TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

Securing your computer systems: 2016 Edition

Discussion in 'TSLA Investor Discussions' started by anticitizen13.7, Mar 25, 2016.

  1. anticitizen13.7

    anticitizen13.7 Not posting at TMC after 9/17/2018

    Dec 22, 2012
    United States
    I started a thread a few years ago about securing computer systems, which most people use to access their investment and other financial accounts: Securing investment accounts

    As the security landscape is continually changing, I thought the topic could use some re-visiting.

    In particular, there has been some controversy over anti-virus/anti-malware products in the past year. A couple months ago, Google researchers found severe security flaws in Kaspersky anti-virus products. FireEye, ESET, and Sophos have also had some embarrassing bugs.

    Computer security software generally works by examining files that are executed in the operating system or downloaded from the Internet (web pages, music files, programs, and so forth). Security software must generally also have fairly extensive privileges into a computer system in order to conduct this examination. This means that if the security software itself is compromised, it could also expose the operating system to compromise.

    One school of thought is that anti-virus/anti-malware is largely useless because it (1) increases the attack surface of a system -- what I described in the paragraph above and (2) it is reactive, relying on malware signatures. Some AV packages use heuristics to flag abnormal activity, but I don't know the effectiveness level of these techniques. New malware might not be detected until it is too late. People who believe this advocate for using the minimal amount of installed software possible.

    2-factor authentication (like an RSA token or SMS code sent to one's phone) can largely prevent unauthorized trades and/or transfer of assets.

    The other thing I have been thinking about is disk encryption. Windows 10 Pro and higher has Bitlocker, and MacOS X has Filevault. This substantially reduces the chances that personal info can be extracted from files if one's PC is stolen.

    Any thoughts?
    • Informative x 1
  2. eloder

    eloder Active Member

    Mar 12, 2015
    Ohio, USA
    My thought is that I'm still extremely saddened both my brokerage (Ameritrade) and bank do not offer two-factor. Even an account I use for video games has offered two-factor for something like eight years now, through a one-time password dongle :/

    I use a complex password secured by a password manager (and the PW manager itself is two-factor protected with one-time passwords).

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.