Ask a computer security expert.

[pocaracas]

What would be the best way to create a sock account that not even you could detect?  Just curious.

Be a different person (posting style-wise), in a different place (IP-wise, proxies land you under suspicion), with a different (non-discardable) email.

[Whateverist]

Sounds like a lot of trouble. Guess I'll just go on wearing my socks and posting what I like the way I like.

[Napoléon]

It's pastword.

To be fair I don't think I'd be able to guess pastword.

[pocaracas]

It's pastword.

To be fair I don't think I'd be able to guess pastword.

That's why it's so good!
I first came across this type passwords when I saw a guy use the administrator password as: administreta (treta, in portuguese, means something that's BS, or just false)

[ignoramus]

serious question:

I know someone who downloads stuff of a torrent site.
He goes into the properties for the file once the download has started, and he removes all the trackers.
Can the authorities still see what I am he is downloading?

What's the safest "free" way to do this?

[I_am_not_mafia]

Can malware set the BIOS password? A friend has been the subject of some cyber-bullying (confirmed) but now she's literally paranoid about everything to the point of being on anti-psychotic medication and has claimed that her smartphone was hacked remotely, even ipods and smart TVs, and was probably being hacked by the government. I cleaned her laptop of all the Malware and a week later she complained that it was all black when she switches it on. She took it to the shop and they said that the hard disk needed to be recovered. I finally got my hands on it and found that the BIOS password had been set. That was a surprise I can tell you.

I'm a computer scientist myself but not an expert in IT security. I know that she's wrong about being hacked but I just need to confirm for sure that Malware can't set the Bios password. Although technically possible I'm assuming that considering how many different specialised BIOSes and motherboards there are out there it's not actually done in practise. Although it's UEFI rather than old style BIOS and I don't know much about that except it was a real pain installing a dual boot Linux Win 7 on my new desktop with two hard disks because of it.

I'm going to replace the CMOS battery to reset the password. It's a relatively new Toshiba with Win 8 on it (eyuch!). I'm assuming that something just messed up. I once had a desktop do that so I couldn't read the hard disk because of a BIOS setting that changed for no known reason.

Also, how does a factory reset work on an Android smart phone that hasn't been rooted or anything? She said that she had been 'hacked', did a factory reset and it didn't help because it was still acting weird (sorry, I can't get any useful details out of her). I'm assuming that there is some ROM in the phone that can't be over-written so a factory reset should always get rid of any Malware.

I know that she is paranoid but I need to be fully confident of the facts before I explain why what she believes is not possible.

[vorlon13]

I never received an explanation of how it was possible from Verizon/Motorola, but 2 years ago my Droid Razr was bored and lonely one night and entirely on it's own, called a dozen people.  Clearly, a phone just laying there shouldn't be able to pick 12 random names from my directory and call them, so somebody put malware in my phone, or somehow got control of it.

It was very upsetting and embarrassing.  People think you're a creep if you call them at 3:45AM and won't talk to them.

All customer support would do was tell me to delete all my aps, which I did.  And I NEVER put another one in.  I don't even charge my phone while I sleep anymore, I do it in the morning now, and to this day, I do not trust that phone.

[ignoramus]

Can malware set the BIOS password? A friend has been the subject of some cyber-bullying (confirmed) but now she's literally paranoid about everything to the point of being on anti-psychotic medication and has claimed that  her smartphone was hacked remotely, even ipods and smart TVs, and was probably being hacked by the government. I cleaned her laptop of all the Malware and a week later she complained that it was all black when she switches it on. She took it to the shop and they said that the hard disk needed to be recovered. I finally got my hands on it and found that the BIOS password had been set. That was a surprise I can tell you.

I'm a computer scientist myself but not an expert in IT security. I know that she's wrong about being hacked but I just need to confirm for sure that Malware can't set the Bios password. Although technically possible I'm assuming that considering how many different specialised BIOSes and motherboards there are out there it's not actually done in practise. Although it's UEFI rather than old style BIOS and I don't know much about that except it was a real pain installing a dual boot Linux Win 7 on my new desktop with two hard disks because of it.

I'm going to replace the CMOS battery to reset the password. It's a relatively new Toshiba with Win 8 on it (eyuch!). I'm assuming that something just messed up. I once had a desktop do that so I couldn't read the hard disk because of a BIOS setting that changed for no known reason.

Also, how does a factory reset work on an Android smart phone that hasn't been rooted or anything? She said that she had been 'hacked', did a factory reset and it didn't help because it was still acting weird (sorry, I can't get any useful details out of her). I'm assuming that there is some ROM in the phone that can't be over-written so a factory reset should always get rid of any Malware.

I know that she is paranoid but I need to be fully confident of the facts before I explain why what she believes is not possible.

Again, not a guru, just netadmin looking after 250 users.
anything's possible but unlikely.
Run hijackthis and then malwarebytes.
If the notebook has been compromised, it should find something at work.

Also check google for others with a similar problem.
Fixing all computer issues is a simple process of elimination.
Years ago, Toshiba were one of the first "laptops" with gui access to the firmware, including bios pwd.

[Tiberius]

Yay, lots of questions! I'll try my best at answering them:

Why are the hackers seemingly always a step ahead of the hacked?

Hackers aren't bound by ethics / laws in the same way security researchers are, so they are more likely to be looking for weaknesses in computer systems and exploiting them. Also, most computer programmers know very little when it comes to security, and even less when it comes to implementing good security. Most computer systems you use will be vulnerable in a number of ways, and in most cases, they won't be properly tested for weaknesses before they are released to the public.

As a long time Linux user, I always more or less assumed that I was safe from viruses. Of course software like Browsers can be attacked. Also, the days of sharing 3.5" floppy disks with your classmates are kind of over. So what would you say are the security threats to Linux/Mac machines nowadays, and how does it compare to Windows?

Most security threats these days boil down to one thing: executing a command as an administrative user. If you can do that on any computer, it's game over. UNIX based systems have a good degree of separation between regular users and the root (admin) user. To perform actions as root, you normally have to either switch to that user using the root password, or type a sudo password. Either way, you are using a password, something a hacker isn't going to have.

However there are programs which can run as root without you having to type a password in. These are programs which have setuid/setgid permission bits set. They are necessary for the operating system to run properly (e.g. it's how you can change your non-admin user password and have the /etc/shadow file update even though you don't have write access to that file). There are plenty of dodgy scripts out there which have setuid/setgid and are vulnerable in some way, allowing an attacker to gain root without having to enter a single password.

Also, there have been several high profile bugs in software that is widely used on UNIX systems (Shellshock, Heartbleed), which demonstrate that in a lot of cases, it's more about the security of the programs you have installed than it is about the OS itself.

I have win7. In it, there's an admin account which I rarely, if ever, use. I always use the "run as administrator" or equivalent to install or do anything adminy.
I also have the free avira AV and use the default windows firewall.
Both the admin and user accounts have passwords.

Is there anything else I should do to increase my security?

Buy an anti-virus product. Free ones are free for a reason. They will protect you against the basic stuff, and then fall over completely if anything complicated hits your machine. Same with windows firewall; it's not that good at all, and most anti-virus bundles these days have a firewall of sorts built in. I recommend Kaspersky Internet Security.

Other than that, use a good browser (Chrome, Firefox), don't download / run programs that come from dodgy sources, and keep everything as up to date as possible, especially programs like Java, Flash, and anything you use on a daily basis.

What's your AF password?

I don't use a password here.

What's your preferred antivirus/malware program for personal PCs? I use Ad-Aware and Malwarebytes.

Kaspersky Internet Security

What would be the best way to create a sock account that not even you could detect?  Just curious.

With our current resources, it would probably be pretty easy, changing IP address, email, etc. However if I really got suspicious there are plenty of ways to tell if two people are the same. Your browser and browsing habits reveal more about you that you think. Browser fingerprinting is a widely studied subject. Example: https://panopticlick.eff.org/

serious question:

I know someone who downloads stuff of a torrent site.
He goes into the properties for the file once the download has started, and he removes all the trackers.
Can the authorities still see what I am he is downloading?

What's the safest "free" way to do this?

Yes. Removing the trackers does fuck all. You've already connected to them, and removing them will likely screw up the download if for some reason the torrent program needs to find more peers. Also, it's likely that the trackers are stored in your computer's memory and the torrent program is still contacting them long after you remove them from the file.

Additionally, your IP is added to the list of peers by the tracker, so anyone who connects to the tracker will get your IP, and that includes authorities who monitor torrents (which they do).

There are several things you can do, depending on how much you care / how much you want to spend on your privacy:

1) Use a private tracker, as generally speaking the authorities monitor the public trackers more.
2) Install a blocklist of IPs which are known to be involved in monitoring torrent traffic. There are a few free lists available, but the best ones you have to pay a small fee for. You also have to keep your list updated as often as possible.
3) Buy a VPN subscription and send all your traffic through that whilst you torrent. This is the most private / secure way, as your IP is never revealed, and instead the IP of the VPN provider is used instead. There are some VPN providers which exist purely for torrent users.

Can malware set the BIOS password? A friend has been the subject of some cyber-bullying (confirmed) but now she's literally paranoid about everything to the point of being on anti-psychotic medication and has claimed that  her smartphone was hacked remotely, even ipods and smart TVs, and was probably being hacked by the government. I cleaned her laptop of all the Malware and a week later she complained that it was all black when she switches it on. She took it to the shop and they said that the hard disk needed to be recovered. I finally got my hands on it and found that the BIOS password had been set. That was a surprise I can tell you.

I'm a computer scientist myself but not an expert in IT security. I know that she's wrong about being hacked but I just need to confirm for sure that Malware can't set the Bios password. Although technically possible I'm assuming that considering how many different specialised BIOSes and motherboards there are out there it's not actually done in practise. Although it's UEFI rather than old style BIOS and I don't know much about that except it was a real pain installing a dual boot Linux Win 7 on my new desktop with two hard disks because of it.

I'm going to replace the CMOS battery to reset the password. It's a relatively new Toshiba with Win 8 on it (eyuch!). I'm assuming that something just messed up. I once had a desktop do that so I couldn't read the hard disk because of a BIOS setting that changed for no known reason.

Also, how does a factory reset work on an Android smart phone that hasn't been rooted or anything? She said that she had been 'hacked', did a factory reset and it didn't help because it was still acting weird (sorry, I can't get any useful details out of her). I'm assuming that there is some ROM in the phone that can't be over-written so a factory reset should always get rid of any Malware.

I know that she is paranoid but I need to be fully confident of the facts before I explain why what she believes is not possible.

Theoretically I believe a piece of malware could probably reset the BIOS password. It's not common, but BIOS malware does exist, so it's definitely a possibility, however I think it would be highly unusual for a piece of malware to change the BIOS password. If it can get that deep into a computer, it's better to stay quiet and make subtle changes, rather than something which will be noticed.

It's more likely that either your friend changed the BIOS password herself (either on purpose or by accident), or there was some corruption which occurred that happened to change the password, or make the BIOS think a password had been set.

As far as I'm aware, an Android Factory Reset only deletes apps, data, and settings. It won't reset the ROM, because there's nothing about the ROM that requires resetting. If you install custom ROM, it replaces the factory ROM, and a factory reset will not bring the factory ROM back. Without knowing what the actual "symptoms" are, it's hard to say whether she has been hacked or not, however it's pretty unlikely. A factory reset would get rid of any malicious apps, and I don't know of any malware which can install custom ROM; you usually need to restart the phone and do that manually.

I never received an explanation of how it was possible from Verizon/Motorola, but 2 years ago my Droid Razr was bored and lonely one night and entirely on it's own, called a dozen people.  Clearly, a phone just laying there shouldn't be able to pick 12 random names from my directory and call them, so somebody put malware in my phone, or somehow got control of it.

It was very upsetting and embarrassing.  People think you're a creep if you call them at 3:45AM and won't talk to them.

All customer support would do was tell me to delete all my aps, which I did.  And I NEVER put another one in.  I don't even charge my phone while I sleep anymore, I do it in the morning now, and to this day, I do not trust that phone.

The Android app store is full of malicious software, it's really an awful place and a really good argument for the measures Apple have on their app store. The kind of software which does this would likely be hidden inside another app, which probably has legitimate functions. For instance, I might code a torch app which performs a simple function, but hide some code in it which runs when the user isn't paying attention.

The good thing about Android apps is the permissions system, which tells you when you install an app what kind of permissions the app is asking for. If you are installing an app which shouldn't ever use your phone to make calls, but one of the permissions the app asks for is that ability, don't install it. Apple has a similar thing, only permissions are assigned when the app first tries to use them (e.g. you run an app and it asks you for permission to make calls).

[Minimalist]

Most computer systems you use will be vulnerable in a number of ways, and in most cases, they won't be properly tested for weaknesses before they are released to the public.

That makes sense but it isn't very reassuring.  We have had several hacks over here of high value targets..... like Target.