Tuesday, June 28, 2011

System Security

About a year ago a family member's email account was hacked. I thought I knew a lot about security before that, but this incident taught me even more, which I thought I'd share. First is my list of general security recommendations.

  1. Absolutely positively do not use Internet Explorer. Most viruses are targeted at IE, so don't use it. Not only that, but IE has been proven to be the slowest, most resource intensive, and has the least standards compliance of all the browsers. I suggest Firefox as my first choice or Chrome as a close second.

  2. If you decide to use Firefox (excellent choice), use the Add-Ons section to add "AdBlock Plus" to enhance the security even further.

  3. Run Windows Update to make sure your system is fully patched and updated.

  4. Make sure your firewall is turned on. In Control Panel look for Windows Firewall. Make sure it's enabled. Also, check the Exclusions tab, each exclusion is a potential security hole, consider removing the exclusions.

  5. Part of me has a hard time suggesting AntiVirus software. Often times this software is so invasive it's almost as bad to run the software as it is to have a virus. If you're careful about what you do on your computer, you can get by with no AV program. At home I've gone 15+ years with no antivirus software and I've never gotten a virus. However, if you'd feel safer with software in place, I suggest Microsoft Security Essentials. It's free, it's fast, it's pretty darn good. What I like about MSE is it has a simple clean user interface, and I love the fact you can set the program to not actively scan your system if you so desire. This means it won't slow your system down all the time, only when you decide to run a scan.

  6. Download and occasionally run SpyBot Search & Destroy. This program scans for malicious programs that many antivirus programs don't scan for.

  7. Download and occasionally run RootkitRevealer. This program scans your system for rootkits which are incredibly devious viruses that are impossible to detect with normal antivirus programs. I've heard great things about the rootkit detector IceSword, but I've never used it myself so I can't recommend what I've never used.

  8. If your DSL or cable modem connects directly to your computer, consider buying a small home router like those from LinkSys, D-Link, and NetGear. Having a router between your computer and the Internet is an extra layer of protection. If you have a home router, check for updated firmware from the manufacture. These routers can have security holes, so check for updates to make sure you're fully protected.

  9. It never hurts to have longer more complex passwords.

  10. Whenever logging into a web page, always check for a secure connection. On the page where you enter your password, if you do not see "https://" at the top, do not login. If it only says "http://" without the "s" then do not login, someone could capture your password. This is true for any logins on the web, whether it's your email, utilities, forums, bank, etc.


Those are my general guidelines and recommendations for avoiding problems on your computer. Now my family member's email was compromised through no fault of their own. It got me to thinking about what they could have done differently to protect them more from this happening.

  1. Do not use a web browser to check your email. You might be tricked into giving up your password on a "phishing" page. This is most likely how the account was compromised. Instead use a program on your PC to check your email (more on that later).

  2. Move all of your email and addressbook info from your online account to your computer. That way if someone does hack your account, there are no emails or contact info for them to exploit.


So as I said, I suggest using a program to check your email. You could use Microsoft Outlook, but I would recommend against that. Just as most Internet viruses target Internet Explorer, most email viruses target Outlook. Instead I suggest Thunderbird, from the same makers as Firefox. When you set up Thunderbird have it delete emails from the server after it downloads them. This will ensure there are no emails online, everything is stored on your PC.

As computer security continues to improve, that makes it harder for people to hack into your system. By far the "weakest link" in the system is the user. It's far easier to trick the user into compromising his security than it is to forcibly hack into a system. But this also means you as a user need to be mindful of what you're doing. You cannot forget about security concerns and trust the computer to protect you. You must take an active role in your own security.

No comments:

Post a Comment