|
How much computer security do we really need?
Assuming that you have a decent set of security programs and that they are all up and running, an antivirus program like say AVG (free) and an anti-malware program like say Malwarebytes AntiMalware (free) and a firewall program like say ZoneAlarm (free) or whatever, are you sitting back feeling pretty safe? Well, I hate to disillusion you, but you aren’t. Good as these programs can be, they all seem to suffer from a lack of something. The Windows firewall for instance does little if anything to stop your computer leaking private info to a hacker. So how do you know whether you have a leak?
Well, while you are sitting there doing nothing what is your computer up to? Can you trust it?. Why is your hard disk LED flashing? Can you hear any processor activity? Why is the fan whirring? If you want to know what is going on there is a little program called What’s My Computer Doing (free) which shows you all the programs (with details) that are accessing your hard disk or using the CPU and that gives you the option of closing them or even uninstalling them.
 If it is unexplained downloading from and / or uploading to the internet that is more of a worry. The flashing lights on a modem can tell you a lot of what is going on if it is dial up, but not if you’ve gone wireless. Their lights are flashing all the time like the two computer icon in the system tray, You cannot rely on them either. Netmeter (free) will show you when there is internet activity. If you know about it, fine, but if you don’t, you will need a more advanced tool like Process Hacker to discover the source of the activity. It can pinpoint individual connections, identify the source IP address and, with the help of a free on line IP location service, its geographic location. If it’s where the hackers are (the far east for instance) you need to improve your security fast.
Having done that, can you now relax? May be, but just to be sure try running this little program Identity Finder (free) which reduces the risk of data leakage by finding and securing private information, where-ever you may have put it on your PC, knowingly or unknowingly. It can help prevent identity theft and protect your privacy. Be warned though. Make sure you are sitting down, because the findings can be both enlightening and frightening. The chances are that it will find account numbers and passwords that you thought were secure and what they are for. The point being, if it can so could a cyber intruder.
So those passwords that you so cleverly thought up can be found. Don’t you wish you hadn’t taken the easy route and used the same one(s) on more than one site, to make them easier to remember? And even if you did, how long do you think it is going to take an intruder’s dedicated software, to crack your six / eight / twelve character password? Or instead of a password you could create your own meaningless pass phrases such as ‘Eight wet crows only fly by night’. Then make it even more secure by removing some or all spaces, and add capital letters and special characters so that you end up with something like ‘8wet_crowSonly flyby-night’. Harder for a hacker to think of but hardly easy for you to remember either, especially if you have more than one. An alternative could be the highly thought of LastPass which is a truly free and will generate random  passwords for you, as long as you like, encrypt and remember them (and your personal info too). From then on, logging in and form filling is easy and can be automatic if you so choose. All you have to do is remember the one last-master-pass-word.
After all this, I hate to say it but you may still be at risk. Just visiting a website, even well known ones if they have been hacked (and they have) can get you infected. Then there’s SCAREWARE. Visit a site and up pops a window saying it has spotted something malicious on your computer and/or offering a free scan; and later a fix in exchange for your credit card number! The trouble is, if you just clicked for the free scan, the chances are that some real nasty code has already been down-loaded which could take control of your machine. How did it get past your security regime? Well, when you clicked, you invited it in and told your all security systems to look the other way! So what do you do now? The free version of SUPERAntiSpyware claims to remove things other software leaves behind. Certainly it out  performed other anti-malware products in a recent test by doing in one scan what others took two or more to do. It detects and removes Adware, Trojans, Dialers, Worms, Hijackers, Rootkits, rogue security products, of which there is an upsurge at the moment.
Probably the best advice to protect yourself against on-line fraud is:
1. Do not to leave any of your money related information in the hands of others. I know it’s convenient to store your credit card information with on-line retailers and to let them store your pass word/phrase for you. It is so much quicker to order things BUT they are no longer in your safe keeping and things can go wrong, even with IT experts like Susan Bradley MVP (Most Valuable Professional). She received an e-mail confirming a substantial payment for videos, tunes, and movies from the Apple iTunes store. The problem was she hadn’t made the purchase. She then found her password didn’t work. Luckily she managed to reset it and logged in only to find another transaction in the making! She immediately removed the auto-billing option and changed her sign in ID. Apple, incidentally, were of little help in resolving the issues like how someone had been able to access her account or in tracing who was responsible.
2: Do what I have for a long while now, have one card for internet transactions with as low a limit as your transactions are likely to require. That way the fraudsters wouldn’t be able to get much if they did manage to breach your security and it will be quicker to cancel if things do go wrong.
 You can protect yourself against e-mail attacks by checking it on line before you download it, if your ISP (Internet Service Provider) allows it. This gives you a chance of avoiding spam, viruses, phishing attacks, and other threats. Or there is MailWasher which allows you to preview all aspects of your e-mail before you download it to your computer, at the same time as learning what kind of e-mail you want to receive and adapting accordingly, and by highlighting, even auto-deleting known spam. Clever stuff. Then there is wireless security. If you have a wireless modem have you locked it down? I ask because I know within range of my network there were at least three set ups that weren’t secure! Two of them now are. Ask a friend with a notebook to check yours out.
All of which leaves me with one question. I have a pretty good idea how much I can do to improve security (the software vendors and computer magazines keep telling me - but they would wouldn’t they. They all have a vested interest. How little can we get away with? That is the real question.
Do we really need all this stuff the security experts and peddlers are pushing? Let’s run the scenario backwards. If we use the web we need a browser and there are lots to choose from. They all do the same things in more or less the same way and look very similar. The most popular is of course Microsoft Internet Explorer (IE) and that is why it is targeted most by the baddies. It also provides the easiest way to patch Windows and we all know how important that is. Or is it? A 2010 report by no less than the US Secret Service and the Verizon organization found that in 2009 of some 900 data breaches they investigated there wasn’t one case that took advantage of a non patched PC. Now there is food for thought.
To get the security of a ‘sandbox’ with IE and most of the other browsers you need an additional program, but with Google Chrome you don’t. It automatically sandboxes all your on line activities and that’s good. (A Sandbox is a secure place on your computer where programs like your browser can run but are prevented from making changes to other programs or data on your computer.)  All the browsers seem to be getting faster and they appear to be adopting the ultra-simple appearance that Chrome introduced. It may take a bit of getting used to but once you are, you’ll wonder how you coped with all the clutter.
Keeping your browser up to date, whichever it is, is important for security reasons. FireFox updates so often that it defeats the main thing I liked about it, the Add-ons, more and more of which become incompatible each time. IE has a major update once in long while with a ‘fanfare’ whereas Chrome keeps you up to date on the quiet. The only way you will find there has been a change is to check the About file in the program. Now that I like.
The next question is, taking all the foregoing into account, do I really need to buy an internet security suite? The no cost download Microsoft Security Essentials, which also rates better in recent reviews than some paid for security ware, should protect you very well against viruses, spyware and other malware. And used in combination with the firewall that comes free with Windows it should prove sufficient for most people against incoming attacks. However if you feel the need to defend yourself against any ‘phone home’ software you might allow on board then the best answer is probably the free Comodo Firewall which in trials scored better than others, including paid for ones. . .
So back to Chrome for me; and Internet Explorer or FireFox. Yes all three because each have their moments. They all get attacked and it takes time for patches to appear. With the three on board (they don’t take up much space) you can jump from whichever is vulnerable to another until a repair becomes available. Furthermore, in event of problems like slow or failed connection you can confirm whether or not it is the browser by switching from one to another. All three then for me, with MS Essentials, Comodo Firewall; and if it ever works with the latest browsers, Key Scrambler too. Another add-on available for all three browsers that I would like to recommend is WOT which is supposed to make you aware of the possible dangers on different sites but some ratings can be questionable and I am uneasy about the whole basis, so I have yet to be convinced that ‘it does what it says on the tin’.
What is left? Well, the surest thing of all. Adopt safer ways of computing. Outgoing threats are rare and to a large extent are directly related to what we allow in, so avoid suspect web sites, dodgy downloads and be wary of links and disks from friends whether of data or software. The biggest dangers? Include the word FREE in a search and the chance of ending up at a malicious site rockets. Unless you unplug your computer you can never be immune to attack but you can make it safer by adhering to some of these principles; and by making sure that everyone else using your machine(s) sticks to them as well. The better your practices the less security software you need.
But, be ready. Be ready for things to go wrong. Like it did for Mick who contacted me when he lost ALL his photos (put yourself in his place and think about it for a minute or two) not really because he accidentally wiped them when partitioning, but because he hadn’t backed them up. Back up your system and your data, to an external hard drive or home network, and know what to do when it goes down because ‘sods law’ says it still will. That way, when it does, you will get things up and running again much more quickly.
|
