New Year’s Resolutions: safer Internet usage

Celebration of the New Year is a time of looking back at the closing year and looking forward to the new year. This is often a time when we set new personal goals for improving our lives in meaningful ways.

Given how much we all use personal computing (you do if you are reading this), all of us can stand to make one or more improvements in our computing hygiene, making us safer and better off.

This article contains categories of ideas that you can choose from. Read through these and decide which of them will be best for you to adopt as a resolution.

Home computing

• Back up your data, so that you can recover it in case of theft, disaster, or other loss.
• Keep your anti-virus working and healthy.
• Configure your computer to automatically download and install security patches.
• Use an online virus scanner to scan your computer, in case your install anti-virus misses one.
• Use different user accounts for each family / household member.
• Use OpenDNS to help prevent visiting phishing sites.
• Use OpenDNS to restrict the types of sites that can be visited from your home (or office) network.
• Tune up your home firewall (which may be in your DSL router or cable modem).
• Use different passwords for each online site you log in to; use a password vault to remember your passwords.

Safe smartphone usage

• Choose a good unlock password for your smart phone. If you insist on using numeric only, use 8 or more digits.
• Set your smartphone auto-lock to 15 minutes or less.
• Keep track of where your smartphone is at all times.
• Install a “find my smartphone” app to discover its location if lost or stolen.
• Do not save any passwords on your smartphone.
• Limit your access to sensitive / valuable information (e.g. online banking) from your smartphone, especially if it is Android.

Protecting your identity

• Keep your anti-virus working and healthy.
• Check your credit report at least once per year (or, more ideally, every four months by checking your credit report for a different bureau each time).
• Be conscious of where and how you provide personal information (name, address, date of birth, etc.) to online sites.
• Resist the urge to click on links or documents in suspicious looking e-mail messages. If it sounds too good to be true, it probably is a scam.
• Carefully review all financial statements from banks and credit cards. Consider closing some accounts if you have too many.
• Get a home safe or use a bank safe deposit box to store valuables such as passports, birth certificates, seldom-used credit cards, and other valuables.
• Use a home shredder to shred documents containing sensitive or personal information.

If you feel you need to starting doing all of the above, I suggest you choose the few that are most important and establish them as good habits. Then, return to this list and choose a few more to implement. If you attempt to make too many changes at once, you might become frustrated by all of the changes and revert back to your old ways.

Include safe computing in your list of New Years Resolutions

The New Year is a time of reflection, and traditionally a time to consider changing one’s habits.

Our reliance upon computers and networks has exceeded our means to safely use and control them. Every computer user has some responsibility to make sure that their computer and use of the Internet does not introduce unknown and unwanted risks. By following these recommendations you will greatly reduce your risk to fraud, identity theft, and other risks related to Internet usage.

1. Change your passwords. Use strong passwords, which cannot be easily guessed by others, even those who know you. Do not share your password with any other person. If needed, store your passwords in a protected vault such as Password Safe or KeePass. I recommend you not use an online vault for password storage: if their security is compromised, so are your passwords.

2. Scan for Viruses and other malware. Configure your anti-virus software to scan your entire computer at least weekly. Make sure that your anti-virus software is checking for updates at least once per day. Also scan your computer with one of several online virus scanners at least once per month.

Panda: http://www.pandasoftware.com (look for the ActiveScan link on the home page)

Symantec: http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym

Trend Micro: http://housecall.trendmicro.com/

Kaspersky: http://www.kaspersky.com/virusscanner

CA: http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

3. Block spam, and don’t open spam messages. The majority of spam (unwanted junk email) is related to fraud. Spam messages advertise fraudulent or misleading products, or lure you to websites that contain malware that will attempt to take over your computer (without your knowing it) and steal valuable information from you.

4. Get a firewall. If you use Windows, turn on the Windows Firewall. Ask your broadband service provider to upgrade your modem/router to one that contains a firewall (most newer modems / routers do have firewalls or other similar protection).

5. Remove spyware. Obtain a good anti-spyware program and use it to find and remove spyware from your computer.

6. Update your software. Obtain up-to-date copies of browsers and tools on your computer, as many older versions are no longer secure. This includes Firefox, Internet Explorer, Opera, Microsoft Office, OpenOffice, Java, and other programs.

7. Install security patches. If you are using Windows, turn on Automatic Updates, and configure it to automatically download and install security patches and updates.

8. Use separate accounts on shared computers. If more than one person uses your computer, set up separate accounts for each user. Make each user an ordinary user or power user, but never an administrator. Making each user an administrator makes the entire computer more vulnerable to malware (viruses, etc.).

9. Browse Safely. Change to Firefox and use the NoScript add-on. This is the only combination designed to block the new “clickjacking” vulnerability present in all other browsers. Also consider using Flashblock (works only with Firefox) if you want to control the use of Flash content in your browser.

10. Protect your wireless WiFi network. The old an still-common “WEP” protocol designed to encrypt your wireless traffic has been broken, and is no longer safe. Upgrade to WPA, even if it means buying a new wireless access point.

11. Back up your data. All kinds of bad things can happen, from mistakes to hardware failures. If you cannot afford to lose your data, then you need to copy it to a separate storage device. External hard drives and high capacity USB thumb drives cost well below US$100. You’ll be glad you did, sooner or later.

12. Encrypt your hard drive. Mostly important for laptop computers, but also important for desktop computers. The TrueCrypt tool is by far the most popular one available, and it’s free. If you don’t encrypt your data, then anyone who steals your computer can (and will) read all of your private data.

13. Check your credit reports. Fraud and identity theft can result in thieves opening new credit card and loan accounts in your name. They run up a balance and then never pay the bill, making that your problem instead. Consider a credit reporting service as well, which will alert you to inquiries and changes to your credit accounts, limits, and balances.

Annualcreditreport.com

Federal Trade Commission information on free credit reports

Equifax

Experian

Transunion

Recommended Tools:

Secunia Personal Software Inspector – free tool that examines your computer and alerts you to all of the unpatched and older versions of programs that need to be upgraded.

Password Safe – safe and secure storage of all of your Internet passwords. Also remembers userids and URLs.

NoScript – the only way to control third-party javascript and clickjacking. Works only with Firefox.

TrueCrypt – safe and free encryption of your PC’s hard drive.

Clean out your old programs

Previous tip | Next tip

Take some time to remove old programs that you no longer use, and upgrade the programs and plug-ins you do use to current versions. In Windows XP, go to My Computer > Control Panel > Add or Remove Programs (in Vista it’s slightly different) and remove each program you no longer need. Maybe you have old toolbars and other things you tried out but didn’t like. It’s a good idea to just get rid of them here.

Consider getting a copy of Secunia Personal Software Inspector (PSI). This nifty program will look at all of your installed programs and tell you which ones are old and unsecure. PSI will also tell you what patches are needed on your system.

Get PSI here: psi.secunia.com

Make a new year’s resolution: safe computing

I have an idea for a New Year’s resolution this year. You’ll still be able to eat what you want and walk by the bathroom scale with no pangs of guilt, and you can leave your mess in the garage and the junk drawer so full you can barely open it.

Make your computing safer in 2008. This is a lot easier than you think. You’ll be protecting yourself against potentially painful experiences such as credit card fraud and identity theft.

Follow these steps. In some cases, I’ll link you back to tips I’ve written in the past couple of years.

1. Protect your computers with a firewall. You might have a firewall already and not know it – your DSL or Cable modem may have a firewall built-in. Look on the label to see what kind of device you have. Log in to your Internet provider’s web site and check whether your modem has a built-in firewall. If it doesn’t, ask to be upgraded.

You can also install a personal firewall program on each PC in your house. If you have Windows XP or Vista, a firewall is provided with Windows but you need to activate it.

Instructions: Activate Windows XP firewall. Activate Windows Vista firewall.

Or, you can install Zone Alarm or Comodo firewall. Both are easy to install and use.

Zone Alarm: www.zonelabs.com
Comodo: www.personalfirewall.comodo.com

Test your firewall to see if it is working: Site 1: (www.auditmypc.com), Site 2: (www.grc.com/) (You can consider these to be trusted web sites).

2. Get the spyware out and keep it out. Spyware is used to snoop on your PC and Internet usage – most people find it offensive and a violation of their privacy. Install one or more of the following anti-spyware programs. Scan your computer now, then scan monthly after that.

Spybot: www.safer-networking.org
Spyware Blaster: www.javacoolsoftware.com
Microsoft Defender: www.microsoft.com

3. Keep your PC’s security patches up to date. Failure to install security patches is a major cause of computer break-ins, especially for home computers, most of which are not protected by firewalls. I recommend you take a look at your Windows Automatic Updates setting and change the settings so that security patches are downloaded and installed automatically (if you are more of a “hands on” computer user, then you should set Automatic Updates to automatically download security patches and then inform / ask you to install them).

Install patches now (www.update.microsoft.com) (you must use Microsoft Internet Explorer for this)

Instructions: Configure Automatic Updates for Windows XP. Automatic Updates for Windows Vista.

4. Make separate user accounts for shared computers. If any of your computers are shared among family members, make separate user accounts for each user. Put passwords on each account and do not share your passwords. Make only one account an “administrator” (you – since you are reading this!) and make all other users a “Limited account”. Turn off the Guest account.

When a family member is done with the computer (even for a minute), get everyone into the habit of locking the screen, which requires a password to unlock. Click here for instructions.

5. Change your Wireless network to WPA. I have written in the past about how the old wireless WEP protocol is no longer safe. You need to upgrade your WiFi access point and the computers in your house that use WiFi from WEP to WPA. The WEP protocol that is still the default on most WiFi access points and routers can be easily broken by any clever computer user with a few simple tools.

Instructions: upgrade your router and computers from WEP to WPA.

6. Clean out your old programs. Take some time to remove old programs that you no longer use, and upgrade the programs and plug-ins you do use to current versions. In Windows XP, go to My Computer > Control Panel > Add or Remove Programs (in Vista it’s slightly different) and remove each program you no longer need. Maybe you have old toolbars and other things you tried out but didn’t like. It’s a good idea to just get rid of them here.

Consider getting a copy of Secunia Personal Software Inspector (PSI). This nifty program will look at all of your installed programs and tell you which ones are old and unsecure. PSI will also tell you what patches are needed on your system.

Get PSI here: psi.secunia.com

7. Learn more about safe computing. Order a copy of Computer Viruses for Dummies – this is a smaller-format Dummies book that talks about Viruses and also spam, spyware, firewalls, and other steps you need to take to make your computer safer.

Purchase hardcopy from Amazon.com

Purchase e-book