Skip to content

Be Safe– Please: The Top 4 Computer and Internet Security Flaws

April 2, 2011

I’ve been working in the IT Desktop Support department at my university. What the mainly means is that we troubleshoot all of the campus-owned computers, all of the campus-related internet issues, and basically maintain the technology that flows in and out of the school.

Now, I’m definitely an above-average technology user. I’ve known this for some time, because I’ve spent quite a bit of time around technology in general and computers in specific. I know that my troubleshooting skills and my general knowledge of technology are greater than your average Joe user.

But it wasn’t until I started working in IT that I really began to comprehend what a difference there is.

Setting aside the advanced technical knowledge that only comes from computer maintenance (read: poking around in a computer’s guts 🙂 ), there are a number of things many users simply do not know which are fundamental to maintaining a secure technological experience. So these are a few things you can do to keep your computer happy.

1. Set a strong, secure password.
This is the number 1 security tip for a reason. Just recently I was performing maintenance on the computer of a friend’s sister. After restarting, I was about to ask for the password with which to log onto the computer again, when I realized that there was no password! When I asked about it, she said, “Well, I figured that if anyone really wants to get onto the computer, a password isn’t going to stop them.” That’s only partially true.

A password serves two purposes. The first purpose is the one that people usually think of: if I have a password, then others can’t access my data and files. It’s true that there are ways in which a person can crack a computer with a certain program or security vulnerability which make a password useless. However, that kind of cracking takes at the very least a program on a CD, which implies malice and forethought, as well as possession of the computer for a certain length of time in which the security is cracked. If the person can get a hold of your computer for that long, then you need to take a look more at the physical security of your desktop or laptop.

The second purpose is what can be said of flimsy locks: they keep honest people honest. Perhaps a nosy family member or co-worker finds your laptop sitting unused. The temptation to look at your pictures, word documents, and other files is easily stymied if they see a password and know they can’t log onto the machine.

So, the best way to keep your machine secure with a password is two-fold. First, the password has to be strong. Think of it as the possibility of guessing your password. Obviously, a one-character password has 26 possibilities in terms of letters, 10 in terms of numbers, and less than a dozen other possibilities in terms of other allowed characters in passwords. In turn, then, increasing the amount of characters will exponentially increase the amount of possibilities which someone would have to guess in order to crack the password. This possibility decreases even more if the password combines letters, number digits, and symbols if possible.

The second aspect of a strong password is that it should be memorable to you, but not so much that it is obvious to another– especially if you use a password hint. Regardless of how strong a password might be by combining the numbers and letters of a street address, it becomes instantly nullified by anyone guessing phrases which would have significance to the user. The other caution is that it should be a password which is memorable enough in that you do not have to write it down, or can keep the written copy safe and secure as well. The greatest password is easily foiled if discovered in some other fashion, in which case the data is compromised if not protected by other measures.

Additionally, it should be noted that even one extremely strong password can fail, and it is advisable to have multiple strong passwords to be exchanged at least every few months. Even if one is compromised, you always have backups upon which to fall in times of need.

2. Install and maintain security programs.

This is another extremely important aspect of computer security, and possibly the most often neglected by basic users. What probably causes this neglect is the fact that many systems come with an anti-virus program, such as McAfee Security or Norton Anti-Virus, pre-installed. With this installation comes something like a 3-month trial subscription. For a program such as McAfee or Norton, this subscription isn’t necessary to be run, but is no less necessary to have, as without a subscription the virus definitions will go out of date. Very soon afterward, the program protects against only outdated threats, and will allow in any threat that wasn’t included in a previous definition. Users will continually hit the “Remind me later” button, when the program asks for an extension of the subscription, and the program quickly becomes not only useless, but a useless program which continues to use resources– which, in the case of most anti-virus programs, is a large amount of resources.

The best course in maintaining security programs is to find a free program which will automatically update itself without requiring a paid subscription. As well, it used to be the case that different programs would protect against viruses, while other protected against spyware threats, and others would be needed for trojans, worms, and other miscellaneous threats. Now, it is usually the case that programs will protect against multiple threats, but this is not necessarily true. Having two main programs which deal with threats is usually the best defense setup, though there are some known interactions between defense programs which cause errors. For example, having Norton Anti-Virus as well as Microsoft Security Essentials will cause errors, one of which is in infinitely loading web-page in any browser, an error which can be solved by uninstalling Norton Anti-Virus.

The recommendation of this article, at this time, is to download the free program Microsoft Security Essentials at http://www.microsoft.com/security/pc-security/mse.aspx . This program protects against a variety of malicious programs, provides real-time scanning (evaluating files as they are accessed by other programs), and is a small program which uses far less in the way of resources than other programs. If you feel that you need additional security, or wish to have another program as a back-up, Malwarebytes’ Anti-Malware program, which can be downloaded for free from a variety of websites, such as this one: http://majorgeeks.com/download.php?det=5756 .

Many programs have automatic updating of their definitions– however, users should also make a habit out of checking the program for updates, additional security options, and features such as automatic scanning of the full system hard drive(s).

For more internet-related security, there is a specific program by AVG called LinkScanner. In conducting Google, Yahoo!, or Bing search engine searches, there will be either a green star or a red X next to the links provided, which tells you whether the site is trusted or not. Though I don’t know much about the reliability of the scanner and how many sites it currently has listed, it’s a generally used IT tool which can give some guidance on website trustworthiness. You can download it for free at http://linkscanner.avg.com/

3. Updates to the system are critical

Regardless of the type of system, the operating system (so long as it’s still supported *cough*Windows95*cough*), and the other programs installed on the machine, a computer needs updates. It’s a fact of life. New interactions with other programs, old vulnerabilities finally discovered; there are a myriad of reasons to release a patch or an update, and operating systems are notorious for constantly receiving updates. A staple of computer culture is the “Updates are needed” message in the Windows system tray (the lower-right corner of the screen).

It’s true that updates come frequently and in large batches, and it can be annoying to continually download and install packages for software you had hoped would work in the first place. However, that annoyance makes the updates no less necessary for the well-being of your machine.

4. Internet Use

The majority of time on personal computers these days is spent on the internet in one form or another. Other than certain games and applications which connect to the internet for interaction between multiple people, we access the internet as directly as possible; that is, through our web browsers. Of course, there are a variety of web browsers, and new and innovative browsers are being released at a furious pace. The Mozilla Foundation’s opensource web browser Firefox is a popular choice, while Windows comes bundled with some version of Internet Explorer, and Apple of course supports their own Safari browser, while Google has released Google Chrome as a stand-alone precursor to its upcoming Google Chrome OS. Opera Software has also released the Opera Browser, which is quite customizable and standardized towards minimalism.

Now, much of what its good about these browsers is shared. No browser will be without a tab allowing you to review and erase your browsing history, and of course none will block you from viewing things (other than malicious sites, as per above) that others won’t. However, there are some important differences.

Microsoft’s Internet Explorer has a fairly bad reputation, and in this case it’s for a reason. Whether the company was slipshod in its programming, or the team working on it ran out of time and budgetary allowances, the many versions of the program have been plagued with security vulnerabilities, bad user interface choices, and a lack of many features which were only provided long after other browsers had found them. Some of these problems have been alleviated in the latest release of IE, and i’m sure they will continue to be worked on, but I would recommend this browser only as a last resort or as the browser which allows you to download something else when you first purchase a new or refurbished Windows computer.

In terms of functionality, Opera, Google Chrome, Firefox, and Safari are all roughly equal in that they are far more secure than IE and will allow a smooth web-browsing experience. My personal preference at this time is Google Chrome, but the Mozilla Foundation has just released Firefox 4, which looks to be promising. As well, I don’t have much personal experience with the Opera browser, but by all indications it is a solid choice. If it comes to making this type of decision about your web browser, the choice is contingent on your preference in aesthetics and small user interface differences which speak to your personal browsing experience.

However, internet security in terms of browsing does not end at the choice of a secure browser. Those seeking to obtain more complete security need to also deal with a service called the Tor network, and anyone with a wireless network at home should have some form of security on their router.

The Tor network is an onion routing network– in essence, a user within the Tor network is much harder to trace back to their location and particular IP address. The advantages of this should be apparent, especially when dealing with sensitive information and websites. The most convenient use of the Tor network is the Vidalia Bundle, which installs both the Tor software and the Vidalia management software. The Vidalia Bundle can be found at https://www.torproject.org/projects/vidalia.html.en

As for home networks, the common mistake that many users make is to simply set the router up and go. Having internet access means it works, right? Well, yes, but there’s a bit more to it than that. On an out-of-the-box network such as that, it’s going to be unsecured– anyone can access your router’s wireless signal. Beyond the obvious use of your internet connection, an experienced user can find a way into a router, allowing them to access the data which you and other members of your home input and output on the network. With information such as bank account numbers and passwords to different websites, that can easily lead to a downward spiral towards identity theft.

With these types of careful browsing and use of computers, it is easy to keep free from the majority of threats. By observing these practices, the main body of mistakes can be avoided and a safe and interesting time can be had.

Questions, comments, concerns? Leave a comment below, and have a great day!

Advertisements
One Comment leave one →
  1. chris permalink
    April 2, 2011 8:25 pm

    All of these are very good ideas, I will admit that I don’t go to the extreme of changing my password every few months, but the one i’m using is fairly long and utilizes letters and numbers along with a certain twist. Again, great post, hopefully many people will take the time to read this and will implement some of these strategies to make their computers safer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: