Ask HN: 如何进行个人网络安全审计
8 分•作者: preciousoo•6 个月前
我非常清楚,如果我成为一个不够专业的攻击者(比如一个积极性很高的黑客,或者一个有编程知识的手机/笔记本电脑窃贼)的目标,一旦他们破解了我的密码,比如我的 Windows 密码,我就完蛋了,因为这是进入我的 Chrome 密钥链的钥匙,例如,这会让他们打开一个潘多拉魔盒般的账户。
更有可能的是,如果我的笔记本电脑在未锁定的状态下被盗,他们就可以访问我的主要电子邮件,这可能导致他们通过密码重置来访问其他账户。我过去常常在脑海中列举很多类似的故障点,但现在已经多到数不清了。然而,最大的问题还是电子邮件访问。
有没有我可以用来列举/追踪和修复我的个人网络安全中这类故障点的流程或方法?
查看原文
I am acutely aware that if I were targeted by a non sophisticated actor (like a very motivated hacker, or a phone/laptop thief with programming knowledge), I would be toast if they figured out, e.g my windows password, as that is the key to my Chrome keychain, for e.g, which allows them into a pandora's box of accounts.<p>Even more likely, if I were to get a laptop stolen while unlocked, they could get access to my primary email(s), which could lead them to getting access to accounts via password reset. There were a lot of similar other failure points I used to keep enumerated mentally, but now there's too many to count. The biggest ones are email access however.<p>Is there a process or method I can use to enumerate/track and fix those kids of failure points in my personal cybersecurity?