Remote wipe. If you can’t find a lost or stolen device, the next best thing is to remotely wipe all personal data. Not all vendors offer remote wipe, but many, including Apple and Microsoft, do. When activated, the device, which is hopefully already encrypted and protected against unauthorized logons, will either wipe all private data when a certain number of incorrect logons are entered or when instructed to do so upon the next connection to the internet (after being instructed to wipe itself by you).
All of the above provide a foundation for an overall secure computing experience. Without firmware, boot, and storage encryption protection mechanisms, a truly secure computing experience cannot be ensured. But that’s only the start.
True privacy requires a secure network
The most paranoid computer security practitioners want every network connection they use to be secured. And it all starts with a VPN.
Secure VPN. Most of us are familiar with VPNs, from connecting remotely to our work networks. Corporate VPNs provide secure connectivity from your offsite remote location to the company network, but often offer no or limited protection to any other network location.
Many hardware devices and software programs allow you to use a secure VPN no matter where you connect. With these boxes or programs, your network connection is encrypted from your device to your destination, as far as possible. The best VPNs hide your originating information and/or randomly tunnel your connection among many other participating devices, making it harder for eavesdroppers to determine your identity or location.
Tor is the most used, free, secure VPN service available today. Using a Tor-enabled browser, all of your network traffic is routed over randomly selected intermediate nodes, encrypting as much as the traffic as possible. Tens of millions of people rely on Tor to provide a reasonable level of privacy and security. But Tor has many well-known weaknesses, ones that other secure VPN solutions, such as MIT’s Riffle or Freenet are attempting to solve. Most of these attempts, however, are more theoretical than deployed (for example, Riffle) or require opt-in, exclusionary participation to be more secure (such as Freenet). Freenet, for example, will only connect to other participating Freenet nodes (when in “darknet” mode) that you know of in advance. You can’t connect to other people and sites outside of Freenet when in this mode.
Anonymity services. Anonymity services, which may or may not provide VPN as well, are an intermediate proxy that completes a network request on behalf of the user. The user submits his or her connection attempt or browser connection to the anonymity site, which completes the query, obtains the result, and passes it back to the user. Anyone eavesdropping on the destination connection would be more likely to be stopped from tracking beyond the anonymity site, which hides the originator’s information. There are loads of anonymity services available on the web.
Sign up for Computerworld eNewsletters.