Skip to main content

How to stay secure?



We are living in an era where technology is developing at a great pace and due to these security issues are also increasing day by day. Due to which our privacy is no longer private. I wouldn’t speak out the name because I will be judgmental.

So, in this I will tell you how you can remain secure up to an extent.

Becoming completely anonymous is difficult.

Without a further due let’s see my ways to remain secure and private.

Note: Here I will tell you about bot PC as well as Smartphone but majority of content will be concentrating on PC

1.      Update your PC and Smartphone.
2.      Admin privileges
3.      Browser
4.      2-step verification.


1. Update your PC and Smartphone.

By this mean to say always keep your system and apps up to date. Whenever they push an update do it. That’s for your benefit. Why this important is because majority of the update are the system patches and bug which have been fixed. If you don’t update then you can get infected by the common vulnerability which are been fixed in update as all the hacker will know the bug which is been patched and if hack into your system easily.
This should be done in both PC and Smartphones.

2.   Admin Privileges.

You should always use your PC in local account. This means you should create an local 
user in your P.C which doesn’t have admin privileges.

Why it is important?

According to Microsoft vulnerability Report 2019 around 81% of Microsoft vulnerability in eliminated in enforcing least privileges and removing admin rights.  

If this bounced up your let’s take an example.

Assume admin as a boss and local user as employee of the company. Here boss have all the right of the company, boss can do anything he wants but employee can’t do all things employee has limitation. Same concept applies to PC. Admin control all the process of the computer and local user don’t have control over all process.
Due to which if a malicious file enters your system in local user then it the effect in diluted. And some malware requires admin power to execute so in this situation you are safe.
I recommend you to create local user with least privileges in your PC and use admin account only will installing necessary software.

3.   Browser   

Google is the biggest culprit when it comes to web tracking, with hidden tracker found on around 76% of the top million site.
My recommendation is to uninstall google chrome and user other browser available in the market.
Here is the list of Browser:
  1.       Brave (My personal Favorite)
  2.       Vivaldi
  3.       Tor


Pro tip: Don’t use UC browser and opera they both belong to same category of Google chrome.

According to my opinion Brave browser is best from interface to it privacy as well as it's AD blocker feature. I loved it one of the best browsers, I have ever use.

4.   2-step verification

2-step verification can save your from getting hacked if the hacked came to know your password.

Basically, it adding an extra layer of security for logging in successfully , by asking permission on the main device which you have set in the setting. Or you can use SMS verification as well. And the new concept which no longer new, authenticator app which provide you a 6-Digit code that is randomly generated every 30 second (it changes every 30 seconds). Most popular app is Google authenticator app.

Note: This authenticator is available for smartphones only.

Enable 2-step verification in all your account and add an extra layer of security to your 
privacy.

Related Links:
  1. Microsoft vulnerability Report 2019
  2. Google Authenticator app


This were my 4 tips of begin somewhat secure and private.
If like the content share it with your friend.
And don’t forget to subscribe our blog which on top of the page.
Thanks for reading this blog.




Comments

Popular posts from this blog

Secure Network(Week 4)

Network hardening is the process of securing a network by reducing its potential vulnerabilities through configuration changes and taking specific steps.   Implicit deny is a network security concept where anything not explicitly permitted or allowed should be denied. Analyzing logs is the practice of collecting logs from different networks and sometimes client devices on your network, then performing an automated analysis on them. Correlation analysis is the process of taking log data from different systems and matching events across the systems. Flood guards provide protection against Dos or denial of service attacks. EAP-TLS is an authentication type supported by EAP that uses TLS to provide mutual authentication of both the client and the authenticating server.   if you really want to lock down your network, you can implement 802.1x . DHCP Snooping Attack Why WEP Encryption fall apart? A general concept in security and encryption is to never send the plain ...

Troubleshooting and debugging

Troubleshooting is the process of identifying, analyzing, and solving problems.  Debugging is the process of identifying, analyzing, and removing bugs in a system. We sometimes use troubleshooting and debugging interchangeably.  But generally, we say troubleshooting when we're fixing problems in the system running the application, and debugging when we're fixing the bugs in the actual code of the application. Debuggers let us follow the code line by line, inspect changes in variable assignments, interrupt the program when a specific condition is met, and more. System calls are the calls that the programs running on our computer make to the running kernel.   A reproduction case is a way to verify if the problem is present or not. Where to check for log file in OS? On Linux , you'd read system logs like /var/log/syslog and user-specific logs like the .xsession-errors file located in the user's home directory. On MacOs , on top of the system logs, you'd go through...

Authentication Authorization Accounting(week 3)

Identification is the idea of describing an entity uniquely. Biometric authentication is the process of using unique physiological characteristics of an individual to identify them. C.R.L(Certificate revocation list) :This is a signed list published by the CA which defines certificates that have been explicitly revoked. Lightweight Directory Access Protocol(LDAP): LDAP is an open industry-standard protocol for accessing and maintaining directory services. Authentication is related to verifying the identity a user, authorization pertains to describing what the user account has access to or doesn't have access to. An access control list or ACL , is a way of defining permissions or authorizations for objects.  RADIUS or Remote Authentication Dial-In User Service , is a protocol that provides AAA services for users on a network.It's a very common protocol used to manage access to internal networks, WiFi networks, email services and VPN services. when a client wants to access a r...