|
Key to Safer Surfing
 As you may know one of the
most dangerous types of spyware is keyloggers. These are small programs that
gets onto your PC, usually through an infected website or email attachments,
and silently monitors everything you type on your keyboard. Basically they’re
looking for passwords and PINs, which are sent back to mothership so they can
rifle your bank account and hijack emails, social media accounts and so on.
Keyloggers can be difficult to detect but here’s a simple little program that does
just that, nothing else, so if it finds anything you’ll have to deal with it
yourself. It’s free, it’s called KL Detector and it works
on Windows XP and above. All you have to do is install and run the program and
it sits quietly in the System Tray, looking for any suspicious activity, such
as the creation of log files – recording your keystrokes. The idea is to leave
it running for around ten minutes, while you type a few words in Notepad and WordPad,
doodle in Paint, hit a few numbers in Calculator and visit a few websites.
(Your anti virus software needs to be temporarily disabled). If it senses
anything untoward the icon in the system tray changes colour and clicking it
presents you with a report of what it has found, so fingers crossed….
06/05/13
Flashy Lappy Lock
 How secure is your PC or
laptop? The logon password only deters casual snooper and is easily overcome,
if you know how, but here’s a neat little freeware utility that adds another
layer of protection, and you don’t have to remember any passwords. It’s a
physical key, and since only you have it, no one else can login in to your
computer. You may have noticed that your PC doesn’t have any keyholes, but it
does have USB sockets, and this is where your key fits. VSUsbLogon converts an ordinary USB flash
drive into a high security electronic key. To use it all you have to do is
switch on your PC and when you get to the logon screen, insert your USB key and
Windows opens. If you like you can make it even safer by setting a PIN code.
It’s easy to set up and use, but keep your wits about you during installation,
as there’s an offer to install a browser toolbar, just click Cancel if you
don’t want it.
08/04/13
Pass Friend
 We probably shouldn’t tell
you about this little freeware utility program but if you promise not to use it
for nefarious purposes, and are genuinely forgetful, then Windows
Password Recovery might one day get you out of a lot of trouble. If fact it
doesn’t do what it says on the tin, and it won’t recover a forgotten Windows
logon password, that’s a bit more involved, but it does the next best thing, which
is to blank the Administrator password, so you can get back into Windows.
Regular readers may recall that this feature has been available for some time
on under-the-counter software, but this one looks much more respectable, and is
a whole lot easier to use. It works the same way though, and the first thing
you have to do is burn a Recovery CD, which creates a Linux boot disc that’s
used to start PC and launch the toolkit. Select the Password option and a few
clicks later the old password has been blanked. This disc contains a number of
other tools, for recovering lost or deleted data, and creating a disk image or
clone. Altogether a very useful package and definitely something you should
keep handy, just in case...
25/03/13
Freeze Out Felons
 We’ve all see it a thousand
times in the movies and on TV; the secret agent, bad guy or disgruntled
scientist – delete as applicable -- breaks into an office, plugs a USB drive
into a computer and downloads files vital to the plotline. The trouble is this
also happens in real life, and USB drives make it really easy to quickly steal
large volumes of data from PCs, transfer viruses, infect machines with malware
and spyware and generally do all sorts of bad things to computers. Unless you know
your way around the nether regions of your PC, there’s not much you can do
about it, or is there? Well, here’s one simple way to keep out nosey parkers,
it’s a small freeware utility called Phrozen
Safe USB. Once installed it gives you there simple options: do nothing and
all USB ports operate as normal; make USB drives read only, so you can see
what’s on the drive but files cannot be copied, stopping viruses and other
nasties in their tracks; and disabled mode, which makes drives and their
contents invisible so nothing can be moved in or out of your PC. There’s also
an option to start Phrozen Safe with Windows, though this might need a little
work from the developers as it requires Windows User Account Control to be
disabled, which some users or administrators might not be comfortable with,
though presumably they’ll be even less happy if their data is stolen or the PC
becomes infected…
25/02/13
Rooting Out Malware
 Staying on top of the
ever-present threat of malware is a never-ending chore as newer and smarter
methods are developed of infecting our PCs. One of the most pernicious tools
used by the malware community is the Rootkit, a family of stealthy programs
designed to hide inside websites and downloads. That can be remotely controlled
and instructed to tell your PC to send out spam messages, and you may never
knows it is happening because they are good at covering their tracks and
bypassing conventional malware detection programs. Enter stage right a new
weapon in the fight, the Bitdefender
Rootkit Remover. It’s a small freeware program (X86 and x64 bit versions
are available) and it actively seeks out the most widespread rootkits,
including such notable nasties as Alipop, Cpd, Fengd, Fips, Guntior, MBR
Locker, Mayachok, Mybios, Mebratix, Plite, Ponreb, Niwa, Necurs TDL/SST/Pihar,
Ramnit, Stoned, Whistler XPaj Yoddos, Yurn and Zegost – new definitions will be
added as and when they are discovered. A typical scan takes just a few seconds
and if anything is found it will be removed, and you system cleaned after a
reboot.
11/02/13
Java Jumble
 There is a great deal of
confusion surrounding the recent warning that a security loophole had been
discovered in Java 7. Quick as a flash news spread around the web and social
media, and like a Chinese whisper it changed from a simple caution into a
global meltdown. Part of the reason for the panic was that Java, was being
mistaken for JavaScript, resulting in lots of PC users mistakenly disabling the
latter in their browsers, and uninstalling Java from their computers. So let’s
try and put things straight. Java, developed by Oracle is a known as an Object
Oriented Programming language or OOP, used to create applications that run
inside programs or browsers. JavaScript is a scripting language for media
content in browsers, using plain text, and it is not associated with the
current threat. So how much of a problem is it? The exploit undoubtedly exists
though how widespread it is, is very difficult to gauge but already Oracle has
released advice
and an update Apple has disabled Java, and Mozilla is pointing Firefox
users to an add-on called Click To Play, that stops Java plugins
installing. So should you panic? No, but it’s as well to play safe and if you
don’t think that you need it on your PC, and most users probably won’t miss it,
then it’s worth disabling Java on your PC and any Java applets in your browser,
until the dust settles. The former can be done from the Java dialogue box
(security tab) in Control Panel, which there’s advice for Firefox users here.
Once again, this doesn’t warning affect JavaScript in your browser and
disabling it will stop some website features from working.
21/01/13
Don’t Pay The Ransom
 According to Microsoft the
number of malware infections on Windows Vista and W7 PCs is well below that of
old operating systems like Windows XP, which is obviously good news, but there
are plenty of other threats to be concerned about, like Ransomware. This is
software that by one means or another, gets on to your PC and then proceeds to
blackmail you into to paying a fee to get it removed or your machine stops
working or files are locked. Some of these programs can be almost impossible to
remove using normal techniques and plenty of suffers have either had to bite
the bullet, and stump up, or wiped their drives to get rid of it. There may be
another solution, a freeware tool called Anvi Rescue Disc.
Basically it’s a specialised Linux distribution that boots your PC from the
Anvi Disc in your CD/DVD drive. It is specially configured to seek out and
destroy the most common Ransomware infections, and as an added bonus it allows
you to access the files on your PC, so if it cant help you tackle the intruder
you can at least copy important documents to a flash drive. The download is a
zipped ISO file and all you have to do is use a freeware utility like Imgburn to create a
Rescue disc on a blank CD. If you get caught simply pop the disc into the drive
and boot from the CD/DVD drive and click the Scan button. As an added bonus the
download also includes a USB Flash drive version, in case your CD/DVD drive is
also locked or you are using a netbook or ultra slim laptop that doesn’t have
an optical drive. Defintiely one to keep handy in case of accidents or you get careless..
14/01/2013
Click It Clean
 Not that you have anything
to hide, but web browsers do handle a lot of information, much of it private or
personal or just plain none of anyone else’s business so you wouldn’t want it
hanging around for anyone to see, would you?
You’ve probably enabled the basic
clear history features in your browser, but the History file is only one of the
places where browsers store information, and if you are using Firefox, there
are lots of cache’s, temporary files, cookies, Local Shared Objects (LSOs),
open tabs and URLs all over the place, so here’s a way to purge them all, with
just one click.
Appropriately enough it’s called Click &
Clean and it’s a free add-on for Firefox, and it can even be set to do the
deed whenever you exit the program.
07/01/13
Sixty Second Scanner
 It sounds a bit improbable
but Bit
Defender’s 60 second Virus Scanner promises to sweep your PC for nasties in
around a minute. Needless to say it is impossible to carry out a full virus
scan in that sort of time, not does this program do anything about an
infections it finds, and just points you to commercial software for removal,
and it took a couple of minutes to complete on our office PCs but if you’re a
boots and braces sport of person then it doesn’t hurt to get another opinion on
the security status of your computer. The program itself is quite small and
rather than install vast virus definition libraries on your PC it uses Cloud
technology to analyse key areas of your system. By the way, there’s no need to
switch or uninstall your existing security software as it works quite happily
alongside the main AV and anti malware programs. Okay, it’s not going to
replace proper security software, but it is quick, and free, and you never
know, it might just find something that your full time anti-virus program
missed.
10/12/12
Spybot’s Back!
 Here’s a real blast from
the past, one of the first and once again, one of the best anti-malware
utilities has been revamped and has just finished it’s beta trials. It’s Spybot Search and
Destroy, version 2, and first impressions are that it’s now even better at
seeking out the nasty little infections that even the most cautious PC users
can sometimes pick up. There’s an all-new user interface offering a number of
new options, and they are all easily configured to suit your way of working,
and risk factors. Scans can take a while – it was over 50 minutes on one of our
well used office PCs -- but it’s clearly probing deeply, and thoroughly into
the innermost recesses of your filing system, where some of the really sneaky
malware programs lurk. There’s a quick scan option too, which you can use for
follow up checks, once you’ve carried out a deep scan. After it has finished it
presents you with a list of the threats it has found and you can decide which
of them are real, and those, which may be false alarms, you can then fix any
problems it has found and be reasonably sure that your system is as clean as it
can be.
26/11/12
Security, By The Numbers
 Okay, so you have the
latest anti-virus and malware software, a decent firewall, and you never open
unsolicited email attachments, but when push comes to show, just how safe is
your computer? Hopefully it will never be tested in anger, but there is a way
you can run a quick check to make sure that all of the critical elements are in
place and working. It’s a free tool called Opswat Security Score
and it runs through a batch of tests that includes your AV software, firewall,
hard drive encryption, file sharing, anti-phishing, patch management and
backups. It only takes a couple of minutes and at the end of it you see an easy
to understand colour coded pie chart, with scores for all of the components
tested, and an overall rating that and log, that you can save, and use to
compare with later scans, to check if the improvements you’ve made are working.
The program is small, doesn’t need installing and will even run from a flash
drive, so you can quickly check all of the PCs under your control.
19/11/12
Defeat the Drive Bys
 Working on the assumption
that you can never have enough protection for your PC, here’s another security
program that you might like to add to your defences. It’s called ExploitShield,
it’s free and it specifically targets one of the most devious types of browser
infections, often referred to as the ‘drive-by’ exploit, which can get on to
your PC simply by visiting a website. These nasties include such notables as
the Blackhole Exploit Kit, Phoenix, Incognito, Eleonore, Sakura, etc., and they
lurk unseen inside things like Java scripts and Acrobat files. ExploitShield
runs in the background constantly on the lookout for threats and it blocks,
quarantines and automatically alerts you of any attempts to infiltrate your
machine. It keeps a full set of logs so you can keep tabs on what’s been
happening to yours, and all of the other PCs in your home.
22/10/12
Cover Your Tracks
 We’ve said it before and
we’ll say it again, your PC is constantly spying on you, recording your every
move, every document you’ve opened, every website you’ve visited, it stored
deleted files, which can be recovered and it probably knows what you are
thinking as well. This sort of thing can be quite troubling, even if you
haven’t got anything to hide, but it doesn’t have to be that way. You can curb
your computer’s nosey habits and its enthusiasm for logging everything that you
do with a freeware application called Anti
Tracks Free Edition. Here’s a few of the things it does; it wipes all web
browsing, Windows and application usage history, permanently and securely
shreds files, and previously deleted files and folders, hides files and folders
that you don’t want others to see. There’s also a ‘watch out the boss is
coming’ mode that hides programs and files you’re working on with a single
keystroke when someone you don’t want to see what you are up to comes into the
room. Sneaky stuff and well worth a look, even if you are not paranoid…
10/09/12
Ghost Surfer
 The Internet is becoming a
scary place. It’s not just the crooks and villains out to steal your bank
details, but the looming presence of multiple Big Brothers snooping on
everything you do. We know a bit about what Governments and security folk get
up to bit it’s all the other commercial organisations we have to worry about as
well, that take an interest in everything you do, from the contents of your
weekly shopping basket to your gripes and moans, photos and friends on Twitter
and Facebook. It doesn’t have to be like that, though, and there are ways you
can stay anonymous on the web and if you fancy seeing what it’s like to drop
off the grid have a look at CyberGhost.
It’s a free VPN or virtual public network that hides your IP real address
making it appear that you are in a completely different location or even
another country. The free version is not quite industrial strength and you have
to register with an email address, but it is enough to keep the regular snoopers
and low life nosey parkers from watching what you are up to, and there’s the
option to upgrade to a more powerful paid-for version is you like what you see.
The free version has a few other limitations and you can’t send emails but
there are ways around this and there are plenty of useful hints and tips for
preserving your privacy.
23/07/12
Clean Up Your Privates
 What secrets does your PC
store about you and your web browsing habits? I’m not just talking about the
odd smutty website that you might accidentally stumble into, but all of the
other information that we reveal about ourselves online, from bank account
details to purchasing goods and services, that quite frankly are no-one else’s
business but your own. You would be gob smacked at just how much information
your PC has about you, and we’ve looked at several cleaners in the past that wipe
clean the many hidden and protected files that store this sort of information,
and here’s another one. It’s a freeware utility called Privazer, and on the
evidence so far, it looks like it could become a must-have classic along the
lines of CCleaner and the venerable and much missed Spider. In addition to
eradicating data held in the sneaky index.dat files, it gets down and dirty
with a number of other often overlooked repositories in the Registry, and it
even gives external drives and memory cards the once over, recovering lost
space and cleaning up old or outdated entries as it goes. The first scan can
take a while – it does a very thorough job – but thereafter scans only take a
few minutes, or you can schedule a cleanup when you’re not using the PC. All in
all a very impressive piece of software, and you have to wonder how long it
will be free as in-depth cleaning at this level is something many people would
be happy to pay for!
16/07/12
Keep It Safe
 How many passwords and PINs are you trying to keep track
of? If you are anything like us you probably at least a dozen and probably a
lot more, so how do you remember them all? The worst possible method is to
write them down on a piece of paper. It’s just asking for trouble, either
you’ll lose it, or it will be seen by others. Either way your security is
compromised and you’ll be in for a lot of grief. So what’s the answer? Easy,
you need a small program to store all of your passwords, and keep them safe by
encrypting them but make them simple for you to get at with a single master password.
There’s no shortage of such programs, but here’s one that’s particularly easy
to use, and it’s flexible too; you can store just about any type of password,
and if you have trouble creating new ones it’ll even help with that with its
built-in password generator. It’s called Password Safe and it’s
completely free Open Source software with no strings or hidden tool bars, give
it a try, you will be impressed!
02/07/12
More Free Protection
 It seems unlikely that
there’s anyone still out there with an unprotected Windows PC, but just in case
there is, or you are unhappy with your present security software then here’s
another free antivirus program for your consideration. It’s called PCTools Antivirus Free,
it comes from Symantec and it’s a collection of basic antivirus and malware
utilities that should provide a fair amount of protection against nasties. The
only thing to watch out for is that it installs a browser toolbar without
asking first, but it’s easy enough to remove from the add-ons menu. We also
found that it was quite resource hungry, so it might not be the best option for
an older PC, or if you are short of memory. For the record our favourite free
AV program remains Microsoft Security Essentials but if you want to try something
different, it may be worth a look.
25/06/12
Safer USB Sticks
 When you consider how much
time and effort we put into protecting the data on our PCs it’s surprising how
easily it is all forgotten when we use USB memory sticks to store or move files
from one PC to another. A growing number of memory sticks and flash drives from
the better known manufacturers come with some form of password protection or
encryption software but the vast majority remain unprotected, so any files they
contain can be easily opened if the drive is lost or stolen, so what can you
do? Simple, download a freeware program called USB Flash Security. Once
installed on the drive is locked and will only be accessible when the correct
PIN or password is entered. Any data stored on the drive is encrypted so even
if anyone manages to get past the lock it won’t be readable. The only
limitations are that the free version can only be used on drives up to 4Gb
capacity, and watch out for the offers to install toolbars when you download
the program, just remember to select the Custom Installation option and uncheck
the boxes if you do not want them.
11/06/12
Norton Safe Giveaway
 Norton are not known for
giving stuff away but here’s a rare opportunity to grab yourself free browser
add-on for securely storing your passwords and PINs and anything else you want
to keep secret. What’s more, providing you do it before October, it promises it
will be free forever, and apparently there are no strings attached, but we have
no doubt that a paid-for version is waiting in the wings, so don’t hang about… Norton Identity Safe is a cloud
service, which means that all of your data is encrypted and uploaded to a
remote server, so they are protected and you can’t lose them, even if your PC
or laptop is stolen or blows up. This also means that you can access your ‘safe’
on any web-enabled device, anywhere in the world – so it’s ideal for keeping credit
card details in case of loss or theft. The only thing to watch out for is that
we found it switched off automatic password login in Firefox, which can get a
bit confusing, especially if you decide not to use it, but it’s a simple matter
to turn it on again from the Tools menu.
21/05/12
Mind Your Own Business
 With all this talk of
tracking cookies and changes in Google’s privacy policies it’s no wonder web
users are becoming paranoid about who’s watching them online. Well, here’s
another way you can keep your browsing activities to yourself, and that’s a
free add on for the most popular browsers, namely IE, Firefox, Chrome and
Safari. It’s called DoNotTrack
or DNT. It is set to recognise more than 600 trackers, and is automatically updated
as more of them are found, but the really interesting feature is that it keeps
you in the loop, with an icon on the browser’s toolbar that shows how many
tracking cookies it has found and blocked on each web page. If you click on it,
it tells you who they are and whether or not the site contains any social or ad
network buttons, that can also keep an eye on what you are up to. You’ll be
amazed at what’s going on, and yes, you are right to be paranoid…
12/03/12
Cleverer Cleaner
 There are more PC cleaner
utilities than you can shake a stick at and many of them are a complete waste
of time. Of course there are exceptions and our long-time favourite is the
venerable CCleaner, which gets rid of those pesky hidden index.dat files that
your PC uses to secretly record your web browsing activities. Here’s another
freebie utility that’s worth checking out. It’s called Xleaner and it’s main
selling point – not that it will cost you anything – is the enormous range of
options and applications that it targets. Before you jump in, though, be warned
that it’s not for novices and it lets you zap a lot of things that you’ll
either regret, or are best left alone. It cleans up all of the obvious and not
so obvious log files in Windows (including index.dat) plus the history and
cache files of all of the main browsers, it also deals with MS Office and there
are tools for checking your memory and hard drives. The only point to watch out
for is be careful where you click when you go to the download page. There are
lots of other items on the page and you can easily be led to products and
services that you may not necessarily want.
27/02/12
Winking Good Security
 There’s been a lot of talk about facial
recognition and security lately, and it all sounds very interesting, but
perhaps a bit futuristic and high-end and not for the likes of you and me.
Well, not any more, and you can try it for yourself with a free piece of
software called KeyLemon. The basic free
version of the program takes over the Windows Logon, and instead of entering
your name and password (you can still do this, by the way), you simply look at
the webcam and it matches your facial features against its records and if you
are who you claim to be, it lets you in. You can’t fool it either, using a
photograph as it asks you to blink your eyes, and it tracks changes in your
face by automatically recording one image of you each day. The more
sophisticated paid-for versions can do all sorts of other tricks, like logging
on to your Facebook, Linkedin and Twitter accounts, it can also be set to take pictures
of anyone who tries to use your PC without your permission. Face it, you want
to try it out…
30/01/12
On Guard Offline
 More Microsoft generosity,
this time it’s Windows Defender Offline, a new tool for checking and zapping
malware and rootkit infections on your PC. As the name suggests, it works
off-line, and outside of Windows, by booting your PC from a USB drive or CD/DVD
that is created from the download. This means it can scan all of the nooks and
crannies of your operating system that are difficult, or impossible to get at
when Windows is running, and catch the sneaky little beggars that defy normal
detection methods. The program isn’t due to be launched for a while but you can
give it a road test by downloading the pre-release
Beta. This is pretty much the final version, though of course it comes with
the usual disclaimers for beta software.
12/12/11
Microsoft Security Survey
 How secure is your computer and how good are you are
identifying and protecting your PC and identity against online threats? You may
think you are being careful, but the reality is far too many of us allow the
bad guys to infect our machines with viruses and malware or are careless with
our personal information and financial data, so how do you find out if you are
at risk? Easy, take the Microsoft Computer
Safety Survey, it’s a series of simple questions that asks you about the measures
you’ve taken, your security settings and your online behaviour. At end you get
a score, with advice on how you can improve on it. It only takes around five
minutes and it’s time well spend that could save you a lot of grief.
14/11/11
Comodo Cleans House
 Comodo have been around for
a while producing a very decent free Windows firewall and anti-virus software,
but did you know they also have a System
Cleaner? Well, they have, it’s free and it removes corrupt Registry
entries, deletes duplicate files and orphan archives, zaps pesky history files
and trails plus, so it claims, speeds up your PC by clearing out the junk. Now
as you know we’re always wary of such claims but as cleaners go this one seems
innocuous enough and doesn’t do anything drastic without your say-so. It
probably will help pep-up really well used PCs that haven’t been cleaned before
and are a bit sluggish, but as always, do not expect miracles.
26/09/11
That’s Mr, Not Dr Who
 How many times have you
visited a website and wondered who is behind it? This is something you may need
to know one day, if you buy something online and it doesn’t turn up, or you
have been diddled. In fact this information is available on the web, but only if
you know where to look, so this excellent little utility, called Mr Who, could turn out
to be really useful. It’s incredibly easy to use, just enter the website
address and a moment or two later up pops everything you might want to know,
including where the website is based, who hosts it, and details of the owner,
including their registered address. The program is small, just 1.5Mb, so it
could be on your PC and up and running in not time flat.
02/05/11
Where Are They Now?
 Few applications have been
so aptly named as Creepy,
that’s what it is, and what it does. Basically it’s a geolocation aggregator,
which is a fancy way of saying it collects together publicly available location
data about people from social networking services, like Twitter and Flikr. It
presents the information as a map, along with more specific details of their
whereabouts, past and present, with latitudes, longitudes, times and even what
they posted while they were there. This is seriously scary stuff and a clear
warning to anyone using social media that their privacy can be very seriously
compromised. It’s also a godsend for lazy stalkers (this information is available
by other means), we were able to track the movements of several well-known
celebrities just by entering their Twitter usernames.
18/04/11
Indestructible Cookie
Killer
 We have tended to get a
little complacent about cookies lately. They’re the small text files left
behind by websites and most time they’re fairly benign and easy to get rid of.
In fact most browsers can be set to do it automatically at the end of each
session, but now there’s a new type of cookie to watch out for. They’re called
Evercookies and they can be real swines to get rid of as they’re self
replicating and store data using several different cunning mechanisms. It’s
going to take a while for the mainstream cleaners to catch up with this new
critter but there’s a new one in town, still in Beta form, that can do the job.
It’s called BleachBit and
Evercookie eradication is just one of its many talents. It cleans up a lot of
other hidden and persistent storage bins in Windows and the most popular
browsers. As always, you use Beta software entirely at your own risk as there
may yet be unforeseen bugs. It seems very stable but you should avoid using it on
mission critical machines or any PC where you haven’t backed up all
non-replaceable data.
21/03/11
Secret Snaps
 We’ve spoken of
steganography before but for those that missed it, it’s a way of embedding
hidden messages and files, like audio recordings inside other files, such as
photographs. If done well the picture looks perfectly normal and the file size
is virtually unchanged. Steganography programs we’ve looked at in the past have
tended to be a bit fussy, but here’s a new one, called Silenteye, that does the
job swiftly and easily, and I’ll wager you can’t tell that the second image
contains a hidden message (approximately 1000 words of text). Obviously
programs like this can be used for good or ill, but if you are travelling
abroad in a foreign land with a less than friendly regime and need to get a
private or personal message home then this is the way to do it. Terrorist be warned,
though, images may look normal to the untrained eye, but if you are being
watched your mail will be monitored and if they are looking for hidden
messages, they will be found…
14/02/11
Pep Up Your Passwords
 I am grateful to Lifehacker for this simple but effective
method to strengthen your passwords, making them highly resistant to ‘brute
force’ and ‘dictionary’ hacking methods. These basically attempt to crack your
passwords by trying every conceivable combination of alphanumeric characters
and common words. The solution is to use one or more specialist characters or
ASCII symbols that are not routinely used by these methods. You have to be a little
bit careful as some specialist characters are not recognised by Windows, some
web sites and password storage programs or ‘vaults’, but there’s plenty of
widely used ones to choose from. These characters are generated by pressing the
Alt key plus a simple two or three digit code, selected from the Numeric keypad
(You normally have to press the Numlock key first). The trick is to use only
one or two of these characters as too many of them could prove unwieldy, and to
keep things as simple and memorable as possible make it the first or last
character. There’s a fairly comprehensive list of mathematical symbols and
special characters listed on the Word Top Tips page, otherwise here’s a few simple to
remember ones to try: Alt + 3, 4, 5 & 6 gives the four card suites (♥ ♣
♠), Alt + 11 & 12 generate the male and female symbols (♀ ♂) and Alt + 16
& 17 produce right and left arrowheads.
24/01/11
Essentially
Better
 Microsoft
Security Essentials has already proved itself to be one of the best, if not
the best free antivirus and malware applications around, and now it has just
got even better with the release of version 2. New features include beefed up
malware detection, thanks to a tweaked heuristic engine, integration with
Windows firewall and improved network protection with a nifty function that
lets you monitor network traffic. It’s available now as an update for existing
Security Essentials users or you can start off the New Year with a fresh
approach to computer security with a clean installation of the program, just
remember to remove your old anti-virus program first. XP SP2 users should be
aware that you may need to download an additional filter package if you have
been neglecting your updates, if so you will be advised and guided to the
download link.
30/12/10
Bypass
the Password
 Passwords
are one of life’s little irritants. To be fair, for the most part they are
there to secure and protect but how annoying is it to have to constantly dream
up passwords and usernames just to get into publicly accessible websites? We’re
not talking about pay sites, or sites that have good reasons to limit access,
but sites that you know are just collecting your details so they can send you
advertising or spam. Of course you can always fill out the form and put in a
phoney email address, but here’s a much easier way. It’s called BugMeNot, and it shares working logins for
thousands of websites. Don’t worry, it’s not going to get you into any
sensitive or naughty sites, just the ones that play hard to get at, and if you
have some logins you want to share then you can add yours to the library and
help other weary web wanderers.
27/12/10
Hide and Protect
 There are all sorts of ways
you can protect data on your PC and encryption is one of the safest and most
obvious methods, but in most cases your encrypted files remain visible, and
although they may not be readable, the fact that the file is encrypted is immediately
obvious to anyone snooping around your PC that you have something to hide. Here’s
another way, it’s called Password Folder
and the idea is that the file or folder is hidden from view, so it effectively
becomes invisible. The program also prevents anyone from opening or modifying
the file without the correct password. It’s really easy to use, just drag and
drop the files or folders you want to protect into the Password Folder window,
or select them from an Explorer type window. This is a beta version but it
appears to be very stable and bug-free, nevertheless, the usual precautions apply
and you try it at your own risk.
29/11/10
Password Perils
 If you didn’t already know
it you should be aware that the password protection on your PC is about as much
use as a chocolate teapot. There are things you can do to make it harder for
anyone to get at your files, and we’ll come to that in a moment but first, at
one time or another many of us forget our logon password. Faced with an
inaccessible PC, some users resort to drastic action, like re-installing
Windows. There’s really no need, blanking the password using a special type of Linux boot disc is
fairly straightforward. Cracking a password takes a little longer but again
it’s easy enough if you know what to do, and one way is to use another Linux
live CD boot utility called Ophcrack.
Download the .iso file and use a utility like Imgburn to
create a CD. Just boot the PC from the CD and watch it hack away at your
password. Most times it only take a few seconds to crack a 4 - 6 character password otherwise
it might take a few minutes but if you thought your PC was
protected, think again, it’s scary stuff.
The good news is it can get
you out of a hole if you’ve forgotten your password. The bad news is anyone
with access to your PC can use it, so how do you go about safeguarding your
computer? Creating a really long password helps, but it has to be 14 characters
or more to cause trouble for programs like this. Even that’s not going to stop
anyone using a password blanking utility, so what can you do? One solution is
to activate your PC’s BIOS password – check the manual for details. This will
stop anyone attempting to use a live CD to boot your machine, but that’s still
not going to protect your data if anyone steals your PC or removes the hard
drive. If you have anything on your PC that you don’t want anyone else to see
the only solution is to encrypt it, or better still encrypt the whole drive.
There’s no excuse not to, it’s reasonably easy to do in most versions of
Windows 7, some drives have their own encryption facility otherwise there are
plenty of free
encryption utilities available.
15/11/10
New CCleaner V3 Released
 For those of you new to
Windows, and with apologies to old hands, you may be interested to know that
Windows stores the address of every web site you’ve ever visited, from the day
you first switched on your machine. This information is stored in a hidden and
protected file that you can’t delete by any normal means. Some say this secret
file, one of several called index.dat, was put there at the behest of the FBI
but whatever its origins, the fact is your PC is spying on you. There are ways
to rid yourself of this unwelcome snooper and for the past few years I’ve been
recommending a freeware program called CCleaner (CC originally stood for
Crap Cleaner…), and that’s not about to change as the latest version 3 is
released. It’s now even better, with new tools for safely wiping drives, added
support the latest Internet Explorer and the new browsers, tools for Startup
and System Restore, an option to run CCleaner at startup and lots more besides.
It’s still free, though there’s also supported paid-for version, if you go for
the free edition make sure you pay attention during the install as it will
install toolbars unless you uncheck the options.
08/11/10
Avert Disaster
 At least the malware
scourge doesn’t seem to be getting any worse, thanks to better PC security,
increased user vigilance and more sophisticated anti malware software. The only
trouble is, what happens when you let down your guard and a malware infection
gets past your defences? There are a number of excellent free cleaners
available but knowing which one(s) to use can be a problem, which is where Avert comes in. Think of it as the Swiss
Army Knife of malware cleaners, it doesn’t actually do any cleaning itself but
rather draws together the best available tools in one simple to use package,
which you can deploy the next time something nasty gets onto your PC. It
supports up to 8 scanners and cleaners, which it run automatically. It also
does a Registry backup, comes with a copy of our old friend CCleaner and
several other handy tools that can help to fix the damage caused by some
malware programs. Definitely one to keep handy, just in case…
20/10/10
Microsoft Malware Zapper
 For years Microsoft left
computer security pretty much up to third-party applications to zap viruses,
whilst they concerned themselves with plugging the various security loopholes
with security updates. Then, about a year ago they released Security
Essentials, an excellent free anti-virus program, and now they’ve finally
caught up with the malware menace, with the Microsoft
Malicious Software Removal Tool. It’s a post-infection cleaner, that
targets the latest and most virulent nasties that are likely to find their way
onto XP, Vista, Server and Windows 7 and these include the notorious Blaster,
Sasser, and Mydoom worms and their many variants. Even if you run regular scans
of other malware cleaners it’s still worth letting this one check your system.
20/09/10
Secure Your Sticks
 USB memory sticks are
great, but they can also cause problems, especially if they are used to transfer
data between PCs. They can easily become carriers for all sorts of nasties,
especially malware, and they can be unreliable, so it it’s wise to keep backups
of irreplaceable data. If that sounds like a problem waiting to happen, here’s
a solution. It’s a Spanish program called USB Security Utilities,
and the only reason I’m telling you that is because once the program has been downloaded,
extracted and loaded onto your flash drive you need to go to the Configuracion
menu tab and change the operating language to English, unless you are a fluent
Spanish speaker of course. From that point on it’s all pretty obvious. The
program displays detailed information about the drive, you can scan it malware,
immunize folders against infection, explore files and folders and make backups
of files stored on the drive. It works on memory cards and portable hard drives
too, so you can keep all of your media squeaky clean and in tip-top condition.
13/09/10
I Spy With My Little DLL
 Let’s face it. The bad guys
are not going away and for as long as we choose to use computers – and yes that
includes Mac and Linux systems -- they are going to try and get at our data. To
that end you can never have enough anti-virus and malware tools at your
disposal, so here’s another one. It’s called SpyDLL Remover and that
just about sums it up. Its main focus of interest is Dynamic Link Library or
DLL files, which are a component of most programs, and they are easy to infect,
especially with nasty little devils called Rootkits. Not only does SpyDLL hunt
them down, it has the facility to destroy them as well, which can be surprisingly
difficult. The program is small, and it’s a standalone application so it
doesn’t even have to be installed on your computer. Well worth trying, even if you run a variety of other security
tools, you never know what it might find, and if it finds something you are not
sure about there’s an on-line analyser to tell you exactly what it is.
09/09/10
PCs Save The Planet
 I am sure that you are
doing your bit to help save the planet, driving less often, switching things
off when they are not being used, recycling and so on but have you ever
wondered how much energy your PC is wasting? Wonder no longer, and maybe save
yourself a few pounds with a freeware application called Granola. It’s an energy saving utility that
promises to cut your PCs consumption, but without sacrificing performance or
usability. It works by using the DVFS (Dynamic Voltage and Frequency Settings)
feature in most PCs under 5 years old, basically by taking control of the CPU,
running it at full speed when it’s working hard, but throttling it right back
when it is idle or engaged on undemanding tasks. It might not sound much but
the developers reckon it could knock over £30.00 a year off your electricity
bill, reduce your carbon footprint by more than over 200kg of CO2 and improve a
laptop’s running time by around 15%. Users are also encouraged to sign up for
an online account and add their energy saving contribution to the Granola
community. It’s free, it might even save you a few bob, so what have you got to
lose?
09/08/10
AdAware Up the Stakes
 AdAware was one of the
first free anti malware programs and it continues to do a good job though it
has been rather overshadowed of late by flashier and more refined freeware
offerings, like Microsoft’s Security Essentials. So rather than throw in the
towel they’ve made it faster and the new improved AdAware Free has extra
features, including a ‘core’ virus scanner, real time protection, new rootkit and
malware removal tools, it also has a scheduler and a download guard
specifically for Internet Explorer. Mind you, it’s also got a lot bigger and
the download is a whopping 122Mb, so don’t try it on a dial-up connection…
15/07/10
Hunt Down the Hijackers
 No, it’s not just another
malware cleaner, HiJackFree
from Emsisoft is a really powerful tool that shows you clearly what is running
on your computer, the good and the bad stuff, tells you exactly what it is and
what it is doing, and most importantly, lets you stop it or remove it if its
not supposed to be there, or causing problems. HiJackFree monitors all running processes
and associated modules, control all Services, you can view all open ports,
manage LSPs (layered Service Providers) and control all Explorer and browser plug-ins
and manage all of your autoruns. Maybe it’s not for absolute beginners but it’s
easy to use and understand and if you suspect your PC has been infiltrated this
is one weapon you definitely want to have in your armoury.
28/06/10
Senf and Sensibility
 Senf is an unlikely sounding
name for a security tool but if you deconstruct it you come up with SEnsitive
Number Finder and that pretty well sums it up. When this freeware application
is running it scans your PC looking for the files and folders that may contain
private and personal numbers that you wouldn’t want to fall into the wrong
hands. In particular it looks for credit card and social security numbers and
so on. It’s not terribly smart, and not as discriminating as Identity
Finder, which we looked at a while back so expect it to throw up a lot of irrelevant
hits but it is thorough and there’s always the chance it discover a long-forgotten
file that you would rather not have hanging around on your system.
10/06/10
Safer Sticks
 It seems that every week or
two there’s a story in the press about some idiot loosing a USB flash drive
full of state secrets or thousands of personal records. It shouldn’t happen,
and it doesn’t have to, flash drives will inevitably get lost or left lying
around but the data they contain can be easily made inaccessible by encryption.
That’s where a free utility called USB Safeguard
comes in, simply load it on your drive and you can opt to encrypt the whole
drive, selected files, or shred the lot. The program is really easy to use; it
asks to nominate and confirm a password, which it helpfully offers to store on
you PC, then all you have to do is click the button to encrypt the whole drive,
or drag and drop the files or folders you want to protect. Decryption is
equally straightforward, just pop the drive into your PC, you will then be
asked for the password and to select the files or folders that you want to
unscramble.
06/05/10
Predatory Protection
 Here’s a brilliantly simple
way to protect your PC when you are away from your desk or office. It’s called Predator
and it works a bit like an old style security dongle. The idea is that once the
program has been installed a ‘key’ is loaded onto a USB flash drive. When the
drive is removed the screen blanks, the keyboard and mouse are disabled and the
PC is safe from interference. When you come back just pop in the drive and
enter the optional PIN code and Windows is up and running again. It’s foolproof;
well almost, just don’t lose your key…
29/03/10
Tinkering With Passwords
 I am sure that I don’t have
to remind you how important it is to create really strong passwords if you are
going to do your banking and buying online. It’s no good just using the kids or
pets names and don’t commit the cardinal sin of using the same passwords or
PINs for everything. Yes, I know it’s difficult to remember them all, but it’s
really important, so here’s an easy way to create a strong password, and
recover it if you forget. It’s called WinTinker Easy Password
Generator and this is how it works. You enter your easy to remember
password into the box and the program (downloadable Windows and on-line
version available) jumbles it up and substitutes characters, making it
practically unguessable, though just slightly recognisable. If you forget it
just go back to the program and tap in your memorable password and it will be
recreated.
11/03/10
Avast! 5.0 Me Hearties
 ‘Tis the season for updates
and the latest old favourite to get a makeover is Avast!, one of my favourite
anti-virus packages. Avast!
Free 5.0 is the new version and it is faster and lighter on resources than
previous incarnations. Highlights include a new Behavioural Shield and Code
Emulator features, which look for suspicious activity that may not be covered
by current virus and malware signature libraries. There’s also a new, easier to
navigate interface, you can switch off the annoying voice using the new
Silent/Gaming mode and if you like what you find, you can upgrade to the
paid-for Pro version which has, amongst other things, a new Sandbox facility
that keeps tricky programs and dodgy downloads in quarantine until they can be
checked out.
21/01/10
Devious Drives
 Here’s a useful little privacy
tool for those who want to keep files and folders on their PC safe from prying
eyes. It’s called NoDrives
Manager and the idea is very simple; using a spot of Registry editing it
makes one or more drives attached to your PC completely invisible to Windows
Explorer and all of your programs. In fact they are still there, but only you
know that, and they can still be accessed as normal but you’ll have to manually
enter the drive letter, path and file name. If you want them back them to
reappear all you have to do is fire up the program and enter your password.
04/01/10
Total Protection
 How
safe is that file that you have just downloaded? Hopefully if it contains any
viruses or malicious content your security program will pick it up, but there’s
always a chance that something new might slip through the net, so what can you
do? Here’s one solution, download a little utility called Virus Total Uploader. It
installs as a Context Menu item, which basically means that when you right
click on a file in Windows Explorer then go to Send To, and you’ll see it on the
list. All you have to do is click on the Virus Total icon and it uploads the
file to an online file checker, which scans it for nasties. If the file has
been checked before you, and it passes the test, you’ll get the OK in just a
few moments, if it’s something it hasn’t seen before it may take a few minutes,
and if it gets a clean bill of health you can go ahead and open, use or install
it. It doesn’t claim to be infallible but if all you want a quick and simple health
check on an unknown file, this is certainly worth trying.
17/12/09
See Your Key
 Several times, when I’ve been asked to solve a problem or
help setup a friend or relative’s Wi-Fi system or laptop I’ve fallen at the
final hurdle when I get to the point when I have to enter WEP or WPA encryption
key. Either it’s been thrown away, with the box that the router came in, or the
piece of paper it was written down on has been lost. Yes, I know most routers
can be reset to the factory defaults without too many problems but it can be a
messy business if there’s more than one PC on the network. Here’s a way to
extract the WEP/WPA keys that are stored on a computer, it’s called WirelessKeyView and
it recovers all of the keys stored by the Windows Zero Configuration service.
You can then save them to a text, html or xml file, so they won’t go missing
again!
19/11/09
Lockdown Your Laptop
 Here’s an interesting way to protect the security of your
laptop. LAlarm is a small
program that monitors your PC, sounding an alarm or sending you a email or SMS
alert if it is stolen, tampered with or moved from its normal area of
operation. The theft alarm senses if a USB memory stick or the power lead is
removed, the perimeter alarm checks the user’s IP address so if it is connected
to another network, wirelessly or by cable, it sounds an alarm or sends an
alert. You can also program a variety of responses to an alarm, like enabling
the webcam, to record an image of the thief and automatically destroy sensitive
data on the hard drive if it is stolen. It’s a clever idea, ideal for business
users and students, and a lot less cumbersome (though obviously not as secure),
as wire and cable locks that tether the PC to an immovable object.
04/010/09
Free Virus Protection from Microsoft goes Live
 As reported earlier this year Microsoft’s very own free anti
virus program, Security
Essentials, has now finished its beta trials and is ready for download. The
finished version doesn’t look significantly different from the beta but behind
the scenes a various bugs and quirks have been fixed. First impressions are
very good, it’s reasonably fast, unobtrusive and doesn’t hog resources and
according to the experts provides a high degree of protection. Only time will
tell if there are any gaps in it defences but if you’re a reasonably low risk
user (you avoid dodgy websites, pirate downloads and opening unexpected
attachments), and you’re unhappy with your present anti-virus program then it’s
worth giving it a whirl. Incidentally, despite warnings about not getting along
with other AV programs it didn’t seem to mind sharing disc space with Avast!
and AVG on our test machines.
01/10/09
Big Red Boss Button
 Uh oh, watch out, here comes the boss and you’re busy updating
your Facebook profile. Fear not, just click the ‘Don’t Panic’ button on your
desktop and the offending apps are quickly and discretely hidden from view,
from the Task Manager as well, if you’re really paranoid (or you have a really
tech savvy boss…). Don’t
Panic is a highly configurable ‘Boss Key’ program that hides selected
applications at the click of a mouse or press of a keyboard shortcut, of course
I can’t condone it’s use, you should be working, but we’ll let it slide for
those very rare occasions when you do a spot of private surfing on company time,
it could just keep you out of trouble.
28/09/09
Hard Times for Hard Drives
 Now that many of us are using external hard drives, or
internal slaves, and disposing of old PCs, the problem of how to ensure
security and safely remove personal data from those drives is becoming ever
more important. There are plenty of programs that provide the nuclear option,
of destroying all of the data on a drive or PC, but what if you just want to
erase one drive or one partition? That’s not so easy, and what if you
absolutely, positively have to make sure that all the data you’re destroying is
completely beyond recovery? Needless to say it can be done, and here’s how. It’s
a freeware program called Hard Drive
Eraser. It’s easy to use, just tell it which drive or partition you want to
zap, choose which of the four powerful shredding algorithms you want to use, (DoD,
US Army, Write Zeros or Peter Guttman – the later for the terminally paranoid),
then let it get on with the job.
21/09/09
Warning! New Microsoft Update Email Trojan
 Microsoft never sends out updates by email so you should
instantly bin this latest threat, which has been doing the rounds over the last
24 hours, I’ve already had about 50 of them sent to me. It’s really easy to
spot, the Subject line says ‘Critical Update for Microsoft Outlook and if you
open it, it says: Update for
Microsoft Outlook / Outlook Express (KB910721). Obviously it’s
nothing of the sort though it looks very plausible and has none of the usual
clumsy spelling and grammatical errors. If you click on the link you will be
taken to a spoof website and instantly download a nasty Trojan, though there
are some reports suggesting that the payload may have changed in the past 12
hours. Either way don’t open it and do not on any account click on the link,
and at the risk of repeating myself, remember that, Microsoft never sends out
updates for Windows by email.
24/06/09
Identify Yourself
 I’ve been wittering on about privacy and security for years
with scare stories about hackers and identity theft but have you ever wondered
what, exactly, there is on your computer that could be useful to a fraudster?
You probably have no idea, it could be anything from PINs and passwords to
credit card details, your date of birth, bank and credit card numbers, passport
and National Insurance info, the list goes on and it’s all useful stuff to felons
but the point is, without knowing what’s on your PC, you don’t know how much of
your identity is being exposed. That’s where Identity Finder comes in, it will show
you, in just a few seconds, what information is on your drive, and if you feel
it is too much of a risk, you can make it go away by shredding it, or protect it
by encrypting it.
11/06/09
Laptop Locator
 What would happen if your laptop went missing or was stolen?
In all likelihood that would be the last you’d ever see or hear of it again,
but maybe not. If a freeware application called Prey was installed there’s a fair
chance that it might be able to call home, possibly to let you know where it
was, or maybe send you a photograph of the thief. Prey is a simple program that
runs silently in the background. It builds up a detailed picture of its
whereabouts, the status of the computer, running programs and connections plus
information about the network it is connected to. It also takes a snapshot of
the desktop, and if it has a built-in webcam, it records and image of whoever
is using it. The first time it is is able it connects to an network or wi-fi
hotspot and sends this data back to a website or email address that you
specify. Needless to say, one of the
first things a thief will do is format the drive, but there’s a chance that
before they do they will have a poke around to see if there’s any valuable
personal data on the machine, and that could give Prey enough time to send back
the evidence that might help you to recover your property. It's available for WIndows, Mac and Linux, unfortunately the Windows version hasn't been translated into English yet, but it's all pretty obvious.
08/06/09
A Meaner Cleaner
 At the risk of being accused of obsessive-compusive
behaviour, here’s yet another cleaner utility that removes all the bits and
pieces on your PC that can compromise your privacy. It’s called FCleaner and so
far I’m impressed! We are of course talking about all of the data your PC keeps
about what you get up to. There’s the obvious stuff, like Internet History,
cookies and of course the notorious secret and hidden Index.dat files. FCleaner goes much further, though and it
also empties the Recycle Bin, Clipboard, Memory Dumps, Chkdsk file fragments,
temporary files, log files, Recent Documents, Run Histories, old Prefetch data,
Explorer MRUs and much more, In IE it removes the cache, cookies, history, auto
saved form info, download folder, types URLs, not to mention index dat. It also
scours and wipes clean Firefox, Opera, Safari, Chrome and the log files in a
host of popular applications. And as if that wasn’t enough there’s also a
Startup manager, an uninstaller, and a very useful selection of tools. It’s
powerful. So use it with care and only go into the Advanced section if you know
what you are doing. Definitely worth your serious consideration if you want to
keep your doings private and your PC clean!
04/06/09
Wipe Yourself Clean
 As you may know I am concerned about PC privacy and I’ve
been banging on for years about the secret and protected log files in your
computer that record just about everything that you do. To that end I’ve
recommended a succession of programs that erase these sneaky files, starting
with the groundbreaking Spider, which first appeared almost ten years ago.
Sadly Spider couldn’t make the transition form Windows 98 to XP so for the past
few years the job has fallen to the excellent Crap Cleaner (CCleaner) and it
still does an excellent job, but here’s a new cleaner for you to try, it’s
called Wipe and
very good it is too. It really gets into all of the little nooks and crannies, clearing
out scores of pieces of personal data that Windows and your applications leave
behind, including, of course, the notorious index.dat files. It’s highly
configurable and very thorough so do check what you are deleting. If you want
to keep yourself to yourself this one is definitely worth investigating!
18/05/09
Conflicker Checker
 Contrary to some of the stories circulating in the more
excitable sections of the media millions of PCs didn’t suddenly blow up
following the much-anticipated reactivation of the Conflicker C virus on April
1st. In fact, at the time of writing nothing much seemed to have happened and
the world moved on to more important matters. Nevertheless, this virus, and its
ilk do present an ongoing threat, especially for PC owners who do not keep
their security software and Windows Updates current. By the way, if you have
any concerns about Conflicker C and malware in general and you think your PC
may be infected I wouldn’t ask Google. I typed in ‘Conflicker C Removal’ a
couple of days ago and the first three hits all led to websites carrying the virus!
If you have been lax with your security updates then your
best bet is to download the free Microsoft
Malicious Software Removal Tool, which scans your PC for Conflicker and a
raft of other nasties, but in the end the best way to avoid becoming infected
is to install a decent anti-virus program and regularly sweep your PC with
cleaners like AdAware,
A-Squared and Spybot.
02/04/09
Scupper the Snoopers
 I am sure that you know that Windows spies on you, but in
case you’ve missed my many warnings over the years, you may be interested to
learn that your PC keeps a record of every website you’ve ever visited, from
the day you switched it on, in secret, hidden and protected files called
index.dat. We’ve looked at several free utilities that can clear these files,
and I’m happy to continue to recommend the excellent CCleaner
as the most comprehensive privacy tool available, but there’s a new kid on the
block. It’s called Index.dat
Analyzer, and its main selling point is that it lets you see what’s in your
index.dat files, with details of the web address, plus times and dates and it
allows you to selectively delete what you find there, just in case there’s
something you want to keep. It’s simple to use and of course, completely free.
05/01/09
IE Vulnerability, Emergency Patch
 Just days after a new security loophole in Internet Explorer
was published on a Chinese website the hackers and crackers set to work and to
date thousands of websites have been compromised. Just by visiting the site
(using IE) you can download a Trojan and other nasties, which are designed to
steal online game passwords but the payload is changing all the time. The
vulnerability is in an IE dynamic link library (dll) file called oledb32 and
Microsoft is rushing out a patch, which it started releasing last night.
The
chances of UK web users copping an unfortunate one are pretty slim (unless you visit a lot
of Far Eastern porn or gaming sites) but you might want to switch to Firefox
for a while, until the fuss dies down. If you don’t receive MS updates, or you
want to keep your PC safe then you can download a temporary emergency fix from
Prevx: http://www.prevx.com/ie7.asp,
which unregisters oledb32.dll. It shouldn’t make any difference to most sites
but you can use it to re-register the file when everything settles down or after
you’ve installed the patch
18/12/08
Unforgettable USB Drive
 If the media is to be believed Government employees are a
forgetful lot, losing laptops and leaving CDs and USB drives containing
sensitive data all over the place. It’s easily done; though and short of
chaining a USB drive to your wrist sooner or later you are going to
inadvertently leave one plugged into a PC. Here’s a simple little freeware
program that might help jog your memory. It’s called Flash Drive Reminder and all you
have to do is download the zip, extract it and copy a couple of small files to
your drive. In fact there are two versions, Standard displays a reminder
message when you plug the drive into a PC, and another when you log off or shut
down the PC; the Quiet version just displays the logoff and shutdown messages.
11/12/08
Destroy After Reading
 How often have you wanted to say that? Oh well, maybe it’s
just me but here’s something for budding secret agents, or anyone who want to
send someone a private message that can only be read once, after which it will
automatically self-destruct. It’s called Privnote
and the idea is you write your message in the box provided, click the Create
button and it generates a one-time URL or web address. You send this to the
recipient, they visit the site, read the message and when they close the
browser window it’s gone forever (unless they copy the message). The URL only
works once, so they (or anyone else) cannot go back and view it again. And
there’s one last trick, if you enter your email address it will automatically
notify you when the message has been read.
24/11/08
Crackdown on Clickjacking
 A new, or rather a newly revised threat may be coming to a
browser near you. It’s called Clickjacking and it can affect all browsers. It
first appeared a few years ago but little was heard of it after the first
warnings. It looks like it might be back though the threat level is still quite
low at the moment but these things can quickly spiral out of control. Here’s
how it works. If a hacker can get access to a website they can fiddle with
buttons and graphics so that if you click on what appears to be a legitimate
link what actually happens is you are directed to a phoney or fake site where
you unwittingly enter personal details, or in a worse case scenario, clicking
the link downloads malicious software onto your PC. Of course the same kind of
thing can be found on less reputable websites.
Microsoft and Mozilla have released fixes in the past but
there is a way to stop clickjacking in its tracks, on Firefox at least, and
that’s to install an add-on called No-Script.
This creates a white list of trusted sites by blocking any attempt to run an
unapproved or suspicious script within a web page. If the site is blocked by
NoScript all you have to do is click on the ‘S’ logo that appears in the bottom
left hand corner and decide whether to allow the page to load. It’s a bit of a
chore, but if you take security seriously, or you visit the odd dodgy website
then it will give you some extra peace of mind.
20/10/08
One Click Encrypt
 We are all concerned
about privacy and security but relatively few PC users actually ever get around
to doing something about it. Now there’s no excuse, a small freeware utility
called EncryptOnClick
can encrypt any file on your PC in just a second or two. Just open the program
and select the file, tap in your password or PIN and its done. The file is
compressed and scrambled using strong 256-bit AES encryption, which will keep
most nosey parkers at bay. The program is small, under 4Mb, and it fits easily
on a USB pen drive, so you can protect your files when you are on the move.
31/07/08
Double-Quick Data
Destruction
 If you sell or
otherwise dispose of your computer you must delete all of the data it contains.
This is vitally important, not just from a security standpoint, but it’s also
technically illegal to sell on a PC with Windows and many commercial programs installed unless you also
transfer the licences, though this is almost impossible to do.
Active
KillDisk remains my favourite method for deleting the data on a drive, but
here’s a new one, called Darik’s Boot
and Nuke, and this program really lives up to it’s name! Just boot the PC
using a CD, DVD, pen drive or floppy and it totally destroys all of the data on
every drive it finds. UI suspect this will be of interest to anyone who needs
to lose a lot of data in a hurry, when the authorities come a-knocking but it has
plenty of entirely respectable applications, particularly for anyone selling or
recycling a computer. Just be careful how you use it, there’s no going back
once it has started…
24/07/08
New AVG Annoyance
 It’s hard to get too
upset with AVG, after all they have been providing us with top-notch virus
protection for free these last few years, but the release of AVG version 8 has
annoyed a lot of otherwise loyal users. Over the last few weeks popups have
been appearing that appear to suggest that AVG was no longer free and to stay
protected you had to upgrade to a paid-for version. The fact is AVG 8 is still
free for personal use, but of course AVG would rather you purchased the better-specified
commercial version – well, you can’t blame them for trying. For the record the
free version can be downloaded from http://free.avg.com
The latest problem
is a component in AVG 8, called Link Scanner, which has been driving some
website owners potty. The idea is when you do a web search it pre-checks all of
the links, looking for malicious sites. The trouble is websites get bombarded
with fake hits from PCs running AVG 8, clogging up the web with pointless and
wasteful traffic. Some users also suggest that the Link Scanners slows their PC
down, which could well be the case on older machines.
Anyway, you can
disable Link Scanner from AVG’s Control Panel, but this slaps an ugly red
exclamation mark over the AVG icon in the System Tray. The simpler solution is
to go back to AVG website and download the program again. Run the installer,
follow the prompts and this time you will see a Select Startup Type window.
Check Add or Remove components, click Next and a few clicks later Component
Selection appears. Uncheck Link Scanner, click Next and finish the
installation. When you next open the Control Panel Link Scanner will be no
more.
10/07/08
Clever One-Click Clean
Up
 As I am sure you
know I have been waffling on for years about how your PC monitors your web
surfing activities and logs every website you’ve ever visited, from the day you
switched it on, in a hidden and protected file called index.dat. Regular
readers may also recall a couple of utilities I’ve been recommending to wipe
these files. Back n the days of Widows 98 my cleaner of choice was Spider,
sadly it was never updated for XP but then along came Crap Cleaner – CCleaner,
as it is now known – which does a brilliant job. Now we have a new utility that
works with CCleaner, called Click&Clean,.
Basically it lets you put a quick-launch icon – appropriately enough a toilet
roll – on your Internet Explorer or Firefox toolbar. You need to have CCleaner installed on your PC first, and the new icon has to be
added manually, so don’t forget to read the instructions. One click and it
launches CCleaner and your tracks are covered.
I see only one small
problem and that is the browser has to be closed in order for CCleaner to work,
so the trick is to remember to click the toilet roll just before you exit your
browser.
03/07/08
Bird Passes The Word
 I don’t know about you but I’m always struggling to think up
new passwords for websites and the myriad of other things I need to gain access
to these days. As we all know using simple words, such as names and places for
passwords is just asking for trouble as they can be easily guessed by someone who
knows you, or about you, or cracked using ‘brute force’ dictionary methods, so
here’s something else to try. It’s called Password
Bird and all you have to do is enter a special name, special word and a
special date and from that it creates a good quality random-looking alphanumeric
password, but made up from bits of your special words and numbers, which should
make it a little easier to remember
23/06/08
Keep It Clean!
 We all know that when you use a PC you leave a trail, half a mile
long, in ‘log’ and ‘dat’ files and Registry entries detailing everything you’ve
been doing, from the files and programs you’ve opened, to the websites you’ve
visited. It’s no small concern as it can include sensitive and personal
information, like passwords and PINs for example. It’s not too difficult to
keep your own PC’s record keeping in check, with a free utility like
CrapCleaner (see Software section) but what happens when you’ve been using
someone else’s computer?
This little program, called CleanAfterMe is
what you need to tidy up after you. It’s a small freeware application that you
can keep handy on a USB memory stick and when you run it you have the option to
delete all of the data and changes you may have left behind during the session.
If you are a regular user of other people’s computers and value you privacy and
security then don’t leave home without this really handy utility.
19/06/08
Rooting Out Rootkits
 We’ve spoken about Rootkits
before, they’re nasty little pieces of malware that can open up your PC to
hackers, but are also really difficult to detect and eliminate because they
hide inside legitimate applications and files. McAfee, the anti-virus people
have come up with a new Rootkit removal tool, called Rootkit Detective. It’s
still in its pre-release beta version but it seems stable enough and compared
with other Rootkit removal tools we’ve tried, it’s blindingly fast. Although it
didn’t find any infections on our office PCs it did flag up a few files,
belonging to uninstalled applications, that shouldn’t be there, so it’s definitely
worth a try, especially if you have any concerns about the security of your PC.
29/05/08
Home is where the Webcam is
 There have been a number of well-publicised cases of home-owners with
security camera setups, spotting villains breaking in to their houses on their
laptops while they were on holiday. In most cases this involved the use of some
pretty fancy kit, but here’s a simple, and so far free system that can do
exactly the same job, without the need for any expensive hardware or software.
It’s called Home Camera and all you
have to do is download a small piece of software, hook up your USB webcam, and
you can monitor the image from up to 4 cameras anywhere on the world on any PC
running a standard web browser. If your camera supports motion detection it can
send you an email alert and an image to your mobile phone. Home Camera is still
undergoing Beta testing, which is why it is free, but when the service begins
in August it will still only cost around £8.00 a year, and anyone who signs up
for the beta trial is promised a good discount.
25/05/08
Laptops Aloud
 It’s not long until the holiday season begins and with the widespread
availability of Wi-Fi in hotels and airports, and Wireless Hotspots all over
the place I’m guessing that a lot of you will be taking your laptop with you on
your travels this year. The only trouble is they’re so nickable, all it takes
is a momentary distraction, and it’s gone. Well, this little freeware utility
isn’t going to stop you doing something daft, but if might just alert you to
the fact that someone is interfering with it, and if it does get pinched, they
won’t be able get at the data stored on it, at least not easily. It’s called Laptop Alarm and the idea is you launch it
when your laptop is unattended, Windows is automatically locked, and if
anyone messes around with it, unplugs the power cable or moves the cursor, it
starts shrieking. It’s no good if they try to mute the sound either, because it
overrides the volume controls. As I said it’s free, so what have you got to
lose, apart from your laptop…
12/05/08
Key to Security
 One of the scariest threats to your PC and personal security
is the keylogger. These are tiny malware programs that can get onto your PC by
a variety of means, in some cases all you have to do is visit an infected
website. Once on your computer it sits silently in the background, recording
every keystroke you make, and sending the data back to the mothership, where it
is scanned for passwords and PINs, which can be used to empty your bank account
or set up phoney accounts. This little freeware program, called AntiKeylogger
can’t help you if you are already infected, so check your PC before you install
it, but it will stop any new ones from working. Unlike most programs of this
type it doesn’t try to detect an infection, instead it interferes with the
mechanisms that all keyloggers use to record data, so there’s no need for it to
be regularly updated with signature files, providing you with near effortless,
long term protection.
21/04/08
Lock Your Windows, With a Cellphone
 If your PC or laptop has a Bluetooth adaptor, and your
cellphone is similarly equipped, then here’s something that might interest you.
It’s a free utility called BtProx,
and the idea is you can lock your PC, so no-one else can use it, unless you,
and your cellphone are in the immediate vicinity. As I’m sure Apple Mac fans
will remind me, it’s not exactly a new idea, but no matter, its a simple and
effective way to protect your computer, though, just make sure your phone battery
doesn’t run out, or you will be in trouble…
14/04/08
Phishing Fixer
 If you are fed up sifting through fake phishing messages
purporting to come from banks, credit card companies and financial institutions,
ebay and PayPal trying to extract your details, then help is at hand. It’s called
Iconix email ID. It’s an add-on for Outlook
Express, Outlook, Windows Live, Hotmail, AOL and Yahoo webmail and GMail that
automatically identifies and flags up messages that come from legitimate
sources.
Incoming emails are checked against a database of registered senders –
300 so far -- and if it passes the test an icon appears next to it in your
Inbox, so you can see instantly if it is genuine or not. It’s all free, the
software only takes a few moments to install and as far as I can see the only
minus points are that the sender’s list is biased towards US companies – it could
do with some UK banks and building societies on the list -- and they’re still
working on compatibility with other popular email clients.
07/04/08
Virtually Infallible Protection
 How would you like to completely protect your PC from
viruses, malware and the myriad of nasties floating around the Internet? Of course you would, but even with the best
security software available there’s always the chance something will get through,
but maybe there is a solution…
What we have here is a freeware program called Returnil
Virtual System that creates a sacrificial ‘mirror’ or clone of your system
on a virtual partition on your hard drive. Your PC boots into the virtual
system, so your original system remains isolated and protected. If something
does make it through your defences no harm is done, you just reboot and any
changes the malicious software has made are automatically erased and you reboot
into a newly created system.
It’s a bit like The Matrix, a PC within a PC, spooky and
quite tricky to get your head around at first but once you get used to it, it
makes a lot of sense and your PC will become virtually bullet-proof.
31/03/08
Free Software Security Program on Test
 If you don’t mind being an unpaid guinea pig then head over to the Secunia website and download the Beta
(Release Candidate 1) version of Personal Software Inspector, which checks all
of the programs on your PC and tells you if any of them represent a security
threat, or are past their use by date. If there is a problem it offers to help you find
patches and updates. The program flagged up 8 programs on my well used office
PC, none of the alerts were serious and about half of the programs I knew to be
no threat at all, so it’s not infallible and I suspect there’s still some work
to be done but it’s reassuring to have a second opinion, and it could just find
something nasty that you or your other security software has overlooked.
27/03/08
Free Wireless Security Checkup
 How safe is your wireless network? If the answer is you don’t
know, then you really should head over to the Pure Networks website and carry
out their free Network
Security Scan. Of course it’s a prelude to selling you something, in this
case an application called Network Magic, and there’s a link to a free trial,
but there’s no obligation and it really is worth the visit for the free
security scan. It raised a couple of issues on my system, which until now I thought
was pretty tightly secured.
20/03/08
Free Lightweight Virus Scanner
 Traditional thinking suggets that you should only have one
anti-virus program on your PC. That’s normally good advice as they can have
problems with each other’s ‘signature libraries’, which usually contain inert
samples of virus code, but here’s one that seems to get along with other AV
programs, on my test bed PCs at least.
It’s called EAV
Antivirus Suite Free Edition v5.61, and as the name suggests, it is a
freebie. Part of the reason it is so
amenable is the fact that it focuses on Windows, where most infections are
likely to hide and it keeps a constant check on incoming files. It is also very
small, the download is less than 2Mb and signature updates are tiny but that
doesn’t mean it is necessarily ineffective. Several users have reported that it
has found infections missed by other more elaborate programs. It also has a
number of useful tools, geared towards deep-cleaning Internet Explorer and Windows.
It’s not without a few rough edges, though, it doesn’t check emails, the menus
appear to have been written by someone with only a passing acquaintance with
English, and there’s no automatic scheduling or update facility, but these are
relatively minor niggles, it works, it seems to get on with other AV programs
and it’s free.
13/03/08
Surfing with Onions….
 A growing number of people, concerned about personal privacy
and security are opting to get off the grid but that’s always been a bit
difficult with the Internet. It knows where you are, and what you are doing,
but there are ways to become totally anonymous.
One way is to use TOR, or The Onion Router. It’s a
network of virtual connections or relays, dotted around the world, operating in complex ‘layers’ (that’s where the Onion
bit comes in) that stops you from being identified or tracked when you are
online. Ironically much of the development work for TOR was sponsored by the US
Naval Research Laboratory but now it’s gone independent, and it is free to use.
All you have to do is download a piece of software, which handles your connection to
the network, and the encryption of data, and you are in business. It’s an
ongoing project, and there are still a few wrinkles and speed issues – you may
notice a slowdown on your browser -- but if you are exchanging or downloading
sensitive or private material and want to be invisible then give it a try, but
read the overview and introduction first.
21/02/08
Fancy Free Firewall Foils Felons
 If you haven’t got a firewall on your PC (shame on you), you
are using the less than adequate Windows Firewall in XP (and to a lesser
extent, the one in Vista) or your current Firewall is squabbling with your
applications or blocking email and web connections there here’s something else
to try. It’s Comodo Pro,
version 3, and it’s entirely free, and as far as I can see, there are no
catches. It’s fully featured too, with all the bells and whistles you would
expect to find on the best firewalls, with control over both incoming and
outgoing connections, and plenty of configuration options, but it’s ready to go
straight out of the box, with industrial-strength protection if you leave it in
auto mode.
22/11/07
Slicker, Swifter SpyBot S&D
 I have been recommending the SpyBot Search and Destroy
malware cleaner ever since it appeared in 2002 and a brilliant job it has been
doing too, though I have to say that it has been looking a little tired of
late, so I am very pleased to report that a new version has just been released.
Spybot
S&D 1.5adds full Vista support, and in response to many requests,
restores support for Windows 95.
After installation the first thing it does is create a
Registry Backup, then it offers to Immunise your system, by tweaking your
browser, to prevent it from downloading malware, and this version includes
support for more browsers, including Firefox and some of the newcomers. After
that it’s ready to scan, and there are some obvious improvements. It looks slicker
and it runs quicker than previous versions, and like all new malware cleaners,
or updates of old favourites, it’s geared up to detect the latest threats and
is almost certain to find something on your PC that the others have left
behind.
28/09/07
Fancy Free
Firewall
 Time was when ZoneAlarm
ruled the roost for the free firewalls. Don’t get me wrong, it’s still a great
program and does a brilliant job, and you can’t argue with the price, but some
say that it has got a bit cumbersome over the years, and there have been one
or two glitches along the way. I’m not saying R-Firewall is going to be any better but
it’s another Free firewall, and like ZoneAlarm it is free. It’s also very
sophisticated with several features you won’t find elsewhere, and because of
that it looks a bit daunting, but don’t be put off, it’s worth getting to know,
and definitely worth trying if you don’t get on with ZA.
01/08/07
Recycle with
Freecycle
 With so much
attention focussed on recycling and carbon footprints I think it’s worth
reminding you of a web service called Freecycle.
Basically the idea is you give stuff away you no longer need to people who want
it. Rather than throw unwanted items away, to clutter up landfill, or mess
around with on-line auctions, simply let people in your area know that you have
an old fridge, bed, sofa, piano or whatever, and it’s free to anyone who wants
to come and pick it up. All it takes is a quick signup to your local group, and
you are ready to go. As a subscriber you can also post a message on Freecycle
for things that you want, it’s a great way to get rid of your old junk, and
maybe acquire some fresh ‘treasure’ and it won’t cost you a bean, or harm the
planet.
18/07/07
Remove those Rogues
 Have you ever been tempted to respond to a pop-up ad for free
software that promises to rid your PC of malware? Well don’t! Most of it is
rubbish or ‘scareware’ and it will almost certainly report lots of ‘false
positives’, and then offer to get rid of the nasties, when you cough up for the
full version of the program.
In you have been caught you may find it difficult to get rid
of the program and it will bug you endlessly. If so try RogueRemover; it seeks
out and eradicates these nasty pieces of work, and it won’t cost you a penny!
By the way, if you have any doubts about malware cleaner programs you can check
them out on the most excellent Spyware Warrior
website.
06/07/07
Squaring Up Against Malware
 As regular readers and visitors will know for the past few
years I have been recommending all PC users regularly scan their PCs with
malware cleaners like AdAware and
SpyBot, and more recently Windows
Defender. They are all free and can help to keep your computer free of the
little nasties that generate pop-up ads and spy on your web surfing activities.
Well now there’s a new kid on the block, called A-Squared
Free and like the old stalwarts it searches out and zaps infections, but
you have the option to put anything it finds into ‘quarantine’ first, so you
can check it out, just in case it is legitimate. It also scans the Registry for
traces but it doesn’t offer real-time protection. It is first and foremost a
removal tool so you should use it in conjunction with other cleaners or you can
upgrade to the more advanced, paid-for, A-Squared Anti-Malware 3, which wil
lset you back around £20.
27/06/07
Beware Wi-Fi HotSpot Scammers
 If you
take your Wi-Fi enabled laptop with you on your travels then, like me, you are
always on the lookout for a free Hotspot hook-up when hanging around at
airports, hotels or cafes. If you do your homework and visit sites like free-hotspot.com.
Before you go you should be able to find one. However, be on your guard if you
are casually trawling for a free connection, you could be opening up your PC
and its contents to a hacker.
Here’s how it works. A
crook with a Wi-Fi laptop sets up shop by hanging around a legitimate hotspot.
Their PC is logged on to the web and set up for Internet Connection Sharing.
Along comes our weary traveller and the Wi-Fi monitor on their PC flags up the bogus
connection as open and available. They think it is Christmas, click on it to
log on and bingo, the two PCs are linked by an ‘ad hoc’ or peer-to-peer
connection and the data on the victim’s laptop is exposed.
You can avoid it
happening to you by firstly avoiding suspiciously free hotspots, and secondly by
re-configuring Windows XP to only accept Infrastructure or Access Point
connections. To do that right-click on the Wireless Connection icon in the
System Tray (next to the clock) and select ‘View Available Networks’, now click
‘Change Advanced Settings and select the Wireless Networks tab then click the
Advanced button and make sure that ‘Access Point (Infrastructure) Networks Only’
is checked.
14/02/07
Rooting Out Zombies
 If you are a regular visitor to these pages you should know all about
the current epidemic of zombification. For those of you that missed it, this is
when a PC is hijacked and used with other PCs to spread Spam and viruses. Some
experts reckon that as much as 80 percent of Spam could be coming from zombie
PCs, working together in so-called ‘botnets’.
Some of these infections, which often hide in downloaded software
called a ‘rootkit’, are extremely devious and may not show up on a routine
anti-virus scan, so how can you tell if you have been infected? It’s not easy
but if you know your way around Windows a built-in utility called Netstat can
help, by displaying all of the attempts to use your PC’s network and Internet
connections. To fire it up go to Run on the Start menu and type ‘cmd’ (without
the quotes) and this opens a DOS-like window, at the flashing prompt type
‘netstat –an’ (again no quotes and the list of connections. It probably won’t
mean much to you but check the list of ‘Foreign’ IP addresses, as this is where
the rootkit infection will show its hand.
If you are not sure what to look for a free Microsoft utility called TCPView
provides a slightly more informative insight into what’s going on and if you
right-click on an item and select Properties it will tell you something about
the ‘Process’ and what program it belongs to, and if you don’t recognise the
name try Googling it.
28/01/07
Create Virtual Encrypted Drive
 It’s gradually sinking in
that we are all going to have to take computer security a lot more seriously.
Many of us now use our PCs to store huge amounts of personal information, bank
and credit card details and things we want to remain private. Firewalls and
security software helps keep out hackers and other types of intrusion, but what
would happen if someone stole your PC or laptop?
CryptoExpert 2007 Lite
keeps your data secure. It creates a virtual drive (or drives) on your PC,
which works just like a regular drive and anything you store in it is
automatically encrypted. If you want to open the file then you need to enter a
password.
06/12/06
AVG Anti-Spyware
 As regular readers will know I’m a
big fan of the freebie Spybot
and AdAware
malware cleaners and have been recommending them since they first appeared. Windows
Defender (nee Giant AntiSpyware) from Microsoft, also free, does a good job
and it’s going to be bundled with Vista. Well, to cut a long story short after
a couple of weeks of intensive testing I’m adding another cleaner to the list
and this one comes from our old friends at Grisoft, who are behind one of the
best free anti-virus programs AVG Free. It’s
called, appropriately enough AVG
Anti-Spyware. It does a bang-up job and if I tell you that it picked up no
less than 35 infected files, including one rather nasty Trojan, on a PC that
had just been scanned by another well-known cleaner (no names, no pack-drill),
then you can understand why I’m so impressed with it.
22/11/06
Is your PC Spying on You?
 Do you know what Windows or the
programs on are downloading or uploading right now? Hopefully it’s all quite
innocent, an update or a patch or some sort, though maybe your PC is passing on
information you would rather remain private but whatever it is doing wouldn’t
it be nice to have been asked before it made use of your Internet connection?
XP-AntiSpy
is a little freeware utility that lets you decide what things Windows can
download in the background. It’s easy
to configure and you can choose to switch off a range of function, including
some that may consider ‘suspicious’ or just plain nosey, like a facility that
lets websites identify your PC, you can disable error reporting, hide your PC
on a network and much more besides. All of the options are the sort of thing
you could do yourself, if you had the time and inclination to poke around the
Windows Registry and all changes are easily undone.
03/11/06
Save your Secrets
 We’ve all got secrets but one of the worst places to keep
them is on your computer. Anyone with access to your PC can get at the files it
contains, even if you’ve set up password protection there are readily available
ways and means to open, extract and read files without booting Windows, so what
can you do?
If you have to keep sensitive information on your PC the
only sure way to protect it is to encrypt it. Windows XP Pro has got built-in
file encryption but that doesn’t help XP Home users. Here’s something that
will, it’s a freeware utility called Cryptainer LE.
After installation it creates a secure container or ‘vault’ for your files on
the hard drive and any files that are dragged and dropped or copied into it are
encrypted, using a strong 128-but key. True, there are even more powerful
systems out there -- check out Cryptainer PE with 448-bit encryption -- but
it’s certainly good enough to defeat all but the most well equipped spooks with
supercomputers from breaking into your files
26/10/06
Rooting Out the Nasties
 You may not have heard of Rootkits yet, but you will. A
Rootkit is a set of tools, for creating a stealthy wrapper, for concealing
malware. The trouble is anti-virus programs and malware cleaners have trouble
detecting Rootkits, which means your PC could be infected by trojans,
keyloggers, sniffers and heaven knows what else. They’re fairly new and so far
the threat appears to be relatively low, and they’re not very good at
propagating but they are becoming more sophisticated so now would be a good
time to start keeping an eye on your PC. Sophos, the anti-virus people have
come up with a freeware Rootkit detector, called appropriately enough Anti-Rootkit
and you should download and run it as soon as possible, to see what’s lurking
on your system. If it finds anything suspicious it will tell you what it is,
where it is hiding and if possible, remove it for you.
29/09/06
Protecting Firefox Passwords
 The Firefox Password Manager is a useful facility and it
makes logging onto protected websites a doddle but it is not very secure.
Anyone using your PC can access your websites and see all of your saved
passwords without let or hindrance. To protect your security you should set a
password for the Password Manager and you, (and anyone else using your PC) will
be asked to enter the Master password at the first attempt to log on to a
password protected website. To set it up open Firefox then go to Tools >
Options and select the Privacy tab. Click Set Master Password and enter your
new password and a bargraph ‘Quality Meter’ shows how secure it is likely to be,
depending on length and complexity.
04/09/06
Free Storage, Leave That Laptop At Home
 The next time you go flying you might want to think twice
about taking your laptop with you, following the events of the past few weeks.
If a terrorist alert licks off while you are waiting to check in there’s a good
chance you laptop and all of your electronic goodies will end up going into the
hold, with no guarantee you’ll see it again at the other end.
Loosing a laptop could be a major problem, especially if it
contains a lot of personal, sensitive or irreplaceable data, and it may not be
covered by your travel insurance if it’s lost of damaged, so leave it behind.
If you need a laptop you can hire one at your destination;
take any data or files you’ll need on a flash drive or CD, or better still,
upload it to the web and then you can get at it on a borrowed or rented PC, or
in an Internet café. It needn’t cost you a bean, either. There’s 25Gb of free
online storage at Streamload,
no hidden fees, no credit card details, just sign up for an account and you can
send files up to 25Mb and download up to 1Gb of data a month.
30/08/06
Lock
Your PC with the Matrix
 There
are various secure and very sensible ways to lock your PC when you are away
from your desk but here’s one for fans of The Matrix. This small system tray
application, called Matrix Screen Locker is freeware and it does precisely that
stopping unauthorised use of your computer and at the same time displaying the
familiar screen-full of tumbling green characters. Stare at it long enough and
you really will believe you’re seeing things… Control of your PC in the ‘real
world’ is only possible when you enter the correct password, and no young Neo,
it can’t be defeated by pressing Ctrl + Alt + Del
14/07/07
Terrorists
and shady characters please look away because I am about to reveal a way of
concealing documents inside digital photographs. It’s a technique known as
Steganography. The idea is as old as the hills; secret messages have been
tucked away inside familiar objects for centuries and this modern twist hides
text in JPEG files. It’s a good way of hiding passwords and PIN numbers on your
PC or you could use it if you’re travelling, to send a personal or private
message in an email picture attachment.
All
you need is a little freeware utility called JP Hide And Seek (JPHS) and the clever bit
is the image doesn’t look any different and the file size is virtually unchanged.
The hidden message is also encrypted and password protected so the chances of
anyone finding it let along reading it is virtually zero.
06/07/06
PUT
YOUR ANTISPYWARE TO THE TEST
How well is your security
software protecting you? Usually the only time you’ll find out is when it
detects an attack, or afterwards, when something has got through. A group of
researchers called Intelguardians decided to put anti spyware tools to the test
by designing a series of small and benign programs that attempt to probe a PCs
defences. Each of the 20 or Spycar checks has
to be carried out manually, by downloading a small file and clicking OK, at
which point the program tries to install a Registry key, a piece of code, or
change a setting. At the end of the tests you download a utility called
TowTruck, which displays the score and resets any changes that may have been
made. It’s difficult to say how meaningful the results are and how they relate
to real-world situations, but a couple of programs we’ve been using for a while
failed miserably so f nothing else it has prompted us to carry out a security
review.
27/06/06
FLASH PROTECTION
We’re all using USB flash drives
these days, and very handy they are too, for transferring data from one PC to
another. But the next time you plug your drive into someone else’s PC just ask
yourself, how clean is it? The ease with which you can move data around also
makes it easy for viruses and malware to hitch a ride on your flash drive and
back into your PC. The first thing you should find out when copying data
onto your drive is whether or not the PC you are connecting to has anti-virus
protection, you will be surprised how many don’t. One solution is to carry some
protection with you, the freeware anti-virus scanner AntiVir can be run from a
flash drive and it only takes up around 30Mb of space, which is nothing in
these days of 1 and 2Gb drives. Select the Customise option during installation
to load the program onto your flash drive, and you can run it from the
Avcentre.exe file; to set up an immediate scan simply set one up from the
Schedule tab and if there’s an Internet Connection available make sure you
download the latest updates.
TRAVELS WITH MY DIGICAM
A couple of years ago, whilst on an overseas trip a digital camera
containing scores of irreplaceable images was stolen from my hotel room. Now
I’m slightly paranoid about losing another one and I make sure it’s safely
locked up when I’m not carrying it, with the memory card stored separately from
the camera, but my biggest fear is the safety of the images. They only exist on
the camera’s memory card, so now at the end of every day I download new
pictures to my laptop’s hard drive, and make a second copy on a USB flash
drive, which I keep with me on a key ring. On my most recent trip I also
uploaded several images to my personal web space and sent some prints to friends using
TruPrint’s on-line digital printing service. They were delivered within 48
hours -- well before my return -- and at 10 pence each (plus 99 pence postage)
were a good deal faster and only marginally dearer than sending postcards.
GET
READY FOR THE 2038 BUG
Here's a quick heads-up for a potentially nasty little computer bug that could ruin
your day on January 19th 2038… This one will only affect computers based on the
Unix operating system, which includes some versions of Linux, and Windows 2000
machines running exotic applications may also be affected. The bug is similar
to the notorious Y2K bug in that vulnerable computers will register the time
and date incorrectly when the bug strikes. It’s all to do with the way Unix
computers work out time. Instead of relying on an in built calendar they count
seconds from the notional date the system was conceived, at GMT 00:00:00, on
Thursday, January 1st, 1970, and like a car’s odometer going round the clock,
on bug day it will run out of digits and the counter will roll over and
probably reset to January 1st 1901 or another equally invalid date.
HOW
SAFE IS YOUR WI-FI NETWORK?
One
way to find out is to switch off your router and launch your Wi-Fi
configuration utility. This should have signal strength or ‘Site Manager’
options that will display all of the wireless networks and devices in your immediate vicinity.
If any show up bear in mind that if you can pick up their
signals, they can pick up yours…
In
the early days Wi-Fi security wasn’t such a big issue and the chances of your
network being hacked into, even if you hadn’t enabled WEP encryption, was
fairly small, but now the world and his wife has got Wi-Fi and there is a
good chance that one or more of your neighbours has installed a system, which
could be a problem, for you and for them.
Your Wi-Fi monitor should tell you if your neighbour’s systems are encrypted or not; if you find one that it is open then you should alert them immediately. You can usually tell how close they are to you from the signal strength reading.
Even though you have enabled
the strongest WEP encryption your system supports (and you have switched it on, haven’t you…). Be aware that WEP is not infallible and
it is worth changing the key every few months. I am sure that your neighbours
are decent, honest people, nevertheless do not enable file sharing on any more
folders than are strictly necessary, never share a whole drive and pop along to My Network Places in Windows Explorer every so
often, to make sure that all of the PCs listed as being present on your network
are known to you.
PROTECT YOUR PC
It’s all very well setting
up accounts and passwords on your computer but as you may know there are ways
and means to hack into files and folders once Windows is up and running. If you
are concerned about the security of your PC, particularly if you are using a
laptop, then you should enable the PIN or password facility in your PC’s BIOS
program. Once set this will prevent the machine from booting up by any means,
including boot discs and USB devices. To switch on BIOS security you will need
to enter the setup program that starts immediately after switch on. On most
machines you’ll see a fleeting message that says something like ‘To enter Setup
press Delete’ or a combination of keys, otherwise consult the manual. Once the
BIOS opens the security options menu is usually clearly displayed. If you use
it take good care of your PIN as BIOS security can be extremely tough to crack!
PASSWORD OR PASSPHRASE
How safe are your passwords? Most of us do precisely
the wrong thing and use familiar and easily remembered words and names that a
hacker, or someone who knows you could probably guess. It’s also a mistake to
use any word that appears in an English or foreign dictionary because there
are lots of 'brute force' password cracking programs that simply plough through
hundreds of thousands of common names and words in the hope they'll get lucky.
The
ideal password
should consist of a random mixture of numbers and characters, upper and
lower
case -- the more the better -- and changed regularly, but how on earth
are you
supposed to remember something like ‘K9xp5G49au9’? The answer is you
can't, but
there’s an easily memorised alternative and that’s a 'Passphrase', a
simple
three or four word combination -- preferably meaningless -- that can’t
be
easily guessed, or cracked. Something like ‘cat ties knot’
would be very
difficult for a hacker or software to
crack, and the spaces between the words make it even more impenetrable,
but you should avoid well known phrases or sayings, like 'To be
or not to be’.
SPYWARE BEWARE
There are now a
staggeringly large number of free and paid-for adware and spyware clean-up
tools and websites. Some of them are promoted through pop-up windows on web
pages that suggest your PC may be at risk by displaying ‘hidden’ information
about your computer that the web site has apparently managed to extract. In
most cases these are scams, intended to scare you and the details shown are
quite routinely made available by your browser (type of browser, PC operating
system etc.) and do not represent any threat to your PC’s security. Some
commercial programs do work well, and we’ve included a couple of them this
week, but most should be avoided. At best they don’t work as well as Spybot or
AdAware (see last week’s Boot Camp) but a significant number of them generate
false reports and some of them deliberately infect your PC with spyware and
adware, or worse, so beware! If you are concerned that you might have visited a
dodgy site or downloaded a suspicious program then check them against a list of
rogue products and suspect antispyware sites at: www.spywarewarrior.com/rogue_anti-spyware.htm
SCAM REPORTS
In an ideal world there
would be a mechanism for putting an end to scam emails but since most of those
responsible operate overseas and use anonymous email addresses they are beyond
the reach of the UK authorities. Email blocking and spam filtering software can
help to reduce the flow but in the end only way it will stop is when people
stop responding to them.
Various UK organisations
keep a close watch on Internet fraud and if you are a victim or the target of a
scammer then you can make a report to the SD6 Economic and Specialist Crime OCU
(Organised Crime Unit). Its telephone number and email address can be found on
the Metropolitan Police Fraud Alert website at: www.met.police.uk/fraudalert/index.htm.
Other useful sources of information include the National Hitech Crime Unit:
www.nhtcu.org/nqcontent.cfm?a_id=12347,
Home Office Internet Crime department: www.homeoffice.gov.uk/crime/internetcrime/
and the Internet Watch Foundation: www.iwf.org.uk/
ROGUE DIALLERS
Premium Rate diallers work
by forcing the PC to dial up expensive premium rate lines. The good news is
that they do not work on broadband connections, however, if you have recently
switched from dial-up to broadband you should disconnect the phone cable from
your PC’s modem. If you have a dial-up connection you should constantly monitor
your PC to make sure that it doesn’t log onto the Internet without your say so,
and you should ask BT or your phone provider to put a block on premium rate
numbers.
INSTALL A FIREWALL
If you are new to broadband
then you must upgrade the security of your computer as the ‘always-on’
connection greatly increases the risks of virus infection and hacking. A good
quality virus scanner is absolutely essential and you should install a firewall
program that monitors all incoming and outgoing connections. The firewall
included in Windows XP is not adequate as it only checks incoming connections
and wouldn’t prevent a Trojan or spyware program hijacking your files and
sending data from your PC. (An upgrade of the XP firewall is planned for later
this year).
SPOOF TESTER
There’s a quick and easy to
use spoof ‘tester’ at: www.secunia.com/internet_explorer_address_bar_spoofing_test/
You will probably find that
Internet Explorer fails the test miserably and at the time of writing Microsoft
had yet to release a patch. There several third-party fixes floating around the
Internet but at least one of them contains adware components. My preferred
solution is to change to a spoof-proof browser, like Avant Browser. It is
freeware and has many useful extras, including a built-in pop-up stopper and
tabbed windows; it can be downloaded from: www.avantbrowser.com/
POWER CUT PROTECTION
Considering the cost of a
PC and the value of the data most of them contain it is a false economy not to
install an Uninterruptible Power Supply or UPS between your mains socket and the computer. They are not expensive, prices start at around £30 but the wrong type can be almost as bad as having no protection
at all. UPS devices are normally rated by capacity, stated in volt-amperes or
‘VA’. Heavy duty models, for network servers and systems may be rated at
upwards of 2000VA but for a single desktop PC and monitor a UPS rated between
300 to 500VA will normally be able to provide between 10 and 15 minutes worth
of power. Many recent UPS have software that in the event of power cut will automatically save all of your data to disc before shutting the PC down.
HIDE FILES
Sometimes you might want
to make certain files on your computer inaccessible, especially if you share
your PC with others. There are plenty of password protection and encryption programs
available for download, but sometimes the simplest solutions are the best. One
easy way to protect a sensitive file is to rename it, and bury it deep inside
Windows, or another unrelated application. Simply open Windows Explorer,
right-click on the file and give it a new name with a fictitious three-letter
extension – your initials perhaps -- then drag and drop it into a folder. Make
sure you remember where you put it and check that you’re not using a genuine
file type with the extension search engine at:
http://extsearch.com/
|
|
|
