JimboC wrote:Hi guys,
I have a quick question, similar to marcebrown, the original poster, I am wondering how safe my passwords are in the cloud?
I presume they are encrypted on the servers? I realize this must sound strange asking but a little reassurance would go a long way.
I have read too many stories of forums (e.g. Nvidia) and other well know companies e.g. Yahoo and LinkedIn suffering from attacks that compromised the information on the servers.
Is anybody aware of the kind of encryption used by Symantec for password, e.g. if it’s AES or SHA1 etc?
I have transferred my password to the online Identity Safe of Internet Security 2012 and I am simply wondering how safe they are? I transferred them for the convenience of being able to use them on my multiple computers at home.
Any advice would be much appreciated. If you require any further information, please let me know.
Thanks for your time.
JimboC
Hi,
I can't speak for Symantec or Norton but I do have a question for you - do you trust your computer and data to a Norton product?
I don't even want to know what method of security they use for online backup or identity safe data. If I know it then others, much smarter than I am can work out a way to compromise it. I can't tell what I don't know 
I think it is also safe to assume [yes, I know the problems with that word] that they are using the best possible security for their systems and our data.
Two more points - first, no single product will protect you form every threat all of the time. Second, your best security product is a fully engaged chair/keyboard interface.
Stay well and surf safe
Hi dickevans,
Thanks for your reply and apologies for not posting sooner.
Yes, I do trust my computer and data to a Norton product having used Norton Anti-virus since 2003 and then Internet Security from the 2006 version onwards. I also use Sysinternals tools such Process Explorer, Process Monitor, Autoruns and Handle (for closing file handles) (among other utilities) to monitor my computer and investigate any suspicious activity. They are available from: http://technet.microsoft.com/en-us/sysinternals/de
I also use the open-source Process Hacker ( http://processhacker.sourceforge.net/ ) due to its ability to terminate any process, viewing only unsigned processes and detecting rootkits that attempt to hide by hooking important Windows APIs or by using Direct Kernel Object Manipulation (a rootkit stealth technique). I realize that no single product can protect me which is why I also use the free version of Malwarebytes Anti-Malware (with its real-time protection disabled) as a backup scanner.
My approach to security is to also have all Windows security updates installed and to ensure that all of my software has the latest updates. This is a little difficult sometimes, but I am disciplined and thorough in my approach. I also have Microsoft EMET v3.0 ( http://support.microsoft.com/kb/2458544 ) installed and configured to protect all of my most used applications. I could mention other mitigations that I have enabled but I don’t want to go off-topic (please PM me if interested).
I stay up to date on internet security trends and threats. I am also studying for an ISC2 SSCP and eventually a CISSP. I think the above qualifies as “a fully engaged chair/keyboard interface” in order to avoid the social engineering methods that cause malware infections.
Thanks again for help and words of reassurance.
JimboC
- �1995 - 2013 Symantec Corporation Legal Notice License Agreement Privacy Policy Cookies Site Map RSS
