Security

[This page was last updated 2011.5.2.a]

There’s some scary stuff out there… but please don’t let it scare you off computer and Internet use completely! Take sensible precautions, use security software and keep your software updated, and test regularly to stay safe.



Backups & Imaging

Backing up your data (making a copy to another drive or some alternate media) is absolutely essential, because nothing — including your hard drive — lasts forever.

There are basically two forms of backups:

  • backups which cover some or all files, may or may not contain program files, and may be only part of the files on the drive being backed up
  • imaging which is creating a complete “image” or copy of your entire drive, exactly as it is at that moment. The image is not normally a usable copy (you can’t directly use the files in it), but it usually contains everything on the drive, so you could, if necessary, completely recreate your programs and files — on a new hard drive, for example, if your old one died.

The main difference for many people are the factors of time and storage space. It takes longer to backup more files, and it takes more space as well. An image of an entire hard drive (depending on the amount of compression the imaging program allows) may take up as much storage as the original hard drive used, or at least a sizable chunk of storage on something else. Imaging a drive, of course, takes much longer than backing up just a few files, and you may not be able to do much — or anything — while it’s going on (it tends to be an “overnight” kind of job).

When you first get a computer, you normally are instructed to do a backup of the hard drive immediately, before you do anything else. Do this! In a worst case situation, you could at least get back to where you started. Since this would include all the programs already installed on the computer, you would not need to back up those programs. You would, however, need to download or backup all the updates and changes made to them.

Backups can be made of only your data — the files you create. These would be the files in the directories you create, and the files in your Documents and Settings/yourname directory (where “yourname” is your login name, or “owner” if you set yourself up as the owner of the computer).

Windows includes a backup function, which is not considered the fastest or easiest by many experts, but works within its own limits. You could use this, or you could look at alternate software for backup or imaging — or both.

Backup software may have several features, which may include making a scheduled backup at a certain time, or making a continuing backup in the background or when your computer is less active).

For one easy backup method using free software, here for a tutorial.

The latest posts on this topic are available by clicking here.


Security Software & Links

Gizmo Richards is an eletter (email newsletter) author who is a thorough, knowledgeable and critical writer on computer topics. His advice ranges from fairly simple for beginners to extremely expert and is a good place to start learning about your computer and software.An excellent article called Gizmo’s Guide to Securing Your PC covers the basics, up to date as of September 2007. From Gizmo’s Tech Support Alert.Another method is at Make Windows Invincible! (A tutorial). Offered as an alternative by Gizmo’s Tech Support Alert newsletter.

The latest posts on this topic are available by clicking here.

See also the specific sections for types of software, such as Virus Protection.

Malware

Malware, also known as Badware, is a term for software that actually hurts or spys on you (see also spyware, below). You can keep up with it and report it at StopBadware.org.

In addition to viruses and their kind, there is a new problem on the Internet. Call it “junkware” — it is defined thus: “the application has (1) the ability to run commands on the infected PC, or (2) download new versions of itself (which may have negative features), or (3) download entirely new programs that aren’t in the best interest of the computer owner”. This includes adware, spyware, malware, etc.” — [Brian Livingston.

Comparison of Unwanted Software Installed by P2P Programs covers programs like Kazaa, eDonkey, iMesh, Morpheus used for file sharing and found only one, Limeware, was at that time free of adware installed inside. User beware!

The latest posts on this topic are available by clicking here.

Other resources to check when thinking about installing something new:

Other Traps and Tricks

You may see the following terms or warnings from your anti-virus or other software, or from other sources.

    • Decompression Bombs: your computer has a finite amount of memory, hard drive space, etc. If something can tie all that up, it works a lot like that program often seen in movies where the computer is tricked into a loop or overload to keep it from taking over the world. But if it just keeps you from your regular computer use, it’s a nuisance and could cost you time and maybe even unsaved data. Consider this: “Imagine I had constructed one of those zip files that had shrunk 100Gb down to 6k and I sent you that file. If you trusted me, you might try to open it. There inlies the problem: while you can readily accept the zipped file, the chances that you have the 100Gb of free memory (including virtual memory) to accomodate the decompressed file are … slim. When you try to open one of these files, your computer will quickly become overwhelmed and stop responding; all of the free memory having been used up, it can’t do anything else. You effectively suffer a denial of service attack. That is what we call a decompression bomb.” [from Decompression Bombs, recommended by Gizmo’s Tech Support Alert newsletter.
      What if you are warned about a decompression bomb? Do not delete it too quickly — some legitimate and sometimes vital files may be mistakenly tagged by other programs. Check online (just type the file name into your search engine) and read up on it first. Avast anti-virus, for example, may label some compressed Outlook archive .PST files by mistake.
    • Ransomware is malware that cuts off access to your files and demands payment to get access again.
    • Use of your processing power — you may be authorizing the use of your computer for other purposes when you use a certain program.  Consider this “terms of use” clause:

15. USAGE OF COMPUTER RESOURCES.

You agree to permit the Software to use the processing power of your computer when it is idle to run downloaded algorithms (mathematical equations) and code within a process. You understand that when the Software uses your computer, it likewise uses your CPU, bandwidth, and electrical power. The Software will use your computer to solve distributed computing problems, such as but not limited to, accelerating medical research projects, analyzing the stock market, searching the web, and finding the largest known prime number. This functionality is completely optional and you may disable it at any time.

This was found at http://www.digsby.com/tos.php for what looked like a freeware program.  This gives the company the right to use your computer’s “spare time”, possibly slowing your computer, to do whatever they want (and not necessarily the innocent tasks listed).

Be wary of putting anything like this on your computer.



Firewalls

Firewalls are software or hardware that keeps bad stuff from coming in, and warns you when anything tries to call out. You can (and must!) allow some communication, but a good firewall should allow you to pick and choose which programs contact the outside world.

The latest posts on this topic are available by clicking here.



Scams

Spam, which can be “unsolicited” email or comments added to a blog or wiki, is the bane of the Internet. However, to be part of the solution, remember certain rules:

  • Never ever reply to spam. Even to “get off” the list — that’s a sneaky trick to get you to confirm that your email address is valid. If you use the link spam gives you to “get off” their list, you will only increase the amount of spam you get.
  • Never buy anything from spam. That’s the main reason there’s so much of it — people do click on the links and buy. Spam is cheap to send, so if only 1 in several million recipients responds, it can still be worth sending. Don’t encourage it. Plus, spam is often really a trick to steal your identity and credit card numbers.
  • Don’t take spam personally. It goes out to every possible variation of email addresses, and is stolen from every available source, and the spammers rarely even know you exist when they send it to you. You don’t have to have gone to any web site or done anything to get spam (that’s how dogs end up getting offers for credit cards!).
  • Be wary of receiving spam from friends/coworkers/relatives. They might have gotten a virus or trojan which uses their computer and their list of email addresses to send something to you. Be sure that your friend/coworker/relative actually sent the message before you open any attachments.

Spam is now showing up as fake comments on blogs (such as this one!) which attempt to sneak in ads disguised as legitimate comments. There is also spam which tries to go out as instant messaging, mobile phone messages, chat, video files, and every other kind of communication that allows just anyone to send to it.
Phishing — usually done with email, which pretends to be from some bank, credit card, or other organization with whom you might have done business. It may (or may not) claim your information is in jeopardy, or your account was hacked, or some other urgent reason why you must either (a) reply to the email with confidential information, or (b) go to a web site and give it confidential information, such as Social Security number, bank account number, credit card number, etc.

Some of these are really clever, and use fake websites that look legitimate.

NEVER respond to these, and never use the link in the email.

First of all, did you ever even give your current email to this company? And why would they use an insecure method like email to do business like this?

REMEMBER:

  • Never send confidential information in an email.
  • Never go to the web site given in such emails. Instead, go to the company’s regular web site, or call on the phone to see if this is a legitimate request (and be prepared to wait; chances are, umpteen million other people got the same message, whether they ever dealt with the company or not — the scammers are counting on some of the recipients being actual contacts).
  • Never respond to a fake email, even to tell them you know it’s fake — they don’t need to know your email address is active, as they’ll just sell it to a lot of scammers and you’ll be flooded with more of the same.


Spyware

Spyware is a type of program that plants software in your system and then keeps information about you, which it can then send back to somebody else. It may be just what you buy, or it might be all your passwords or credit card numbers.

The latest posts on this topic are available by clicking here.


Virus & Other Protection

The term “virus” refers to a program that can copy and reproduce without your knowledge. It may do all kinds of damage, or just be a joke.

A “trojan horse” or just “trojan” is a program that does something other than what you expect, such as install software, and usually without your knowledge. A trojan can be used to install spyware (to steal information, such as credit card numbers), or to perform a number of various operations.

Some trojans may install a “root kit” which can take over certain or all operations of a computer. Some of these actions have been used to update software, while others have been used to control the use of certain files, such as music or video. However, the secretive use of such programs should be considered an intrusion on your privacy and security, and may be a criminal action under some laws in some places.

Everyone should use a good anti-virus program that also watches out for other malicious programs, and keep it updated. Even computers not actively searching the Internet have been infected with malicious programs. Computers not connected to the Internet can be infected by disks or other media brought from other computers.
.

Freeware Anti-Virus for Protection

The following resources are available for FREE! for antivirus and other protections, and are considered reliable by authoritative sources.  Note that with many you will get some nag screens urging you to upgrade to their pay version, but that’s the cost of freedom = advertising!

Spyware Protection

Ad-Aware is available in a free version (as well as pay versions with more features). This is a great — and FREE! — way to check for malware (viruses, trojans, adware, etc.) on your system, and you should use it to double-check your regular anti-virus software. Ad-Aware is something you should update and then run every so often — say, monthly– and you can use the Internet Fixes adviceon how to do it.Remember: Ad-Aware needs to be downloaded each time, as it does not have automatic updates for the free version. The latest version is always the one you downloaded today.

Infected Or Not will do a free check for malware. Recommended by PC Magazine as a Top 100 Undiscovered Web Site of 2007.

Anti-Virus Protection

PC World has a post on free anti-virus programs.

Microsoft now offers Security Essentials for free which has had some very positive reviews.

Avira offers AntiVir Personal in a freeware version, as well as a more powerful pay version.

avast! 4 Home Edition is freeware recommended by SmartComputing magazine (April 2006 p. 103), has free automatic updates, covers lots of protection. It is ONLY for personal and non-commercial use — there is another paid version for other users.

AVG is no longer recommended here due to some recent compatibility problems with library software.

Too Late! Already Infected

Free Virus Removal Tools are available from Kaspersky Lab.

The latest posts on this topic are available by clicking here.



Passwords Software & Links

For the Microsoft Password Checker (to see how strong your passwords are), click here.

For the KeePass Password Safe tutorial, click here.

For LastPass online password service/freeware, click here.  (You can export your KeePass passwords into LastPass if you already use KeePass.)

The latest posts on this topic are available by clicking here.



Encryption

Sometimes you need to encrypt data to protect it from other people, such as the data for a financial program. Sometimes you’d just like to be sure that nobody else can read your information if they find that flash drive you lost. If the program or flash drive itself does not have such a function, you turn to other resources.

The latest posts on encryption are available by clicking here.



Sharing Your Computer

Not everyone gets to have their own personal computer — some of us have to share. And sometimes we’d prefer to not share everything, including privileges, especially if there are younger people in the household, or your roommate “just needs to type a paper”.

The latest posts on this topic are available by clicking here.



Maintaining Your Software

There are some basic things to do regularly, especially when your system slows or acts erratically.

  • Keep your anti-virus software updated, whatever it is. New attacks are created all the time, and even a computer left sitting running, connected to the Internet but with nobody surfing, can be infected (and has been, in tests!). Just being connected to the Internet is a risk, even if you’re not using your browser, so protect your computer and your data.
  • Check for spyware regularly. Use several of the products in the Malware and Spyware sections. Again, these programs need to be updated before you use them. New spyware is coming out all the time!
  • At your desktop, click the Start button, then Run, and type chkdsk and then OK. This will do a test of your hard drive, and identify and — if possible — repair sectors and indexes that need it. This should be done annually, at least.
  • At your desktop, click Start, then select Programs, then Accessories, then System Tools. Run Disk Cleanup (monthly is good) to remove unneeded files.
  • At your desktop, click Start, then select Programs, then Accessories, then System Tools. Run Disk Defragmenter (at least annually) to reorganize your hard drive, which will also speed it up by putting related files closer together. First, disconnect your Internet connection, temporarily disable your antivirus and firewall software, and be sure nothing else is running. This is a good overnight kind of thing — it may take quite a while. There are also some faster programs that do the same thing available on the web. Remember to re-enable your anti-virus and firewall afterwards, and re-connect your Internet.
  • Smart Computing recommends a registry cleaner such as CCleaner to remove outdated entries, files, and best of all, it’s freeware.
  • Remember to use a good backup program regularly, or else use one that automatically runs, or even one that backs up while you are working. Backing up to an external hard drive that you can detach and store away someplace else is also a good way to protect your information from theft, fire, and other problems.
  • To find out what’s actually running on your computer, use the CTRL/ALT/DEL key combination and call up Task Manager. Click on the Processes tab and see all the cryptic file names. Before you start shutting any of them down, however, check them by name at someplace like ProcessLibrary, which even offers freeware called ProcessScanner. It’s an essential, tiny, easy-to-use downloadable program that scans processes on your system and categorizes them by status, performance requirements, network usage, security threat, and source.

The latest posts on this topic are available by clicking here.


Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: