moosefish
first time at moosefish?
search moosefish
news
email
adventures
directory
map
galleries
john
amy
clara
lilly
henry
tokul
treen
movies
outside
specials
honeymoon
europe 2001
pacific 2002
pct 2002
kiwi 2002
pct 2003
pct 2005
3day 2006
Disney 2008
3day 2008
Disney 2011
volcanoes

Support moosefish

Is your browser up to date?
posted by John : September 30, 2013
You might know that I'm a bit of a computer nerd. But not just any run-of-the-mill computer nerd. A security computer nerd. That means I help people understand their security risk and formulate plans to address it.

Usually, I keep this confined to my employer and my family, for whom I am general purpose IT. Although I don't get a kick out of configuring their routers and setting up their new computers (ok, that part is fun) I do get a sense of fulfillment when I make them as secure as they can be.

The top two threats I see facing the average computer user are phishing and drive-by web browser compromises.

Even if you don't recognize the term, "phishing," you would recognize it when you see it. All those goofy emails that you get from UPS or Bank of America telling you that you need to do something right away or your package will go missing or your account will be closed... those are phishing attacks. You aren't expecting a package and you haven't banked with Bank of America since it was Seafirst, but maybe you should check it out.

PWND

Now they have your login and password. Heaven forbid you entered a credit card number or your Social Security number.

Unfortunately, other than telling you not to click on any link you get in email from an unexpected source there's little I can do to help you defend against phishing.

Drive-by attacks, though, I can help with. A drive-by attack, targeting your web browser (Safari, Firefox, Chrome, Internet Explorer, etc.), occurs when the attacker either convinces you to go to a site they control ("Hey! Click this! It's got dancing cats!") or they poison a site you just happen to visit. If your browser is vulnerable their attack may succeed and you'll be...

PWND

So how do you defend? Simple. Stop using the Internet. No? Then make sure you're patched. Of course, knowing whether you are fully patched can be tricky unless you have a tool to help you check.

Rapid7 makes security tools that I use in my professional life. (I'm just an amateur here.) One of these tools will check your browser for vulnerabilities and give you advice on how to fix them.

Click on this link and you'll go to a page that will test your browser.

If you're vulnerable, take a look at the recommendations for patching software like Java, Quicktime, and Adobe products. If you're not vulnerable, wow. Congratulations. You might want to check back here every once in a while to make sure you stay patched. (Seriously, wow. Good job.)

I hope this helps. I wish I could do more, but I can't support everyone. Except family, you get a free pass.

(For more information security tips click here.)

Subscribe to moosefish

Instagrams Instagram
Instagram



news | adventures