Day 68 - Internet shutdown in Kashmir again; Continous threat assessment
26 Apr 2017 Tweet 100daysofwriting · internet · security · shutdownSome more bizarre things happened today, 27th April, 2017. Not so bizarre, now that I know that Internet shutdowns were common. This is definitely the first internet shutdown that I have seen in the papers. Actually noticed. Kashmir now has a block on 21 social networks for the next month. These are the social networks:
I just had to laugh when I saw Tumblr, Pinterest and Snapchat on that list. Seriously, who is sharing even the anticipated objectionable materials.
More bad news for LastPass’ security team and all users of a password manager that is either Lastpass itself or something else. I have never been comfortable giving anyone access to my passwords. Even if it is a metal box that no human being promises to ever look at. Managing passwords on your own is slightly involved and often irritating, but it is totally worth the risk. The one thing that I would recommend that everyone do is: Keep assessing the amount of threat that you are under of being attacked, and the worst case scenarios if you indeed get attacked If you do this on a regular, unconscious level, then you will eventually not have to actively think about what might happen. You are always thinking about that.
A sample scenario: What happens if I left my computer unlocked for 10 minutes
and went somewhere and someone used the computer for 9 minutes during that
period. In that case, I would lose my RSA private keys and probably give them
access to all the servers I have access to (and have stored in my
~/.ssh/config for about 6 minutes if they are really fast at getting situated)
In 6 minutes, most servers can be taken down. They would still not have sudo
access on these servers, so they would have to run something like the fork bomb
which is easily solved by a reboot. The
Metakgp server takes about 16 minutes to
reboot, that’s a total down time of nearly 17-20 minutes at most. They would
also get my RSA private keys, which would mean that I would have to contact
someone to immediately remove my old keys and refresh them with new keys
everywhere. This might take considerably more time and effort and this is
probably the thing I would be most concerned about.
They might definitely be able to get a file-tree of my complete hard drive
(although that’s pushing it, because the last time I ran tree / it took 1.5
hours to complete. Yes, that’s 1 TB worth of files’ list). They might be able to
get some information, but it would still not be enough to do anything with.
But going into the browser, things escalate really quickly. If they don’t care about my RSA keys, then within minutes with a decent internet connection, the attacker should be easily able to cause havoc with my primary email account, a Facebook account. Send out emails which will be very hard to explain, messages that might be embarassing at the worst.
All in all, these threats are bad enough for me to force me to lock my computer before leaving, even if it is just for a couple minutes.
You might note that I have also just assesed the threats for the case where someone guesses or gets my computer’s login password from somewhere. The problems and the scenarios would be the same.
So, keep assessing and thinking about how things could go wrong. Most of the security stuff that I have realised have been in retrospect, and the helplessness is rather crippling.
POST #68 is OVER