This post contains some basic online security tips intended for those people who are constantly getting their online accounts compromised, their passwords stolen, their computers infected with viruses, trojans and malware; the list is seemingly endless. If this keeps happening to you, it’s time to stop blaming “the stupid computer” for getting infected and come to terms with the security problem being _you_.
In my experience the number one cause of these types of computer problems is due to the end user not being vigilant enough in the maintenance of their computer. I like to call this “The Ronco Set It And Forget It” mentality. Just because you’ve got your operating system (that’s your Windows, mom) set to auto update doesn’t mean there is suddenly an all encompassing force field surrounding it. The same applies for anti virus programs. Enabling automatic updates definitely helps, but it’s only part of the solution; You also need to use your head.
The internet is a dark and scary place. It’s full of people trying to steal from you, trying to trick you, trying to use the ignorance of the average internet user against them. And holy shit, does it every work. Well. And often. From hijacking online ad servers, to exploiting Adobe Flash, it’s getting to be an every day occurrence. Thinking about what you are clicking on, and what email attachments you are opening can save you some headaches down the road. I know it seems stupid, but the average web user makes some pretty poor assumptions about the quality and security of the links and files they receive. Here are some tips I hope can help improve upon the security of the average user’s system.
1. Use Google Chrome. The almighty Google’s browser is frequently updated and includes it’s own flash player that gets updates out faster than Adobe does. If you go this route, I would also suggest you Uninstall the Adobe Flash plugin from the “Add or Remove Programs” section of Windows.
2. Use SumatraPDF Reader. It’s a free and open source Adobe Reader alternative and lacks the same exploit paths found in Adobe Reader. I’ve been using it for quite some time and it keeps getting better. It even has a browser plugin for the major browsers so you can view your PDFs from there if you like. Again, if you want to give this a shot, get rid of Adobe Reader from the “Add or Remove Programs” section while you’re at it.
3. Use a reputable anti virus application. There are a number of free AV apps out there, many of them are very good. In the past I have recommended Avira as a quality free anti virus application, Microsoft’s Security Essentials has gotten very good reviews and it integrates quite nicely into Windows 7. Of course there are a number of other anti virus and security applications that are just as good if not better than these free offerings, your local computer store should have a reasonable selection of paid solutions if you prefer to go that route.
4. Keep your applications up to date. This goes back to the “set it and forget it” mentality I mentioned in the beginning of this post. Not all software auto-updates itself, and you should never make the assumption that it does. You can usually find the version of whatever application you are using in the “Help” menu section, under “About” or “Version” or something along those lines. Not every application is going to follow this method, but for the most part it should show you want you want to see. There may even be a “Check for updates” options somewhere, it would be a good idea to click that if you see it somewhere in whatever app(s) you are using. If all else fails, visit the home page of the application and look around for any update or download links. Running the latest stable version of any software is generally a good choice.
5. Try using an alternative to the “Microsoft Office” suite of applications. There _are_ other office apps out there that are just as useful and functional, some even free. I’ve been using LibreOffice for a while and it works great for my needs. Your milage may vary of course. Google Docs also offers much of the office suite functionality from right inside of your browser. I use it for sharing documents and it’s great.
6. Don’t download pirated/cracked/warez software. If the majority of the software on your computer comes from warez/torrent sites or your “computer buddy”, it’s likely your system is already compromised. Unless of course your “computer buddy” is giving you reasonable advice and not giving your burnt dvds they downloaded from The Pirate Bay. In today’s world, there really is little need to be obtaining software through these methods. If you don’t want to pay for something, there’s a good chance a free alternative is available if you look around for it. Search Engines are your friend in this case.
7. Check your security and information sharing settings on any websites you have an account on. This includes Facebook, Twitter, Hotmail/Windows Live, GMail, and so on. If you have to log on to a site, there’s a good chance they have security and account settings you can modify in your user preferences. They all provide useful help if you are unsure of any of the settings. Something like this will take you just a few minutes for each site you’re on, and will ensure only the information you want to publish is published. Keep in mind the majority of sites with memberships (even those pr0n sites you have in your “secret” bookmarks folder) are making money selling ads, and the more information they can obtain about you, the more targeted the advertising becomes. So by default sites like Facebook want to be able to share as much information about you as they can with their advertising partners. This isn’t necessarily a bad thing, but something to be aware of. You can for the most part control at least a portion of what you want to make available to these kinds of sites.
8. Stop checking your webmail/Facebook/whatever site from a computer or device that’s not yours. Assume the worst about the condition of their systems security, it’s probably compromised. It’s 2011, grab a smart phone and check your stuff on that, or get a USB stick and put a “Live OS” on it (A topic for another post!) and boot into that instead. Grandma won’t know the difference anyway, just remember to reboot her system back into Windows XP or she’ll be wondering what happened to all the pictures of her cats.
I hope that helps at least someone (mom?) out. Until next time.