|
PCs Save The Planet
 I am sure that you are
doing your bit to help save the planet, driving less often, switching things
off when they are not being used, recycling and so on but have you ever
wondered how much energy your PC is wasting? Wonder no longer, and maybe save
yourself a few pounds with a freeware application called Granola. It’s an energy saving utility that
promises to cut your PCs consumption, but without sacrificing performance or
usability. It works by using the DVFS (Dynamic Voltage and Frequency Settings)
feature in most PCs under 5 years old, basically by taking control of the CPU,
running it at full speed when it’s working hard, but throttling it right back
when it is idle or engaged on undemanding tasks. It might not sound much but
the developers reckon it could knock over £30.00 a year off your electricity
bill, reduce your carbon footprint by more than over 200kg of CO2 and improve a
laptop’s running time by around 15%. Users are also encouraged to sign up for
an online account and add their energy saving contribution to the Granola
community. It’s free, it might even save you a few bob, so what have you got to
lose?
09/08/10
AdAware Up the Stakes
 AdAware was one of the
first free anti malware programs and it continues to do a good job though it
has been rather overshadowed of late by flashier and more refined freeware
offerings, like Microsoft’s Security Essentials. So rather than throw in the
towel they’ve made it faster and the new improved AdAware Free has extra
features, including a ‘core’ virus scanner, real time protection, new rootkit and
malware removal tools, it also has a scheduler and a download guard
specifically for Internet Explorer. Mind you, it’s also got a lot bigger and
the download is a whopping 122Mb, so don’t try it on a dial-up connection…
15/07/10
Hunt Down the Hijackers
 No, it’s not just another
malware cleaner, HiJackFree
from Emsisoft is a really powerful tool that shows you clearly what is running
on your computer, the good and the bad stuff, tells you exactly what it is and
what it is doing, and most importantly, lets you stop it or remove it if its
not supposed to be there, or causing problems. HiJackFree monitors all running processes
and associated modules, control all Services, you can view all open ports,
manage LSPs (layered Service Providers) and control all Explorer and browser plug-ins
and manage all of your autoruns. Maybe it’s not for absolute beginners but it’s
easy to use and understand and if you suspect your PC has been infiltrated this
is one weapon you definitely want to have in your armoury.
28/06/10
Senf and Sensibility
 Senf is an unlikely sounding
name for a security tool but if you deconstruct it you come up with SEnsitive
Number Finder and that pretty well sums it up. When this freeware application
is running it scans your PC looking for the files and folders that may contain
private and personal numbers that you wouldn’t want to fall into the wrong
hands. In particular it looks for credit card and social security numbers and
so on. It’s not terribly smart, and not as discriminating as Identity
Finder, which we looked at a while back so expect it to throw up a lot of irrelevant
hits but it is thorough and there’s always the chance it discover a long-forgotten
file that you would rather not have hanging around on your system.
10/06/10
Safer Sticks
 It seems that every week or
two there’s a story in the press about some idiot loosing a USB flash drive
full of state secrets or thousands of personal records. It shouldn’t happen,
and it doesn’t have to, flash drives will inevitably get lost or left lying
around but the data they contain can be easily made inaccessible by encryption.
That’s where a free utility called USB Safeguard
comes in, simply load it on your drive and you can opt to encrypt the whole
drive, selected files, or shred the lot. The program is really easy to use; it
asks to nominate and confirm a password, which it helpfully offers to store on
you PC, then all you have to do is click the button to encrypt the whole drive,
or drag and drop the files or folders you want to protect. Decryption is
equally straightforward, just pop the drive into your PC, you will then be
asked for the password and to select the files or folders that you want to
unscramble.
06/05/10
Predatory Protection
 Here’s a brilliantly simple
way to protect your PC when you are away from your desk or office. It’s called Predator
and it works a bit like an old style security dongle. The idea is that once the
program has been installed a ‘key’ is loaded onto a USB flash drive. When the
drive is removed the screen blanks, the keyboard and mouse are disabled and the
PC is safe from interference. When you come back just pop in the drive and
enter the optional PIN code and Windows is up and running again. It’s foolproof;
well almost, just don’t lose your key…
29/03/10
Tinkering With Passwords
 I am sure that I don’t have
to remind you how important it is to create really strong passwords if you are
going to do your banking and buying online. It’s no good just using the kids or
pets names and don’t commit the cardinal sin of using the same passwords or
PINs for everything. Yes, I know it’s difficult to remember them all, but it’s
really important, so here’s an easy way to create a strong password, and
recover it if you forget. It’s called WinTinker Easy Password
Generator and this is how it works. You enter your easy to remember
password into the box and the program (downloadable Windows and on-line
version available) jumbles it up and substitutes characters, making it
practically unguessable, though just slightly recognisable. If you forget it
just go back to the program and tap in your memorable password and it will be
recreated.
11/03/10
Avast! 5.0 Me Hearties
 ‘Tis the season for updates
and the latest old favourite to get a makeover is Avast!, one of my favourite
anti-virus packages. Avast!
Free 5.0 is the new version and it is faster and lighter on resources than
previous incarnations. Highlights include a new Behavioural Shield and Code
Emulator features, which look for suspicious activity that may not be covered
by current virus and malware signature libraries. There’s also a new, easier to
navigate interface, you can switch off the annoying voice using the new
Silent/Gaming mode and if you like what you find, you can upgrade to the
paid-for Pro version which has, amongst other things, a new Sandbox facility
that keeps tricky programs and dodgy downloads in quarantine until they can be
checked out.
21/01/10
Devious Drives
 Here’s a useful little privacy
tool for those who want to keep files and folders on their PC safe from prying
eyes. It’s called NoDrives
Manager and the idea is very simple; using a spot of Registry editing it
makes one or more drives attached to your PC completely invisible to Windows
Explorer and all of your programs. In fact they are still there, but only you
know that, and they can still be accessed as normal but you’ll have to manually
enter the drive letter, path and file name. If you want them back them to
reappear all you have to do is fire up the program and enter your password.
04/01/10
Total Protection
 How
safe is that file that you have just downloaded? Hopefully if it contains any
viruses or malicious content your security program will pick it up, but there’s
always a chance that something new might slip through the net, so what can you
do? Here’s one solution, download a little utility called Virus Total Uploader. It
installs as a Context Menu item, which basically means that when you right
click on a file in Windows Explorer then go to Send To, and you’ll see it on the
list. All you have to do is click on the Virus Total icon and it uploads the
file to an online file checker, which scans it for nasties. If the file has
been checked before you, and it passes the test, you’ll get the OK in just a
few moments, if it’s something it hasn’t seen before it may take a few minutes,
and if it gets a clean bill of health you can go ahead and open, use or install
it. It doesn’t claim to be infallible but if all you want a quick and simple health
check on an unknown file, this is certainly worth trying.
17/12/09
See Your Key
 Several times, when I’ve been asked to solve a problem or
help setup a friend or relative’s Wi-Fi system or laptop I’ve fallen at the
final hurdle when I get to the point when I have to enter WEP or WPA encryption
key. Either it’s been thrown away, with the box that the router came in, or the
piece of paper it was written down on has been lost. Yes, I know most routers
can be reset to the factory defaults without too many problems but it can be a
messy business if there’s more than one PC on the network. Here’s a way to
extract the WEP/WPA keys that are stored on a computer, it’s called WirelessKeyView and
it recovers all of the keys stored by the Windows Zero Configuration service.
You can then save them to a text, html or xml file, so they won’t go missing
again!
19/11/09
Lockdown Your Laptop
 Here’s an interesting way to protect the security of your
laptop. LAlarm is a small
program that monitors your PC, sounding an alarm or sending you a email or SMS
alert if it is stolen, tampered with or moved from its normal area of
operation. The theft alarm senses if a USB memory stick or the power lead is
removed, the perimeter alarm checks the user’s IP address so if it is connected
to another network, wirelessly or by cable, it sounds an alarm or sends an
alert. You can also program a variety of responses to an alarm, like enabling
the webcam, to record an image of the thief and automatically destroy sensitive
data on the hard drive if it is stolen. It’s a clever idea, ideal for business
users and students, and a lot less cumbersome (though obviously not as secure),
as wire and cable locks that tether the PC to an immovable object.
04/010/09
Free Virus Protection from Microsoft goes Live
 As reported earlier this year Microsoft’s very own free anti
virus program, Security
Essentials, has now finished its beta trials and is ready for download. The
finished version doesn’t look significantly different from the beta but behind
the scenes a various bugs and quirks have been fixed. First impressions are
very good, it’s reasonably fast, unobtrusive and doesn’t hog resources and
according to the experts provides a high degree of protection. Only time will
tell if there are any gaps in it defences but if you’re a reasonably low risk
user (you avoid dodgy websites, pirate downloads and opening unexpected
attachments), and you’re unhappy with your present anti-virus program then it’s
worth giving it a whirl. Incidentally, despite warnings about not getting along
with other AV programs it didn’t seem to mind sharing disc space with Avast!
and AVG on our test machines.
01/10/09
Big Red Boss Button
 Uh oh, watch out, here comes the boss and you’re busy updating
your Facebook profile. Fear not, just click the ‘Don’t Panic’ button on your
desktop and the offending apps are quickly and discretely hidden from view,
from the Task Manager as well, if you’re really paranoid (or you have a really
tech savvy boss…). Don’t
Panic is a highly configurable ‘Boss Key’ program that hides selected
applications at the click of a mouse or press of a keyboard shortcut, of course
I can’t condone it’s use, you should be working, but we’ll let it slide for
those very rare occasions when you do a spot of private surfing on company time,
it could just keep you out of trouble.
28/09/09
Hard Times for Hard Drives
 Now that many of us are using external hard drives, or
internal slaves, and disposing of old PCs, the problem of how to ensure
security and safely remove personal data from those drives is becoming ever
more important. There are plenty of programs that provide the nuclear option,
of destroying all of the data on a drive or PC, but what if you just want to
erase one drive or one partition? That’s not so easy, and what if you
absolutely, positively have to make sure that all the data you’re destroying is
completely beyond recovery? Needless to say it can be done, and here’s how. It’s
a freeware program called Hard Drive
Eraser. It’s easy to use, just tell it which drive or partition you want to
zap, choose which of the four powerful shredding algorithms you want to use, (DoD,
US Army, Write Zeros or Peter Guttman – the later for the terminally paranoid),
then let it get on with the job.
21/09/09
Warning! New Microsoft Update Email Trojan
 Microsoft never sends out updates by email so you should
instantly bin this latest threat, which has been doing the rounds over the last
24 hours, I’ve already had about 50 of them sent to me. It’s really easy to
spot, the Subject line says ‘Critical Update for Microsoft Outlook and if you
open it, it says: Update for
Microsoft Outlook / Outlook Express (KB910721). Obviously it’s
nothing of the sort though it looks very plausible and has none of the usual
clumsy spelling and grammatical errors. If you click on the link you will be
taken to a spoof website and instantly download a nasty Trojan, though there
are some reports suggesting that the payload may have changed in the past 12
hours. Either way don’t open it and do not on any account click on the link,
and at the risk of repeating myself, remember that, Microsoft never sends out
updates for Windows by email.
24/06/09
Identify Yourself
 I’ve been wittering on about privacy and security for years
with scare stories about hackers and identity theft but have you ever wondered
what, exactly, there is on your computer that could be useful to a fraudster?
You probably have no idea, it could be anything from PINs and passwords to
credit card details, your date of birth, bank and credit card numbers, passport
and National Insurance info, the list goes on and it’s all useful stuff to felons
but the point is, without knowing what’s on your PC, you don’t know how much of
your identity is being exposed. That’s where Identity Finder comes in, it will show
you, in just a few seconds, what information is on your drive, and if you feel
it is too much of a risk, you can make it go away by shredding it, or protect it
by encrypting it.
11/06/09
Laptop Locator
 What would happen if your laptop went missing or was stolen?
In all likelihood that would be the last you’d ever see or hear of it again,
but maybe not. If a freeware application called Prey was installed there’s a fair
chance that it might be able to call home, possibly to let you know where it
was, or maybe send you a photograph of the thief. Prey is a simple program that
runs silently in the background. It builds up a detailed picture of its
whereabouts, the status of the computer, running programs and connections plus
information about the network it is connected to. It also takes a snapshot of
the desktop, and if it has a built-in webcam, it records and image of whoever
is using it. The first time it is is able it connects to an network or wi-fi
hotspot and sends this data back to a website or email address that you
specify. Needless to say, one of the
first things a thief will do is format the drive, but there’s a chance that
before they do they will have a poke around to see if there’s any valuable
personal data on the machine, and that could give Prey enough time to send back
the evidence that might help you to recover your property. It's available for WIndows, Mac and Linux, unfortunately the Windows version hasn't been translated into English yet, but it's all pretty obvious.
08/06/09
A Meaner Cleaner
 At the risk of being accused of obsessive-compusive
behaviour, here’s yet another cleaner utility that removes all the bits and
pieces on your PC that can compromise your privacy. It’s called FCleaner and so
far I’m impressed! We are of course talking about all of the data your PC keeps
about what you get up to. There’s the obvious stuff, like Internet History,
cookies and of course the notorious secret and hidden Index.dat files. FCleaner goes much further, though and it
also empties the Recycle Bin, Clipboard, Memory Dumps, Chkdsk file fragments,
temporary files, log files, Recent Documents, Run Histories, old Prefetch data,
Explorer MRUs and much more, In IE it removes the cache, cookies, history, auto
saved form info, download folder, types URLs, not to mention index dat. It also
scours and wipes clean Firefox, Opera, Safari, Chrome and the log files in a
host of popular applications. And as if that wasn’t enough there’s also a
Startup manager, an uninstaller, and a very useful selection of tools. It’s
powerful. So use it with care and only go into the Advanced section if you know
what you are doing. Definitely worth your serious consideration if you want to
keep your doings private and your PC clean!
04/06/09
Wipe Yourself Clean
 As you may know I am concerned about PC privacy and I’ve
been banging on for years about the secret and protected log files in your
computer that record just about everything that you do. To that end I’ve
recommended a succession of programs that erase these sneaky files, starting
with the groundbreaking Spider, which first appeared almost ten years ago.
Sadly Spider couldn’t make the transition form Windows 98 to XP so for the past
few years the job has fallen to the excellent Crap Cleaner (CCleaner) and it
still does an excellent job, but here’s a new cleaner for you to try, it’s
called Wipe and
very good it is too. It really gets into all of the little nooks and crannies, clearing
out scores of pieces of personal data that Windows and your applications leave
behind, including, of course, the notorious index.dat files. It’s highly
configurable and very thorough so do check what you are deleting. If you want
to keep yourself to yourself this one is definitely worth investigating!
18/05/09
Conflicker Checker
 Contrary to some of the stories circulating in the more
excitable sections of the media millions of PCs didn’t suddenly blow up
following the much-anticipated reactivation of the Conflicker C virus on April
1st. In fact, at the time of writing nothing much seemed to have happened and
the world moved on to more important matters. Nevertheless, this virus, and its
ilk do present an ongoing threat, especially for PC owners who do not keep
their security software and Windows Updates current. By the way, if you have
any concerns about Conflicker C and malware in general and you think your PC
may be infected I wouldn’t ask Google. I typed in ‘Conflicker C Removal’ a
couple of days ago and the first three hits all led to websites carrying the virus!
If you have been lax with your security updates then your
best bet is to download the free Microsoft
Malicious Software Removal Tool, which scans your PC for Conflicker and a
raft of other nasties, but in the end the best way to avoid becoming infected
is to install a decent anti-virus program and regularly sweep your PC with
cleaners like AdAware,
A-Squared and Spybot.
02/04/09
Scupper the Snoopers
 I am sure that you know that Windows spies on you, but in
case you’ve missed my many warnings over the years, you may be interested to
learn that your PC keeps a record of every website you’ve ever visited, from
the day you switched it on, in secret, hidden and protected files called
index.dat. We’ve looked at several free utilities that can clear these files,
and I’m happy to continue to recommend the excellent CCleaner
as the most comprehensive privacy tool available, but there’s a new kid on the
block. It’s called Index.dat
Analyzer, and its main selling point is that it lets you see what’s in your
index.dat files, with details of the web address, plus times and dates and it
allows you to selectively delete what you find there, just in case there’s
something you want to keep. It’s simple to use and of course, completely free.
05/01/09
IE Vulnerability, Emergency Patch
 Just days after a new security loophole in Internet Explorer
was published on a Chinese website the hackers and crackers set to work and to
date thousands of websites have been compromised. Just by visiting the site
(using IE) you can download a Trojan and other nasties, which are designed to
steal online game passwords but the payload is changing all the time. The
vulnerability is in an IE dynamic link library (dll) file called oledb32 and
Microsoft is rushing out a patch, which it started releasing last night.
The
chances of UK web users copping an unfortunate one are pretty slim (unless you visit a lot
of Far Eastern porn or gaming sites) but you might want to switch to Firefox
for a while, until the fuss dies down. If you don’t receive MS updates, or you
want to keep your PC safe then you can download a temporary emergency fix from
Prevx: http://www.prevx.com/ie7.asp,
which unregisters oledb32.dll. It shouldn’t make any difference to most sites
but you can use it to re-register the file when everything settles down or after
you’ve installed the patch
18/12/08
Unforgettable USB Drive
 If the media is to be believed Government employees are a
forgetful lot, losing laptops and leaving CDs and USB drives containing
sensitive data all over the place. It’s easily done; though and short of
chaining a USB drive to your wrist sooner or later you are going to
inadvertently leave one plugged into a PC. Here’s a simple little freeware
program that might help jog your memory. It’s called Flash Drive Reminder and all you
have to do is download the zip, extract it and copy a couple of small files to
your drive. In fact there are two versions, Standard displays a reminder
message when you plug the drive into a PC, and another when you log off or shut
down the PC; the Quiet version just displays the logoff and shutdown messages.
11/12/08
Destroy After Reading
 How often have you wanted to say that? Oh well, maybe it’s
just me but here’s something for budding secret agents, or anyone who want to
send someone a private message that can only be read once, after which it will
automatically self-destruct. It’s called Privnote
and the idea is you write your message in the box provided, click the Create
button and it generates a one-time URL or web address. You send this to the
recipient, they visit the site, read the message and when they close the
browser window it’s gone forever (unless they copy the message). The URL only
works once, so they (or anyone else) cannot go back and view it again. And
there’s one last trick, if you enter your email address it will automatically
notify you when the message has been read.
24/11/08
Crackdown on Clickjacking
 A new, or rather a newly revised threat may be coming to a
browser near you. It’s called Clickjacking and it can affect all browsers. It
first appeared a few years ago but little was heard of it after the first
warnings. It looks like it might be back though the threat level is still quite
low at the moment but these things can quickly spiral out of control. Here’s
how it works. If a hacker can get access to a website they can fiddle with
buttons and graphics so that if you click on what appears to be a legitimate
link what actually happens is you are directed to a phoney or fake site where
you unwittingly enter personal details, or in a worse case scenario, clicking
the link downloads malicious software onto your PC. Of course the same kind of
thing can be found on less reputable websites.
Microsoft and Mozilla have released fixes in the past but
there is a way to stop clickjacking in its tracks, on Firefox at least, and
that’s to install an add-on called No-Script.
This creates a white list of trusted sites by blocking any attempt to run an
unapproved or suspicious script within a web page. If the site is blocked by
NoScript all you have to do is click on the ‘S’ logo that appears in the bottom
left hand corner and decide whether to allow the page to load. It’s a bit of a
chore, but if you take security seriously, or you visit the odd dodgy website
then it will give you some extra peace of mind.
20/10/08
One Click Encrypt
 We are all concerned
about privacy and security but relatively few PC users actually ever get around
to doing something about it. Now there’s no excuse, a small freeware utility
called EncryptOnClick
can encrypt any file on your PC in just a second or two. Just open the program
and select the file, tap in your password or PIN and its done. The file is
compressed and scrambled using strong 256-bit AES encryption, which will keep
most nosey parkers at bay. The program is small, under 4Mb, and it fits easily
on a USB pen drive, so you can protect your files when you are on the move.
31/07/08
Double-Quick Data
Destruction
 If you sell or
otherwise dispose of your computer you must delete all of the data it contains.
This is vitally important, not just from a security standpoint, but it’s also
technically illegal to sell on a PC with Windows and many commercial programs installed unless you also
transfer the licences, though this is almost impossible to do.
Active
KillDisk remains my favourite method for deleting the data on a drive, but
here’s a new one, called Darik’s Boot
and Nuke, and this program really lives up to it’s name! Just boot the PC
using a CD, DVD, pen drive or floppy and it totally destroys all of the data on
every drive it finds. UI suspect this will be of interest to anyone who needs
to lose a lot of data in a hurry, when the authorities come a-knocking but it has
plenty of entirely respectable applications, particularly for anyone selling or
recycling a computer. Just be careful how you use it, there’s no going back
once it has started…
24/07/08
New AVG Annoyance
 It’s hard to get too
upset with AVG, after all they have been providing us with top-notch virus
protection for free these last few years, but the release of AVG version 8 has
annoyed a lot of otherwise loyal users. Over the last few weeks popups have
been appearing that appear to suggest that AVG was no longer free and to stay
protected you had to upgrade to a paid-for version. The fact is AVG 8 is still
free for personal use, but of course AVG would rather you purchased the better-specified
commercial version – well, you can’t blame them for trying. For the record the
free version can be downloaded from http://free.avg.com
The latest problem
is a component in AVG 8, called Link Scanner, which has been driving some
website owners potty. The idea is when you do a web search it pre-checks all of
the links, looking for malicious sites. The trouble is websites get bombarded
with fake hits from PCs running AVG 8, clogging up the web with pointless and
wasteful traffic. Some users also suggest that the Link Scanners slows their PC
down, which could well be the case on older machines.
Anyway, you can
disable Link Scanner from AVG’s Control Panel, but this slaps an ugly red
exclamation mark over the AVG icon in the System Tray. The simpler solution is
to go back to AVG website and download the program again. Run the installer,
follow the prompts and this time you will see a Select Startup Type window.
Check Add or Remove components, click Next and a few clicks later Component
Selection appears. Uncheck Link Scanner, click Next and finish the
installation. When you next open the Control Panel Link Scanner will be no
more.
10/07/08
Clever One-Click Clean
Up
 As I am sure you
know I have been waffling on for years about how your PC monitors your web
surfing activities and logs every website you’ve ever visited, from the day you
switched it on, in a hidden and protected file called index.dat. Regular
readers may also recall a couple of utilities I’ve been recommending to wipe
these files. Back n the days of Widows 98 my cleaner of choice was Spider,
sadly it was never updated for XP but then along came Crap Cleaner – CCleaner,
as it is now known – which does a brilliant job. Now we have a new utility that
works with CCleaner, called Click&Clean,.
Basically it lets you put a quick-launch icon – appropriately enough a toilet
roll – on your Internet Explorer or Firefox toolbar. You need to have CCleaner installed on your PC first, and the new icon has to be
added manually, so don’t forget to read the instructions. One click and it
launches CCleaner and your tracks are covered.
I see only one small
problem and that is the browser has to be closed in order for CCleaner to work,
so the trick is to remember to click the toilet roll just before you exit your
browser.
03/07/08
Bird Passes The Word
 I don’t know about you but I’m always struggling to think up
new passwords for websites and the myriad of other things I need to gain access
to these days. As we all know using simple words, such as names and places for
passwords is just asking for trouble as they can be easily guessed by someone who
knows you, or about you, or cracked using ‘brute force’ dictionary methods, so
here’s something else to try. It’s called Password
Bird and all you have to do is enter a special name, special word and a
special date and from that it creates a good quality random-looking alphanumeric
password, but made up from bits of your special words and numbers, which should
make it a little easier to remember
23/06/08
Keep It Clean!
 We all know that when you use a PC you leave a trail, half a mile
long, in ‘log’ and ‘dat’ files and Registry entries detailing everything you’ve
been doing, from the files and programs you’ve opened, to the websites you’ve
visited. It’s no small concern as it can include sensitive and personal
information, like passwords and PINs for example. It’s not too difficult to
keep your own PC’s record keeping in check, with a free utility like
CrapCleaner (see Software section) but what happens when you’ve been using
someone else’s computer?
This little program, called CleanAfterMe is
what you need to tidy up after you. It’s a small freeware application that you
can keep handy on a USB memory stick and when you run it you have the option to
delete all of the data and changes you may have left behind during the session.
If you are a regular user of other people’s computers and value you privacy and
security then don’t leave home without this really handy utility.
19/06/08
Rooting Out Rootkits
 We’ve spoken about Rootkits
before, they’re nasty little pieces of malware that can open up your PC to
hackers, but are also really difficult to detect and eliminate because they
hide inside legitimate applications and files. McAfee, the anti-virus people
have come up with a new Rootkit removal tool, called Rootkit Detective. It’s
still in its pre-release beta version but it seems stable enough and compared
with other Rootkit removal tools we’ve tried, it’s blindingly fast. Although it
didn’t find any infections on our office PCs it did flag up a few files,
belonging to uninstalled applications, that shouldn’t be there, so it’s definitely
worth a try, especially if you have any concerns about the security of your PC.
29/05/08
Home is where the Webcam is
 There have been a number of well-publicised cases of home-owners with
security camera setups, spotting villains breaking in to their houses on their
laptops while they were on holiday. In most cases this involved the use of some
pretty fancy kit, but here’s a simple, and so far free system that can do
exactly the same job, without the need for any expensive hardware or software.
It’s called Home Camera and all you
have to do is download a small piece of software, hook up your USB webcam, and
you can monitor the image from up to 4 cameras anywhere on the world on any PC
running a standard web browser. If your camera supports motion detection it can
send you an email alert and an image to your mobile phone. Home Camera is still
undergoing Beta testing, which is why it is free, but when the service begins
in August it will still only cost around £8.00 a year, and anyone who signs up
for the beta trial is promised a good discount.
25/05/08
Laptops Aloud
 It’s not long until the holiday season begins and with the widespread
availability of Wi-Fi in hotels and airports, and Wireless Hotspots all over
the place I’m guessing that a lot of you will be taking your laptop with you on
your travels this year. The only trouble is they’re so nickable, all it takes
is a momentary distraction, and it’s gone. Well, this little freeware utility
isn’t going to stop you doing something daft, but if might just alert you to
the fact that someone is interfering with it, and if it does get pinched, they
won’t be able get at the data stored on it, at least not easily. It’s called Laptop Alarm and the idea is you launch it
when your laptop is unattended, Windows is automatically locked, and if
anyone messes around with it, unplugs the power cable or moves the cursor, it
starts shrieking. It’s no good if they try to mute the sound either, because it
overrides the volume controls. As I said it’s free, so what have you got to
lose, apart from your laptop…
12/05/08
Key to Security
 One of the scariest threats to your PC and personal security
is the keylogger. These are tiny malware programs that can get onto your PC by
a variety of means, in some cases all you have to do is visit an infected
website. Once on your computer it sits silently in the background, recording
every keystroke you make, and sending the data back to the mothership, where it
is scanned for passwords and PINs, which can be used to empty your bank account
or set up phoney accounts. This little freeware program, called AntiKeylogger
can’t help you if you are already infected, so check your PC before you install
it, but it will stop any new ones from working. Unlike most programs of this
type it doesn’t try to detect an infection, instead it interferes with the
mechanisms that all keyloggers use to record data, so there’s no need for it to
be regularly updated with signature files, providing you with near effortless,
long term protection.
21/04/08
Lock Your Windows, With a Cellphone
 If your PC or laptop has a Bluetooth adaptor, and your
cellphone is similarly equipped, then here’s something that might interest you.
It’s a free utility called BtProx,
and the idea is you can lock your PC, so no-one else can use it, unless you,
and your cellphone are in the immediate vicinity. As I’m sure Apple Mac fans
will remind me, it’s not exactly a new idea, but no matter, its a simple and
effective way to protect your computer, though, just make sure your phone battery
doesn’t run out, or you will be in trouble…
14/04/08
Phishing Fixer
 If you are fed up sifting through fake phishing messages
purporting to come from banks, credit card companies and financial institutions,
ebay and PayPal trying to extract your details, then help is at hand. It’s called
Iconix email ID. It’s an add-on for Outlook
Express, Outlook, Windows Live, Hotmail, AOL and Yahoo webmail and GMail that
automatically identifies and flags up messages that come from legitimate
sources.
Incoming emails are checked against a database of registered senders –
300 so far -- and if it passes the test an icon appears next to it in your
Inbox, so you can see instantly if it is genuine or not. It’s all free, the
software only takes a few moments to install and as far as I can see the only
minus points are that the sender’s list is biased towards US companies – it could
do with some UK banks and building societies on the list -- and they’re still
working on compatibility with other popular email clients.
07/04/08
Virtually Infallible Protection
 How would you like to completely protect your PC from
viruses, malware and the myriad of nasties floating around the Internet? Of course you would, but even with the best
security software available there’s always the chance something will get through,
but maybe there is a solution…
What we have here is a freeware program called Returnil
Virtual System that creates a sacrificial ‘mirror’ or clone of your system
on a virtual partition on your hard drive. Your PC boots into the virtual
system, so your original system remains isolated and protected. If something
does make it through your defences no harm is done, you just reboot and any
changes the malicious software has made are automatically erased and you reboot
into a newly created system.
It’s a bit like The Matrix, a PC within a PC, spooky and
quite tricky to get your head around at first but once you get used to it, it
makes a lot of sense and your PC will become virtually bullet-proof.
31/03/08
Free Software Security Program on Test
 If you don’t mind being an unpaid guinea pig then head over to the Secunia website and download the Beta
(Release Candidate 1) version of Personal Software Inspector, which checks all
of the programs on your PC and tells you if any of them represent a security
threat, or are past their use by date. If there is a problem it offers to help you find
patches and updates. The program flagged up 8 programs on my well used office
PC, none of the alerts were serious and about half of the programs I knew to be
no threat at all, so it’s not infallible and I suspect there’s still some work
to be done but it’s reassuring to have a second opinion, and it could just find
something nasty that you or your other security software has overlooked.
27/03/08
Free Wireless Security Checkup
 How safe is your wireless network? If the answer is you don’t
know, then you really should head over to the Pure Networks website and carry
out their free Network
Security Scan. Of course it’s a prelude to selling you something, in this
case an application called Network Magic, and there’s a link to a free trial,
but there’s no obligation and it really is worth the visit for the free
security scan. It raised a couple of issues on my system, which until now I thought
was pretty tightly secured.
20/03/08
Free Lightweight Virus Scanner
 Traditional thinking suggets that you should only have one
anti-virus program on your PC. That’s normally good advice as they can have
problems with each other’s ‘signature libraries’, which usually contain inert
samples of virus code, but here’s one that seems to get along with other AV
programs, on my test bed PCs at least.
It’s called EAV
Antivirus Suite Free Edition v5.61, and as the name suggests, it is a
freebie. Part of the reason it is so
amenable is the fact that it focuses on Windows, where most infections are
likely to hide and it keeps a constant check on incoming files. It is also very
small, the download is less than 2Mb and signature updates are tiny but that
doesn’t mean it is necessarily ineffective. Several users have reported that it
has found infections missed by other more elaborate programs. It also has a
number of useful tools, geared towards deep-cleaning Internet Explorer and Windows.
It’s not without a few rough edges, though, it doesn’t check emails, the menus
appear to have been written by someone with only a passing acquaintance with
English, and there’s no automatic scheduling or update facility, but these are
relatively minor niggles, it works, it seems to get on with other AV programs
and it’s free.
13/03/08
Surfing with Onions….
 A growing number of people, concerned about personal privacy
and security are opting to get off the grid but that’s always been a bit
difficult with the Internet. It knows where you are, and what you are doing,
but there are ways to become totally anonymous.
One way is to use TOR, or The Onion Router. It’s a
network of virtual connections or relays, dotted around the world, operating in complex ‘layers’ (that’s where the Onion
bit comes in) that stops you from being identified or tracked when you are
online. Ironically much of the development work for TOR was sponsored by the US
Naval Research Laboratory but now it’s gone independent, and it is free to use.
All you have to do is download a piece of software, which handles your connection to
the network, and the encryption of data, and you are in business. It’s an
ongoing project, and there are still a few wrinkles and speed issues – you may
notice a slowdown on your browser -- but if you are exchanging or downloading
sensitive or private material and want to be invisible then give it a try, but
read the overview and introduction first.
21/02/08
Fancy Free Firewall Foils Felons
 If you haven’t got a firewall on your PC (shame on you), you
are using the less than adequate Windows Firewall in XP (and to a lesser
extent, the one in Vista) or your current Firewall is squabbling with your
applications or blocking email and web connections there here’s something else
to try. It’s Comodo Pro,
version 3, and it’s entirely free, and as far as I can see, there are no
catches. It’s fully featured too, with all the bells and whistles you would
expect to find on the best firewalls, with control over both incoming and
outgoing connections, and plenty of configuration options, but it’s ready to go
straight out of the box, with industrial-strength protection if you leave it in
auto mode.
22/11/07
Slicker, Swifter SpyBot S&D
 I have been recommending the SpyBot Search and Destroy
malware cleaner ever since it appeared in 2002 and a brilliant job it has been
doing too, though I have to say that it has been looking a little tired of
late, so I am very pleased to report that a new version has just been released.
Spybot
S&D 1.5adds full Vista support, and in response to many requests,
restores support for Windows 95.
After installation the first thing it does is create a
Registry Backup, then it offers to Immunise your system, by tweaking your
browser, to prevent it from downloading malware, and this version includes
support for more browsers, including Firefox and some of the newcomers. After
that it’s ready to scan, and there are some obvious improvements. It looks slicker
and it runs quicker than previous versions, and like all new malware cleaners,
or updates of old favourites, it’s geared up to detect the latest threats and
is almost certain to find something on your PC that the others have left
behind.
28/09/07
Fancy Free
Firewall
 Time was when ZoneAlarm
ruled the roost for the free firewalls. Don’t get me wrong, it’s still a great
program and does a brilliant job, and you can’t argue with the price, but some
say that it has got a bit cumbersome over the years, and there have been one
or two glitches along the way. I’m not saying R-Firewall is going to be any better but
it’s another Free firewall, and like ZoneAlarm it is free. It’s also very
sophisticated with several features you won’t find elsewhere, and because of
that it looks a bit daunting, but don’t be put off, it’s worth getting to know,
and definitely worth trying if you don’t get on with ZA.
01/08/07
Recycle with
Freecycle
 With so much
attention focussed on recycling and carbon footprints I think it’s worth
reminding you of a web service called Freecycle.
Basically the idea is you give stuff away you no longer need to people who want
it. Rather than throw unwanted items away, to clutter up landfill, or mess
around with on-line auctions, simply let people in your area know that you have
an old fridge, bed, sofa, piano or whatever, and it’s free to anyone who wants
to come and pick it up. All it takes is a quick signup to your local group, and
you are ready to go. As a subscriber you can also post a message on Freecycle
for things that you want, it’s a great way to get rid of your old junk, and
maybe acquire some fresh ‘treasure’ and it won’t cost you a bean, or harm the
planet.
18/07/07
Remove those Rogues
 Have you ever been tempted to respond to a pop-up ad for free
software that promises to rid your PC of malware? Well don’t! Most of it is
rubbish or ‘scareware’ and it will almost certainly report lots of ‘false
positives’, and then offer to get rid of the nasties, when you cough up for the
full version of the program.
In you have been caught you may find it difficult to get rid
of the program and it will bug you endlessly. If so try RogueRemover; it seeks
out and eradicates these nasty pieces of work, and it won’t cost you a penny!
By the way, if you have any doubts about malware cleaner programs you can check
them out on the most excellent Spyware Warrior
website.
06/07/07
Squaring Up Against Malware
 As regular readers and visitors will know for the past few
years I have been recommending all PC users regularly scan their PCs with
malware cleaners like AdAware and
SpyBot, and more recently Windows
Defender. They are all free and can help to keep your computer free of the
little nasties that generate pop-up ads and spy on your web surfing activities.
Well now there’s a new kid on the block, called A-Squared
Free and like the old stalwarts it searches out and zaps infections, but
you have the option to put anything it finds into ‘quarantine’ first, so you
can check it out, just in case it is legitimate. It also scans the Registry for
traces but it doesn’t offer real-time protection. It is first and foremost a
removal tool so you should use it in conjunction with other cleaners or you can
upgrade to the more advanced, paid-for, A-Squared Anti-Malware 3, which wil
lset you back around £20.
27/06/07
Beware Wi-Fi HotSpot Scammers
 If you
take your Wi-Fi enabled laptop with you on your travels then, like me, you are
always on the lookout for a free Hotspot hook-up when hanging around at
airports, hotels or cafes. If you do your homework and visit sites like free-hotspot.com.
Before you go you should be able to find one. However, be on your guard if you
are casually trawling for a free connection, you could be opening up your PC
and its contents to a hacker.
Here’s how it works. A
crook with a Wi-Fi laptop sets up shop by hanging around a legitimate hotspot.
Their PC is logged on to the web and set up for Internet Connection Sharing.
Along comes our weary traveller and the Wi-Fi monitor on their PC flags up the bogus
connection as open and available. They think it is Christmas, click on it to
log on and bingo, the two PCs are linked by an ‘ad hoc’ or peer-to-peer
connection and the data on the victim’s laptop is exposed.
You can avoid it
happening to you by firstly avoiding suspiciously free hotspots, and secondly by
re-configuring Windows XP to only accept Infrastructure or Access Point
connections. To do that right-click on the Wireless Connection icon in the
System Tray (next to the clock) and select ‘View Available Networks’, now click
‘Change Advanced Settings and select the Wireless Networks tab then click the
Advanced button and make sure that ‘Access Point (Infrastructure) Networks Only’
is checked.
14/02/07
Rooting Out Zombies
 If you are a regular visitor to these pages you should know all about
the current epidemic of zombification. For those of you that missed it, this is
when a PC is hijacked and used with other PCs to spread Spam and viruses. Some
experts reckon that as much as 80 percent of Spam could be coming from zombie
PCs, working together in so-called ‘botnets’.
Some of these infections, which often hide in downloaded software
called a ‘rootkit’, are extremely devious and may not show up on a routine
anti-virus scan, so how can you tell if you have been infected? It’s not easy
but if you know your way around Windows a built-in utility called Netstat can
help, by displaying all of the attempts to use your PC’s network and Internet
connections. To fire it up go to Run on the Start menu and type ‘cmd’ (without
the quotes) and this opens a DOS-like window, at the flashing prompt type
‘netstat –an’ (again no quotes and the list of connections. It probably won’t
mean much to you but check the list of ‘Foreign’ IP addresses, as this is where
the rootkit infection will show its hand.
If you are not sure what to look for a free Microsoft utility called TCPView
provides a slightly more informative insight into what’s going on and if you
right-click on an item and select Properties it will tell you something about
the ‘Process’ and what program it belongs to, and if you don’t recognise the
name try Googling it.
28/01/07
Create Virtual Encrypted Drive
 It’s gradually sinking in
that we are all going to have to take computer security a lot more seriously.
Many of us now use our PCs to store huge amounts of personal information, bank
and credit card details and things we want to remain private. Firewalls and
security software helps keep out hackers and other types of intrusion, but what
would happen if someone stole your PC or laptop?
CryptoExpert 2007 Lite
keeps your data secure. It creates a virtual drive (or drives) on your PC,
which works just like a regular drive and anything you store in it is
automatically encrypted. If you want to open the file then you need to enter a
password.
06/12/06
AVG Anti-Spyware
 As regular readers will know I’m a
big fan of the freebie Spybot
and AdAware
malware cleaners and have been recommending them since they first appeared. Windows
Defender (nee Giant AntiSpyware) from Microsoft, also free, does a good job
and it’s going to be bundled with Vista. Well, to cut a long story short after
a couple of weeks of intensive testing I’m adding another cleaner to the list
and this one comes from our old friends at Grisoft, who are behind one of the
best free anti-virus programs AVG Free. It’s
called, appropriately enough AVG
Anti-Spyware. It does a bang-up job and if I tell you that it picked up no
less than 35 infected files, including one rather nasty Trojan, on a PC that
had just been scanned by another well-known cleaner (no names, no pack-drill),
then you can understand why I’m so impressed with it.
22/11/06
Is your PC Spying on You?
 Do you know what Windows or the
programs on are downloading or uploading right now? Hopefully it’s all quite
innocent, an update or a patch or some sort, though maybe your PC is passing on
information you would rather remain private but whatever it is doing wouldn’t
it be nice to have been asked before it made use of your Internet connection?
XP-AntiSpy
is a little freeware utility that lets you decide what things Windows can
download in the background. It’s easy
to configure and you can choose to switch off a range of function, including
some that may consider ‘suspicious’ or just plain nosey, like a facility that
lets websites identify your PC, you can disable error reporting, hide your PC
on a network and much more besides. All of the options are the sort of thing
you could do yourself, if you had the time and inclination to poke around the
Windows Registry and all changes are easily undone.
03/11/06
Save your Secrets
 We’ve all got secrets but one of the worst places to keep
them is on your computer. Anyone with access to your PC can get at the files it
contains, even if you’ve set up password protection there are readily available
ways and means to open, extract and read files without booting Windows, so what
can you do?
If you have to keep sensitive information on your PC the
only sure way to protect it is to encrypt it. Windows XP Pro has got built-in
file encryption but that doesn’t help XP Home users. Here’s something that
will, it’s a freeware utility called Cryptainer LE.
After installation it creates a secure container or ‘vault’ for your files on
the hard drive and any files that are dragged and dropped or copied into it are
encrypted, using a strong 128-but key. True, there are even more powerful
systems out there -- check out Cryptainer PE with 448-bit encryption -- but
it’s certainly good enough to defeat all but the most well equipped spooks with
supercomputers from breaking into your files
26/10/06
Rooting Out the Nasties
 You may not have heard of Rootkits yet, but you will. A
Rootkit is a set of tools, for creating a stealthy wrapper, for concealing
malware. The trouble is anti-virus programs and malware cleaners have trouble
detecting Rootkits, which means your PC could be infected by trojans,
keyloggers, sniffers and heaven knows what else. They’re fairly new and so far
the threat appears to be relatively low, and they’re not very good at
propagating but they are becoming more sophisticated so now would be a good
time to start keeping an eye on your PC. Sophos, the anti-virus people have
come up with a freeware Rootkit detector, called appropriately enough Anti-Rootkit
and you should download and run it as soon as possible, to see what’s lurking
on your system. If it finds anything suspicious it will tell you what it is,
where it is hiding and if possible, remove it for you.
29/09/06
Protecting Firefox Passwords
 The Firefox Password Manager is a useful facility and it
makes logging onto protected websites a doddle but it is not very secure.
Anyone using your PC can access your websites and see all of your saved
passwords without let or hindrance. To protect your security you should set a
password for the Password Manager and you, (and anyone else using your PC) will
be asked to enter the Master password at the first attempt to log on to a
password protected website. To set it up open Firefox then go to Tools >
Options and select the Privacy tab. Click Set Master Password and enter your
new password and a bargraph ‘Quality Meter’ shows how secure it is likely to be,
depending on length and complexity.
04/09/06
Free Storage, Leave That Laptop At Home
 The next time you go flying you might want to think twice
about taking your laptop with you, following the events of the past few weeks.
If a terrorist alert licks off while you are waiting to check in there’s a good
chance you laptop and all of your electronic goodies will end up going into the
hold, with no guarantee you’ll see it again at the other end.
Loosing a laptop could be a major problem, especially if it
contains a lot of personal, sensitive or irreplaceable data, and it may not be
covered by your travel insurance if it’s lost of damaged, so leave it behind.
If you need a laptop you can hire one at your destination;
take any data or files you’ll need on a flash drive or CD, or better still,
upload it to the web and then you can get at it on a borrowed or rented PC, or
in an Internet café. It needn’t cost you a bean, either. There’s 25Gb of free
online storage at Streamload,
no hidden fees, no credit card details, just sign up for an account and you can
send files up to 25Mb and download up to 1Gb of data a month.
30/08/06
Lock
Your PC with the Matrix
 There
are various secure and very sensible ways to lock your PC when you are away
from your desk but here’s one for fans of The Matrix. This small system tray
application, called Matrix Screen Locker is freeware and it does precisely that
stopping unauthorised use of your computer and at the same time displaying the
familiar screen-full of tumbling green characters. Stare at it long enough and
you really will believe you’re seeing things… Control of your PC in the ‘real
world’ is only possible when you enter the correct password, and no young Neo,
it can’t be defeated by pressing Ctrl + Alt + Del
14/07/07
Terrorists
and shady characters please look away because I am about to reveal a way of
concealing documents inside digital photographs. It’s a technique known as
Steganography. The idea is as old as the hills; secret messages have been
tucked away inside familiar objects for centuries and this modern twist hides
text in JPEG files. It’s a good way of hiding passwords and PIN numbers on your
PC or you could use it if you’re travelling, to send a personal or private
message in an email picture attachment.
All
you need is a little freeware utility called JP Hide And Seek (JPHS) and the clever bit
is the image doesn’t look any different and the file size is virtually unchanged.
The hidden message is also encrypted and password protected so the chances of
anyone finding it let along reading it is virtually zero.
06/07/06
PUT
YOUR ANTISPYWARE TO THE TEST
How well is your security
software protecting you? Usually the only time you’ll find out is when it
detects an attack, or afterwards, when something has got through. A group of
researchers called Intelguardians decided to put anti spyware tools to the test
by designing a series of small and benign programs that attempt to probe a PCs
defences. Each of the 20 or Spycar checks has
to be carried out manually, by downloading a small file and clicking OK, at
which point the program tries to install a Registry key, a piece of code, or
change a setting. At the end of the tests you download a utility called
TowTruck, which displays the score and resets any changes that may have been
made. It’s difficult to say how meaningful the results are and how they relate
to real-world situations, but a couple of programs we’ve been using for a while
failed miserably so f nothing else it has prompted us to carry out a security
review.
27/06/06
FLASH PROTECTION
We’re all using USB flash drives
these days, and very handy they are too, for transferring data from one PC to
another. But the next time you plug your drive into someone else’s PC just ask
yourself, how clean is it? The ease with which you can move data around also
makes it easy for viruses and malware to hitch a ride on your flash drive and
back into your PC. The first thing you should find out when copying data
onto your drive is whether or not the PC you are connecting to has anti-virus
protection, you will be surprised how many don’t. One solution is to carry some
protection with you, the freeware anti-virus scanner AntiVir can be run from a
flash drive and it only takes up around 30Mb of space, which is nothing in
these days of 1 and 2Gb drives. Select the Customise option during installation
to load the program onto your flash drive, and you can run it from the
Avcentre.exe file; to set up an immediate scan simply set one up from the
Schedule tab and if there’s an Internet Connection available make sure you
download the latest updates.
TRAVELS WITH MY DIGICAM
A couple of years ago, whilst on an overseas trip a digital camera
containing scores of irreplaceable images was stolen from my hotel room. Now
I’m slightly paranoid about losing another one and I make sure it’s safely
locked up when I’m not carrying it, with the memory card stored separately from
the camera, but my biggest fear is the safety of the images. They only exist on
the camera’s memory card, so now at the end of every day I download new
pictures to my laptop’s hard drive, and make a second copy on a USB flash
drive, which I keep with me on a key ring. On my most recent trip I also
uploaded several images to my personal web space and sent some prints to friends using
TruPrint’s on-line digital printing service. They were delivered within 48
hours -- well before my return -- and at 10 pence each (plus 99 pence postage)
were a good deal faster and only marginally dearer than sending postcards.
GET
READY FOR THE 2038 BUG
Here's a quick heads-up for a potentially nasty little computer bug that could ruin
your day on January 19th 2038… This one will only affect computers based on the
Unix operating system, which includes some versions of Linux, and Windows 2000
machines running exotic applications may also be affected. The bug is similar
to the notorious Y2K bug in that vulnerable computers will register the time
and date incorrectly when the bug strikes. It’s all to do with the way Unix
computers work out time. Instead of relying on an in built calendar they count
seconds from the notional date the system was conceived, at GMT 00:00:00, on
Thursday, January 1st, 1970, and like a car’s odometer going round the clock,
on bug day it will run out of digits and the counter will roll over and
probably reset to January 1st 1901 or another equally invalid date.
HOW
SAFE IS YOUR WI-FI NETWORK?
One
way to find out is to switch off your router and launch your Wi-Fi
configuration utility. This should have signal strength or ‘Site Manager’
options that will display all of the wireless networks and devices in your immediate vicinity.
If any show up bear in mind that if you can pick up their
signals, they can pick up yours…
In
the early days Wi-Fi security wasn’t such a big issue and the chances of your
network being hacked into, even if you hadn’t enabled WEP encryption, was
fairly small, but now the world and his wife has got Wi-Fi and there is a
good chance that one or more of your neighbours has installed a system, which
could be a problem, for you and for them.
Your Wi-Fi monitor should tell you if your neighbour’s systems are encrypted or not; if you find one that it is open then you should alert them immediately. You can usually tell how close they are to you from the signal strength reading.
Even though you have enabled
the strongest WEP encryption your system supports (and you have switched it on, haven’t you…). Be aware that WEP is not infallible and
it is worth changing the key every few months. I am sure that your neighbours
are decent, honest people, nevertheless do not enable file sharing on any more
folders than are strictly necessary, never share a whole drive and pop along to My Network Places in Windows Explorer every so
often, to make sure that all of the PCs listed as being present on your network
are known to you.
PROTECT YOUR PC
It’s all very well setting
up accounts and passwords on your computer but as you may know there are ways
and means to hack into files and folders once Windows is up and running. If you
are concerned about the security of your PC, particularly if you are using a
laptop, then you should enable the PIN or password facility in your PC’s BIOS
program. Once set this will prevent the machine from booting up by any means,
including boot discs and USB devices. To switch on BIOS security you will need
to enter the setup program that starts immediately after switch on. On most
machines you’ll see a fleeting message that says something like ‘To enter Setup
press Delete’ or a combination of keys, otherwise consult the manual. Once the
BIOS opens the security options menu is usually clearly displayed. If you use
it take good care of your PIN as BIOS security can be extremely tough to crack!
PASSWORD OR PASSPHRASE
How safe are your passwords? Most of us do precisely
the wrong thing and use familiar and easily remembered words and names that a
hacker, or someone who knows you could probably guess. It’s also a mistake to
use any word that appears in an English or foreign dictionary because there
are lots of 'brute force' password cracking programs that simply plough through
hundreds of thousands of common names and words in the hope they'll get lucky.
The
ideal password
should consist of a random mixture of numbers and characters, upper and
lower
case -- the more the better -- and changed regularly, but how on earth
are you
supposed to remember something like ‘K9xp5G49au9’? The answer is you
can't, but
there’s an easily memorised alternative and that’s a 'Passphrase', a
simple
three or four word combination -- preferably meaningless -- that can’t
be
easily guessed, or cracked. Something like ‘cat ties knot’
would be very
difficult for a hacker or software to
crack, and the spaces between the words make it even more impenetrable,
but you should avoid well known phrases or sayings, like 'To be
or not to be’.
SPYWARE BEWARE
There are now a
staggeringly large number of free and paid-for adware and spyware clean-up
tools and websites. Some of them are promoted through pop-up windows on web
pages that suggest your PC may be at risk by displaying ‘hidden’ information
about your computer that the web site has apparently managed to extract. In
most cases these are scams, intended to scare you and the details shown are
quite routinely made available by your browser (type of browser, PC operating
system etc.) and do not represent any threat to your PC’s security. Some
commercial programs do work well, and we’ve included a couple of them this
week, but most should be avoided. At best they don’t work as well as Spybot or
AdAware (see last week’s Boot Camp) but a significant number of them generate
false reports and some of them deliberately infect your PC with spyware and
adware, or worse, so beware! If you are concerned that you might have visited a
dodgy site or downloaded a suspicious program then check them against a list of
rogue products and suspect antispyware sites at: www.spywarewarrior.com/rogue_anti-spyware.htm
SCAM REPORTS
In an ideal world there
would be a mechanism for putting an end to scam emails but since most of those
responsible operate overseas and use anonymous email addresses they are beyond
the reach of the UK authorities. Email blocking and spam filtering software can
help to reduce the flow but in the end only way it will stop is when people
stop responding to them.
Various UK organisations
keep a close watch on Internet fraud and if you are a victim or the target of a
scammer then you can make a report to the SD6 Economic and Specialist Crime OCU
(Organised Crime Unit). Its telephone number and email address can be found on
the Metropolitan Police Fraud Alert website at: www.met.police.uk/fraudalert/index.htm.
Other useful sources of information include the National Hitech Crime Unit:
www.nhtcu.org/nqcontent.cfm?a_id=12347,
Home Office Internet Crime department: www.homeoffice.gov.uk/crime/internetcrime/
and the Internet Watch Foundation: www.iwf.org.uk/
ROGUE DIALLERS
Premium Rate diallers work
by forcing the PC to dial up expensive premium rate lines. The good news is
that they do not work on broadband connections, however, if you have recently
switched from dial-up to broadband you should disconnect the phone cable from
your PC’s modem. If you have a dial-up connection you should constantly monitor
your PC to make sure that it doesn’t log onto the Internet without your say so,
and you should ask BT or your phone provider to put a block on premium rate
numbers.
INSTALL A FIREWALL
If you are new to broadband
then you must upgrade the security of your computer as the ‘always-on’
connection greatly increases the risks of virus infection and hacking. A good
quality virus scanner is absolutely essential and you should install a firewall
program that monitors all incoming and outgoing connections. The firewall
included in Windows XP is not adequate as it only checks incoming connections
and wouldn’t prevent a Trojan or spyware program hijacking your files and
sending data from your PC. (An upgrade of the XP firewall is planned for later
this year).
SPOOF TESTER
There’s a quick and easy to
use spoof ‘tester’ at: www.secunia.com/internet_explorer_address_bar_spoofing_test/
You will probably find that
Internet Explorer fails the test miserably and at the time of writing Microsoft
had yet to release a patch. There several third-party fixes floating around the
Internet but at least one of them contains adware components. My preferred
solution is to change to a spoof-proof browser, like Avant Browser. It is
freeware and has many useful extras, including a built-in pop-up stopper and
tabbed windows; it can be downloaded from: www.avantbrowser.com/
POWER CUT PROTECTION
Considering the cost of a
PC and the value of the data most of them contain it is a false economy not to
install an Uninterruptible Power Supply or UPS between your mains socket and the computer. They are not expensive, prices start at around £30 but the wrong type can be almost as bad as having no protection
at all. UPS devices are normally rated by capacity, stated in volt-amperes or
‘VA’. Heavy duty models, for network servers and systems may be rated at
upwards of 2000VA but for a single desktop PC and monitor a UPS rated between
300 to 500VA will normally be able to provide between 10 and 15 minutes worth
of power. Many recent UPS have software that in the event of power cut will automatically save all of your data to disc before shutting the PC down.
HIDE FILES
Sometimes you might want
to make certain files on your computer inaccessible, especially if you share
your PC with others. There are plenty of password protection and encryption programs
available for download, but sometimes the simplest solutions are the best. One
easy way to protect a sensitive file is to rename it, and bury it deep inside
Windows, or another unrelated application. Simply open Windows Explorer,
right-click on the file and give it a new name with a fictitious three-letter
extension – your initials perhaps -- then drag and drop it into a folder. Make
sure you remember where you put it and check that you’re not using a genuine
file type with the extension search engine at:
http://extsearch.com/
| 
