Tag Archives: Browser

  • -
Shockproofing Book Cover

Shockproofing Your Use of Social Media eBook available!

Category:Cyberstalking,Facebook,Information Security,Infosec Communicator,Internet Safety,Lessons Learned,mobile device,password,Privacy,Risk,Social Networking Tags : 

Shockproofing Book CoverMy Shockproofing Your Use of Social Media: 10 Things You Should Know eBook is now available on Kindle!

For those of you who have attended one of my Lightning Talks about Internet Safety, this book fleshes out my recommendations for keeping safe online.

Please consider buying a copy. You’re welcome to lend your copy out and the book is also available from the Kindle Owners Lending Library and Kindle Unlimited.

If you read it, please leave a review!

If you’re interested, Nick Francesco and I are authoring a series of Your Guru Guides on computing-related subjects. (Search on Amazon for “your guru guides” to see what’s currently available.)

 

 


  • -

Simplifying Password Complexity

Category:Information Security,Infosec Communicator,password,Uncategorized Tags : 

T y p e w r i t e r ⏎Let’s be honest. Passwords are a pain. We all know that it’s important to have different passwords for different places and we all know that they need to be fairly complex. We also know that remembering numerous passwords, especially strong passwords, can be a challenge. So what’s the best strategy?

In this article, I’ll talk about how to create memorable (but strong) passwords and suggest a tool that will make constructing and remembering strong passwords easier.

In general, the strength of a password depends on two factors: length and complexity. Although there’s some disagreement, length is more important than complexity. (For a humorous illustration of password complexity, read the XKCD comic at http://xkcd.com/936/)

Increased complexity makes it more difficult to create a password that you can remember.  The idea of a long complex password may be overwhelming. However, increasing password length alone can result in a password that’s memorable and stronger. Because of the way Windows stores some passwords, the “magic number” is 15 characters or more. A traditional complex password of 15 characters might look like this: “qV0m$$#owc2h0X5”. I don’t know about you, but there’s no way I’m going to remember a password like that. You COULD write it down and store it securely, but it’s not the easiest password to enter on a keyboard, and storing passwords in a browser or in a desktop application is insecure.

Here are a couple of strategies for strong passwords.

Read More

  • 2

Updated: Choosing the Safest Browser, Part One

Category:Information Security,Infosec Communicator,Internet Safety,Uncategorized Tags : 

Swim safe!

This post provides an update to last year’s Choosing the Safest Browser post. Let’s take a look at what’s changed since June 2010.

Browsers

Last year, we looked at the following browsers to discuss which would be the safest:

Number of Vulnerabilities

How do you decide which browser is the safest? One way is to look at the vulnerabilities that were disclosed for each one. Attackers may exploit these vulnerabilities to place malicious code onto your computer.

In Spring 2010, my Cyber Self Defense class ranked the browsers in the order below according to which ones they thought had the most vulnerabilities:

  1. Internet Explorer
  2. Safari
  3. Opera
  4. Firefox
  5. Chrome

According to the  Symantec 2008 Internet Threat Report, here’s the list of browsers ranked from most reported vulnerabilities to the least:

  1. Firefox
  2. Internet Explorer
  3. Safari
  4. Opera
  5. Chrome

The class was really surprised by this ranking.

June 2011

Let’s see how the rankings look from the Symantec 2010 Internet Threat Report. Here’s the 2010 list of browsers and number of vulnerabilities:

  1. Google Chrome–191 vulnerabilities
  2. Apple Safari–119
  3. Mozilla Firefox–100
  4. Microsoft Internet Explorer–59
  5. Opera–31

I was surprised by this order. Ranking browsers by vulnerabilities reported, Chrome appears to be the worst and Opera the best. (In the 2008 report, Chrome had the fewest vulnerabilities!)

Average Time to Fix a Vulnerability

Another way to look at browser safety is how long it takes for a reported vulnerability to be fixed. How would you rank these same five browsers from shortest to longest patch time?

In the 2010 report, Internet Explorer had an average patch time of 4 days. Opera, Safari, and Chrome were each one day or less. (In the 2008 report, Safari had an average “exposure” time of nine days, compared to the “best,” Firefox, which normally took only one day to patch.)

Patch time alone doesn’t appear to be a factor when choosing the worst browser.

Safe browsing is important because the majority of attacks are web-based, peaking at  almost 40 million per day in September 2010.

Does Your Browser Choice Really Matter?

In my opinion, not so much. Internet Explorer vulnerabilities are targeted more because it’s the biggest target. However, all of the browsers mentioned have vulnerabilities and all are patched relatively quickly. Many attacks actually target applications such as Adobe Flash, QuickTime, and the like. Malicious PDFs have also become a huge problem in the last year. What matters are safe practices!

Enhanced by Zemanta

Categories