In a recent news report, the Geek Squad found child pornography on a computer that was sent for repairs and the customer was turned over to the police. While a crime was committed in this case, don't assume that any of your data is safe when letting someone else look at your computer. Computer repair shops have been noted to steal all types of media (music, movies, photos, etc.) from computers entrusted to them and are known to some in cyberspace as the Peek Squad.
In this age of Identity Theft, anyone with physical access to your computer can easily log onto your online bank accounts or other financial institutions. If you use your web browser to store account ID and password information, a user can easily open your browser and log onto your web sites. The user can also download browser password-cracking tools so they can copy all of your ID and password information, even if you use a master password in Firefox to protect your password list.
A good way of combating this is to use an external password manager that integrates with your web browser. The password list is encrypted and protected by use of a master password. Password-cracking tools for the external password managers may be available, but are more difficult to find than the tools for cracking the web browser password managers. The external password managers automate form entry on multiple web browsers, similar to web browser password form automation. After installing the external password manager, it is recommended to disable web browser password functionality as it will now be available with the external tool. As an added benefit, an external password manager can also provide anti-keylogging and anti-phishing control.
Ensure you use solid password creation practices, making your passwords harder to crack. If you need to encrypt sensitive data, third-party encryption tools can also be used.
- - - -
References
The "Peek Squad"
http://www.schneier.com/blog
http://consumerist.com/consumer
Web Browser Password Manager Concerns
http://www.securityfocus.com
Web Browser Password Recovery Tools
http://www.majorgeeks.com
http://www.tech-faq.com
http://www.darknet.org.uk/2006
External Password Manager and Automation Tools
http://www.roboform.com/ (Windows)
http://1password.com (Mac)
How to Disable Web Browser Password Caching
http://support.microsoft.com
http://www.mozilla.org/support
Anti-Keylogging and Anti-Phishing Control
http://www.roboform.com/anti
http://www.roboform.com/anti
Password Tips
http://www.buzzle.com/articles
http://www.firefoxtutor.com/61
Encryption Tools
http://na.pgpstore.com/product
http://sectools.org/crypto.html
No comments:
Post a Comment