Basic Security (See also Help 13 for more detail)



Index Page  Index Page Click on >> SITE MAP
 
Next Page Search Engines (Browsing)  
Staying safe on the Internet requires some help from you

Password Keepers.
We all know what a pain passwords are..  They are supposed to be complicated and all different and not written down !  They must joking !  But there are such thing as password keepers, which will fill in the appropriate password for you. Some are better than others. Dashlanre is excellent but their free version is limited to 50 passwords and one machine.  The Premium one is £40 a year or £60 for all the family. Lastpassis around £30 a year for... the famiily version is more like £40.  But you can try any of them free.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         any of them free.

See what Microsoft says

and https://www.microsoft.com/en-us/wdsi/products/scanner

But what anti virus product should you use ? I use Avast free but these days with most AV products you must expect constant badgering to load the paid version. 

One of the popular one is Avira but the following sad article by Bob Rankin casts severe doubts about this software.

He says ....In addition to the free Antivirus they offer three packages up to $99.99 per year for the all-inclusive Prime bundle. I won’t go into the differences between them because my recommendation is to avoid all paid Avira products.

Here's why:

I spent four hours trying to compare the free versions of Avira antimalware products to their subscription counterparts. There was no difference between them that is worth buying. The rest of my time was wasted on installing and uninstalling this new type of SAAS (Software-as-a-Service) which I've decided to call “Software-as-a-Suffering."

It is better to rely on Windows 10’s built-in Windows Defender than to install the even more limited Avira Antivirus.Even the trial Prime version of program takes 5Gb and if you want to uninstall it, they make it impossible.  It took over one hour just to uninstall Avira Prime - and when I rebooted, it came back!
I turned to iObit’s powerful Uninstall utility,(worth having - KP) which revealed it had added over 400 keys to my registry. Even after uninstalling “Avira," there remained six more Avira apps taking up 2.9 GB of space and cluttering my registry with over 200 more keys. 

When I thought I was finally rid of Avira, I rebooted my PC. Moments after I logged in, all of Avira’s apps appeared again, along with four startup processes that ran in the background. I finally gave up and used System Restore to return my PC to a time before it was traumatized by Avira. Always create a safe Restore Point before installing any new software!

The Facebook Scare.  Much has been made of the fact that a company has admitted using details of Facebook users to help marketeers, including those trying to influence elections.  But Facebook has been a popular and useful tool for over a billion people worldwide, so it seems over the top to 'throw the baby out with the bathwater'.  Many people will continue to use it, whilst being wary of subsequent marketing. Facebook has also issued instructions as to how to try to limit the reach and exposure of your Facebook.  Remember that, as it stands, not only can people see your details but also the details of your Facebook friends.  Don't believe me?  Just click on one of their images and on the images of THEIR contacts and so on.  In fact Facebook admits that you can search the WHOLE of their clientèle's for subjects that might interest you.  Scary !  So, Facebook is now allowing you; telling you, to look at your settings and add what limitations you wish.

Someone said "Data is the new oil". They mean that getting information about you enables you to be sent marketing material.  So, who does it ?  Well, almost all social networking sites do : Facebook, Twitter, Instagram, Google and so on.  One such, MoviePass, admits that.....

" Editor’s Note: Because of the wide pickup of this article’s section on MoviePass data collection, I have expanded the quote from Mitch Lowe: “We get an enormous amount of information. Since we mail you the card, we know your home address, of course, we know the makeup of that household, the kids, the age groups, the income. It’s all based on where you live. It’s not that we ask that. You can extrapolate that. Then because you are being tracked in your GPS by the phone, our patent basically turns on and off our payment system by hooking that card to the device ID on your phone, so we watch how you drive from home to the movies. We watch where you go afterwards, and so we know the movies you watch. We know all about you. We don’t sell that data. What we do is we use that data to market film.”

As hackers get more sophisticated (or just pay for methods of hacking) you may feel it is necessary to tighten up your passwords. You can get a password program that should keep your passwords safe and enter them for you (such as Dashlane or Lastpass).  But there is a lot of talk about 2FA and 2SV (two step authentication or two step verification). Guru Graham Cluley discusses these at length HERE  He also goes into detail how to set up 2SV if you have a Google Account.  Personally, I find the idea of waiting for a code so I can do something to be a bit of a bind and wish there was a simpler way to protect my computing.

In fact Google (and Gmail) is very hot on 2FA and offer various alternatives.

Two step verification with Google (and Gmail)
Get codes via text message
Google can send verification codes to your mobile phone via text message.

Backup phone numbers
Add backup phone numbers so Google has another way to send you verification codes in case your main phone is unavailable.

Want a phone call instead?
Google can call your cell or landline phone with your verification code.

Backup codes
You can print or download one-time use backup codes for times when your phones are unavailable, such as when you travel.

No connection, no problem
The Google Authenticator app for Android, iPhone, or BlackBerry can generate verification codes. It even works when your device has no phone or data connectivity.

Register your computers
During sign-in, you can choose not to use 2-Step Verification again on your computer. We'll still ask for codes or Security Key on other computers.

Keep your account even more secure
Instead of using verification codes, you can insert a Security Key into your computer's USB port for even more protection against phishing.

There are, of course, other  alternatives to passwords. e.g. Facial, iris or fingerprint recognition.  I first read about iris recognition in a Dan Brown book about ten years ago.  They found a body with one eye missing !  Then, more recently, I heard that the police were at a morgue taking the fingerprints of the body of an iPhone user !  Dan Brown was ahead of his time.

*******************

Internet Guru Bon Rankin doesn't spend much on security software.  To quote him in 2016 : Free Antivirus Programs. For the past few years, I've been using the free version of Avast Antivirus, with an occasional scan using MalwareBytes AntiVirus, and this combo has served me well. Advanced SystemCare (free or Pro) cleans, optimizes, and protects very reliably. But I have just read it is the product of a Chinese company and other programs suspect it of containing malware. It has never troubled me and I actually pay for several copies.  CCleaner (free or Pro) is another tool that I've mentioned several times on this site. I also recommend Privazer, (as described by Bob Rankin here) is a tool packed with utilities to keep your PC in top shape.

But to see what the UK government suggests see https://www.cyberaware.gov.uk/

A version of Ransomeware is called Petya or similar words.  If you wish to read the full story of this version please click on the Sophos site HERE

Sophos also offers a free anti virus software (but insists that you get rid of all your current anti malware programs)

Sophos also offers a free malware clearances tool which can be downloaded from HERE

Stolen data.  The Europol Cybercrime unit says "We have seen an increase in the misuse of wi-fi, in order to steal information, identity or passwords and money from the users who use public or insecure wi-fi connections,"  and warns people not to use public wi-fi, such as trains and cafes when communicating things such as bank data.

After several years relying just on Microsoft Security Essentials for anti virus protection I have reverted to Avast Free.  Since I last used Avast it has introduced some useful extras. e.g. It suggests which of your programs have available updates and updates them with a click on each (without the common risk of being diverted to other software). It enabled the creation of a virus free Rescue disk (in case you still get some infection) It does a browser cleanup of the add-ons that have crept in. Also it makes accessing your PC from elsewhere more easy. The paid versions do even more, of course. And you can be sure it will send you advertising pop-ups at least one a day !

Leo Notenboom gives sensible advice and, like me, doesn't go overboard - or pay for - his security software.  His articles on the subject suggest the sort of thing you should have and it includes, Microsoft Security Essentials, plus a number of other free programs to be run if you think you have a problem.  Like me he prefers Antimalwarebytes and Spybot Search and Destroy and cleans up rubbish with Ccleaner and defrags with Defragler and, like me, he does NOT go in for Security Suites, especially the paid ones that are often added to new machines. When doing a virus check he also uses Microsoft Rootkit Revealer and boots from Windows Defender Offline tool (not just Windows Defender, which is already installed on most machines. You need to make a CD of this on a clean machine.

Sunday Times suggests ways of creating complex but memorable passwords.  They suggest the first letters of a memorable sentence.  So that might be "I like to go to Spain in the Winter"  which becomes  IltgtSitW.  Passwords are usually case sensitive so note the capitals. To make it more difficult you can use the same phrase but add a couple of extras at the beginning or end. One bank's password could be B1IltgtSitW. A second bank could be B2IltgtSitW. Amazon could be AIltgtSitW.  Adding numbers or even symbols like @ or ? can strengthen it further. Lastly (and I do this) you can keep all your passwords in a passworded program. See www.lastpass.com

Microsoft have brought out a 'Safety Scanner'. It is around 67 Mb and expires every 10 days, so has to be renewed if you wish to run it again later.  It is just another asset to your armoury and can be downloaded from http://www.microsoft.com/security/scanner/en-us/default.aspx

This site gives a safety rating for websites (like mine). http://www.mywot.com/en/scorecard/www.silverhairs.co.uk  But you can enter the name of ANY website to see how it is rated.

Security Tip : Anything with a serial number, such as a mobile phone, a laptop, a bike or an mp3 player, will have a serial number – this can be entered into the National Property Database through www.immobilise.com . If the registered item is lost or stolen then recovered by police, officers can search the database and reunite you with your property. Items can also be postcode marked with UV pens or SmartWater.  Checkmend www.checkmend.com/uk works closely with the immobilise site. For a small fee you can check whether an item (like a mobile phone) has been stolen. They also sell various security devices such as labels to attach to phones or electronic tracers for bikes.

I find the help site by Leo Notenboom https://askleo.com  useful. If you register he will allow you to download a useful PDF file on keeping your PC safe on line. Or you can enter any question. It will first check whther he has covered the same question previously.

A report has shown that many people are using old versions of web browsers, some as old as Internet Explorer 4 (!) The current version is 11 but Microsoft are busy trying to get you to use Edge (version 89.0.774.45).  Anyone not using the latest Browser version and its updates are vulnerable to malware and spyware infections. That is usually what the updates are for, although they may also add features.

The size of security downloads these days (M'soft and Antivirus) must put off an awful lot of people if they have a slow connection.  Recently I had to update a laptop with 42 security updates on a slow connection. It took hours. Programs such as Zone Alarm Free (firewall) are now 27 Mb and frills like Quicktime and iTunes  updates are as much as 65Mb.

Some people will say " Well I only use it for the occasional e-mail". If so, they are not on line long enough to get the security updates that are so essential these days - and are thus prone to virus infection and doomed to face endless trouble just to stay on line (and likely to infect others). It is a shame, but that is a fact. I think the answer for them MUST be to get a tablet computer.  Fewer downloads and a much faster connection. Forget Windows altogether.
Lately I have found that the Windows updates are very slow, require reboots and sometimes fail to complete (without informing you or giving an explanation). If I want quick answers it is back to the iPad. But I still use Windows for real work.

The background to the security threats

There are said to be several thousands of malware programs created every day but most do not make it 'into the wild'.  Why do people do this ?  Well, there are two main groups malware creators. The first is the geeky 'hoodie'; the same people who would pull down a sapling, deface a wall with grafiti, or throw a beer can down in the street.  They are the ones who get a kick out of being able to say "I did that". But the other group are the real threat.  They are after money and, if you are sitting in a grotty town in Siberia or The Ukraine it can be very tempting.  There is a lot of money to be made if you can get behind the (weak) defences of the world's personal computers. It is now the domain of criminal gangs who can afford to purchase the best ways to do this. They can 'infect' millions of computers and control them in something called a 'Botnet'.  They can then use these computers to distribute spam (though I find it difficult to know how spam pays - but apparently it does.  They can blackmail companies by threatening to overload their systems.  They can filch credit card and bank details (though there are other, less sophisticated, ways to do this). They can scare people into paying for software to clear viruses that either don't exist or which they, themselves have planted. You are probably familiar with the phone call which purports to be from Microsoft and telling you they have found your machine has an infection. They suggest you pay for them to take over your machine and promtly get your payment details and infect your machine into the bargain! A double whammy ! What is more they are becoming more sophisticated with what they do.  Anti virus software must be kept up-to-date daily to keep pace with this flood.  If yours doesn't, then you and your PC are vulnerable.

Definitions

Malware.  A general term for any harmful program

Viruses. Software (programs) that get onto your computer with the intention of causing trouble. They take various forms. They are mostly written by people trying to prove they are clever with computing. Some have the intention of stopping a website working by inundating it.

Adware  Advertising which is sent to your computer without your agreement but more often a marketing tool. See Spyware.

Anti Virus program. One which is resident in the memory of your computer which is alert to viruses and can stop, clear or quarantine viruses which it recognises from its data file

Anti Spyware /Adware program.  One which will clear spyware from your machine, when run

Cookie .  A small text file of unintelligible letters and numbers, which is used by honest and dishonest organisations to send information to them. When you agree to your details being kept, so you don't have to re-enter them, they are kept in a Cookie. But if you would prefer to clear cookies regularly you should turn off Browsing History in your web browser. In Firefox the setting is under Tools, Options, Privacy.  In Internet Explorer, Tools, Internet Options, History, History.

Dialers or dialers. A method by which your dialup number is changed without your knowledge so it telephones a premium number in this country or abroad. This may or may not be linked to pornographic sites.

Firewall.  Software or hardware that makes your computer invisible to unwanted outsiders.

Identity Theft. When you finally dispose of your computer you are advised to wipe the hard disk clean.  Otherwise people may find your details, even though you have deleted them. Many recycled computers are sent to third world countries to help them. But you do not want them to help themselves to your bank account !  If you lose a phone, Pad or laptop which has your details on there, change all your passwords immediately. And don't forget to wipe any hard disk you are disposing of: see Piriform at http://www.piriform.com/ (Recuva advanced) for a tool to do this.

If you, like me, hate to take perfectly good equipment to the tip, another thing you can do is install a copy of Ubuntu. It will wipe all your current data and Windows programs but will make the machine safe and useable, with its installed software and internet access.

Keylogger. A program (usually installed by a virus) that keeps a log of your keystrokes so that someone can retrieve this information later, usually with the intention of finding your (bank ?) passwords.

Phishing  A scam which specifically uses a false e-mail or website (which may look like your bank) with the intention of obtaining information to rob your bank, building society, credit or debit card accounts accounts.

Popups  Small screens which appear on top of the main page usually advertising something.  But can be associated with Malware

Popup Stopper.  A program that stops unwanted popups

Scams. Various criminal methods used to try to obtain money or goods from you

Scareware. Software that claims to detect viruses on your computer then suggests software to clear them - usually costing $39

Spam    Unwanted advertising that is sent to you as emails

Spyware Often linked to Adware but with the intention of reporting back to someone or an organisation as to your activities Usually kept in the Cookies folder.

Temporary Internet Files. Records of your visits to various websites.  The original intention was to make a repeat visit to the page open more quickly but, frankly, they are a nuisance, using space on your hard disk.

Trojan. A program lurking on your PC ready to open the gates from inside, Trojan Horse style.

Should you care and, if so, what should you do?

It IS important to address these issues to ensure that you don't pay out cash unnecessarily but also to help prevent the breakdown of what is an important communication medium.  Doing nothing to safeguard your machine will make you very unpopular with the people your virus is passed on to.

Mind you, your Internet Service Provider (ISP)  and Microsoft have some responsibility, too.  The quality of the protection you get varies enormously. Why some ISPs can provide effective spam filters and others don't is difficult to imagine. Should you put up with any ISP that has let through malware of any kind?  In this day and age it is just not on. So why have I just come back from hours of work getting rid of Trojans on Tiscali and NTL machines? When asked "How did they get on there ?" I was unable to say.  Without protection it is very easy to get infected. In fact, I will guarantee it.

So what should you do? Apart from being vigilant it is ESSENTIAL that you ensure that your machine is protected against these unwanted intrusions.  To do this you need at three types of software. See above (January 2010).

1) Anti Virus software
2) A Firewall (Windows has its own)
3) An anti spyware program
4) If you use Internet Explorer get Mcafee's WebAdvisor http://www.siteadvisor.com/download/ie.html. But don't trust its site ratings implicitly

You may also like to use spam blocker and a popup blocker. Whilst these are not normally a security issue they are annoying and, if you get many popups, it MAY mean you have a Trojan lurking in there. Worst of all, clicking on a popup may then install the nasty software.  It is regularly used as a marketing technique by very dubious companies.  Once installed this type of software requires considerable skill to clear it out.

Because viruses and spyware are constantly changing the preventative software needs to be regularly updated.

What software should you get ?

NB. Microsoft has stopped supporting Windows 98 and ME amd XP platforms. No more security updates, no more technical support, nothing. You are now, officially, on your own. Guru Patrick Crispen recommends that, if you continue to use Win 98 you should be sure to have good security protection such as anti virus and firewall.  He also adds that, in his view Internet Explorer will continue to be a vulnerable Browser, he recommends that you change to Mozilla Firefox. See my Search Engines page Here 

But most people can use the excellent Spybot Search and Destroy from http://www.safer-networking.org/.You can use it free but there is a donations section.

If you are not happy with what Microsoft now offer you can buy a SUITE of software which will do all of these things  The most famous are Norton Internet Security  and Mcafee Internet Security, Zone Alarm Suite, PC-Cillin at various prices. There is an additional subscription each year.  You may occasionally see these on special offer (like half price !)

Once installed on your computer these will automatically be updated when you connect to the Internet for any length of time. These days they should update at least daily and some may update even more than once a day - just to keep up with new viruses.

You can also protect your computer with very effective free alternatives. These include Clamwin,   AVG7 Free (anti virus), Avast! Anti virus from www.avast.com (my current favourite - it just takes care of itself) Ad-aware and Spybot (anti spyware) and Zone Alarm Firewall. Each of these excellent programs can be downloaded from the internet by searching for them but they may have fewer features than the paid versions.

Windows XP, Vista and & W7, 8 and 10 all have integral Firewalls, which is normally turned on but Zone Alarm is rated higher. A thorough firewall not only stops someone 'polling' your computer (using a piece of software to scan the internet to see which computers are vulnerable) but also stops your computer sending information out.  Of course you require your computer to send out e-mail and also to contact the net, so many programs will ask you if you want to add a program to your 'exceptions' list.  You will be asked, the first time this happens, to agree (or decline) to let the program through. But if that all gets too much I think you will find that the Windows firewalls are quite sufficient.

Whereas firewalls are only occasionally updated both anti virus and anti spyware software must be, due to the fact that new threats are continually developing.

Unfortunately, it is not enough to leave everything to clever software. You can still get a virus merely by clicking on a link on your screen or in a website. The usual technique is to have a popup say that you have a vulnerable computer and click here to check it. Whether you click Yes, No or even the close X in the corner you may fall for it.  Close the screen with Ctl + W. If that fails press Shift Ctrl and Esc to access the Task Manager and close the application from there.

You can also get caught out by various scams.

The most common are

Phishing : You are told to connect to your bank site to clear up some problem and are then asked for your bank details

The pleading email : This unfortunate person is unable to get at his rightful (or even criminal) millions unless you agree to help. People who fall for this (and it is a major industry in Nigeria) are usually spurred on by greed (or debt)

The email from someone you know, who says they are stuck somewhere and have no cash....

E-mail from someone you know who suggests that you click the link below. Fortunately better e-mail software will send these to Junk.

The offer you can't refuse : You have advertised something (anywhere) and someone will kindly send a you a cheque for much more as long as you send them the difference (for one obscure reason or another). The bank clears the cheque/bankers draft etc and only reneges on it after you have sent your cheque to the miscreant. Banks do NOT take responsibility for this (even if they should).

The Freecycle item that is very tempting but suddenly to 'owner' has moved and has arranged to send you the item to you by a (non existent) delivery company.... happened to me. Pleasae print the attached form and take it to your local Pay shop

Dialers are a common ruse, if you have a dialup (not Broadband) connection. Although someone changing your dialup number without your knowledge may seem to be illegal this is difficult to prove and you will usually only find out too late.  Telecom companies will NOT reimburse you. You can ask your Telecom company to block all outgoing UK premium numbers from the number you use for the net but most charge for blocking foreign premium numbers. Broadband people, who do not dial up, are not caught out with this one. BT has now issued some software that will warn you if your computer is dialling a premium number. Such simple technology and they only just found it ! You do have to be a BT subscriber.  If you do get caught (in the UK) get in touch with whaat was ICTIC, the Phonpayplus and now called the PSAuthority They may be able to help and have the power to fine companies that use this practice.  

So, I hope you stay safe because, I can tell you, getting rid of these pesky little critters is skilled work and exceedingly time consuming..And, if you don't get rid of them you may just find that your credit card (or bank) account suddenly shows a big bill. It really does happen all the time.

Site Navigation Links :- Please click on SITE MAP


Index Page  Index Page Top of Page Next Page Next Page