Wednesday, November 25, 2009

Circle the wagons

It's a wild web out there. Largely unmapped with outlaws lurking in every shadow, it's been said that an unprotected computer will be compromised within 15 seconds, but that is probably an exaggeration. A USA Today study done in 2004 - very old by Internet standards - found that unprotected computers were compromised in minutes. It hasn't gotten better in the last five years. It used to be safe to stay on the 'main path,' but that's no longer true.

We're going to go over a few simple things you can do to protect yourself when you venture out into the outlaw known as the Internet:

1. Get a firewall. Most modern operating systems such as Windows (XP and up), MacOS X and Linux all come with a firewall, and it is usually on by default - but check it. That firewall is good, but it is even better to get a hardware firewall. If you have a router, you probably have a firewall. If you don't, getting one is as simple as going to your favorite electronic store (Best Buy, Wal-Mart, etc) and buying a router. Most router default settings leave something to be desired, but that's a post for another day. Usually the manual is on a CD in the box and has instructions for turning on security features. The actual method will vary with manufacturer and sometimes even different models from the same manufacturer will have different ways of doing things.

2. Create strong passwords. strong passwords use letters, numbers and special characters. Pass phrases are even better. They can be easier to remember and harder to guess or crack. But "ILoveMyWife" isn't much better than "Lenore!@". No, my wife's name isn't Lenore. Here are some password creation tools:

  • Windows: Atory Password Generator Freeware password generator that creates passwords as secure and as long as you want.

  • MacOS: Make-a-Pass A Dashboard Widget that creates passwords as secure and as long as you want.

3. Save your passwords, either in your browser or in a password manager. For many years wise men (and women) said not to allow your browser to save your login info because if someone compromised your browser got on your computer (with or without your permission) they had your password. While that is still a concern the increase in trojan keyloggers makes that the lesser of two evils. If you don't hit the keys, a keylogger can't log them, and on home computers getting a keylogger is often the greater threat.

4. Keep up to date anti-virus and anti-spyware. Today it isnt' unusual for a big name site to be compromised and spreading malware, so surfing unprotected is a bad idea. My favorite anti-virus programs are avast! Home Edition and AVG Free. For anti-spyware I use Spybot S&D and Adaware.

5. DON'T CLICK THAT LINK! Be careful where you go. I went for years without Anti-virus on my PC. My firewall provided all the protection I needed. Then a guest started coming by and using the computer. He went to Java game sites and picked up 2 or 3 bugs every day. So I had to get anti-virus to protect my network from him. You can't count on any site being safe, but why go to high risk sites?

That's enough for today. The rest of the week will probably be pretty light weight, but we'll get into a few more of the basic ways you can protect yourself next week.

[updated at 7:20am for clarity and additional information and at 2:00pm 11/26 because I reread it and it didn't say what I meant to say]