Avoiding Ransomware

Ransomware is more or less out of control. There are many online articles about the topic.

My strategy for avoiding ransomware is straightforward. I am a dinosaur in some ways with how I use computers and the web and thus, am far less likely to ever encounter such software.

  • I do not use Windows.
  • I install packages only from upstream repos.
  • I compile my own third-party packages but only trusted free/libre packages.
  • I have a three-tier backup strategy with two tiers being off network.
  • Firewalls (iptables) on all systems rather than only edge devices.
  • For about 15 years I have been using domain blocking with dnsmasq.
  • The domain name block lists are updated weekly.
  • SSH access is key pairs only.
  • For remote access SSH private keys are pass phrase protected.
  • VPN certificates are pass phrase protected.
  • My Thunderbird email client is configured to disable HTML links.
  • Thunderbird is configured to display content in plain text.
  • With almost all emails usually I inspect attachment source code separately.
  • My Firefox web browser is configured to protect my privacy as much as practical.
  • Firefox is configured with a short allow list to avoid the bane of the web.

Thus far many people might not consider the strategy to be noteworthy. Pretty much standard recommendations. Yet consider me a “gumpy old man.” The big difference for me is I am not enamored with any so-called “user experience.” Any time a software vendor or web site developer starts blabbering about “user experience” my baloney detector rings at high volume.

  • I don’t care about and ignore dancing pigs.
  • I do not give a hoot about social media and avoid related drive-by efforts.
  • I have been using computers for almost 40 years and with modesty I’ll say I have half a clue why and how social engineering succeeds.

While avoiding ransomware is a challenge these days, I spend no time worrying about the problem.

Posted: Category: Usability Tagged: General

Next: Disaster Recovery Testing — 3

Previous: Exporting Lightning Calendar Data