This Blog Is Not For Reading

A blog, just like any blog, only more so

  • Subscribe

  • Categories

  • RSS Bob Jonkman’s Microblog

    • New note by bobjonkman 12 December 2017
      And just to get this thread in the appropriate hashtag lists: #KWLinuxfest #Linuxfest #GNULinuxfest #Kitchener #Waterloo #Ontario #Canada
    • New note by bobjonkman 12 December 2017
      We're looking for a new venue, too. Possibly one of the local tech companies that uses and contributes to GNU/Linux and #FreeSoftware
    • New note by bobjonkman 12 December 2017
      I know... The founder and primary organizer Colin Mills @_c_jm@twitter.com is a student at Conestoga College so we were holding the event there. But there was a strike by Ontario's college staff and faculty, and the school year got compressed, so the venue was no longer available on the original date, and Colin will be […]
    • New note by bobjonkman 11 December 2017
      93.6% in fact. I'm having a 50% probability of errors while mathing today.
    • New note by bobjonkman 11 December 2017
      If you've got a 6.4% probability to miss in all three turns, then for the next three turns I would expect a 93% probability of getting at least one hit -- much higher than the probability of missing three turns in a row again!
    • New note by bobjonkman 11 December 2017
      Exactly! So if your typical hit rate is 50%, but you have a run of misses, then for the next run I would expect a hit rate of 50% -- much higher than your previous run of misses! :-)
    • New note by bobjonkman 11 December 2017
      OK, what do this company do? "$COMPANY invests in and supports experienced operators and world-class researchers to build transformative businesses and products for global markets based on classical technologies."
    • New note by bobjonkman 11 December 2017
      Do they publish a calendar in machine-readable format? ie. iCal or CalDAV or even just a static .ics file? #CALSCH
    • New note by bobjonkman 11 December 2017
      Poor you. I haven't needed to touch ArcServe in over a decade, back on Novell Netware systems. Whenever there was a problem, ArcServe was always a contributor, somehow.
    • New note by bobjonkman 11 December 2017
      That's not incorrect. If your unit misses several times, then you should expect to hit more frequently after a run of misses, assuming your normal average of hits is greater than zero.

Electoral Reform — My Submission to the #ERRE Committee

Posted by Bob Jonkman on 7th October 2016

To: Special Committee on Electoral Reform

From: Bob Jonkman
6 James Street
Elmira, Ontario
Canada N3B 1L5

Summary:

* I’m in favour of any electoral system that provides a proportional outcome.
* I’m opposed to a referendum.
* I’m opposed to mandatory voting.
* I’m opposed to online voting or using voting machines.

Submission:

I am the Co-Chair for the Fair Vote Canada Waterloo Region Chapter, and was a Green Party candidate in the 2015 Federal Election. Since the 2007 Ontario referendum on Electoral Reform I have been advocating for a proportional representation system at all levels of government by speaking with fellow citizens at local festivals, information booths, and community dialogues.

However, I submit this brief personally, as one individual citizen. Although my views have been shaped by working for advocacy groups and speaking with others, this brief represents my views alone.

The First-Past-The-Post system does not meet any of your (the Special Committee on Electoral Reform’s) principles for electoral reform:
* FPTP is not effective or legitimate: 39% of the vote should not result in a majority in Parliament.
* FPTP suppresses voter engagement: People don’t bother to vote when results aren’t effective or legitimate.
* FPTP is not inclusive: More than half of the voters are not represented by someone they voted for.
* FPTP undermines integrity: While election results are verifiable, there is little public trust that those results reflect the voters’ will.
* FPTP does not result in local representation: Anyone who did not vote for the winning candidate is not adequately represented.

Proportional Representation will fix all these problems. It does not matter much to me what kind of electoral system is chosen, as long as the outcome is proportional, that the party allocation of seats in Parliament reflect the proportion of votes cast nationally, and that all votes count equally.

There is no need for a referendum; the decision to eliminate the First-Past-The-Post voting system has already been made by the voters in the previous election.

I won’t detail the mechanics of any preferred electoral system, that is best left to an expert group which can be appointed as part of Elections Canada to implement the recommendations of this Committee. I do want to indicate my preference for multi-member districts, with votes counted by a Single Transferable Vote system.

Of course, the larger the multi-member district, the better the proportionality, but larger districts mean poorer local representation. There is no need to have all multi-member districts be the same size, or have the same number of representatives, or have the same population. A maximum district size of 10-15 current ridings in densely populated areas would ensure that even smaller parties are represented, while still having Members of Parliament accessible to all citizens. Sparsely populated areas can have larger areas with fewer members. A smaller province or territory can form an entire multi-member district.

Perhaps to better meet the Local Representation criterion a Mixed Member Proportional voting system can be used; again, densely populated districts can be made up of 10-15 current ridings. There is no need to have all districts be the same size, or have the same ratio of single-member ridings to top-up members, the better to adapt to the different populations and geographic size of different areas of Canada.

Do not create an unnecessary division of voters, as the Urban-Rural voting system proposal would do. Canada is a population of many groups, cultures, religions, and economic conditions; formalizing a divide between urban and rural areas by having one voting system for urban populations and a different voting system for rural populations violates the Inclusiveness criterion. Having different voting systems for men and women, or rich and poor, or Indigenous and Colonialists, or Muslims and Jews would not be tolerated in Canada; don’t create such a division between Urban and Rural.

I am opposed to any thresholds. It is often suggested that there be a threshold of 5%, 10% or even 15% of the popular vote in order for a party to gain any seats in a proportional system. But a threshold denies the voters for a small party their proportional representation. When a party receives 0.295% of the popular vote (that is, the equivalent of 1 seat out of 338) it shows sufficient interest by the voters that the party should receive 0.295% of the seats.

Whatever system is chosen, it must achieve proportionality of votes to seats in Parliament.

Electoral Reform is a process, not an event. Whatever system is chosen, it must be clear that future enhancements can be made to fix deficiencies that are sure to be identified in the next election. These fixes can range from changing electoral district boundaries, to changing the ratio of single-member ridings to top-up members, to increasing the number of members in Parliament.

I fear that some future government may change the electoral system back to a non-proportional system, by burying such legislation in an omnibus bill in which most of the legislation does have support of the House. To ensure the longevity of the changes being proposed by the Committee, perhaps one of the recommendations can be to have the principle of proportionality in an electoral system enshrined in the Constitution. That recommendation can be implemented after one or two elections, once Canadians have become familiar with a cooperative parliament that builds legislation by consenus.

I urge the Committee to make a recommendation that Parliament pass legislation to implement an electoral system that achieves Proportional Representation, but that the Committee’s recommendation only broadly describes an electoral system such as STV or MMP to achieve Proportional Representation, and to leave the details such as number of citizens per district, number of Members per district, ratio of single-member ridings to top-up members, etc. to a group of experts working for Elections Canada.

While it is not part of the mandate of this Committee, I would like to point out that Canadians are woefully under-represented by their Members of Parliament. Typical electoral district sizes have 100,000 citizens for one Member of Parliament; even if the MP spent eight hours a day, 365 days a year meeting with the constituents, each constituent would have less than two minutes to spend with the MP, and the MP would have no time to spend in Parliament to do any other work. While it is an unpopular opinion amongst taxpayers, I think Canadians would be well served and get better representation by having more politicians.

I am against Mandatory Voting: Candians should not be coerced into casting a ballot. There is no issue of safety (as with mandatory drivers’ licences), or social covenant (as with mandatory taxes).

Imposing penalties for not voting will unfairly and disproportionally punish those who do not vote today: The poor, the homeless, and the uneducated; those who can least afford to pay fines and spend time in court or jail.

Today there is no effective way to cast a ballot of dissent. A ballot spoiled to indicate dissatisfaction with all the candidates is indistinguishable from a ballot spoiled by someone unskilled in the art of voting.

Rather than mandatory voting, give voters the opportunity for greater expression in the marking of their ballots. Provide an option to decline to vote at the polling booth, and have a “None of the above” choice on the ballot. But when “None of the above” achieves a significant number of votes (such as a plurality in a single-member riding or reaching the quota in a multi-member district) there must be consequences, such as calling a by-election to allow fresh candidates to fill that vacancy.

I am a little bit sympathetic to the idea that with mandatory voting political parties may change their campaign strategies to appeal to that portion of the electorate that does not vote today, but there are other ways to get political parties to civilize their campaign strategies by reducing campaign spending limits and allowing small campaign contributions only from private citizens.

I am opposed to electronic voting and online voting. I am a computer consultant by profession, and nothing I see in my work shows that people’s home computers or even the computers in most businesses have the security capable of upholding the Integrity requirement, ensuring reliable and verifiable results.

The main issue with online voting is not computer security, but a fundamental incompatibility between voter identity and the secret ballot.

When voting takes place outside of a polling station it is important that voter identity is established to prevent fraud. It must be provable that the ballot filled in online was actually filled in by a registered voter, and not by someone impersonating that voter. To achieve this, voters need to be issued a ballot with a serial number or barcode to ensure that only that one ballot is filled in for that registered voter. But if every ballot cast has a serial number, then the completed ballot with the voter’s choices is identifiable with the voter’s name and registration information. The secret ballot is impossible, and the Integrity criterion cannot be met.

When voting does not take place in a polling station then it is possible that a voter will be coerced into voting according to the demands of the “head” of the household, or voting at the workplace according to the employer’s demands. Without the scrutiny of Elections Canada, voting integrity cannot be ensured.

But computer security is an issue too. People’s personal computers are constantly being attacked by computer viruses, malicious web sites, and denial of service attacks from compromised Webcams. And spam. The difficulty of ensuring online voting integrity is at least as great as is the difficulty of eliminating spam (unsolicited, unwanted e‑mail, sometimes commercial in nature, sent in bulk). If you haven’t experienced problems with spam then it is likely your E‑mail Service Provider is filtering your e‑mail for you – but how many good messages are being filtered accidentally? You’ll never know, because you’ll never see them.

There are actually very few large-scale spammers on the Internet, maybe a couple of dozen at most. But they’re responsible for almost all the unwanted e‑mail that clogs up billions of e‑mail accounts in the world. It shows how a few bad actors on the Internet can completely overwhelm an e‑mail system. Similarly, a few bad actors on the Internet can completely compromise an online voting system. If we can’t secure our mail systems to solve the spam problem, it is unlikely that we’ll be able to secure everyone’s computer to guarantee online voting integrity.

It is unfortunate that there were so few computer security experts providing witness testimony to the Committee. Almost every computer security expert who has commented on electronic voting since the U.S. “hanging chad” elections in 2000 has decried the use of voting machines, and, more recently, online voting. Voting machines are regularly compromised, are not auditable by design (they have proprietary source code), and are prone to failure when needed most. Computer security lecturers delight their audiences with tales of voting machine touch screens that dodge the target when the “wrong” vote is selected, or that play marching band music after they’ve been compromised by a prankish hacker.

Voting is very much different from buying a product from an online store. If the wrong product is delivered, the store will ship the right product the next day to ensure customer satisfaction. But if the wrong candidate is elected, there is no recourse the next day. It is unlikely that fraud will be detected until the voting machines are audited many weeks after the election, and even when fraud is detected the outcome will be hotly contested by the affected candidates. In fact, if voting machines don’t use publicly published open source code then it is likely election outcomes will be hotly contested because proving that no fraud was committed is impossible.

However, vote tabulation by machine is perfectly acceptable, although there must be a requirement that vote tabulators are also audited and their source code is made public. Ballots designed for vote tabulators (optical mark cards) can always be counted manually if the electronic tabulation is in dispute.

Thank you,
Bob Jonkman

6 James Street,
Elmira, Ontario
Canada N3B 1L5

+1-519-635-9413
bjonkman@sobac.com

Tags: , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Uncategorized | No Comments »

Chotchkie’s Passwords

Posted by Bob Jonkman on 7th March 2015

Note to security policy admins: Be sure there are technical means to enforce the policies you set, because, like physics, people tend towards the lowest energy levels.

It’s amazing what a little search’n’replace will do.

Manager: We need to talk about your password.

Joanna: Really? I… I have fifteen characters. I, also…

Manager: Well, okay. Fifteen is the minimum, okay?

Joanna: Okay.

Manager: Now, you know it’s up to you whether or not you want to just do the bare minimum. Or… well, like Brian, for example, has thirty seven characters in his password, okay. And a terrific smile.

Joanna: Okay. So you… you want me to use more?

Manager: Look. Joanna.

Joanna: Yeah.

Manager: People can get a password anywhere, okay? They come to Chotchkie’s for the atmosphere and the security. Okay? That’s what the password’s about. It’s about security.

Joanna: Yeah. Okay. So more then, yeah?

Manager: Look, we want you to secure yourself, okay? Now if you feel that the bare minimum is enough, then okay. But some people choose to have more and we encourage that, okay? You do want to secure yourself, don’t you?

Joanna: Yeah, yeah.

Manager: Okay. Great. Great. That’s all I ask.

Later…

Manager: We need to talk.

Joanna: Yeah…

Manager: Do you know what this is about?

Joanna: My password?

Manager: Yeah. Or your, um, lack of password. ‘Cause I’m counting, and I see only fifteen characters. Let me ask you a question, Joanna. What do you think of a person who only does the bare minimum?

Joanna: What do I think? You know what, Stan, if you want me to have 37 characters in my password, like your pretty boy over there, Brian, why don’t you just make the minimum 37 characters?

Manager: Well, I thought I remembered you saying that you wanted to secure yourself.

Joanna: Yeah. You know what, yeah, I do. I do want to secure myself, okay. And I don’t need 37 characters in my password to do it!

Tags: , , ,
Posted in security | No Comments »

Cryptography and Security Events in Kitchener-Waterloo

Posted by Bob Jonkman on 9th October 2013

The months of October and November are shaping up to have some great lectures and presentations on cryptography, security and privacy.

Sheet of paper, strips of paper

Keysigning materials

Yesterday started off with an informal keysigning at the KWLUG meeting. The presentation was on the Scratch programming environment, nothing to do with GnuPG/PGP or cryptography. But a few of us exchanged little slips of paper with our key fingerprints, verified that the name with the fingerprint matched the person we knew, signed the keys, and so improved our standing in the Web of Trust. I hope that this becomes a regular part of all KWLUG meetings. The more people that participate, the more confident we can be about the validity of keys we may not have verified ourselves.

Today I attended the first UofW CSClub lecture on Security and Privacy by Sarah Harvey. If you’ve been following the news about the Snowden revelations you’ll know why security and privacy is important. The room was full of computer science, math and cryptography students, so the discussions were deep and technical.

Sarah Harvey shows a slide of Edward Snowden

Sarah Harvey shows a slide of Edward Snowden

There was a vacancy in the November KWLUG meeting so I asked Sarah if she would repeat her lecture. Let’s see what the KWLUG bosses have to say

There are more CSClub lectures scheduled, check the schedule on the CSClub site.


M-209 cipher machine

KWCrypto logo, the M-209 cipher machine

I’ve volunteered to do a presentation on Encrypting E-mail with GnuPG, Thunderbird and Enigmail, followed by a formal keysigning. I’m developing the presentation notes and keysigning procedure on the KWCrypto Interest Group Wiki that was set up after the Kwartzlab keysigning party last year. Please join me on the Wiki and the mailing list — I’d appreciate the help.

–Bob.

Keysigning Materials picture taken by Bob Jonkman and released under a CC BYCreative Commons — Attribution — CC BY license.

M-209 cipher machine by Greg Goebel used under CC BY-SACreative Commons – Attribution-ShareAlike 2.0 Generic – CC BY-SA 2.0

Picture of Sarah Harvey taken by Laurel L. Russwurm and used under a CC BYCreative Commons — Attribution — CC BY license.

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Posted in Crypto, KWLUG, PGP/GPG, privacy, security | No Comments »

Why I’m an E-mail Luddite

Posted by Bob Jonkman on 2nd October 2013

Statue of a Luddite

Luddite Memorial, Liversedge

The pervasive expectation of HTML everywhere came to light in a recent e-mail exchange:

Him: Bob, have a look at this video: LOLcats at work

Me: Did you intend to send a link with that?

Him: Yes, here it is: LOLcats at work

Me: Sorry, still no link. Remember, I don’t receive HTML e-mail…

Him: Wut? I’ve never heard of someone not receiving HTML e-mail!

E-mail was never designed for HTML; it is intended to be a plain-text medium. HTML is merely cobbled on, and mail clients have no standard way to render HTML messages, resulting in different displays on different mail programs. Some mail programs, especially those run from the command line, can’t show HTML rendered messages at all.

Although I use a graphical mail client (Thunderbird), I choose to not display HTML for two reasons:

1) Security: HTML mail can have Javascript code or other objects embedded. That’s a great way to get virus infections on your computer. I don’t want any code running on my computer that I didn’t put there myself.

2) Privacy: HTML mail that links to external images allows the owner of those images to track your mail usage: When you open the mail, how often you open it, the location you open it at, what computer you’re using, and whether you forward it to others (and then, when they open the mail, how often, their location, &c).

Not to mention that HTML messages are far bigger than text messages, especially when the HTML contains embedded images, fonts, and other stuff. Now, that’s not such a big deal with fast connections, unlimited download caps, and cheap disk drives, but it will still make a difference on small-format devices like phones and watches.

That said, if you do send me HTML e-mail, be sure to embed any images or LOLcat videos. That way I can still view them as static attachments, without revealing when, where, and how often I view them.

For more info have a look at the Wikipedia article on HTML e-mail

–Bob.

You can send HTML e-mail to Bob Jonkman at bjonkman@sobac.com

The Luddite Memorial, Liversedge by Tim Green is used under a CC-BYCreative Commons — Attribution 2.0 Generic — CC BY 2.0 license.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in email, privacy, security | 1 Comment »

Shutting down ServiceOntario kiosks could be Considered Harmful

Posted by Bob Jonkman on 9th November 2012

Service Ontario kiosk with "Temporarily shut down" notice

ServiceOntario kiosk

The Ontario government has announced it is shutting down the ServiceOntario kiosks.

Closing the kiosks won’t do any good if the web site is no better secured. ServiceOntario had control over the hardware and software running on the kiosks, but they have no control over the computers people use to access the ServiceOntario web site. User PCs will have all sorts of malware running on them, and malusers can far more easily spend time breaking into a web site than a kiosk. Unless ServiceOntario has much better security on their web site, it is far more vulnerable than a kiosk.

In his article Government to discontinue ServiceOntario kiosks, Sameer Vasta asks if the ServiceOntario web site is ready to pick up the slack. His conclusion is yes, and although the web site user experience could be improved, he considers closing the kiosks a prudent move. But if the kiosk interface was so much easier to use, then the web site could use that interface too. Security isn’t created by the user interface — security needs to be built into the servers. Malusers are unlikely to use the web interface to launch their attacks; they’ll have more sophisticated tools to try to break into the servers.

Of course, since the ServiceOntario web site was already in place while the kiosks were operational it has been a potential vector for attack all along. Closing the kiosks doesn’t increase that vulnerability. And the vulnerability that prompted the government to shut down the kiosks was card skimming, which is not an issue on a Web site accessed from home. But shutting down a fully managed kiosk to be replaced by home users’ PCs that are full of malware does not look like a prudent move to me.

However, it should be cheaper to manage security on one web site than on 72 kiosks. The government reports that shutting the kiosks will save taxpayers about $6.3 million in one-time upgrading costs and $2.2 million in annual maintenance costs. The Star reports that Minister of Government Services Harinder Takhar says the kiosks cost $4 million to deploy, and it will cost $250,000 to remove them.

And shutting down the kiosks has one other benefit: If a security breach occurs as a result of using our own computers then ServiceOntario has successfully shifted blame, hasn’t it? Surely there will be a disclaimer in the fine print on the website somewhere!

–Bob.


ServiceOntario kiosk "Permanently Closed" notice

“Permanently Closed” notice Service Ontario kiosk.

The picture above shows a ServiceOntario kiosk with a notice indicating the kiosk is temporarily shut down. A new notice has been posted, which reads:

ServiceOntario Kiosks Are Now Permanently Closed.

After a thorough investigation into the safety and security issues surrounding ServiceOntario kiosks, it has been decided to permanently shut down the network.

All former kiosk services are conveniently available online, including:

  • License plate sticker renewal
  • Address change
  • Driver abstract

Fermeture permanente des kiosques ServiceOntario.

À la suite d’une enquête approfondie sur les problèmes de sécurité survenus dans les kiosques ServiceOntario, il a été décidé de fermer le réseau de façon permanente.

Tous les services anciennement founis dal les kiosques son offerts en ligne, notamment les suivants:

  • Renouvellement de la vignette d’immatriculation
  • Changement d’addresse
  • Résumé de dossier de conducteur.

We look forward to serving you.
For these services, and more than 40 other online services, or for a complete list of our locations and available services, please visit ServiceOntario.ca

Au plaisir de vous servir.
Pour ces services, et plus de 40 autres services en ligne, ou la liste complète de nos centres et de leurs services, visitez ServiceOntario.ca

Images courtesy of lothlaurien.ca used under a CC BYCreative Commons Attribution 2.5 Canada License license.

Thanx to my friend RW for the idea for this post, and her contributions.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in considered harmful, Politics, security | 4 Comments »

Google Spyware considered harmful

Posted by Bob Jonkman on 16th April 2012

Google wordmark in a "No" symbol

No Google

One day I was asked:

Hi IT Peeps,

I was wondering if I would cause major havoc if I downloaded google chrome? Will it mess anything up? Any recommendations?

My answer:

What problem are you trying to solve? What’s the question that gets answered “Install Google Chrome”?

Google the company is becoming ever more pervasive in our Internet lives. Google’s business is not providing a search engine for free; Google’s business is to sell our demographic information to advertisers. They gather that demographic data by luring us in with relevant search results, free e-mail and slick looking browsers.

Google collects personal information, including information that was voluntarily given to Google (for instance, by signing up for GMail or Google Plus; posting a video on YouTube), information that was collected anonymously (eg. when you perform a Google search or watch a YouTube video and Google records the search terms, your IP address, and leaves a cookie on your computer), and information that Google collected as it does its web indexing (comments you’ve left on a newspaper site, Tweets you’ve made, messages you’ve posted to public mailing lists). Google then correlates all this data based on IP address, cookies, e-mail addresses, your name, geo-location (finding out where you are based on your WiFi connection or IP address).

As of 1 March 2012 Google changed its privacy policies to combine data mining from all its holdings – the search engine, YouTube, Picasa, Google Maps, Google Plus, Google Mail, &c. I didn’t think too much of that, since I had thought that Google had always aggregated its data. According to an article I read[1] that’s actually a new development. Google used to keep all its data mining separate, in fact, kept it so separate that it didn’t even correlate its adwords between different messages in GMail. With the new privacy policy that’s all changed, and everything is now aggregated, correlated, and retained to be sold to the highest bidder. Google says we’ll never sell your personal information or share it without your permission, but you grant that permission every time you agree to the Terms of Service and Privacy Policies when you sign up for Google’s services.

Remember the Google Toolbar? Every search request, every URL, and every local file you opened in a browser with the Google toolbar installed was sent to the Google servers. There was a report of someone who opened confidential company documents with IE and the Google toolbar, only to find those reports cached on Google’s servers. Google Chrome is far more invasive than a mere toolbar.

Google Chrome does not have the same set of security-related add-ons that Firefox offers. For your best privacy protection and security, use Firefox with the NoScript, AdBlock Plus, HTTPS-Everywhere and Force-TLS extensions. See my article on Browser Security for details on installing and configuring them.

–Bob, who will be getting fitted for a new tinfoil hat at lunch…

Footnote 1: I wish I knew what article that was. To my recollection, the author said he wouldn’t trust Google with his data again. He had visited the Googleplex some years earlier, and was told how Google kept the data from its different projects in separate silos, so that profile aggregation was next to impossible. Data silos were so extensive that although one GMail message might trigger certain AdWords, there was no tracking between messages. I read the article in March of 2012; if you can provide me with a link let me know in the comments.

Update 8 Nov 2012: A similar quote about data silos from Google’s Vic Gundotra appears in the CNN article Google exec: We won’t break users’ trust.


Tags: , , , , , , , , , , , , ,
Posted in considered harmful, Google, Google Free, Internet, privacy | 2 Comments »

Browser Security

Posted by Bob Jonkman on 30th November 2011

Browser vulnerabilities are a common contributor to computer malware. Attacks have become so sophisticated that just viewing a Web page with an unsecured browser can infect your computer with malware. Fortunately, there are settings and extensions that will make surfing the Web a safer experience.

Browser selection

This article deals only with securing Mozilla Firefox. Firefox offers an wide selection of extensions that can help secure the browser. Google Chrome, Opera and Safari also offer some extensions, but I have not tested them. Microsoft Internet Explorer appears to support Add-ons, but Version 8 offers none for browsing security.

Internet Explorer is particularly vulnerable. In part, this is because IE is by far the most popular browser, and so it suffers the most attacks. Because it is the most popular browser it is especially targeted for attack by malusers. And compounding the problem, Microsoft has been slow to acknowledge vulnerabilities in its products, never mind fixing them.

Privacy settings

Privacy is not so much about keeping your personal information secret, but about keeping control over your personal information. If I choose to tell Facebook my name, age and browsing habits that’s OK, but my privacy is violated if Facebook finds out about my browsing habits if I don’t tell Facebook myself.

Malware is pretty good at correlating information when you least expect it. For example, you may keep your browsing history confidential, but allow Javascript to change the layout of your screen. To do so Javascript reads elements of the Document Object Model (DOM), including the colour of text. But if a link is coloured purple instead of blue, then Javascript can figure out that you’ve visited that link before, violating your privacy settings for browsing history.

To see your Firefox Privacy settings select Tools, Options and click the Privacy icon.

screenshot of Firefox Privacy dialogue

Settings for Firefox Privacy options

For maximum protection check Tell Web sites I do not want to be tracked and select Firefox will: Never remember history. But having to type in all your passwords and data every time you access the same web sites can be inconvenient, so I actually browse with the setting Firefox will: Use custom settings for history, leaving Always use private browsing mode unchecked. It is usually safe to have Accept cookies from sites turned on, with Accept third-party cookies turned off and Keep until: I close Firefox selected. Custom settings for Clear history when Firefox closes has only Cookies and Active Logins checked:

Screenshot of Clearing History dialoge

Firefox Clearing History

Security settings

To see Firefox Security settings select Tools, Options, then click on the Security icon.

Screenshot of the Security tab in Options

Screenshot - Firefox, Tools, Options, Security

For maximum security, make sure all the checkboxes are checked.

Warn me when sites try to install add-ons will avoid drive-by infections, which is when merely browsing a Web page with Javascript enabled can launch malicious processes. This will at least give you a warning.

Block reported attack sites and Block reported web forgeries do add some additional protection from malware sites, but potentially at some expense of your privacy. Every 30 minutes Firefox downloads a list of malware sites. If you browse to such a site then Firefox will check for that particular site immediately before blocking it. It uses Google’s malware list to do so, and will send Google’s cookies when checking.

You can test for phishing protection at the phishing test site and for malware protection at the malware test site.

Use a master password will encrypt the list of passwords stored on your computer. This is mostly useful if your computer should get stolen or left on the bus, but without the Master Password it might be possible for a malware site to retrieve your list of passwords through some (as yet unknown) vulnerability.

Security Extensions

Firefox’s extensive collection of extensions (Add-ons) make it my preferred browser.

NoScript

NoScript prevents Javascript from executing on specific web sites.

Javascript determines the fourth characteristic of a web page (Content, Semantics, Presentation, Behaviour). A well-designed web site will degrade gracefully — if the browser cannot manage the page layout (Presentation), it should still be able to identify the components of a page such as paragraphs and headers (Semantics), and still show the Content. Even if the browser can’t identify a paragraph from a heading (Semantics), it should always show the content. Javascript is responsible for the behaviour of a page. This is what makes Google Maps’ slippy map work when you drag the mouse cursor across the page. That behaviour degrades gracefully, so that when you view Google Maps with Javascript disabled you can still see a static map. Sadly, many web sites today are designed so that Javascript is required to show the content. NoScript addresses this problem by selectively allowing you to enable Javascript for those sites that you trust.

NoScript has expanded its scope so that it now also checks for Cross-Site Scripting vulnerabilities, Application Boundary violations, and other esoteric security concerns.

Adblock Plus

Adblock Plus removes ads. That’s wonderful all by itself, but there’s more! When ads are blocked, you don’t waste any bandwidth downloading them. But there’s more! The hits from Web Bugs aren’t recorded and tracked. And blocked ads from third-party sites can no longer query third-party cookies, or enable cross-site scripting attacks.

When you install Adblock Plus you’ll be asked to subscribe to one of the pre-defined block lists. I usually choose EasyList or Adblock.org.

ForceTLS

ForceTLS requests an encrypted page (https) when the server supports it. The functionality is now built into Firefox directly, but ForceTLS still provides a handy dialogue box to add Web sites for servers that don’t automatically switch to https.

HTTPS Everywhere

HTTPS Everywhere forces a Web pages to use https, and can change the URL for those sites that use different URL paths for their secure content. HTTPS Everywhere only works for Web sites in its Preferences list:

Screenshot of HTTPS-Everywhere preferences

HTTPS-Everywhere preferences

HTTPS Everywhere is not maintained on the Mozilla Add-ons web site, so you have to download it from the EFF directly. Firefox will ask you to verify that you want to install an add-on from an unknown site. Click on the Allow button to install the HTTPS Everywhere add-on.

Installing the HTTPS-Everywhere extension in Firefox

Keeping Updated

Security is not a single solution to a single problem. It is a constantly evolving process that tries to keep up with constantly evolving attacks. It is important to keep everything up-to-date.

Updating the Browser

To ensure that the browser and all its extensions stay up-to-date check all the boxes on the Tools, Options, Advanced, Update screen:

Screenshot of the Firefox Update screen

Updating Firefox

Updating Extensions

To update the Firefox extensions select Tools, Add-ons, click on the Tools for all add-ons button, and make sure there is a check mark beside Update Add-ons Automatically. If there is no check mark then click on Update Add-ons Automatically, and you should also perform updates manually by selecting Check for Updates. If there are any updates a View all updates link will be displayed, click on it, then click on the Update now button for each add-on in the list.

Screenshot of the Firefox Add-ons Update button

Screenshot showing the 'Update' menu

Updating the Operating System

Finally, no amount of browser security will keep you safe if your operating system is not safe. Be sure to activate Windows Updates (or Linux Updates, or AppleMac Updates), and keep your Anti-virus software, firewall, spam filters and other security software up-to-date.

–Bob.

Tags: , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Internet, security | 3 Comments »

 
Better Tag Cloud