Securing your computer

Ian Gordon

Ninshub
Member
I've been reading this NYT article about protecting your computer and checking what I'm doing and am not.

File or drive encryption: does anyone use this? I've got a Mac and am tempted to do it with File Vault. I might also get a VPN not because I pirate stuff, but just for added security. Opinions?
 
The advice seems generally good.

I have stayed away from encryption as it complicates recovering after hardware failure. Can't just put the drive in another system.

They did not mention backing up - number one in my opinion.

Also stay off the net when you don't need it. Leaving your system on when you go out, sleep etc increases your risk.

Personally I use Ubuntu not Windows so risks are much less.
:)
 
Can't you just turn on file encryption?

I use Linux Mint which automatically encrypts my hard drive. I thought Apple also has this facility.
Yes I can, but as Andrew9 mentions it can - potentially - create problems if there's a hardware failure. I do have a backup, but then in theory would need to encrypt those as well. I wonder if it's worth the trouble.
 
The advice seems generally good.

I have stayed away from encryption as it complicates recovering after hardware failure. Can't just put the drive in another system.

They did not mention backing up - number one in my opinion.

Also stay off the net when you don't need it. Leaving your system on when you go out, sleep etc increases your risk.

Personally I use Ubuntu not Windows so risks are much less.
:)
I agree with all of the above, although as a programmer, I need to use Windows for most of my work.

I'd like to say a little bit more about backing up, because someone I know carefully backed his work up on to a tape for months, and then his hard disk crashed. The tape would not read back!

Someone who works with computers a lot, and has projects on their machines, needs to be really careful. Nowadays, I use some Chinese backup software called EASEOUS TODO Backup, which compresses your disk into a file on a removable drive. This file can be used to recover from a complete crash, but it can also be used to recover individual files or groups of files. This is incredibly useful if you ever need to refer back to previous work, but it also means that you know your backup can be read back when needed!

I also use more than one removable hard drive, and copy a selection of the compressed files on to a friend's machine.

For anyone who can't be bothered to physically backup, I guess the cloud is better than nothing, but I wouldn't really trust it!

I'd not recommend using encryption unless you really think you need it because as Andrew says, it isn't going to be your friend if disaster strikes!

David
 
I go back and forth on encryption. It is really only encrypted at the level of your logon password to your machine. So if your logon password is easy, then what is the point. The hardware issues are real and seemingly unpredictable. Rebuilding can seem impossible in the case of a loss.

I guess you have to ask yourself why you are wanting to encrypt something. If you are just trying to hide something, or keep it protected, there may be better ways.

For backups I've found it is great to have a machine where two drives can be installed. In my older mac book pro I have a 2nd drive where the CD/DVD used to be. (Probably not possible with the new machines.) But I manually mirror the two drives by a cron'd script nightly. And the 2nd drive is also bootable. So if I have a problem with one drive it isn't a problem. I can go to the other drive. This would be easy with any desktop system that can hold more than one drive. You could make the replication automatic as well with RAID 0.

I've found that my big problem with backing up stuff I want to save is that I end up backing it up multiple times. Backing up backups and then backing up backups of backups, so eventually I have no idea of how much stuff I have backed up. Plus I always feel I need to mirror backups, so I have multiple backup drives. What is the point of backing something up to only one drive? Drives fail. If you are backing it up, then it should be made safe. Ugh.
 
And VPNs. It is not hard to set up your own VPN on a Digital Ocean box or something similar. Or use a service. It is good at hiding your browsing or anything in the clear from your ISP. But if you are trying to really hide your browsing then you need to research. There are subreddits dedicated to zero footprint browsing and financial transactions. You can borrow any of those techniques depending on your requirements.

Privacy is a real issue. Like anything else, doing it well and doing it consistently would require an enormous amount of time and then daily discipline to maintain secure standards.

I'm honestly more concerned by the fact that you can't really delete stuff off of your Amazon order list (although you can archive) or your past Netflix queue. Many time these are shared among families and privacy rules are important. I mean at least that is a more immediate concern.
 
On a Mac it's easy peasy: you've got File Vault and Time Machine :)
With the latter you just plug in an external drive and you get an automated incremental backup of all your data. It doesn't have a ton of options and settings but it gets the job done and in 10+ years it has never let me down.

File Vault just works. It's transparent. Not much else to say. You may also consider file-vaulting your backups, since they reside on an external disk that could be lost or stolen etc...

As VPN I have used several, one that I like is Buffered VPN. They don't log your browsing history and don't share data with third parties:
https://buffered.com/faq/buffered-ensure-privacy-using-vpn-service/
(Not all VPN services do this)

Of course a VPN will only go so far in protecting the privacy. There's a lot more going on, websites that track you, browser fingerprinting etc... For that problem you could keep a copy of Tor installed and use it when necessary. Also the browser's "Private mode" can be enough to avoid the nasty cookies.

For instance Amazon tracks every move you make. They remember who you are via cookies/supercookies and I hate to get spammed with "suggestions" about products I don't want to buy... only because I looked them up once. Couple of years ago I searched for an expresso machine for a friend and I got 3-4 emails in the next days recommending more expresso machines, coffee mixtures and coffee sets... jeez! :eek:

Two months ago I bought a pair of headphones, next 3 emails... more headphones!
If that's an example of the incoming "AI revolution" ... we're doomed!

Cheers
 
On a Mac it's easy peasy: you've got File Vault and Time Machine :)
With the latter you just plug in an external drive and you get an automated incremental backup of all your data. It doesn't have a ton of options and settings but it gets the job done and in 10+ years it has never let me down.
Bucky, I use Time Machine too. But some people here say you should have several back-ups. What if my Time Machine drive breaks? Should I be getting another one?

And of course in terms of getting robbed, or the house burning down, my Time Machine is always hooked to the computer, so should I unplug it at a certain point, put it somewhere else, and get another one hooked to it?
 
Bucky, I use Time Machine too. But some people here say you should have several back-ups. What if my Time Machine drive breaks? Should I be getting another one?
Sure, you can manage multiple backup disks via TM. Or you can invest in a RAID 1 backup disk which essentially is a unit with 2 disks inside, for extra integrity.
And of course in terms of getting robbed, or the house burning down, my Time Machine is always hooked to the computer, so should I unplug it at a certain point, put it somewhere else, and get another one hooked to it?
A cloud backup might help, maybe as 3rd copy. Though you may not like the idea of your data being sent and stored somewhere else. I am pretty sure that there are cloud services that guarantee good levels of privacy, though I have never used them myself.

cheers
 
I am pretty sure that there are cloud services that guarantee good levels of privacy, though I have never used them myself.

I use CrashPlan. It's not free, but it's very affordable. The CrashPlan service encrypts all of your data before sending it to the CrashPlan backup servers, so, without your encryption key (or the password to it if you store your key on their server, which is an option), even their server admins cannot read your data. Of course, you have to trust that they have actually implemented this as they say they have. The other neat thing is that they also allow you to backup (free of charge) to other computers running CrashPlan, so, you might backup to the PCs of friends and family.
 
Bucky, I use Time Machine too. But some people here say you should have several back-ups. What if my Time Machine drive breaks? Should I be getting another one?

And of course in terms of getting robbed, or the house burning down, my Time Machine is always hooked to the computer, so should I unplug it at a certain point, put it somewhere else, and get another one hooked to it?
The first trick is to test your backup periodically as someone mentioned earlier. I know of instances where this hasn't been done and the organisation/person hasn't been able to recover from backup.

It's probably less likely that your PC and Backup will fail simultaneously although theft, fire or other damage might cause that as you mention. The only way I can think of is to have your backups stored somewhere safe like in a firesafe which can be a pain to keep up to date, or in the cloud/networked somewhere else.
 
It's probably less likely that your PC and Backup will fail simultaneously although theft, fire or other damage might cause that as you mention. The only way I can think of is to have your backups stored somewhere safe like in a firesafe which can be a pain to keep up to date, or in the cloud/networked somewhere else.
I just copy my latest backup on to a friend's computer when I see him. I still have my backup, but he has a copy. The probability of total failure becomes very low, assuming President Trump doesn't miscalculate.

David
 
Back
Top