[clug] Security for home - Topic for discussion

Bob Edwards bob at cs.anu.edu.au
Mon Feb 25 03:42:16 UTC 2019 

On 25/2/19 12:21 pm, George at Clug via linux wrote:
> Bob,
> 
> 
> I liked your comments, they are an important starting point:
> 
> 
> How about:
> - what are you trying to protect (reputation, cpu cycles, privacy,
> ...)
> - how much is it worth to someone else
> - how much are you willing to expend to protect it
> 
> 
> To "what are you trying to protect", I would add "repurposing of your
> account or computer system for illegal means, theft of your identity,
> theft of your finances, theft of your privileged access to systems"
> 

Hi George,

The ellipses are there to cover a wide variety of other cases - what
about the safety of vulnerable people in your care (I still have
several child dependents who use the Internet at our home).

> 
> I read once that hackers can gain access to a person's account of a
> system which is of no obvious value, to gain access to the system in
> order to gain access to other accounts of to other systems, going
> along a chain, with the ultimate goal of gaining an account that has
> access to a major system. A reason to use separate passwords for each
> account that you have.
> 

Too true. Running a VPN back to a secure network from an insecure
device is another such example, which I see all too often.

cheers,
Bob Edwards.

> 
> A few links to help people with insomnia...
> 
> https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Access_Control_Systems
> https://acsc.gov.au/publications/protect/Secure_Administration.pdf
> http://www.infosecisland.com/blogview/25102-The-Importance-and-Requirements-of-Privileged-Access-Management.html
> https://en.wikipedia.org/wiki/Security_hacker
> 
> 
> 
> 
> 
> 
> George.
> 
> 
> 
> 
> 
> 
> 
> 
> On Monday, 25-02-2019 at 11:36 Bob Edwards via linux wrote:
> 
> 
> On 25/2/19 10:51 am, Brenton Ross via linux wrote:
>> On Mon, 2019-02-25 at 10:01 +1100, Kim Holburn via linux wrote:
>>>
>>> On 2019/Feb/24, at 8:53 pm, Bryan Kilgallin via linux
> 	*  wrote:
>>>
>>> Thanks, Kim:
>>>
>>> I have an on-going project to make home networks more secure.
>>>
>>> How can one measure a baseline?
>>>
>>> Impossible question.  How do you?
>>>
>> If it was my problem I would proceed thus:
>>
>> You start with a list of all known attacks.
>> You rate each one according to how difficult it is to implement.
>> You score a network according to how many it resists.
>>
>>
> 
> "all known attacks" => known to you (the author(s) of the list).
>   all attacks known to others, now or in the future.
> 
> How about:
> - what are you trying to protect (reputation, cpu cycles, privacy ...)
> - how much is it worth to someone else
> - how much are you willing to expend to protect it
> 
> More airy-fairy, but allows you to have a life.
> 
> cheers,
> Bob Edwards
>

More information about the linux mailing list