A frequently-asked query:
I’ve been a Desktop Support Technician for quite a while and have worked on multiple home user computers as well as in a corporate network setting. I’ve worked on so many systems infected with all sorts of malicious software designed to gather information from all sorts of programs, so I know how these programs work and how hard they are to detect and remove (especcially kernel-mode rootkits).
Knowing these security risks I follow this rule, If I even suspect I have been infected with malware, (asides from tracking cookies) I reformat. I backup my data and perform a deep format of the hard disk and reinstall the system. I keep a slip streamed cd of Windows XP with most of the current security updates, and as soon as I re-install I download the rest and add it to a new slipstreamed compilation. Once I’ve done that, I change all passwords to all my accounts for sites ranging from gmail to my bank. I also change the user names and passwords for all devices on my network including Modems, Routers, NAS devices, and Workstations. I run a 16 character minimum alphanumeric password with both upper and lowercase characters and I even include special characters like ‘+’, ‘*’, ‘!’, ‘@’, ‘$’, etc… I also run XP in ‘Limited User’ Account and use different passwords for each account.
I know what people can do with infected machines, and it goes beyond stealing passwords. They can install software, delete personal files, send illicit or threatening emails using my computer; They can even host sites on my computer and steal bandwidth to stream data and can use the bandwidth to perform DDOS attacks.
I don’t take this stuff lightly, but my Wife says I take it too far and I make it too hard on her to remember all of these passwords. She doesn’t seem too keen on learning how to use PasswordSafe either.
Did any other fellow security minded people have trouble getting their spouse to understand them? How did you get your spouse on board with your home network security procedures (assuming you did)?
I have been thinking about setting up a SAMBA server to create a windows Domain, so I can edit the Group Policy to force password resets and other good security measures, but am afraid she will think I am forcing my security standards on her.
You can run macs but you are still affected by the SSL security flaw that has yet to be patched, I do LOVE linux but my wife refuses to use that too because she likes to play WOW.
We did take calculated risks, and my wife wound up getting her WOW account stolen by a keylogger, so maybe now she will be more paranoid, but I am still thinking she should reformat being that she may have a kernel-loaded keylogger that might already be undetectable by our antivirus.