten when in Norfolk VA and if you plugged it in to any Windows based laptop or tablet or desktop PC it would wake up, take control of the OS, shutdown and restart with a really scarry startup screen and would then "phone home" and transfer everything to the bad guys! I had heard of this but all the students and me included were not quite believing this so one of the ex-Navy guys said here use my laptop as a test. Sooooo he fired it up, stuck in the bright red thumb drive and bang the screen went black! Then some funny not normal startup noises and a screen with a pair of bad looking eyes and some weird looking language underneath! The keyboard was dead as could be and ctrl-alt-del did not work and even the power button did not work so the fellow opened the back and pulled the power plug of the battery. We all were believers now for sure.

So what about security: change your passwords every 45 to 90 days, check your home router once a day for who is on your network, on your router require any user to supply their MAC address and only allow them on, Never, ever open an email from someone or place you don't know, do backups at least weekly, print out and store safely, a document of all you websites/user ID/passwords, keep a short list of IP addresses incase ATT or your service provider looses their DNS computer. Finally if you use database(s) at work or at home I would strongly suggest using Oracle as it has probably the best security record of any commercial database and can do things such as record EVERY login, SQL command given and do great backups.

Sorry if this gave you folks a headache but it is sort of important as we all rely on these little machines.
John Rogers the oldracer

Well, there is the problem....

Once you have physical access to a machine, pretty much every security measure other than disk-level encryption can be bypassed.

A good strong password is better than more frequent changes with weaker passwords. And something with MFA is even better (as long as it isn't SMS based)

MAC addresses always get sent to the DHCP server, etc anyway (required for IP networking to work). But they can also be spoofed... Again, back to using a strong password with proper encryption on the connection.

IPs will do not a lot for you since they can change. If you are concerned with your providers DNS server going down, run your own caching only server and query the root servers directly, or use either google or cloudfares public addresses - 8.8.8.8 or 1.1.1.1

Oracle is far from a magic bullet, and as an abusive-of-their-users company they are right up there with MS ... Nothing wrong with MariaDB or Postgres. DB security is down to server config and both network and user access control

Computer security: there is none. Assume everything you put there unencrypted is gone or will be someday. 2 factor authentication is the best you can do, but don't ever lose your phone or enjoy that hell to undo 2FA without it. Also do not lose decryption keys, LOL.

Our security stack at work is so tall, PCs must lose 40% of their CPU and hard drive to it ;-) Our users lose so much time to encryptionissues, network access control, defective antivirus interfering with encryption, I genuinely do not understand why we do not VDI the whole space or kill internet access to the outside on work PCs. I have so many complex passwords for so many tools I have to write them down now, no way I can keep track - the "keeper" app that helps store them is the worst offender as far as locking me out and I can't be checking out a password every 5 minutes... Also after 30y in IT I am out of passwords, seriously, out... blank mind ;-) Only so many cars I can think of.. This is a snake eating its tail... I genuinely think we have so much security we cannot work anymore, yet I understand why we do - our security folks can generally track the attacks to the correct military barrack in China, or hacker group in russia or vietnam.

I think we're gonna reach the Dune butlerian Jihad soon, where humans must rebel against thinking machines ;-) I love that meme where IT people have "only one connected device at home, a printer, and it it makes a funny noise I'll shoot it" - none of this stuff is safe.