Security for the online poker player
One of the mailing lists I’m on had a message the other day about those late night TV ads talking about companies that will give you a computer with no credit and monthly plans. The conversation then turned to computer security and I started giving out some advice on security. I realized I’ve basically regurgitated the same information to dozens of people over the past few years, updating as necessary. So I figured I’d write it all down here. Don’t worry, before I clicked buttons for a living I did get a couple of degrees in computer engineering.
When thinking about what’s necessary to make ones own system secure, it’s important to know what the system is used for and what sort of information is contained on it. There’s a pretty big difference in the security needs of someone who just checks their email, versus someone who is active with chat programs and social networking sites, versus someone who uses their computer for their job. Additionally with the case of poker players, they may be specifically targeted because people know that on their computer system is a way to get money easily. All the poker clients transmit your login data securely, so even if you’re on an unsecured connection like public wireless you should be “safe”. The greater threats come from within an unsecured system.
So, here are some things I recommend. Even if you don’t play poker, these can be very useful things to know about/install/use.
- Use a router and make sure you understand most of the options and settings. A properly configured router is good for stopping people from randomly checking out your ports, looking for things to attack, and useful for keeping an eye about what’s going on on your network. Out of the box, a router is more effective for stopping external attacks than a software firewall is. A lot of routers, like the Linksys WRT54GL can be flashed to use other firmware which will have more options, such as DD-WRT or Tomato. If it’s wireless, be sure to actually set a key that’s not easy to guess, and use 802.11g (usually supports WPA or WPA2) only which is far more secure than 802.11b (usually supports WEP only). Most routers that do b/g will let you disable b and WEP. Of course, a wired connection will always be more secure than a wireless one, so even if you have a wireless router, try to use the wired ports on it if possible.
- Antivirus, of course. I prefer AVG to things like Norton or McAfee, which have been attacked themselves and have issues with crashes, memory leaks, and network connectivity problems. Daily/weekly scans are fine, but most will now auto-scan downloads from Firefox/IE, and will scan executable files as they are run/accessed by other programs, which is far more useful than scheduled scans.
- Occasional AdAware/Malwarebytes scans. No need to buy anything to have a constant scan, just run it every now and then and of course if whenever you think something is wrong.
- Some sort of software firewall. The Windows built in firewall is fairly decent now, and should be sufficient for most people. I like ZoneAlarm’s extra controls and features, and it’s definitely useful if you have multiple computers on one router, especially if they are being used by other people. Yes, just the free ZoneAlarm is fine. Another option is Codomo.
- SnoopFree. This will tell you any time a program attempts to take a screenshot or hook your keyboard. With respect to poker players, some clients like PartyPoker used to take screenshots of your screen and send them in. I presume this was to catch cheaters, but it still feels like a massive invasion of privacy. I don’t think FTP, PokerStars, or Cake do this, but still it doesn’t hurt. The keyboard hook should catch any software-based keyloggers. There are a lot of false positives with this program (e.g. Cake Poker will hook your keyboard if you click on a dropdown box in their store) but you can whitelist them so you don’t get bothered in the future by known good programs. This doesn’t work on Vista.
- TrueCrypt. A couple of years ago they added full drive encryption. Very user friendly, and I definitely don’t want something happening if my computer actually gets physically stolen. This way if my computer does get stolen, I don’t ever have to worry about changing any email/bank/poker passwords. In fact, if I decide to just give the hard drive to a friend, I wouldn’t even have to format it. After the drive is encrypted it just asks you for a password on bootup. (This is different from a BIOS password… if you just set a password in BIOS, your HDD can be removed and its contents won’t be encrypted).
- Backups are good, even if it’s just critical documents. But you can use something like Norton Ghost to image an entire drive, or use a bootable linux CD/flash drive to do a byte-by-byte copy (which is just one line at the shell prompt). This will help you avoid downtime if a disk goes bad or if your computer gets really screwed up by some virus/trojan that is not easily fixed. If you’ve encrypted your hard drive with TrueCrypt and you do a backup with linux, the backup is already encrypted. If you just want to backup critical documents to a flash drive, you can encrypt the flash drive with TrueCrypt as well.
- If something does go wrong, use HijackThis to get relevant information about your computer and look at it or post it on a number of message boards to get advice. It can even be useful to run it and save the files even if everything is OK so you have a control to compare against later if something does go wrong.
- Install and use free alternatives to commonly attacked programs, such as OpenOffice.org instead of Microsoft Office, and any number of alternatives to Adobe Acrobat PDF reader.
- Use different passwords, change them, make them hard to guess. If necessary, there are programs which can help you securely keep track of passwords, such as KeePass. You can also use multiple email addresses, which can also be easily managed by KeePass.
- Use a program like NetMeter to keep track of how much bandwidth you’re using. Not only is it just generally interesting to look at, but you should get to know how much bandwidth you’re using and see if anything is out of the ordinary. Strange internet usage should tip you off that something is up.
- If something is causing your computer to act weird, check out the task manager (accessible by hitting ctrl-alt-del on most Windows installs), or use Process Explorer to check things out.
- For unknown or untrusted programs, you should always use a sandbox environment if you do intend to run the program. Like, something downloaded from 2+2 for example. Sandboxes restrict access to other programs, memory, and the disk, so potentially harmful things can’t do any damage. You can use a program like Sandboxie, or if you have your Windows install discs sitting around, you can install on a virtual machine using a program like VirtualBox.
- Do obvious common sense stuff like updating your computer frequently (Windows auto updater should work fine), updating software like IE/Firefox, and not downloading/running random things you find on the internet.
- Don’t let anyone use your computer but you if possible, even if it’s a restricted (non-administrator) account. It makes it far far more difficult to know your computer is secure if someone else uses it. This goes both ways, so you shouldn’t do anything involving any username or password on a computer belonging to someone else. This includes email, poker, or instant messaging.
Of course, just using these things blindly isn’t going to help much. Over time you get to know the quirks of your specific computer, and you just “know” when something isn’t right. You should use these programs to prevent and analyze your computer both when things are fine and when they aren’t.
Let me know if I’m obviously leaving something out, or if you have something to add. If it’s good info I’ll include it here.