Living a Hack Proof Life: The Lion and Zinc

Posted by Read 9 Comments

There is a predator lurking in the grass. Can you spot it?

Every time I hear a story of a hacked website or a malware ripping computers apart I look around with pity. Thousands fall by my side and I remain standing; unscathed. This is not by chance. I have spent the past 12 years teaching myself to be hack proof.

Starting with today and over the next coming days and weeks I will share some of these nuggets with you. Today I will share with you some of the fables I learnt as I was growing up in my rural home.

Some nights when we were young, we would sit in the fading light of our kitchen in a circle around the dying fire as we listened with undivided attention to my father and mother’s stories.

Advertisement

They would tell stories of cunning hyenas wreaking havoc across the the savanna. Predators stealthily stalking unsuspecting victims and dealing death’s blow with cold efficiency. The hare tricking the baboon one time too many than would seem possible. The baboon falling prey to these tricks with disheartening regularity. The tortoise outrunning the hare.

It would all be too easy to dismiss these stories of talking animals as infantile but from these fables I have managed, time and again to glean precious precepts that have served me well in my life. Some of these can be applied to the ICT world.

  1. You do not need to outrun a lion, you just need to run faster than everyone else. Often in the ICT world hackers go after the low hanging fruits. All you need to do is to make sure that your security is better than everyone else’s and you will be hack proof.
  2. Most lions don’t go out looking for humans or even animals to kill, you just happen to fall into their hunting ground. You don’t need to be a celebrity or a big company. Most hacks happen because you happen to fall in the hacker’s path maybe because you keep putting off updates and upgrades.
  3. There are monsters lurking out in all forests even the placid looking ones. Some people are so naive as to think that they are safe and their computers are safe because they don’t see evidence of malware activity on their network/computer until it’s too late. You will do well to always assume some hostile malware or hacker is after you
  4. You should quit being a baboon. One of my cousins keeps clicking on bait ads and infecting their laptop on a regular basis in ways that do not even seem possible. Only an idiot would believe that a website can tell their registry/hard drive needs fixing right? Yet people keep falling prey to these cheap tricks.
  5. Never close your eyes in the presence of a fox or a hyena. One of the things that most software crackers ask people to do is to disable their antivirus software so they can install the cracked software without problems. In those split seconds when your guard is down you will be got.
  6. A cheetah is always stealthy stalking you. If you have ever managed a website you will know that as soon as your server is connected to the internet someone will start gently probing it for weakness
  7. Always sleep in a tall tree and do not fall. If there is a tool out there that you can use to give yourself an edge please do so. Sure leopards(targeted hacks) can climb trees and scalp you but it would be worse for you if you sleep on the ground
  8. Educate yourself on the basics, we live in the digital world don’t be a moron. In one story the hare tells the baboon to roast his groundnuts before planting them so they will germinate well. The gullible baboon proceeds to do that with disastrous results. Common sense dictates roasted groundnuts do not germinate.
  9. Arm yourself. You stand a better chance if you carry a spear. Arm yourself with tools and knowledge and you will be safe.
  10. Choose a well traveled path and you will be spared an encounter with mythical creatures. The internet abounds with common wisdom such as choose a complex and strong password, don’t reuse a password, don’t write your password down etc. Follow these conventions and you shall live the hack proof life.

Any professional will tell you its simply not possible to make yourself technically unhackable. The only safe ship is the one that stays in the harbour. The only way to make your computer unhackable is to disconnect it from the internet, switch is off and grind it to dust. In these stories I also learnt that going on adventure is taking a risk. Taking sensible precautions will make it a worthwhile risk.

During my science lessons however I learnt the story of zinc roofing sheets. Only they are not made of zinc at all, they are really iron sheets coated with a thin layer of zinc. When the rain and rust comes it eats away at the zinc first. This is called galvanizing.Only years later after lots of rust will it get to the iron. A layer of paint on top of the zinc virtually precludes this from ever happening.

Hacking and creating malware requires resources. To live a hack proof life you only ever need to do two things: make it so hard to hack you that the benefits would not be worth it to the hacker. Second, make sure that you are better protected than the rest of the people and make them your zinc.

Over the next days,weeks and months I will share with you what over 12 years of research has taught me.

Image credit: travelingmarla.com

Previous

The book with Facebook posts by Strive Masiyiwa starts circulating again

Next

Microsoft Paint is not dying, it's just getting a new home

9 Comments

  1. kilotango says:

    I think this is quite ambitious… because you can only stop what you know. most hackers know things that you dont.. and this is how they successfully do what they do.

    also, i can tell you…if you are not targeted, and have only seen scripted bots attack you… then you havent actually had a ‘real’ hack attempt.

    i’ll follow this closely, and i’ll be sure to point out all the holes in your methods 🙂

    1. Garikai Dzoma says:

      I do admit that if you are targeted by say the NSA, Russians, Chinese, GCHQ, North Koreans or some other skilled foe then you are toast. My strategy is simple make it so expensive for your foe to hack you it will cost them a pretty penny simply by using common sense and tools at your disposal. I can guarantee that the Zimbabwean government will not be able to hack you; it’s poor as we all know.

      I make the distinction between being unhackable(is it a real word?) and hack proof. Think of the bullet proof vest. It will most certainly save you from a tank round or a sniper. but it can save your bacon against a .22 round.

      I am glad you will be watching. You poking holes in my theories will make them even better 😉

      1. Kilotango says:

        lol… dont worry about the NSA, etc… its Anonymous who will leave you with your head spinning 🙂

        Overall, this series will be good for security awareness in our country

  2. Sagitarr says:

    Your intentions are most welcome, from an education view point. However, computers are now so ubiquitous the range of users and skill level (excluding typing) are the most worrying. What you classify as “basic” or “common sense” is lost on some users because they have never learned about computing in a structured sense. Also, some folks think owning “top range” phones or computers means they also become “top range” users, well, these are not cars or “Whatsapp”, more brain power is required here especially the binary type aka logic. Hackers are very aware of all the common mistakes the majority users out there make and they exploit them to the max. Also remember that hackers also have diverse skill sets – some are experts in low level languages (machine/assembler code), some do reverse engineering, others specialise in very covert activities. If they haven’t got you, it’s premature to celebrate, it could be a matter of time before it happens. If you test negative for AIDS it doesn’t mean you will not get it. If you’ve never been involved in an accident, it doesn’t mean you’re a great driver. The OSI data communication protocol has 7 layers – an attack on any of these can happen!!

    1. Garikai Dzoma says:

      You raise some valid points but the fact that you can be in an accident even if you are a good driver or get AIDS even when you take precautions need not dissuade you from taking said precautions. Also during those 12 years I mention above I have been a victim quite a number of times indeed.

      Fun fact my naive teenage self actually believed he had won 1,6 million USD in a lottery I had not taken part in! Recently I met a grown *ss man celebrating after receiving the same email in 2017. That should not happen. While the internet is full of this wisdom I have decided to put information like this in the Zimbabwean context.

      This info is aimed at the casual user up to intermediate admins. Think of it as my own version of CSC 101 served with a topping of common sense and sprinkled with experience (anecdotes from my own life)

      1. Sagitarr says:

        Yep. Precautions are very necessary but don’t blow your own horn. There are some users out there who can’t tell the difference between 1 and I or 0 and O or one space and two spaces etc, good luck. Then of course, there are some “casual users” whose only access to computing is via mobile phones. This is where the knowledge gap is, in my 25 years experience. Advantages come up when users are willing to learn, in my view.

  3. epicpewpew says:

    Hi, Techno-anarchist here. You aren’t hackproof you never were and never will be.

  4. Christerbel Erica Mujaranji says:

    Loved the fairy tales,… but watching this space to see and hear if your 12 years of experience can really make us hackproof if there is anything of a sort.

    1. Garikai Dzoma says:

      As the Orange One says all the time”, I am going to write a series on security. It’s going to be big and its going to be beautiful.”

Comments are closed.