Tom Olzak

Netbook Security Concerns Lack Substance

In Business Continuity, Data Security, Netbooks, Risk Management, Sandboxie on March 30, 2009 at 12:46

Internet users are tearing down old walls which constrained Web use.  No longer are they satisfied with waiting until they get home or to the office before checking email, buying movie tickets, or burying themselves in their favorite social network.  In large part, the iPhone and the iPod Touch provided the catalyst for this demolition work which is altering forever the way we communicate. 

Taking of advantage of new building opportunities is the netbook, an alternative to dealing with the limitations of handheld devices.  However, there are rumblings about inherent security issues in these crossovers between laptops and iPhone-like devices.  These rumblings are a lot of smoke without any real threat of fire.

Netbook Overview

Before examining possible security issues, we need to agree on a definition of netbook.  Yes we need a definition, because there seems to be a school of thought which attributes higher risk to these new purveyors of mobile access. 

According to Webopedia.com,

Netbooks are small portable computing device, similar to a notebook, and are great for surfing the Web and checking e-mail. What differentiates a netbook from a notebook is its physical size and computing power.

A netbook typically has a small display, ranging from 7 to 10 inches. It weighs under 3 pounds, and support a keyboard that is reduced in size from 75 to 80 percent when compared to a standard keyboard. Netbooks have build-in Wi-Fi, Ethernet, USB ports and slots for flash memory cards. To keep the devices small and compact, netbooks do not have a CD or DVD drive, and most use solid-state disks (SSD) for storage.

Netbooks commonly run Linux or Windows XP Home edition operating systems. Prices for netbooks range from $200 to $350 USD.  

Source: Netbook definition, Webopedia.com

Netbooks are available which run both Linux and Windows operating systems.  And although Webopedia.com equivocates slightly about what the definition of a notebook computer, the Wikipedia.org entry does not.

A laptop (also known as a notebook) is a personal computer designed for mobile use small enough to sit on one’s lap

Source: Laptop, Wikipedia.org

So, a netbook is essentially a small, single-purpose laptop computer.  Its purpose is to interface with the Web anyplace, anytime.  Using my definition, evaluating security issues is pretty simple.

Netbook Security Concerns

If we accept the premise that a netbook is a small cousin of the laptop, then security concerns for one are concerns for the other.  And since there has been enough written on laptop security to fill a large room with dusty tomes, securing netbooks should be a simple matter of just “doing the right thing,” including:

  • Implementing and enabling a firewall;
  • Using a small-footprint AV solution, such as ClamAV or AVG Anti-Virus Free Edition;
  • Turn off all unnecessary services;
  • Encrypt data when appropriate;
  • Use a browser with flexible security capabilities (e.g., Firefox);
  • Only allow wireless connections to networks you know and trust;
  • Follow all manufacturer or carrier recommendations for secure surfing; and
  • Follow all the normal rules of safe browsing, including being careful what you click.

Another method for protecting a netbook, and one which eliminates the need for AV software, is the use of a product like Sandboxie.  Sandboxie creates a protected environment for visiting the Internet.  Nothing intentionally or inadvertently downloaded is permanently written to disk unless you want it to be.  Cleaning up after a session is as easy as shutting down the sandbox.  The most recent version of Sandboxie can also force applications to run in low-privilege mode, even if you are logged in as a local administrator.

The Final Word

The stuff above is just a long way of saying, if you use best practices and common sense to configure and use a netbook, it presents no more risk than a home desktop or laptop.

%d bloggers like this: