Security Notes

Updated 2017-09-10

Why should you be concerned?

The first thing that you need to understand is why do the bad guys make viruses? The short answer is “money”. They make money:

  1. By sending spam. They sometimes get paid a percentage of the profits from selling products over the internet. Other times they are paid per address that they send spam to, other times so much per click. Often the bad guys will infect your computer with a virus that sends out their spam from your computer.
  2. From stealing your bank information or credit card information. They often will take a few dollars each month, so you don’t notice, other times they will quickly drain your account and transfer the money to another country.

The second thing you should understand is how the bad guys select their targets. The short answer is that (for the most part) they don’t put any thought into it. They use a script and send their spam to any email address they can get.  An example is a friend’s 12 yr old daughter (her email name is very obviously female) was complaining about all of the Viagra ads she was getting. She said “Can’t they tell I’m a girl?” The spammers get her email address and it is easier to send her the spam than it would be to filter their list. They don’t know who they are sending spam to and they don’t care.  Another case I know about, is when a friend came to me about his old laptop. It was running very slow and he wanted to use it, but it was running too slow. The first thing I asked him was what anti-virus he had on it. He replied that this computer was so old and out dated that “why would anybody bother with infecting it?” Well, I took a quick look at it and found that 13 viruses were the reason why it was running so slow. Remember, the bad guys don’t know you, or your computer and they don’t care.

The third thing to think about is “what devices can be infected?” The short answer is “Anything that you have connected to the internet.” Smart phones can be infected. Internet connected baby monitors can be connected to the internet. Think about all of the devices that you have connected to the internet. If that device has a password, you should make sure that the password on it has been changed from the default by you. If the device is connected to the internet and you can’t change the password, contact the manufacturer and see how to protect it.

There was a story reported in the news about a man in Miami, FL who was setting up a new office overlooking the bay.  He had some trouble setting up the office WIFI so he turned off the password protection on the WIFI router. A few days later his office was raided, the door was knocked down, and in moments he was in hand-cuffs and face-down as federal agents searched his office. It seems that someone was using his WIFI to send child pornography. He was not charged, but I’ll bet he put a good password on his WIFI router!

Basic Security

  1. Check your passwords. Make sure that all passwords are at least 10 characters long. The generally accepted policy for passwords is to use 3 out of four (Upper case, lower case, number, special characters) In this policy, a password should not contain any real words, it should contain at least one lowercase letter, at least one uppercase letter,  at least one digit and at least one special character (.,/[]{}!@#$%^&*()_-).  Note: In some situations, passwords cannot contain certain special characters. A good way to get a good password is to create an acronym  and use it for your password. For example: use a sentence like: My mom has three brothers, Tom, Dave and Ernie. Convert that sentence to an acronym “Mmh3b,T,DaE.” This password has 11 characters, upper and lower case, one number and three special characters. Another option is to use one of the on-line password generators. These tools will give you a 16 character sequence of characters which will satisfy the requirements of even the most stringent sites. You will need to write down a password like this because it will be almost impossible to remember.   See: Another policy for passwords is being discussed. It may work just as well and be easier to remember. In this policy, you use four words each having at least 4 characters. Words should not make a sentence. Put them together without spaces. The general thinking to support this policy is that brute force crackers will need to try many more combination to break your password. This only works if the words are not related and not guessable.
  2. Make sure that your PC has two accounts. One account should be the administrator account. This account will be an account that you do not normally use. You will only use it when you intend to add software or change your settings. Be sure that it is protected with a good password. Be sure that it has administrative privileges. Write the password down. Shutdown and restart. Make sure that the new user name works and has privileges.
  3. Now password protect your old “work” account, write down the password and take admin privileges away from your “work”  account. Always use the work account unless you are doing administrative work. This makes it more difficult for certain types of viruses to install themselves on your PC.
  4. When you get an email, use the “hover” feature before clicking on a link. The “hover” (also called mouse over) will cause your browser to show the actual link in the lower left corner of the browser window. DO NOT CLICK ON THE LINK. Just position the mouse pointer over the link. For a few seconds, the actual link will show on the screen in the lower left corner.  If the url in the lower left is not the same as the information you see in the browser window, someone may be trying to trick you. If you do not understand links, maybe this article will help. Understanding Links
  5. Change all of your passwords at least once a year. Any valuable passwords (like bank accounts, or credit card accounts like Pay Pal) should be changed about every couple of months.
  6. Keep your computer updated. After taking updates from Microsoft always reboot to get the updates installed.
  7. Buy and install multi-layered protection. No one tool will do the job. Some software to consider. (I am not recommending any of these products, just listing some products that I am aware of.)
    1. Norton:
      1. Norton 360
    2. Enigma
      1. Reg hunter
      2. Spy Hunter
    3. AVG
      1. Tune up Utilities
      2. Tuneup 1 click Maintenance
    4. Tool bar cleaner (free)
      1. Use a good backup package. I use Carbonite. but there are other packages that perform in avery similar manner. See: Microsoft Onedrive an Western Digital’s Backup package.
  8. Finally, the most important thing that you can do is “Never feed the spammers.” Never,  never, never buy anything from a spammer. In fact, Never buy anything that you see advertised by a spammer. Buying the products just feeds the bad buys.

Weekly Tasks (Admin account)

  1. Microsoft does their security updates on the second Tuesday of each month.  Late on the day (Tuesday afternoon, or as soon as you can after that) you should install the Microsoft patches. Go into your All Programs, select Windows updates, make sure all updates are selected. click on Update. This step only needs to be done once a month.
  2. After taking any Microsoft Updates,  you should do an orderly shutdown and power up again. (Full shutdown and then start up.) When the System comes backup, check Microsoft updates and look carefully at all options to be sure that you have taken all updates.
  3. Now go to All programs, Accessories and System Tools, select Disk Cleanup. Run the Disk Cleanup (or Ccleaner). [This does not protect your computer, but does help your computer performance.]
  4. Run Tuneup 1 Click Maintenance. [This does not protect your computer, but does help your computer performance.]
  5. Run Reg Hunter to completion.
  6. Run Spy Hunter to completion.
  7. Go to Accessories and System Tools; select Defrag and run it. (Even if it says it is not needed.) (or you can run Defraggler.) [This does not protect your computer, but does help your computer performance.]
  8. Once a quarter you should check your browser tool bars.  These are the sections at the top of the browser. Often companies will try to get their tool bar installed so that you will use their search engine instead of your favorite search engine.  Run tool bar cleaner and remove any stuff you don’t want.
  9. Once a quarter you should do an in-depth defrag. The way to do this is:
    1. Sign-on to your admin account,
    2. Open a command window and type:  chkdsk \r C:
    3. Then reboot. This does a system check and repair of any disk errors.