Toldain Talks

Because reading me sure beats working!

Name:

Toldain started as an Everquest character. I've played him in EQ2, WoW, Vanguard, LOTRO, and Zork Online. And then EVE Online, where I'm 3 million years old, rather than my usual 3000. Currently I'm mostly playing DDO. But I still have fabulous red hair. In RL, I am a software developer who has worked on networked games, but not MMORPGS.

Monday, March 17, 2008

Raging Cybermaniac

So, with all the hacking that's going around, what can be done to prevent it happening to you.

One of the vulnerabilities I mentioned are keyloggers. A keylogger records your keystrokes and sends it to the thieves. In principle, they can also monitor your internet traffic and pick out data of interest, as long as it's not encrypted. Keyloggers most often get into your system via the web, either through a trojan horse, a download of something you wanted, that was, shall we say, more than what you wanted, or via a hidden download that some innocent-seeming email or website perpetrated.

The other possibility is that you chose a very poor, easily guessed password for your Station account, or your email account. (See here how email hacking can allow EQ2 hacking.)

Anyway, here are some of my security policies. I have avoided a lot of trouble with these.

  • I use AdAware fairly consistently. A version of this can be downloaded for free.
  • I don't have an anti-virus. I hate how everything grinds to a halt when they run.
  • Firewalls are good. Most newer versions of Windows have one. Use it.
  • I never, ever, EVER use Outlook for anything except to download the Firefox browser. This is probably an overreaction. If you keep Outlook up to date, and push the security settings up high, it probably will be ok. But I don't use it. Firefox comes with high security by default.
  • There's a corollary to the last point. Minimize your use of the in-game browser. Go only to trusted sites, like eq2i, or Allakhazam which seem pretty safe.
  • I keep my software up-to-date. Firefox has an auto-update function. I use it. Many exploits go through holes that have been fixed, but not updated.
  • I think hard about who/what site I'm going to trust. I don't trust plat-sellers, though a plat selling site might not be to blame. I don't trust porn sites, they range from honorable to horribly sleazy, and it's hard to tell the difference, er, up front. I don't trust sites that offer "cracked" software, or bot programs and "illegal" enhancements. Anything that seems too good to be true, probably is.
  • Any window that manages, despite Firefox's best efforts, to pop up gets removed by clicking the little "x" in the corner. No other action, repeat, NO OTHER ACTION, is taken with such a window.
  • I do trust sites like eq2inteface, eq2maps, and ACT. These are so widely used, and have a long track record of actually doing what they promise to do.
  • I think most of my readers make pretty good decisions about who to trust in real life. Start extending that to cyberspace.
  • If I get an email from someone I don't know, I delete it without opening it. If it's from someone I know, but has a very odd title, and an unknown attachment, I am cautious. I might confirm with my friend what it is before opening it. I use web-based email, which isn't bullet-proof, but harder to hack than Outlook.
  • I watch out for "phishing" emails, which will send me links to websites that "look" just like a legitimate site, but have a numbered url instead of the normal url. Sony will never, never send me a link to something that requires me to put in my account name and password. The word "Sony" in the last sentence is a link. Hover your cursor over it, you should see, in the bottom line of your browser, the url that the link will send you to. Instead of saying "http://sony.com" or "http://station.sony.com" or something like that, it says "http://192.168.1.255/station.sony.com". Beware of urls that begin with numbers like that, it's a sure sign of a faked website. Especially if there's stuff afterward that's associated with the legitmate site. The stuff that comes right after "http://" is what counts. Phishing is one way bad guys can get your account information.
Sony has one problem with their website which I wish they would fix. They have a security flaw which allows a certain kind of exploit known as cross-site scripting (xss) to occur. Here is a link to a page at The Station. Here is the same link, with an alert I added, just by changing the way I link to it. That something more could be anything I chose it to be, and it might be able to install spyware on your system, even as you are visiting an entirely legitimate site. Sony needs to fix this vulnerability.

Are you scared silly yet? Well, I don't want you to curl up in a ball in the corner, but I do want you to take action to make yourself more secure. Because we should be talking about how tough that nasty named boss was, not how nasty the hackers were to you.

Labels: ,

0 Comments:

Post a Comment

<< Home