I recently came across this image on one of the sites I frequently visit (click the link for the image and site). This image promotes Common Sense for computer security but it does not say how. I thought I would elaborate on this with some simple tips.
Updates and system software
- Always keep your computer up to date using automatic Windows Update, be sure to manually check that also the optional downloads/updates are installed each week.
- Always have decent anti virus and spyware software installed. I recommend AVG free, Microsoft Security Essentials and Lavasoft Adaware - All these programs are FREE, are continuously keeping an eye on your computer, automatically update and run weekly automatic full scans. When installing read each step carefully and make sure you select the free version, also disable the optional extra tool bars and such.
- Do not assume that having the above scanner software installed makes it impossible for your computer to get a computer virus, spyware, malware or any other nasty affliction. If you run an installer for software that has not been tagged as malicious yet it will install just fine and will usually be near impossible to remove completely without fully formatting your computer. Always be careful with what you download and run on your computer. Even software acquired from friends - they may not know their computer is infected.
Software applications
- If you insist on using illegally downloaded applications be very careful. Many of these contain a virus. At least download from a site that supports comments and ratings on files so you can see if anyone has put in a virus warning (so you know not to download it).
- When installing applications make sure you opt out of any optional extra installations such as toolbars, scanners, etc. Especially programs such as p2p downloaders, emoticon packs and MSN extensions are known to have all kinds of extra software with them that can really slow down and mess up your computer. Disable anything extra that can be disabled, and if it can't then seriously think whether you really need this software.
- Do not trust random browser popups stating that you have all kinds of security hazards and to please install their software scanner to fix this. These are just misleading ads. If you have the software installed that I mention above you do not need any additional software installed. Disregard all of these kinds of banners, popups, etc. and only trust the non-browser dialogues from the above installed applications.
Emails and MSN
- Never reply to emails asking for your password or other personal details, even if it looks like you know who sent it. If you know the sender call them on their known number to confirm the request. Also never reply to emails that say you have won money or offers to transfer a large some of money via your account and emails offering you freelance or work from-home-jobs that you never asked for. And never reply to spam, no matter how annoyed you are at them, it will just confirm that this is a working email address and most likely cause you to receive even more spam. Just mark the email as spam and it should help filter out future emails that are similar.
- Be very careful of applications and zip files attached to emails. Even if you know the sender and they confirm they really sent the file, their computer may be infected with a virus without them knowing it. If you really need the application download it from another trusted source such as download.com if possible.
- Do not trust random links sent to you by email or MSN that mention that they have dubious or scandalous photos and if you would kindly "click here". The click links to a downloadable zip or application. This is a common tactic used by spammers and virus spreaders.
- If possible use "Honeypotting" for any online registrations. Lets say "yourname@gmail.com" is your main email address. Now imagine you register with some website who disregards any privacy regulations and sells your email address to a spammer. Now you have a problem, your main email address is out there on the spam lists and will never be removed. Imagine you had used a different email address for the registration, one that you only used for this site. Unlike your main email address you could easily block this 1-time-use email address nullifying the problem. This is called a honeypot address. Ideally it would be something recognizable to the site. For example: "yourname_website@gmail.com" or, even safer, "website_yourinitials@gmail.com". Another advantage is that you can catch a site selling your email to spam companies and report them. And you don't need to make a separate account for this address it can be a forwarder. So all emails sent to this address get forwarded to your main account, the point being they arrive on the honeypot address. But do be careful when replying to emails that you select the appropriate sending email address otherwise they will have your main email address anyway
Other
- Use the windows accounts feature. Have an Admin account for yourself which is password protected and make a guest account at user level with all security settings enabled to level "paranoid". This greatly limits the possibility that kids or friends will accidentally install bad stuff on your computer.
- Backup!! I cannot say this enough… ALWAYS backup! I use a Microsoft program called "SyncToy" which can be found and downloaded for free from their website. Make a daily backup to an internal secondary hard disk or to an external USB disk. And make a weekly or monthly backup to an external USB disk that you store on a different geological location - at a friend's place for example.
- Keep it Tidy. Admittedly this has more to do with my OCD than real security but it makes working with your computer so much nicer. Work with a clear directory structure. Tidy up your downloads directory from time to time, remove what you don't need any more, move images to the images directory, music to the music directory, etc. In the my documents directory create sub-directories for different projects or types of files. Work with archive directories for older files that you do not need any more. All of this makes it much easier to find what you are looking for, makes sure the backup isn't copying lots of junk each time, gives you more space to store files you actually need and provides an overall more pleasant experience using your computer.
Recovering from a virus or slow computer
The only way to 100% recover from a virus is a reinstall. You can always try cleaning your computer, using the different tools to go through all the system files and fix everything step by step but you can never be sure you got everything out and this poses a major security threat to your computer.
Copy all data to an external disk - including everything from your C drive (windows installation) so that you are certain you are not missing any data. Run either the full recovery option if your computer supports it (most laptops do) or boot from the windows cd. Choose an advance install, delete all partitions, recreate 2 partitions and full format them. Then install windows on the C drive. After installing move your user folders (my documents, images, downloads, music, videos) to the second partition. If you are uncertain about anything or all of this let someone else do it, everyone knows some geeky kid who knows how to setup a computer properly.
Also note that most new computers and computers after a full recovery are often severely bogged down with a whole host of applications that are really not needed by most users. De-install anything you do not need, this includes Windows features. Again, if you are in doubt, ask someone who knows.
Comments