Main Area and Open Discussion > General Software Discussion
advice on security setup for my elderly inlaws
Deozaan:
It sounds like she doesn't really know what she's doing anyway, so if the cost of buying a Chromebook for her is a bit much, she might not be any worse off with an inexpensive SBC (Raspberry Pi or Odroid) running Linux with the basics (Browser, Office Suite) installed.
Stoic Joker:
Trying to hide in/on an obscure platform ultimately makes one more vulnerable because in the new platform agnostic attack age everybody gets a turn, and the ones that think they're 'safe' tend to get hit the worst.
-Stoic Joker (May 09, 2016, 07:00 AM)
--- End quote ---
Are you calling Chrome OS an "obscure platform"? :)-dr_andus (May 09, 2016, 08:12 AM)
--- End quote ---
Not to put too fine a point on it, but...yes I am.
Security by Obscurity = nobody is writing exploits for this platform so it must be secure, because nobody is writing exploits for it... (see where that loops?)
As variety becomes more the norm, the platform isn't always guaranteed, so web based attacks can/will start using more - platform agnostic - web based code.
It might not be the most widely used platform, but it's now used in over 50% of US schools, and part of that is (besides it being idiot-proof) the security. You can't run a .exe file on it. Enough said. How confident is Google about this security?-dr_andus (May 09, 2016, 08:12 AM)
--- End quote ---
All the more reason why its user base should start expecting some - unpleasant - attention..
See exhibit 1:
Google Will Pay You $100,000 to Hack a Chromebook-dr_andus (May 09, 2016, 08:12 AM)
--- End quote ---
Completely, utterly, and mind-blowingly academic. Nobody cares if you can or can't hack the Operating System, it's not the target ... The user is.
Ransomware targets the user to get them to compromise their own files. Click here...boom! Your stuff is gone (/encrypted). Now what?
Chrome OS probably is just fine for less adept users...but assuming that it will magically defend against ransomware just because it isn't Windows is a very very risky strategy. Because - regardless of how well you lock down any OS - the user will always have full and complete access to their own stuff, and that's what ransomware is counting on.
It doesn't have to be encrypted well, it just has to be encrypted some how.
dr_andus:
Ransomware targets the user to get them to compromise their own files. Click here...boom! Your stuff is gone (/encrypted). Now what?-Stoic Joker (May 09, 2016, 12:54 PM)
--- End quote ---
How would that work on Chome OS though? You don't normally keep your files on the Chromebook, you keep them in Google Drive. So a hacker would need to hack Google's server to be able to access and encrypt the files. At that point it would also become Google's problem, so the user is not entirely alone to face the problem, like when it's your Windows machine that gets infected.
While it's possible to keep files locally in a Chromebook, it is not encouraged, and there is not a lot of space (a typical Chromebook comes with 16GB local drive). But it's not possible to run an executable in Chrome OS, so the risk of ransomware seems remote.
Chrome OS probably is just fine for less adept users...but assuming that it will magically defend against ransomware just because it isn't Windows is a very very risky strategy.
-Stoic Joker (May 09, 2016, 12:54 PM)
--- End quote ---
Actually security by obscurity worked well enough for quite a few years for those on the Mac and Linux platforms. So if Chrome OS is obscure and its obscurity gives it some safety, maybe there is some value in that, even if it's temporary and not absolute.
Just make sure you're running uBlock Origin and there is very little chance of coming across any advertising whatsoever. That should reduce the chance of ending up on some ransomware website.
Target:
all very interesting, but largely academic ie I'm not coughing up hundreds of dollars for a new machine when the only problem with the old one is between the keyboard and the chair
A significant part of the problem here is that I don't know what actually happened. I have a suspicion that there was no malware involved and that she simply responded to a browser popup but I won't know until I can look at the machine (another week), if then
She's not stupid, but she's not very computer literate and she clearly doesn't comprehend the risks (well, maybe she has some idea now) so I've tried to keep things as simple as possible.
I'd like to continue in that vein, so pretty much anything I do needs to be fairly transparent. I appreciate your assistance so far but security is a complex business (to me, at least) and there's so much contradictory info out there it's difficult to know whats good and whats not so I'm looking for some recommendations that don't involve replacing a perfectly good machine
dr_andus:
The suggestion to add adblockers to her browsers still stands. I had good results with uBlock Origin in Chrome and Adblock Plus in Firefox.
You could also add Malwarebytes Anti-Malware to complement the a/v software.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version