Avoiding Ransomware

Ransomware is more or less out of control. There are many online articles about the topic.

My strategy for avoiding ransomware is straightforward. I am a dinosaur in some ways with how I use computers and the web and thus, am far less likely to ever encounter such software.

I do not use Windows.
I install packages only from upstream repos.
I compile my own third-party packages but only trusted free/libre packages.
I have a three-tier backup strategy with two tiers being off network.
Firewalls (iptables) on all systems rather than only edge devices.

For about 15 years I have been using domain blocking with dnsmasq.
The domain name block lists are updated weekly.
SSH access is key pairs only.
For remote access SSH private keys are pass phrase protected.
VPN certificates are pass phrase protected.

My Thunderbird email client is configured to disable HTML links.
Thunderbird is configured to display content in plain text.
With almost all emails usually I inspect attachment source code separately.
My Firefox web browser is configured to protect my privacy as much as practical.
Firefox is configured with a short allow list to avoid the bane of the web.

Thus far many people might not consider the strategy to be noteworthy. Pretty much standard recommendations. Yet consider me a “gumpy old man.” The big difference for me is I am not enamored with any so-called “user experience.” Any time a software vendor or web site developer starts blabbering about “user experience” my baloney detector rings at high volume.

I don’t care about and ignore dancing pigs.
I do not give a hoot about social media and avoid related drive-by efforts.
I have been using computers for almost 40 years and with modesty I’ll say I have half a clue why and how social engineering succeeds.

While avoiding ransomware is a challenge these days, I spend no time worrying about the problem.

Posted: July 13, 2021 Category: Usability Tagged: General

Next: Disaster Recovery Testing — 3

Previous: Exporting Lightning Calendar Data