The (Mistaken) Sense Of Control
What in your life can you control?
Not much, as it happens. In fact, most of the areas we feel most in control of are riddled with uncertainty and unpredictability: business, health, parenting, finances. In a lot of cases - like picking which stocks to invest in - the average person actually underperforms random selection. That is, when it comes to picking stocks, a monkey with a dart board and a copy of the stock page can do a better job picking winning stocks than most ostensibly informed humans.
Why is that?
In the case of selecting stocks, it's because while a random selection has a 50/50 chance of going up or down, we humans tend to invest our choices with emotional weight that keeps us in markets too long or too short - unlike randomness, we act on hunches, fears, and hopes.
More generally, we tend to be poor judges of risk and uncertainty, yet we have brains that are more than willing to impose patterns and meaning that cover up rather than address such unknowns. So we act as if we knew what we were doing, and as if we had some level of control over the situation, when really we're at the mercy of luck - and the more uncertain the situation, the more likely we are to act as if we were in control.
The (Mistaken) Sense of Control
Consider this situation:
Let's pretend you have an infant girl, and one night you get a call at 1 am from a friend across town who desperately needs your help. As you prepare to drive across town to meet your friend, you have a choice - leave the child sleeping in her crib, or bundle her into a car seat and take her with you.
For most parents, this is a no-brainer - of course you're going to take her with you. What if something happens in the house while you weren't there, like an electrical fire? What if someone broke into the house and kidnapped her? What if she stopped breathing?
The reality, though, is that the single riskiest thing you could do to an infant at 1:00 am is to take her driving in a car. Far more people die every year in car accidents than in all the potential risks to your child alone at home combined. In your car, she'll be exposed to danger from poor road conditions, mechanical failure, and worst of all, other drivers - who at 1:00 am are likely to either have been drinking or be exhausted, neither of which makes them safe to be sharing the road with.
But with our child with us, we feel in greater control than if she was left at home, unattended. There's no rational basis to this feeling - it's entirely grounded in emotion, a poor comprehension of risk, and an over-assessment of the degree to which our own presence has any significance.
Our failure to understand risk and the role chance plays in our lives is profound and cuts across a wide swathe of our lives. Consider the efforts we make to assure our children grow up with decent values - and how often parents raise kids that completely reject their values. Or consider how many businesses go under every year, and how many of them were headed up by people with strong qualifications, solid training, and a clear sense that they knew what they were doing. Or, in the financial sector, consider how many stock brokers, financial analysts, and others are caught entirely by surprise by massive shifts in the financial sector, like the recent collapse of the credit system - if there were really a pattern, and people really understood it, they all should have seen it coming.
Dealing with uncertainty
If we're really bad at understanding risk, and if we're led astray by a mistaken sense of control, then what should we do? Should we just throw up our hands and accept whatever Fate throws at us? Should we lock ourselves in our homes, wrap ourselves in padding, and huddle in a corner until our lives mercifully end?
Fatalism and despair are, thankfully, over-reactions to the uncertainty of life. As it happens, there are quite a few things we do control, even in the midst of uncertainty. For instance, while even the best poker players are largely at the mercy of luck as to what cards they hold, good players can control enough of the situation - their facial gestures, how much they bet, when to fold, etc. - to come out of even several lousy hands in a row ahead (at least sometimes).
While we can't eliminate uncertainty, there are ways we can act to minimize its effects - at least in some instances. If the Moon spins out of its orbit and collides with the Earth tomorrow, all bets are off. But for more everyday sorts of uncertainly, it pays to:
Be prepared.
Good planning leaves enough "slack" to adapt readily to unforeseen circumstances. For example, many people keep a "rainy day fund" to make sure they're prepared for an illness, loss of a job, accident, or other emergency.
Diversify.
Balancing high-risk options with low-risk ones can help make sure that a sudden freak occurrence wreck everything. It's the classic "don't put all your eggs in one basket" theory - balance your investment portfolio, hedge your bets, pursue multiple medical treatments (where possible), and so on.
Get a second opinion.
Or a 100th. James Surowiecki's "The Wisdom of Crowds" shows how the cumulative voice of the many can be more accurate than any one individual, even an expert. Whenever undertaking a risky endeavor, make sure to consult as many people as possible - and find a way to split the difference.
Get another doctor's opinion before embarking on a course of treatment, Discuss investment options with more than one financial advisor. Get feedback from a range of employees before instituting a radical new policy or process. By sampling a variety of people, you'll have an opportunity to "cancel out" conflicting worldviews that, in most cases, have little to do with the reality at hand.
Create habits.
Uncertainty often leads us astray most when we respond directly to fluctuating and random events. For instance, maybe you go to Vegas with a $300 budget to spend on slot machines, but when you see a particular jackpot is up to $12 million you throw caution to the winds and drop $800 into the machine. Creating habits that you stick to religiously can help minimize the desire to act based on emotional factors that have little to do with the actual level of certainty or uncertainty involved.
Recognize risk.
There is a far higher injury rate for softball players than for base jumpers. Why? Because softball is seen as a safe sport and so players take few precautions, while base jumpers train heavily, invest in solid equipment, and approach the risk inherent in their sport seriously. When you recognize risk and respect it, you act smarter - which helps you to stay more in control when that's possible, and to minimize harm when control isn't possible.
Life itself is inherently uncertain - and that's a good part of its beauty. That uncertainty shouldn't paralyze us, it should energize us - it should make us doubly aware of our surroundings and doubly appreciative of our successes. By ignoring risk - or pretending it doesn't exist - we make ourselves stupider, which ironically leads us to act in riskier ways.
But by respecting and even embracing uncertainty, we can often come out further ahead than if we tried - usually in vain - to control inherently uncontrollable situations.
Saturday, March 14, 2009
Friday, March 6, 2009
WIRELESS SOHO
Mighty Tips to keep your SOHO - Wifi Network secure!!
These days wifi networks are found in abundance be it a home, a hotel, a motel, a small office....it is really a benefit and a ease to carry you laptop at any corner or any room and start working if that place is in the reach and you wifi strength covers it....be it in a cafe takin coffee sips and clicks or be it a motel having a hard time as the presentation is tomorrow..wifi has made it all so easy and handy. But after having all these facilities deployed there a few questions that arises??
#) Are you the only one accessing your wi-fi Network?
#) Are you sure no body is sneaking around in your network?
As it is quiet easy to carry around a laptop and use the wifi connectivity in the same ration it is risky too when seen from a security perspective....All the digital transactions made via your laptop might be lying at someone's table ready to be analysed. These days wifi networking devices don't always help your need of security...so above all you your self need to be a bit conscious and take over the charge. Here are few points outlined that might help you in securing ur wifi network and keeping them out of reach of the Dirty Hands.
1)Turn the encryption system on (WPA/WEP whatever your wifi device supports):
Almost all of the wi-fi devices come up with in built encryption techniques. What these encryption system does is they just play a rumble with the data sent over the air and turn them in to sh!ts so that they are transformed in to unreadable formats often termed as craps....There are many different encryption mechanisms employed that exist for the facility today. Generally because of the human nature you will go for the best, conditions are they must work along with your network. All the devices (wi-fi) in the network must share a same encryption key to talk to eachother..so there might be chances that might create conflicts betn two devices that dont support a encryption mechanism used by one...or say the technique that one uses might not be supported by the other..so again her you will have to choose an option that will work for all. If the choices are WPA and WEP only than I wud recommend you to go with WPA ;) the reasons are obvious hehe..
2)Change the default login credentials:
By default every wi-fi vendor does implement some sort of access authentication systems in their devices..the general is a web based authentication that contains a username and a password. The first thing one must after he gets in is change in the default settings (password) and username too if possible. As because these devices are as a nucleus of any wi-fi network high priority must be given to the security of these devices as one mis-configuration might result in a chaos. In general, to configure, maintain and set up these devices a web base platform is provided that needs authentication and/or account information to be accessed for. These platforms generally come with a default set of everything..the login credentials too that are like
Username<==>Password
admin admin
admin NULL(means no password required)
NULL 00000 (they are zeros and must not be mistaken with the letter o)
and so on...so as these are the default set of login credentials and are different with vendors, but are known to public (and attackers more often) so it is indeed a good practice to change them up.
3)Enable MAC address or Hardware address filtering:
Every network device that exist in this world has its own unique identifier that is in no way same to any other device from the same vendor or from any other...these identifers are called physical address OR' MAC address. Access points and routers in the network keep a log of all the hardware addresses of all the devices (wifi cards) connected to them. And these days many of such AP(Access Points) and Routers have an option to restrict connections and or accesses to any hardware address defined in the AP or the router. This is generally a good practice if you dont want average computer users connect to your network and use your resources but if in case a intruder gets hand on the physical address of the devices in your network than s/he can easily make fake addresses and than be a part of your network. This feature is not as effective as it seems, the reason is clear....ah WHY??
4)Change the SSID name:
Wifi devices such as Access Points and wireless Routers use a network name known as the SSID (Service Set Identifier) to make the devices know of them. Generally vendors normally have their name as the default SSID names. For e.g, Dlink has the SSID name as "dlink" Linksys has "linksys" and so on. If you ask that what can one do if my SSID is known than the answer is they might be able to break into....though this is the first step one would take. Moreover there is a logic if someone finds a box with SSID set as default than there are chances that other things are kept default too..rite!! and thus are much more likely to make it a victim. So better change the SSID immediately as you change the password.
5)Hide the SSID from public:
In wireless networking, the AP or the router generally broadcasts the network name (SSID) as discussed above in the air at periods. It was generally designed for businesses and mobile hotspots where wireless clients may roam any where. This feature is generally unnecessary while being in a home or such places. So when not in use it is better to keep it off as it will just do the thing as "Hey do u see me I am a AP/Router and I am here".
6)Do not auto connect to wide open wi-fi networks:
While as it is a good thing and a luck to find open networks....it is a place of high risk in the same ratio..cases have been registered whereby open APs and Routers are setup to acquain victims and than play with them. So better not connect on any free hotspots till you trust them.
7)Disable DHCP in the AP or the Router:
It is generally seen that many of the APs or the Routers that are used are running DHCP server running in them that reduces the hectic job of assigning the IP address to each client on the network manually. But in the other hand it will notify the attacker of the IP address and the all the information being used as he might obtain a valid IP address automatically. So its a good practice to turn DHCP off and assign the addresses manually this wont let the intruder know of the subnet being used moreover user subnets else than 192.168.x.x as this is the most common subnet used.......
8)User firewalls:
As modern wifi devices come along with a builtin firewall and other options it is a good thing to make a use of them denying all unnecessary services and applications in the network...except from those which comes to regular uses.
9)Turn the network when not in use:
Well I needn't tell this but there are ppl who want their wi-fi devices be online always though not in use...why to take risks and provide a long lasting window to the attackers instead it is a better to turn the device off if they wont be in use for a long time.....saves both electrcity bill and your network ..... ;)
These days wifi networks are found in abundance be it a home, a hotel, a motel, a small office....it is really a benefit and a ease to carry you laptop at any corner or any room and start working if that place is in the reach and you wifi strength covers it....be it in a cafe takin coffee sips and clicks or be it a motel having a hard time as the presentation is tomorrow..wifi has made it all so easy and handy. But after having all these facilities deployed there a few questions that arises??
#) Are you the only one accessing your wi-fi Network?
#) Are you sure no body is sneaking around in your network?
As it is quiet easy to carry around a laptop and use the wifi connectivity in the same ration it is risky too when seen from a security perspective....All the digital transactions made via your laptop might be lying at someone's table ready to be analysed. These days wifi networking devices don't always help your need of security...so above all you your self need to be a bit conscious and take over the charge. Here are few points outlined that might help you in securing ur wifi network and keeping them out of reach of the Dirty Hands.
1)Turn the encryption system on (WPA/WEP whatever your wifi device supports):
Almost all of the wi-fi devices come up with in built encryption techniques. What these encryption system does is they just play a rumble with the data sent over the air and turn them in to sh!ts so that they are transformed in to unreadable formats often termed as craps....There are many different encryption mechanisms employed that exist for the facility today. Generally because of the human nature you will go for the best, conditions are they must work along with your network. All the devices (wi-fi) in the network must share a same encryption key to talk to eachother..so there might be chances that might create conflicts betn two devices that dont support a encryption mechanism used by one...or say the technique that one uses might not be supported by the other..so again her you will have to choose an option that will work for all. If the choices are WPA and WEP only than I wud recommend you to go with WPA ;) the reasons are obvious hehe..
2)Change the default login credentials:
By default every wi-fi vendor does implement some sort of access authentication systems in their devices..the general is a web based authentication that contains a username and a password. The first thing one must after he gets in is change in the default settings (password) and username too if possible. As because these devices are as a nucleus of any wi-fi network high priority must be given to the security of these devices as one mis-configuration might result in a chaos. In general, to configure, maintain and set up these devices a web base platform is provided that needs authentication and/or account information to be accessed for. These platforms generally come with a default set of everything..the login credentials too that are like
Username<==>Password
admin admin
admin NULL(means no password required)
NULL 00000 (they are zeros and must not be mistaken with the letter o)
and so on...so as these are the default set of login credentials and are different with vendors, but are known to public (and attackers more often) so it is indeed a good practice to change them up.
3)Enable MAC address or Hardware address filtering:
Every network device that exist in this world has its own unique identifier that is in no way same to any other device from the same vendor or from any other...these identifers are called physical address OR' MAC address. Access points and routers in the network keep a log of all the hardware addresses of all the devices (wifi cards) connected to them. And these days many of such AP(Access Points) and Routers have an option to restrict connections and or accesses to any hardware address defined in the AP or the router. This is generally a good practice if you dont want average computer users connect to your network and use your resources but if in case a intruder gets hand on the physical address of the devices in your network than s/he can easily make fake addresses and than be a part of your network. This feature is not as effective as it seems, the reason is clear....ah WHY??
4)Change the SSID name:
Wifi devices such as Access Points and wireless Routers use a network name known as the SSID (Service Set Identifier) to make the devices know of them. Generally vendors normally have their name as the default SSID names. For e.g, Dlink has the SSID name as "dlink" Linksys has "linksys" and so on. If you ask that what can one do if my SSID is known than the answer is they might be able to break into....though this is the first step one would take. Moreover there is a logic if someone finds a box with SSID set as default than there are chances that other things are kept default too..rite!! and thus are much more likely to make it a victim. So better change the SSID immediately as you change the password.
5)Hide the SSID from public:
In wireless networking, the AP or the router generally broadcasts the network name (SSID) as discussed above in the air at periods. It was generally designed for businesses and mobile hotspots where wireless clients may roam any where. This feature is generally unnecessary while being in a home or such places. So when not in use it is better to keep it off as it will just do the thing as "Hey do u see me I am a AP/Router and I am here".
6)Do not auto connect to wide open wi-fi networks:
While as it is a good thing and a luck to find open networks....it is a place of high risk in the same ratio..cases have been registered whereby open APs and Routers are setup to acquain victims and than play with them. So better not connect on any free hotspots till you trust them.
7)Disable DHCP in the AP or the Router:
It is generally seen that many of the APs or the Routers that are used are running DHCP server running in them that reduces the hectic job of assigning the IP address to each client on the network manually. But in the other hand it will notify the attacker of the IP address and the all the information being used as he might obtain a valid IP address automatically. So its a good practice to turn DHCP off and assign the addresses manually this wont let the intruder know of the subnet being used moreover user subnets else than 192.168.x.x as this is the most common subnet used.......
8)User firewalls:
As modern wifi devices come along with a builtin firewall and other options it is a good thing to make a use of them denying all unnecessary services and applications in the network...except from those which comes to regular uses.
9)Turn the network when not in use:
Well I needn't tell this but there are ppl who want their wi-fi devices be online always though not in use...why to take risks and provide a long lasting window to the attackers instead it is a better to turn the device off if they wont be in use for a long time.....saves both electrcity bill and your network ..... ;)
Subscribe to:
Posts (Atom)