问HN:如何进行个人网络安全审计
我深知,如果我被一个非专业的攻击者(比如一个非常有动机的黑客,或者一个具备编程知识的手机/笔记本电脑小偷)盯上,一旦他们破解了我的Windows密码,我就完了,因为这密码是我Chrome钥匙串的钥匙,能够让他们进入一个充满各种账户的潘多拉魔盒。
更有可能的是,如果我的笔记本电脑在解锁状态下被盗,他们可以访问我的主要电子邮件,这可能导致他们通过密码重置获取其他账户的访问权限。我以前会在脑海中列出很多类似的安全漏洞,但现在实在太多了,数不胜数。不过,最大的漏洞还是电子邮件的访问权限。
请问有没有什么流程或方法可以帮助我列举、跟踪并修复我个人网络安全中的这些漏洞?
查看原文
I am acutely aware that if I were targeted by a non sophisticated actor (like a very motivated hacker, or a phone/laptop thief with programming knowledge), I would be toast if they figured out, e.g my windows password, as that is the key to my Chrome keychain, for e.g, which allows them into a pandora's box of accounts.<p>Even more likely, if I were to get a laptop stolen while unlocked, they could get access to my primary email(s), which could lead them to getting access to accounts via password reset. There were a lot of similar other failure points I used to keep enumerated mentally, but now there's too many to count. The biggest ones are email access however.<p>Is there a process or method I can use to enumerate/track and fix those kids of failure points in my personal cybersecurity?