Today on the Edge of Innovation, we discuss how to be put safeguards on your computer to be safe from hacking.
Jacob: Thanks for listening to this episode of the Edge of Innovation. Today we are going to be talking about how to protect yourself from hacking. We want to just go through some of the basic, basic ideas of how to protect yourself from hacking because, it’s… If it isn’t on your radar, it should be. And if you haven’t been the victim of it, you could be. So, Paul, could you talk us through. We’re talking about these four steps for how to protect yourself from hacking.
And the first one you laid out for us is getting a good antivirus software.
Paul: Well, yeah. I mean, let’s step back a little bit. I mean, you are in a world, you know, where you drive around in your car and you observe bad actors, and you avoid people that are speeding, and you do all these different things. You wear a seatbelt. You clean your windows, you know. You do all these proactive things to protect yourself. You make sure your kids are strapped in, etc. And we have to do a lot of that in, in the digital world.
Some bottom line things. First of all, the easiest way, most effective way to prevent hacking or prevent yourself from being hacked is to not use the internet. Don’t connect your computer to the internet. That’s called air-gapped, to make sure that there’s no wires running into your computer. I know how absurd that sounds, but you make a value judgement that it is worth the value I get out of it and balance that with the risk that is the potential that is there. And you do that every single day.
So, you know, in the PC world, we’ve had to deal with antivirus or viruses for a long time. The Mac world is no longer a safe haven. You need to have, antivirus on your computer. So I’m going to ask you, Jacob. You’ve got a Mac. Do you have antivirus?
Jacob: I will confess. I do not have antivirus. I have lived under the delusion of Apple is better and not prone to getting hacked.
Paul: See? Now that’s an interesting… You said delusion. But it’s really an illusion because what it is, is that the market share of Apple computers is lower than that of PCs. So if you’re a malicious person, and whatever their motivation is for doing this, are you going to go after, the market that has 10 computers or the market that has 1,000 computers?
Well, if I’m going to… If I’m going to try and hack in and steal your, your music, let’s say. I’m going to go after the 1,000 people. That is why there is more viruses on, PCs than there are on Macs. Now, as Macs have become more mature and, market penetration and saturation is… You know, more people buy Macs. Well, that’s… There’s a bunch of people I can go after over there if I’m a malicious actor. So that old-time, limited commodity doesn’t exist.
I can tell you that, you know, if you go and get an Atari 800, there are very few viruses that are going to be written for the Atari 800. And the same thing for Linux. You know, there’s not a lot of viruses. There are, because a lot of hackers use it, and a lot of people use that. So, but, you know, you could go and get an, NeXT box. One of the old NeXT boxes from Steve Jobs’s company, NeXT. But you could use, you know, an effective way is to use an OS that isn’t very popular. And that gets into, you know, something we’ll talk about in just a second. Virtual machines.
So, antivirus and antimalware. They are two separate things.
One of the things that you get if you buy one of these suites, is a lot of stuff you don’t really need. They’ll get like browser protection and all these if things that can really slow your machine down. So you need to be diligent in choosing that.
We recommend, for Macs, Intego, which is a very good antivirus and network security product. Or, Kaspersky or ESET. And the, the reason we recommend those on the Mac side is because they don’t take a lot of performance out of the machine. Now, you might say, “Well, alright. So I’ve installed all those.” And you can get these things that occur which are, uh, popup storms, and then you go to a site and this popup, this popup, this popup. And the leap is, “Oh, I’ve got a virus.”
Well, no. Not necessarily. You could go to a website that just pops up a lot of different things. And it’s very hard to get control of that because they’re popping up the things so fast, and you think you’ve got a virus. It has nothing to do with that. It’s like if you turned on a television, and they were playing four programs in four corners and it’s like, “Okay. That’s the way it is.” And they kept opening new programs. Well, you’d switch the channel. Go to a different website, and then you don’t have that anymore.
And, uh, the other concept, if you really want to be secure, how can you do that? Well, you could use a separate computer. Or you could use a virtual computer. So virtual machines, Windows 10, Professional comes with Hyper-V, which is a virtualization technology. On the Mac, you can use, VMware, Workstation, or VMware Player or, Parallels… What’s Parallels called? Parallel is on the Mac. I forget what it’s called. But, uh, I think it might be just called Parallels.
On the Mac you can use, VMware Workstation or VMware player or Parallels to install another copy of an operating system. And then, basically, just use that as a throwaway operating. So if it gets hacked, you basically can delete it.
Uh, and isolation is generally very good between a computer and the VM. There is also open source stuff. You can get VirtualBox, which is probably what most people will use.
One of the things we’ve been toying around with here is creating a virtual box, machine that you can download, which is actually a Linux based machine that is hardened and has just a browser installed. So you could literally double click on that. It would open up into a browser, and you’re completely protected.
There are companies out there that offer that. One’s called Browser in a Box, which is also very good, and we’re thinking of doing the same, similar thing as Browser in a Box. So, but it’s, subtly removed. And it’s, it’s a little bit of a hassle. And that friction makes people not do that. But if you ask the questions “How do you protect yourself?” Antivirus, antimalware. If you really want to be protected, use a separate machine or a virtual machine. And then just be diligent.
You have to be aware of what you’re doing. Don’t install things. Don’t download things.
You know, we, in our IT practice, we can put in policies for companies that prevent users from installing things. Well, then they complain, “Hey, I can’t do what I want. I can’t get my job done.” So there’s that, that balance that you have to strike, and but those are critical things. You know, now, up until recently, the, there was malware that would — or antivirus — that would try and, you know, get your credit card number. You know, and honestly, if I’m a malware person, should I go after you to get your credit card and try and deal with all the anomalies on your machine? That’s a lot of work. It’s a lot easier for me to hack into Target and get a million credit card numbers.
So, how do you get around that? Well, you know, most of the credit card companies out there have one-time use credit cards, which you can go to their website and say, “I want a credit card number for today, right for now.” And it expires with one use.
Jacob: Interesting. I didn’t know that.
Paul: So yeah. It’s really cool. You can do that, and if you’re concerned and you have a website that you’re like, “I’m not too sure about this website.” Or, and really, what you’re making a judgement on is whether their IT people are diligent in protecting their data. So, Target is a pretty big company. They should be pretty diligent, but they got caught. They got into a problem. So, you know, but you can go in. They have browser plugins where you can generate a new credit card number, use that there. That’s also a way to avoid that being stolen and used somewhere.
So that’s, that’s another thing you can do is sort of these one-time use credit card numbers.
Paul: So, the four things are antivirus, antimalware, virtual machine, and diligence. On the PC, what I use is Microsoft Defender antivirus that’s built into Windows 10, and I do use Malwarebytes Anti-Malware, their professional version, not their free version. And I find that the combination of those and not doing stupid things have kept me from, getting hacked in that way.
Now, the other thing that’s out there now that wasn’t out there a few years ago is ransomware. And ransomware is… Usually, they trick you into downloading and running an installer or something. What they do is then they encrypt your data, and you can can’t decrypt it. So encryption is basically scrambling the data is a way that makes it so that you can’t read it. And unless you have a key to decrypt it, to unscramble, it’s useless. And so they will actually say, you know, for $300, we’ll give you the encryption, decryption key.
People have actually paid it, and they do do that. The question… I was talking about this with somebody yesterday, is why in the world would they give to the decryption key? I mean, you know, just give me the $300 and so, you know. So how do you avoid being a, affected by ransomware? And the answer to that is good backups.
So, the problem with backups is most of them aren’t good. You know, not intrinsically good. Nothing is good. But, what I mean by that is first of all, the test of a backup is can I restore it. So, let’s say you have an external hard drive, and you back up your data to it. Alright. So every night, you have five files on your computer, a list of birthdays, your book that you’re writing and three others. And every night at 11:00, it copies that data over to the hard drive. So you did that on Monday. On Tuesday, it copies it over again.
So if I had been infected with ransomware between Monday and Tuesday, I had a known good copy over on my hard drive. And now they’ve encrypted on my internal hard drive. I copy the encrypted over the normal version. I’ve now lost the normal version. So now you say, “Well, gee. I have to have multiple backups.” And in a data center, we would do a daily backup that are separate. So I would have a backup from Monday, a backup from Tuesday, a backup from Wednesday, and then a weekly backup, and then a monthly backup. And I’d keep four weeks, and I’d keep five days or seven days of backups.
So… And I have to be able to test those to make sure I can actually read them. So it’s important, if you have a backup scheme, to isolate that backup from your system. Because here’s the problem. If you get a Ransomware, it goes and encrypts your hard drive. Well, your backup is connected. It’s going to encrypt that.
Okay, so now I’ve got an encrypted backup, which I can’t use. So now I have to have something that is disconnected. I use Backblaze. Backblaze provides backup over the internet, you know, in the cloud, unlimited for $50 a year. It sounds like a sales pitch, but very easy to use. And what’s nice about it is they also provide versioning. So my book, I had chapter one in my book on Monday. I backed that. It backs up to Backblaze. It’s in the cloud. On Tuesday morning, I write chapter one and extend it to chapter two. One file. And then it backs up to the clouds. Now I have two versions.
If I dial in and say I want the one from Monday… Now Wednesday comes. I get ransomwared, and it backs up to the cloud. Now I have three versions. Well, great. I can go back to Tuesday and get the most recent version.
Jacob: And does that work for multiple machines or is it…
Paul: You buy a license per machine. So it will…one of the nice things is it does support external hard drives as well, which is a nice feature and it’s unlimited. So, it’s a very nice service, very affordable, and a very viable way to do it. You know, and a very simple web interface. Do you say, “I want to get these files back,” and then you can download them and do that.
If your whole machine fails and you’re going to need, you know, 50 gigabytes back, they have an option where they will send you a thumb drive or a hard drive on it. And, they even make it so that, I think, if you return the hard drive, you can get a credit back for it.
So those, those are the things you want to do. You want to be aware that your backup is good and, the Backblaze is one of the best ways to do it.
Jacob: Wow. That’s great. Well, thanks for talking us through four ways or four plus ways of how to do…how to protect yourself from being hacked. I think it’s super helpful. And it’s certainly something that we all need to be attentive to and, diligent, vigilant about and, I certainly repent of having no security systems on my computer.
Paul: Well let’s to the what next time we talk, we’ll see if you have one at that point.