All this of a secure Password, 2FA, VPN, AV etc. does not work, while
1 the user lacks common sense, as this is the largest security hole.
2 if the user has an account in a software or service that sells his data to third parties (surveillance advertising), which is the methode of most US softcompanies to create money, also FOSS.
3 thinking that exist 100% privacy and security if you goes online.
1 the user lacks common sense, as this is the largest security hole.
what we as top 5% IT professionals call “common sense” is completely different from what a “I’m not a computer person” person would call common sense.
Seen in the Web
“I’m going to open this attachment in my mail, surely nothing happens”
“My 300 friends on Facebook are sure to rejoice, when I tell them that tomorrow I will travel to the Bahamas on vacation”
“Die of Envy, here the photo of my new home in…”
“I’m going to upload a photocopy of my ID and credit card to Google, so that I can watch this age restricterd video on YouTube”.
“Call me in this number seen in my last post”
And worse
It is one thing to not be an IT specialist and another to not be an idiot.
It is one thing to not be an IT specialist and another to not be an idiot.
Most people are idiots, by that measure.
Yeah, writing down your password on a piece of paper can be safer than in an (unencrypted) text file, as long as you hide it well enough
I bet that a piece of paper on your home is way more secure than a password stored in plain text
yes, that is what they said.
In this point Windows is more secure, because it stores the password encrypted in the HD in a second Keyring, most Linux stored them in plain text. Anyway, a current mistake is to use 12345 as password in all accounts.
Nowadays most (maybe all) linux distributions use etc/shadow for passwords - passwords are encrypted, not plaintext.
You can easy test it, go to your browser settings, to passwords and click on “See password”. Doing this in Windows, it opens a Pop-up where you must put the system password before you can see the passwords stored. In last Linux I used (Kubuntu), I could see the passwords directly. Well, it was some time ago, maybe this has changed in last distros.
If you use Firefox, password manager stores its data encrypted (not in plain text). You can also turn on the master password requirement if you like.
Same in all other browsers, in Windows it’s encrypted anyway in a second keyring, but the lack is, that, when they create a random password, you can’t recover it in case of lost or the HD/PC goes to Valhalla. Same with all other password Manager (I know) Better and more secure to trust in a simple papernote or in your memory.
I thought you were just writing about system passwords. I don’t save website passwords in my browser - but I’m glad that windows users have a more secure option to do so.
Yes, Microsoft is certainly an oligopoly that abuses its position with sometimes unethical practices and Windows by default is full of all kinds of spyware and not very respectful of user privacy (although with a little knowledge you can disable these bad habits), but in point security is impeccable and perhaps one of the most secure OS currently. Apparently MS has learned a lot from the past, precisely because it is the main target of the attacks as the majority OS is. The defenses he currently incorporates are among the best on the market.
It makes sense that they would need to do so, given the end-user idiocy mentioned in your other comments on this post. I know plenty of technical users of Windows, but I also know everyone else in my life who uses Windows - the technically savvy users are a rounding error.
Linux store what in plain text???
Some good and some bad advise, but don’t fall for the anti-virus shilling. The author works for SophosLabs and the article is hidden advertisement for anti-virus software.
Most anti-virus are snake-oil that increase and not decrease your risk and many are also collecting and selling your private data.
Most home users need Antivirus, though, since they don’t know how to administrate their PC properly. Many download random stuff from the internet and don’t think twice about executing, in fact they happily click away all warnings multiple times.
An up to date Windows with Windows Defender is sufficient for that though… or rather no amount of anti-virus is going to solve that problem.
In addition there have been several documented attacks that specifically used anti-virus features like automatic scanning of email attachments that would have been impossible without this additional software with deep system access.
Antivirus on Windows can stop real threats.
Thanks, grat read!
A pretty kekful read, might install a paid antivirus later idk