|
|
How to Secure Your Windows Computer and Protect
Your Privacy -- with Free Software
An Easy Guide for the Windows User
By Howard Fosdick
Fosdick Consulting Inc.
© 2008 February 28 | Version 1.2
Download
this information as a PDF.
Distribution: You may freely reproduce and distribute
this guide however you like ­ but you may not change its
contents in any way.
This product is distributed at no cost under the terms of the
Open Publication
License with License Option A --
"Distribution of modified versions of this document is
prohibited without the explicit permission of the copyright holder."
Feedback: Please send recommendations for improving this
guide to the author at email address "ContactFCI" at
the domain name
"sbcglobal.net". Disclaimer: This paper is provided
without warranty. Fosdick Consulting Inc. and the author accept
no responsibility for
any use of the data contained herein. Trademarks: Al trademarks
included in this document are the property of their respective
owners.
About the Author: Howard Fosdick is an independent consultant
who works hands-on with databases and operating systems. He's
written
a couple hundred articles and several books. He's presented at
conferences, founded software users groups, and invented concepts
like
hype curves and open consulting.
Acknowledgments: Thank you to the reviewers without whose
expert feedback this guide could not have been developed: Bill
Backs,
Huw Collingbourne, Rich Kurtz, Scott Nemec, Priscilla Polk, Janet
Rizner, Kate Robinson, and others who prefer anonymity. Thank
you
also to the Association of PC Users (APCU), Better Software Association,
BitWise Magazine, IBM Database Magazine, and UniForum.
-1-
Do you know that --
Windows secretly records al the web sites you've ever visited?
After you delete your Outlook emails and empty the Waste Basket,
someone could still read your email?
After you delete a file and empty the Recycle Bin, the file stil
exists?
Your computer might run software that spies on you?
Your computer might be a bot, a slave computer waiting
to perform tasks assigned by a remote master?
The web sites you visit might be able to compile a complete dossier
of your online activities?
Microsoft Word and Excel documents contain secret keys that uniquely
identify you? They also collect
statistics tel ing anyone how long you spent working on them
and when.
This guide explains these ­ and many other -- threats to
your security and privacy when you use Windows
computers. It describes these concerns in simple, non-technical
terms. The goal is to provide information
anyone can understand.
This guide also offers solutions: safe practices you can fol
ow, and free programs you can install. Download
links appear for the free programs as they are cited.
No one can guarantee the security and privacy of your Windows
computer. Achieving foolproof security
and privacy with Windows is difficult. Even most computer professionals
don't have this expertise.
Instead, this guide addresses the security and privacy needs
of most Windows users, most of the time. Follow
its recommendations and your chances of a security or privacy
problem wil be minimal.
Since this guide leaves out technical details and obscure threats,
it includes a detailed Appendix. Look
there first for deeper explanations and links to more information.
Why Security and Privacy Matter
Why should you care about making Windows secure and private?
Once young "hackers" tried to breach
Windows security for thrills. But today penetrating Windows computers
yields big money. So professional
criminals have moved in, including overseas gangs and organized
crime.
Al intend to make money off you ­ or anyone else who does
not know how to secure Windows. Security
threats are increasing exponentially.
This guide tel s you how to defend yourself against those trying
to steal your passwords, personal data, and
financial information. It helps you secure your Windows system
from outside manipulation or even destruction.
It also helps you deal with
corporations and
governments that breach Windows security and your privacy
for
their own ends. You have
privacy if only you determine when, how, and
to whom your personal information is
communicated. Organizations try to gain advantage by eliminating
your privacy. This guide helps you defend it.
The Threats
Windows security and privacy concerns fal into three categories
--
1. How to defend your computer against outside penetration attempts
2. How Windows tracks your behavior ­ and how to stop it
3. How to protect your privacy when using the Internet
The first two threats are specific to Windows computers. The
last one applies to the use of any kind of
computer. These three points comprise the outline to this guide.
-2-
Outline
1. How to Defend Against Penetration Attempts . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 5
1.1 Act Safely Online . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 5
1.2 Install Self-Defense Software . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 5
Firewall
Anti-Virus
Anti-Malware
Anti-Rootkit
Intrusion Prevention
1.3 Keep Your Programs Up-to-Date! . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
1.4 Test Your Computer's Defenses . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8
1.5 Peer-to-Peer Programs Can Be Risky. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.6 Don't Let Another User Compromise Your Computer . . . . .
. . . . . . . . . . . . . . . . . . . . . . 8
1.7 Use Administrator Rights Sparingly . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 9
1.8 Use Strong Passwords . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 9
1.9 Always Back Up Your Data . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 10
1.10 Encrypt Your Data . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 10
1.11 Reduce Browser Vulnerabilities . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
Will Your Browser Run Anybody's Program?
Internet Explorer Vulnerabilities
1.12 Wireless Risks . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 12
2. How Windows Tracks Your Behavior ­ and How to Stop It
. . . . . . . . . . . . . . . . . . 12
2.1 How to Securely Delete Data . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 12
How to Securely Delete Files
How to Securely Delete Email and Address Books
How to Securely Delete All Personal Data on Your Computer
2.2 The Registry Contains Personal Data . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.3 Windows Tracks All the Web Sites You've Ever Visited . .
. . . . . . . . . . . . . . . . . . . . . . . 14
2.4 Windows Leaves Your Personal Information in its Temporary
Files . . . . . . . . . . . . . . . 15
2.5 Your "Most-Recently Used" Lists Show What You're
Working On . . . . . . . . . . . . . . . . 15
2.6 Product Registration Information May be Hard to Change .
. . . . . . . . . . . . . . . . . . . . . . 15
2.7 File "Properties" Expose Personal Data . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 16
2.8 Microsoft Embeds Secret Identifiers in Your Documents . .
. . . . . . . . . . . . . . . . . . . . . . 17
2.9 Chart of Tracking Technologies . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
3. How to Protect Your Privacy When Using the Internet . . .
. . . . . . . . . . . . . . . . . . . 18
3.1 Limit the Personal Information You Give Out . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.2 Don't Let Web Sites Track You . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 19
3.3 Email Privacy . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 20
3.4 Web Surfing Privacy . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 21
3.5 Search Privacy . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 21
4. Wisdom . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 22
5. Appendix ­ Further Information and Links . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 23
-3-
1. How to Defend Against Penetration
Attempts
There are many reasons someone or some organization out in the
Internet might want to penetrate your
Windows computer. Here are a few examples ­
To secretly instal software that steals your passwords or financial
information
To enroll your computer as a bot that secretly sends out
junk email or spam
To implant software that tracks your personal web surfing habits
To destroy programs or data on your PC
Your goals are to--
Prevent instal ation of malicious software or
malware
Identify and eliminate any malware that does get instal ed
Prevent malware from sending information from your computer out
into the web
Prevent any other secret penetration of your computer
1.1 Act Safely Online
Let's start with the basics. Your use of your computer --
your online behavior ­ significantly affects how easy it
is to penetrate your PC.
Practice safe web surfing. Handle your email safely.
Fol ow these tips to reduce the chances that outsiders
can penetrate your computer:
Don't download free screensavers, wal paper, games, or toolbars
unless you know they're safe.
These often come with embedded malware. If you just can't pass
up freebies, download them to a
directory where you scan them with your anti-virus and anti-malware
programs before using them.
Don't visit questionable web sites. Hacker sites, sexual y explicit
sites, and sites that engage in
il egal activity like piracy of music, videos, or software are
wel known for malware. You could get hit
by a
drive-by -- a malicious program that runs just by
virtue of your viewing a web page.
Don't open email or email attachments from questionable sources.
These might instal malware on
your system. Dangerous email attachments often present themselves
as games, interesting
pictures, electronic greeting cards, or invoices so that you
wil open them. (If you get too much junk
email, reduce it with
these free programs.)
Don't click on links provided in emails. These could direct you
to a legitimate-looking but bogus web
site designed to steal your personal information. Companies
that protect their customers don't
conduct business through embedded links in emails!
Before you enter your online account name and password into any
web site, be sure the web page
is secure. The web page's address should start with the letters
https (rather than http). Most
browsers display a closed lock icon at the bottom of the browser
panel to indicate a secure web site
form.
Don't give out your full name, address, phone number, or other
personal information in chat rooms,
forums, on web forms, or in social networks. (Section 3 on "How
to Protect Your Privacy When
Using the Internet" has more on this topic.)
The Appendix links to articles with more safety tips.
1.2 Install Self-Defense Software
To defend Windows, you need to instal software that protects
against several kinds of threats. This section
describes the threats and the software that defends against each.
-4-
Some programs provide protection
against multiple threats. But no single program protects you
from al kinds
of threats!
Compare any protective software you already have instal ed to
what I describe here. To cover any gaps, this
section recommends free software you can download and install.
It provides download links for these free
programs.
Firewall ­ Firewal
s are programs that prevent data from coming into or
leaving from your computer
without your permission. Unsolicited data coming into your computer
could be an attempt to
compromise it; unauthorized data leaving your computer may be
an attempt to secretly steal your data
or spy on your activities.
Every Windows computer should run a firewal at al times when
it is connected to the Internet.
I recommend downloading and instal ing a free firewal , such
as ZoneAlarm, Comodo Firewal
,
Sygate
Personal Firewal , or
Jetico Personal Firewal . ZoneAlarm is especial y easy to
set up, since it is self-
configuring. Find other free firewal s along with a quick comparative
review
here.
Windows ME, 98, and 95 did not come with a firewal . XP and Vista
do. However, the XP and Vista
firewal s have shortcomings.
The XP firewal s (there are actual y two versions) do not stop
unauthorized outgoing data. This is
unacceptable because if malware somehow got instal ed on your
computer, it could send data out
without you realizing it.
Vista's built-in firewal can stop unauthorized outbound data.
But it does not do so by default. This
how-
to article shows that enabling this critical feature is not
easy.
I recommend instal ing a free firewal whether or not you have
a Microsoft firewal . (It doesn't hurt to run
two firewal s.) Since the procedures for configuring Microsoft's
firewal s vary according to your
Windows version and service pack level, see the Appendix for
how to configure them.
Anti-Virus ­ Viruses are programs that
are instal ed on your computer without your knowledge or
permission. The damage they do ranges from acting as a nuisance
and wasting your computer's
resources, al the way up to destroying your data or Windows itself.
Anti-virus programs help identify and eliminate viruses
that get into your computer. Free anti-virus
programs include AVG Anti-Virus,
avast!
Anti-Virus Home Edition, and PC
Tools Anti-Virus Free Edition.
If you don't already have an anti-virus scanner, download and
install one of these, then run it regularly to
scan your disk for any viruses. You can schedule the program
to run automatical y either through its
own built-in scheduling facility or through the Windows
Scheduler.
Good anti-virus programs like these automatical y scan data as
it downloads into your computer. This
includes emails you receive and any files you download.
Anti-Malware -- In addition to viruses, there are many
other kinds of programs that try to secretly install
themselves on your computer. Generical y, they're cal ed
malware. They include:
Spyware
It spies on your behavior and sends this data to a remote computer
Adware
It targets you for advertisements
Trojans
These scam their way into your computer
Rootkits
These take over administrator rights and can
do anything to your PC
Dialers
These secretly use your communication facilities
-5-
Keyloggers
These record your keystrokes (including passwords) and send this
data to a remote computer
Botware
This turns your computer into a bot or zombie,
ready to silently carry
out instructions sent from a remote server
Since no one program identifies and removes al kinds of malware,
you need a couple in addition to your
anti-virus scanner. Free programs for this purpose include AVG Anti-Spyware, Ad-Aware
2007 Free,
Spybot
Search and Destroy, and
a-Squared Free Anti-Malware. I recommend running two anti-malware
programs on a regularly-scheduled basis.
Anti-Rootkit --
Rootkits are a particularly vicious form of malware.
They take over the master or
Administrator user rights on your PC and therefore are
very effective at hiding themselves.
Many of the anti-malware programs above provide some protection
against rootkits. But sometimes a
specialized detection program is useful. Rootkit detectors often
require technical expertise but I can
recommend two as easy-to-use, AVG
Anti-Rootkit Free and Sophos
Anti-Rootkit. Both require
Windows XP or 2000 or newer.
Intrusion Prevention ­ Intrusion
detection programs alert you if some outside program
tries to secretly
enter Windows by replacing a program on your computer. For example,
an outside program might try to
replace part of Windows or alter a program such as Internet Explorer.
Free intrusion detection programs include
WinPatrol, SpywareGuard, ThreatFire Free Edition,
and
ProcessGuard
Free. Instal one of them and it wil run constantly in the
background on your computer,
detecting and preventing intrusions.
1.3 Keep Your Programs Up-to-Date!
Al anti-malware programs require frequent updating. This enables
them to recognize new kinds of malware as
they are developed. The programs listed above automatical y check
for updates and download and instal them
as needed. (Each has a panel where you can verify this feature.)
You must also keep Windows up-to-date. In Vista, the automatic
feature for this purpose is cal ed
Windows
Update. It is on by default. You can manage it through the
Control Panel | Security | Windows Update option.
As Microsoft
explains, they have broadened Windows Update into
a facility they cal Microsoft Update. The
latter auto-updates a broader range of Microsoft products than
does Windows Update. For example, it updates
Microsoft Office. You can sign up for Microsoft Update at the
Microsoft Update web site.
In XP and Windows 2000, the auto-update feature was usually referred
to as
Automatic Updates. Manage it
through Control Panel | Automatic Updates.
Beyond Windows, you must also keep the major applications on
your computer up-to-date. Examples are
Adobe's Flash Player, Firefox, and RealPlayer. Most default to
automatic updating. It's a good practice to
verify the auto-update setting right after you instal any new
program. Then you never need check it again.
If you don't know whether your system has al the required updates
for your programs, run the free
Secunia
Software Inspector. It detects and reports on out-of-date
programs and ensures all "bug fixes" are applied.
If you need to download software updates for many programs, The Software Patch
al ows you to download them
al through one web site.
-6-
1.4 Test Your Computer's Defenses
You can test how wel your computer resists penetration attempts
by running the free
ShieldsUp! program.
ShieldsUp! tel s you about any security flaws it finds. It also
displays the system information your computer
gives out to every web site you visit. Section 3 on "How
to Protect Your Privacy When Using the Internet"
addresses this privacy concern.
Test whether your computer's firewall stops unauthorized outgoing
data by downloading the free program called
LeakTest.
1.5 Peer-to-Peer Programs Can Be Risky
Peer-to-peer
programs share music, videos and software. Popular examples
include BitTorrent, Morpheus,
Kazaa, Napster, and Gnutel a. Peer-to-peer (or P2P) networking
makes it possible for you to easily download
files from any of the thousands of other personal computers in
the network.
The problem is that by using peer-to-peer programs, you agree
to al ow others to read files from your computer.
Be sure that only a single Folder on your computer is shared
to the Internet, not your entire disk! Then, be very
careful about what you place into that shared Folder.
Some peer-to-peer programs use the lure of the free to implant
adware or spyware on your computer. Other
P2P systems engage in theft because they "share" files
il egally.
The popular PC Pitstop
web site tested major P2P programs for bundled malware in
July 2005 and here's what
they found ­
P2P Program:
Adware or Spyware Installed:
Kazaa
Bril iant Digital, Gator, Joltid, TopSearch
Ares
NavExcel Toolbar
Bearshare
WhenU SaveNow, WhenU Weather
Morpheus
PIB Toolbar, Huntbar Toolbar, NEO Toolbar
Imesh
Ezula, Gator
Shareaza, WinMX, Emule,
None
LimeWire, BitTorrent, BitTornade
The SpywareInfo web site
offers another good list of P2P infections
here.
If you decide to instal any peer-to-peer program, determine
if the P2P program comes with malware before you
install it.
You greatly increase your personal security by not getting involved
in the il egal sharing of music, videos, and
software. File "sharing" in violation of copyright
is theft. The Recording Industry
Association of America has
sued over 20,000 people for it as of mid-2006.
1.6 Don't Let Another User Compromise Your Computer
Got kids in the house? A teen or younger child might violate
the "safe surfing" rules above and you wouldn't
know it.... until you get blindsided by malware the next time
you use your computer.
This article
tel s about a couple whose tax returns and banking data ended
up on the web after their kids used
P2P networking software the parents didn't even know was instal
ed. A spouse or friend could cause you the
same grief.
-7-
If you are not the sole user of
your computer -- or if you do not feel completely confident that
your computer is
secure -- consider what personal information you store. Do you
real y want to manage your credit cards, bank
accounts or mutual funds from your PC? Only if you know it's
secure! (Read the agreements for online
financial services and you'll see that you are responsible
for security breaches that compromise your accounts.)
Some families use two computers: one for the kids and a secure
one for the adults. They use the less secure
computer for games and web surfing, and careful y restrict the
use of the more secure machine. This two-
computer strategy is appealing because today you can buy a used
computer for only a hundred dol ars.
An alternative is to share one computer among everyone but set
up separate user ids with different access
rights (explained below). Ensure that only a single user
id has the authority to make changes to Windows and
restrict its use.
Never use a public computer at a computer cafe or the library
for online finances or other activities you must
keep secure.
1.7 Use Administrator Rights Sparingly
To instal programs or perform security-sensitive activities on
a Windows computer requires administrator
rights.
When you use administrator rights, any malware program you accidental
y or unknowingly run has these rights --
and can do anything on your system.
In systems like Windows XP and Windows 2000, the built-in Administrator
user id inherently has administrator
rights. You can also create other user ids to which you assign
administrator rights.
Working ful -time with a user id that has administrator rights
makes you vulnerable! In contrast, using an
account that does not have administrator rights gives you a great
deal of protection. So create a new user id
without administrator rights and use it. Then use the Administrator
id only when necessary.
Windows Vista introduces a new feature cal ed user
account control that helps you avoid using administrator
rights except when required. This feature prompts you to enter
a password when you want to perform any
action that requires administrator rights. While entering passwords
may seem like a hassle, UAC is a big step
towards a more secure Windows. Here is Microsoft's
introductory guide on this feature.
Early Windows versions ­ ME, 98, and 95 ­ don't have
a system of access rights. Whatever user id you use has
the administrator powers. To keep these systems secure, al you
can do is fol ow the other recommendations in
this guide very carefully.
1.8 Use Strong Passwords
Passwords are the front door into your computer ­ and any
online accounts you have on the web. You need to:
Create strong passwords
Change them regularly
Use different passwords for different accounts
Strong passwords are random mixes of letters, numbers, and punctuation
(if al owed) that contain eight or more
characters:
AlbqP_1793, pp30-Mow9, PPw9a3mc84
Weak passwords are composed of personal names or words you can
find in the dictionary:
-8-
Pol y28, Bigdog, alphahouse, wisewoman2,
PhoebeJane
If keeping track of different passwords for many different accounts
strikes you as impractical (or drives you nuts!)
you might try a "password management" tool from any
of the dozen free products listed
here.
If you set up a home wireless network, be sure to assign the
router a password!
1.9 Always Back Up Your Data
One day you turn on your computer and it won't start. Yikes!
What now?
If you backed up your data, you won't lose it no matter what
the problem is. Backing up data is simple. For
example, keep al your Word documents in a single Folder, then
write that Folder to a plug-in USB memory stick
after you update the documents. Or, write out al your data Folders
once a week to a writeable CD.
For the few minutes it takes to make a backup, you'l insure your
data against a system meltdown. This also
protects you if malware corrupts or destroys what's on your disk
drive.
If you didn't back up your data and you have a system problem,
you can stil recover your data as long as the
disk drive still works and the data files are not corrupted.
You could, for example, take the disk drive out of the
computer and place it into another Windows machine as its second
drive. Then read your data -- and back it up!
If the problem is that Windows won't start up, the web offers
tons of advice on how to fix and start Windows (see
the Appendix). Another option is to start the machine using a
Linux operating system CD and use Linux to read
and save data from your Windows disk.
If the problem is that the disk drive itself fails, you'll need
your data backup. If you didn't make one, your only
option is to remove the drive and send it to a service that uses
forensics to recover data. This is expensive and
may or may not be able to restore your data. Learn the lesson
from this guide rather than from experience ­
back up your data!
1.10 Encrypt Your Data
Even if you have locked your Windows system with a good
password, anyone with physical access to your
computer can stil read the data!
One easy way to do this is simply to boot up the Linux operating
system using a CD, then read the Windows files
with Linux. This circumvents the Windows password that otherwise
protects the files.
Modern versions of Windows like Vista
and XP include
built-in encryption. Right-click on either a Folder or
File
to see its Properties. The Properties'
Advanced button al ows you to specify that al the files in
the Folder or the
single File wil be automatical y encrypted and decrypted for
you. This protects that data from being read even if
someone circumvents your Windows password. It is sufficient protection
for most situations.
Alternatively, you might instal free encryption software like TrueCrypt,
BestCrypt or many
others.
If you encrypt your data, be sure you wil always be able to
decrypt it! If the encryption is based on a key you
enter, you must remember the key. If the encryption is based
on an encryption certificate, be sure to back up or
"export" the certificates, as described
here. You might wish to keep unencrypted backups of your
data on CD or
USB memory stick.
Laptop and notebook computers are most at risk to physical
access by an outsider because they are most
frequently lost or stolen -- keep al data files your portable
computer encrypted.
-9-
1.11 Reduce Browser Vulnerabilities
As the program you run to access the Internet, your
web browser is either your first line of defense or
a key
vulnerability in protecting your computer from Internet malware.
Will Your Browser Run Anybody's Program? - From
a security standpoint, the worldwide web has a
basic design flaw ­ many web sites expect to be able to
run any program they want on your personal
computer. You are expected to accept the risk of running
their code! The risk stems from both
accidental program defects and purposeful y malicious code.
Some web sites require that you al ow their programs to run their
code to get ful value from the web site.
Others do not. You can find whether the web sites you visit require
programmability simply by turning it
off and visiting the site to see if it stil works properly.
Here are the keywords to look for in web browsers to turn off
their programmability --
ActiveX
Active Scripting
(or Scripting)
.NET components
(or .NET Framework components)
Java
(or Java VM)
JavaScript
Turn off the programmability of your browser by un-checking those
keywords at these menu options --
Browser:
How to Set Programmability:
Internet
Explorer
Tools | Internet Options | Security | Internet Custom Level
Firefox *
Tools | Options | Content
Opera
Tools | Preferences | Advanced | Content
K-Meleon
Edit | Advanced Preferences | JavaScript
SeaMonkey
Edit | Preferences | Advanced (Java) | Scripts and Plugins (JavaScript)
* Version 2 on
Internet Explorer Vulnerabilities -- The Internet Explorer
browser has historical y been vulnerable to
malware. Free programs like SpywareBlaster,
SpywareGuard, HijackThis,
BHODemon, and others help
prevent and fix these problems.
Tracking Internet Explorer's vulnerabilities is time-consuming
because criminals continual y devise new
"IE attacks." If you use Internet Explorer, be sure
you're using the latest version and that Windows'
automatic update feature is enabled so that downloads wil quickly
fix any newly-discovered bug.
Some feel that IE versions 7 and 8 adequately address the security
issues of earlier versions. I believe
that competing free browsers are safer. Firefox
is popular with those who want a safe browser that
competes feature-for-feature with IE. K-Meleon
couples safety with top performance if you don't need
al the bells and whistles of resource-consuming browsers like
IE or Firefox. It runs very fast even on
older computers.
-10-
1.12 Wireless Risks
Wireless
communication al ows you to use the Internet from your
computer without connecting it to a modem by
a wire or cable. Sometimes cal ed Wi-Fi,
wireless technology is very convenient because you can use your
laptop from anywhere there is a invisible Internet connection
or hotspot.
For example, you could use your
laptop and the Internet from a cafe, hotel, restaurant, or library
hotspot.
But wireless presents security concerns. Most public hotspots
are un-secured. Al your wireless transmissions
at the hotspot are sent in unencrypted "clear text"
(except for information on web pages whose addresses begin
with https). Someone with a computer and the right software
could scan and read what passes between your
computer and the Internet.
Don't use public hotspots for Internet communications you
need to keep secure (like your online banking).
Many people set up a wireless home network. You create your own
local hotspot so that you can use your
laptop anywhere in the house without a physical connection.
Be sure the wireless equipment you use supports either the 802.11 G or 802.11
N standards. These secure
wireless transmissions through WPA
(Wi-Fi Protected Access) or WPA2 encryption.
Do not base a wireless home network on equipment that only
supports the older 802.11
A or 802.11 B
standards. These use an encryption technology, cal ed
WEP (Wired Equivalent Privacy), that is not
secure.
You might inadvertently create a public hotspot! Freeloaders
on your home network could reduce the Internet
performance you're paying for. Activities like il egal song downloads
would likely be traced to you, not to the
guilty party you've unknowingly al owed to use your network.
When you set up your wireless home network, assign your system
a unique name, tell it not to broadcast that
name, give it a tough new password, and turn on encryption. Specify
that only certain computers can remotely
use the network through MAC
address filtering. Turn off your router and modem when you're
not using them.
Expert advice varies on how to best secure wireless networks,
so see the Appendix for more detail.
2. How Windows Tracks Your Behavior ­ and How to Stop
It
Are you aware that Windows tracks your behavior? It records all
the web sites you ever visit, keeps track of all
the documents you've worked on recently, embeds personal information
into every document you create, and
keeps Outlook email even if you tell Outlook to delete it. These
are just a few examples of many.
This section first tel s how to securely delete your files,
folders, and email so that no one can ever retrieve them.
Then it describes the many ways in which Windows tracks your
behavior. In some cases you can turn off this
tracking. In most, your only option is to eliminate the tracking
information after it has been collected.
2.1 How to Securely Delete Data
Let's start with how to permanently delete data from your computer.
How to Securely Delete Files -- When you delete a file
in Windows, Windows only removes the
reference it uses to locate that file on disk. Even after
you empty the Recycle Bin, the file still resides
on the disk. It remains on the disk until some random time
in the future when Windows re-uses this
"unused" disk space.
-11-
This means that someone might
be able to read some of your "deleted" files. (You
can use free
programs like Undelete+
and Free
Undelete to recover deleted files that are stil on your disk.)
To securely delete files, you need to over-write them
with zeroes or random data. Free programs that do
this include Eraser,
BCWipe,
and many
others. After instal ing Eraser or BCWipe, you highlight
a File or
Folder, right-click the mouse, then select Delete with Wiping
or Erase from the drop-down menu. This
over-writes or securely deletes the data and so
that it can never be read again.
Programs like Eraser
and BCWipe
also offer an option to over-write "al unused space"
on a disk. This
securely deletes any files you previously deleted using Windows
Delete.
How to Securely Delete Email and Address Books ­ Even
after you delete your Outlook or Outlook
Express emails and empty the email Waste Basket, files containing
your emails remain to be read by
someone later. What if you want to permanently delete al
your emails so no one could ever read them?
Whether this is possible depends on whether your computer is
stand-alone or part of an organizational
network.
In an organizational setting, emails may be stored on central
servers in addition to -- or instead of -- your
personal computer. Many organizations store al the emails
you ever send or receive on their servers
so that you can never delete them. Here
is a good discussion about whether you can real y delete old
emails in organizational settings.
If you have a stand-alone PC, emails are stored on your computer's
hard disk. To securely erase emails
residing on your computer, locate the Outlook or Outlook Express
files that contain your emails. Then
use a secure-erase tool like Eraser
or BCWipe
to permanently destroy them. You can do the same with
your Windows address book.
The files you need to securely erase may be marked as hidden
files within Windows. To work with
hidden files, you first need to make them visible. Checkmark
Show Hidden Files and Folders under
Start | Settings | Control Panel | Folder Options | View.
Now, search for file names having these extensions (ending
characters) by using Windows' Search or
Find facility --
.pst
Outlook emails, contacts, appointments, tasks, notes, and journal
entries
.dbx or .mbx
Outlook Express emails
.wab
Windows address book file
Note that Outlook stores much other information in the same
file along with your obsolete emails. You
can either erase al that data along with your emails by securely
deleting the file, or,
fol ow this procedure
to securely delete the email while retaining the other information.
For Outlook Express emails and Windows address books, just securely
delete the files with the given
extensions and you're done.
How to Securely Delete All Personal Data on Your Computer
­ How can you securely delete al your
personal information on an old computer before giving it away
or disposing of it? This is difficult to
achieve if you wish to preserve Windows and its installed programs.
It takes a lot of time and there is
no single tool that performs this function.
The easiest solution is to overwrite the entire hard disk. This
destroys all your personal information,
wherever Windows hides it. Unfortunately it also destroys Windows
itself and al its instal ed programs.
-12-
Be sure to copy whatever data
you want to keep to another computer or storage medium first!
Several free programs securely overwrite your entire disk, such
as Darik's Boot and Nuke.
The only
possible way to recover data after running such programs is expensive
physical analysis of the disk
media, which may not be successful. Over-writing a disk is secure
deletion for normal computer use.
2.2 The Registry Contains Personal Data
Windows keeps a central database of information crucial to its
operations cal ed the
Registry. Our interest in
the Registry is that it stores your personal information. Examples
include the information you enter when you
register Windows and Office products like Word and Excel, lists
of web sites you have visited, login profiles
required for using various applications, and much mo |
