posted on Nov, 22 2014 @ 01:01 AM
Seems to be alot of misinformation/mis-informed people in this thread :/
1) Your computer name (aka hostname) has virtually zero impact on your chances of being hacked. In fact, your hostname is largely irrelevant from the
aspect of someone trying to break into your machine because pretty much all network based attacks are via your IP address.
2) Most ISPs already allocate dynamic IPs to your system that change at set intervals. There's technical reasons for this and none of them are
related to computer security. Changing your IP won't protect you from most of the hacks used these days.
3) A VPN isn't a magic bullet. It only ensures communications between your machine and the VPN endpoint are encrypted. Malicious data/commands can
still come down your VPN connection and do as much damage as a non-VPNed machine. It also won't stop malware on your system from dialing home.
4) Hasn't been mentioned yet, but Tor is also not a magic bullet. There's a number of well known security vulnerabilities/weaknesses in it that can
and have been exploited to identify individuals, track their location and read their network traffic. It cannot be considered 100% anonymous
5) Virus scanners and firewalls/security appliances are always at least 48hrs behind in terms of virus definitions for things floating out in the
wild. Hacker finds a new exploit, he writes a worm to use the exploit, he uses it for a day, possibly a few months/years before a security specialist
notices it, then it takes a few more days to identify it's unique signature to add to the virus definitions used by security software/appliances, and
a few more days on top of that to write something that's capable of removing the infection.
6) SSL is also not a silver bullet. In addition to MITM attacks, CAs can and have been breached. During these breaches someone can generate a
certificate for microsoft.com, and virtually nothing will detect that something is amiss because the SSL validation check will come back as confirming
yes, this certificate is valid for microsoft.com. The certificate will be validated and completely authentic until such times as someone noticed the
CA was hacked and ask to have the fraudulent certificate revoked. Additionally the NSA have their own CA that they can use anytime they wish to
generate a valid certificate for virtually any domain and you'll be none the wiser.
7) Microsoft, Unix, Linux, FreeBSD, Mac OS, Android and IOS all have security vulnerabilities, some of which are known and have
work-arounds/solutions, some of which are known but have no fix, and some of which are as yet unknown. For example, the recent bash vulnerability that
allowed remote code execution, was around for the better part of 20years before it was publically discovered and patched. That's 20 years where even
the most paranoid security specialist that locked down his machine as tight as humanly possible still could have been hacked, either over a network,
or by someone logging into his machine locally.
8) Going to extremes, it's possible to tap into your electrical wiring/communications cables and based on the power fluctuations predict with a
fairly high degree of accuracy what you're doing on your computer. The tech to do this is actually pretty complicated so it's probably only alphabet
agencies that would use this sort of method.
At the end of the day, your machine is never "secure". Nor is your mobile, nor are any other "Internet of Things" devices. All you can do is make
it hard enough to break into your machine that hackers don't bother. Keep your system patches up-to-date, don't open emails from unknown sources,
stay away from dodgy sites, keep your antivirus updated and do weekly full system scans, ditto for malware/spyware. Remove any and all software and
background services that you don't need, keep off-site backups with periodic test restores to ensure the backup image isn't corrupt and don't make
yourself a target.