4 Ways to Protect Yourself Against Hackers

I remember when I was a child(around 13–14), I learned phishing and tried it on my friends' Facebook accounts successfully and also cracked some WiFi passwords in my town.

But, I am always curious to know, How many methods can be there for Hacking? How can I become a great hacker? and most importantly, How can I protect myself from hackers? The tools below address more than 90% of the most common security threats.

• If you do nothing else, here’s a 60-second precaution: put tape or a cover over your laptop camera (and perhaps your phone) when you’re not using it. I came to know recently, how simple it is to hijack cameras for a hacker. It’s terrifying. This could be used to surveil your house and determine when you’re not at home. Covering it is 60 seconds well spent. And don’t click on any pop-up you come across while browsing.

Here are 4 core topics I am going to cover, to make you protect your privacy:

1. Protect your data on your computer and mobile devices
2. Detecting Malware or Software Behaving Badly
3. Anonymizing Yourself
4. Control the Website You Visit

How to protect your data on your computer and mobile devices, in case your systems are ever stolen

• Use BitLocker on Windows or FileVault on OS X. Your data will be encrypted when the machine is off or suspended. Encrypt your hard drive using “full disk encryption” in order to keep your confidential data protected in case your machine is ever lost or stolen, preventing others from extracting data from your device without the password.
• You’ll Never Take Me Alive! is a free tool for Windows and OS X machines so that if the machine is ever disconnected from AC power or wired Ethernet while the screen is locked [e.g. someone grabs your laptop out of your home and sprint off], the system will go into hibernate, preventing a laptop thief from accessing your encrypted data. This requires you to be using FileVault or BitLocker disk encryption.
• Use a Pin on your iOS or Android device to encrypt the data locally on the device. While a PIN may seem insecure, your data is typically well protected due to mechanisms in place to prevent brute-forcing of PIN codes onto your device, and relatively secure(though not perfect) hardware implementations of security within iOS and Android.[TF: If on iPhone, I’d also recommend increasing your PIN from 4 to 8 characters. If someone is trying to brute-force crack your password, this takes the time required from roughly 4 to 5 days to 100+ days (iPhone: Settings -> Touch ID & Passcode -> Change Passcode)]
• Don’t ever use the same password twice! Differentiate your passwords enough that someone can’t guess a password for one site by knowing the password of another. I try to use long but “simple” passwords that are easy to remember like lyrics from a song relevant to the site. A long password, even if mostly English words, is typically stronger than a short password with random characters. For casual, non-technical people, I would suggest using a program like 1Password or LastPass (or KeePass, if you want open-source) to remember all of these. Personally, I use VeraCrypt. The difference between this and a tool like 1Password is that 1Password is built into the browser.

Detecting Malware or Software Behaving Badly on Your Computer

• A great amount of software will make outbound connections to the Internet, typically for legitimate purposes, though not necessarily. If you wish to prevent or at least learn when an application is doing this, you can use NetLimiter on Windows or Little Snitch on OS X to detect and decide allow or block when a specific application is connecting out, and learn where it’s connecting to. You can use Wireshark for further analysis.
• You can use BlockBlock on OSX which notifies you if a program is trying to install itself to run upon startup, even when it’s hiding in a nook or cranny of your system, and you have a clear option to block it if you wish. Some viruses or malware or simply annoying software will try to do this and you can decide if it should run at startup or not.
• Don't plug in any USB device that you don’t trust! There are even e-cigarettes that charge over USB that carry malware. If you wish to charge something, it’s safer to use a USB charger/adapter [for a wall outlet] rather than your computer. And also don’t charge your Mobile devices in a public place.

Anonymizing Yourself on the Internet

• Tor is free, cross-platform software that allows you to browse the internet anonymously and helps you defend against network surveillance. It will change your IP address each time you use it as well as encrypt your network communication, however, the last “hop” in the chain of Tor will always be able to see your encrypted traffic, though[it will] not be able to detect your IP address. I would trust Tor over any VPN service as no Tor node knows both your IP and what you’re accessing, unlike a VPN, which could be compelled to share that data.
• When you take a picture with your smartphone, it’s typically recording your GPS coordinates and other data about the picture, such as the device used, into the image. This is called EXIF data and is metadata that’s hidden in the image, and anyone can recover it if you send the image directly to them. You can disable storing location in phones on various platforms [See Settings, Systems Preferences, etc. For instance on iPhone6: Setting -> Location Services] or use free software after the fact to do this. Search for ‘EXIF removal tool’ and find a tool for your operating system or mobile platform to do this when to hide your location from images.
• If you want to be particularly crafty, you can use a free app called LinkLiar on OS X to spoof or randomize your MAC address. A MAC address is a fixed, unique hardware identifier of the network device within your computer and never changes otherwise. I’ve also discovered that some large companies track MAC addresses to know the last place you’ve been, so it doesn’t hurt to adjust it every once in a while.

Accessing Interesting Data and Controlling the Website You Visit

• If a website is delivering images, video, or audio to your computer, that means in most cases you can download it directly, even if the site attempts to stop you. In Chrome (similar tools exist in Brave & Safari), you can fo to view -> Developer -> Developer Tools, click on the Network tab, refresh the page, and see all content going across. You can the right-click any file, such as image that the site wouldn’t otherwise let you download, and click Copy Link Address to get the direct URL. The Elements tab is also particularly useful. [TF: You can also use this to easily copy and paste good quotes that some sites like to prevent you from copy and pasting.]
• Using the same Developer Tools, if a site is ever trying to force you to sign up, fill out a form you don’t want to fill out, or otherwise cover the page with obstrusive windows or darkening the page, you can use the Elements tab in the Developer Tools(mentioned above), right-click on any element in the tab, and click Remove. Don’t worry, if you remove the wrong thing, you can simply refresh the page and try again! You are only affecting the page on your computer, but this can be a useful tool to adjust a page to your liking.
• Google Reverse Image Search is a surprisingly useful tool if you’re ever trying to perform reconnaissance, or just learn where an image came from or where else it might be used on the internet. Simply browse to Google Images and drag & drop the image onto the page.

Bonus!

Though I’m not a lawyer, using these tools on a network and devices you have reign over, such as your home LAN, will likely not carry any consequence. The only way to understand the security and 5insecurity of your own network is to test the same tools attackers would use. I highly suggest those interested in learning using these — both good guys and bad guys are using these same exact tools!

• To learn about some of the starting tools a hacker, attacker, or someone just curious about security would use, I’d suggest looking at beginning tools such as Wireshark, Charles(Web debugging proxy), NightHawk(ARP/ND spoofing and password sniffing), arpy(ARP Spoofing), dsniff(password sniffing), and Kali Linux (penetration testing) and looking up tutorials on network intrusion, sniffing, and man-in-the-middling. FreeCodeCamp, Udemy, Coursera are great places, to begin with. Within a few minutes and with a tool like Wireshark, you can start seeing all the traffic going in and out of your computer, which tools like Nightawk and arpy in conjunction with Wireshark can help you inspect and intercept all traffic on a network!
• To further dive into security, I’d suggest learning to program. It’s easier than you think! Learning to program allows you to learn how somehow might engineer something and helps you think about how you then reverse that and exploit it, as if you had created it yourself. (Knowledge of Operating Systems and Computer Network would be an added advantage)

I believe this blog post will help you take care of your privacy and help you to protect yourself from hackers.

Any suggestions or constructive feedback will be much appreciated.

Thanks for Reading.

Don’t forget to follow The Lean Programmer Publication for more such articles, and subscribe to our newsletter tinyletter.com/TheLeanProgrammer