What's new

Keeping your DAW off Internet

JohnG

Senior Member
It's the naive ones that are victims by lurking where they shouldn't.
I still think you're giving bad advice, kite even though I realise there is some sense to what you are saying. It's not just some 'dark web' or other unsavoury website that doles out malware etc. I've had spoofed "alerts" from my bank, complete with surprisingly convincing return email addresses and all that.

Normally, people don't fall for them. It's often someone is vulnerable in some way -- tired or in a hurry, or with some other thing attracting attention; someone who's been paying a lot of bills online and then gets an "invoice" who get snagged.

I even have anti-virus on my Mac, though there aren't too many events as bad as Wannacry or something like that with Macs.

And I use a VPN most of the time.
 

JJP

I put dots and lines on paper.
This is a bit of a tangent, but may be useful.

I do work for one client that demands the machine be offline when working on specific projects. They required me to set up a non-admin account on my machine with wifi disabled and appropriate firewalls activated specifically for these situations.

In addition they require me to download their materials on a separate machine used for downloads only and that is offline when not in use. Downloaded material is kept on a hardware encrypted drive which is manually connected to the work machine so nothing goes on to the LAN other than when absolutely necessary.

It's extreme and quite frankly a bit silly for the work I do, but that's where the high-end standard for protecting data is today. They want near US Dept of Defense levels of security including cameras, lock boxes or safes for drives when not in use, etc.

After the HBO, Netflix, and Sony hacks, companies are very wary.
 

dzilizzi

I know nothing
I can see being hyper careful with very expensive projects. Not so much for malware, but piracy can kill a new movie especially if it comes out weeks before the actual release date. And I'm sure it's the same for other products that take a lot R&D dollars.
 

Paul_P

New Member
Normally, people don't fall for them. It's often someone is vulnerable in some way -- tired or in a hurry, or with some other thing attracting attention; someone who's been paying a lot of bills online and then gets an "invoice" who get snagged.
I just had this happen to me and I'm normally extremely vigilant. I was waiting for a postal delivery (something that doesn't happen that often) and was receiving legitimate email updates from the postal service as my shipment made its way to me when I received a fake email pretending to be from the same postal service about 'a' package. I clicked the link without even thinking. Luckily, nothing happened. Maybe my security software had something to do with that. A good lesson to keep me on my toes.
 

Delio Roman

New Member
I use NetLimiter4 for this very reason. Blocks specific applications from going online (in and out/in or out). Look it up. It's a worthy investment for Windows machines. Use Little Snitch if you're on a Mac.

I like to keep my machine online since i'm constantly on YouTube, twitch, and social media (yeah a distraction i know lol) but i find myself always watching music tutorials etc.

a word of advice to everyone, try to keep your logins secured with 2 factor authentication (if available) and important drives bitlocker/apfs encrypted.
 

dzilizzi

I know nothing
I use NetLimiter4 for this very reason. Blocks specific applications from going online (in and out/in or out). Look it up. It's a worthy investment for Windows machines. Use Little Snitch if you're on a Mac.

I like to keep my machine online since i'm constantly on YouTube, twitch, and social media (yeah a distraction i know lol) but i find myself always watching music tutorials etc.

a word of advice to everyone, try to keep your logins secured with 2 factor authentication (if available) and important drives bitlocker/apfs encrypted.
Bitlocker and the like are useless if you are on your machine when you click on a bad link. They are only really good against physical hacking. My work computer is fully encrypted and this is still an issue. But 2 factor is always good.
 

Delio Roman

New Member
Bitlocker and the like are useless if you are on your machine when you click on a bad link. They are only really good against physical hacking. My work computer is fully encrypted and this is still an issue. But 2 factor is always good.
Hence why I said important drives.
 

Delio Roman

New Member
Bitlocker and the like are useless if you are on your machine when you click on a bad link. They are only really good against physical hacking. My work computer is fully encrypted and this is still an issue. But 2 factor is always good.
Also not completely useless on a (for example) remote attack. Encryption is very good practice for sensitive data.
 

Quasar

Senior Member
I use NetLimiter4 for this very reason. Blocks specific applications from going online (in and out/in or out). Look it up. It's a worthy investment for Windows machines. Use Little Snitch if you're on a Mac.

I like to keep my machine online since i'm constantly on YouTube, twitch, and social media (yeah a distraction i know lol) but i find myself always watching music tutorials etc.

a word of advice to everyone, try to keep your logins secured with 2 factor authentication (if available) and important drives bitlocker/apfs encrypted.
NetLimiter 4 looks pretty cool, and I my try it out for my internet computer.

But for me, the core principle about having an offline workstation is about the right to create in an environment of privacy and autonomy. It's a human rights issue, not a tactical or safety concern.
 

danbo

Active Member
I work in computer security among other software engineering. Keeping it off the internet is a partial solution because one of the more common vectors these days is horizontal attacks. Meaning virus that gets behind your primary firewall, into something in your local network (an IP camera or some other dongle you have maybe), then horizontally attacks the nodes on your computer. So you can block it from going to the internet - my router has easy options for this, but if it's on the network that's unsafe and so it still needs firewalling/etc.

You can unplug, but of course if you share files stuff can still sneak around. But this is all diminishing returns, I'll also say that viruses and hacking seem to be the modern day Red Scare. Big public websites get hacked because they're the more vulnerable. That is; they have to be public with lots and lots of software that is also public and opening ports all over, and to secure them costs hundreds of thousands. So yeah that's where the money is; a private individual getting 'hacked' is usually just them being careless, which begs something happening to them. But the serious money is in the municipalities.

FWIW I've got tons of devices and computers on my local network, and run sniffers that continually monitor, plus download loads of stuff. Never had an issue as far as I know. Anyhow, if your computer is bogged because of a little virus protection I'd suggest getting a new computer.
 

ReelToLogic

Still have my reel-to-reel
Stupid question... Is it possible to have the computer physically connected (Lan) but just turn on the connection when wanted?
I cut into my internet cable and installed a toggle switch that's mounted on my workstation. That way everything stays plugged in but I have a quick visual reference that lets me know for sure that I'm NOT connected. I normally leave it off, and it only takes one second to flip it on when I need to download something. I know this can be done in software but this is super quick and a positive way to disconnect.
 
OP
Synetos

Synetos

Gear Addict
Over the weekend, I decided to go cold turkey offline on my DAW and VEP VST machines. I gave up on RDP into another windows computer for internet access.

I am going to restrict all Internet connectivity to my MacBook Pro.

I really do not need to be online with my DAW. I have plenty of computers and these two one can be isolated.

Also...being online is a distraction, even if it isn't a scary security thing. I now have to make the effort to go online, as it won't be just a mouse click away.
 

Quasar

Senior Member
Yeah, just keep the backup drive physically unattached when not using it, as ransomware can infect anything that is connected.

It's not difficult to stay safe from that stuff with a little bit of effort. For my web PC I just perform a full backup once a month or so, but copy new content to thumb drives or Dropbox in-between. So in a worst-case scenario I am never more than a half-hour away or so from being restored.

For the offline DAW PC it is similar: Full backup once a month (I don't bother with incremental/differential and all of that) and copying newly created content to a secondary drive between the backups.
 
OP
Synetos

Synetos

Gear Addict
Well...keeping my machines offline lasted only a few days. I can't stand it. It's like trying to give up coffee, cold turkey. Not happening...HAHA!

So, I loaded up ESET Smart Security Premium suite on my DAW and VST machines, and everything is back online.

I guess I will just take the slight performance hit (which really just comes from realtime scanning, which I could make rules to fix) and risk of being online. I will rely on good backups and safe online practices...to the best of my ability.
 
Top Bottom