In this Lifehacker article they cover some of most common security risks around Windows. All very common methods in the information security world; to the folks reading my post probably not so common.
Window is susceptible to attack more than any other environment not so much because if the flaws I the design (though there are plenty of those) but rather because of the fact that there is such a large installed base and such a rich knowledge domain on the subject. In fact research shows that most of the most common exploits used in computer related information theft were developed around the attacks used on Windows.
So this article is more about facilitating protecting your information, especially the information that would make you susceptible to identity theft.
Simply put, if you use Windows ( or any other environment for that matter ) consider using a couple of tools, both are free, and both will help with the 80/20 rule:
Keepass: www.keepass.info – This is a great tool to keep all of your personal information, it’s stores your information in the format of ‘index cards’ the file uses any number of strong encryption algorithms (I prefer AES). And if you use a unique strong password, there is virtually no way any one can get to the information.
There are a lot of eWallet type tools out there, but I really like this one because it’s free (free is good, we like free) and it’s open source. If fact I keep All of my personal information in Keepass on a USB stick on my key chain, and I have no problem advertising that fact, I’m that confident of its security.
Truecrypt: www.truecrypt.org – This is another tool that is always in hands reach for me, again it’s free and open source, so there are no ‘magic’ back doors. This tools isn’t a Rolodex inasmuch as it’s a virtual drive that is encrypted. The tool will create a virtual disk in the form of a file (that you can copy to a USB stick) using a strong encryption method. You use it like any other drive on your system except that when you copy or move files to it, the files are encrypted and nobody can access them without the passphrase.
Combine this with Keepass and two different passwords (one for each), and you’ll have secured your personal information to a level that the best crypto hacks can’t reach, and I don’t mean figuratively either.
So there you go, you just got the benefit of three years of graduate school, two advanced degrees in information security and tens of thousands of dollars of tuition for the price reading his blog post. Go forth and be secure.
The price of freedom is eternal vigilance.