So the other week I have been working on my dedicated box, just to make it a bit easier to work with in the future. One of the things I was trying to understand and learn was yum update and bash scripting. So why not combine the two? Right.. This blog entry is the result, hopefully also of some use to others.
Over the last few years I have taken ‘being online’ a lot more serious, especially the security aspect. Trojans, rootkits, viruses, naughty cookies, xss exploits in sites and advertisements, and all that nasty stuff is now a day to day matter. Not to mention fraud, scams, spam and id-theft.
Particularly with being ‘on’ 24/7/365 because of high speed broadband internet. Participating in online communities, social networks, online loans, online banking, online dating and e-commerce, etc. brings risks with it.
Sure, you can run a bunch of software and addons to try and prevent all this, but it is a second level of defense. I think that it is more important to start at the beginning. Your first line of defense is your own browsing behavior.
Instead of just clicking dialog windows, links on sites, and entering details in forms, etc. As a user you should learn to take a second to read the screen, realize what is going on. And learn to say no. Don’t read emails you are not expecting, don’t follow links from emails. Don’t click on dialog windows that should not pop up; things like that.
Aside from trying to improve my online behavior I try to improve my own security, to lower the damage if something does go wrong. I am making sure I use hard to guess, long, and random passwords. One for each login. I try to make a unique less obvious login name if a web site supports this (and use a public obvious screen name so people recognize me easily still).
I do not follow links from unofficial sites that point to (claiming to be) official sites. I open a new tab and type out the url or use my bookmarks. I do the same with emails. I never click on email links, I load a browser and type in the url. This is to ensure I won’t accidentally click on a phishing link or xss exploit link for online banking, paypal, ebay, and such. As for email, I try to limit this to plain text email only. Avoiding html emails as much as possible to ensure no naughty script could get through a filter. And as for attachments, I don’t even open them unless I am expecting someone to send me something.
For web sites I try to not store the passwords (remember me off) on the laptop, but for convenience I do use this on the workstation. But, as an extra layer of security I turned on the master password feature in FireFox so no data is entered in any form unless I manually confirm this.
When I do browse to sites where I have to login and know that the information is privacy sensitive I try to use encrypted connections only. Before I explain that I want to add to this that I hardly ever (almost never) use a public proxy or some proxy / or a free VPN site or something like that to browse sites where I need to login. I simply can’t be insured that my data is not mirrored to some naughty admin who will abuse it. So, where possible I try to login using https. This has an ‘s’ in the url, instead of just http. The s means the session is encrypted over a secure socket layer protocol. Making the data unreadable to anybody snooping on the line (man in the middle idea).
Example, you could just type in your browser gmail.com and end up on your web mail. But I have a bookmark that brings me to https://mail.google.com and ensures my login is encrypted and my mail browsing / composing and reading session is encrypted.
Where possible: take and use https – gmail uses it, online banking uses it and most payment sites use it.
Talking about sites where you can buy stuff, make sure the line is indeed secured and your session is over https. Your browser will display a small lock icon in the bottom of the browser. Also, make sure that if you do enter your credit card details that you’re doing this on a third party official and well known CC processor site. And not in a normal web page on the companies own web site. Why give them your name, number and security code and expiry date? Do you really trust them?
At this point you probably think ‘wow this guy is paranoid’, and I might agree with you. But. I’ve slowly learned how to adjust my online behavior and it has helped me feel more secure and be more secure. Once you changed the simple things like unique passwords for accounts. Not clicking links in mails and from unofficial sites, using https where possible, etc. You will quickly find it is second nature. I don’t even think about it anymore really. And it helps me have more time to just open my mail client and read those emails I was expecting. Instead of browsing through 75% garbage and risking getting infected. I just delete the garbage on the fly.
So, have fun improving your online security. Well, it’s not really fun – but it helps make things easier for you. You will quickly find that you can identify the garbage and identify real emails (sites, logins, etc).
Feel free to register on the blog and leave a comment, suggestion or other feedback. And please come back to find another blog about how I secured my network / internet connection.
My Mac Pro has a bunch of hard drives right now, and I have been adding, swapping, and removing drives the last few months. It was time for me to get a bit more organized and I think that’s a great tip for everybody. It gives you a much better understanding of what is on your computer system.
You might think “What is so hard about finding stuff on your hard drive”, well .. let me give you a simple example: Your browser might store downloaded files on your Desktop, while you have an OS ‘Downloads/’ folder, or perhaps your torrent client stores it in ‘programs/client/downloads/’, making it a bit annoying having to browse around while a single link on your desktop to your ‘Downloads/’ folder might make it a lot easier for you.
First things first of course, what goes where?
My first drive in the Mac Pro is currently a 250GB drive (called MacHD) which is used to store the OSX 10.5 operating system and the programs I use. Most of the data that result from those programs are stored on the second drive which I called the DataHD, it’s 320GB. This drive has a folder called backup_machd where I store backups of certain files from the MacHD drive. The MacHD drive by the way has a folder called backup_datahd where I store daily backups of the DataHD folders. Since there’s enough space no the DataHD I also have a htdocs/ folder in the root where I have my localhost ‘dev’ stuff, such as a test instance of vBulletin, or the svn build from DeskPro, stuff like that. The MacHD (almost forgot to mention) has a folder called bash where I have my custom coded bash scripts that help me run daily or weekly crontabs to make archived backups of certain folders (among other things).
These two drives, the MacHD and the DataHD drives are being backed up with the ‘Time Machine’ feature from Leopard. I have an external USB 2.0 box with 2x 160GB hard drives. Not perfect, but when I have a bit of extra cash in 2008 I will upgrade these a larger size so I can have bigger backups that go back further in time. These are the only back ups I make of my internal drives. I do not really back up my media drives.
I have 2 more USB 2.0 external drives, but they’re used to back up data for a few web sites. I don’t use them, and the back ups are done automatically. I just check once a month if things are still going ok. But it’s kept separate from my ‘live’ system.
I also have 2 media drives. One is called MediaHD (320GB) which stores my music, movies, games, and downloads. I point all my programs to that download things from the net to this downloads folder, which has sub folders to keep it organized and easy to find. The other drive is called TvHD where I store my purchased TV shows. I really like good tv shows and I watch a lot. It’s a 750GB drive. The drive is split in 2 partitions though. A very small portion is used by Adobe and ProTools as a ‘cache drive’ to help speed up running filters and renders on huge media files. Since there’s over a terabyte of data on the media drives I do not back them up. It’s a risk I am willing to take. I don’t want to hog my system backup moment because it’s trying to backup and compress huge files that I can re-download from iTunes or Amazon.
The Mac OSX comes with default folders for Music, Pictures, Documents, Downloads, etc, but I really don’t use them. They’re useless to me as they are on the Main HDD and I store everything on other drives. It’s a bit of a hassle to change the original symlinks and I just dragged them out of Finder, and dragged my own entry point folders into the sidebar. I also made my own small stack folder which are quick links to all these folders. Making it very easy and quick to use.
My plan for the future is to add a 1TB drive into the system, replacing the 320GB MediaHD one. And use the 320GB MediaHD as an Ethernet network drive. I have 1 port on my router unused, and it would be nice if all systems in the apartment or visitors coming over, can use this network drive. Eventually I also want to replace the MacHD that’s 250GB with a bigger one. And move the 250GB as a dedicated MusicHD on the FireWire800 port. And if I ignore the lack of money in my wallet, I could imagine having the MyBook of 1 or 2TB as external backup drive on the other firewire800 port, for backing up the MacHD and the DataHD with TimeMachine.
For now I have enough space obviously, and there’s no problem making new space either. There’s enough data like old music, or a few movies or tv shows that I won’t ‘watch’ again. Or I could throw away backups older then 6 months.
But back to the topic. On my old PC I just had it where the OS threw it, or that particular program. And it was quite annoying to find it back, or to take the time and organize it. Or just accept that the Desktop is filled with icons. On my Mac now I have things a lot more organized in a way that it is, for me personally, easy to find. Media goes to the media drives, data goes to the data drive. And software goes to the Mac drive.
Now, if anything breaks, I loose either all my Data (which I have a backup of) or my programs (and I will still have all my data after a re-install) or I loose my media (and then I cry a little, but at least I still have all my data). Hard drives are a lot cheaper these days, getting a 500gb for around 100 bucks is kind of easy to find. The Mac Pro can have up to four drives in it. And it takes the 7200.11 Sata2 drives from Seagate which are 1TB. So that’s 4 TB of data! Then there are of course the options to expand over USB ports, Firewire ports, and eventually over the Network on Ethernet or even add Wifi drives.
Who needs DVD burners right?
Here are some pictures of me adding the new 320GB and 750GB to the system (which I done earlier this year)