Programming, researching, hacking and digital news.

This is not an expert’s guide, even though we’ll go beyond the usual information on e-mailing security (I don’t even feel like going into it). It will make your work around computers a lot “healthier”. I mean you to share this with as many colleagues/friends as possible, and I hope I can contribute, even if just a little bit, with making computers’ usage smoother by spreading just a tiny bit of knowledge with those who aren’t necessarily interested in the technical aspects of these systems (but do, as all of us, rely on those systems to survive). So let’s get started. This is intended for Windows users. Here’s what you should always do:

 

1. Keep whatever software you have installed up to date.

This includes your operational system (whichever it is, I don’t care), but don’t forget your work tools too. Buggy software is one of the major causes of security breaches around the web. This is one of the reasons why companies will release frequent updates for their products (besides, for example, adding functionalities). Keeping up to date will never get you rid of all vulnerabilities, but the more holes you can fix, the better. Don’t turn off automatic updating.

2. Don’t use an Administrator account to perform usual tasks.

Having higher rights over the operating system’s tasks, such accounts should only be used for maintenance/upgrading. Whenever you “double click” a program, the OS runs that program applying the current logged user’s rights to perform the program’s tasks. If they involve malicious/dangerous activity, you don’t want them to be executed with high priviledges, do you? This applies not only to e-mail attachments (like some people believe), but also whatever sort of task (such as a document’s macro, a website’s script, etc etc etc) is performed. Also, when I say “high privileges”, I mean having the right to shut down certain processes, access certain hard drive (and memory) locations and others. So, what you should do is create another account, with User rights, and use THAT account to do all the working/surfing/gaming/whatever. Windows’ policies will prevent most common malicious codes from taking over a computer when they’re run under User rights.

3. Antivirus Software

Keep it turned on and up to date (again). Let it perform the routine scans (which are set by default on most antiviruses). Good antivirus software will employ heuristic analysis. In basic terms, heuristic approaches try to detect threats without necessarily comparing code to a database of well known malicious examples. You can configure your antivirus software to perform scans and updates at times when you know you might not be using the computer, so as to not be bothered by that. Whichever way, I’d say you should update your antivirus at least on a daily basis. Full system scans should be periodical, even though they don’t have to be as frequent.

4. Firewall Software

It’s more important than most people think. Even though sometimes configuring firewalls is a task involving some basic/intermediate networking knowledge (I’m not saying it’s an easy task. I know there’s tons of ways to configure them), it’s worth spending a few hours trying to understand how to use them. Firewalls will help you when antiviruses fail. If a threat isn’t detected by the antivirus, and malicious code is executed, and somehow the code gets over the OS’ security policies, then the firewall may be the only remaining defense you have left. Firewalls act on grounds antiviruses usually don’t. Have one, and a good one.

5. Security Software in General

Do your research before choosing your defenses. There’s tons of info on all possible products over the internet, and you should definitely take a look at some of it to make an informed choice. By the date of this article, a good pick is Comodo Internet Security, which includes an antivirus and firewall, and can be downloaded for free here. Besides the two kinds already mentioned, there are spyware cleaners, ad removers and a whole myriad of scanners which serve the same purpose: to scan and eliminate potentially dangerous files from your harddrive. A name that comes to mind is Lavasoft‘s Adaware and Spybot (this one can be found here).

6. Make file extensions visible

All Windows versions I can remember come, by default, with an unnecessarily insecure option enabled: hiding extensions for known file types. You don’t want this activated. You wanna be able to see, with no doubt, what a file’s extension really is before executing it. Don’t trust ICONS, trust EXTENSIONS. An executable file (.exe, .com, etc) can have its icon changed to look like a JPEG or an MP3 file. To do this in Windows XP/Vista/7, open any folder, go to Tools (if you can’t see this menu bar, press ALT and it should show up), Folder Options, View, and DESELECT the option “hide extensions for known file types”. You should now see the extension of all files on your account. If this isn’t how you do it on your Windows system, look it up – it’s important.

7. Choose a Safe Browser

Up until now, the safest browsers have been the least used ones. The downside of having a safer browser, though, if you follow this rule, is that it might not be compatible with a good amount of webpages out there (which will invariably be designed to work well on the most popular browsers, for obvious reasons). The trick is to find one that has both good rendering, security policies AND isn’t really popular. Staying away from IE and Firefox is, in general, a good idea (at least for now). Chrome seems to be the current best choice security (and performance)-wise.

Do look up on something called your “unique google chrome ID” though. Basically, every google chrome installation has a unique user ID, so an exact profile of a user could be built if data is collected. If you wanna make sure you don’t have your activity tracked (and you should), check out these links, which will tell you about this ID and also about how to remove it after installing the browser:

http://www.ghacks.net/2008/09/07/google-chrome-anonymizer/

http://www.google.com/support/forum/p/Chrome/thread?tid=5d2b3616cbf7ca06&hl=en

http://www.chromeplugins.org/google/chrome-talk/unique-chrome-id-install-7472.html

 

8. Passwords

I won’t dive into this too much, but choose relatively safe passwords and do not recycle them for sensitive accounts, or accounts which could compromise sensitive accounts/data. This is so utterly important, yet it remains one of today’s main security issues. If you’re interested in knowing a good method for creating uncrackable – yet easily rememberable – passowrds, refer to the post called “Crack THAT.” on this very same blog. Just scroll down there. Don’t write passwords down and don’t keep a text file on your harddrive with all the passwords to your account. That is insane.

9. Backups

Back up your work. Accidents happen, and everyone will eventually experience a crash, infection, or even a physical incident with their machines, and it’s great to know that most part of what you were working on was safely stored elsewhere.

10. A word about tech support

If you need to send your computer to tech support, try as hard as you can to erase any important/sensitive data you might have on the harddrive. Unethical as it is, most people who fix computers also take their time to go through the disks and look for anything “interesting”. This might not necessarily jeopardize your finances/relationships, but it’s always good to know you’re not just granting access to a complete stranger to whatever private information you might have on there.

 

I didn’t necessarily intend this to be a 10-item list, but it ended up being so, and so be it. If I remember any other useful tip, I’ll append it. If anyone has more basic yet fundamental tips that I have not yet mentioned, please share and I’ll post it here after verifying its validity. And that’s that for tonight.