Dane Christian - A Human Readable Guide to Cyber Security

Finally! A Human-Readable Guide to Cybersecurity

Congratulations on purchasing this book! Protecting yourself online is critically important, and by reading this book, you are taking an important step to keep your personal information secure. The world of digital security is a fascinating one, and today is more important than ever. As you read through this book, you will gain an understanding of some of the most fundamental principles of security, how many hacking schemes work, and how you can outsmart them.

This knowledge is valuable for anyone who uses a computer. Whether you use your computer primarily for personal reasons, or you are a businessman wanting to make sure that important company information on your computer remains secure, this book contains invaluable information that can help you maintain privacy. It is a concise explanation of security topics written in plain English, so that anyone can understand what it takes to keep computers secure. I'll also guide you on what to do if you find that your computer has already been compromised. Ive tried to keep this book as short and concise as possible so that it will be as easy as possible for you to soak up this information.

These tips that I will give you come from a number of places - many I have learned from talented programmers, and some from my my own sweat and blood. Ive tried to include a lot of real world examples of hacking schemes to keep this interesting. Then I'll tell you pro-tips that repair shops and security personnel normally sell you for hundreds of dollars. I'll tell you how to get the same things done for free or at comparatively little cost, potentially saving you hundreds. I'll point you to free programs that work nearly as well as commercial ones. And for those of you who are willing to invest a little more in computer security, I ll give you my professional opinion on the best commercial software. Read this book, and you'll be saved from the legwork of comparing programs, and then trying to change when you realize you picked the wrong one. No more searching Google and sifting through internet to find out what you need - you'll find it right here. By reading and applying the principles in this book could save you from a destructive hacking attempt.

In addition to learning about how to protect your computer, in this book youll actually learn about real principles of security, not just a list of dos and donts. That will equip you to make smart choices even in areas this book doesnt cover. Sometimes when we first start learning about something new, we don't really have our bearings and can get lost, or we waste our time on things that do not really matter. It's also easy to miss an important area. In the world of digital security, just one omission can leave a computer vulnerable.

In this book, I'll give you a holistic view of how security works, so that you can be best prepared to meet the number of attacks that are coming today, and the new ones devised tomorrow. Unfortunately, the more the digital world grows, the more incentive hackers have to break into it. For those of us us who do honest work, it is frustrating that we have to deal with this problem. That said, the consequences of not doing so can be catastrophic. By reading and implementing the security measures in this book, you will be providing yourself with a first line of defense that could be the difference between productive computing, and an incredibly destructive security breach.

As a final note, while this book is designed to be a help to you in implementing digital security, please be aware that it is impossible to cover every attack. New ones are invented every day. Even if you follow every tip written in this book, there invariably will be other attacks and viruses out there that can cause problems. It is impossible to cover all aspects of security in one book. That said, this book contains valuable information that will get you on the right track. So without further ado, lets get started.

Sector 1 - Universal Principles of Security

A. Encryption.

In 2014, Home Depot announced that there had been a major breach of their security systems in which many, many credit cards were stolen from their systems. The Wall Street Journal, 56 million credit card numbers were stolen. Criminals had snuck in through a small loophole in their security systems, and quickly began their covert thievery. They basically devised a system where they could intercept the credit card numbers of people who swiped their cards in the store. As data was sent from the credit card readers to where it was stored and processed, the hackers listened in on the wires and intercepted it. If Home Depot had been using the technology that I am about to show you, they would have been safe from harm. As it is, however, they did not, and massive damage ensued. At the end of this section, I'll show you a bit of a report on their website which discusses how they implemented this critical security technology called encryption.

Encryption is in many ways the backbone of any secure system. Basically, it is a system of scrambling the contents of a message so that nobody can tell what it says unless they have the right password. The whole point of it is to enable people to transmit confidential information through an insecure route. Heres an example of how simple encryption might work:

If I want to disguise the word cat with extremely basic encryption, I could change every letter in the word to the next one in the alphabet - so c becomes d, a becomes b, and t becomes u. The resulting encrypted form of the word cat would be dbu. I could do the same to a whole sentence and get a result that looks completely different than the original. If someone were to look at our sentence without first undoing the encryption, it would have absolutely no meaning. Of course, this encryption algorithm wouldnt be very difficult for anyone to unravel, so far more complex ones have been devised.

In encryption formulas created today, there are two parts - the formula, called the cipher, and a secret password called the key. In the example above, we could change it up so that instead of replacing each letter with the one after it in the alphabet, we would replace each letter with the third letter after it. We could replace it with the tenth letter after it (and wrap around back to a for letters near the end of the alphabet). In this example, the encryption formula would be quite simple:

Replace each letter with the __ letter following it in the alphabet.

In our first example, we put the number 1 in the blank, so that each letter would be replaced by the one following it in the alphabet. We could, of course, change it to whatever we wish, and thus slightly modify how our message is encrypted.

In real-life encryption, the key is equivalent to the blank in our encryption formula above. By inserting a different number into the formula, we can alter how the message is scrambled. In the same way, modern encryption algorithms keep messages secret by using a special key to alter how the message is scrambled, to the point that only the person with the key will be able to unscramble the message.

Usually these formulas to scramble and unscramble the message are freely available so that anyone can use them protect their information. The key, however, is always kept secret. As long as that secret code is protected, the message is safe, and it is virtually impossible to unscramble the message. In fact, many of the algorithms used today are so secure that today the most powerful supercomputers on earth couldnt decode the scrambled message, even if given thousands of years.

The use for such a system is pretty clear - you can send a sensitive message through an insecure route, confident that if anyone were to intercept it they still would not be able to find out the contents of your message. This is particularly useful in online transactions, where sensitive data is commonly sent across the internet. Let's say for example, you are buying this book from Amazon with your credit card (and of course that you dont have it saved). When you enter your credit card number and click the "Buy" button, your computer sends your credit card number through your internet connection to your internet service provider (like AT&T, Verizon, your cable company, etc.) Then your internet service provider sends your credit card number many miles, possibly hundreds of miles to Amazons internet service provider, and then to Amazons own computers. Once they have the card, they have to send the number to your credit card provider (like Visa or MasterCard) and make the charge. In one online transaction, your credit card may be sent hundreds, or even thousands of miles.